The U.S. Government Kills Drones – Everyone Suffers
As of December 23rd, 2025, the drone market in the U.S. is effectively dead, or more accurately, it was murdered.
On the 23rd, the FCC added not only DJI to its list of “Covered Devices” but, as a surprise to the drone community, banned all Chinese-made drones. The Covered Devices include specific companies that the government security agencies say run domestic spying laws afoul, and so cannot be sold in the United States.
The ban doesn’t outlaw the use of existing drones, and the inventory of drones still in the country isn’t affected. But without new models coming into the country, supplies of legal drones are going to dwindle rapidly.
I suspect companies using drones for their services (wedding photographers, real estate agents, home inspectors, etc.) are going to purchase what’s left in the country pretty quickly.
The ability to keep using and selling the drones in the U.S points out the hypocrisy of this decision, and I’ll get to that in a moment.
It’s not just the “hobbyist” markets that will be affected, but also crucial uses by rescue teams and firefighters, infrastructure inspection, research, and more. While the discussion has been around DJI’s drones in particular, suddenly, on December 23rd, all Chinese-made drones were added, with little warning, to the covered list as well.
RIP drone use.
Here, at the conclusion of the government’s efforts to ban DJI, it’s easy to forget the shaky grounds on which the ban was implemented, and that the process seems either woefully incompetent at best or, at worst, a punitive witch hunt to remove DJI drones despite a complete lack of evidence about its nefarious intent.
So let’s travel back to the start of DJI’s woes to ask ourselves…what the hell happened?
DJI has been rushing to get models out the door, offering large sales on its drones, gimbals, and camera systems.
DJI In The Crosshairs
In 2017, the U.S Army banned the use of DJI drones, covered in this document from the Department of Homeland Security (DHS) that suggested DJI drones might [emphasis added] pose a security risk. I say might because no evidence was provided that there had ever been any secure or sensitive data transmitted to the Chinese government, or any data at all.
Read the whole document if you’d like to see a masterpiece of innuendo and logical fallacies.
The U.S. Immigration and Customs Enforcement division of the DHS released a report called “DJI Likely Providing Critical Infrastructure and Law Enforcement Data to Chinese Government.” I think the use of “likely” in this is important; this guidance was written despite no evidence to support it.
The document says that the Special Agent in Charge of the Intelligence Program (SIP) in Los Angeles assessed with “moderate confidence [emphasis added] that Chinese-based company DJI Science and Technology is providing U.S. critical infrastructure and law enforcement data to the Chinese government.”
It states that this was “ based on information derived from open source reporting and a reliable source within the unmanned aerial systems (UAS) industry, with first and secondhand access.
Conveniently, they cite open source reporting as proof, but confusingly, they do not provide that reporting. And since the nature of “open source” is that there is no one author, they can say it exists without having to have any details about who wrote the report. A report they did not attach.
The rest of the evidence comes from one “reliable” source, and it should be noted that “secondhand” access means “hearsay.”
Another “proof” that DJI is participating in widespread espionage is that they were marketing products to “companies in the critical infrastructure and law enforcement sectors…” and “at least ten large companies and organizations in the railroad, utility, media, farming, education, and federal law enforcement sectors have already purchased and begun using DJI UAS. The most frequent uses include mapping land, inspecting infrastructure, conducting surveillance, and monitoring hazardous materials. They also cite the hobbyist consumer and professional use, in other words, us.
So, the government is convinced that DJI is spying because DJI is marketing its drones to the exact customers that would benefit from those drones. The government points out that they’re even going so far as to take out booths at trade shows that include businesses that potentially benefit from the use of drones.
I guess if DJI had gone after solely the poet or bakery owner markets, they’d have gotten away with it.
This document uses the word “likely” eight times. It also uses “low confidence” twice, “moderate confidence” twice, and “high confidence” four times. At no time does it use the phrase “definitely.”
A few more comical things caught my eye in this document. The first is from this list of what DJI collects.
“GPS imagery and locations, register facial recognition data.”Much of the information collected includes proprietary and sensitive critical infrastructure data, such as detailed imagery of power control panels, security measures for critical infrastructure sites, or materials used in bridge construction.”
I find it interesting that a big risk is that DJI drones gather information on “materials used in bridge construction.”
Want to know what they’re making a bridge out of? Watch them build it. Bridges are built, by definition, where there are people and traffic. If you want to know what materials they’re using, sit there and watch. Or ask a construction worker. They’re happy to tell you what their job entails.
But if you don’t have the time, I can tell you. It’s mostly steel, concrete, and asphalt. Please don’t tell the government, I don’t want them to know I’m sharing critical bridge-making information with you.
And the final bit of evidence is that DJI confirmed that the company would turn over information about users based in China if a request were made by the Chinese government. It also says it would respect the laws of the countries in which the drones are used when it comes to data privacy and information provided to local authorities.
Our government also points out that DJI’s Terms of Service says, “Please note that if you conduct your flight in certain countries, your flight data might be monitored and provided to the government authorities according to local regulatory laws.”
In other words, DJI is letting customers know that if governments in a country where the drones are operated require access by law, they have to give the information to them.
In other words, DJI’s transparency told people it would obey the laws of the countries in which it operates. Very suspicious.
They also said that in China and probably Hong Kong, they would have to give the government flight data if required.
So we’re limiting the use of DJI in the U.S. because in China, they would be required to do so.
I keep intending to write “and now turning away from that document,” but I keep being reminded how absurd it is.
In 2017, it attests, DJI started to offer drones with infrared scanners called NDVI that farmers can use to figure out nitrogen levels of their cops. A “large, family-owned wine producer in California” purchased drones to use this scanner, and “soon afterward, Chinese companies began purchasing vineyards in the same area. According to the [single source they had], “it appeared the companies were able to use DJI data to their own benefit and profit.
Or, maybe it’s that vineyards are only in specific areas where wine-producing grapes are grown, and if you want to buy a vineyard, that’s where you go.
But I guess it’s more logical that the Chinese government stole the information about nitrogen levels in grape harvests and used it to figure out where in the country to buy vineyards.
One thing DJI was accused of does seem accurate; DHS said that DJI had been “dumping” products to kill off competition. Dumping is the act of selling products below their manufacturing costs in order to generate market share.
I remember the early days of drones, and DJI’s pricing was extremely aggressive. A lot of companies engage in dumping to kill off competitors, and Chinese companies are often accused of dumping products.
But there were also a lot of companies making unpolished and poor quality drones, and it’s hard to say which competitors were killed because of pricing and which were dead due ot poor quality control.
I’m not qualified to say there’s no reason to be concerned about DJI, or that it’s out of the realm of possibility that they have, in fact, sent data to China. What I’m qualified to say is that the original complaints about DJI came with no evidence, no specific instances of infrastructure spying, and no proof of who the single source the government was quoting might be.
DJI drones can be put into Local Data Mode in the DJI FlyPilot app and Restricted Network Mode, which allows downloading of maps to DJI drones, but then the drone is shut off from all other network-accessing tasks. But does this mode really restrict data breaches?
If the U.S. Government is convinced that DJI is a cover for a Chinese espionage ring, mustn’t there be a way to test this? An independent audit?
Shop for DJI Products Now – Once They’re Gone, They’re Gone
Visit the Amazon DJI Store
Visit the B&H DJI Store page
The Many Independent Audits of DJI.
In 2017, the same year that the DHS issued its memo about DJI, the company submitted that DJI FlightHub had passed the SOC2 audit from the Institute of Certified Public Accountants. Flighthub is the company’s cloud-based fleet management tool.
While it sounds like it’s a financial audit, the SOC2 certification “…ensures your business or application is handling customer data securely and in a manner that protects your organization and the privacy of your customers.
In 2018, DJI’s overall data practices were evaluated by the independent firm Kivu. According to the DJI press release about these tests, “Kivu independently bought DJI drones as well as iOS and Android devices in the United States, and downloaded the DJI GO 4 mobile apps. Kivu set up systems to capture all data transmitted through iOS and Android devices running DJI GO 4, and reviewed source code, application data, server addresses, and data generated during operation.”
DJI passed this audit as well.
In 2019, the United States Department of the Interior released a report detailing the Office of Aviation Services’ multi-year-long process to ensure drones used for government purposes could safely protect data. Its work began in 2014, and in 2015, the OAS determined that DJI drones could not protect sensitive data.
The OAS planned to work instead with drone-maker 3D Robotics, but it closed due to market competition (from DJI). The OAS noted that “UAS (drones) from U.S.-based companies were up to 10x less capable aircraft for the same price or 10x more costly than similarly capable DJI aircraft.”
The same report details that in 2017, the OAS and Department of Defense (DOD) began implementing a test plan to find a way to create solutions to meet the security needs of governmental flights of drones.
That same year, DJI approached the OAS with an offer to “collaborate on the development, testing, and potential fielding of a customer-focused enterprise solution that would meet the interior’s…” data safety requirements.
The 53-page report is not a lot of fun to read. Still, it details page by page how the government and DJI developed a certification program to fly DJI M600 and Mavic Pro drones, along with custom software and firmware from DJI to ensure data safety further.
While one governmental agency was recommending discontinuing the use of DJI products, the Department of the Interior and the Department of Defense were working on safely expanding their use through the development of “Government Edition” models with advanced protections in place.
DJI also passed the Idaho National Laboratory cybersecurity audit on the Government Edition Matrice 600 Pro and Mavic Pro 2 GE drones and “found no major areas of concern related to data leakage, thereby supporting that the multi-layered mitigations DOI has in place are in fact working as designed to meet their published security requirements.
But these auditing programs only certified the government version of the drones. Surely the Local Data Mode must be leaking data?
Not according to the FTI Security Audit completed by the consulting firm in 2020, which DJI says investigated the source code for DJI applications, and also reviewed DJI’s hardware. The link to this study has 404’d, and as we can’t find an additional source, this claim has to be taken skeptically. However, cybersecurity blogs at the time mention this study as well.
In 2020, the notable cybersecurity firm Booz Allen Hamilton performed an audit on the Mavic Pro’s government version, and the Mavic 2 Enterprise Edition in conjunction, an audit performed with the firm PrecisionHawk.
This audit did find some “unmitigated risks” that applied to drones in general, not specifically to DJI. One such risk is an IP address connection to U.S.-based servers in the case of drones being flown here and in Germany. The first were connections to Google Maps, McAfee, and Amazon Web Services—all components of map loading. The German IP address was Akamai, the global data distribution company on which almost all websites run. Those IP address lookups could likely be spoofed, but they were normal, and multiple companies accessed those resources.
All other risks they deemed possible would “require either physical access to the drone, or, in the case of one issue, need an attacker to be within radio range of the drone.” The document does not indicate how an attacker would get access to the encrypted transmissions.
In 2022, TÜV SÜD performed an audit. In a document from DJI called “tests against national cybersecurity and privacy protection standards,” it was reported that this security firm independently reviewed the DJI Mavic 3, Mini 2, and Air 2S drones and attested to their security features.
Another FTI audit was performed in 2024, and the cloud-based FlightHUB 2 received ISO 27701 and 27001 certification that same year.
Congress to the…Rescue?
In 2019, Congress passed the Secure and Trusted Communications Network Act, which requires that the FCC create a list of companies that pose an unacceptable risk to the United States domestic security. The FCC’s listing is called the “Covered List” as it’s the companies the FCC lists as being a possible danger.
That list is updated regularly as part of the National Defense Authorization Act (NDAA). Under that act, companies like Huawei, ZTE, as well as some technology providers, surveillance gear manufacturers, and antivirus companies are prohibited from being sold in the United States.
In 2024, DJI was added to the list of companies to be part of the Covered List as part of the 2025 funding of the NDAA. However, part of including DJI on that list was the congressional requirement that an appropriate government agency perform a security audit to see if DJI should be on the list or not.
Despite a year between the NDAA passing and the implementation date of the NDAA, no audit was made. There is no indication that they had even entertained the idea of performing an audit.
After months of trying to get a government audio, in December, DJI made final appeals to the FBI, DOJ, and other bodies to complete the congressionally-mandated review. Unfortunately, none was forthcoming.
In June, President Trump issued executive orders scaling up the domestic production of “trusted, American-manufactured” drones. He added that “building a strong and secure domestic drone market is vital to reducing reliance on foreign sources, strengthening critical supply chains, and ensuring that the benefits of this technology are delivered to the American people.”
I completely agree that there should be a vibrant domestic drone industry. I’m sure most customers would prefer to buy drones built in Kansas instead of China, but we can’t.
The current domestic drone manufacturers, including Freefly Systems, Skydio, and Teal Drones, all make enterprise-class “reconnaissance” drones, not commercial or “hobbyist” drones. And these drones are very expensive as a result. The SKdyio X10 is about the size of a DJI Matrice, but instead of costing around $8000, it starts around $16,00
On December 23rd, the clock ran out on DJI and every other foreign-made drone as well.
While President Trump discussed reducing the dependence on foreign drones, instead, imports of drones were outright banned, with no good domestic alternatives for the majority of users.
Drone-centric companies like wedding videographers, travel companies, real estate videographers, home inspectors, and dozens of other categories are likely to go out of business. Those business owners are unlikely to feel that the executive order and the Covered List changes delivered any benefits to them.
Also impacted will be search-and-rescue teams, fire departments, law enforcement departments, news crews, utility companies, and countless other agencies.
Having to buy a $10,000 drone instead of a $1,000 drone will suddenly remove drones from the front lines of safety, research, and infrastructure.
While I’m not an economist (I’m not even particularly good at managing my finances) it seems that if we wanted to reduce dependence on foreign drones without devastating the markets using them today, we would have been better served by implementing the security audits mandated by congress, providing incentives for domestic drone companies to ramp up, and given DJI and others the choice of making drone manufacturing facilities here, or having imports cut off.
“New” Versus New
There has been confusion around the terminology used in the FCC Covered List implementation, which refers to the ban on “new” drones being imported into the United States. Some have suggested that existing models could still be imported to the U.S., as they’re not new models.
The Covered List applies to “new” models, but it means drones that are not already present in the United States. Retailers may sell their inventories until they run out, but no more units are entering the country. DJI’s store is showing all products as out of stock.B&H still has many models in stock as of this writing, and Amazon does as well.
So we can still use the drones that are already present in this country.
But why?
Shop for DJI Products Now – Once They’re Gone, They’re Gone
Visit the Amazon DJI Store
Visit the B&H DJI Store page
If DJI is a Risk, Why can we Still Use DJI Products?
The Consumer Product Safety Commission is the agency in charge of recalls on products due to defects or hazards to users. If the USCPSC finds that a dresser poses a risk of death, it requires a recall of the product—every affected unit.
But in this case, we have governmental agencies claiming that DJI drones pose a clear and immediate threat to infrastructure, privacy, and government operations, but we’re allowed to go ahead and keep using them.
If a product is dangerous enough to public safety that it can no longer be imported into the country, those units here should be grounded as well. If the units here are allowed to keep flying, it shows that the security concerns aren’t as dire as reported.
It seems our government is protecting us from the outrageous security concerns of operating these drones by allowing them to fly until they wear out, perhaps decades from now.
Where Do We Go From Here?
It’s hard to say what the next steps are. The FCC says it could remove products from the Covered List if the proper governmental agencies perform the legally required security audits. But the President has indicated that he considers the domestic drone market in need of protection and issued an executive order to that effect. I’m not sure how those two things get reconciled.
It would be safe to assume that for the foreseeable future, there will be no new imports of DJI or other foreign drones into the United States, and to plan accordingly. If your business or agency relies on drones, I’d suggest stockpiling replacement units.
The entire process of adding DJI to the Covered List has unfolded bizarrely, and there’s no telling what will happen next. DJI has said they’ll continue to lobby for a government audit and to be allowed to fly in the United States again, but I wouldn’t hold my breath.
For now, it seems that when the current inventory of drones dries up, they’re gone for good. While domestic drone manufacturers may be willing to invest in the “consumer” category of drone, a desire to do something and the plans to do it are completely different.
This is a cautionary tale that at any time, a technology or product we rely on can be made illegal and banned without a public comment, certification process, or alternative solutions. And that doesn’t benefit anyone.