A drone (or drones) is being flown over the UK’s Gatwick Airport. This has caused cancellations of all flights – currently over 800 in to and out of the airport – and disrupted the travel plans of over 120,000 passengers. The economic and reputational cost is substantial.  The UK’s Gatwick Airport and the country more widely, is being made to look hopelessly unprepared for the impact of technology developments.

I recently discussed the state of drone regulations in the UK with someone that had been working closely with the UK’s Civil Aviation Authority (CAA). At the time he was worried that the CAA wasn’t addressing the potential hazards presented by drones sufficiently seriously. His words now seem horribly prescient, but an attack of this type was fully foreseeable, in my view. And the current regulations look hopelessly inadequate.

Many of the more powerful drones have geofencing capabilities installed. These clearly aren’t active in the Gatwick case. The police have so far been unable to locate the drone operator(s) and have taken steps to install military grade drone countermeasures, although these don’t seem to be fully successful and took a long time to bring to bear on the situation.

Current UK Regulations

Recreational drones do not need to be registered in the UK. Their use is subject to an Air Navigation Order (ANO) that sets out a number of legally binding rules that recreational users must adhere to. This includes keeping the drone in line-of-sight, not exceeding 120m in altitude, not flying close to people and not flying near airports. Failure to comply can lead to prison sentences of up to five years. A recreational drone is specified as one weighing less than 20kg, although drones weighing over 7kg and those fitted with cameras have additional requirements under the order.

Commercial drones are covered by the same ANO, but have additional requirements – especially if they need to be allowed to work inside the parameters set out in the ANO such as over-flying crowds or close to buildings.

None of the regulations, as we interpret them, require the drone to be registered or to do anything that easily allows it to be identified with an owner or operator. Given the scale and cost of the damages being wilfully inflicted on Gatwick Airport, we suggest the CAA urgently revises its regulatory stance and proposes changes to existing legislation to make the identification of a drone and its owner compulsory. This can be mandated on drone manufacturers and resellers.

Our Proposals

We would, at minimum, suggest the following:

• All drones over 500g in weight to be fitted with cellular/GPS module containing an e-SIM. The e-SIM is registered to the owner of the drone. Mobile operators would provide a portion of their HLRs to manage the register. A small annual registration fee could be charged to pay for the network operators’ resources and for the administration of the system. When switched on, a drone would effect a handshake with the network and its location would be identified. Provided it was in a ‘safe’ zone and its registration deemed good, it would be allowed to fly. The drone would log the flight parameters and report these back in a data packet at the end of the flight. A module of this type would likely could cost less than $20 and would not add appreciably to the weight or battery consumption of the drone.
• In addition, all drones should carry a unique identifier etched on to a metal disc. This would be the equivalent of a cellular phones IMEI. The disc would need to be metallic so that it would survive a crash and possible fire, or being shot down.

It was inevitable that someone would choose to use a drone maliciously. In the Gatwick case, the exact motive of the perpetrator remains unknown, although the police are ruling out terrorism. Whatever the motive, this case makes it abundantly clear that more needs to be done to regulate drone usage and identify drones and link them to their operators. It also highlights the need for effective and swift countermeasures to bring down a rogue craft.