Skip to main content

Unmanned Aircraft Systems: Measuring Progress and Addressing Potential Privacy Concerns Would Facilitate Integration into the National Airspace System [Reissued on September 18, 2012]

GAO-12-981 Published: Sep 14, 2012. Publicly Released: Sep 18, 2012.
Jump To:
Skip to Highlights

Highlights

What GAO Found

Progress has been made, but additional work is needed to overcome many of the obstacles to the safe integration of unmanned aircraft systems (UAS) that GAO identified in 2008. GAO reported in 2008 that UAS could not meet the aviation safety requirements developed for manned aircraft and that this posed several obstacles to safe and routine operation in the national airspace system. These obstacles still exist and include the inability for UAS to sense and avoid other aircraft and airborne objects in a manner similar to manned aircraft; vulnerabilities in the command and control of UAS operations; the lack of technological and operational standards needed to guide safe and consistent performance of UAS; and final regulations to accelerate the safe integration of UAS into the national airspace system. The Joint Planning and Development Office of the FAA has provided UAS stakeholders with a framework to collaborate and coordinate their UAS integration efforts.

Congress set forth specific requirements and deadlines in the FAA Modernization and Reform Act of 2012 for FAA to safely accelerate UAS integration. FAA, in coordination with stakeholders, has begun making progress toward completing those requirements, but has missed one deadline and could miss others. Many of the requirements entail significant work, including completing planning efforts and issuing a final rule for small UAS. Most of the requirements are to be achieved by December 2015. While FAA has taken steps to meet them, it is uncertain when the national airspace system will be prepared to accommodate UAS given that these efforts are occurring simultaneously and without monitoring to assess the quality of progress over time toward the deadlines Congress established. Better monitoring can help FAA understand what has been achieved and what remains to be done and can also help keep Congress informed about this significant change to the aviation landscape.

Concerns about national security, privacy, and the interference in Global Positioning-System (GPS) signals have not been resolved and may influence acceptance of routine access for UAS in the national airspace system. The Department of Homeland Security's (DHS) Transportation Security Administration (TSA) has the authority to regulate security of all modes of transportation, including non-military UAS. Working with FAA and other federal agencies, TSA implements security procedures, such as airspace restrictions like those limiting operations into and out of Ronald Reagan National Airport. In 2008, GAO recommended that TSA examine the security implications of non-military UAS. According to a TSA official, it recently reviewed its UAS related advisories and determined that they are still applicable. TSA has not provided information on its efforts to mitigate security implications of UAS, and GAO believes TSA should act on this recommendation. Stakeholder privacy concerns include the potential for increased amounts of government surveillance using technologies placed on UAS, the collection and use of such data, and potential violations of constitutional Fourth Amendment protections against unreasonable search and seizures. Currently, no federal agency has specific statutory responsibility to regulate privacy matters relating to UAS for the entire federal government. Some stakeholders have suggested that DHS or the Department of Justice (DOJ) might be better positioned to address privacy issues since they generally stem from the operational uses of UAS for governmental surveillance and law enforcement purposes. Working proactively to address security and privacy concerns could help prevent further delays in UAS integration. Finally, non-military UAS GPS signals are unencrypted, risking potential interruption of the command and control of UAS.

Why GAO Did This Study

UAS do not carry a pilot on board, but instead operate on pre-programmed routes and by following commands from pilot-operated ground stations. UAS can be small, generally 55 pounds or less, or large. Current domestic uses include law enforcement, forest fire monitoring, border security, weather research, and scientific data collection. However, current uses are limited. FAA authorizes UAS operations on a case-by-case basis after conducting a safety review. FAA and the other federal agencies that have a role or interest in UAS are working to provide routine access for UAS into the national airspace system.

As requested, this report discusses (1) the status of obstacles identified in GAO's 2008 report to integrate UAS into the national airspace system, (2) FAA's progress in meeting its congressional requirements for UAS, and (3) emerging issues. GAO reviewed and analyzed documents and interviewed relevant government, academic, and private-sector entities, as well as UAS users and civil liberties organizations.

Reissued on September 18, 2012

Recommendations

FAA should incorporate regular monitoring of its efforts to assess progress toward fulfilling its statutory requirements. FAA, DHS, and DOJ should explore whether any actions are needed to guide the collection and use of UAS-acquired data. GAO provided a draft of this report to officials at DOT, DHS, DOJ, and three other agencies. DHS and DOJ concurred with the recommendation; DOT officials agreed to consider the recommendations.

Recommendations for Executive Action

Agency Affected Recommendation Status
Department of Transportation The Secretary of Transportation should direct the FAA Administrator to incorporate, in FAA's comprehensive plan (to be completed in November 2012) and the 5-year road map for UAS integration (to be completed in February 2013), mechanisms that allow for regular monitoring to assess progress toward safe and routine access of UAS into the national airspace system.
Closed – Implemented
In 2012, GAO reported that the pace of FAA's progress toward the safe integration of unmanned aircraft systems (UAS) in the National Airspace System (NAS), prior to the FAA Modernization and Reform Act of 2012, raised concerns for when progress would be achieved and questions about the agency's ability to meet deadline requirements in the 2012 Act. The legislation established specific requirements and deadlines for FAA to safely accelerate UAS integration. GAO found that FAA, in coordination with stakeholders, had begun making progress toward completing the requirements, but had missed one deadline and could miss others. Many of the requirements entailed significant work, including completing planning efforts and issuing a final rule for the operation and certification of small UAS. In addition, GAO found that while FAA had taken steps to meet them, it was uncertain when the NAS would be prepared to accommodate UAS given that these efforts were occurring simultaneously within FAA and other federal agencies that have a role or interest in UAS, and without monitoring to assess the quality of progress toward the deadlines that the 2012 Act established. GAO concluded that better monitoring could help FAA understand what was being achieved and what remained to be done, as well as also to help keep Congress informed about this significant change to the aviation landscape. Therefore, GAO recommended that FAA incorporate in its comprehensive plan and the 5-year road map for UAS integration, mechanisms that allow for regular monitoring to assess progress toward safe and routine access of UAS into the national airspace system. In 2016, GAO confirmed that the Joint Planning and Development Office published a UAS Comprehensive Plan that outlined the path forward for safe acceleration of the integration of civil UAS into the NAS. The comprehensive plan included UAS national goals and objectives that reflected the partner agencies' UAS mission needs. The completed work provided a common framework for evolving interagency coordination, planning, and collaboration among the partner agencies and the UAS community. Additionally, FAA published a Roadmap for Integration of Civil UAS in the NAS that outlined the actions and considerations needed to enable UAS integration into the NAS. The roadmap also aligned FAA's proposed actions with Congressional mandates from the 2012 Act, and provided goals, metrics for activities, and target dates -- to be updated annually with the specific implementation details based on current UAS operations, ongoing research, and government/industry collaboration -- for FAA and its government and industry partners to use in planning key activities for UAS integration. The metrics and target dates helped to establish common government and industry expectations, and enabled objective assessments of the progress made toward accomplishing each goal. As a result, incorporating the mechanisms for regular monitoring in the comprehensive plan and 5-year roadmap has assisted FAA to assess progress toward meeting national and agency goals identified in the 2012 Act, and provided a framework for understanding what is being achieved and what remains to be done.
Department of Homeland Security The Secretaries of Transportation and Homeland Security and the Attorney General should initiate discussions, prior to the integration of UAS into the national airspace system, to explore whether any actions should be taken to guide the collection and use of UAS-acquired data.
Closed – Implemented
In 2012, GAO reported that concerns regarding the potential security and privacy implications of unmanned aircraft systems (UAS) are growing. As the number of UAS operating in the national airspace system increases, questions about how the security of the national airspace system will be protected and how data captured by UAS will be used by governmental or commercial entities will continue to arise. No single federal agency has been statutorily designated with specific responsibility to regulate privacy matters relating to UAS for the entire federal government. Rather a number of federal agencies including DOT, DHS, and DOJ, are statutorily required to establish a privacy office and/or Chief Privacy Officers to assess their agency programs, including proposed programs, systems, technologies, or rule-makings for privacy risks. Some UAS stakeholders believe that since FAA has responsibility to regulate the national airspace system, it could be positioned to handle responsibility for incorporating rules that govern UAS use and data collection. Other stakeholders believe that DHS or DOJ might be better positioned to address UAS privacy issues since they generally stem from the operational uses of UAS for surveillance and law enforcement purposes. While is it not clear what entity should be responsible for addressing privacy concerns across the federal government, many stakeholders believe that there should be federal regulations for the types of allowable uses of UAS to specifically protect the privacy of individuals as well as rules for the conditions and types of data that UAS can collect. However, these agencies have not yet stepped forward to proactively address privacy issues. This lack of activity may result from agency officials' belief that they do not have direct authority to regulate privacy issues for UAS or the current level of UAS activity in the national airspace system. Therefore, GAO recommended that DOT, DHS and the Attorney General initiate discussions, prior to the integration of UAS into the national airspace system, to explore whether any actions should be taken to guide the collection and use of UAS-acquired data. Since November 2012, FAA's UAS Integration Office has met with DHS's Privacy Office and DOJ's Office of the Deputy Attorney General to develop privacy-related text for the UAS Comprehensive Plan and the UAS Roadmap. Also, these offices have participated in public forums on privacy and together held informal discussions about data privacy as it relates to UAS integration into the National Air Space (NAS). On July 9, 2013, these offices agreed to suspend further meetings in favor of participating in broader government-wide discussions occurring in a newly-formed Interagency Policy Committee on UAS. As a result of these actions, FAA, DHS and DOJ are now proactively working to address security and privacy concerns related to the integration of UAS into the national airspace system.
Department of Justice The Secretaries of Transportation and Homeland Security and the Attorney General should initiate discussions, prior to the integration of UAS into the national airspace system, to explore whether any actions should be taken to guide the collection and use of UAS-acquired data.
Closed – Implemented
In 2012, GAO reported that concerns regarding the potential security and privacy implications of unmanned aircraft systems (UAS) are growing. As the number of UAS operating in the national airspace system increases, questions about how the security of the national airspace system will be protected and how data captured by UAS will be used by governmental or commercial entities will continue to arise. No single federal agency has been statutorily designated with specific responsibility to regulate privacy matters relating to UAS for the entire federal government. Rather a number of federal agencies including DOT, DHS, and DOJ, are statutorily required to establish a privacy office and/or Chief Privacy Officers to assess their agency programs, including proposed programs, systems, technologies, or rule-makings for privacy risks. Some UAS stakeholders believe that since FAA has responsibility to regulate the national airspace system, it could be positioned to handle responsibility for incorporating rules that govern UAS use and data collection. Other stakeholders believe that DHS or DOJ might be better positioned to address UAS privacy issues since they generally stem from the operational uses of UAS for surveillance and law enforcement purposes. While is it not clear what entity should be responsible for addressing privacy concerns across the federal government, many stakeholders believe that there should be federal regulations for the types of allowable uses of UAS to specifically protect the privacy of individuals as well as rules for the conditions and types of data that UAS can collect. However, these agencies have not yet stepped forward to proactively address privacy issues. This lack of activity may result from agency officials' belief that they do not have direct authority to regulate privacy issues for UAS or the current level of UAS activity in the national airspace system. Therefore, GAO recommended that DOT, DHS and the Attorney General initiate discussions, prior to the integration of UAS into the national airspace system, to explore whether any actions should be taken to guide the collection and use of UAS-acquired data. Since November 2012, FAA's UAS Integration Office has met with DHS's Privacy Office and DOJ's Office of the Deputy Attorney General to develop privacy-related text for the UAS Comprehensive Plan and the UAS Roadmap. Also, these offices have participated in public forums on privacy and together held informal discussions about data privacy as it relates to UAS integration into the National Air Space (NAS). On July 9, 2013, these offices agreed to suspend further meetings in favor of participating in broader government-wide discussions occurring in a newly-formed Interagency Policy Committee on UAS. As a result of these actions, FAA, DHS and DOJ are now proactively working to address security and privacy concerns related to the integration of UAS into the national airspace system.
Department of Transportation The Secretaries of Transportation and Homeland Security and the Attorney General should initiate discussions, prior to the integration of UAS into the national airspace system, to explore whether any actions should be taken to guide the collection and use of UAS-acquired data.
Closed – Implemented
In 2012, GAO reported that concerns regarding the potential security and privacy implications of unmanned aircraft systems (UAS) are growing. As the number of UAS operating in the national airspace system increases, questions about how the security of the national airspace system will be protected and how data captured by UAS will be used by governmental or commercial entities will continue to arise. No single federal agency has been statutorily designated with specific responsibility to regulate privacy matters relating to UAS for the entire federal government. Rather a number of federal agencies including DOT, DHS, and DOJ, are statutorily required to establish a privacy office and/or Chief Privacy Officers to assess their agency programs, including proposed programs, systems, technologies, or rule-makings for privacy risks. Some UAS stakeholders believe that since FAA has responsibility to regulate the national airspace system, it could be positioned to handle responsibility for incorporating rules that govern UAS use and data collection. Other stakeholders believe that DHS or DOJ might be better positioned to address UAS privacy issues since they generally stem from the operational uses of UAS for surveillance and law enforcement purposes. While is it not clear what entity should be responsible for addressing privacy concerns across the federal government, many stakeholders believe that there should be federal regulations for the types of allowable uses of UAS to specifically protect the privacy of individuals as well as rules for the conditions and types of data that UAS can collect. However, these agencies have not yet stepped forward to proactively address privacy issues. This lack of activity may result from agency officials' belief that they do not have direct authority to regulate privacy issues for UAS or the current level of UAS activity in the national airspace system. Therefore, GAO recommended that DOT, DHS and the Attorney General initiate discussions, prior to the integration of UAS into the national airspace system, to explore whether any actions should be taken to guide the collection and use of UAS-acquired data. Since November 2012, FAA's UAS Integration Office has met with DHS's Privacy Office and DOJ's Office of the Deputy Attorney General to develop privacy-related text for the UAS Comprehensive Plan and the UAS Roadmap. Also, these offices have participated in public forums on privacy and together held informal discussions about data privacy as it relates to UAS integration into the National Air Space (NAS). On July 9, 2013, these offices agreed to suspend further meetings in favor of participating in broader government-wide discussions occurring in a newly-formed Interagency Policy Committee on UAS. As a result of these actions, FAA, DHS and DOJ are now proactively working to address security and privacy concerns related to the integration of UAS into the national airspace system.

Full Report

Office of Public Affairs

Topics

Air traffic control systemsCommercial aviationData collectionFederal legislationFederal regulationsInternal controlsOperations researchResearch and developmentStandardsSystems integrationTransportation security