INFORMATION WEEK: Security
Mathew J. Schwartz, February 15, 2013
The Federal Aviation Administration Thursday announced that it will publicly develop privacy policies to cover the use of unmanned aerial vehicles (UAVs), more often referred to as drones, in U.S. airspace.
“The FAA recognizes that increasing the use of [drones] raises privacy concerns,” according a letter the agency sent this week to Marc Rotenberg, president of civil rights group Electronic Privacy Information Center (EPIC). “The agency intends to address these issues through engagement and collaboration with the public.”
Privacy concerns surrounding the use of drones in American airspace have been intensifying since President Obama signed the FAA Modernization and Reform Act (FMRA) into law in February 2012. The law includes the requirement that the FAA work toward “integrating unmanned aircraft systems (UAS) into the national airspace system (NAS),” and commence a test program at six different test ranges.
After FMRA was signed into law, numerous consumer, technology and civil rights groups — including the American Civil Liberties Union, Center for Democracy and Technology, Electronic Frontier Foundation, and EPIC — wrote to the FAA administrator, demanding that the agency develop privacy standards to cover the use of drones in U.S. airspace. “Drones greatly increase the capacity for domestic surveillance,” they wrote, noting that the devices could carry not just high-resolution video cameras, but also infrared cameras, heat sensors and automated license plate scanners, and be programmed to track dozens of targets.
“Drones present a unique threat to privacy,” they wrote. “Drones are designed to undertake constant, persistent surveillance to a degree that former methods of aerial surveillance were unable to achieve.”
One year later, the FAA has responded, noting that as its test program moves forward, it will solicit comments on the privacy language to be included in its forthcoming UAV directive, which will govern the activities of all test site operators, and become the blueprint for general drone use across the country.
“Test site operators will be required to establish a privacy policy that is public, and builds confidence and trust,” according to an FAA notice released Thursday, “Furthermore, the FAA expects that the information gathered about UAS operations at the test sites will contribute to the dialogue among privacy advocates, policymakers and the industry about how to address broader questions relative to the technologies used.”
Aviation experts expect to see continuing drone uptake — by hobbyists, businesses, law enforcement agencies and more — in the future, and some have estimated that 30,000 new drones could be launched in the next decade. Already, low-end devices can be had for $300, programmed with GPS coordinates and left to fly themselves.
Civilian drone makers are touting their vehicles as a platform for handling “dull, dirty and dangerous” jobs. “In a world of Google maps, the advantage of aerial views of the world are clear, but satellites and manned aircraft are expensive and the pictures they take are often too far away or too infrequent to be useful,” wrote former Wired editor-in-chief Chris Anderson, who’s CEO of 3D Robotics and the founder of DIY Drones, last month in Time magazine. “Drones can get better views, more often. And those shots can be of exactly what you want to see — an anytime, anywhere eye in the sky, controlled by you, not The Man.”
The military continues to invest heavily in new drone technology. NASA, meanwhile, predicts that UAVs may one day account for a sizeable number of commercial aircraft operating in U.S. airspace.
But security and privacy concerns have long accompanied the use of drones. Last year, for example, security researchers demonstrated that with about $1,000 worth of equipment, they could spoof the GPS signals used by civilian drones and redirect a drone one kilometer (0.6 miles) away. The researchers said they’re working this year toward intercepting a drone from 10 kilometers (6 miles) away.
UAVs developed for military use, which may also be sold to police forces, aren’t exempt from such concerns. Notably, Iran in 2011 claimed to have captured a U.S. military drone by jamming its remote-control communications channel. Since then, Iran said it’s been reverse-engineering the captured RW-170 Sentinel and developing its own drone fleet.
Drone transmissions can also be intercepted. In 2008, for example, “U.S. military personnel in Iraq … apprehended a Shiite militant whose laptop contained files of intercepted drone video feeds,” reported The Wall Street Journal. The insurgents reportedly used a $26 piece of software to hijack the drone camera feeds.
Despite that known vulnerability, by October 2012 only 30% to 50% of all military UAVs — including widely used Reaper and Predator drones — were broadcasting encrypted footage, Wired reported.
To read the full article, click here.