By Wesley Alexander • July 8, 2026 • 9 min read

Tactical Summary

On July 6, 2026, the Department of Homeland Security and the Department of Justice jointly published an interim final rule (IFR) implementing the counter-unmanned aircraft system (C-UAS) provisions of the SAFER SKIES Act. The rule is document 2026-13609 (91 FR 41466), docket FBI-2026-0001, and it adds new Part 124 to both 6 CFR and 28 CFR. It took effect July 1, 2026, and public comments close September 4, 2026 through regulations.gov.

The headline for pilots: trained state, local, Tribal, and territorial (SLTT) law enforcement and correctional agencies can now legally detect, track, disrupt, seize control of, or physically disable a drone that they assess as a credible threat. That authority used to sit with a handful of federal agencies. It now extends to your county sheriff and the prison two towns over, provided they meet the certification and equipment requirements. If you fly commercially near stadiums, prisons, or critical infrastructure, your lawful operation now shares airspace with people authorized to bring your aircraft down.

What the rule actually authorizes

The SAFER SKIES Act was signed December 18, 2025 as part of the FY2026 National Defense Authorization Act (Public Law 119-60), codified largely at 6 U.S.C. 124n. The Act granted the authority. This IFR builds the operational machinery: training and certification, authorized equipment, spectrum coordination, airspace approval, air traffic control notification, mitigation reporting, and privacy protections.

The certification structure is two-tiered, and the distinction matters for how you read a given agency's capability:

Agencies can only mitigate credible threats to a defined list of protected categories: people, facilities and assets, venues used for large-scale public gatherings or events, critical infrastructure, and correctional facilities. Mitigation is not a general patrol tool. It is threat-triggered, it must be documented, and every mitigation action must be reported back to DOJ and DHS.

Two federal lists govern which hardware is legal. The Authorized Technologies List identifies approved categories of C-UAS technology, and the Authorized Systems List identifies specific approved systems at the make-and-model level. Both are maintained through the FBI's Law Enforcement Enterprise Portal (LEEP). An agency cannot lawfully point an arbitrary jammer at the sky. The system has to be on the list.

The FCC actions are the part most operators will miss

The DOJ and DHS rule is only half the package. Many C-UAS mitigation systems work by interfering with the radio link between a drone and its operator, and that runs straight into Section 333 of the Communications Act, which prohibits willful interference with authorized radio communications. Without the FCC moving in parallel, the rule would authorize an action that another federal statute forbids.

So the FCC issued four coordinated actions. The most immediate is a 180-day blanket Special Temporary Authority allowing eligible SLTT agencies to operate approved C-UAS systems while long-term authorization is built out. The Commission also waived equipment-authorization requirements so approved RF-based systems can reach qualified agencies faster, and it issued declaratory rulings clarifying that non-federal personnel operating under federal oversight can receive derivative immunity from Section 333 liability when running authorized C-UAS operations.

Translate that into operator terms: the legal and spectrum friction that kept local jamming rare is being deliberately removed. RF-based mitigation near you is going to become more common, not less, over the next two quarters.

Where your lawful flight now carries exposure

This is the uncomfortable part, and it is worth stating plainly. Nothing in this rule requires an agency to positively identify your Remote ID, confirm your Part 107 or Part 108 status, and clear you before acting. Mitigation is authorized against a credible threat assessed under the totality of the circumstances. A legal inspection flight near a substation, a mapping mission over a construction site next to a prison, or a real-estate shoot within sight of a stadium on game day can all read as a threat to an operator who does not know you are there.

There are real guardrails. The authority cannot be used solely to seize, monitor, deter, or interfere with people exercising First Amendment rights, privacy protections apply, and mitigation actions must be documented and reported. Those protections matter after the fact. They do not un-jam your aircraft in the moment.

The practical risk is not that police start hunting commercial drones. It is that your aircraft becomes collateral in an ambiguous situation because you looked like the threat and nobody could tell otherwise fast enough.

The operator checklist

If your operations put you anywhere near the protected categories, treat this rule as a change to your pre-flight risk model, not as distant news.

  1. Map your exposure zones. Identify every recurring job site within line of sight of a stadium, arena, large event venue, correctional facility, or designated critical infrastructure. Those are now potential C-UAS engagement areas on the right day.
  2. Broadcast clean Remote ID, every flight. Remote ID is explicitly named in the statute as one of the warning and identification channels. A correct, verifiable broadcast is your single best signal to a detection operator that you are a known, cooperative aircraft rather than an anonymous intruder. Confirm your module or standard RID is actually transmitting, not just installed.
  3. Coordinate before you fly near events. For planned operations near a large public gathering, contact the venue security or the agency of jurisdiction in advance. A logged notification converts you from unknown contact to deconflicted operator. Pair this with your existing NOTAM and TFR workflow, because event airspace often carries both a restriction and a C-UAS posture now.
  4. Document authorization on your person. Carry your Part 107 certificate or Part 108 authorization, any waiver, LAANC approval, and site permission where you can produce it immediately. This does not stop a mitigation in progress, but it shortens every conversation that follows one.
  5. Watch the critical-infrastructure trend. Operators serving energy, utilities, and industrial sites already face a hardening security environment, a shift we covered in the solar-farm and critical-infrastructure security analysis. C-UAS authority accelerates it. Expect site owners to ask about your deconfliction plan.

The comment window is a genuine lever

The IFR is open for public comment through September 4, 2026 under docket FBI-2026-0001 at regulations.gov. Interim final rules take effect immediately, but the comment record shapes the final version. This is the moment for the commercial and public-safety UAS community to flag the operator-identification gap: there is no codified requirement that a mitigating agency check Remote ID or confirm authorization before acting against a non-threatening aircraft. If you want that in the final rule, the window to say so is now. A short, specific, operationally grounded comment carries more weight than a form letter.

There is a fairness question underneath all of this that the industry has raised before, the growing gap between what the rules demand of legal operators and what they permit against them. We examined that asymmetry in our analysis of two-tier airspace policy, and this rule is the sharpest example yet.

Bottom line

Counter-drone authority has moved from a federal-only capability to something your local police and corrections agencies can hold, with the FCC actively clearing the spectrum path to make it usable. For legal operators, the compliance burden did not change, but the operational risk did. Fly clean, broadcast clean, coordinate near protected sites, and put your comment on the record before September 4.

If your program needs a documented C-UAS exposure assessment for its operating areas, or a Remote ID and deconfliction posture review before the next event season, that is exactly the kind of pre-flight risk work worth doing before an ambiguous encounter does it for you.


Sources