Congress folded a set of targeted UAS measures into the Fiscal Year 2025 National Defense Authorization Act. Those provisions do two things at once: they create near‑term compliance checkpoints for certain foreign-produced unmanned systems while pushing the Department of Defense to strengthen domestic resilience for small UAS supply chains. The legal text is precise about deadlines and processes, but ambiguous in places that matter to operators, vendors, and public agencies.

The headline for most readers is Section 1709. That section requires an “appropriate national security agency” to determine, within one year of the Act’s enactment, whether specified communications or video surveillance equipment and services present an “unacceptable risk” to U.S. national security. The provision names two manufacturers explicitly, and then sweeps in their subsidiaries, affiliates, joint ventures, licensees, and services built on their equipment. If no agency completes the mandated determination within the one‑year window, the Federal Communications Commission is directed to add the listed equipment and services to its Covered List automatically. Once on that list, affected equipment can no longer receive required FCC equipment authorizations and would be effectively barred from import, sale of new models, or use on U.S. communications infrastructure in contexts that require FCC authorization.

That structure creates a tightly calendared risk profile. The Act was enacted on December 23, 2024, so the one‑year clock runs to December 23, 2025. The statute intentionally leaves the responsible agency unspecified, which has been central to industry concern: without a designated technical reviewer, the law allows an interagency choice that could result in either an evidence‑driven assessment or an administrative default triggering an automatic Covered List addition. Those procedural choices will determine whether outcomes rest on technical risk assessments or on default policy triggers.

Section 162 runs alongside Section 1709 but addresses a different problem: supply chain resiliency for small unmanned aerial systems. The Secretary of Defense must establish an integrated set of measures to identify sUAS supply chain risks and to increase reliance on domestic and allied sources. The law requires specific, actionable steps, including disassembly and technical analysis of commercially available foreign drone aircraft within 90 days, and broader strategy milestones within 180 days. Those measures are meant to give DoD and its partners a clearer picture of component provenance, firmware and communications architectures, and dependencies that could present single points of failure. For companies and public safety agencies that buy or operate sUAS for critical missions, Section 162 signals that DoD will accelerate efforts to cultivate U.S. and allied suppliers for components and subsystems.

Section 164, while narrower in appearance, is also important. It prohibits DoD operation, procurement, or contracting related to certain foreign‑made LiDAR technologies when those systems use software, network connectivity, or storage associated with specified covered foreign countries. The ban is not absolute; the statute provides exemptions for intelligence, EW, or test and training uses, and it allows the Secretary of Defense to issue waivers on a case‑by‑case basis with certification to congressional defense committees. Still, the provision underscores an appetite in Congress to treat certain sensing technologies with the same supply‑chain caution that has already been applied to other classes of equipment.

How to read the policy intent. Taken together, these sections reflect two bipartisan priorities: reducing potential foreign influence in communications and sensing equipment used on UAS, and building a more robust domestic ecosystem for mission‑critical systems. Analysts at the Congressional Research Service framed these authorities as part of a broader effort in FY2025 to counter uncrewed aircraft system threats and to address strategic dependencies that became salient during recent conflicts and supply‑chain disruptions. The statutory approach mixes mandated technical review, forced transparency to congressional committees, and explicit resilience building.

Industry and operator implications. Manufacturers and distributors named or captured by the statute have already pushed back on the lack of a clearly designated technical reviewer and on the prospect of administrative listing without a substantive audit. Operators that rely on widely used platforms should view the next 15 months as a period of elevated regulatory risk: procurement plans for new models could be impacted; continuity of firmware updates and component support for legacy fleets should be reviewed; and public safety or utility contracts that assume long equipment lifecycles may need contingency planning. Industry observers have noted that the legislation allows for cooperation and audit processes, but also that failure to act administratively would produce near‑automatic market consequences.

Practical steps for stakeholders. First, inventory and map dependencies. Public agencies and commercial users should inventory UAS fleets, document where radios, flight controllers, sensors, and cloud services are sourced or hosted, and identify which platforms would be affected if the FCC added equipment to its Covered List. Second, prioritize mission criticality. For roles where availability, long‑term support, or supply resilience is essential, consider qualifying alternate suppliers, holding spare parts, and building technical migration plans that preserve data and operational continuity. Third, engage technically and politically. Vendors and associations can press for a transparent, technical audit process and offer to cooperate; operators can brief contracting officers and program managers about operational impacts. Finally, watch the timetable. The statutory deadlines are concrete and will drive agency workloads and, potentially, rapid policy changes that ripple into procurement and compliance requirements.

Bottom line. The FY2025 NDAA made UAS equipment policy a near‑term regulatory priority for both security and industrial policy reasons. The law couples a one‑year determination mechanism that could dramatically limit some foreign‑produced UAS equipment with concrete steps to strengthen domestic small UAS supply chains. For the drone ecosystem — manufacturers, system integrators, public safety, and commercial operators — the prudent response is not panic but planning: document exposures, accelerate diversification where it makes operational sense, and engage in the technical review process so decisions are grounded in engineering evidence rather than default administrative placements.