SAFER SKIES Act: What It Actually Means for Counter-Drone

The SAFER SKIES Act was signed into law in December 2024 as part of the National Defense Authorization Act (NDAA) FY2025. The law grants expanded counter-unmanned aircraft systems (C-UAS) authority to state, local, and tribal law enforcement agencies. However, the operational reality is more limited than the headlines suggest.

What the Act Actually Authorizes

The SAFER SKIES Act (Secure Airspace for Federal Facilities and Private Entities Act) provides three primary authorizations:

1. SLTT Law Enforcement C-UAS Authority

The Act explicitly authorizes state, local, and tribal law enforcement to detect, track, and defeat unmanned aircraft systems operating within their jurisdictions without prior FAA approval or waiver.

This is the major change. Previously, any law enforcement agency using detection or mitigation technology (radar, RF sensors, kinetic interception) required FAA Certificate of Waiver or Authorization (COA) or waiver under 14 CFR 107.

Under SAFER SKIES, SLTT agencies have statutory authorization to: - Deploy detection systems (radar, RF sensing, EO/IR, acoustic). - Track unmanned aircraft. - Take mitigation action in defined circumstances (details below).

Scope of Authorization:- Applies to unmanned aircraft operating without authorization in the jurisdiction's airspace. - Applies to threats to critical infrastructure, public safety, or classified facilities.- Does not apply to authorized commercial drone operations (e.g., Part 135 operators, authorized BVLOS).

2. Mitigation Authority and Use-of-Force Framework

The Act grants SLTT agencies authority to use "reasonable measures" to disable, damage, or destroy unmanned aircraft that pose a threat. "Reasonable measures" is defined as:

• Disabling the control link via RF jamming.
• Directed energy (laser) attack to disable sensors.
• Kinetic interception via projectile or autonomous system.
• Net capture (tethered systems).

Critical Limitation: Use-of-force authority is contingent on imminent threat assessment. SLTT agencies must document: 1. Detection of the unmanned aircraft. 2. Assessment of threat level (public safety, critical infrastructure, or classified facility at risk). 3. Reasonable belief that mitigation is necessary. 4. Attempt to coordinate with FAA (if time permits).

Vague threat assessment criteria remain a significant gap. "Imminent threat" is not defined with precision in the Act. This creates liability exposure and prosecutorial risk for agencies using kinetic force.

3. Immunity for SLTT Agencies

The Act provides qualified immunity to SLTT agencies and operators for C-UAS actions taken in good faith under the statute. This covers:

• Detection activity (radar operation, RF scanning).
• Tracking operations.
• Mitigation actions (RF jamming, kinetic interception).

Immunity does not apply to: - Actions taken in gross negligence or willful misconduct.- Actions taken outside the scope of imminent threat (e.g., shooting down a hobbyist drone at 10 km range because an unrelated critical infrastructure site is nearby).

The immunity provision is meaningful but not absolute. Agencies remain exposed to civil liability if threat assessment is demonstrably reckless.

What the Act Does NOT Authorize

Three major gaps remain:

1. No Private Sector Authority

The Act does not authorize private companies, universities, or critical infrastructure operators to conduct C-UAS operations. A power utility cannot deploy jamming or kinetic mitigation against threatening drones, even if the drones are attacking its generation facility. The utility must contact law enforcement.

This creates operational delays. A drone attack on a power plant triggers police response time (5–30 minutes in rural areas), during which the attack continues.

Workaround: Critical infrastructure operators can request SLTT law enforcement to establish pre-positioned C-UAS capabilities at sensitive sites. DHS has published guidance on this coordination model. However, implementation is voluntary and resource-limited.

2. No Federal Authority Expansion

The Act does not grant the Federal Aviation Administration (FAA) direct authority to conduct C-UAS operations. The FAA retains regulatory authority over airspace but no enforcement power.

Federal C-UAS remains the province of DoD, DHS Customs and Border Protection (CBP), and Secret Service for specific mission areas. The Act does not expand Federal authority; it delegates authority downward to SLTT.

3. No Instant Capability

The Act authorizes but does not fund SLTT agencies. There is no appropriation for detection equipment, training, or personnel. Agencies must identify resources internally or seek grants (FEMA, DHS, or other Federal sources).

The implication: Authorization without funding means capability will be slow to deploy and unevenly distributed. Major metropolitan areas (LAPD, NYPD, Harris County Sheriffs) will acquire systems quickly. Rural or under-resourced agencies will have years-long delays.

Implementation Timeline

The Act directs DHS and DoD to establish implementation guidance within 90 days of enactment (by early March 2025). Expected guidance will address:

1. Threat Assessment Standards: Definition of "imminent threat" and threat levels requiring different response tiers.
2. Coordination Protocols: How SLTT agencies coordinate with FAA and Federal agencies before/during/after C-UAS action.
3. Equipment Standards: Which detection and mitigation technologies are authorized. (This is critical: RF jamming at different power levels has different legal risk profiles.)
4. Training and Certification: Minimum training requirements for SLTT operators.
5. After-Action Reporting: Incident reporting to DHS/DoD.

Timeline is aggressive. Full implementation guidance by mid-2025 is tight but achievable.

What Practitioners Need to Know

For SLTT Law Enforcement

Opportunity: The Act removes a major regulatory hurdle. Law enforcement agencies can now legally deploy C-UAS systems without FAA approval. This accelerates procurement.

Liability Risk: Authorization does not eliminate liability. Agencies must document threat assessment and decision-making. Poorly justified mitigation (killing a hobbyist drone that drifted into airspace) creates civil exposure and potential criminal charges (e.g., reckless endangerment).

Action Items:- Review draft implementation guidance from DHS/DoD (expected March 2025). - Conduct threat assessment of critical infrastructure in jurisdiction (power plants, water treatment, hospitals, government facilities, classified military sites). - Identify pre-positioned locations for C-UAS equipment. - Budget for equipment procurement FY2025–2026. - Establish training program for designated operators. - Coordinate with FAA regional office on notification protocols.

For Vendors

Market Expansion: Authorization of SLTT C-UAS creates a new customer segment. Expect 50–100 SLTT agencies to conduct RFQ/RFP processes in 2025.

Certification Requirements: Vendors should prepare technical documentation demonstrating compliance with forthcoming Federal standards. Products not pre-certified will face lengthy sales cycles.

Bundled Solutions: SLTT agencies typically lack C-UAS expertise. Vendors offering bundled detection + mitigation + training will win more contracts than point-solution vendors.

Risk Mitigation: Liability language matters. Vendors should provide contractual indemnification for agencies acting within scope of the Act. Vendors cannot indemnify agencies acting in gross negligence (outside legal scope).

For Critical Infrastructure

No Direct Authority: Your organization cannot conduct C-UAS operations independently. Mitigation must involve SLTT law enforcement.

Recommended Approach:1. Contact your state police/national guard and local law enforcement. Discuss drone threats to your facilities. 2. Request that agencies establish C-UAS capability at or near your critical assets. 3. Establish pre-incident coordination: How will law enforcement respond to detected drone activity? 4. Conduct vulnerability assessment: At what dwell time or range would a drone trigger concern? 5. Coordinate with DHS field office (CISA regional division) on threat intelligence sharing.

The Gap Between Authorization and Capability

The Act authorizes C-UAS operations. Capability is a different matter.

Detection Gaps:- SLTT agencies will struggle to acquire Ku-band or Ka-band radar (expensive, $1–3 million per system, limited supply). - RF sensing systems are more accessible (commercial products, $100k–500k range) but are limited in range and accuracy. - EO/IR systems are mature and affordable but require skilled operators. - No SLTT agency will have redundant, overlapping sensor networks in 2025. Coverage will be sparse.

Mitigation Gaps:- Kinetic interception (Coyote, Roadrunner) requires both high-level authorization and highly trained personnel. SLTT agencies will not operate these in 2025. - RF jamming is simpler but creates legal jeopardy (potential interference with other communications) and requires careful threat assessment. - Net capture systems require proximity and pre-positioning.

Realistic 2025 Capability:- Major metro police departments will have RF sensing and EO/IR systems at airports and critical infrastructure sites. - State police/national guard may acquire radar systems in 1–2 units statewide. - Mitigation will primarily rely on law enforcement armed response (armed helicopter, armed drone intercept) rather than purpose-built C-UAS systems. - Rural and small-city SLTT agencies will have minimal to no C-UAS capability in 2025.

What Comes Next

Congressional Attention: Expect follow-on legislation in 2025–2026 that includes funding for SLTT C-UAS deployment. A $500 million–$1 billion grant program (similar to Homeland Security Grant Program structure) is plausible.

Incident Pressure: The first serious public incident—a drone attack on critical infrastructure captured on video—will drive accelerated funding and authority expansion. Authority without capability invites Congressional criticism.

Private Sector Pressure: Expect critical infrastructure industry groups to lobby for private C-UAS authority in 2025–2026. Current language may be revised to permit private mitigation in narrow circumstances (e.g., immediate defense of critical asset under active attack).

Technical Standards: Expect DHS or NIST to publish technical standards for SLTT C-UAS systems in 2025. These will likely reference military standards (e.g., DoD's C-UAS technical baseline) but with modifications for SLTT context.

Bottom Line

The SAFER SKIES Act is a necessary but insufficient step. It removes a regulatory barrier and establishes legal authority for SLTT agencies. It does not immediately grant capability.

Smart agencies are using late 2024 and early 2025 to: 1. Acquire the most accessible detection systems (RF sensing, EO/IR). 2. Train designated personnel. 3. Establish coordination protocols with Federal partners. 4. Budget for equipment in FY2025–2026.

Dumb agencies are waiting for implementation guidance or assuming capability will appear automatically.

The delta between authorization and capability is the market opportunity for vendors and the risk exposure for agencies.

Related Reading

• Who Can Legally Shoot Down a Drone?
• The Authority Gap
• FCC Covered List and C-UAS