Fighting the drone-lash
Is banning drones on grounds of country of origin wise, or does it lead to false sense of security?
The war for data control is chiefly because data is the new oil. Well, data is actually the new data, but what the hell. Technology companies worldwide are fighting for the control of data because they know they can do so much with it, whose end result is a fatter bank account for the companies and their shareholders.
Because data has taken so much importance in these digital times, governments are right to worry; but maybe only in so far as their citizens are giving away their data for free while the countries get nothing in return. It’s the same allegations levelled against the FAANGs (Facebook, Amazon, Apple, Netflix and Google, now known as Alphabet) as money grabbing blood suckers that mine consumer data for avariciously selfish reasons and leave nothing for data owners and their countries.
User data in the hands of the few; the first world economies do not want that.
They do not like it at all. Especially when that data is in the hands of China, and the Chinese have even more capacity to control more of the world’s now precious resource.
They already have 5G going (or had it going in big economy markets, before the Americans put the kibosh on the whole thing, and arm-twisted close friends into ditching Huawei’s 5G project too), so if they have US citizens’ data via drones or Huawei, or TikTok, then does that give them leverage to control the USA? The USA, it seems does not want to wait and find out; for the country is actively trying to hound all Chinese-made technology, including DJI drones, the world’s best drones on the market right now, out of the US market; under the allegations that the Chinese products may be collecting US consumer data and surreptitiously channelling it to the Chinese government for espionage purposes.
It is important to note here that these allegations, at least as they apply to DJI, have been disproved and denied ever since they started sprouting up around 2017. Not just by the people at DJI, but also by independent cyber security consulting companies that analysed the drones and their software; and found them to be clean. The two most recent reports on this have claimed to unearth a backdoor loophole with one of DJI’s android apps, which they claim flouts Google rules by acting as a malware app that can secretly collect sensitive consumer data from their phones and sends it to servers in mainland China.
Naturally, DJI countered, and everything got muddled in the cesspool of politics, as everything is wont to do when it comes to China and the USA. Sadly, the politicians involved in this mudslinging seem to enjoy themselves too much to look at the bigger picture; all the while at the expense of the common good of society via the development of technology for good.
An arrest here. A billion-dollar tariff there. A consulate closure. A trade war. In China, many popular American tech companies have been barred behind the great wall to a market of some 930million internet users. Facebook (and its family of apps), Google (and its family of apps), Twitter, Snapchat and Reddit are just a few of US tech companies that have been frozen outside the Great Wall. Now, the Americans are paying back in kind.
As China emerges as a global economic and technological leader, what threats do its products pose to national security worldwide?
Some policymakers have argued that using Chinese technology products risks exposing Americans to spying by the Chinese government. These concerns have already led the U.S. government to ban Chinese telecom company Huawei’s equipment from American 5G networks (and encourage its allies worldwide to do the same). In Huawei’s case, the argument is that there are both real security concerns and good policy reasons for a ban, including the possibility of state and corporate espionage and the long-term risk of Huawei unfairly cornering the market for wireless equipment. There have also been calls to launch an investigation of the popular social media app TikTok, which is owned by a Chinese company, and ban the app from the devices of US federal employees.
This debate has now shifted to drones, a technology that is promising to be as revolutionary and as game changing as the car and the cellular phone were, the first time they took root. Latest statistics from Gartner predict that 1,3million enterprise drones will be shipping worldwide in just two years’ time, and Irish research firm, Research and Markets’ new report has the drone market growing to a $27billion industry by 2025.
This confidence in the growth of commercial drones arises from the reality on the ground where various industries have taken to the convenience of drone technology for the greater safety of their operations and the convenience that drone offer. Not least in these COVID-19 times where drones have proved invaluable – sanitising public places, delivering emergency medical equipment and supplies to areas that have otherwise been traditionally hard to reach. In agriculture, in mining, in telecommunications, in media production, in construction, in disaster management and humanitarian services; almost in every industry, drones have found a home.
With this growing importance, perhaps trouble should have been expected, given how it is China-made drones that are leading the market by a marked distance. Policy makers, specifically in the USA have long expressed concern about the U.S. government’s use of Chinese-made drones. Last October, the Department of the Interior – which had been using drones to fight forest fires, inspect land for erosion damage, monitor dams and floods, track endangered species, aid in search and rescue, and respond to natural disasters — grounded its entire drone fleet because all its drones were either made in China or had parts from China. The only exception – at least for now – was for drones used for emergency purposes.
According to a statement by the USA News Group; “Over the past several years, the heat has been increasing on Chinese drone manufacturing giant Da Jiang Innovations (DJI) and others. Multiple US government agencies have instituted policy bans on DJI and Chinese drone purchases along with use of their drones. This includes the Departments of Defence (DoD), Department of Justice (DoJ), Interior (DoI), and Homeland Security (DHS), who has been echoing warnings to others over this year.
“Add to this a draft Executive Order that’s making its rounds in Washington DC and the fact that the US will not use China made drones or parts in its future security seems apparent.”
Perhaps a more extreme case is one where a Massachusetts scientist was denied a permit to use drones in his research on great white sharks around the Cape Cod area, because of a Department of Interior order that grounded a fleet of 800 drones “to ensure the cybersecurity and supply of American technology of unmanned aircraft systems.”
It is called the techlash, according to Mike McLaughlin, a research analyst at the Information Technology and Innovation Foundation (ITIF), whose organisation has written a research on why governments’ growing animus to technology is detrimental to future progress, prosperity and, especially, competitiveness.
The techlash, according to ITIF, refers to a rising government opposition toward large technology companies (also known as Big Tech) and to a more generalised opposition to modern technology itself, particularly innovations driven by information technology. As the phenomenon has gained momentum, there has been rising support for policies expressly designed to slow the pace of innovation, including bans, taxes, and stringent regulations on certain technologies.
The ITIF grants that the concerns raised about technology today are not all frivolous or without merit – but the foundation argues that blindly succumbing to techlash is likely to reduce individual and societal welfare.
At a webinar hosted by DJI last month – On Risk, Rhetoric and Reality; A Frank Conversation about Data and Security – McLaughlin went further to explain the techlash as it applies to drones.
“Something we have noticed with the techlash is the first instinct (by authorities) to ban technology,” McLaughlin explained. “But in most cases, a ban is not a reasoned or well-thought out policy.
“With drones it started with the privacy panic cycle,” Mclaughlin explained. “In the first drone days, hobbyists flew drones over people’s yards, taking pictures of them and invading their privacy. Now, we are starting to see antagonism from a country of origin point of view; authorities want to ban drone technology from a certain country; which in this instance is China. But this is a distraction from the underlying issue; that if there are concerns with drone security – whether they are made in Europe, United States or China – we will be distracting ourselves from looking for solid strategies that implement programmes where we can test the security of drones without hindering competition.”
Brendan Schulman, DJI’s Vice President of Policy and Legal Affairs concurs. Drones have never been a well-loved tech, he says.
“When I first got into the drone industry, there was concern about drones interfering with airlines and airports, and then there was the personal backyard privacy issue, misuse, terrorism, even personal injury if the drone is flown over a crowd,” says Schulman. “We have been plagued with fear as an industry, which has resulted in non-risk-based policy proposals to restrict or limit the use and access to drone technology, notwithstanding all these great life-saving benefits.
“And now, there is one more thing to be afraid of; the drones are now sending my data to China.
“No, they are not, and you can confirm they are not. But that reasoning has been enough for drone detractors to try and prevent people from using the technology and to scare people with policies that are not risk based and don’t make sense and hamper life-saving intervention.”
If the US sneezes…
There is no argument that the USA is the biggest economy in the world by all counts; and the US market is attractive to everyone. Allied with their lofty position as a global power player, if they condemn a product or service, the odds of that product or service surviving become slim indeed. Right now, the Huawei phone, which every reviewer has acknowledged is a really great product – is struggling to gain the ground it had made before the federal government banned the inclusion of Google and other American mobile software on new Huawei phones. Great as it is, the Huawei becomes significantly less attractive without apps like Facebook, WhatsApp and YouTube.
The same can be said for DJI too, which has seen contacts being cancelled and has been forced to postpone its Initial Public Offering (IPO) on the stock market. DJI won the drone war; but it seems they are only now waking up to how much that war cost them.
The sentiment at ITIF is that policy makers should resist the urge to lash against technology and instead, embrace pragmatic “tech realism” – recognising that technology is a fundamental force for human progress that can also pose real challenges; which deserve smart, thoroughly considered, and effective responses.
Formidable, the challenges are indeed. Take the example of the rogue drones that brought proceedings to a standstill at Gatwick Airport and messed up thousands of people’s Christmas plans in 2018. And the ongoing battle the Royal Sussexes are having with the paparazzi, who are flying drones over the Sussexes’ home trying to steal a few pictures. Over the years, commercial and hobbyist drones have been such a nuisance at time that they got their own Wikipedia page in honour. Therefore, in the face of such mishaps and the espionage allegations against DJI, the right questions have naturally been asked about safety, privacy and data security. What should happen to user data gathered by drone companies? Who should own it and where should it be kept? The right answers to these questions and more others are important, because they would affect how drone laws are formulated now and in the future.
Unfortunately, many authorities have used these challenges as an excuse to ban drone technology from their economies. Africa has not fared well in this regard too; there are many countries on the continent that have banned drones from the outset, and many more have no laid down laws and regulations for drone technology within their borders.
The ITIF would rather governments first assessed the impact of banning foreign-made drones, then developed a procurement and use policy for drones that addresses national security concerns and requires government agencies only procure and use drones that meet the policy’s standards, without making assumptions based on country of origin. Under this policy, if some or all foreign-made drones posed a national security risk, they would still fail to qualify for government procurement or use, and governments and the public would benefit from knowing that public drones meet the highest safety and security requirements regardless of where they are made.
Besides, it is not as if the people do not realise or do not suspect that the reasons why governments are taking cool tech from their hands have nothing at all to do with protecting their citizens, if reader comments on various platforms that covered the latest spat are anything to go by.
“I’m not buying the need for either government (China or USA) to so closely monitor its citizens’ use of an increasingly useful technology,” read one comment left on the New York Times’s story on the latest report condemning DJI’s drone value chain. “I’m buying even less the notion that the People’s republic of China is particularly more evil about such things than the Trump administration, at least when it comes to drones.”
Another reader was not convinced either; “What the article seems to ignore is that Western governments and commercial organisations collect the same information as Chinese governments and organisations, and US commercial organisations are as beholden as Chinese organisations. The article should focus on this because at the moment there is an underlying assumption that Uncle Sam’s spyware is good; China spyware is evil.”
Samm Sacks, Cyber Security and China Digital Policy Fellow at New America reckons banning technology on the basis of its country of origin will not make the problems with technology go away; rather it will just entrench the distrust between countries in their geopolitical relations and leave consumers at a disadvantage.
“Granted, the risk of sensitive data being leaked to security services in (countries like Russia and China, that are not overly fond of the USA) does exist,” Sacks opines. “But, in our discussions to consider blanket bans on technologies from these countries, we have to consider the trade-off. If we want to come up with the most effective and most responsive policies that mitigate the downsides of blocking an entire country, or blocking data flows to entire countries, or blocking components, and shutting down supply chains, we have to consider what the second or third world consequences of that are.
Why is this?
“Because the US-China technology competition is a competition that increasingly is not going to be playing out in the USA or in China; it is going to be playing out all around the world. If the US wants to win that competition, we cannot be in a position where we are politicising the supply chain. Or, as is the case with data flows, we cannot be seen as trying to stop all US citizens’ data from leaving the physical borders of the US.
“What’s going to happen then is, the Indian government for instance, which already is weighing very strict data localisation rules, will require Indian citizens’ data to also stay on servers that are physically in India.”
This did happen, in fact; Indian diplomats have recently come back at Washington pointing fingers at bills such as National Security and Personal Data Protection Bill, proposed by Senator Josh Hawley, which would called for localisation of all US data. The Indians were asking how Americans deride Indian data localisation rules as protectionist and barrier-raising on one hand, while simultaneously proposing the very same laws for their country on the other.
“So what happens is, this sets off a race to the bottom, in an environment of data nationalisation or data hoarding,” argues Sacks. “Suddenly, US tech companies that need access to novel large international data sets in order to get ahead on data intensive technologies will be in a position where other governments across the world are going to go oh, we remember Edward Snowden, we are going to halt our data flows to you.
“This is why I think we have to take a risk-based approach that does not focus on national origin. If we put in place more robust rules for cyber security, for data access and retention for all companies, that’s going to get us closer to being more secure and our companies are going to be seen as more trustworthy around the world.”
As for Africa, countries that a dithering on drone technology are losing out – early tech adopters like Rwanda and Ghana have reaped the benefits of drone technology in these challenging Coronavirus times, where drones in these countries have been used to deliver medicines, medical supplies and emergency COVID-19 equipment to areas that would otherwise have been inaccessible by road.
Instead of creating national panic about a technology that has shown tangible signs of being really useful even without the support of national government, the way to go should be authorities insisting on holding tech companies accountable for user data and giving consumers choices on whether or not they want to their data. DJI, Schulman says, has been working closely with the US Department of Interior to develop a drone that would meet the latter’s requirements. In particular, the department expressed discomfort about their fleet of drones having internet connectivity as a choice at all – they wanted to make it impossible for their employees, be they rogue employees or just careless ones, to accidentally transfer data over the internet.
“All our drones have the choice, but the department didn’t want that choice on their drones. So we worked with the them to come up with a solution that they could work with.”
And for the record, Schulman did clarify that his company DJI does not automatically send user data to China; if only for the reason that the drone can be used offline. Basically an aerial camera, a drone can operate entirely free of connectivity or any data transfer to the internet.
“If you want to be connected to the internet, you can do that. But even then, there is no automatic transfer of data to DJI,” Schulman says, adding that a user can configure the internet function, to make their data not available to the outside world.
But while they try to work out their differences in ideology, DJI and other Chinese drone technology products remain banned by the USA government, however. This has opened the floodgates for the race for ‘Made in America’ drones, as competitors rush to try and fill the gap opened by the excommunication of DJI from government contracts. French drone maker Parrot recently made the Parrot USA, which it says complies with all government requirements; and Skydio and Plymouth Rock Technologies – American drone manufacturers in their right – are making drones they have touted to be friendly to American laws too.
The jingoistic calls for banning non-American products are running deep. More recently, Florida Senator Rick Scott introduced an amendment to the National Defence Authorisation Act for Fiscal Year 2021, titled the American Security Drone Act (ASDA) of 2020, which would ban the federal government from buying or using drones made in China. And US President Donald Trump may soon sign an “Executive Order on Protecting the Nation From Foreign Unmanned Aircraft Systems and Associated Systems.” The order would ban the federal government from buying or using drones made in China or using components manufactured in China.
But, while acknowledging the importance of prioritising cybersecurity of emerging technologies like drones, and working to ensure that any technology the government uses is safe, secure, and effective, the ITIF thinks the ASDA and draft executive order are wrong in targeting technologies based on country of origin.
Because, simply put, cybercrime is not a country-based crime.
Says the ITIF; “At a technical level, country of origin is not a legitimate factor in determining whether a product is secure. A Chinese-made drone may be secure even though it was manufactured in China, and an American-made drone may not be secure even though it was manufactured in the United States. The approach could lead to a false sense of security, where the government and the public assume domestically manufactured drones are secure, as well as reduced adoption of drone technology by a multitude of sectors.
The foundation’s arguments proceeds; “There are better ways to address concerns about China spying on the United States with drones. First, the U.S. government should be prepared to address the legitimate cybersecurity risks of drones regardless of whether the U.S. government employs Chinese or non-Chinese drones. The government can accomplish this task by creating a mandatory security policy for any federal government purchase or use of drones.
“Second, if the concern is that the Chinese government will secretly steal information by employing a hidden backdoor of some sort in the software of the Chinese-made drones, then the U.S. government should manage this concern by monitoring network traffic or encrypting all communications sent from the drones and only sending it to secure U.S. facilities.
“Third, if the concern is that the Chinese government will demand Chinese firms provide it data that these companies collect, the U.S. can use drones that do not provide data to the manufacturer and disable the connection between drones and the Internet during operation.
One could argue that the ongoing cold tech war between the world’s two biggest economies is one which the world can ill afford right now – especially with the Coronavirus pandemic raging as it is right now. There is so much good the drones can do to make our lives easier right now, as they have already proved. Shutting the door in the face of technology simply because one can will only leave the world poorer for it, as rightly noted by Charles Werner, Director of US non-profit programme for public safety drones, DRONERESPONDERS, which has worked with all willing drone partners, regardless of national origins.
“Simply banning these assets without a viable replacement, in terms of price point and operability, is a non-starter,” he says of the proposed US law. “If the ADSA passes – the act that will ban all use of drones and parts from China – we need to use those two years before implementation wisely, by providing incentives and subsidies to US drone supply chain and manufacturers, to balance the playing field.
“Until that happens, unfortunately, public safety agencies will have little incentive to switch out their drone fleets.”