This post was written more than four years ago. The world changes fast, and the information, conclusions, or attributions may or may not still be accurate. Check the sources and links, and email me if you have any questions.

In 2008, the CEO of General Motors took some heat for the mode of transportation he chose as he went to Washington to ask for taxpayer bailouts: GM’s corporate jet.

In recent years, there’s been news of extralegal CIA rendition flights, the FBI flying small Cessna planes registered to shell companies and loaded with surveillance gear, and many stories of waste, fraud, and civil rights violations, exposed only through journalists’ access to flight location data.

With GM’s ensuing embarrassment, the company added their planes to the FAA’s Block Aircraft Registration Request (BARR) system—popular with corporations, governments, and the military—blocking identification and location information from data feeds sent to vendors and flight tracking websites.

But government data feeds are not the only way to figure out where a plane is.

While plane transponder pings are intended to be seen by air traffic control and nearby aircraft for safety purposes, they’re unencrypted and perfectly legal to intercept at home.

If you want to see when a family member’s flight is really going to land, chances are you’ll check a website or app like FlightAware or Flightradar24. These services do use government data feeds, but more commonly, they’re powered by aviation geeks with cheap antennas sitting in their kitchen window sill, listening for transponder signals from planes in real-time, and sending the data back to a central server.

Up until recently, it was hard for a solo aviation geek to find much use in transponder pings they could pick up on their home-brewed antenna, as you needed multiple receivers in a region receiving transponder pings at the same time to figure out where a plane is (a process called ‘multilateration’). But with a large network of these antennas—and Flightradar24 has over 10,000 of them—flight tracking websites’ real-time coverage exceeds that of all government entities in the world combined.

Unsurprisingly, corporations and governments were not thrilled with the idea.

The National Business Aviation Association (NBAA) has lobbied hard on this issue, calling for a solution to maintain privacy and preserve business competitiveness through encrypting transponder pings or using identifiers that rotate every day to make identification more difficult.

While the FAA is engaged in those conversations, their glacially-slow technology adoption and the reluctance of aircraft operators eager to spend thousands of dollars to install new equipment mean that technical changes are unlikely to occur in the coming decade.

So, pilots are sending out their location in real-time whether they like it or not.

But being businesses wanting to protect their commercial interests, both FlightAware and Flightradar24 have voluntarily adhered to industry block lists and the BARR List.

Initially, Flightradar24 addressed flight access blocking in some vague forum posts, saying they didn’t even want to talk about it to keep it “as below radar as possible,” later stating, that “…for security and privacy reasons, information about some aircraft is limited or blocked. This includes most military aircraft and certain high profile aircraft, like Air Force One.”

Similarly, FlightAware staff said over a decade ago, “…we respect the privacy of those owner/operators who have chosen to include their aircraft in the blocked aircraft listing … we want to honor the spirit and intent of the BARR program … if this decision causes us to lose the ‘market’ of people who are only interested in tracking blocked flights, then we are willing to accept the loss of those people.”

Privacy seems like a sensible explanation—you wouldn’t want the location of your car being broadcast online—but these sites have a business stake in playing nice and avoiding provocation of litigation and adverse legislation. FlightAware also saw it as a monetization opportunity, charging $90 per month for ‘selective unblocking’ to allow pilots to hide their location data from the public, while allowing selected vendors, partners, or family to see.

But now, virtually all commercial planes’ transponder pings include self-reported GPS coordinates through a system called ADS-B (Automatic Dependent Surveillance–Broadcast). It will be a requirement for all aircraft in U.S. controlled airspace by 2020. While complex multilateration will remain useful, you no longer need a big network of antennas to calculate where aircraft are; the planes tell you themselves.

With under $100 in parts available on Amazon, and a little patience while following along with one of countless tutorials on YouTube, you can setup an antenna and pick up transponder pings at home, with location data. Block lists be damned.


In an age of leaks, anti-censorship, fighting secrecy, and decentralization, the founder of a website called ADSBexchange saw an opportunity to create a “co-op of unfiltered flight data” as an alternative to other flight tracking websites.

Blocking of aircraft position data seemed like “security theater” to ADSBexchange’s founder, who wrote, “Any concern that ‘bad guys’ might use this information needs to be tempered with the fact that anyone can easily build their own basic receiver that can grab this information for less than $100, and deploy it themselves without any help whatsoever.”

ADSBexchange “does not remove information from our service platforms unless a subpoena or court order valid in our jurisdiction is received requiring us to do so,” their policy states, “Should any aircraft data be legally required to be filtered from our system, [we] will inform it’s users which aircraft have been so restricted and why … We’re open to hearing from you, but understand in almost all cases we do not remove information from the site.”

ADSBexchange says that to date, no aircraft have been removed or blocked from their site.

In 2015, the site had spot coverage of a few cities in the United States. Now, the site has grown in popularity with over 1,000 antenna receivers reporting data in real-time. Antenna operators can easily add to or replace FlightAware or Flightradar24’s servers with that of ADSBexchange.

ADSBexchange has already proven its worth in a breaking news event, recently gaining attention as New Yorkers grew concerned about the presence of unannounced low-flying military aircraft over Manhattan in December. Because military planes were blocked on other websites, ADSBexchange was one of the only places aviation enthusiasts and journalists could easily turn to for updates.


So, how long will this last?

On one hand, one’s imagination could go wild with the potential ‘bad actor’ scenarios. Burglars could target general aviation pilots when they know they’re out flying. A live feed of plane location data could power a missile launcher. Military operations could be discovered before being announced to the public. A CEO or official could be targeted for ransom upon arrival to an airport. When drones start reporting data, expensive packages could be ‘hijacked’.

On the other hand, not all risks are worth compensating for, and not every risk warrants new laws.

A FlightAware representative told Mother Jones in 2009 that they weren’t aware of any security incidents as a result of them publishing flight data, further saying, “All the flights within the national airspace are using resources being paid for by everyone since it’s publicly funded … It’s a freedom of information and transparency issue to us.” An interesting take from the company who not only hides data upon request, but has found a way to profit from that system.

We’ve ruled out any technical changes happening anytime soon, but legislation and litigation both seem like distinct possibilities, likely to produce unintended results.

Again, receiving plane transponder pings is not against the law in the United States. The FAA’s website even says that “divulgence of broadcasts related to ships, aircraft, vehicles or persons in distress” is legal. But, the federal Communications Act makes it unlawful to receive transmissions in the frequencies allocated to cellular phone services, so could planes be added?

Not without hurting the sites playing by the unwritten self-imposed rules like FlightAware and Flightradar24. These services have ADS-B coverage in dead-spots not covered by any government aviation authority, and their data has been critical in investigating aviation disasters. Selective regulation based on intent is unenforceable.

Lawsuits from powerful industry lobbyists, wealthy elites, or the government—legitimate or not—could certainly down a small hobbyist site like ADSBexchange, but at the risk of triggering a major Streisand Effect.

If collecting the signals remains legal, but ignoring block lists isn’t, it would be only a matter of time—excuse the buzzwords—before the data gets transmitted through anonymizing proxies, distributed through censorship-resistant peer-to-peer technologies, and verified on the blockchain.

A fight over transponder data is likely to rise to a boil in the coming years, but authorities likely have no idea what they’re up against.


This post skips over a lot of technical details involving Mode S, ADS-B, and multilateration (MLAT), as well as recent changes to the FAA’s BARR list and ASDI block systems, because they aren’t relevant to the point of discussion. If you’re interested in reading about how multiple 1090MHz Mode S receivers can position aircraft without the aircraft self-reporting its coordinates, FlightAware has a good MLAT explainer. If you’d like to see an update on the BARR/ASDI block program, see here. There is a flight tracking service that does use peer-to-peer technologies called PlanePlotter, but they say they respect jurisdictional restrictions in allowing that component of the service to operate, and there are reports of PlanePlotter using a blocklist, so I excluded them from the post.