Officials with the Port of San Francisco have said they would use drones to help inspect earthquake damage to piers and other property. (Steven Ho/2017 Special to S.F. Examiner)

Port Commission drone policy highlights risk of data breach

A new drone policy set to be adopted by the Port of San Francisco on Tuesday raises concerns about possible government data breaches and sets strict privacy standards to avoid them.

Citing recent “security risks” from China-based drone manufacturer DJI, the proposed policy would require employees and contractors to operate under rules barring storage of flight paths, raw video and other data. The Port Commission is scheduled to vote on the matter at its regular meeting.

The policy highlights heightened security concerns in an era of common data breaches, as the Port prepares to take to the skies. Previously, Port officials have said they would use drones to help inspect earthquake damage to piers and other property, among other uses.

SEE RELATED: Port: New drones could help inspect pier damage in earthquakes

“Recently, potential security risks have been identified with regards to the data collected from DJI drones, the leading manufacturer of camera drones,” Port staff wrote in its report to the commission.

In September 2017, DJI was widely reported to have suffered a data breach when passkeys allowing access to flight log data, government IDs, drivers licenses and passports were posted publicly online. That breach included flight logs of accounts associated with both government and the military, according to technology news outlet Ars Technica.

Drone operators would be required to agree to “privacy risk mitigation standards,” under The Port’s new policy.

Those risk mitigation standards include not uploading flight data, plans or video to DJI company servers, not utilizing a DJI drone “auto function” that “periodically” stores flight data, cutting off outside internet connections while flying drones, handling data “securely” when delivering footage to the Port and not keeping copies of raw or edited footage.

The Port also wrote it would not disclose “raw drone data” to the public and would only be disclosed to the public under “exigent public safety needs or as required by law.”

The Port does not own drones or plan to purchase them in the near future but confirmed to the San Francisco Examiner the policy applies to contractors the Port may hire.

In May 2017, The City created a drone policy for government agencies. Five departments in particular were granted permission to deploy drones but were required to adopt their own drone-use policies and adhere to rules addressing privacy concerns.

If you find our journalism valuable and relevant, please consider joining our Examiner membership program.
Find out more at www.sfexaminer.com/join/

Just Posted

SF police shoot burglary suspect in Mission District

Man allegedly attacked officers before being shot in first on-duty SFPD shooting since June 2018

Not even heavy rain can stop the 25th annual SantaCon

Jolly, drunken fun event for Santas is the ‘least wonderful time of the year’ for many locals

Ronen says $100M service expansion is ‘going to fix’ SF’s mental health crisis

Compromise mental health plan has backing of mayor, full Board of Supervisors

Civil liberties lawyer files to take on Pelosi

A San Francisco-based civil liberties lawyer, progressive advocate, DJ and poet is… Continue reading

Supes sound off against bill increasing housing density near transit hubs

Senator Wiener calls resolution opposing SB 50 ‘little more than symbolic political theater’

Most Read