Privacy & Cybersecurity Law Blog

As we previously reported, the Federal Aviation Administration’s (“FAA’s”) proposed “small drone rule” nears completion of the interagency review process, but one potential stumbling block has been removed, at least for now. On Tuesday, May 10, 2016, the U.S. Court of Appeals for the D.C. Circuit denied a request by the Electronic Privacy Information Center (“EPIC”) to review the FAA’s decision not to include privacy provisions in its Notice of Proposed Rulemaking for the Operation and Certification of Small Unmanned Aircraft Systems (“NPRM”), as well as its denial of an EPIC petition to the same effect. The court decided that there were no reasonable grounds for EPIC’s delay in filing for review of the FAA’s denial of EPIC’s 2012 petition that sought to cause the FAA to promulgate privacy regulations pertaining to drones. The court further concluded that EPIC’s challenge to the NPRM itself is premature, as the rule is not yet final.

In the NRPM, the FAA signaled that “[privacy] issues are beyond the scope of this rulemaking,” but that it would participate in the multistakeholder engagement process related to privacy and the operation of unmanned aircraft systems being led by the National Telecommunications and Information Administration. Consequently, and in light of the FAA’s opposition to EPIC’s petition and legal action, the final version of the NRPM is not expected to incorporate privacy provisions. EPIC has already indicated its intention to resume its challenge to the NRPM, if that indeed is the case.