DJI, one of the leading manufacturers of consumer and commercial drones sold in the United States, has been accused by US officials of "providing U.S. critical infrastructure and law enforcement data to the Chinese government."

The accusation - which appears in a recently released August memo issued by the Los Angeles office of the Immigration and Customs Enforcement bureau - accuses the Chinese government of "using DJI UAS (Unmanned Aircraft System) as an inexpensive, hard-to-trace method to collect on US critical assets" and, notes that, since 2015, "DJI has targeted a number of US companies in the critical infrastructure and law enforcement sectors to market its UAS. As of July 2017, at least ten large companies and organizations operating in the railroad, utility, media, farming, education, and federal law enforcement sectors have already purchased and begun using DJI UAS. The most frequent uses include mapping land, inspecting infrastructure, conducting surveillance, and monitoring hazardous materials."

While the US government memo claims that its information is from a reliable source "with first and secondhand access," DJI - whose full name is Da Jiang Innovations - fervently denies the accusations leveled against it.

According to Adam Lisberg, DJI's Corporate Communication Director for North America, "We give our customers the option to sync their flight logs in the cloud, and if they do, flight logs from US customers are stored only on AWS servers in the US. We don't send that data to the Chinese government, we don't allow the Chinese government to access that data, and we're unaware of any instance where the Chinese government accessed data of US customers. And if people still want to make sure they never share data with us, they can fly with our Local Data Mode, which blocks all connection between the drone/controller and the Internet."

DJI notes in its official statement as well that it does not force its customers to upload their flight videos to the company's servers, and that it has access to only those videos that its customers have actively sent to the firm's equipment. While that claim is true, it should be noted that DJI, like so many other modern day electronics manufacturers, does offer users the ability to store product-created data (in DJI's case flight logs and videos) on the company's servers -- one can even reasonably argue that DJI encourages users to do.

While China-based DJI is a dominant player in both the commercial and consumer drone markets in North America, the government accusation focuses on commercial drones - not consumer drones; it is not clear, however, whether that is because the government does not believe DJI is sharing consumer drone data, or because commercial drone data sharing is likely a far bigger national security risk. Newer commercial drones include all sorts of advanced technology that could be covertly utilized for espionage purposes; the same images from high-resolution cameras and infrared scanners that are used to monitor electrical lines, can, for example, be used to identify vulnerabilities in our nation's electrical grid and communications infrastructure.

The current controversy over DJI comes just months after a similar controversy arose with US government officials accusing cybersecurity product vendor, Kaspersky Lab, of providing data to the Russian government. Of course, other nations have made similar claims about US-based businesses assisting our own government's espionage efforts; as a result of Edward Snowden's leaking of classified NSA information there seems to be strong evidence to support the veracity of some of those claims.

In the case of China, however, the claims go further. The US government apparently believes that China is using DJI data for commercial advantage. The memo notes that "the Chinese government is likely using information acquired from DJI systems as a way to target assets they are (sic.) planning to purchase. For instance, a large family-owned wine producer in California purchased DJI UAS to survey its vineyards and monitor grape production. Soon afterwards, Chinese companies began purchasing vineyards in the same area. According to the SOI, it appeared the companies were able to use DJI data to their own benefit and profit."

What does this all mean?

While we sometimes think that technology has enabled our world to mature into one, big global community - as actually exists on social platforms such as Facebook, Twitter, and Instagram - there are still borders, nations, and conflicts. Any time we import technology (be it a finished device or a component within another device) from another nation we must keep in mind that the manufacturer of that technology answers to a government somewhere else. I expect that over the next decade we will encounter both continued government pressure on technology firms to supply information from customers, as well as many sophisticated acts of espionage involving the insertion of spying capabilities into the supply chain of technology firms in other countries. Time will certainly tell.

Published on: Nov 30, 2017
Like this column? Sign up to subscribe to email alerts and you'll never miss a post.