The AUVSI Drone and AAM Policy Workshop was held in Washington, D.C. from July 29 to 30, 2025, bringing together government and industry leaders to discuss the future of U.S. drone policy. At the workshop, officials outlined how BIS rulemaking affects drones manufactured in China, as well as broader U.S. drone policies.
Michael Robbins, President and CEO of AUVSI, spoke with Elizabeth Cannon, Executive Director of the U.S. Department of Commerce’s Office of Information and Communications Technology Services (OICTS). The discussion, titled “Looking Ahead: How U.S. Commerce Department’s BIS Rulemaking Will Impact the Future of Drone System Compliance,” focused on how the U.S. government is leveraging its authority to manage risks related to foreign-manufactured drones, especially those from China.
What is OICTS?
The Office of Information and Communications Technology Services (OICTS) is a department under the U.S. Department of Commerce, subordinate to the Bureau of Industry and Security (BIS). OICTS is responsible for identifying and addressing national security risks related to the use of foreign information and communication technologies, including drones, telecommunications equipment, and other digital infrastructure. The office plays a key role in evaluating and regulating transactions involving potentially sensitive technologies, especially those linked to countries of concern such as China and Russia. OICTS is committed to ensuring that critical U.S. infrastructure is protected from foreign exploitation or control.
Key Authority Under the ICTS Rule
Under the ICTS (Information and Communication Technology and Services) Rule, the Secretary of Commerce has broad powers to prohibit or impose conditions on transactions involving data transmission technologies when these pose national security risks.
This rule is based on Executive Order 13873, signed in May 2019 during the first Trump administration, titled “Securing the Information and Communications Technology and Services Supply Chain.” The order authorizes the Secretary of Commerce to act against certain transactions involving ICTS from “foreign adversaries.” This authority allows the Commerce Department to address specific threats by banning transactions or requiring mitigation measures.
A recent rulemaking regarding connected vehicles provides a practical example of how this office operates. In that case, the office identified two primary risks: the misuse of personal data (such as location or facial recognition) and the potential for vehicles to be remotely controlled. The Notice of Proposed Rulemaking (NPRM) gathered industry feedback and resulted in a final rule emphasizing phased implementation and significant industry engagement.
Applying This Framework to Chinese Drones
The same authority applies to drones, especially given the widespread presence of Chinese-made drones in the U.S. market. Cannon acknowledged that due to these differences, drones were not included in the connected vehicles rule. She noted that the direct-to-consumer sales model of consumer drones, combined with a minimum threshold of $800, complicates enforcement. Imports below this threshold are not subject to the same reporting requirements as bulk transactions, making tracking difficult.
To address these challenges, the office is considering two key strategies:
Narrowing regulatory scope to cover only specific technologies that pose genuine national security threats.
Using phased timelines to allow industry adjustment and expansion of alternative suppliers.
These approaches aim to minimize disruption while addressing pressing security concerns. The agency does not adopt a one-size-fits-all approach but focuses on identifying specific systems of concern, such as software with particular vulnerabilities or communication components linked to foreign adversaries. In some cases, restrictions may apply only to the most sensitive technologies rather than entire product lines.
This precision also helps avoid a “whack-a-mole” scenario, where a banned entity simply moves assets to another legal structure. Cannon stated regulators are developing detection methods for such shifts, including hardware analysis and software tagging, to better identify when products are controlled by restricted parties from China or Russia.
Size Matters: Larger Drones May Be Prioritized
When asked whether the office prioritizes different types of drones, Cannon said larger drones might receive earlier attention. Larger drone systems are more likely to be tracked through formal channels, not exempt under minimum thresholds, and typically used in critical infrastructure sectors. However, she noted that drones of all sizes, including hobbyist models, pose security risks. The order sets a 90-day deadline for issuing guidance. She said OICTS is closely coordinating with nine other agencies through a formal interagency review process to ensure consistency
Robbins emphasized that other measures restricting Chinese-made drones, such as the Commerce Department’s ongoing Section 232 investigation, may have overlapping effects. Cannon agreed and noted that the ICTS rulemaking and Section 232 actions are expected to be complementary. She stressed the importance of collaboration and pointed out the existence of technical working groups and interagency coordination mechanisms to ensure the U.S. federal government presents a unified voice.
