Back to News & Commentary

Building Regulation Into Drones

Aerial photo of White House
Aerial photo of White House
Jay Stanley,
Senior Policy Analyst,
ACLU Speech, Privacy, and Technology Project
Share This Page
April 22, 2015

Recently I wrote about how the computer chips that are increasingly surrounding us may extend the tendrils of bureaucratic institutional power deep into our technology and our lives. Sometimes this will be a good thing; other times it could threaten to drown us in petty bureaucratic constraints.

One technology where we are beginning to see this process play out is drones. After a toy “Phantom” drone went astray and landed in a tree on the wrong side of the White House fence in January, leading to much alarm, the manufacturer of the Phantom announced that it would issue a “mandatory” firmware update for its products that would contain built-in geofencing limits—defined boundaries within which their updated, GPS-enabled drones simply would not fly.

There is definitely something spooky about the notion of consumer goods being subject to built-in centralized control in this way. Overall the centralized control of distributed technology conjures science fiction visions of robot armies snapping to the orders of their master. Distributed technology is less susceptible to abuse the more that:

  • It is resistant to central control.
  • Any such control is transparent to the user.
  • It is transparent in its operation in general, such as by having open source code.
  • Its operation can be controlled by its users, including through modifiable source code and other means of tinkering.

We want to protect the freedom of technology for many of the same reasons we protect freedom of speech: we want to ensure that technology is subject to the kind of socially beneficial innovation that only arises when hacking and experimentation are possible. And we want to ensure that technology remains at the service of individuals, empowering and enriching their lives, rather than empowering those who would control us.

Many were unhappy, for example, when Apple applied for a patent that would allow government and police to switch off iPhone video, camera, and wi-fi transmissions within geo-fenced areas. There are pro-privacy rationales for doing such blocking, but overall it seemed more likely that such a capability would be used to prevent accountability for violent police actions. Centrally controlled networks such as Facebook also raise concerns of abuse and manipulation, as do internet broadband networks (explaining the prominence of the network neutrality debate).

On the other hand, sometimes technology does need to be regulated. We don’t allow just anyone to own and operate jet aircraft, advanced military weapons, or dangerous radiological medical devices, for example. And we heavily regulate the dangerous two-ton devices that kill more Americans each year than terrorism ever has: automobiles. As our cars become increasingly computerized, it is important that the code for these devices be transparent, not only to help prevent safety problems, but also to ensure that companies are not engaging in any shenanigans to benefit themselves at customers’ expense. But while car owners should be not be subject to excessive restrictions on their freedom to tinker with their vehicles, at the same time, there may be (I don’t know enough about cars to be sure) good reasons to restrict some aspects of that freedom, given the consequences that innovation-gone-wrong could have for other people out on the roadways.

So what are we to think about the centralized technological regulation of drones? Predictably, some owners of Phantom drones were not happy at the restrictions that were announced. Others asked the question, “we regulate driving, why not droning?” Consider also that limitations on drone flights have already been abused for the purpose of limiting media coverage of police behavior during the unrest in Ferguson, Missouri beginning last summer.

As I’ve discussed before, drones are a generative technology that is likely to become the platform for a thousand diverse ideas representing the full range of human ingenuity and creativity. We don’t want to clip the wings of this technology in ways that will significantly limit that creativity, which has the potential to benefit us in ways no one has yet thought of.

At the same time, human ingenuity also always comes in less benign stripes; the security and safety concerns with drones are real. A hobbyist has demonstrated how easy it would be to attach a gun to a drone and shoot people remotely. Clearly, we cannot allow our skies to fill with flying robots armed with all manner of dangerous weapons. Experts have been fretting about the use of drones in terrorist plots for years. In 2012 a Massachusetts man was arrested by the FBI on charges of plotting to attack the Pentagon and the U.S. Capitol with a drone carrying explosives, and is currently serving a 17-year sentence. And the safety record of drones is still rather poor.

In the end, the kind of regulation that makes sense for drones is something that will have to be worked out over time as we see what kinds of social problems the devices do and do not bring. Because drones, like automobiles, can have profound effects on other people (their safety, their privacy, and their sanity), a substantial amount of regulation of the nuts and bolts of their operation may be justified.

One type of regulation that has been discussed is various stripes of proposals for the registration and tracking of drones. CDT, for example, has proposed that some or all drones broadcast unique registration numbers over public frequencies, similar to the “N-Numbers” that must be displayed on all US aircraft, so anyone can detect any drones flying nearby, and query the FAA’s registry to find out who owns each craft. On the one hand, by providing accountability for drone operators, this could help not only protect safety, but privacy as well (as anonymous spying by drone wouldn’t be possible), and might make other regulations that are susceptible to abuse, such as built-in geo-fencing, less necessary. On the other hand, it would erase any possibility of anonymous operation of drones, so that for example an activist wishing to record police actions at a protest might be targeted after the fact, or chilled before it. While some kind of registration may make sense—especially for larger craft—we would need to think carefully about what the right balance is.

If geo-fencing is to be programmed into drones, such centralized control over this technology must be subject to strict controls. There should be an orderly public process, subject to fair and well-established groundrules, by which any geo-fenced areas are set. Few would object to the White House grounds being made off-limits to drones operated by members of the public. Ferguson police operations, however, should not be so easily shielded.

One kind of regulation that would not be justified is anything that impinges upon First Amendment rights, such as bans on flying drones that are aimed purely at preventing the taking of photographs—especially attempts to block governmental activities from legitimate oversight by citizens. Any regulation of drones needs to be counterbalanced by other, equally strong checks and balances to ensure that freedom of speech is not abridged—for example rules stating that drones may be barred from flight only for safety purposes, and not simply to prevent photography, and allowing quick appeals to overcome pretextual safety-based bans.

And all of this applies not just to geo-fencing of drones, but to any bureaucratic rules that are to be encoded into distributed technologies. They should be subject to such orderly public processes that are respectful of First Amendment and other constitutional protections.