FAQ

DJI takes the privacy of our customers’ data very seriously, and we are constantly taking steps to improve data security in many ways. DJI does not access the flight logs, photos, or videos generated during drone flights unless customers choose to actively share that data by syncing flight logs with DJI servers, uploading photos or videos to SkyPixel, or physically delivering the drone to DJI for service. DJI customers concerned about data security can use Local Data Mode in the DJI Pilot flight control app, which stops all internet traffic to and from the app to provide enhanced data privacy assurance for customers flying sensitive missions.

In April 2018, we released the results of an independent report scrutinizing DJI’s data practices that concludes DJI drone users have control over how their data is collected, stored, and transmitted. The report analyzed drones and software independently obtained in the United States, and confirmed DJI did not access photos, videos, or flight logs generated by the drones unless drone operators voluntarily chose to share them. The report by San Francisco-based Kivu Consulting, Inc., was based on a first-of-its-kind detailed examination of DJI drones, mobile apps, and servers, as well as the data streams they transmit and receive. Kivu’s engineers comprehensively examined the code repositories for DJI’s mobile apps and tested whether DJI’s drones could transmit sensitive user data without connecting to the DJI app. Kivu performed this review independently and DJI did not influence the conclusion of its analysis.

Through our Bug Bounty Program detailed at https://security.dji.com, DJI encourages security researchers to contribute to our ongoing efforts in strengthening our data security by responsibly detecting and reporting potential vulnerabilities, in exchange for rewards up to $30,000. DJI has buttressed our information security commitment by requiring mandatory security training for our developers, imposing new controls on their work, and establishing an internal penetration testing program to proactively root out other potential issues. We have removed external plugins that we deemed may carry potential security risks from our flight control apps, launched an internal educational program for our developers, and strengthened our code review and testing process to reinforce the importance of software security when developing new features. DJI continues to pursue additional research and development efforts that will help our customers keep their private data private.

DJI has also released the results of an independent report done by Kivu, analyzing DJI’s data practices that concludes DJI drone users have control over how their data is collected, stored and transmitted. The report analyzed drones and software independently obtained in the United States, and confirmed DJI did not access photos, videos, or flight logs generated by the drones unless drone operators voluntarily chose to share them. A summary of the report can be found here. DJI will continue to research and invest heavily in bolstering the security of our products.

DJI has been the most vocal industry advocate for addressing the privacy, cost, and operational concerns of drone pilots in regulatory discussions, as reflected in our March 2017 white paper on the topic. DJI remains the only major company in the drone industry that has expressly asserted the privacy rights of drone operators in their business and personal drone use.

As drones increasingly take their place in the world’s skies, society has come to see the benefits of drone technology and understand how its capabilities work in practice. DJI works with regulators around the world to help ensure our customers understand the consequences of their actions and always fly safely and responsibly. In the rare cases where someone is suspected of misconduct with a drone, authorities can use existing laws to investigate and prosecute wrongdoing if necessary. DJI has also deployed AeroScope, its remote identification technology, which functions as an electronic license plate for drones. Authorities can use an AeroScope receiver to obtain the serial number and pilot location of any DJI drone that raises concerns.