Technology March 2023
FAA Drone Regulation Survives Constitutional Challenge
Written by Pierre Grosdidier
Drones are fun toys and increasingly useful work tools, but that does not mean that they are safe and that they cannot be nuisances or even threats. With that in mind, Congress enacted legislation in 2016 and 2018 requiring the Federal Aviation Administration, or FAA, to develop drone regulations. In response, the FAA promulgated a Remote Identification, or Remote ID, Rule that requires drones to broadcast the digital equivalent of a vehicle license plate. The rule applies to drones weighing over 0.55 pounds (250 grams) and takes effect on September 16, 2023. Tyler Brennan, a drone user and retailer, facially challenged the rule’s constitutionality under the Fourth Amendment.1 He argued, inter alia, that the rule interfered with his reasonable expectation of privacy without requiring a warrant, and that it allowed the government to easily and inexpensively track drone operators without judicial oversight. The U.S. Court of Appeals for the District of Columbia Circuit rejected all of his arguments.
The Remote ID Rule requires drones in flight to publicly broadcast their serial number, their location (latitude, longitude, and altitude) and velocity, the location of their control station, a time stamp, and any applicable “emergency status” flag like low fuel or battery. The rule does not apply to drones that are flown within enclosed spaces. The drone’s data can be captured and displayed by apps within signal range, so anyone can be made aware of drones’ presence around them, and irresponsible operators can be identified and held to account.
Separately, the FAA collects drone owners’ personal identifying information when owners register their drones, but this information is confidential and protected by the Privacy Act of 1974.2 A drone’s flight data can only be matched to these non-public records by authorities “when necessary and relevant to a[n] FAA enforcement activity” and within legal and constitutional bounds.3 The rule also does not contemplate public actors recording and storing drone flight data.
Under Katz v. United States, a Fourth Amendment search occurs when the government intrudes on a person’s subjective expectation of privacy that society accepts as reasonable under the circumstances. Here, the court reasoned that drones are no exception to the rule that pilots generally have no reasonable expectation of privacy in flight activities that they conduct outdoor in public view.4
The court also noted that the rule requires the broadcast of drone flight information to the public, not its tracking and storage by the government for later law enforcement querying. Technology implicates the Fourth Amendment only when it is exploited, not merely because it exists. Moreover, the brevity and local nature of a drone’s flight mean that flight data is nowhere as threatening to privacy as the wealth of personal information in a smart device.5 Drone data broadcasts result in no physical trespass and cannot provide an “intimate window into a person’s life” as can cellphone tracking data.6
Finally, the personal information that the FAA gathers from drone owners, such as name, address, and phone number, remains protected through the Privacy Act. Remote ID does not disclose any of this information to the public. The FAA may only match drone data to owner information when issues arise related to the safety and security of the drone’s operation. Even then, use of drone data by the FAA and law enforcement authorities acting with the FAA must comply with all constitutional and legal safeguards. As things stand, the rule would have to be changed to allow law enforcement authorities to access the FAA’s database to match flight data to owner operation “for uses beyond aviation safety and security.” The court, therefore, rejected Brennan’s claim that the rule amounted to a warrantless intrusion into drone owners’ “constitutionally cognizable privacy interests.”7 TBJ
This article, which was originally published in Circuits, has been edited and reprinted with permission.
Pierre Grosdidier is an attorney in Houston. He belongs to the first group of attorneys certified in construction law by the Texas Board of Legal Specialization in 2017. Grosdidier’s practice also includes data privacy and unauthorized computer access issues and litigation. Prior to practicing law, he worked in the process control industry. Grosdidier holds a Ph.D. from Caltech and a J.D. from the University of Texas. He is a member of the State Bar of Texas, an AAA Panelist, a registered P.E. in Texas (inactive), a member of the Texas Bar Foundation, a fellow of the American Bar Foundation, and the State Bar of Texas Computer & Technology Section Chair for 2022-2023.