Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
FAA Promises Privacy Standards For Domestic Drones
Newest First  |  Oldest First  |  Threaded View
Andrew Hornback
50%
50%
Andrew Hornback,
User Rank: Apprentice
2/24/2013 | 3:16:34 AM
re: FAA Promises Privacy Standards For Domestic Drones
Now, granted, I'm not a lawyer, but... let's throw a scenario out there regarding these drones.

Mid-America, cattle country - you've got a law enforcement drone following a suspect over hill and dale in an area that human officers can't easily get to, out in the middle of a pasture. And you've got a cattle rancher that's had issues with predators attacking his herd in the past, so he or she is on horseback, armed with a shotgun, just in case. Drone pilot loses the suspect and starts a standard, circular search pattern - ends up flying over and seriously disturbing the herd of cattle. Cattle stampede ensues. Rancher doesn't know what's causing the problem, but sees that their herd is "being chased" by a slow moving drone. Shotgun gets trained, trigger pulled, splash one drone.

Now, how does THAT situation get resolved?

Are we going to treat law enforcement drones in the same manner that we do K9 officers or in the same manner as police cruisers? Shooting a K9 officer, in most jurisdictions, is equivalent to shooting a human officer - whereas destroying a police cruiser is a matter of destroying public property.

Who owns and gets final disposition of the footage and sensor information collected by the drones? Does it all get cataloged, put on a shelf and made available to the public? Is it made available to researchers, in this instance, who are looking at cattle herding procedures, soil erosion or other geological/geographical research?

If law enforcement is using a drone for surveillance, how and when does the search warrant get served? I'm sure there are ways around that little annoyance though.

What kind of license is going to be required to fly a drone? Or is it a free-for-all? What about the amount of available spectrum for controlling these drones? What happens when a cargo freighter the size of a 747 gets hi-jacked from the ground? If the military can't keep up with where their RQ-170s are going, how are we supposed to expect commercial or civil operators to keep up with where their drones are going?

And with 30,000 drones over the next decade expected to go operational, how are we supposed to know "the good guys" from "the bad guys" ?

Somebody, preferably outside of Washington, needs to put a LOT of thought into this before turning the spigot wide open.

Andrew Hornback
InformationWeek Contributor
J. Nicholas Hoover
50%
50%
J. Nicholas Hoover,
User Rank: Apprentice
2/15/2013 | 8:03:39 PM
re: FAA Promises Privacy Standards For Domestic Drones
I'm glad the FAA is thinking about this now, rather than years from now when Tacocopter is out delivering tacos and police are regularly operating drones over crime scenes. However, part of me wonders whether new FAA guidance is necessary, or whether instead drone privacy should and could be shoehorned into existing privacy law.


Stop Defending Everything
Kevin Kurzawa, Senior Information Security Auditor,  2/12/2020
Small Business Security: 5 Tips on How and Where to Start
Mike Puglia, Chief Strategy Officer at Kaseya,  2/13/2020
Architectural Analysis IDs 78 Specific Risks in Machine-Learning Systems
Jai Vijayan, Contributing Writer,  2/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
How Enterprises Are Developing and Maintaining Secure Applications
How Enterprises Are Developing and Maintaining Secure Applications
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19325
PUBLISHED: 2020-02-17
SilverStripe through 4.4.x before 4.4.5 and 4.5.x before 4.5.2 allows Reflected XSS on the login form and custom forms. Silverstripe Forms allow malicious HTML or JavaScript to be inserted through non-scalar FormField attributes, which allows performing XSS (Cross-Site Scripting) on some forms built...
CVE-2020-1693
PUBLISHED: 2020-02-17
A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of service, or in certain circumstances, execute arbi...
CVE-2020-1828
PUBLISHED: 2020-02-17
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module does not validate a field in a specific message. ...
CVE-2020-1857
PUBLISHED: 2020-02-17
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. Due to improper processing of some data, a local authent...
CVE-2020-1858
PUBLISHED: 2020-02-17
Huawei products NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; Secospace USG6600 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100; and USG9500 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have a denial of service vulnerability. Att...