By Stephen Kiehl

Continuing their focus on drone privacy issues, Senator Edward J. Markey (D-Mass.) and Rep. Peter Welch (D-Vt.) introduced legislation in the House and Senate this month that would require drone operators to create policies covering data collection and retention and require warrants for law enforcement agencies to conduct surveillance by drone.

The Drone Aircraft Privacy and Transparency Act, available here, is similar to legislation Markey and Welch introduced last year, which did not become law.  The lawmakers said they are concerned about the potentially “sensitive and personally identifiable information” about Americans drones (“UAS”) collect as they are operated. 
Continue Reading Legislation Introduced in House and Senate to Establish Drone Privacy Rules

Senators Ed Markey (D-MA) and Richard Blumenthal (D-CT) reintroduced a pair of bills today relating to the cybersecurity of cars and aircraft, which would impose affirmative security, disclosure, and consent requirements on manufacturers and air carriers.  The Security and Privacy in Your Car (“SPY Car”) Act and Cybersecurity Standards for Aircraft to Improve Resilience (“Cyber AIR”) Act were each introduced but not enacted in a previous session of Congress.  In a joint press release, the Senators noted that the legislation was designed to “implement and improve cybersecurity standards for cars and aircraft.”

The SPY Car Act

The SPY Car Act would require cars manufactured for sale in the U.S. to comply with “reasonable measures to protect against hacking attacks,” including measures to isolate critical software systems from non-critical systems, evaluate security vulnerabilities, and “immediately detect, report, and stop attempts to intercept driving data or control the vehicle.”  It would also require “driving data” collected by cars to be “reasonably secured to prevent unauthorized access,” including while such data is in transit to other locations or subsequently stored elsewhere.  Violations of these cybersecurity requirements are subject to civil penalties of up to $5,000 per violation.
Continue Reading Senators Reintroduce Cybersecurity Legislation for Cars and Planes

By Jack Schenendorf, Brian Smith, and Hannah Lepow

Tuesday, the Federal Aviation Administration (“FAA”) finalized its long-awaited rule on the commercial use of small unmanned aircraft systems (“UAS” or “drones”).  The rule comes a month after the National Telecommunications and Information Administration multistakeholder group reached consensus on best practices for drone privacy.  The FAA’s action is significant—for the first time, there will be a comprehensive and generally applicable set of rules for anyone wishing to operate a small drone for commercial purposes.

Before the adoption of this rule, which will take effect in August 2016, anyone wishing to operate a drone for anything other than hobbyist recreation had to apply for an individualized authorization from the FAA.  Although the FAA had made an effort to process the authorizations quickly, the applications quickly developed a backlog.  We expect that the new rule, which applies to drones weighing less than 55 pounds, will spur widespread use of drones for a variety of commercial operations, including aerial video for newsgathering, pipeline and radio tower inspections, aerial surveying, aerial photography for real estate and construction site monitoring, disaster response, and other uses still to be developed.
Continue Reading Federal Aviation Administration Finalizes Small Unmanned Aircraft Rule

By Alex Berengaut

On Monday, October 29, the Supreme Court heard oral argument in Clapper v. Amnesty International (No. 11-1025), a challenge brought by the American Civil Liberties Union (ACLU) against the FISA Amendments Act (FAA) of 2008.  The FAA amended the Foreign Intelligence Surveillance Act (FISA) of 1978 by authorizing new procedures for electronic