What's the Right Way to Regulate Commercial Drones?
As the barrage of television, newspaper, and online advertisements alert us to Black Friday shopping extravaganzas, small unmanned aerial systems (sUAS) remain prominent gifts for this year’s holiday wish lists. The ever-lowering costs of these commercial, hobbyist aircraft—and their components—combined with the FAA’s decision to relax restrictions on when, where and what can be flown, and by whom, has the law enforcement community decidedly less excited. Today, law-enforcement operators have two legal options for enforcing laws that address either negligent or deliberately antagonistic drones in urban and rural domestic environments: (1) see something, say something, and (2) forensically identify the drone owner-operator after it has taken off, landed, or caused harm or disruption.
Glaringly absent in law enforcement’s toolbox is the ability to actually counter drones. Interdicting or preventing a sUAS after take-off and before disruption or deliberate damage occurs is bit of a blurry mess.
Law enforcement’s ability to address the threat of negligent or deliberate misuse of drones is very limited. First, legal authorities are unclear, and policies almost nonexistent. Under current law, there is no legal difference between a manned or unmanned aircraft, so interfering with a drone carries the same legal penalties as interfering with a manned aircraft (i.e., go to jail for hijacking). While modifying existing case law or introducing new laws take time, these issues are being addressed by a number of working groups. The speed of technological evolution makes developing a relevant legal framework challenging.
A larger problem, however, is the lack of technology that can reliably address these challenges. While there is no shortage of claims (many unsubstantiated) and marketing for counter-drone systems, they almost exclusively rely on drone manufacturers and owners to follow the community’s rules and traditions. In this honor-based system, counter-drone manufacturers and owners assume the drones have unencrypted data links, the software is reliable or has not been hacked, and that manufacturers (companies or DIYers) actually have built in fail-safes. This is a two-part assumption: first, that COTS drones will act as they say they do on the box, and second, that COTS drones will not be modified after purchase.
Like guns, buying one and registering it legally does not guarantee that it won’t be modified after purchase or that it won’t be used illicitly. Taking this analogy somewhat further, this is like the sale of automatic weapons—for military use—in gun enthusiast shops. COTS drones are increasingly becoming autonomous; consequently, using any radio-frequency-based, cooperative Counter–Unmanned Aerial Systems (CUAS) methods will soon become obsolete.
The most challenging messages to relay to law enforcement tasked with procuring counter-drone systems include: (1) COTS and DIY drones may not perform as they are supposed to; (2) COTS and DIY drones can be engineered—hardware and software—to ignore, spoof, or introduce new commands; (3) current counter-drone systems claims are not backed up by rigorous testing in “polluted,” “dirty,” densely populated areas, where there is interference that can confound or be impacted by today’s radio-frequency countermeasures.
The fuzziness around countering sUAS (CUAS) entails legal, technical, and operational challenges, including:
• Any measures used to take control of another aircraft, no matter how small, is legally hijacking.
• Selling some existing countermeasures for use in urban environments (non-battlefield) is legal, whereas the possession of GPS jammers can be illegal in other cases. In all cases, using them is not legal.
• By their nature, sUAS literally fly under the radar, which makes their detection and defeat a real challenge, should traditional radar be the method of detection.
• The hardware and software used to control sUAS has no standards; it can take any form the manufacturer (company or individual) wants. There are no requirements for reliability or functionality. This impacts the owner-operator trying to disrupt, deter, or defeat a drone that either has (1) not responded to its given command signals, (2) been hacked to circumvent, for example, geofenced areas, or (3) assumes that today’s nonmilitary countermeasures based on cooperatively engaging with the sUAS will work as they are supposed to. Hoping a COTS drone will act as it is supposed to so that it can be countered is not a winning strategy, and it can result in serious loss of property or life, or severe disruption of services.
• There are enough open-source instructions on how to build a DIY drone that is unique and untraceable.
• There are numerous web sites that explain how to hack drones so they can’t be stopped by current CUAS systems. In fact, several companies are developing or selling technologies specifically designed to negate the effects of current CUAS systems.
• Liability and risk-transfer solutions have yet to be articulated for the drone manufacturer (COTS), the buyer of countermeasures, the user of the COTS drone and the user of the CUAS product.
• Law enforcement operators do not have a set of operational requirements or policies that designate authority, identify when and how to respond, and that help to identify what countermeasures to procure.