Privacy Laws at the Dawn of the Drone Age

To put in perspective the popularity of unmanned aircraft vehicles — often colloquially referred to as "drones" — consider this: the number of owners who have registered their drones since the Federal Aviation Administration’s (FAA) introduced the web-based registration system on December 21, 2015 now exceeds the population within the formal city limits of bustling Tampa. At the time of this article there are over 400,000 registered drone owners, which far eclipses the number of piloted aircraft in the United States. Adding to this staggering figure, the FAA expects thousands (if not tens of thousands) of new drones in the sky once commercial drones are legally permitted to fly without exemption.

The proliferation of drones and their advanced technological capabilities makes the daily headlines. The breath of potential commercial applications are limitless, from package delivery to pipeline maintenance. Not only are drones becoming cheaper and more effective, but they are also being equipped with enhanced surveillance technologies heightening privacy concerns. Take, for example, the latest drone model developed by CyPhy Works that can perform aerial surveillance including optical and infrared feeds indefinitely by using a “microfilament” that transmits power and data.

The rapid entry into the Drone Age has ushered in a host of privacy issues not readily addressed by the existing legal framework that traditionally “developed in tandem with technology” as Alexandra Rengel explained in "Privacy in the 21st Century." Privacy issues today are not limited to the physical invasion of drones flying over private property or the nuisance they may cause, but encompass continuous aerial surveillance, through-the-wall surveillance and data collection. As a result, the privacy protections currently provided by existing legislation and common law actions, which has developed slowly and inconsistently over many years, are growing inadequate to address the problems presented by drones and other technological advancements.

At its origin, invasion of privacy was considered an intrusion on a person’s right to be alone, and today more than ever most US citizens are apprehensive about any form of unwarranted privacy invasion. Their concerns extend both to the information being gathered as well as the mechanisms by which it is collected. “If the traditional American view of privacy is the ‘right to be left alone,’” Lee Rainie of Pew Center Research writes, “the 21st-century refinement of that idea is the right to control their identity and information.” You can read Mr. Raine's article here.

Federal Law

As it is, there are no federal laws regulating privacy specifically related to the civil use of drones nor are there general privacy concerns. This is despite the fact that President Obama issued an Executive Order over a year ago creating standards for how the Federal government will address the privacy issues associated with drones. Specifically, the President directed the Department of Commerce’s, National Telecommunications & Information Administration (NTIA) to initiate a process for creating privacy, accountability and transparency rules for commercial and private uses of drones. NTIA’s next meeting has been re-scheduled for early May.

Recently, however, the Senate passed the Federal Aviation Administration (FAA) Reauthorization Act of 2016, which contains a brief “Privacy and Transparency” provision recognizing that the operations of drones must be “carried out in a man

ner that respects and protects personal privacy consistent with the United States Constitution and Federal, State, and local law.” Despite this “requirement,” the bill merely recommends that any person that uses a drone for commercial purposes (except related to news gathering) have “a written privacy policy … that is appropriate to the nature and scope of the activities regarding the collection, use, retention, dissemination, and deletion of any data collected during the operation of an unmanned aircraft system.” The bill further suggests that such policies should be publicly available and periodically reviewed and updated as necessary. It is apparent that the FAA is content to relegate the task of developing a privacy guidelines to its 6 test sites designated for drone research and testing.

Although the FAA has taken the position that privacy issues related to drones are beyond its scope, the FAA may nonetheless be ordered to draft a privacy policy. A privacy rights advocate, Electronic Privacy Info