James Clapper said in a Guardian article :
“In the future, intelligence services might use the [internet of things] for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials,”
That future he mentions has already arrived.
The method and ability to perform data gathering from a UAS is currently being leveraged every day. Just by creating a personal account with DJI, you willingly provided many details about yourself. Using a simple Google search the data mined by DJI from your provided flights (imagery, position and flight logs) and your audio can be accessed without your knowing consent.
Knowing is What You’ve Allowed DJI to Access About Your Flight Activities is Perhaps Just Half the Battle
The past several years has been an exciting with the amazing developments and availability of UAS technology. As with all things, there is always serious concerns with how a technology will be used. This applies to hobby and commercial UAS or drones.
Recently, the release of methods describing global data collection by intelligence agencies rocked the world. At times legitimate and also nefarious actors may utilize for example TV’s to record audio video information and other camera and listening systems to collect many forms of intelligence without your direct knowledge. It comes as no surprise that for many of us considering our own individual rights to control any data gathered about ourselves, the security ramifications affecting the individual have been the hot topic of the discussions surrounding the understanding of such programs.
I am now sharing that there is situation related to gathering of UAS-related information that has been ongoing for a length of time. It involves the use of DJI drones to collect audio, visual and telemetry data on all flights across the Globe. The details shared here are perhaps known to a limited number of the worldwide owners and users of the DJI technology. I feel that this sort of knowledge is something that every UAS pilot and every person/company/agency needs to understand related to your aerial missions.
For the millions of flights that have been flown using DJI systems across the World, many have been flown at or near highly sensitive locations. Infrastructure, stadiums, military installations, construction sites etc. Among these locations, the conversations between the pilot and client or even the background conversations can reveal an incredible amount of information about these highly sensitive locations. Possibly specific details about security or details of the structure or asset being flown that are never to be shared outside of the project. Critical infrastructure access and layouts are being captured every day. This information may be accessed by foreign actors that mean to harm the countries that these locations are in. The complete data record can be cataloged by pilot, region or location and a full report of the layout, security response, names of people will all will be revealed. Corporate espionage agents would love to have visual and audio details of that new system being captured by the drone in any industrial field of pursuit.
First let’s look at the magnitude of this concern here in the USA. The FAA produced a FAA FORCAST citing that there will be millions of hobby drones flying by 2020. The commercial drone numbers show that there might be over 300,000 flying as of today. That’s just the commercial end of the drone units this year.
Second, let’s consider exactly what is collected by DJI and why I have serious concerns about the use of this data.
If a pilot is using the DJI GO 4 app and uploads a flight record to the DJI server, using the default settings on the app, there are many details provided related to your UAS mission:
- Telemetry – Where the drone was flown including GPS coordinates, the altitudes, speed and other details of the aircraft’s performance.
- Video – If a video was recorded, a down sampled version is also provided to DJI showing what was recorded.
- Audio – When using a phone or tablet, the microphone recording of all conversations and sound are embedded with the video cache file as well. If the sensor has a microphone, it is shared it’s audio as well.
The combination of the above data produces a complete record of each and every flight EVER taken by your drone using the DJI application and drone. This information is stored on the DJI servers in the United States, China and Hong Kong.
Third, its good to consider that legitimate reasons do exist for the manufacturer to review some details of a flight’s record for their analysis of the aircraft’s actual performance and communication’s connectivity.
Personally, as the Chief pilot for arguably one of the largest commercial UAS service providers in the United States, such information can be invaluable to review an incident / accident that may occur with one of our flight operations team. It would provide the communication between pilot in command (PIC) and visual observer (V.O), the drone’s location, GPS signal of the drone and the video of what was recorded what was happening. This sort of information can be critical when working out all the factors that lead to any flight’s unintended outcome as well as ways to create lessons learned.
Important Information, right?
There is another side to this cache of data that carries with it a much more questionable purpose if DJI is gathering such information with intentions unknown to the DJI owner. DJI had mentioned in a press release last year about collected data DJI PRESS RELEASE and how it is shared. This is a quote directly from that release:
“Unless a customer has chosen to sync flight data via the DJI GO app or sent the aircraft back to DJI, we would have no flight data to provide. The policy is the same for requests from authorities in China, in the U.S., in Europe, and anywhere else in the world.
When you fly a DJI drone, nobody but you can see the live video feed or the recorded video it generates — unless you decide otherwise.”
If this is the stated case, then why would the Default settings on the DJI GO App share everything?
I strongly suggest every pilot read and understand this policy. Organizations that hire and utilize DJI products must be aware of what can be done with this collected information.
Here are some excerpts directly taken from the DJI GO 4 App policy:
In the section titled: “When We Disclose Information.
“We may preserve and disclose your information if required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a court order, judicial or other government subpoena, warrant or request, or to otherwise cooperate with law enforcement or other governmental agencies. Please note that if you conduct your flight in specific countries, your flight data might be monitored and provided to the governmental authorities according to local regulatory law.” *Bold added for emphasis*
“We may make certain aggregated, automatically-collected, or otherwise non-personal information about users of the DJI Go App available to third parties for various purposes, including (i) compliance with various reporting obligations; (ii) for business or marketing purposes; (iii) product safety analysis; or (iii) to assist such parties in understanding our users’ interests, habits, and usage patterns for certain programs, content, services, advertisements, promotions, and/or functionality of the DJI Go App and DJI products.”
Two more important sections:
We use certain physical, organizational, and technical safeguards that are designed to improve the integrity and security of personal information that we collect and maintain. Please be aware that no security measures are perfect or impenetrable and thus we cannot and do not guarantee that your information will not be accessed, viewed, disclosed, altered, or destroyed by breach of any of our physical, technical, or organizational safeguards.”
“International Visitors and Users
The DJI Go App connects to servers hosted in the United States, China, and Hong Kong. If you choose to use the DJI Go App from the European Union or other regions of the world, then please note that you may be transferring your personal information outside of those regions for storage and processing. Also, we may transfer your data from the U.S., China, and Hong Kong to other countries or regions in connection with storage and processing of data, fulfilling your requests, and providing the services associated with the DJI Go App. By providing any information, including personal information, on or through the DJI Go App, you consent to such transfer, storage, and processing.”
Third party dissemination is an absolutely frightening scenario.
The Unites States has well defined laws about privacy and wiretapping. Each State has a specific law as well. Eleven (11) States have an “All Party” consent law stating that an audio recording can only be made if all parties are made aware that they are being recorded. My colleagues across the world will have to help fill in the blanks for the rules or other countries and States. Many companies have strict security protocols defining what can be made accessible to outside organizations. Included in almost every Master Service Agreement (MSA) or Professional Service Agreement (PSA) there is a section that details how collected information is handled and the dissemination of that data is prohibited.
Just today, thousands of pilots took to the skies to capture many different scenes. Did they know that their every word may have been recorded and transmitted to other parties? Because they may not have individually looked into the terms of service or the settings on the GO Pro 4 app all of this data was captured. As soon as they upload the flight record that information is put in the hands of DJI. Such information can be reviewed, cross referenced and possibly added to files that can be leveraged for unintended purposes. The amount of information that can be derived from what was believed to be private conversations during a flight’s operation is staggering.
Have there been any publicly known examples of this information being leaked? Not that I am aware. Does that mean such data including private conversations have not been accessed through DJI to another third party? We just do not know the extent of that activity.
This is not a “new” concern. There have been many before me that have tried to share the information gathering possibilities while using devices produced by overseas and even domestic USA companies. My goal is that the correct group of people are made aware of what is being collected and those possibilities from the use of this data.
I also feel that all of these details needs to be openly discussed in a public forum. A transparent and detailed record of collection and use of UAS derived data by manufacturers should be made available so that a recreational user and the commercial industry around the world can continue to operate with a full awareness of these collected data.
What if I do not want to participate?
“If you decline to share certain personal information with us, we may not be able to provide to you some of the features and functionality of the DJI Go App.”
The forfeited features and functionality of the DJI Go App must be understood in order to make a coherent and logical choice in the opt-out decision. If you don’t know the benefit or the sacrifice of your privacy by opting-in to the application’s data gathering, how can one agree with DJI terms? Creating alleged fear that a user will not be able to leverage certain aspects of the DJI applications is insufficient for making a decision that forfeits one’s privacy. For some people, assessing and maintaining your personal privacy and security on your own property might be the main reason you purchased the DJI drone.
There are some ways to counteract the methods DJI has leveraged to collect parts of the data if you agree to their terms.
· Turn off microphone access to the app.
· Never upload your flights to DJI. This might keep the missions and projects that are captured away from any third parties.
How to turn off video cache and audio recordings (Screen shots from IOS device)
Do these methods completely remove all access, no it does not. But these methods should limit the collected information. All of your location and telemetry information will still be shared if you upload.
There have been some public posts that DJI apps that are not being utilized are still collecting and sending information to its SSL servers. A more in depth review of these connections and what information is being collected will have to be made to determine exactly what is happening there. I suggest a more in depth look at how the firmware upgrades and what packets of information are being communicated while not in use.
As mentioned in a recent presentation by Kevin Finisterre at the sUAS commercial UAS conference, there may be a larger issue with the proliferation of hardware to conflict countries. DJI is a Chinese company governed by Chinese law and not the United States. The daily use of systems that are managed and governed by foreign entities pose more than just a small problem for most of the world.
My final thoughts on this topic have to do with being transparent on what is really happening after data is uploaded. Will the people ever see a complete audit of the third parties that have purchased your furnished data? Can someone own but not participate in data mining? Will DJI and other manufactures provide details if their systems are breached?
I would like answers to these questions. The only way to get them is to have the industry ask them at the same time.
If you would like to contact the DJI team with any questions or concerns, you can do so here:
SZ DJI Technology Co., Ltd.
14th Floor, West Wing, Skyworth Semiconductor Design Building,
No.18 Gaoxin South 4th Ave, Nanshan District, Shenzhen, China, 518057
I look forward to the comments and thoughts about this topic.
Clear skies and calm winds,
Kevin Pomaski sUAS
*My thoughts and opinions are strictly mine and do not reflect my employer or clients views.