Federal Aviation Administration

By Stephen Kiehl

Continuing their focus on drone privacy issues, Senator Edward J. Markey (D-Mass.) and Rep. Peter Welch (D-Vt.) introduced legislation in the House and Senate this month that would require drone operators to create policies covering data collection and retention and require warrants for law enforcement agencies to conduct surveillance by drone.

The Drone Aircraft Privacy and Transparency Act, available here, is similar to legislation Markey and Welch introduced last year, which did not become law.  The lawmakers said they are concerned about the potentially “sensitive and personally identifiable information” about Americans drones (“UAS”) collect as they are operated. 
Continue Reading Legislation Introduced in House and Senate to Establish Drone Privacy Rules

Senators Ed Markey (D-MA) and Richard Blumenthal (D-CT) reintroduced a pair of bills today relating to the cybersecurity of cars and aircraft, which would impose affirmative security, disclosure, and consent requirements on manufacturers and air carriers.  The Security and Privacy in Your Car (“SPY Car”) Act and Cybersecurity Standards for Aircraft to Improve Resilience (“Cyber AIR”) Act were each introduced but not enacted in a previous session of Congress.  In a joint press release, the Senators noted that the legislation was designed to “implement and improve cybersecurity standards for cars and aircraft.”

The SPY Car Act

The SPY Car Act would require cars manufactured for sale in the U.S. to comply with “reasonable measures to protect against hacking attacks,” including measures to isolate critical software systems from non-critical systems, evaluate security vulnerabilities, and “immediately detect, report, and stop attempts to intercept driving data or control the vehicle.”  It would also require “driving data” collected by cars to be “reasonably secured to prevent unauthorized access,” including while such data is in transit to other locations or subsequently stored elsewhere.  Violations of these cybersecurity requirements are subject to civil penalties of up to $5,000 per violation.
Continue Reading Senators Reintroduce Cybersecurity Legislation for Cars and Planes

On Wednesday, the Supreme Court heard oral argument in Federal Aviation Administration v. Cooper, a case that raises the question of whether a plaintiff who alleges only mental and emotional distress can establish “actual damages” within the meaning of the federal Privacy Act’s civil remedies provision.  The question is crucial to determining the scope of relief afforded under one of the principal legal restraints on the federal government’s use and disclosure of the “records” it maintains about individuals.Continue Reading Supreme Court Considers Key Question Under the Privacy Act