Gov’t use of Chinese drones in limbo as Congress weighs ban
More than a year after the U.S. Interior Department grounded hundreds of Chinese-made drones it was using to track wildfires and monitor dams, volcanoes and wildlife, it’s starting to look like they won’t be flying again any time soon — if ever.
A measure moving through Congress would impose a five-year ban on U.S. government purchases of drones manufactured or assembled in China. It reflects bipartisan concerns that devices made by companies such as DJI, which is based in Shenzhen, China, could facilitate Chinese spying on critical infrastructure.
But a ban could create problems for government users, since DJI dominates the global market for the small, low-altitude drones used by hobbyists, photographers, and many businesses and governments. There aren’t many affordable and reliable alternatives, said Carrick Detweiler, the CEO of Drone Amplified, which provides fire suppression payloads to drones operated by Interior and the U.S. Forest Service.
“Everyone I talk to in the federal government is moving away from DJI whether or not these bills are passed,” said Detweiler, who is also a computer science professor at the University of Nebraska-Lincoln. “Everyone wants a U.S. system to be there and to work, it’s just that the U.S. drone industry was killed off by DJI a decade ago. It’s going to take three or four years before we’re at parity.”
The proposed ban was recently folded into the broader American Innovation and Competitiveness Act, which was nearing passage in the Senate before it was abruptly postponed Friday. While the ban wouldn’t go into effect until 2023, many federal agencies have already imposed temporary restrictions on the use of Chinese drones. Some have begun to phase them out entirely.
But the ban could create other headaches. Because it would also ban federal funds from being used to buy or operate Chinese drones, it could hit police departments that rely on federal help to field new equipment. The Department of Homeland Security started halting such grants for Chinese-made drones last year.
The Interior Department said it flew more than 11,000 drone flights in 2019 before temporarily grounding its drones over cybersecurity concerns at the end of that year. Its drone program has been largely on hiatus since then, except for some emergency flights that are granted a waiver. In March, it started to make it easier to fly emergency missions for wildland fire response and search-and-rescue operations.
Inside the government, the drone ban has met some resistance from officials eager to get their existing drone fleets back in the air for missions that don’t require secrecy. Some trade groups have argued that any drone restrictions should be based on specific security standards, not their country of origin.
A summary of a recent Pentagon report obtained by The Associated Press found “no malicious code or intent” in drone software made by DJI and used by the Interior Department. The report assessed software used to operate DJI’s “Government Edition” drones and some fixes that were made to address data leakage vulnerabilities found in earlier audits.
That May 6 document also made a big endorsement. “The DJI Government Edition versions that were tested, show no malicious code or intent and are recommended for use by government entities and forces working with US services,” wrote the author, Adam Prater, a technology expert and second chief warrant officer with the U.S. Army Special Operations Command.
Prater declined to comment, saying he wasn’t authorized to speak to the media. The Interior Department also declined to comment. In a statement, DJI spokesperson Adam Lisberg called the report summary “the strongest confirmation to date” of the safety and security of the company’s drones.
Outside experts, however, panned the Pentagon conclusions. “It’s clear that this software was not designed for security at all,” said Steven Aftergood, director of the Federation of American Scientists Project on Government Secrecy.
Mike Monnik, an Australian expert, said there’s a “dangerous” risk that outside agents could pull data off the drones given their many unfixed software concerns. Monnik, the chief technology officer at DroneSec, a firm that researches drone cybersecurity vulnerabilities, added that only cutting off the drones entirely from the internet could ensure the security of their data.
National security concerns about DJI drones have lingered since at least 2017, when a document from U.S. customs authorities alleged that the drones likely provided China with access to critical infrastructure and law enforcement data. DJI has repeatedly denied the allegations, but political concerns about Chinese technology accelerated amid President Donald Trump’s broader trade war against China.
Last year, the Pentagon began promoting American-made — and more expensive — alternatives to DJI. The Defense Department in August gave a seal of approval to California drone-maker Skydio, French tech company Parrot and three other firms to supply U.S.-manufactured drones to agencies across the federal government. But since then, the Pentagon has acknowledged that many military-grade drones still present risks because they rely on components made in China.
In December, the Commerce Department placed DJI on a list of blacklisted Chinese firms subject to export restrictions on national security grounds.
DJI has tried to counter such concerns, enabling an internet “kill switch” on more drones so that commercial and government users can halt data transmission on sensitive flying missions. Its products have been favored by many local and regional governments in the U.S. for their price and reliability, but a federal ban could damage its reputation among those buyers.
Aftergood said he could see a case for DJI only in situations where security isn’t a top concern.
“It depends on other factors like cost, performance, lifetime, ease of use,” Aftergood said. “But to the extent that security is a controlling factor, you’d want to think twice.”