Photo of Sharmistha DasPhoto of Stephanie CrawfordPhoto of Riley Delfeld

The Transportation Security Administration (TSA) recently proposed an expanded role regulating unmanned aircraft systems (UAS), or drones.  On August 7, 2025, the Federal Aviation Administration (FAA) and TSA published a joint Notice of Proposed Rulemaking (proposed rule), titled Normalizing Unmanned Aircraft Systems Beyond Visual Line of Sight Operations (BVLOS).  Through this landmark proposed rule, the FAA and TSA aim to provide industry with a clear path forward for streamlined UAS operations for a variety of purposes, including package delivery, agriculture, aerial surveying, civic interest (public safety), and flight testing.  Comments on the proposed rule are due October 6, 2025.

This proposed rule includes TSA-led security measures that will have significant ramifications for the deployment of commercial drones.  This is our second alert in a series covering the proposed rule.  See our previous alert for a general overview of the proposed rule and where it fits into the world of civil aviation regulation.  Stay tuned for additional alerts diving deeper into other key features of this significant rulemaking.

TSA’s Security Mission

Congress created TSA in the aftermath of September 11, 2001, through the Aviation and Transportation Security Act (ATSA), and it later became part of the Department of Homeland Security (DHS).  Under ATSA, TSA is broadly tasked with enhancing security for “all modes of transportation” by assessing national security risks, developing security procedures, and enforcing compliance with these procedures.

TSA’s security remit is far-reaching.  TSA is often best known for its aviation security mission, but it also plays a key role in surface transportation (public transit, railway systems, and pipelines), and port and maritime security.  Among other functions, TSA engages in various forms of cargo screening, conducts passenger identification and personnel background checks, and assists with intelligence coordination and the development of security standards.  For example, TSA issued cybersecurity requirements in coordination with the Cybersecurity and Infrastructure Security Agency (CISA) after a 2021 ransomware attack on a pipeline, promulgated security training requirements in 2020 for certain higher-risk freight railroad carriers and bus companies, and conducts background checks on maritime workers who need to access secure areas of ports and vessels.   

Drones offer a promising means of quickly transporting goods, among other uses.  As their use has expanded, so have related national security concerns.  Drones can be used to interfere with manned aircraft, carry illicit or dangerous cargo, and attack critical infrastructure.  The proposed rule cites Executive Order 14307, issued on June 6, 2025, which states that “criminals, terrorists, and hostile foreign actors have intensified their weaponization of these technologies, creating new and serious threats to our homeland” and “[d]rug cartels use UAS to smuggle fentanyl across our borders . . . .”  According to written testimony submitted by a DHS Acting Assistant Secretary for a 2022 hearing before the Senate Committee on Homeland Security and Governmental Affairs: (1) since 2021, TSA had reported nearly 2,000 drone sightings near U.S. airports (including incidents requiring evasive action by pilots to avoid fatal collisions); (2) since 2019, drone incidents had required airports to fully halt operations three times; and (3) in 2021, drone incidents had caused airports to partially suspend operations over 30 times.  According to the testimony, during 2021-2022, the Federal Bureau of Investigation (FBI) identified 235 reports of suspicious drone flights at or near chemical plants in Louisiana, with similar incidents reported in Oklahoma and Texas.  More recently, in the fall and winter of 2024, sightings of drone formations on the East Coast prompted a joint investigation by DHS, the Department of Defense, and the FBI, alongside significant public concern.

Until now, TSA’s security efforts related to drones have focused primarily on screening drones at airport checkpoints and Counter-Unmanned Aircraft Systems (C-UAS) operations.  But lawmakers on both sides of the aisle have expressed the importance of ensuring that security and innovation go hand in hand.  In fact, the House Committee on Transportation and Infrastructure recently approved bipartisan legislation that would, if enacted, reauthorize and expand C-UAS authorities for DHS, the Department of Justice, and FAA.  This proposed rule marks a key step forward in TSA’s efforts to enhance its oversight of security in commercial drone operations in collaboration with FAA and industry.

TSA’s Role in Proposed Rule

The proposed rule lays out two key security-related roles for TSA: (1) vetting key personnel through security threat assessments and (2) establishing standard security programs for package delivery operations.

(1) Security Threat Assessments

TSA proposes to conduct security threat assessments (STAs) of certain covered persons that are most integral to the security of drone operations.  Because individuals with malicious intent in these positions could cause some of the greatest damage, TSA proposes that they be vetted through a so-called Level 3 STA, which includes a check against criminal history, immigration, and intelligence-related databases and watchlists.  As in other vetting services that TSA provides for the FAA, the FAA will then use these assessments to deny or revoke UAS operating certificates, as applicable.  Covered persons would be required to renew their STAs as needed or risk removal from their positions.  

The proposed rule does not define different tiers of threat assessments, but a DHS Privacy Impact Assessment (PIA) of a different proposed rule on the vetting of certain surface transportation employees, from 2023, describes three tiers of STAs that could be the basis of the proposed rule’s approach.  The tiers build upon each other.  A Level 1 STA is limited to screening against government watchlists, a Level 2 STA includes Level 1 screening as well as an immigration status check, and a Level 3 STA also includes a criminal history check.

The scope of covered persons in the proposed rule includes operations supervisors and flight coordinators, those with unescorted access to the UAS, unescorted individuals involved in cargo loading and transport on the UAS, and those with unescorted access to the control or flightpath of the UAS.  TSA and FAA specifically invite comments on this list, particularly as to whether individuals who own or control corporate entities conducting BVLOS operations should be included.  As a related example, TSA notes that STA requirements currently exist for owners of indirect air carriers (companies that arrange movement of air cargo on behalf of shippers but do not operate aircraft themselves).

While it appears the enrollment process for the STA will be solidified further in the final rule, the proposed rule suggests that applicants will undergo the assessment at a TSA enrollment center by providing certain required information about their identity and background.

TSA estimates overall fees of $244 per required Level 3 STA, with an estimated 1.5 hours needed to undergo vetting.  TSA is required by law to collect fees to recover all costs of the vetting process.

(2) Security Programs for Package-Delivery Operations 

TSA cites significant national security considerations regarding drone package deliveries, including potential abuse by drug cartels, criminals, terrorists, and hostile foreign actors.  As a result, the rule proposes requiring operators to obtain TSA approval of their security programs.  In the proposed rule, TSA offers a glimpse of requirements that might be included in a TSA-approved security program.  TSA would work with operators who already have security programs to identify any necessary modifications.

Examples of Potential Elements of a TSA-Approved Security Program for Cargo UAS
Measures to prevent unescorted persons from accessing UASScreening procedures for cargo to prevent carriage of dangerous itemsRequired Security Coordinators

There is precedent for these security programs in TSA’s current regulatory structure.  Domestic and foreign carriers to and from the United States have long been required to utilize TSA-approved security programs.  Operators can request amendments to TSA’s standard security program, and TSA can grant exemptions.  A summary of TSA security program requirements for cargo and airlines can be found on TSA’s website.  In the proposed rule, TSA indicates that (1) it may expand this requirement to other BVLOS activities in its final rule, and (2) it would consider limiting the scope of regulated package delivery systems by intended use, payload, range, or other limiting factors.

TSA has not provided a cost estimate for adoption of a limited security program because the needed program will differ based on the entity and activity at issue.

Key Takeaways

  • Submit a Comment: Comments are due by October 6, 2025.  The FAA and TSA encourage stakeholders to provide input on operational requirements, technical standards, risks, and regulatory burdens.  The public comment period is a significant opportunity to provide industry expertise on drone operations, raise any concerns about proposed requirements, and seek clarification of undefined or unclear terms.
  • Know The Stakeholders: Although this is a joint proposed rule, the agencies plan to concurrently issue separate final rules.  A final rule is expected in January or February 2026, and stakeholders should monitor official statements for any relevant timeline updates.  The timeline—plus the joint issuance of the proposed rule with language citing the agencies’ continued cooperation—underscores the importance of considering the various stakeholders in crafting effective feedback on the rulemakings.  Moreover, interagency review conducted by the Office of Information and Regulatory Affairs (OIRA) affords an opportunity for federal government stakeholders other than the authoring agencies to weigh in on the rulemakings.  And, once rules are under OIRA review, interested parties can request a meeting with OIRA under Executive Order 12866.
  • Account for Security Risks: Ensuring the security of UAS operations will likely remain a government priority in light of the growing national security concerns raised by UAS operations and strong focus on those concerns by both the legislative and executive branches.  Stakeholders weighing in on this proposed rule should account for policymakers’ prevailing view of these security risks when preparing their comments.

Tags: FAA, government contracts
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Sharmistha Das Sharmistha Das

Sharmi Das’ experience at the Department of Homeland Security (DHS), Department of Justice (DOJ), the White House, the U.S. Senate, and private practice positions her to guide clients through regulatory challenges, government-facing issues, and scrutiny from Congress and other oversight bodies. Sharmi has

Sharmi Das’ experience at the Department of Homeland Security (DHS), Department of Justice (DOJ), the White House, the U.S. Senate, and private practice positions her to guide clients through regulatory challenges, government-facing issues, and scrutiny from Congress and other oversight bodies. Sharmi has handled dozens of congressional inquiries and managed a program that developed hundreds of regulatory actions relating to homeland security matters, including technology, cybersecurity, contracts and grants, intelligence, health, and immigration. She participated in hundreds of policy discussions at the White House and DHS on high-profile issues that were often in the headlines, including domestic and international crises and emergencies.

Sharmi brings over a decade of experience analyzing statutory and regulatory text to both challenge and defend agency actions in litigation. She uses her knowledge of the Administrative Procedure Act (APA) and federal rulemaking process to help clients shape regulatory authorities, comply with them, and challenge them. In both the executive and legislative branches, Sharmi crafted strategies to resolve inquiries from the Hill, other federal oversight bodies, and the public, often under immense public scrutiny.

Sharmi was awarded the Distinguished Service Medal by the Secretary of Homeland Security for exceptional service, the Department’s highest civilian honor. She was also recognized as an honorary Judge Advocate General by the U.S. Coast Guard. Sharmi values public service and maintains a diverse pro bono practice, including her time seconded to the Legal Aid Society of the District of Columbia.

Read more about Sharmistha Das
Show more Show less
Photo of Stephanie Crawford Stephanie Crawford

Stephanie Crawford is a trusted counselor to a broad range of industries facing reorganizations, transactions, national security issues, and questions of supply chain management. Stephanie provides related mergers and acquisitions, counseling, litigation, international arbitration, and investigations services to clients in the aerospace and

Stephanie Crawford is a trusted counselor to a broad range of industries facing reorganizations, transactions, national security issues, and questions of supply chain management. Stephanie provides related mergers and acquisitions, counseling, litigation, international arbitration, and investigations services to clients in the aerospace and defense, communications, energy, information technology, and consumer products sectors.

Stephanie has substantial experience with both buy-side and sell-side transactions. She has led government contracts diligence for numerous private equity entities and defense contractors. She assists clients with navigating post-closing government requirements, including unique license transfers and approvals; novation and change of name regulations; and Defense Counterintelligence and Security Agency communications and foreign ownership, control, and influence (FOCI) mitigation.

Stephanie counsels clients on supply chain, sourcing, and national security regulations and requirements. Such counseling includes compliance with the Defense Production Act, including priority orders, ratings and associated regulations; the Public Readiness and Emergency Preparedness Act; and National Industrial Security Program Operating Manual (NISPOM) regulations. She is also known for her ability to solve immediate and business-threatening System for Award Management (SAM) and Defense Logistics Agency (DLA) CAGE Code problems.

Stephanie defends government contractors facing potential tort litigation with a nexus to their government contracts and facing supply chain and national security-related investigations, litigation, and arbitrations.

Stephanie’s pro bono practice focuses on a broad range of veterans’ issues, including disability ratings and discharge upgrades

Read more about Stephanie Crawford
Show more Show less
Photo of Riley Delfeld Riley Delfeld

Riley Delfeld helps clients with government contracts and international trade issues with a U.S. national security nexus. Her practice covers investigations, transactions, compliance, and regulatory advice.

Riley received her J.D. from Duke University School of Law, where she served as a notes editor

Riley Delfeld helps clients with government contracts and international trade issues with a U.S. national security nexus. Her practice covers investigations, transactions, compliance, and regulatory advice.

Riley received her J.D. from Duke University School of Law, where she served as a notes editor for the Duke Law Journal and co-president of the National Security Law Society. At Duke, Riley also received her LL.M. in international and comparative law. During law school, she externed with the U.S. Air Force JAG Corps at Joint Base Andrews and worked for Duke’s Center on Law, Ethics, and National Security.

Read more about Riley Delfeld
Show more Show less
Related Posts
Restarting the Protest Process: What Government Contractors Can Expect as the Shutdown Ends
November 13, 2025
All Things Protest: Shutdown Impact, Heightened Pleading Standards, and AI Usage at GAO
November 13, 2025
August 2025 Bid Protest Sustain of the Month: GAO Sustains Protest of Past Performance Evaluation and Best Value Tradeoff on Multiple Grounds
November 11, 2025