Inquiry finds drones a threat to citizen privacy

A House of Representatives committee investigating the emerging use of drones has urged the Australian Government to introduce legislation which would protect citizens from “privacy-invasive technologies”.

The seven-month inquiry [pdf] was tasked with determining whether regulation was keeping up with the rapid adoption of emerging technologies such as unmanned aerial vehicles (UAVs). 

It found that drones had the potential to be misused, both by the general public as well as law enforcement operators, due to complexities and gaps in the existing regulatory framework. 

The problem will be exacerbated as unregulated, consumer-grade remotely piloted aircraft (RPA) become cheaper and more advanced, the inquiry concluded.

The committee offered a handful of “starting point” recommendations which would provide a harmonised regulatory approach to protecting Australians from “malicious drone use” while allowing the emerging industry to grow. 

It advised the Government introduce new laws by July 2015 which would protect Australians from intrusion into their private affairs.

The committee recommended the Government base its draft legislation on a proposal made by the Australian Law Reform Commission, which recommended as part of its own investigation into privacy in the digital era that the Government consider a 'serious invasion of privacy' as a tort. 

The tort would apply in instances where a person had a reasonable expectation of privacy and would be confined to intentional or reckless invasions.

It would define two types of fault – intrusion upon a person’s seclusion or private affairs, and misuse or disclosure of private information. 

“Remotely piloted aircraft (RPAs) have the potential to pose a serious threat to Australians’ privacy. They can intrude on a person’s or a business’s private activities either intentionally, as in the case of deliberate surveillance, or inadvertently in the course of other activities like aerial photography, traffic monitoring or search and rescue.

“As RPAs become cheaper and more capable, and as the instruments they carry become more sensitive, they will provide governments, companies and individuals with the cost-effective capability to observe and collect information on Australians, potentially without their knowledge or consent."

- House of Representatives Standing Committee on Social Policy and Legal Affairs

Gaps in the Privacy Act and the Commonwealth Surveillance Devices Act, coupled with inconsistencies in various state and territory statutes currently offers limited privacy protection against invasive use of RPAs, the report said.

And while the development of a voluntary privacy policy by commercial drone operators through the Australian Certified UAV Operators Association was “commendable”, the committee decided that regulatory change would still be necessary.

The committee also signalled concern at the possibility of abuse by law enforcement agencies, who are currently able to use drones for cheap and widespread surveillance without needing a warrant.

The committee said while the Australian Federal Police and the Queensland Police had both indicated they had no current plans to use drones for surveillance purposes, the “regulatory gap remains a concern” - given that the existing Commonwealth Surveillance Devices Act does not impede the deployment of drones for surveillance by law enforcement.

“However it is apparent that, given the rate at which RPA technology is developing, Australia’s law enforcement agencies will soon have access to cost-effective mass surveillance technology. 

“This is an issue where technology appears to have surpassed situations envisaged when the relevant regulations were drafted, and confirms the need for regulatory review.”

Since Australia’s surveillance laws were “not designed with this capability in mind,” the committee suggested the use of RPAs for surveillance be subject to a rigorous approval process. 

It also recommended the Government review the adequacy of existing relevant legislation, and co-ordinate with COAG partners to harmonise RPA use by law enforcement across jurisdictions.

Australia has around 110 commercial RPA operators certified by the Civil Aviation Safety Authority, according to the agency, with another 40 applications currently in process. 

CASA is also conducting its own independent review of legislation governing unmanned aeronautical activities, and is expected to release its regulatory changes in a notice of final rule making later this year.