Autonomous Systems Archives - Blakistons

admin.richard — Wed, 03 Jun 2026 16:49:56 +0000

White Paper

Beyond 2019

A New Counter Uncrewed Systems and Air Threat Resilience Strategy for the United Kingdom, After Ukraine and Iran

By Mr Richard Ryan, Barrister, Blakiston’s Chambers · June 2026

Status and method. This paper relies on primary and official sources, supplemented by reputable reporting for incident chronology. All facts are verified as at 2 June 2026. Battlefield figures drawn from active conflict reporting are attributed to their originating source and presented as attributed claims rather than judicially established fact. The paper contains no classified or privileged material. All footnote links are live.

The United Kingdom’s published national counter drone policy; the UK Counter-Unmanned Aircraft Strategy, presented to Parliament as Command Paper 187 on 21 October 2019^[1]; is materially out of date as a strategic document. It remains the only published national strategy in the field for the whole of government, yet it is now approximately six years and seven months old, and roughly three and a half years beyond its own planning horizon.

The strategy was sound for its time. It identified the highest harm illegal uses of small drones; terrorism, smuggling into prisons, disruption of critical national infrastructure; and prescribed layered intervention, industry standards, responder powers and public education.^[2] But it was expressly confined to malicious and illegal use of small aerial drones, in a domestic policing and protective security frame. That frame has been overtaken by operational reality in Ukraine and the Iranian theatre: massed one way attack drones, combined drone and missile salvos, container and special forces launch, dense electronic warfare, fibre optic command links and AI assisted guidance now define the threat.

Subsequent UK documents do not update the 2019 strategy; they work around it. The Defence Drone Strategy (2024),^[3] the Strategic Defence Review 2025,^[4] NPSA’s site specific guidance,^[5] and the Ministry of Defence’s 2026 pursuit of new defeat powers at military sites^[6] together form a patchwork of sectoral adaptations laid over an unrevised core. This paper argues that the 2019 strategy should be retired as a standalone statement and replaced by an integrated Counter Uncrewed Systems and Air Threat Resilience Strategy, supported by a consolidated legal code for detection, disruption and defeat, and by an annual ministerial statement to Parliament.

1. The threat has become a strategic mass system

The central lesson of 2024–2026 is not that drones have become more common but that they have become a strategic mass system — a consumable class of munition and sensor used for saturation, decoying, attrition of intelligence assets, target acquisition and the deliberate erosion of a defender’s cost exchange ratio. On the night of 2 June 2026, Ukraine’s air force reported that Russia had launched 656 drones and 73 missiles in a single overnight barrage, of which 602 drones and 40 missiles were downed or suppressed.^[7]^[8] Single salvos now routinely exceed several hundred drones.

Critical infrastructure has been directly affected. In February 2025 a Russian Geran-2 (Shahed type) drone struck the New Safe Confinement over Chornobyl’s reactor four;^[9] by December 2025 the International Atomic Energy Agency assessed that the structure had lost its primary safety functions, including confinement.^[10] In May 2026 a drone strike caused a fire at an electrical generator on the perimeter of the United Arab Emirates’ Barakah nuclear plant; a civilian reactor site; leaving one unit running on emergency diesel generators.^[11]^[12]

The homeland and deployed force dimension is now concrete for the United Kingdom. In early March 2026 a Shahed type drone struck a runway at RAF Akrotiri in Cyprus; a British Sovereign Base Area; causing limited damage,^[13] and the UK flew defensive sorties and, where requested, acted in the collective self defence of regional allies.^[14] Ukraine’s Operation Spider’s Web (June 2025) had already shown that 117 first person view drones launched from concealed truck borne containers could strike strategic bomber bases far from any front line, damaging more than 40 aircraft, with some guidance reportedly AI assisted.^[15]

A necessary qualification

Not every battlefield lesson maps to the British mainland. The most credible open analysis holds that long range Shahed type strikes on Great Britain would face high attrition because of geography and warning time, while shorter range drones launched from containers or by hostile special forces remain a credible risk to high value assets at home. The policy implication is to discriminate between vectors; not to import foreign assumptions wholesale, and not to dismiss the threat. A refreshed strategy should say so candidly.

2. Why the 2019 strategy can no longer stand alone

2019 provision	Current reality	Assessment
Focus on the highest harm illegal use of small aerial drones in the UK.	Concern now extends to defence sites, CNI in crisis or conflict, and state launched drones and missiles.	Too narrow as a national frame.
Short planning horizon from 2019.	Document is c. 6.6 years old; NPSA requires regular review because methods change quickly.	Formally stale; refresh overdue.
Empower police and responders.	MoD now seeks its own defeat powers at Defence sites because police only authorities are inadequate.	Institutionally outdated.
Aerial drones only.	New Defence policy extends to land and maritime uncrewed systems.	Conceptually outdated.
Counter drone as a discrete problem.	NATO now treats small UAS through hypersonic missiles as one integrated air and missile defence continuum.^[16]	The silo is no longer tenable.

The clearest institutional signal came in February 2026, when the Ministry of Defence reported 266 drone incidents near UK military sites during 2025 (up from 126 in 2024) and sought fresh statutory powers through the Armed Forces Bill; extending beyond aerial drones to land and maritime systems; to allow Defence personnel to defeat drones at their own sites without waiting for police intervention.^[6] When the armed forces must legislate around a framework built for policing to protect their own bases, that framework has expired.

3. The legal framework: developed, but fragmented

Domestic powers have expanded since 2019 but remain complex. The Air Traffic Management and Unmanned Aircraft Act 2021 created bespoke constabulary powers to ground, stop, search, inspect and seize unmanned aircraft, and amended section 93 of the Police Act 1997 to facilitate authorisations for certain counter drone measures.^[17]^[18] In the civil regime, the Civil Aviation Authority’s Direct Remote ID requirements came into force on 1 January 2026 for UK1, UK2, UK3, UK5 and UK6 class drones, with extension to most drones carrying a camera from 1 January 2028.^[19]

Yet lawful defeat is markedly harder than detection. Operational use of a jammer is generally an offence under section 68 of the Wireless Telegraphy Act 2006, and Ofcom has no power to authorise operational use; only narrow trial and research licences in shielded conditions.^[20] Government is separately examining the enforcement framework around jammers.^[21] Kinetic or electronic interference may amount to unlawful property or wireless interference absent proper authorisation; the Act’s own explanatory notes acknowledge as much. Techniques that take over a drone by software may engage the Computer Misuse Act 1990 and the Investigatory Powers Act 2016, and sensing engages the Data Protection Act 2018, the UK GDPR and the Human Rights Act 1998, which requires the state both to protect life from foreseeable threats and to keep its sensing and defeat measures necessary and proportionate. A lawful defeat chain is a designed legal artefact, not an improvisation.

Overseas action sits within international law. The Government’s March 2026 legal position on Iranian regional attacks invoked the collective self defence of allies under Article 51 of the UN Charter, subject to necessity and proportionality and Security Council notification.^[14] Once in armed conflict, drones attract no special category: they are governed by the ordinary rules of distinction, proportionality and precaution applicable to all weapons.^[22]

4. Recommendations

The Government should replace the 2019 strategy with a new instrument covering the whole of government. Five propositions should anchor it:

Integrate, do not append. A single Counter Uncrewed Systems and Air Threat Resilience Strategy spanning the Home Office, MoD, Cabinet Office resilience, CAA, Ofcom, NPSA, the intelligence community, prisons and CNI operators, aligned to NATO’s integrated air and missile defence framework.^[16]
Consolidate the law. A statutory code (or, at minimum, statutory guidance) defining who may detect, disrupt and defeat uncrewed systems, where, against which threat category, under what authorisation, with what recording and what review after an incident — differentiating urban areas, prisons, airports, defence sites and overseas operations.
Adopt a layered baseline that is alert to cost. Use NPSA’s site specific, threat informed model as the national spine,^[23] plugging into a wider air and missile defence architecture for higher end threats, and prioritising defeat options that are low in collateral, deep in magazine and economically rational. A missile fired at every cheap drone is not a strategy; it is a budgetary confession.
Treat industry and export control as readiness. Link procurement, export licensing, sanctions intelligence and sovereign industrial strategy, with secure by design and open architecture requirements across C-UAS procurement. A state that cannot source the components of its own counter drone systems is not strategically autonomous.
Compliance and oversight by design. Require a written legal basis, data minimisation, retention limits and human oversight for every C-UAS deployment by a public authority; subject identification by AI to documented necessity and a review of error rates; and provide Parliament an annual ministerial statement on C-UAS powers, deployments, tests, safety incidents, rights compliance and lessons learned, with NPSA and the ICO involved where domestic surveillance is concerned.

5. Conclusion

None of this discards the 2019 strategy’s best inheritance; its insistence on layered intervention over an optimism founded on gadgets, an instinct NPSA’s later guidance has only reinforced.^[5] The task is not to repudiate 2019 but to lift its sound protective security spine into an architecture wide enough for the threat that now exists: a spectrum of low cost, autonomous and electronically contested uncrewed systems, ranging from nuisance to war. The 2019 strategy answered the question of its decade. It is time to ask the question of this one.

About the author. Mr Richard Ryan is a barrister of Blakiston’s Chambers..

Footnotes & sources (23)

UK Counter-Unmanned Aircraft Strategy, CP 187, presented to Parliament 21 October 2019 (GOV.UK). https://www.gov.uk/government/publications/uk-counter-unmanned-aircraft-strategy ↩
UK Counter-Unmanned Aircraft Strategy (HTML version), GOV.UK, published 21 October 2019. https://www.gov.uk/government/publications/uk-counter-unmanned-aircraft-strategy/table ↩
Defence Drone Strategy — the UK’s approach to Defence Uncrewed Systems, GOV.UK, published 22 February 2024. https://www.gov.uk/government/publications/defence-drone-strategy-the-uks-approach-to-defence-uncrewed-systems/defence-drone-strategy-the-uks-approach-to-defence-uncrewed-systems ↩
The Strategic Defence Review 2025 — Making Britain Safer, GOV.UK, published 2 June 2025. https://www.gov.uk/government/publications/the-strategic-defence-review-2025-making-britain-safer-secure-at-home-strong-abroad ↩
NPSA, “Counter Uncrewed Aerial Systems (C-UAS)” specialised guidance. https://www.npsa.gov.uk/specialised-guidance/uncrewed-aerial-systems/counter-uncrewed-aerial-systems-c-uas ↩
Ministry of Defence, “New powers for Defence personnel to defeat drones following doubling of incidents near bases” (266 incidents in 2025, up from 126), GOV.UK, 2 February 2026. https://www.gov.uk/government/news/new-powers-for-defence-personnel-to-defeat-drones-following-doubling-of-incidents-near-bases ↩
“Russia launched 656 drones and 73 missiles” — figures attributed to the Ukrainian Air Force; CBS News, 2 June 2026. https://www.cbsnews.com/news/russia-ukraine-war-major-attacks-missile-drone-kill-several-wound-dozens/ ↩
NPR, “Russian attack on Ukraine kills at least 14”, 2 June 2026 (corroborating launch and interception figures). https://www.npr.org/2026/06/02/nx-s1-5844071/russian-attack-ukraine ↩
Chornobyl New Safe Confinement struck by a Geran-2 (Shahed type) drone, 14 February 2025: Greenpeace Ukraine mission report, 20 March 2025. https://www.greenpeace.org/ukraine/en/news/3504/fifty-percent-of-north-roof-structure-of-chornobyl-new-safe-confinement-shelter-severely-damaged/ ↩
IAEA assessment (December 2025) that the New Safe Confinement had lost its primary safety functions, including confinement (reported via United24/Reuters). https://united24media.com/latest-news/iaea-chornobyls-new-safe-confinement-can-no-longer-contain-radiation-after-russian-drone-attack-14067 ↩
Drone strike causing a generator fire at the UAE’s Barakah nuclear plant, 17 May 2026: Al Jazeera, 17 May 2026. https://www.aljazeera.com/news/2026/5/17/drone-strike-sparks-fire-at-uaes-barakah-nuclear-power-plant ↩
NPR, “Drone strikes UAE nuclear plant”, 18 May 2026 (IAEA: one reactor on emergency diesel generators). https://www.npr.org/2026/05/18/g-s1-122534/drone-strikes-uae-nuclear-plant ↩
Reuters, “Iranian-made drone hits British air base in Cyprus” (RAF Akrotiri runway strike, limited damage), 2 March 2026. https://www.aol.com/articles/iranian-made-drone-hits-british-121630466.html ↩
Summary of the UK Government legal position: the legality of defensive action in respect of Iranian regional attacks, GOV.UK (10 Downing Street), March 2026. https://www.gov.uk/government/news/summary-of-the-uk-government-legal-position-the-legality-of-defensive-action-in-respect-of-iranian-regional-attacks ↩
CSIS, “How Ukraine’s Operation Spider’s Web Redefines Asymmetric Warfare” (117 drones; 40+ aircraft struck; some AI assisted guidance). https://www.csis.org/analysis/how-ukraines-spider-web-operation-redefines-asymmetric-warfare ↩
NATO Integrated Air and Missile Defence Policy, 13 February 2025 (threat spectrum “from small… UASs to all types of cruise and ballistic missiles, including hypersonic”). https://www.nato.int/cps/en/natohq/official_texts_233084.htm ↩
Air Traffic Management and Unmanned Aircraft Act 2021 (c. 12), legislation.gov.uk. https://www.legislation.gov.uk/ukpga/2021/12/contents/enacted ↩
Explanatory Notes to the Air Traffic Management and Unmanned Aircraft Act 2021 (kinetic/jamming measures may amount to unlawful interference; amendment of s. 93 Police Act 1997). https://www.legislation.gov.uk/ukpga/2021/12/pdfs/ukpgaen_20210012_en.pdf ↩
UK Civil Aviation Authority, “Remote ID (RID)” — Direct RID in force from 1 January 2026 for UK1, UK2, UK3, UK5 and UK6 drones; extension from 1 January 2028. https://www.caa.co.uk/drones/regulations-consultations-and-policy-programmes/policy-programmes/remote-id-rid/ ↩
Ofcom, “GPS jamming exercises” — operational use of a jammer is an offence under s. 68 Wireless Telegraphy Act 2006; Ofcom cannot authorise operational use. https://www.ofcom.org.uk/spectrum/frequencies/gps-jamming-exercises ↩
DSIT, “Possession of radiofrequency jammers and the relevant legal framework” (call for evidence), GOV.UK, 2026. https://www.gov.uk/government/calls-for-evidence/possession-of-radiofrequency-jammers-and-the-relevant-legal-framework/possession-of-radiofrequency-jammers-and-the-relevant-legal-framework ↩
ICRC, “FAQ: international humanitarian law and the use of drones in armed conflict” (distinction, proportionality, precaution). https://www.icrc.org/en/article/faq-international-humanitarian-law-drones-armed-conflict ↩
NPSA, “Countering Threats from Uncrewed Aerial Systems — Making Your Site Ready”. https://www.npsa.gov.uk/resources/c-uas-making-your-site-ready ↩

The post appeared first on Blakistons.

The Drone in the Room: What the AI Act’s August Deadline Actually Means for Unmanned Aircraft

admin.richard — Mon, 01 Jun 2026 11:14:30 +0000

There’s a particular kind of frustration that comes from practising in a field that everyone assumes is covered by a law that, on close reading, barely mentions it. Drone law is one of those fields. People hear “AI Act” and “drones” in the same breath and assume the two slot neatly together; that the great European regulatory machine has, somewhere in its 113 articles, a tidy chapter telling me when my client’s counter-UAS system crosses a line. It doesn’t. And the gap between what people assume and what the text actually says is where most of my work now lives.

The newsletters keep landing in my inbox with their countdowns. The latest one fixes on 2 August; the date the AI Office acquires real teeth over general-purpose AI models. I read these updates the way a coastal town reads tide tables: not because every wave matters to me, but because I need to know which ones will reach the door. So let me work through what this particular tide actually touches, from the perspective of someone who spends their days arguing about machines that fly.

The autonomy problem nobody wants to define

Start with the thing that makes drones legally interesting in the first place: autonomy is a spectrum, and the law hates spectrums.

A consumer quadcopter holding position in a breeze is running control loops that would have been called “artificial intelligence” in a 1980s research paper. A military loitering munition selecting between candidate targets is doing something most people would unhesitatingly call AI, and find alarming. Between those two poles sits an enormous, messy middle; obstacle avoidance, automated return-to-home, “follow me” tracking, swarm coordination, automated target recognition that merely flags rather than decides. Where on that spectrum does a drone become an “AI system” in the meaning of Article 3?

This matters enormously and almost nobody asks it cleanly. The Act’s definition turns on a system that infers, from inputs, how to generate outputs that influence environments. Plenty of drone autonomy stacks meet that bar comfortably. Plenty of others; deterministic flight controllers executing fixed logic; arguably don’t. I have sat across the table from engineers who insist their navigation system is “just maths,” and they’re not entirely wrong, but “just maths” is also a fair description of every neural network ever trained. The line is not where intuition puts it.

Why the military carve-out is a trap, not a shield

Here is where I watch clients relax too early.

The AI Act contains an exclusion for systems used exclusively for military, defence or national security purposes. Counter-drone work, in particular, loves to shelter under this. The reasoning goes: we detect and defeat hostile UAS, this is inherently a security function, therefore the Act doesn’t reach us. Lovely. Except “exclusively” is doing ruthless work in that sentence, and the dual-use reality of this entire sector makes the exclusion far narrower than people want it to be.

The same RF-detection and optical-tracking stack that protects an airbase gets sold, with a different sticker, to protect a stadium, a prison, a private estate. The moment that system has a civilian commercial life; the moment it is placed on the EU market for protecting critical infrastructure rather than fighting a war; the exclusion frays. And critical infrastructure protection is precisely the kind of use the high-risk classification regime is built to capture. A counter-UAS platform that automatically classifies an incursion and cues a response near an airport is not obviously outside the high-risk net just because its cousin wears camouflage.

The targeted consultation on the high-risk classification guidelines, open until late June, is therefore not abstract bureaucracy to me. Those guidelines are where the boundary between “this is a security tool, leave it alone” and “this is a high-risk system, document everything” will actually get drawn through worked examples. Anyone in this sector who isn’t reading those drafts is choosing to be surprised later.

Article 50 and the drone you can’t see

Now the part that genuinely changes behaviour on the ground.

Article 50’s transparency obligations don’t care about risk tiers. They bite on situations; and one of those situations is biometric categorisation, another is emotion recognition, and another is content that interacts with or affects people. Picture the increasingly common deployment: a drone with a camera doing crowd monitoring, perimeter patrol, or event security. The instant that payload starts categorising people by biometric attributes, the deployer owes the exposed individuals notice. You cannot quietly run biometric categorisation from 120 metres up and treat the altitude as a privacy shield. The obligation attaches to what the system does, not to how far away the lens sits.

I find this is the provision that catches operators off guard, because it cuts against the entire instinct of aerial surveillance, which is to be unobtrusive. The law is, in effect, telling a category of drone operator that unobtrusiveness is now sometimes unlawful. That is a genuinely interesting collision between the technology’s reason for existing and the regulation’s reason for existing, and it is going to generate litigation.

The sandbox that slipped a year

There was a small piece of news in the recent updates that I suspect most readers skimmed: the establishment deadline for regulatory sandboxes has been pushed from August 2026 to August 2027.

For most industries that’s a footnote. For drones it’s meaningful, because the sandbox model is arguably better suited to unmanned aviation than to almost any other AI domain. We already have a mature culture of supervised, geographically-bounded testing; segregated airspace, specific operational risk assessments, temporary danger areas. A regulatory sandbox is conceptually just that culture extended from airworthiness into algorithmic compliance. The delay means the one mechanism that could let a counter-UAS startup test automated-response logic on real incursions, under supervision, with some shelter from fines, won’t materialise on the original timetable. The companies most in need of a structured way to prove their systems are safe will spend another year improvising compliance instead. Whether that protects the public or merely protects incumbents is the kind of question I find genuinely unresolved.

What I’m telling clients

The honest summary I give, stripped of comfort, runs roughly like this. The August date isn’t your date; it’s aimed at the makers of large general-purpose models, and most drone autonomy doesn’t live there. But the regime those powers belong to is the same regime whose high-risk rules and Article 50 duties absolutely will reach you, and the classification guidelines being drafted right now are where your fate gets decided. Don’t wait for enforcement to tell you which side of the line you’re on. The structured dialogue the AI Office favours means the first contact is likely to be a request for documentation, not a fine; which means the clients who survive comfortably are simply the ones who wrote the documentation before anyone asked.

Drones made autonomy visible; something you can point at in the sky. That visibility is exactly why this sector will be among the first places the AI Act’s abstractions get tested against physical reality. I’d rather my clients be the test case that wins than the cautionary one. The tide tables are right there in my inbox. The only real choice is whether to read them.

This is not legal advice; if you’re making compliance decisions about a specific system, get advice tailored to it.

About the author
Richard Ryan is a Direct Access Barrister at Blakiston’s Chambers, and a chartered arbitrator and accredited mediator, specialising in drone and counter-drone law. He advises operators, manufacturers, UTM providers, insurers and public bodies across the full UAS spectrum — regulatory permissions and BVLOS approvals, C-UAS deployment at airports, prisons and critical infrastructure, data and privacy, liability and high-value disputes. Instruct him directly or through solicitors.

The post The Drone in the Room: What the AI Act’s August Deadline Actually Means for Unmanned Aircraft appeared first on Blakistons.

How Europe’s new AI rulebook would (and wouldn’t) touch autonomous combat aircraft—and what the defence carve?outs really mean

admin.richard — Thu, 06 Nov 2025 18:28:20 +0000

By Richard Ryan, barrister and drone lawyer

How Europe’s new AI rulebook would (and wouldn’t) touch autonomous combat aircraft — and what the defence carve-outs really mean.

In Brief…

Purely military AI systems are out of scope of the EU AI Act. If an AI system is developed or used exclusively for military/defence or national-security purposes, the Act does not apply. (EUR-Lex)
Dual-use is different. If the same autonomy stack, sensors or models are marketed or used for civilian purposes in the EU (for example, civil UAS, border or law-enforcement tasks), the Act can apply — with stringent duties for “high-risk” systems. (EUR-Lex)
Real-world testing is regulated. Pre-market R&D is generally excluded, but real-world testing isn’t — it requires specific safeguards and registration. (EUR-Lex)
Foundation models (GPAI) have their own rules from 2 Aug 2025; the defence carve-out in the Act is written for AI systems, not explicitly for models. If a model is placed on the EU market generally, the provider’s GPAI obligations can still bite. (EUR-Lex)

Context: sUAS News reports that GA-ASI is showcasing its autonomous fighter portfolio (for example, YFQ-42A CCA, MQ-20 Avenger) at the International Fighter Conference in Rome, 4–6 Nov 2025. This post overlays that scenario with the EU AI Act’s rules.

1) First principles: When does the EU AI Act apply?

The Act has extraterritorial reach. It covers (i) providers and deployers in the EU, (ii) providers placing on the EU market or putting systems into service in the EU — even if they are not established here — and (iii) providers/deployers in third countries where the AI system’s output is used in the EU. (EUR-Lex)

However, Article 2(3) draws a bright line: the Act does not apply to AI systems used exclusively for military, defence or national security. It also does not apply where a system is not placed on the EU market but its output is used in the EU exclusively for those purposes. Recital 24 reiterates this and clarifies that non-defence use falls back under the Act. (EUR-Lex)

What this means in Rome:

A closed, defence-only showcase for European militaries: out of scope.
A civil-use pitch, civil flight trials, or plans to sell autonomy modules to EU civilian buyers: in scope (see the high-risk section below). (EUR-Lex)

2) The key defence carve-outs (and their limits)

Carve-out #1 — Defence/military:

“This Regulation shall not apply to AI systems … used exclusively for military, defence or national security purposes.” (Article 2(3))

Two important nuances:

Exclusivity matters. The moment an autonomy stack or sensor suite is also marketed or used for civilian or law-enforcement tasks, the defence exclusion no longer shields those non-defence uses. (EUR-Lex)
Models vs systems. The text explicitly excludes AI systems for defence; it does not create an explicit defence exclusion for general-purpose AI models. If a GPAI model is placed on the EU market, Chapter V obligations for model providers can still apply — even if one downstream customer is a defence user. (More on GPAI below.) (EUR-Lex)

Carve-out #2 — Pre-market R&D:
R&D before placing on the market is generally outside scope, but real-world testing is not. Testing in real-world conditions triggers a dedicated regime (for example, registration, time limits, informed consent or special conditions for law enforcement, incident reporting). (EUR-Lex)

Carve-out #3 — Emergency derogations (non-defence):
For exceptional public-security reasons (or imminent threats to life/health), market surveillance authorities can authorise temporary use of a high-risk AI system before full conformity assessment — subject to strict conditions. Law-enforcement or civil-protection bodies can also use in urgent cases, then seek authorisation without undue delay. This is not a defence-specific carve-out, but it explains emergency deployments outside the military context. (EUR-Lex)

3) If the defence exclusion doesn’t apply, would autonomous fighters tech be “high-risk”?

Very likely yes — for civil variants or dual-use spin-outs:

Annex I (product-safety route). AI that is a safety component of products covered by sectoral EU safety laws is high-risk where those products need third-party conformity assessment. That list explicitly includes EU civil aviation law (Reg. 2018/1139) — covering unmanned aircraft and their remotely controllable equipment. In a civil-UAS configuration, an autonomy stack acting as a safety component would be regulated as high-risk. (EUR-Lex)
Annex III (stand-alone uses). Separate “high-risk” buckets also capture, for example, remote biometric identification and other sensitive functions (if and where permitted by Union/national law), critical infrastructure safety components, and more. If a fighter-born sensing suite were repurposed for civil border surveillance or public-space identification, you quickly hit these Annex III categories. (EUR-Lex)

What “high-risk” demands in practice
Providers must implement a risk-management system, data governance, technical documentation, logging, transparency/instructions, human oversight, and accuracy/robustness/cybersecurity — then pass conformity assessment, issue an EU Declaration of Conformity, and affix CE marking. Deployers also carry duties (for example, monitoring, data relevance, user notification in some cases). (EUR-Lex)

4) Sensors on show: what about face recognition and other “red lines”?

The EU bans several AI practices outright (from 2 Feb 2025), including:

Untargeted scraping of facial images to build recognition databases.
Biometric categorisation inferring sensitive traits (for example, race, political opinions, religion).
Emotion recognition in workplaces or schools (with narrow safety/medical exceptions).
Predictive “risk assessments” of criminality based solely on personality traits/profiling.
Real-time remote biometric identification (RBI) in public spaces for law enforcement — unless strictly authorised and necessary for narrowly defined objectives (for example, locating a specific suspect in serious crimes, preventing a specific imminent threat, finding missing persons), with prior judicial/independent approval and registration. (EUR-Lex)

Implication for a trade-show demo: training a camera on attendees to test real-time RBI in a public venue would likely be unlawful unless those strict law-enforcement exceptions and procedural safeguards apply — which they typically will not at a commercial defence conference. (EUR-Lex)

5) Real-world testing in the EU (civil or dual-use variants)

If a provider runs real-world flight tests in the EU (outside the defence exclusion), the Act requires — among other things — registration, an EU-established entity or EU legal representative, limits on duration (normally up to six months, extendable once), rules on informed consent (with special handling for law-enforcement tests), qualified oversight, and the ability to reverse/ignore the system’s outputs. Serious incidents must be reported promptly. (EUR-Lex)

6) Foundation models (GPAI): obligations can still attach

From 2 Aug 2025, Chapter V sets baseline transparency and copyright-policy duties for providers of general-purpose AI models (with extra obligations if the model presents systemic risks). The defence exclusion in Article 2(3) is framed for AI systems, not models. So, if a foundation model is placed on the EU market, the model provider can have obligations even if a downstream customer is a defence prime. (Open-source specifics and systemic-risk thresholds also apply.) (EUR-Lex)

7) Timelines you need in Rome (as of 6 Nov 2025)

Entry into force: 1 Aug 2024 (20 days after OJ publication).
Prohibited practices + core chapters (I–II): apply from 2 Feb 2025.
GPAI rules (Chapter V), plus other chapters (III §4, VII, XII, and Article 78): apply from 2 Aug 2025.
General application: 2 Aug 2026 (high-risk regime starts to bite broadly).
Article 6(1) Annex III classification trigger & related obligations: 2 Aug 2027. (EUR-Lex)

8) Enforcement and penalties

Violating prohibited practices (Article 5) can draw fines up to €35m or 7% of worldwide annual turnover, whichever is higher.
Other operator obligations can reach €15m or 3%; supplying misleading information can reach €7.5m or 1% (SMEs benefit from caps). Separate fine scales apply to EU institutions. (EUR-Lex)

9) Practical playbook for IFC attendees

If you are a defence OEM showing autonomy stacks:

Map uses: Defence-only (excluded) vs any civil or law-enforcement pathways (potentially in scope). Document the exclusivity of defence deployments if you rely on the carve-out. (EUR-Lex)
GPAI suppliers: If you place a foundation model on the EU market, expect Chapter V duties regardless of defence customers. (EUR-Lex)
No RBI demos on the show floor. Those prohibitions already apply in 2025. (EUR-Lex)
Planning EU flight tests for civil variants? Prepare for real-world testing conditions (registration, oversight, incident reporting). (EUR-Lex)
For civil UAS commercialisation, treat your autonomy as high-risk (EASA product-safety route), budget time for conformity assessment and CE marking. (EUR-Lex)

If you are a European ministry or agency:

Distinguish military operations (out of scope) from law-enforcement or border uses (in scope; watch RBI limits and high-risk duties). Consider Article 46 emergency derogations only in exceptional and documented cases. (EUR-Lex)

If you are a civil UAS integrator:

Expect the full high-risk package (risk management, data governance, human oversight, cybersecurity, logs, conformity assessment, CE). Build compliance into your system architecture, ML pipelines, safety cases, and ops manuals from day one. (EUR-Lex)

10) Quick decision pathway

Is the use exclusively defence or national security?
Yes: AI system is out of scope.
No: continue. (EUR-Lex)
Is it a civil product or law-enforcement/border use?
Civil product with safety function (for example, civil UAS): High-risk via Annex I ? conformity assessment + CE. (EUR-Lex)
Stand-alone sensitive use (for example, RBI, critical infrastructure): Annex III high-risk or Article 5 prohibition applies. (EUR-Lex)
Is there a GPAI model being placed on the EU market?
Yes: Chapter V duties for model providers from 2 Aug 2025, separate from the defence carve-out for systems. (EUR-Lex)
Is this pre-market testing?
Real-world testing rules apply (registration, oversight, incident reporting). (EUR-Lex)

Bottom line for “Autonomous Fighters in Rome”

A military-only display of GA-ASI’s autonomous fighters is outside the AI Act.
Any civil spin-off (cargo drones, civil surveillance, airport ops) or law-enforcement application in the EU will trigger the Act — often at the high-risk level — together with tight prohibitions around biometric uses in public spaces. Plan your compliance architecture accordingly. (EUR-Lex)

This article is informational and not legal advice. Citations are to the Official Journal text of the Artificial Intelligence Act (Regulation (EU) 2024/1689) for scope (Art. 2), prohibitions (Art. 5), high-risk regime (Ch. III), real-world testing (Arts. 57–61), GPAI (Ch. V incl. Art. 53), timelines (Art. 113), and penalties (Art. 99–101).

About the author — Richard Ryan

Richard Ryan is a UK barrister (Direct Access), mediator and Chartered Arbitrator (FCIArb), and a Bencher of Gray’s Inn. He practises across defence, aerospace, construction, engineering and commodities, with a leading specialism in drone and counter-drone law, unmanned aviation regulation, and AI-enabled safety and compliance. Richard advises government, primes and operators on EU/UK UAS frameworks, BVLOS, U-space/UTM and the EU AI Act. He leads Blakiston’s Chambers and contributes regularly to industry guidance and policy consultations.

The post How Europe’s new AI rulebook would (and wouldn’t) touch autonomous combat aircraft—and what the defence carve?outs really mean appeared first on Blakistons.

AI Drone Swarms and the EU AI Act: A Game-Changer in Modern Warfare?

admin.richard — Sat, 16 Nov 2024 17:44:52 +0000

AI Drone Swarms and the EU AI Act: A Game-Changer in Modern Warfare?

By Richard Ryan, Drone Lawyer

The recent trials conducted by the AUKUS nations—Australia, the United Kingdom, and the United States—mark a significant milestone in the integration of artificial intelligence (AI) and autonomy within military operations. The deployment of AI-enabled uncrewed aerial vehicles (UAVs) capable of locating, disabling, and destroying ground targets presents both remarkable advancements and complex legal challenges, particularly in the context of the European Union’s AI Act.

As a drone lawyer with over 20 years of experience in the UK, I find it imperative to dissect the interaction between these groundbreaking trials and the regulatory landscape shaped by the EU AI Act. This discussion aims to highlight the risks, oversight issues, and intellectual property considerations that arise when integrating AI algorithms into military UAV swarms.

Understanding the EU AI Act’s Impact

The EU AI Act seeks to establish a comprehensive regulatory framework for AI technologies, focusing on transparency, accountability, and human oversight. High-risk AI systems, which include those used in critical infrastructure and law enforcement, are subject to stringent requirements. Military applications, while often exempt from certain civilian regulations, still operate under international humanitarian laws and ethical guidelines that resonate with the Act’s principles.

The AUKUS trials demonstrate the use of AI in autonomous systems for military purposes. The AI-enabled UAVs operated collaboratively, sharing data seamlessly across nations. While the Act primarily governs civilian AI use within the EU, the ethical considerations it embodies cannot be ignored in military contexts, especially when such technologies might eventually influence civilian sectors.

Risks and Oversight Challenges

One of the foremost risks is the potential for AI algorithms to make autonomous decisions without adequate human oversight. The EU AI Act emphasizes the necessity of meaningful human control over AI systems, particularly those capable of impacting human lives. In the AUKUS trials, although a human operator was involved, the level of autonomy granted to the UAVs raises questions about compliance with the Act’s standards if similar technologies were deployed within the EU.

Data exchange and interoperability between the three nations introduce another layer of complexity. The seamless sharing of information enhances operational efficiency but also raises concerns about data protection and cybersecurity. Ensuring that sensitive data transmitted between UAVs and control systems is secure aligns with the Act’s requirements for robust data governance.

The Case for a Simulation Sandbox

To address compliance with the EU AI Act, conducting such trials within a simulation sandbox could be a prudent approach. A sandbox environment allows for the testing and validation of AI algorithms in a controlled setting, mitigating risks associated with real-world deployment. It enables developers to assess the AI’s decision-making processes, identify potential flaws, and ensure adherence to ethical and legal standards before actual implementation.

Moreover, a sandbox can facilitate transparency and accountability, key tenets of the EU AI Act. By documenting the AI’s performance and decision rationale within simulations, stakeholders can provide evidence of compliance and readiness for safe deployment.

Intellectual Property Considerations

Introducing AI algorithms into a regulatory sandbox presents intellectual property (IP) risks that must be carefully managed. Proprietary algorithms and technologies shared within the sandbox could be exposed to unauthorized access or misuse. Protecting IP rights is crucial to encourage innovation and maintain competitive advantages.

To mitigate these risks, clear agreements outlining the ownership, usage rights, and confidentiality obligations related to the AI algorithms are essential. Collaborative efforts, such as those seen in the AUKUS trials, require robust legal frameworks to safeguard each party’s IP while promoting shared development goals.

Conclusion

The integration of AI and autonomous systems in military applications is an evolving frontier that necessitates careful navigation of legal and ethical landscapes. The EU AI Act, while primarily focused on civilian applications, provides valuable guidance on managing high-risk AI systems.

By recognising the risks and oversight challenges presented by the AUKUS AI-enabled UAV trials, stakeholders can proactively address compliance issues. Utilising simulation sandboxes offers a viable pathway to refine these technologies within the bounds of regulatory requirements.

Intellectual property considerations remain a critical aspect of this process. Ensuring that AI algorithms are protected within collaborative environments will foster innovation while maintaining legal integrity.

As we advance into this new era of AI-driven military capabilities, a balanced approach that harmonises technological potential with regulatory compliance will be essential. The lessons learned from these trials will undoubtedly shape the future of AI in both military and civilian spheres.

—

About Richard Ryan

Richard Ryan is a leading drone lawyer based in the United Kingdom, with over 20 years of legal experience as a direct access barrister. Specializing in the legal aspects of unmanned aerial systems and AI technologies, Richard has advised government agencies, defense contractors, and private enterprises on compliance, intellectual property, and regulatory matters. His extensive expertise bridges the gap between cutting-edge technological advancements and the complex legal frameworks that govern them.

The post AI Drone Swarms and the EU AI Act: A Game-Changer in Modern Warfare? appeared first on Blakistons.