The world’s largest maker of light civilian drones, DJI, today unveiled a special “Government Edition” designed to safeguard sensitive data. The new drones have architecture that ensures that drone data—including photos and videos captured during flight—never leave the drone and therefore can never be shared with unauthorized parties, including DJI.
“DJI Government Edition allows government agencies to serve the public more efficiently and effectively using the industry’s most widely adopted drone technology, while maintaining total control over their data,” said Mario Rebello, DJI's vice president and regional manager of North America. “This is DJI’s most secure drone solution to-date because it prevents users from accidentally or even intentionally transferring data off of the drone to other parties. By incorporating these assurances into its architecture, the Government Edition solution meets the rigorous data security expectations of government agencies, and provides them the safety, reliability, and ease of operation that DJI’s products are respected for by commercial drone pilots around the world.”
DJI’s release of Government Edition comes a week after the company issued a fiery rebuttal to fresh charges emanating from Capitol Hill that interception of its drones’ data could be misused by foreign governments and/or bad actors. In a letter to the U.S. Senate’s Committee on Commerce, Science, and Transportation written late last month, DJI’s Rebello pointed out that DJI drones have multiple safeguards to ensure against such activities, including embedded passwords, data encryption, and internet disconnect.
He also noted, “DJI drones do not share flight logs, photos, or videos unless the drone pilot deliberately chooses to do so. They do not automatically send flight data to China or anywhere else. They do not automatically transmit photos or videos over the internet. This data stays solely on the drone and on the pilot’s mobile device. DJI cannot share customer data it never receives.”
Rebello said additional protections included that when “U.S. drone users do choose to share their data, it is only uploaded to U.S. cloud servers” and that the company operated a global “Bug Bounty Program” to encourage the identification of security issues.
Features of DJI’s new Government Edition drones include no data transmission, a permanently enabled local data mode within the custom DJI Pilot application that prevents data transfer from the mobile application over the internet to third parties or to DJI; firmware update reviews, where government agency aviation and IT departments can review firmware updates in electronic isolation before applying them to their fleet, as well as have full control over how to validate them and when to install them on DJI drones; and restricted hardware pairing, under which drones and remote controllers running Government Edition solution firmware can be linked only with each other and are not compatible with other DJI products, preventing the use of unsecured hardware and unauthorized third-party applications.
Government Edition can be purchased through select authorized DJI Enterprise resellers worldwide.
In his letter to the Senate committee last month, Rebello said that DJI had worked closely with U.S. government agencies, including the departments of Interior and Homeland Security, in developing the Government Edition package and that the practical safeguards it incorporates would prevent even accidental data sharing.
“If a government employee were to make a mistake in data management protocol, or even intentionally try to send drone data to DJI or elsewhere, no data will be transmitted. This is our most secure drone system and is designed to meet the U.S. government’s rigorous security expectations,” he said. “Our global team of engineers proactively implemented these measures based on our partnerships with public safety agencies, private operators of critical infrastructure, and even the U.S. federal government. We have publicly called on all manufacturers to adopt the measures outlined by DHS and remain open to any further recommendations that will help us continue to empower our end users to better safeguard their data.”