![Future of Commercial Drones 2024, DJI responds Chinese drone data security](https://dronelife.com/wp-content/uploads/2024/01/DJI_Inspire_1_Professional_by_D_Ramey_Logan-300x200.jpeg)
Photograph by D Ramey Logan, CC BY 4.0
By DRONELIFE Features Editor Jim Magill
()
The controversy over the use by public service agencies and others, of Chinese-made drones continues to rage on, with the result potentially impacting these agencies’ ability to guard and serve the general public.
Citing national security concerns, U.S. government officials have long sought to limit government agencies from the usage of drones manufactured in China, particularly those produced by DJI, the world’s leading manufacturer of unmanned aerial vehicles. Last December, President Biden signed into law the National Defense Authorization Act of 2024, which contained restrictive provisions originally proposed within the American Security Drone Act (ASDA) of 2023.
The NDAA prohibits government agencies from buying or operating drones or components from certain “covered” countries considered hostile to the US, including China. The laws also prohibits the usage of federal grants to state and native government entities for purchase of those products.
As well as, a good more comprehensive ban – this time targeting DJI specifically – is being proposed within the Countering CCP Drones Act, currently pending in Congress. Should this bill develop into law, it could include DJI on the Federal Communications Commission list of firms prevented from accessing any FCC-regulated communications network. This laws could affect all users of DJI products, including public service, industrial or consumer operators.
Proponents of the so-called country-of-origin bans say they’re crucial to make sure that drones manufactured in China don’t send data related to critical U.S. infrastructure and other vital data back to China, where under laws of that country it’s liable to being turned over to the Chinese government or the Chinese Communist Party (CCP).
“This will not be the boogeyman — we’ve seen these drones leak data overseas and it’s good to see government agencies call out the known threat,” Brian Harrell, former assistant secretary of the U.S. Department of Homeland Security, said in an announcement. “It’s clear that the US government has deemed Chinese-made drones a threat to security as China’s dominance of the electronics supply chain, including drones, is harming U.S. national security interests.”
Meanwhile, opponents of such bans – including, after all DJI itself – argue that the drones’ communications software will be configured to where the information will not be collected by DJI and that the drones will be air-gapped from the web so the information will be securely retained by the user. Additionally they say that a number of the motivations behind the proposed bans is the results of pressure by U.S. drone manufacturers, who need to eliminate the competition from the Chinese drone firms, whose products are steadily cheaper and more capable than their U.S. counterparts.
In a recent blog, DJI outlined the steps it has taken to make sure the security of its customers data.
“DJI created the marketplace for ready-to-fly civilian and industrial drones almost twenty years ago and has invested heavily in robust safety and security protections in addition to expanded user privacy controls for our products,” the corporate said. DJI went on to say:
Drone bans: pros and cons
Former Homeland Security official Harrell notes that as drones have develop into essential tools to be used by infrastructure maintenance and public safety organizations it has develop into much more critical that the information they collect doesn’t fall into the unsuitable hands.
“Due to how they’re deployed operationally, drones have inherently unique access to sensitive system and enterprise information,” he said. “Drones provide the information and imagery used for vital decision-making and planning. Nevertheless, within the hands of the adversary, that very same data offers the potential for data exfiltration, espionage and exploitation.”
Michael Gips, an attorney with 30 years of experience as a security skilled, cited the Chinese law that requires China-based technology firms to show over, on demand, data they’ve collected through their business operations, to the Chinese government.
“So, principally Chinese firms are intimately tied to the federal government, to the military and are in effect, arms of the military, information-gathering and -collecting, data-providing arms of Beijing,” he said.
Gips said that despite DJI’s assurances on the contrary, he doesn’t think that the safety solutions outlined by the corporate are sufficient to make sure that data collected by their drones is secure.
Many users, particularly law enforcement agencies and others concerned about protecting the safety of their sensitive data, depend on the usage of third-party data-collection software from firms equivalent to Texas-based DroneSense, relatively than the software package offered by the identical company that produced their Chinese-made drone.
“Those overlays, that type of middleware, I don’t know that it gets actually at the issue. They are saying it does but I’m not so sure it does,” said Gips, who serves on the board of the Global Consortium of Law Enforcement Training Executives. “I’m skeptical that these third-party solutions will be overlaid on the components which might be already in there can mitigate that problem.”
Other experts say that while the problem of knowledge security is a serious problem and one which goes beyond the usage of drones, country-of-origin bans will not be the reply.
“For those who’re going to say that that an American drone is safer simply because it’s made in America, that could be a false claim. You can’t say that if there’s not any infrastructure or technology built into it to maintain the information from not going where it doesn’t must go,” said Jon McBride, chairman of the Droning Company,
McBride, who has spent greater than twenty years within the drone industry and was the primary DJI Enterprise dealer on this planet, said that as an alternative of banning foreign-made drones, the U.S. government should establish data-security standards that each one drones – foreign or domestic – must adhere to. “Construct a typical, create a way that each drone has to undergo a third-party test or scrutiny” to be certain that that whatever data is collected can’t be transmitted to anywhere it shouldn’t go.
Brandon Karr, chief operating officer of the Law Enforcement Drone Association, agreed on the necessity a national data-security standard for each entity that flies drones, particularly law enforcement agencies, no matter what brand of drone they operate.
“Every agency, no matter what they’re utilizing, whether that’s a Blue UAS platform, a Chinese drone, or another system, should all the time do a knowledge security evaluation on any hardware that they’re utilizing that touches the web,” he said. “They need to take a look at what that system is doing and communicating with, after which make the choice as as to whether the mitigations that they’re wanting to employ meet the information security concerns for his or her agency and their use case.”
He said blanket bans on foreign-made drones, equivalent to those proposed in some federal and state laws, don’t profit anybody.
“There must be a standardized practice that each one drone manufacturers should be beholden to, no matter origin, from a knowledge security perspective, and that standard has yet to be set,” Karr said.
Read more: