On March 2, Skyward filed comments in response to the Federal Aviation Administration’s Notice of Proposed Rulemaking on Remote Identification for Small Unmanned Aircraft Systems, also known as Remote ID for drones. Skyward’s comments were just one of over 50,000 comments filed. We’ve seen a lot of responses from many operators, manufacturers, and companies in the industry, and while in some cases we agree with particular points, there are a few others I would like to address.
The need for Remote ID
A recent report identified the collision of a Royal Canadian Mounted Police (RCMP) drone with a RCMP helicopter at low altitudes. No one was hurt in the incident, but the drone was destroyed, and the helicopter aborted its mission and required maintenance.
Almost at the same time, on March 12, 2020, the FAA issued a Request for Information entitled Low Altitude Manned Aviator Participation in UAS Remote Identification. In this, the FAA seeks to understand how “low altitude manned aviators, such as aerial applicators and helicopter pilots could participate in Remote ID, access data from the Remote ID USSs, or otherwise benefit from the Remote ID information being transmitted from UAS.”
This is one of the most critical aspects of drone integration — cooperative operations in low-level airspace where public safety and other crewed aircraft may be operating. The near-incident with the RCMP serves as a warning that we need to establish a system that allows crewed and uncrewed aircraft to safely share low-altitude airspace. Remote ID is a clear first step in this direction, setting standards for location and identification information for every drone and aircraft in the sky.
1) The FAA’s basis for Remote ID rulemaking
Although Verizon and Skyward strongly support the FAA’s efforts to promote a Remote ID rule, there are some who seek to stop the rule from moving forward or advocate for systems that do not achieve these goals. So it is critical to understand that the FAA can only implement regulations when granted authority under a statute from Congress.
Remote ID is proposed pursuant, in part, to the FAA’s authority to ensure the safety of aircraft, the efficient use of airspace, and the protection of national security. The FAA cites the relevant statutes in Section II (Authority for Rulemaking) of the Remote ID NPRM. Therefore, any final rule should be primarily focused on the safety of the National Airspace System in order to stand up to potential legal challenges.
The final Remote ID rule should not simply be a law enforcement tool. Rather, it should appreciably increase the safety of the airspace and enable the safe integration of drones into low level airspace and complex operations.
2) Performance standards: broadcast, internet, and interoperability
Some comments on the NPRM claimed that line of sight broadcast Remote ID can be implemented faster than an internet-based solution that sends Remote ID information to a UAS Service Supplier (USS). We disagree with that claim, and even so, broadcast Remote ID still falls short of the safety capabilities enabled by a USS solution.
Broadcast Remote ID may serve the near-term needs of law enforcement oversight of drone operations, but an internet-based Remote ID system will provide enduring benefits to law enforcement and airspace safety, and it can still be implemented quickly. An internet-based Remote ID solution would send information to a USS, which then shares that information with other USS, law enforcement, and the public. This would promote airspace safety, as well as national and local security, much better than broadcast Remote ID alone.
Of course, we recognize that there are times and places where the internet is not accessible, and the Remote ID rules should reflect this reality. What constitutes “available” internet is currently somewhat unclear, and the FAA, as the regulator, must define what it means for the internet to be “available.” Is satellite internet, which is prohibitively expensive for small operators, within the meaning of “available”? What about Starlink or Loon, when they come online, or private Wi-Fi networks?
Regardless of where the FAA falls on this issue, operators must have regulatory avenues to operate when internet is unavailable. One possible option that has been suggested is limiting operations without available internet to basic operations under current Part 107 rules, with a requirement to file flight plans through a USS (similar to how pilots currently use LAANC to request authorization to fly in certain controlled airspace). We are not opposed to this concept.
A final point on performance standard: under the NPRM, broadcast solutions are not required to be interoperable. This means that a helicopter pilot or remote pilot on the ground would need to use multiple apps to see all current flights, instead of being able to view aggregated Remote ID data from the USS of their choice. Of course, this is another limitation to a broadcast-first Remote ID solution, and does not support the FAA’s goal of safety and security. We suggest that interoperability be a requirement for every USS providing Remote ID services.
3) Flexibility, not complexity
We recognize the need for flexibility in Remote ID reporting requirements — particularly to allow recreational operations and operations in areas without access to the internet. As noted in our comments, Skyward opposes the FAA’s proposal that drone operators must concurrently transmit to a USS and broadcast. Instead, we support performance-based standards in which those unable to connect to a USS can still operate a drone through an alternative mechanism.
However, some NPRM commenters proposed complicated, tiered approaches to the reporting requirements. To us, these systems seem unnecessarily complex for operators, and the FAA’s proposed approach does a much better job meeting airspace safety needs. A tiered data-sharing approach only adds complexity and puts too much burden on the operator to determine how to comply. There should be a default data-sharing requirement to networked USS, as well as an exemption with specific operational limits where the internet is unavailable.
4) Operator authentication
Another means to securely identify operators to officials with a need to know would be an authentication protocol. This would allow operators to authenticate their identity to a USS without revealing their location. Authentication is best done through Remote ID USS, which are already under development and supported by the FAA.
A separate Known Operator program, such as that used by the Department of Homeland Security (e.g., TSA Pre-Check) would add unnecessary complexity to airspace security. Furthermore, USS like Skyward could authenticate users on a continuing basis. A separate Known Operator program, on the other hand, might conduct one-off authentications and lacks the flexibility enterprise users need to grow with technological and employment changes.
A USS authentication would also better serve public safety organizations by supporting complex operations and near-real-time authentication of users. Public safety organizations generally rely on a mix of in-house and contracted drones — and may be interested in leveraging authenticated operators for emergency or disaster response. They might not want to allow all “Known Operators” near the response scene, but USS authentication would allow a dynamic, cooperative process of airspace access to approved operators participating in the response.
Another flaw with broadcast Remote ID is that it lacks basic but important cybersecurity protections. While Remote ID information may not contain a great deal of personal data — other than the operator’s real-time location — broadcast Remote ID provides no assurance that the Remote ID message elements provided by the UAS are accurate. Just as bad actors have hacked geofencing limits on drones, no doubt they will also find ways to hack or alter broadcast message elements. Broadcast Remote ID does not address this real threat to operators.
USS are capable of strong cybersecurity protections, including network monitoring for malicious or rogue actors. The FAA signaled its intent to require cybersecurity for Remote ID, and USS are inherently set up to ensure enduring cybersecurity, whereas broadcast manufacturers will lose most control after sale of the product to the end user.
Broadcast Remote ID simply cannot provide a secure and reliable Remote ID system. Remote ID message elements must be secure and accurate for mixed crewed and uncrewed operations to simultaneously occur in the same airspace.
Internet-based Remote ID to a UAS Service Supplier is clearly a superior solution both for public safety and complex commercial airspace operations. The FAA is charged with maximizing the safety and security of the National Airspace System, for both crewed and uncrewed operations. A Remote ID rule that is performance-based, flexible, pragmatic, and accounts for cybersecurity considerations is necessary to ensure near and long-term benefits to the safety and security of the airspace. We believe our proposed approach best accomplishes that goal, but that the FAA’s proposed approach is still much more viable than some of the solutions proposed in comments to the NPRM.