Roger Clarke's Web-Site

© Xamax Consultancy Pty Ltd,  1995-2024
Photo of Roger Clarke

Roger Clarke's 'Safety and Privacy Impacts of Drones'

Managing Drones' Safety and Privacy Impacts

Summary of 26 October 2013
in support of a presentation at the IQPC event on Commercial UAVs
Brisbane, 27-28 October 2015

Roger Clarke **

© Xamax Consultancy Pty Ltd, 2015

Available under an AEShareNet Free
for Education licence or a Creative Commons 'Some
Rights Reserved' licence.

This document is at

The supporting slide-set is at (39MB!)


As evidenced by media coverage, and by the increasing incidence of cartoons, the public is awake to fact that drones give rise to safety and privacy issues. In order to manage both the first-round impacts, and the potential for second-round implications, it's first necessary to get to grips with the nature of drones, and the changes their characteristics give rise to. Unfortunately, many early self-entertainment users of drones have behaved thoughtlessly, and some commercial users have been far too casual about safety risks. The problems have been exacerbated by the aviation regulator initially applying an excessively light hand.

Safety assurance is confronted by a range of challenges, some arising from the operational environment, some associated with the mode of control of the vehicle and its capabilities, and some relating to the pilots and facilities operators. Failures are all-too-common, and multiple 'failure modes' need to be recognised and allowed for. Harm to public safety can arise in a variety of ways, some of them obvious, and some less so.

There's a public policy imperative that the regulatory framework be appropriately adapted, and adapted quickly. This is important not only to avoid undue harm arising, but also to avoid undue public perception of danger becoming entrenched, and to avoid valuable drone applications being prevented as a result of public backlash. Unfortunately, aviation regulators around the world have been extremely slow to respond. In Australia, CASA has wasted its early start in 1998-2002 by responding highly ineffectively to early incidents, by being very slow to develop proposals, and by making them invisible except to trusted industry-insiders.

Because of the slow rate of regulatory maturation, it's all the more important for business and government organisations that want to take advantage of drone technology to determine their own corporate response. The first need is for a compliance plan, in order to ensure that the organisation performs consistently with the existing regulatory requirements. Beyond that, however, there is a need to undertake threat / risk assessment (often referred to as TRA), and to establish and implement a risk management plan.

The privacy impacts of drones are generally seen as being beyond-scope for aviation regulators. Privacy oversight agencies, meanwhile, have very feeble powers, and they primarily focus on data privacy. So it's particularly important that organisations considering drone usage also understand the public's concerns about surveillance negatively affecting behavioural privacy. The best way to do this is to undertake a privacy impact assessment (PIA), as part of, or in parallel with the TRA.



Clarke R. (2014) 'Understanding the Drone Epidemic' Computer Law & Security Review 30, 3 (June 2014) 230-246, PrePrint at

Clarke R. (2014) 'What Drones Inherit from Their Ancestors' Xamax Consultancy Pty Ltd, January 2014, at

Clarke R. & Molnar A. (2014) 'Hobbyist Drones: Payload and Mission Capabilities' Invited Presentation to an IEEE Workshop on Remotely Piloted Airborne Vehicles and Related Technologies, University of Melbourne, 29 September 2014, at

Drone Safety

Clarke R. & Bennett Moses L. (2014) 'The Regulation of Civilian Drones' Impacts on Public Safety' Computer Law & Security Review 30, 3 (June 2014) 263-285, PrePrint at

Clarke R. (2014) 'Drones' Challenges to Public Safety' Presentation to the Unmanned Aerial Systems Conference, February 2014, Adelaide, at

Drone Privacy

APF (2013) 'Policy Statement on Privacy Impact Assessments' Australian Privacy Foundation, March 2013, at

APF (2014b) 'Policy on Drones' Australian Privacy Foundation, March 2014, at

Clarke R. (2014) 'The Regulation of of the Impact of Civilian Drones on Behavioural Privacy' Computer Law & Security Review 30, 3 (June 2014) 286-305, PrePrint at

Privacy Strategy

Clarke R. (1996) 'Privacy, Dataveillance, Organisational Strategy' (the original version was a Keynote Address for the I.S. Audit & Control Association Conf. (EDPAC'96), Perth, 28 May 1996), at

Clarke R. (2006) 'Make Privacy a Strategic Factor - The Why and the How' Cutter IT Journal 19, 11 (October 2006), at

Privacy Impact Assessments

OAIC (2014) 'Guide to undertaking privacy impact assessments' Office of the Australian Information Commissioner, May 2014, at

OVPC (2009) 'Privacy Impact Assessments Guide' Office of the Victorian Privacy Commissioner, April 2009, at

Author Affiliations

Roger Clarke is Principal of Xamax Consultancy Pty Ltd, Canberra. He is also a Visiting Professor in Cyberspace Law & Policy at the University of N.S.W., and a Visiting Professor in the Computer Science at the Australian National University.

xamaxsmall.gif missing
The content and infrastructure for these community service pages are provided by Roger Clarke through his consultancy company, Xamax.

From the site's beginnings in August 1994 until February 2009, the infrastructure was provided by the Australian National University. During that time, the site accumulated close to 30 million hits. It passed 65 million in early 2021.

Sponsored by the Gallery, Bunhybee Grasslands, the extended Clarke Family, Knights of the Spatchcock and their drummer
Xamax Consultancy Pty Ltd
ACN: 002 360 456
78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 6916

Created: 13 October 2015 - Last Amended: 26 October 2015 by Roger Clarke - Site Last Verified: 15 February 2009
This document is at
Mail to Webmaster   -    © Xamax Consultancy Pty Ltd, 1995-2022   -    Privacy Policy