image Pixabay
NOTE: This is the Formal Comment that I submitted to the Federal Register regarding the Notice of Proposed Rulemaking (NPRM) for the Operation of Small Unmanned Aircraft Systems Over People on March 11, 2019.

This is a Formal Comment regarding the Operations Over People (OOP) section of the NPRM. I have a number of concerns as well as some actionable suggestions.

Let’s start with the rule being entirely too dependent on the 2016 ARC. Three years ago, almost to the day, 27 companies participated in the ARC. Most had very little or no drone experience. Understandable because at the time, almost no one did. The ARC met once for three days in March, and under intense time pressure submitted their final report on April 1, 2016. I think it is fair to say that the report was based more on conjecture than operational experience – more educated guess than data based.

The ARC met six months before Part 107 went into effect. To fly under 333 required a pilot with a manned license and a visual observer. Point being that three years is a drop in the ocean of regulatory time, but it has been an  eternity in the drone industry.

In the NPRM, the agency calls attention to the “relative inexperience of small UAS operators.” I agree with you. The sUAS industry is in its infancy – its growth requires vision and leadership. OOP is particularly important since it is the first step to building the foundation for extended operations.

The challenge is that safely implementing OOP requires a more holistic approach to safety than is necessary in a more mature industry like GA, commercial aviation or even Space.

In the following pages, I discuss eight issues that I believe that the NPRM needs to address, or address in much greater detail, then make a comment and a recommendation.

This goes to the issue of timing.

The FAA has made it clear that this rule will not go forward until there is a Remote ID Rule.

Which begs the question. What is the rush?

A tremendous amount of information will become available over the next 12-24 months – an optimistic guesstimate of the time it will take to get to Remote ID.

A partial list of informative initiatives includes:

  • UAS IPP – particularly having to do with local jurisdictions and permissions.
  • ANPRM – particularly A. Stand-Off Distances and E. Small UAS Critical System Design Requirements.
  • UTM – TLC4 is specifically designed to test in the types of urban environments that many OOP flights will take place in.
  • UTM Pilot Project – which is specifically designed to operationalize UTM.
  • The 2018 FAA Reauthorization – specifically SEC. 345 dealing with sUAS Safety Standards and self-certification.
  • The considerations that go into drafting the Remote ID rule.

The problem of Privacy is an inherent component of operating over non-consenting people.

Saying that privacy is “beyond the scope of the FAA’s mission” does not solve the problem. It just kicks the can down the runway.

Congress definitely gets it. The 2018 FAA Reauthorization ordered a full study of this in SEC 357 and 358 and the report ‘should’ be forthcoming this calendar year.

The recommendations should be reflected in the NPRM, even if it does not fall to the FAA to enforce them.

According to the NPRM “…Since part 107 took effect, the FAA has issued 9 waivers for operations over people and over 1,200 for operations at night.” (NOTE I believe the current numbers are 24 and 2,400.)

The numbers clearly demonstrate the FAA’s reluctance to issue OOP waivers. Given the specific nature of the waiver process, one must conclude that very few applicants have successfully proposed mitigations that are acceptable to the FAA.

So then, what is this rule based on besides an outdated ARC?

Hopefully not as some have suggested, closed set operations which were among the first operations permitted under 333.

As you know, a closed set is a secured environment with a clearly defined command hierarchy and a robust set of communication protocols which support multiple checks between departments. Insurance is carried by multiple parties, including at minimum the drone service providers and the producers. Everyone on the set is aware of the operation.

In addition, it being Hollywood, any work done to less than the highest standard basically means “you will never work in this town again.” For cost reasons alone, one can hardly expect to maintain this standard in ad hoc operations.

I respectfully suggest that the FAA does not have enough data to begin to define the parameters of ‘risk based’ operations in this context.

The rule must mandate minimum insurance requirements for both the operator and the manufacturer.

To date, every documented injury caused by a drone has happened to people on the ground, the great majority were non-consenting bystanders. So far no one has died.

Operating over people under Part 107 is a business decision. Carrying insurance is a cost of doing business. Those who complain that they can’t afford it, are the same people who will not be able to make someone they injure whole. Ground them.

It is irresponsible for a safety agency to place the burden on the injured party(ies) even if they “only” endure a Level 3 injury. “…The maximum injury level a person would be expected to suffer as a result of being impacted by a small unmanned aircraft under normal operating conditions.”

I guess that would be great if there were such a thing as a ‘normal human condition’ – but we all know someone who is not in perfect health and may not be able to withstand an unexpected blow.

The scale (essentially an actuarial table) considers the total group, not an individual. Even a Level 1 blow can be enough to impact someone’s earnings and otherwise leave them less than whole. In the case of a child, it could arrest their development. It is impossible to foresee all of the consequences.

All this so that some commercial mission can be completed, which was never intended to benefit them in any way? The injured person should not have to bear the costs and delays of a lawsuit to get relief.

Perhaps the liability requirement can be modeled after Part 205 Aircraft Accident Liability Insurance certification since the intent appears to be similar?

Changing focus to the aircraft, the recognition of tort and an assumption of liability must be inherent to the concept of a Declaration of Compliance. Self certification is a fine idea, but where is the assurance without penalties?

I for one do not understand how a Declaration of Compliance maps to SEC 345, Self-Certification. Are they the same, if not why and how are they different and which applies?

To accommodate lawyers and lawsuits, the period to maintain documentation should be extended to match the statute of limitations, 10 years, not two.

To avoid any “hit and run” and to minimize detection and identification issues, I would propose that an OOP require that the aircraft be logged in to a UTM system where available. In conjunction with Remote ID, this will aid in deconfliction, eliminating the risk to bystanders when multiple drones are in the area, e.g. covering an event which you propose to allow.

What kind of deconfliction? Well consider paparazzi drone pilots who will be among the first to take advantage of the rule as currently written.

A reading of the proposed rule reveals that a fresh behind the ears 16 year old Part 107 RPIC, with zero flight hours, can go the store, buy a compliant drone, and fly over people so long as the RPIC ensures that the proper category decal is in place.

That is a shockingly low bar for a safety agency to set.

The NPRM’s exclusive focus on kinetic energy, rotating parts and compliance misses a much larger set of issues. While it is great to have a drone that won’t hurt anyone “too badly” if it hits them, where is the emphasis on a high level of pilot proficiency to mitigate the risk?


The FAA “Lacks information and data to assess how much training or time piloting a particular aircraft is warranted” because there is no analog to this in the FAA’s experience. Simple example, the FAA understands exactly what additional training and SOPs are necessary for Night Operations because it has dealt with the problem for decades.

While some will commend the FAA for their position that “The importance of providing flexibility to the remote pilot outweighs any benefit of having a prescriptive standard;” this is only valuable if pilots are trained to identify and assess the risks of a given situation.

This will not come as news to anyone in the aviation community.

While I am certain that others will have more specifics to contribute to a discussion of training requirements, I would start with these four, particularly in the context of suburban and urban environments.

  • The loss of GPS signal,
  • The loss of C2 links,
  • Wind shears and other wind events,
  • Low altitude weather events which in theory the RPIC should be familiar with.

I am not aware of any studies that have been done on any of these (a significant point in its own right,) but they are likely factors behind the growing number of loss of control accidents in major metro areas including Seattle, Manhattan, San Francisco, Denver and most recently, Chicago.

At least as much effort should be required to go into mission planning as is demanded of a night flight. At a minimum, I urge the FAA to go back and add the kind of detail present in Category 3 and Night Operations to Category 2.

While the kinetic risk is greater in Category 3, the density of nonparticipants will be much greater in Categories 1 and 2.

As in the example of Night Operations, consideration should be given to the need for additional markings visible from a distance, as opposed to the marking identifying the aircraft as Category 2 or 3 rated.

This is not wartime. People should be able to see a drone in their vicinity and make their own decision to move away if they choose to. One way to accomplish this is through the use of strobe lights.

People should also be warned if a sUAS fails. This can be accomplished through a loudspeaker mounted on the sUAS (e.g. the DJI Mavic Enterprise).

There is a very important question of the security of the C2 links. A easily disrupted link, e.g. 2.4/5.8, adds another element of risk.

The December 2018, National Strategy For Aviation Security of the United States of America (NSAS) is explicit:

Given the centrality of the RF spectrum to aviation operations, the United States Government must take steps to safeguard its use, including physical security measures and technical measures to prevent jamming and spoofing and to enable authentication, as well as cybersecurity considerations.

I urge you to reconsider the concept of Category 1. The data is very clear that a 250gm sUAS falling from 200’ AGL can cause significant injury.

Frankly, I don’t understand why this is even in the rule – why do you want to allow these vulnerable, frequently unstable aircraft overhead?

If you persist in thinking this is a fine idea, consider limiting height to 50’AGL.

As the NPRM is written, the FAA has no way of identifying, then informing a specific fleet (Manufacturer X, all Model Ys) that there is a safety issue. And as written, the manufacturer has no responsibility to do so.

That is not prudent. And it is definitely not scalable.

Where is the requirement that it is the manufacturer’s responsibility to keep a list of customers and both communicate directly and post notices of defects and rescission on their website?

This is not a burden, it is a cost of doing business. I am not aware of a manufacturer in any field that does not actively track their customers through registration, if only to promote additional products and services.

SEC 107.9 needs to be revisited to allow less discretion for any incident involving OOP.

Otherwise, how will the FAA monitor a heterogeneous national fleet to identify model specific  “safety” defects?

Which begs the question, how egregious will the defect need to be?

Is time of the essence once a safety defect is identified?

How effective a means of communication is the Federal Register? I would suggest that while it may satisfy the legal concept of the FAA’s obligation, it is not a useful way to reach operators.

With no specific liability, why will people comply when they can argue that they “didn’t know” of the defect just as the pilots in Atlanta claimed no knowledge of the TFR?

It must have seemed like a good idea at the time, but as an industry advocate I think that it is unfortunate that the decision was made to conflate the Night Operations and the 107 rule changes (particularly the broader requirement to present identification) with OOP, which is contingent on Remote ID becoming a rule first.

Effectively this delays the first two, which are ready to complete the rulemaking process.

I recommend that OOP rule writing be delayed until the other initiatives mentioned in #1 are completed including Remote ID.

In the interim, the FAA should make a concerted effort to increase the number of OOP waivers with the goal of gathering more data.

Because if more people can’t figure out how to satisfy the FAA, it’s certainly not time to give every 107 operator an EZ button…

Finally, go back to the beginning. Convene another ARC. Don’t refight the kinetic energy battle. Do take advantage of the experience that has been gained, and get input from people working with sUAS on a daily basis who, in the best tradition of aviation, are learning the hard way. People with direct experience who want to help the FAA write better rules we can all live with.

Thank you for your consideration.


Christopher Korody
Editor and Publisher
Dronin’ On, a publication of

This site uses Akismet to reduce spam. Learn how your comment data is processed.