We’re all familiar with the threat posed by malware and viruses when it comes to our computers. But what about drones? Should we be offering protection for them as well? The concept certainly makes sense, and two companies have joined forces to work on a solution.
An executive order is being prepared by the Trump administration that would effectively ban all federal departments and agencies from buying or using foreign-made drones. They claim the drones pose a risk to national security, according to TechCrunch. Expand Expanding Close
Today the U.S. Department of Interior issued an order that basically grounds their entire Chinese-made drone fleet except for in a few special situations such as fire fighting and search and rescue missions. Understandably, DJI is not at all pleased with this order and responds to the U.S. Department of Interior drone order issued the following statement.
After temporarily grounding its fleet of drones last year, the U.S. Interior Department grounded its drone fleet after issuing an order today to formally adopt a no-fly rule aimed at drones made in China or with Chinese parts. Exceptions will be made for those situations in which drones are needed to respond to natural disasters or other emergencies.
On Wednesday, the same day that DJI launched the DJI Mavic Mini, the US Department of the Interior announced that all DJI drones and other Chinese-made unmanned aircraft or UAVs that contain Chinese-made parts in its fleet are to be grounded as part of a review of the department’s drone program. This is the latest threat to DJI’s drone business in the United States.
Over the last few years, many government officials have worried about drones being used to spy on the US and sending sensitive data back to China. Well, maybe it is not so much the drones we need to worry about, but balloons. Check out this story about the Pentagon testing mass surveillance balloons across the US.
DJI drones banned by Cape, a drone software company that supplies US law enforcement agencies. It said that because of security concerns it will no longer work with DJI or other Chinese drone manufacturers. The tech company supplies dozens of public safety agencies as well as state and local law enforcement in the U.S and some other countries.
It seems that DJI is finally getting a break from concerns that various government agencies have expressed about the security of the data captured by DJI’s drones. After an independent 15-month testing program that included thousands of drone flights with models such as the DJI Mavic Pro and DJI Matrice 600 Pro, the Department of the Interior (DoI) has validated and approved the DJI Government Edition.
When the DoI started testing in April 2018, the newer Mavic 2 Pro, Zoom and Enterprise Edition had not yet hit the market, so were not included in the test. DJI told DroneDJ that testing has not yet started on the newer Mavic 2 drones, as the Mavic Pro and Matrice 600 tests have just been finished.
See DJI’s press statement below for all the details.
In a short interview on FOX Business Network’s After the Bell, DJI Director of Strategic Partnerships, Jan Gasparic said that “customers’ data is theirs and theirs alone”and “The fact is that your data sits on the drone itself, that’s fundamental.” There’s a link to the video of the interview below. Expand Expanding Close
In response to the DHS Alert from earlier this week, that caused quite some commotion after being picked up by major news outlets, DJI has posted their official response on the DJI Hub website. The drone maker says that their customers’ data is none of their business. They state that their goal is to provide a “reliable drone platform” and that their drones exceed or meet the DHS recommended mitigating measures. In DJI’s response, the company outlines five recommendations to keep your data safe.
Over the last few years, concerns about DJI’s data handling and security have flared up a number of times. With this week’s headlines, it seems that DJI gets sucked into the escalating trade war between the United States and China. Is the Chinese drone maker at risk of being viewed like another Huawei? A ban on buying DJI drones and products for US companies would be a significant blow to all the organizations and agencies that have come to rely on DJI’s drones to do good. Many rescue workers, police, and fire departments use DJI’s products to help save people’s lives. And, as unfortunate as it may be, there is currently hardly any alternative (except maybe the Parrot Anafi Thermal) for DJI’s capable AND affordable drones for many of these organizations.
If you, or your organization, are impacted by the data security concerns around DJI’s drones, we would like to hear from you either in the comments below or per email. Thank you!
For DJI’s official statement and their recommendations to keep your data safe while using DJI’s drones keep reading.
On Monday, the U. S. Department of Homeland Security expressed ‘strong concerns’ that Chinese-made drones, including DJI’s aircraft, could potentially be sending sensitive flight information to their China-based manufacturers, where it could be accessed by the Chinese government. The warnings from DHS follow the executive order from President Trump against Huawei and are the latest development in the escalating trade war between the United States and China.
Last Monday, we wrote about the Kivu report’s findings. Today we are taking a closer look as DJI has sent us a copy of the full report. Because of competitive reasons the Chinese drone maker has requested us not to post the entire report online or share any of the images. However, we are free to share segments of the text with you. The 27-page document is the result of Kivu Consulting’s forensic investigation of DJI’s UAV Data Transmission & Storage practices and contains information about Kivu’s methodology, analysis, findings, and explains up to a degree what information is collected and to which servers it is going. For their investigation, Kivu independently bought a DJI Spark, Mavic Pro, Phantom 4 Pro and Inspire 2 model drones as well as a Huawei Honor 5x smartphone with the Android operating system and an iPhone SE running iOS. We went through the entire report to see if any new information came to light and to see where your information might be going to.
Last year DJI dealt with a number of cybersecurity-related issues, including a hot-patch mechanism in their DJI Go 4 app, a researcher who found sensitive user data accessible on Amazon Web Services servers, the U.S. Army declaring to no longer use DJI drones, a claim from U.S. Immigration and Customs Enforcement (ICE) that DJI drones could perform facial recognition and U.S. officials who wondered whether DJI was sending sensitive information back to China. Today, DJI released the summarized findings of an independent report, but paid for by DJI, from Kivu Consulting, Inc. in a response to these allegations. Kivu concluded that “users have control over the types of data DJI drones collect, store, and transmit.”
Over the Holidays, people started to report on social media and in forums that they had received certfied letters in the mail from DJI. The letter, titled “NOTICE OF DATA BREACH“, warns DJI’s customers that their personal information, such as full name, address, date of birth, photo, and identification number (e.g., passport number or driver’s license number) as well as scanned photo identification such as ID cards and passports, stored on a server in the U.S., may have been accessible to unauthorized users.
The market for consumer and commercial drones has been growing at a very rapid pace. According to the latest FAA numbers, there are now 943,535 registrations of drones and drone owners in the U.S. market at least, two-thirds of which are made by DJI.
Is leading drone manufacturer, DJI sending sensitive information captured by these drones of U.S. infrastructure and government installations back to China? This is a question that is being asked by U.S. officials.