Do you think the person who made this video broke the law?
That’s the question Adam Ringle, a security and emergency services expert, asked the audience during his keynote Monday at the Data Center World Global conference in Las Vegas.
The answer is no, but there’s some subtlety here. While flying a drone over a private property like Walmart data center in the video above is not a criminal act, it is a violation of FAA rules. FAA, or Federal Aviation Administration, has seen its airspace regulation duties expand greatly in recent years with the explosion in the use of drones.
Ringle, who runs a security and emergency services consulting and training practice, was at Data Center World to educate data center operators about the potential security threats Unmanned Aerial Systems can pose to facilities they operate, what they can do to protect themselves from those threats, and how they can use the technology themselves to improve security.
A $10,000 thermal camera attached to a drone can easily map what’s inside your data center from the air using thermal imaging technology, he said. And that’s just one of the potential threats.
According to Ringle, the known and common drone threats are:
- Corporate espionage
- Contraband delivery
- Weaponized systems
- Delivery of hazardous materials or explosives
- Facility infiltration
- Hacking and spying
- Theft of data with raspberry or snooping
- Privacy issues
- Airspace conflicts
- Mechanical failure
Like with any new technology, it takes some time for the law to catch up, and the legal framework for drone operation is still taking shape. The only case law on this subject is 60 years old.
United States v. Causby was a 1946 case, in which a farmer sued the government for trespassing, because low-flying military planes caused his chickens to throw themselves against walls and die. The court ruled that Causby was owed compensation, but the majority opinion also established that a landowner had control of “as much of the space above the ground as he can occupy or use in connection with the land.”
“That is the only case law that exists on this topic,” Ringle said.
The FAA, however, has already devised guidelines for consumer, commercial, and government operators of UASs. There are also different rules for different types and sizes of drones. Data center operators, he said, should get familiar with these rules and create policies for dealing with unwelcome visitors from above.
If you see a drone flying above your data center, but you don’t see the pilot, for example, they are probably violating FAA rules. If you do see the pilot, they are obligated to show you their FAA documentation if you ask them.
FAA also mandates that UASs must stay a certain distance away from buildings. “Technically, they can’t fly it close to your building, period,” without certain FAA approvals, Ringle said.
Some data center operators may also think about integrating the use of drones into their own security programs. There are drones, for example, that can bring down an unwanted UAS by dropping a net with weights on it, which disables the rotors.
One important initiative is NoFlyZone, which maintains a database of private properties whose owners don’t want drones flying over them. The organization maintains a database of GPS locations of these properties and drone makers who participate program their drones to avoid those locations.
Home owners can sign up for free at www.noflyzone.org. Currently, the initiative is limited to homes, but a paid subscription model for businesses is in the works, Ringle said.
Join 2,000 of your peers at Data Center World Global 2016, March 14-18, in Las Vegas for a real-world, “get it done” approach to converging efficiency, resiliency and agility for data center leadership in the digital enterprise. More details on the Data Center World website.