To put in perspective the popularity of unmanned aircraft vehicles — often colloquially referred to as "drones" — consider this: the number of owners who have registered their drones since the Federal Aviation Administration’s (FAA) introduced the web-based registration system on December 21, 2015 now exceeds the population within the formal city limits of bustling Tampa. At the time of this article there are over 400,000 registered drone owners, which far eclipses the number of piloted aircraft in the United States. Adding to this staggering figure, the FAA expects thousands (if not tens of thousands) of new drones in the sky once commercial drones are legally permitted to fly without exemption.
The proliferation of drones and their advanced technological capabilities makes the daily headlines. The breath of potential commercial applications are limitless, from package delivery to pipeline maintenance. Not only are drones becoming cheaper and more effective, but they are also being equipped with enhanced surveillance technologies heightening privacy concerns. Take, for example, the latest drone model developed by CyPhy Works that can perform aerial surveillance including optical and infrared feeds indefinitely by using a “microfilament” that transmits power and data.
The rapid entry into the Drone Age has ushered in a host of privacy issues not readily addressed by the existing legal framework that traditionally “developed in tandem with technology” as Alexandra Rengel explained in "Privacy in the 21st Century." Privacy issues today are not limited to the physical invasion of drones flying over private property or the nuisance they may cause, but encompass continuous aerial surveillance, through-the-wall surveillance and data collection. As a result, the privacy protections currently provided by existing legislation and common law actions, which has developed slowly and inconsistently over many years, are growing inadequate to address the problems presented by drones and other technological advancements.
At its origin, invasion of privacy was considered an intrusion on a person’s right to be alone, and today more than ever most US citizens are apprehensive about any form of unwarranted privacy invasion. Their concerns extend both to the information being gathered as well as the mechanisms by which it is collected. “If the traditional American view of privacy is the ‘right to be left alone,’” Lee Rainie of Pew Center Research writes, “the 21st-century refinement of that idea is the right to control their identity and information.” You can read Mr. Raine's article here.
As it is, there are no federal laws regulating privacy specifically related to the civil use of drones nor are there general privacy concerns. This is despite the fact that President Obama issued an Executive Order over a year ago creating standards for how the Federal government will address the privacy issues associated with drones. Specifically, the President directed the Department of Commerce’s, National Telecommunications & Information Administration (NTIA) to initiate a process for creating privacy, accountability and transparency rules for commercial and private uses of drones. NTIA’s next meeting has been re-scheduled for early May.
In the absence of overarching federal regulations, many states have reacted to the proliferation of drones by enacting technology-centric and issue-focused laws as observed by Professor Gregory S. McNeal in "Domestic Drones and the Future of Aerial Surveillance." These regulations are as different (and occasionally as quirky) as the states themselves. According to the National Conference of State Legislature, at least 41 states have already considered legislation related to drones in 2016 alone. Seven states–Idaho, Indiana, Oregon, Tennessee, Utah, Virginia and Wisconsin–have passed 10 pieces of legislation. In 2015, all but five states considered bills about drone regulation, about half of them passed legislation about drones, and several states adopted resolutions related to drones. The result has been the creation of a smorgasbord of regulations across the country addressing a diverse array of narrow issues from prohibiting the use of drones for hunting to making it illegal to operate weaponized drones.
A significant portion of these laws, however, do relate to privacy. There are two main category of drone-specific privacy laws. The first category relates to restrictions of data collected by drones. The second category is the creation of private causes of action for privacy invasions caused by drone surveillance.
Adding to the assorted patchwork of state law are a growing number of municipal ordinances enacted by communities of all sizes —from quaint towns to thriving metropolises. For instance, St. Bonifacius, Minnesota—with a population equivalent to the size of a high school—became one of the first American municipal to pass an ordinance broadly prohibiting the operation of all drones within its airspace. More recently, Chicago became the first major city to issue a comprehensive set of drone regulations. Drones within the Windy City’s limits are now banned from flying higher than 400 feet, beyond the operator’s line of sight, or between the hours of 8 p.m. and 8 a.m. Drones are also restricted from flying within five miles of an airport, or over schools, hospitals, churches, police stations, outdoor stadiums, and “ property the operator does not own.” Other urban cities with drone-specific laws include Pittsburg, Miami and Los Angeles.
Will the FAA be ordered to draft privacy regulations as they pertain to drones to the satisfaction advocates of a uniform baseline level of protection? Or, will states to continue to seek creative solutions to drones and privacy concerns without federal oversight as others would prefer? Regardless of one’s personal leanings, most (this author included) agree that the existing common law legal theories regarding privacy are trending towards increasing inadequacy. Thus, to stay ahead of advancements, the laws we do enact (be it federal or state) should be goal-oriented and relatively technological-neutral in protecting people’s modern expectation of privacy.