Drones were, not many years ago, an exotic item, straight from SF movies. In very few years, they have become ubiquitous, and FOSS has played a fundamental role in this very fast expansion. Several important drone platforms and software rely on FOSS components, and one of the most prominent projects, Dronecode, is governed by the Linux Foundation. The expansion of drones has triggered a regulatory frenzy, not only at the national level, but also at the European one: EASA (the European Aviation Safety Authority) has already released the second draft of the ‘Prototype’ Commission Regulation on Unmanned Aircraft Operations, which may be approved during 2017, while the EU General Data Protection Regulation 2016/679 has several articles which have a direct influence on the developing of drones. Principles like data protection by design and data protection by default cannot be ignored for developers involved in FOSS drone platforms. The talk will examine the current (and future) European Legal framework, in order to assess the interactions between EU safety security and privacy regulations, and the “FOSS powered” development of drones.