FAA includes privacy requirements for drones, but no enforcement

The US Federal Aviation Authority released a roadmap for the introduction of drones (UAVs) into US airspace (PDF) last week. Whether it happens this way or not is a moot point as previous deadlines have been consistently missed. However, they also released a list of requirements for meeting privacy standards (PDF).

Mark Calo in Forbes says that the FAA’s plan for privacy from drone surveillance is ‘pretty sensible’, which it is if you consider that the FAA’s primary job is, as it repeats in response to comments demanding great privacy protections throughout the document, “to provide the safest, most efficient aerospace system in the world.” Marc Rotenberg has pointed out, the problem is that it wasn’t their plan but the result of external pressure from EPIC and ACLU and others.

However, the broader question is whether the FAA is the correct institution to be overseeing this process of the introduction of a technology whose main purpose is surveillance. The overall context for this is the enthusiastic support for the rollout of drones offered by the roadmap. As the FAA keeps saying, it is not a privacy regulator. Not surprisingly, this is not an organisation that has any real overall scepticism, let alone any critical attitude to what it sees primarily as aviation technologies. But of course the US doesn’t have a single independent privacy regulator as such. Even so, the FAA has conceded at least that it has some responsibility here and is insisting that operators have a publicly-accessible privacy policy, that they report annually on compliance, and that they observe relevent laws (without specifying in much detail what those are). However, the FAA won’t be actively monitoring this, let alone enforcing it or sanctioning misconduct. For example, it won’t be suspending or removing operator’s licenses if they don’t comply with their requirements, unless the Department of Justice or another law enforcement agency actually files charges against the operator. So the requirements are weak and lack teeth.

The right time to intervene to strengthen human rights in relation to threats to those rights posed by new technologies is always before they are introduced. If this is not done then the widespread use of those technologies can shift what people understand as ‘normal’ and reduce expectations of privacy (and other rights). And it is much more difficult to legislate in retrospect. We’ve seen this with public space CCTV. In other words, while technologies do not determine social relations, they will interact with people, individually and in groups, in both positive and negative ways, and the job of politics and of policy is to ensure that the positive effects are maximized and the negative ones, minimized*. This means federal regulation. However, given the way in which the US  favours private over state intervention, it’s not surprising that this is not a popular way of dealing with things there.

What will result from the FAA’s weak set of privacy requirements in drone operations without real oversight is privacy protection as a bureaucratic box-ticking exercise.

*It should also be noted that this includes the possibility of not allowing any particular technology to be used in public space if the latter cannot be minimized to a level that not be harmful to socially desirable goals. Not enough attention is paid to the possibility of just saying ‘no’ to the public use of any particular technology.

Author: David

I'm David Murakami Wood. I live on Wolfe Island, in Ontario, and am Canada Research Chair (Tier II) in Surveillance Studies and an Associate Professor at Queen's University, Kingston.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: