DJI fends off data espionage allegations… again

Uneasy lies the head that wears the crown, so goes the adage. Apparently so it goes too for DJI; the world’s leading drone manufacturer has been called for the umpteenth time to deny allegations that their drones are sending data back home to the Chinese government.

DJI has been in the commercial drone business since 2006; and they have been so good at it that they have blown their competition out of water. It is only natural that any hint of misstep they make would be ballooned to kingdom come. Of late, they have had to content with allegations from the USA – one of their largest markets – that the data collected from the drones they make is illegally sent to China where the government there will do God-knows-what with it. The latest allegations stem from the fact that the company recently loaned 100 drones to 45 public sector emergency responders like the police and fire departments in 22 states to help them in the ongoing fight against the COVID-19 pandemic.

“Today, we’re pleased to announce we are distributing 100 drones to 45 police, fire and public safety organizations in 22 states,” wrote Romeo Durscher, Director of Public Safety Integration at DJI, in announcing the donation. “This is the largest single deployment of drones to fight COVID-19 that we know of – and we look forward to seeing what our brave first responders do with them.

“This program builds on DJI’s growing commitment to the public safety industry, as more than 900 public safety organisations across the United States, including the Los Angeles Fire Department, are deploying DJI drones for lifesaving activities.”

The UAVs were loaned out as part of DJI’s Disaster Relief Program, where it committed to mobilise DJI resources towards helping emergency response teams in need.

But this latest act of kindness has not been well received in government circles, with one lawmaker openly accusing China of trying to undermine the USA through their “trojan horses.”

“China is massively expanding a trojan horse spying operation in our country, and your local police department may be unknowingly helping them,” Republican representative from Florida, Matt Gaetz told Fox News recently, pointing to a directive once given by the Department of the Interior, which ordered the grounding of all foreign-made drones due to security concerns. Gaetz and fourteen other Republican representatives followed this up with two letters to the Departments of Homeland Security and Justice, beseeching the department to investigate the employment of DJI drones for government business. At the centre of these allegations lies the fear that DJI could be sending data collected on US soil to the Chinese government, which could in turn abuse the data for espionage or sell it to enemies of the US.

DJI loaned drones to emergency service responders in the USA, including some police departments

In response, the Chinese drone technology giant sought to calm the waters in a circular to emergency responders who benefited from the disaster relief program, denying any ulterior motives for the donations.

“As you know through your hands-on experience with DJI hardware and software, you have control over the photos, videos and flight logs you generate during your flights,” The letter read. “This data is not transferred to DJI unless you deliberately choose to do so. We recently published an online guide to the privacy settings on DJI consumer and enterprise products, to help you understand how to manage the data you generate.”

The guidelines, which apply to DJI drones anywhere they are used, summarise sharing options on data collected on drones; by default, the company collects app performance and user experience data for the purposes of bug reporting, checking how the drone and associated accessories are performing. DJI says this data is not associated with any particular users, and owners can deactivate data transmission if they so wish.

As for access the flight logs, photos or videos gathered, DJI will have no access to these “unless users choose to voluntarily share them with us, such as by syncing flight logs with DJI cloud servers or sharing photos and videos on DJI’s SkyPixel website. DJI customers in the United States who upload their flight logs do so to servers located in the United States. For customers who fly sensitive missions and want to ensure the security of the data they generate, DJI created Local Data Mode, which serves all internet connections to the drone and controller.”

Brendan Schulman, left, and Romeo Durscher

In its memo, DJI linked the origins of suspicion with their drones to a leaked 2017 draft memo written by an office of U.S. Immigration and Customs Enforcement (ICE), which it claims was based on the word of a single unnamed source.

“DJI has repeatedly debunked (the leaked memo), while ICE has never publicly released the memo or validated its contents. DJI also engaged an independent security research firm which analysed the data security of our products and confirmed that DJI customers control how their data is collected, stored and transmitted.”

The memo went on, “Besides, DJI products designed for sensitive government uses have been independently reviewed and tested by U.S. cybersecurity consultants, U.S. federal agencies and the Idaho National Laboratory. Our drones exceed the U.S. Department of Homeland Security’s recommended risk mitigation strategies for drone use in critical infrastructure. While the concerns about DJI are clearly motivated by political sentiment, this post on our corporate blog explains the facts behind them.”

Relations between China and the US have soured since 2017, over what Washington claim are unfair trade practices by Beijing, and urging its China based companies to relocate. Washington has also banned the sale of products from another Chinese tech giant, Huawei, on top of imposing trade tariffs Chinese goods worth $250billion. “DJI has always prioritised protecting customer data and always will,” said the company’s legal and policy affairs VIP, Brendan Schulman. “DJI products designed for government use have been independently reviewed and tested by U.S. cybersecurity consultants, U.S. federal agencies and the Idaho National Laboratory, which recently issued a report for the Department of Homeland Security.”


Leave a Comment


Welcome! Login in to your account

Remember me Lost your password?

Lost Password