International Trade Today is a Warren News publication.

BIS Publishing ANPR for Drones, Components Made by Chinese Firms

The Bureau of Industry and Security is asking for public comments about how BIS regulations on Chinese-made drones, or Chinese components in drones made elsewhere, should be focused, to mitigate the risk of Chinese sabotage or espionage.

Sign up for a free preview to unlock the rest of this article

If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.

The regulations would also apply to Russian or Iranian drones, but because Chinese drones make up at least 75% of the consumer sector, most of the impact of any limitations would be on Chinese goods.

The advance notice of proposed rulemaking asks how the agency should address the remote-operated planes, their subcomponents, their capabilities and the sectors that use drones.

The notice said BIS recognizes the benefits of drones in the economy, and how they benefit agriculture, construction, transportation and energy customers. The agency also said the issuance of the notice doesn't imply that any unmanned vehicle components, such as data transmission or connectivity devices, would be banned if they are made in adversary countries or by firms headquartered in those countries.

However, it said an import ban or mitigation could be required for:

  • Onboard computers responsible for processing data and controlling drone flight
  • Communications systems including, but not limited to, flight controllers, transceiver/receiver equipment, proximity links such as global navigation satellite systems (GNSS) sensors, and flight termination equipment
  • Flight control systems responsible for takeoff, landing and navigation, including, but not limited to, exteroceptive and proprioceptive sensors
  • Ground control stations (GCS) or systems including, but not limited to, handheld flight controllers
  • Operating software including, but not limited to, network management software
  • Mission planning software
  • Intelligent battery power systems
  • Local and external data storage devices and services
  • Artificial intelligence software or applications.

"Over the last decade, UAS have evolved to more sophisticated models with improved functionalities, including enhanced connected technologies such as advanced flight controllers, multi-GNSS and GNSS modules, cameras, receivers, and AI software and applications, which have enabled greater autonomy, precision in navigation, enhanced surveillance capabilities, and seamless integration with various applications across industry," the notice said. "These new technologies require signal and communication software to collect vast amounts of data, and in turn may increase attack vectors for malicious actors to exploit." It noted that both Russia and China "have shown a willingness to compromise U.S. infrastructure and security through cyber espionage."

BIS said drones that can carry payloads for extended periods of time are particularly risky, given the fact that they could be incapacitated from afar from the manufacturer.

The agency asked that comments be submitted by March 4, at regulations.gov using docket number BIS-2024-0058, or, if business confidential information is to be included, emailed to: UnmannedAircraftSystems@bis.doc.gov, with “RIN 0694-AJ72” in the subject line.

Some of the questions it would like commenters to address include:

  • Can drone makers track the sources of their information and communication technology components?
  • Are there specific ICTS components drone companies think about most when evaluating sourcing from adversary countries? Which components are riskiest for national security?
  • What are the trade-offs of a rule that would prohibit the resale or rental in the U.S. of drones or drone components "that are designed, developed, manufactured, or supplied by persons owned by, controlled by, or subject to the jurisdiction or direction of a foreign adversary?"
  • How long does it take to conduct due diligence on a drone industry vendor?
  • How quickly can a drone manufacturer change its supply chain?
  • How long is the design phase for a new drone?
  • Could design requirements, machine learning controls, cybersecurity efforts for firmware or software, or manufacturing security regulations mitigate the risk of adversary involvement in drone production?
  • What AI controls for use in drones should there be?
  • What types of remote access do manufacturers have over their drones?
  • To what extent can individual sensors or components communicate independently of a drone's operating system?
  • Are there ways a sensor manufacturer could remotely deny service to a drone in flight, independent of the drone's manufacturer?
  • Which critical infrastructure sectors outside of government are most at risk if drone technology is compromised?

The agency said it recognizes that placing restrictions on transactions of drone components or drones themselves could affect drone prices but said it's concerned about the consequences of drone supply chain abuse by China or other adversaries. It asked what, if anything, can be done to mitigate the anticompetitive effects of regulations, and what BIS could do to minimize a hike in costs for U.S. businesses or the public.