Exploring the ups & downs of the U.S. FAA law

A new federal law enacted as part of the bipartisan Federal Aviation Administration (FFA) Reauthorization Act of 2018, which was signed by President Donald Trump in 2018, imposes significant information privacy requirements on commercial drone operators. This includes construction companies that use drones to monitor and inspect their jobsites.

The Drone Privacy Policy Requirement

The new law requires a commercial drone operator to create and implement a privacy policy governing the collection, retention and protection of any data collected by its drones. Such information can potentially include video footage or photographs of people taken by drones equipped with cameras.

Commercial drone operators must publically post their drone privacy policies on their websites. Any violation of a commercial drone operator’s privacy policy constitutes an unfair and deceptive practice subject to enforcement by the Federal Trade Commission.

The new law also requires each commercial drone operator’s privacy policy to fully respect individuals’ privacy consistent with all state and local laws, as well as federal law and the United States Constitution.

3 Steps to Compliance

  1. Determine what state and local data privacy laws could be implicated by your construction company’s drone usage and how you can best comply with any such laws moving forward.
  2. Assess data protection and cybersecurity practices in order to ensure that any personal information acquired by your company’s drones is protected in accordance with applicable state, local and federal laws.
  3. Evaluate the feasibility of refraining from using drones for activities, such as collecting biometric information, that could potentially violate certain state privacy laws.