Resources

Purpose

Scope

Policy Statement

Procurement and Acquisition

1. Prohibition on Procurement with Federal Funds: In accordance with the National Defense Authorization Act (NDAA) of 2024 and the American Security Drone Act of 2023, the use of federal grant money, contracts, or cooperative agreements to purchase or otherwise acquire UAS and associated elements that can collect and transmit sensitive information from "covered foreign entities" is strictly prohibited.  This includes, but is not limited to, manufacturers based in the People's Republic of China, Iran, North Korea and Russia, such as DJI and Autel Robotics.
2. Use of Existing UAS Purchased with Federal Funds: As of December 22, 2025, any UAS purchased with federal funds from a covered foreign entity may no longer be used on any federally funded project or research activity. Principal Investigators are responsible for ensuring their research projects are in full compliance with this deadline. 

Approved UAS List and Procurement Process

1. Preferred Drone Vendors: The University's preferred Drone vendors are those that comply with federal security standards. A Drone Resource Guidance List, which includes approved models and vendors will be maintained and periodically updated by the SDSU FAA Drone Committee and/or SDSURF Procurement and will be published on their website.
2. Procurement Review: All purchases of drones and associated elements related to the collection and transmission of information must be approved by the University’s Procurement office or SDSURF Procurement Office to ensure the model and manufacturer are in compliance with this policy prior to purchase.  All purchase requisitions for drones and associated elements related to the collection and transmission of information will be subject to this review.  Pursuant to regulatory requirements, all purchases using federal funding must be screened against the Federal Acquisition Security Council (FASC) list of “covered foreign entities” prior to the purchase being approved.

UAS Operation and Insurance

1. Operational Guidelines: All UAS operations must adhere to all applicable Federal Aviation Administration (FAA) regulations, including Part 107 for commercial operations and recreational guidelines. Operators must also obtain any required institutional approvals for flight plans and operational areas.
2. UAS Use in Research: All UAS or drone use in research must continue to be approved by the SDSU FAA Drone Committee in accordance with the Policy on the Use of Unmanned Aerial Systems (UAS), Unmanned Aerial Vehicles (UAV) or Drones in Research. 
3. Insurance: All UAS should be covered by university or other private insurance prior to operation.   For insurance related questions and inquiries, please contact: SDSURF Risk Management

Data and Information Security

1. Data Handling: All data collected by drones and associated elements related to the collection and transmission of information, including video, photos, and flight logs, must be handled in accordance with the University's data security and privacy policies. Operators are responsible for ensuring that data is stored securely and not transmitted to unauthorized third parties, particularly through unencrypted channels.
2. Network and Internet Connectivity: Drones and associated elements related to the collection and transmission of information should not be connected to the University's network unless the device is from an approved, secure vendor. If a drone or associated element from a non-approved vendor is used, its internet connectivity must be disabled during all operational and data transfer phases to prevent unauthorized data exfiltration.

Violations and Compliance

Questions and Further Information