Spatial Law and Policy Update (December 27, 2015)

SPATIAL LAW AND POLICY UPDATE

"Where Geospatial Technology Is Taking the Law"

LEGAL DISCIPLINES

Privacy

CDT Proposes Privacy Best Practices for Drones  (Center for Democracy and Technology)  Imagine trying to apply these to other platforms . . . That is where we are headed.

Hyde Park visitors covertly tracked via mobile phone data  (The Guardian)

Agreement on Commission's EU data protection reform will boost Digital Single Market  

What happens when facial recognition tools are available to everyone  (Washington Post)

Data Quality

Licensing

Judge, siding with Google, refuses to shut down Waze in wake of alleged theft  (ars technica) This is an important case involving the copyrightability of geospatial data. 

Government

    Spatial Data Infrastructure/Open Data

The negative effects of open government data - investigating the dark side of open data  (ACM)

NYC’s Open Data Law Lacks Teeth, Lags Deadlines  (CityLimits)

    

    Public Safety/Law Enforcement/National Security

     Cartographers beware! Starting next year 'wrong' maps of China will be subject to 200,000 RMB fines  (Shangaiist)

    Stolen laptop cannot be recovered, GPS not exact  (KRMG)

TECHNOLOGY PLATFORMS

GNSS

U.S., Norwegian Paths to Encrypted Galileo Service Open in 2016 (SpaceNews)

Stolen laptop cannot be recovered, GPS not exact  (KRMG)

UAVs

Drone battle's next front: Your local government  (CNBC) 

State and Local Regulation of Unmanned Aircraft Systems (UAS) Fact Sheet  (Federal Aviation Administration)

Ski resorts discuss drone policies  (9 News)

Where does private land end and public airspace begin?  (DIY Drones)

Congressman Predicts Congressional Action On Drones  (CBS Pittsburgh)

Internet of Things/Smart Grid/Intelligent Transportation Systems

Smartwatches set to shake up life insurance  (The Australian)

Here's why lawyers are 'salivating' over self-driving cars  (Business Insider) “You're going to get a whole host of new defendants,” Kevin Dean, an attorney suing General Motors over its faulty ignition switches,told Bloomberg. “Computer programmers, computer companies, designers of algorithms, Google, mapping companies, even states. It's going to be very fertile ground for lawyers.” [emphasis added].

Remote Sensing

Omnibus Fully Funds Major NOAA Satellite Programs  (SpaceNews)

Crowdsourcing

AI Machine Learns to Drive Using Crowdteaching  (Technology Review)

MISCELLANEOUS

Future Trends in Geospatial Information Management: Five to Ten Year Vision  (UN-GGIM) The Centre was a significant contributor to the Legal and Policy Section of this report. 

Spatial Law and Policy UAV Update (December 4, 2014)

Each week the Centre for Spatial Law and Policy prepares an update for its members. The following are UAV-related links from the past week.

Spy balloons give police new view of Jerusalem  (AP)

Source: FAA will require Commercial Drone Operators to Have a License, Fly in Daylight  (Directions)

Privacy, data protection and ethical risks in civil RPAS operations - Final Report  

Legal framework for UAV operations in Canada  (Dronologista)

Rules For Drones  (TechCrunch)

Senators Demanding Action On Drones Is Too Little Too Late  (Forbes)

State registry for commercial drones on hold  (Daily Astorian)

Spatial Law and Policy Update - Location Privacy

Each week the Centre for Spatial Law and Policy prepares an update for its members. The following are location privacy-related links from the past week.

3 NY GOP assemblymen sign on to bill to bar use of GPS devices to track people  (DailyNews)

Canada Privacy Law Hampered Intelligence Sharing  (WSJ)

New York Senator Proposes Legislation to Outlaw GPS Tracking   (kfpk)

Revealed: how Whisper app tracks ‘anonymous’ users  (The Guardian)

Whisper’s Privacy Problem: Sen. Rockefeller Pushes for Probe While Editorial Team Is Suspended Pending Review  (PoGo was right)

UAV Spatial Law and Policy Update (October 29, 2014)

Each week the Centre for Spatial Law and Policy prepares an update on recent developments in Spatial Law and Policy for its members. The following are some of the most important developments related to UAVs.

 

Tennessee Titans Pushing For Tighter Drone Regulations  (CBS Charlotte)

 

Drone safeguards urged by UK pilots' association Balpa  (BBC)

 

Quadcopter ‘deliberately flown at passenger airliner’ AIRPROX REPORT No 2014073  (sUAS News)

 

Filming using drones must comply with data protection laws, says ICO  (Out-law.com)

 

Drone Pilots Beware: New FAA Enforcement Policy Targets You. Licensed Pilots At Particular Risk  (Forbes)

 

California Updates Invasion of Privacy Law to Ban the Use of Camera Drones  (Petapixel)

 

Civilian drones banned in India(India Today)  

 

Spatial Law and Policy Update (October 8, 2014)

Privacy

Exclusive: Hundreds Of Devices Hidden Inside New York City Phone Booths  (BuzzFeed)

New York City Shuts Down Unauthorized Sensors  (WSJ) A follow up to the link above. Geo organizations can learn a great deal from this matter. 

'God View': Uber Allegedly Stalked Users For Party-Goers' Viewing Pleasure (Updated)  (Forbes) As I mentioned to someone recently, I am increasingly convinced that geolocation privacy laws are going to arise due to acts of the non-traditional geospatial community, will have much broader ramifications than anticipated which will go largely unnoticed until too late.

 Licensing

Creative Commons Letter  "Together, we agreed that licenses alone will not achieve our dream of greater access to knowledge and culture worldwide. Laws must change too." 

Data Quality

Map error hastened Napoleon’s Waterloo defeat  (The Telegraph) "We compared the printed map used on the battlefield with the original handdrawn one it was copied from,” Mr Ferrand said. “We realised it was a printing error". 

Government

      

    Public Safety/Law Enforcement/National Security

    The brand new „No-Spy-Decree“ – Consequences for Public Contracts with Foreign Undertakings  (TaylorWessing) The law "requires a guarantee that at the time of the submission of the offer they do not face any legal obligation to disclose confidential information, business or trade secrecies to foreign intelligence services. If disclosure obligations arise after the conclusion of the public contract, the supplier is obliged to inform the contracting authority that he will not be able to comply with the no spy obligation."

    Tech companies say NSA spying harms competitiveness  (USA Today) See above. 

    Taiwan Close to Completion of their Own Map for the South China Sea  (ASM) Maps can serve a variety of purposes.

Technology Platforms

UAVs

CBP Complies With Privacy Laws For UAS Surveillance, Audit Finds (HS Today)

Finally, Here's Every Organization Allowed to Fly Drones in the US  (MotherBoard)

Use of UAVs for Commercial Purposes in U.S.: Privacy Measures  (Spatial Law and Policy Blog)

America can’t lead the world in innovation if the FAA keeps dragging its feet on drone rules  (Washington Post) 

Shooting Your Neighbor's Drone May Be Illegal—And It May Not  (ReadWrite)

Internet of Things/Smart Grid/Intelligent Transportation Systems

National Highway Traffic Safety Administration Considers Privacy Implications for New Vehicle-to-Vehicle Technology  (Data Privacy Monitor)

Connected Cars – legal issues and hurdles!  (IPT Italy Blog)

Geolocation Privacy and the Smart Grid: Department of Energy's Proposed Voluntary Code of Conduct  (Spatial Law and Policy Blog)

Space-based Remote Sensing

The U.S. and India Sign a Collaboration Agreement for Earth Observation and Mars Exploration (Sensors & Systems)

Japan Launches Next-generation Weather Satellite  (SpaceNews)

China, Venezuela To Collaborate on New Earth Observing Satellite  (SpaceNews) 

Crowdsourcing

Missing Maps: nothing less than a human genome project for cities  (The Guardian)

Google’s Waze announces government data exchange program with 10 initial partners  (TNW) I have been saying for a while that the geo-ecosystem is increasingly one in which industry, government and the "crowd" are both data providers and data users, often at the same time. This is another example. What this means from a legal/policy standpoint is that a law/regulation that impacts one segment will likely impact the other segments as well. Many (most?) lawmakers are unaware of this unique aspect of geospatial community. 

Miscellaneous

Emerging Technology and Existing Law: Can Geofencing Provide Radio Webcasters a Workaround of Digital Performance Royalties?  An interesting article on the impact that geo can have on existing legal constructs.

Upcoming Programs

GEOGRAPHY2050  (November 19, 2014, New York, New York)

FAA Provides Guidance on Commercial Use of UAVs

Recently, the Federal Aviation Administration (FAA) granted several film and television production companies the right to use UAVs for filming. The FAA’s permission for such use is an exemption to the general prohibition in the U.S. on the use of UAVs for commercial purposes and were issued in response to written requests by these companies pursuant to Section 333 of the FAA Modernization and Reform Act of 2012 (“Section 333”). Section 333 grants the FAA the authority to determine whether certain UAVs can operate in the national airspace subject to certain requirements or conditions. According to published reports there have been approximately 40 such requests made and the FAA is trying to make a decision upon a request within 120 days of receipt.

The FAA letters granting approval are quite detailed (and technical). As a result, I have tried to identify the main requirements below:

• The UAV must weigh less than 55 pounds (25 Kg), including energy source(s) and equipment.
• The UAV may not be flown at a speed exceeding a ground speed of 50 knots.
• Flights must be operated at an altitude of no more than 400 feet above ground level.
• The UAV must be operated within visual line of sight (VLOS) of the Pilot-In-Command (PIC) at all times. This requires the PIC to be able to use human vision unaided by any device other than corrective lenses.
• All operations must utilize a visual observer (VO). The VO may be used to satisfy the VLOS requirement, as long as the PIC always maintains VLOS capability. The VO and PIC must be able to communicate verbally at all times.
• Prior to each flight the PIC must inspect the UAS to ensure it is in a condition for safe flight.
• The operator must follow the manufacturer’s UAS aircraft/component, maintenance, overhaul, replacement, inspection, and life limit requirements.
• The PIC must possess at least a private pilot certificate and at least a current third-class medical certificate. The PIC must also meet the flight review requirements for an aircraft in which the PIC is rated on his/her pilot certificate.  In addition, the PIC must have accumulated and logged:
• a minimum of 200 flight cycles and 25 hours of total time as a UAS rotorcraft pilot and at least ten hours logged as a UAS pilot with a similar UAS type; and,
• a minimum of five hours as UAS pilot operating the make and model of the UAS to be utilized for operations under the exemption and have conducted three take-offs and three landings in the preceding 90 days.
• The UAV may not be operated directly over any person, except authorized and consenting personnel, or below an altitude that is hazardous to persons or property on the surface.
• The operator must ensure that persons are not allowed within 500 feet of the area except those consenting to be involved and necessary.
• The UAS must abort the flight in the event of unpredicted obstacles or emergencies in accordance with the operator’s manual.
• Each UAS operation must be completed within 30 minutes flight time or with 25 battery power remaining, whichever occurs first.
• The UAV must yield the right of way to all other manned operations and activities at all times.
• The operator must obtain an Air Traffic Organization (ATO) issued Certificate of Waiver or Authorization (COA) prior to conducting any operations under this grant or exemption.
• UAS operations may not be conducted during night.
• The UAS cannot be operated by the PIC from any moving device or vehicle.
• The UAV may not operate in Class B, C, or D airspace without written approval from the FAA.
• At least three days before flying, the operator of the UAS affected by this exemption must submit a written Plan of Activities to the local Flights Standards District Office (FSDO), to include:

• A statement that the operator has obtained permission from property owners and/or local officials; and,
• A description of the flight activity, including maps or diagrams of any area, city, town, county, and/or state over which filming will be conducted and the altitudes essential to accomplish the operation.

            The FAA has taken an important first step in allowing the use of UAVs for commercial purposes in the U.S. The permissions that have been granted are limited, as they only apply to the specific companies that made the requests. However, they are useful in identifying the steps the FAA currently consider to be critical for operating UAVs.  Until the FAA proposes definitive regulations, companies that make a Section 333 request to operate UAVs for commercial purposes in the U.S. should expect to be subject to similar constraints or identify alternatives that address the FAA’s safety and operational concerns. 

The Role of Trust and the Future of Augmented Reality

On March 26, I spoke to the Augmented Reality Community meeting held in conjunction with the Open Geospatial Consortium (OGC) Technical and Planning Committee meeting held in Arlington, Virginia.  Quite understandably, the subject of trust and Augmented Reality (A/R) quickly turned to privacy. 

I had a hard time coming up with what to say on this subject.  First, because Augmented Reality can /and will involve many diverse technologies and applications. Second, because concerns over A/R technologies often drown out discussions regarding the value of many A/R applications.  

So I began my talk at the beginning - by breaking down the elements of A/R.  Augmented  Reality  is defined on Wikipedia as "a live, copy or view of a physical, real-world environment whose elements are augmented (or supplemented) by computer-generated sensory input such as sound, video, graphics or GPS data."

Breaking it down, what are the privacy concerns in "reality"? I would suggest there are two primary issues for the A/R community to consider in this area:

1.    Historically there have been different expectation of privacy when a person is in public then when they are are in a private place.  However those expectations are beginning to change; more and more courts, regulators, policymakers, academics, privacy advocates and even technologists are redefining the what expectations of privacy in public should be reasonable give new technological capabilities. 

2.    What are the privacy expectations with respect to an object? Increasingly there have been growing expectations of privacy with objects, such as mobile phones.  How will this translate to other objects, such as automobiles, or the outside of homes. 

.        Next, what are the privacy concerns associated with augmentation - "the elements are augmented (or supplemented) by computer-generated sensory input such as sound, video, graphics or GPS data."  I would suggest there are two primary issues for the A/R community to consider with respect to augmentation. 

1.    Are you augmenting with public input (data) or private input (data)? Obviously there is a greater private concern associated with private data. However, there are increasingly concerns with public data as well. For example, the New York newspaper that posted a controversial interactive map of publicly available names and addresses of registered gun owners. 

2.    What is the definition of “public” data?     Social media is pushing the limits of what has is considered public and what is private. However, do people appreciate how available the posted information will be become and how it might be used? Are some types of social media more “public”?

Based upon this analysis, I came up with three questions that I believe the A/R community should consider when building applications and use cases.   These questions can help define the framework in which to determine the potential impact of A/R in a market/jurisdiction. Also, should expect that the answers will change over time, and in some cases will be “individual”-specific, such as when a minor is involved.

1.    If/when does the display of augmented public data of someone who is in the public violate that individual’s privacy?

2.    If/when does the use or sharing of augmented public data of someone who is in public violate that individual’s privacy?

3.    Is there ever a time when the display and/or use of augmented private data of someone who is in private worth the potential/perceived violation of that individual’s privacy?   If the answer is yes, when is it appropriate by whom?

UAVs in the US: My Perspective

A number of people have been asking me  for my thoughts on the legal issues associated with the use of UAVs in the United States in light of a couple of recent articles. (See e.g , FAA Says Commercial Drone Operations are Illegal . . Public Says So What? and Busting the FAA's "Myth Busting Document".) Clearly, there are a number of what I would deem technical/safety issues associated with integrating UAVs into the existing legal and policy framework surrounding aircraft. These include issues such as licensing, spectrum, training, etc. I don't mean do downgrade the importance of these issues in order to facilitate the broad adoption of UAV use in the U.S., however my sense is that the Federal Aviation Administration (FAA) is quite capable of coming up with regulations and policies that although not perfect, will be something that will satisfy many - if not most - stakeholders.  Moreover, it will almost certainly be a national standard that will provide for predictability and uniformity, which are important to most stakeholders (businesses and government agencies that wish for greater use of UAVs in the U.S.)

I believe the more troublesome issues are, and will be for some time, associated with UAVs that are used to collect information (of any kind).  First, because it is unclear whether the FAA has the authority or the internal capability to develop regulations around such issues as privacy, data ownership and data protection. Second, because the existing laws and policies on these issues in the U.S.are outdated, in a state of flux and/or often misunderstood. Third, because the issue is a  sensitive topic across the political spectrum; the left and the right are both concerned about who will collect the information and how it will be used. Finally, because there are so many other government authorities that have, or hope to have a say on these issues, including the Federal Trade Commission, state authorities and the courts (federal and state).

The result in the near term is likely to be a patchwork of inconsistent and in some cases conflicting laws and regulations as to what is required in order to begin collecting information, what information can be collected and how it can be used. The challenge for organizations that wish to collect such information will be to work through this legal and regulatory minefield in a manner that maximizes the benefits while minimizing the legal risks. Unfortunately for the FAA, it will sit in the middle of that likely mess and will continue to take much of the blame. 

I am not surprised to hear that there are those who question the FAA's ability (or willingness) to restrict some commercial use of UAVs. I imagine that the FAA is unlikely to challenge the use of very small UAV's, flown at low altitudes, over private property, for limited purposes, with the informed consent of the owner, even for "commercial purposes".  However, I do believe that in the near term the further one moves away from those set of conditions, the more likely you are to run up against some legal or regulatory authority.