FAA Releases Long-Awaited Commercial Drone Roadmap and Privacy Policy

Published On November 18, 2013 | By Melissa Maalouf | Privacy
TwitterLinkedInFacebookRedditCopy LinkEmailPrint

DRONEOn November 7, the Federal Aviation Administration (“FAA”) released its first annual Roadmap detailing the steps needed to integrate unmanned aircraft systems (more commonly known as drones) into the national airspace.  The Roadmap was required by the 2012 FAA Modernization and Reform Act and it sets the stage for law enforcement agencies, businesses, universities, and hobbyists to use drones by 2015.  On the same day, the Joint Planning and Development Office (a group of 6 agencies plus the White House) released a Comprehensive Drone Plan.

Since the early 1990s, drones have operated on a limited basis in the U.S. Until recently, drones were used mainly to support military and border security operations.  However, over the past few years as the technology has improved, the potential uses for drones have grown exponentially, with companies focusing on a broad range of activities including surveying land and crops, aerial photography, monitoring environmental concerns, communications and broadcast, and protecting critical infrastructure.

In recognition of the potential benefits to using drones in these new ways, the Roadmap outlines the tasks and considerations necessary to enable drone integration into the national airspace over the next 5-10 years. Specifically, this includes the FAA’s plans for ensuring that drone use is safe, and establishes requirements for accommodation, integration, and evolution.  The FAA will select 6 test sites to begin work on safely integrating drones, and to research the applicable certification and navigation requirements.  Manufacturers will be able to bring drones to the test sites for evaluation by federal safety experts, and the results will in turn assist regulators as they draft more refined rules. The FAA has estimated that 7,500 small drones could be dispatched in the United States within 5 years if the regulations are written on schedule.

The increased use of drones in the national airspace has understandably raised a number of privacy concerns.  To address these concerns, in February 2013 the FAA sought public comments on issues related to privacy requirements for the selected test sites.  In response to those comments, in addition to the Roadmap, on November 7 the FAA released a final Privacy Policy in the Federal Register.  The Privacy Policy requires test site operators to:  (1) comply with federal, state, and other laws on consumer privacy protection issues; (2) have a publicly available privacy plan and a written plan for data use and retention; and (3) conduct annual reviews of privacy practices that allow for public comment.  The FAA noted that site privacy plans must be “informed” by the “Fair Information Practice Principles” that the FTC considers in regulating Internet privacy.

The release of the Roadmap and Privacy Policy has triggered heated debate; some privacy advocates argue that it does not go far enough in mandating specific data use and retention requirements, while others argue that the document shows that the FAA is taking privacy considerations seriously, and is doing as much as it can given that this is the first time the FAA has considered such issues — typically the FAA’s focuses solely on safety.  However, the FAA has made clear that in addition to refining the safety considerations in the Roadmap based on lessons learned at the test sites, it also intends to hone the privacy requirements over time.

About The Author

Melissa Maalouf’s practice focuses on advising a broad range of clients, from start-ups to established companies, on both U.S. and international data privacy and security issues. Melissa assists clients in drafting appropriate website disclosures, implementing legally-compliant e-commerce flows, responding to FTC Section 5 and state AG enforcement actions, analyzing advertising claims, and children’s online privacy and safety issues. She also regularly helps clients obtain certification under the EU-US Safe Harbor and navigate compliance with divergent international privacy laws.

Leave a Reply

Your email address will not be published. Required fields are marked *