As used in this subpart—

"Adversary country", as defined in Executive Order 13981, means the Democratic People's Republic of Korea, the Islamic Republic of Iran, the People's Republic of China, the Russian Federation, or, as determined by the Secretary of Commerce, any other foreign nation, foreign area, or foreign non-government entity engaging in long-term patterns or serious instances of conduct significantly adverse to the national or economic security of the United States.

"Drones", terminology commonly used to refer to unmanned aircraft, unmanned aircraft system, or covered unmanned aircraft system—

(a)“Unmanned Aircraft”, as defined in 14 CFR Part 1, means an aircraft operated without the possibility of direct human intervention from within or on the aircraft. Unmanned Aircraft is synonymous with UAS.

(b)“Unmanned Aircraft System”, as defined in 14 CFR Part 1, means an unmanned aircraft and its associated elements (including communication links and the components that control the unmanned aircraft) that are required for the safe and efficient operation of the unmanned aircraft in the airspace of the United States. UAS is commonly referred to as “drones”.

(c)“Covered Unmanned Aircraft System (UAS)”, as defined in Executive Order 13981, means any UAS that:

(1)is manufactured, in whole or in part, by an entity domiciled in an adversary country;

(2)uses critical electronic components installed in flight controllers, ground control system processors, radios, digital transmission devices, cameras, or gimbals manufactured, in whole or in part, in an adversary country;

(3)uses operating software (including cell phone or tablet applications, but not cell phone or tablet operating systems) developed, in whole or in part, by an entity domiciled in an adversary country;

(4)uses network connectivity or data storage located outside the United States, or administered by any entity domiciled in an adversary country; or

(5)contains hardware and software components used for transmitting photographs, videos, location information, flight paths, or any other data collected by the UAS manufactured by an entity domiciled in an adversary country.

(a)Executive Order (E.O.) 13981, “Protecting the United States From Certain Unmanned Aircraft Systems”, states that it is the policy of the United States to prevent the use of taxpayer dollars to procure UAS that present unacceptable risks and are manufactured by, or contain software or critical electronic components from, foreign adversaries.

(b)GSA Information Technology (IT) Security Procedural Guide CIO-IT Security-20-104, “Drones/Unmanned Aircraft Systems (UAS) Security” outlines the process for ensuring UAS security at GSA. The Chief Information Office (CIO) policies are available at https://insite.gsa.gov.

(c)GSA Order OAS 5615.1, “GSA Unmanned Aircraft Systems (UAS) Policy” describes the policy for GSA’s ownership and use of UAS. GSA Orders are available at https://gsa.gov/directives-library.

(a) GSA employee use of UAS. GSA is prohibited from owning and procuring UAS (commonly referred to as “drones”) for use by GSA employees.

(b) GSA-funded acquisitions that use UAS. GSA may contract for services that use ancillary UAS. For any contract, order, agreement, purchase card transaction, or purchasing mechanism used for GSA-funded acquisitions for services that use ancillary UAS services, the requirements office must.

(1)Specify in the contract language that:

UAS will not be owned or used exclusively by GSA; and,

(The contractor will comply with the requirements of all applicable FAA regulations including but not limited to 14 CFR Part 107 “Small Unmanned Aircraft Systems” ( https://www.ecfr.gov/current/title-14/chapter-I/subchapter-F/part-107).

(2)Ensure that the UAS is not a covered UAS.

(3)Ensure all UAS are registered and authorized for use through the process detailed in the GSA Information Technology (IT) Security Procedural Guide CIO-IT Security-20-104, “Drones/Unmanned Aircraft Systems (UAS) Security”.

UAS registered and authorized for use. UAS that is registered and authorized for use can be found at the GSA Enterprise Architecture Analytics and Reporting (GEAR) application ( https://ea.gsa.gov/). Utilizing GEAR will ensure the procurement does not violate the prohibition at 537.7002(a).

Request for new UAS. For new UAS not already registered and authorized for use in the GEAR application ( https://ea.gsa.gov/), follow the instructions in the “GSA IT Security Procedural Guide CIO-IT Security-20-104, “Drones/Unmanned Aircraft Systems (UAS) Security”.

(4)Review and incorporate the applicable sections, requirements, and best practices of “GSA IT Security Procedural Guide CIO-IT Security-20-104, “Drones/Unmanned Aircraft Systems (UAS) Security” in the statement of work or equivalent. This includes:

(i)UAS Operator Approval and Recertification;

(ii)Installation and use of UAS software and firmware;

(iii)Securing UAS operations;

(iv)UAS data storage and transfer; and,

(v)Approval of UAS platforms.

(5)Coordinate pre-award solicitations with IS-Contracts-Review@gsa.gov for GSA IT review and approval of the applicable sections, requirements, and best practices for the ancillary UAS services, see also 539.101(b) for CIO coordination involving the acquisition of information technology.

(6)Review and incorporate the applicable sections and requirements of GSA Order OAS 5615.1, “Unmanned Aircraft Systems (UAS) Policy”.

(c) Assisted acquisitions that use UAS. The requesting agency is responsible for ensuring that its UAS policy and operational guidance has been established and is followed. As the servicing agency, the GSA contracting officer should confirm the existence of the requesting agency’s policy and operational guidance by documenting it in the interagency agreement or through a separate document included in the contract file.