Small Unmanned Aircraft Systems (UAS), commonly referred to as drones, continue to make headlines for their ability to engage in all manner of revolutionary and lifesaving activities. Unfortunately, terrorists and criminals are proving as innovative as their industry counterparts in finding novel uses for UAS. The increasingly common use of drones by terrorists to launch strikes abroad has raised concerns that domestic malefactors may plan and execute similar attacks. Some criminal actors, meanwhile, are using drones to smuggle drugs across the border or into prisons, or otherwise to support their nefarious enterprises. These incidents, as well as others, including unauthorized flights over sports stadiums and in controlled airspace near airports—and even a crash onto the White House lawn—have exposed both the vulnerability of sensitive facilities and critical infrastructure to hostile or recklessly operated UAS, and serious shortcomings in the capabilities of law enforcement and national security agencies to address these threats.
Rectifying this will require national security and law enforcement agencies to develop robust means of detecting, identifying, and countering hostile or threatening UAS by disrupting, seizing control of, or even destroying them. Unfortunately, the legal authorities to develop and make use of this capability are ambiguous at best, and, in fact, a number of federal laws appear to frustrate efforts by federal, state, and local government officials to procure and use comprehensive counter-UAS (CUAS). If the public is to enjoy the many benefits drone technologies offer, this deficit must be overcome.
To that end, Congress should continue the process it began with the National Defense Authorization Acts (NDAAs) of 2017 and 2018 and expand the limited CUAS authority given therein to grant broad statutory exemptions to the Departments of Defense (DOD), Justice (DOJ), and Homeland Security (DHS), as well as other federal law enforcement agencies, to acquire CUAS technologies and develop departmental policies and “rules of engagement” to govern their use. Congress should also establish a pilot program to allow the DHS to deputize and train select state and local law enforcement officials in the operation of CUAS platforms, given the integral role state and local agencies play in addressing all manner of threats to public safety.
Terrorism. U.S. officials must consider the potential use of drones by terrorists. Hezbollah was using drones as early as 2004, and a variety of other terrorist organizations have also made use of drones as weapons or for reconnaissance purposes. ISIS forces in Syria and Iraq began using off-the-shelf drones primarily for intelligence or propaganda purposes in 2014. As drones became cheaper and more powerful, however, ISIS began to seriously invest in UAS as implements of war. Facilities to produce crude bombers and scratch-built drone parts were discovered in territory recaptured from ISIS. ISIS has released propaganda footage of its fighters learning how to weaponize drones and regularly posts videos of its bombing operations, as well as graphics claiming its drone strikes were causing significant damage and casualties.
While ISIS propaganda overstates its efficacy, U.S. officials and analysts agree that ISIS’s use of drones is growing more pronounced and deadly. Lt. General Vincent Stewart, director of the Defense Intelligence Agency, testified in 2017: “In the past year, ISIS’s use of UAS for surveillance and delivery of explosives has increased, posing a new threat to civilian infrastructure and military installations.” New concerns include the possibility of “swarms” of small weaponized UAS that overwhelm the ability to counter them.
With the growth of drones as terrorist weapons of war in Syria and Iraq, U.S. policymakers and security officials are also becoming more concerned at the prospect of weaponized drones back home. In September 2017, FBI Director Christopher Wray testified: “I think that the expectation is that [terrorist use of drones] is coming here, imminently.”
UAS pose a unique threat in that they can avoid many traditional counterterrorism defenses. Events like the Super Bowl, a large concert, or critical infrastructure facilities such as a power plant or a chemical production plant feature multiple layers of security, such as screening of visitors to prevent the use of weapons or explosives inside the venue, hardened barriers to defeat vehicular attacks, and armed guards as an extra layer of defense to defeat any active threats. A drone-based attack avoids most of these defenses, making it attractive for would-be terrorists. As if to demonstrate the vulnerability of even the most hardened targets, in 2015 a drunken federal government employee crashed a drone onto the White House lawn.
One important capability that remains is proactive intelligence gathering that seeks to detect would-be terrorists before they strike. Indeed, the U.S. has already relied on such intelligence in the case of Rezwan Ferdaus, whose 2011 plot to use remote control aircraft to attack the Pentagon and Capitol building was foiled by an FBI sting operation. But the fact that drones can bypass so much of the traditional security apparatus and potentially strike high-value targets is disconcerting.
Indeed, given the widespread availability of drones today, it is easier than ever for terrorists to get their hands on these systems. The more difficult part of a drone-based attack is creating or acquiring the payload, such as explosives. Nevertheless, based on the uses of UAS in Iraq and Syria, it is relatively easy to outfit a UAS with an explosive device and use the drone as a makeshift missile—or enable it to drop small explosive devices such as grenades. UAS attacks involving larger explosives or even chemical weapons are also possible, as detailed in a DHS National Terrorism Advisory Bulletin in November 2017. In 2015, a protestor piloted a drone carrying a trace amount of radioactive material onto the roof of the Japanese Prime Minister’s office. Though the action was spurred by opposition to nuclear power rather than a desire to inflict terror, the incident could be a proof-of-concept for more nefarious individuals. Weaponized drones also pose a threat to European allies, as Europe faces a significant number of foreign fighters from Iraq or Syria returning to Europe with knowledge of explosives and weaponized drones.
Recent history demonstrates that criminals are at least as inventive as mainstream entrepreneurs in concocting novel uses for UAS that further their existing illicit enterprises. One report in the U.K. pointed to the use of a small UAS by burglars to “case” private properties prior to initiating a break-in. In similar, though more technologically sophisticated form, another report highlights the criminal use of drones equipped with infrared cameras to detect the heat signatures of marijuana grow-houses, so that the illegal cash crop could be stolen. In Australia, a drug cartel used a UAS to spy on law enforcement authorities actively surveilling its illegal operations, forcing the authorities to “initiate procedures and methods to defeat it.”
Though none of these incidents involved weaponized drones, that threat is real and likely inevitable. One hobby flier in New Haven, Connecticut, modified two drones to carry a handgun and a flamethrower. In videos posted to YouTube, the operator publicized his ability to remotely fire both weapons, raising the alarming prospect that nefarious actors could build and use similar platforms to launch remote attacks, whether for criminal or terrorist purposes. Even unarmed, however, drones can pose a danger to the community. Malefactors could execute an assault or harass individuals simply by “buzzing” or charging them at high speed. An uninvited visit to another’s property, by foot or by drone, may constitute a trespass. “Peeping Toms” could use drones to invade the privacy of others. Reckless operators can cause bodily harm simply by losing control of the drone. This was proven in Seattle when a hobby flier’s drone collided with a building and fell onto a woman, who suffered a concussion.
Another concern is the use of drones to smuggle contraband into state and federal prisons. The problem of contraband is perhaps as old as prisons themselves. Drones bring, literally, a new dimension to this problem, allowing individuals to easily transport banned items such as drugs and paraphernalia, cell phones, pornography, and weapons—dropping them in prison yards or even ferrying them directly to a recipient’s window. Law enforcement officials are especially concerned that drones may be used to drop firearms into prisons. One plot was foiled in 2015 that involved a plan to ferry a gun, among other things, behind the walls of the Western Correctional Institution in Maryland. The problem is widespread, with reports surfacing of drone-smuggling in more than a dozen states. The rate of their detection is increasing at an alarming clip. In Georgia, one journalistic investigation revealed that prison officials detected 35 drones in the airspace above state prisons in the first half of 2017—compared with just three such incidents reported over the prior three years.
The dangers these illicit package deliveries pose are real. A 75-inmate brawl broke out at the Mansfield Correctional Institution in Ohio when a drone dropped a package containing tobacco, marijuana, and heroin into the prison yard. One inmate was recently able to escape a South Carolina maximum-security facility using a pair of wire cutters delivered by drone. If a gun is successfully smuggled into a prison, officials fear it could spark a riot that would endanger the lives of inmates, prison guards, and other personnel.
International drug cartels are employing drones to further their criminal conspiracies and trafficking activities across the border. In 2017, U.S. Border Patrol agents intercepted a drone carrying 13 pounds of methamphetamine, worth $46,000, at the San Diego border. Authorities arrested Jose Edwin Rivera, who said he had done this five or six times before. In a 2016 article, John Sullivan and Robert Bunker noted that cartels have been using UAS with increasing frequency and effectiveness. According to their research, an estimated 150 drones crossed the border from 2012 to 2014—a rate of about four drones per month. That rate may be accelerating: According to Border Patrol agents, 13 drones were spotted in November of 2017, though it is likely that many more drones went unnoticed.Sullivan and Bunker note that “narcodrones” are being used not only for smuggling but also reconnaissance and surveillance—to enhance their operations on the border. While they note that cartels have not yet used drones as weapons platforms, this will become more likely in the near future. Indeed, Mexican police seized a drone fitted with a bomb in 2017.
Threats to Manned Aviation
In February 2018 a helicopter flying at low altitude near Charleston, South Carolina, struck a tree and crashed after its pilot reported sighting a small quadcopter approaching the aircraft, and attempted to evade it. That incident, presently under investigation by the FAA, may be the first in which a manned U.S. aircraft has crashed after a close encounter with a drone. Just a few months earlier, however, a U.S. Army Black Hawk helicopter detailed to provide security for a U.N. General Assembly meeting struck a drone 300 feet above sea level, sustaining damage to its rotor. The drone was operating despite an FAA-imposed temporary flight restriction, and was flying well beyond the operator’s visual line of site, two conditions barred by Federal Aviation Regulations (FARs) governing drone activity. Additionally, it is a federal crime to damage an aircraft, punishable by a fine and up to 20 years in prison.
Nobody was injured in these incidents, but the specter of a mid-air collision resulting in the loss of life is a growing concern, particularly as the number of drones populating U.S. airspace grows. Federal Aviation Administration (FAA) data reveal that pilots reported 1,698 drone sightings in the first nine months of 2017, a 24.49 percent increase in sightings compared to the same period in 2016. Though critics correctly point out that only a tiny fraction of these cases were reported as “near misses” requiring any type of evasive action—and that the FAA data does not distinguish unlawful flights from flights pursuant to FAA-issued airspace authorizations for operations near airports—the fact remains that drones are illegally flying in airspace reserved for manned aviation, including in the densely packed airspace used for take-offs and landings. Alarming videos shot from drones flying in close proximity to manned aircraft, in airspace and at altitudes clearly not permitted by FARs, confirm this. Maintaining the integrity of the airspace is a critical consideration for aviation safety, particularly in light of recent simulation studies suggesting drones can cause more damage to airframes and jet engines than similarly sized birds.
Ultimately, it is clear that drones, like so many technological innovations before them—firearms, automobiles, computers, and cell phones—can become tools for criminal and terrorist activity. Federal, state, and local officials involved in both law enforcement and national security activities are in need of comprehensive counter-UAS capabilities that will permit both the detection and interdiction of hostile or dangerous drones threatening public safety, critical infrastructure, and national security. Presently, few cost-effective solutions exist, and fewer still have been deployed by government agencies, owing to a combination of factors that include concerns about the legal authority to interdict drones, the cost and complexity of systems, and uncertainty regarding the best means of engaging drone threats in populated areas.
Further complicating matters, UAS and CUAS technologies are immature and rapidly evolving, making it difficult to predict which interdiction technologies will prove the most effective investment of public resources. Even once the technology matures, it is reasonable to assume that bad actors will work to overcome CUAS defenses, forcing defenders to continue innovating to remain ahead of the threat.
CUAS will be complemented by UAS traffic management (UTM) systems presently in development by the FAA, NASA, and private-sector partners. UTM will give officials the ability to control low-altitude UAS traffic patterns, define restricted airspace, and selectively grant or deny access to controlled areas. As described by NASA, UTM systems could come in two main variants: “portable” and “persistent.” The former could be transported to a particular location—a disaster area, for example—and manage UAS traffic in proximity to the site. The latter would provide continual coverage for a given area, such as the dense, low-altitude airspace above metropolitan areas.
UTM, in combination with the FAA’s forthcoming rule on remote identification and tracking of UAS (remote ID), will make it possible to remotely identify lawfully operated drones and define where and when they may fly—two capabilities that will be essential to providing security against hostile or dangerous UAS. Consequently, all drones flown in U.S. airspace, and which are capable of posing a substantial risk to people or property, should be fitted with equipment necessary for compliance with remote ID and UTM, including mandatory geo-fencing software designed to prevent drones from entering restricted airspace without proper authorization.
U.S. and foreign militaries have demonstrated an ability to interdict drone activities in combat conditions. In one incident described by the head of the U.S. Army Training and Doctrine Command, a U.S. ally used a Patriot missile to shoot down a small quadcopter. Recently, a first-of-its-kind swarm attack of crude, fixed-wing drones was launched by Syrian rebels against Russian forces in western Syria. The U.S. military is working to develop cost-effective means of engaging inexpensive, easily replaced UAS, and is experimenting with a variety of weapon systems that could provide U.S. forces with dedicated CUAS capabilities.
Many of these systems were designed for the battlefield and are not viable options for use in domestic airspace above populated areas. To fill that gap, a multitude of private-sector solutions are emerging. Several federal agencies are actively involved in trials of drone detection and CUAS platforms. For example, the FAA is presently utilizing Cooperative Research and Development Agreements “to evaluate the small UAS detection and identification capabilities [offered by manufacturers], using different methodologies and systems on and near airports.” The goal of the program is to evaluate various technologies for effectiveness and ability to operate in an airport environment with a minimum of disruption to aviation traffic and communications systems.
In 2015, the Department of Homeland Security worked with Major League Baseball (MLB) officials to deploy a drone detection system during that year’s All-Star Game. The system succeeded in using radar to detect nearby UAS, but owing to its cost and lack of an interdiction component, MLB officials decided to forego a potential post-season deployment. At least one state, North Dakota, is actively pursuing CUAS and drone detection research. In 2017, Governor Doug Burgum formed a special task force seeking to build on the state’s experience operating one of the seven FAA-authorized UAS Test Sites by setting aside separate airspace to test CUAS technologies.
At present, the principle tool available to most officials to intervene in the event a hostile or recklessly operated drone endangers public safety is most likely a sidearm, although other methods may be employed to avoid shooting at a drone, depending upon the situation. But the small size and high degree of maneuverability of drones makes hitting them difficult, while a successful hit—or even a round that misses the target—risks collateral damage from falling debris, or in more threatening scenarios, the inadvertent detonation of explosives or the spreading of chemical, biological, or radiological agents carried on board the drone.
Damaging or destroying a drone by any means, though, is considered a federal felony according to the FAA’s designation of all drones as “aircraft.” Even if it were lawful to shoot a drone, there are no established rules or best practices for distinguishing hostile from non-hostile drones, or for engaging them. Most federal, state, and local law enforcement officials have received no training in the CUAS space. Consequently, there is a risk of hesitation and confusion as to when and how to appropriately engage a UAS.
This lack of options, training, and, as will be discussed, authority represents a serious gap in CUAS capabilities that must be rectified.
What Does an Effective CUAS System Need to Do?
It is important to distinguish simple drone detection systems from a full CUAS platform. The former offers only an ability to locate and identify drones, whether through reliance on remote ID and UTM, dedicated sensors, or both. The latter adds a countermeasures function, allowing operators who detect an unauthorized or hostile drone to then interdict, deflect, seize control of, disable, or destroy it. There are likely a range of missions and purposes for which simple detection will be satisfactory.
Missions related to law enforcement and national security, such as safeguarding the public or critical infrastructure, will require a CUAS capability, which should include the following:
- Independently detect drones operating in the vicinity of the system. Presently, the FAA is developing its remote ID requirement for small UAS that will, once established, require most drones in U.S. airspace to have a transponder-like capability to permit accurate identification and location. CUAS platforms should possess an ability to interface with remote ID and UTM systems to gather information about drones flying in close proximity to a protected venue or facility. However, CUAS should not be reliant on remote ID and UTM for detecting nearby drones, as bad actors could simply disable these systems (or build a homemade drone without them) and be rendered invisible. Rather, a CUAS platform should integrate a host of sensors—including radar, electro-optical, and infrared cameras, as well as acoustic sensors and frequency-scanning equipment able to detect signals common to drone command links—to maintain situational awareness.
- Locate and identify hostile drones. CUAS platforms should possess an ability to discern hostile and potentially hostile drone activity from background, nonthreatening flights. Using its sensors, the system should be able to: Pinpoint the location of a hostile drone; determine its operator’s location by tracing command link signals, if possible; and identify the type or types of drones that pose the immediate threat, through data acquired through remote ID or UTM systems, by identifying the types of signals it is emitting, or other means.
- Provide notice to/warn off a drone operator. In general, knowledge of the law is presumed, and UAS operators are obligated to understand relevant rules and restrictions. Therefore, in many circumstances, drones not complying with flight restrictions, FARs, or other applicable laws may be treated as presumptively threatening, allowing CUAS operators to dispense with a notice requirement. In the long run, UTM incorporating a robust, real-time, two-way communications capability will largely solve the question of notice, as it will afford law enforcement, aviation, and national security officials the ability to establish temporary or permanent zones of restricted airspace for UAS, immediately communicate this information to drone operators, and authorize or disallow particular drone operations. In the short term, policymakers will have to address the question of what constitutes satisfactory notice prior to taking action to damage, destroy, or seize a drone suspected of endangering public safety and determine when it is appropriate to use a CUAS platform to destroy or disable a drone without prior notice.
- Provide CUAS operators with a countermeasures ability. Current countermeasures technologies fall broadly into two categories: kinetic and nonkinetic. Kinetic countermeasures use physical means to seize, disable, or destroy a drone. Examples include drone-capturing net guns and interceptor drones fitted with nets, birds of prey, and projectiles or firearms. Nonkinetic countermeasures feature a wide variety of technologies that include devices intended to jam a drone’s control link or GPS signal; hacking tools used to seize control of a drone from its operator or override autonomous programming; high-power microwave or high-power electromagnetic weapons that “fry” a drone’s electronics; laser weapons; and even sonic weapons. There is no single method of interdicting drones that will be effective in every case or suitable for use in every operational environment. As a result, an effective CUAS system will likely have to provide its operators with a range of countermeasures to address the likelihood that one or more may fail—or may be countered by malicious operators.
Research and testing will have to be done to determine the appropriate and most effective combination of countermeasures for a specific site or category of sites, based on the surrounding environment and an assessment of the types of threats it is likely to face. Federal regulations establishing acceptable degrees of, and protocols for, interference to radio and wireless communications will be needed to allow CUAS operators to take appropriate actions in exigent circumstances. Federal agencies will need to develop, publicize, and train responsible CUAS operators on clear rules of engagement that define when it is reasonable and appropriate to use a CUAS platform’s range of countermeasures functions, up to and including the possible use of firearms or other destructive means to stop a threatening drone. Such rules will be necessary to ensure that CUAS platforms are used to engage exigent threats properly, promptly, and consistently, and that risks of collateral damage are minimized.
Given the novel nature of CUAS technology, its many “unknown unknowns,” the clear federal laws and interests such systems implicate, and the lack of expertise in drone interdiction among local and state law enforcement agencies, the initial deployment of CUAS systems would best be accomplished under federal direction and supervision. However, in the final analysis, federal agencies lack the manpower and resources to directly guard every critical facility or high-value target in the nation. Much of this responsibility will ultimately fall, as most routine law enforcement operations always have, to state and local officials who will eventually need independent authority to deploy and operate CUAS systems. Therefore, the goal of the early roll-out should be the development of core competencies and training programs in CUAS operations for both federal and state and local agency partners, to facilitate broader future deployments.
Having addressed the question of how hostile drones might be countered, policymakers must confront the question of whether current law permits law enforcement agencies to engage in CUAS operations. A number of agencies have equities in the counter-drone space, but few have unquestionable authority to interdict drone operations, owing to a plethora of existing laws and regulations that restrict when and how hostile drones may be combatted.
Agencies with Existing Authorities
Department of Defense. In addition to its whole range of military responsibilities outside the U.S., the DOD is responsible for defending its military installations and assets at home. The DOD and the Department of Energy (DOE) are the only federal agencies empowered by statute to counter hostile drones and are obligated to do so in consultation with the Secretary of Transportation. In the 2017 NDAA, Congress included two sections that allow the DOD and DOE to “[u]se reasonable force to disable, damage, or destroy the unmanned aircraft system or unmanned aircraft,” as well as undertake other actions such as disrupting a drone’s command link or taking control of the aircraft. Congress expanded this authority in the 2018 NDAA, “[n]otwithstanding section 46502 of title 49, or any provision of title 18”—code sections that deal with, among other things, aircraft piracy, the damaging or destruction of an aircraft, and interfering with certain types of communications. The DOD can exercise this authority at any facility related to:
(i) nuclear deterrence, including with respect to nuclear command and control, integrated tactical warning and attack assessment, and continuity of government;
(ii) missile defense;
(iii) national security space;
(iv) assistance in protecting the President or the Vice President (or other officer immediately next in order of succession to the office of the President) pursuant to the Presidential Protection Assistance Act of 1976 (18 U.S. Code 3056 note);
(v) air defense of the United States, including air sovereignty, ground-based air defense, and the National Capital Region integrated air defense system;
(vi) combat support agencies (as defined in paragraphs (1) through (4) of section 193(f) of this title);
(vii) special operations activities specified in paragraphs (1) through (9) of section 167(k) of this title;
(viii) production, storage, transportation, or decommissioning of high-yield explosive munitions, by the Department; or
(ix) a Major Range and Test Facility Base (as defined in section 196(i) of this title).
Based on such authorization the DOD has issued classified guidance allowing the military to shoot down potentially hostile drones to protect “its installations, its aviation and its people.” This authority has limitations and does not cover all military installations, leaving some military facilities without authority to counter a hostile drone. Though some military officials might act in a moment of impending attack, the lack of clear authority and dedicated CUAS systems will leave parts of the DOD woefully unprotected. The DOD needs the ability to protect its personnel, equipment, and facilities, and Congress should expand its authorities to allow this.
Department of Energy. The DOE’s national security missions include defense of nuclear facilities, materials, and technologies, as well as broader protection of the energy sector and electric grid. The DOE possesses identical authority as the DOD to “use reasonable force” against a UAV over any facility designed “to store or use special nuclear material,” defined in law as grades of uranium or plutonium useable for fuel in nuclear reactors. However, the Secretary of Energy lacks the authority required to protect its personnel and its full range of facilities, and Congress should expand its authorities to allow this.
Department of Homeland Security. DHS takes a leading role in various homeland security, immigration, and counterterrorism missions. It oversees the protection of U.S. critical infrastructure in conjunction with other departments and agencies such as the Departments of Energy, Defense, Transportation, Health and Human Services, Agriculture, and Treasury, as well as the Environmental Protection Agency and the General Service Administration. Though charged with various security and immigration duties, nowhere in statute does DHS have the explicit authority to use force or electronic means to combat an unmanned aircraft.
While several DHS components, such as the Coast Guard or Customs and Border Protection, have authorities that could be construed as allowing them to use force against a drone, and DHS officers would likely act to defeat a hostile drone if necessary, even without explicit authority, Elaine Duke testified before the Senate Homeland Security and Governance Affairs Committee that “we lack the authorities needed to counter threats from unmanned aerial systems (UAS). We know that terrorists are using drones to conduct aerial attacks in conflict zones, and already we have seen aspiring terrorists attempt to use them in external operations. Yet DHS and many other departments and agencies do not have the appropriate legal authorities to engage and mitigate these threats in the way we should.” Responding to a question from Senator John Hoeven (R–ND), Secretary Duke testified specifically that DHS lacked “the ability to interdict[,] if you will, the signals” of a potentially hostile drone and further stated that “because it’s a new threat, the specific authorities to monitor these drones does not exist generally.”
Department of Justice. There are abundant federal statutes and regulations that may conceivably apply to drone operations, ranging from the federal criminal statutes and civil rights laws to anti-hacking and privacy laws. But none apparently grant the Bureau of Prisons or the other law enforcement agencies within the DOJ—the Federal Bureau of Investigations, the U.S. Marshals, the Drug Enforcement Administration, and the Bureau of Alcohol, Tobacco, Firearms, and Explosives—an exemption from otherwise applicable laws that restrict hostile drone interdiction. And it is unclear which, if any, technologies are most appropriate for implementation in law enforcement CUAS activities.
Some hope that current Justice Department policies and U.S. Supreme Court case law would shield from liability any law enforcement officer who did have to act to protect himself and the public by interdicting a hostile drone, provided he did so in an objectively reasonable manner. But current law does not provide adequate certainty to ensure appropriate CUAS actions are taken if and when necessary. Congress must provide appropriate CUAS authorities for federal law enforcement agencies.
Federal Communications Commission (FCC). The Federal Communications Commission is an independent agency that regulates the nation’s interstate cable, radio, satellite, television, and wire communications infrastructure. Several federal laws and regulations prohibit operating, marketing, or selling signal “jamming” devices that have been recognized as potential CUAS tools because they interfere with cellular communications, radar, global positioning systems, and wireless networking services.
Current law allows the U.S. government “or any agency thereof,” to use such devices and systems which “shall be developed, procured, or otherwise acquired…under United States Government criteria, standards, or specifications designed to achieve the objectives of reducing interference to radio reception and to home electronic equipment and systems, taking into account the unique needs of national defense and security.” Federal law also authorizes the government to seize unlawful equipment.The FCC should work with Congress to determine the scope of CUAS jamming regulations for law enforcement.
Federal Aviation Administration. The Federal Aviation Administration, part of the Department of Transportation, regulates aircraft operations in the National Airspace System (NAS), including drone operations, to protect persons and property in the sky and on the ground, and to promote safe, efficient air commerce and national security. The FAA is authorized to take civil enforcement action against persons who violate Part 107 rules that govern visual-line-of-sight drone operations; the federal rules for recreational operations; and against anyone operating drones in a reckless manner that endangers the integrity of the NAS or another person’s life or property. The FAA may also enforce, at times in conjunction with the DOJ, federal drone registration requirements.
The FAA has taken a pragmatic approach to drone enforcement. It is responsible for enforcing FARs applicable to UAS. The FAA “recognizes though that State and local Law Enforcement Agencies (LEA) are often in the best position to deter, detect, immediately investigate, and, as appropriate, pursue enforcement actions to stop unauthorized or unsafe UAS operations.” Given that dynamic, many of the same authorities that will be granted to agencies at the federal level should also migrate to the state and local level.
Perhaps the most critical role played by the FAA in the CUAS context will be its responsibility to set and enforce flight restrictions designed to protect special events and sensitive operations such as the Super Bowl, certain law enforcement activities, and presidential movement. These flight restrictions also apply to UAS, and in recent months the agency has established a series of “no drone zones” around national monuments and other sites. These restrictions may serve as the core of future CUAS activities, defining the regions within which only authorized drone traffic will be permitted.
State and Local Law Enforcement
Due to the dramatic growth in drone operations, state and local law enforcement will eventually bear the brunt of unlawful drone operations for the same reason that so many of society’s other problems fall on state and local police: They are the front line of government. This is no different in the context of UAS. State and local law enforcement agencies are already responsible for enforcing state criminal laws that apply to drone operations. They are typically the first government agencies to engage major threats to public safety. A number of major police departments have developed counterterrorism units that work with federal agencies. And every state has a clear interest in protecting its own critical infrastructure and residents.
The FAA has issued guidelines to state and local police, both to aid them as well as to seek their help in the following key UAS-related areas: identifying and interviewing unlawful operators and witnesses of unlawful operations; observing and recording the facts of unlawful operations; collecting evidence of unlawful operations, including photo and video information; understanding the location and purpose of temporary flight restrictions; and notifying the nearest FAA Regional Operation Center of any suspected violation of federal law. This list of requests reflects the fact that, when the average person observes what he suspects to be a hostile drone, his natural response is to call the local police rather than a federal regulatory or law enforcement agency.
Thus, while it is first necessary to develop CUAS authorities and capabilities for federal military, national security, and law enforcement agencies, the role of non-federal law enforcement in responding to terrorist and criminal threats must be addressed. As the government increases federal agency authorities for countering hostile drones, it must recognize that much of the burden for enforcement will fall to the state and local levels, who also need CUAS authority, as well as access to equipment and training as resources become available.
Legal Barriers to CUAS Operations
As discussed above, there are several federal legal obstacles to CUAS operations. They include the following:
- 18 U.S. Code § 32: Prohibits damaging or destroying an aircraft.
- 18 U.S. Code § 1362: Prohibits willful or malicious interference with U.S. government communications.
- 18 U.S. Code § 1367(a): Prohibits intentional or malicious interference with satellite communications.
- Title 47: Requires radio transmitter operators to be licensed or authorized; prohibits willful interference with radio communications of any station licensed, authorized, or operated by the U.S. government; and prohibits using or generally dealing in (except by the U.S. government) any signal “jamming” devices.
- 49 U.S. Code § 46502: Prohibits “seizing or exercising control of an aircraft...by force, violence, threat of force or violence, or any form of intimidation, and with wrongful intent.”
- The Computer Fraud and Abuse Act: Creates a long list of crimes prohibiting conduct that affects a computer that is “used in or affecting interstate or foreign commerce,” including threatening to damage a computer with the intent to extort anything of value; “knowingly caus[ing] the transmission of a program, information, code, or command, and as a result of such conduct, intentionally caus[ing] damage without authorization”; unauthorized access with intent to defraud or in combination with destroying, damaging, or altering information; and trafficking in “any password or similar information.”
- The Wiretap Act: Prohibits the use of “any electronic, mechanical, or other device” to intentionally intercept, attempt, or have someone else intercept the contents of an electronic, wire, or oral communication; disclosing (or attempting to disclose) the contents of any such communication obtained by unlawful interception; and intentionally using or attempting to use the contents of any such communication. Additional federal privacy laws and regulations may relate to drone surveillance.
- The Pen Register Act: Generally prohibits the installation or use, without a court order, of pen registers—including any device that “records or decodes” signaling and other information transmitted by electronic communications—or a trap and trace device, including any device capable of identifying information that reveals the source of an electronic communication by capturing an incoming impulse.
- Aviation regulations: For example, 14 CFR § 107.12 and § 107.19(a) require anyone controlling a drone to be the designated pilot in command with a remote pilot certificate, or a person under his or her immediate supervision, raising the possibility that a CUAS operator would also have to be licensed remote pilot.
To overcome these and other restrictions scattered throughout the United States Code and the Code of Federal Regulations, Congress should build upon and expand its prior, limited grants of CUAS authority to the DOD and DOE in the NDAAs of 2017 and 2018. As mentioned previously, the NDAA of 2018 afforded DOD officials limited CUAS authorities “[n]otwithstanding section 46502 of title 49, or any provision of title 18.” While this approach may serve as a model, as presently enacted it is inadequate for the task at hand and will need to be expanded in two ways.
First, the list of agencies with CUAS authority should grow beyond the DOD and DOE to include the DOJ and DHS, and other federal law enforcement agencies. Second, these agencies will require broader authority to acquire and use CUAS technologies to:
- Protect national security and public safety,
- Defend airspace above and around federal sites and facilities,
- Safeguard manned aviation,
- Police U.S. borders,
- Enforce flight restrictions,
- Support law enforcement activities, and
- Further other federal interests as may be necessary.
The authority to use CUAS should be granted notwithstanding all identified legal barriers to CUAS operations. In this way, Congress could, with a single legislative act, provide the necessary statutory exemptions for military and federal law enforcement agencies to begin employing the full range of CUAS technologies now being developed.
Simultaneously, Congress could also lay the groundwork for the eventual broadening of CUAS technologies to state and local law enforcement agencies—a necessary development—by establishing a program to pilot the deployment of CUAS platforms to select state and local agencies—after federal agencies develop the necessary rules and regulations. A potentially valuable model for accomplishing this may be drawn from the Department of Homeland Security’s existing “287(g) program.” The 287(g) program authorizes the Director of Immigration and Customs Enforcement to enter into agreements with state and local law enforcement organizations to deputize designated officers to permit them to aid in enforcement of federal immigration laws. Local law enforcement officers acting in a 287(g) capacity are “subject to the direction and supervision” of federal immigration officials and are “considered to be acting under color of Federal authority.”
To enter into a 287(g) agreement, state or local law enforcement organizations sign a memorandum of agreement with the DHS to define “the scope and limitations of the delegation of authority.” Officers that are selected to participate in the 287(g) program must attend a four-week training program and a one-week refresher course every two years. Delegated authority, subject to federal training and supervision, would allow for the early rollout of CUAS technologies beyond the federal government, balancing the need to expand CUAS capabilities with the need to provide expertise and supervision to ensure these capabilities are properly used.
To facilitate the broad adoption and use of beneficial UAS technology, policymakers must take steps to allow the development and deployment of effective CUAS platforms able to guard against the dangers posed by reckless or malicious drone users. To accomplish this goal, Congress should take the following steps:
- Provide appropriate federal agencies with CUAS authority. While some agencies have explicit CUAS authority, others do not, and in fact appear to be barred by law from engaging in some CUAS functions. While it is likely that some security personnel would act to neutralize a hostile drone without explicit authority, the status quo is confusing and could lead to inaction, inconsistent responses, unpreparedness, or harmful unintended consequences. To rectify this, Congress should build upon the approach already undertaken in the NDAAs of 2017 and 2018, and do the following:
- Grant authority to the heads of the DOD, DOE, DHS, DOJ, and DOT to identify appropriate federal assets and other facilities within their jurisdictions which are in need of CUAS capabilities, prioritizing the highest-value installations.
- Require the DOT to impose appropriate UAS flight restrictions around these protected assets and facilities, if no such restrictions have been imposed.
- Authorize federal law enforcement and national security agencies, notwithstanding all identified legal barriers to CUAS activities, to utilize CUAS platforms to enforce established flight restrictions. CUAS operators must have authority to engage in the following actions:
- Detect, identify, monitor, and track UAS, including by intercepting communications or sensors designed to locate and identify drones;
- Provide a warning to the UAS operator, whether by means of UTM or other methods; and
- By kinetic or nonkinetic means, disrupt, disable, seize control of, or destroy UAS deemed a threat by the CUAS operator.
- Provide appropriate exemptions to private firms developing CUAS technologies. The development of effective CUAS capabilities will require substantial research and development by private-sector actors—activity that could be chilled by statutory and regulatory prohibitions on the manufacture, marketing, or sale of critical CUAS components, such as jamming technology, to non-U.S. government agencies. Congress should provide CUAS developers with appropriate exemptions, so as to facilitate innovation and eventual adoption by state and local law enforcement agencies. To the extent necessary, specific DOD ranges and experimental facilities should be leveraged to accomplish this goal.
- Develop and promulgate “rules of engagement” and other CUAS regulations. Congress should condition the use of CUAS platforms on the prompt completion of preliminary departmental policies governing their use. These initial policies should be designed to facilitate testing of CUAS platforms and rules of engagement, to inform the development of final departmental policies and rules of engagement for federal CUAS operators, as well as related regulations. Congress should provide a reasonable statutory deadline for the promulgation of these rules. After that deadline, the authority to use CUAS would expire unless and until final policies governing CUAS operations are promulgated. CUAS policies should be designed to ensure prompt, predictable, and consistent use of the technology while minimizing the risk of collateral damage and interference with spectrum used for navigation and communication. Given the diverse missions of federal national security and law enforcement agencies, each should be allowed to develop, in consultation with the others, its own set of CUAS rules and regulations, with an emphasis placed on developing rules that are compatible and consistent.
- Codify safeguards for civil liberties. The civil liberties enshrined in the U.S. Constitution and Bill of Rights, and expanded through statutes and case law, are another major factor for developing CUAS authority, particularly with regards to seizing, commandeering, or destroying a UAS. Law enforcement agencies should establish departmental policies for those uses of CUAS tools. Current NDAA language and police department drone use policies provide useful starting points for developing CUAS policy that leverages the benefits of technology while protecting civil liberties. While law enforcement officers may interdict a UAS that they have probable cause to suspect is in violation of law, CUAS policies should emphasize that when public safety concerns require law enforcement officers to seize, commandeer, or destroy a drone, whenever possible they should notify the operator of an impending violation of law and provide some meaningful opportunity for the operator to respond appropriately (such as by changing course or lowering to the ground) prior to interdiction. Policymakers should address the question of notice requirements in the event that a UAS is not remote-ID-capable.
- Create a CUAS pilot program. Many large public events and critical infrastructure facilities beyond federal installations will need protection from drone-based attacks. Congress should create a pilot program modelled after the 287(g) program, which would allow the DHS to enter into agreements with state and local law enforcement agencies to train and deputize particular officers to fulfill CUAS responsibilities under the direction of federal authorities. The pilot program should start after the completion and promulgation of CUAS regulations and rules by the Department of Homeland Security, and all program participants would be subject to these regulations. The pilot program should require the DHS to enter into agreements with a variety of different local partners, using an array of approved technologies at diverse venues and facilities.
- Use best practices and lessons to broaden the pilot into a national program. Upon the conclusion of this pilot program, the DHS, in consultation with the FAA and DOJ, should issue a report documenting the findings of the pilot and the best path forward for CUAS authorities and technologies to be made more widely available to law enforcement and critical infrastructure operators. This report must answer several critical questions regarding the future of CUAS authorities and use:
- Is the delegated-authority model the correct model for a nationwide expansion of the program?
- Using a risk-based analysis, what types of critical infrastructure and other facilities are most likely to need CUAS defenses? Should different types of facilities be limited to certain types of CUAS? And how should CUAS operators and platforms communicate with each other?
- Should non–law enforcement authorities, such as the operators of critical infrastructure, be allowed to operate CUAS? If so, what limitations and requirements should be placed on them? If not, how can CUAS capabilities be extended to such facilities?
- Provide funds for CUAS deployment and training. Federal agencies responsible for the security of government installations should acquire appropriate CUAS systems. A portion of the Homeland Security Grant Program should be redirected to provide moderate grants to local agencies participating in the pilot program to support the acquisition of CUAS technologies, though Congress should limit the number and monetary value of such grants. Other grant programs, such as the Justice Department’s Byrne JAG program, should also be leveraged to support the CUAS pilot. Additionally, Congress should be prepared to allocate funds for the establishment of a law enforcement training program for state and local law enforcement to develop competencies in the use of CUAS systems upon the completion of the pilot program.
- Require broad adoption of UTM capabilities for drones in the NAS. A broad capability to remotely identify, track, and manage the flight paths of UAS operating in the NAS is required to effectively address safety and security concerns, as well as to aid CUAS operators in discerning hostile from non-hostile UAS. Congress should require the FAA to promptly promulgate a final rule on remote identification and tracking, as well as the development of industry standards to permit CUAS platforms to interface with remote ID and UTM networks to provide UAS pilots with notice prior to interdiction. The development and deployment of robust UTM systems should be prioritized and expedited. Congress should require all drones capable of posing a substantial risk to people or property to be remote-ID and UTM-compliant.
- Ensure model aircraft are covered by UTM regulations. Section 336 of the 2012 FAA Modernization and Reform Act, the “Special Rule for Model Aircraft,” shields many recreational UAS operators from additional FAA regulation. Congress should amend this section to allow the application of the FAA’s forthcoming final rule on remote identification and tracking, as well as future UTM regulations, to be broadly and retroactively imposed on drone operators.
Conclusion: Drones and the Friendly Skies
Drones are increasingly providing significant benefits and services, ranging from lifesaving search-and-rescue functions to recreational sports videography to emerging commercial package delivery. Unfortunately, human creativity is not limited to legal or constructive purposes. While nation states were the first to use drones as tools of warfare, terrorists and criminals are now exploiting the growing capabilities of consumer-grade devices for their own nefarious purposes. The U.S. government must be prepared to counter hostile drones from these and other bad actors by unleashing the power of the private sector to develop a range of different CUAS technologies. Federal law enforcement and security officials must be trained in the use of CUAS, with these capabilities and training also spreading to state and local law enforcement.
Facing the threat posed by hostile UAS does not require extreme restrictions on lawful personal or commercial drone use, but instead requires dedication by all levels of government to encourage the development, acquisition, and proper use of CUAS. Such dedication will ensure the skies remain a vibrant and secure domain for recreation, travel, and commerce.
—Jason Snead is Senior Policy Analyst in the Edwin Meese III Center for Legal and Judicial Studies, of the Institute for Constitutional Government, at The Heritage Foundation. John-Michael Seibler is Legal Fellow in the Meese Center. David Inserra is Policy Analyst for Homeland Security and Cyber Policy in the Douglas and Sarah Allison Center for Foreign Policy, of the Kathryn and Shelby Cullom Davis Institute for National Security and Foreign Policy, at The Heritage Foundation.