Federal Register, Volume 72 Issue 163 (Thursday, August 23, 2007)

[Federal Register Volume 72, Number 163 (Thursday, August 23, 2007)]
[Proposed Rules]
[Pages 48356-48391]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E7-15960]

[[Page 48355]]

-----------------------------------------------------------------------

Part III

Department of Homeland Security

-----------------------------------------------------------------------

Transportation Security Administration

-----------------------------------------------------------------------

49 CFR Parts 1507, 1540, 1544, and 1560

Secure Flight Plan; Proposed Rule

Privacy Act of 1974: System of Records; Secure Flight Plans; Notice

Privacy Act of 1974: Implementation of Exemptions; Secure Flight
Records; Proposed Rule

Federal Register / Vol. 72, No. 163 / Thursday, August 23, 2007 /
Proposed Rules

[[Page 48356]]

-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Transportation Security Administration

49 CFR Parts 1540, 1544, and 1560

[Docket No. TSA-2007-28572]
RIN 1652-AA45

Secure Flight Program

AGENCY: Transportation Security Administration, DHS.

ACTION: Notice of proposed rulemaking.

-----------------------------------------------------------------------

SUMMARY: The Intelligence Reform and Terrorism Prevention Act (IRTPA)
requires the Department of Homeland Security (DHS) to assume from
aircraft operators the function of conducting pre-flight comparisons of
airline passenger information to Federal Government watch lists for
international and domestic flights. The Transportation Security
Administration (TSA) is currently developing the Secure Flight program
and issuing this rulemaking to implement this congressional mandate.
This rule proposes to allow TSA to begin implementation of the
Secure Flight program, under which TSA would receive passenger and
certain non-traveler information, conduct watch list matching against
the No Fly and Selectee portions of the Federal Government's
consolidated terrorist watch list, and transmit boarding pass printing
instructions back to aircraft operators. TSA would do so in a
consistent and accurate manner while minimizing false matches and
protecting privacy information.
Also in this volume of the Federal Register, U.S. Customs and
Border Protection (CBP) is publishing a final rule to implement pre-
departure advance passenger and crew manifest requirements for
international flights and voyages departing from or arriving into the
United States, using CBP's Advance Passenger Information System (APIS).
These rules are related. We propose that, when the Secure Flight rule
becomes final, aircraft operators would submit passenger information to
DHS through a single DHS portal for both the Secure Flight and APIS
programs. This would allow DHS to integrate the watch list matching
component of APIS into Secure Flight, resulting in one DHS system
responsible for watch list matching for all aviation passengers.

DATES: Submit comments by October 22, 2007.

ADDRESSES: You may submit comments, identified by the TSA docket number
to this rulemaking, using any one of the following methods:
Comments Filed Electronically: You may submit comments through the
docket Web site at http://dms.dot.gov. You also may submit comments
through the Federal eRulemaking portal at http://www.regulations.gov.
Comments Submitted by Mail, Fax, or In Person: Address or deliver
your written, signed comments to the Docket Management System at: U.S.
Department of Transportation, Docket Operations, M-30, West Building
Ground Floor, Room W12-140, 1200 New Jersey Ave., SE., Washington, DC
20590; Fax: 202-493-2251.
See SUPPLEMENTARY INFORMATION for format and other information
about comment submissions.

FOR FURTHER INFORMATION CONTACT: Kevin Knott, Policy Manager, Secure
Flight, Office of Transportation Threat Assessment and Credentialing,
TSA-19, Transportation Security Administration, 601 South 12th Street,
Arlington, VA 22202-4220, telephone (240) 568-5611.

SUPPLEMENTARY INFORMATION:

Comments Invited

TSA invites comments relating to the appropriateness,
effectiveness, and any economic, environmental, energy, or federalism
impacts resulting from the required provisions of this rulemaking.
Interested persons may do this by submitting written comments, data, or
views. See ADDRESSES above for information on where to submit comments.
With each comment, please include your name and address, identify
the docket number at the beginning of your comments, and give the
reason for each comment. The most helpful comments reference a specific
portion of the rulemaking, explain the reason for any recommended
change, and include supporting data. You may submit comments and
material electronically, in person, by mail, or fax as provided under
ADDRESSES, but please submit your comments and material by only one
means. If you submit comments by mail or delivery, submit them in two
copies, in an unbound format, no larger than 8.5 by 11 inches, suitable
for copying and electronic filing.
If you want TSA to acknowledge receipt of comments submitted by
mail, include with your comments a self-addressed, stamped postcard on
which the docket number appears. We will stamp the date your comments
were received on the postcard and mail it to you.
TSA will file in the public docket all comments received by TSA,
except for comments containing confidential information and sensitive
security information (SSI).\1\ TSA will consider all comments received
on or before the closing date for comments and will consider comments
filed late to the extent practicable. The docket is available for
public inspection before and after the comment closing date.
---------------------------------------------------------------------------

\1\ ``Sensitive Security Information'' or ``SSI'' is information
obtained or developed in the conduct of security activities, the
disclosure of which would constitute an unwarranted invasion of
privacy, reveal trade secrets or privileged or confidential
information, or be detrimental to the security of transportation.
The protection of SSI is governed by 49 CFR part 1520.
---------------------------------------------------------------------------

Handling of Confidential or Proprietary Information and Sensitive
Security Information (SSI) Submitted in Public Comments

Do not submit comments that include trade secrets, confidential
commercial or financial information, or SSI to the public regulatory
docket. Please submit such comments separately from other comments on
the rulemaking. Comments containing this type of information should be
appropriately marked as containing such information and submitted by
mail to the address listed in FOR FURTHER INFORMATION CONTACT section.
Upon receipt of such comments, TSA will not place the comments in
the public docket and will handle them in accordance with applicable
safeguards and restrictions on access. TSA will hold them in a separate
file to which the public does not have access, and place a note in the
public docket that TSA has received such materials from the commenter.
If TSA receives a request to examine or copy this information, TSA will
treat it as any other request under the Freedom of Information Act
(FOIA) (5 U.S.C. 552) and the Department of Homeland Security's (DHS)
FOIA regulation found in 6 CFR part 5.

Reviewing Comments in the Docket

Please be aware that anyone is able to search the electronic form
of all comments received into any of our dockets by the name of the
individual submitting the comment (or signing the comment, if submitted
on behalf of an association, business, labor union, etc.). You may
review the applicable Privacy Act Statement published in the Federal
Register on April 11, 2000 (65 FR 19477), or you may visit http://dms.dot.gov.
You may review the comments in the public docket by visiting the
Dockets Office between 9 a.m. and 5 p.m., Monday through Friday, except
Federal holidays. The Dockets Office is located

[[Page 48357]]

in the West Building Ground Floor, Room W12-140, at the Department of
Transportation address, previously provided under ADDRESSES. Also, you
may review public dockets on the Internet at http://dms.dot.gov.

Availability of Rulemaking Document

You can get an electronic copy using the Internet by--
(1) Searching the Department of Transportation's electronic Docket
Management System (DMS) Web page (http://dms.dot.gov/search);
(2) Accessing the Government Printing Office's Web page at http://www.gpoaccess.gov/fr/index.html; or
(3) Visiting TSA's Security Regulations Web page at http://www.tsa.gov and accessing the link for ``Research Center'' at the top
of the page.
In addition, copies are available by writing or calling the
individual in the FOR FURTHER INFORMATION CONTACT section. Make sure to
identify the docket number of this rulemaking.

Abbreviations and Terms Used in This Document

APIS--Advance Passenger Information System
ATSA--Aviation and Transportation Security Act
AOIP--Aircraft Operator Implementation Plan
CBP--U.S. Customs and Border Protection
DHS--Department of Homeland Security 2005 DHS Appropriations Act--
Department of Homeland Security Appropriations Act, 2005
2007 DHS Appropriations Act--Department of Homeland Security
Appropriations Act, 2007
DHS TRIP--Department of Homeland Security Traveler Redress Inquiry
Program
FBI--Federal Bureau of Investigation
FOIA--Freedom of Information Act
GAO--Government Accountability Office
HSPD--Homeland Security Presidential Directive
IATA--International Air Transport Association
IRTPA--Intelligence Reform and Terrorism Prevention Act of 2004
PNR--Passenger Name Record
PRI--Passenger Resolution Information
PIA--Privacy Impact Assessment
SFPD--Secure Flight Passenger Data
SSI--Sensitive Security Information
SORN--System of Records Notice
TSA--Transportation Security Administration
TSC--Terrorist Screening Center
TSDB--Terrorist Screening Database

Outline of Notice of Proposed Rulemaking

I. Background
A. Current Watch List Matching
1. Watch List Matching for Domestic Flights
2. Watch List Matching for International Flights
B. Secure Flight Program Summary
C. Implementation Stages of Secure Flight
1. Implementation of Secure Flight for Domestic Flights
2. Implementation of Secure Flight for International Flights
D. Privacy Documents
E. Secure Flight Testing and Information Collection Requirements
1. Secure Flight Testing
2. Information Collection Requirements
F. The Watch List Matching Process Under Secure Flight
G. Operational Testing of Secure Flight
H. Proposed Compliance Schedule
I. Additional Issues Under Consideration and Open to Public
Comment
1. Data Elements
2. Identification Requirements
J. Department of Homeland Security Appropriations Act
II. Section-by-Section Analysis
III. Regulatory Analyses
A. Paperwork Reduction Act
B. Regulatory Impact Analyses
1. Regulatory Evaluation Summary
2. Executive Order 12866 Assessment
3. Regulatory Flexibility Act Assessment
4. International Trade Impact Assessment
5. Unfunded Mandates Assessment
C. Executive Order 13132, Federalism
D. Environmental Analysis
E. Energy Impact Analysis
List of Subjects
The Proposed Amendments

I. Background

TSA performs passenger and baggage screening at the Nation's
commercial airports.\2\ Aircraft operators currently supplement this
security screening by performing passenger watch list matching using
the Federal No Fly and Selectee Lists, as required under security
directives that TSA issued following the terrorist attacks of September
11, 2001. Aircraft operators also conduct this watch list matching
process for non-traveling individuals authorized to enter the sterile
area \3\ of an airport in order to escort a passenger or for some other
purpose approved by TSA.
---------------------------------------------------------------------------

\2\ See the Aviation and Transportation Security Act (ATSA)
(Pub. L. 107-71, 115 Stat. 597, Nov. 19, 2001).
\3\ ``Non-traveling individual'' would be defined in this Notice
of Proposed Rulemaking as an individual to whom a covered aircraft
operator or covered airport operator seeks to issue an authorization
to enter the sterile area of an airport in order to escort a minor
or a passenger with disabilities or for some other purpose permitted
by TSA. It would not include employees or agents of airport or
aircraft operators or other individuals whose access to a sterile
area is governed by another TSA regulation or security directive.
Proposed 49 CFR 1560.3.
``Sterile area'' is defined as a portion of airport defined in
the airport security program that provides passengers access to
boarding aircraft and to which the access generally is controlled by
TSA, or by an aircraft operator under part 1544 of this chapter or a
foreign air carrier under part 1546 of this chapter, through the
screening of persons and property. 49 CFR 1540.5.
---------------------------------------------------------------------------

The Intelligence Reform and Terrorism Prevention Act of 2004
(IRTPA) requires TSA to assume from air carriers the comparison of
passenger information to the automatic Selectee and No Fly Lists and to
utilize all appropriate records in the consolidated and integrated
watch list that the federal government maintains.\4\ The final report
of the National Commission on Terrorist Attacks Upon the United States
(9/11 Commission Report) recommends that the watch list matching
function ``should be performed by TSA and it should utilize the larger
set of watch lists maintained by the Federal Government.'' See 9/11
Commission Report at 393.
---------------------------------------------------------------------------

\4\ Pub. L. 108-458, 118 Stat. 3638, Dec. 17, 2004.
---------------------------------------------------------------------------

Consequently, pursuant to Sec. 4012(a) of the IRTPA, TSA is
issuing this NPRM to propose implementation of the Secure Flight
program. Under the program, TSA would receive passenger and certain
non-traveler information from aircraft operators, conduct watch list
matching, and transmit watch list matching results back to aircraft
operators.
The purpose of the Secure Flight program is to assume the watch
list matching function from aircraft operators and to more effectively
and consistently prevent certain known or suspected terrorists from
boarding aircraft where they may jeopardize the lives of passengers and
others. The program is designed to better focus enhanced passenger
screening efforts on individuals likely to pose a threat to civil
aviation, and to facilitate the secure and efficient travel of the vast
majority of the traveling public by distinguishing them from
individuals on the watch list.
In general, the Secure Flight program would compare passenger
information only to the No Fly and Selectee List components of the
Terrorist Screening Database (TSDB), which contains the Federal
Government's consolidated terrorist watch list, maintained by the
Terrorist Screening Center (TSC).\5\ However, as recommended by the 9/
11

[[Page 48358]]

Commission, TSA may use ``the larger set of watch lists maintained by
the Federal Government,'' when warranted by security considerations.
For example, TSA may learn that flights on a particular route may be
subject to increased security risk. If this happens, TSA may decide to
compare passenger information on some or all of the flights on that
route against the full TSDB or other government databases, such as
intelligence or law enforcement databases.
---------------------------------------------------------------------------

\5\ The TSC was established by the Attorney General in
coordination with the Secretary of State, the Secretary of Homeland
Security, the Director of the Central Intelligence Agency, the
Secretary of the Treasury, and the Secretary of Defense. The
Attorney General, acting through the Director of the Federal Bureau
of Investigation (FBI), established the TSC in support of Homeland
Security Presidential Directive 6 (HSPD-6), dated September 16,
2003, which required the Attorney General to establish an
organization to consolidate the Federal Government's approach to
terrorism screening and provide for the appropriate and lawful use
of terrorist information in screening processes.
---------------------------------------------------------------------------

This proposed rule would affect covered flights operated by U.S.
aircraft operators that are required to have a full program under 49
CFR 1544.101(a), and covered flights operated by foreign air carriers
that are required to have a security program under 49 CFR 1546.101(a)
or (b). These aircraft operators generally are the passenger airlines
that offer scheduled and public charter flights from commercial
airports. This proposed rule refers to them as ``covered U.S. aircraft
operators'' and ``covered foreign air carriers'' respectively, and
``covered aircraft operators'' collectively.
The proposed rule would cover all flights conducted by covered U.S.
aircraft operators, as well as all flights conducted by a covered
foreign air carrier arriving in or departing from the United States or
overflying the continental United States (referred to as ``covered
international flights''). TSA is proposing to conduct watch list
matching for overflights in order to protect the United States from
terrorist activity that could occur in its airspace. The proposed rule
collectively refers to the flights conducted by U.S. carriers and
covered international flights that would be regulated under this
proposed rule as ``covered flights.''
IRTPA also requires DHS to assume from air carriers the task of
comparing passenger information for international flights to or from
the United States against the Federal Government's consolidated and
integrated terrorist watch list before departure of such flights.
Initially, CBP will implement this requirement and conduct pre-
departure watch list matching for international flights, through its
Advance Passenger Information System (APIS). APIS is a widely-utilized
electronic data interchange system that international commercial air
and vessel carriers use to electronically transmit to CBP certain data
on passengers and crew members. The former U.S. Customs Service, in
cooperation with the former Immigration and Naturalization Service
(INS) and the airline industry, developed APIS in 1988. On July 14,
2006, CBP published a notice of proposed rulemaking to require air and
vessel carriers to submit to CBP passenger manifest information before
departure of an international flight to or from the United States and
for voyages from the United States to enable CBP to conduct watch list
matching on passengers before they board an international flight or
depart on certain voyages.\6\
---------------------------------------------------------------------------

\6\ 71 FR 40035.
---------------------------------------------------------------------------

In response to a substantial number of comments from the aviation
industry, DHS is proposing a unified approach to watch list matching
for international and domestic passenger flights, to avoid unnecessary
duplication of watch list matching efforts and resources and reduce the
burden on aircraft operators. CBP's APIS Pre-Departure Final Rule
published elsewhere in this issue of the Federal Register and this
notice of proposed rulemaking (NPRM) are being published jointly to
explain DHS's proposed unified approach. Beginning on the effective
date of the APIS Pre-Departure final rule, CBP will perform the watch
list matching function for international flights to or from the United
States as part of its overall screening of travelers. However, DHS
proposes to ultimately transfer the watch list matching function to the
Secure Flight program. If this approach is adopted, TSA would assume
the aviation passenger watch list matching function for domestic and
international passengers covered by this proposed rule, and CBP would
continue to conduct border enforcement functions under the APIS
program. DHS is establishing one portal through which aircraft
operators will send their passenger information for both programs, with
the goal of streamlining the transmission of passenger information, if
the unified approach is adopted.

A. Current Watch List Matching

1. Watch List Matching for Domestic Flights
Under security directives issued by TSA, covered U.S. aircraft
operators currently conduct pre-flight watch list matching for
passengers on domestic flights using the Federal No Fly and Selectee
Lists. Aircraft operators also apply this process to non-traveling
individuals authorized to enter the sterile area beyond the screening
checkpoint in order to escort a minor or a passenger with disabilities,
or for another purpose authorized by TSA.
Under the current watch list matching process, when an aircraft
operator has a reservation from a passenger with a name that is the
same as, or similar to, a name on the No Fly List, TSA requires the
aircraft operator to notify law enforcement personnel and TSA in order
to determine whether that passenger is in fact the individual whose
name is on the No Fly List. If the passenger is verified as an
individual on the No Fly List, the aircraft operator is prohibited from
transporting the passenger. When an aircraft operator has a reservation
from a passenger with a name that is the same as, or similar to, a name
on the Selectee List, TSA requires the aircraft operator to identify
the individual to TSA for enhanced screening at security screening
checkpoints.\7\
---------------------------------------------------------------------------

\7\ Individuals may undergo enhanced screening at security
screening checkpoints for a variety of other reasons, such as random
selection or as a result of triggering a metal detector alarm.
---------------------------------------------------------------------------

2. Watch List Matching for International Flights
Covered aircraft operators also currently conduct watch list
matching for passengers on international flights in the same manner
described above for domestic flights as required in TSA security
directives and emergency amendments to a security program.
Additionally, CBP conducts various activities, including watch list
matching, to screen passengers on commercial international flights
arriving in and departing from the United States through the Advance
Passenger Information System (APIS). CBP conducts such activities in
order to protect the United States from threats of terrorism and to
carry out CBP's border enforcement mission.
Under CBP's APIS regulations (19 CFR part 122), air carriers
departing foreign ports destined for the United States are required to
electronically submit passenger information to CBP no later than
fifteen minutes after the departure of aircraft destined for the United
States and 15 minutes prior to departure of aircraft from the United
States. ``Departure'' currently is defined to be the moment the
aircraft's wheels leave the tarmac. See 19 CFR 122.49. The current
system allows CBP to supplement the watch list matching currently
completed by air carriers prior to boarding. If CBP's screening
identifies that a person on a no-fly list is on an aircraft bound for,
or departing from, the United States, that aircraft will be diverted
from its intended destination.
In this volume of the Federal Register, CBP is publishing a final
rule entitled ``Advance Electronic Submission of Passenger and Crew
Member Manifests for Commercial

[[Page 48359]]

Aircraft and Vessels'' (APIS Pre-Departure Final Rule). This rule,
which becomes effective 180 days after publication, will require air
carriers to provide the passenger information it currently provides to
CBP, but requires air carriers to provide it no later than the time the
flight crew secure the aircraft doors for takeoff.
When commercial air carriers are certified to transmit APIS data
under the pre-departure APIS requirements of the new APIS Pre-Departure
Final Rule, CBP will assume from those carriers the responsibility of
conducting pre-departure watch list matching for international flights
to or from the United States. Once CBP receives the information, it
will complete the watch list matching process and return instructions
concerning each passenger to the covered aircraft operators. Covered
aircraft operators will be required to follow the instructions when
issuing boarding passes to passengers, identifying passengers for
enhanced screening, and allowing passengers to board the aircraft or
preventing them from doing so. If the Secure Flight program is
finalized as envisioned in this proposed rule, it will take over this
watch list matching function for aircraft operators covered under this
proposed rule from CBP.

B. Secure Flight Program Summary

1. Secure Flight Passenger Data
Under the Secure Flight program proposed under this rule, TSA would
require covered aircraft operators to collect information from
passengers, transmit passenger information to TSA for watch list
matching purposes, and process passengers in accordance with TSA
instructions regarding watch list matching results. Under this proposed
rule, TSA would collect Secure Flight Passenger Data (SFPD), consisting
of the information summarized below (and discussed in greater detail in
section I.E.2 ``information collection requirements'' infra).
For passengers on covered flights, TSA is proposing to require
covered aircraft operators to request a passenger's full name, gender,
date of birth, and Redress Number \8\ (if available) or known traveler
number \9\ (if available once the known traveler program is
implemented). Even though covered aircraft operators would be required
to request all of the above data elements from passengers, passengers
would only be required to provide their full name at the time of
reservation to allow TSA to perform watch list matching. They would not
be required by TSA to provide the other data elements to aircraft
operators at the time of reservation. Covered aircraft operators would
be required to transmit to TSA the information provided by the
passenger in response to the request described above.
---------------------------------------------------------------------------

\8\ A Redress Number is a unique number that DHS currently
assigns to individuals who use the DHS Traveler Redress Inquiry
Program (TRIP). Under the proposed rule, individuals would use the
Redress Number in future correspondence with DHS and when making
future travel reservations. The Redress Number is further discussed
in the Secure Flight Information Collection Requirements section
below.
\9\ A known traveler number would be a unique number assigned to
``known travelers'' for whom the Federal Government has already
conducted a threat assessment and has determined do not pose a
security threat. The known traveler number is further discussed in
the Secure Flight Information Collection Requirements section.
---------------------------------------------------------------------------

Covered aircraft operators also would be required to transmit to
TSA passport information, if available. Although not required to be
requested by TSA under this proposed rule, passport information may be
provided by passengers either voluntarily or under other travel
requirements such as CBP APIS requirements if a passenger is traveling
abroad. Additionally, covered aircraft operators would be required to
transmit to TSA certain non-personally identifiable information such as
itinerary information, record locator numbers etc. to allow TSA to
effectively prioritize watch list matching efforts, communicate with
the covered aircraft operator, and facilitate an operational response,
if necessary, to an individual who is on the watch list.
When a non-traveling individual seeks authorization from a covered
aircraft operator to enter an airport sterile area (such as to escort a
minor or assist a passenger with a disability), TSA also is proposing
to require covered aircraft operators to request from the non-traveler
and transmit to TSA, the same information requested from passengers (to
the extent available), as well as certain non-personally identifiable
information, including the airport code for the sterile area to which
the non-traveler seeks access.
The following chart details the information that TSA would require
covered aircraft operators to request from passengers and certain non-
traveling individuals, the information that those individuals would be
required to provide, and the information covered aircraft operators
would be required to transmit to TSA if available:

Proposed Information Collection Requirements for Secure Flight
----------------------------------------------------------------------------------------------------------------
Covered aircraft
operators must Passengers and Covered aircraft
request from certain non- operators must
Data elements passengers and travelers must transmit to TSA,
certain non- provide if available
travelers
----------------------------------------------------------------------------------------------------------------
Full Name.............................................. X X X
Date of Birth.......................................... X ................. X
Gender................................................. X ................. X
Redress Number or Known Traveler Number................ X ................. X
Passport Information \10\.............................. ................. ................. X
Itinerary Information \11\............................. ................. ................. X
Reservation Control Number............................. ................. ................. X
Record Sequence Number................................. ................. ................. X
Record Type............................................ ................. ................. X
Passenger Update Indicator............................. ................. ................. X
Traveler Reference Number.............................. ................. ................. X
----------------------------------------------------------------------------------------------------------------

This proposed rule would not compel the passenger or non-traveler
to provide the majority of the information that covered aircraft
operators request. However, if that individual elected not to provide
the requested information,

[[Page 48360]]

TSA may have insufficient information to distinguish him or her from a
person on the watch list. Accordingly, the individual may be more
likely to experience delays, be subject to additional screening, be
denied transport, or be denied authorization to enter a sterile area.
Without a full name, watch list matching is incredibly unreliable;
therefore the proposed rule would require an individual seeking to
travel on a covered flight or authorization to enter a sterile area to
provide his or her full name, as it appears on the individual's
verifying identity document. The proposed rule would also prohibit
covered aircraft operators from accepting a reservation, or accepting a
request for authorization to enter a sterile area, from an individual
who does not provide a full name.
---------------------------------------------------------------------------

\10\ Passport information is the following information from a
passenger's passport: (1) Passport number; (2) country of issuance;
(3) expiration date; (4) gender; (5) full name.
\11\ Itinerary information is the following information about a
covered flight: (1) Departure airport code; (2) aircraft operator;
(3) departure date; (4) departure time; (5) arrival date; (6)
scheduled arrival time; (7) arrival airport code; (8) flight number;
(9) operating carrier (if available). For non-traveling individuals,
the itinerary information is the airport code for the sterile area
to which the non-traveling individual seeks access.
---------------------------------------------------------------------------

2. 72-Hour Requirement
Under the Secure Flight proposed rule, covered aircraft operators
would be required to transmit Secure Flight Passenger Data to TSA
approximately 72 hours prior to the scheduled flight departure
time.\12\ Requiring SFPD approximately 72 hours prior to scheduled
flight departure time would support the security mission of the Secure
Flight program and facilitate a streamlined watch list matching process
for aircraft operators and passengers in at least the following ways.
---------------------------------------------------------------------------

\12\ In the APIS Pre-Departure Final Rule, CBP also encourages,
but does not mandate, all carriers to submit the information up to
72 hours in advance when available, to facilitate clearance.
---------------------------------------------------------------------------

TSA considered a number of factors in determining that aircraft
operators should submit SFPD to TSA approximately 72 hours before
scheduled flight departure time. TSA reviewed reservation trend
analyses which indicates that, on average, an estimated 90-93% of
travel reservations are finalized and become stable (e.g. not subject
to cancellation or timing changes) 72 hours before the scheduled flight
departure time. Accordingly, TSA determined that it would not be
practicable to require aircraft operators to submit information earlier
than 72 hours prior to flight departure time, as such information would
still be subject to change and would not provide sufficiently reliable
information for TSA to begin watch list matching or engage in any
necessary coordination with law enforcement.
During a standard travel day, TSA estimates that over 2.4 million
passengers use covered aircraft operators for domestic and
international travel (either destined for or departing from the United
States). Although approximately 99% of passenger travel reservations
would be finalized within 24 hours of the departure of any flight, 24
hours would not provide TSA with sufficient time to adequately screen
2.4 million passengers and, when necessary, coordinate operational
responses in the event of identification of a terrorist suspect or as
needed to identify and disrupt a suspected terrorist plot potentially
involving a variety of flights or aircraft operators, foreign or
domestic.
It is important to note that, in any one day, TSA would be
conducting watch list matching on not only the 2.4 million travelers
for one designated travel day, but TSA also would continue to conduct
watch list matching for the 2.4 million travelers for each of the two
days before the date of departure of the flight. In total, over a 72-
hour period, TSA could be conducting watch list matching for up to 7.2
million travelers traveling within a 72-hour period.
Accordingly, TSA is proposing that covered aircraft operators
submit SFPD approximately 72 hours in advance.
Security benefits. A 72-hour period would provide the significant
security benefit of allowing the U.S. government to coordinate an
operational response to a match on a watch list--not only before the
flight departs, but even in advance of the individual's arrival at the
airport. Also, TSA could provide a single watch list matching solution
for both domestic and international flights, because TSA would have the
time to prioritize the domestic and international watch list matching
workload and accommodate last-minute reservations and changes.
Benefits to covered aircraft operators and passengers. The 72-hour
period would also allow TSA to complete watch list matching in time to
allow covered aircraft operators to begin issuing boarding passes to
passengers 24 hours prior to departure. Watch list matching that takes
place immediately prior to the flight's departure, such as that allowed
by CBP's APIS rule, would not allow TSA to communicate with covered
aircraft operators regarding the issuance of boarding passes 24 hours
prior to departure. Additionally, passengers' travel experiences would
be enhanced because TSA would use that time to adjudicate potential
watch list matches and coordinate with other government agencies as
necessary, to resolve as many false positives as possible before such
individuals arrive at the airport or experience delay or inconvenience.
TSA welcomes public comment on this timeframe, as well as on
alternate timeframes, and will consider these comments in the
development of the final rule. As always, comments that include an
analytical justification are most useful.
3. Instructions to Covered Aircraft Operators
TSA would match the SFPD provided by covered aircraft operators
against the watch list. Based on the watch list matching results, TSA
would instruct an aircraft operator to process the individual in the
normal manner, to identify the individual for enhanced screening at a
security checkpoint, or to deny the individual transport or
authorization to enter the airport sterile area. To ensure the
integrity of the boarding pass instructions and to prevent use of
fraudulent boarding passes, TSA would also provide instructions on
placing codes on the boarding passes. Covered aircraft operators would
be required to comply with the TSA instructions.
4. Summary of Requirements
A brief summary of the requirements proposed in this NPRM is
presented below. A detailed explanation of these requirements is
provided in the Section-by-Section Analysis.
Requirements of Covered Aircraft Operators. This proposed
rule would require aircraft operators that conduct certain scheduled
and public charter flights to:
Submit an Aircraft Operator Implementation Plan (AOIP) to
TSA for approval.
Conduct operational testing with TSA.
Request full name, date of birth, gender, and Redress
Number (if available) or known traveler number (if implemented and
available) from passengers and non-traveling individuals.
Transmit Secure Flight Passenger Data for passengers and
non-traveling individuals, in accordance with the aircraft operator's
AOIP, approximately 72 hours prior to the scheduled flight departure
time.
Make a privacy notice available on public Web sites and
self-service kiosks before collecting any personally identifiable
information from passengers or non-traveling individuals.

[[Page 48361]]

Request a verifying identity document at the airport
ticket counter if TSA has not informed the covered aircraft operator of
the results of watch list matching for an individual by the time the
individual attempts to check-in, or informs the covered aircraft
operator that an individual must be placed on inhibited status and may
not be issued a boarding pass or authorization to enter a sterile area.
A verifying identity document is one that has been issued by a Federal,
State, local, or tribal government that contains the individual's full
name, photo, and date of birth, and is non-expired; though a non-
expired passport issued by a foreign government will also be considered
a verifying identity document. This requirement would be in addition to
the current requirement that aircraft operators request all passengers
and non-traveling individuals to provide identification at the time of
check-in or at a screening checkpoint.
When necessary, submit information from the verifying
identity document to TSA to resolve potential watch list matches. In
some cases, TSA may also request that the covered aircraft operator
communicate a physical description of the individual.
Not issue to an individual a boarding pass or
authorization to enter a sterile area or permit an individual to board
an aircraft or enter a sterile area if the individual does not provide
a verifying identity document when requested under circumstances
described above, unless otherwise authorized by TSA.
Prohibit issuance of boarding passes or authorizations to
enter a sterile area to individuals whom TSA has placed on inhibited
status. Prohibit these individuals from boarding an aircraft.
Comply with instructions from TSA to designate identified
individuals for enhanced screening before boarding a flight or
accessing a sterile area.
Place separate codes on boarding passes in accordance with
TSA instructions.
Requirements of Individuals. Individuals who wish to make
a reservation on a covered flight or to access a sterile area must
provide their full names to the covered aircraft operators. This
proposed rule would require those passengers and non-traveling
individuals for whom TSA has not provided watch list matching results
or has provided inhibited status to present a verifying identity
document, in order to board an aircraft or to enter a sterile area.
Individuals also would continue to be subject to the current
requirement that aircraft operators request all passengers and non-
traveling individuals to provide identification at the time of check-in
or at a screening checkpoint.
Government Redress Procedures Available to Individuals.
This proposed rule explains the redress procedures for individuals who
believe they have been improperly or unfairly delayed or prohibited
from boarding a flight as a result of the Secure Flight program. These
individuals may seek assistance through the redress process by
submitting certain personal information, as well as copies of certain
identification documents, to the existing DHS Traveler Redress Inquiry
Program (DHS TRIP). The proposed rule explains the process the Federal
Government will use to review the information submitted and to provide
a timely written response.

C. Implementation Stages of Secure Flight

TSA proposes to implement this rule in two stages. The first stage
would include covered flights between two domestic points in the United
States, and the second stage would include covered flights to or from
the United States, flights that overfly the continental United States,
and all other flights (such as international point-to-point flights)
operated by covered U.S. aircraft operators not covered in the first
stage.
1. Implementation of Secure Flight for Domestic Flights
During the first stage of implementation, TSA would assume the
watch list matching function for domestic flights conducted by covered
U.S. aircraft operators. TSA would conduct operational testing with
each covered U.S. aircraft operator to ensure that the aircraft
operator's system is compatible with TSA's system. After successful
operational testing with a covered U.S. aircraft operator, TSA would
assume the watch list matching function for domestic flights from that
aircraft operator.
2. Implementation of Secure Flight for International Flights
Until TSA implements the Secure Flight program for international
flights by covered aircraft operators, DHS plans for CBP to conduct
pre-departure watch list matching for international flights under the
APIS Pre-Departure Final Rule. This interim approach will allow DHS to
more quickly address the threat of terrorism on flights arriving in and
departing from the United States.
During the second stage of Secure Flight implementation, TSA will
assume the watch list matching function for covered international
flights from CBP. There are a few differences between the two
processes. First, covered aircraft operators would need to request
passenger information at the time of reservation, as required under
this proposed rule. Second, as described below, TSA would utilize
Secure Flight Passenger Data, which requires collection of different
data elements than under the APIS regulations. For its non-watch list
matching functions, which CBP will continue to perform under the APIS
rule, CBP would continue to collect APIS data. Given this, and to
provide a single point of contact, covered aircraft operators can
transmit both APIS data and Secure Flight Passenger Data in a single
transmission to the DHS portal, which will route information to TSA and
CBP as appropriate.
The following tables list the data elements that CBP will collect
under its APIS regulations, and that TSA will collect under the Secure
Flight program.

------------------------------------------------------------------------
APIS regulations
Data elements (international Secure flight
flights) \13\ NPRM \14\
------------------------------------------------------------------------
Full Name......................... X X
Date of Birth..................... X X
Gender............................ X X
Redress Number or Known Traveler ................. X
Number...........................
Passport Number*.................. X X
Passport Country of Issuance*..... X X
Passport Expiration Date*......... X X
Passenger Name Record Locator..... X .................
International Air Transport X X
Association (IATA) Foreign
Airport Code--place of
origination......................

[[Page 48362]]

IATA Code--Port of First Arrival.. X X
IATA Code of Final Foreign Port X .................
for In-transit Passengers........
Airline Carrier Code.............. X X
Flight Number..................... X X
Date of Aircraft Departure........ X X
Time of Aircraft Departure........ X X
Date of Aircraft Arrival.......... X X
Scheduled Time of Aircraft Arrival X X
Citizenship....................... X .................
Country of Residence.............. X .................
Status on Board Aircraft.......... X .................
Travel Document Type.............. X .................
Alien Registration Number**....... X
Address While in U.S.--(except for X .................
outbound flights, U.S. citizens,
lawful permanent residents, crew
and intransit passengers)........
Reservation Control Number........ ................. X
Record Sequence Number............ ................. X
Record Type....................... ................. X
Passenger update indicator........ ................. X
Traveler Reference Number......... ................. X
------------------------------------------------------------------------
*If required.
**If applicable.

TSA would require covered aircraft operators to transmit to TSA the
available passenger information required under this proposed rule that
resides in covered aircraft operators' systems. Covered aircraft
operators must submit this information, through the same DHS portal
used for APIS submissions, approximately 72 hours before departure of a
covered flight. Those that elect to transmit all manifest information
required under the Pre-Departure APIS rule at the same time would be
able to send a single transmission to DHS for the Secure Flight and
Pre-Departure APIS programs and would receive a single boarding pass
printing instruction in return. Under the APIS regulations, such
aircraft operators would then be required to validate the information
submitted against the individual's passport or other travel document
and transmit passenger information to DHS only if it is different from
the information previously submitted, no later than 30 minutes prior to
or up to the securing of the doors of an aircraft under CBP's APIS Pre-
Departure rule.
---------------------------------------------------------------------------

\13\ All APIS data elements are required.
\14\ Covered aircraft operators must provide data elements
listed for Secure Flight, to the extent they are available.
---------------------------------------------------------------------------

Covered aircraft operators that do not elect to transmit all
manifest information required under the Pre-Departure APIS rule
approximately 72 hours in advance would submit validated APIS
information no later than 30 minutes prior to or up to the securing of
the doors of an aircraft under CBP's Pre-Departure APIS rule. The
aircraft operator would only receive a boarding pass printing
instruction from DHS after the APIS transmission if the transmitted
APIS data differs from the SFPD that was transmitted 72 hours prior to
departure.
Additionally, for reservations made within 72 hours of scheduled
flight departure time, covered aircraft operators would be required to
transmit Secure Flight Passenger Data as soon as possible. If the
covered aircraft operator is also ready to transmit APIS information at
that time, the covered aircraft operator would be able to send one
transmission for both Secure Flight and Pre-Departure APIS and would
receive one boarding pass printing instruction. If the covered aircraft
operator is not ready to transmit passenger under Pre-Departure APIS at
the same time, the covered aircraft operator would be required to
transmit the passenger information separately for Secure Flight and
APIS.
Covered aircraft operators would use the same portal to transmit
Secure Flight Passenger Data to TSA as they will to transmit APIS data
to CBP. Covered U.S. aircraft operators would not need to undergo
additional operational testing during the second phase, because they
would have already conducted operational testing with TSA during the
first phase. TSA, however, would need to conduct operational testing
with the covered foreign air carriers, which would not have previously
conducted operational testing with TSA, to confirm that the Secure
Flight process operates properly from end-to-end with these carriers.
Once TSA assumes responsibility under Secure Flight for the watch
list matching function for the majority of passengers covered by the
APIS regulation, CBP would no longer be responsible for pre-departure
watch list matching or the issuance of related boarding pass printing
instructions for covered flights. Consequently, covered aircraft
operators would receive, and would have to comply with, one set of
instructions from DHS, via TSA, regarding the issuance of boarding
passes to or the boarding of passengers on covered international
flights. CBP would, however, continue to require carriers to provide
APIS data to carry out its border enforcement mission. CBP would
continue to require covered aircraft operators and passengers to comply
with CBP's APIS regulations, including passengers presenting their
passports or other required travel documents at the airport to the
aircraft operators in order for the aircraft operator to verify the
APIS information and to transmit it to CBP if the APIS information was
not previously transmitted or if the verified APIS information is
different from the information previously transmitted.
In some international airports, passengers may transit from one
international flight to another, where the flights are operated by
different aircraft operators and only the second flight would be a
covered flight under this proposed rule. TSA understands that
currently, in these situations, the aircraft operator operating the
first flight

[[Page 48363]]

may issue a boarding pass for both legs of the passenger's itinerary,
including the flight to the United States. Under this proposed rule,
the aircraft operator operating the first flight would not be able to
issue a boarding pass for the second flight until that aircraft
operator received an appropriate boarding pass printing instruction
from TSA. This would allow TSA to minimize the security risk of
allowing passengers who have not yet been compared against the watch
list to have access to aircraft and the secure area of an airport. TSA
is seeking comment on this proposed requirement.

D. Privacy Documents

TSA is committed to safeguarding individuals' privacy in conducting
the Secure Flight Program to the greatest extent possible. In
conjunction with this NPRM, TSA is publishing a Privacy Impact
Assessment (PIA) for the Secure Flight Program, a Privacy Act System of
Records Notice (SORN), DHS/TSA 019, and an NPRM proposing Privacy Act
exemptions for the Secure Flight Program. All three documents outline
how TSA would collect, use, store, protect, and retain personally
identifiable information collected and used as part of the Secure
Flight Program and identify the privacy risks and mitigation measures
that would be employed to reduce or eliminate privacy risks, such as
false positive matches or insufficient safeguards for the information.
All three documents are available at http://www.tsa.gov and the SORN
and the NPRM proposing the Privacy Act exemptions will be published in
the Federal Register. TSA invites public comments on the SORN and NPRM
proposing Privacy Act exemptions. TSA will respond to public comments
received on the PIA, SORN, and NPRM through the rulemaking process and
revise the respective documents as appropriate.
TSA has developed a comprehensive approach to promoting compliance
with the Fair Information Practices codified in the Privacy Act of
1974, the E-Government Act of 2002, DHS and TSA privacy policies, and
Office of Management and Budget (OMB) privacy guidance. Comprehensive
privacy requirements are being included in the program requirements to
allow TSA to identify privacy issues and risks at each phase of the
program and implement privacy principles across Secure Flight systems
and operations. The Secure Flight program has designated an individual
to work closely with the TSA Director of Privacy Policy and Compliance
as well as the DHS Chief Privacy Officer to promote compliance with the
published documents for the program, including the SORN and the PIA.
This individual would also routinely monitor and review the operations
that authorized users perform on personal information according to a
schedule to be determined and will be responsible for the
implementation of the privacy program.
The Secure Flight program seeks to balance the competing interests
of data collection minimization and reduction of false positives
through individual choice. TSA has limited the proposed information
collection requirements for Secure Flight to the data elements TSA
believes are minimally necessary for effective watch list matching of
aviation passengers, as discussed in Section E.2. below. The proposed
rule leaves individuals with the choice to decline to provide certain
data elements. For the vast majority of individuals, a decision to
forgo providing these data elements should have no effect on their
watch list matching results and will result in less information being
held by TSA. For some individuals, however, TSA may be unable to
perform effective automated watch list matching without this
information and, as a result, those individuals may be more likely to
be subject to additional screening or be denied boarding or
authorization to enter a sterile area.
The Secure Flight Program also would mitigate the privacy risk of
false positive matches to the watch list by supplementing the initial
automated comparison with a manual assessment conducted by a Secure
Flight analyst, but only if necessary to complete the watch list
matching process. Individuals will be provided with the opportunity
under the DHS Traveler Redress Inquiry Program (TRIP) redress process
and under the Privacy Act of 1974 to access and correct personal
information, subject to the Privacy Act exemptions proposed for Secure
Flight records and other applicable legal constraints. Secure Flight
would not utilize commercial data to verify identities, nor would it
use algorithms to assign risk scores to individuals.
TSA is proposing to retain records for most individuals encountered
by Secure Flight for a short period of time.\15\ The vast majority of
records are expected to be destroyed within seven (7) days of
completion of directional travel.\16\ Records for individuals not
identified as potential matches by the automated matching tool would be
retained for seven days after the completion of the individual's
directional travel for audit purposes. Records for individuals who are
potential matches would be retained for seven years after the
completion of the individual's directional travel. These records would
be available if needed as part of the redress process and, as a result,
may help to expedite future travel. Records concerning confirmed
matches are expected to be retained for 99 years. This retention period
is consistent with TSC's NARA-approved records retention schedule for
TSDB records. In case of a terrorist event, records concerning the
event, which may possibly include passenger information, would be
retained in accordance with a separate TSA record retention schedule
covering major security incident records. This information would be
retained to support the investigation and documentation of a terrorist
event. Such records would be maintained in accordance with applicable
SORNs, DHS/TSA 001, Transportation Security Enforcement Records System,
69 FR 71818, 71829 (December 10, 2004) and DHS/TSA 011, Transportation
Security Intelligence Service Operations Files, 69 FR 71828, 71835
(December 10, 2004).
---------------------------------------------------------------------------

\15\ The retention schedule will be submitted for approval to
the National Archives and Records Administration (NARA). TSA will
retain the records in accordance with the retention schedule
approved by NARA.
\16\ Directional travel means the individual's one-way travel to
his or her destination.
---------------------------------------------------------------------------

The Secure Flight Program would further minimize potential privacy
risks by integrating administrative, technical, and physical security
safeguards to limit collection of personally identifiable information
and to protect information against unauthorized disclosure, use,
modification or destruction. Specifically, administrative safeguards
will restrict the permissible uses of personal information and
implement the controls for adherence to those uses. As part of
technical safeguards employed, Secure Flight will employ role-based
access controls and audit logging (that is, the chronicling of
information accesses and uses of information) to control and monitor
the use of personal information. Further, all personnel who will be
authorized to handle personal information for the Secure Flight program
will be required to complete TSA privacy training when they join the
program and on at least an annual basis thereafter. Personal
information will only be disclosed to, and used by, authorized
individuals who have a need to know the information in order to perform
their duties. These safeguards will further minimize the potential
privacy risk that personal information may be improperly used. The PIA

[[Page 48364]]

addresses all of these safeguards in more detail.
TSA will issue an amended PIA and a revised SORN in conjunction
with the Secure Flight Final Rule if necessary. Although not required,
covered aircraft operators may voluntarily choose to begin testing with
TSA prior to TSA publishing a final rule. The PIA and the SORN would
cover any testing between an aircraft operator and TSA including both
domestic and international flights.

E. Secure Flight Testing and Information Collection Requirements

After initial Secure Flight testing described below, TSA has
limited the proposed information collection requirements for Secure
Flight to the data elements TSA believes are minimally necessary for
aviation passenger watch list matching. In making this determination,
TSA balanced the privacy interest in minimizing the collection of
personal information with the security need to conduct effective watch
list matching, without unnecessarily delaying innocent individuals due
to false positive watch list matches.
1. Secure Flight Testing
Prior to initiating this rulemaking, TSA performed testing of the
agency's ability to conduct automated watch list matching for purposes
of the Secure Flight program and separately, testing to determine
whether the use of commercial data would be effective in identifying
passenger information that is incorrect or inaccurate. On September 24,
2004, TSA published in the Federal Register a number of documents
necessary to allow the agency to begin testing the Secure Flight
program. These documents included: (1) A proposed order to U.S.
aircraft operators directing them to provide a limited set of
historical passenger name records (PNRs) to TSA for use in testing the
program (69 FR 57342); (2) a Privacy Act System of Records Notice for
records involved in testing the program (69 FR 57345); and (3) a
Privacy Impact Assessment (PIA) of program testing (69 FR 57352[0]).
On November 15, 2004, after reviewing the comments received in
response to these documents, TSA published in the Federal Register the
final order directing U.S. aircraft operators to provide to TSA, by
November 23, 2004, a limited set of historical PNRs for testing of the
Secure Flight program.\17\ TSA also published revisions to the system
of records notice and the Privacy Impact Assessment (PIA) on June 22,
2005,\18\ to make clear that the purpose of commercial data testing was
``to test the Government's ability to verify the identities of
passengers using commercial data and to improve the efficacy of watch
list comparisons by making passenger information more complete and
accurate using commercial data.''
---------------------------------------------------------------------------

\17\ 69 FR 65619.
\18\ 70 FR 36320.
---------------------------------------------------------------------------

After reviewing the results of the testing and the comments
received concerning the testing, TSA determined that it will not use
commercial data in the program. This decision is consistent with
Section 514(f) of the Department of Homeland Security Appropriations
Act, 2007 (2007 DHS Appropriations Act), Public Law 109-295 (Oct. 4,
2006), which currently prohibits TSA from using appropriated funds on
data or a database that is obtained from, or remains under the control
of, a non-Federal entity (other than passenger information from
aircraft operators) for the Secure Flight program.
2. Information Collection Requirements
Based on the automated watch list matching test results and TSA's
experience in conducting security threat assessments that include watch
list matching, TSA has carefully selected the personal information that
TSA believes is necessary to conduct effective watch list matching for
aviation passengers. Consequently, under the proposed rule, TSA would
collect Secure Flight Passenger Data consisting of the information
described below.
Full Name, Gender, and Date of Birth:
Based on the automated watch list matching test results and TSA's
experience in conducting security threat assessments that include watch
list matching, TSA believes that an individual's full name, gender, and
date of birth are critically important for effective automated matching
against the watch list. This proposed rule, therefore, would require
covered aircraft operators to request full name, gender, and date of
birth from all passengers and non-traveling individuals accessing
sterile areas. As discussed in the Section-by-Section Analysis below,
TSA defines ``full name'' in proposed Sec. 1560.3 (Terms Used in This
Part) and uses it as the primary attribute to conduct watch list
matching. Partial names, which some aircraft operators currently
collect, would increase the likelihood of false positive matches,
because partial names are more likely to match a number of different
entries on the watch list. As a result, this proposed rule would
require individuals seeking a reservation on a covered flight or
authorization to enter a sterile area to provide their full names and
would prohibit covered aircraft operators from authorizing entry to a
sterile area or accepting a reservation for a passenger on a covered
flight who does not provide a full name.
Many names, including English and non-English names, do not
indicate gender, because they can be used by either gender.
Additionally, names not derived from the Latin alphabet, when
transliterated into English, do not generally denote gender. Providing
information on gender will reduce the number of false positive watch
list matches, because the information will distinguish persons who have
the same or similar names but who are of different gender. Date of
birth is also helpful in distinguishing a passenger from an individual
on a watch list with the same or similar name, thereby reducing the
number of false positive watch list matches.
Under the proposed rule, TSA would not compel individuals to
provide their gender and date of birth when aircraft operators request
it. Without this information, however, TSA may be unable to rule out
such individuals as a watch list match, and consequently they may be
subject to additional screening or be denied boarding or authorization
to enter a sterile area. Covered aircraft operators would then be
required to transmit to TSA the names, gender, and dates of birth for
passengers on covered flights, to the extent they are available as part
of the reservation process. For example, if a passenger provides a full
name but does not provide gender or a date of birth, the covered
aircraft operator would be required to transmit to TSA the full name.
If a covered aircraft operator were to input data required to be
requested from individuals into the system where it stores SFPD--such
as data from a passenger profile stored by the aircraft operator in the
ordinary course of business--the aircraft operator would be required to
include that data as part of the SFPD transmitted to TSA, even though
the individual did not provide that information at the time of
reservation.
Redress Number:
This proposed rule would also require covered aircraft operators to
request an individual's Redress Number, if available. DHS will assign
this unique number to individuals who use the DHS Traveler Redress
Inquiry Program (DHS TRIP), because they believe they have been
incorrectly delayed, identified for enhanced screening, denied
boarding, or denied access to a sterile area.

[[Page 48365]]

Individuals who have already undergone TSA's redress process would not
need to use DHS TRIP to reapply for redress once the Secure Flight
process is operational. Individuals may be less likely to be delayed by
false positive matches to the watch list if they provide their Redress
Number at the time of making a flight reservation or requesting access
to a sterile area. TSA is proposing to require that each covered
aircraft operator request this information to provide the opportunity
for an individual to use his or her assigned Redress Number to
facilitate travel or access to a sterile area.
Known Traveler Number:
In addition, the proposed rule provides that covered aircraft
operators may be required to request a known traveler number from
passengers and non-traveling individuals, if available. The known
traveler number would be a unique number assigned to ``known
travelers'' for whom the Federal Government has already conducted a
terrorist security threat assessment and has determined do not pose a
terrorist security threat. The known traveler number would enable TSA
to identify these ``known travelers,'' further reducing the number of
false positive matches to the watch list, and reduce unnecessary
duplication of Federal Government watch list matching efforts. Although
TSA would continue to conduct watch list matching for ``known
travelers,'' by having the known traveler numbers of these individuals,
TSA would be able to identify them as individuals who have already
completed a Federal terrorist security threat assessment. The proposed
rule would not compel individuals to provide a known traveler number
upon request from the aircraft operator. Without a known traveler
number, however, the individual may be more likely to experience
delays, be subjected to enhanced screening, be denied boarding, or be
denied access to a sterile area.
Because TSA has not yet determined which categories of individuals
should be considered ``known travelers,'' we specifically seek comment
on this provision. The proposed rule would not require covered aircraft
operators to initially request the known traveler number along with the
other passenger identification information. Instead, once TSA has
determined the categories of individuals that should be considered as
``known travelers,'' TSA would provide covered aircraft operators
written notification 30 days in advance that they must begin to collect
and transmit the known traveler number. TSA is adding this known
traveler number requirement in the proposed rule now to allow covered
aircraft operators advance planning in making all necessary system
changes. Once TSA informs covered aircraft operators that they must
begin to collect and transmit the known traveler number, covered
aircraft operators may transmit the known traveler number in the
Redress Number field, as it would not be necessary for the covered
operators to send both the Redress Number and the known traveler number
to TSA.
Passport Information:
TSA proposes to require covered aircraft operators to transmit
certain information from an individual's passport (passport number,
country of issuance, expiration date, gender, and full name), if
available. The proposed rule, however, does not propose to require
covered aircraft operators to collect the passport information if they
do not otherwise collect it in the normal course of business or unless
otherwise required by other rules, such as APIS. Based on TSA's
experience in conducting security threat assessments that include watch
list matching, TSA believes that passport information would enable TSA
analysts to resolve possible false positive matches and make the watch
list matching process more accurate.
For passengers who have previously flown on an international flight
as part of their travel itinerary, the covered aircraft operator may
already have the passport information if the covered aircraft operator
was required to collect passport information for the previous flight
pursuant to requirements under regulations issued by CBP. For such
passengers, TSA would require covered aircraft operators to transmit
passport information to TSA as part of the initial SFPD transmission.
For passengers whose itinerary includes a domestic flight that connects
to an international flight, covered aircraft operators often collect
passport information when the passenger checks in for the domestic
flight. For these passengers, covered aircraft operators would be
required under this proposed rule to transmit the passport information
to TSA as soon as it is available. In cases where passport information
is available, the proposed rule would require covered aircraft
operators to transmit the passport information to TSA, in order to
verify the information provided at the time of reservation, facilitate
identification of individuals who are on the watch list, and further
minimize false positive matches.
Information Used To Manage Messaging:
This rule also proposes to require covered aircraft operators to
provide certain non-personally identifiable data fields, including
passenger itinerary information (or airport code for non-travelers
requesting sterile area access) for TSA to effectively prioritize watch
list matching efforts, communicate with the covered aircraft operator,
and facilitate an operational response, if necessary, to an individual
who is on the watch list. For example, if TSA identifies an individual
on the watch list, TSA or the TSC may need to engage law enforcement
officials to question or detain the individual, as appropriate.

F. The Watch List Matching Process Under Secure Flight

The proposed rule would require all covered aircraft operators to
request the information discussed above from passengers on a covered
flight and non-traveling individuals. The proposed rule, however, would
not require all covered aircraft operators to begin transmitting that
information to TSA at the same time. TSA proposes to bring covered
aircraft operators into Secure Flight in phases and require aircraft
operators to begin providing passenger and non-traveler information to
TSA in accordance with the deadlines set forth in their approved AOIP,
discussed further below.
For passengers, TSA proposes to require covered aircraft operators
to transmit the SFPD including itinerary information. For non-traveling
individuals, TSA proposes that covered aircraft operators transmit the
SFPD including the airport code for the airport sterile area that the
non-traveling individual seeks to enter.
TSA proposes that information be transmitted to TSA approximately
72 hours in advance of departure, unless the individual makes a
reservation within 72 hours of the scheduled flight departure time,
changes a flight within 72 hours of the scheduled flight departure
time, or requests to enter a sterile area upon arrival at the airport.
In such cases, TSA would require covered aircraft operators to send the
required information to TSA immediately. TSA, in coordination with the
TSC where necessary, would compare the passenger and non-traveler
information obtained from each covered aircraft operator to information
contained in the watch list. TSA would also compare passenger and non-
traveler information to a list of individuals who have previously been
distinguished from persons on the watch list.
If an automated comparison using the information transmitted to TSA

[[Page 48366]]

indicates that the passenger is not a match to the watch list, TSA will
notify the aircraft operator that check-in and boarding pass issuance
for the individual can proceed normally. Such individuals will undergo
standard passenger and baggage screening. If the automated comparison
using the passenger or non-traveler information identifies a potential
match to the Selectee List, TSA will notify the covered aircraft
operator that the passenger or non-traveling individual and his or her
baggage must be identified for enhanced screening. TSA is also
considering adding a random element to Secure Flight, whereby
individuals may be selected for enhanced screening even though they are
not a match to the watch list. The addition of this random element
would provide Secure Flight with another layer of security, because it
would introduce unpredictability into the process.
TSA expects to complete the watch list matching process for, and
permit covered aircraft operators to issue boarding passes to, the vast
majority of passengers through this fully-automated initial comparison.
If the automated comparison indicates a reasonably similar or exact
match to a person on the No Fly component of the watch list, TSA will
inform the covered aircraft operator that the individual must be placed
on inhibited status and consequently, the aircraft operator may not
issue a boarding pass or other authorization to enter the sterile area
for that individual unless further resolution procedures indicate that
the individual may be issued a boarding pass or authorization to enter
a sterile area. If the SFPD for that individual contains sufficient
data, a TSA analyst will then conduct a preliminary analysis of the
individual identified as a potential match. The TSA analyst will review
all available information to determine if the passenger appears to be
the individual on the No Fly component of the watch list. If necessary,
the TSA analyst will check other classified and unclassified
governmental terrorist, law enforcement, and intelligence databases,
including databases maintained by the Department of Homeland Security,
Department of Defense, National Counter Terrorism Center, and Federal
Bureau of Investigation (FBI), in order to resolve the possible match
between the individual and a person on the No Fly component of the
watch list.
This careful review process is intended to significantly reduce the
number of false positive matches identified by the automated watch list
check. If the TSA analyst determines that the individual is not a match
to the No Fly component of the watch list, TSA will inform the covered
aircraft operator that the individual no longer has inhibited status,
and the aircraft operator may issue a boarding pass or authorization to
enter a sterile area to that individual. If the TSA analyst identifies
a possible match between a passenger and an individual identified on
the No Fly component of the watch list, TSA will send the passenger
information to TSC and request confirmation of the match.
TSA may be unable to complete the watch list matching process for
an individual, if, for instance, the individual fails to provide his or
her full name, gender, and date of birth when making the flight
reservation, or if the individual's full name, gender, and date of
birth and other information in the SFPD are insufficient to distinguish
him or her from an individual who appears on the No Fly component of
the watch list. The proposed rule provides that if TSA or TSC cannot
determine from the information provided by the covered aircraft
operator whether an individual is a match to the No Fly component of
the watch list prior to the individual's arrival at the airport or
online check-in, it will be necessary for the individual to provide
additional information at the airport. These individuals may be asked
to present to the covered aircraft operator a verifying identity
document, which must be an unexpired form of identification that is
issued by a Government (Federal, State, local, or tribal), and contains
the individual's full name, photo, and date of birth or an unexpired
passport issued by a foreign government. This requirement would not
replace current requirements that covered aircraft operators request
all passengers and non-traveling individuals to provide identification,
such as at check-in or at the screening checkpoint.
Once the individual provides a verifying identity document to the
covered aircraft operator, the proposed rule would require the aircraft
operator to update the passenger's SFPD with the additional information
from the individual's verifying identity document and transmit it to
TSA. There may be occasions where the aircraft operator will need to
call TSA. In such cases, the aircraft operator may be asked to provide
additional identifying information, such as a physical description,
referred to as ``Passenger Resolution Information,'' that TSA may need
to complete the watch list matching process. TSA will complete the
watch list matching process, in coordination with the TSC, and provide
the aircraft operator with watch list matching results for that
individual.
Where warranted, any Federal agency or other public, private, or
appropriate foreign government entity may be notified to initiate an
operational response.\19\ The agency or entity will be provided with
sufficient information about the passenger and his or her itinerary to
facilitate coordination of the operational response. The Federal
Security Director, Federal Air Marshals, or other law enforcement
personnel responsible for airport security may also be notified to
facilitate a timely law enforcement response to the individual
identified in the watch list. Further inquiry by law enforcement may,
for example, help resolve a situation of mistaken identity or confirm
the determination made in the screening process that an individual
should be denied boarding or entry to a sterile area.
---------------------------------------------------------------------------

\19\ For the types of public and private entities that TSA may
notify, see ``Routine Uses of Records Maintained in the System,
Including Categories of Users and Purposes of Such Uses'' in the
Federal Register notice entitled ``Privacy Act of 1974: System of
Records; Secure Flight Records.'' [Add FR citation]
---------------------------------------------------------------------------

G. Operational Testing of Secure Flight

As part of the implementation of the Secure Flight program, TSA
would conduct operational testing of TSA's capabilities to interact
with and perform watch list matching for each covered aircraft operator
before assuming the watch list matching function from each aircraft
operator. During the operational testing for each covered aircraft
operator, the covered aircraft operator would establish data
transmission connections to TSA through an established DHS portal, and
TSA would test its ability to receive passenger and non-traveler
information, conduct watch list matching and transmit watch list
matching results back to the aircraft operator in real-time.
Operational testing will allow TSA to refine program operations and
ensure that TSA will be able to effectively conduct watch list matching
for passengers and non-traveling individuals of each covered aircraft
operator before TSA assumes the watch list matching function.
Covered U.S. aircraft operators would continue to match passengers
against the watch lists for domestic flights under current procedures
during their operational test phase and would maintain responsibility
for denying issuance of boarding passes or identifying individuals for
enhanced screening as a result of their own watch list matching
determinations. If, during operational testing, TSA identifies a

[[Page 48367]]

match to the No Fly and Selectee Lists that a covered aircraft operator
has not identified, TSA may identify such passengers to the TSC and the
covered aircraft operator for appropriate action, as permitted under
section 514(d) of the 2007 DHS Appropriations Act. Once TSA assumes the
watch list matching function from a covered aircraft operator, the
aircraft operator would discontinue conducting watch list comparisons
for passengers and non-traveling individuals.
For international flights, covered U.S. aircraft operators would be
required to follow CBP boarding pass printing instructions in
accordance with the APIS Pre-Departure Final Rule until TSA informs the
covered U.S. aircraft operator that it will assume the watch list
matching function. Foreign air carriers would also be required to
follow CBP boarding pass printing instructions in accordance with the
APIS Pre-Departure Final Rule during operational testing and until TSA
informs the covered foreign air carrier that TSA will assume the watch
list matching function.
The proposed rule also states that TSA would provide prior written
notification to each covered aircraft operator of the date on which it
would assume the watch list matching function from that covered
aircraft operator. Because operational testing would begin with covered
aircraft operators in phases, TSA would likely transition to
implementation in phases as well and may continue operational testing
with some covered aircraft operators while beginning implementation
with others.

H. Proposed Compliance Schedule

TSA believes that most of the new provisions concerning covered
aircraft operators' collection and transmission of SFPD in this
proposed rule are achievable within 60 days after the effective date of
the final rule. However, TSA intends to implement some provisions on a
rolling basis. TSA requests comment on the proposed compliance schedule
below:
(1) The final rule would become effective 60 days after the date of
publication in the Federal Register.
(2) In accordance with proposed Sec. 1560.109, TSA would require
covered aircraft operators to submit their AOIP no later than 30 days
after the effective date.
(3) In accordance with proposed Sec. Sec. 1560.101(a) and
1560.103, TSA would require covered aircraft operators to begin
requesting the information from passengers and non-traveling
individuals and begin providing the privacy notice no later than 60
days after the effective date. TSA would not require covered aircraft
operators to request information from passengers who made reservations
on covered flights prior to that date.
(4) In accordance with proposed Sec. 1560.101(a), TSA would
require covered aircraft operators to begin requesting known traveler
numbers from passengers and non-traveling individuals 30 days after
receiving written notice from TSA.
(5) TSA anticipates that it would require covered aircraft
operators to have the capability to transmit SFPD for covered flights
to TSA no later than 60 days after the effective date.
(6) TSA proposes that covered aircraft operators be required to
begin transmitting SFPD to TSA in accordance with a schedule approved
by TSA, as provided in each covered aircraft operator's AOIP. TSA
expects the first phase of implementation to cover domestic flights
operated by covered U.S. aircraft operators. A second phase of
implementation would extend to international flights operated by
covered U.S. aircraft operators as well as flights arriving in or
departing from the United States and flights overflying the continental
United States operated by covered foreign air carriers.
(7) Once TSA assumes the function of watch list matching from a
covered aircraft operator, in accordance with proposed Sec. 1560.105,
TSA would require that aircraft operator request identification,
identify individuals for enhanced screening, or deny individuals
boarding or access to a sterile area, in accordance with TSA
instructions. TSA proposes to inform each covered aircraft operator in
writing at least 60 days before the date on which TSA will assume the
watch list matching function.
(8) Aircraft operators that begin covered operations after the
effective date of this rule will be covered by this rule.

I. Additional Issues Under Consideration and Open to Public Comment

1. Data Elements
TSA requests comments on the proposed data elements TSA would
require covered aircraft operators to request from passengers and
transmit to TSA under this NPRM, as discussed in section I.D. of this
preamble. During operational testing and implementation, TSA will
continue to evaluate the value of the data elements required.
As part of the evaluation of data elements, TSA will consider, and
seeks comment on, whether to mandate collection of not just the full
name, but also date of birth and gender. As currently proposed, it is
optional for individuals to provide their date of birth and gender in
order to provide individuals with the greatest ability to exercise
control over the data elements provided. For the vast majority of
individuals, a decision to forgo providing these data elements should
have no effect and will result in aircraft operators, reservations
agents, and TSA holding less information. For what is expected to be a
relatively small number of individuals, however, a decision not to
provide date of birth and gender will result in an inability to
automatically distinguish them from someone on the watch list. These
individuals may be inconvenienced by secondary screening that they
otherwise might not have undergone or, if they are possible matches to
the No-Fly List, they may be required to provide more information than
they would have provided had they simply initially provided date of
birth and gender. Mandating collection of all three data elements will
reduce possible matches down to the smallest number of individuals.
2. Identification Requirements
In order to increase the security benefit of the Secure Flight
program, TSA is also considering strengthening the identification
requirements at the security screening checkpoint. For example, TSA may
consider requiring individuals to present a form of identification to
be able to proceed through the checkpoint and enter a sterile area.
Strengthening the requirement that an individual provide evidence at
the security screening checkpoint that he or she is the person to whom
the boarding pass or other authorization was issued would provide
additional assurance that the individual has not used an assumed
identity when making a reservation in order to defeat the watch list
matching process.

J. Department of Homeland Security Appropriations Act

On October 18, 2004, the President signed into law the Department
of Homeland Security Appropriations Act, 2005 (2005 DHS Appropriations
Act) (Pub. L. 108-334, 118 Stat. 1298, Oct. 18, 2004). Section 522(a)
of the 2005 DHS Appropriations Act purports to prohibit TSA from
implementing the Secure Flight program, by prohibiting the use of
appropriated funds for Secure Flight on other than a test basis, until
the Government Accountability Office (GAO) submits a report to the
Senate and House Appropriations Committees

[[Page 48368]]

addressing ten operational and policy items.
Further, on October 4, 2006, the President signed into law the 2007
DHS Appropriations Act, which purports to prohibit TSA from
implementing the Secure Flight program, by prohibiting the use of
appropriated funds for Secure Flight on other than a test basis, until
the Secretary of Homeland Security certifies, and the GAO reports, that
the ten items listed in the 2005 DHS Appropriations Act are
successfully met. Department of Homeland Security Appropriations Act of
2007, Pub. L. 109-295, Sec. 514 (Oct. 4, 2006).
TSA is taking appropriate action to address the ten items listed in
the 2005 DHS Appropriations Act provisions. On February 23, 2007, TSA
submitted a report to Congress outlining TSA's plan for certification
under the 2007 DHS Appropriations Act.
Certification of some of the 2005 DHS Appropriations Act provisions
cannot be completed until operational testing is conducted with at
least one covered aircraft operator. As discussed above, TSA would
conduct operational testing with aircraft operators before fully
implementing the Secure Flight program for covered aircraft operators
under this proposed rule. Additionally, although not required, covered
aircraft operators may voluntarily choose to begin testing with TSA
prior to publication of a final rule.
After operational testing with at least one aircraft operator and
the correction of any problems uncovered during the testing, DHS will
be able to certify that the ten items listed in the 2005 DHS
Appropriations Act have been successfully met. Once DHS makes the
required certification, the Department plans to provide an opportunity
for GAO to submit its report. TSA would publish a notice in the Federal
Register announcing that it is ready to assume the watch list matching
function from the first covered aircraft operator.

II. Section-by-Section Analysis

Part 1540--Civil Aviation Security: General Rules

Section 1540.107--Submission to Screening and Inspection

Under current Sec. 1540.107, individuals must submit to screening
and inspection of their persons and their accessible property in order
to enter a sterile area or board an aircraft. The proposed rule would
add an additional requirement concerning the verifying identity
document. The current regulatory text in Sec. 1540.107 would become
proposed Sec. 1540.107(a).
The proposed rule would add Sec. 1540.107(b), which provides that
an individual must provide his or her full name when making a
reservation for a covered flight or a request for authorization to
enter a sterile area.
When TSA has not provided watch list matching results or has placed
an individual on inhibited status, covered aircraft operators would not
be permitted to issue a boarding pass to the individual and would be
required to request a verifying identity document, as described in
Sec. 1560.3, from the individual, as explained further in the
discussion of Sec. 1560.9 below. Therefore, the proposed rule would
add Sec. 1540.107(c) to prohibit any individual from boarding an
aircraft or accessing a sterile area who fails to present a verifying
identity document when a covered aircraft operator requests it under
proposed Sec. 1560.9. TSA may permit certain individuals who do not
present a verifying identity document, as described in Sec.
1560.9(c)(1), to board a flight or enter a sterile area, on a case-by-
case basis after determining that the individuals have valid reasons
for not presenting a verifying identity document.

Part 1544--Aircraft Operator Security: Air Carriers and Commercial
Operators

Section 1544.103--Form, Content, and Availability

Section 1544.103(c) lists the contents of aircraft operators'
security programs. The proposed rule adds Sec. 1544.103(c)(22) to make
the AOIP a part of the security programs. Further discussion of the
inclusion of the AOIP in the security program is included in the
Section-by-Section Analysis portion for Sec. 1560.13--Aircraft
Operator Implementation Plan.

Subpart A--General

Part 1560--Secure Flight Program

The proposed rule adds a new part 1560 to title 49, setting forth
the obligations of covered aircraft operators and covered airport
operators under the Secure Flight program.

Section 1560.1--Scope, Purpose, and Implementation

Section 1560.1 of the proposed rule states the scope, purpose, and
implementation of new part 1560. Under Sec. 1560.1(a), new part 1560
would apply to aircraft operators required to adopt a full program
under 49 CFR 1544.101(a) and foreign air carriers required to adopt a
security program under 49 CFR 1546.101(a) or (b). This proposed rule
would also cover airport operators rule in the event that TSA approves
a program through which an airport operator may similarly authorize
non-traveling individuals to enter a sterile area.
Proposed Sec. 1560.1(b) also sets forth the purpose of new part
1560, which is intended for the dual mission of facilitating legitimate
air travel by the general public, as well as the effective detection of
individuals identified on Federal Government watch lists. As part of
TSA's layered approach to aviation security, the Secure Flight program
seeks to enhance the security of domestic and international air travel
by moving the passenger watch list matching function from individual
aircraft operators to the Government. To support this mission, TSA
requires enhanced watch list matching capabilities and processes to
accurately and consistently identify individuals on Government watch
lists who may pose a threat to aviation or national security.
Finally, proposed Sec. 1560.1(c) describes an implementation
approach where Secure Flight program capabilities are phased in over a
period of time. Each covered aircraft operator would be required to
begin requesting passenger and non-traveler information and have the
capability to transmit the required information to TSA by a TSA-
specified date. As discussed in section I(G) of this preamble, TSA
anticipates that the date would be 60 days after the effective date of
the final rule. The date and manner in which individual covered
aircraft operators would begin transmitting passenger information to
TSA for watch list matching would be set forth in the covered aircraft
operator's AOIP, as described in further detail in the analysis of
Sec. 1560.109. TSA would not publicly release the specific
implementation dates for each covered aircraft operator, because such
information is sensitive security information (SSI) under 49 CFR part
1520.
TSA anticipates that the first phase of Secure Flight under this
proposed rule would result in the transfer of responsibility for
domestic passenger watch list matching from covered U.S. aircraft
operators to TSA. The second phase of Secure Flight under this proposed
rule would result in the transfer of responsibility for all other
passenger watch list matching conducted by covered U.S. aircraft
operators as well as passenger watch list matching for flights arriving
in or departing from the United States and flights overflying the
continental United States operated by covered foreign air carriers to
TSA.

[[Page 48369]]

Below is a table that sets forth the proposed implementation
requirements of this NPRM:

----------------------------------------------------------------------------------------------------------------
Optional implementation Notification sent to
available\20\ covered operator Implementation required
----------------------------------------------------------------------------------------------------------------
Submission of an AOIP................ The date of publication This notice of proposed 30 days after the
of the final rule. rulemaking. effective date of this
rule.
Covered aircraft operators begin None................... This notice of proposed 60 days after the
requesting required information from rulemaking. effective date of this
passengers for domestic flights. rule.
Covered aircraft operators begin None................... Provided in the covered The date specified in
transmitting SFPD to TSA for aircraft operator's the covered aircraft
domestic flights. AOIP. operator's AOIP.
TSA will assume watch list matching None................... Written notification 60 60 days after
function from covered aircraft days prior to the date notification from TSA.
operators. of required
implementation.
Covered aircraft operators must begin None................... Written notification 30 30 days after
requesting known traveler number days prior to the date notification from TSA.
from passengers. of required
implementation.
Covered aircraft operators begin None................... This notice of proposed 60 days after the
requesting required information from rulemaking. effective date of this
passengers for international flights. rule.
Covered aircraft operators begin None................... Provided in the covered The date specified in
transmitting SFPD to TSA for aircraft operator's the covered aircraft
international flights. AOIP. operator's AOIP.
----------------------------------------------------------------------------------------------------------------

Section 1560.3--Terms Used in This Part

Aircraft Operator Implementation Plan (AOIP). Under proposed Sec.
1560.3, ``Aircraft Operator Implementation Plan'' or ``AOIP'' means a
written procedure describing how and when a covered aircraft operator
or airport operator transmits passenger and flight information and non-
traveler information to TSA, as well as other related matters discussed
in Sec. 1560.109 or the Consolidated User Guide.
---------------------------------------------------------------------------

\20\ Aircraft operators that voluntarily choose to participate
in testing with TSA before required to do so under the final rule
may begin to implement some or all of the requirements of this
proposed rule.
---------------------------------------------------------------------------

Airport Code. This proposed rule defines ``airport code'' as the
official code for an airport designated by the International Air
Transport Association (IATA).
Consolidated User Guide. The proposed rule defines ``Consolidated
User Guide'' as the document developed by DHS to provide guidance to
aircraft operators that must transmit passenger information to one or
more components of DHS on operational processing and transmission of
passenger information to all required components in a unified manner.
Covered Aircraft Operator. Section 1560.3 of this proposed rule
defines ``covered aircraft operator'' as each aircraft operator
required to carry out a full program under 49 CFR 1544.101(a) or a
security program under 49 CFR 1546.101(a) or (b).
Covered Airport Operator. For purposes of proposed part 1560,
``covered airport operator'' means each airport operator that seeks to
authorize non-traveling individuals to enter a sterile area for a
purpose permitted by TSA. ``Airport operator'' is defined in Sec.
1540.5 as a person that operates an airport serving an aircraft
operator or a foreign air carrier required to have a security program
under 49 CFR parts 1544 or 1546. Because non-traveling individuals who
enter a sterile area must be subject to watch list matching, airport
operators that seek to authorize their entry to a sterile area are
covered by this proposed rule.
Covered Flight. This proposed rule defines the term ``covered
flight'' to describe those flights for which TSA would conduct
passenger watch list matching. This proposed rule would cover any
operation of a U.S. aircraft operator that is subject to or operated
under a full program under 49 CFR 1544.101(a). This includes flights
operated by such aircraft operators anywhere in the world. ``Covered
flight'' also means any operation of a foreign air carrier subject to
or operated under a security program under 49 CFR 1546.101(a) or (b)
arriving in or departing from the United States, or overflying the
continental United States. Covered flight does not include any flight
for which TSA has determined that the Federal Government (e.g., CBP) is
conducting passenger matching comparable to the matching conducted
pursuant to this part.
In the event TSA determines that a different Federal Government
agency is conducting comparable watch list matching to matching under
Secure Flight for a particular flight, TSA would inform the covered
aircraft operator that that flight does not constitute covered flights
under the proposed rule.
Date of Birth. For purposes of proposed part 1560, ``date of
birth'' means the day, month, and year of an individual's birth.
Department of Homeland Security Traveler Redress Inquiry Program or
DHS TRIP. For purposes of this proposed rule, DHS TRIP means the
voluntary program through which individuals may request redress if they
believe they have been unfairly or incorrectly (1) denied or delayed
boarding transportation due to DHS screening programs, (2) denied or
delayed entry into or departure from the United States at a port of
entry, or (3) identified for additional (secondary) screening at U.S.
transportation facilities, including airports and seaports.
Full Name. TSA needs an individual's complete name to perform
effective watch list matching. However, TSA recognizes that in many
non-English speaking cultures, family names may be given first, as
opposed to being used as a last name. In order to address the
differences in naming conventions, TSA is proposing to define ``full
name'' as an individual's full name as it appears on a verifying
identity document held by that individual.
Inhibited Status. Proposed Sec. 1560.3 defines ``inhibited
status'' as the status of a passenger or non-traveling individual to
whom TSA has instructed a covered aircraft operator or a covered
airport operator not to issue a boarding pass or provide access to the
sterile area.
Itinerary Information. This proposed rule defines ``itinerary
information'' as

[[Page 48370]]

information reflecting a passenger's or non-traveling individual's
itinerary specified in the covered aircraft operator's AOIP. For
passengers, itinerary information includes:
(1) Departure airport code.
(2) Aircraft operator.
(3) Departure date.
(4) Departure time.
(5) Arrival date.
(6) Scheduled arrival time.
(7) Arrival airport code.
(8) Flight number.
(9) Operating carrier (if available).
For non-traveling individuals, itinerary information is the airport
code for the sterile area to which the non-traveler seeks access.
Known Traveler Number. For purposes of proposed part 1560, ``known
traveler number'' means a unique number assigned to individuals for
whom the Federal Government has conducted a security threat assessment
and determined do not pose a security threat. TSA would require covered
aircraft operators to request a known traveler number from passengers
and non-traveling individuals after TSA implements this provision and
notifies covered aircraft operators in writing that they must begin to
request it.
Non-traveling Individual (non-traveler). For purposes of proposed
part 1560, ``non-traveling individual'' or ``non-traveler'' means an
individual to whom a covered aircraft operator or covered airport
operator seeks to issue an authorization to enter the sterile area of
an airport in order to escort a minor or a passenger with disabilities
or for some other purpose permitted by TSA. ``Non-traveling
individual'' does not include employees or agents of airport or
aircraft operators or other individuals whose access to a sterile area
is governed by another TSA regulation or security directive.
Overflying the Continental United States. This proposed rule
defines ``overflying the continental United States'' as departing from
an airport or location outside the United States, and transiting the
airspace of the continental United States en route to another airport
or location outside the United States. Airspace of the continental
United States includes the airspace over the continental United States
and the airspace overlying the territorial waters between the
continental United States coast and 12 nautical miles from the
continental United States coast. However, the proposed rule provides
that ``overflying the continental United States'' does not apply to
flights that transit the airspace of the continental United States
between two airports or locations in the same country, where that
country is Canada or Mexico. For example, a flight operated by Air
Canada between Toronto and Vancouver that transits the airspace over
Michigan and Illinois would not be ``overflying the continental United
States'' for purposes of this proposed rule. The Assistant Secretary of
Homeland Security (Transportation Security Administration) may exclude
other categories of flights from the definition of ``overflying the
continental United States'' in writing to the affected aircraft
operators. TSA is also considering, and requests comments on, whether
``overflying the continental United States'' should not apply to
flights overflying selected geographic areas of the continental United
States, based on a risk assessment.
In this proposed rule, flights ``overflying the continental United
States'' are a category of ``covered flights'' for which TSA would
conduct passenger watch list matching in order to protect the airspace
over the continental United States and prevent individuals on a watch
list from taking control of an aircraft with the hostile intent to harm
the United States. As discussed above, TSA has limited the proposed
information collection requirements for Secure Flight, including for
passengers ``overflying the continental United States,'' to the data
elements TSA believes are minimally necessary for effective watch list
matching of aviation passengers. The limited Secure Flight Passenger
Data collected for passengers on flights ``overflying the continental
United States'' will be used for the limited purpose of watch list
matching and will be retained for a short period of time. We welcome
comments on the timeframe for retention of information collected for
passengers on such flights.
Under the proposed rule, individuals on the No Fly component of the
watch list would be prohibited from boarding flights that would be
entering the airspace of the continental United States and individuals
on the Selectee component of the watch list would undergo enhanced
screening prior to boarding such a flight. An aircraft carrying an
individual or individuals on the watch list may be kept out of the
airspace of the continental United States or rerouted away from
populated areas and critical infrastructure within the continental
United States. In addition, if an aircraft carrying an individual on
the watch list were permitted to continue through the airspace of the
United States, the aircraft may be escorted by military aircraft to
protect against an effort to harm the United States.
Passenger. This proposed rule defines ``passenger'' as an
individual who has, or seeks to obtain, a reservation for transport on
a covered flight. Proposed Sec. 1560.3 expressly excludes from the
definition of ``passenger'' any crew member traveling on duty. The
definition also excludes any individual with flight deck privileges
under 49 CFR 1544.237 traveling on the flight deck. The definition does
not exclude an employee who is not on duty, such as an employee on
deadhead status, and who is traveling in the cabin.
Passenger Resolution Information (PRI). For purposes of proposed
part 1560, ``Passenger Resolution Information'' or ``PRI'' is the
information that TSA may request that a covered aircraft operator or
covered airport operator provide to TSA for an individual whom TSA
places in an inhibited status and from whom the covered aircraft
operator or covered airport operator is required to request additional
information. TSA may request that a covered aircraft operator or
covered airport operator provide to TSA any subset of PRI that is
necessary to resolve a potential match to a watch list. PRI includes,
but is not limited to, the following:
(1) Covered aircraft operator's agent identification number or
agent sine, which is a term used in the aviation industry to mean an
agent's personal identification code;
(2) Type of verifying identity document presented by the passenger;
(3) Identification number on the verifying identity document;
(4) Verifying identity document issue date;
(5) Name of the Governmental authority that issued the verifying
identity document; and
(6) Physical attributes of the passenger such as height, eye color,
or scars, if requested by TSA.
Passport Information. Proposed Sec. 1560.3 defines ``Passport
information'' to include the following information from an individual's
passport:
(1) Passport number.
(2) Country of issuance.
(3) Expiration date.
(4) Gender.
(5) Full name.
Redress Number. For purposes of proposed part 1560, ``Redress
Number'' means the number assigned by DHS TRIP to an individual through
the redress process described in proposed 49 CFR part 1560, subpart C.
Secure Flight Passenger Data (SFPD). For purposes of this proposed
rule, ``Secure Flight Passenger Data'' or ``SFPD'' is the information
regarding a passenger or non-traveling individual

[[Page 48371]]

that a covered aircraft operator or covered airport operator transmits
to TSA, to the extent available, pursuant to Sec. 1560.101. SFPD is
the following information regarding a passenger or non-traveling
individual:
(1) Full name.
(2) Date of birth.
(3) Gender.
(4) Redress number or known traveler number (once implemented).
(5) Passport information.
(6) Reservation control number.
(7) Record sequence number.
(8) Record type.
(9) Passenger update indicator.
(10) Traveler reference number.
(11) Itinerary information.
Self-service Kiosk. A ``self-service kiosk'' is a kiosk operated by
a covered aircraft operator that is capable of accepting a passenger
reservation or a request for authorization to enter a sterile area from
a non-traveling individual.
Sterile Area. A ``sterile area'' is the portion of an airport
defined in 49 CFR 1540.5 and generally means an area with access
limited to persons who have undergone security screening by TSA.
Terrorist Screening Center (TSC). This proposed rule defines TSC as
the entity established by the Attorney General to carry out Homeland
Security Presidential Directive 6 (HSPD-6), dated September 16, 2003,
to consolidate the Federal Government's approach to terrorism screening
and provide for the appropriate and lawful use of terrorist information
in screening processes.
Verifying Identity Document. Proposed Sec. 1560.3 defines
``verifying identity document'' as a valid non-expired passport issued
by a foreign government or a valid non-expired document issued by a
Government (Federal, State, or tribal) and that includes the following
information for the individual:
1. Full name.
2. Date of birth.
3. Photograph of the individual.
Watch list. For purposes of proposed part 1560, ``watch list''
refers to the No Fly and Selectee List components of the TSDB
maintained by the TSC. For certain flights, the ``watch list'' may
include the larger set of watch lists maintained by the Federal
Government as warranted by security considerations.

Subpart B--Collection and Transmission of Secure Flight Passenger Data
for Watch List Matching

Section 1560.101--Request for and Transmission of Information to TSA

Proposed Sec. 1560.101 sets forth the requirement that covered
aircraft operators request passenger information and non-traveler
information and transmit such information to TSA.
Under proposed Sec. 1560.101(a), covered aircraft operators must
begin requesting all required information and have the capability to
transmit required information on a date to be specified by TSA. TSA
anticipates requiring covered U.S. aircraft operators to begin
requesting all required information no later than 60 days after the
effective date of the final rule. TSA would require aircraft operators
that become covered aircraft operators after the effective date to
begin requesting passenger and non-traveler information the date it
becomes a covered operator. Covered aircraft operators would then begin
transmitting required information to TSA in accordance with their AOIP.
TSA plans to phase covered aircraft operators into Secure Flight over
an extended period of time, with the first covered aircraft operators
projected to transmit their SFPD to TSA no later than 60 days after the
effective date.
The proposed definition of SFPD lists the information that covered
aircraft operators would be required to transmit, to the extent
available, under proposed Sec. 1560.101(b). From that list, covered
aircraft operators would be required to ask individuals for their full
name, date of birth, gender, and Redress Number or known traveler
number when they make a reservation with the covered aircraft operator
or seek access to an airport sterile area. Proposed Sec.
1560.101(a)(3) states that covered aircraft operators may not accept a
reservation, or accept a request for access to a sterile area, for any
individual who does not provide a full name. Although aircraft
operators would be required to request this information for watch list
matching purposes, passengers and non-traveling individuals would not
be required to provide their date of birth, gender, or Redress Number
(if applicable) to make a reservation or a request for authorization to
enter a sterile area. Although individuals would not be required to
provide their date of birth, gender, or Redress Number, were they to
provide it they would be subject to Sec. 1540.103(b) regarding making
a fraudulent or intentionally false record entry.
Secure Flight Passenger Data with missing information may result in
TSA being unable to distinguish the individual from a person on the
watch list. Consequently, TSA may instruct the covered aircraft
operator to place the individual on inhibited status or to designate
the individual for enhanced screening. A covered aircraft operator
would not be able to issue a boarding pass or authorization to enter a
sterile area to an individual on inhibited status unless the resolution
process resulted in TSA giving an instruction permitting the covered
aircraft operator to issue a boarding pass or authorization.
Although TSA would not require covered aircraft operators to ask
for passport information from individuals, TSA would require covered
aircraft operators to transmit that information if they collect
passport information in the normal course of business or in accordance
with another regulatory requirement, such as APIS. TSA would use
passport information, as well as full name, date of birth, gender, and
Redress Number for watch list matching purposes.
TSA would use the other information in the Secure Flight Passenger
Data--the reservation control number, the record sequence number, the
record type, the passenger update indicator, the traveler reference
number, and the itinerary information--to manage the SFPD. TSA would
use the reservation control number and the record sequence number to
identify SFPD for a particular individual and to establish the version
level of watch list matching requests or changes to the SFPD. The
record type would indicate the type of record the covered aircraft
operator is transmitting and the passenger update indicator would flag
an individual's SFPD if that individual's information has changed. The
traveler reference number would be assigned to each passenger in a SFPD
transmission to TSA. This would allow the system to correctly associate
watch list matching results to each passenger in a SFPD transmission,
which is particularly important in cases where a SFPD transmission
contains more than one passenger.
Proposed Sec. 1560.101(a)(2) also provides TSA may require covered
aircraft operators to begin accepting other known traveler numbers from
Federal programs approved for use by TSA from passengers and non-
travelers. TSA would inform covered aircraft operators in writing of
the date on which they must begin to request an approved category of
known traveler numbers. TSA expects that the covered aircraft operator
would request this information from the individual making a reservation
on a covered flight or requesting access to a sterile area. The covered
aircraft operator must include the information provided by the
passenger in response to this request in the SFPD. When TSA begins
accepting known traveler numbers, TSA will only require the covered
aircraft operator to include one reference number in the SFPD. That
reference number could be

[[Page 48372]]

a redress number or a known traveler number.
To ensure that covered aircraft operators request and collect the
required information at the time an individual makes a reservation,
proposed Sec. 1560.101(a)(4) makes covered aircraft operators
responsible for ensuring that third parties (i.e., travel agencies)
that generate a reservation on the covered aircraft operator's behalf
take the steps necessary to comply with the requirements of proposed
Sec. 1560.101.
Proposed Sec. 1560.101(b) requires covered aircraft operators to
transmit SFPD to TSA prior to flight departure time, in accordance with
each aircraft operator's AOIP. TSA anticipates requiring that covered
aircraft operators transmit SFPD to TSA approximately 72 hours prior to
scheduled flight departure time for reservations made 72 hours or more
before the scheduled departure time of the flight, because the vast
majority of reservations are completed by 72 hours prior to flight
departure time and remain unchanged after that time. For reservations
made within 72 hours of scheduled flight departure time, TSA
anticipates requiring covered aircraft operators to transmit the SFPD
immediately after the reservation is made.
TSA would require covered aircraft operators to transmit SFPD for
each flight even if the flight is a connecting flight or the return
flight of a roundtrip reservation for the passenger. TSA would not
require covered aircraft operators to transmit separate SFPD for
continuing segments of a through flight. After TSA receives the SFPD
transmission under proposed Sec. 1560.101, it will compare the SFPD
provided by the covered aircraft operators to the watch list.
Covered aircraft operators would have the option to transmit SFPD
to TSA individually or in batch transmissions. Covered aircraft
operators would also have to establish connectivity to TSA, most likely
through one of the following methods: (1) By establishing a direct
connection to TSA; (2) through a secure virtual private network using
the Internet or a service provider's private network; or (3) through a
third-party value added network. Regardless of which connectivity
method covered aircraft operators would use to communicate with TSA,
the covered aircraft operators would be responsible for all costs
associated with transmitting data from the covered aircraft operator to
TSA and vice versa. TSA anticipates that covered aircraft operators
would select the most efficient method for the anticipated volume of
messaging between their system and Secure Flight.
TSA is aware that other Federal agencies, such as CBP, are
conducting, or will conduct, watch list matching for airline
passengers. TSA is working with these other agencies to develop ways to
eliminate unnecessary duplication of comparable screening efforts and
thereby reduce governmental and private sector costs.
Covered aircraft operators would be required to accurately transmit
passenger and non-traveler SFPD. However, covered aircraft operators
would not be required to validate the underlying accuracy of the
collected passenger information on covered domestic flights \21\ or
non-traveler information. Furthermore proposed Sec. 1560.101(d) would
require covered aircraft operators to transmit information updates to
reflect changes to any information required in the SFPD.
---------------------------------------------------------------------------

\21\ Covered aircraft operators would validate passenger
information on covered international flights because CBP regulations
at 19 CFR Part 122 require covered aircraft operators to validate
passengers' APIS information (which includes the passport or other
appropriate travel document).
---------------------------------------------------------------------------

Section 1560.103--Notice

TSA is committed to providing transparency about the Secure Flight
program. In order to inform passengers and non-traveling individuals
about the use of their personally identifying information, TSA will
publish on its Web site a privacy notice that explains why TSA is
collecting this information, how it will use the information, and the
effect of not providing this information. Additionally, this proposed
rule would require covered aircraft operators that collect information
for TSA to use in connection with Secure Flight watch list matching to
provide the privacy notice to individuals from whom information is
collected through a Web site or a self-service kiosk.
Proposed Sec. 1560.103(a) would require a covered aircraft
operator to make the privacy notice available before the covered
aircraft operator collects the information. Covered aircraft operators
must make available, on their Web sites, through the aircraft
operator's self-service kiosk, or through a link to TSA's Web site, the
following complete privacy notice, as set forth in proposed Sec.
1560.103(b):
The Transportation Security Administration requires us to collect
information from you for purposes of watch list matching, under the
authority of 49 U.S.C. sec. 114, and the Intelligence Reform and
Terrorism Prevention Act of 2004. Providing this information is
voluntary; however, if it is not provided, you may be subject to
additional screening or denied transport or authorization to enter a
sterile area. TSA may share information you provide with law
enforcement or intelligence agencies or others under its published
system of records notice. For more on TSA Privacy policies or to view
the system of records notice and the privacy impact assessment, please
see TSA's Web site at www.tsa.gov.
This requirement would also apply to information collected on third
party internet reservation Web sites for reservations on covered
flights. Covered aircraft operators would be responsible for ensuring
that these Web sites make available the complete privacy notice or
provide a link to TSA's Web site.
Covered aircraft operators must use the above language to provide
the complete privacy notice, unless TSA approves alternative language.
For instance, if a governmental entity or entities develop a common
privacy notice for use for international flights, that common privacy
notice may be approved for use in lieu of the privacy notice above.
Individuals who wish further information with respect to TSA's privacy
policies are referred to TSA's Web site.
In the event a covered aircraft operator creates an alternative
electronic means to request information in order to comply with Sec.
1560.101(a) from individuals directly, proposed Sec. 1560.103(a) would
require the covered aircraft operator to make the privacy notice
available through that new mechanism, unless TSA provided an exemption.
This provision is intended to ensure that the privacy notice is
available to individuals in the event electronic means to collect
information directly from individuals, beyond Web sites and self-
service kiosks, emerge in the future through aviation industry
innovation.
DHS requests comments on this notice provision generally. In
particular, DHS requests comments on how a privacy notice could be
provided (if necessary and considering such issues as feasibility,
costs, and the effectiveness of the notice) during the collection of
information through means not identified in proposed sec. 1560.103.

Section 1560.105--Denial of Transport or Sterile Area Access and
Designation for Enhanced Screening

Proposed Sec. 1560.105 would apply to a covered aircraft operator
beginning on the date that TSA assumes the watch list matching function
from that aircraft operator. In order to determine whether

[[Page 48373]]

a passenger or non-traveling individual poses a threat to civil
aviation or national security under the proposed Secure Flight program,
TSA must conduct watch list matching of the individual. Therefore,
consistent with authorities granted under 49 U.S.C. 114(h)(3) and
44901(a) regarding the screening of passengers and property, TSA would
prohibit covered aircraft operators from issuing a boarding pass until
TSA has authorized release of the boarding pass upon conclusion of the
watch list matching process. TSA also is proposing to apply this
requirement to non-traveling individuals who seek authorization from a
covered aircraft operator to enter an airport sterile area, because
such individuals may attempt to board a flight as a passenger, pass
prohibited items to a passenger, or otherwise become a security threat
for that airport, acting alone or in concert with others in the sterile
area.
Once TSA receives passenger or non-traveler SFPD from covered
aircraft operators, TSA, in coordination with TSC where necessary, will
compare that information to information contained in the watch list.
TSA will then send the covered aircraft operator the results of the
watch list matching process. In most cases, TSA expects to be able to
complete the watch list matching process for a passenger based on the
SFPD transmitted to TSA in accordance with proposed Sec. 1560.101, and
then communicate the boarding pass printing instruction to the covered
aircraft operator prior to the time the passenger arrives at the
airport for the flight.
Proposed Sec. 1560.105(b) provides that a covered aircraft
operator would not be permitted to issue a boarding pass or other
authorization to enter a sterile area to a passenger or a non-traveling
individual and must not allow that individual to board an aircraft or
enter a sterile area until TSA informs the covered aircraft operator of
the results of watch list matching for that passenger or non-traveling
individual. If the covered aircraft operator transmitted updated SFPD
in accordance with proposed Sec. 1560.101(c), previous TSA
instructions would be voided. The covered aircraft operator would then
be required to wait for watch list matching results from TSA, in
response to the most recent SFPD submission for that passenger or non-
traveling individual, to ensure that the covered aircraft operator is
acting on the most accurate instruction from TSA.
Under proposed Sec. 1560.105(b), TSA would send one of three
instructions to covered aircraft operators after they transmit SFPD to
TSA. First, TSA may instruct a covered aircraft operator that a
passenger or non-traveling individual must be placed on inhibited
status. In that case, the covered aircraft operator must not issue a
boarding pass, or other authorization to enter a sterile area, to the
passenger or a non-traveling individual, and the covered aircraft
operator must not allow an inhibited individual to board a flight or
enter a sterile area.
Second, TSA may instruct the covered aircraft operator that the
passenger or non-traveling individual has been selected for enhanced
screening at a security checkpoint. In that situation, the covered
aircraft operator may issue the passenger a boarding pass or the non-
traveling individual authorization to enter the sterile area but must
identify the passenger or non-traveling individual for enhanced
screening, in accordance with procedures in the aircraft operator's
security program. Third, TSA may send a cleared instruction for a
passenger or non-traveling individual. In that case, the covered
aircraft operator is permitted to issue the passenger or non-traveling
individual a cleared boarding pass or authorization to enter the
sterile area, unless the covered aircraft operator is required to
identify the passenger or non-traveling individual for enhanced
screening under other TSA procedures.
As part of TSA's efforts to enhance boarding pass security and
prevent fraud, TSA would require covered aircraft operators to place
certain information on the boarding passes for passengers or
authorizations to enter a sterile area for non-traveling individuals.
As reflected in the proposed rule and explained in further detail
below, TSA is considering requiring the information to be in a code
format such as a bar code or optical character recognition format. The
purpose of placing a code on the boarding passes and the authorizations
to enter a sterile area is to prevent the use of unauthorized or
altered boarding passes or authorizations to enter a sterile area by
individuals who wish to fraudulently gain access to the sterile area or
to board an aircraft. The code would not include any personally
identifying information. TSA may also consider other forms of
technology to verify the authenticity of boarding passes and
authorizations to enter a sterile area. TSA seeks comments on the use
of bar codes, optical character recognition, or other form of
technology to ensure the integrity of the boarding passes and
authorizations to enter a sterile area.
Under the proposed rule, TSA's boarding pass instructions would
include coding instructions for placing codes on the boarding passes or
authorizations to enter a sterile area. The coding instructions would
include a unique TSA-generated character string for security. TSA would
not permit covered aircraft operators to issue a boarding pass or
authorization to enter a sterile area unless the covered aircraft
operator had placed the code on the boarding pass or authorization to
enter a sterile area, and TSA would require covered aircraft operators
to place the code on the boarding passes or authorizations to enter a
sterile area separately from codes used for any other purposes. TSA
authorized personnel with devices to read the codes would have the
ability to scan the codes and authenticate the document. The
Consolidated User Guide would provide technical information concerning
the transmission and receipt of coded data. TSA would require aircraft
operators to comply with the technical requirements in the Consolidated
User Guide for placing codes on boarding passes and authorizations.
TSA may consider developing a system whereby the devices used to
read the code may be able to communicate with the Secure Flight program
to verify some of the information in the SFPD and whether the
individual has been selected for enhanced screening. With this system,
the codes themselves still would not include any personally identifying
information and the personally identifying information could only be
accessed through a secure reading device. TSA seeks comment on the
technology, privacy, and compliance issues associated with implementing
a system that would place information on boarding passes and
authorizations to enter a sterile area to ensure that the watch list
matching results correspond to the information on boarding passes and
authorizations to enter a sterile area.
After TSA has returned to a covered aircraft operator a boarding
pass instruction that a passenger must be placed on inhibited status or
selected for enhanced screening, the covered aircraft operator cannot
change that boarding pass instruction unless TSA sends an updated
instruction based on additional information, such as an updated watch
list or updated SFPD or otherwise authorizes the covered aircraft
operator to change the boarding instruction. If TSA sends an updated
instruction to a covered aircraft operator for a passenger or non-
traveling individual, the covered aircraft operator must acknowledge
receipt of the updated instruction, comply with the updated
instruction, and ignore all

[[Page 48374]]

previous instruction for that passenger or non-traveling individual.
However, a covered aircraft operator can designate a more restrictive
boarding pass status in conjunction with other TSA or aircraft operator
procedures.
If TSA has not provided a covered aircraft operator with watch list
matching results for an individual by the time the individual attempts
to check-in, or has informed the aircraft operator that an individual
has been placed on inhibited status, the covered aircraft operator must
provide TSA with additional information on the individual. This may be
necessary if the available information for that individual is
insufficient to distinguish him or her from a person on the watch list.
Therefore, under proposed Sec. 1560.105(c) it would be necessary for
the covered aircraft operator to request a verifying identity document
from the individual to verify the SFPD already provided or obtain SFPD
that was not provided at the time of reservation or at the time of
check-in at the airport. Covered aircraft operators would then be
required to update the SFPD with information from the verifying
identity document and transmit the updated SFPD to TSA.
However, under proposed Sec. 1560.105(c)(4), this requirement
would not apply to minors under the age of 18 who do not have a
verifying identity document. For those minors, TSA may authorize the
minor, or an adult accompanying the minor, to state the minor's full
name and date of birth on a case-by-case basis.
In this regard, the NPRM also proposes to amend TSA's regulations
by adding a new requirement in 49 CFR 1540.107 that a passenger seeking
to obtain a boarding pass, or a non-traveling individual seeking access
to an airport sterile area, must present a verifying identity document,
as described in proposed Sec. 1560.105(c)(1), if a covered aircraft
operator requests one for watch list matching purposes, in accordance
with proposed Sec. 1560.105(c)(1). Under the proposed amendment to
Sec. 1540.107 and proposed Sec. 1560.105(d), if an individual fails
to comply with this request from a covered aircraft operator, he or she
would be denied a boarding pass (or authorization to enter a sterile
area), unless otherwise authorized by TSA. As discussed previously, TSA
may authorize exceptions to the above requirement for verifying
identity document on a case-by-case basis.
If TSA needs additional information to resolve a possible
misidentification, or to confirm that the passenger or non-traveling
individual is the individual on the watch list, TSA may request that
the aircraft operator communicate additional identifying information,
referred to as PRI. For example, TSA may request biographical
information such as height, hair color, eye color, or distinctive
scars. TSA may request the information necessary for TSA, in
coordination with the TSC, to resolve the possible misidentification or
confirm that the individual is the person on a watch list. TSA will not
require the covered aircraft operator to transmit such biographical
information in a SFPD transmission. TSA anticipates requesting such
biographical information over the telephone.
TSA plans to retain the information necessary to complete an
individual's watch list matching process, in accordance with a record
retention schedule, which it will submit for approval to NARA, in order
to expedite the watch list matching process for that individual during
future travel. The requirements of this proposed rule would not
supersede other requirements currently in effect that aircraft
operators verify the identities of individuals prior to their entry
into a sterile area.

Section 1560.107--Use of Watch List Matching Results by Covered
Aircraft Operators

Drawing upon the privacy principle of use limitation, TSA would
only share watch list matching results with covered aircraft operators
for purposes of compliance with their obligations to issue boarding
passes to those who are authorized to receive them, identify
individuals for enhanced screening, or deny individuals boarding or
sterile area access. Therefore, under proposed Sec. 1560.107, TSA
would limit covered aircraft operators' use of the watch list matching
results to the purposes provided in Sec. Sec. 1560.1 and 1560.105 of
the proposed rule. Under the proposed rule, covered aircraft operators
may not use the watch list matching results for any purpose other than
security purposes.

Section 1560.109--Aircraft Operator Implementation Plan

Section 1560.109 of this proposed rule details the procedures for
submission, approval, and modification of an AOIP. Under proposed Sec.
1560.109(a), each covered aircraft operator must submit a proposed AOIP
to TSA for approval. The proposed AOIP must set forth the specific
means by which the covered aircraft operator will transmit passenger
information and non-traveler information to TSA, the timing and
frequency of transmission, and any other related matters. The AOIP may
include, for example, the covered aircraft operator's plan for dealing
with a system outage.
Because DHS recognizes that covered aircraft operators would be
required to comply with multiple requirements from Federal agencies,
DHS is developing the means to consolidate the receipt and management
of passenger information within a single communications interface. The
consolidation of required data for both TSA and CBP into a single
submission is intended to ease the operational and technical burden on
the aircraft operator. DHS will provide guidance on these requirements
in a Consolidated User Guide. Consequently, covered aircraft operators
would need to prepare their proposed AOIP in accordance with DHS's
Consolidated User Guide. DHS will issue the Consolidated User Guide on,
or shortly after, the date of publication of the final rule and will
work with each covered aircraft operator, as necessary, to provide
technical assistance in developing its AOIP. DHS will issue a draft
Consolidated User Guide based on this proposed rule on, or shortly
after, the date of this NPRM. Because the Consolidated User Guide is
SSI, the release, handling, and protection of the Consolidated User
Guide would be subject to the regulations concerning the protection of
SSI in 49 CFR part 1520.
Proposed Sec. 1560.109(a)(1) would require aircraft operators that
are covered aircraft operators on the effective date of the final rule
to submit their AOIP for approval no later than 30 days after the
effective date. Under Sec. 1560.109(a)(2), aircraft operators that
become covered aircraft operators after the effective date must submit
their AOIP as part of their security program under 49 CFR 1544.105(a)
or 49 CFR 1546.105(a). TSA will review, approve, and modify these
covered aircraft operators' proposed AOIP as part of its review of
these covered aircraft operators' security programs.
For aircraft operators that are covered aircraft operators on the
effective date, TSA will review, modify, and approve their proposed
AOIP under proposed Sec. Sec. 1560.109(b) and (c). If TSA approves a
covered aircraft operator's proposed AOIP, the covered aircraft
operator must implement the plan according to the schedule approved by
TSA and set forth in the AOIP. If TSA disapproves and orders
modifications to a proposed AOIP, TSA will provide written notice to
the covered aircraft operator. Under proposed Sec. 1560.109(c)(1), the
covered aircraft operator has two options. The first option is to make
any changes to the AOIP that TSA requests in the notice and implement
the AOIP

[[Page 48375]]

according to the schedule approved by TSA and set forth in the AOIP.
The second option is to seek a reconsideration of TSA's initial
decision. In order to seek a reconsideration, a covered aircraft
operator must submit its petition for reconsideration to TSA within 30
days of receiving the notice. The petition should include all
supporting documentation. Under proposed Sec. 1560.109(c)(2), a
designated TSA official will review the petition and will either amend
or withdraw the notice or forward the petition to the Administrator for
a final decision. Within 30 days of receiving the petition, the
Administrator will dispose of the petition by amending or withdrawing
the notice or affirming the notice to modify. TSA may, at its
discretion, grant extensions to any schedule deadlines, on its own
initiative or upon the request of a covered aircraft operator.
Proposed Sec. 1560.109 would require that the AOIP become part of
the covered aircraft operator's security program (as described in 49
CFR part 1544, subpart B or 49 CFR part 1546, subpart B) once TSA
approves the AOIP. Because the AOIP would be part of the security
program, proposed Sec. 1560.109(e) states that amendments to the AOIP
will be reviewed and approved or disapproved in accordance with the
procedures in 49 CFR 1544.105 or 49 CFR 1546.105, which govern
amendments to security programs. Sections 1544.105 and 1546.105 provide
procedures by which aircraft operators may seek amendments to their
security programs and TSA may order amendments to security programs
including emergency amendments. These sections also describe how
aircraft operators may seek reconsideration of the initial decision on
the amendments.
Proposed Sec. 1560.109(f) requires that the AOIP be handled and
protected as SSI in accordance with 49 CFR part 1520. Because the AOIP
would be a part of the covered aircraft operator's security program,
the AOIP would be SSI under Sec. 1520.5(b)(1)(i).

Section 1560.111--Covered Airport Operators.

Section 1560.111 of this proposed rule applies to a covered airport
operator that has a program approved by TSA through which the airport
operator may authorize non-traveling individuals to enter a sterile
area. Under proposed Sec. 1560.111, no later than 30 days after
receiving written notice from TSA, or such longer period as TSA may
determine for good cause, a covered airport operator must adopt and
carry out an AOIP and follow the procedures required of covered
aircraft operators with respect to non-traveling individuals specified
in proposed Sec. 1560.109. A covered aircraft operator's AOIP would
become a part of the covered airport operator's security program under
49 CFR part 1542, subpart B. Each covered airport operator must comply
with the procedures required of covered aircraft operators in
Sec. Sec. 1560.101(a), (c) and (d), 1560.103, and 1560.107 of this
part, and any other applicable TSA requirements.

Subpart C--Passenger Redress

Section 1560.201--Applicability

Sections 4012(a)(1) and 4012(a)(2) of IRTPA require TSA to
establish appeal procedures for airline passengers who are delayed or
denied boarding as a result of the watch list matching process as
required by 49 U.S.C. 44903(j)(2)(C)(iii)(I), (j)(2)(G), and 49 U.S.C.
44909(c)(6)(B). Accordingly, the NPRM proposes subpart C, which
provides the redress procedures for individuals who believe they have
been improperly or unfairly delayed or prohibited from boarding an
aircraft or entering a sterile area as a result of the Secure Flight
program.

Section 1560.203--Representation by Counsel

Proposed Sec. 1560.203 provides that any person seeking redress
under subpart C may be represented by counsel at his or her own
expense.

Section 1560.205--Redress Process

DHS and TSA currently provide a redress process for individuals who
believe that they have been denied or delayed in boarding a flight.
Proposed Sec. 1560.205 explains the regulatory framework for the
redress process for Secure Flight. If an individual believes that he or
she has been improperly or unfairly delayed or prohibited from boarding
an aircraft or entering a sterile area as a result of the Secure Flight
program, the individual may initiate the redress process through the
existing DHS TRIP process. DHS TRIP is a web-based customer service
initiative developed as a voluntary program to provide a one-stop
mechanism for individuals to request redress. DHS TRIP provides
traveler redress intake and processing support while working with
relevant DHS components to review and respond to requests for redress.
Under proposed Sec. 1560.205, an individual seeking redress may
obtain the necessary forms and information to initiate the redress
process for Secure Flight on the DHS TRIP Web site at http://www.dhs.gov/trip or by contacting DHS TRIP by mail. The DHS TRIP Office
would assign the individual a unique identifier, recognized by the
Secure Flight Program as a Redress Number. Under Sec. 1560.101 of this
proposed rule, covered aircraft operators would be required to request
the Redress Number from passengers and non-traveling individuals at the
time of reservation or request for sterile area access, and transmit
the number to TSA in the SFPD, if available.
DHS TRIP will then share the redress request with TSA and any other
necessary agencies for resolution. TSA, in coordination with the TSC
and other appropriate Federal law enforcement or intelligence agencies,
if necessary, will review all the documentation provided by the
individual and provide the individual with a timely written response.
TSA will correct any erroneous information and will inform the
individual when the redress process has been completed. However, TSA
will neither confirm nor deny whether an individual is on the watch
list, because this information is derived from classified and sensitive
law enforcement and intelligence information. This protects the
operational counterterrorism and intelligence collection objectives of
the Federal Government, as well as the personal safety of those
involved in counterterrorism investigations. The watch list remains an
effective tool in the Government's counterterrorism and transportation
security efforts, because its contents are not disclosed.
If TSA determines that the delay or prohibition from boarding, or
access to a sterile area, resulted from a misidentification of the
individual, TSA will retain the information provided by the individual
to facilitate authentication of the individual's identity during future
air travel and to prevent repeated and unnecessary delays of
misidentified individuals, as required under 49 U.S.C.
44903(j)(2)(G)(ii).

Section 1560.207--Oversight of process

Finally, Sec. 1560.207 of the proposed rule provides that the
redress program and its implementation are subject to review by the TSA
and DHS Privacy Officers and the TSA and DHS Offices for Civil Rights
and Civil Liberties to ensure that the process is protecting the
privacy and civil liberties of passengers and non-traveling
individuals.

[[Page 48376]]

III. Regulatory Analyses

A. Paperwork Reduction Act

The Paperwork Reduction Act of 1995 (PRA) (44 U.S.C. 3501 et seq.)
requires that a Federal agency consider the impact of paperwork and
other information collection burdens imposed on the public and, under
the provisions of PRA section 3507(d), obtain approval from the Office
of Management and Budget (OMB) for each collection of information it
conducts, sponsors, or requires through regulations.
This proposed rule contains new information collection activities
subject to the PRA. Accordingly, TSA has submitted the following
information requirements to OMB for its review.
Title: Secure Flight Program.
Summary: TSA is proposing to establish this information collection
in accordance with 49 U.S.C. 44903(j)(2)(C), which requires TSA to
assume the passenger matching function of comparing passenger
information to Federal watch lists and to establish an appeal procedure
for those passengers delayed or denied boarding as a result of this
process. In order to carry out effective watch list matching, TSA has
determined that it must receive each individual's full name and, to the
extent available, gender, date of birth, Redress Number, and known
traveler number (when implemented) and passport information. Therefore,
TSA is proposing to require U.S. aircraft operators that conduct
certain scheduled and public charter flights, and foreign air carriers
that conduct certain scheduled and public charter flights within, to or
from the United States, and overflying the continental United States,
to request this information from passengers or non-travelers seeking
sterile area access on those flights. The covered aircraft operator
must then communicate this information, as well as passport
information, message management information, and itinerary information
to the extent available, to TSA. The covered aircraft operator must
also transmit relevant updates to the passenger's or non-traveler's
information. Additionally, TSA may need the covered aircraft operators
to obtain and communicate information from an individual's form of
identification or a physical description (e.g., gender, height, weight,
hair color, or eye color) of the individual. TSA would use all of this
information during watch list matching.
Prior to submitting any passenger information or non-traveler
information, covered aircraft operators must first submit to TSA an
AOIP describing how and when they will transmit passenger (or non-
traveler) information to TSA.
In addition to aircraft operators that authorize non-traveling
individuals to enter a sterile area, TSA may require airport operators
that authorize non-traveling individuals to enter a sterile area for a
purpose approved by TSA to provide TSA with information regarding non-
traveling individuals seeking authorization to enter a sterile area,
for purposes of watch list matching, under the proposed rule.
Use of: Under 49 U.S.C. 44903(j)(2)(C)(iv), TSA is authorized to
collect from aircraft operators the passenger information needed to
begin implementation of this matching function. TSA will use the
information to enhance the security of air travel and support the
Federal Government's counterterrorism efforts by enabling TSA to
conduct watch list matching through the Secure Flight program and to
identify individuals who warrant further scrutiny prior to entering an
airport sterile area or boarding an aircraft or who warrant denial of
boarding or access to an airport sterile area on security grounds. To
identify those individuals, TSA will compare individuals' identifying
data to information about individuals identified on the watch list.
Respondents (including number of): The Secure Flight Program would
require covered aircraft operators to submit passenger information to
DHS for the purpose of watch list matching. Prior to submitting any
passenger information to DHS, covered aircraft operators would first
submit to TSA an Aircraft Operator Implementation Plan (AOIP). The AOIP
would specify in detail the technology and processes an aircraft
operator would use to transmit passenger information to DHS and receive
and apply watch list responses. At the time of submission, 66 domestic
and 146 foreign aircraft operators would be required to respond to the
information collection. Consequently, TSA has determined this
information collection would affect a total of 212 respondents. Each of
these operators would be subject to both information collections;
however, due to differences in the frequency of the submissions, the
two collections result in differing numbers of annual respondents.
Submission of AOIPs would affect an average of 71 respondents and
transmission of passenger information would affect an annual average of
163 respondents. With regards to airport operators authorizing non-
traveling individuals to enter a sterile area for a purpose approved by
TSA, there are currently 437 domestic airports that are eligible. TSA
has adopted this total as the maximum number of airport operator
respondents that might transmit information to Secure Flight.
Frequency: The AOIP would be a one-time submission, whereas
collection of passenger information for purposes of watch list matching
must occur on at least a daily basis. The commercial passenger aviation
industry provides air transport to more than 2.5 million passengers per
day, and aircraft operators accept reservations for transport on a
continuous basis. Therefore, in order to be effective as a security
measure, watch list matching of passengers and non-traveling
individuals must be carried out on a near or real-time basis.
Collecting passenger or non-traveling individuals' information from
respondents less frequently than daily would not allow TSA to complete
watch list matching of every passenger or non-traveling individual
prior to their arrival at an airport security checkpoint. TSA's
collection of information from respondents must occur on at least a
daily basis, if not more frequently, in order to take into account new
or changed reservations for air travel.
Annual Burden Estimate: TSA has determined that the information
aircraft operators would be required to collect from passengers is
similar to that collected in the normal course of business and is
therefore exempt from the PRA as defined in 5 CFR 1320.3(b)(2).
Further, TSA was unable to estimate an hour burden for aircraft
operators to transmit passenger information to DHS. TSA did not have
sufficient data to calculate this burden. However, TSA has monetized
the burden on the aircraft operators to modify and update their systems
to transmit passenger information (see below). Accordingly, TSA has
only estimated an hour burden for aircraft operators to submit their
AOIPs.
TSA estimated that each covered aircraft operator would invest 400
hours in the AOIP process if the covered aircraft operator has not
already connected to Customs and Border Protection's (CBP) APIS Quick
Query (AQQ).\22\ TSA's estimate includes high-level planning, resource
allocation, budgeting and management review and approval before
submitting the AOIP to TSA. Since TSA was unable to estimate the number
of respondent aircraft operator that might connect to AQQ prior to
implementation of Secure Flight, TSA assessed the 400 hours

[[Page 48377]]

against each of the respondent aircraft operator, yielding a total of
84,800 hours. Based on this total, the annual burden would be 28,300
hours.
---------------------------------------------------------------------------

\22\ For carriers that are already connected to AQQ, TSA
estimated that such carriers would invest 200 hours in developing
their AOIPs.
---------------------------------------------------------------------------

In addition to the hour burden, it may cost respondents $129.2
million in the first three years to modify and maintain systems to
accommodate the new communication requirements. This breaks down to
$125,200,000 in the first two years for capital startup costs and
$4,000,000 in the second and third years for operations and
maintenance, for an annual average of $43,000,000. The capital startup
costs encompass the cost for additional bandwidth that aircraft
operators may require to transmit data from reservations booked online
as well as extensive system modifications to enable two-way
communication between respondents and the Secure Flight system.
With regards to airport operators authorizing non-traveling
individuals to enter a sterile area for a purpose approved by TSA, TSA
assumes respondents would submit an annual total of 240,000 responses.
TSA anticipates that airport operators would use a web application to
transmit the personal information to Secure Flight and receive a
response in real time. In most cases, the TSA response should be nearly
instantaneous; thus, TSA believes the proposed provision would not
result in an appreciable hour burden on respondents.
TSA is soliciting comments to
(1) Evaluate whether the proposed information requirement is
necessary for the proper performance of the functions of the agency,
including whether the information will have practical utility;
(2) Evaluate the accuracy of the agency's estimate of the burden;
(3) Enhance the quality, utility, and clarity of the information to
be collected; and
(4) Minimize the burden of the collection of information on those
who are to respond, including using appropriate automated, electronic,
mechanical, or other technological collection techniques or other forms
of information technology.
Individuals and organizations may submit comments on the
information collection requirements by October 22, 2007. Direct the
comments to the address listed in the ADDRESSES section of this
document, and fax a copy of them to the Office of Information and
Regulatory Affairs, Office of Management and Budget, Attention: DHS-TSA
Desk Officer, at (202) 395-5806. A comment to OMB is most effective if
OMB receives it within 30 days of publication. TSA will publish the OMB
control number for this information collection in the Federal Register
after OMB approves it.
As a protection provided by the Paperwork Reduction Act, as
amended, an agency may not conduct or sponsor, and a person is not
required to respond to, a collection of information unless it displays
a currently valid OMB control number.

B. Regulatory Impact Analyses

1. Regulatory Evaluation Summary
Changes to Federal regulations must undergo several economic
analyses. First, Executive Order 12866, Regulatory Planning and Review
(58 FR 51735, October 4, 1993), directs each Federal agency to propose
or adopt a regulation only upon a reasoned determination that the
benefits of the intended regulation justify its costs. Second, the
Regulatory Flexibility Act of 1980 (5 U.S.C. 601 et seq., as amended by
the Small Business Regulatory Enforcement Fairness Act (SBREFA) of
1996) requires agencies to analyze the economic impact of regulatory
changes on small entities. Third, the Office of Management and Budget
directs Trade Agreements Act (19 U.S.C. 2531-2533) prohibits agencies
from setting standards that create unnecessary obstacles to assess the
effect of regulatory changes on foreign commerce of the United States.
In developing U.S. standards, this Trade Act requires agencies to
consider international trade standards and where appropriate, as the
basis of U.S. standards. Fourth, the Unfunded Mandates Reform Act of
1995 (2 U.S.C. 1531-1538) requires agencies to prepare a written
assessment of the costs, benefits, and other effects of proposed or
final rules that include a Federal mandate likely to result in the
expenditure by State, local, or tribal governments, in the aggregate,
or by the private sector, of $100 million or more annually (adjusted
for inflation).
TSA has prepared a separate detailed analysis document which is
available to the public in the docket. With respect to these analyses,
TSA provides the following conclusions and summary information.
1. TSA has determined that this is an economically significant rule
within the definition of Executive Order (EO) 12866, as estimated
annual costs or benefits exceed $100 million in any year. The mandatory
OMB Circular A-4 Accounting statement is included in the separate
complete analysis and is not repeated here.
2. The Initial Regulatory Flexibility Analysis (IRFA) shows that
there is not likely a significant impact on a substantial number of
small entities. As a normal practice, we provide the IRFA to the public
but withhold the final formal certification of determination as
required by the RFA until after we receive public comments and publish
the Final Regulatory Flexibility Analysis (FRFA).
3. Although the rule in general is unlikely to cause any adverse
impact on international trade, there may be potential unfavorable
responses to the overflight provisions of the proposed rule.
4. The regulatory evaluation provides the required written
assessment of Unfunded Mandates. The proposed rule is not likely to
result in the expenditure by State, local, or tribal governments, in
the aggregate, of $100 million or more annually (adjusted for
inflation). However, the estimated impact on the private sector does
exceed the inflation adjusted Unfunded Mandates threshold. The E.O.
12866 analysis provided below also serves as the analysis required
under UMRA.
2. Executive Order 12866 Assessment Benefits
Benefits of the rule would occur in two phases: The first during
operational testing and the second post-implementation. During
operational testing, Secure Flight would screen passengers in parallel
with the airlines. Primary responsibility for watch list matching would
remain with covered aircraft operators during this period, but Secure
Flight might notify aircraft operators if its watch list matching
technology enabled it to detect a potential match the aircraft operator
may have missed. Therefore, during the operational testing phase,
benefits may include increased aviation security resulting from the
detection of threats not identified by covered carriers participating
in the testing.
Most of the rule's benefits would occur post-implementation. Secure
Flight would standardize the watch list matching process across
domestic and foreign commercial airlines. Resulting benefits could
include more accurate, timely, and comprehensive screening, and a
reduction in false positives. This would occur because Secure Flight
would have access to more data with which to distinguish passengers
from records in the watch lists than is currently available to
airlines. Further, the airlines would be relieved of watch list
matching responsibilities, and TSA would be relieved of distributing
the watch lists. Together, these factors would contribute to the
overall objective of focusing resources on passengers identified as
potential threats to aviation security.

[[Page 48378]]

This benefit would be further augmented by the proposal to require
covered airlines to print on boarding passes a unique code generated by
the Secure Flight system for each watch list result returned. Depending
on the final implementation method, this requirement would at a minimum
allow checkpoint personnel to verify that a boarding or gate pass had
been processed by the Secure Flight system. This would prevent
individuals from passing through the checkpoint with a boarding or gate
pass that had not originated in an airline system.
By transferring responsibility for watch list matching of
international passengers from CBP to TSA, the proposed rule would
consolidate passenger prescreening operations within the Department of
Homeland Security (DHS), thereby reducing redundancies between similar
programs and facilitating better governance. The proposed rule would
enable CBP to focus its resources on its mission of protecting U.S.
borders while permitting TSA to apply its expertise in watch list
matching consistently across all commercial air traffic within and
overflying the United States. DHS expects that reducing overlap between
these agencies' missions will improve national security through more
efficient and targeted use of national resources.
Other benefits could include increased security due to the watch
list matching of non-traveling individuals who request access to a
sterile area. Also, TSA anticipates it may allow airports to authorize
non-traveling individuals to enter the airport sterile area. As a
result, the proposed rule would establish requirements related to
airports' transmission of data from non-traveling individuals to Secure
Flight for watch list matching. These requirements would only apply to
airports that requested and received authorization from TSA to grant
non-traveling individuals access to the airport sterile area.
Once TSA assumed primary responsibility for watch list matching,
airlines would be relieved of their passenger watch list matching
responsibilities. For the purposes of its analysis, TSA assumed that
domestic implementation would be completed in the first year of the
rule, and international implementation would be completed in the second
year. However, the actual date the carriers would be completely
relieved was unknown at the time of writing and would be contingent on
several factors, such as the impact of budgetary constraints and the
results of operational testing. Prior to implementation, operational
testing would have to demonstrate that Secure Flight did not produce a
large number of false positives, processed all matching requests in an
efficient and accurate manner, and interfaced with a redress system for
passengers who believe they have been incorrectly delayed or denied
boarding as a result of Secure Flight matching. Elimination of their
watch list matching responsibilities would enable airlines to
reallocate to other tasks some of their operational resources currently
dedicated to comparing passenger information to the watch lists and
offset some costs imposed by the regulation. Due to the vast difference
in resources used by each airline for watch list matching and
uncertainty regarding the actual date each would be relieved of watch
list duties, TSA was unable to quantify these cost savings.
Further, while TSA conducted significant testing using previously
collected passenger name record (PNR) data, no testing has been
completed in a live environment using all of the passenger information
requested by this proposed rule. The testing phase would provide TSA
the opportunity to work with the airlines and other stakeholders to
refine Secure Flight to achieve optimal results while the airlines
continue to have primary responsibility for watch list matching. Thus,
the testing phase would also allow TSA to collect baseline data
necessary for quantification of potential benefits of Secure Flight.
TSA has included in the Regulatory Evaluation a rough ``break-
even'' analysis which indicates the tradeoffs between program cost and
program benefits (in the form of impact on baseline risk of a
significant aviation-related terror attack) that would be required for
Secure Flight to be a cost beneficial undertaking.

Costs

As required, alternatives to the primary rule requirements were
analyzed. The following table provides the ten-year primary, high, and
low estimates each at undiscounted, 7%, and 3% discount rates.

Total Costs by Scenario and Discount Rate
----------------------------------------------------------------------------------------------------------------
Total by scenario Undiscounted 7% Discount 3% Discount
----------------------------------------------------------------------------------------------------------------
Primary Scenario................................................ $3,129.9 $2,179.3 $2,659.7
High Scenario................................................... 3,907.8 2,725.8 3,323.0
Low Scenario.................................................... 2,456.0 1,703.4 2,083.4
----------------------------------------------------------------------------------------------------------------

All costs in the following summary are discounted present value
costs using a 7% discount rate over 10 years unless noted as an annual
cost. Both in this summary and the economic evaluation, descriptive
language conveys the consequences of the regulation. Although the
regulatory evaluation attempts to mirror the terms and wording of the
regulation, no attempt is made to precisely replicate the regulatory
language and readers are cautioned that the actual regulatory text, not
the text of the evaluation, is binding.
Given the global nature of commercial aviation and the prevalence
of airline partnerships, TSA was unable to divide the incidence of the
estimated costs between the domestic and foreign economies. Thus, the
table below presents the aggregate costs attributable to the proposed
Secure Flight rule. TSA has divided its discussion within each of the
cost sections in the regulatory evaluation between domestic and
international operations, reflecting the scope and phasing of the
proposed rule. However, this distinction between costs accruing to
domestic and international operations should not be confused with costs
to the domestic and foreign economies.
TSA estimated the cost impacts of this rulemaking would total from
$1.703 billion to $2.726 billion over 10 years, discounted at 7%. Air
carriers would incur total costs of $145.2 to $476.7 million, and
travel agents would incur costs of $86.5 to $257.4 million. TSA
projected Federal Government costs would be from $1.114 to $1.326
billion. The total cost of outlays would be from $1.346 billion to
$2.060 billion. Additionally, the cost to individuals (value of time)
would be between $357.9 and $666.2 million. The following paragraphs
discuss these costs.
Air carriers would incur costs to comply with requirements of this
rulemaking. Over the 10-year period from 2008 to 2017, TSA estimated
air

[[Page 48379]]

carriers would incur average annual discounted costs of $15.6 to $52.5
million to reprogram their computer systems to accept the additional
data fields required by the rule and achieve two-way connectivity with
TSA. Although TSA would require covered aircraft operators to collect
and transmit SFPD, TSA would not mandate how covered aircraft operators
would store or extract passengers' SFPD. Covered aircraft operators may
choose to extract SFPDs from their reservation system or develop a
separate system. Based on interviews with covered airlines, TSA has
assumed for the purposes of this analysis that airlines would choose to
use their reservation systems to collect and transmit SFPD.
Because the proposed rule would require additional information to
be requested, additional time would be required for airline call
centers to complete reservations. TSA estimated these costs would be
between $5.1 and $15.3 million per year. Together, the air carriers'
average annual costs would range from $20.7 to $67.8 million.
The proposed rule would not directly regulate travel agents.
However, aircraft operators would be required to ensure that travel
agencies request the additional passenger information. Therefore,
travel agents, like covered aircraft operators, would have to spend
additional time to complete airline reservations. TSA estimated the
average annual cost to travel agents would range from $12.3 to $36.7
million.
The Federal Government would incur several costs as a result of the
rule. These costs would include network infrastructure to enable
communication between TSA and covered aircraft operator data systems,
hardware and software procurement, operations and maintenance, and
general support for implementation. The government would further incur
costs to complete adjudication of name similarities or watch list
matches and also for redress activities. Finally, the government would
incur costs to implement a system at checkpoints to verify the codes
issued by the Secure Flight system and printed on boarding and gate
passes. The Government's estimated average annual cost would be from
$158.6 million to $188.7 million.
The proposed rule would also impact individuals. Time is a valuable
economic resource, like labor, capital, and other factors of
production, which may be utilized for work or relaxation. The loss of
time imposes an opportunity cost on individuals. TSA attempted to
quantify opportunity costs to individuals based on the incremental
additional time required to make a reservation. TSA estimated these
average annual costs to individuals would range from $51.0 to $94.8
million.
3. Regulatory Flexibility Act Assessment: Initial Regulatory
Flexibility Analysis (IRFA)
The Regulatory Flexibility Act of 1980 (RFA) establishes ``as a
principle of regulatory issuance that agencies shall endeavor,
consistent with the objective of the rule and of applicable statutes,
to fit regulatory and informational requirements to the scale of the
business, organizations, and governmental jurisdictions subject to
regulation.'' To achieve that principle, the RFA requires agencies to
solicit and consider flexible regulatory proposals and to explain the
rationale for their actions. The Act covers a wide range of small
entities, including small businesses, not-for-profit organizations, and
small governmental jurisdictions. Agencies must perform a review to
determine whether a proposed or final rule will have a significant
economic impact on a substantial number of small entities. If the
determination is that it will, the agency must prepare a regulatory
flexibility analysis as described in the Act.
However, if an agency determines that a proposed or final rule is
not expected to have a significant economic impact on a substantial
number of small entities, section 605(b) of the 1980 RFA provides that
the head of the agency may so certify and a regulatory flexibility
analysis is not required. The certification must include a statement
providing the factual basis for this determination, and the reasoning
should be clear. Although TSA does not believe the proposed rule will
have a significant impact on a substantial number of small entities,
the agency has prepared an Initial Regulatory Flexibility Analysis
(IRFA) for public review and comment. TSA requests comments on this
IRFA and the potential impacts of the proposed rule on small
businesses.

Section 1: Reasons for and Objectives of the Proposed Rule

2.1.1 Reason for the Proposed Rule

Section 4012(a) of the Intelligence Reform and Terrorism Prevention
Act requires the Transportation Security Administration (TSA) to assume
from aircraft operators the function of conducting pre-flight
comparisons of airline passenger information to Federal Government
watch lists.

2.1.2 Objective of the Proposed Rule

This proposed rule would allow TSA to begin implementation of the
Secure Flight program, under which TSA would receive passenger and non-
traveler information, conduct watch list matching, and transmit gate
and boarding pass printing instructions back to aircraft operators
indicating whether individuals should be cleared to enter the sterile
area, marked as selectees, or prohibited from receiving a gate or
boarding pass.

Section 2: Affected Small Business Population and Estimated Impact of
Compliance

2.2.1 Aircraft Operator Small Business Population

The proposed Secure Flight rule would affect all aircraft operators
conducting flight operations under a full security program per 49 CFR
1544.101(a). In general, these aircraft operators are the major
passenger airlines that offer scheduled and public charter flights from
commercial airports. Specifically, the covered carriers would be those
performing scheduled service or public charter passenger operations
either with an aircraft having a passenger seating configuration of 61
or more seats or having 60 or fewer seats if the aircraft enplanes from
or deplanes into a sterile area.
Of the 66 aircraft operators that are covered by the proposed rule,
TSA estimated that 24 of these can be identified as small business
entities. This is based on the Small Business Administration (SBA)
Office of Size Standards' size standard of ``fewer than 1,500
employees'' for small businesses within NAICS Code 481111, Scheduled
Passenger Air Transportation, and those within NAICS Code 481211,
Nonscheduled Chartered Passenger Air Transportation.\23\ For this
analysis, air carrier employee counts were developed from publicly
available information and from carrier filings with the U.S. Department
of Transportation's Bureau of Transportation Statistics (BTS) and
Federal Aviation Administration.
---------------------------------------------------------------------------

\23\ Small Business Administration. Table: ``Small Business Size
Standards Matched to North American Industry Classification
System.'' Available at http://www.sba.gov/size/sizetable2002.html.
Accessed May 4, 2006.
---------------------------------------------------------------------------

In the Secure Flight regulatory evaluation, TSA divided covered
carriers into four ``cost groups'' based on the nature of their
reservations systems and BTS size classification (i.e., major,
national, large regional, etc.).\24\ These groupings correspond to the
estimated costliness of reprogramming airline

[[Page 48380]]

reservation systems to comply with the proposed Secure Flight
requirements. Implementation Group 1 represents all legacy marketing
carriers and their affiliates utilizing an older GDS or host airline
reservation system (ARS). Legacy airlines, those flying prior to the
Airline Deregulation Act of 1978, are all major airlines and have the
oldest computer systems. Accordingly, TSA assumed this group would
incur the highest compliance costs. Implementation Group 2 includes
marketing carriers utilizing a newer GDS or host ARS, as well as
national carriers subscribing to an older GDS. Implementation Group 3
represents carriers with independently maintained reservation systems
TSA determined were capable of receiving a direct connection to Secure
Flight, as well as regional, commuter, and small airlines subscribing
to an older GDS or host ARS. Airlines with very simple or no
computerized reservation systems form Group 4. Rather than requiring
Group 4 carriers to establish complex systems capable of connecting
directly with Secure Flight, TSA would allow them to transmit passenger
information through a secure Internet portal.
---------------------------------------------------------------------------

\24\ For more information, please see Section 1.4.1.
---------------------------------------------------------------------------

In Groups 1 and 2, smaller airlines often use the reservation
systems of larger airlines. For example, a passenger may book a
reservation with a large, marketing airline, but the flight may be
operated by a smaller airline owned by or contracting with the
marketing airline (an affiliate). In such cases, TSA assumed in its
regulatory evaluation that the marketing airline would bear the cost of
changes to the reservation system and designated those carriers as
``points of implementation.'' Section 1.4.1 of the regulatory
evaluation describes this distinction in greater detail.
In the discussion below, TSA relaxes this assumption and treats
affiliate carriers as if they are marketing carriers. Since no Group 1
affiliate carriers are major airlines, they were re-categorized as
Group 3 carriers (regional, commuter, or small carriers using an older
GDS). Specifically, these are Carriers 3, 4, 8, and 9 in the
tables.\25\ Although this method ensures a potential cost is estimated
for all small business carriers, TSA notes that it likely overstates
the actual cost that would be incurred. Thus, for this small business
analysis, TSA considers 10 carriers under Implementation Groups 2 and
3. The remaining 14 carriers belong to Group 4.
---------------------------------------------------------------------------

\25\ Since in some cases the reported revenue data is
proprietary, TSA substituted an ID number in place of company names.
---------------------------------------------------------------------------

Table 2.2.1.a reports annual 2005 employment and operating revenues
or sales \26\ TSA gathered for these 24 airlines (in one case the
financial data is from 2002). These small air carriers are active in
different areas of the passenger air transportation marketplace. Some
provide scheduled passenger service in small niche markets, often as
part of the larger route system of an established hub and spoke
carrier; others provide charter transportation services to tour groups
or organizations such as professional sports teams. Some of those that
provide scheduled passenger services use reservation systems hosted by
one of the existing ARS providers, while others handle phone
reservations or receive reservations from travel agents. All of these
small airlines would be subject to the proposed rule, however, due to
the size of aircraft they use and/or because of the airport
environments in which they operate. Thus, these airlines would collect
more information from passengers, but TSA would take over their current
requirement to compare passenger manifests to the watch lists.
---------------------------------------------------------------------------

\26\ In cases for which annual revenues were not available,
carrier filings of total annual sales were used as a proxy for
revenue.

---------------------------------------------------------------------------

[[Page 48381]]

[GRAPHIC] [TIFF OMITTED] TP23AU07.000

2.2.2 Estimated Impact to Aircraft Operator Small Businesses

TSA determined that the proposed rule would not cause a significant
economic impact for a substantial number of these small business
entities based on several considerations. First, under the current
procedures, these small airlines must devote effort to matching
passenger identification information to TSA watch lists but are not
able to establish staff and back office activities that are dedicated
to these security functions due to the small scale of their operations.
Instead, the existing security responsibilities are fulfilled by
airline personnel who may have other unrelated duties. These scale
considerations suggest that the benefits of changing the current
responsibilities by implementing the proposed rule may be weighted
toward these smaller airlines, when considered on a per enplanement
basis.
In addition, given the variety of business activities pursued by
the small carriers under consideration--scheduled passenger operations
or charter operations, operations that collaborate with a larger hub
and spoke carrier or that are independent of larger carriers, and
operations that do or do not make use of an existing ARS host for
processing reservations--it is difficult to estimate the costs that
would be incurred by these small carriers should the proposed rule be
implemented. In order to evaluate the possible economic impact of the
proposed rule on small aircraft operators, TSA utilized two calculation
methods: One for carriers in Groups 2 and 3, and a second for carriers
in Group 4.
Since reprogramming and data collection costs have already been
presented in the aggregate for Groups 2 and 3 in Sections 1.6.2 and
1.6.3 of the regulatory evaluation, TSA used the same techniques to
calculate the potential impact to small business carriers in these two
groups. Table 2.2.2.a below shows the outcome of these calculations.
TSA first assigned an estimated initial reprogramming cost to each
small business carrier based on whether it belonged to Group 2 or 3
(column B). The initial reprogramming cost was used since this is the
highest expenditure in any one year. Each carrier would also experience
an increase in the time required to collect passenger data during
reservations, as discussed in Section 1.6.3. To arrive at the maximum
annual collection cost (column D), TSA annualized the total High
Scenario Airline Collection Costs from Table 1.6.3.a. These airline
collection costs are a function of reservations and TSA assumed an
airline's share of reservations is proportional to its share of
enplanements. Thus, TSA multiplied the total annual collection cost by
each

[[Page 48382]]

carrier's share of enplanements (column C) to arrive at its proportion
of the annual collection cost (column E). Adding the collection cost to
the initial reprogramming cost yielded a per-carrier estimated cost of
compliance (column F). TSA divided these estimated compliance costs by
each carrier's reported revenue to determine the percent of revenue
that would be expended on Secure Flight (column G).
Although there is no hard and fast definition for ``significant
economic impact,'' agencies frequently use 2% of an entity's revenue as
a threshold. As can be seen in the table, in one case the estimated
compliance cost exceeds 2% of the carriers' reported 2005 revenues and
in one case it exceeds 8%. After reviewing the relevant information,
however, TSA determined the threshold may not be applicable in this
particular case. This is because the percentage is extremely sensitive
to the estimated reprogramming cost (column B). TSA's estimated
reprogramming costs for these carriers are based on assumptions about
limited data and may overstate the costs to smaller carriers. This
consideration is especially true of carrier 10. This carrier maintained
its own reservation system until August 2005, when it began subscribing
to a GDS. Consequently, its reprogramming costs may be significantly
lower than projected here. Further, these carriers would have the
option to use the Secure Flight web interface rather than reprogram
their reservation systems if they determine reprogramming would be too
costly.
Based on these considerations, TSA determined the estimated
compliance cost likely does not meet the requirements of a significant
economic impact under the RFA; however, the agency invites comments on
this analysis.

Table 2.2.2.a.--Estimated Small Business Impact, Carrier Groups 2 and 3
--------------------------------------------------------------------------------------------------------------------------------------------------------
Estimated Share of total Annualized Share of Estimated Compliance
2005 annual carrier covered airline airline total cost as
Small business carrier ID operating reprogram carrier Enp collection collection compliance percent of
revenues (000) costs (000) (percent) costs* (000) costs* (000) cost* (000) revenues*
(A) (B) (C) (D) (E) = C*D (F) = B+E (G) = F/A
--------------------------------------------------------------------------------------------------------------------------------------------------------
1....................................... $204,000 $850 0.20 $11,690 $23 $873 0.43
2....................................... 80,300 425 0.18 11,690 21 446 0.56
3....................................... 78,100 425 0.13 11,690 15 440 0.56
4....................................... 60,000 425 0.07 11,690 8 433 0.72
5....................................... 45,100 425 0.10 11,690 12 437 0.97
6....................................... 42,800 425 0.09 11,690 11 436 1.02
7....................................... 18,600 425 0.01 11,690 1 426 2.29
8....................................... 39,600 425 0.06 11,690 7 432 1.09
9....................................... 24,000 425 0.02 11,690 2 427 1.78
10...................................... 5,000 425 0.01 11,690 1 426 8.52
--------------------------------------------------------------------------------------------------------------------------------------------------------
* Reflect totals from the high case scenario presented in the regulatory evaluation.

As discussed in Section 1.6.2 of the regulatory evaluation, TSA
assumed Group 4 carriers would not have any reprogramming costs
associated with implementation of Secure Flight but that 13 of the 16
Group 4 carriers would spend $100,000 in the first year of the program
on staff retraining and customer outreach. TSA did not have sufficient
information, however, to reliably estimate costs incurred by these
carriers due to changes in their reservation process. For the purpose
of discussion, TSA here calculates a unit compliance cost per
enplanement in order to illustrate the average impact of the proposed
rule. The results of this calculation are shown in Table 2.2.2.b.
TSA chose to use a broad assumption in developing its unit cost and
therefore included the annual costs related to the entire reservations
process for air transportation providers. As reported in Tables 1.6.3.a
and 1.6.4.a, costs associated with the reservations process include
airline and travel agency costs to make available privacy notices and
request additional passenger information. In TSA's high scenario, these
two categories total to approximately $34.2 million in fiscal year
2008. This value can be normalized to a per enplanement basis using the
reservations forecast reported in Table 1.4.1.a, which totals 672.1
million in 2008. This normalized cost per enplanement equals $34.2/
672.1, or about $0.05 per enplanement (column B).
Multiplying this normalized value by each carrier's 2005 annual
enplanements total (column B) and adding in the implementation
expenditure where applicable (column A), TSA estimated the cost to each
of the small business entities identified (column D). As column F of
Table 2.2.2.b indicates, this estimate for costs never exceeds 2% of
2005 annual revenues for these small carriers. Note further that the
annual enplanements value is unadjusted for round trip itineraries or
for reservations that may have been generated as part of a marketing
carrier's reservations process. Thus, the estimated values in Table
2.2.2.b are very likely to be overstatements of the impact of the
proposed rule on these small carriers.
Finally, as noted previously, DHS will make available a Secure
Flight Internet portal for the transmittal of passenger and other
itinerary data from Group 4 small airlines to TSA. The availability of
this interface would simplify the transition to the environment that
will prevail once the proposed rule is implemented, while providing
greater assurance regarding the provision of the relevant security data
to TSA for comparison to the watch lists.

[[Page 48383]]

Table 2.2.2.b.--Illustrative Small Business Impact, Carrier Group 4
--------------------------------------------------------------------------------------------------------------------------------------------------------
Maximum unit Compliance
Assumed start- FY 2005 compliance Compliance 2005 annual cost as
Small business carrier ID up outlay enplanements cost per cost operating percent of
enplanement revenues 2005 revenues
(A) (B) (C) (D) = A+B*C (E) (F) = D/E
--------------------------------------------------------------------------------------------------------------------------------------------------------
11...................................................... $100,000 208,120 $0.05 $110,400 $74,300,000 0.15
12...................................................... 100,000 344,741 0.05 117,200 76,392,000 0.15
13...................................................... 100,000 506,292 0.05 125,300 137,900,000 0.09
14...................................................... 100,000 91,571 0.05 104,600 68,600,000 0.15
15...................................................... 100,000 836,409 0.05 141,800 132,500,000 0.11
16...................................................... 100,000 329,418 0.05 116,500 33,400,000 0.35
17...................................................... 100,000 82,529 0.05 104,100 105,265,872 0.10
18...................................................... 100,000 18,707 0.05 100,900 6,330,280 1.59
19...................................................... 100,000 329,083 0.05 116,500 35,649,201 0.33
20...................................................... 100,000 35,788 0.05 101,800 12,000,000 0.85
21...................................................... 100,000 22,511 0.05 101,100 14,229,510 0.71
22...................................................... 0 0* 0.05 0 930,000 (\1\)
23...................................................... 0 38,471 0.05 1,900 0 (\1\)
24...................................................... 0 17,521 0.05 900 0 (\1\)
--------------------------------------------------------------------------------------------------------------------------------------------------------
* Carrier had not yet begun reporting enplanements to BTS.
(\1\) Data not available.

The estimates provided in Table 2.2.2.b show how Group 4 small
businesses would be impacted by Secure Flight were their operations
comparable to those of airlines in Groups 1 through 3. As has been
noted above, however, this is not the case. Consequently, the costs
Group 4 airlines would actually incur to comply with Secure Flight may
diverge significantly from the estimates presented. Nevertheless, the
table illustrates that these costs would have to increase dramatically
before they would constitute a significant economic impact.
In the interest of arriving at more accurate estimates, TSA has
outlined the assumptions underlying its calculations in Appendix A. TSA
invites comments from the public and industry. TSA particularly
welcomes comments that include or identify sources of data that will
assist TSA in improving its assumptions.

2.2.3 Travel Agency Small Business Population

The Small Business Administration (SBA) classifies any travel
agency as a small business if it has revenues of less than $3.5 million
annually.\27\ The SBA data provided in Table 2.2.3.a indicate that in
2003 more than 98% of travel agencies had annual revenues less than $5
million. Although the division of the SBA revenue categories do not
allow for a precise count of the number of small business, the average
revenue per firm of $1.9 million for the $1 million to $5 million
category indicates that many of the firms in this category have
revenues below the $3.5 million threshold. Consequently, the discussion
of small businesses in the travel agency industry will be a discussion
about the vast number of firms.
---------------------------------------------------------------------------

\27\ Small Business Administration. Table: ``Small Business Size
Standards matched to North American Industry Classification
System.'' Available at http://www.sba.gov/size/sizetable2002.html.
Accessed May 4, 2006.
Note: The SBA size standard for travel agencies is based on
``total revenues, excluding funds received in trust for an
unaffiliated third party, such as bookings or sales subject to
commissions. The commissions received are included as revenue.''
\28\ Small Business Administration. Table: ``All Industries by
NAICS codes, 2003.'' See TXT file ``2003'' available at http://www.sba.gov/advo/research/data.html. Accessed May 6, 2006.

Table 2.2.3.a.--Distribution of Travel Agencies (NAICS 561510) by Revenue, 2003 \28\
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total Total
Total $0-$99,999 $100,000-$499,999 $500,000-$999,999 $1,000,000-$4,999,999 <$5,000,000 >$5,000,000
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Number of Firms.................................................... 14,838 6,125 6,627 1,098 714 14,564 274
Percent of Total................................................... 100.00 41.28 44.66 7.40 4.81 98.15 1.85
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Tables 2.2.3.b through 2.2.3.d below reflect the recent story of
the travel agent industry. The first two tables are based on 2002 data
provided by the Airlines Reporting Corporation (ARC) to the National
Commission to Ensure Consumer Information and Choice in the Airline
Industry (the Commission). These ARC data include the gross value of
airline tickets, which travel agents remit to the airlines, in addition
to their commission and fee revenue. To factor out this airline
revenue, the Commission stated that ``the average leisure agency
derives slightly more than 50% of its revenue from commissions and fees
for sale of airline tickets.'' \29\
---------------------------------------------------------------------------

\29\ ``Upheaval in Travel Distribution: Impact on Consumers and
Travel Agents, Report to Congress and the President,'' National
Commission to Ensure Consumer Information and Choice in the Airline
Industry, November 13, 2002 (``Commission Report''), p 89.
---------------------------------------------------------------------------

When the Commission prepared its report ``Upheaval in Travel
Distribution: Impact on Consumers and Travel Agents, Report to Congress
and the President'' (Commission Report), the SBA had just increased the
small business revenue threshold from $1 million to $3 million for
travel agents. Consequently, the Commission used $5 million in total
revenue (approximately $2.5 million in commission and fee revenue) as a
proxy threshold for small businesses when creating Tables 2.2.3.b and
2.2.3.c below. Although these tables do not capture the full universe
of travel

[[Page 48384]]

agency small businesses, they nevertheless illustrate general trends
affecting these entities.
As can be seen in Tables 2.2.3.b and 2.2.3.c, the number of travel
agencies whose sales are less than $5 million per year declined
steadily through 2001. Correspondingly, the share of industry sales by
these smaller firms also fell. At the same time, however, the largest
firms increased both their share of industry sales and the dollar value
of their sales.
---------------------------------------------------------------------------

\30\ Commission Report, p. 114.

Table 2.2.3.b.--Number of Travel Agencies by Size Category \30\
------------------------------------------------------------------------
Agency Size 1995 1997 1999 2001
------------------------------------------------------------------------
$2M or Less................. 19,851 19,226 17,855 15,253
$2M-$5M..................... 2,356 2,803 2,482 1,770
$5M-$50M.................... 1,059 1,2177 1,236 1,1015
Greater than $50M........... 77 107 117 117
------------------------------------------------------------------------
Total................... 23,343 23,413 21,690 18,425
------------------------------------------------------------------------

Table 2.2.3.c.--Share of Travel Agent Sales by Size Category \31\
------------------------------------------------------------------------
Agency Size 1995 1997 1999 2001
------------------------------------------------------------------------
$2M or Less................. 25.3% 20.6% 16.9% 14.2%
$2M-$5M..................... 13.5 12.8 10.7 8.4
$5M-$50M.................... 24.8 24.5 22.5 20.1
Greater than $50M........... 36.4 42.1 49.9 57.2
------------------------------------------------------------------------

Table 2.2.3.d shows aggregate monthly statistics released by the
Airlines Reporting Corporation indicating that the travel agent
industry continued to contract and consolidate through 2005.
Corresponding revenue data, however, was not available.
---------------------------------------------------------------------------

\31\ Ibid.

Table 2.2.3.d.--Travel Agencies Accredited by the Airlines Reporting Corporation \32\
----------------------------------------------------------------------------------------------------------------
2001 2002 2003 2004 2005
----------------------------------------------------------------------------------------------------------------
Retail Locations............................... 27,633 24,679 22,244 20,729 19,871
Home Offices............................... 1,651 1,368 1,203 1,118 1,041
Independent/Single Entities................ 15,057 13,206 11,670 10,578 9,874
Branch..................................... 6,696 6,171 5,695 5,474 5,451
Restricted Access.......................... 862 950 1,039 1,120 1,205
On-site branch............................. 3,367 2,984 2,637 2,439 2,300
Satellite Ticket Providers..................... 6,347 4,693 3,204 2,413 1,975
Corporate Travel Departments................... 108 150 172 182 197
----------------------------------------------------------------
Total Locations............................ 34,088 29,522 25,620 23,324 22,043
Change over previous year.............. N/A 13.39% 13.22% 8.96% -5.49%
----------------------------------------------------------------
Total Entities *........................... 17,678 15,674 14,084 12,998 12,317
Change over previous year.............. N/A 11.34% 10.14% 7.71% -5.24%
----------------------------------------------------------------------------------------------------------------
* Sum of Home Offices, Independent/Single Entities, Restricted Access, and Corporate Travel Departments.

2.2.4 Estimated Impact to Travel Agency Small Businesses
---------------------------------------------------------------------------

\32\ ``End of Year Reporting and Settlement Results,'' Airlines
Reporting Corporation press release, December 2002, December 2003,
December 2004, December 2005. Available at http://www.arccorp.com/regist/news_sales_doc_stats.jsp. Accessed May 12, 2006.
---------------------------------------------------------------------------

While not directly regulated, small travel agencies will certainly
be affected by the implementation of Secure Flight. TSA anticipated the
most significant burden on these entities would result from the
increased time to collect additional passenger information. Small
travel agencies may also incur incremental costs due to retraining of
staff and reaching out to clients in order to update customer profiles
prior to their next trip.
In Section 1.6.4 of the regulatory evaluation, TSA estimated a cost
that would be borne by non-Internet (brick-and-mortar) travel agencies
as a result of the proposed requirements. Detailed industry data did
not exist, however, that would allow TSA to determine the portion of
that cost that would be borne by small travel agencies. In lieu of such
information, TSA chose to calculate a minimum number of airline
reservations the smallest travel agency size category would have to
process in order for the requirements of the proposed rule to result in
a ``significant economic impact.'' This calculation corresponds to the
high estimate scenario and depends on a number of assumptions:
1. The average hourly wage of small business travel agents is
$20.69 (including benefits).
2. In TSA's highest cost scenario, an additional 30 seconds per
airline reservation would be needed to collect additional passenger
information.
3. The additional time to collect passenger information would be
incurred for every airline reservation booked through a travel agency.

[[Page 48385]]

4. The average revenue of the smallest travel agency firms
(revenues between $0 and $99,999) is $47,204.\33\
---------------------------------------------------------------------------

\33\ Small Business Administration. Table: ``All Industries by
NAICS codes, 2003.'' See TXT file ``2003'' available at http://www.sba.gov/advo/research/data.html. Accessed May 6, 2006. Estimated
receipts divided by number of firms, revenue class 0-99,999.
---------------------------------------------------------------------------

5. Two percent of a small travel agency's revenue constitutes a
``significant economic impact.''
Accepting these assumptions, 2% of the smallest firm revenue would
constitute an impact of $942 ($47,204 x 0.02). Reversing the
calculations used in Section 1.6.4, this total must be converted into
the additional reservation time it represents. This is accomplished by
dividing $942 by the travel agent hourly wage, which yields 45.5 hours
($942 / $20.69/hour). This cumulative 45.5 hours can then be broken
down into individual reservations by dividing by the total incremental
time per reservation, which is 0.008 hours (30 incremental seconds /
3600 seconds/hour). Thus, 45.5 hours represent approximately 5,690
airline reservations (45.5 hours / 0.008 hours/reservation). Under the
most burdensome scenario, then, on average the smallest travel agencies
would need to book 5,690 airline reservations in a year in order to
potentially incur a significant economic impact as a result of the
proposed rule.
Table 2.2.4.a presents this threshold number of reservations for
the range of data collection times presented in the Secure Flight
regulatory evaluation. Alternatively, the table also presents the
number of airline reservations a travel agency would have to process to
meet 2% of the SBA small business threshold for travel agents.
TSA has included these estimates and identified their accompanying
assumptions in order to enable small travel agencies to provide
comments to TSA on whether the proposed Secure Flight requirements
would constitute a significant economic impact. These estimates below
should be considered as a range of ``worst case scenarios.'' For
example, reservations made for clients for whom a travel agency already
has the requested Secure Flight information saved in a profile would
not incur the additional data collection time.

Table 2.2.4.a.--Airline Reservations Threshold for Small Business Travel Agencies
----------------------------------------------------------------------------------------------------------------

----------------------------------------------------------------------------------------------------------------
Revenue class $0-$99,999
SBA Small business threshold
----------------------------------------------------------------------------------------------------------------
Firm Revenue (A).................. $47,120
$3,500,000
2% of Revenue (B)................. $942
$70,000
Average Agent Hourly Wage (C)..... $20.69
$20.69
Total Incremental Hours (D) = B/C. 45.5
3,383.5
----------------------------------------------------------------------------------------------------------------
Estimate Scenario High Primary Low High Primary Low
----------------------------------------------------------------------------------------------------------------
Additional Hours per Reservation 0.008 0.006 0.003 0.008 0.006 0.003
(E).............................. (30 sec.) (20 sec.) (10 sec.) (30 sec.) (20 sec.) (10 sec.)
Reservations (F) = D/E............ 5,690 7,580 15,170 422,900 563,900 1,127,800
----------------------------------------------------------------------------------------------------------------

Section 3: Significant Alternatives Considered

The proposed rule provides small business carriers the flexibility
of either reprogramming their reservation systems to interface directly
with the Secure Flight system or to transmit passenger and non-traveler
information to Secure Flight through a secure Internet interface. Thus,
small business carriers identified in Groups 2 and 3 would have the
option of joining Group 4 and using the Internet portal if they
determined reprogramming their systems to communicate directly with
Secure Flight would be too costly. Similarly, small business carriers
TSA has identified in this analysis as scheduled to use the Secure
Flight Internet portal would have the option to reprogram their systems
to communicate directly with Secure Flight if they determined using the
portal would be too burdensome on their business processes.
While either method would impose some costs on small businesses,
TSA determined that exempting these carriers from the requirements of
the proposed rule would fail to meet the mandate within the IRTPA that
TSA assume the watch list matching function. Taking this into
consideration, TSA determined the options described above would
effectively minimize the impact to small businesses. TSA welcomes
comments on these options and analyses as well as suggestions that may
further reduce the impact on covered small businesses while achieving
the heightened security objective of the proposed rule.

Section 4: Identification of Duplicative or Overlapping Federal Rules

TSA is aware that other Federal agencies, such as the Centers for
Disease Control and Prevention (CDC) and Customs and Border Protection
(CBP), collect data concerning aviation passengers and may conduct or
will conduct watch list matching for these passengers. TSA is working
with other agencies, including the CDC and CBP, to develop ways to
eliminate unnecessary duplication of comparable screening efforts and
thereby reduce governmental and private sector costs. Therefore, the
proposed rule allows TSA to relieve covered aircraft operators of the
requirement to transmit passenger information if TSA determines that
the U.S. government is conducting watch list matching for a passenger
on a particular flight that is comparable to the screening conducted
pursuant to proposed part 1560. TSA will work with each covered
aircraft operator to establish the specific procedures and times for
these transmissions as it develops its Aircraft Operator Implementation
Plan.

Section 5: Initial Determination of No Significant Impact

Based on the considerations above, TSA believes that it is unlikely
the proposed rule would have a significant economic impact on a
substantial number of the small entities subject to this rulemaking.
However, TSA withholds final determination until receiving public
comment and completing a Final Regulatory Flexibility Analysis (FRFA).
In conducting this analysis, TSA acknowledges that the ability of
carriers to share the incidence of security costs with their customers
has been limited. TSA solicits comment on its analysis.
While not required by the RFA, TSA has also considered the
potential impact to small business travel agencies, as these entities
would likely be indirectly impacted by the proposed rule given

[[Page 48386]]

their role in the airline reservation process. TSA was unable to
determine if the proposed rule would have a significant economic impact
on a substantial number of these small business travel agencies. TSA
welcomes comments from the industry and other interested parties that
will assist the agency in improving its assumptions and estimates.
4. International Trade Impact Assessment
The Trade Agreement Act of 1979 prohibits Federal agencies from
engaging in any standards or related activities that create unnecessary
obstacles to the foreign commerce of the United States. Legitimate
domestic objectives, such as security, are not considered unnecessary
obstacles. The statute also requires consideration of international
standards and, where appropriate, that they be the basis for U.S.
standards. In addition, consistent with the Administration's belief in
the general benefits and desirability of free trade, it is the policy
of TSA to remove or diminish, to the extent feasible, barriers to
international trade, including both barriers affecting the export of
American goods and services to foreign countries and barriers affecting
the import of foreign goods and services into the U.S.
In keeping with U.S. obligations under the Convention on
International Civil Aviation, it is TSA's policy to comply with
International Civil Aviation Organization (ICAO) Standards and
Recommended Practices to the maximum extent practicable. TSA has
determined that there are no ICAO Standards and Recommended Practices
that correspond to the regulatory standards established by this notice
of proposed rulemaking (NPRM). TSA has assessed the potential effect of
this NPRM and has determined that it is unlikely it would create
barriers to international trade.
However, when TSA reviewed the impact of foreign carrier
overflights, the conclusion is not clear. The right of airlines from
one country to overfly another country in the course of traveling to
the destination country is the first of the well known ``freedoms of
the air.'' This technical freedom has been engrained in international
aviation since the Chicago Convention of 1944. How countries might
react to the new conditions being placed on the fulfillment of this
freedom is uncertain. International trade in travel and international
shipping may be negatively impacted should foreign countries choose to
respond in a retaliatory manner. One response by foreign carriers might
be to avoid overflying the U.S. entirely, thereby lengthening flight
routes and the costs of operation to those carriers. These reroutings
would change airline costs and thus contribute to fare increases, which
would affect trade between the departure and arrival countries, even
though it would not directly affect trade involving the U.S. If the
foreign carrier response is to reroute, it is not clear that such a
change would eliminate all risks, since aircraft skirting the
boundaries of U.S. airspace could be redirected into U.S. airspace by
hijackers or terrorists.
5. Unfunded Mandates Assessment
The Unfunded Mandates Reform Act of 1995 (the Act), enacted as
Public Law 104-4 on March 22, 1995, is intended, among other things, to
curb the practice of imposing unfunded Federal mandates on State,
local, and tribal governments. Title II of the Act requires each
Federal agency to prepare a written statement assessing the effects of
any Federal mandate in a proposed or final agency rule that may result
in a $100 million or more expenditure (adjusted annually for inflation)
in any one year by State, local, and tribal governments, in the
aggregate, or by the private sector. This proposed rulemaking would not
impose an unfunded mandate on State, local, or tribal governments, but
it would impose an unfunded mandate on the private sector. The analysis
required under Title II of the Act is satisfied with the full
Regulatory Impact Assessment in the docket.

C. Executive Order 13132, Federalism

TSA has analyzed this notice of proposed rulemaking under the
principles and criteria of Executive Order 13132, Federalism. We
determined that this action will not have a substantial direct effect
on the States, or the relationship between the National Government and
the States, or on the distribution of power and responsibilities among
the various levels of government, and, therefore, does not have
federalism implications.

D. Environmental Analysis

TSA has reviewed this action for purposes of the National
Environmental Policy Act of 1969 (NEPA) (42 U.S.C. 4321-4347) and has
determined that this action will not have a significant effect on the
human environment.

E. Energy Impact Analysis

TSA has assessed the energy impact of the action in accordance with
the Energy Policy and Conservation Act (EPCA), Public Law 94-163, as
amended (42 U.S.C. 6362). We have determined that this rulemaking is
not a major regulatory action under the provisions of the EPCA.

List of Subjects

49 CFR Part 1540

Air carriers, Aircraft, Airports, Law enforcement officers,
Reporting and recordkeeping requirements, Security measures.

49 CFR Part 1544

Air carriers, Aircraft, Airmen, Airports, Arms and munitions,
Aviation safety, Explosives, Freight forwarders, Law enforcement
officers, Reporting and recordkeeping requirements, Security measures.

49 CFR Part 1560

Air carriers, Aircraft, Reporting and recordkeeping requirements,
Security measures.

The Proposed Amendments

For the reasons set forth in the preamble, the Transportation
Security Administration proposes to amend Chapter XII of Title 49, Code
of Federal Regulations, as follows:

SUBCHAPTER C--CIVIL AVIATION SECURITY

PART 1540--CIVIL AVIATION SECURITY: GENERAL RULES

1. The authority citation for part 1540 continues to read as
follows:

Authority: 49 U.S.C. 114, 5103, 40113, 44901-44907, 44913-44914,
44916-44918, 44935-44936, 44942, 46105.

2. Revise Sec. 1540.107 to read as follows:

Subpart B--Responsibilities of Passengers and Other Individuals and
Persons

* * * * *

Sec. 1540.107 Submission to screening and inspection.

(a) No individual may enter a sterile area or board an aircraft
without submitting to the screening and inspection of his or her person
and accessible property in accordance with the procedures being applied
to control access to that area or aircraft under this subchapter.
(b) An individual must provide his or her full name, as defined in
Sec. 1560.3 of this chapter, when--
(1) The individual makes a reservation for a covered flight, as
defined in Sec. 1560.3 of this chapter, or
(2) The individual makes a request for authorization to enter a
sterile area.
(c) An individual may not enter a sterile area or board an aircraft
if the

[[Page 48387]]

individual does not present a verifying identity document as defined in
Sec. 1560.3 of this chapter, when requested for purposes of watch list
matching under Sec. 1560.105(c) of this chapter, unless otherwise
authorized by TSA on a case-by-case basis.

PART 1544--AIRCRAFT OPERATOR SECURITY: AIR CARRIERS AND COMMERCIAL
OPERATORS

3. The authority citation for part 1544 continues to read as
follows:

Authority: 49 U.S.C. 114, 5103, 40113, 44901-44905, 44907,
44913-44914, 44916-44918, 44932, 44935-44936, 44942, 46105.
4. Amend Sec. 1544.103 by adding new paragraph (c)(22) to read as
follows:

Sec. 1544.103 Form, content, and availability.

* * * * *
(c) * * *
(22) The Aircraft Operator Implementation Plan (AOIP) as required
under 49 CFR 1560.109.
5. Add a new part 1560, to read as follows:

PART 1560--SECURE FLIGHT PROGRAM

Subpart A--General

Sec.
1560.1 Scope, purpose, and implementation.
1560.3 Terms used in this part.
Subpart B--Collection and Transmission of Secure Flight Passenger Data
for Watch List Matching
1560.101 Request for and transmission of information to TSA.
1560.103 Notice.
1560.105 Denial of transport or sterile area access; Designation for
enhanced screening.
1560.107 Use of watch list matching results by covered aircraft
operators.
1560.109 Aircraft Operator Implementation Plan.
1560.111 Covered airport operators.
Subpart C--Passenger Redress
1560.201 Applicability.
1560.203 Representation by counsel.
1560.205 Redress process.
1560.207 Oversight of process.

Authority: 49 U.S.C. 114, 40113, 44901, 44902, 44903.

Subpart A--General

Sec. 1560.1 Scope, purpose, and implementation.

(a) Scope. This part applies to the following:
(1) Aircraft operators required to adopt a security program for a
full program operation under 49 CFR 1544.101(a);
(2) Foreign air carriers required to adopt a security program under
49 CFR 1546.101(a) or (b); and
(3) Airport operators that seek to authorize individuals to enter a
sterile area for purposes approved by TSA.
(b) Purpose. The purpose of this part is to enhance the security of
air travel within the United States and support the Federal
Government's counterterrorism efforts by assisting in the detection of
individuals identified on Federal Government watch lists who seek to
travel by air, and to facilitate the secure travel of the public. This
part enables TSA to operate a watch list matching program known as
Secure Flight, which involves the comparison of passenger and non-
traveler information with the identifying information of individuals on
Federal Government watch lists.
(c) Implementation. Each covered aircraft operator must begin
requesting the information described in Sec. 1560.101(a)(1) and have
the capability to transmit Secure Flight Passenger Data to TSA 60 days
after the effective date of this rule. Each covered aircraft operator
must begin transmitting information to TSA as required in Sec.
1560.101(b) on the date specified in, and in accordance with, its
Aircraft Operator Implementation Plan. TSA will inform each covered
aircraft operator 60 days prior to the date on which TSA will assume
the watch list matching function from that aircraft operator.

Sec. 1560.3 Terms used in this part.

In addition to the terms in Sec. Sec. 1500.3 and 1540.5 of this
chapter, the following terms apply to this part:
Aircraft Operator Implementation Plan or AOIP means a written
procedure describing how and when a covered aircraft operator or
airport operator transmits passenger and flight information and non-
traveler information to TSA, as well as other related matters.
Airport code means the official code, designated by the
International Air Transport Association (IATA), for an airport.
Consolidated User Guide means a document developed by the
Department of Homeland Security (DHS) to provide guidance to aircraft
operators that must transmit passenger information to one or more
components of DHS on operational processing and transmission of
passenger information to all required components in a unified manner.
Covered aircraft operator means each aircraft operator required to
carry out a full program under 49 CFR 1544.101(a) or a security program
under 49 CFR 1546.101(a) or (b).
Covered airport operator means each airport operator that seeks to
authorize non-traveling individuals to enter a sterile area for a
purpose permitted by TSA.
Covered flight means any operation of an aircraft operator that is
subject to or operates under a full program under 49 CFR 1544.101(a).
Covered flight also means any operation of an aircraft that is subject
to or operates under a security program under 49 CFR 1546.101(a) or (b)
arriving in or departing from the United States, or overflying the
continental United States. Covered flight does not include any flight
for which TSA has determined that the Federal Government is conducting
passenger matching comparable to the matching conducted pursuant to
this part.
Date of birth means the day, month, and year of an individual's
birth.
Department of Homeland Security Traveler Redress Inquiry Program or
DHS TRIP means the voluntary program through which individuals may
request redress if they believe they have been: (1) Denied or delayed
boarding transportation due to DHS screening programs; (2) denied or
delayed entry into or departure from the United States at a port of
entry; or (3) identified for additional (secondary) screening at U.S.
transportation facilities, including airports, and seaports.
Full name means an individual's full name as it appears on a
verifying identity document held by the individual.
Inhibited status means the status of a passenger or non-traveling
individual to whom TSA has instructed a covered aircraft operator or a
covered airport operator not to issue a boarding pass or to provide
access to the sterile area.
Itinerary information means information reflecting a passenger's or
non-traveling individual's itinerary specified in the covered aircraft
operator's AOIP. For non-traveling individuals, itinerary information
is the airport code for the sterile area to which the non-traveler
seeks access. For passengers, itinerary information includes the
following:
(1) Departure airport code.
(2) Aircraft operator.
(3) Departure date.
(4) Departure time.
(5) Arrival date.
(6) Scheduled arrival time.
(7) Arrival airport code.
(8) Flight number.
(9) Operating carrier (if available).
Known traveler number means a unique number assigned to individuals
for whom the Federal Government has

[[Page 48388]]

conducted a security threat assessment and determined do not pose a
security threat.
Non-traveling individual or non-traveler means an individual to
whom a covered aircraft operator or covered airport operator seeks to
issue an authorization to enter the sterile area of an airport in order
to escort a minor or a passenger with disabilities or for some other
purpose permitted by TSA. The term non-traveling individual or non-
traveler does not include employees or agents of airport or aircraft
operators or other individuals whose access to a sterile area is
governed by another TSA regulation or security directive.
Overflying the continental United States means departing from an
airport or location outside the United States and transiting the
airspace of the continental United States en route to another airport
or location outside the United States. Airspace of the continental
United States includes the airspace over the continental United States
and the airspace overlying the territorial waters between the
continental U.S. coast and 12 nautical miles from the continental U.S.
coast. Overflying the continental United States does not apply to:
(1) Flights that transit the airspace of the continental United
States between two airports or locations in the same country, where
that country is Canada or Mexico; or
(2) Any other category of flights that the Assistant Secretary of
Homeland Security (Transportation Security Administration) designates
in writing.
Passenger means an individual who has, or seeks to obtain, a
reservation for transport on a covered flight. The term passenger does
not include:
(1) A crew member traveling on duty; or
(2) An individual with flight deck privileges under 49 CFR 1544.237
traveling on the flight deck.
Passenger Resolution Information or PRI means the information that
a covered aircraft operator or covered airport operator transmits to
TSA for an individual who TSA places in an inhibited status and from
whom the covered aircraft operator or covered airport operator is
required to request additional information and a Verifying Identity
Document. Passenger Resolution Information includes, but is not limited
to, the following:
(1) Covered aircraft operator's agent identification number or
agent sign.
(2) Type of Verifying Identity Document presented by the passenger.
(3) The identification number on the Verifying Identity Document.
(4) Issue date of the Verifying Identity Document.
(5) Name of the governmental authority that issued the Verifying
Identity Document.
(6) Physical attributes of the passenger such as height, eye color,
or scars, if requested by TSA.
Passport information means the following information from an
individual's passport:
(1) Passport number.
(2) Country of issuance.
(3) Expiration date.
(4) Gender.
(5) Full name.
Redress Number means the number assigned by DHS to an individual
processed through the redress procedures described in 49 CFR part 1560,
subpart C.
Secure Flight Passenger Data (SFPD). For purposes of this proposed
rule, ``Secure Flight Passenger Data'' or ``SFPD'' is information
regarding a passenger or non-traveling individual that a covered
aircraft operator or covered airport operator transmits to TSA, to the
extent available, pursuant to Sec. 1560.101. SFPD is the following
information regarding a passenger or non-traveling individual:
(1) Full name.
(2) Date of birth.
(3) Gender.
(4) Redress number or known traveler number (once implemented).
(5) Passport information.
(6) Reservation control number.
(7) Record sequence number.
(8) Record type.
(9) Passenger update indicator.
(10) Traveler reference number.
(11) Itinerary information.
Self-service kiosk means a kiosk operated by a covered aircraft
operator that is capable of accepting a passenger reservation or a
request for authorization to enter a sterile area from a non-traveling
individual.
Sterile area means ``sterile area'' as defined in 49 CFR 1540.5.
Terrorist Screening Center or TSC means the entity established by
the Attorney General to carry out Homeland Security Presidential
Directive 6 (HSPD-6), dated September 16, 2003, to consolidate the
Federal Government's approach to terrorism screening and provide for
the appropriate and lawful use of terrorist information in screening
processes.
Verifying Identity Document means an unexpired passport issued by a
foreign government or an unexpired document issued by a government
(Federal, State, or tribal) that includes the following information for
the individual:
(1) Full name.
(2) Date of birth.
(3) Photograph of the individual.
Watch list refers to the No Fly and Selectee List components of the
Terrorist Screening Database maintained by the Terrorist Screening
Center. For certain flights, the ``watch list'' may include the larger
set of watch lists maintained by the federal government as warranted by
security considerations.

Subpart B--Collection and Transmission of Secure Flight Passenger
Data for Watch List Matching

Sec. 1560.101 Request for and transmission of information to TSA.

(a) Request for information. (1) Each covered aircraft operator
must request the full name, gender, date of birth, and Redress Number
for passengers on a covered flight and non-traveling individuals
seeking access to an airport sterile area. The covered aircraft
operator must include the information provided by the passenger in
response to this request in the Secure Flight Passenger Data.
(i) Except as provided in paragraph (a)(1)(ii) of this section,
each covered aircraft operator must begin requesting the information
described in paragraph (a)(1) of this section 60 days after the
effective date of this rule.
(ii) An aircraft operator that becomes a covered aircraft operator
after the effective date must begin requesting the information on the
date it becomes a covered aircraft operator.
(2) Beginning on a date no later than 30 days after being notified
in writing by TSA, each covered aircraft operator must additionally
request the known traveler number for passengers on a covered flight
and non-traveling individuals seeking access to an airport sterile
area. The covered aircraft operator must include the known traveler
number provided by the passenger in response to this request in the
SFPD.
(3) Each covered aircraft operator may not accept a reservation for
any passenger on a covered flight who does not provide a full name.
Each covered aircraft operator may not accept a request for
authorization to enter a sterile area from a non-traveling individual
who does not provide a full name.
(4) Each covered aircraft operator must ensure that each third
party that accepts a reservation, or accepts a request for
authorization to enter a sterile area, on the covered aircraft
operator's behalf complies with the requirements of this section.
(b) Transmission of Secure Flight Passenger Data to TSA. Beginning
on

[[Page 48389]]

the date provided in a covered aircraft operator's AOIP, the covered
aircraft operator must electronically transmit Secure Flight Passenger
Data (SFPD) to TSA, prior to the scheduled departure of each covered
flight, in accordance with the AOIP.
(1) To the extent available, each covered aircraft operator must
electronically transmit SFPD to TSA for each passenger on a covered
flight.
(2) Each covered aircraft operator must transmit SFPD to TSA prior
to the scheduled flight departure time, in accordance with the covered
aircraft operator's AOIP.
(c) Transmission of non-traveler information to TSA. Beginning on
the date provided in a covered aircraft operator's AOIP, the covered
aircraft operator must electronically transmit SFPD to TSA for each
non-traveling individual, prior to authorizing access to an airport
sterile area.
(d) Retransmission of information. Each covered aircraft operator
must retransmit to TSA updates to the information listed in paragraphs
(b) and (c) of this section to reflect most recent changes to that
information, as specified in the covered aircraft operator's AOIP.

Sec. 1560.103 Notice.

(a) Electronic collection of information. (1) Current electronic
collection of information. Prior to collecting information through a
Web site or self-service kiosk from a passenger or non-traveling
individual to comply with Sec. 1560.101(a), a covered aircraft
operator must make available the complete privacy notice set forth in
paragraph (b) of this section.
(2) Other electronic collection of information. If a covered
aircraft operator collects information directly from a passenger or
non-traveling individual to comply with Sec. 1560.101(a) through an
electronic means not described in paragraph (a)(1) of this section, the
covered aircraft operator must make available the complete privacy
notice set forth in paragraph (b) of this section.
(b) Privacy notice. The covered aircraft operator may substitute
its name for the word ``us,'' but the complete privacy notice otherwise
must be identical to the following paragraph unless TSA has approved
alternative language:

The Transportation Security Administration requires us to
collect information from you for purposes of watch list screening,
under the authority of 49 U.S.C. section 114, and the Intelligence
Reform and Terrorism Prevention Act of 2004. Providing this
information is voluntary; however, if it is not provided, you may be
subject to additional screening or denied transport or authorization
to enter a sterile area. TSA may share information you provide with
law enforcement or intelligence agencies or others under its
published system of records notice. For more on TSA Privacy policies
or to view the system of records notice and the privacy impact
assessment, please see TSA's Web site at www.tsa.gov.

Sec. 1560.105 Denial of transport or sterile area access; designation
for enhanced screening.

(a) Applicability. (1) This section applies to a covered aircraft
operator beginning on the date that TSA assumes the watch list matching
function for the passengers and non-traveling individuals to whom that
covered aircraft operator issues a boarding pass or other authorization
to enter a sterile area. TSA will provide prior written notification to
the covered aircraft operator no later than 60 days before the date on
which it will assume the watch list matching function from that covered
aircraft operator.
(2) Prior to the date that TSA assumes the watch list matching
function from a covered aircraft operator, the covered aircraft
operator must comply with existing watch list matching procedures for
passengers and non-traveling individuals, including denial of transport
or sterile area access or designation for enhanced screening for
individuals identified by the covered aircraft operator or TSA.
(b) Watch list matching results. A covered aircraft operator must
not issue a boarding pass or other authorization to enter a sterile
area to a passenger or a non-traveling individual and must not allow
that individual to board an aircraft or enter a sterile area, until TSA
informs the covered aircraft operator of the results of watch list
matching for that passenger or non-traveling individual, in response to
the covered aircraft operator's most recent SFPD submission for that
passenger or non-traveling individual.
(1) Denial of boarding pass. If TSA sends a covered aircraft
operator an instruction that the passenger or non-traveling individual
must be placed on inhibited status, the covered aircraft operator must
not issue a boarding pass or other authorization to enter a sterile
area to that individual and must not allow that individual to board an
aircraft or enter a sterile area.
(2) Selection for enhanced screening. If TSA sends a covered
aircraft operator an instruction that the passenger or non-traveling
individual has been selected for enhanced screening at a security
checkpoint, the covered aircraft operator may issue a boarding pass or
other authorization to enter a sterile area to that individual and must
identify the individual for enhanced screening, in accordance with
procedures approved by TSA. The covered aircraft operator must place a
separate code on the boarding pass that meets the requirements
described in the Consolidated User Guide.
(3) Cleared for boarding or entry into a sterile area. If TSA sends
a covered aircraft operator an instruction that a passenger or non-
traveling individual is cleared, the covered aircraft operator may
issue a boarding pass or other authorization to enter a sterile area to
that individual, unless required under another TSA requirement to
identify the passenger or non-traveling individual for enhanced
screening. The covered aircraft operator must place a separate code on
the boarding pass that meets the requirements described in the
Consolidated User Guide.
(4) Override by a covered aircraft operator. No covered aircraft
operator may override a TSA instruction to place a passenger or non-
traveling individual in an inhibited status or to identify a passenger
or non-traveling individual for enhanced screening, unless explicitly
authorized by TSA to do so.
(5) Updated SFPD from covered aircraft operator. When a covered
aircraft operator sends an updated SFPD to TSA under Sec. 1560.101(d)
for a passenger or non-traveling individual for whom TSA has already
issued an instruction, all previous TSA instructions concerning the
passenger or non-traveling individual are voided. The covered aircraft
operator may not issue a boarding pass or grant authorization to enter
a sterile area until it receives an updated instruction from TSA
authorizing the issuance of a boarding pass or authorization to enter a
sterile area. Upon receiving an updated instruction from TSA, the
covered aircraft operator must acknowledge receipt of the updated
instruction, comply with the updated instruction, and disregard all
previous instructions.
(6) Updated instruction from TSA. After TSA sends a covered
aircraft operator an instruction under paragraph (b)(1), (b)(2), or
(b)(3) of this section, TSA may receive additional information
concerning the passenger and may send an updated instruction concerning
that passenger to the covered aircraft operator. Upon receiving an
updated instruction from TSA, the covered aircraft operator must
acknowledge receipt of the updated instruction, comply with the updated
instruction, and disregard all previous instructions.
(c) Request for identification. (1) In general. If TSA has not
informed the

[[Page 48390]]

covered aircraft operator of the results of watch list matching for an
individual by the time the individual attempts to check in, or informs
the covered aircraft operator that an individual has been placed in
inhibited status, the aircraft operator must request from the
individual a verifying identity document.
(2) Transmission of Updated Secure Flight Passenger Data. Upon
reviewing a passenger's verifying identity document, the covered
aircraft operator must transmit the SFPD elements from the individual's
verifying identity document to TSA.
(3) Provision of Passenger Resolution Information. If requested by
TSA, the covered aircraft operator must also provide to TSA the
individual's Passenger Resolution Information as specified by TSA.
(4) Exception for minors. If a covered aircraft operator is
required to obtain information from an individual's verifying identity
document under this paragraph (c), and the individual is younger than
18 years of age and does not have a verifying identity document, TSA
may, on a case-by-case basis, authorize the minor or an adult
accompanying the minor to state the individual's full name and date of
birth in lieu of providing a verifying identity document.
(d) Failure to obtain identification. If a passenger or non-
traveling individual does not present a verifying identity document
when requested by the covered aircraft operator, in order to comply
with paragraph (c) of this section, the covered aircraft operator must
not issue a boarding pass or give authorization to enter a sterile area
to that individual and must not allow that individual to board an
aircraft or enter a sterile area, unless otherwise authorized by TSA.

Sec. 1560.107 Use of watch list matching results by covered aircraft
operators.

A covered aircraft operator must not use any watch list matching
results provided by TSA for purposes other than those provided in Sec.
1560.105 and security purposes.

Sec. 1560.109 Aircraft Operator Implementation Plan.

(a) Content of the Aircraft Operator Implementation Plan (AOIP).
Each covered aircraft operator must adopt and carry out an AOIP that
sets forth the specific means by which the covered aircraft operator
will request and transmit information under Sec. 1560.101, the timing
and frequency of transmission, and any other related matters, in
accordance with the Consolidated User Guide.
(b) Submission of Aircraft Operator Implementation Plan (AOIP).
Each covered aircraft operator must submit a proposed AOIP to TSA for
approval.
(1) Aircraft operators that are covered aircraft operators on the
effective date of this rule must submit their proposed AOIP no later
than 30 days after the effective date. Review, modification, and
approval of proposed AOIPs will be conducted under paragraphs (b) and
(c) of this section.
(2) An aircraft operator that becomes a covered aircraft operator
after the effective date must submit a proposed AOIP as part of its
proposed security program under 49 CFR 1544.105(a) or 49 CFR
1546.105(a). Review, modification, and approval of the proposed AOIP
will be conducted under the procedures set forth in 49 CFR 1544.105 or
1546.105, as appropriate, rather than paragraphs (b) and (c) of this
section.
(c) Approval and implementation of Aircraft Operator Implementation
Plan (AOIP). If TSA approves a covered aircraft operator's proposed
AOIP, the covered aircraft operator must implement the plan according
to the schedule set forth in the AOIP and approved by TSA.
(d) Disapproval and modification of Aircraft Operator
Implementation Plan (AOIP). (1) If TSA disapproves and orders
modifications to a proposed AOIP submitted under paragraph (a)(1) of
this section, TSA will provide written notice to the covered aircraft
operator. The covered aircraft operator must either:
(i) Make any changes to the AOIP that TSA requests in the notice
and implement the plan according to the schedule approved by TSA and
set forth in the AOIP; or
(ii) Petition TSA to reconsider the modification(s) in the notice
within 30 days of receiving the notice. A petition for reconsideration
with supporting documentation must be filed with the designated
official.
(2) The designated official, upon receipt of a petition for
reconsideration and supporting documentation, may amend or withdraw the
notice to modify, or transmit the petition, together with any pertinent
information and supporting documentation, to the Administrator for
reconsideration. The Administrator disposes of the petition within 30
days of receipt by either directing the designated official to withdraw
or amend the notice, or by affirming the notice to modify.
(3) TSA may, at its discretion, grant extensions to any schedule
deadlines, on its own initiative or upon the request of a covered
aircraft operator.
(e) Incorporation Into Security Program. Once an AOIP is approved,
the AOIP becomes part of the covered aircraft operator's security
program as described in 49 CFR part 1544, subpart B, or 49 CFR part
1546, subpart B, as appropriate, and any amendments will be made in
accordance with the procedures in those subparts.
(f) Handling of Aircraft Operator Implementation Plan (AOIP). An
AOIP contains sensitive security information (SSI) and must be handled
and protected in accordance with 49 CFR part 1520.

Sec. 1560.111 Covered airport operators.

(a) Applicability. This section applies to a covered airport
operator that has a program approved by TSA through which the covered
airport operator may authorize non-traveling individuals to enter a
sterile area.
(b) Requirements. No later than 30 days after receiving written
notice from TSA, or such longer period as TSA may determine for good
cause, a covered airport operator must adopt and carry out an AOIP in
accordance with Sec. 1560.109. Each covered airport operator must
comply with the procedures required of covered aircraft operators in
Sec. Sec. 1560.101(a), (c), and (d), 1560.103, and 1560.107 of this
part and any other applicable TSA requirements when authorizing non-
traveling individuals to enter a sterile area.

Subpart C--Passenger Redress

Sec. 1560.201 Applicability.

This subpart applies to individuals who believe they have been
improperly or unfairly delayed or prohibited from boarding an aircraft
or entering a sterile area, as a result of the Secure Flight program.

Sec. 1560.203 Representation by counsel.

A person may be represented by counsel at his or her own expense
during the redress process.

Sec. 1560.205 Redress process.

(a) If an individual believes he or she has been improperly or
unfairly delayed or prohibited from boarding an aircraft or entering a
sterile area as a result of the Secure Flight program, the individual
may seek assistance through the redress process established under this
section.
(b) An individual may obtain the forms and information necessary to
initiate the redress process on the DHS TRIP Web site at http://www.dhs.gov/trip or by contacting the DHS TRIP office by mail. Written
requests may be

[[Page 48391]]

sent to the DHS TRIP office and must include the individual's name and
current address. DHS will provide the necessary documents and
information to individuals through its Web site or by mail.
(c) The individual must send to the DHS TRIP office the personal
information and copies of the specified identification documents. If
TSA needs additional information in order to continue the redress
process, TSA will so notify the individual in writing and request that
additional information. The DHS TRIP office will assign the passenger a
unique identifier, which TSA will recognize as the Redress Number, and
the passenger may use that Redress Number in future correspondence with
TSA and when making future travel reservations.
(d) TSA, in coordination with the TSC and other appropriate Federal
law enforcement or intelligence agencies, if necessary, will review all
the documentation and information requested from the individual,
correct any erroneous information, and provide the individual with a
timely written response.

Sec. 1560.207 Oversight of process.

The redress process and its implementation are subject to review by
the Offices of the TSA and DHS Privacy Officers and the TSA and DHS
Offices for Civil Rights and Civil Liberties.

Issued in Arlington, Virginia, on August 8, 2007.
Kip Hawley,
Assistant Secretary.
[FR Doc. E7-15960 Filed 8-22-07; 8:45 am]
BILLING CODE 9110-05-P