On Monday, May 16, 2016, the Supreme Court of the United States issued its highly anticipated opinion in Spokeo, Inc. v. Robins, a case that examined the question of whether a plaintiff who ...25 May 2016
NTIA Launches Multistakeholder Process to Develop Privacy Best Practices for Commercial and Private Unmanned Aircraft Systems
As we previously reported, the NTIA action follows the White House’s February 15 Presidential Memorandum directing NTIA to lead private sector groups toward the creation of commercial UAS standards. Companies will be free to choose whether to participate in any resulting code of conduct or standards. However, by an individual company so publicly committing, it might then become subject to Federal Trade Commission (FTC) enforcement if it then fails to do so. The FTC’s enforcement authority would be based on its jurisdiction to enforce an unfair or deceptive trade practice under Section 5 of the FTC Act, although FTC enforcement authority might not be the right approach for all entities in the UAS ecosystem, for example, UAS manufacturers or those involved in business-to-business UAS services.
Comments will be due 45 days from publication of the questions in the Federal Register. The NTIA is seeking comments from “all stakeholders, including the commercial, academic, and public interest sectors, lawmakers, and governmental consumer protection and enforcement agencies.” The NTIA has set forth a series of questions for public response. These include general questions, focused primarily on how the multistakeholder process should be structured, as well as more specific questions focused on privacy, transparency and accountability in UAS practices. The following sets forth NTIA’s questions verbatim.
- The Presidential Memorandum asks stakeholders to develop best practices concerning privacy, transparency, and accountability for a broad range of UAS platforms and commercial practices. How should the group’s work be structured? Should working groups address portions of the task?
- Would it be helpful to establish three working groups with one focusing on privacy, one on transparency, and one on accountability? Should such groups work in serial or parallel?
- Would it be helpful for stakeholders to distinguish between micro, small, and large UAS platforms (e.g., UAS under 4.4 lbs., UAS between 4.4 lbs. and 55 lbs., and UAS over 55 lbs.)? Do smaller or larger platforms raise different issues for privacy, transparency, and accountability?
- What existing best practices or codes of conduct could serve as bases for stakeholders’ work?
- UAS can be used for a wide variety of commercial and private purposes, including aerial photography, package delivery, farm management, and the provision of Internet service. Do some UAS-enabled commercial services raise unique or heightened privacy issues as compared to non-UAS platforms that provide the same services? For example, does UAS-based aerial photography raise unique or heightened privacy issues compared to manned aerial photography? Does UAS-based Internet service raise unique or heightened privacy issues compared to wireline or ground-based wireless Internet service?
- Which commercial and private uses of UAS raise the most pressing privacy challenges?
- What specific best practices would mitigate the most pressing privacy challenges while supporting innovation?
- Transparent UAS operation can include identifying the entities that operate particular UAS, the purposes of UAS flights, and the data practices associated with UAS operations. Is there other information that UAS operators should make public?
- What values can be supported by transparency of commercial and private UAS operation? Can transparency enhance privacy, encourage reporting of nuisances caused by UAS flights, or help combat unsafe UAS flying? Can transparency support other values?
- How can companies and individuals best provide notice to the public regarding where a particular entity or individual operates UAS in the NAS?
- What mechanisms can facilitate identification of commercial and private UAS by the public? Would standardized physical markings aid in identifying UAS when the aircraft are mobile or stationary? Can UAS be equipped with electronic identifiers or other technology to facilitate identification of UAS by the public?
- How can companies and individuals best keep the public informed about UAS operations that significantly impact privacy, anti-nuisance, or safety interests? Would routine reporting by large-scale UAS operators provide value to the public? What might such reporting include? How might it be made publicly available?
- What specific best practices would promote transparent UAS operation while supporting innovation?
- UAS operators can employ accountability mechanisms to help ensure that privacy protections and transparency policies are enforced within an organization. How can companies, model aircraft clubs, and UAS training programs ensure that oversight procedures for commercial and private UAS operation comply with relevant policies and best practices? Can audits, assessments, or reporting help promote accountability?
- What rules regarding conduct, training, operation, data handling, and oversight would promote accountability regarding commercial and private UAS operation?
- What specific best practices would promote accountable commercial and private UAS operation while supporting innovation?
We have been deeply involved with UAS legal and policy developments at the federal and state levels. We will be closely monitoring the NTIA’s process. If you would like to discuss the submission of comments or the process generally, we are available to help.
The French Data Protection Authority (CNIL) has announced its inspections program topics for 2016, with health data, flight passengers’ data, and data used for marketing and Internet...20 May 2016