In response to the DHS Alert from earlier this week, that caused quite some commotion after being picked up by major news outlets, DJI has posted their official response on the DJI Hub website. The drone maker says that their customers’ data is none of their business. They state that their goal is to provide a “reliable drone platform” and that their drones exceed or meet the DHS recommended mitigating measures. In DJI’s response, the company outlines five recommendations to keep your data safe.

Over the last few years, concerns about DJI’s data handling and security have flared up a number of times. With this week’s headlines, it seems that DJI gets sucked into the escalating trade war between the United States and China. Is the Chinese drone maker at risk of being viewed like another Huawei? A ban on buying DJI drones and products for US companies would be a significant blow to all the organizations and agencies that have come to rely on DJI’s drones to do good. Many rescue workers, police, and fire departments use DJI’s products to help save people’s lives. And, as unfortunate as it may be, there is currently hardly any alternative (except maybe the Parrot Anafi Thermal) for DJI’s capable AND affordable drones for many of these organizations.

If you, or your organization, are impacted by the data security concerns around DJI’s drones, we would like to hear from you either in the comments below or per email. Thank you!

For DJI’s official statement and their recommendations to keep your data safe while using DJI’s drones keep reading.

expand full story

On Monday, the U. S. Department of Homeland Security expressed ‘strong concerns’ that Chinese-made drones, including DJI’s aircraft, could potentially be sending sensitive flight information to their China-based manufacturers, where it could be accessed by the Chinese government. The warnings from DHS follow the executive order from President Trump against Huawei and are the latest development in the escalating trade war between the United States and China.

expand full story

Last Monday, we wrote about the Kivu report’s findings. Today we are taking a closer look as DJI has sent us a copy of the full report. Because of competitive reasons the Chinese drone maker has requested us not to post the entire report online or share any of the images. However, we are free to share segments of the text with you. The 27-page document is the result of Kivu Consulting’s forensic investigation of DJI’s UAV Data Transmission & Storage practices and contains information about Kivu’s methodology, analysis, findings, and explains up to a degree what information is collected and to which servers it is going. For their investigation, Kivu independently bought a DJI Spark, Mavic Pro, Phantom 4 Pro and Inspire 2 model drones as well as a Huawei Honor 5x smartphone with the Android operating system and an iPhone SE running iOS. We went through the entire report to see if any new information came to light and to see where your information might be going to.

expand full story

Last year DJI dealt with a number of cybersecurity-related issues, including a hot-patch mechanism in their DJI Go 4 app, a researcher who found sensitive user data accessible on Amazon Web Services servers, the U.S. Army declaring to no longer use DJI drones, a claim from U.S. Immigration and Customs Enforcement (ICE) that DJI drones could perform facial recognition and U.S. officials who wondered whether DJI was sending sensitive information back to China. Today, DJI released the summarized findings of an independent report, but paid for by DJI, from Kivu Consulting, Inc. in a response to these allegations. Kivu concluded that “users have control over the types of data DJI drones collect, store, and transmit.”

expand full story

Over the Holidays, people started to report on social media and in forums that they had received certfied letters in the mail from DJI.  The letter, titled “NOTICE OF DATA BREACH“, warns DJI’s customers that their personal information, such as full name, address, date of birth, photo, and identification number (e.g., passport number or driver’s license number) as well as scanned photo identification such as ID cards and passports, stored on a server in the U.S., may have been accessible to unauthorized users.

expand full story

The market for consumer and commercial drones has been growing at a very rapid pace. According to the latest FAA numbers, there are now 943,535 registrations of drones and drone owners in the U.S. market at least, two-thirds of which are made by DJI.

Is leading drone manufacturer, DJI sending sensitive information captured by these drones of U.S. infrastructure and government installations back to China? This is a question that is being asked by U.S. officials.

expand full story