Drones have been discussed frequently in both governmental and commercial sectors for their normalization in the airspace. Nonetheless, drones bring diverse privacy concerns to users. In this paper, we explore the ramifications to data privacy from the perspective of drone owners. To investigate privacy in this context, four experiments targeting a commercial drone were conducted using open-source software. The experiments identified personal data (e.g., audio, video, and location) that are at risk of being compromised particularly through the execution of a basic deauthentication attack launched at a commercial drone. Our findings indicate the severity of risks affecting commercial drones. This makes the case for more effective privacy regulations and better guidelines suitable for securing drones.