DJI is developing an option in their applications that blocks all internet access, dubbed as ‘local data mode’. While this is certainly a feature that many would appreciate, it is still a bit strange when you consider that it came right the announcement of the ban placed on DJI equipment by the U.S. Army over vague “cyber vulnerabilities.”
In a press release by Brendan Schulman, the company’s VP of Policy and Legal Affairs, he stated, “We are creating local data mode to address the needs of our enterprise customers, including public and private organizations that are using DJI technology to perform sensitive operations around the world.” It is anticipated that this new feature will roll out before September ends.
As stated at Small UAS News on August 2, the Army memorandum “due to increased awareness of cyber vulnerabilities associated with DJI products, it is directed that the United States Army halt use of all DJI products.” Further quotes indicate a more broad approach to cyber vulnerabilities regarding DJI products.
What these vulnerabilities are or how they may even pose a risk to confidential information at Headquarters is anyone’s guess.
DJI’s flight control apps, which enable users to launch and manage drones, do check their servers regularly to ensure the software is updated, as well as utilize the available maps. Users can choose to save their flight logs and all media to the DJI servers but it is not required. However, for normal flying and operating purposes, these online functions are unnecessary. Hence, local data mode does not compromise the airworthiness of the drone in any way.
DJI did not receive the Army’s concerns prior to notification, however, as per the press release, this new mode has been in the works for several months. So, either some knew this was a possibility, or, more likely for the company’s sake, it is just a sensible feature to have when your software and hardware are interfacing with national security and life-or-death circumstances.
A DJI spokesperson explained to TechCrunch that today’s proclamation was not a reaction to the memo. In contrast, Schulman told The New York Times that, The Army memo caused customers to express heightened concern around data security.
These arguments may appear contradictory, but it is not impossible to think that with the significant security concerns raised by a client like the Army, all other clients will echo the same sentiments. This means that DJI is free to say the announcement today did not stem from the memo retrieved — not explicitly, in any case. But, I suspect that without the memo’s publicity, we would have not heard from this feature until significantly later.
“There’s been no explanation provided to us from the Army, and that is why we are not responding. We’re rolling out something we have been working on for quite some time. We made today’s announcement because enterprise customers who require high levels of data security have made this request for a long time, and the Army memo only reinforced that concern for them. As a result, we are addressing it rapidly as part of our commitment to serve our enterprise customers.” Adam Lisberg, DJI’s North American Corporate Communications Director told me in response to my inquiries.
Why this matters is simple – unlike General Atomics, which makes the Predators, – DJI is not a manufacturer of military-grade drones. And let’s be honest, how many chances does a Chinese company ever standing to gain so much from the war? Very slim to nothing. It is also a matter of reputation – they’re a company which cares about their customers first, and accepts government contracts occasionally, rather than a serious player in the military industrial complex.
The company clearly wants to emphasize that their users from all over the world, and not foreign governments, govern their feature requests. And the army is just one of them.
