Unmanned aerial vehicles, popularly known as drones, present enormous commercial potential for companies seeking to use this new technology to collect data. Drones are currently used for data collection in a number of fields. For example, farmers use drones to collect crop data, oil companies use drones to explore for oil and gas, surveyors use drones to create maps, and sports teams use drones to analyze practices. Numerous other industries will find uses for drones as regulatory barriers are relaxed.
Drones also present certain risks. Drones obviously pose the risk of colliding with objects and living things. Fortunately, the insurance industry has started to introduce specialized insurance coverage for these types of risks. And technological developments, such as sense-and-avoidance technology, promise to enhance drone safety.
In addition to casualty risks, the use of drones also involves risks relating to the invasion of privacy. Unfortunately, these risks are closely related to data collection, one of the fundamental uses of drones. Equipped with sensors, cameras, and other instruments, drones have the capacity to observe and collect vast amounts of unsolicited data. The privacy risks relating to data collection will increase as drones are permitted to fly for commercial purposes in highly populated areas.
The Federal Aviation Administration is contemplating a category of drones known as micro drones whose defining characteristic is the inability to harm humans. Micro drones could be the first type of drones that companies are authorized to routinely fly in crowded places. As reported on Bloomberg.com, the FAA has established an industry advisory panel to help it draft the requirements for micro drones. The panel’s recommendations are due April 1, 2016.
Before taking flight, companies eager to take advantage of micro drones or any other type of drones will want to develop an overall risk management strategy tailored to their intended use of drones. A fundamental consideration for any such strategy should be insurance. The problem is that insurance policies specifically designed to cover drones may not cover privacy-related risks. Thus, companies who intend to use drones for data collection may have to look to other types of insurance policies for such coverage.
One place to start is commercial general liability coverage. CGL policies are commonly known for affording broad coverage for liabilities involving property damage and bodily injury. But they also cover certain types of personal injury offenses, such as the publication of material that violates a person’s right of privacy.
Although standard form CGL Policies typically feature an aircraft exclusion, the exclusion in most policies does not apply to personal injury coverage. Also, a question exists whether the aircraft exclusion extends to drones in the first place.
Even so, the personal injury coverage may not apply in every situation. Also, the insurance industry introduced optional endorsements for insurers to attach to CGL policies aimed at limiting or excluding coverage for drone-related liabilities. Certain endorsements, for instance, amend the coverage by adding the aircraft exclusion to personal injury coverage.
Directors and officers policies are another potential source for coverage for privacy-related liabilities. D&O policies, particularly those insuring privately-held companies, furnish directors and officers, and often the company itself (particularly, if privately-held), with broad coverage for “wrongful acts.” Some D&O policies, however, have exclusions for invasion of privacy, mental anguish, and other areas that could limit coverage for drone-related liabilities, depending on the situation.
Cyber Risk Policies
Cyber risk policies may also provide coverage. Cyber risk policies often include coverage for liabilities involving breaches of computer security and the failure to protect confidential data. Like other electronic devices, drones can be lost or stolen and, it has been suggested, hacked. But some cyber risk policies contain exclusions that could complicated coverage. For example, one such exclusion relates to the unauthorized collection of data.
The time when companies can fly drones near towns and cities to collect data may not be far off. As part of the process of evaluating this new opportunity, companies should carefully review their insurance policies to understand whether and to what extent they have coverage for drone-related liabilities, particularly privacy-related liabilities. If gaps are found, companies should take steps to determine the best approach for addressing them.
 Alan Levin, Micro-Drones to Have Their Own Rules of the Road Under FAA Plan, Bloomberg Business (Feb. 24, 2016, 2:22 PM EST), http://www.bloomberg.com/news/articles/2016-02-24/micro-drones-to-have-their-own-rules-of-the-road-under-faa-plan.