When the Federal Communications Commission (FCC) dropped its bombshell ruling in December 2025, adding Chinese drone behemoth DJI to its “Covered List,” it sent immediate shockwaves through the American drone industry. In a single stroke, the U.S. government effectively blocked any new DJI models and critical components from entering the country, citing national security concerns under the National Defense Authorization Act (NDAA).
Now, six months later, DJI is fighting back with the one thing regulators have arguably been missing: hard technical data.
In June 2026, DJI formally presented the FCC with a comprehensive, independent cybersecurity assessment conducted by U.S.-based firm OnDefend. The 16-page report’s conclusion? There are no backdoors, no data leaks, and zero critical security threats in DJI’s flagship drones.
But will technical proof be enough to sway a regulatory body whose concerns may no longer just be about data privacy, but rather geopolitical supply chains?
The “Mic Drop” Audit: What OnDefend Actually Found:
For years, the core argument against DJI in Washington has been that its hardware could secretly siphon sensitive U.S. infrastructure data or user information back to the Chinese government. To test this theory, DJI commissioned OnDefend, a Florida-based cybersecurity firm staffed by former military and government security professionals.
Crucially, the testing methodology was designed to be blind. Over a five-month period from October 2025 to March 2026, OnDefend purchased consumer models (like the **DJI Air 3S**) through normal retail channels and sourced enterprise models (like the **DJI Matrice 4E**) directly from existing dealer inventories. DJI had no idea which specific units were being tested, making it impossible for the manufacturer to provide “sanitized” or modified hardware for the audit.
The results directly challenge the prevailing narrative in Washington.
| Security Concern | OnDefend’s Audit Findings |
|—|—|
| **Hidden Backdoors** | Zero evidence of backdoors or unauthorized remote-access mechanisms. |
| **Data Transmission** | No evidence of any data being transmitted to servers outside the United States. |
| **Hijacking Potential** | No viable pathways for weaponization or hijacking the tested systems. |
| **Hardware Tampering** | No supply-chain tampering or unauthorized hardware modifications detected. |
| **Vulnerabilities** | **Zero** critical, high, or medium-risk vulnerabilities discovered during testing. |
The firm did identify 10 “low-risk” findings and a few minor observations—largely related to application security configurations and wireless hardening—which DJI has pledged to patch via routine software updates. Ultimately, OnDefend concluded that nothing in the drones represented a realistic threat to safe operations or widespread data exposure.
## Staggering Real-World Consequences
While the FCC and DJI debate cybersecurity in Washington, the collateral damage of the ban is being felt across rural America, small businesses, and local municipalities.
DJI estimates the restrictions could cost the company up to $1.5 billion in lost U.S. revenue in 2026 alone. But the true cost is being borne by the American professionals who rely on the technology daily. The FCC’s petition process has been flooded with over 3,000 public comments—roughly ten times the normal volume for such proceedings.
The outcry is coming directly from the people who fly these machines:
* **Agriculture:** Farmers who rely on heavy-lift ag drones for precise crop spraying, weed control, and field mapping are effectively stranded. Currently, there is no American-made agricultural drone platform that can compete with DJI on price, payload capacity, and reliability.
* **Public Safety:** Fire departments and search-and-rescue teams use thermal-equipped DJI drones to find missing persons and monitor structural fires. Being cut off from battery replacements, motor parts, and new models threatens to ground essential life-saving fleets.
* **Small Businesses:** Independent filmmakers, roof inspectors, and real estate photographers operate on tight margins. Forcing them to transition to significantly more expensive, and often less capable, domestic alternatives could put many out of business entirely.
As one commercial drone operator summarized in an FCC filing: *”I fully support reasonable security standards… However, broad restrictions or bans on foreign-built drones would create significant hardship for many responsible users, farmers, ranchers, small businesses, photographers, and landowners.”*
## The Moving Goalposts: Security vs. Supply Chain
Here is where the DJI situation gets incredibly complicated. Even with a clean bill of health from a respected U.S. cybersecurity firm, the FCC might not reverse its ban. Why? Because the actual definition of “national security” among federal agencies has subtly shifted.
In the early days of the drone debate, the focus was almost entirely on platform-level cybersecurity—fears of spyware, remote hijacking, and data exfiltration. OnDefend’s audit thoroughly dismantles those specific fears. However, U.S. government officials have recently begun framing the DJI problem through a completely different lens: **supply chain resilience and strategic manufacturing capacity.**
Travis Metz, Director of the Defense Innovation Unit (DIU), recently highlighted the broader challenge, noting that if the United States were ever in a conflict with a likely adversary, that adversary would not sell the U.S. the parts needed to build millions of drones.
In this context, restricting DJI isn’t just about stopping a drone from taking a rogue photo of a power plant. It is widely viewed as a state-sponsored protectionist measure designed to artificially stimulate the American drone manufacturing sector by kneecapping its biggest competitor. The government recognizes that as long as DJI is allowed to operate freely in the U.S. market, American drone startups—which simply cannot match DJI’s economies of scale, decades of R&D, and low pricing—will struggle to survive.
## What Happens Next?
DJI’s decision to hand-deliver this report to the FCC, including a direct meeting with the office of FCC Chairman Brendan Carr, proves the company isn’t going down without a fight. By getting the OnDefend audit officially on the FCC record, DJI is laying the groundwork for a massive legal battle. They are forcing regulators to justify exactly *why* the ban is necessary when independent technical evidence says the hardware is safe.
The FCC is now backed into an awkward corner. If they maintain the ban despite the audit, they tacitly admit that the policy is rooted in economic protectionism and broad geopolitical posturing rather than verifiable, immediate cybersecurity threats.
For the thousands of American farmers, filmmakers, and first responders waiting in limbo, the outcome of this standoff will determine not just what brand of drone they fly, but whether they can afford to keep their businesses off the ground.
No Backdoors or Spyware: DJI’s Proof to the FCC
For a deeper dive into the methodology behind the independent security audit and its potential impact on U.S. technology restrictions, this video breaks down the findings.
English