The Federal Aviation Administration (FAA), Department of Justice (DOJ), Federal Communications Commission (FCC), and Department of Homeland Security (DHS) have issued a joint advisory guidance document for non-federal public and private entities to better understand the regulations that may apply to systems and capabilities for detecting and mitigating threats posed by Unmanned Aircraft Systems (UAS), commonly known as drones.
The โAdvisory on the Application of Federal Laws to the Acquisition and Use of Technology to Detect and Mitigate Unmanned Aircraft Systemsโ, issued on August 17, provides an overview of the US criminal code enforced by DOJ as well as potentially applicable federal laws and regulations, as well as some factors relevant to whether those laws may apply to particular actions or systems.
Additionally, it notes that the acquisition, installation, testing, and use of UAS detection or mitigation technologies may also implicate laws and regulations administered by the FAA and the FCC relating to aviation and RF spectrum, as well as aviation security laws and regulations administered by the Transportation Security Administration.
ALSO READ: How drones are being used to combat COVID-19
Only four federal agencies have authority
The advisory specifically addresses two categories of federal laws that may apply to drone detection and mitigation capabilities โ the various provisions of the US criminal code enforced by the Department of Justice; and federal laws and regulations administered by the FAA, DHS, and the FCC. It states that Congress has authorized only four federal departments โ the DoD, DoE, DoJ and DHS — to detect and/or counter UAS activities that may pose a credible threat to covered facilities or assets, and no other entity/entities have been granted that authority including state, local, tribal and territorial (SLTT) and private sector entities. Additionally, the FAA has been expressly authorized to engage in limited testing activities notwithstanding certain federal criminal surveillance laws.
While the advisory does not address state and local laws regarding UAS detection and mitigation capabilities, it advises state/local entities and private sector — including SLTT law enforcement organizations, SLTT governments, and owners and operators of critical infrastructure, stadiums, outdoor entertainment venues, airports, and other key sites โ to understand the federal laws that may prevent, limit, or penalize the sale, possession, or use of drones. It adds that such capabilities may also implicate federal criminal laws relating to surveillance, accessing or damaging computers, and damage to an aircraft.
All such entities are advised to seek appropriate counsel and conduct their own legal and technical analysis of each drone system prior to its testing, acquisition, installation, or use, and not rely solely on vendorsโ representations of the systemsโ legality or functionality. They should also closely evaluate and consider whether the use of drone detection and mitigation capabilities might impact public privacy, civil rights or civil liberties.
ALSO READ: What is the impact of Drones in Construction?
How detection and mitigation capabilities may implicate these laws
The advisory defines detection capabilities as systems that detect, monitor, or track UAS often rely on radio-frequency (RF), radar, electro-optical (EO), infrared (IR), or acoustic capabilities, or a combination thereof. These capabilities detect the physical presence of a drone or signals sent to or from it. In general, whether a detection or tracking system implicates federal criminal surveillance laws — such as the Pen/Trap Statute and the Wiretap Act — depends on whether it captures, records, decodes, or intercepts, in whole or in part, electronic communications transmitted to and from a UAS and/or controller, and the type of communications involved.
Detection systems that emit electromagnetic waves or acoustic systems are less likely to pose concerns under federal criminal surveillance statutes since such technology senses the sound or electromagnetic waves produced by or reflected from the drone and does not capture, record, decode, or intercept electronic communications. In contrast, systems using RF capabilities to detect and track UAS by monitoring the communications passed between a UAS and its ground control station may implicate the Pen/Trap Statute and Wiretap Act.
Mitigation capabilities fall into two general categories: non-kinetic and kinetic. Non-kinetic solutions use non-physical measures to disrupt or disable the drone, including RF, WiFi, or GPS jamming; spoofing; hacking techniques; and non-destructive directed energy weapons. Kinetic solutions may employ a variety of measures capable of physically disrupting or disabling a drone, including nets, projectiles, and lasers. The use of non-kinetic or kinetic solutions may implicate federal criminal prohibitions against, among other things, intercepting and interfering with communications, damaging a protected computer or an aircraft.
Interestingly, the FAA Reauthorization Act of 2018, Congress codified the term โunmanned aircraftโ as โan aircraft that is operated without the possibility of direct human intervention from within or on the aircraft.โ
The Advisory says jamming, spoofing and hacking technologies should also be fully evaluated. Jamming technologies are designed to block or interfere with authorized radio communications. Examples of jamming include transmitting RF signals from a jammer at a higher โsignal strengthโ than the RF signals being used to navigate or control the aircraft; preventing a cellular, WiFi, or Bluetooth-enabled device from connecting to a network (such as a cellular system or the Internet); or preventing a GPS unit from receiving positioning signals from a satellite.
While spoofing technologies can replicate and replace or modify signals, and can lead to loss of control over the UASโs navigation and communications link, hacking techniques generally focus on the droneโs communications link and/or the onboard computer processors.
Laws related to transport and spectrum
The advisory adds that non-federal entities should evaluate UAS detection activities for compliance with laws and regulations administered by the FAA, including but not limited to use of airspace; airport operating certificates; structures interfering with air commerce; and project Grant Application Approval Conditioned on Assurances About Airport Operations.
Airports seeking to deploy, buy, or purchase UAS detection or mitigation systems are advised to first consider laws, regulations, and security requirements related to local aviation security response. For example, TSA regulations require each operator of an airport regularly serving air carriers to establish an air transportation security program (ASP) and every ASP must provide
law enforcement personnel in the number and manner adequate to support the program. In addition, TSAโs enforcement authorities include the ability of the Administrator, in consultation with the airport operator and law enforcement authorities, to order the deployment of personnel at any secure area of the airport to counter threats to aircraft and aircraft operations or to address national security concerns, such as those posed by drones.
Similarly, any systems that involve emission of radio waves, including radar, must be evaluated for compliance with laws and regulations administered by the FCC, including but not limited to authorizations for use of spectrum; marketing, sale, or operation of jammers; and interference with radio communications.
