[Federal Register: September 16, 2009 (Volume 74, Number 178)]
[Rules and Regulations]
[Page 47671-47710]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr16se09-12]
[[Page 47671]]
-----------------------------------------------------------------------
Part III
Department of Homeland Security
-----------------------------------------------------------------------
Transportation Security Administration
-----------------------------------------------------------------------
49 CFR Parts 1515, 1520, 1522, et al.
Air Cargo Screening; Interim Final Rule
[[Page 47672]]
-----------------------------------------------------------------------
DEPARTMENT OF HOMELAND SECURITY
Transportation Security Administration
49 CFR Parts 1515, 1520, 1522, 1540, 1544, 1546, 1548, and 1549
[Docket No. TSA-2009-0018; Amendment Nos. 1515-1, 1520-8, 1522-New,
1540-10, 1544-9, 1546-5, 1548-5, 1549-New]
RIN 1652-AA64
Air Cargo Screening
AGENCY: Transportation Security Administration, DHS.
ACTION: Interim final rule; request for comments.
-----------------------------------------------------------------------
SUMMARY: This rule codifies a statutory requirement of the Implementing
Recommendations of the 9/11 Commission Act that the Transportation
Security Administration (TSA) establish a system to screen 100 percent
of cargo transported on passenger aircraft by August 3, 2010. To assist
in carrying out this mandate, this rule establishes a program under
which TSA will certify cargo screening facilities located in the U.S.
that volunteer to screen cargo prior to tendering it to aircraft
operators for carriage on passenger aircraft. This rule requires
affected passenger aircraft operators to ensure that either an aircraft
operator or certified cargo screening facility that does so in
accordance with TSA standards, or TSA itself, screens all cargo loaded
on passenger aircraft.
TSA will require certified cargo screening facilities (CCSFs) to
screen cargo using TSA-approved methods and implement chain of custody
measures to ensure the security of the screened cargo throughout the
air cargo supply chain prior to tendering it for transport on passenger
aircraft. CCSF personnel must successfully undergo a TSA-conducted
security threat assessment (STA) and pay a fee for that assessment. TSA
proposes a fee to cover the Government's costs in conducting the STA
and requests comment on the fee and the methodology used to develop the
fee.
Before being certified and periodically thereafter, the CCSF must
undergo examination by a TSA-approved validator. Validators must have
specified qualifications, complete training regarding the certified
cargo screening program (CCSP), and successfully undergo a TSA-
conducted STA as described in the discussion of part 1540 in this
preamble, and pay a fee for that assessment.
DATES: Effective Date: This rule is effective November 16, 2009.
Comment Date: Comments must be received by November 16, 2009.
ADDRESSES: You may submit comments, identified by the TSA docket number
to this rulemaking, to the Federal Docket Management System (FDMS), a
government-wide, electronic docket management system, using any one of
the following methods:
Electronically: You may submit comments through the Federal
eRulemaking portal at http://www.regulations.gov. Follow the online
instructions for submitting comments.
Mail, In Person, or Fax: Address, hand-deliver, or fax your written
comments to the Docket Management Facility, U.S. Department of
Transportation, 1200 New Jersey Avenue, SE., West Building Ground
Floor, Room W12-140, Washington, DC 20590-0001; Fax 202-493-2251. The
Department of Transportation (DOT), which maintains and processes TSA's
official regulatory dockets, will scan the submission and post it to
FDMS.
See SUPPLEMENTARY INFORMATION for format and other information
about comment submissions.
FOR FURTHER INFORMATION CONTACT: Tamika McCree, Manager, Air Cargo
Stakeholder Relations, Air Cargo Security, TSA-28, Transportation
Security Administration, 601 South 12th Street, Arlington, VA 20598-
6028; telephone (571) 227-2632; facsimile (571) 227-1947; e-mail
AirCargoScreeningCommentsIFR@dhs.gov.
SUPPLEMENTARY INFORMATION:
Comments Invited
TSA adopts this interim rule without prior notice and prior public
comment. In this rule, however, TSA seeks prior public comment on our
proposed fee to cover the cost of the STAs. To the maximum extent
possible, DHS provides an opportunity for public comment on regulations
issued without prior notice. Accordingly, TSA invites interested
persons to participate in this rulemaking by submitting written
comments, data, or views on the proposed fee for the STA, as well as
all other aspects of this rule. We also invite comments relating to the
economic, environmental, energy, or federalism impacts that might
result from this rulemaking action. See ADDRESSES above for information
on where to submit comments.
With each comment, please identify the docket number at the
beginning of your comments. TSA encourages commenters to provide their
names and addresses. The most helpful comments reference a specific
portion of the rulemaking, explain the reason for any recommended
change, and include supporting data. You may submit comments and
material electronically, in person, by mail, or fax as provided under
ADDRESSES, but please submit your comments and material by only one
means. If you submit comments by mail or delivery, submit them in an
unbound format, no larger than 8.5 by 11 inches, suitable for copying
and electronic filing.
If you would like TSA to acknowledge receipt of comments submitted
by mail, include with your comments a self-addressed, stamped postcard
on which the docket number appears. We will stamp the date on the
postcard and mail it to you.
TSA will file in the public docket all comments received by TSA,
except for comments containing confidential information and sensitive
security information (SSI),\1\ TSA will consider all comments received
on or before the closing date for comments and will consider comments
filed late to the extent practicable. The docket is available for
public inspection before and after the comment closing date.
---------------------------------------------------------------------------
\1\ ``Sensitive Security Information'' or ``SSI'' is information
obtained or developed in the conduct of security activities, the
disclosure of which would constitute an unwarranted invasion of
privacy, reveal trade secrets or privileged or confidential
information, or be detrimental to the security of transportation.
The protection of SSI is governed by 49 CFR part 1520.
---------------------------------------------------------------------------
Handling of Confidential or Proprietary Information and Sensitive
Security Information (SSI) Submitted in Public Comments
Do not submit comments that include trade secrets, confidential
commercial or financial information, or SSI to the public regulatory
docket. Please submit such comments separately from other comments on
the rulemaking. Comments containing this type of information should be
appropriately marked as containing such information and submitted by
mail to the address listed in FOR FURTHER INFORMATION CONTACT section.
Upon receipt of such comments, TSA will not place the comments in
the public docket and will handle them in accordance with applicable
safeguards and restrictions on access. TSA will hold documents
containing SSI, confidential business information, or trade secrets in
a separate file to which the public does not have access, and place a
note in the public docket that TSA has received such materials from the
commenter. If TSA determines, however, that portions of these comments
may be made publicly available, TSA may include a redacted
[[Page 47673]]
version of the comment in the public docket. If TSA receives a request
to examine or copy information that is not in the public docket, TSA
will treat it as any other request under the Freedom of Information Act
(FOIA) (5 U.S.C. 552) and the FOIA regulation of the Department of
Homeland Security found in 6 CFR part 5.
Reviewing Comments in the Docket
Please be aware that anyone is able to search the electronic form
of all comments received into any of our dockets by the name of the
individual who submitted the comment (or signed the comment, if
submitted on behalf of an association, business, labor union, etc.).
You may review the applicable Privacy Act Statement published in the
Federal Register on April 11, 2000 (65 FR 19477) and modified on
January 17, 2008 (73 FR 3316).
You may review TSA's electronic public docket on the Internet at
http://www.regulations.gov. In addition, DOT's Docket Management
Facility provides a physical facility, staff, equipment, and assistance
to the public. To obtain assistance or to review comments in TSA's
public docket, you may visit this facility between 9 a.m. to 5 p.m.,
Monday through Friday, excluding legal holidays, or call (202) 366-
9826. This docket operations facility is located in the West Building
Ground Floor, Room W12-140 at 1200 New Jersey Avenue, SE., Washington,
DC 20590.
Availability of Rulemaking Document
You can get an electronic copy using the Internet by--
(1) Searching the electronic Federal Docket Management System
(FDMS) Web page at http://www.regulations.gov;
(2) Accessing the Government Printing Office's Web page at http://
www.gpoaccess.gov/fr/index.html; or
(3) Visiting TSA's Security Regulations Web page at http://
www.tsa.gov and accessing the link for ``Research Center'' at the top
of the page.
In addition, copies are available by writing or calling the
individual in the FOR FURTHER INFORMATION CONTACT section. Make sure to
identify the docket number of this rulemaking.
Small Entity Inquiries
The Small Business Regulatory Enforcement Fairness Act (SBREFA) of
1996 requires TSA to comply with small entity requests for information
and advice about compliance with statutes and regulations within TSA's
jurisdiction. Any small entity that has a question regarding this
document may contact the person listed in FOR FURTHER INFORMATION
CONTACT. Persons can obtain further information regarding SBREFA on the
Small Business Administration's Web page at http://www.sba.gov/advo/
laws/law_lib.html.
Abbreviations and Terms Used in This Document
CBP U.S. Customs and Border Protection
CCSF Certified Cargo Screening Facility
CCSP Certified Cargo Screening Program
CFR Code of Federal Regulations
CHRC Criminal History Records Check
DHS Department of Homeland Security
FSD Federal Security Director
IAC Indirect Air Carrier
IED Improvised Explosive Device
MSP Model Security Program
SIDA Security Identification Display Area
SSI Sensitive Security Information
STA Security Threat Assessment
TSA Transportation Security Administration
Outline of Interim Final Rule
I. Summary of Rule
II. Background
A. Current Air Cargo Screening
B. 9/11 Act Requirements
C. Development of the Certified Cargo Screening Program
D. Certified Cargo Screening Pilot Programs
III. TSA's Program for Achieving the Statutory Mandates for Cargo
Loaded Domestically
IV. Organization of the Rule
V. Section-by-Section Analysis
VI. Good Cause for Immediate Adoption
VII. Paperwork Reduction Act
VIII. Economic Impact Analyses
A. Regulatory Evaluation Summary
B. Executive Order 12866 Assessment
C. Regulatory Flexibility Act Assessment
D. International Trade Impact Assessment
E. Unfunded Mandates Assessment
IX. Executive Order 13132, Federalism
X. Environmental Analyses
XI. Energy Impact Analysis
List of Subjects
The Amendments
I. Summary of Rule
This rule provides that affected U.S. aircraft operators and
foreign air carriers \2\ must have screened at least 50 percent of its
cargo transported on passenger aircraft by February 3, 2009, and must
screen 100 percent of cargo by August 3, 2010, to carry out sec. 1602
of the Implementing the Recommendations of the 9/11 Commission Act of
2007 (Pub. L. 110-53, 121 Stat. 266, 478, Aug. 3, 2007) (9/11 Act). The
rule applies to certain commercial passenger operations, and applies to
foreign air carriers the same standards that apply to U.S. aircraft
operators, for the same types of flights. This rule applies only to
cargo loaded in the United States. It does not apply to either U.S.
aircraft operators or foreign air carriers when they load cargo outside
the U.S. and transport it into the U.S., nor to U.S. or foreign all-
cargo operations. This rule will not cover general aviation operations.
---------------------------------------------------------------------------
\2\ The affected aircraft operators are U.S. aircraft operators
with full programs under 49 CFR 1544.101(a) and foreign air carriers
with security programs under 49 CFR 1546.101(a) or (b). This
includes aircraft operators with scheduled or public charter
operations with an aircraft having a passenger seating configuration
of 61 or more seats, and those operating smaller aircraft when
passengers are enplaned from or deplaned into a sterile area.
---------------------------------------------------------------------------
The Transportation Security Administration (TSA) concluded that
this mandate could not be achieved by relying solely on U.S. aircraft
operators and foreign air carriers to conduct screening. Aircraft
operators do not have the capacity to screen the approximately 12
million pounds of cargo that is now transported on passenger aircraft
daily. Requiring passenger aircraft operators to screen 100 percent of
air cargo would result in carrier delays, backlogs of unscreened cargo,
and missed flights, which could significantly impede the flow of
commerce.
Accordingly, TSA will establish the certified cargo screening
program (CCSP) to allow entities other than aircraft operators to
conduct screening off-airport. Under the CCSP, facilities upstream in
the air cargo supply chain, such as shippers, manufacturers,
warehousing entities, distributors, third party logistics companies,
and Indirect Air Carriers (IACs) that are located in the U.S., may
apply to TSA to become certified cargo screening facilities (CCSFs).
Aircraft operators that screen cargo off-airport must also become CCSFs
in order to screen cargo for transport on passenger aircraft. These
applicants must submit to TSA an application for certification of a
single facility, including a TSA-approved validator's evaluation of the
applicant's security measures. Once certified, the CCSF must--
Implement the certified cargo screening standard security
program that TSA develops and any amendments to it;
Appoint security coordinators at the corporate and
facility levels and alternates to be available 24 hours per day, 7 days
per week;
Ensure that the following individuals successfully undergo
a TSA-conducted STA: (1) Each employee and authorized representative
who screens cargo or has unescorted access to screened cargo, and (2)
each security coordinator and alternate, senior manager of the
facility, and other individual who implements the cargo screening
program;
[[Page 47674]]
Adhere to strict physical and access control measures for
the storage, handling, and screening of cargo;
Screen cargo using TSA-approved methods;
Implement chain of custody requirements, including the use
of tamper evident technology, which must begin when the cargo is
screened and remain intact until the cargo is tendered to the aircraft
operator for transport on a passenger aircraft; and
Apply for recertification, including a new examination by
a TSA-approved validator, every 36 months.
TSA believes that it is important for CCSFs to submit to a
recertification assessment of their security programs every three years
in order to maintain good standing in the CCSP. Within the 36 month
period, TSA will inspect the CCSF for compliance and the CCSFs will
conduct quarterly self-audits. TSA based the 36-month cycle on a
similar program in the United Kingdom, the Known Consignor program
discussed in section II.C. below.
This rule establishes procedures under which firms may apply for
TSA's approval to conduct validation assessments of CCSF facilities.
Approved validation firms must hold and carry out a TSA-approved
security program, must have security coordinators to be the primary
point of contact for security at the facility, and must ensure that
individuals conducting assessments have professional qualifications,
receive training, do not have conflicts of interest with facilities to
be assessed, and conduct assessments impartially. The rule requires
validators and their supervisors and validation firm security
coordinators and their alternates to successfully undergo a TSA-
conducted STA. Individuals conducting validation assessments must--
Be a citizen or national of the United States or be a
lawful permanent resident alien;
Hold a certification or accreditation from a TSA-
recognized organization qualified to certify or accredit a validator;
Have at least five years of experience in inspection or
validating compliance with certain government and industry
organizations;
Have sufficient knowledge of certain regulations,
policies, and security programs and be able to determine compliance;
Have sufficient knowledge of the CCSP; and
Conduct no more than two assessments of a facility seeking
approval, unless TSA authorizes otherwise.
This rule also amends the threat assessment provisions that
currently exist in 49 CFR part 1540, subpart C, for individuals who
work in the air cargo sector to enhance TSA's ability to effectively
conduct STAs.
II. Background
A. Current Air Cargo Screening
Since 2002, TSA has implemented a multilayered, risk-based system
for securing cargo transported on passenger aircraft. U.S. aircraft
operators and foreign air carriers must ensure that cargo transported
on passenger aircraft is screened or inspected as set forth in their
security programs. 49 CFR 1544.205, 1546.205. IACs must screen a
certain percentage of cargo prior to tendering the cargo for transport
or take other security measures as required in the applicable Security
Directives and in their security programs.\3\ U.S. aircraft operators,
foreign air carriers, and IACs must screen 100 percent of cargo
considered to present an ``elevated risk,'' and TSA screens 100 percent
of all cargo transported on passenger aircraft at Category II-IV
airports.\4\
---------------------------------------------------------------------------
\3\ Security Directives and security programs are SSI and the
details are non-public information. See footnote 1.
\4\ There are several categories of airport designations that
are based largely on the number of enplanements. Category II-IV
airports include those with less than five million annual domestic
enplanements or with five million or more annual domestic
enplanements, but less than one million international enplanements.
Overall, approximately 99 percent of cargo loaded on passenger
aircraft in the United States is loaded at Category X and I
airports.
---------------------------------------------------------------------------
Currently, aircraft operators conduct screening of most cargo at
the airports. Generally applicable TSA-approved methods of screening
include x-ray, explosives trace detection (ETD), explosive detection
systems (EDS), explosives detection canine teams, and physical
inspection along with verification of the description of the cargo on
the shipping manifest. There are certain categories of cargo for which
these generally applicable methods of screening may not be effective or
feasible, so the aircraft operators and IACs use TSA-approved
alternative methods of screening.
B. 9/11 Act Requirements
The 9/11 Act amended 49 U.S.C. 44901(g)(1), which provides, in
pertinent part:
Not later than 3 years after the date of enactment of the [9/11
Act], the Secretary of Homeland Security shall establish a system to
screen 100 percent of cargo transported on passenger aircraft
operated by an air carrier or foreign air carrier in air
transportation or intrastate air transportation to ensure the
security of all such passenger aircraft carrying cargo.
As amended by the 9/11 Act, 49 U.S.C. 44901(g)(2) provides that the
system used to screen cargo on passenger aircraft shall provide a level
of security ``commensurate with the level of security for the screening
of passenger checked baggage'' and directs that--
Fifty percent of such cargo must be screened not later
than February 3, 2009; and
One hundred percent of such cargo must be screened not
later than August 3, 2010.
Section 44901(g)(3)(B) explicitly authorizes TSA to issue an interim
final rule (IFR) to implement the requirements. If TSA issues an IFR,
TSA must issue a final rule not later than one year after the effective
date of the IFR.
The 9/11 Act defines the term ``screening'' in sec. 44901(g)(5) to
mean ``a physical examination or non-intrusive method of assessing
whether cargo poses a threat to transportation security. Methods
include x-ray systems, explosives detection systems, explosives trace
detection, explosives detection canine teams certified by TSA or a
physical search together with manifest verification.'' This section
further provides that TSA may approve additional methods to ensure that
the cargo does not pose a threat to transportation security and to
assist in meeting the requirements of the 9/11 Act. TSA will continue
to consider different technologies or methods for screening cargo
transported on passenger or cargo flights. TSA would approve these
additional methods and technologies based on their applicability and
effectiveness in screening specific commodities.
C. Development of the Certified Cargo Screening Program
TSA recognized that it needed to develop a program that could
achieve the 9/11 Act's requirement for 100 percent screening while
still allowing for the flow of commerce. Approximately 12 million
pounds of cargo are transported on passenger aircraft in the United
States each day. In evaluating the practical implications of 100
percent screening, the Congressional Research Service has stated that
``* * * given the sheer volume of cargo that must be expediently
processed and loaded on aircraft * * * full screening of air cargo, as
is now required of checked passenger baggage, is likely to present
significant logistic and operational challenges.'' CRS Report for
Congress, Air Cargo Security, Updated July 30, 2007, CRS-2.
[[Page 47675]]
TSA has developed the CCSP by working closely with U.S. and
international agencies and associations to incorporate key aspects of
similar security programs in other countries and in the United States.
In particular, TSA studied the Known Consignor programs in Great
Britain and Ireland. Such programs have been in effect for several
years and operate successfully. TSA also examined the security measures
of the Customs-Trade Partnership Against Terrorism (C-TPAT), a U.S.
Customs and Border Protection (CBP) program. Like the programs in Great
Britain and Ireland, CBP's C-TPAT program adopts the concept of supply
chain security in its voluntary program under which participants
benefit from expedited CBP processing.
The United Kingdom (UK) Known Consignor program has key features
that TSA has incorporated into the CCSP. First, like the CCSP, the UK
Known Consignor program relies on authorized entities to augment air
carriers' screening of cargo. Both programs rely on a chain of custody
concept, requiring verification that no tampering has occurred between
the time of screening and the time the cargo is tendered to the air
carrier.
Second, the UK Known Consignor program requires approved validators
to assess Known Consignors and requires Known Consignors to pay a fee
for these assessments. TSA based the validator requirements in this
IFR, in part, on the UK program. In both programs, entities wishing to
serve as validators seek approval from the government regulatory
agency. In both programs, the government reviews the validators'
assessments and, where appropriate, government agents may conduct
inspections to determine if enforcement action is necessary.
In addition to these structural similarities, some of the methods
to secure cargo will be similar in the two programs. For example, the
UK program makes use of tamper-resistant seals, tamper evident tape,
and procedures to document that the cargo is not subject to
unauthorized access from the time the cargo is screened until it is
tendered to an aircraft operator for transport on a passenger aircraft.
These are key elements in the CCSP ``chain of custody'' framework.
The UK program has been in place since 2003 and has achieved the
benefits TSA seeks to gain from the CCSP. Known consignors screen close
to 50 percent of cargo that otherwise would be screened by aircraft
operators and foreign air carriers on airports; the rest of the cargo
is screened by air carriers. Having aircraft operators and foreign air
carriers screen all cargo at airports could result in delays in flights
and backlogs of cargo to be screened. The UK program significantly
reduces potential adverse impacts on the flow of commerce that
otherwise could result if aircraft operators and foreign air carriers
were required to screen all cargo. The same concerns exist for
screening cargo at U.S. airports.
D. Certified Cargo Screening Pilot Programs
TSA is testing the concept of screening earlier in the supply chain
by conducting two parallel pilot programs: (1) The CCSP pilot involving
shippers and other entities, such as manufacturers, distributors, and
third party logistics companies, and (2) the IAC technology pilot. The
CCSP pilots began at the following major gateway airports representing
over 65% of all air cargo loaded on passenger flights: San Francisco
(SFO), Chicago (ORD), Philadelphia (PHL), Seattle (SEA), Los Angeles
(LAX), Dallas-Fort Worth (DFW), Miami (MIA), Atlanta (ATL), and New
York/Newark (JFK/EWR). The IAC pilot is now in effect at all U.S.
airports.
Over 65 percent of all cargo transported on passenger aircraft is
carried on wide-body passenger aircraft, such as a B-767, from the
airports listed above. Approximately 43 percent of cargo transported on
wide-body aircraft originates in 6 of these airports. Thus, TSA focused
its outreach for the pilot programs on the entities using the airports
with the highest volume of cargo transported on wide body passenger
aircraft. Industry agreed to participate in the pilots.
TSA conducted outreach for the CCSP pilot program by contacting 120
shippers and other entities in 9 major cities. The CCSP pilot focuses
on the ability of these entities to screen cargo according to methods
approved by TSA, primarily by physical search of the shipping box
before it is closed, sealed, and leaves the facility using a secure
chain of custody. Shippers, manufacturers, distributors, and third-
party logistics companies are in the best position to screen the
contents of the box before it leaves their facility, as they know what
should be in the box and can spot anomalies quickly. As long as the
screening is conducted in accordance with TSA procedures and the chain
of custody remains intact when the cargo is loaded on passenger
aircraft, the cargo does not have to be rescreened.
The IAC technology pilot is evaluating the effectiveness of cargo
screening technology and processes recommended by TSA by commodity
class at each participant's consolidation facility. Congressional
appropriations provided TSA with funds for the screening of air cargo.
TSA is using these funds in part to assist in the deployment of
appropriate screening technology for use in the IAC pilot. The IAC
technology pilot participants must use either x-ray or Explosive Trace
Detection (ETD) equipment during the screening process. This pilot is
also evaluating the IAC community's ability to screen cargo volumes,
and the use of chain of custody procedures.
When the IFR becomes effective, the CCSP pilot program will end.
Participants will become CCSFs under the IFR. The IACs in the IAC
technology pilot will continue to collect and submit information to TSA
regarding the cargo screening technology until August 2010. TSA will
collect information after the IFR becomes effective under OMB's
Paperwork Reduction Act approval for the IFR; this information will
include the data collected during the IAC technology pilot. After the
completion of the IAC technology pilot, DHS will conduct an evaluation
of the pilot.
III. TSA's Program for Achieving the Statutory Mandates for Cargo
Loaded Domestically
With respect to cargo loaded within the United States, TSA
implemented two measures that assisted industry in achieving the
requirement that 50 percent of cargo transported on passenger aircraft
be screened by February 3, 2009. First, on August 1, 2008, TSA issued
an amendment to the Aircraft Operator Standard Security Program that
requires 100 percent screening of cargo transported on narrow-body
passenger aircraft. Narrow-body aircraft represent 96 percent of all
domestic passenger flights, and approximately one-quarter of all cargo
on passenger aircraft travels on narrow-body aircraft. TSA has required
that all cargo on narrow-body passenger aircraft, such as a B-737, must
be screened. This requirement was a key component of achieving the 9/11
Act's requirement to ensure that 50 percent of cargo on passenger
aircraft was screened by February 2009. The second key component was to
have IACs participating in the pilot program at the major gateway
airports screen cargo prior to their consolidating the cargo for the
airlines. Data from the pilot programs, as well as inspections by TSA
Inspectors, demonstrates that industry has achieved the 50 percent
milestone of the 9/11 Act.
This rule is a key component of our strategy to maintain 50 percent
screening as of February 3, 2009, and to
[[Page 47676]]
achieve 100 percent screening by August 3, 2010. The rule will allow
shippers to screen their cargo prior to tendering it to the airlines.
We have developed this IFR implementing the permanent CCSP based on
lessons learned in the CCSP pilot program. We estimate that, at full
implementation, certified cargo screening facilities and aircraft
operators will screen cargo traveling on passenger aircraft as follows:
Of the 4.3 billion pounds of cargo shipped on passenger
aircraft annually, aircraft operators will screen 30 percent of the
cargo or 1.3 billion pounds;
CCSFs using screening equipment will screen 38 percent of
the cargo or 1.6 billion pounds; and
CCSFs using physical search methods to screen will screen
32 percent of the cargo or 1.4 billion pounds.
IV. Organization of the Rule
The section-by-section analysis below is organized sequentially to
follow the CFR numbering. This rule amends a number of TSA's existing
regulations and adds several new parts to the CFR. Briefly, these
changes include the following:
The rule expands 49 CFR part 1515 to provide redress
procedures for individuals who undergo STAs in connection with their
air cargo work for aircraft operators, certified cargo screening
facilities, and validation firms, if they receive an adverse decision
from TSA.
The rule amends 49 CFR part 1520, the regulations
governing sensitive security information (SSI), requiring these newly-
regulated populations, such as CCSFs and validators, to protect such
information from disclosure.
The rule adds a new 49 CFR part 1522, establishing a
system to authorize TSA-approved validators to perform assessments of
CCSFs. It also provides a framework for potential future use in other
TSA programs.
The rule amends the existing STA regulations in 49 CFR
part 1540, subpart C, to encompass newly-required STAs for certain
personnel of certified cargo screening facilities and approved
validation firms. Also, the rule amends the list of biographic
information that applicants and operators must provide TSA, so that TSA
can conduct more efficient threat assessments. In addition, the rule
adds provisions to facilitate the use of comparable threat assessments
in place of the assessments that TSA requires in subpart C of part
1540.
The rule amends 49 CFR parts 1544 and 1546 to impose new
requirements on U.S. aircraft operators and foreign air carriers with
respect to the cargo screening and acceptance of cargo from CCSFs.
The rule also amends 49 CFR parts 1544, 1546, and 1548 to
clarify which individuals are subject to the STA requirements and to
better reflect current TSA requirements in the standard security
programs for U.S. aircraft operators, foreign air carriers, and IACs.
The rule adds a new 49 CFR part 1549, which provides the
regulatory requirements for facilities participating in the CCSP.
Requirements include qualifications of screening personnel, STAs,
adoption of security programs, and cargo screening procedures.
V. Section-by-Section Analysis
Part 1515--Appeal and Waiver Procedures for Security Threat Assessments
for Individuals
Section 1515.1--Scope
In part 1515, TSA sets forth redress procedures for many of the
transportation workers who must successfully complete an STA. These
STAs are described more fully in the Section-by-Section analysis for
part 1540, subpart C. The redress procedures include administrative
appeals, requests for waivers, and review of certain cases by
administrative law judges. This rule amends Sec. 1515.1 to expand the
scope of part 1515 to include applicants engaged in air cargo
operations who work for certified cargo screening facilities or
validation firms who have applied for an STA and wish to appeal an
Initial Determination of Threat Assessment or an Initial Determination
of Threat Assessment and Immediate Revocation.
Section 1515.9--Appeal of Security Threat Assessment Based on Other
Analyses
This rule revises Sec. 1515.9 to expand its scope to allow
applicants engaged in air cargo operations who work for certified cargo
screening facilities or validation firms to appeal an Initial
Determination of Threat Assessment in which TSA has determined that the
applicants pose a security threat under 49 CFR 1549.107.
Section 1515.11--Review by Administrative Law Judge and TSA Final
Decision Maker
This rule revises Sec. 1515.11 to allow applicants engaged in air
cargo operations who work for certified cargo screening facilities or
validation firms and who have received Final Determinations of Threat
Assessment after appeals as described in Sec. 1515.9 to obtain review
of these determinations by an administrative law judge and the TSA
Final Decision Maker.
Part 1520--Protection of Sensitive Security Information
Implementation of this rule will create new types of sensitive
security information (SSI) and new populations of persons with access
to, and responsibilities for, protecting all SSI. See Footnote 1.
Therefore, TSA is making the following changes to part 1520, which
implements the SSI program.
Section 1520.5--Sensitive Security Information
This rule amends the list of information constituting SSI in Sec.
1520.5 to include the SSI to be created under this rule. Specifically,
TSA adds ``air cargo'' to paragraph (b)(1)(i) of this section, which
contains the listing of security programs that constitute SSI. Such
programs include those for IACs as well as for CCSFs and validation
firms. TSA has determined that validation firm security programs
(operating under part 1522) and CCSF security programs (operating under
part 1549) to be SSI because they will contain specific information
about how the operation will implement measures for personnel security,
physical security, chain-of-custody controls, and other measures that--
if publicly disclosed--would allow a terrorist or other person with
malicious intent to jeopardize air cargo security.
In a related, clarifying change, this rule amends Sec. 1520.3 to
remove the definition of ``security program.'' This definition, which
is only used in Sec. 1520.5, is unnecessary, because it only describes
which security programs are SSI, a subject which is entirely covered in
Sec. 1520.5. Removing this duplicative provision will preclude
possible confusion. TSA moved the phrase ``including any comments,
instructions, or implementing guidance'' from the definition of
security program to Sec. 1520.5(b)(1) to make clear that comments,
instructions, and implementing guidance for security programs are
protected in the same way as the security programs themselves.
Section 1520.7--Covered Persons
This rule also amends the definition of ``covered person'' in Sec.
1520.7 to include personnel of certified cargo screening facilities and
of validation firms. These persons will have access to SSI, including
security programs and applicable security directives and orders.
Including these persons as ``covered individuals'' brings them within
the scope of the responsibilities
[[Page 47677]]
for protecting SSI that are contained in 49 CFR 1520.9. These include
the duty to protect SSI from disclosure and to report incidents of
unauthorized disclosure to TSA.
Part 1522--TSA-Approved Validation Firms and Validators
The provisions of part 1522 establish a system in which TSA
approves validation firms; these firms are responsible for hiring
individuals, called validators, who must have specific qualifications.
These validators are responsible for conducting the assessments of the
facility seeking certification or recertification as a CCSF operating
under part 1549. The CCSF applicants (whether they are individual
companies or IACs) will pay the validation firm for the validation
assessment. TSA will not charge or establish a fee for that purpose.
Firms that seek to perform the functions of validation firms for
purposes of the CCSP must apply to TSA for approval and, once approved,
must perform the functions in accordance with TSA's requirements. The
criteria for approval and the performance requirements are set forth in
part 1522 and described below. Part 1522 also addresses the
qualifications and responsibilities of individual validators, who, on
behalf of a validation firm, actually perform the assessments of
persons, operations, or facilities regulated under this chapter.
Section 1522.1--Scope and Terms Used in This Part
Section 1522.1(a) explains that part 1522 governs the use of
private firms employing individual validators to assess whether certain
persons regulated by TSA are complying with security programs
applicable to those persons and other TSA requirements.
Paragraph (b) of Sec. 1522.1 defines the terms used in part 1522.
The rule defines ``TSA-approved validation firm'' or ``validation
firm'' as a firm that has received TSA's approval to make such
assessments on whether regulated persons have complied with security
programs and other TSA requirements applicable to those persons. The
rule defines ``applicant'' as a firm seeking to become a TSA-approved
validation firm. The rule's definition of ``firm'' includes business
enterprises, including individuals operating as a business, as well as
other non-governmental organizations, such as non-profit corporations.
The term ``validator'' means the particular individual assigned by the
validation firm to perform a given assessment; thus, the terms
``validation firm'' and ``validator'' are not synonymous. The term
``assessment'' as defined in Sec. 1522.1, refers to the validator's
evaluation of compliance with the relevant requirements of a security
program.
The rule also defines the term ``national of the United States.''
For purposes of this rule, `national' means a citizen of the United
States, or a person who, though not a citizen, owes permanent
allegiance to the United States, as defined in 8 U.S.C. 1101(a)(22),
and includes American Samoa and Swains Island. It is consistent with
the definition of the same term (49 CFR 1570.3) in the Maritime and
Land Transportation Security regulations and with the definition in 8
U.S.C. 1101(a)(22).
Validation firms and validators must be free of conflicts of
interest to perform assessments for TSA programs. Section 1522.129(a)
requires validation firms to maintain records demonstrating compliance
with this regulation, including the conflict-of-interest requirements.
As part of the inspection process, TSA may review records concerning a
facility's compliance with conflict of interest provisions.
Section 1522.1(b) defines ``conflict of interest'' as a situation
in which a relationship with, or a financial interest in, the person
being assessed may adversely affect the impartiality of the assessment.
This definition encompasses the validation firm as an entity, as well
as the individuals of the firm who will be conducting, or assisting in
conducting, the assessment, and their immediate family members. This
definition is derived in part from the Government Auditing Standards
established by the Government Accountability Office (GAO) for ensuring
that Government auditors or their employees do not have business or
personal impairments that would interfere with their ability to
maintain their independence. See GAO, Government Auditing Standards
(July 2007), ch. 3. The definition is also derived, in part, from the
post-governmental employment restrictions applicable to Federal
employees.
The definition of ``conflict of interest'' in Sec. 1522.1(b)
contains several examples. It includes examples of conflict-of-interest
situations applicable to a validation firm as an entity, such as
parent-subsidiary relationships and common management or organizational
governance (for example, interlocking boards of directors). It also
includes an example of a conflict of interest situation in which the
validation firm, or validator, or the individual assisting the
validator, or his or her immediate family member as an individual, is a
creditor or debtor of the person being assessed. It also lists examples
of conflicts of interest related to financial interests, such as
investments in debt and equity, in the person being assessed.
The other examples of conflict of interest in the definition
address situations in which the validator or an individual assisting
the validator, or his or her immediate family member, is a former
employee, officer, or contractor including a consultant of the person
being assessed. If the former duties and responsibilities of the
validator or individual assisting the validator involved the operations
or functions to be assessed, he or she has a permanent conflict of
interest; such an individual may never conduct or assist in conducting
an assessment of an operation or function with respect to which he or
she had duties or responsibilities. If the former duties and
responsibilities of the validator or individual assisting the validator
did not involve the operations or functions to be assessed, he or she
must observe a two-year ``cooling-off period'' during which he or she
may not conduct assessments of his or her former employer. These
concepts are consistent with the post-employment restrictions
applicable to governmental employees found at 18 U.S.C. 207.
Individuals who are former employees of the person being assessed who
will not be conducting or assisting in the assessment do not create a
conflict of interest if they are segregated from the assessment work.
Section 1522.3--Fraud and Intentional Falsification of Records
Section 1522.3 includes provisions that prohibit any person,
whether the validation firm, the validator, or another individual, from
making or providing any fraudulent or intentionally false statements,
reports, records, access mediums, or identification. The same
prohibitions apply to persons regulated under TSA's Civil Aviation
Security regulations; see 49 CFR 1540.103, on which this section is
based. Any intentional falsification or fraud may constitute a basis
for TSA to withdraw the validator's approval. In addition, any
intentional falsification or fraud may constitute a violation of
certain criminal laws such as 18 U.S.C. 1001. In appropriate cases TSA
will refer potential criminal violations to the U.S. Attorney for
investigation.
Section 1522.5--TSA Inspection Authority
Section 1522.5 sets out TSA's broad authority to inspect a
validation firm
[[Page 47678]]
and a validator, including on-site inspections and the copying of
records. TSA needs such broad authority to perform its role in
monitoring compliance with this part. Paragraph (a) requires each
validation firm to allow TSA to enter the facility to make inspections
or tests, including copying records. A validation firm's operations are
unlikely to give rise to the kinds of emergencies that would require
after-hours inspections, so this paragraph only refers to TSA
inspections during normal business hours. This paragraph also provides
that the inspection may be without advance notice. While TSA expects
often to provide advance notice of an inspection, we must have the
ability to do so unannounced to verify compliance by the validation
firm and its personnel and to otherwise assess security. The
inspections referred to in paragraph (a) include inspections for
compliance with the statute and TSA rules, and includes inspections
that TSA may make to carry out duties assigned to TSA in 49 U.S.C.
114(f), as set out in Sec. 1522.5(a)(2).
Section 1522.5(b) provides that at the request of TSA each
validation firm and validator must provide evidence of compliance with
the TSA regulations, which are located in 49 CFR chapter XII, including
parts 1500-1699. This may include providing records to TSA or other
evidence to show compliance. Paragraph (c) provides that TSA and DHS
officials working with TSA may conduct inspections without access media
issued or approved by a validation firm or other person. This is to
facilitate the inspection process and make it possible for TSA to
conduct unannounced inspections. It is based on a similar provision in
Sec. 1542.5(e) that applies to airport operators. Taken as a whole,
this section will allow TSA to evaluate the validation firm's and the
validator's respective performance, and to evaluate the reliability of
the validator's assessments.
Section 1522.101--Applicability
Subpart B, which begins at Sec. 1522.101, applies specifically to
the use of TSA-approved validation firms and validators in the context
of the CCSP. Each facility that seeks to be a CCSF will need to engage
a validation firm to assess whether that facility complies with the
security program that TSA requires under 49 CFR 1549.5.
Section 1522.103--Requirements for Validation Firms
Section 1522.103 establishes the general requirements for
validation firms. Paragraph (a) states the fundamental requirement,
which is that the firm must have the necessary facilities, resources,
and personnel to conduct assessments. Among other things, this
requirement entails the demonstrated capability to define, execute, and
document standardized business processes. The validation firm must also
demonstrate its capability to hire and train personnel to perform
operations similar to the assessments required under this subpart and
part 1549. The purpose of this requirement is to establish a basis on
which TSA may evaluate whether a firm has the experience and
capabilities to perform as a validation firm.
Paragraph (b) provides that each validation firm must have a
Security Coordinator and one or more alternates. This provision is
based on the concept of Security Coordinator for IACs as implemented in
49 CFR 1548.13. These individuals must be senior officers or employees
to ensure that they have the authority necessary to fulfill their
functions. They serve as the validation firm's primary point of contact
with TSA on security-related matters. Because a validation firm has a
support (as opposed to an operational) role in the certified cargo
security program, the Security Coordinator or an alternate must be
available during regular business hours (rather than on a 24-hour
basis). Also, the Security Coordinator and alternates bear the
responsibility of immediately initiating corrective action if the firm
discovers an instance of non-compliance with any applicable TSA
security requirement. These requirements ensure that each validation
firm has at least one readily available and accountable individual with
adequate authority to monitor security-related matters.
Under paragraph (c) of Sec. 1522.103, the validation firm must
hold and carry out a TSA-approved security program. This topic is
covered in more detail in the discussion of Sec. 1522.105, below.
Paragraph (d) of Sec. 1522.103 imposes an affirmative obligation
on the validation firm to ensure that its personnel carry out the
requirements of TSA's regulations and the security program.
``Personnel'' includes direct employees, contractors, agents, and other
persons acting on behalf of the validation firm.
Finally, paragraph (e) requires the validation firm to notify TSA
of all pertinent changes in information that the validation firm must
submit to TSA. Examples of such information include changes of address,
changes in the identity of the Security Coordinator or alternates, and
significant changes in the ownership of the firm. A significant change
in the ownership would include, for example, acquisition of the firm by
another business entity, or the form of the firm's organization, for
example, incorporation. It would not include a minor change in the
identity of shareholders.
Section 1522.105--Adoption and Implementation of the Security Program
Paragraph (a) of Sec. 1522.105 provides that a validation firm
must hold and carry out an approved security program in order to
operate as a validation firm. Paragraph (b) outlines the requirements
for the content of the validation firm standard security program. These
requirements are generally consistent with the similar requirement for
IACs in part 1548.
Paragraph (b)(1) states the fundamental purpose of the security
program, which is to provide for the security of aircraft and protect
against threats to air security. Paragraph (b)(1) thus establishes that
validation firms, even though they serve a supporting role, are
important components in the overall certified cargo security program.
Key among these requirements for security programs is that the
programs must specify the processes and procedures that the firm will
use to maintain the qualifications of its validators and its personnel
assisting validators with assessments. This is important, because the
quality of the validation firm's operational performance depends
primarily on the expertise of its personnel, especially the validators.
Thus, the security program must describe in detail how the validation
firm will maintain the current qualifications, accreditations,
credentials, training, and STAs for its relevant personnel.
The security program must also include provisions for a Security
Coordinator, as well as for setting managerial responsibilities for
ensuring that the firm's personnel carry out their responsibilities
under TSA regulations and the security program.
Paragraph (c) of Sec. 1522.105 sets out procedures by which an
applicant or a validation firm may request amendments to a security
program. Paragraph (d) sets out the process by which TSA will initiate
amendment of a security program. Paragraph (e) covers emergency
amendments, which TSA may make without prior notice and which take
effect immediately. The provisions of paragraphs (c), (d), and (e) are
analogous to similar provisions relating to IAC security programs (49
CFR 1548.7), which provides that TSA may issue emergency amendments to
aircraft operators if there is an emergency requiring immediate action
[[Page 47679]]
with respect to safety in air transportation or in air commerce that
makes procedures in Sec. 1522.105 contrary to the public interest;
such provisions establish an orderly process for revising security
programs when circumstances change. Similar provisions exist in 49 CFR
1542.105(d) (airport operators), 1544.105(d) (aircraft operators),
1546.105(d) (foreign air carriers), and 1548.7(e) (indirect air
carriers). Paragraph (f), parallel with 49 CFR 1548.5(d), provides
basic requirements on availability of the security program to the
firm's personnel and to TSA and requires measures to protect it as SSI.
Section 1522.107--Application
Section 1522.107 sets out the procedures by which a firm may apply
for approval to operate as a validation firm. TSA will prescribe the
form and manner of the application, which must be in writing and
submitted at least 90 days in advance.
Paragraph (a) enumerates the required items that applicants must
include in their applications. Among other items, applicants must
include a statement declaring whether the applicant is a small
business; the collection of this information assists TSA in developing
appropriate civil penalty formulas.
Paragraph (b) of Sec. 1522.107 discusses the next step in the
application process. After TSA receives the initial application
specified in paragraph (a), and after the applicant's Security
Coordinator has successfully completed a STA, TSA will send the
validation firm, via the Security Coordinator, a copy of the Validation
Firm Standard Security Program. TSA anticipates that all information
will be sent to participants via electronic means in a password
protected mode. TSA also plans to develop a secure Web address that
will be available to the participating validation firms to obtain
copies of the security program. The validation firm must also submit a
supplement to its security plan that specifies processes and procedures
that the firm will use to maintain the qualification of its validators
and its personnel assisting validators with assessments to the
designated TSA official for approval. This provision establishes a
baseline of standardization, while allowing for flexibility in
appropriate circumstances. TSA will seek comment on the validation firm
security program from applicants as part of the application process.
Thereafter, any approved validation firm may request amendments to its
security program.
Section 1522.109--TSA Review and Approval
Paragraph (a) of Sec. 1522.109 lists the criteria that TSA will
employ in reviewing an application submitted under Sec. 1522.107. As
provided in paragraph (b), TSA will approve or disapprove the
application based on these criteria. In either case, TSA will provide
written notice to the applicant. In the case of an approval, TSA may
approve or require modifications to the security program applicable to
the applicant. The validation firm will also demonstrate to TSA how the
validators employed by the firm will meet TSA qualifications. In the
case of a disapproval, TSA will state the basis for the disapproval in
writing.
Under paragraphs (b)(1) and (2), a validation firm may commence
operations only after it receives approval of its security program and
approval to operate as a validation firm, and after the relevant
personnel have completed all required training and STAs. These
paragraphs make it clear that the validation firm must satisfy all of
these elements before the validation firm may conduct assessments.
As provided in paragraph (c), the duration of an approval granted
under this section is 12 months.
The following table demonstrates the certification and training
cycles for CCSFs and validation firms.
----------------------------------------------------------------------------------------------------------------
IAC operating
certificate Validation firm
(renewal operating approval Certification Recurrent training
application)
----------------------------------------------------------------------------------------------------------------
Shipper/CCSF.................... N/A............... N/A............... Every three years. Annually.
IAC/CCSF........................ Annually.......... N/A............... Every three years. Annually.
Validation Firm/Validator....... N/A............... Annually.......... N/A............... Annually.
----------------------------------------------------------------------------------------------------------------
Section 1522.111--Reconsideration of Disapproval of an Application
Section 1522.111 describes the review and petition process for
TSA's reconsideration of disapproval of the validator's application. If
an applicant challenges the disapproval, the applicant must submit a
written petition for reconsideration within 30 days of receipt of the
notice of disapproval. The petition must include a statement, with
supporting documentation, explaining why the applicant believes the
application meets the criteria of Sec. 1522.103. Reconsideration may
result in confirmation of the disapproval or in an approval.
Disposition pursuant to this section constitutes a final agency action
for purposes of review under 49 U.S.C. 46110.
Section 1522.113--Withdrawal of Approval
Section 1522.113 establishes procedures by which TSA may withdraw a
previously-granted approval of a validation firm. This may occur if the
validation firm no longer meets the qualification standards, if the
validation firm fails to conduct assessments in compliance with TSA's
requirements, or if withdrawal is in the interest of security or the
public. 49 CFR 1522.113(a). If TSA withdraws a validation firm's
approval, the validation firm must immediately stop performing any and
all activities related to assessments. In determining whether
withdrawal is appropriate, TSA considers the number, frequency, and
severity of security violations committed by a regulated party. If TSA
determines withdrawal is appropriate, TSA will remove the validation
firm from the list of approved validation firms.
Under paragraph (b) of Sec. 1522.113, TSA will provide the
validation firm with a written notice of proposed withdrawal of
approval that will include a statement of the basis for the proposed
withdrawal of approval. Paragraph (c) provides for immediate withdrawal
of approval in emergency circumstances. Upon receipt of a notice of
emergency withdrawal under paragraph (c), the validation firm must
immediately stop performing assessments, and must discontinue any
assessments in progress. Paragraphs (d) and (e) provide a
reconsideration procedure that may result in confirmation of the
withdrawal of approval or in a decision to allow the validation to
retain (or regain) its approval. Disposition pursuant to this section
constitutes a final agency action
[[Page 47680]]
for purposes of review under 49 U.S.C. 46110.
Section 1522.115--Review of TSA Approval
It is important that validation firms meet TSA's standards both
before and after they begin performing validations. TSA will actively
monitor validations through a process of initial and recurrent reviews.
Approved validation firms must apply for renewal of approval annually.
During these reviews, TSA will examine, among other things, whether the
validation firm's personnel have received required training and whether
the relevant personnel have maintained the required accreditations and/
or certifications. The review will also focus on the firm's compliance
with part 1522 and with its security program.
Section 1522.117--Qualifications for Validators
Section 1522.117 prescribes the necessary qualifications for
individuals selected by validation firms to serve as validators for
particular assessments. The requirements establish minimum levels of
expertise and experience that an individual must have before he or she
may be employed as a validator. As explained in the discussion of Sec.
1522.123 below, a properly qualified validator must be directly
responsible for the conduct of each assessment. A validation firm may
assign an individual to be a validator with direct responsibility for
an assessment only if the individual meets the qualifications specified
in Sec. 1522.117(a)(1)-(5) described below. The validation firm will
be responsible for determining whether an individual has the
appropriate qualifications to serve as a validator, and TSA will
inspect for compliance with these requirements.
Pursuant to paragraph (a)(1) of Sec. 1522.117, an individual must
be a U.S. citizen or national, or be an alien lawfully admitted to the
United States as a Lawful Permanent Resident (LPR) in order to function
as a validator. For aliens to become LPRs (commonly referred to as
``green card'' holders), the U.S. Government must have determined that
they are admissible to the United States as immigrants; that
determination requires security and criminal checks. TSA will allow
LPRs to function as validators based on the fact that the U.S.
Government has already performed security and criminal checks on these
individuals.
Validators must have extensive experience in conducting
assessments, inspections, or audits before undertaking duties under
this part. Paragraph (a)(2) identifies two bases on which individuals
can establish they possess the appropriate level of experience. Under
the first basis, he or she must have an accreditation or certification
from an organization that TSA recognizes as qualified to certify or
accredit a validator assessing facilities, such as certified cargo
screening facilities, or the individual must have five years or more
experience in conducting inspections under State or Federal regulatory
programs in the security industry, the aviation industry, or other
government programs. TSA will review the accreditation of a validator
when the validation firm submits a plan to TSA demonstrating how the
firm will ensure that the validators in the firm meet TSA
qualifications. If a validator does not meet the accreditation
standards, TSA may deny approval to the validation firm or may approve
the firm but direct that the individual without the necessary
accreditation not be used for the CCSP program.
Examples of an organization qualified to accredit a validator would
include the International Standards Organization and ASIS
International. TSA will make publicly available on the TSA public Web
site a list of acceptable accreditation or certification organizations.
The individual must have had this experience within the past ten years.
Under the second basis, he or she must show relevant experience and
expertise by having been employed by a Federal or State government
agency as an inspector, assessor, or auditor in assessment or
inspection tasks similar to the assessments under this part. Inspectors
for governmental agencies receive thorough training and are subject to
rigorous qualification standards. For example, a former Department of
Transportation safety inspector would presumably have this kind of
experience.
Under paragraph (a)(3), the individual must have three current
professional references. The purpose of this requirement, which is
related to the requirements of paragraph (a)(2), is to allow the
validation firm and TSA to further verify the experience and expertise
of the validator.
The expertise and experience of the validators is a critical
component of this program. Paragraph (a)(4) states the requirement that
validators must understand the requirements of the program in order to
perform their functions. A validation firm must be able to demonstrate
that each of its validators has this understanding. Although a
validator's successful completion of the training required in Sec.
1522.119 will demonstrate initial understanding, a validator must also
demonstrate the necessary knowledge and its practical application when
the validator conducts assessments under this program.
Section 1522.119--Training
As stated above, validators must understand the requirements of the
program and applicable technologies and practices before they begin
conducting assessments. The validation firm must ensure that all
employees associated with the assessment process complete training to
ensure that they are capable of effective performance of their duties,
and are knowledgeable about their security responsibilities. This is
consistent with training requirements in other TSA regulatory programs.
TSA plans to make a training program available for the validation
firms. As program requirements change and technologies and practices
improve, validators will need to keep up-to-date. Therefore, Sec.
1522.119 requires validators and other individuals who assist in
conducting assessments to complete initial and annual recurrent
training provided by TSA. Under Sec. 1522.119(a), the relevant
individuals must complete initial TSA training on the standards,
procedures, and forms prescribed by TSA for assessments of a CCSF
before undertaking an assessment under subpart B. Under Sec.
1522.119(b), validators and other relevant individuals must complete
annual training; the training will include current information and will
confirm that the validators and other individuals have maintained the
necessary expertise to continue to perform assessments. Paragraph (c)
outlines the general requirements for the content of the training; this
outline is not exhaustive. Section 1522.119(c) provides that the
``training required by this section will include coverage of the
applicable provisions of this chapter, including this part, part 1520,
and section 1540.105.'' (Part 1520 covers Sensitive Security
Information (SSI), and Sec. 1540.105 covers security responsibilities
of employees and other persons.) TSA intends to specify more detailed
training requirements in the applicable security programs.
Section 1522.121--Security Threat Assessments for Personnel of TSA-
Approved Validators
This section requires individuals supervising, performing, or
assisting in the performance of validation assessments, and the
validation firm's Security Coordinator and alternates, to successfully
undergo a STA conducted by TSA under 49 CFR part 1540, subpart
[[Page 47681]]
C, or an STA that TSA deems comparable. See the discussion of 49 CFR
part 1540, subpart C for a full description of those requirements.
Section 1522.123--Conduct of Assessments
Section 1522.123(a) establishes the general rule that a validator
must conduct each assessment of a CCSF under this part in a form and
manner to be prescribed by TSA. The provision will increase the
standardization of assessments across the program, promoting security
and fairness. While other individuals may assist a validator, the
validator must be directly responsible for the assessment and must sign
the assessment report required by part 1522. This provision emphasizes
the authority and accountability of the validator within the overall
regulatory scheme.
Section 1522.123(b) provides that validators may not undertake an
assessment in which the validator, the validation firm for which he or
she works, or any other individual who would work on the assessment,
has a conflict of interest as defined in Sec. 1522.1.
Section 1522.123(c) applies when a validator, while conducting an
assessment, learns that there is or may be an instance of noncompliance
with TSA's requirements that presents an imminent threat to
transportation security or public safety. In such a situation, the
validator must report the noncompliance to TSA, through the Security
Coordinator immediately. The purpose of this provision is to allow TSA
the opportunity to address and correct potentially dangerous situations
promptly.
Section 1522.123(d) provides that neither a validation firm nor a
validator may require the CCSF being assessed to take remedial action.
While a validator may suggest ``on the spot'' remedial actions in the
course of conducting an assessment, the validator does not have the
authority to require such remedial action. The validator will, of
course, include in the report to TSA any matters that he or she
believes are not in compliance with TSA requirements. The rule also
clarifies that the validation firm and validator may not take
disciplinary or enforcement action against a facility it has assessed.
Only TSA may take disciplinary action against the CCSF. If the
validator reports non-compliance, TSA will evaluate all the facts and
circumstances, likely will conduct an inspection, and determine whether
to take action.
Section 1522.123(e) provides that a validator must not conduct more
than two consecutive assessments of a given facility seeking approval,
or renewal of approval, to operate a CCSF. Under Sec. 1549.7(b) each
CCSF must apply for renewal every three years. Thus, if a validator has
conducted the initial assessment and the first renewal assessment, or
two consecutive renewal assessments, for a given CCSF, that validator
may not conduct the next assessment on that CCSF. The purposes of this
requirement are to maximize the objectivity of the validator and to
assure a fresh assessment for each CCSF every few years.
Section 1522.125--Protection of Information
Section 1522.125(a) specifies that validation firms must comply
with TSA's regulations (49 CFR part 1520) for identifying, handling,
and protecting SSI. Under paragraph (b) of Sec. 1522.125, validation
firms may not disclose any proprietary information that is disclosed to
the validator during the assessment. This provision is intended to
protect the facilities being assessed and to encourage their full
cooperation with the validators.
Section 1522.127--Assessment Report
Section 1522.127 requires a validator to prepare an assessment
report that must include information about the assessment process and
the validator's assessment of the CCSF's compliance with applicable TSA
requirements. The validator must submit the assessment report within 30
days after completing the assessment. The validator must attest that he
or she performed the assessment professionally and impartially. TSA
will use the assessment report to determine whether additional TSA
action, such as further inspection by TSA personnel, is required. The
assessment report must contain the information specified in Sec.
1522.127(b).
Section 1522.129--Recordkeeping Requirements
Section 1522.129(a) requires validation firms to maintain records
demonstrating compliance. Paragraph (b) requires the firms to retain
records pertaining to individuals, including training, STAs, and
qualification of validators (including conflicts of interest), until
the 180th day after the individual leaves the employment of the
validation firm. The retention period parallels the record retention
requirements related to STAs under part 1540.
Paragraph (c) covers records about the validation firms' approvals
from TSA, which each validation firm must retain until completion of
the validation firm's next review under Sec. 1522.115. This retention
period should help ensure that TSA has the necessary documentation with
which to complete the review.
Paragraph (d) covers assessment reports and back-up documentation,
which includes working papers and interview notes, pertaining to
particular assessments conducted by the validation firm. Validation
firms must retain records covered under this paragraph for 42 months
after completion of the assessment. This retention period should assure
that the materials will be available at least until the CCSF's next
recertification.
With respect to each of the record retention periods specified in
Sec. 1522.129, the validation firm may destroy a record upon the
expiration of the period, unless TSA instructs the firm to retain the
record longer.
Part 1540--Civil Aviation Security: General Rules
Section 1540.5--Terms Used in This Subchapter
This rule amends Sec. 1540.5 to add definitions of the terms
``certified cargo screening program'' and ``certified cargo screening
facility.'' ``Certified cargo screening program'' means the program,
established under 49 CFR part 1549, under which TSA authorizes
facilities to screen cargo to be offered for transport on certain
passenger aircraft. A ``certified cargo screening facility'' is a
facility that TSA certifies to screen this cargo and perform the other
functions required by part 1549. As used in this chapter, ``certified
cargo screening facility'' refers to the legal entity that operates a
CCSF at a particular location.
Part 1540--Civil Aviation Security: General Rules
Subpart C--Security Threat Assessments
This subpart covers the STAs that are required throughout the
aviation security rules, including those for certain aircraft operator,
foreign air carrier, and IAC personnel. This rule expands the subpart
to include CCSF and TSA-approved validation firm personnel.
The STA process works as follows. First, the CCSF employee submits
the biographic data for their STA application through secure, Web-based
tool. Required biographic data includes:
Legal name;
Current mailing address;
Gender;
Date and place of birth;
Social security number;
Citizenship status;
[[Page 47682]]
Alien registration number if employee is not a U.S.
citizen;
Daytime phone number; and
Name, address, and telephone number of individual's
employer.
Next, TSA sends the STA application data to an automated vetting
engine where a name-based terrorism check is performed. The name-based
terrorism check consists of matching against the Terrorist Screening
Database (TSDB), which includes the No-fly list and Selectee list.
If TSA determines that the individual poses a security threat, TSA
issues an Initial Determination of Threat Assessment (IDTA) to the
individual. The determination includes a statement that explains why
TSA believes the individual is not eligible or may pose a security
threat and the process by which the individual may appeal the
determination. All STA results, favorable or unfavorable, are
communicated to the CCSF though the TSNM STA Tool.
Section 1540.201--Applicability and Terms Used in This Subpart
This rule amends Sec. 1540.201 to provide that the STA
requirements in subpart C on part 1540 ``Security Threat Assessments''
now apply to validation firms and facilities participating in the CCSP.
Paragraphs (a)(6) through (a)(12) list persons who must comply with
this subpart, which includes entities that are subject to the subpart
and the specific individuals in the CCSP who must undergo STAs in
accordance with subpart C:
Each CCSF;
Individuals at CCSFs performing or supervising screening;
Individuals at CCSFs with unescorted access to screened
cargo;
The senior manager or representative in control of the
operations of a CCSF;
Employees of validation firms supervising, performing, or
assisting in validations under 49 CFR part 1522; and
Security coordinators and alternates of certified cargo
screening facilities and validation firms.
These individuals must successfully complete STAs, because they
will have unescorted access to cargo and, thus, the opportunity to
compromise the security and safety of the process. In this rule, TSA
requires these individuals to complete the name-based check of relevant
domestic and international watch lists, which also includes a limited
immigration check. In the future, TSA may propose rules to require
these individuals to also complete a fingerprint-based criminal history
records check (CHRC) and a more thorough immigration status check.
However, TSA has not yet developed the enrollment system necessary to
gather fingerprints from these applicants. These individuals play
important roles in securing cargo transported on certain passenger
aircraft and would have the opportunity to contaminate cargo if they so
desired. Therefore, it is critical that TSA vet them to determine
whether they may pose a threat to national or transportation security
before allowing them access to the cargo screening system.
TSA is also expanding the definition of ``operator'' in paragraph
(b) to include CCSFs and validators.
Section 1540.203--Security Threat Assessment
We revise Sec. 1540.203(a) to include the new individuals who must
successfully complete an STA, listed above in Sec. Sec.
1540.201(a)(6)-(12).
We revise the identity and work authorization requirements in
paragraph (b) of this section. Former paragraph (b) required operators
to authenticate an applicant's identity by reviewing two forms of
identification, one of which must be a government-issued picture
identification. Amended paragraph (b) requires operators to verify the
identity and work authorization of each applicant by examining standard
identity and work authorization documents and examine the documents to
determine whether they appear to be genuine and relate to the applicant
presenting them. TSA recommends that operators use the identity and
work authorization documents approved for such use by the U.S.
Citizenship and Immigration Services (USCIS) in the ``Form I-9,
Employment Eligibility Verification, List of Acceptable Documents'' to
meet the identity and work authorization verification. See http://
www.uscis.gov/files/form/I-9.pdf for the most current list of documents
approved by USCIS for identity and work authorization verification.
Also, we now require operators to retain a copy of the document(s) used
to verify identity and work authorization for at least 180 calendar
days after the applicant is no longer employed by the operator. 49 CFR
1540.201(d). This will enable the TSA to conduct periodic document
inspections to verify that operators are satisfying the requirements.
Identity verification and confirmation that an individual is
authorized to work in the United States are critical steps in the STA
process. If an individual presents fraudulent documents with an
incorrect name, date of birth, country of citizenship, or other data,
TSA's STA will be flawed at inception. Companies with more
sophisticated personnel systems may opt to scan the identity and work
authorization documents electronically and use fraud detection software
to ``score'' the documents for authenticity. These software programs
are becoming economically and operationally desirable as a standard
process in many industries, and TSA uses these systems in other vetting
programs where TSA is responsible for enrolling applicants.
Paragraph (c) of this section describes the information operators
must collect from applicants and transmit to TSA for the STA. The rule
amends this list in some respects to ensure that we have the best
information on which to base an accurate STA and that TSA can easily
contact the applicant if we need to resolve incomplete or conflicting
information. The rule now requires submission of the applicant's
daytime phone number and the name, address, and telephone number of the
applicant's employer. TSA has found that this information is very
helpful in the adjudication process when we need additional information
to determine the outcome of the STA. TSA's adjudicators often contact
applicants by telephone with questions, and this step typically saves
time and expense for the applicant and TSA by resolving issues
immediately.
The Privacy Act Notice that operators must provide to applicants
when they begin the STA process is set out in the next paragraph. In
the Privacy Act Notice, TSA explains why TSA collects personal
information from the applicant and how TSA may use the information. We
amend the Notice to include an acknowledgement that TSA may notify the
applicant's employer if TSA or other law enforcement agency becomes
aware that the applicant poses an imminent security threat. TSA does
not anticipate that it will be necessary to notify an employer often,
but we believe all applicants should be aware that this notification
may take place. In addition, we amend the Notice to state that TSA may
transmit the applicant's fingerprint information to the DHS' Automated
Biometrics Identification System (IDENT) and Social Security Number to
the Social Security Administration (SSA). Using IDENT and SSA data are
additional tools TSA has available to aid the STA process, and
applicants should be aware that we may use those tools in the future.
The Privacy Act notice is provided below but may be updated in the
future:
[[Page 47683]]
Privacy Act Notice: Authority: The authority for collecting this
information is 49 U.S.C. 114, 40113. Purpose: This information is
needed to verify your identity and to conduct a security threat
assessment to evaluate your suitability for completing the functions
required by this position. Failure to furnish this information,
including your Social Security Number (SSN), will result in delays
in processing your application and may prevent completion of your
security threat assessment. DHS will use the biographic information
to conduct a security threat assessment and where applicable, will
forward any fingerprint information to the Federal Bureau of
Investigation to conduct a criminal history records check. DHS may
also transmit the fingerprint information into the US-VISIT's
Automated Biometrics Identification System (IDENT). If you provide
your SSN, DHS may provide your name and SSN to the Social Security
Administration (SSA) in order to compare that information against
SSA's records to ensure the validity of your name and SSN. Routine
Uses: This information may be shared with third parties during the
course of a security threat assessment, employment investigation, or
adjudication of a waiver or appeal, to the extent necessary to
obtain information pertinent to the assessment, investigation, or
adjudication of your applicant or in accordance with the routine
uses identified in the Transportation Security Threat Assessment
System, DHS/TSA 002.
This rule amends paragraphs (f)-(j) of Sec. 1540.203, which
address the comparability of other STAs conducted by TSA or other
government agencies. TSA may determine that a threat assessment or
background check that TSA conducts for another program, or that another
governmental agency conducts, is comparable to the STA outlined in
subpart C of part 1540. If an applicant has completed a comparable STA,
it will not be necessary for the individual to complete the threat
assessment pursuant to part 1540. This process reduces redundant
background checks and the costs associated with them. We developed a
similar process through notice and comment rulemaking for surface and
maritime workers in 49 CFR 1572.5(e), and paragraphs (f)-(j) harmonize
with Sec. 1572. Paragraph (i) requires a worker asserting completion
of a comparable threat assessment to present the credential that the
other agency issued as a result of the assessment, and the operator
must retain a copy of it. Also, applicants must notify operators if the
agency that issued the credential that corresponds to the comparable
assessment revokes the credential for any reason. This is necessary to
ensure that a worker who is disqualified from holding access privileges
to secure areas in other programs does not continue to have unescorted
access to cargo until TSA and the operator can determine if such access
is appropriate.
In considering whether another background check is comparable to
the STA required in part 1540, TSA examines the standards used for the
other threat assessments, such as the kind of databases that the other
agency checks and the lookback period for the check. Also, TSA reviews
the frequency of the check and the date of the most recent check. If
TSA determines that another check is comparable, TSA will notify the
public by publishing a notice in the Federal Register, amending rule
text through rulemaking in the Federal Register, or posting the
information on pertinent Web sites to ensure that the affected
population is aware of the determination.
It is important to note that TSA will consider only threat
assessments performed by other government agencies as comparable. 49
CFR 1540.203(f) introductory text. We restrict the checks we will
consider as comparable, because critical data sources for security
purposes, such as the government's consolidated terrorist watch lists,
are not accessible by private entities. This factor is so fundamental
to the threat assessments TSA conducts that we are unwilling to accept
any other check as comparable. It is also important to note that TSA
has the capability to conduct checks perpetually against critical
security-related data sources, allowing TSA to compare applicant names
automatically with new names that appear on watch lists. This provides
a significant improvement over other background checks, and TSA
considers it important in making comparability determinations.
Section 1540.203(h) lists the STAs that TSA has determined are
comparable to the STA process in part 1540, subpart C. These include a
CHRC conducted in accordance with 49 CFR 1542.209, 1544.229, or
1544.230 that also include a TSA name-based check; the STA that TSA
conducts under 49 CFR part 1572 for commercial drivers authorized to
transport hazardous materials and maritime workers applying for a
Transportation Worker Identification Credential (TWIC); and the STA
that CBP conducts for the Free and Secure Trade program.
New Sec. 1540.203(j) provides that the STA expires in five years
or when the applicant is no longer in the United States lawfully. If
the applicant has completed a comparable threat assessment, the STA
will expire five years from the date on which the credential associated
with the comparable assessment expires. When the five-year expiration
of the STA required in this subpart or a comparable threat assessment
approaches, the applicant must submit new identifying information to
TSA, and TSA will conduct a new threat assessment.
Section 1540.205--Procedures for Security Threat Assessment
This rule amends Sec. 1540.205 by adding new paragraph (c), which
states that if TSA becomes aware that an applicant is the subject of an
outstanding want or warrant or is a deportable alien, TSA will notify
the appropriate law enforcement or immigration agency.
We added a provision in new paragraph (d)(3) relating to cases in
which we believe an applicant may pose an imminent threat. TSA may
serve an Initial Determination of Threat Assessment and Immediate
Revocation on an applicant if TSA believes the applicant poses an
immediate security threat. This situation would most likely involve a
worker who completed an STA in the past and has unescorted access to
cargo or sensitive areas, if TSA believes it is important to
immediately revoke the worker's access even before the worker has an
opportunity to file an appeal on the Initial Determination with TSA.
TSA developed this process for use in the threat assessments process
for surface and maritime workers, and we believe it is an important
tool that should be available in the aviation industry as well.
Section 1540.209--Fees for Security Threat Assessments
Pursuant to sec. 520 of the 2004 DHS Appropriations Act (Pub. L.
108-90, 117 Stat. 1137, Oct. 1, 2003), TSA will charge a fee to
individuals who must obtain an STA under this regulation. The fees will
reimburse TSA for the costs of administering the program. Pursuant to
the general user fee statute (31 U.S.C. 9701) and OMB circular A-25,
TSA establishes user fees after providing the public notice and an
opportunity to comment on the amount of the fee and the methodology TSA
used to develop the fee amount. Therefore, in this preamble, TSA
proposes a fee range and invites comment on the amount of the fee and
the assumptions we use to estimate the fee. After reviewing all
comments received, TSA will issue a Notice in the Federal Register that
summarizes and addresses the comments we receive, and establishes the
final fee amount, after which the fee will be charged to applicants.
Note that the rule text that appears in this IFR relating to fees (49
CFR 1540.209), will not have to be amended at that time because it does
[[Page 47684]]
not list the specific fee amounts. TSA expects that the total fee will
be approximately $13 to $21, although that figure may increase or
decrease as the costs involved in the calculation may change between
now and when TSA issues the Notice announcing the final fee. TSA will
charge a fee once the Notice is published, at which time TSA will
announce the exact fee. TSA calculated the estimated fee from an
estimate of the number of applicants (population), the cost of
processing the applications, the cost of performing the STAs, and the
cost of maintaining the information systems to support the process.
Table 1 presents the methodology supporting the population estimates.
Table 2, in the Costs section, presents the calculations supporting the
estimated fee.
Population
TSA estimates that approximately 1,202,566 applicants would be
required to complete a STA during the first five years of the program.
This estimate is derived from the following population figures that
have been gathered for specific segments of the regulated population.
Table 1--CCSP Population Estimates
----------------------------------------------------------------------------------------------------------------
Operational year 1st year 2nd year 3rd year 4th year 5th year Total
----------------------------------------------------------------------------------------------------------------
Screening-Base Enrollments........ 18,200 195,000 328,644 ........... ........... 541,844
Screening-Turnover Enrollments.... 6,461 75,686 192,355 192,355 192,355 659,212
Approved Validators............... 1,510 ........... ........... ........... ........... 1,510
-----------------------------------------------------------------------------
Grand Total................... 26,171 270,686 520,999 192,355 192,355 1,202,566
----------------------------------------------------------------------------------------------------------------
Costs
TSA proposes that individuals required to undergo a STA would be
required to pay a fee to cover the following costs:
Table 2--CCSP Cost Estimates
--------------------------------------------------------------------------------------------------------------------------------------------------------
Operational year 1st year 2nd year 3rd year 4th year 5th year Total
--------------------------------------------------------------------------------------------------------------------------------------------------------
Estimated Annual Applicants............................. 26,171 270,686 520,999 192,355 192,355 1,202,566
Cost Components:
Name Check.......................................... $102,067 $1,072,055 $2,223,775 $1,237,843 $1,237,843 $5,873,583
Platforms/Systems................................... 5,584,410 2,512,723 2,229,868 2,293,938 2,358,006 14,978,945
Personnel........................................... 1,139,223 1,370,137 1,683,908 1,682,020 1,754,441 7,629,729
-----------------------------------------------------------------------------------------------
Grand Totals.................................... 6,825,700 4,954,915 6,137,551 5,213,801 5,350,290 28,482,257
--------------------------------------------------------------------------------------------------------------------------------------------------------
For the STA, TSA will check each applicant's information against
multiple databases and other information sources. The threat assessment
process includes an appeals process for individuals who believe the
records upon which TSA bases its determination are incorrect.
TSA would need to implement and maintain the appropriate systems,
resources, and personnel to process applicant information and to allow
TSA to receive, and act on, the results of the STA.
TSA estimates that the total cost of STA services will be
$28,482,257 over five years. The estimate for STA services includes
$5,873,583 for TSA name-based checks, $14,978,945 for platforms/systems
costs, and $7,629,729 for personnel necessary to facilitate the STA
processing.
Total Fee
The fee TSA establishes for the STA should cover all costs related
to the STA process. TSA estimates that the resulting applicant charge
would be $13 to $21 per applicant, based on the total estimated cost of
services provided ($28,482,257). A portion of this total cost will be
funded through a $5,875,000 Congressional appropriation. Therefore, the
fee will cover only the remaining $22,607,257 in program costs. The
remaining cost of $22,607,257 will be divided by the estimated
population (1,202,566) receiving the service. The resulting $13 to $21
estimated fee will be sufficient to fully recover the remaining STA
costs.
TSA will continue to work to minimize all costs. Additionally,
pursuant to the Chief Financial Officers Act of 1990 (Pub. L. 101-576,
104 Stat. 2838, Nov. 15, 1990), DHS/TSA is required to review fees no
less than every two years (31 U.S.C. 3512). Upon review, if TSA finds
that the fees are either too high (that is, total fees exceed the total
cost to provide the services) or too low (that is, total fees do not
cover the total costs to provide the services), TSA will adjust the
fee. Finally, TSA will be able to adjust the fees for inflation
following publication of the final rule. If TSA were to adjust the fees
for this reason, TSA would publish a notice in the Federal Register
notifying the public of the change.
TSA invites comment on the proposed fee of $13 to $21 and the
methodology and population estimates we used to arrive at this amount.
Revised Sec. 1540.209 provides that TSA will calculate fees for
STAs based on widely accepted accounting principles and practices and
in accordance with the provisions of 31 U.S.C. 9701 and other Federal
law that may affect the collection, computation, or issuance of fees.
Part 1544--Aircraft Operator Security: Air Carriers and Commercial
Operators and Part 1546--Foreign Air Carrier Security
Scope
Part 1544 and part 1546 apply to a variety of operators, including
different sizes of passenger aircraft and all-cargo aircraft, by U.S.
operators and foreign air carriers, respectively. This rule does not
apply to all such operators. The requirement to comply with the
enhanced cargo screening requirements in the 9/11 Act and this rule
apply only
[[Page 47685]]
to U.S. aircraft operators under Sec. 1544.101(a) and to foreign air
carriers under Sec. Sec. 1546.101(a) and (b). See 49 CFR 1544.205(g)
and 1546.205(g). The operators that must comply are air carriers or
commercial operators under FAA rule 14 CFR part 119 (which are U.S.
operators), and foreign air carriers, in scheduled or public charter
passenger operations with an aircraft having a passenger seating
configuration of 61 or more seats, or that will provide deplaned
passengers access to a sterile area of an airport or will enplane
passengers from a sterile area. See 49 CFR 1540.5, 1544.101(a), and
1546.101(a) and (b). This rule does not apply to general aviation
operators.
The 9/11 Act covers cargo originating in the United States as well
as cargo destined to the United States from foreign countries. TSA is
taking a two-pronged approach to addressing the 100 percent screening
mandate for cargo loaded in the United States and cargo loaded outside
the United States that is inbound to the U.S. This rule and the CCSP,
which require TSA regulatory oversight and enforcement authority for
the entire air cargo supply chain, apply only to cargo loaded in the
United States. TSA does not have this same regulatory reach to the
entire supply chain in the international realm \5\ and therefore is
taking a different approach to implementing the 9/11 screening mandate
for inbound cargo. This approach focuses on harmonization efforts
including bi-lateral and multilateral agreements, working on updating
International Civil Aviation Organization (ICAO) standards, and
applying risk assessment for inbound cargo. Note that U.S. aircraft
operators and foreign air carriers that load cargo in other countries
inbound to the United States must carry out security measures for that
cargo that are set out in their TSA-approved or accepted security
programs.
---------------------------------------------------------------------------
\5\ For example, while TSA regulates both air carriers and
indirect air carriers (IACs) domestically, and has regulatory
authority over U.S.-bound foreign air carriers, TSA does not have
direct authority over foreign IAC equivalents. Through the CCSP, TSA
is expanding the domestic screening requirements beyond the aircraft
operators and foreign air carriers, to include manufacturers,
shippers, IACs, and other entities.
---------------------------------------------------------------------------
Sections 1544.205 and 1546.205--Acceptance and Screening of Cargo
Section 1544.205 sets forth the requirements for the acceptance and
screening of cargo by aircraft operators. Current Sec. 1544.205(e)
provides that a full program operator may only accept cargo from a
shipper, aircraft operator, foreign air carrier, or indirect air
carrier. This rule revises Sec. 1544.205(e) to allow full-program
operators to accept screened cargo from a CCSF.
New paragraph (g) includes the major revisions to comply with the
9/11 Act mandates for air cargo screening. TSA adds new paragraph
(g)(1) to this section, which provides that, with respect to cargo
loaded within the United States, full-program operators must have
ensured that at least 50 percent of its cargo was screened prior to
transport by February 3, 2009, and that 100 percent will be screened by
August 3, 2010.
TSA adds new paragraph (g)(2), which explains the methods of
screening identified in the 9/11 Act, including physical examination or
non-intrusive methods of assessing cargo such as x-ray systems,
explosive detection systems, explosives trace detection, and explosives
detection canine teams certified by TSA.
TSA adds new paragraph (g)(3), which imposes requirements for
screening methods and identifies who may conduct screening. The
following persons may conduct screening: The aircraft operator on an
airport; another aircraft operator or foreign air carrier under the
Aircraft Operator Standard Security Program or Foreign Air Carrier
Model Security Program; or a CCSF.
TSA is harmonizing, to the extent practicable, all requirements for
air cargo screening and chain of custody. Aircraft operators now
conduct most of their cargo screening on-airport in accordance with
their security programs and that will continue. Under section
1544.205(b), aircraft operators must ensure that cargo is screened for
any unauthorized explosives as specified in their security programs. If
they screen off-airport, however, to promote consistent chain of
custody requirements that ensure that the cargo remains safe and secure
from the time of screening until the cargo is transported on a
passenger aircraft, new Sec. 1544.205(g)(3) provides that an aircraft
operator who screens cargo off-airport must be certified as a CCSF.
This ensures that all screening conducted off-airport be subject to the
same requirements of part 1549, including the same chain-of-custody
requirements.
The phrase ``on airport'' in paragraph (g)(3) has the same meaning
as in 49 CFR 1542.205(a)(3). Under that paragraph all areas on-airport
that are used for certain cargo functions, including screening, must be
a security identification display area (SIDA). A SIDA is that portion
of an airport within the United States, specified in the security
program, in which individuals must display an airport-issued or
approved ID and carry out other security measures. 49 CFR 1540.5 and
1542.205. Personnel screening cargo in such areas are subject to all
SIDA requirements including ID media, STAs and CHRCs. TSA has provided
guidance regarding what ``on-airport'' means under Sec.
1542.205(a)(3), and the same guidance applies to Sec. 1544.205(g)(3)
in this rule. ``On-airport'' cargo screening facilities include cargo
screening facilities that--
Are located on the AOA or border the AOA perimeter, as the
Airport Security Program (ASP) defines the perimeter's boundary; and
Share a wall with the AOA perimeter boundary, such that an
individual could enter from the public side and exit the facility into
the AOA or secured area.
Facilities located entirely outside these areas, including where
there is public area between the facility and one of these areas, are
``off-airport.'' The Federal Security Director (FSD) for each airport
determines whether a facility is on-airport or off-airport for these
purposes.
Under new paragraph (g)(4), if the operator accepts screened cargo
from a CCSF, the operator must verify that there has been no break in
the chain of custody for the screened cargo between the time of
screening and the time the CCSF tenders it to the aircraft operator. If
a break has occurred, the aircraft operator must re-screen the cargo
prior to transporting it on a passenger aircraft.
In this rule, TSA has amended the text currently located at Sec.
1546.205, which applies to foreign air carriers, to make the text
essentially the same as the corresponding provisions in Sec. 1544.205
regarding domestic aircraft operators.
Sections 1544.228, 1546.213, and 1548.15--Access to Cargo and Cargo
Screening: Security Threat Assessments for Cargo Personnel in the
United States
We amend Sec. 1544.228 to clarify which persons must undergo an
STA. Individuals must undergo an STA as specified in the appropriate
security programs if they meet any of the following conditions:
Are authorized by the aircraft operator to have unescorted
access to cargo and have knowledge that such cargo will be transported
on a passenger aircraft;
Have unescorted access to cargo that has been screened for
transport on a passenger aircraft;
Perform certain functions related to the transportation,
dispatch, or security of cargo for transport on a passenger aircraft or
all-cargo aircraft; or
Screen cargo or supervise the screening of cargo.
[[Page 47686]]
Section 1546.213 makes similar clarifications that apply to foreign
air carriers. Section 1548.15 makes similar clarifications that apply
to IACs. See the discussion of 49 CFR part 1540, subpart C, for a full
description of the threat assessment process.
Part 1544 Subpart E and Part 1546 Subpart E--Screener Qualifications
We are removing outdated material in subpart E of parts 1544 and
1546, which apply when the aircraft operator or foreign air carrier
conduct screening. TSA added these subparts when the civil aviation
security rules were transferred from the FAA to TSA (Civil Aviation
Security Rules, 67 FR 8340, Feb. 22, 2002). At that time, TSA included
in the rule the screener qualifications and training requirements for
aircraft operators and foreign air carriers that were applicable at the
time. TSA also included additional requirements for screeners that
would apply after November 19, 2002. The rule referred to these as
``current screeners'' and ``new screeners.'' The new screener
requirements became effective several years ago, so we have deleted
these outdated sections.
Note that while TSA conducts all screening of passengers and their
property in the United States for aircraft operators under a full
program under Sec. 1544.101(a), and for foreign air carriers under
program under Sec. 1546.101(a) and (b), the aircraft operators and
foreign air carriers continue to conduct some passenger and checked
baggage screening, such as for certain private charter operations and
for certain operations departing locations outside of the United
States. They also conduct cargo screening. Thus we continue to have a
need for the requirements in subpart E of parts 1544 and 1546.
Part 1549--Certified Cargo Screening Program
Section 1549.1--Applicability
This new part applies to each facility that applies for TSA
certification as a CCSF or operates as a CCSF. The regulatory text does
not limit who may apply to be certified as a CCSF. Examples of
facilities that may apply include: Manufacturers; third party logistics
companies; IACs; warehouses, distribution centers and other entities,
if they own a facility that directly tenders cargo to an IAC, an
aircraft operator, foreign air carrier, or another CCSF for transport
on a passenger aircraft. For example, a manufacturer could physically
inspect the box prior to closing it and initiating chain of custody,
then tender the cargo to a third party logistics company who is a CCSF,
who then tenders it to the aircraft operator for transport on a
passenger aircraft. If the CCSF could transfer the cargo to a non-
regulated entity, it would be difficult to ensure that the chain of
custody measures remained intact when the non-regulated entity tendered
the cargo to the aircraft operator.
Certifications will apply to a single facility, not to a single
company owning several locations where screening would occur, because
security measures and the level of security will vary from one facility
to another. TSA must evaluate and make a determination on the security
measures of the specific facility applying for certification.
Section 1549.3--TSA Inspection Authority
This section codifies TSA's inspection authority. Section 1549.3(a)
provides that a CCSF must allow TSA, at any time or place, to enter the
facility and make any inspections or tests to determine compliance of
the CCSF. These areas may include areas off of the airport or areas
operated by the CCSF's agent in furtherance of the CCSF's security
responsibilities. Section 1549.3(b) explains that a CCSF must provide
evidence of compliance with this part, if TSA requests such evidence.
Section 1549.3(a) states that the CCSF must allow TSA and other
authorized DHS officials, at any time and in a reasonable manner,
without advance notice, to enter, inspect, and test as necessary to
carry out TSA's security-related duties. We note that the CCSF
potentially may operate at all hours of the day. Even when the CCSF is
not in operation it must maintain access control measures to, for
instance, secure any screened cargo at the facility from entry by an
unauthorized person. This section makes clear TSA's authority, and is
based on similar sections that apply to airport operators, aircraft
operators, and IACs. See 49 CFR 1542.5, 1544.3, 1546.3, and 1548.3. TSA
may enter and be present, at any time, areas where a CCSF carries out
security measures. TSA inspectors may enter without access media or
identification media issued or approved by such a facility, but they
will have TSA-issued identification credentials. TSA may copy records,
to determine compliance of the facility with applicable regulations,
statutory requirements, security programs, directives, or other
requirements. Certified cargo screening facilities must allow TSA
inspectors to perform these functions, regardless of whether the
inspectors provide advance notice of an inspection.
TSA has statutory authorities and responsibilities that support
this extensive authority to conduct compliance inspections. For
example, TSA must be able to inspect at any time in order to carry out
its security-related statutory and regulatory authorities, including
the following authorities in 49 U.S.C. 114(f):
(2) Assess threats to transportation.
(7) Enforce security-related regulations and requirements.
(9) Inspect, maintain, and test security facilities, equipment, and
systems.
(10) Ensure the adequacy of security measures for the
transportation of cargo.
(11) Oversee the implementation, and ensure the adequacy, of
security measures at airports and other transportation facilities.
(15) Carry out such other duties, and exercise such other powers,
relating to transportation security as the Assistant Secretary
considers appropriate, to the extent authorized by law.
Because the transportation system may be compromised by the
introduction of an Improvised Explosive Device (IED) or other
destructive instrument, the authority for transportation security
necessarily includes authority to inspect, as necessary, the facilities
that screen cargo prior to aircraft operators' acceptance of that cargo
on passenger aircraft. The law does not limit TSA to protecting the
security of cargo only while it is on a particular vehicle of
transportation, but extends to the entire transportation system. The
statute references TSA's responsibility to protect security facilities
and transportation facilities.\6\ Thus, TSA has explicit authority to
inspect all parts of certified cargo screening facilities that relate
to screening, including loading and unloading areas, areas where
screening and storage occur, and areas where CCSFs prepare or maintain
records pertaining to compliance with TSA's requirements. Although TSA
has the broad legal authority described above, TSA will conduct
inspections in a reasonable manner consistent with TSA guidance for its
inspectors.
---------------------------------------------------------------------------
\6\ 49 U.S.C. 114(f)(9) and 114(f)(11).
---------------------------------------------------------------------------
Section 1549.5--Adoption and Implementation of the Security Program
Section 1549.5 is very similar to Sec. 1548.5 on the Adoption and
Implementation of the Security Program for IACs. Section 1549.5(a)
specifies that no person may screen cargo to be tendered to an aircraft
operator with a full program under part 1544, a foreign air carrier
operating under Sec. Sec. 1546.101(a) or (b) or an indirect air
[[Page 47687]]
carrier operating under Sec. 1548.5 for carriage on a passenger
aircraft, unless that person holds and carries out an approved security
program.
Section 1549.5(b) describes the required content of each security
program and provides that the security program must be designed to
protect against the entry into the aircraft of any unauthorized
explosive, incendiary, and other destructive substance or item.
Section 1549.5(c) makes clear that the CCSF is responsible to
ensure that their agents and employees carry out the CCSF's security
program.
Section 1549.5(d) provides that alternate procedures and amendments
to the security program are all part of the CCSF's security program
that the CCSF must comply with.
Paragraph (e) is parallel with 49 CFR 1548.5(d), providing basic
requirements on the availability of the security program to the firm's
personnel and to TSA, and requirements to protect the security program
as SSI.
Section 1549.7--Approval, Amendment, Renewal of the Security Program
and Certification of a Certified Cargo Screening Facility
To participate as a CCSF, the applicant must apply for a security
program and for certification as a CCSF at a particular location in a
form and manner prescribed by TSA not less than 90 calendar days before
the applicant intends to begin operations. TSA will only approve a
facility to operate as a CCSF if the facility is located in the United
States. For example, TSA will not allow a CCSF to be located in Canada
and truck cargo to the U.S. for loading onto passenger aircraft. TSA
must be able to inspect readily the facility for compliance with TSA
requirements.
The applicant must provide information about the business;
information about the key individuals at the business (including their
names and copies of their identification); and information required for
TSA to conduct STAs of the applicant's employees and senior managers.
49 CFR 1549.7(a)(1).
After the Security Coordinator for an applicant successfully
completes an STA, TSA will provide the applicant with the certified
cargo screening standard security program. This program is SSI and
cannot be shared with unauthorized persons. The applicant may accept
the standard program or submit a proposed modification. 49 CFR
1549.7(a)(2)(i). Once the applicant has the security program it can
determine how it will meet the requirements of the security program.
The applicant must then be assessed by either a TSA-approved validator
under 49 CFR part 1522 or by TSA. 49 CFR 1549.7(a)(2)(ii).
Under Sec. Sec. 1549.7(a)(3), (4), and (5), a CCSF at a particular
location may begin screening operations after (1) TSA has reviewed the
assessment prepared by the validator and approved and certified the
facility, and (2) after the CCSF has successfully completed the
training and STAs required under part 1549. Section 1549.7(b) provides
that certified cargo screening facilities must apply for a renewal of
certification every 36 months, providing the information that TSA
requires. Generally, the security program will be a standard program
provided by TSA.
Sections 1549.7(c), (d), and (e) include provisions allowing
applicants to request amendments to the security program and allowing
TSA to amend security programs if warranted by considerations of safety
and the public interest. Except in cases of emergency, TSA-initiated
amendments will comply with notice and comment procedures before they
become effective.
Section 1549.101--Acceptance, Screening, and Transfer of Cargo
This section requires each CCSF to implement procedures in the
security program to deter the carriage of explosives or incendiaries
onboard aircraft. 49 CFR 1549.101(a). It also requires each CCSF to
ensure that cargo is screened and inspected for any unauthorized
explosive, incendiary, or other destructive substance or item. 49 CFR
1549.101(b). If the shipper does not consent to search or inspection of
the cargo in accordance with this part, the CCSF must not offer such
cargo for transport to: (1) Another CCSF, (2) an aircraft operator with
a full program under 49 CFR 1544.101(a), or (3) a foreign air carrier
operating under 1546.101(a) or (b). 49 CFR 1549.101(c).
Finally, Sec. 1549.101(d) requires the CCSF to protect the cargo
from unauthorized access from the time the facility screens the cargo
until the time the facility tenders it to another CCSF, an IAC, an
aircraft operator under part 1544, or a foreign air carrier under part
1546. These chain-of-custody requirements are central to the concept of
the CCSP. The regulation does not require specific chain-of-custody
controls. Based on knowledge of other programs and on the TSA cargo
pilot programs, TSA expects that certified cargo screening facilities
will use the following methods: tamper-evident technologies, conveyance
level seals, and documented processes. The certified cargo screening
standard security program will include specific requirements.
Section 1549.103--Qualifications and Training of Individuals with
Security-Related Duties
In accordance with this provision, each CCSF must ensure that
employees and agents who are involved in the cargo screening process or
who have unescorted access to cargo that has been screened for
transport on a passenger aircraft successfully undergo STAs. 49 CFR
1549.103(a). Each CCSF must also ensure that such individuals have
completed the training required by TSA and have knowledge of their
responsibilities under the CCSP, the STA provisions of TSA's
regulations, and TSA's SSI regulations. 49 CFR 1549.103(b)-(c).
Section 1549.103(d) specifies certain qualifications for
individuals performing screening. These qualifications are designed to
ensure that these individuals understand the applicable security
program, can communicate verbally, and are capable of operating
screening equipment.
The requirements in Sec. 1549.103(d) closely parallel the existing
requirements for screeners of passengers and checked baggage found in
49 CFR 1544.405, to the extent they apply to the screening of cargo.
They include the requirement that the screener be a citizen or national
of the United States or be an alien lawfully admitted for permanent
residence. The discussion of Sec. 1522.117 in this section-by-section
analysis explains the importance of such requirements. A screener must
also have a high school diploma or equivalent and must have color
perception and physical coordination sufficient to operate effectively
cargo screening technologies that a CCSF would use.
Additionally, Sec. 1540.103(d)(4) requires that the screener have
the ability to read, write, and understand English well enough to carry
out written and oral instructions regarding the proper performance of
screening duties, or be under the direct supervision of someone who has
this ability. This requirement is related to the type of work the
screener does. If the screener's duties do not include reading labels,
then TSA believes that such an employee need not be able to read and
write English sufficiently to write log entries; a supervisor who can
read and write English well enough for that purpose would satisfy that
requirement. However, if the employee needs to read shipping
documentation or seals on the cargo, English proficiency is required.
[[Page 47688]]
Section 1549.105--Recordkeeping
This provision requires each CCSF to maintain records demonstrating
compliance with all applicable statutes regulations, directives,
orders, and security programs. It also requires the CCSF to maintain
copies of training records, documents pertaining to the application and
renewal of the facility (including copies of the validator's report),
documents establishing TSA's certification and renewal of
certification, and records demonstrating satisfaction of the STA
requirements. 49 CFR 1549.105(a). With the exception of the training
records, the CCSF must retain these records until the next re-
certification. 49 CFR 1549.105(b). The facility must retain records
indicating satisfaction of the rule's employee training requirements
for an individual for 180 days after the individual is no longer
employed or acting as an agent of the CCSF. 49 CFR 1549.105(a)(1).
Section 1549.107--Corporate and Facility Security Coordinators
This section requires each facility to designate a Security
Coordinator and alternate appointed at the corporate level, and a
Security Coordinator and alternate appointed at each facility that will
conduct screening. A corporate level Security Coordinator is needed if
a single company has multiple facilities. The Security Coordinator must
have corporate authority to represent and speak for the company and to
serve as TSA's point of contact with that company. A facility-based
Security Coordinator is needed so that TSA has a point of contact that
is familiar with the operations and procedures of the particular
facility certified as a CCSF. A corporate level Security Coordinator
may also serve as a facility level Security Coordinator. Both Security
Coordinators, or their alternates at the corporate and facility level,
must be available 24 hours per day to address any adverse security
incidents that may arise or to receive information from TSA or others
that might jeopardize the security of the cargo handled at the
facility.
Section 1549.109--Security Directives and Information Circulars
This provision requires each CCSF to comply with any security
directives that TSA may issue to address a security concern that
requires immediate action. TSA may issue Information Circulars, which
provide information to regulated parties. These do not include
mandatory security measures but provide useful information about
potential threats.
Section 1549.111--Security Threat Assessments for Personnel of
Certified Cargo Screening Facilities
This section requires personnel of certified cargo screening
facilities to undergo the STA described in 49 CFR part 1540, subpart C.
We are requiring STAs for the following individuals:
Individuals authorized to perform cargo screening or
supervise cargo screening;
Individuals authorized to have unescorted access to cargo
from the time of screening until the time it is offered to an IAC for
transport on passenger aircraft, an aircraft operator under part 1544,
or a foreign air carrier under part 1546;
The senior manager or representative of the CCSFs in
control of the operations; and
Security Coordinators and their alternates.
TSA is requiring STAs for the individuals listed above to reduce
the likelihood of a terrorist's gaining employment in a position with
access to cargo for the purpose of introducing an explosive or other
destructive substance into cargo on a passenger aircraft. Extending the
STAs to such individuals in a CCSF provides a degree of security
comparable to TSA's other programs, including the IAC program, in that
all personnel of regulated parties with access to cargo from the time
of screening until the time the aircraft operator loads it will undergo
a check against the terrorist databases. For a full description of the
STA process, see the discussion of 49 CFR part 1540, subpart C.
VI. Good Cause for Immediate Adoption
TSA is taking this action without providing the public prior
opportunity for notice and comment. The 9/11 Act requires TSA to have
developed a system for the screening of 50 percent of cargo transported
by passenger aircraft by February 2009, and to develop a system for the
screening of 100 percent of such cargo by August 2010. In 49 U.S.C.
44901(g)(2)(A), Congress specifically authorized TSA to issue an IFR
``as a temporary regulation to implement this section without regard to
the provisions of chapter 5 of title 5.'' The Act further states that
if TSA issues an IFR, then TSA must follow it with a final rule within
12 months of the effective date of the IFR. 49 U.S.C.
44901(g)(2)(B)(i).
TSA cannot meet the screening requirements established in the 9/11
Act for cargo loaded in the U.S. without a system in place to screen
cargo off-airport by parties other than aircraft operators, as this
rule will accomplish. TSA could not achieve this mandate by relying
solely on aircraft operators and foreign air carriers to conduct
screening. There is insufficient space and capacity for aircraft
operators and foreign air carriers to screen the approximately 12
million pounds of cargo transported on passenger aircraft in the United
States. Much of this cargo is gathered by IACs off-airport,
consolidated into Unit Load Devises or pallets, and brought to the
airport for loading on aircraft. There currently is not a way to
adequately screen most consolidations of cargo without breaking them
down. Aircraft operators and foreign air carriers do not have
sufficient space or time to remove the cargo from the consolidations,
screen it, and re-consolidate it, before loading it onto aircraft. This
rule establishes more cost-effective and efficient options for CCSFs to
screen the cargo off-airport before it is consolidated so that it may
be taken to the airport and loaded onto aircraft with little delay.
Aircraft operators, foreign air carriers, IACs, and facilities that may
decide to become CCSFs must have sufficient finality in the regulations
to develop their screening programs and have them fully operational in
time to meet the statutory deadlines.
It would be contrary to the public interest to delay this rule.
Meeting the statutory requirements for the screening of cargo on
passenger aircraft with this IFR will provide substantial security
benefits by providing the stakeholders with finality in the rule at an
earlier stage, which will allow them to determine how best to comply
with the requirements. For instance, IACs, shippers, and other
facilities that choose to become CCSFs will have time to comply with
the new requirements and become certified. The rationale for issuing
this rule as an IFR is fully consistent with sections 553(b) and (d) of
the Administrative Procedure Act (APA) (5 U.S.C. 553), which authorize
agencies to issue final rules without affording the public a prior
opportunity to comment is ``impracticable, unnecessary, or contrary to
the public interest.''
VII. Paperwork Reduction Act
The Paperwork Reduction Act of 1995 (PRA) (44 U.S.C. 3501 et seq.)
requires that TSA consider the impact of paperwork and other
information collection burdens imposed on the public and, under the
provisions of PRA section 3507(d), obtain approval from the Office of
Management and Budget (OMB) for each collection of information it
conducts, sponsors, or
[[Page 47689]]
requires through regulations. This interim final rule contains new
information collection activities subject to the PRA. Accordingly, TSA
has submitted the following information requirements to OMB for its
review.
Title: Certified Cargo Screening Program Interim Final Rule.
Summary: Section 1602 of the Implementing Recommendations of the 9/
11 Commission Act of 2007 (Pub. L. 110-53) (August 2007) requires the
development of a system to screen 100 percent of the cargo transported
on a passenger aircraft operating within the United States by August
2010 and to have screened 50 percent of all air cargo by February 2009.
This rule amends several parts of Title 49 of the Code of Federal
Regulations (CFR) and adds new parts, as described in prior sections of
this preamble. The rule creates several new information collections.
Through this rule, TSA is including the following information
collections:
First, an entity that seeks to become a CCSF under 49 CFR part 1549
must submit an application to TSA.
Second, a validator from a TSA-approved validation firm must assess
each CCSF every three years. An entity that seeks to become a TSA-
approved validation firm under 49 CFR part 1522 must submit an
application to TSA.
Third, TSA must conduct STAs for key personnel of CCSFs and
validation firms. The key personnel must submit personal data to TSA
for the STAs. This STA portion is a previously approved collection
under OMB control number 1652-0040, but this IFR expands the population
from which the information is collected.
Fourth, CCSFs and TSA-approved validation firms must accept or
submit security programs for approval. CCSFs must accept a standard
security program provided by TSA or submit a proposed modified security
program to the designated TSA official for approval initially and
periodically thereafter as required. Validation firms must accept a
standard security program provided by TSA or submit a proposed modified
security program to the designated TSA official for approval initially
and periodically thereafter as required. The validation firm must also
submit a supplement to the security plan that specifies processes and
procedures that the firm will use to maintain the qualification of its
validators and its personnel assisting validators with assessments to
the designated TSA official for approval.
Fifth, CCSP participants, indirect air carriers, and TSA-approved
validation firms must maintain records of compliance with the IFR and
make them available for TSA inspection (see 49 CFR 1522.129 and
1549.105).
Sixth, TSA-approved validation firms must submit their validators'
assessments of CCSFs to TSA.
Finally, CCSFs and air carriers must submit TSA-determined monthly
cargo screening metrics to TSA.
Use of: TSA will use the applications of entities seeking to become
CCSFs to approve the entity as a CCSF. TSA will use the applications of
entities seeking to become TSA-approved validation firms to approve the
entities as approved validation firms. TSA will collect personally
identifiable information from CCSFs, validation firms, and indirect air
carriers about their key personnel in order to conduct STAs on these
individuals, which is an important security measure that should apply
to individuals who screen cargo and have unescorted access to screened
cargo as well as to other key individuals. CCSF and validation firm
security programs are necessary because they contain specific measures
to deter incidents that may jeopardize transportation security. CCSFs
must maintain records and provide TSA-approved validators access to
their records, equipment, and facilities necessary for the validators
to conduct assessments. TSA will require the validators to submit their
assessment reports to TSA in a manner and form prescribed by TSA, and
to also retain validation reports that they have prepared for a minimum
of 36 months. TSA will use the reports to determine whether CCSFs and
validation firms are complying with TSA regulations. Finally, CCSFs and
TSA-approved validation firms must submit security programs for
approval. These security programs contain specific measures to deter
incidents that may jeopardize transportation security. TSA requires
CCSFs to provide information on the amount of cargo screened at an
approved facility in order to evaluate the compliance and performance
of the CCSFs and to provide information needed for congressional
reporting and future rulemaking relating to air cargo security.
Respondents (including number of): The likely respondents to this
proposed information requirement are the 22,541 entities that seek to
become CCSFs under 49 CFR part 1549 and the 83 entities that seek to
become TSA-approved validation firms.
Frequency: CCSFs will submit an application for recertification
every three years. The rule will require CCSFs to submit an application
once annually. TSA estimates that CCSFs, TSA-approved validation firms,
and indirect air carriers will submit personally identifiable
information of their key personnel so that TSA can conduct STAs every
five years. The rule will require CCSFs and validation firms to accept
or submit a security program once, and TSA estimates CCSFs will submit
updates to their security program on average once annually. TSA
estimates that validators will submit their assessment reports to TSA
as frequently as they perform the assessments. The recordkeeping
requirements will be continuous. The requirement for CCSFs to provide
information on the amount of cargo screened and other screening data at
an approved facility will be a monthly collection.
Annual Burden Estimate: TSA estimates that the 7,514 entities who
will seek to become CCSFs annually will spend approximately 2 hours
each to complete the applications for an annual burden of 15,028 hours.
TSA estimates that the 28 entities who will seek to become TSA-approved
validation firms annually will spend approximately 30 minutes each to
complete the applications for an annual burden of 14 hours. TSA
estimates 312,433 annual responses from CCSFs, validation firms, and
indirect air carriers and the time spent annually submitting personally
identifiable information of key personnel for TSA to conduct STAs for
an annual burden of 78,108 hours. The time to complete an STA
application is estimated at 15 minutes per individual. TSA has
estimated that a total of 16,989 CCSFs and validation firms will adopt
their security programs for an average of 5,663 security programs
annually. Each firm will devote approximately 42 hours to their initial
security program, resulting in an annual burden of 237,846 hours. TSA
has estimated that a total 31,589 CCSFs and validation firms will be
required to maintain and update their security programs for an average
of 10,530 security programs updated annually. Each firm will devote
approximately 4 hours each annually, beginning in the second year,
updating their security programs for an annual hour burden of 42,119.
TSA estimates all CCSFs and validation firms will be required to
maintain records of compliance with the IFR. This includes a time
burden of approximately 5 minutes (0.083 hours) for every CCSF and
validation firm employee who is required to have an STA as well as
other records of compliance. This also includes validation firm filings
of validation assessment reports, resulting in 312,433 annual record
updates. TSA
[[Page 47690]]
estimates an annual burden of approximately 25,932 hours. TSA estimates
that 28 TSA-approved validation firms will spend approximately 4 hours
each annually to prepare their findings and submit them to TSA, for
annual burden of 22,541 hours. TSA estimates that 5,635 CCSFs will
complete monthly cargo reports at an estimated time of one hour per
week for an estimated annual burden of 293,037 hours.
Information Collection and Hour Burden Summary
[17,117 unique respondents over 3 years]
--------------------------------------------------------------------------------------------------------------------------------------------------------
Annual Annual Annual hours TSA Form
Function respondents responses Time per response (3-year total) Number Regulation cite
--------------------------------------------------------------------------------------------------------------------------------------------------------
CCSF Applications.................. (Initial application is a one time collection, re-certification is every three years)
--------------------------------------------------------------------------------------------------------------------
One Year........................... 7,514 7,514 2 hours............... 15,028 419E Sec. 1549.7
Three Years........................ 22,541 22,541 2 hours............... 45,083 419E Sec. 1549.7
--------------------------------------------------------------------------------------------------------------------------------------------------------
Validation Firm Applications....... Annual collection
--------------------------------------------------------------------------------------------------------------------
One Year........................... 28 28 .5 hours.............. 14 419G Sec. 1522.107
Three Years........................ 83 83 .5 hours.............. 42 419G Sec. 1522.107
--------------------------------------------------------------------------------------------------------------------------------------------------------
STA Applications................... Collected every five years after initial application
--------------------------------------------------------------------------------------------------------------------
One Year........................... 312,433 312,433 .25 hours............. 78,108 419F Sec. Sec. 1549.11 & 1549.103
Three Years........................ 937,300 937,300 .25 hours............. 234,325 419F Sec. Sec. 1522.117 & 1522.121
--------------------------------------------------------------------------------------------------------------------------------------------------------
Security Programs Creations........ One time collection
--------------------------------------------------------------------------------------------------------------------
One Year........................... 5,663 5,663 42 hours.............. 237,846 ........... Sec. 1522.105
Three Years........................ 16,989 16,989 42 hours.............. 713,538 ........... Sec. 1522.105
--------------------------------------------------------------------------------------------------------------------------------------------------------
Updates............................ Once annually
--------------------------------------------------------------------------------------------------------------------
One Year........................... 10,530 10,530 4 hours............... 42,119 N/A Sec. 1549.5
Three Years........................ 31,589 31,589 4 hours............... 126,356 ........... Sec. 1549.5
--------------------------------------------------------------------------------------------------------------------------------------------------------
Recordkeeping...................... Continuous as needed
--------------------------------------------------------------------------------------------------------------------
One Year........................... 312,433 312,433 .083 hours............ 25,932 N/A Sec. Sec. 1549.105 & 1522.129
Three Years........................ 937,300 937,300 .083 hours............ 77,796 ........... Sec. Sec. 1549.105 & 1522.129
--------------------------------------------------------------------------------------------------------------------------------------------------------
Validation Assessment Reports...... Continuous as needed
--------------------------------------------------------------------------------------------------------------------
One Year........................... 28 5,635 4 hours............... 22,541 N/A Sec. 1522.127
Three Years........................ 83 16,906 4 hours............... 67,624 ........... Sec. 1522.127
--------------------------------------------------------------------------------------------------------------------------------------------------------
Cargo Reporting.................... Monthly collection
--------------------------------------------------------------------------------------------------------------------
One Year........................... 5,635 67,624 52 hours.............. 293,037 N/A Sec. 1549.105
Three Years........................ 16,906 202,872 52 hours.............. 879,112 ........... Sec. 1549.105
CCSF Subset--1 year................ 121 1,452 2.5 hours............. 3,630 N/A Sec. 1549.105
--------------------------------------------------------------------------------------------------------------------------------------------------------
TOTAL for One Year............. 654,385 723,312 ...................... 718,255
--------------------------------------------------------------------------------------------------------------------------------------------------------
TOTAL for Three Years.......... 1,962,791 2,165,580 ...................... 2,143,875
--------------------------------------------------------------------------------------------------------------------------------------------------------
TSA requests comments to--
(1) Evaluate whether the proposed information requirement is
necessary for the proper performance of the functions of the agency,
including whether the information will have practical utility;
(2) Evaluate the accuracy of the agency's estimate of the burden;
(3) Enhance the quality, utility, and clarity of the information to
be collected; and
(4) Minimize the burden of the collection of information on those
who are to respond, including using appropriate automated, electronic,
mechanical, or other technological collection techniques or other forms
of information technology.
Individuals and organizations may submit comments on the
information collection requirements by November 16, 2009. Direct the
comments to the address listed in the ADDRESSES section of this
document, and fax a copy of them to the Office of Information and
Regulatory Affairs, Office of Management and Budget, Attention: DHS-TSA
Desk Officer, at (202) 395-5806. A comment to OMB is most effective if
OMB receives it within 30 days of publication.
As protection provided by the Paperwork Reduction Act, as amended,
an agency may not conduct or sponsor, and a person is not required to
respond to, a collection of information unless it displays a currently
valid OMB control number.
VIII. Economic Impact Analyses
A. Regulatory Evaluation Summary
Changes to Federal regulations must undergo several economic
analyses. First, Executive Order 12866 (EO 12866), Regulatory Planning
and Review, directs each Federal agency to propose or adopt a
regulation only upon a reasoned determination that the benefits of the
intended regulation
[[Page 47691]]
justify its costs. Second, the Regulatory Flexibility Act of 1980 (5
U.S.C. 601 et seq., as amended by the Small Business Regulatory
Enforcement Fairness Act (SBREFA) of 1996) requires agencies to analyze
the economic impact of regulatory changes on small entities. Third, the
Trade Agreements Act (19 U.S.C. 2531-2533) prohibits agencies from
setting standards that create unnecessary obstacles to the foreign
commerce of the United States. Fourth, the Unfunded Mandates Reform Act
of 1995 (2 U.S.C. 1531-1538) requires agencies to prepare a written
assessment of the costs, benefits, and other effects of proposed or
final rules that include a Federal mandate likely to result in the
expenditure by State, local, or Tribal governments, in the aggregate,
or by the private sector, of $100 million or more annually (adjusted
for inflation).
TSA has prepared a separate detailed analysis document which is
available to the public in the docket. With respect to these analyses,
TSA provides the following conclusions and summary information:
This rule is considered to be an economically significant
rule within the definition of EO 12866, as estimated annual costs or
benefits exceed $100 million in any year. TSA has included the
mandatory OMB Circular A-4 Accounting Statement in the separate
analysis document and thus has not repeated it here.
Under the Regulatory Flexibility Act of 1980, an agency
need not publish a formal analysis of the impact to small entities with
the interim final rule. Therefore, TSA has not determined whether or
not this interim final rule will have a significant impact on a
substantial number of small entities.
This regulatory evaluation provides the required
assessment of the Trade Agreement Act of 1979.
The regulatory evaluation provides the required written
assessment of Unfunded Mandates. This interim final rule is not likely
to result in the expenditure by State, local, or Tribal governments, in
the aggregate, of $100 million or more annually (adjusted for
inflation). However, because the rule is economically significant as
defined by Executive Order 12866, it does have an unfunded mandate
impact on the economy as a whole. The separate analysis of the costs
and benefits of the rule satisfies the requirements of the Unfunded
Mandates Reform Act.
B. Executive Order 12866 Assessment
This IFR is a major rule within the definition of Executive Order
(EO) 12866, as annual costs or benefits to all parties exceed the $100
million threshold in any year. TSA has not identified any significant
economic impacts for each of the required analyses of small business
impact, international trade, or unfunded mandates. This summary
highlights the costs and benefits of the rule.
Costs
This section summarizes the types of costs of this rule, which
would be borne by five relevant parties: CCSFs, non-CCSF entities that
receive screened cargo from CCSFs, validation firms, aircraft operators
(including, in this context, both U.S. aircraft operators and foreign
air carriers), and TSA. A summary table at the end of this section
provides an overview of the cost estimates. The following paragraphs
provide brief descriptions of the cost components. This rule will
require expenditures by CCSFs, approved validation firms, and aircraft
operators. CCSFs and approved validation firms must adopt security
programs and, in the case of CCSFs, undergo assessment of their
security measures by a TSA-approved validation firm prior to joining
the program. CCSFs and validation firms must complete TSA-conducted
STAs for individuals who will be screening cargo or who have unescorted
access to screened cargo, as well as for personnel supporting these
functions. CCSFs and validation firms must employ security coordinators
and alternates.
CCSFs must also implement training for individuals who perform
security-related duties. CCSFs may need to purchase equipment to
perform their responsibilities under this program. Validation firms
will need to pay for training for individuals involved in conducting
assessments. Aircraft operators will need to purchase equipment and
hire personnel to handle their additional screening burdens.
TSA will incur costs to implement the rule. These will include the
costs associated with reviewing applications and security programs,
reviewing validation reports, conducting STAs, and inspecting CCSFs and
validation firms. In addition, TSA will incur the cost of developing or
approving training programs for validation firms and TSA employees and
of developing the Air Cargo Data Management System. Total TSA costs can
be found in the Total section in Table 1, and in Table 32 of the
Regulatory Evaluation.
Total
In summary, over the 10-year period of the analysis, TSA estimates
the aggregate costs of this rulemaking to total approximately $2.8
billion, undiscounted. Discounted at seven percent, the cost is $1.9
billion, and discounted at three percent, the cost is $2.4 billion.
Additionally, industry will bear a cost for delayed shipment of cargo
estimated at $297.1 million over the 10-year analysis period ($203.1
million discounted at seven percent and $250.4 million discounted at
three percent). The regulatory impact analysis provides detailed
estimates of these costs.
TSA anticipates bearing costs to administer the provisions of the
rulemaking at $384 million over the 10-year analysis period.
TSA presents details in the regulatory impact analysis on how it
developed these estimates. The following table displays the annual
costs of the rule over the 10-year analysis period. The total is broken
out by costs to TSA; costs to industry, estimated using the U.K. Known
Consignor program as a proxy for screening fees; and the estimated
delay costs due to screening. The TSA total represents the estimated
costs TSA will incur to implement the CCSP and enforce compliance. The
industry cost is estimated using the U.K. fee proxies and accounts for
the 70 percent of cargo shipped on passenger planes expected to be
screened at CCSFs as well as the additional fifteen percent that
aircraft operators are expected to screen. The delay cost assumes the
30 percent of cargo expected to be screened by the aircraft operators
will be the only cargo subject to delay.
[[Page 47692]]
Table 1--10-Year Total Cost Summary of CCSP
[$millions]
--------------------------------------------------------------------------------------------------------------------------------------------------------
Discounted (3 Discounted (7
Year TSA cost Industry cost Delay cost Total cost percent) percent)
--------------------------------------------------------------------------------------------------------------------------------------------------------
1....................................................... $62.1 $171.3 $23.6 $257.0 $249.5 $240.2
2....................................................... 24.5 179.9 24.8 229.3 216.1 200.2
3....................................................... 25.7 188.9 26.0 240.7 220.3 196.5
4....................................................... 35.4 198.4 27.3 261.1 232.0 199.2
5....................................................... 28.7 208.3 28.7 265.6 229.1 189.4
6....................................................... 38.8 218.7 30.1 287.7 240.9 191.7
7....................................................... 43.5 229.6 31.7 304.8 247.8 189.8
8....................................................... 37.1 241.1 33.2 311.4 245.8 181.2
9....................................................... 38.9 253.2 34.9 326.9 250.6 177.8
10...................................................... 49.4 265.8 36.6 351.8 261.8 178.9
-----------------------------------------------------------------------------------------------
Total............................................... 384.2 2,155.1 297.1 2,836.4 2,394.0 1,945.0
Low................................................. 262.4 1,795.9 281.5 2,339.9 1,974.7 1,604.0
High................................................ 512.8 2,514.3 318.9 3,346.0 2,824.3 2,294.8
--------------------------------------------------------------------------------------------------------------------------------------------------------
100 Percent Aircraft Operator Screening
As an alternative to establishing the CCSP, TSA considered meeting
the statutory requirements by having aircraft operators screen cargo
intended for transportation on passenger aircraft--that is, continuing
the current cargo screening program but expanding it to 85 percent of
air cargo on passenger aircraft. TSA estimates that the remaining
fifteen percent will be transferred to alternate means of
transportation due to the increased delays and costs of shipping this
IFR might incur. The cost of the modal shift assumed by TSA was not
estimated as the cost components of this shift would be difficult to
estimate. Under this alternative, aircraft operators would bear the
costs of screening additional cargo, and industry would bear
significant costs because of delays. TSA would not incur costs as a
result of this alternative. TSA currently requires aircraft operators
to screen cargo intended for transport on passenger aircraft at levels
set out in their security programs. As a result, TSA would not have to
take any new action.
Under this alternative, the cost drivers for this alternative are
screening equipment, personnel for screening, training of personnel,
and delays. Delays are the largest cost component, totaling $7.0
billion over 10 years, undiscounted. In summary, the undiscounted 10
year cost of the alternative is $11.1 billion. Discounted at three
percent, the cost is $9.4 billion and discounted at seven percent, the
cost is $7.7 billion. The following table presents the costs of the 100
percent aircraft operator screening alternative, as well as high and
low variations and totals discounted at 3 percent and 7 percent.
Table 2--10-Year Total Cost Summary of 100 Percent Air Carrier Screening
[$millions]
--------------------------------------------------------------------------------------------------------------------------------------------------------
Domestic 3% 7%
Year Equipment Personnel Training delays Total Discount Discount
--------------------------------------------------------------------------------------------------------------------------------------------------------
1............................................................ $85 $307 $4.9 $613 $1,009 $980 $943
2............................................................ 10 322 2.7 631 965 910 843
3............................................................ 10 338 2.9 649 1,000 915 816
4............................................................ 10 355 3.0 668 1,035 920 790
5............................................................ 10 373 3.2 687 1,073 925 765
6............................................................ 10 391 3.3 707 1,112 931 741
7............................................................ 10 411 3.5 728 1,152 937 718
8............................................................ 85 431 3.7 750 1,269 1,002 739
9............................................................ 10 453 3.8 772 1,239 950 674
10........................................................... 10 476 4.0 796 1,286 957 654
------------------------------------------------------------------------------------------
Total.................................................... 249 3,856 35.0 7,002 11,142 9,427 7,683
Low...................................................... 187 2,892 26 5,251 8,356 7,070 5,762
High..................................................... 311 4,820 44 8,752 13,927 11,784 9,603
--------------------------------------------------------------------------------------------------------------------------------------------------------
Benefits
The interim final rule will allow for more standard governance in
cargo screening and will provide benefits in terms of increased
security of commercial passenger aviation. The benefits are four fold.
First, the passenger airline industry will be more firmly protected
against an act of terrorism or other malicious behaviors by the
screening of 100 percent of cargo shipped on passenger aircraft;
currently, only a portion of this cargo is screened before being loaded
onto the plane. Second, allowing the screening process to occur
throughout the supply chain via the CCSP will reduce potential
bottlenecks and delays at the aircraft operators. Third, the interim
final rule will allow market forces to identify the most efficient
venue for screening along the supply chain. As the most cost-effective
venue for screening varies widely depending on the type of goods being
shipped on passenger aircraft operators, the interim final rule will
permit any entity on the supply chain to apply for TSA certification to
screen cargo and apply chain-of-custody procedures to secure that
cargo. Finally,
[[Page 47693]]
validation firms will perform assessments of the entities that become
CCSFs. These assessments will enable TSA to set priorities for
compliance inspections while leveraging TSA inspectors with vetted and
trained validation firms, thereby adding an extra layer of security.
Alternatively, TSA has assessed the benefits of this rule via a
break-even analysis of the cost of the reduction in risk with the
dollar amount of the benefit from the rule. The break-even analysis
illustrates the tradeoff between program costs and program benefits.
For purposes of the analysis, TSA evaluated four scenarios in which an
explosive device was placed in the aircraft's cargo hold via air cargo
and detonated, destroying the airplane and all passengers and crew on
board. For each scenario, TSA derived a total monetary cost of
consequence from an estimated value of the statistical human lives lost
and the value of the plane (including cargo) destroyed. TSA obtained a
value of the monetary cost of an attack under a certain probability
(the value of which equals the total estimated monetary cost of the
attack multiplied by the probability of an attack of that nature over a
year-long time period) and compared it to the undiscounted, annualized
cost of the CCSP to estimate how often an attack of that nature would
need to be averted for the expected benefits to equal costs.
Table 3 summarizes the results of the break-even analysis, based on
the 10-year cost of the rule, annualized at seven percent. Below we
describe the four scenarios that we used in that analysis. To judge the
value or effectiveness of this IFR in the context of these scenarios,
it is necessary to compare the extent of monetary consequence from a
successful attack with the cost of a program like the IFR that would be
deployed to reduce the risk or likelihood of such an attack being
successfully undertaken.
The first scenario describes the impact of a situation in which an
explosive device placed in the cargo shipped on the flight in the belly
of the plane destroys a standard narrow body aircraft (from the fleets
used by major U.S. aircraft operators) during flight. This incident
results in the loss of the lives of all passengers and crew members on
board, along with the total destruction of the airplane. TSA estimated
119 total people to be on board, including both passengers and crew.
The value of these statistical lives is approximately $690.2 million in
2006 U.S. dollars, based on the Department of Transportation Value of a
Statistical Life (VSL) estimation of $5.8 million per person. The
estimated aircraft cost is just under $17 million on average, again in
2006 dollars. Adding these two together, and assuming no damage on
impact to the crash site, TSA estimates the total monetary consequence
of the attack at $707.2 million.
The second scenario depicts a situation where an explosive device
placed in the cargo shipped on the flight in the belly of the plane
destroys an average U.S. commercial passenger aircraft (from the fleets
used by major U.S. aircraft operators) in flight. This attack results
in loss of life for passengers and crew members, along with complete
destruction of the aircraft. Based on data reported in the FAA Critical
Values Guidance, there is an assumed loss of 133 lives (128 passengers
and 5 crew members), along with an assumed complete loss of the
aircraft, which on average would be valued at $22 million in 2006
dollars. The monetary estimate associated with the loss of life is $771
million. Combining the loss of life monetary estimate with the weighted
average aircraft market value, TSA estimates the total monetary
consequence of this scenario at $793 million.
The third scenario depicts a situation where an explosive device
placed in the cargo shipped on the flight in the belly of the plane
destroys an average U.S. commercial passenger wide-body aircraft (from
the fleets used by major U.S. aircraft operators) in flight. This
attack scenario, like the first scenario, results in loss of life for
passengers and crew members, along with complete destruction of the
wide-body aircraft. Based on data reported in the FAA Critical Values
Guidance, there is an assumed loss of 210 lives (202 passengers and 8
crew members) along with the complete loss of the aircraft, which on
average would be valued at $49.6 million in 2006 dollars. Using the DOT
VSL of $5.8 million, the monetary estimate associated with the loss of
life is $1.22 billion. Combining the loss of life monetary estimate
with the weighted average aircraft market value, TSA estimates the
total monetary consequence of this scenario at $1.27 billion.
The fourth scenario is an extension of the third that takes into
account a situation involving multiple planes destroyed by an explosive
device. In our case, four wide body aircraft are the targets of the
attack. Our estimation of the monetary damage took the value of the
single wide body aircraft attack and multiplied that total monetary
consequential amount by a factor of four. Therefore, the resulting
estimate of monetary damage caused in this scenario is $5.1 billion, in
2006 dollars. This includes approximately 840 passenger and crew member
lives lost, and an estimated $198.2 million loss due to the destruction
of the four wide body airplanes.
The table below presents the number of attacks averted (expressed
as a number of years between attacks), required for the IFR to break
even under each of the four scenarios. In this analysis the comparison
is made between the estimated scenario consequence and the seven
percent discount annualized Air Cargo Screening IFR cost of $276.9
million; the ``required risk reduction in attack frequency'' for break-
even can be derived as the multiplicative inverse of the ratio between
this annualized program cost and the scenario consequence total (a
ratio which expresses a breakeven annual likelihood of attack). As
shown in the following table, the rule will need to reduce the existing
or baseline frequency of terror attack by one attack every 2.6 years
for Scenario 1, one attack every 2.8 years for Scenario 2, one attack
every 4.5 years for Scenario 3, or one attack every 18.2 years for
Scenario 4 in order for the IFR to break even.
Table 3--Frequency of Attacks Averted for Passenger Air Cargo Screening IFR Costs to Equal Expected Benefits, by Attack Scenario
[Annualized at 7 percent]
--------------------------------------------------------------------------------------------------------------------------------------------------------
Valuation at Avg. aircraft Total
Attack scenario Lives $0.0058 M ($ market value Property loss consequence ($ Attacks averted by air cargo
lost billion) ($ billion) ($ billion) billion) sec to break-even
A B = A x 0.0058 C D E = B + C + D = E / $276.9 **
--------------------------------------------------------------------------------------------------------------------------------------------------------
1. Narrow Body Target...................... 119 $0.69 $0.017 $0.0 $0.71 One every 2.6 years.
[[Page 47694]]
2. Avg. AO Target.......................... 133 0.77 0.022 0.0 0.79 One every 2.8 years.
3. Wide Body Target........................ 210 1.22 0.050 0.0 1.27 One every 4.5 years.
4. Multiple Wide Body...................... 840 4.87 0.198 0.0 5.07 One every 18.2 years.
--------------------------------------------------------------------------------------------------------------------------------------------------------
** The total cost of the rule annualized at 7 percent.
C. Regulatory Flexibility Act Assessment
Sections 603(a) and 604(a) of the Regulatory Flexibility Act (RFA)
require that, when an agency issues a interim final rule or promulgates
a final rule ``after being required * * * to publish a general notice
of proposed rulemaking,'' the agency must determine whether a proposed
or final rule will have a significant economic impact on a substantial
number of small entities and, if so, must prepare a regulatory
flexibility analysis as described in the Act. For purposes of the RFA,
small entities include small businesses, not-for-profit organizations,
and small governmental jurisdictions. Individuals and States are not
included in the definition of a small entity. These requirements do not
apply where, as here, an agency issues an interim final rule. Congress
explicitly authorized TSA to issue an IFR in the 9/11 Act. TSA invites
comments that address whether this rule would have a significant
economic impact on a substantial number of small entities. TSA will
consider this information in developing the final rule.
D. International Trade Impact Assessment
The Trade Agreement Act of 1979 prohibits Federal agencies from
establishing any standards or engaging in related activities that
create unnecessary obstacles to the foreign commerce of the United
States. Legitimate domestic objectives, such as safety, are not
considered unnecessary obstacles. The statute also requires
consideration of international standards and, where appropriate, that
they be the basis for U.S. standards. TSA has assessed the potential
effect of this interim final rule and has determined that the same
measures must apply to both U.S. aircraft operators and foreign air
carriers loading cargo on passenger aircraft. At most, the impact of
this rule creates an even competitive cost structure.
E. Unfunded Mandates Assessment
The Unfunded Mandates Reform Act of 1995 (UMRA) is intended, among
other things, to curb the practice of imposing unfunded Federal
mandates on State, local, and Tribal governments. Title II of UMRA
requires each Federal agency to prepare a written statement assessing
the effects of any Federal mandate in a proposed or final agency rule
that may result in an expenditure of $100 million or more (adjusted
annually for inflation) in any one year by State, local, and Tribal
governments, in the aggregate, or by the private sector, such a mandate
is deemed to be a ``significant regulatory action.'' This interim final
rule does not exceed this threshold with respect to State, local, and
Tribal governments, because it does not require them to take any
action. The impact on the overall economy, however, does exceed the
threshold, resulting in an unfunded mandate on the private sector; this
regulatory evaluation documents the costs and alternatives associated
with this regulatory action. TSA will publish a final analysis,
including its response to public comments, when it publishes a final
rule.
IX. Executive Order 13132, Federalism
TSA has analyzed this final rule under the principles and criteria
of Executive Order 13132, Federalism. We determined that this action
will not have a substantial direct effect on the States, or the
relationship between the national government and the States, or on the
distribution of power and responsibilities among the various levels of
government, and, therefore, does not have federalism implications.
X. Environmental Analysis
We have analyzed this interim final rule under DHS Management
Directive 5100.1 ``Environmental Planning Program'' (see also 71 FR
16790, Apr. 4, 2006), which guides DHS in complying with the National
Environmental Policy Act of 1969 (NEPA) (42 U.S.C. 4321-4370f). We have
concluded that this rule is part of a category of actions described in
items A3, A4, A7, B3, H1 and H2 of Table 1 in Appendix A of the
Management Directive. This interim final rule would not have
individually or cumulatively a significant effect on the human
environment and, therefore, neither an environmental assessment nor an
environmental impact statement is necessary.
XI. Energy Impact Analysis
TSA has assessed the energy impact of this rule in accordance with
the Energy Policy and Conservation Act (EPCA), Public Law 94-163, as
amended (42 U.S.C. 6362). We have determined that this rulemaking is
not a major regulatory action under the provisions of the EPCA.
List of Subjects
49 CFR Part 1515
Appeals, Commercial drivers license, Criminal history background
checks, Explosives, Facilities, Hazardous materials, Incorporation by
reference, Maritime security, Motor carriers, Motor vehicle carriers,
Ports, Seamen, Security measures, Security threat assessment, Vessels,
Waivers.
49 CFR Part 1520
Air transportation, Law enforcement officers, Maritime carriers,
Reporting and recordkeeping requirements, Security measures.
49 CFR Part 1522
Accounting, Aircraft operators, Aviation safety, Reporting and
recordkeeping requirements, Security measures.
49 CFR Part 1540
Air carriers, Aircraft, Airports, Civil aviation security, Law
enforcement officers, Reporting and recordkeeping requirements,
Security measures, Screening.
[[Page 47695]]
49 CFR Part 1542
Air carriers, Aircraft, Airport security, Aviation safety, Security
measures.
49 CFR Part 1544
Air carriers, Aircraft, Aviation safety, Freight forwarders,
Incorporation by reference, Reporting and recordkeeping requirements,
Security measures.
49 CFR Part 1546
Aircraft, Aviation safety, foreign air carriers, Incorporation by
reference, Reporting and recordkeeping requirements, Security measures.
49 CFR Part 1549
Air transportation, Reporting and recordkeeping requirements,
Security measures.
The Amendments
0
For the reasons set forth in the preamble, the Transportation Security
Administration amends Chapter XII, of Title 49, Code of Federal
Regulations as follows:
Subchapter A--Administrative and Procedural Rules
PART 1515--APPEAL AND WAIVER PROCEDURES FOR SECURITY THREAT
ASSESSMENTS FOR INDIVIDUALS
0
1. The authority citation for part 1515 continues to read as follows:
Authority: 46 U.S.C. 70105; 49 U.S.C. 114, 5103a, 40113, and
46105; 18 U.S.C. 842, 845; 6 U.S.C. 469.
0
2. Amend Sec. 1515.1 by revising paragraph (a) to read as follows:
Sec. 1515.1 Scope.
(a) Appeal. This part applies to applicants who are appealing an
Initial Determination of Threat Assessment or an Initial Determination
of Threat Assessment and Immediate Revocation in a security threat
assessment (STA) as described in each of the following:
(1) 49 CFR part 1572 for a hazardous materials endorsement (HME) or
a Transportation Worker Identification Credential (TWIC).
(2) 49 CFR part 1540, Subpart C, which includes individuals engaged
in air cargo operations who work for certain aircraft operators,
foreign air carriers, IACs, certified cargo screening facilities, or
validation firms.
* * * * *
0
3. Amend Sec. 1515.9 by adding paragraphs (a)(3), (c)(1)(iv) and (v),
and revising paragraph (f)(3) to read as follows:
Sec. 1515.9 Appeal of security threat assessment based on other
analyses.
(a) * * *
(3) TSA had determined that an individual engaged in air cargo
operations who works for certain aircraft operators, foreign air
carriers, indirect air carriers (IACs), certified cargo screening
facilities, or validation firms poses a security threat as provided in
49 CFR 1549.109.
* * * * *
(c) * * *
(1) * * *
(iv) In the case of a certified cargo screening facilities worker,
TSA serves a Final Determination of Threat Assessment on the operator.
(v) In the case of a validator of certified cargo screening
facilities, TSA serves a Final Determination of Threat Assessment on
the operator.
* * * * *
(f) * * *
(3) If TSA withdraws a Determination of No Security Threat for an
individual engaged in air cargo operations who works for certain
aircraft operators, foreign air carriers, IACs, certified cargo
screening facilities, or validation firms.
0
4. Amend Sec. 1515.11 by revising paragraph (a)(3) to read as follows:
Sec. 1515.11 Review by administrative law judge and TSA Final
Decision Maker.
(a) * * *
(3) An individual engaged in air cargo operations who works for
certain aircraft operators, foreign air carriers, IACs, certified cargo
screening facilities, or validation firms who has been issued a Final
Determination of Threat Assessment after an appeal as described in 49
CFR 1515.9.
* * * * *
Subchapter B--Security Rules for All Modes of Transportation
PART 1520--PROTECTION OF SENSITIVE SECURITY INFORMATION
0
5. The authority citation for part 1520 continues to read as follows:
Authority: 46 U.S.C. 70102-70106, 70117; 49 U.S.C. 114, 40113,
44901-44907, 44913-44914, 44916-44918, 44935-44936, 44942, 46105.
Sec. 1520.3 [Amended]
0
6. In Sec. 1520.3, remove the definition of ``Security program''.
0
7. Amend Sec. 1520.5 by revising paragraph (b)(1) to read as follows:
Sec. 1520.5 Sensitive security information.
* * * * *
(b) * * *
(1) Security programs and contingency plans. Any security program
or security contingency plan issued, established, required, received,
or approved by DOT or DHS, including any comments, instructions, or
implementing guidance, including--
(i) Any aircraft operator, airport operator, fixed base operator,
or air cargo security program, or security contingency plan under this
chapter;
(ii) Any vessel, maritime facility, or port area security plan
required or directed under Federal law;
(iii) Any national or area security plan prepared under 46 U.S.C.
70103; and
(iv) Any security incident response plan established under 46
U.S.C. 70104.
* * * * *
0
8. Amend Sec. 1520.7 by revising paragraph (b) to read as follows:
Sec. 1520.7 Covered persons.
* * * * *
(b) Each indirect air carrier (IAC), as described in 49 CFR part
1548; each validation firm and its personnel, as described in 49 CFR
1522; and each certified cargo screening facility and its personnel, as
described in 49 CFR 1549.
* * * * *
0
9. Add new part 1522 to Subchapter B to read as follows:
PART 1522--TSA-APPROVED VALIDATION FIRMS AND VALIDATORS
Subpart A--General
Sec.
1522.1 Scope and terms used in this part.
1522.3 Fraud and intentional falsification of records.
1522.5 TSA inspection authority.
Subpart B--TSA-Approved Validation Firms and Validators for the
Certified Cargo Screening Program
1522.101 Applicability.
1522.103 Requirements for validation firms.
1522.105 Adoption and implementation of the security program.
1522.107 Application.
1522.109 TSA review and approval.
1522.111 Reconsideration of disapproval of an application.
1522.113 Withdrawal of approval.
1522.115 Renewal of TSA approval.
1522.117 Qualifications of validators.
1522.119 Training.
1522.121 Security threat assessments for personnel of TSA-approved
validation firms.
1522.123 Conduct of assessments.
1522.125 Protection of information.
1522.127 Assessment report.
1522.129 Recordkeeping requirements.
Authority: 49 U.S.C. 114, 5103, 40113, 44901-44907, 44913-44914,
44916-44918, 44932, 44935-44936, 44942, 46105.
[[Page 47696]]
Subpart A--General
Sec. 1522.1 Scope and terms used in this part.
(a) This part governs the use of TSA-approved validation firms and
individual validators to assess whether certain persons regulated under
this chapter are in compliance with this chapter.
(b) In addition to the terms in Sec. Sec. 1500.3 and 1540.5 of
this chapter, the following terms apply in this part:
Applicant means a firm that seeks to become a TSA-approved
validation firm under this part.
Assessment means the physical inspections, records reviews,
personnel interviews, and other procedures conducted by a validator to
assess whether a person is in compliance with relevant requirements of
a security program.
Conflict of interest means a situation in which the validation
firm, the validator, or an individual assisting in the assessment, or
the spouse or immediate family member of such person, has a
relationship with, or an interest in, the person under assessment that
may adversely affect the impartiality of the assessment. Examples of
conflict of interest situations include, but are not limited to, any of
the following:
(1) The validation firm is a parent company or subsidiary of the
person under assessment, has a financial interest in the person under
assessment, or has common management or organizational governance (for
example, interlocking boards of directors) with the person under
assessment.
(2) The validation firm, the validator, or an individual who will
assist in conducting the assessment, or an immediate family member of
such a validator or individual, is a creditor or debtor of the person
under assessment.
(3) The validator, or an individual who will assist in conducting
the assessment, or the spouse or immediate family member of such a
person, is, or within the past two years has been, an employee,
officer, or contractor of the person under assessment whose duties did
not involve the operations being assessed.
(4) The validator, or an individual who will assist in conducting
the assessment, or the spouse or immediate family member of such a
person, is, or at any time has been, an individual, officer, or
contractor of the person under assessment whose duties or
responsibilities did involve the operations being assessed.
(5) The validator, or an individual who will assist in conducting
the assessment, or the spouse or immediate family member of such a
person, has a financial interest in the person under validation.
Firm means a business enterprise or other non-governmental
organization, including a sole proprietorship, partnership, limited
liability partnership, limited liability corporation, and a
corporation.
National of the United States means a citizen of the United States,
or a person who, though not a citizen, owes permanent allegiance to the
United States, as defined in 8 U.S.C. 1101(a)(22), and includes
American Samoa and Swains Island.
TSA-approved validation firm or validation firm means a firm that
has been approved under this part to conduct an assessment under this
chapter.
Validator means an individual assigned by the validation firm to be
responsible for conducting a given assessment under this part.
Sec. 1522.3 Fraud and intentional falsification of records.
No person may make, or cause to be made, any of the following:
(a) Any fraudulent or intentionally false statement in any
application under this part.
(b) Any fraudulent or intentionally false entry in any record or
report that is kept, made, or used to show compliance with this
subchapter, or used to exercise any privilege under this part.
(c) Any reproduction or alteration, for fraudulent purpose, of any
report, record, security program, access medium, or identification
medium issued or submitted under this part.
Sec. 1522.5 TSA inspection authority.
(a) Each validation firm and each validator must allow TSA, during
normal business hours, in a reasonable manner, without advance notice,
to enter the facility and make any inspections or tests, including
copying records, to--
(1) Determine compliance of a validation firm or validator with
this chapter and 49 U.S.C. 114 and Subtitle VII, as amended; or
(2) Carry out TSA's statutory or regulatory authorities, including
its authority to--
(i) Assess threats to transportation;
(ii) Enforce security-related regulations, directives, and
requirements:
(iii) Inspect, maintain, and test the security of facilities,
equipment, and systems;
(iv) Ensure the adequacy of security measures for the
transportation of passengers and cargo;
(v) Oversee the implementation, and ensure the adequacy, of
security measures at airports and other transportation facilities;
(vi) Review security plans; and
(vii) Carry out such other duties, and exercise such other powers,
relating to transportation security as the Assistant Secretary of
Homeland Security for the TSA considers appropriate, to the extent
authorized by law.
(b) At the request of TSA, each validation firm and validator must
provide evidence of compliance with this chapter, including copying
records.
(c) TSA and DHS officials working with TSA may conduct inspections
under this section without access media or identification media issued
or approved by a validation firm or other person, except that the TSA
and DHS officials will have identification media issued by TSA or DHS.
Subpart B--TSA-Approved Validation Firms and Validators for the
Certified Cargo Screening Program
Sec. 1522.101 Applicability.
This subpart governs the use of TSA-approved validation firms and
validators to assess whether certified cargo screening facilities
(CCSFs), or facilities seeking to be approved as such, comply with the
requirements of 49 CFR part 1549.
Sec. 1522.103 Requirements for validation firms.
In addition to the other requirements of this part, a validation
firm must meet the following requirements to be approved to assess
certified cargo screening facilities:
(a) Resources. The validation firm must have sufficient facilities,
resources, and personnel to conduct the assessments.
(b) Security Coordinator. The validation firm must designate and
use a Security Coordinator and at least one alternate Security
Coordinator.
(1) The Security Coordinator and alternates must be senior
employees or officers of the firm, and must be readily available during
normal business hours.
(2) The Security Coordinator and designated alternates must serve
as the validation firm's primary contact for security-related
activities and communications with TSA.
(3) The Security Coordinator must immediately initiate corrective
action for any instance of non-compliance by the validation firm with
any applicable TSA security requirement.
[[Page 47697]]
(c) Security Program. The validation firm must obtain TSA approval
of a security program and must implement the security program.
(d) Personnel. The validation firm must ensure that its personnel
carry out the requirements of this chapter and the validation firm's
security program.
(e) Change in information. (1) The validation firm must inform TSA,
in a form and manner prescribed by TSA, of any change in the
information required to be submitted by the validation firm to TSA
under this part within seven days of the change.
(2) Changes included within the requirement of this paragraph
include, but are not limited to, changes in the validation firm's
address, phone number, or other contact information, the identity of
the Security Coordinator or alternate, significant changes in ownership
of the firm.
Sec. 1522.105 Adoption and implementation of the security program.
(a) Security program required. No person may operate as a
validation firm unless that person holds and carries out an approved
security program under this part.
(b) Content. The validation firm standard security program together
with approved alternate procedures and amendments that TSA has issued
to that particular firm constitutes that firm's security program. Each
security program under this part must--
(1) Provide for the security of aircraft, as well as that of
persons and property traveling in air transportation, against acts of
criminal violence and air piracy, and against the introduction into
aircraft of any unauthorized explosive, incendiary, and other
destructive substance or item;
(2) Describe the processes and procedures to be used to maintain
current qualifications, credentials, or accreditations, training, and
security threat assessments for relevant personnel;
(3) Describe the facilities, support personnel, and other resources
to be used in conducting assessments; and
(4) Require that the validation firm designate and use a Security
Coordinator and at least one alternate Security Coordinator.
(c) Amendment requested by a validation firm or applicant. A
validation firm or applicant may file a request for an amendment to its
security program with the TSA designated official at least 45 calendar
days before the date it proposes for the amendment to become effective,
unless the designated official allows a shorter period. Any validation
firm may submit to TSA a group proposal for an amendment that is on
behalf of it and other validation firms that co-sign the proposal.
(1) Within 30 calendar days after receiving a proposed amendment,
the designated official, in writing, must either approve or deny the
request to amend.
(2) An amendment to a validation firm's security program may be
approved if the designated official determines that safety and the
public interest will allow it, and if the proposed amendment provides
the level of security required under this part.
(3) Within 30 calendar days after receiving a denial of the
proposed amendment, the validation firm may petition TSA to reconsider
the denial. A Petition for Reconsideration must be filed with the
designated official.
(4) Upon receipt of a Petition for Reconsideration, the designated
official must either approve the request to amend the security program
or transmit the petition, along with any pertinent information, to TSA
for reconsideration. TSA will make a determination on the petition
within 30 calendar days of receipt by either directing the designated
official to approve the amendment or by affirming the denial.
(d) Amendment by TSA. TSA may amend a security program in the
interest of safety and the public interest, as follows:
(1) TSA must notify the validation firm, in writing, of the
proposed amendment, fixing a period of not less than 30 calendar days
within which the validation firm may submit written information, views,
and arguments on the amendment.
(2) After considering all relevant material, the designated
official must notify the validation firm of any amendment adopted or
rescind the notice of amendment. If the amendment is adopted, it
becomes effective not less than 30 calendar days after the validation
firm receives the notice of amendment, unless the validation firm
disagrees with the proposed amendment and petitions the TSA to
reconsider, no later than 15 calendar days before the effective date of
the amendment. The validation firm must send the petition for
reconsideration to the designated official. A timely Petition for
Reconsideration stays the effective date of the amendment.
(3) Upon receipt of a Petition for Reconsideration, the designated
official must either amend or withdraw the notice of amendment, or
transmit the Petition, together with any pertinent information, to TSA
for reconsideration. TSA must make a determination on the Petition
within 30 calendar days of receipt, either by directing the designated
official to withdraw or amend the notice of amendment, or by affirming
the notice of amendment.
(e) Emergency Amendments. (1) If TSA finds that there is an
emergency requiring immediate action that makes compliance with the
procedural requirements in this section contrary to the public
interest, the designated official may issue an emergency amendment,
without the prior notice and comment procedures described in paragraph
(d) of this section.
(2) The emergency amendment is effective without stay on the date
the validation firm receives notification. TSA will incorporate in the
notification a brief statement of the reasons and findings for the
emergency amendment to be adopted.
(3) The validation firm may file a Petition for Reconsideration
with TSA no later than 15 calendar days after TSA issues the emergency
amendment. The certified cargo screening facility must send the
Petition for Reconsideration to the designated official; however, the
filing does not stay the effective date of the emergency amendment.
(f) Availability. Each validation firm having a security program
must do the following:
(1) Maintain an original of the security program at its corporate
office.
(2) Have accessible a complete copy, or the pertinent portions of
its security program, or appropriate implementing instructions, at each
office where it conducts validation services. An electronic version is
adequate.
(3) Make a copy of the security program available for inspection
upon the request of TSA.
(4) Restrict the distribution, disclosure, and availability of
information contained in its security program to persons with a need to
know, as described in part 1520 of this chapter.
(5) Refer requests for such information by other persons to TSA.
Sec. 1522.107 Application.
(a) Initial application and approval. Unless otherwise authorized
by TSA, each applicant must apply for a security program and for
approval to operate as a validation firm, in a form and a manner
prescribed by TSA, not less than 90 calendar days before the applicant
intends to begin operations. The application must be in writing and
include the following:
(1) The firm's legal name; other names, including doing business as
names; state of incorporation or
[[Page 47698]]
licensing, if applicable; and tax identification number.
(2) The names of the senior officers or employees of the applicant
who will serve as the Security Coordinator and alternates.
(3) A signed statement from each person listed in paragraph (a)(2)
of this section stating whether he or she has been a senior manager or
representative of any operator, whether or not a validation firm, that
had its security program withdrawn by TSA.
(4) Copies of Government-issued identification of persons listed in
paragraph (a)(2) of this section.
(5) The street address and e-mail address of the applicant.
(6) A statement acknowledging the requirement that all personnel of
the applicant who are subject to training under the requirements of
this part must successfully complete such training before performing
security-related duties.
(7) Other information requested by TSA concerning security threat
assessments.
(8) A statement acknowledging that all personnel of the applicant
who must successfully complete a security threat assessment under the
requirements of this part must do so before the applicant authorizes
the personnel to perform duties under this part.
(b) Standard security program. After the Security Coordinator
successfully completes a security threat assessment, TSA will provide
to the applicant the validation firm standard security program, any
security directives, and amendments to the security program and other
alternative procedures that apply to validation firms. The applicant
may either notify TSA that it accepts the standard security program or
submit to TSA a proposed modified security program to the designated
official for approval. The validation firm must also submit a
supplement to the security program that specifies processes and
procedures that the firm will use to maintain the qualification of its
validators and its personnel assisting validators with assessments to
the designated TSA official for approval. TSA will approve the security
program under Sec. 1522.109, or issue a written notice to modify under
Sec. 1522.109(b).
Sec. 1522.109 TSA review and approval.
(a) Review. TSA will review an application received under Sec.
1522.107 to determine whether--
(1) The applicant has met the requirements of this part, the
proposed security program, and any applicable Emergency Amendment and
Security Directive;
(2) The applicant is able and willing to carry out the requirements
of this part, its security program, and an applicable Emergency
Amendment and Security Directive;
(3) The approval of such applicant's security program is not
contrary to the interests of security and the public interest;
(4) The applicant has not held a security program that was
withdrawn within the previous year, unless otherwise authorized by TSA;
and
(5) TSA determines that the applicant is qualified to be a
validation firm.
(b) Notice. (1) Approval. If an application is approved, TSA will
send the applicant a written notice of approval of its security
program, and approval to operate as a validation firm.
(2) Commencement of operations. A validation firm may commence
operations when it has received approval under this section, and
successfully completed training and security threat assessments for all
relevant personnel.
(3) Disapproval. If an application is disapproved, TSA will serve a
written notice of disapproval to the applicant. The notice of
disapproval will include the basis of the disapproval of the
application.
(c) Duration of security program. A security program approved under
this section will remain effective until the end of the calendar month
12 months after the month it was approved or until the program has been
surrendered or withdrawn, whichever is earlier.
Sec. 1522.111 Reconsideration of disapproval of an application.
(a) Petition for reconsideration. If TSA disapproves an application
under section 1522.107, the applicant may seek reconsideration of the
decision by submitting a written petition for reconsideration to the
Assistant Secretary or his or her designee within 30 days of receiving
the notice of disapproval. The written petition for reconsideration
must include a statement and any supporting documentation explaining
why the applicant believes the reason for disapproval is incorrect.
(b) Review of petition. Upon review of the petition for
reconsideration, the Assistant Secretary or designee makes a
determination on the petition by either affirming the disapproval of
the application or approving the application. The Assistant Secretary
or designee may request additional information from the applicant prior
to rendering a decision. This disposition is a final agency action for
purposes of 49 U.S.C. 46110.
Sec. 1522.113 Withdrawal of approval.
(a) Basis for withdrawal of approval. TSA may withdraw approval of
a TSA-approved validation firm if the validation firm ceases to meet
the standards for approval, fails to fulfill its responsibilities under
this subpart, or if TSA determines that continued operation is contrary
to safety and the public interest.
(b) Notice of withdrawal of approval. (1) Except as provided in
paragraph (c) of this section, TSA will provide a written notice of
proposed withdrawal of approval to the validation firm.
(2) The notice of proposed withdrawal of approval will include the
basis for the withdrawal of approval.
(3) Unless the validation firm files a written petition for
reconsideration under paragraph (d) of this section, the notice of
proposed withdrawal of approval will become a final notice of
withdrawal of approval 31 days after the validation firm's receipt of
the notice of proposed withdrawal of approval.
(c) Emergency notice of withdrawal of approval. (1) If TSA finds
that there is an emergency requiring immediate action with respect to a
TSA-approved validation firm's ability to perform assessments, TSA may
withdraw approval of that validation firm without prior notice.
(2) TSA will incorporate in the emergency notice of withdrawal of
approval a brief statement of the reasons and findings for the
withdrawal of approval.
(3) The emergency notice of withdrawal of approval is effective
upon the TSA-approved validation firm's receipt of the notice. The
validation firm may file a written petition for reconsideration under
paragraph (d) of this section; however, this petition does not stay the
effective date of the emergency notice of withdrawal of approval.
(d) Petition for reconsideration. A validation firm may seek
reconsideration of the withdrawal of approval by submitting a written
petition for reconsideration to the Assistant Secretary or designee
within 30 days of receiving the notice of withdrawal of approval. The
filing of a petition for reconsideration does not stay the effective
date of the withdrawal pending the reconsideration.
(e) Review of petition. Upon review of the written petition for
reconsideration, the Assistant Secretary or designee makes a
determination on the petition by either affirming or withdrawing the
notice of withdrawal of approval. The Assistant Secretary or designee
may request additional information from the validation firm prior to
rendering a
[[Page 47699]]
decision. This disposition is a final decision for purposes of review
under 49 U.S.C. 46110.
Sec. 1522.115 Renewal of TSA approval.
(a) Application. Every 12 months, computed from the date of initial
approval under Sec. 1522.107, or more frequently as required by TSA,
each validation firm must apply, in a form and manner prescribed by
TSA, for renewal of approval of its security program, and of approval
to operate as a validation firm. If the validation firm submits the
information in the month before or after it is due, the validation firm
is considered to have submitted the information in the month it is due.
If the validation firm timely submits its application for review of
approval under this section, the validation firm may continue to
conduct assessments under this subpart unless and until TSA denies the
application.
(b) Content. In addition to any other information required by TSA,
the validation firm must submit the following information to TSA when
applying for renewal:
(1) If required, evidence that the validators and other individuals
of the validation firm with responsibilities for participating in
assessments have successfully completed the initial training under
Sec. 1522.119(a) and any recurrent training described in Sec.
1522.119(b).
(2) Evidence that the individual validators with responsibilities
for conducting assessments continue to be certified or accredited by an
organization that TSA recognizes as qualified to certify or accredit a
validator.
(3) A statement signed by a senior officer or employee of the
validation firm attesting that the firm has reviewed and ensures the
continuing accuracy of the contents of its initial application for a
security program, subsequent renewal applications, or other submissions
to TSA confirming a change of information and noting the date such
applications and submissions were made to TSA, including the following
certification:
[Name of validation firm] (hereinafter ``the validation firm'')
has adopted and is currently carrying out a security program in
accordance with the Transportation Security Regulations as
originally approved on [Insert date of TSA initial approval]. In
accordance with TSA regulations, the validation firm has notified
TSA of any new or changed information required for the validation
firm's initial security program. If new or changed information is
being submitted to TSA as part of this application for reapproval,
that information is stated in this filing.
The validation firm understands that intentional falsification
of certification may be subject to both civil and criminal penalties
under 49 CFR part 1540 and 18 U.S.C. 1001. Failure to notify TSA of
any new or changed information required for initial approval of the
validation firm's security program in a timely fashion and in a form
acceptable to TSA may result in withdrawal by TSA of approval of the
validation firm's security program.
(c) Renewal. TSA will renew approval of the security program and
the validation firm's authority to conduct assessments if TSA
determines that--
(1) The validation firm has met the requirements of this chapter,
its security program, and any Security Directive; and
(2) The renewal of approval of the validation firm's security
program, and of the approval to operate as a validation firm, is not
contrary to the interests of security or the public interest.
(d) Effective. The renewal of approval issued pursuant to this
section will remain effective until the end of the calendar month 12
months after the month it was approved or until the program has been
surrendered or withdrawn, whichever is earlier.
(e) Withdrawal. If a validation firm fails to comply with the
requirements of this section, TSA may withdraw approval of the
validation firm under Sec. 1522.113.
Sec. 1522.117 Qualifications of validators.
(a) Each assessment conducted under this subpart must be conducted
by a validator who meets the following requirements:
(1) He or she must be a citizen or national of the United States or
be an alien lawfully admitted for permanent residence.
(2) He or she must meet the requirements of paragraph (a)(2)(i) or
(ii) of this section.
(i) He or she must hold a certification or accreditation from an
organization that TSA recognizes as qualified to certify or accredit a
validator for assessments and must have at least five years of
experience in inspection or validating compliance with State or Federal
regulations in the security industry, the aviation industry, or
government programs. The five years of experience must have been
obtained within 10 years of the date of the application.
(ii) He or she must have at least five years experience as an
inspector for a Federal or State government agency performing
inspections similar to the inspections called for in this subpart and
part 1549. The five years of experience must have been obtained within
10 years of the date of the application.
(3) The validator must have three professional references that
address his or her abilities in inspection, validation, and written
communications.
(4) The validator must have sufficient knowledge of the rules,
regulations, policies, security programs, directives, and orders,
pertaining to the certified cargo screening program (CCSP).
(5) The validator must have the ability to apply the concepts,
principles, and methods of compliance with the requirements of the
certified cargo screening program to include assessment, inspection,
investigation, and reporting of compliance with the certified cargo
screening program.
(b) Each validator and each individual who assists in conducting
assessments must successfully undergo a security threat assessment as
required under Sec. 1522.121.
Sec. 1522.119 Training.
(a) Initial training. The validation firm must ensure that its
validators and individuals who will assist in conducting assessments
have completed the initial training prescribed by TSA before conducting
any assessment under this subpart.
(b) Recurrent training. The validation firm must ensure that each
validator and each individual assisting in conducting assessments under
this subpart completes the recurrent training prescribed by TSA not
later than 12 months after the validator's or individual's most recent
TSA-prescribed training. If the validator or individual completes the
recurrent training in the month before or the month after it is due, he
or she is considered to have taken it in the month it is due.
(c) Content. The training required by this section will include
coverage of the applicable provisions of this chapter, including this
part, part 1520, and Sec. 1540.105.
Sec. 1522.121 Security threat assessments for personnel of TSA-
approved validation firms.
Each of the following must successfully complete a security threat
assessment or comparable security threat assessment described in part
1540, subpart C of this chapter:
(a) Each individual who supervises validators or individuals who
will assist validators.
(b) The validation firm's validator authorized to perform
assessment services under this subpart.
(c) The validation firm's Security Coordinator and alternates.
(d) Each individual who will assist the validator in conducting
assessments.
[[Page 47700]]
Sec. 1522.123 Conduct of assessments.
(a) Standards for assessment. Each validator must assess, in a form
and manner prescribed by TSA, whether the person seeking to operate or
operating as a certified cargo screening facility is in compliance with
49 CFR part 1549. The validator may be assisted by other individuals;
however, the validator is directly responsible for the assessment and
must sign the assessment report.
(b) Conflict of interest. A validator may not conduct an assessment
for which there exists a conflict of interest as defined in Sec.
1552.1.
(c) Immediate notification to TSA. If during the course of an
assessment, the validator believes that there is or may be an instance
of noncompliance with TSA requirements that presents an imminent threat
to transportation security or public safety, he or she must report the
instance immediately to the Security Coordinator, and the Security
Coordinator must report the instance immediately to TSA.
(d) No authorization to take remedial or disciplinary action.
Neither the validation firm nor the validator is authorized to require
any remedial action by, or to take any disciplinary or enforcement
action against, the facility under assessment.
(e) Prohibition on consecutive assessments. Unless otherwise
authorized by TSA, a validation firm must not conduct more than two
consecutive assessments of a person seeking approval, or renewal of
approval, to operate a certified cargo screening facility.
Sec. 1522.125 Protection of information.
(a) Sensitive Security Information. Each validation firm must
comply with the requirements in 49 CFR part 1520 regarding the handling
and protection of Sensitive Security Information (SSI).
(b) Non-disclosure of proprietary information. Unless explicitly
authorized by TSA, no validation firm, or any of its officers, Security
Coordinators, validators, or employees, or individuals assisting in
validations, may make an unauthorized release nor disseminate any
information that TSA or an entity being assessed indicates is
proprietary information.
Sec. 1522.127 Assessment report.
(a) Each validator must prepare and submit to TSA a written
assessment report, in a manner and form prescribed by TSA, within 30
calendar days of completing each assessment.
(b) The assessment report must include the following information,
in addition to any other information otherwise required by TSA:
(1) A description of the facilities, equipment, systems, processes,
and/or procedures that were assessed and any other information as
determined by TSA.
(2) The validator's assessment regarding the facility's compliance
with TSA requirements, including all elements of the applicable
security program.
(3) Signed attestation by the individual validator with
responsibility for the assessment that no conflicts of interest existed
with regard to the assessment and that the assessment was conducted
impartially, professionally, and consistent with the standards set
forth by TSA.
Sec. 1522.129 Recordkeeping requirements.
(a) Each validation firm must maintain records demonstrating
compliance with all statutes, regulations, directives, orders, and
security programs that apply to operation as a validation firm,
including the records listed below.
(b) Each validation firm must retain the following records for 180
days after the individual is no longer employed by the validation firm
or is no longer acting as the firm's agent.
(1) Records of all training and instruction given to each
individual under the requirements of this subpart.
(2) Records demonstrating that the validation firm has complied
with the security threat assessment provisions of Sec. 1522.121.
(3) Records about the qualifications of validators it uses to
conduct assessments under this subpart.
(c) Each validation firm must retain the following records until
completion of the validation firm's next review under Sec. 1522.115,
after which the records may be destroyed unless TSA instructs the
validation firm to retain the records for a longer period.
(1) Copies of all applications for approval, or renewal of
approval, by TSA to operate as a validation firm under part 1522.
(2) Copies of TSA's approval and renewals of approval as required
by part 1522.
(d) Each validation firm must retain assessment reports and copies
of back-up documentation supporting each assessment report submitted to
TSA for 42 months after the assessment.
Subchapter C--Civil Aviation Security
PART 1540--CIVIL AVIATION AUTHORITY: GENERAL RULES
0
10. The authority citation for part 1540 continues to read as follows:
Authority: 49 U.S.C. 114, 5103, 40113, 44901-44907, 44913-44914,
44916-44918, 44935-44936, 44942, 46105.
Subpart A--General
0
11. Amend Sec. 1540.5 by adding definitions of ``certified cargo
screening program'', ``certified cargo screening facility'', and
``standard security program'' in alphabetical order to read as follows:
Sec. 1540.5 Terms used in this subchapter.
* * * * *
Certified cargo screening program (CCSP) means the program under
which facilities are authorized to screen cargo to be offered for
transport on certain passenger aircraft in accordance with 49 CFR part
1549.
Certified cargo screening facility (CCSF) means a facility
certified by TSA to screen air cargo in accordance with part 1549. As
used in this subchapter, ``certified cargo screening facility'' refers
to the legal entity that operates a CCSF at a particular location.
* * * * *
Standard security program means a security program issued by TSA
that serves as a baseline for a particular type of operator. If TSA has
issued a standard security program for a particular type of operator,
unless otherwise authorized by TSA, each operator's security program
consists of the standard security program together with any amendments
and alternative procedures approved or accepted by TSA.
* * * * *
0
12. Revise part 1540, subpart C to read as follows:
Subpart C--Security Threat Assessments
Sec.
1540.201 Applicability and terms used in this subpart.
1540.203 Security threat assessment.
1540.205 Procedures for security threat assessment.
1540.207 [Reserved]
1540.209 Fees for security threat assessment.
Sec. 1540.201 Applicability and terms used in this subpart.
(a) This subpart includes the procedures that certain aircraft
operators, foreign air carriers, indirect air carriers, certified cargo
screening facilities, and TSA-approved validation firms must use to
have security threat assessments performed on certain individuals
pursuant to 49 CFR 1522.121, 1544.228, 1546.213, 1548.7, 1548.15,
1548.16, and 1549.113. This subpart applies to the following:
[[Page 47701]]
(1) Each aircraft operator operating under a full program or full
all-cargo program described in 49 CFR 1544.101(a) or (h).
(2) Each foreign air carrier operating under a program described in
49 CFR 1546.101(a), (b), or (e).
(3) Each indirect air carrier operating under a security program
described in 49 CFR part 1548.
(4) Each applicant applying for unescorted access to cargo under
one of the programs described in (a)(1) through (a)(3) of this section.
(5) Each proprietor, general partner, officer, director, or owner
of an indirect air carrier as described in 49 CFR 1548.16.
(6) Each certified cargo screening facility described in 49 CFR
part 1549.
(7) Each individual a certified cargo screening facility authorizes
to perform screening or supervise screening.
(8) Each individual the certified cargo screening facility
authorizes to have unescorted access to cargo at any time from the time
it is screened until the time it is tendered to an indirect air carrier
under 49 CFR part 1548, an aircraft operator under part 1544, or a
foreign air carrier under part 1546.
(9) The senior manager or representative of its facility in control
of the operations of a certified cargo screening facility under 49 CFR
part 1549.
(10) Each TSA-approved validation firm for the certified cargo
screening program described in 49 CFR part 1522 subpart B.
(11) Each individual of the TSA-approved validation firm under 49
CFR part 1522 subpart B who supervises, conducts, or assists in the
validation.
(12) The security coordinator and alternates of each TSA-approved
validation firm under 49 CFR part 1522 subpart B and of each certified
cargo screening facility.
(b) For purposes of this subpart--
Applicant means the individuals listed in paragraph (a) of this
section.
Operator means an aircraft operator, foreign air carrier, and
indirect air carrier listed in paragraphs (a)(1) through (a)(3) of this
section, a certified cargo screening facility described in paragraph
(a)(6) of this section, and a TSA-approved validator described in
paragraph (a)(10) of this section.
(c) An applicant poses a security threat under this subpart when
TSA determines that he or she is known to pose or is suspected of
posing a threat--
(1) To national security;
(2) To transportation security; or
(3) Of terrorism.
Sec. 1540.203 Security threat assessment.
(a) Each operator subject to this subpart must ensure that each of
the following undergoes a security threat assessment or a comparable
security threat assessment described in Sec. 1540.205:
(1) Personnel of TSA-approved validation firms, as described in
Sec. 1522.121.
(2) Cargo personnel in the United States, as described in Sec.
1544.228.
(3) Cargo personnel in the United States, as described in Sec.
1546.213.
(4) Individuals with unescorted access to cargo, as described in
Sec. 1548.15.
(5) Proprietors, general partners, officers, directors, and owners
of an indirect air carrier, as described in Sec. 1548.16.
(6) Personnel of certified cargo screening facilities, as described
in Sec. 1549.111.
(b) Each operator must verify the identity and work authorization
of each applicant and examine the document(s) presented by the
applicant to prove identity and work authorization to determine whether
they appear to be genuine and relate to the applicant presenting them.
(c) Each operator must submit to TSA a security threat assessment
application for each applicant that is dated and signed by the
applicant and that includes the following:
(1) Legal name, including first, middle, and last; any applicable
suffix; and any other names used previously.
(2) Current mailing address, including residential address if it
differs from the current mailing address; all other residential
addresses for the previous five years; and e-mail address if the
applicant has an e-mail address.
(3) Date and place of birth.
(4) Social security number (submission is voluntary, although
failure to provide it may delay or prevent completion of the threat
assessment).
(5) Gender.
(6) Country of citizenship.
(7) If the applicant is a U.S. citizen born abroad or a naturalized
U.S. citizen, their U.S. passport number; or the 10-digit document
number from the applicant's Certificate of Birth Abroad, Form DS-1350.
(8) If the applicant is not a U.S. citizen, the applicant's Alien
Registration Number.
(9) The applicant's daytime telephone number.
(10) The applicant's current employer(s), and the address and
telephone number of the employer(s).
(11) A Privacy Notice as required in the security program and the
following statement:
The information I have provided on this application is true,
complete, and correct to the best of my knowledge and belief and is
provided in good faith. I understand that a knowing and willful
false statement, or an omission of a material fact, on this
application can be punished by fine or imprisonment or both (see
section 1001 of Title 18 United States Code), and may be grounds for
denial of authorization or in the case of parties regulated under
this section, removal of authorization to operate under this
chapter, if applicable.
I acknowledge that if I do not successfully complete the
security threat assessment, the Transportation Security
Administration may notify my employer. If TSA or other law
enforcement agency becomes aware that I may pose an imminent threat
to an operator or facility, TSA may provide limited information
necessary to reduce the risk of injury or damage to the operator or
facility.
(d) Each operator must retain the following for 180 days following
the end of the applicant's service to the operator:
(1) The applicant's signed security threat assessment application.
(2) Copies of the applicant's document(s) used to verify identity
and work authorization.
(3) Any notifications or documents sent to or received from TSA
relating to the applicant's application and security threat assessment.
(4) As applicable, a copy of the applicant's credential evidencing
completion of a threat assessment deemed comparable under paragraph (f)
of this section.
(e) Records under this section may include electronic documents
with electronic signature or other means of personal authentication,
where accepted by TSA.
(f) TSA may determine that a security threat assessment conducted
by another governmental agency is comparable to a security threat
assessment conducted under this subpart. Individuals who have
successfully completed a comparable security threat assessment are not
required to undergo the security threat assessments described in this
subpart. If TSA makes a comparability determination under this section,
TSA will so notify the public. In making a comparability determination,
TSA will consider--
(i) The minimum standards used for the security threat assessment;
(ii) The frequency of the security threat assessment;
(iii) The date of the most recent threat assessment; and
(iv) Other factors TSA deems appropriate.
(g) To apply for a comparability determination, the agency seeking
the determination must contact the
[[Page 47702]]
Assistant Program Manager, Attn: Federal Agency Comparability Check,
Hazmat Threat Assessment Program, Transportation Security
Administration, 601 South 12th Street, Arlington, VA 20598-6019.
(h) TSA has determined that each of the following are comparable to
the security threat assessment required in this subpart:
(1) A CHRC conducted in accordance with Sec. Sec. 1542.209,
1544.229, or 1544.230 that includes a name-based check conducted by
TSA.
(2) A security threat assessment conducted under 49 CFR part 1572
for the Transportation Worker Identification Credential or Hazardous
Materials Endorsement programs.
(3) A security threat assessment conducted for the Free and Secure
Trade (FAST) program administered by U.S. Customs and Border
Protection.
(i) If asserting completion of a comparable threat assessment
listed in paragraph (h) of this section, an individual must--
(1) Present the credential that corresponds to successful
completion of the comparable assessment to the operator so the operator
may retain a copy of it; and
(2) Notify the operator when the credential that corresponds to
successful completion of the comparable assessment expires or is
revoked for any reason.
(j) A security threat assessment conducted under this subpart
remains valid for five years from the date that TSA issues a
Determination of No Security Threat or a Final Determination of Threat
Assessment, except--
(1) If the applicant is no longer authorized to be in the United
States, the security threat assessment and the privileges it conveys
expire on the date lawful presence expires; or
(2) If the applicant asserts completion of a comparable threat
assessment, it expires five years from the date of issuance of the
credential that corresponds to the comparable assessment, or the date
on which the credential is revoked for any reason.
Sec. 1540.205 Procedures for security threat assessment.
(a) Contents of security threat assessment. The security threat
assessment TSA conducts under this subpart includes an intelligence-
related check and a final disposition.
(b) Intelligence-related check. To conduct an intelligence-related
check, TSA completes the following procedures:
(1) Reviews the applicant information required in 49 CFR 1540.203.
(2) Searches domestic and international government databases to
determine if an applicant meets the requirements of 49 CFR 1540.201(c)
or to confirm an applicant's identity.
(3) Adjudicates the results in accordance with 49 CFR 1540.201(c).
(c) Wants, warrants, deportable aliens. If the searches listed in
paragraph (b)(2) of this section indicate that an applicant has an
outstanding want or warrant, or is a deportable alien under the
immigration laws of the United States, TSA sends the applicant's
information to the appropriate law enforcement or immigration agency.
(d) Final disposition. Following completion of the procedures
described in paragraph (b), the following procedures apply, as
appropriate:
(1) TSA serves a Determination of No Security Threat on the
applicant and operator if TSA determines that the applicant meets the
security threat assessment standards in 49 CFR 1540.201(c).
(2) TSA serves an Initial Determination of Threat Assessment on the
applicant, if TSA determines that the applicant does not meet the
security threat assessment standards in 49 CFR 1540.201(c). The Initial
Determination of Threat Assessment includes--
(i) A statement that TSA has determined that the applicant is
suspected of posing or poses a security threat;
(ii) The basis for the determination;
(iii) Information about how the applicant may appeal the
determination, as described in 49 CFR 1515.9; and
(iv) A statement that if the applicant chooses not to appeal TSA's
determination within 60 days of receipt of the Initial Determination,
or does not request an extension of time within 60 days of the Initial
Determination of Threat Assessment in order to file an appeal, the
Initial Determination becomes a Final Determination of Security Threat
Assessment.
(3) TSA serves an Initial Determination of Threat Assessment and
Immediate Revocation on the applicant and the applicant's operator or
other operator as approved by TSA, where appropriate, if TSA determines
that the applicant does not meet the security threat assessment
standards in 49 CFR 1540.201(c) and may pose an imminent threat to
transportation or national security, or of terrorism. The Initial
Determination of Threat Assessment and Immediate Revocation includes--
(i) A statement that TSA has determined that the applicant is
suspected of posing or poses an imminent security threat;
(ii) The basis for the determination;
(iii) Information about how the applicant may appeal the
determination, as described in 49 CFR 1515.5(h) or 1515.9(h), as
applicable; and
(iv) A statement that if the applicant chooses not to appeal TSA's
determination within 60 days of receipt of the Initial Determination,
or does not request an extension of time within 60 days of the Initial
Determination of Threat Assessment in order to file an appeal, the
Initial Determination becomes a Final Determination of Security Threat
Assessment.
(4) If the applicant does not appeal the Initial Determination of
Threat Assessment or Initial Determination of Threat Assessment and
Immediate Revocation, or if TSA does not grant the appeal, TSA serves a
Final Determination of Threat Assessment on the individual and the
applicant.
(5) If the applicant appeals an Initial Determination of Threat
Assessment, the procedures in 49 CFR 1515.5 or 1515.9 apply.
Sec. 1540.207 [Reserved]
Sec. 1540.209 Fees for security threat assessment.
This section describes the payment process for completion of the
security threat assessments required under subpart.
(a) Fees for security threat assessment. (1) TSA routinely
establishes and collects fees to conduct the security threat assessment
process. These fees apply to all entities requesting a security threat
assessment. TSA reviews the amount of the fee periodically, at least
once every two years, to determine the current cost of conducting
security threat assessments. TSA determines fee amounts and any
necessary revisions to the fee amounts based on current costs, using a
method of analysis consistent with widely accepted accounting
principles and practices, and calculated in accordance with the
provisions of 31 U.S.C. 9701 and other applicable Federal law.
(2) TSA will publish fee amounts and any revisions to the fee
amounts as a notice in the Federal Register.
(b) [Reserved]
(c) Remittance of fees. (1) The fees required under this subpart
must be remitted to TSA in a form and manner acceptable to TSA each
time the applicant or an aircraft operator, foreign air carrier,
indirect air carrier, certified cargo screening facility, or TSA-
approved validation firm submits the information required under Sec.
1540.203 or Sec. 1540.207 to TSA.
[[Page 47703]]
(2) Fees remitted to TSA under this subpart must be payable to the
``Transportation Security Administration'' in U.S. currency and drawn
on a U.S. bank.
(3) TSA will not issue any fee refunds, unless a fee was paid in
error.
0
13. Add new subpart D to part 1540 to read as follows:
Subpart D--Responsibilities of Holders of TSA-Approved Security
Programs
Sec.
1540.301 Withdrawal of approval of a security program.
1540.303 [Reserved]
Subpart D--Responsibilities of Holders of TSA-Approved Security
Programs
Sec. 1540.301 Withdrawal of approval of a security program.
(a) Applicability. This section applies to holders of a security
program approved or accepted by TSA under 49 CFR chapter XII,
subchapter C.
(b) Withdrawal of security program approval. TSA may withdraw the
approval of a security program, if TSA determines continued operation
is contrary to security and the public interest, as follows:
(1) Notice of proposed withdrawal of approval. TSA will serve a
Notice of Proposed Withdrawal of Approval, which notifies the holder of
the security program, in writing, of the facts, charges, and applicable
law, regulation, or order that form the basis of the determination.
(2) Security program holder's reply. The holder of the security
program may respond to the Notice of Proposed Withdrawal of Approval no
later than 15 calendar days after receipt of the withdrawal by
providing the designated official, in writing, with any material facts,
arguments, applicable law, and regulation.
(3) TSA review. The designated official will consider all
information available, including any relevant material or information
submitted by the holder of the security program, before either issuing
a Withdrawal of Approval of the security program or rescinding the
Notice of Proposed Withdrawal of Approval. If TSA issues a Withdrawal
of Approval, it becomes effective upon receipt by the holder of the
security program, or 15 calendar days after service, whichever occurs
first.
(4) Petition for reconsideration. The holder of the security
program may petition TSA to reconsider its Withdrawal of Approval by
serving a petition for consideration no later than 15 calendar days
after the holder of the security program receives the Withdrawal of
Approval. The holder of the security program must serve the Petition
for Reconsideration on the designated official. Submission of a
Petition for Reconsideration will not stay the Withdrawal of Approval.
The holder of the security program may request the designated official
to stay the Withdrawal of Approval pending review of and decision on
the Petition.
(5) Assistant Secretary's review. The designated official transmits
the Petition together with all pertinent information to the Assistant
Secretary for reconsideration. The Assistant Secretary will dispose of
the Petition within 15 calendar days of receipt by either directing the
designated official to rescind the Withdrawal of Approval or by
affirming the Withdrawal of Approval. The decision of the Assistant
Secretary constitutes a final agency order subject to judicial review
in accordance with 49 U.S.C. 46110.
(6) Emergency withdrawal. If TSA finds that there is an emergency
with respect to aviation security requiring immediate action that makes
the procedures in this section contrary to the public interest, the
designated official may issue an Emergency Withdrawal of Approval of a
security program without first issuing a Notice of Proposed Withdrawal
of Approval. The Emergency Withdrawal would be effective on the date
that the holder of the security program receives the emergency
withdrawal. In such a case, the designated official will send the
holder of the security program a brief statement of the facts, charges,
applicable law, regulation, or order that forms the basis for the
Emergency Withdrawal. The holder of the security program may submit a
Petition for Reconsideration under the procedures in paragraphs (b)(4)
through (b)(5) of this section; however, this petition will not stay
the effective date of the Emergency Withdrawal.
(c) Service of documents for withdrawal of approval of security
program proceedings. Service may be accomplished by personal delivery,
certified mail, or express courier. Documents served on the holder of a
security program will be served at its official place of business as
designated in its application for approval or its security program.
Documents served on TSA must be served to the address noted in the
Notice of Withdrawal of Approval or Withdrawal of Approval, whichever
is applicable.
(1) Certificate of service. An individual may attach a certificate
of service to a document tendered for filing. A certificate of service
must consist of a statement, dated and signed by the person filing the
document, that the document was personally delivered, served by
certified mail on a specific date, or served by express courier on a
specific date.
(2) Date of service. The date of service is--
(i) The date of personal delivery;
(ii) If served by certified mail, the mailing date shown on the
certificate of service, the date shown on the postmark if there is no
certificate of service, or other mailing date shown by other evidence
if there is no certificate of service or postmark; or
(iii) If served by express courier, the service date shown on the
certificate of service, or by other evidence if there is no certificate
of service.
(d) Extension of time. TSA may grant an extension of time to the
limits set forth in this section for good cause shown. A security
program holder must submit a request for an extension of time in
writing, and TSA must receive it at least two days before the due date
in order to be considered. TSA may grant itself an extension of time
for good cause.
Sec. 1540.303 [Reserved]
PART 1544--AIRCRAFT OPERATOR SECURITY: AIR CARRIERS AND COMMERCIAL
OPERATORS
0
14. The authority citation for part 1544 continues to read as follows:
Authority: 49 U.S.C. 114, 5103, 40113, 44901-44905, 44907,
44913-44914, 44916-44918, 44932, 44935-44936, 44942, 46105.
Subpart C--Operations
0
15. Amend Sec. 1544.205 by revising paragraph (e) and adding new
paragraph (g) to read as follows:
Sec. 1544.205 Acceptance and screening of cargo.
* * * * *
(e) Acceptance of cargo only from specified persons. Each aircraft
operator operating under a full program or a full all-cargo program may
accept cargo to be loaded in the United States for air transportation
only from the shipper, an aircraft operator, foreign air carrier, or
indirect air carrier operating under a security program under this
chapter with a comparable cargo security program, or, in the case of an
operator under a full program, from a certified cargo screening
facility, as provided in its security program.
* * * * *
(g) Screening of cargo loaded inside the United States by a full
program
[[Page 47704]]
operator. For cargo to be loaded in the United States, each operator
under a full program in Sec. 1544.101(a) must ensure that all cargo is
screened in the United States as follows:
(1) Amount screened. (i) Not later than February 3, 2009, each
operator under a full program must ensure that at least 50 percent of
its cargo is screened prior to transport on a passenger aircraft.
(ii) Not later than August 3, 2010, each operator under a full
program must ensure that 100 percent of its cargo is screened prior to
transport on a passenger aircraft.
(2) Methods of screening. For the purposes of this paragraph (g),
the aircraft operator must ensure that cargo is screened using a
physical examination or non-intrusive method of assessing whether cargo
poses a threat to transportation security, as provided in its security
program. Such methods may include TSA-approved x-ray systems,
explosives detection systems, explosives trace detection, explosives
detection canine teams certified by TSA, or a physical search together
with manifest verification, or other method approved by TSA.
(3) Limitation on who may conduct screening. Screening must be
conducted by the aircraft operator on an airport with a complete
program under 49 CFR part 1542, by another aircraft operator or foreign
air carrier operating under a security program under this chapter with
a comparable cargo security program on an airport, by a certified cargo
screening facility in accordance with 49 CFR part 1549, or by TSA. If
an aircraft operator or foreign air carrier screens cargo off an
airport, it must do so as a certified cargo screening facility in
accordance with part 1549.
(4) Verification. The aircraft operator must verify that the chain
of custody measures for the screened cargo are intact prior to loading
such cargo on aircraft, or must ensure that the cargo is re-screened in
accordance with this chapter.
0
16. Revise Sec. 1544.228 to read as follows:
Sec. 1544.228 Access to cargo and cargo screening: Security threat
assessments for cargo personnel in the United States.
This section applies in the United States to each aircraft operator
operating under a full program under Sec. 1544.101(a) or a full all-
cargo program under Sec. 1544.101(h).
(a) Before an aircraft operator authorizes and before an individual
performs a function described in paragraph (b) of this section--
(1) Each individual must successfully complete a security threat
assessment or comparable security threat assessment described in part
1540 subpart C of this chapter; and
(2) Each aircraft operator must complete the requirements in part
1540 subpart C.
(b) The security threat assessment required in paragraph (a) of
this section applies to the following:
(1) Each individual who has unescorted access to cargo and access
to information that such cargo will be transported on a passenger
aircraft; or who has unescorted access to cargo that has been screened
for transport on a passenger aircraft; or who performs certain
functions related to the transportation, dispatch, or security of cargo
for transport on a passenger aircraft or all-cargo aircraft, as
specified in the aircraft operator's security program; from the time--
(i) The cargo reaches a location where an aircraft operator with a
full all-cargo program consolidates or inspects it pursuant to security
program requirements until the cargo enters an airport Security
Identification Display Area or is transferred to another TSA-regulated
aircraft operator, foreign air carrier, or indirect air carrier; or
(ii) An aircraft operator with a full program accepts the cargo
until the cargo--
(A) Enters an airport Security Identification Display Area;
(B) Is removed from the destination airport; or
(C) Is transferred to another TSA-regulated aircraft operator,
foreign air carrier, or indirect air carrier.
(2) Each individual the aircraft operator authorizes to screen
cargo or to supervise the screening of cargo under Sec. 1544.205.
Subpart E--Screener Qualifications When the Aircraft Operator
Performs Screening
0
17. Revise Sec. 1544.401 to read as follows:
Sec. 1544.401 Applicability of this subpart.
This subpart applies when the aircraft operator is conducting
inspections as provided in Sec. 1544.207.
Sec. 1544.403 [Removed and Reserved]
0
18. Remove and reserve Sec. 1544.403.
Sec. 1544.405 Qualifications of screening personnel.
0
19. Revise the heading of Sec. 1544.405 to read as set forth above.
0
20. Amend Sec. 1544.407 by revising the heading and paragraph (c) to
read as follows:
Sec. 1544.407 Training, testing, and knowledge of individuals who
perform screening functions.
* * * * *
(c) Citizenship. A screener must be a citizen or national of the
United States.
* * * * *
Sec. 1544.409 Integrity of screener tests.
0
21. Revise the heading of Sec. 1544.409 to read as set forth above.
Sec. 1544.411 Continuing qualifications of screening personnel.
0
22. Revise the heading of Sec. 1544.411 to read as set forth above.
PART 1546--FOREIGN AIR CARRIER SECURITY
0
23. The authority citation for part 1546 continues to read as follows:
Authority: 49 U.S.C. 114, 5103, 40113, 44901-44905, 44907,
44914, 44916-44917, 44935-44936, 44942, 46105.
Subpart C--Operations
0
24. Amend Sec. 1546.205 by revising paragraphs (d) and (e) and adding
new paragraph (g) to read as follows:
Sec. 1546.205 Acceptance and screening of cargo.
* * * * *
(d) Screening and inspection of cargo in the United States. For
cargo to be loaded in the United States, each foreign air carrier
operating a program under Sec. 1546.101(1)(a), (b), (e), or (f) must
ensure that cargo is screened and inspected for any unauthorized
person, and any unauthorized explosive, incendiary, and other
destructive substances or items as provided in the foreign air
carrier's security program and Sec. 1546.207, and as provided in Sec.
1546.213 for operations under Sec. 1546.101(a) or (b), before loading
it on its aircraft in the United States.
(e) Acceptance of cargo only from specified persons. Except as
otherwise provided in its program, each foreign air carrier operating a
program under Sec. 1546.101(a), (b), (e) or (f) may accept cargo for
air transportation to be loaded in the United States only from the
shipper, or from an aircraft operator, foreign air carrier, or indirect
air carrier operating under a security program under this chapter with
a comparable cargo security program, or, in the case of a foreign air
carrier under Sec. 1546.101(a) or (b), from a certified cargo
screening facility, as provided in its security program.
* * * * *
(g) Screening of cargo loaded inside the United States under Sec.
1546.101(a) or
[[Page 47705]]
(b). For cargo to be loaded in the United States, each foreign air
carrier under Sec. 1546.101(a) or (b) must ensure that all cargo is
screened in the United States as follows:
(1) Amount screened. (i) Not later than February 3, 2009, each
foreign air carrier must ensure that at least 50 percent of its cargo
is screened prior to transport on a passenger aircraft.
(ii) Not later than August 3, 2010, each foreign air carrier must
ensure that 100 percent of its cargo is screened prior to transport on
a passenger aircraft.
(2) Methods of screening. For the purposes of this paragraph (g),
the foreign air carrier must ensure that cargo is screened using a
physical examination or non-intrusive method of assessing whether cargo
poses a threat to transportation security, as provided in its security
program. Such methods may include TSA-approved x-ray systems,
explosives detection systems, explosives trace detection, explosives
detection canine teams certified by TSA, a physical search together
with manifest verification, or other method approved by TSA.
(3) Limitation on who may conduct screening. Screening must be
conducted by the foreign air carrier on an airport, by another aircraft
operator or foreign air carrier operating under a security program
under this chapter with a comparable cargo security program on an
airport with a complete program under 49 CFR part 1542, by a certified
cargo screening facility in accordance with 49 CFR part 1549, or by
TSA. If an aircraft operator or foreign air carrier screens cargo off
an airport, it must do so as a certified cargo screening facility in
accordance with part 1549.
(4) The foreign air carrier must verify that the chain of custody
measures for the screened cargo are intact prior to loading such cargo
on aircraft, or must ensure that the cargo is re-screened in accordance
with this chapter.
0
25. Revise Sec. 1546.213 to read as follows:
Sec. 1546.213 Access to cargo: Security threat assessments for cargo
personnel in the United States.
This section applies in the United States to each foreign air
carrier operating under Sec. 1546.101(a), (b), or (e).
(a) Before a foreign air carrier authorizes and before an
individual performs a function described in paragraph (b) of this
section--
(1) Each individual must successfully complete a security threat
assessment or comparable security threat assessment described in part
1540 subpart C of this chapter; and
(2) Each aircraft operator must complete the requirements in part
1540 subpart C.
(b) The security threat assessment required in paragraph (a) of
this section applies to the following:
(1) Each individual who has unescorted access to cargo and access
to information that such cargo will be transported on a passenger
aircraft; or who has unescorted access to cargo that has been screened
for transport on a passenger aircraft; or who performs certain
functions related to the transportation, dispatch or security of cargo
for transport on a passenger aircraft or all-cargo aircraft, as
specified in the foreign air craft operator's or foreign air carrier's
security program; from the time--
(i) The cargo reaches a location where a foreign air carrier
operating under Sec. 1546.101(e) consolidates or inspects it pursuant
to security program requirements, until the cargo enters an airport
Security Identification Display Area or is transferred to another TSA-
regulated aircraft operator, foreign air carrier, or indirect air
carrier; or
(ii) A foreign air carrier under Sec. Sec. 1546.101(a) or (b)
accepts the cargo, until the cargo--
(A) Enters an airport Security Identification Display Area;
(B) Is removed from the destination airport; or
(C) Is transferred to another TSA-regulated aircraft operator,
foreign air carrier, or indirect air carrier.
(2) Each individual the foreign air carrier authorizes to screen
cargo or to supervise the screening of cargo under Sec. 1546.205.
Subpart E--Screener Qualifications When the Foreign Air Carrier
Conducts Screening
0
26. Revise Sec. 1546.401 to read as follows:
Sec. 1546.401 Applicability of this subpart.
This subpart applies when the aircraft operator is conducting
inspections as provided in Sec. 1546.207.
Sec. 1546.403 [Removed and Reserved]
0
27. Remove and reserve Sec. 1546.403.
Sec. 1546.405 Qualifications of screening personnel.
0
28. Revise the heading of Sec. 1546.405 to read as set forth above.
Sec. 1546.407 Training, testing, and knowledge of individuals who
perform screening functions.
0
29. Revise the heading of Sec. 1546.407 to read as set forth above.
Sec. 1546.409 Integrity of screener tests.
0
30. Revise the heading of Sec. 1546.409 to read as set forth above.
Sec. 1546.411 Continuing qualifications of screening personnel.
0
31. Revise the heading of Sec. 1546.411 to read as set forth above.
PART 1548--INDIRECT AIR CARRIER SECURITY
0
32. The authority citation for part 1548 continues to read as follows:
Authority: 49 U.S.C. 114, 5103, 40113, 44901-44905, 44913-44914,
44916-44917, 44932, 44935-44936, 46105.
0
33. Revise Sec. 1548.7(f) to read as follows:
Sec. 1548.7 Approval, amendment, annual renewal, and withdrawal of
approval of the security program.
* * * * *
(f) Withdrawal of approval of a security program. Section 1540.301
includes procedures for withdrawal of approval of a security program.
* * * * *
0
34. Revise Sec. 1548.15 to read as follows:
Sec. 1548.15 Access to cargo: Security threat assessments for
individuals having unescorted access to cargo.
(a) Before an aircraft operator authorizes and before an individual
performs a function described in paragraph (b) of this section--
(1) Each individual must successfully complete a security threat
assessment or comparable security threat assessment described in part
1540 subpart C of this chapter; and
(2) Each aircraft operator must complete the requirements in part
1540 subpart C.
(b) The security threat assessment required in paragraph (a) of
this section applies to the following:
(1) Each individual who has unescorted access to cargo and access
to information that such cargo will be transported on a passenger
aircraft; or who has unescorted access to cargo screened for transport
on a passenger aircraft; or who performs certain functions related to
the transportation, dispatch or security of cargo for transport on a
passenger aircraft or all-cargo aircraft, as specified in the indirect
air carrier's security program; from the time--
(i) Cargo to be transported on an all-cargo aircraft operated by an
aircraft operator with a full all-cargo program under Sec. 1544.101(h)
of this chapter, or by a foreign air carrier under Sec. 1546.101(e) of
this chapter, reaches an
[[Page 47706]]
indirect air carrier facility where the indirect air carrier
consolidates or holds the cargo, until the indirect air carrier
transfers the cargo to an aircraft operator or foreign air carrier; or
(ii) Cargo to be transported on a passenger aircraft operated by an
aircraft operator with a full program under Sec. 1544.101(a) or by a
foreign air carrier under Sec. 1546.101(a) or (b) of this chapter, is
accepted by the indirect air carrier, until the indirect air carrier
transfers the cargo to an aircraft operator or foreign air carrier.
(2) Each individual the indirect air carrier authorizes to screen
cargo or to supervise the screening of cargo under Sec. 1548.21.
0
35. Revise Sec. 1548.16(a) to read as follows:
Sec. 1548.16 Security threat assessments for each proprietor, general
partner, officer, director, and certain owners of the entity.
(a) Before an indirect air carrier permits a proprietor, general
partner, officer, director, or owner of the entity to perform those
functions--
(1) The proprietor, general partner, officer, director, or owner of
the entity must successfully complete a security threat assessment or
comparable security threat assessment described in part 1540 subpart C
of this chapter; and
(2) Each indirect air carrier must complete the requirements in 49
CFR part 1540, subpart C.
* * * * *
0
36. Add new Sec. 1548.21 to read as follows:
Sec. 1548.21 Screening of cargo.
An IAC may only screen cargo for transport on a passenger aircraft
under Sec. Sec. 1544.205 and 1546.205 if the IAC is a certified cargo
screening facility as provided in part 1549.
0
37. Add new part 1549 to subchapter C to read as follows:
PART 1549--CERTIFIED CARGO SCREENING PROGRAM
Subpart A--General
Sec.
1549.1 Applicability.
1549.3 TSA inspection authority.
1549.5 Adoption and implementation of the security program.
1549.7 Approval, amendment, renewal of the security program and
certification of the certified cargo screening facility.
Subpart B--Operations
1549.101 Acceptance, screening, and transfer of cargo.
1549.103 Qualifications and Training of individuals with security-
related duties.
1549.105 Recordkeeping.
1549.107 Security coordinators.
1549.109 Security Directives and Information Circulars.
1549.111 Security threat assessments for personnel of certified
cargo screening facilities.
Authority: 49 U.S.C. 114, 5103, 40113, 44901-44905, 44913-44914,
44916-44917, 44932, 44935-44936, 46105.
Subpart A--General
Sec. 1549.1 Applicability.
This part applies to each facility applying for or certified by TSA
as a certified cargo screening facility to screen cargo that will be
transported on a passenger aircraft operated under a full program under
49 CFR 1544.101(a), or a foreign air carrier operating under a program
under 49 CFR 1546.101(a) or (b).
Sec. 1549.3 TSA inspection authority.
(a) Each certified cargo screening facility must allow TSA, at any
time or place, in a reasonable manner, without advance notice, to enter
the facility and make any inspections or tests, including copying
records, to--
(1) Determine compliance of a certified cargo screening facility,
airport operator, foreign air carrier, indirect air carrier, or airport
tenant with this chapter and 49 U.S.C. 114 and Subtitle VII, as
amended; or
(2) Carry out TSA's statutory or regulatory authorities, including
its authority to--
(i) Assess threats to transportation;
(ii) Enforce security-related regulations, directives, and
requirements:
(iii) Inspect, maintain, and test the security of facilities,
equipment, and systems;
(iv) Ensure the adequacy of security measures for the
transportation of passengers and cargo;
(v) Oversee the implementation, and ensure the adequacy, of
security measures at airports and other transportation facilities;
(vi) Review security plans; and
(vii) Carry out such other duties, and exercise such other powers,
relating to transportation security as the Assistant Secretary of
Homeland Security for the TSA considers appropriate, to the extent
authorized by law.
(b) At the request of TSA, each certified cargo screening facility
must provide evidence of compliance with this chapter, including
copying records.
(c) TSA and DHS officials working with TSA may conduct inspections
under this section without access media or identification media issued
or approved by a certified cargo screening facility or other person,
except that the TSA and DHS officials will have identification media
issued by TSA or DHS.
Sec. 1549.5 Adoption and implementation of the security program.
(a) Security program required. No person may screen cargo to be
tendered to an aircraft operator operating under a full program under
part 1544, a foreign air carrier operating under Sec. 1546.101(a) or
(b), or an indirect air carrier operating under Sec. 1548.5 for
carriage on a passenger aircraft, unless that person holds and carries
out an approved security program under this part.
(b) Content. Each security program under this part must--
(1) Provide for the security of the aircraft, as well as that of
persons and property traveling in air transportation against acts of
criminal violence and air piracy and against the introduction into the
aircraft of any unauthorized explosive, incendiary, and other
destructive substance or item as provided in the certified cargo
screening facility's security program;
(2) Be designed to prevent or deter the introduction of any
unauthorized explosive, incendiary, and other destructive substance or
item onto an aircraft; and
(3) Include the procedures and description of the facilities and
equipment used to comply with the requirements of this part.
(c) Employees and agents. The certified cargo screening facility
must ensure that its employees and agents carry out the requirements of
this chapter and the certified cargo screening facility's security
program.
(d) Facility's security program. The certified cargo screening
facility standard security program together with approved alternate
procedures and amendments issued to a particular facility constitutes
that facility's security program.
(e) Availability. Each certified cargo screening facility must:
(1) Maintain an original of the security program at its corporate
office.
(2) Have accessible a complete copy, or the pertinent portions of
its security program, or appropriate implementing instructions, at its
facility. An electronic version is adequate.
(3) Make a copy of the security program available for inspection
upon the request of TSA.
(4) Restrict the distribution, disclosure, and availability of
information contained in its security program to persons with a need to
know, as described in part 1520 of this chapter.
(5) Refer requests for such information by other persons to TSA.
[[Page 47707]]
Sec. 1549.7 Approval, amendment, renewal of the security program and
certification of a certified cargo screening facility.
(a) Initial application and approval. (1) Application. Unless
otherwise authorized by TSA, each applicant must apply for a security
program and for certification as a certified cargo screening facility
at a particular location, in a form and a manner prescribed by TSA not
less than 90 calendar days before the applicant intends to begin
operations. TSA will only approve a facility to operate as a CCSF if it
is located in the United States. The CCSF application must be in
writing and include the following:
(i) The business name; other names, including doing business as;
state of incorporation, if applicable; and tax identification number.
(ii) The name of the senior manager or representative of the
applicant in control of the operations at the facility.
(iii) A signed statement from each person listed in paragraph
(a)(1)(ii) of this section stating whether he or she has been a senior
manager or representative of a facility that had its security program
withdrawn by TSA.
(iv) Copies of government-issued identification of persons listed
in paragraph (a)(1)(ii) of this section.
(v) The street address of the facility where screening will be
conducted.
(vi) A statement acknowledging and ensuring that each individual
and agent of the applicant, who is subject to training under Sec.
1549.11, will have successfully completed the training outlined in its
security program before performing security-related duties.
(vii) Other information requested by TSA concerning Security Threat
Assessments.
(viii) A statement acknowledging and ensuring that each individual
will successfully complete a Security Threat Assessment under Sec.
1549.111 before the applicant authorizes the individual to have
unescorted access to screened cargo or to screen or supervise the
screening of cargo.
(2) Standard security program and assessment. (i) After the
Security Coordinator for an applicant successfully completes a security
threat assessment, TSA will provide to the applicant the certified
cargo screening standard security program, any security directives, and
amendments to the security program and other alternative procedures
that apply to the facility. The applicant may either accept the
standard security program or submit a proposed modified security
program to the designated official for approval. TSA will approve the
security program under paragraphs (a)(3) and (a)(4) of the section or
issue a written notice to modify under paragraph (a)(4) of this
section.
(ii) An applicant must successfully undergo an assessment by a TSA-
approved validation firm under 49 CFR part 1522 or by TSA.
(3) Review. TSA will review a facility at a particular location to
determine whether--
(i) The applicant has met the requirements of this part, its
security program, and any applicable Security Directive;
(ii) The applicant has successfully undergone an assessment by a
TSA-approved validation firm under 49 CFR part 1522 or by TSA;
(iii) The applicant is able and willing to carry out the
requirements of this part, its security program, and an applicable
Security Directive;
(iv) The approval of such applicant's security program is not
contrary to the interests of security and the public interest;
(v) The applicant has not held a security program that was
withdrawn within the previous year, unless otherwise authorized by TSA;
and
(vi) TSA determines that the applicant is qualified to be a
certified cargo screening facility.
(4) Approval and certification. If TSA determines that the
requirements of paragraph (a)(4) of this section are met and the
application is approved, TSA will send the applicant a written notice
of approval of its security program, and certification to operate as a
certified cargo screening facility.
(5) Commencement of operations. The certified cargo screening
facility may operate under a security program when it meets all TSA
requirements, including but not limited to a validation by TSA or a
TSA-approved validation firm, successful completion of training, and
Security Threat Assessments by relevant personnel.
(6) Duration of security program. The security program will remain
effective until the end of the calendar month three years after the
month it was approved or until the program has been surrendered or
withdrawn, whichever is earlier.
(7) Requirement to report changes in information. Each certified
cargo screening facility under this part must notify TSA, in a form and
manner approved by TSA, of any changes to the information submitted
during its initial application.
(i) The CCSF must submit this notification to TSA not later than 30
days prior to the date the change is expected to occur.
(ii) Changes included in the requirement of this paragraph include,
but are not limited to, changes in the certified cargo screening
facility's contact information, senior manager or representative,
business addresses and locations, and form of business facility.
(iii) If the certified cargo screening facility relocates, TSA will
withdraw the existing certification and require the new facility to
undergo a validation and certification process.
(b) Renewal Application. Upon timely submittal of an application
for renewal, and unless and until TSA denies the application, the
certified cargo screening facility's approved security program remains
in effect.
(1) Unless otherwise authorized by TSA, each certified cargo
screening facility must timely submit to TSA, at least 30 calendar days
prior to the first day of the 36th anniversary month of initial
approval of its security program, an application for renewal of its
security program in a form and a manner approved by TSA.
(2) The certified cargo screening facility must demonstrate that it
has successfully undergone a revalidation of its operations by a TSA or
a TSA-approved validation firm prior to the first day of the 36th
anniversary month of initial approval of its security program.
(3) The application for renewal must be in writing and include a
signed statement that the certified cargo screening facility has
reviewed and ensures the continuing accuracy of the contents of its
initial application for a security program, subsequent renewal
applications, or other submissions to TSA confirming a change of
information and noting the date such applications and submissions were
sent to TSA, including the following certification:
[Name of certified cargo screening facility] (hereinafter ``the
CCSF'') has adopted and is currently carrying out a security program
in accordance with the Transportation Security Regulations as
originally approved on [Insert date of TSA initial approval]. In
accordance with TSA regulations, the CCSF has notified TSA of any
new or changed information required for the CCSF's initial security
program. If new or changed information is being submitted to TSA as
part of this application for reapproval, that information is stated
in this filing.
The CCSF understands that intentional falsification of
certification to an aircraft operator, foreign air carrier, indirect
air carrier, or to TSA may be subject to both civil and criminal
penalties under 49 CFR part 1540 and 18 U.S.C. 1001. Failure to
notify TSA of any new or changed information required for initial
approval of the CCSF's security program in a timely fashion and in a
form acceptable to TSA may result in
[[Page 47708]]
withdrawal by TSA of approval of the CCSF's security program.
(4) TSA will renew approval of the security program if TSA
determines that--
(i) The CCSF has met the requirements of this chapter, its security
program, and any Security Directive; and
(ii) The renewal of its security program is not contrary to the
interests of security and the public interest.
(5) If TSA determines that the certified cargo screening facility
meets the requirements of paragraph (b)(3) of this section, it will
renew the certified cargo screening facility's security program and
certification. The security program and certification will remain
effective until the end of the calendar month three years after the
month it was renewed.
(c) Amendment requested by a certified cargo screening entity or
applicant. A certified cargo screening facility or applicant may file a
request for an amendment to its security program with the TSA
designated official at least 45 calendar days before the date it
proposes for the amendment to become effective, unless the designated
official allows a shorter period. Any certified cargo screening
facility may submit to TSA a group proposal for an amendment that is on
behalf of it and other certified cargo screening facilities that co-
sign the proposal.
(1) Within 30 calendar days after receiving a proposed amendment,
the designated official, in writing, either approves or denies the
request to amend.
(2) TSA may approve an amendment to a certified cargo screening
facility's security program, if the TSA designated official determines
that safety and the public interest will allow it, and if the proposed
amendment provides the level of security required under this part.
(3) Within 30 calendar days after receiving a denial of the
proposed amendment, the certified cargo screening facility may petition
TSA to reconsider the denial. The CCSF must file the Petition for
Reconsideration with the designated official.
(4) Upon receipt of a Petition for Reconsideration, the designated
official either approves the request to amend or transmits the
petition, together with any pertinent information, to TSA for
reconsideration. TSA will dispose of the petition within 30 calendar
days of receipt by either directing the designated official to approve
the amendment or by affirming the denial.
(d) Amendment by TSA. TSA may amend a security program in the
interest of safety and the public interest, as follows:
(1) TSA notifies the certified cargo screening facility, in
writing, of the proposed amendment, fixing a period of not less than 30
calendar days within which the certified cargo screening facility may
submit written information, views, and arguments on the amendment.
(2) After considering all relevant material, the designated
official notifies the certified cargo screening facility of any
amendment adopted or rescinds the notice of amendment. If the amendment
is adopted, it becomes effective not less than 30 calendar days after
the certified cargo screening facility receives the notice of
amendment, unless the certified cargo screening facility disagrees with
the proposed amendment and petitions the TSA to reconsider, no later
than 15 calendar days before the effective date of the amendment. The
certified cargo screening facility must send the petition for
reconsideration to the designated official. A timely Petition for
Reconsideration stays the effective date of the amendment.
(3) Upon receipt of a Petition for Reconsideration, the designated
official either amends or withdraws the notice of amendment, or
transmits the Petition, together with any pertinent information, to TSA
for reconsideration. TSA disposes of the Petition within 30 calendar
days of receipt, either by directing the designated official to
withdraw or amend the notice of amendment, or by affirming the notice
of amendment.
(e) Emergency amendments. (1) If TSA finds that there is an
emergency requiring immediate action, with respect to aviation security
that makes procedures in this section contrary to the public interest,
the designated official may issue an emergency amendment, without the
prior notice and comment procedures described in paragraph (d) of this
section.
(2) The emergency amendment is effective without stay on the date
the certified cargo screening facility receives notification. TSA will
incorporate in the notification a brief statement of the reasons and
findings for the emergency amendment to be adopted.
(3) The certified cargo screening facility may file a Petition for
Reconsideration with the TSA no later than 15 calendar days after TSA
issued the emergency amendment. The certified cargo screening facility
must send the Petition for Reconsideration to the designated official;
however, the filing does not stay the effective date of the emergency
amendment.
Subpart B--Operations
Sec. 1549.101 Acceptance, screening, and transfer of cargo.
(a) Preventing or deterring the carriage of any explosive or
incendiary. Each certified cargo screening facility must use the
facilities, equipment, and procedures described in its security program
to prevent or deter the carriage onboard an aircraft of any
unauthorized explosives, incendiaries, and other destructive substances
or items in cargo onboard an aircraft, as provided in the facility's
security program.
(b) Screening and inspection of cargo. Each certified cargo
screening facility must ensure that cargo is screened and inspected for
any unauthorized explosive, incendiary, and other destructive substance
or item as provided in the facility's security program before it is
tendered to another certified cargo screening facility, an aircraft
operator with a full program under part 1544, a foreign air carrier
operating under Sec. Sec. 1546.101(a) or (b), or an indirect air
carrier operating under Sec. 1548.5 for transport on a passenger
aircraft. Cargo that the facility represents as screened, must be
screened in accordance with this part.
(c) Refusal to transport. Each certified cargo screening facility
must refuse to offer to another certified cargo screening facility, an
aircraft operator with a full program under part 1544, a foreign air
carrier operating under Sec. Sec. 1546.101(a) or (b), or an indirect
air carrier operating under Sec. 1548.5 for transport on a passenger
aircraft any cargo, if the shipper does not consent to a search or
inspection of that cargo in accordance with this part, or parts 1544,
1546, or 1548 of this chapter.
(d) Chain of custody. Each certified cargo screening facility must
protect the cargo from unauthorized access from the time it is screened
until the time it is tendered to another certified cargo screening
facility as approved by TSA, an indirect air carrier under 49 CFR part
1548, an aircraft operator under part 1544, or a foreign air carrier
under part 1546.
Sec. 1549.103 Qualifications and training of individuals with
security-related duties.
(a) Security threat assessments. Each certified cargo screening
facility must ensure that individuals listed in 49 CFR 1540.201(a)(6),
(7), (8), (9), and (12) relating to a certified cargo screening
facility complete a security threat assessment or comparable security
threat assessment described in part 1540, subpart C of this chapter,
before conducting screening or supervising screening or before having
unescorted
[[Page 47709]]
access to screened cargo, unless the individual is authorized to serve
as law enforcement personnel at that location.
(b) Training required. Each certified cargo screening facility must
ensure that individuals have received training, as specified in this
section and its security program, before such individual perform any
duties to meet the requirements of its security program.
(c) Knowledge and training requirements. Each certified cargo
screening facility must ensure that each individual who performs duties
to meet the requirements of its security program have knowledge of, and
annual training in, the--
(1) Applicable provisions of this chapter, including this part,
part 1520, and Sec. 1540.105;
(2) The certified cargo screening facility's security program, to
the extent that such individuals need to know in order to perform their
duties;
(3) Applicable Security Directives and Information Circulars; and
(4) The applicable portions of approved airport security program(s)
and aircraft operator security program(s).
(d) Screener qualifications. Each certified cargo screening
facility must ensure that each individual who screens cargo or who
supervises cargo screening--
(1) Is a citizen or national of the United States, or an alien
lawfully admitted for permanent residence;
(2) Has a high school diploma, a General Equivalency Diploma, or a
combination of education and experience that the certified cargo
screening facility has determined to have equipped the person to
perform the duties of the position;
(3) Has basic aptitudes and physical abilities including color
perception, visual and aural acuity, physical coordination, and motor
skills to the extent required to effectively operate cargo screening
technologies that the facility is authorized to use. These include:
(i) The ability to operate x-ray equipment and to distinguish on
the x-ray monitor the appropriate imaging standard specified in the
certified cargo screening facility security program. Wherever the x-ray
system displays colors, the operator must be able to perceive each
color.
(ii) The ability to distinguish each color displayed on every type
of screening equipment and explain what each color signifies.
(iii) The ability to hear and respond to the spoken voice and to
audible alarms generated by screening equipment.
(4) Has the ability to read, write and understand English well
enough to carry out written and oral instructions regarding the proper
performance of screening duties or be under the direct supervision of
someone who has this ability, including reading labels and shipping
papers, and writing log entries into security records in English.
Sec. 1549.105 Recordkeeping.
(a) Each certified cargo screening facility must maintain records
demonstrating compliance with all statutes, regulations, directives,
orders, and security programs that apply to operation as a certified
cargo screening facility, including the records listed below, at the
facility location or other location as approved by TSA:
(1) Records of all training and instructions given to each
individual under Sec. 1549.103. The CCSF must retain these records for
180 days after the individual is no longer employed by the certified
cargo screening facility or is no longer acting as the facility's
agent.
(2) Copies of all applications for, or renewals of, TSA
certification to operate under part 1549. Copies of reports by TSA-
certified validators must be included in these records.
(3) Documents establishing TSA's certification and renewal of
certification as required by part 1549.
(4) Records demonstrating that each individual has complied with
the security threat assessment provisions of Sec. 1549.111.
(b) Unless otherwise stated, records must be retained until the
next re-certification.
Sec. 1549.107 Security coordinators.
Each certified cargo screening facility must have a Security
Coordinator and designated alternate Security Coordinator appointed at
the corporate level. In addition, each certified cargo screening
facility must have a facility Security Coordinator and alternate
facility Security Coordinator appointed at the facility level. The
facility Security Coordinator must serve as the certified cargo
screening facility's primary contact for security-related activities
and communications with TSA, as set forth in the security program. The
Security Coordinator and alternate appointed at the corporate level, as
well as the facility Security Coordinator and alternate, must be
available on a 24-hour, 7-days a week basis.
Sec. 1549.109 Security Directives and Information Circulars.
(a) TSA may issue an Information Circular to notify certified cargo
screening facilities of security concerns.
(b) When TSA determines that additional security measures are
necessary to respond to a threat assessment, or to a specific threat
against civil aviation, TSA issues a Security Directive setting forth
mandatory measures.
(1) Each certified cargo screening facility must comply with each
Security Directive that TSA issues to it, within the time prescribed in
the Security Directive for compliance.
(2) Each certified cargo screening facility that receives a
Security Directive must comply with the following:
(i) Within the time prescribed in the Security Directive,
acknowledge in writing receipt of the Security Directive to TSA.
(ii) Within the time prescribed in the Security Directive, specify
the method by which the measures in the Security Directive have been
implemented (or will be implemented, if the Security Directive is not
yet effective).
(3) In the event that the certified cargo screening facility is
unable to implement the measures in the Security Directive, the
certified cargo screening facility must submit proposed alternative
measures and the basis for submitting the alternative measures to TSA
for approval.
(i) The certified cargo screening facility must submit the proposed
alternative measures within the time prescribed in the Security
Directive.
(ii) The certified cargo screening facility must implement any
alternative measures approved by TSA.
(4) Each certified cargo screening facility that receives a
Security Directive may comment on it by submitting data, views, or
arguments in writing to TSA.
(i) TSA may amend the Security Directive based on comments
received.
(ii) Submission of a comment does not delay the effective date of
the Security Directive.
(5) Each certified cargo screening facility that receives a
Security Directive or Information Circular, and each person who
receives information from a Security Directive or Information Circular,
must--
(i) Restrict the availability of the Security Directive or
Information Circular, and information contained in either document, to
those persons with a need-to-know; and
(ii) Refuse to release the Security Directive or Information
Circular, and information contained in either document, to persons
other than those with a need-to-know without the prior written consent
of TSA.
[[Page 47710]]
Sec. 1549.111 Security threat assessments for personnel of certified
cargo screening facilities.
(a) Scope. This section applies to the following:
(1) Each individual the certified cargo screening facility
authorizes to perform cargo screening or supervise cargo screening.
(2) Each individual the certified cargo screening facility
authorizes to have unescorted access to cargo at any time from the time
it is screened until the time it is tendered to another certified cargo
screening facility, an indirect air carrier under 49 CFR part 1548 for
transport on a passenger aircraft, an aircraft operator under part
1544, or a foreign air carrier under part 1546.
(3) The senior manager or representative of its facility in control
of the operations.
(4) The security coordinators and their alternates.
(b) Security threat assessment. Before a certified cargo screening
facility authorizes an individual to perform the functions described in
paragraph (a) of this section, and before the individual performs those
functions--
(1) Each individual must successfully complete a security threat
assessment or comparable security threat assessment described in part
1540, subpart C of this chapter; and
(2) Each certified screening facility must complete the
requirements in 49 CFR part 1540, subpart C.
Issued in Arlington, VA, on September 1, 2009.
Gale D. Rossides,
Acting Administrator.
[FR Doc. E9-21794 Filed 9-15-09; 8:45 am]
BILLING CODE 9110-05-P