The right way to regulate drone privacy
On August 6th, I had the honor of testifying in front of the California State Assembly Public Safety Committee on regulation of drones, by the state of California. The committee is considering several bills that have been introduced on the regulation of drones particularly with respect to privacy and law enforcement use.
The committee discussions, hopefully indicative of the general tone of legislators everywhere:
The committee seemed to be wrestling with several questions about where to start. Many wondered what exactly is a drone (Good luck! If anyone figures out a clear definition let me know!) and what the capabilities of this class of technology are. I hope that the message that came through from the witnesses is that “drones” are not distinct from other vehicle and sensing technologies, but are just a subset of the flying class of these technologies, and that their capabilities are similar to manned platforms of the same class. I was also very pleased to see that the committee was eager not to foreclose beneficial uses of the technology. Some of the committee members specifically cited my company, TerrAvion, as an example of they type of application they wanted to avoid regulating.
The committee and the witnesses all recognized that air safety is regulated by the FAA, but that the states can impose additional regulations on privacy, particularly in law enforcement. If we are to live in a democracy, there have to be limits on the government’s ability to collect information on citizens. However, I think that the thoughtful testimony of Sheriff Geoff Dean of Ventura County pointed to the fact that law enforcement agencies are ready for the challenge of using new technology under the supervision of the courts and elected officials in a way that is focused on creating real community benefits and that is not generally invasive – even to people who might be kind of sort of breaking the law, by speeding or possessing marijuana here in California, for example.
Principles for regulating drones:
Uniformity: I believe that greater regulation of surveillance by the government is required. Some of the things western intelligence agencies are doing are terrifying. As a patriot and a veteran, I am dismayed at how our government relates to collecting data on its own citizens. As a drone operations leader who has participated at the pointy end of the intelligence spear in Afghanistan, I can tell you that cellphone and e-mail monitoring represents an exponentially greater threat to democracy than having a whole fleet of drones at the government’s beck and call. When we make privacy regulations, let’s regulate what information individuals and the government can collect, not how they collect it. The platform that is used to collect the information should not matter. If I can’t collect information with a plane, then I shouldn’t be allowed to collect it with a cellphone camera either.
Moreover, private individuals ought to have the same right to collect information that the government does. In practice this might mean that if the government can fly a drone, I as a private citizen should be able to fly a drone. If the government can issue a subpoena (or national security letter), I as a private citizen should be able to discover those same records in litigation for things that have nothing to do with national security. There should be uniformity, no institution should be sitting in privileged position, if there are extra steps for government uses of data, I’m okay with that.
Regulate Late in the Information Cycle: A corollary to the idea of regulating uniformly, is to regulate late in the information cycle. One of the key ideas of modern information networks is the idea that the information cycle is being modularized. This modularization means that instead of a single organization that delivers “the answer” through all the steps, a decision-maker can change one part of the process at a time to deliver better results. The implication of this is that collection is likely to be used in many unanticipated ways. Regulations that are targeted “upstream” in the data cycle are likely to become obsolete and quickly generate unintended effects. If legislators are looking curtail specific negative effects of data collection, they should target them later in the information cycle, most importantly at taking actions.
I love the United States’ robust take on personal freedom. Taking our cherished rights and freedoms into the digital age is going to require hard, thoughtful work from legislators, voters, and public and private officials. I hope the robotics community wakes up to the fact that data collection and privacy are not just drone issues, but issues that we share across domains and with other data-rich technology sectors. I am heartened by my participation thus far in our democratic process; it seems like people are really working to accommodate each other’s concerns and arrive at a future that we will all be happy to live in.