Skip to content
Stratum Asset Intelligence Recurring Drone Inspection Programs for Facility Operations

Industry Perspective · Public Comment

Why Commercial Drone Policy Needs a Risk-Based Framework

National security regulation is important and legitimate. It is also more durable, more proportionate, and more effective when it distinguishes commercial inspection of private industrial property from contexts that are genuinely national-security-sensitive.

By Justin Birch, Founder, Stratum Asset Intelligence LLC. Adapted from formal comments submitted in April 2026 to the FCC, Proceeding DA 26-22, Petition for Reconsideration of the December 2025 Covered List designation.

Stratum Asset Intelligence runs recurring drone inspection programs for industrial and commercial facilities in Northeast Ohio. We fly preplanned, low-altitude routes over private property under controlled flight conditions, with no proximity to military installations or critical communications infrastructure, and we deliver findings into client maintenance systems as structured records. We do not collect intelligence. We collect roof condition.

In December 2025 the FCC added DJI to its national security “Covered List” under the Secure and Trusted Communications Networks Act, blocking new DJI products from receiving FCC equipment authorization. The action treats a consumer recreational drone, a commercial inspection drone over a private industrial site, and a drone operating near a military installation as if they were the same regulatory object. They are not.

Stratum filed a public comment in support of DJI's Petition for Reconsideration — not to dispute the FCC's national security mandate or the Department of Defense's classified equities, but to ask the Commission to apply that mandate proportionately. The version below is the founder-readable summary. The full filing is on the FCC's Electronic Comment Filing System under Proceeding DA 26-22.

Why we filed

A blanket prohibition on new DJI hardware looks simple from a national security desk. From the desk of a small commercial operator, it looks like the rule that ends the business. There is no domestically produced enterprise drone available today at price-to-performance parity with DJI for the inspection profile we operate. American manufacturers, most notably Skydio, have pivoted heavily to defense and government channels. The commercial enterprise inspection segment — infrastructure, utilities, building envelope, agriculture — has not been backfilled. The result is not a market opportunity for U.S. industry; it is a vacuum, and small operators are the ones standing in it.

1. Domestic supply readiness is a precondition, not an assumption

The premise underlying the Covered List designation appears to be that domestic manufacturers will step in. That premise should be tested before action, not assumed after. Before any Covered List designation is used to exclude a product category, the Commission should publish a domestic supply readiness determination — a factual finding as to whether viable domestic alternatives exist at commercial price points, for the operational profiles affected. If they do not, the Commission has not opened a market; it has closed one.

2. Banning new hardware while existing hardware stays in service does not solve the security problem

Existing DJI hardware with prior FCC authorization remains fully legal to own and operate. If the underlying security concern is real, it is not mitigated by the Covered List designation — it persists in the installed base. Meanwhile, U.S. operators are denied access to newer DJI platforms with enhanced data security features, local processing, and improved encryption. The action freezes innovation without resolving the threat the Commission identified. Whatever the right answer is on national security grounds, this is not it.

3. A single regulatory category cannot address fundamentally different risk profiles

A consumer drone flown near a military installation and a commercial inspection drone flown at low altitude over a private industrial roof present fundamentally different national security profiles. Treating them identically is not regulatory neutrality — it is regulatory imprecision.

The Commission should establish a tiered commercial-use framework that accounts for, at minimum, four variables:

  • Operational context. Proximity to sensitive infrastructure, flight altitude, airspace classification, asset type.
  • Data-handling architecture. Local versus cloud storage, transmission security, data sovereignty controls, retention policy.
  • Operator certification. FAA Part 107 status, enterprise data-handling agreements, third-party audit compliance.
  • Use case. Commercial inspection, agriculture, public safety, government and defense operations — all distinct.

A Trusted Commercial Operator program for certified Part 107 operators with documented data security controls would let the Commission act on legitimate national security concerns where they actually exist while preserving the commercial drone services market the United States is trying to build.

4. Procedural fairness: a transition pathway, a waiver mechanism, and decertification criteria

The December 2025 action was issued without a transition timeline, without a domestic manufacturing readiness assessment, without an economic impact study, and without a waiver pathway for commercial operators with no viable domestic alternative. This is procedurally avoidable.

Stratum has asked the Commission, as part of reconsideration, to commission a formal economic impact assessment focused on small-business commercial drone operators; to establish a commercial waiver pathway for certified Part 107 operators using DJI hardware in non-sensitive operational contexts with documented data security controls; to define clear decertification criteria so a manufacturer can be removed from the Covered List upon meeting defined security standards; and to publish a domestic supply readiness determination before any Covered List designation is used to exclude a category for which no viable domestic alternative exists at commercial price points.

5. Classified evidence and due process for affected commercial parties

Stratum does not dispute the Department of Defense's authority or its national security equities. We acknowledge that classified intelligence is a legitimate input to regulatory action. We also note that classified evidence which cannot be reviewed or rebutted by affected commercial parties raises real due-process concerns for small businesses whose livelihoods are directly affected.

The Commission should ensure that any reliance on classified evidence is narrowly scoped to specific, articulable security risks — and that the resulting regulatory action is proportionate to those specific risks rather than a blanket prohibition on commercial use of an entire hardware lineage. Proportionality is what makes national security regulation durable.

What this looks like in practice for a Stratum-class operator

Our operational context illustrates why a tiered framework is workable, not just defensible. Service offering: recurring drone inspections of commercial and industrial buildings, with findings delivered into the client's CMMS. Data types collected: exterior building imagery (RGB and thermal), structural defect documentation, asset condition scoring — not communications intercepts, not government asset geolocation. Data handling: client data stored locally or in U.S.-based encrypted cloud environments, with no transmission to foreign servers and no geolocation of sensitive assets. Operational geography: Northeast Ohio commercial and industrial properties with no proximity to military installations, government facilities, or critical communications infrastructure. Regulatory standing: FAA Part 107 certified.

A Trusted Commercial Operator framework would simply formalize what enterprise operators already do because their clients require it. Most of us have data handling obligations to our clients that are tighter than anything the FCC would impose at the device level. We would welcome the certification.

How this connects to Stratum's operations

Stratum's programs were designed from the start around controlled, maintenance-focused inspection operations. Findings flow into client maintenance systems as structured records — PDF/CSV deliverables for Essential Asset Watch, CMMS-ready import files for Critical Asset Assurance, direct API or managed feeds for the Reliability Program. Data is held under client-specific handling agreements in U.S.-based environments. Critical findings trigger an S1 alert within four hours and a written action summary within twenty-four. The hardware question is one input to that operation; the operating discipline around the hardware is what makes the program defensible to a client's risk and security teams.

Closing

National security regulation is necessary. So is the small commercial drone services sector that the United States is trying to grow. Both can hold. The path is a risk-based framework that distinguishes commercial inspection from national-security-sensitive contexts, with operator certification, data-handling controls, supply readiness, and procedural fairness built in. Stratum supports the Commission in finding it.

Adapted from Stratum Asset Intelligence LLC's public comment to the Federal Communications Commission, Proceeding DA 26-22 (April 2026). Filed via the FCC Electronic Comment Filing System.

Related

Talk to Stratum About a Recurring Inspection Program

Whether you're scoping a first inspection program or replacing ad-hoc vendor spend with a planned reliability function, we'd welcome the conversation.

Start a Program Conversation

Back to Resources