In a recently issued Presidential Memorandum, President Obama included privacy guidelines for the federal government’s use of unmanned aircraft systems (“UAS”) in the United States.
Issued on February 15, 2015, and titled, “Promoting Economic Competitiveness While Safeguarding Privacy, Civil Rights, and Civil Liberties in Domestic Use of Unmanned Aircraft Systems,” the Memorandum states that where a UAS is a platform used by a federal agency to collect information, such collection must be done in a manner that is consistent with the U.S. Constitution and the Privacy Act of 1974 (5 U.S.C. § 552a) (the “Privacy Act”). The Memorandum also lists specific policies that federal agencies are to employ in the use of UAS in the following areas: privacy protections, civil rights and civil liberties protections, accountability, transparency, and reports.
In the area of privacy protections, federal agencies that use UAS “shall only collect information using UAS, or use UAS-collected information, to the extent that such collection or use is consistent with and relevant to an authorized purpose.” In addition, information collected using UAS that may contain personally identifiable information is not to be retained for more than 180 days unless retention of the information is (i) determined to be necessary to an authorized mission of the retaining agency; (ii) maintained in a system of records covered by the Privacy Act; or (iii) required to be retained for a longer period by any other applicable law or regulation.
This is particularly disconcerting to privacy advocates given the increased domestic use of UAS. The federal agency Customs and Border Protection, which has the largest domestic UAS fleet outside the Defense Department, has been increasingly lending its fleet to federal, state and local law enforcement agencies for domestic surveillance operations: Customs and Border Protection flew nearly 700 such surveillance missions on behalf of other agencies from 2010 to 2012.
Citizens attempting to enforce the provisions of the Memorandum against a specific agency will most likely be limited to resorting to the Privacy Act in doing so. While the Privacy Act is intended to safeguard the privacy interests of Americans from intrusion by federal agencies, there are various exceptions available to law enforcement agencies that make such enforcement challenging.
In addition, it is unlikely that the Privacy Act provisions will allow an individual to sue an agency for not enacting the privacy provisions described in the Memorandum in a timely manner, or at all. The most effective way to encourage an agency to create such privacy provisions may be through public comment of proposed rules and public petitions for rulemaking. For example, the public has the right to request the Federal Aviation Administration to initiate notice and comment rulemaking for the purpose of adding a new regulation via the submission of public petitions. While the Administrative Procedure Act of 1946 laid out the basic framework under which such rulemaking is to be conducted, each federal agency has discretion to set its own rules for public rulemaking petitions which would have to be navigated by an individual submitting such a petition.
Regarding the legal force of the Memorandum, a Presidential Memorandum has the same legal effect as an Executive Order and can be legally challenged on the same basis. In order for a Presidential Memorandum to be upheld, it must find support in the U.S. Constitution, either in a clause granting the President specific power or by a delegation of power by Congress to the President.
A copy of the Presidential Memorandum can be found here.