U.S. Counter-Drone Rules Lag as Domestic UAS Threats Evolve
U.S. drone defenses face a growing data-retention gap as small UAS threats become more coordinated.
Commercial drones now offer range, endurance, payload capacity, autonomy and coordination features that were once limited to specialized systems. In the United States, they are increasingly used to approach, observe and probe military installations, sensitive facilities and other protected sites. The Defense Department and U.S. Northern Command have reported a steady rise in unauthorized drone activity near domestic bases, while aviation and nuclear regulators have documented hundreds of incursions near civilian airports and nuclear power plants.
Congress gave the Pentagon counter-UAS authority under 10 U.S.C. § 130i, allowing it to detect, identify, monitor, track and mitigate drone threats to covered domestic facilities and assets. The authority was built narrowly and was meant to operate alongside domestic surveillance, privacy, minimization, oversight and reporting safeguards. Amendments in the fiscal 2026 National Defense Authorization Act narrowed the purposes for retaining lawfully acquired UAS communications and related data, including command-and-control links, telemetry and signal characteristics, largely to investigations, prosecutions, ongoing security operations, federal legal requirements or litigation.
That shift matters because many domestic drone incidents are brief, individually unremarkable and never lead to criminal cases. Their value often emerges only through analysis across time and geography, when generic radio-frequency signatures, platform configurations or control methods show that the same system or technique may be probing multiple sites. Although the statute still distinguishes between sensitive communications content and non-content technical data, tighter retention rules may push agencies to apply the same restrictive logic across counter-drone datasets whose privacy risks differ materially.
The issue is not whether the government should expand domestic collection or weaken minimization rules. It is whether technical indicators lawfully acquired under existing authority can be retained long enough to support defensive analysis of evolving drone behavior while keeping privacy protections intact. Without a better match between retention rules and operational reality, defenders may see isolated incursions but miss the patterns behind them, leaving military bases and critical facilities less prepared for adaptive UAS threats.