UAV Spatial Law and Policy Update (October 29, 2014)

Each week the Centre for Spatial Law and Policy prepares an update on recent developments in Spatial Law and Policy for its members. The following are some of the most important developments related to UAVs.

 

Tennessee Titans Pushing For Tighter Drone Regulations  (CBS Charlotte)

 

Drone safeguards urged by UK pilots' association Balpa  (BBC)

 

Quadcopter ‘deliberately flown at passenger airliner’ AIRPROX REPORT No 2014073  (sUAS News)

 

Filming using drones must comply with data protection laws, says ICO  (Out-law.com)

 

Drone Pilots Beware: New FAA Enforcement Policy Targets You. Licensed Pilots At Particular Risk  (Forbes)

 

California Updates Invasion of Privacy Law to Ban the Use of Camera Drones  (Petapixel)

 

Civilian drones banned in India(India Today)  

 

Presentation at UN-GGIM High Level Forum (October 24, 2014)

Good morning

First, I would like to thank our hosts for their gratious hospitality and to the UN-GGIM for including the Centre for Spatial Law and Policy is this important event.

Second, I want to apologize because my talk is not going to be any way near as entertaining as last night’s performers. 

This morning I am going to some of my thoughts on the key considerations for the geospatial community with regards to dealing with the Big Data Revolution. I am going to specifically discuss four of these considerations and then briefly explain why I think they will be important.

First, the geospatial community is going to consider the needs of numerous other communities that have developed around Big Data. These include Smart Cities, Smart Grids, Intelligent Transportation Systems, the Internet of Things, etc.  There are many others. Each are forming their own coalitions, holding their own conferences, creating their own language. Many are supported by large corporations and at the highest levels of government. And all are dependent upon geoinformation, although many do not know it.

Second, the geospatial community will continue to be required to incorporate new technologies and new actors. Some of these will be quite disruptive. Others are still being developed around the world – from the research facilities in Beijing to garages in Silicon Valley. The geospatial community will need to be both adaptive and proactive with respect to these technologies and actors – as they too will speak different languages and have different perspectives.

Third, the geospatial community will have to share geoinformation with new and different stakeholders, This is a direct result of the first two considerations. As we know, there are challenges today in sharing geoinformation with stakeholders that are in the geospatial community or have worked closely with geoinformation for years. However, I believe these challenges will become even greater when organizations are asked to share geoinformation with new stakeholders in different communities. There will be greater uncertainty as to how the geoinformation is going to be used, and what are the potential risks and rewards. The new stakeholders are not going to fully understand geoinformation and are going to be frustrating to deal with. However, for geoinformation to reach its full potential, these challenges must be addressed an overcome.  

Finally, the geospatial community will become increasingly subject to legal/policy/regulatory frameworks. As geospatial information and Big Data merge, lawyers, policymakers and regulators are going to be taking a harder look at the geospatial community. This is not necessarily a bad thing, as a by-product will be increased awareness of the value of geoinformation. However, it is will require the geospatial community to be more aware of what is taking place in the legal and policy communities.

So why is this important? Because I think the geospatial community has the chance to take a leadership role in the Big Data revolution. Several years ago there was a popular song in the U.S. in which one of the lines was that the singer sang country music before country music was cool (or popular). I would argue that the geospatial community was Big Data before Big Data was cool. However, I don’ t think it can wait for others to ask for assistance. I believe the geospatial community needs to be proactive in taking a leadership role with regards to the challenges and opportunities of Big Data.  That is why the Centre has supported the efforts of the UN-GGIM to both convene geospatial stakeholders and to reach out to other communities, such as the statistical community.

My fear is that if the geospatial community does not take this leadership role, that some of the other communities will. And their concerns and priorities will not necessarily be consistent with the geospatial communities. As a result geoinformation may not reach its full potential. That is not to say that there won’t be some successes at the local and regional level due to the leadership and efforts of key individuals. However, broader of integration of geoinformation with other types of Big Data will be more difficult and take longer than many in this community would like.

Thank you. 

The ODbL and OpenStreetMap: Analysis and Use Cases

In May of this year, I attended the State of the Map (US) meeting in Washington D.C.  A number of formal and informal discussions took place at the event regarding the impact of the Open Database License (ODbL) on the use of OpenStreetMap (OSM) data. In response to these discussions, the Centre for Spatial Law and Policy interviewed a number of representatives from government, industry and the research/NGO communities on how the ODbL was impacting their organization’s potential use of OSM data. Most of those interviewed are active in the OSM community and supportive of its mission. The Centre then prepared a White Paper that included a legal analysis of the ODbL and a series of use cases based upon these interviews.  A copy of the White Paper can be found here.  The White Paper was funded in part by MapBox.

The “share-alike” provision of the ODbL was the primary reason given for not using OSM data under the ODbL. A number of those interviewed also cited the lack of clarity in the ODbL of important terms and provisions, particularly as they relate to geospatial data.  This lack of clarity added to their uncertainty as to when the “share-alike” provision would apply, particularly with regards to derivative products. The broad scope of the ODbL in terms of jurisdiction, applicable law and the lack of certainty with regards to contributors’ rights in the data were also cited as contributing factors. Those interviewed added that due to the OSM’s governance structure it was difficult to receive satisfactory answers to questions they had about using OSM data under the ODbL.  

This White Paper does not compare the ODbL with other potential “open” licenses. Nor does it propose specific changes to the ODbL.  Rather, it is intended to highlight the impact that the ODbL and the associated OSM governance structure have on potential users of OSM data.  It is hoped that this will contribute to the ongoing discussions within the OSM community regarding the ODbL.

Spatial Law and Policy Update (October 8, 2014)

Privacy

Exclusive: Hundreds Of Devices Hidden Inside New York City Phone Booths  (BuzzFeed)

New York City Shuts Down Unauthorized Sensors  (WSJ) A follow up to the link above. Geo organizations can learn a great deal from this matter. 

'God View': Uber Allegedly Stalked Users For Party-Goers' Viewing Pleasure (Updated)  (Forbes) As I mentioned to someone recently, I am increasingly convinced that geolocation privacy laws are going to arise due to acts of the non-traditional geospatial community, will have much broader ramifications than anticipated which will go largely unnoticed until too late.

 Licensing

Creative Commons Letter  "Together, we agreed that licenses alone will not achieve our dream of greater access to knowledge and culture worldwide. Laws must change too." 

Data Quality

Map error hastened Napoleon’s Waterloo defeat  (The Telegraph) "We compared the printed map used on the battlefield with the original handdrawn one it was copied from,” Mr Ferrand said. “We realised it was a printing error". 

Government

      

    Public Safety/Law Enforcement/National Security

    The brand new „No-Spy-Decree“ – Consequences for Public Contracts with Foreign Undertakings  (TaylorWessing) The law "requires a guarantee that at the time of the submission of the offer they do not face any legal obligation to disclose confidential information, business or trade secrecies to foreign intelligence services. If disclosure obligations arise after the conclusion of the public contract, the supplier is obliged to inform the contracting authority that he will not be able to comply with the no spy obligation."

    Tech companies say NSA spying harms competitiveness  (USA Today) See above. 

    Taiwan Close to Completion of their Own Map for the South China Sea  (ASM) Maps can serve a variety of purposes.

Technology Platforms

UAVs

CBP Complies With Privacy Laws For UAS Surveillance, Audit Finds (HS Today)

Finally, Here's Every Organization Allowed to Fly Drones in the US  (MotherBoard)

Use of UAVs for Commercial Purposes in U.S.: Privacy Measures  (Spatial Law and Policy Blog)

America can’t lead the world in innovation if the FAA keeps dragging its feet on drone rules  (Washington Post) 

Shooting Your Neighbor's Drone May Be Illegal—And It May Not  (ReadWrite)

Internet of Things/Smart Grid/Intelligent Transportation Systems

National Highway Traffic Safety Administration Considers Privacy Implications for New Vehicle-to-Vehicle Technology  (Data Privacy Monitor)

Connected Cars – legal issues and hurdles!  (IPT Italy Blog)

Geolocation Privacy and the Smart Grid: Department of Energy's Proposed Voluntary Code of Conduct  (Spatial Law and Policy Blog)

Space-based Remote Sensing

The U.S. and India Sign a Collaboration Agreement for Earth Observation and Mars Exploration (Sensors & Systems)

Japan Launches Next-generation Weather Satellite  (SpaceNews)

China, Venezuela To Collaborate on New Earth Observing Satellite  (SpaceNews) 

Crowdsourcing

Missing Maps: nothing less than a human genome project for cities  (The Guardian)

Google’s Waze announces government data exchange program with 10 initial partners  (TNW) I have been saying for a while that the geo-ecosystem is increasingly one in which industry, government and the "crowd" are both data providers and data users, often at the same time. This is another example. What this means from a legal/policy standpoint is that a law/regulation that impacts one segment will likely impact the other segments as well. Many (most?) lawmakers are unaware of this unique aspect of geospatial community. 

Miscellaneous

Emerging Technology and Existing Law: Can Geofencing Provide Radio Webcasters a Workaround of Digital Performance Royalties?  An interesting article on the impact that geo can have on existing legal constructs.

Upcoming Programs

GEOGRAPHY2050  (November 19, 2014, New York, New York)

Use of UAVs for Commercial Purposes in U.S.: Privacy Measures

Now that the Federal Aviation Administration (FAA) has begun to allow UAVs to be used for commercial purposes in the U.S. (albeit for limited purposes) one should expect there to be increased attention paid to the potential privacy concerns. That is why I found reports of a recent Government Accountability Office’s (GAO) audit of the U.S. Customs and Border Protection’s (CBP) privacy practice with respect to its use of UAVs to be of value.  In its presentation, the GAO reported that the CBP had developed appropriate procedures to protect civil liberties and privacy. While commercial operators are subject to different laws and policies than U.S. government agencies, the GAO audit is instructive as to some of the measures operators should consider as they begin to use UAVs for commercial purposes. 

The GAO noted that the CBP primarily operated UAVs only within the designated areas to help ensure that sensors “only capture images and information necessary for the authorized mission” The limited deviations outside of the designated areas were primarily due to weather and pilot error.

The GAO also found that the CBP took a number of measures to ensure that the imagery and radar data that was collected was properly secured, stored and disseminated. These measures included: (i) encrypting the transmission of UAV video; (ii)  restricting access to real-time video to authorized users; (iii) restricting disclosure of analytical products that contain UAV-obtained images; (iv) identifying sensitive information prior to disclosure; (v)  maintaining a log to track the dissemination of all analytical products that contain UAV-obtained images; and (vi)  handling UAV-obtained images that are to be used as evidence in accordance with rules of evidence.

The GAO noted that all CBP employees are required to complete annual training in privacy awareness, civil rights and civil liberties, ethics and the CBP Code of Conduct. In addition, law enforcement officers must take additional training focused on privacy, civil rights, and civil liberties issues related to the collection, processing and safeguarding of evidence.

UAVs are increasingly being seen as disruptive technology, causing lawmakers and regulators at both the federal and state level to take a hard look at means to protect privacy from overhead sensors. As a result, operators of UAVs should keep the measures cited above in mind as they begin commercial operations, particularly if they are working on behalf of government clients. (It is interesting to note that CBP apparently takes these measures even though its UAVs fly “primarily at an altitude between 19,000 and 28,000 feet, where the video images do not permit identification of individuals or license plates.”)  

Geolocation Privacy and the Smart Grid: Department of Energy's Proposed Voluntary Code of Conduct

Recently, the Department of Energy released for public comment  a proposed privacy Voluntary Code of Conduct for smart grid operators and third parties (the "Proposed Voluntary Code"). A link to the Proposed Voluntary Code can be found here: 

As many of you who follow this blog know, I have been trying to follow the various ways in which privacy laws/regulations/policies address location, because I am afraid that the impact will be much bigger than intended. As a result, I noted with interest that the Proposed Voluntary Code defines Account Data to include "all geographic subdivisions smaller than a state, including a street address, city, county precinct, census block, zip code, and their equivalent geo-codes" when combined with a "specific customer".  Since combining a "name" with a specific customer also is considered Account Data, it would appear that that the term "specific customer" is not simply a name, but any unique identifier associated with a customer, such as their account number. The Proposed Voluntary Code then defines Customer Data as "customer energy usage data (CEUD)" combined with Account Data. In general, Customer Data can only be shared with third parties under the Proposed Voluntary Code if a customer has specifically consented to the sharing of such information with the third party, in an emergency, as required by law or by regulatory authority, or if aggregated or anonymized.  

This construct raises a number of questions in my opinion. For example, I believe it will make it very difficult for government agencies to be able collect and share smart grid data. Perhaps the drafters of the Proposed Voluntary Code did this intentionally because of the vocal - and legitimate - concerns about law enforcement's potential use of the information.  However, my sense is that there are a number of other government agencies that could use this data in ways most people would consider positive and beneficial to society. Restricting it to state-level, unless aggregated and/or anonymized, will likely make the information less valuable. In addition, I wonder if other government agencies will begin to use this definition of geolocation privacy - "a geographic subdivision smaller than a state" without considering whether appropriate, necessary or if it even makes sense.  (Wyoming had a population of slightly less than 600,000 in 2012; California had a population of approximately 38 million. It would seem that there is a wide disparity in privacy risks based solely upon state boundaries).   Finally I am not entirely sure what the term "equivalent geo-codes" is intended to apply to in the definition above, but it would suggest that an operator could not share geo-coded Customer Data at anything more granular than the state level. Can that even be considered "geo-coding"? 

The comment period closes on October 14.