Unmanned Aircraft System Test Site Program, 68360-68364 [2013-27216]
Download as PDF
<![CDATA[
68360
Federal Register / Vol. 78, No. 220 / Thursday, November 14, 2013 / Rules and Regulations
(h) Other FAA AD Provisions
The following provisions also apply to this
AD:
(1) Alternative Methods of Compliance
(AMOCs): The Manager, Standards Office,
FAA, has the authority to approve AMOCs
for this AD, if requested using the procedures
found in 14 CFR 39.19. Send information to
ATTN: Mike Kiesov, Aerospace Engineer,
FAA, Small Airplane Directorate, 901 Locust,
Room 301, Kansas City, Missouri 64106;
telephone: (816) 329–4144; fax: (816) 329–
4090; email: mike.kiesov@faa.gov. Before
using any approved AMOC on any airplane
to which the AMOC applies, notify your
appropriate principal inspector (PI) in the
FAA Flight Standards District Office (FSDO),
or lacking a PI, your local FSDO.
(2) Airworthy Product: For any requirement
in this AD to obtain corrective actions from
a manufacturer or other source, use these
actions if they are FAA-approved. Corrective
actions are considered FAA-approved if they
are approved by the State of Design Authority
(or their delegated agent). You are required
to assure the product is airworthy before it
is returned to service.
(i) Special Flight Permit
Special flight permits are permitted with
the following limitation: Aerobatic
maneuvers are prohibited until the actions of
the AD are complied with.
TKELleY on DSK3SPTVN1PROD with RULES
(j) Related Information
Refer to MCAI European Aviation Safety
Agency (EASA) AD No.: 2012–0228R1, dated
November 13, 2012, for related information.
You may examine the MCAI on the Internet
at https://www.regulations.gov by searching
for and locating it in Docket No. FAA–2013–
0939.
(k) Material Incorporated by Reference
(1) The Director of the Federal Register
approved the incorporation by reference
(IBR) of the service information listed in this
paragraph under 5 U.S.C. 552(a) and 1 CFR
part 51.
(2) You must use this service information
as applicable to do the actions required by
this AD, unless the AD specifies otherwise.
(i) Alenia Aermacchi Una Societa
Finmeccanica Mandatory Bollettino Tecnico
(English Translation: Technical Bulletin) No.
205B65, Revision 1, dated November 12,
2012.
(ii) Alenia Aermacchi Una Societa
Finmeccanica Mandatory Bollettino Tecnico
(English Translation: Technical Bulletin) No.
260SB–136, Revision 1, dated November 12,
2012.
(3) For service information identified in
this AD, contact Alenia Aermacchi S.p.A, Via
Paola Foresio, 1, 21040 Venegono Superiore
(Varese)—Italy; telephone: 0331–813111; fax:
0331–827595; Internet: https://
www.aleniaaermacchi.it/en-US/Pages/
custsupp.aspx.
(4) You may view this referenced service
information at the FAA, Small Airplane
Directorate, 901 Locust, Kansas City,
Missouri 64106. For information on the
availability of this material at the FAA, call
(816) 329–4148.
(5) You may view this service information
that is incorporated by reference at the
VerDate Mar<15>2010
15:50 Nov 13, 2013
Jkt 232001
National Archives and Records
Administration (NARA). For information on
the availability of this material at NARA, call
202–741–6030, or go to: https://
www.archives.gov/federal-register/cfr/ibrlocations.html.
Issued in Kansas City, Missouri, on
October 31, 2013.
Earl Lawrence,
Manager, Small Airplane Directorate, Aircraft
Certification Service.
[FR Doc. 2013–26681 Filed 11–13–13; 8:45 am]
BILLING CODE 4910–13–P
DEPARTMENT OF TRANSPORTATION
Federal Aviation Administration
14 CFR Part 39
RIN 2120–AA64
Airworthiness Directives; Rolls-Royce
plc Turbofan Engines
The FAA is correcting an
airworthiness directive (AD) that
published in the Federal Register. That
AD applies to all Rolls-Royce plc (RR)
RB211–535E4–B–37 series turbofan
engines. The AD number is incorrect in
the Regulatory text. This document
corrects that error. In all other respects,
the original document remains the
same.
SUMMARY:
This final rule is effective
November 7, 2013.
ADDRESSES: You may examine the AD
docket on the Internet at https://
www.regulations.gov; or in person at the
Docket Management Facility between 9
a.m. and 5 p.m., Monday through
Friday, except Federal holidays. The AD
docket contains this AD, the regulatory
evaluation, any comments received, and
other information. The address for the
Docket Office (phone: 800–647–5527) is
Document Management Facility, U.S.
Department of Transportation, Docket
Operations, M–30, West Building
Ground Floor, Room W12–140, 1200
New Jersey Avenue SE., Washington,
DC 20590.
FOR FURTHER INFORMATION CONTACT:
Robert Green, Aerospace Engineer,
Engine Certification Office, FAA, Engine
& Propeller Directorate, 12 New England
Executive Park, Burlington, MA 01803;
phone: 781–238–7754; fax: 781–238–
7199; email: robert.green@faa.gov.
DATES:
Fmt 4700
Sfmt 4700
[Corrected]
In the Federal Register of October 3,
2013, on page 61173, in the first
column, lines 4 and 5, under § 39.13
[Amended] of AD 2013–19–17, are
corrected to read as follows:
*
*
*
*
*
2013–19–17 Rolls-Royce plc: Amendment
39–17599; Docket No. FAA–2013–0029;
*
Federal Aviation
Administration (FAA), DOT.
ACTION: Final rule; correction.
AGENCY:
Frm 00034
Correction of Regulatory Text
§ 39.13
[Docket No. FAA–2013–0029; Directorate
Identifier 2013–NE–01–AD; Amendment 39–
17599; AD 2013–19–17]
PO 00000
SUPPLEMENTARY INFORMATION:
Airworthiness Directive 2013–19–17,
Amendment 39–17599 (78 FR 61171,
October 3, 2013), currently requires
removal of affected parts using a
drawdown plan for all RR RB211–
535E4–B–37 series turbofan engines.
As published, the AD number 2013–
19–17 under § 39.13 [Amended], is
incorrect.
No other part of the preamble or
regulatory information has been
changed; therefore, only the changed
portion of the final rule is being
published in the Federal Register.
The effective date of this AD remains
November 7, 2013.
*
*
*
*
Issued in Burlington, Massachusetts, on
October 25, 2013.
Colleen M. D’Alessandro,
Assistant Directorate Manager, Engine &
Propeller Directorate, Aircraft Certification
Service.
[FR Doc. 2013–27190 Filed 11–13–13; 8:45 am]
BILLING CODE 4910–13–P
DEPARTMENT OF TRANSPORTATION
Federal Aviation Administration
14 CFR Part 91
[Docket No. FAA–2013–0061]
Unmanned Aircraft System Test Site
Program
Federal Aviation
Administration (FAA), DOT.
ACTION: Notice of availability of final
privacy requirements for the unmanned
aircraft system (‘‘UAS’’) test site
program; response to comments.
AGENCY:
On February 22, 2013 the
FAA published and requested public
comment on the proposed privacy
requirements (the ‘‘Draft Privacy
Requirements’’) for UAS test sites (the
‘‘Test Sites’’) that the FAA will establish
pursuant to the FAA Modernization and
Reform Act of 2012 (‘‘FMRA’’). This
document responds to the public
comments received and publishes the
FAA’s final privacy requirements for the
Test Sites (the ‘‘Final Privacy
Requirements’’).
SUMMARY:
E:\FR\FM\14NOR1.SGM
14NOR1
Federal Register / Vol. 78, No. 220 / Thursday, November 14, 2013 / Rules and Regulations
November 14, 2013.
You may review the public
docket for this rulemaking (Docket No.
FAA–2013–0061) on the Internet at
https://www.regulations.gov. You may
also review the public docket at the
Docket Management Facility in Room
W12–140 of the West Building Ground
Floor at 1200 New Jersey Avenue SE.,
Washington, DC 20590–0001 between 9
a.m. and 5 p.m., Monday through
Friday, except Federal holidays.
FOR FURTHER INFORMATION CONTACT: For
technical questions concerning the test
site program, contact Elizabeth Soltys,
Unmanned Aircraft Systems Integration
Office, Federal Aviation Administration,
800 Independence Avenue SW.,
Washington, DC 20591; email: 9-ACTUASTSS@faa.gov.
For legal questions concerning the
FAA’s privacy requirements for the Test
Sites contact Carlos Siso, Office of the
Chief Counsel, Federal Aviation
Administration, 800 Independence Ave.
SW., Washington, DC 20591; email: 9AGC-UASPrivacy@faa.gov.
SUPPLEMENTARY INFORMATION: This
document summarizes and responds to
the public comments received in
response to the following Federal
Register documents seeking public
comment on the Draft Privacy
Requirements for the Test Sites:
(i) Notice of availability and request
for comments published in the Federal
Register on February 22, 2013 (78 FR
12259), Docket No. FAA–2013–0061–
0001; and
(ii) Notice of public engagement
session published in the Federal
Register on March 28, 2013 (78 FR
18932), Docket No. FAA–2013–0061–
0050.
In addition, this document publishes
the FAA’s Final Privacy Requirements
for the Test Sites which are set forth
under the ‘‘Conclusion’’ section below.
DATES:
TKELleY on DSK3SPTVN1PROD with RULES
ADDRESSES:
Discussion of Comments
The FAA received 99 comments
through Regulations.gov and 53
comments through the public
engagement session. A transcript of the
public engagement session is available
at: https://www.faa.gov/about/initiatives/
uas/media/UAStranscription.pdf.
Public comments ranged from
recommending that the FAA not impose
any privacy requirements on the Test
Sites to recommending that the FAA
impose extensive privacy requirements
on the Test Sites. The FAA also received
comments that were not responsive to
the notice or that were unclear.
The FAA analyzed the responsive
comments and grouped them into ten
categories. The following sections
address the comments by category.
VerDate Mar<15>2010
15:50 Nov 13, 2013
Jkt 232001
(1) The FAA should focus on its safety
mission; it should not engage in
regulating privacy.
The FAA received a number of
comments advocating that the FAA
should focus on its safety mission and
should not engage in regulating privacy.
The following comments were received:
• The FAA should focus on safety;
• Regulating privacy is outside the
FAA’s mission;
• The FAA does not have statutory
authority to regulate privacy;
• The FAA does not have the
authority to impose privacy
requirements on the Test Sites;
• The FAA should allow privacy to
be addressed by other more appropriate
government bodies including: Federal
agencies that have expertise and
authority to deal with privacy concerns;
Congress; state or local legislative
bodies; and the judicial system;
• The Federal Government should not
regulate privacy impacts of UAS; these
issues should be left to states, cities, and
counties to address;
• The FAA should only require
compliance with privacy laws that are
already in place and focus on
developing safe operation of UAS;
• The FAA should not deny access to
the national airspace for reasons other
than safety;
• Existing privacy laws are sufficient
to cover the responsible use of UAS.
There already exist Federal, state and
other laws that protect privacy. In
addition, tort law may also provide
avenues of recourse for plaintiffs to
protect their privacy rights;
• The FAA should not implement
privacy regulations that make entry into
the market prohibitive for small
businesses;
• The FAA should not allow privacy
issues to hinder commercialization of
UAS;
• There is no evidence that the
operations at the Test Sites will harm
privacy interests. Restricting activities at
the test sites at this early stage will
likely overprotect privacy at the expense
of innovation;
• The FAA should afford adequate
time for non-governmental solutions
such as industry norms and practices to
develop before intervening
administratively to protect privacy.
These less restrictive solutions will
reduce the need for administrative
intervention and will allow for
increased innovation in the national
airspace;
• Requiring Test Site operators to
develop privacy policies that are
informed by Fair Information Practice
Principles is onerous for commercial
PO 00000
Frm 00035
Fmt 4700
Sfmt 4700
68361
operators of UAS and its cost will likely
outweigh any hypothetical benefits;
• Requiring Test Site operators to
issue privacy policies informed by Fair
Information Practice Principles will
limit the diversity of data that will
inform integration of UAS into the
national airspace. The FAA’s approach
would exclude an important possible
alternative from the discussion: some
operators might choose not to issue a
privacy policy or adopt a non-FIPPscompliant policy; and
• The FAA should treat data gathered
by UAS no differently than data
gathered by a manned aircraft or by
other electronic means. There is no
significant difference in terms of
surveillance between a UAS and a
manned aircraft, and manned aircraft
are permitted to operate in the national
airspace with cameras.
Response: The FAA’s mission is to
provide the safest, most efficient
aerospace system in the world and does
not include regulating privacy. At the
same time, the FAA recognizes that
there is substantial debate and
difference of opinion among policy
makers, industry, advocacy groups, and
members of the public as to whether
UAS operations at the Test Sites will
raise novel privacy issues that are not
adequately addressed by existing legal
frameworks.
The FAA will require the Test Site
operators to comply with the Final
Privacy Requirements. Congress
mandated that the FAA establish the
Test Sites to further UAS integration
into the national airspace system. The
Final Privacy Requirements advance
this purpose by helping inform the
dialogue among policymakers, privacy
advocates, and industry regarding the
impact of UAS technologies on privacy.
The FAA’s authority for including the
Final Privacy Requirements in the Test
Site OTAs is set forth in 49 U.S.C.
106(l)(6). That statute authorizes the
FAA Administrator to enter into an
OTA ‘‘on such terms and conditions as
the Administrator may consider
appropriate.’’ The FAA believes that it
is appropriate to require Test Site
operators to comply with the Final
Privacy Requirements.
(2) The FAA should require warrants
before law enforcement can use UAS in
the Test Sites to conduct surveillance or
gather evidence.
The FAA received a variety of
comments advocating that:
• The FAA should include provisions
in the OTA that require warrants to be
obtained when UAS are used to conduct
surveillance or gather evidence within
the Test Site; and
E:\FR\FM\14NOR1.SGM
14NOR1
TKELleY on DSK3SPTVN1PROD with RULES
68362
Federal Register / Vol. 78, No. 220 / Thursday, November 14, 2013 / Rules and Regulations
• The OTA include appropriate
safeguards to protect Fourth
Amendment rights at and around our
national borders.
Response: The FAA’s mission is to
provide the safest, most efficient
aerospace system in the world. The FAA
is establishing the UAS Test Sites
consistent with its mission and the
direction in the FMRA. The FAA
appreciates the commenters’ concerns.
Accordingly, the final privacy
requirements provide that the Site
Operator and its team members must
comply with all applicable privacy
laws.
(3) The FAA should mandate specific
privacy requirements for the Test Sites.
The FAA received a variety of
comments advocating that the FAA
mandate specific privacy requirements
for the Test Sites. The recommendations
included the following:
• The FAA should specify minimum
privacy requirements and require each
Test Site to comply with them;
• The FAA should mandate
compliance with Fair Information
Practice Principles for all Test Site
operators;
• The FAA should establish
prohibitions on where UAS can operate
within a Test Site and the kinds of
surveillance activities that UAS conduct
at the Test Sites;
• The FAA should require all UAS
flown at the Test Sites to have
unencrypted down links so that all their
data collection can be viewed by the
public, including records contained
onboard and recovered after landing;
• The FAA should require each Test
Site operator to conduct a full Privacy
Impact Assessment;
• The FAA should require each Test
Site operator to establish a Chief Privacy
Officer and centralize privacy
responsibilities in that person;
• The FAA should require each Test
Site operator to establish a privacy
advisory committee to review proposed
UAS research at the Test Sites for
privacy concerns;
• The FAA should require each Test
Site operator to provide a detailed
response to public input it receives
regarding the Test Site’s privacy policy;
• The FAA should prohibit the
sharing of recorded surveillance footage
beyond the scope of its original purpose;
• The FAA should prohibit UAS in
the Test Sites from flying below a
minimum altitude;
• The FAA should prohibit UAS in
the Test Sites from carrying any
equipment that could be used to
conduct surveillance;
• The FAA should limit the use of the
data collected at the Test Sites;
VerDate Mar<15>2010
15:50 Nov 13, 2013
Jkt 232001
• The FAA should prohibit (i) the use
of Test Sites for government
surveillance, and (ii) sharing data
collected with law enforcement for the
purpose of investigating or prosecuting
a crime;
• The FAA should limit the type of
data that can be collected by UAS at the
Test Sites including limiting the
resolution of visual imagery that UAS
can collect, prohibiting recording of
audio data, and restricting the ability to
collect WiFi and cellular signals;
• The FAA should require Test Site
operators to provide data on the payload
of each UAS flown at the Test Site
including specific information on the
data the payload is capable of collecting;
• The FAA should mandate privacy
policies that require deletion of
collected data within a certain time
period;
• The FAA should prohibit the Test
Site operator and UAS operators at the
Test Sites from retaining any data
collected longer than is necessary to
fulfill the purpose of the Test Site;
• The FAA should require UAS
operators to file data collection
statements with the FAA for UAS
operations that involve remote sensing
and signals surveillance from the UAS
platform; and
• The FAA should require UAS
operating at altitudes over 400 feet to
carry an automatic dependent
surveillance-broadcast transponder
(ADS–B Out) so that UAS operations
can be tracked.
Response: The FAA’s mission is to
provide the safest, most efficient
aerospace system in the world.
Although there is a long history of
placing cameras and other sensors on
aircraft for a variety of purposes—news
helicopters, aerial surveys, film/
television production, law enforcement,
etc.—the FAA is not, through awarding
and supervising these Test Sites, taking
specific views on whether or how the
Federal Government should regulate
privacy or the scope of data that can be
collected by manned or unmanned
aircraft.
There was substantial difference of
opinion among commenters as to
whether UAS operations and manned
aircraft operations present different
privacy issues that justify imposing
special privacy restrictions on UAS
operations at the Test Sites. In addition,
there was substantial difference of
opinion among commenters regarding
what elements would be appropriate for
a Test Site privacy policy. Based on the
comments received, the FAA will
require Test Sites to comply with the
following requirements in addition to
PO 00000
Frm 00036
Fmt 4700
Sfmt 4700
those described in the Draft Privacy
Requirements:
(1) Test site operators must maintain
a record of all UAS operating in the test
sites;
(2) Test site operators must require
every UAS operator in the Test Site to
have a written plan for the operator’s
use and retention of data collected by
the UAS; and
(3) Test site operators must conduct
an annual review of test site operations
to verify compliance with stated privacy
policy and practices and share those
outcomes annually in a public forum
with an opportunity for public feedback.
The above are reflected in the Final
Privacy Requirements.
The FAA has determined that it
should not impose privacy requirements
beyond those in the Final Privacy
Requirements for the following reasons.
First, there are many privacy laws and
applications of tort law that may
address some of the privacy issues that
arise from UAS operations at the Test
Sites.
Second, the FAA believes that Test
Sites operators will be responsive to
local stakeholders’ privacy concerns and
will develop privacy policies
appropriately tailored to each Test Site.
The selection criteria for the Test Sites
specify that only a ‘‘public entity’’ can
serve as a Test Site operator. The term
‘‘public entity’’ is defined in the
selection criteria to mean ‘‘(A) any State
or local government; (B) any
department, agency, special purpose
district, or other instrumentality of a
State or States or local government; and
(C) the National Railroad Passenger
Corporation, and any commuter
authority.’’ The FAA expects that public
entities will be responsive to
stakeholder concerns.
Third, if UAS operations at a Test Site
raise privacy concerns that are not
adequately addressed by the Test Site’s
privacy policies, elected officials can
weigh the benefits and costs of
additional privacy laws or regulations.
Forty-three states have already enacted
or are considering legislation regulating
use of UAS. See Drone Legislation All
the Rage; Varies Widely Across 43
States, According to WestlawNext, June
17, 2013, available at: https://
thomsonreuters.com/press-releases/
062013/drone_legislation_varies_
across_states_according_to_Westlaw.
(4) The FAA should conduct audits of
the Test Sites to ensure compliance with
privacy policies.
Various commenters recommended
that the FAA should audit each Test
Site to ensure compliance with the
privacy policies in the OTA.
E:\FR\FM\14NOR1.SGM
14NOR1
TKELleY on DSK3SPTVN1PROD with RULES
Federal Register / Vol. 78, No. 220 / Thursday, November 14, 2013 / Rules and Regulations
Response: Each Test Site will be
operated by a public entity (see
response to Category 3 above). The FAA
expects that the public entity operating
each test site will already be subject to
oversight and audit requirements. The
FAA does not believe that it is
appropriate for the FAA to impose
additional audit requirements on the
Test Site operators.
(5) The FAA should require Test Site
operators to keep records that will allow
for effective citizen participation and
reporting of privacy violations.
One commenter recommended that
the FAA require Test Site operators to
keep accurate, detailed, frequent, and
accessible records to allow for effective
citizen participation and reporting of
privacy violations.
Response: Each Test Site operator will
be a public entity (see response to
Category 3 above). Public entities are
generally subject to laws that establish
record keeping requirements and
provide the public access to records.
The FAA does not believe that it is
appropriate for the FAA to impose
additional record keeping requirements
on the Test Site operators other than
those specified in the Final Privacy
Requirements.
(6) The FAA should establish a
searchable database or registry of UAS
operators and operations at the Test
Sites.
The FAA received a variety of
comments advocating that:
• The FAA should create a public,
searchable database or registry of all
UAS operators. Some commenters
recommended that the database include
information about surveillance
equipment used and the operator’s data
collection practices;
• The FAA should require UAS
operators at the Test Sites to provide
public statements describing the
surveillance equipment that will be
carried by a UAS, the geographical area
where the UAS will be operated, and
the purposes for which the UAS will be
deployed; and
• The FAA should establish a means
for the public to access the data on UAS
flights collected by the FAA.
Response: The FAA believes that it is
not appropriate for the FAA to create a
public registry or database of UAS
operations at the Test Sites. However,
the FAA has included a contractual
provision in the Final Privacy
Requirements that will require each Test
Site operator to maintain a record of all
UAS operating at the Test Site.
(7) The FAA should modify its Test
Site selection criteria to take into
account privacy concerns.
VerDate Mar<15>2010
15:50 Nov 13, 2013
Jkt 232001
Various commenters recommended
that the FAA revise its selection criteria.
Suggestions included the following:
• The FAA should choose an
applicant that has an established UAS
research program with active
engagement with UAS privacy issues;
• The FAA should choose at least one
Test Site in a state with strong privacy
protective UAS laws and regulations;
• The FAA should select one or more
Test Sites in or near a densely
populated urban area in order to avoid
a bias towards privacy issues relevant
for rural UAS operations; and
• The FAA should consider the
privacy track record of applicants as
part of the selection process.
Response: The FAA believes that it is
not appropriate to modify the Test Site
selection criteria to include the
recommended privacy considerations.
Applicants have already submitted
complete applications based on the
announced selection criteria and the
application period has closed.
The FAA published the Test Site
selection criteria and application
instructions on February 14, 2013 on
https://faaco.faa.gov under Solicitation
number DTFACT–13–R–00002. The
selection criteria incorporate the factors
that Congress directed the FAA to
consider in the FMRA, including,
geographic and climatic diversity;
location of ground infrastructure; and
research needs. The FAA required
applicants to submit seven volumes of
extensive and detailed information that
address a broad set of considerations
including safety, airspace use,
experience, research objectives, and risk
considerations. This information will
allow the FAA to make a selection based
on the direction provided by Congress
in the FMRA and on the FAA’s mission.
The FAA developed the Test Site
selection criteria after seeking public
input and consulting with other
agencies regarding what selection
criteria would be appropriate. In March
2012, the FAA published a request for
comment in the Federal Register and in
April 2012, the FAA hosted two public
webinars to obtain public input on the
FAA’s proposed selection criteria.
Although there was significant public
participation, the FAA did not receive
comments advocating that privacy
issues be used as a factor in choosing
the Test Sites.
(8) The FAA should require Test Site
operators to conduct specific tests
related to privacy and surveillance.
Commenters recommended that the
FAA should:
• Require UAS operators at Test Sites
to conduct specific tests related to
surveillance and privacy;
PO 00000
Frm 00037
Fmt 4700
Sfmt 4700
68363
• Require Test Site operators to
design the sites—including the creation
of ‘‘fake’’ houses or businesses—to
allow UAS operators to test how
accurate their surveillance systems are
and test how much data those systems
collect; and
• Develop and require Test Sites to
implement a standard battery of privacy
tests that each UAS operating within a
Test Site should have to perform in
order to collect data that the FAA can
use to make decisions about privacy
issues.
Response: The FAA is not planning to
have the Test Site operators conduct
specific research.
(9) The FAA should not take punitive
actions against a Test Site operator for
privacy violations without due process.
One commenter noted that if charges
are filed by law enforcement against a
Test Site operator due to potential
violations of privacy laws, the OTA
allows the FAA to suspend or modify
the relevant operational authority for a
Test Site (e.g. Certificate of Operation,
or OTA). That commenter
recommended that a Test Site operator
be entitled to due process before the
operational authority be suspended or
modified.
Response: A Test Site operator’s rights
to operate a Test Site are set forth in the
OTA and are subject to the terms and
conditions in the OTA. The FAA
believes that it is appropriate to include
contractual provisions in the Final
Privacy Requirements that allow the
FAA to protect the public interest by
suspending or modifying the relevant
operational authority for a Test Site if
charges are filed by law enforcement
against a Test Site operator due to
potential violations of privacy laws.
(10) The FAA should establish
sanctions for violations of privacy
policies or rights.
One commenter recommended that
the FAA rescind the OTA for a Test Site
where serious privacy violations have
occurred and levy fines against
operators that fail to comply with
privacy policies.
Response: The Final Privacy
Requirements provide that violations of
privacy laws can result in suspension or
termination of the OTA.
The FAA will not monitor a Test
Site’s compliance with its own privacy
policies. The FAA expects the public
entities operating the Tests Sites and
their respective state/local oversight
bodies to monitor and enforce a Test
Site’s compliance with its own policies.
Conclusion
Based on the comments submitted,
the FAA intends to require each test site
E:\FR\FM\14NOR1.SGM
14NOR1
68364
Federal Register / Vol. 78, No. 220 / Thursday, November 14, 2013 / Rules and Regulations
operator to comply with all of the
privacy requirements included in the
Draft Privacy Requirements as well as
the following additional privacy
requirements:
(1) Test site operators must maintain
a record of all UAS operating in the test
sites;
(2) Test site operators must require
every UAS operator in the Test Site to
have a written plan for the operator’s
use and retention of data collected by
the UAS; and
(3) Test site operators must conduct
an annual review of test site operations
to verify compliance with stated privacy
policy and practices and share those
outcomes annually in a public forum
with an opportunity for public feedback.
Accordingly, the FAA intends to
include the following terms and
conditions into Article 3 of the OTA:
‘‘ARTICLE 3 PRIVACY; APPLICABLE
LAW
a. Privacy Policies
The Site Operator must:
(i) Have privacy policies governing all
activities conducted under the OTA,
including the operation and relevant
activities of the UAS authorized by the
Site Operator.
(ii) Make its privacy policies publicly
available;
(iii) Have a mechanism to receive and
consider comments from the public on
its privacy policies;
(iv) Conduct an annual review of test
site operations to verify compliance
with stated privacy policy and practices
and share those outcomes annually in a
public forum with an opportunity for
public feedback;
(v) Update its privacy policies as
necessary to remain operationally
current and effective; and
(vi) Ensure the requirements of its
privacy policies are applied to all
operations conducted under the OTA.
The Site Operator’s privacy policies
should be informed by Fair Information
Practice Principles.
TKELleY on DSK3SPTVN1PROD with RULES
b. Compliance With Applicable Privacy
Laws
For purposes of this agreement, the
term ‘‘Applicable Law’’ shall mean (i) a
law, order, regulation, or rule of an
administrative or legislative government
body with jurisdiction over the matter
in question, or (ii) a ruling, order,
decision or judgment of a court with
jurisdiction over the matter in question.
The Site Operator and its team members
must operate in accordance with all
Applicable Law regarding the protection
of an individual’s right to privacy
(hereinafter referred to as ‘‘Privacy
VerDate Mar<15>2010
15:50 Nov 13, 2013
Jkt 232001
Laws’’). If the U.S. Department of Justice
or a state’s law enforcement authority
files criminal or civil charges over a
potential violation of a Privacy Law, the
FAA may take appropriate action
including suspending or modifying the
relevant operational authority (e.g.,
Certificate of Operation, or OTA) until
the proceedings are completed. If the
proceedings demonstrate the operation
was in violation of the Privacy Law, the
FAA may terminate the relevant
operational authority.
c. Change in Law
If during the term of this Agreement
an Applicable Law comes into effect
which may have an impact on UAS,
including impacts on the privacy
interests of individuals or entities
affected by any operation of any UAS
operating at the Test Site, such
Applicable Law will be applicable to the
OTA and the FAA may update or amend
the OTA to reflect these changes.
d. Transmission of Data to the FAA
The Site Operator should not provide
or transmit to the FAA or its designees
any data other than the data the data
requested by the FAA pursuant to
Article 5 of this OTA.
e. Other Requirements
The Site Operator must:
(i) Maintain a record of all UAS
operating at the test sites; and
(ii) Require each UAS operator in the
Test Site to have a written plan for the
operator’s use and retention of data
collected by the UAS.’’
Issued in Washington, DC, on November 7,
2013.
Marc L. Warren,
Acting Chief Counsel, Federal Aviation
Administration.
[FR Doc. 2013–27216 Filed 11–8–13; 11:15 am]
BILLING CODE 4910–13–P
DEPARTMENT OF VETERANS
AFFAIRS
38 CFR Part 17
RIN 2900–AN98
Payment for Home Health Services and
Hospice Care to Non-VA Providers;
Delay of Effective Date
Department of Veterans Affairs.
Final rule; delay of effective
AGENCY:
ACTION:
date.
The Department of Veterans
Affairs (VA) published in the Federal
Register on May 6, 2013 (78 FR 26250)
a final rule to change the billing
methodology for non-VA providers of
SUMMARY:
PO 00000
Frm 00038
Fmt 4700
Sfmt 9990
home health services and hospice care.
The preamble of that final rule stated
the effective date was November 15,
2013. This document delays that
effective date to April 1, 2014.
DATES: Effective Date: The effective date
for the final rule published May 6, 2013,
at 78 FR 26250, is delayed from
November 15, 2013, until April 1, 2014.
FOR FURTHER INFORMATION CONTACT:
Harold Bailey, Director of
Administration, Department of Veterans
Affairs, Veterans Health Administration,
3773 Cherry Creek Drive North, East
Tower, Ste. 485, Denver, CO 80209,
(303) 331–7829. (This is not a toll-free
number.)
SUPPLEMENTARY INFORMATION: This
rulemaking makes the VA regulation
governing payments for certain non-VA
health care, 38 CFR 17.56, applicable to
non-VA home health services and
hospice care. Section 17.56 provides,
among other things, that Centers for
Medicare and Medicaid (CMS) fee
schedule or prospective payment system
amounts will be paid to certain non-VA
providers, unless VA negotiates other
payment amounts with such providers.
See 38 CFR 17.56(a)(2)(i). This change
in the billing methodology for non-VA
home health and hospice care was put
forth in a proposed rule. We received
one comment to this change and
responded to that comment in a final
rule published in the Federal Register
on May 6, 2013 (78 FR 26250). The
original effective date of the final rule
was stated as November 15, 2013;
however, we now delay the effective
date of the final rule at 78 FR 26250 to
the new effective date of April 1, 2014.
The delay of the effective date is
necessary to accommodate unforeseen
difficulties in contracting and
information technology procedures
required to apply the billing
methodology under § 17.56 to non-VA
home health services and hospice care.
These difficulties relate to separate
administration of hospice care and
home health services by the Veterans
Health Administration’s Office of
Geriatrics and Extended Care, which
uses separate methods for forming
agreements with non-VA providers for
the provision of these services, and
difficulties regarding information
technology systems necessary to use the
CMS rate made applicable under
§ 17.36.
Dated: November 8, 2013.
Robert C. McFetridge,
Director, Regulation Policy and Management,
Office of the General Counsel, Department
of Veterans Affairs.
[FR Doc. 2013–27218 Filed 11–13–13; 8:45 am]
BILLING CODE 8320–01–P
E:\FR\FM\14NOR1.SGM
14NOR1
]]>Agencies
[Federal Register Volume 78, Number 220 (Thursday, November 14, 2013)]
[Rules and Regulations]
[Pages 68360-68364]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2013-27216]
-----------------------------------------------------------------------
DEPARTMENT OF TRANSPORTATION
Federal Aviation Administration
14 CFR Part 91
[Docket No. FAA-2013-0061]
Unmanned Aircraft System Test Site Program
AGENCY: Federal Aviation Administration (FAA), DOT.
ACTION: Notice of availability of final privacy requirements for the
unmanned aircraft system (``UAS'') test site program; response to
comments.
-----------------------------------------------------------------------
SUMMARY: On February 22, 2013 the FAA published and requested public
comment on the proposed privacy requirements (the ``Draft Privacy
Requirements'') for UAS test sites (the ``Test Sites'') that the FAA
will establish pursuant to the FAA Modernization and Reform Act of 2012
(``FMRA''). This document responds to the public comments received and
publishes the FAA's final privacy requirements for the Test Sites (the
``Final Privacy Requirements'').
[[Page 68361]]
DATES: November 14, 2013.
ADDRESSES: You may review the public docket for this rulemaking (Docket
No. FAA-2013-0061) on the Internet at https://www.regulations.gov. You
may also review the public docket at the Docket Management Facility in
Room W12-140 of the West Building Ground Floor at 1200 New Jersey
Avenue SE., Washington, DC 20590-0001 between 9 a.m. and 5 p.m., Monday
through Friday, except Federal holidays.
FOR FURTHER INFORMATION CONTACT: For technical questions concerning the
test site program, contact Elizabeth Soltys, Unmanned Aircraft Systems
Integration Office, Federal Aviation Administration, 800 Independence
Avenue SW., Washington, DC 20591; email: 9-ACT-UASTSS@faa.gov.
For legal questions concerning the FAA's privacy requirements for
the Test Sites contact Carlos Siso, Office of the Chief Counsel,
Federal Aviation Administration, 800 Independence Ave. SW., Washington,
DC 20591; email: 9-AGC-UASPrivacy@faa.gov.
SUPPLEMENTARY INFORMATION: This document summarizes and responds to the
public comments received in response to the following Federal Register
documents seeking public comment on the Draft Privacy Requirements for
the Test Sites:
(i) Notice of availability and request for comments published in
the Federal Register on February 22, 2013 (78 FR 12259), Docket No.
FAA-2013-0061-0001; and
(ii) Notice of public engagement session published in the Federal
Register on March 28, 2013 (78 FR 18932), Docket No. FAA-2013-0061-
0050.
In addition, this document publishes the FAA's Final Privacy
Requirements for the Test Sites which are set forth under the
``Conclusion'' section below.
Discussion of Comments
The FAA received 99 comments through Regulations.gov and 53
comments through the public engagement session. A transcript of the
public engagement session is available at: https://www.faa.gov/about/initiatives/uas/media/UAStranscription.pdf. Public comments ranged from
recommending that the FAA not impose any privacy requirements on the
Test Sites to recommending that the FAA impose extensive privacy
requirements on the Test Sites. The FAA also received comments that
were not responsive to the notice or that were unclear.
The FAA analyzed the responsive comments and grouped them into ten
categories. The following sections address the comments by category.
(1) The FAA should focus on its safety mission; it should not
engage in regulating privacy.
The FAA received a number of comments advocating that the FAA
should focus on its safety mission and should not engage in regulating
privacy. The following comments were received:
The FAA should focus on safety;
Regulating privacy is outside the FAA's mission;
The FAA does not have statutory authority to regulate
privacy;
The FAA does not have the authority to impose privacy
requirements on the Test Sites;
The FAA should allow privacy to be addressed by other more
appropriate government bodies including: Federal agencies that have
expertise and authority to deal with privacy concerns; Congress; state
or local legislative bodies; and the judicial system;
The Federal Government should not regulate privacy impacts
of UAS; these issues should be left to states, cities, and counties to
address;
The FAA should only require compliance with privacy laws
that are already in place and focus on developing safe operation of
UAS;
The FAA should not deny access to the national airspace
for reasons other than safety;
Existing privacy laws are sufficient to cover the
responsible use of UAS. There already exist Federal, state and other
laws that protect privacy. In addition, tort law may also provide
avenues of recourse for plaintiffs to protect their privacy rights;
The FAA should not implement privacy regulations that make
entry into the market prohibitive for small businesses;
The FAA should not allow privacy issues to hinder
commercialization of UAS;
There is no evidence that the operations at the Test Sites
will harm privacy interests. Restricting activities at the test sites
at this early stage will likely overprotect privacy at the expense of
innovation;
The FAA should afford adequate time for non-governmental
solutions such as industry norms and practices to develop before
intervening administratively to protect privacy. These less restrictive
solutions will reduce the need for administrative intervention and will
allow for increased innovation in the national airspace;
Requiring Test Site operators to develop privacy policies
that are informed by Fair Information Practice Principles is onerous
for commercial operators of UAS and its cost will likely outweigh any
hypothetical benefits;
Requiring Test Site operators to issue privacy policies
informed by Fair Information Practice Principles will limit the
diversity of data that will inform integration of UAS into the national
airspace. The FAA's approach would exclude an important possible
alternative from the discussion: some operators might choose not to
issue a privacy policy or adopt a non-FIPPs-compliant policy; and
The FAA should treat data gathered by UAS no differently
than data gathered by a manned aircraft or by other electronic means.
There is no significant difference in terms of surveillance between a
UAS and a manned aircraft, and manned aircraft are permitted to operate
in the national airspace with cameras.
Response: The FAA's mission is to provide the safest, most
efficient aerospace system in the world and does not include regulating
privacy. At the same time, the FAA recognizes that there is substantial
debate and difference of opinion among policy makers, industry,
advocacy groups, and members of the public as to whether UAS operations
at the Test Sites will raise novel privacy issues that are not
adequately addressed by existing legal frameworks.
The FAA will require the Test Site operators to comply with the
Final Privacy Requirements. Congress mandated that the FAA establish
the Test Sites to further UAS integration into the national airspace
system. The Final Privacy Requirements advance this purpose by helping
inform the dialogue among policymakers, privacy advocates, and industry
regarding the impact of UAS technologies on privacy.
The FAA's authority for including the Final Privacy Requirements in
the Test Site OTAs is set forth in 49 U.S.C. 106(l)(6). That statute
authorizes the FAA Administrator to enter into an OTA ``on such terms
and conditions as the Administrator may consider appropriate.'' The FAA
believes that it is appropriate to require Test Site operators to
comply with the Final Privacy Requirements.
(2) The FAA should require warrants before law enforcement can use
UAS in the Test Sites to conduct surveillance or gather evidence.
The FAA received a variety of comments advocating that:
The FAA should include provisions in the OTA that require
warrants to be obtained when UAS are used to conduct surveillance or
gather evidence within the Test Site; and
[[Page 68362]]
The OTA include appropriate safeguards to protect Fourth
Amendment rights at and around our national borders.
Response: The FAA's mission is to provide the safest, most
efficient aerospace system in the world. The FAA is establishing the
UAS Test Sites consistent with its mission and the direction in the
FMRA. The FAA appreciates the commenters' concerns. Accordingly, the
final privacy requirements provide that the Site Operator and its team
members must comply with all applicable privacy laws.
(3) The FAA should mandate specific privacy requirements for the
Test Sites.
The FAA received a variety of comments advocating that the FAA
mandate specific privacy requirements for the Test Sites. The
recommendations included the following:
The FAA should specify minimum privacy requirements and
require each Test Site to comply with them;
The FAA should mandate compliance with Fair Information
Practice Principles for all Test Site operators;
The FAA should establish prohibitions on where UAS can
operate within a Test Site and the kinds of surveillance activities
that UAS conduct at the Test Sites;
The FAA should require all UAS flown at the Test Sites to
have unencrypted down links so that all their data collection can be
viewed by the public, including records contained onboard and recovered
after landing;
The FAA should require each Test Site operator to conduct
a full Privacy Impact Assessment;
The FAA should require each Test Site operator to
establish a Chief Privacy Officer and centralize privacy
responsibilities in that person;
The FAA should require each Test Site operator to
establish a privacy advisory committee to review proposed UAS research
at the Test Sites for privacy concerns;
The FAA should require each Test Site operator to provide
a detailed response to public input it receives regarding the Test
Site's privacy policy;
The FAA should prohibit the sharing of recorded
surveillance footage beyond the scope of its original purpose;
The FAA should prohibit UAS in the Test Sites from flying
below a minimum altitude;
The FAA should prohibit UAS in the Test Sites from
carrying any equipment that could be used to conduct surveillance;
The FAA should limit the use of the data collected at the
Test Sites;
The FAA should prohibit (i) the use of Test Sites for
government surveillance, and (ii) sharing data collected with law
enforcement for the purpose of investigating or prosecuting a crime;
The FAA should limit the type of data that can be
collected by UAS at the Test Sites including limiting the resolution of
visual imagery that UAS can collect, prohibiting recording of audio
data, and restricting the ability to collect WiFi and cellular signals;
The FAA should require Test Site operators to provide data
on the payload of each UAS flown at the Test Site including specific
information on the data the payload is capable of collecting;
The FAA should mandate privacy policies that require
deletion of collected data within a certain time period;
The FAA should prohibit the Test Site operator and UAS
operators at the Test Sites from retaining any data collected longer
than is necessary to fulfill the purpose of the Test Site;
The FAA should require UAS operators to file data
collection statements with the FAA for UAS operations that involve
remote sensing and signals surveillance from the UAS platform; and
The FAA should require UAS operating at altitudes over 400
feet to carry an automatic dependent surveillance-broadcast transponder
(ADS-B Out) so that UAS operations can be tracked.
Response: The FAA's mission is to provide the safest, most
efficient aerospace system in the world. Although there is a long
history of placing cameras and other sensors on aircraft for a variety
of purposes--news helicopters, aerial surveys, film/television
production, law enforcement, etc.--the FAA is not, through awarding and
supervising these Test Sites, taking specific views on whether or how
the Federal Government should regulate privacy or the scope of data
that can be collected by manned or unmanned aircraft.
There was substantial difference of opinion among commenters as to
whether UAS operations and manned aircraft operations present different
privacy issues that justify imposing special privacy restrictions on
UAS operations at the Test Sites. In addition, there was substantial
difference of opinion among commenters regarding what elements would be
appropriate for a Test Site privacy policy. Based on the comments
received, the FAA will require Test Sites to comply with the following
requirements in addition to those described in the Draft Privacy
Requirements:
(1) Test site operators must maintain a record of all UAS operating
in the test sites;
(2) Test site operators must require every UAS operator in the Test
Site to have a written plan for the operator's use and retention of
data collected by the UAS; and
(3) Test site operators must conduct an annual review of test site
operations to verify compliance with stated privacy policy and
practices and share those outcomes annually in a public forum with an
opportunity for public feedback.
The above are reflected in the Final Privacy Requirements.
The FAA has determined that it should not impose privacy
requirements beyond those in the Final Privacy Requirements for the
following reasons. First, there are many privacy laws and applications
of tort law that may address some of the privacy issues that arise from
UAS operations at the Test Sites.
Second, the FAA believes that Test Sites operators will be
responsive to local stakeholders' privacy concerns and will develop
privacy policies appropriately tailored to each Test Site. The
selection criteria for the Test Sites specify that only a ``public
entity'' can serve as a Test Site operator. The term ``public entity''
is defined in the selection criteria to mean ``(A) any State or local
government; (B) any department, agency, special purpose district, or
other instrumentality of a State or States or local government; and (C)
the National Railroad Passenger Corporation, and any commuter
authority.'' The FAA expects that public entities will be responsive to
stakeholder concerns.
Third, if UAS operations at a Test Site raise privacy concerns that
are not adequately addressed by the Test Site's privacy policies,
elected officials can weigh the benefits and costs of additional
privacy laws or regulations. Forty-three states have already enacted or
are considering legislation regulating use of UAS. See Drone
Legislation All the Rage; Varies Widely Across 43 States, According to
WestlawNext, June 17, 2013, available at: https://thomsonreuters.com/press-releases/062013/drone_legislation_varies_across_states_according_to_Westlaw.
(4) The FAA should conduct audits of the Test Sites to ensure
compliance with privacy policies.
Various commenters recommended that the FAA should audit each Test
Site to ensure compliance with the privacy policies in the OTA.
[[Page 68363]]
Response: Each Test Site will be operated by a public entity (see
response to Category 3 above). The FAA expects that the public entity
operating each test site will already be subject to oversight and audit
requirements. The FAA does not believe that it is appropriate for the
FAA to impose additional audit requirements on the Test Site operators.
(5) The FAA should require Test Site operators to keep records that
will allow for effective citizen participation and reporting of privacy
violations.
One commenter recommended that the FAA require Test Site operators
to keep accurate, detailed, frequent, and accessible records to allow
for effective citizen participation and reporting of privacy
violations.
Response: Each Test Site operator will be a public entity (see
response to Category 3 above). Public entities are generally subject to
laws that establish record keeping requirements and provide the public
access to records. The FAA does not believe that it is appropriate for
the FAA to impose additional record keeping requirements on the Test
Site operators other than those specified in the Final Privacy
Requirements.
(6) The FAA should establish a searchable database or registry of
UAS operators and operations at the Test Sites.
The FAA received a variety of comments advocating that:
The FAA should create a public, searchable database or
registry of all UAS operators. Some commenters recommended that the
database include information about surveillance equipment used and the
operator's data collection practices;
The FAA should require UAS operators at the Test Sites to
provide public statements describing the surveillance equipment that
will be carried by a UAS, the geographical area where the UAS will be
operated, and the purposes for which the UAS will be deployed; and
The FAA should establish a means for the public to access
the data on UAS flights collected by the FAA.
Response: The FAA believes that it is not appropriate for the FAA
to create a public registry or database of UAS operations at the Test
Sites. However, the FAA has included a contractual provision in the
Final Privacy Requirements that will require each Test Site operator to
maintain a record of all UAS operating at the Test Site.
(7) The FAA should modify its Test Site selection criteria to take
into account privacy concerns.
Various commenters recommended that the FAA revise its selection
criteria. Suggestions included the following:
The FAA should choose an applicant that has an established
UAS research program with active engagement with UAS privacy issues;
The FAA should choose at least one Test Site in a state
with strong privacy protective UAS laws and regulations;
The FAA should select one or more Test Sites in or near a
densely populated urban area in order to avoid a bias towards privacy
issues relevant for rural UAS operations; and
The FAA should consider the privacy track record of
applicants as part of the selection process.
Response: The FAA believes that it is not appropriate to modify the
Test Site selection criteria to include the recommended privacy
considerations. Applicants have already submitted complete applications
based on the announced selection criteria and the application period
has closed.
The FAA published the Test Site selection criteria and application
instructions on February 14, 2013 on https://faaco.faa.gov under
Solicitation number DTFACT-13-R-00002. The selection criteria
incorporate the factors that Congress directed the FAA to consider in
the FMRA, including, geographic and climatic diversity; location of
ground infrastructure; and research needs. The FAA required applicants
to submit seven volumes of extensive and detailed information that
address a broad set of considerations including safety, airspace use,
experience, research objectives, and risk considerations. This
information will allow the FAA to make a selection based on the
direction provided by Congress in the FMRA and on the FAA's mission.
The FAA developed the Test Site selection criteria after seeking
public input and consulting with other agencies regarding what
selection criteria would be appropriate. In March 2012, the FAA
published a request for comment in the Federal Register and in April
2012, the FAA hosted two public webinars to obtain public input on the
FAA's proposed selection criteria. Although there was significant
public participation, the FAA did not receive comments advocating that
privacy issues be used as a factor in choosing the Test Sites.
(8) The FAA should require Test Site operators to conduct specific
tests related to privacy and surveillance.
Commenters recommended that the FAA should:
Require UAS operators at Test Sites to conduct specific
tests related to surveillance and privacy;
Require Test Site operators to design the sites--including
the creation of ``fake'' houses or businesses--to allow UAS operators
to test how accurate their surveillance systems are and test how much
data those systems collect; and
Develop and require Test Sites to implement a standard
battery of privacy tests that each UAS operating within a Test Site
should have to perform in order to collect data that the FAA can use to
make decisions about privacy issues.
Response: The FAA is not planning to have the Test Site operators
conduct specific research.
(9) The FAA should not take punitive actions against a Test Site
operator for privacy violations without due process.
One commenter noted that if charges are filed by law enforcement
against a Test Site operator due to potential violations of privacy
laws, the OTA allows the FAA to suspend or modify the relevant
operational authority for a Test Site (e.g. Certificate of Operation,
or OTA). That commenter recommended that a Test Site operator be
entitled to due process before the operational authority be suspended
or modified.
Response: A Test Site operator's rights to operate a Test Site are
set forth in the OTA and are subject to the terms and conditions in the
OTA. The FAA believes that it is appropriate to include contractual
provisions in the Final Privacy Requirements that allow the FAA to
protect the public interest by suspending or modifying the relevant
operational authority for a Test Site if charges are filed by law
enforcement against a Test Site operator due to potential violations of
privacy laws.
(10) The FAA should establish sanctions for violations of privacy
policies or rights.
One commenter recommended that the FAA rescind the OTA for a Test
Site where serious privacy violations have occurred and levy fines
against operators that fail to comply with privacy policies.
Response: The Final Privacy Requirements provide that violations of
privacy laws can result in suspension or termination of the OTA.
The FAA will not monitor a Test Site's compliance with its own
privacy policies. The FAA expects the public entities operating the
Tests Sites and their respective state/local oversight bodies to
monitor and enforce a Test Site's compliance with its own policies.
Conclusion
Based on the comments submitted, the FAA intends to require each
test site
[[Page 68364]]
operator to comply with all of the privacy requirements included in the
Draft Privacy Requirements as well as the following additional privacy
requirements:
(1) Test site operators must maintain a record of all UAS operating
in the test sites;
(2) Test site operators must require every UAS operator in the Test
Site to have a written plan for the operator's use and retention of
data collected by the UAS; and
(3) Test site operators must conduct an annual review of test site
operations to verify compliance with stated privacy policy and
practices and share those outcomes annually in a public forum with an
opportunity for public feedback.
Accordingly, the FAA intends to include the following terms and
conditions into Article 3 of the OTA:
``ARTICLE 3 PRIVACY; APPLICABLE LAW
a. Privacy Policies
The Site Operator must:
(i) Have privacy policies governing all activities conducted under
the OTA, including the operation and relevant activities of the UAS
authorized by the Site Operator.
(ii) Make its privacy policies publicly available;
(iii) Have a mechanism to receive and consider comments from the
public on its privacy policies;
(iv) Conduct an annual review of test site operations to verify
compliance with stated privacy policy and practices and share those
outcomes annually in a public forum with an opportunity for public
feedback;
(v) Update its privacy policies as necessary to remain
operationally current and effective; and
(vi) Ensure the requirements of its privacy policies are applied to
all operations conducted under the OTA.
The Site Operator's privacy policies should be informed by Fair
Information Practice Principles.
b. Compliance With Applicable Privacy Laws
For purposes of this agreement, the term ``Applicable Law'' shall
mean (i) a law, order, regulation, or rule of an administrative or
legislative government body with jurisdiction over the matter in
question, or (ii) a ruling, order, decision or judgment of a court with
jurisdiction over the matter in question. The Site Operator and its
team members must operate in accordance with all Applicable Law
regarding the protection of an individual's right to privacy
(hereinafter referred to as ``Privacy Laws''). If the U.S. Department
of Justice or a state's law enforcement authority files criminal or
civil charges over a potential violation of a Privacy Law, the FAA may
take appropriate action including suspending or modifying the relevant
operational authority (e.g., Certificate of Operation, or OTA) until
the proceedings are completed. If the proceedings demonstrate the
operation was in violation of the Privacy Law, the FAA may terminate
the relevant operational authority.
c. Change in Law
If during the term of this Agreement an Applicable Law comes into
effect which may have an impact on UAS, including impacts on the
privacy interests of individuals or entities affected by any operation
of any UAS operating at the Test Site, such Applicable Law will be
applicable to the OTA and the FAA may update or amend the OTA to
reflect these changes.
d. Transmission of Data to the FAA
The Site Operator should not provide or transmit to the FAA or its
designees any data other than the data the data requested by the FAA
pursuant to Article 5 of this OTA.
e. Other Requirements
The Site Operator must:
(i) Maintain a record of all UAS operating at the test sites; and
(ii) Require each UAS operator in the Test Site to have a written
plan for the operator's use and retention of data collected by the
UAS.''
Issued in Washington, DC, on November 7, 2013.
Marc L. Warren,
Acting Chief Counsel, Federal Aviation Administration.
[FR Doc. 2013-27216 Filed 11-8-13; 11:15 am]
BILLING CODE 4910-13-P
