By: Colonel (ret) Bernie Derbach, KR Droneworks, 24 December 25

As of December 23, 2025, the landscape of American aviation has undergone a seismic shift. Following a year-long security audit triggered by Section 1709 of the FY2025 National Defense Authorization Act (NDAA), the Federal Communications Commission (FCC) has officially added new equipment from major foreign drone manufacturers—most notably DJI and Autel Robotics—to its "Covered List."

This move effectively halts the authorization of all new drone models from these entities, making their future import, marketing, and sale in the United States illegal. The implications ripple across industries, from public safety and agriculture to hobbyists and critical infrastructure inspection.

1. The Core Concerns: Unpacking the "High-Altitude" Risks

The U.S. government’s stance is that un-crewed aircraft systems (UAS) are no longer just cameras; they are mobile, internet-connected sensors capable of sophisticated intelligence gathering. The fear is that these devices, particularly those from manufacturers subject to the Chinese National Intelligence Law, could become conduits for sensitive data.

A. Data Exfiltration & The National Intelligence Law

While hobbyists argue their sunset photos are of no value to a foreign state, the primary concern is the aggregation of metadata. This includes flight paths over sensitive areas, precise GPS coordinates, thermal imaging data, and high-fidelity 3D models of critical infrastructure.

Under China's 2017 National Intelligence Law, companies are legally compelled to support state intelligence efforts. Even with features like DJI's "Local Data Mode," which aims to keep data on the device, the FCC fears that "silent" firmware updates could enable backdoors, allowing data to be transmitted to overseas servers without the user's explicit knowledge or consent. This vulnerability poses a significant risk for any drone operating near military installations, power grids, or government facilities.

B. Supply Chain Weaponization

A "kill switch" scenario is a top-tier strategic fear. Modern drones are sophisticated computers with intricate firmware and software that can be updated remotely. With DJI alone controlling approximately 70–80% of the U.S. industrial and commercial drone market before the ban, a geopolitical conflict could hypothetically result in a manufacturer pushing a mandatory geofencing update that grounds all drones within U.S. borders. This would instantly blind search-and-rescue teams, halt vital utility inspections, and cripple various commercial operations that rely on these devices. The dependence on a single foreign source for such critical tools is considered a significant national security blind spot.

2. Is the Ban Justified? Security vs. Economic Impact

The decision to implement a sweeping ban remains highly controversial, with critics labeling it as "security theater" that masks underlying industrial protectionism and hinders technological progress for American businesses and individuals.

• Lack of a "Smoking Gun": To date, no public forensic evidence has been presented by U.S. intelligence agencies that definitively proves DJI or Autel actively funneled consumer or enterprise data to a foreign government. Independent audits by reputable firms like Booz Allen Hamilton and FTI Consulting previously confirmed that when users utilized available security features, such as "Local Data Mode," the data generally remained local and was not transmitted overseas. This lack of public evidence fuels the argument that the ban is preemptive rather than reactive to proven misconduct.

  
  

• The "Capability Gap" & Market Stagnation: American manufacturers like Skydio, BRINC, and Freefly produce excellent specialized hardware, particularly for military, public safety, and high-end enterprise applications. However, they have historically struggled to match the price-to-performance ratio, user-friendliness, and global scale of DJI, which dominates the consumer and prosumer markets. For many small-town police departments, agricultural operations, and independent real estate photographers, a U.S.-made drone can cost anywhere from 3x to 5x more than a comparable DJI model, creating significant financial barriers. Critics argue that without this protectionist "moat," the nascent U.S. drone industry would never achieve the scale necessary to truly innovate and compete globally.

  
  

  

  
  

• Public Safety: Approximately 90% of U.S. police and fire department drone fleets relied on DJI platforms due to their reliability and cost-effectiveness. Replacing these units with NDAA-compliant alternatives often incurs a significant cost increase of $15,000 to $50,000 per unit.

  
  

• Agriculture: Farmers who used drones for precise crop spraying, monitoring, and field analysis may see a stagnation in efficiency gains due to fewer affordable, specialized domestic options.

  
  

• Infrastructure Inspection: Inspecting bridges, power lines, and wind turbines using drones may become slower and more costly as operators transition to new, often less mature, platforms.

  
  

3. Structural Alternatives: The Paths Not Taken

Instead of a total "Blanket Ban" on new equipment authorizations, security experts and industry groups proposed more surgical "Zero Trust" regulatory models that could mitigate risks without stifling innovation or imposing undue economic burdens.

• Hardware-Locked "Air Gaps": The FCC could have mandated that all foreign drones sold in the U.S. include a physical, un-overrideable switch to disable all Wi-Fi, Bluetooth, and cellular (LTE) communication, effectively creating a hardware-level "air gap." This would ensure no data can leave the device, regardless of software configuration or firmware updates, providing a tangible and verifiable security measure.

  
  

• Cyber-Certification (UL-Listing for Software): Rather than banning by country of origin, the U.S. could have established a strict federal cybersecurity standard, akin to a "UL Listing" for software. Any drone, foreign or domestic, that allows for independent, third-party auditing of its source code and passes rigorous penetration tests and data flow analyses could be certified for sale. This approach focuses on the security of the technology itself, rather than the nationality of its creators.

  
  

• Tiered Access Control & Geofencing: The government could have implemented a system of "tiered access." This would involve restricting the use of foreign-made drones only for "Tier 1" critical infrastructure (e.g., nuclear power plants, military bases, highly sensitive government facilities) while allowing the consumer, agricultural, and general commercial markets to remain open. Enhanced geofencing capabilities could have been mandated for all foreign drones, automatically preventing them from taking off or operating within a specified radius of sensitive sites. This approach would have protected vital assets without penalizing the broader user base.

References & Further Reading

Federal Legislation & Regulatory Filings

• U.S. Congress (2024): National Defense Authorization Act (NDAA) for Fiscal Year 2025, Pub. L. No. 118-159, § 1709, "Analysis of Certain Unmanned Aircraft Systems Entities." [Accessed Dec 2025].

• Federal Communications Commission (2025): Public Notice: Addition of Unmanned Aircraft Systems (UAS) and UAS Critical Components to the Covered List. Released December 22, 2025.

• FCC Fact Sheet (2025): FCC Updates Covered List to Include Foreign UAS and UAS Critical Components on Going Forward Basis. Office of Chairman Carr.

• Secure and Trusted Communications Networks Act of 2019: 47 U.S.C. § 1609, the statutory basis for the FCC's "Covered List."

• 
  

Security Audits & Technical Research

• Booz Allen Hamilton (2020/2024): Cybersecurity Review of DJI Unmanned Aircraft Systems. (Updated forensic audits regarding data localization and encryption).

• FTI Consulting (2024): Independent Security Assessment of DJI Flight Services and Data Management.

• CISA & FBI (2024): Joint Cybersecurity Advisory: Cybersecurity Risks Posed by Chinese-Manufactured Unmanned Aircraft Systems.

• 
  

Industry Analysis & Market Impact

• AUVSI (Association for Uncrewed Vehicle Systems International): 2025 State of the Drone Industry Report: Transitioning to a Trusted Supply Chain.

• Drone Advocacy Alliance (2025): Economic Impact Assessment: The Cost of Commercial Drone Transitions for U.S. Small Businesses and Public Safety.

• UAV Coach (2025): The DJI Ban: A Comprehensive Guide for Commercial and Recreational Pilots.

• McKinsey & Company (2025): Strategic Autonomy in Aviation: Rebuilding the U.S. sUAS Industrial Base.