Drone privacy seems to be a primary concern for lawmakers, as state and local governments rush to propose laws designed to protect citizens from unwanted intrusion by drone. On a federal level, however, the rules and responsibilities of a drone operator with respect to privacy can be unclear; the FAA provides “best practices” developed by the Department of Commerce, but not specific regulations. Nonetheless, a few basic common sense measures should be sufficient to keep drone operators safe from unnecessary harassment or accusations of invaded privacy. Know the regulations; know your rights; and know how to inform anyone who may question you.
The FAA Position on Drone Privacy Issues
The most recently passed FAA Reauthorization package reflected current concerns about drone privacy, calling for the FAA to research the issue over the next couple of years. But currently, the FAA takes the approach that it doesn’t regulate data gathered by drones, any more than it would regulate data gathered by hand-held cameras. The official position is as follows, taken from the FAA’s Fact Sheet on Part 107:
Although the new rule does not specifically deal with privacy issues in the use of drones, and the FAA does not regulate how UAS gather data on people or property, the FAA is acting to address privacy considerations in this area. The FAA strongly encourages all UAS pilots to check local and state laws before gathering information through remote sensing technology or photography.
As part of a privacy education campaign, the agency will provide all drone users with recommended privacy guidelines as part of the UAS registration process and through the FAA’s B4UFly mobile app. The FAA also will educate all commercial drone pilots on privacy during their pilot certification process; and will issue new guidance to local and state governments on drone privacy issues. The FAA’s effort builds on the privacy “best practices” the National Telecommunications and Information Administration published last month as the result of a year-long outreach initiative with privacy advocates and industry.
The NTIA “Best Practices”
As the FAA references the NTIA “Best Practices,” (full document can be found here) many drone operators use those as regulatory guidelines. Some industry stakeholders hope that by agreeing to follow the guidelines, professional operators will be able to avoid the enactment of stricter regulations that may limit commercial activities. It’s important to note, however, that not all in the drone industry agree. The Drone Manufacturer’s Alliance -which includes DJI, GoPro, 3DR, and Parrot -refused to sign off on the guidelines, saying that drone operators should not be subject to more restrictive standards than other photographers. The ACLU also dissented, under the principle that the right to take pictures is an important freedom.
The Best Practices are detailed – see the link above – but easily summarized. They refer to data collected that might be individually identifiable, and make drone operators responsible for:
- Informing anyone affected by collection of data;
- Securing any and all of the data;
- Limiting how collected data is used and shared.
The best practices also call for not collecting data unnecessarily, or where a subject has a reasonable expectation of privacy: as Brian Fung of the Washington Post says: “Don’t be a jerk.”
Many proposals have been put forth by state and local governments designed to protect citizens from unwanted intrusion by drone, but these almost universally simply restate (or in some cases, increase the penalties attached to) existing laws regarding harassment, stalking or peeping toms. These regulations are not generally aimed at legitimate commercial use, but are designed to further discourage behavior that is already against the law. With state and local regulations in a fluid state, operators should always check before booking jobs in a new area.
While drone privacy issues are a big concern right now, as drones become more prevalent concern may diminish as it has with other breakthrough technologies. In the meantime, operators should know what their rights and responsibilities are before flying, and make every effort to communicate clearly with anyone likely to be affected by data collection.