Download:
pdf |
pdfU.S. Department of Transportation
Privacy Impact Assessment
Federal Aviation Administration
Small Unmanned Aircraft Systems Final Rule
Responsible Official
Brad Zeigler
Aviation Safety Inspector
(202) 267-1100
[email protected]
Reviewing Official
Claire W. Barrett
Chief Privacy & Information Asset Officer
Office of the Chief Information Officer
[email protected]
�FAA
sUAS Final Rule
Executive Summary
The FAA has published a new rulemaking as required by the Federal Aviation Administration
(FAA) Modernization and Reform Act of 2012 (Public Law 112-95). The rulemaking adds a new
part 107 to Title 14 Code of Federal Regulations (14 CFR) establishing, among other things, a
new airman certificate for pilots of small unmanned aerial systems (UAS), which will be called a
remote pilot certificate with a small UAS rating. As required by the E-Government Act of 2002,
Pub. L. 107-347, and the Consolidated Appropriations Act, 2005, Pub. L. 108-447, the FAA is
publishing this Privacy Impact Assessment (PIA) to inform the public of the privacy risks and
mitigation strategies associated with the FAA’s collection, use, dissemination, and retention of
PII resulting from the rule.
What is a Privacy Impact Assessment?
The Privacy Act of 1974 articulates concepts for how the federal government should treat
individuals and their information and imposes duties upon federal agencies regarding the
collection, use, dissemination, and maintenance of personally identifiable information (PII). The
E-Government Act of 2002, Section 208, establishes the requirement for agencies to conduct
Privacy Impact Assessments (PIAs) for electronic information systems and collections. The
assessment is a practical method for evaluating privacy in information systems and collections,
and documenting assurance that privacy issues have been identified and adequately addressed.
The PIA is an analysis of how information is handled to— i) ensure handling conforms to
applicable legal, regulatory, and policy requirements regarding privacy; ii) determine the risks
and effects of collecting, maintaining and disseminating information in identifiable form in an
electronic information system; and iii) examine and evaluate protections and alternative
processes for handling information to mitigate potential privacy risks. 1
Conducting a PIA ensures compliance with laws and regulations governing privacy and
demonstrates the DOT’s commitment to protect the privacy of any personal information we
collect, store, retrieve, use and share. It is a comprehensive analysis of how the DOT’s
electronic information systems and collections handle personally identifiable information (PII).
The goals accomplished in completing a PIA include:
-
-
Making informed policy and system design or procurement decisions. These decisions
must be based on an understanding of privacy risk, and of options available for
mitigating that risk;
Accountability for privacy issues;
Analyzing both technical and legal compliance with applicable privacy law and
regulations, as well as accepted privacy policy; and
Providing documentation on the flow of personal information and information
requirements within DOT systems.
Upon reviewing the PIA, you should have a broad understanding of the risks and potential
effects associated with the Department activities, processes, and systems described and
approaches taken to mitigate any potential privacy risks.
1
Office of Management and Budget’s (OMB) definition of the PIA taken from guidance on implementing the
privacy provisions of the E-Government Act of 2002 (see OMB memo of M-03-22 dated September 26, 2003).
-1-
�FAA
sUAS Final Rule
Introduction & Final Rule Overview
In the FAA Modernization and Reform Act of 2012 (Public Law 112-95), Congress mandated
that the DOT conduct a suite of rulemakings to integrate small UAS into the National Airspace
System (NAS). In response to this statutory mandate, the FAA published the first of these
rulemakings: a notice of proposed rulemaking (NPRM), designed to allow low-risk small UAS
operations in the NAS and establish a new pilot certification for small UAS pilots. The proposed
rule, a new part 107 to Title 14 Code of Federal Regulations (14 CFR), addressed the operating
requirements for small UAS and small UAS pilot certification requirements. While the NPRM
proposed requirements and criteria for registration, marking, and identification of small UAS, as
well as operation of microUAS, these issues will be addressed in separate rulemakings. See
Registration and Marking of Small UAS Interim Final Rule (RIN 2120-AK82), 80 FR 79255
(Dec. 16, 2015), and Micro UAS NPRM (RIN 2120-AKXX).
On June 28, 2016, the FAA published the final rule. This rule implements a new part 107 in title
14, CFR, which creates a new airman certificate: the remote pilot certificate with a small UAS
rating for pilots of small UAS. The process for granting this certificate will be in line with the
process for granting other airman certificates. Thus, the privacy implications of the information
collection, maintenance, storage, and dissemination by the FAA in accordance with this rule are
the same as those of the FAA’s current airman certification processes.
The FAA notes that some members of the public have raised privacy concerns related to the
operational use of unmanned aircraft for unauthorized surveillance and data collection. While
addressing these types of concerns is beyond the scope of this rulemaking, the FAA participated
in the multi-stakeholder engagement process led by the National Telecommunications and
Information Administration (NTIA), established by the Presidential Memorandum, Promoting
Economic Competitiveness While Safeguarding Privacy, Civil Rights, and Civil Liberties in
Domestic Use of Unmanned Aircraft Systems (February 15, 2015). As a result of this multistakeholder process, NTIA published “Voluntary Best Practices for UAS Privacy, Transparency,
and Accountability.” The FAA has added information about this guide to the part 107 training
course and guidance material FAA is providing for new remote pilots. FAA also notes that there
are existing federal, state, local, and common law protections of individual privacy, and that
these laws may provide recourse for any potential invasion of personal privacy that might result
from use of a UAS. The FAA training course and guidance materials advise remote pilots to
check their state and local privacy laws prior to flight.
Small UAS have a wide variety of potential applications, such as:
•
•
•
•
•
•
•
•
Crop monitoring/inspection;
Research and development;
Educational/academic uses;
Power-line/pipeline inspection in hilly or mountainous terrain;
Antenna inspections;
Aiding rescue operations;
Bridge inspections; and
Wildlife nesting area evaluations.
-2-
�FAA
sUAS Final Rule
Because of the potential for societally beneficial applications of small UAS, the FAA has been
seeking to incorporate these systems into the NAS since 2008. In that time, the FAA has
permitted non-recreational small UAS use through various mechanisms, such as special
airworthiness certificates, exemptions, and certificates of authorization or waiver (COA). This
rule represents the next phase of integrating small UAS into the NAS.
On February 1, 2012, Congress passed the FAA Modernization and Reform Act of 2012, Public
Law 112-95. Section 333 of Public Law 112-95 (Section 333) directed the Secretary of
Transportation to determine whether certain small UAS operations could be operated in the NAS
without posing a hazard to other users of the NAS or a threat to national security. As part of its
ongoing efforts to integrate UAS operations in the NAS, and in accordance with Section 333, the
DOT proposed a new part 107 to Title 14 of the CFR to include specific rules for the nonrecreational operation of small UAS posing the least amount of public risk in the NAS. The FAA
received more than 4,600 public comments to the February 23, 2015, notice of proposed
rulemaking.
The final rule adds the new part 107 to allow for civil non-recreational operation of small UAS
in the NAS within an acceptable set of safety parameters. The rule defines small UAS as UAS
weighing less than 55 pounds, and limits small UAS operations to daytime and civil twilight
hours, within a confined area, and within visual-line-of-sight of the remote pilot in command.
The confined area prohibits small UAS from flying over individuals who are not directly
participating in the small UAS operation, flying higher than 400 feet above ground level or the
highest point of a structure, and from entering controlled airspace without permission from the
local FAA Air Traffic Control (ATC). The rule also imposes other operational limits, including
speed limitations and weather minimums that are necessary to maintain the safety of the NAS.
In addition, this rule requires the person directly responsible for the operation of the small UAS
to obtain a remote pilot certificate with a small UAS rating. This is a new type of airman
certificate created for small UAS operations to satisfy existing statutory mandates for airman
certification. The remote pilot certificate bestows the privileges and limitations associated with
operating a small UAS. An applicant must pass an aeronautical knowledge test or complete an
online training course to obtain this certificate and rating. The knowledge test is administered by
FAA-designated Airmen Knowledge Testing Centers (AKTC) in a similar manner as knowledge
tests for other FAA-issued airman certificates. Like applicants for other pilot certificates,
applicants for a remote pilot certificate must undergo security vetting by the Transportation
Security Administration (TSA). After obtaining the remote pilot certificate, the certificate holder
must pass a recurrent knowledge test every 24 months to continue exercising the privileges of the
certificate.
Applicants who already hold a pilot certificate issued under 14 CFR part 61, such as a
recreational, sport pilot, private pilot, commercial, or air transport pilot certificate, and who meet
the flight review requirements of 14 CFR 61.56, may complete an online training course in lieu
of passing a knowledge test. This training course is hosted by the FAA Safety Team and requires
the participant to register for an account on www.FAASafety.com, complete the training
program, and print the certificate of completion so that it may be included in the application for
the remote pilot certificate.
This PIA focuses on the six components of the FAA’s final rule that involve the collection and
use of PII: (1) remote pilot certificate applications; (2) administration of a knowledge test; (3)
-3-
�FAA
sUAS Final Rule
administration of the online training program; (4) accident reporting; (5) applications for
waivers; and (6) applications for ATC authorization.
Application for a Remote Pilot Certificate
The primary mission of the FAA is to provide the safest, most efficient aerospace system in the
world. One of the ways the FAA supports this mission is through the certification of airmen, as
required under 49 United States Code (U.S.C.) § 44703.
The rule defines a small UAS remote pilot in command as any person who will have the final
authority and responsibility for the operation and safety of a small UAS operation conducted
under part 107. Because a remote pilot in command is an airman, 2 individuals are prohibited
from operating a small UAS in air commerce without an airman certificate. 3 Like other
prospective airman, any individual seeking to serve as a remote pilot in command for a nonhobby civil small UAS operation must submit an application, including certain PII, for FAA
review and issuance of a remote pilot certificate.
The FAA will leverage existing airmen certification processes and systems to address
requirements for small UAS remote pilots in command. PII collected by the FAA for these
purposes will be managed in accordance with the DOT’s existing systems of records applicable
to airmen certification records, DOT/FAA 847, Aviation Records on Individuals. 4 Information
about airman certificate holders and applications, including remote pilot certificate holders and
applicants, are maintained within the Civil Aviation Registry Applications (AVS Registry, also
known as the Registry Modernization System [RMS]), the official repository for airmen
certification records.
The FAA's Office of Aviation Safety (AVS) manages the FAA airman certification application
process. Airmen or applicants may submit paper applications, or complete web-based electronic
applications using the Integrated Airman Certification and Rating Application (IACRA). IACRA
guides an individual seeking an airman certification through the FAA’s airman application
process and serves as a temporary repository of the application until they are transferred to the
official repository, the AVS Registry. The DOT is conducting a PIA for IACRA, which will be
published on the Departmental Privacy Program website, www.transportation.gov/privacy.
Applicants for airman certification, including remote pilot certification, must provide the
following information:
•
•
•
•
•
•
Full name
SSN (voluntary)
Date of Birth
Place of Birth
Citizenship
Vital Description (hair and eye color, height, weight, gender)
2
49 U.S.C. § 40102(a)(8)(A) (defining an airman to include an individual who is “in command, or as pilot,
mechanic, or member of the crew, who navigates aircraft when under way”).
3
49 U.S.C. § 44711(a)(2)(A) (prohibiting a person from serving as an airman with regard to a civil aircraft being
used in air commerce without an airman certificate).
-4-
�FAA
sUAS Final Rule
•
•
•
•
•
•
•
•
•
•
•
Home Address, including city, state, and zip code
Home Phone Number
E-mail address (for IACRA registration only) 5
Security questions and answers (for IACRA registration only)
Passwords (for IACRA registration only)
Applicant ID
Drug Convictions (Y/N, Date of Convictions)
Electronic Signature
Airman Certificate Date of Issuance
English Proficiency (Y/N)
Existence of medical limitations preventing English Proficiency
Administration of an Aeronautical Knowledge Test
The FAA requires applicants for a remote pilot certificate to demonstrate sufficient aeronautical
knowledge to safely operate a small UAS. As discussed above, part of the FAA’s safety mission,
as required by statute, is to certificate qualified persons as airmen capable of operating aircraft in
the NAS. Applicants for remote pilot certificates must pass an FAA aeronautical knowledge
written test, focusing on the knowledge areas specified in the new part 107.
The aeronautical knowledge tests for all airman certificate applicants, including applicants for
remote pilot certificates, are administered by the designated AKTC. 6 All applicants must provide
the AKTC with his or her name, mailing address, date of birth, and valid photo ID to verify the
applicant’s identity. An applicant may provide his or her SSN, but is not required to do so. The
rule applies those requirements to applicants for a remote pilot certificate. As stated in FAA
Order 8080.6G, Conduct of Airmen Knowledge Tests, 7 the FAA has established strict protocols
regarding how a AKTC accepts this PII and verifies identity, how the AKTC transmits PII to the
FAA, how the AKTC must safeguard PIA, and how long PII must be kept by the AKTC.
Administration of the Online Training Program
Airmen who hold a Part 61 8 certificate with current flight reviews have already demonstrated
knowledge of many of the topic areas associated with small UAS operations through initial
certification and subsequent flight reviews; therefore, they may substitute an online training
course for the aeronautical knowledge testing required by part 107.
The online training course is administered by the National FAA Safety Team (FAASTeam)
Branch. The FAASTeam, within the FAA, is tasked to improve the U.S. aviation accident rate by
conveying safety principles and practices through training, outreach, and education. The
5
To access IACRA, individuals must establish a user account (i.e., “register”), which requires that the individual
submit an email address and create a password. The individual also must answer several security questions that
would be used to reset the password, should that be needed.
6
See 14 CFR part 183, Subpart D.
7
http://www.faa.gov/documentLibrary/media/Order/FAA_Order_8080_6G.pdf
8
Part 61 of Title 14, CFR, establishes the airmen certification requirements for aircraft other than UAS.
-5-
�FAA
sUAS Final Rule
FAASTeam hosts an online portal at https://www.faasafety.gov that offers aviation safety online
training courses.
Interested persons may access online training courses as a guest without providing any PII.
Those seeking credit and a completion certificate for the small UAS training course must create
an account and log on to the secure website. To create an account, the user must provide their
name, email address, zip code and, if applicable, their pilot certificate and ratings and certificates
held.
Accident Reporting
As part of its safety mission, the FAA collects and reviews aircraft accident data and uses that
data to promulgate rules, develop aviation safety outreach programs that improve aviation safety,
and investigate potential violations of FAA regulations. Small UAS is a relatively new industry
and operators of small UAS may not have prior experience with aviation regulations or FAA
oversight. Furthermore, because of the newness of the small UAS industry, the FAA currently
does not have the oversight experience with small UAS that it has with manned-aircraft
operations. Accordingly, the FAA requires that the remote pilot in command report the following
types of accidents to the FAA within 10 days of the accident: small UAS operation that results in
(1) serious injury to any person or any loss of consciousness, or (2) damage to any property,
other than the small unmanned aircraft, unless the cost of repair (including materials and labor)
or fair market value in the event of total loss does not exceed $500.
After receiving this report, the FAA may conduct further investigation to determine whether any
FAA regulations were violated. In accordance with this rule, the only PII that a remote pilot in
command must provide to the FAA when reporting an accident is his or her name, remote pilot
certificate number, and aircraft registration number (if applicable). 9 Upon receiving an accident
report, the FAA will supplement the report as necessary with PII collected from the remote pilot
airmen certification and small UAS registration systems. 10 The small UAS accident report
becomes part of the FAA’s existing aircraft accident database and is used by the FAA to conduct
safety risk analysis. The report also will be shared with the National Transportation Safety Board
(NTSB). If the small UAS accident involves serious injury or death, the NTSB may investigate
the cause of the accident (49 CFR 830.2). Although the FAA aircraft accident database is
publically accessible, the public is not able to access PII such as name, address, or certificate
number in the database; however, in certain circumstances some information from the database
may be required to be disclosed under the Freedom of Information Act (FOIA), such as an
individual’s name and contact information associated with a business that registered or operated
a small UAS involved in the accident reported.
Applications for Waivers or Authorizations
The rule permits a waiver from provisions in part 107, provided the FAA Administrator finds the
proposed operation can be safely conducted under the terms of the waiver. This rule also allows
a small UAS operation to be conducted in Class B, Class C, or Class D airspace, or within the
lateral boundaries of the surface area of Class E airspace designated for an airport with prior
authorization from ATC. Applications for waivers and ATC authorization will be made using the
9
A remote pilot in command could provide PII of persons injured or whose property was damaged as a result of the
accident.
10
Small unmanned aircraft weighing 0.55 pounds or less are not required to be registered.
-6-
�FAA
sUAS Final Rule
same form. Individuals seeking a waiver or authorization must submit a request containing a
description of the proposed operation and an explanation of how he or she intends to safely
conduct the operation. If ATC authorization or a certificate of waiver is granted, that certificate
or authorization may include additional conditions and limitations designed to ensure that the
small UAS operation provides a sufficient level of safety.
An applicant for a certificate of waiver or an ATC authorization must include the following PII:
•
•
•
•
•
Name of organization (if applicable)
Full name of the responsible person
Remote Pilot Certificate number of the person who will be the remote pilot in command
during the operation
Contact information for the organization/individual (mailing address, phone number, and
email address)
Aircraft description and registration number (if applicable)
A waiver or ATC authorization application is sent to the FAA via the post office or through an
online portal hosted on the FAA website. After receiving and evaluating the application, the
FAA will respond to the applicant informing the applicant that the waiver or authorization
request 1) is approved, with any limitations; 2) declined, with explanation; or 3) requires
additional information.
Fair Information Practice Principles (FIPPs) Analysis
The DOT PIA template is based on the Fair Information Practice Principles (FIPPs). The
FIPPs, rooted in the tenets of the Privacy Act, are mirrored in the laws of many U.S. states, as
well as many foreign nations and international organizations. The FIPPs provide a framework
that will support DOT efforts to appropriately identify and mitigate privacy risk. The FIPPsbased analysis conducted by DOT is predicated on the privacy control families articulated in the
Federal Enterprise Architecture Security and Privacy Profile (FEA-SPP) v3 11, sponsored by the
National Institute of Standards and Technology (NIST), the Office of Management and Budget
(OMB), and the Federal Chief Information Officers Council and the Privacy Controls
articulated in Appendix J of the NIST Special Publication 800-53, Security and Privacy Controls
for Federal Information Systems and Organizations. 12
Transparency
Sections 522a(e)(3) and (e)(4) of the Privacy Act and Section 208 of the E-Government Act
require public notice of an organization’s information practices and the privacy impact of
government programs and activities. Accordingly, DOT is open and transparent about policies,
procedures, and technologies that directly affect individuals and/or their personally identifiable
information (PII). Additionally, the Department should not maintain any system of records the
existence of which is not known to the public.
11
12
http://www.cio.gov/documents/FEA-Security-Privacy-Profile-v3-09-30-2010.pdf
http://csrc.nist.gov/publications/drafts/800-53-Appdendix-J/IPDraft_800-53-privacy-appendix-J.pdf
-7-
�FAA
sUAS Final Rule
As required by the E-Government Act of 2002, Pub. L. 107-347, and the Consolidated
Appropriations Act, 2005, Pub. L. 108-447, the FAA is publishing this PIA to inform the public
of the privacy risks and mitigation strategies associated with the FAA’s collection, use,
dissemination, and retention of PII resulting from the rule.
The DOT has published the Privacy Act System of Records Notice (SORN), DOT/FAA 847,
Aviation Records on Individuals (DOT/FAA-847) – 75 FR 68849 – November 9, 2010, 13
providing notice to the public of its privacy practices regarding the collection, use, sharing,
safeguarding, maintenance, and disposal of information about an individual that may be collected
as part of the airmen certification process. DOT/FAA 847 is applicable to the following
processes discussed in this PIA: applications for remote pilot certificates, administration of
aeronautical knowledge tests, administration of the online training program, and accident
reporting.
The DOT Privacy Office is reviewing its Notices to ensure that all aspects of the activities and
systems discussed in this PIA are adequately described. As required by 5 U.S.C. 552a(e)(3), the
FAA provides notice to individuals about the its practices for the collection, use, and
dissemination of an individual’s PII on the application for airmen certification and any other
forms used to collect information from airmen. In this regard, DOT is determining the
appropriate Privacy Act SORN that adequately and accurately describes applications for waivers
and authorizations under 14 CFR part 107. DOT may opt to publish a new SORN to encompass
any records the FAA may collect and manage with regard to waivers and authorizations.
Following such publication, DOT will update this PIA accordingly. Consistent with the Privacy
Act, the FAA will not maintain any records concerning individuals with regard to waivers in the
absence of describing the records in an effective SORN.
Individual Participation and Redress
DOT should provide a reasonable opportunity and capability for individuals to make informed
decisions about the collection, use, and disclosure of their PII. As required by the Privacy Act,
individuals should be active participants in the decision-making process regarding the collection
and use of their PII, and should be provided reasonable access to their PII and the opportunity
to have it corrected, amended, or deleted, as appropriate.
All information collected about individuals for the purpose of issuing a remote pilot certification
is voluntarily provided by and collected directly from the airmen seeking certification. Due to the
nature of the application process, inaccurate information about the airmen will surface during the
certification process. The FAA will contact the applicant if inaccuracies surface during this
process and it will annotate and correct any information that an individual points out is incorrect.
Under the provisions of the Privacy Act, individuals may request searches of FAA records to
determine if any records have been added that may pertain to them. Individuals also may request
correction of any inaccurate information maintained in FAA systems that support the application
process. Additionally, per the Pilot Records Improvement Act (49 U.S.C. § 44703) airmen may
request that their name, home address, and ratings be withheld from public disclosure.
13
All of the Department of Transportation’s system of records notices can be found on the Department’s privacy
webpage at www.transportation.gov/privacy.
-8-
�FAA
sUAS Final Rule
Accessing and Contesting Records
Individuals wishing to know if their records appear in the systems described in this PIA may
inquire in person or in writing to:
Federal Aviation Administration
Privacy Office
800 Independence Ave. SW
Washington DC, 20591
Included in the request must be the following:
•
•
•
•
Name,
Mailing address,
Phone number or email address,
A description of the records sought, and if possible, the location of the records and
system(s) acronym(s).
Individuals wanting to contest their information that is contained in the systems described in this
PIA should make their requests in writing, detailing the reasons for why the records should be
corrected, to the following address:
Federal Aviation Administration
Privacy Office
800 Independence Ave. SW
Washington DC, 20591
Process-specific information, in addition to the information provided above, is as follows:
Administration of the Online Training Program
FAAsafety.gov account holders have the ability to view their account profile, make edits to their
PII, and completely close their account.
Application for Waiver or Authorization
The PII collected as part of the Application for Certificate of Waiver or Authorization is
provided to the FAA by persons or entities requesting either: (1) ATC authorization to operate
small UAS in controlled airspace; or (2) relief from certain provisions of the rule. Applicants will
have the ability to amend, correct, or retract their application at any time prior to issuance of the
waiver or authorization. If the FAA approves a waiver or authorization, the applicant will have
the ability to update or correct any erroneous PII provided on the application. If the application is
not approved, the applicant will be given an opportunity to resubmit the application, including
any necessary updates to PII provided on the application.
Additional information about the Department’s privacy program may be found at
www.transportation.gov/privacy. Individuals may also contact the Departmental Chief Privacy
Officer at [email protected].
-9-
�FAA
sUAS Final Rule
Purpose Specification
DOT should (i) identify the legal bases that authorize a particular PII collection, activity, or
technology that impacts privacy; and (ii) specify the purpose(s) for which it collects, uses,
maintains, or disseminates PII.
The FAA’s use of airmen applicant information is consistent with the purposes and routine uses
specified in DOT/FAA 847. All data elements are collected via authorized websites and/or
forms. FAA uses contact information to follow up with anyone who uses an account to access
the online portals and submit applications. Airmen certification information is used to uniquely
identify airmen and to determine the applicant’s eligibility for or status of airman certificates
(i.e., whether it is current or has been amended, modified, expired, suspended or revoked for any
reason,) ratings, and to ensure regulatory compliance.
Specific use of airmen PII and authority for collection is detailed below.
Application for a Remote Pilot Certificate
The FAA collects PII on the application for airmen certification to verify the applicant’s identity,
determine his or her eligibility for a certificate and/or rating, and to print a permanent airman
certificate from the authoritative record. The FAA may also use this information to contact
applicants. A list of authorities for the FAA’s collection and maintenance of PII in connection
with the activities implemented under the rule is below:
• 14 CFR part 107, Subpart C – Remote Pilot Certification. An applicant for a remote pilot
certificate with a small UAS rating will be required to apply to the FAA in a form and
manner acceptable to the FAA Administrator.
• 49 U.S.C. § 40113 – Authorizing the FAA to prescribe regulations, standards, and
procedures with respect to aviation safety.
• 49 U.S.C. § 44702 – Authorizing the FAA to issue airman certificates.
• 49 U.S.C. § 44703 – Directing the FAA Administrator to issue an airman certificate upon
finding, after investigation, that the individual is qualified for and physically able to
perform the duties related to the position to be authorized.
• 49 U.S.C. § 44709 – Authorizing the FAA Administrator to reexamine a certificate holder.
• 49 U.S.C. § 45103 – Prohibiting the use of alcohol and controlled substances in violation
of law by airman certificate holders and requiring rehabilitation for individuals found to
have used such substances in violation of law before the individual may return to service
as an airman.
Administration of an Aeronautical Knowledge Test
Pursuant to its authority to certify airmen, codified in 49 U.S.C. §§ 44702 and 44703, the FAA
uses PII collected in connection with the aeronautical knowledge test to verify that the test-taker
is the applicant for an airman certificate.
Administration of the Online Training Program
The Online Training Program is authorized by 49 U.S.C. § 44701, which directs the FAA to
promote safe flight of civil aircraft in air commerce. To the extent that part 61 certificate holders
elect to substitute completion of the online training course for the aeronautical knowledge test,
the FAA’s authority also stems from 49 U.S.C. §§ 44702 and 44703, which provides the FAA
-10-
�FAA
sUAS Final Rule
with the authority to certify airmen. The PII collected for the administration of the online training
program will be used to verify that the individual taking the training is a part 61 certificate holder
qualified to take the online course in lieu of the aeronautical knowledge test. The information is
also used to confirm that the individual participating in the training is the same individual
applying for the remote pilot certificate.
Accident Reporting
Pursuant to the FAA’s oversight authority, the FAA will use the remote pilot’s PII and other
information from the accident report to determine compliance with applicable FAA regulations.
The FAA’s oversight statutes, codified at 49 U.S.C. §§ 44709 and 46104, provide the agency
with broad investigatory and inspection authority for matters within the FAA’s jurisdiction.
Under section 46104, the FAA may subpoena witnesses and records, administer oaths, examine
witnesses, and receive evidence at a place within the United States designated by the FAA.
Under section 44709, the FAA may “reinspect at any time a civil aircraft, aircraft engine,
propeller, appliance, design organization, production certificate holder, air navigation facility, or
agency, or reexamine an airman holding a certificate issued [by the FAA].”
Under the accident-reporting provision of the final rule, the FAA will collect the minimum
amount of PII necessary to: (1) determine what happened; and (2) know who to contact with
follow-up questions or as part of a follow-up investigation. In addition to determining
compliance with FAA regulations, the FAA will incorporate the accident report into its aircraft
accident database for the purpose of aviation safety analyses. The FAA will not disseminate PII
contained in the accident report to the public, except to the extent required by law.
PII for the small UAS remote pilot, as well as the information contained in the small UAS
accident report, may be used by the FAA to determine the following: 1) the performance of FAA
facilities or functions; 2) the performance of non-FAA owned and operated ATC facilities or
Navigational Aids (NAVAID); 3) the airworthiness of small unmanned aircraft; 4) the
competency of FAA-certificated airman; 5) the adequacy of the applicable FAA regulations; 6)
to analyze aspects of the accident, such as whether airport certification safety standards or
operations were involved, whether airport security standards or operations were involved,
whether a medical event occurred that resulted in an accident, and whether there was a violation
of the applicable FAA regulations.
Application for Waiver or Authorization
Pursuant to 49 U.S.C. § 40113, the FAA is authorized to prescribe regulations with respect to
aviation safety. 14 CFR § 107.200 establishes that the FAA Administrator may waive certain
provisions in part 107 if the proposed small UAS operation can safely be conducted under the
terms of a certificate of waiver. Under 14 CFR § 107.205, the FAA enumerates which
regulations may be waived by the Administrator. 14 CFR § 107.41 prohibits the operation of
small unmanned aircraft in Class B, Class C, or Class D airspace, or within the lateral boundaries
of the surface area of Class E airspace designated for an airport without prior authorization from
ATC.
PII collected during the waiver process is used to communicate with the applicant and retrieve
applicant credentials from FAA systems. The PII is also used for enforcement and oversight
purposes to enable FAA inspectors to identify which person or entity the Administrator has
permitted to either operate in controlled airspace or deviate from a specific regulation.
-11-
�FAA
sUAS Final Rule
Data Minimization & Retention
DOT should collect, use, and retain only PII that is relevant and necessary for the specified
purpose for which it was originally collected. DOT should retain PII for only as long as
necessary to fulfill the specified purpose(s) and in accordance with a National Archives and
Records Administration (NARA)-approved record disposition schedule.
Application for a Remote Pilot Certificate
In accordance with the National Archives and Records Administration (NARA)-approved
records schedule N1-237-06-1, airman certification files are cut off annually and destroyed 60
years after the cutoff, or when no longer needed to conduct agency business, whichever is later.
IACRA collects and temporarily 14 retains the PII of individuals who are applying for airman
certificates and/or ratings. The AVS Registry picks up IACRA images of the applications
submitted via IACRA on a daily basis. PII is collected in accordance with 49 U.S.C. § 44703 in
order to verify the applicant’s identity, determine the individual’s eligibility for a certificate
and/or rating, and print a permanent airman certificate. Records maintained in IACRA are
temporary records in accordance with NARA-approved records schedule N1-237-09-014, March
10, 2009, and are retained for one or two years based on application status in IACRA.
Accident reporting forms and data are retained pursuant to NARA-approved records schedule
N1-237-05-2, approved August 18, 2005. The paper-based forms used to report accident
information will be converted into an image file and stored on the FAA’s Accident/Incident
Database. Once the quality of the stored image is verified the paper copy is destroyed and the
image file is deleted after three years. PII collected in a specific accident report is retained for not
more than five years. Accident information, excluding PII, will be maintained in perpetuity and
available to the public online via the FAA’s Accident/Incident Database.
Application for Waiver or Authorization
The rule provides that individuals may seek a waiver from certain provisions in part 107. The
rule also provides that a person may seek ATC authorization to operate a small unmanned
aircraft in controlled airspace. The pertinent provisions provide for the collection of the
minimum amount of PII necessary for the FAA to: (1) evaluate the proposal to determine
whether the proposed operation can be conducted safely; and (2) identify which person or entity
has been authorized by the FAA Administrator to either operate in controlled airspace or deviate
from a specific regulation.
The FAA has requested authority from NARA to dispose of records it obtains in connection with
applications for waiver and authorization after two years, following the expiration of the waiver
or authorization. The FAA will retain these as permanent records until NARA approves of the
FAA’s proposed disposition.
14
Since IACRA is not the authoritative source (only a means of an online application), applications submitted via
IACRA are retained for only one year when in a completed status. Images in an incomplete status, ones that have
been abandoned or not completed within two years, and those with an incomplete status if CFI recommendation is
present, are deleted from IACRA after two years from the date the application is initiated. The status of the IACRA
application determines how long the image is retained in the IACRA system. Once the certificate is issued by AFS760 (Airmen Certification), the application, whether submitted by the paper method or through IACRA, becomes a
part of the authoritative record and is retained according to the NARA-approved record schedule N1-237-06-1.
-12-
�FAA
sUAS Final Rule
Use Limitation
The DOT shall limit the scope of its PII use to ensure that the DOT does not use PII in any
manner that is not specified in notices, incompatible with the specified purposes for which the
information was collected, or for any purpose not otherwise permitted by law.
In accordance with DOT/FAA 847, the FAA may disclose information about remote pilot
applicants and airmen including, but not limited to, airmen number, airmen certificate and rating
including current status, and airmen contact information to the following external entities;
•
•
•
•
•
•
•
•
•
Members of the public, upon request: information related to basic airmen certification
and qualification information. The airman’s home address, may be provided, unless
requested by the airman to be withhold from public disclosure per 40 U.S.C. 44703(c).
The NTSB, consistent with (49 CFR 830.2): for purposes of NTSB’s investigation of the
causes of the accident if the reported accident involved serious injury or death.
Federal, state, local and tribal law enforcement agencies when engaged in an official
investigation in which an airman is involved.
Government agencies, the aviation industry, and members of the public, upon request:
information about enforcement actions or orders issued thereunder.
The U.S. Department of the Treasury (Treasury) and the U.S. Department of Justice
(DOJ) records of delinquent civil penalties owed to the FAA for collection pursuant to 31
U.S.C. § 3711(g).
Employers of airmen who use certificates to perform job responsivities for those
employers.
Users of FAA’s Safety Performance Analysis System (SPAS) including the Department
of Defense’s Commercial Airlift Division’s Air Carrier Analysis Support System
(ACAS) for its use in identifying safety hazards and risk areas, targeting inspection
efforts for certificate holders of greatest risk, and monitoring the effectiveness of targeted
oversight efforts.
Users of the FAA Skywatch system, including the Department of Defense (DOD), the
Department of Homeland Security (DHS), the Department of Justice (DOJ), and other
authorized government users for their use in managing, tracking and reporting aviationrelated security events.
Federal, state, local, and tribal law enforcement; and national security or homeland
security agencies, whenever such agencies are engaged in the performance of threat
assessments affecting the safety of transportation or national security.
Application for a Waiver or Authorization
In an effort to promote transparency and minimize the resources necessary to process waivers of
14 CFR §§ 107.25, 107.29, 107.31, 107.33, 107.35, 107.37(a), 107.39, and 107.51, the FAA will
make the details of an approved certificate of waiver available to the public on an online portal.
PII available to the public through the online portal for waivers on such certificates of waiver is
limited to the organizational name, responsible person name, and address of waiver applicant.
Airspace authorizations the FAA issues pursuant to § 107.41 (“Operations in certain airspace”)
will not be disclosed, but the FAA will disclose any waiver that waives the applicability of
§ 107.41.
-13-
�FAA
sUAS Final Rule
Data Quality and Integrity
In accordance with Section 552a(e)(2) of the Privacy Act of 1974, DOT should ensure that any
PII collected and maintained by the organization is accurate, relevant, timely, and complete for
the purpose for which it is to be used, as specified in DOT’s public notice(s).
Individuals providing information to the FAA in paper or electronic form are responsible for
ensuring the accuracy of their own data. Data that must be scanned or transcribed by the FAA
from paper records into electronic records are checked for accuracy through the FAA’s quality
assurance processes. Systems that collect information electronically have technical capabilities
such as data field checks (e.g. ensuring numeric or symbols are not inputted into name fields) to
support accurate data submissions. As appropriate, the FAA may validate data against existing
repositories; for example, name and airmen number provided on waiver applications is verified
against information in the AVS Registry. The integrity of all systems is protected in accordance
with the standards discussed in the Security section of this PIA. Individuals may access and
update their PII as discussed in the Redress and Individual Participation portion of this PIA.
Specific quality and integrity activities and standards for processes are provided below.
Application for a Remote Pilot Certificate
Applicants who submit an electronic application for a remote pilot license enter their information
directly into IACRA during the registration and certification process. The FAA reviews applicant
certification information for accuracy. Data related to existing airmen certificates entered into
IACRA by the applicant is compared or validated via the AVS Registry databases. FAA Legal
Instruments Examiners and clerical/technical staff enter information into CAIS. The information
is inspected by Quality Control and Quality Assurance processes to ensure accuracy.
Administration of an Aeronautical Knowledge Test
As with its handling of PII collected for existing aeronautical knowledge tests, the FAA will
assure the quality and integrity of PII collected for the small UAS aeronautical knowledge test in
accordance with FAA Order 8080.6G, Conduct of Airmen Knowledge Test.
Administration of the Online Training Program
The accuracy and integrity of PII provided by an account holder can be validated by that person
when accessing faasafety.gov.
Accident Reporting
The FAA will use the same methodology to assure the quality and integrity of the PII collected
in connection with accident reports that it uses with manned-aircraft accidents. The PII collected
by the local FAA office as part of an accident report will be done in accordance with guidance
provided by FAA Order 8900.1, Flight Standards Information Management System.
Application for Waiver or Authorization
Applicants for a waiver or authorization must provide the information required by the rule.
Applicants will be responsible for ensuring the accuracy of the information they provide to the
FAA on the application. The FAA will reject applications for waiver that fail to identify the
person or organization applying for the waiver.
-14-
�FAA
sUAS Final Rule
Security
The DOT shall implement administrative, technical, and physical measures to protect PII collected
or maintained by the Department against loss, unauthorized access, or disclosure, as required by
the Privacy Act, and to ensure that organizational planning and responses to privacy incidents
comply with OMB policies and guidance.
Several of the FAA’s PII-protective security safeguards apply to all of the UAS-related PII
systems examined in this analysis. Most notable among these are the safeguards incorporating
standards and practices required for federal information systems under the Federal Information
Security Management Act (FISMA), and are detailed in Federal Information Processing
Standards (FIPS) Publication 200, Minimum Security Requirements for Federal Information and
Information Systems, dated March 2006, and National Institute of Standards and Technology
(NIST) Special Publication (SP) 800-53, Revision 4, Security and Privacy Controls for Federal
Information Systems and Organizations, dated April 2013. FAA systems protect PII with
reasonable security safeguards against loss, unauthorized access, destruction, usage,
modification, or disclosure. Role-based security is defined within all applications. Roles are
assigned based on job title and need. Users receive the least privileges necessary to perform their
job duties. Each FAA system discussed in this PIA must be certified and accredited before being
placed into operation and authorized to collect, access, use, retain, and/or dispose of PII. The
security posture of all systems is reviewed on a regular basis.
Specific information pertaining to the protection of testing records not maintained by the FAA is
provided below.
Knowledge Test Administration
In accordance with FAA Order 8080.6G, an individual 14 CFR part 183 designated AKTC must
keep the test applicant’s identification media (i.e. photo ID copy) in a secured, lockable cabinet.
Accountability and Auditing
The DOT shall implement effective governance controls, monitoring controls, risk management,
and assessment controls to demonstrate that the DOT is complying with all applicable privacy
protection requirements and minimizing the privacy risk to individuals.
FAA Order 1280.1, Protecting Personally Identifiable Information (PII), implements privacy
protections required by various authorities, including the Privacy Act of 1974 (the Privacy Act),
the E-Government Act of 2002 (Public Law 107-347), the Federal Information Security
Management Act (FISMA), Department of Transportation privacy regulations, Office of
Management and Budget (OMB) mandates, and other applicable procedures and guidance.
In addition to these practices, additional policies and procedures will be consistently applied,
especially as they relate to protection, retention, and destruction of records. Federal and contract
employees are given clear guidance regarding their duties as they relate to collecting, using,
processing, and securing privacy data. Guidance is provided in the form of mandatory annual
security and privacy awareness training, as well as FAA Privacy Rules of Behavior.
-15-
�FAA
sUAS Final Rule
The FAA periodically conducts privacy compliance reviews of all FAA systems that retain
and/or process PI with the requirements of the OMB Circular A-130.
Responsible Official
Brad Zeigler
Aviation Safety Inspector
202-267-1100
[email protected]
Approval and Signature
Claire W. Barrett
Chief Privacy & Information Asset Officer
Office of the Chief Information Officer
[email protected]
-16-
�
| File Type | application/pdf |
| Author | Zektser, Alex (FAA) |
| File Modified | 2016-06-27 |
| File Created | 2016-06-27 |