FAA roadmap sees challenges in allowing drones over U.S. airspace

Regulatory, technical, policy and standards issues need to be figured out before drones can be properly licensed

Government and industry will need to overcome significant challenges, including those related to privacy and security, before commercial drone aircraft can be safely introduced over national airspace, the Federal Aviation Administration said Thursday as it released a roadmap for drone integration in the U.S.

The roadmap ( download PDF) addresses a list of policies, regulations, technologies and procedures that need to fall into place for the FAA to start issuing licenses to commercial drone operators in large numbers. It establishes requirements that drone operators and others in the industry have to meet to obtain a commercial operator's license for drones, or unmanned aerial vehicles.

U.S. Transportation Secretary Anthony Foxx described the roadmap "as an important step forward that will help stakeholders understand the operational goals and safety issues we need to consider when planning for the future of our airspace."

The Federal Aviation Administration Modernization and Reform Act of 2012, signed into law by President Barack Obama last year requires the FAA to implement rules and procedures for licensing drone use by government agencies, commercial entities, hobbyists and others.

Over the next few years, thousands of unmanned aerial vehicles of varying sizes and capabilities are expected to be in use over the U.S., doing everything from fugitive tracking to rail surveillance, traffic management, crop monitoring, land management, news reporting and filmmaking.

Privacy and civil rights groups have expressed alarm over the privacy implications of widespread drone use -- especially by government and law enforcement agencies. They argue that drones equipped with high-tech cameras and listening devices would be able to conduct unprecedented and persistent surveillance of civilians. Concerns has also been raised about air safety issues arising from the use of thousands of drones over domestic airspace.

Drone advocates have downplayed such concerns and maintain that the potential benefits of the technology far outweigh the risks.

Thursday's roadmap highlights some of the challenges that need to be navigated before either side has a chance to find out the impact large-scale use of commercial drones will have in the U.S.

Among those issues are standards for ensuring that unmanned aircraft are capable of sensing and avoiding other aircraft near them and policies and procedures for operators of drone aircraft to communicate with and respond to air traffic controllers.

Integrating public and civilian drones into domestic airspace also carries security risks that need to be addressed through measures like proper vetting and training of drone operators and controls for ensuring that drone aircraft cannot be hacked remotely.

The roadmap touches upon the need for strong privacy polices, controls and standards, but offers little specifics on what controls are needed to address concerns raised by privacy advocates. The only area where the roadmap delves into privacy issues in some detail involves a UAV test site program being implemented by the FAA to better understand some of the issues that could crop up with widespread commercial drones.

Under the program, the FAA will establish six test sites in the U.S. that will be operated by state-level organizations. The operators of the test sites will be required to establish written privacy policies for data use and retention and for what data can be collected, shared and destroyed.

Michael Toscano, president and CEO of the Association for Unmanned Vehicle Systems International (AUVSI) welcomed the FAA roadmap. "Expansion of [drone] technology will create more than 100,000 jobs and generate more than $82 billion in economic impact in the first decade following the integration" with domestic airspace, he said in comments via email.

The FAA's acknowledgment of the privacy issues and its requirements for the test sites are important, Toscano said. "In requiring UAS test sites to have a written plan for data use and retention, the FAA appropriately focuses on the real issue when it comes to privacy -- the use, storage and sharing of data, or whether data collected must be deleted."

The agency's focus on how data is collected and used, rather than on the drone technology itself, is encouraging, he said. "[Drones] are one of many platforms that could be used for collecting data. Privacy policies should focus on how data is collected and used, as opposed to focusing on the specific platform that is doing the collecting."

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed. His e-mail address is jvijayan@computerworld.com.

See more by Jaikumar Vijayan on Computerworld.com.

Read more about privacy in Computerworld's Privacy Topic Center.

Join the CSO newsletter!

Error: Please check your email address.

Tags Gov't Legislation/Regulationregulationsecuritygovernmentprivacy

More about FAAFederal Aviation AdministrationTopicTransportation

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jaikumar Vijayan

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place