Unmanned Aircraft Systems (UAS or drones) are increasingly popular in the United States and around the world. While most UAS operators operate safely and comply with relevant laws, growing security and privacy concerns over illegal UAS operations have prompted development of counter-UAS systems to detect, identify, and track rogue UAS. Many of these systems also have the ability to mitigate threats by interfering with, hacking, capturing, or destroying unauthorized UAS. The legal and regulatory framework for the deployment of UAS detection and mitigation technology has lagged behind advancements in the technology. To assist non-federal public and private entities interested in using counter-UAS technology, the Federal Aviation Administration (FAA), Department of Justice (DOJ), Federal Communications Commission (FCC), and Department of Homeland Security (DHS) issued on August 17th joint advisory guidance on the application of federal laws to technology to detect and mitigate UAS.
While the information contained in the joint advisory guidance is not new, the joint advisory from the FAA, DOJ, FCC and DHS remains significant. There is a great deal of confusion surrounding how federal laws will apply to this new and growing industry and the advisory confirms the federal government’s view on the applicability of federal laws and regulations to UAS detection and mitigation technology. The advisory highlights the importance of understanding the legal and regulatory framework for UAS detection and mitigation systems.
The advisory addresses two categories of federal laws that may apply to UAS detection and mitigation capabilities: (1) various provisions of the U.S. criminal code enforced by DOJ that prohibit computer hacking, the interception of communications, and the use of a device to capture certain signaling information associated with communications; and (2) federal laws and regulations administered by the FAA, DHS, and FCC. The guidance notes that potential legal prohibitions are not based on broad classifications of systems, such as active versus passive or detection versus mitigation, but are instead based on the functionality of a particular system and the specific ways in which it operates and is used. Notably, various of the provisions of the U.S. criminal code the advisory addresses also contain private rights of action.
With respect to capabilities designed to detect the physical presence of a UAS or signals sent to or from the UAS, the advisory draws a distinction between technologies that capture, record, decode or intercept electronic communications, and those that do not. While detection systems that rely on emissions which are reflected off an object and back to the detection system (such as radar, electro-optical (EO) and infrared (IR), and acoustic systems) are less likely to pose concerns under federal criminal surveillance statutes, detection systems that rely upon RF capabilities to detect and track UAS by monitoring the communications passed between a UAS and its ground control station may implicate the federal Pen Register and Trap and Trace Statute, 18 U.S.C. § 3121 et. seq., and/or the Wiretap Act, 18 U.S.C. § 2510 et. seq.
The advisory separates mitigation capabilities into two categories: (1) kinetic technologies that physically disrupt or disable a UAS, using tools like nets, projectiles, and lasers, and; (2) non-kinetic solutions to disrupt or disable UAS, including RF, WiFi, or Global Positioning System (GPS) jamming, spoofing, or hacking techniques. The advisory clarifies that the use of non-kinetic or kinetic solutions may implicate federal criminal prohibitions against intercepting and interfering with communications, damaging a “protected computer,” or damaging an “aircraft.”
With respect to jamming, spoofing, and hacking technologies, the advisory identifies the Computer Fraud and Abuse Act, 18 U.S.C. § 1030; Interference with the Operation of a Satellite, 18 U.S.C. § 1367; and Communication Lines, Stations, or Systems, 18 U.S.C. § 1362, as laws that may apply.
In addition to federal criminal laws, the advisory addresses laws and regulations administered by the FAA and FCC relating to aviation and RF spectrum that may be implicated by the use of UAS detection and mitigation technology.
Finally, the advisory clarifies that detection and mitigation systems that involve emission of radio waves, including radar, must be evaluated for compliance with laws and regulations administered by the FCC.
Before deploying UAS detection or mitigation technologies, facility owners and operators must understand the legal and regulatory risks associated with their use to avoid civil and potentially criminal liability. The legal framework and policies surrounding the deployment of these technologies are evolving quickly, and companies should work with experienced legal counsel to stay abreast of new developments.