(Jason Doiy / The Recorder)

Personal-use drones have been wildly popular since landing in the consumer shopping scene in 2014. The unmanned-aerial devices seem to keep trending upward in this upcoming holiday season, with the Consumer Technology Association expecting 9 percent of all holiday technology buys to be drone-related. Drones seem to be a prime buy for potential commercial purposes as well: Amazon has long flirted with the idea of using drones for package delivery, and last week, Apple announced that it planned to bolster its mapping data using aerial drone imaging.

But as drones become increasingly pervasive and expand their use, legal experts find that some key concerns remain. Because drones are almost always outfitted with cameras, privacy questions rank highly among attorneys looking into drone flight.

“The issue really comes down to whether an individual would have a reasonable expectation of privacy in the setting,” explained Behnam Dayanim, partner at Paul Hastings.

State and federal policymakers and courts are still scrambling to create regulations to keep pace with drone sales. The Federal Aviation Administration (FAA) released guidelines in June about legal regulations for commercial drone operators, and outlined a set of rules last year mandating that pilots keep drones within eyesight and away from crowds of people.

Further, because drones fly overhead, they may pose a challenge to currently accepted standards of reasonable expectations of privacy. Dayanim noted that while a tall backyard fence, for example, has historically indicated a person’s intent to exercise their right to privacy, a drone can easily move above fences, potentially posing violations of expectations of privacy created by a fence.

Hillary Farber, a professor of law at University of Massachusetts School of Law, studies legal privacy and surveillance questions surrounding drone use. Because drones are a relatively new advent, people can’t really be expected to anticipate and adequately shield themselves from potential drone imaging.

“If you make yourself visible to passersby on the street, you’re aware that you’re exposing your image to people on the street,” Farber elaborated. “We don’t have the expectation that there’s going to be a camera flying over us, above us, capturing images.”

Above the theoretical question of privacy lies a more physical one: What happens if that drone drops out of the sky? Trey Hanbury, partner at Hogan Lovells, noted that beyond privacy issues, internet of things (IoT) technologies, especially drones, carry more tangible consequences.

“The act of it falling could actually cause serious harm to individuals,” he said. “We can imagine a hacker breaking into that product or that UAV, but [unexpected descent] might also be a result of interference because it’s lost connection to the controller.”

With IoT technologies expected to increase in popularity this holiday season, questions around the information collected by drones during flight are a top concern for legal experts.

IoT-enabled devices have increasingly drawn scrutiny for their lax data securitizing practices, and Paul Hastings’ Dayanim said that potential data security issues around drones haven’t really shown up in practice yet.

“I haven’t seen any concern about that specifically. There’s a trend about data security generally, but I haven’t seen anything specifically to drones,” Dayanim said.

Hanbury said the potential for drone interception via IoT hacking, while perhaps not yet seen, holds additional weight because of the potential harm caused by a hacked drone.

“We have until recently had only online impact from online security events, but as we move into a world where IoT has manifested itself in the world of auto vehicles and drones, hacking starts to have real-world consequences,” he cautioned.

Further complicating the matter is the potential need to build in override “back doors” to drone technology, through which drones could be disabled in the event of a hack. Law enforcement may ask policymakers to build them access points they can use to enforce FAA-designated no-fly zones, especially around areas like the White House, where a small drone crash on the South Lawn put Secret Service on high alert in 2015.

Hanbury said that the wisdom of building in these back doors for selective law enforcement access, a debate currently being addressed in broader discussions around data encryption, may be more pressing given that drones can pose risks to actual physical safety.

“Think about all the issues we’ve had on the online environment and the debates we’ve had about the role of encryption, the benefits and potential risks of that back door, and now we’re just taking it to the physical environment. I think it may yield different value judgments about where we draw the lines, but a lot of the same questions come up,” Hanbury said.

It remains unclear where new regulatory and legislative efforts around drones will come from. President Barack Obama announced in August the administration’s commitments to advance research and investment in drones, but President-elect Donald Trump may have different ideas. Last week, head of the House transportation committee Rep. Bill Shuster told reporters that Trump supported a privately owned alternative to the FAA , which could dramatically shift existing regulation around drone use.

At the state level, legislators are starting to get a little more proactive about their drone regulations. Thirty-eight different states looked at drone-related policies for the 2016 legislative session, with 31 states adopting policies this year.

Hanbury said that we may have to wait to see where the bulk of guiding policy comes from, especially given the coming administration change.

“Certainly there’s going to be a big role for state and local officials here,” he said.

In her research, Farber found some key differences in the ways that local and federal regulators have approached drones. The FAA to date has explicitly focused most of their guidelines on maintaining safety, while states and cities have looked more at the need to create additional privacy assurances for residents. Farber noted that while this separation persists, local communities should be able to pursue policy surrounding privacy without federal interference.

Because of this structure, Farber suggested that guiding policy may be more likely to come from the local side more so than from the executive branch. “I think that these laws will hold up, so I think they’ll sort of start to percolate from the bottom-up,” she said.

“It’s very much in flux, but I don’t think we’re going to see a lot of pre-emption issues as long as the regulations are very well-crafted with a focus on privacy,” Farber added.

Personal-use drones have been wildly popular since landing in the consumer shopping scene in 2014. The unmanned-aerial devices seem to keep trending upward in this upcoming holiday season, with the Consumer Technology Association expecting 9 percent of all holiday technology buys to be drone-related. Drones seem to be a prime buy for potential commercial purposes as well: Amazon has long flirted with the idea of using drones for package delivery, and last week, Apple announced that it planned to bolster its mapping data using aerial drone imaging.

But as drones become increasingly pervasive and expand their use, legal experts find that some key concerns remain. Because drones are almost always outfitted with cameras, privacy questions rank highly among attorneys looking into drone flight.

“The issue really comes down to whether an individual would have a reasonable expectation of privacy in the setting,” explained Behnam Dayanim, partner at Paul Hastings .

State and federal policymakers and courts are still scrambling to create regulations to keep pace with drone sales. The Federal Aviation Administration (FAA) released guidelines in June about legal regulations for commercial drone operators, and outlined a set of rules last year mandating that pilots keep drones within eyesight and away from crowds of people.

Further, because drones fly overhead, they may pose a challenge to currently accepted standards of reasonable expectations of privacy. Dayanim noted that while a tall backyard fence, for example, has historically indicated a person’s intent to exercise their right to privacy, a drone can easily move above fences, potentially posing violations of expectations of privacy created by a fence.

Hillary Farber, a professor of law at University of Massachusetts School of Law , studies legal privacy and surveillance questions surrounding drone use. Because drones are a relatively new advent, people can’t really be expected to anticipate and adequately shield themselves from potential drone imaging.

“If you make yourself visible to passersby on the street, you’re aware that you’re exposing your image to people on the street,” Farber elaborated. “We don’t have the expectation that there’s going to be a camera flying over us, above us, capturing images.”

Above the theoretical question of privacy lies a more physical one: What happens if that drone drops out of the sky? Trey Hanbury, partner at Hogan Lovells , noted that beyond privacy issues, internet of things (IoT) technologies, especially drones, carry more tangible consequences.

“The act of it falling could actually cause serious harm to individuals,” he said. “We can imagine a hacker breaking into that product or that UAV, but [unexpected descent] might also be a result of interference because it’s lost connection to the controller.”

With IoT technologies expected to increase in popularity this holiday season, questions around the information collected by drones during flight are a top concern for legal experts.

IoT-enabled devices have increasingly drawn scrutiny for their lax data securitizing practices, and Paul Hastings ‘ Dayanim said that potential data security issues around drones haven’t really shown up in practice yet.

“I haven’t seen any concern about that specifically. There’s a trend about data security generally, but I haven’t seen anything specifically to drones,” Dayanim said.

Hanbury said the potential for drone interception via IoT hacking, while perhaps not yet seen, holds additional weight because of the potential harm caused by a hacked drone.

“We have until recently had only online impact from online security events, but as we move into a world where IoT has manifested itself in the world of auto vehicles and drones, hacking starts to have real-world consequences,” he cautioned.

Further complicating the matter is the potential need to build in override “back doors” to drone technology, through which drones could be disabled in the event of a hack. Law enforcement may ask policymakers to build them access points they can use to enforce FAA-designated no-fly zones, especially around areas like the White House, where a small drone crash on the South Lawn put Secret Service on high alert in 2015.

Hanbury said that the wisdom of building in these back doors for selective law enforcement access, a debate currently being addressed in broader discussions around data encryption, may be more pressing given that drones can pose risks to actual physical safety.

“Think about all the issues we’ve had on the online environment and the debates we’ve had about the role of encryption, the benefits and potential risks of that back door, and now we’re just taking it to the physical environment. I think it may yield different value judgments about where we draw the lines, but a lot of the same questions come up,” Hanbury said.

It remains unclear where new regulatory and legislative efforts around drones will come from. President Barack Obama announced in August the administration’s commitments to advance research and investment in drones, but President-elect Donald Trump may have different ideas. Last week, head of the House transportation committee Rep. Bill Shuster told reporters that Trump supported a privately owned alternative to the FAA , which could dramatically shift existing regulation around drone use.

At the state level, legislators are starting to get a little more proactive about their drone regulations. Thirty-eight different states looked at drone-related policies for the 2016 legislative session, with 31 states adopting policies this year.

Hanbury said that we may have to wait to see where the bulk of guiding policy comes from, especially given the coming administration change.

“Certainly there’s going to be a big role for state and local officials here,” he said.

In her research, Farber found some key differences in the ways that local and federal regulators have approached drones. The FAA to date has explicitly focused most of their guidelines on maintaining safety, while states and cities have looked more at the need to create additional privacy assurances for residents. Farber noted that while this separation persists, local communities should be able to pursue policy surrounding privacy without federal interference.

Because of this structure, Farber suggested that guiding policy may be more likely to come from the local side more so than from the executive branch. “I think that these laws will hold up, so I think they’ll sort of start to percolate from the bottom-up,” she said.

“It’s very much in flux, but I don’t think we’re going to see a lot of pre-emption issues as long as the regulations are very well-crafted with a focus on privacy,” Farber added.