Legal Challenges Facing Civilian Counter-UAV Systems
Consumer/commercial unmanned aerial vehicles (UAV) sales and operations are increasing rapidly according to sales figures, media reports, and various studies. So too are unconventional uses of these drones by non-state actors and criminals, as well as perceived privacy violations by regular operators. The result is a well funded rush to develop UAV detection and counter measure systems for military and civilian use. At present, someone employing a counter-UAV system may be engaged in more serious criminal activity than the operator of the UAV. If the legal challenges affecting the deployment of these systems are not addressed, not only will those investments be put at risk but our nation may be exposed to greater risk of malicious UAV operators.
The technical challenges and efficiency of the solutions are often shrouded behind intellectual property protection at various startup companies. The legal challenges, however, are clearly defined in existing public law and regulation. We all have a vested interest in working with local, state, and federal lawmakers to enact new regulations that will enable individuals, corporations, and law enforcement agencies to effectively and legally defend against malicious UAVs.
For the purposes of this article we will define an Unconventional Small Unmanned Aerial System (UsUAS) as a UAV plus support ground control systems with the following characteristics:
- Military Group 1 UAV (0-20 lbs maximum weight, less than 1200 ft AGL operating altitude, less than 100 knots)
- Available to civilians without a license or other documentation
- Priced below $5,000
- Operated by terrorist, criminal, or malicious actors
Detection, Determination, and Response
Short of establishing a hard physical, electronic, or radio frequency barrier around an installation, anyone wishing to defend a site against a UsUAS must go through three stages – detection, classification, and neutralization. Once detected, the malicious nature of the operation must be determined before moving on to deterrence measures. The mere presence of a UAV in civilian airspace does not define malicious behavior. Finally, even if a UAV is detected and classified as malicious the legal response options are almost exclusively limited to after the fact administrative, civil, or criminal charges.
In the United States there are very few areas where aircraft crossing a perimeter may automatically be treated as hostile or at least malicious. A declared National Defense Airspace as was used for the 2017 Presidential Inauguration is the most recent example.[i] In addition to civil and criminal charges, “the United States government may use deadly force against the airborne aircraft, if it is determined that the aircraft poses an imminent security threat.” These are the only areas within the United States borders where deadly force is authorized against aircraft, which includes UsUASs. Recent incursions into the airspace over the White House by UsUASs[ii] and by small aircraft[iii] illuminate both the difficulty of detecting incursions by these types of aircraft and the perceived unwillingness to engage them even over the most critical building in the United States.
Temporary Flight Restrictions (TFRs) issued by the FAA provides for temporary control of the airspace by other agencies and allows them to administratively control access to the airspace. Access violations are addressed through civil and criminal charges, if the operator can be located. Deadly force is not authorized under the Federal Aviation Regulations or their underlying statutes.
For several years agencies fighting wildfires in the western part of the United States have engaged in an ongoing dance with UAV operators who violate the TFRs established to enable aviation assets to safely operate near the wildfires. “Twenty-one drones were spotted at the scenes of wildfires nationwide in 2014-2015, and aircraft were grounded six times. And there have been at least two occasions when firefighting aircraft have had to take evasive actions to avert a collision with drones.”[iv] Few operators have been detected or charged. One operator was charged with a misdemeanor for interfering with firefighting operations and fined $1,000. California failed to pass a more strict law with harsher punishments.
The legal opportunities to challenge UsUAS operations over most federal lands open to the public as well as private or commercial property are even more limited. The debate hinges around two core issues: Who controls the airspace and privacy.
It is generally accepted that the Federal Aviation Administration controls all of the National Airspace (NAS). Many jurisdictions are attempting to write laws that depend on their ability to regulate local airspace, something they have no legal authority to do. Orlando, FL recently crafted an ordinance that may be more successful in defending against challenges by addressing the use of city land rather than the airspace. “It is prohibited to cause an unmanned aircraft to launch or land, or for any person to operate or assist in the operation of any unmanned aircraft system out of doors unless permitted to do so by the City of Orlando, when that person is on city property.”[v]
The vast majority of citizens in the United States desire to be free from surveillance by the government and by other citizens. Unfortunately, there are essentially no laws that protect an individual’s privacy outside of the walls of their homes. Any effective law would need to apply to all forms of aerial surveillance including helicopters, airplanes, and satellites. UAVs reignited and fueled debate and possible regulations addressing privacy protection from aerial surveillance but there are no broad laws in place that provide for civil or criminal redress, and particularly no laws that provide for shooting, netting, jamming, or hacking into an UsUAS.
Non-military UAVs are susceptible to a variety of attacks that may disable them in flight, cause them to return to the launch point, or grant the attacker control over their operation. Methods range from shotguns to GPS jammers to nets and even to birds. Unfortunately, utilizing any of these methods in most domestic situations is illegal.
We will give examples of each type of attack, the operator’s ability to counter the attack, and examples of laws that any attacker could be charged with violating.
The following legal options for charging the person attacking the UsUAS will be used for each type of attack. In addition to these criminal charges, a variety of civil charges could be filed.
State criminal offenses
- Larceny – The unlawful taking and carrying away of someone else’s property without the consent of the owner; and with the intent to permanently deprive the owner of the property.[vi] (state or local)
- Criminal mischief – Intentionally or knowingly damaging someone else’s property (state or local)
- Reckless endangerment – Carelessness which is in reckless disregard for the safety or lives of others, and is so great it appears to be a conscious violation of other people’s rights to safety (state or local)
Federal criminal offenses
- Destruction of aircraft – Sets fire to, damages, destroys, disables, or wrecks any aircraft in the special aircraft jurisdiction of the United States or any civil aircraft used, operated, or employed in interstate, overseas, or foreign air commerce. (18 U.S. Code § 32)
- Jamming – The use of devices designed to intentionally block, jam, or interfere with authorized radio communications is a violation of federal law.[vii] (The Communications Act of 1934, 18 U.S.C. § 1362, 18 U.S.C. § 1367(a))
- FCC Violation – Operating an unlicensed transmitter or interfering with the legal operation of another transmitter. (The Communications Act of 1934, Sections 301 and 333)
- CFAA – “Knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer” (Computer Fraud and Abuse Act, 18 U.S.C. § 1030)
Any attack that causes the aircraft to stop operating in a normal manner opens the attacker up to being charged with criminal mischief if the UAV or property on the ground is damaged as a result. Any attack that causes the aircraft to cease operating will add opportunities to charge the attacker with robbery, reckless endangerment, and destruction of aircraft due to the likelihood that the aircraft will strike the ground in an uncontrolled manner. Any attack using a transmitter to jam or access the control or data links on the aircraft will expose the attacker to being charged with FCC violations. Any attack using a transmitter to jam GPS signals, command links or data links will expose the attacker to all of the above.
Some attacks, and specifically GPS jamming attacks, have the potential to create safety risks far beyond the offending aircraft and could result in significant charges. Discharging a firearm against an offending aircraft could result in injury or death to individuals other than the operator and is almost always a crime. Deadly physical force may only be legally used against deadly physical force.
A physical attack on a UsUAS is intended to cause the aircraft to cease operating. Example attacks include firearms, nets, and birds.
The UsUAS operator can attempt to counter such an attack by flying erratically, either manually or via an automated flight path. Other defenses would require modifications to the aircraft that would likely be out of proportion to its value.
A successful attack will cause the aircraft to fall to earth in an uncontrolled manner. The person conducting such an attack could be charged with larceny, criminal mischief, reckless endangerment, and destruction of aircraft.
Most commercial UAVs can be configured to “fail safe” in the event of unexpected loss of signal or interference. An attacker can jam the GPS signal, causing the UsUAS to lose one of the guidance options. This normally results in erratic behavior. A very careful GPS attack could force a UsUAS to land. An attacker can also jam either the control link used to operate the aircraft or the data link used to receive sensor data from the aircraft or both. Jamming the control link will result in a normally configured UAV to return to home and land.
A malicious operator can acquire a UAV capable of operating without a GPS signal or manually fly a standard UAV that has lost the GPS signal. This capability exists to allow indoor and other obstructed operations. The operator can disable the “return to home” function in the event of a control link loss and enable the UAV to continue operating in an autonomous mode.
The person conducting such attacks could be charged with larceny, criminal mischief, reckless endangerment, and destruction of aircraft depending on the outcome. The person could be charged a FCC violation for operating an illegal transmitter as well as a FCC violation for jamming.
Most commercial UAVs depend on a radio frequency communication link to enable the operator to control the aircraft either directly or through a ground control station that enables semi-autonomous flight. This communication link is poorly secured in most cases and exploits are available for all major commercial UAVs. A defender can detect the frequencies in use and send signals on those frequencies to take control of the aircraft from the original operator. The defender will then attempt to land the aircraft either to terminate the operation or to seize physical control of it.
It is difficult to configure most off the shelf commercial UAVs to operate without any control link. However, there are some off the shelf UAVs equipped with flight controllers that can easily be configured to shut down the radio link and then operate in a fully autonomous mode. Once configured in this manner, the UsUAS is impervious to such attacks. It is also possible to utilize non-standard radio link systems or cellular network links to control the aircraft and thus prevent an attack on the control link. Such a configuration would still be detectable through radio frequency scans and possibly susceptible to jamming attacks.
The person conducting such attacks could be charged with larceny, criminal mischief, reckless endangerment, and destruction of aircraft depending on the outcome. The person could be charged with a FCC violation for operating an illegal transmitter as well as a FCC violation for jamming. And, in addition to all of the above, the person conducting the attack is now remotely accessing a computer system without permission, a violation of the Computer Fraud and Abuse Act.
Technical issues aside, there is insufficient broad legal support to enable a defender to determine that the behavior of a commercial UAV is malicious and thus subject to actions to cease such operations or charge the operator. Further, existing and frequently applied local, state, and Federal laws make almost all of the options available to counter malicious UAV operations illegal. These laws apply to civilians and law enforcement alike, and either group would require exemptions to deploy any of the known counter-UAV systems.
We must face the fact that there are very limited circumstances where physical force or electronic countermeasures are authorized against aircraft, including UsUASs. In all other circumstances, the legal options for defending against a UsUAS are all after the fact measures that require identifying and locating the operator. These are not significant barriers against non-state terrorists and criminal actors.
Our investment in counter-UAV technology should be matched with investment in updated laws and regulations to enable the deployment of these systems by organizations charged with defending our infrastructure and airspace. Failure to do so may put the public at risk. Failure to do so may also result in reactionary regulations passed immediately after a malicious event that would negatively impact an industry already challenged by overly burdensome regulations.
[i] “FLIGHT ADVISORY NATIONAL SPECIAL SECURITY EVENT 2017 PRESIDENTIAL INAUGURATION FESTIVITIES” (Federal Aviation Administration, December 2016), https://www.faasafety.gov/files/notices/2016/Dec/2017_Inauguration_Advisory.pdf.
[ii] Michael S. Schmidt and Michael D. Shear, “A Drone, Too Small for Radar to Detect, Rattles the White House,” The New York Times, January 26, 2015, https://www.nytimes.com/2015/01/27/us/white-house-drone.html.
[iii] “Florida Mailman Lands a Gyrocopter on Capitol Lawn, Hoping to Send a Message,” Washington Post, accessed January 30, 2017, https://www.washingtonpost.com/local/florida-mailman-lands-a-gyrocopter-on-capitol-lawn-hoping-to-a-send-message/2015/04/15/3be11140-e39a-11e4-b510-962fcfabc310_story.html.
[iv] Jeff Daniels, “Feds Turn up the Heat in Fight against Drones Interfering in Wildfires,” CNBC, July 26, 2016, http://www.cnbc.com/2016/07/26/feds-turn-up-the-heat-in-the-fight-against-drones-interfering-in-wildfires.html.
[v] “ORDINANCE NO. 2016-87” (The City Council of Orlando, Florida, December 7, 2016), http://www.mynews13.com/content/dam/news/images/2017/01/4/Drone_UAS_Ordinance_-_12_7_2016.pdf.
[vi] “Definition of Larceny.” Findlaw. Accessed February 09, 2017. http://criminal.findlaw.com/criminal-charges/definition-of-larceny.html.
Rowland Johnson developed an excellent tool, DatCon, for analyzing DJI Phantom 3 log files in Java. I arranged to have it ported to Python because I am far more adept with Python and wanted something that I could extend to support newer file formats and potentially other UAVs.
The result can be found here:
It is my hope that others will build on this, adding support for other DJI products as well as adding visualization capabilities.
Feedback, suggestions, etc are always welcome.
On Friday I wrote a post entitled “Dept. of Interior Bans use of DJI products due to national security concerns.” DOI did not ban anything, but it is a) clear that DJI can collect sensitive information and b) that it is reasonable to assume that the DOI is unlikely to buy any products that have the ability to send telemetry about their sensitive sites to servers in China.
DJI has completely legitimate reasons for wanting to collect telemetry information from as many of its products as possible for sales, marketing, and most importantly, product support and development reasons. I agree with and support this desire.
Lest you think that DJI does not collect such data, the following is from a DJI legal document that a user must sign to unlock geofences:
The Recipient further understands and agrees that his data including, but not limited to, flight telemetry data and operation records could be uploaded to and maintained on a DJI-designated server under certain circumstances.
Can we agree that DJI would not include such language if they didn’t have the ability to collect the data?
When you choose to self-authorize or “unlock” flight operations on DJI hardware control applications (including DJI Go (the “DJI Go App”)) in locations that are categorized by DJI’s Geospatial Environment Online system as raising safety or security issues, we collect and retain geolocation information relating to your decision.
The two documents appear to be out of sync on what is, or may be, collected. I think it is time for some forensic analysis.
As I mentioned in the earlier post, DJI could add an “opt in” mechanism as many other products do and also fully document what is collected and when. Relatively easy to do, and would set a very good example.
DOE and corporate
DOE, and private companies, have completely legitimate reasons for not wanting telemetry information, particularly around sensitive areas, sent to servers in China owned by a Chinese corporation. China, and many other countries, uses commercial data as part of its intelligence programs. Why hand them such data on a platter?
A partially redacted email message appeared on Twitter supposedly refuting the email message from Dennis Bosak SSA. Here is that message:
So, “banned” was not the correct word. DOI does not ban products.
Please note – in a letter specifically addressing my original post the author ignores the two most important issues – do DJI products collect and send telemetry to China, and is the DOI concerned about the cyber security implications of such practices. The author is strangely silent on these points.
I think it is safe to assume that DOI will not buy products that send potentially sensitive data to servers in China.
If DJI wants to sell to DOI, and other government agencies, they will need to address this issue. Further, they must address this issue for everyone because commercial users certainly would prefer that information about their sensitive sites isn’t shared with potential competitors and intelligence agencies.
DOI didn’t ban DJI products. DJI does have the ability to collect information you might not want to share with them or with intelligence services. This is not unique to DJI by any means and many other firms face similar challenges. Addressing them in the design phase is more expensive up front but in the long run saves money on development, legal, PR, and sales. Bake security into the products, don’t bolt it on later when you have an issue.
In this case, if you want to collect sensitive information, do so via in country servers with appropriate legal protection for the owners of the data. And don’t argue semantics while avoiding the tough questions about cyber security.
For some additional thoughtful insight on the matter, I refer you to Christopher Korody’s reporting on the matter. Very much worth reading, in this specific instance but on UAV matters for many years.
[The following was written in my role as the Advocacy Director for the National Association of Search and Rescue. A PDF version is available here – Public Agency SUAS-final.]
This is an interpretation of information in the Advisory Circular 00-1.1A “Public Aircraft Operations” and refers to Title 14 of the Code of Federal Regulations (14 CFR); and Title 49 U.S.C. §§ 40102(a)(41) and 40125.
Public agencies and civil operators are encouraged to retain their own attorney to review this interpretation.
After consultation with a UAV lawyer and their FAA consultant, we believe that civil aircraft operators may fly UAVs in support of government entities (public agencies) if the following conditions are met:
- The public agency has a COA
- A contract exists between the public agency and the civil aircraft operator
- A one time declaration is filed with the FAA by the public agency
- The mission(s) flown are purely public service
- The public agency makes a determination before each mission that the mission is public serving
If these conditions are met, any civil operator regardless of certifications may operate a UAV in support of the public entity under the requirements set forth by the public entity and its COA.
CAUTIONARY NOTE: The civil operator is not required to have a 333, or to have passed the certification described in (proposed) Part 107 in these circumstances. However, the agency can and should require a 333 or the certification described in Part 107, as a requirement of the contract with the civil operator.”
It is extremely important to note that:
- The public agency must have a COA.
- This is transferring almost all risk, responsibility, and liability for certification, experience, training, etc. from the FAA to the public agency.
- There must be a contract in place between the public agency and the civil operator (it is recommended that the contract include a requirement for the civil operator to hold a 333 or part 107)
- The declaration names a specific government official and contract that covers the relationship
It is of vital importance that the public agency maintains control of the operator of the UAV and of the missions. The liability completely falls on the public agency. There is great risk if an agency enters into this relationship without a complete understanding of the risks associated with it.
This is spelled out in more detail in Advisory Circular 00-1.1A “Public Aircraft Operations” and refers to Title 14 of the Code of Federal Regulations (14 CFR); and Title 49 U.S.C. §§ 40102(a)(41) and 40125.
[An FAA presentation on this topic is available here – FAA Public Aircraft Presentation.]
UAS, unmanned aerial systems, can play a significant role in search and rescue (SAR) operations. There are a number of hurdles to deploying these assets successfully. In my role as advocacy director for the National Association of Search and Rescue (NASAR) I’ve written position papers to address two of the hurdles:
- UAS deployment in support of SAR (and other disaster response incidents) requires professional UAS operators. At the present time, that means that all UAS operations must be performed under a valid COA either by public agencies or by Section 333 exempt operators. I wrote a paper for NASAR explaining this position and how public agencies and SAR volunteers can fly in support of SAR missions while complying with FAA policy/rules/guidelines.Here is the NASAR announcement which includes a link to the paper.
- Current FAA policy places three significant restrictions on UAS operations that make deployments extremely difficult and very ineffective:
- The operator must issue a NOTAM 72 hours before flying. (SAR is an emergency. UAS assets are extremely helpful in the early stages. Search is an emergency.)
- The operator must fly at or below 200 feet. (Imaging wide swaths of the area, operating in hilly or mountainous terrain, or establishing a communications relay with wide area coverage, requires higher altitudes.)
- The operator must not fly any closer than 500 feet to non-participating individuals or property. (Search subjects do not go missing in areas with zero population and no structures.)
To address these issues, Jason Kamdar and I wrote a proposal for a “First Responder COA (FRCOA)” to submit to the FAA. The document can be found here and the NASAR announcement about the paper and other related activity is here.
The title is intentionally provoking. Too many public comments are similar to “A falling drone will give you a bump on the head”. In fact, there is a reasonable chance it will kill you. Which of these is actually true? We simply do not know and some formal experiments are required before claims are made either way. So my point is not really that they may kill you, rather it is that we need good data.
I’d like to thank the members of a particular Facebook group for engaging in a spirited discussion that helped me refine this post. It was far too provocative in the early draft and I am certain that it still is for some.
The theoretical analysis follows, and it ignores a lot of variables. These calculations are a starting point and represent the “worst case scenario”. With a lot of additional work, we could add other constraints and end up with a probability estimate of damage from a direct impact.
Weight of a DJI Phantom – 1242g (2.73 lbs)
Altitude at time of failure – 61m (200 feet)
Force required to crush a human skull – 2,300N (Journal of Neurosurgery: Pediatrics)
Let’s plug those numbers into a calculator:
7173N of force. Almost three times the force required to crush a human skull.
Even from half that height, 100 feet, a falling Phantom would generate 3527N, still enough to crush your skull. At 65 feet you might survive the impact as the force is down to 2351N.
There are a lot of variables that I did not account for – drag, impact angle, elasticity in the body and the drone…. Real experiments need to be performed.
In an earlier post I wrote: “I think the search & rescue community should do a lot more work on designing and performing experiments with UAVs. Vendors and sales outlets keep touting their UAVs as being “good for search & rescue” without providing any data to support this claim, and often without really understanding SAR, SAR missions, and the challenges we face. (More on this in my upcoming presentation for NAASIC in Reno in September.)”
This is even more important when we consider what are appropriate missions for UAVs and how to deploy them.
I conducted two very quick experiments to illustrate two of the challenges we face. I intend to develop more formal experiments and welcome others who are interested in assisting with this effort.
I wanted to answer two questions:
- How effective is a UAV when searching an area with trees?
- How effective is a UAV when searching for clues in a soybean field?
Both of these are simple examples of SAR problems you can adapt to your own operational area.
tl;dr – You need to be down very low when searching near trees and finding an unresponsive subject in a soybean field with an optical sensor is very tough.
Searching Near Trees:
If this was your search area, and if you were searching for an uncooperative or unresponsive subject (someone who isn’t going to come investigate the noise of the UAV), how would you plan your mission? How would you execute it? How long would it take? How effective would you be? (This was taken at 200 feet by a Phantom Vision 2+. The subject is currently in the frame.)
Ok, if the subject were standing under a tree in this small area, what would you be able to see? (There are a lot of variables here – height of branches, folliage on or off, distance from subject, subject’s distance from the trunk, …. This is just an example.)
Distance from the UAV to the subject was less than 50 feet in all images.
At the subject’s altitude:
At about a 30 degree angle:
50 degrees. The subject’s legs are barely visible due to the contrast between his blue jeans and the green background. (And, if you were looking at this on a mobile device, what would you really be able to see?)
70 degrees or so. The subject is not visible.
Conclusion – you need to get under the level of the tree branches to search around trees for an unresponsive subject. This will increase your time required to search while diminishing your ability to control the UAV at long ranges.
I live, and search, in Illinois. Lots of corn, lots of soybeans. Searching for anyone in a corn field when the corn is above your head is tough. We’ll come back to that one later. Soybeans get to a few feet tall. Walking through soybean fields is … annoying … but you can certainly see a lot more. If the subject is standing up you can just walk to the edge of the field and say “Hey, there they are!” But, what if they are unresponsive and down?
Again, 50 feet up with a DJI Phantom Vision 2+. The subject dropped their high visibility orange shirt, a clue! We can see it easily on the edge of the field.
But, what if they dropped it in the field? Since you know it is in the frame, and since it is right next to the pilot, you can probably see it. If you were looking at images from 100 acres of soybeans how confident are you that you’d see this clue, particularly on a small screen?
If you are using a normal consumer UAV to search for an unresponsive subject in an area with significant vegetation your probability of detection may be rather low.