Research

Researchers detail privacy-related legal, ethical challenges with satellite data

Penn State researchers report that GPS-enabled apps have helped a lot of people. But they can also be the source of privacy problems and national security threats. The team offers several suggestions to address those concerns. Credit: Wikimedia Commons. All Rights Reserved.

UNIVERSITY PARK, Pa. — Satellite technology has been a boon for humanity, leading to faster, clearer communications, quicker emergency responses, accurate location information, and global financial transactions. Smart devices are almost always embedded with GPS satellite chips, enabling people around the world to know where they are; telling motorists whether they are traveling in the right direction for their summer vacations; and allowing athletes to accurately track their runs, walks and bike rides.

That’s great, right? Not always.

A team of Penn State researchers is reminding policymakers, industry and citizens that satellite data, left unchecked, can be as dangerous as it is useful and as threatening to national security and civil liberties as it is helpful to the national economy.

Unfettered access to satellite data creates privacy-related legal and ethical problems and, in the wrong hands, can be a source of national security threats, like revealing the position of secret military bases and global peacekeeping operations, according to researchers Anne Toomey McKenna, Penn State Dickinson Law’s Distinguished Scholar of Cyber Law and Policy and a Penn State Institute for CyberScience (ICS) co-hire; Amy C. Gaudion, associate dean for academic affairs and assistant professor of law, Penn State Dickinson Law; and Jenni Evans, professor of meteorology and atmospheric science and ICS director. The researchers presented their work at the annual Privacy Law Scholars Conference in Berkeley, California, and their findings were just published in the Penn State Law Review, available online now.

Regulators, legislators and the public are largely unaware of the role that satellites play in the Internet of Things (IoT) universe, which the researchers label “the satellite-smart device information nexus.” Society is rapidly embracing 5G platforms, smart cities, and the interconnected IoT universe, and the researchers demonstrate that commercial remote-sensing satellites provide the technical underpinnings and data that enable these systems to function. But the satellite-smart device information nexus is not currently part of the United States' domestic privacy and electronic surveillance data framework.

According to McKenna, “an interdisciplinary and more transparent approach is needed to appropriately regulate satellites and the use and sale of satellite data in ways that are more secure in terms of both civil liberties and national security, as well as ethically correct and legally sound.”

McKenna, Gaudion and Evans identified four ways to accomplish this.

Be more transparent

Regulators, legislators and the public are largely unaware of the role that satellites play in the Internet of Things universe because organizations that launch satellites, and aggregate, use and sell satellite data, are not informing the public about what they are doing, said the researchers.

According to Gaudion, “our first and most practical recommendation is to update the U.S. and international space objects registries to require owners and operators to provide more detail and greater specificity about their satellite systems.” 

Both McKenna and Gaudion said it's important that the registries require the owners and operators to specify the type and quantity of data being collected, to reveal how the data will be used, to identify with whom the data will be shared, and to make the information publicly available, whenever feasible.

Promote openness to the public

Currently, the full licenses for commercial satellites outfitted with remote-sensing devices are not publicly available; the public can only see a brief one-page summary. According to the researchers, that practice should change. Unless there are national security concerns, or international obligations, the public should have access to the full licenses.

“The public deserves and is entitled to such transparency so that society as a whole and individuals understand how the data being collected and shared — or sold — by the license applicant may affect their privacy,” said McKenna.

Facilitate future international discussions

The topic of satellite data must be the subject of international dialogues on cyberlaw and international security, according to the researchers. Specifically, the researchers point to several international agencies that are already in a position to consider issues that surround data-gathering satellites, including several U.N. groups of governmental experts and a working group on the "Space2030" agenda.

“It is critical that the international dialogue move beyond the armed conflict and use of force paradigms to also appreciate the threats posed, not by malicious state actors or terrorist organizations, but by the business decisions of private-sector entities with access to incredible amounts of satellite-sourced data,” Gaudion said.

Make satellites and satellite data a legislative priority

Finally, the researchers have identified specific changes in the legislative realm and advise lawmakers to treat the proper handling of satellite data as an imperative national priority. Even though there have been several incidents that spurred reaction from agencies such as the Pentagon, and privacy and civil liberties concerns, the government has not, as of yet, undertaken a comprehensive, holistic approach to the problem.

“The disconnect between satellite regulation and domestic privacy and electronic surveillance law must be addressed by Congress,” McKenna added. “Comprehensive overhaul of the U.S. electronic privacy and surveillance statutory scheme is long overdue.”

Last Updated June 6, 2021

Contacts