[Federal Register Volume 76, Number 78 (Friday, April 22, 2011)] [Rules and Regulations] [Pages 22625-22630] From the Federal Register Online via the Government Publishing Office [www.gpo.gov] [FR Doc No: 2011-9629] ======================================================================= ----------------------------------------------------------------------- DEPARTMENT OF HOMELAND SECURITY Transportation Security Administration 49 CFR Part 1503 [Docket No. TSA-2009-0014; Amendment No. 1503-4] RIN 1652-AA66 Reporting of Security Issues AGENCY: Transportation Security Administration, DHS. ACTION: Final rule. ----------------------------------------------------------------------- SUMMARY: The Transportation Security Administration (TSA) is adding procedures by which any person will receive a receipt for reporting a problem, deficiency, or vulnerability related to transportation security, including the security of aviation, maritime, railroad, motor carrier vehicle, or pipeline transportation, or any mode of public transportation, such as mass transit, in accordance with the ``Implementing Recommendations of the 9/11 Commission Act of 2007'' (9/ 11 Act). DATES: Effective May 23, 2011. FOR FURTHER INFORMATION CONTACT: Traci Klemm, Office of Chief Counsel, TSA-2, Transportation Security Administration, 601 South 12th Street, Arlington, VA 20598-6002; telephone (571) 227-3596; facsimile (571) 227-1380; e-mail [email protected]. SUPPLEMENTARY INFORMATION: Availability of Rulemaking Document You can get an electronic copy using the Internet by-- (1) Searching the electronic Federal Docket Management System (FDMS) Web page at http://www.regulations.gov; (2) Accessing the Government Printing Office's Web page at http://www.gpoaccess.gov/fr/index.html; or (3) Visiting TSA's Security Regulations Web page at http://www.tsa.gov and accessing the link for ``Research Center'' at the top of the page. In addition, copies are available by writing or calling the person in the FOR FURTHER INFORMATION CONTACT section. Make sure to identify the docket number of this rulemaking. Small Entity Inquiries The Small Business Regulatory Enforcement Fairness Act (SBREFA) of 1996 requires TSA to comply with small entity requests for information and advice about compliance with statutes and regulations within TSA's jurisdiction. Any small entity that has a question regarding this document may contact the person listed in FOR FURTHER INFORMATION CONTACT. Persons can obtain further information regarding SBREFA on the Small Business Administration's Web page at http://www.sba.gov/advo/laws/law_lib.html. Background In the immediate aftermath of the events on September 11, 2001, the Federal Aviation Administration (FAA) established a task force to respond to the large volume of incoming phone calls, e-mails, and letters from the public. On June 1, 2002, the Transportation Security Administration (TSA) assumed responsibility for this response to the public, creating what is now known as the TSA Contact Center (TCC). The TCC is a widely-publicized open line for the public to contact TSA. As such, it has also provided a mechanism through which TSA may receive information about potential threats to transportation security from both well-meaning persons and those with harmful intent. In December 2004, TCC availability was expanded to 24 hours a day, 7 days a week, 365 days per year, primarily to ensure continuous review for threat-related contacts. The current process for public reporting of potential security violations, threat information or criminal activities, vulnerabilities and intelligence was put in place after the DHS Office of Inspector General assessed the Agency's actions to improve the handling of threat and non-threat communications following an incident where a college student was testing security.\1\ --------------------------------------------------------------------------- \1\ See unclassified summary at: http://www.dhs.gov/xoig/assets/mgmtrpts/OIG_05-51_Sep05.pdf. --------------------------------------------------------------------------- TSA also has ongoing initiatives within the various transportation modes, such as the General Aviation Secure Program, that includes hotline numbers to alert TSA of security concerns.\2\ Information from these reporting options, along with reports of other security incidents and concerns required by various TSA regulations, is received and processed by the same analytical components of TSA. Through [[Page 22626]] the Transportation Security Operations Center (TSOC) and other TSA components, information is also routinely passed to TSA's partners for appropriate response. --------------------------------------------------------------------------- \2\ See http://www.tsa.gov/what_we_do/tsnm/general_aviation/programs_sp.shtm#general_aviation for more information on the General Aviation Secure Program. --------------------------------------------------------------------------- The ``Implementing Recommendations of the 9/11 Commission Act'' (9/ 11 Act) requires the Secretary of Homeland Security to establish, by regulation, a process for any person to report transportation-related security problems, deficiencies, or vulnerabilities and promptly receive an acknowledging receipt for their report.\3\ This requirement is included in provisions to protect transportation-sector employees from discrimination or other retaliation for reporting or preventing violations of Federal laws related to transportation safety or security.\4\ --------------------------------------------------------------------------- \3\ Public Law 110-53, 121 Stat. 266 (August 3, 2007), sections 1413(i) (public transportation), 1521(i) (railroad carriers), and 1536(i) (commercial motor vehicles); these sections are codified in the United States Code at 6 U.S.C. 1142, 49 U.S.C. 20109, and 49 U.S.C. 31105, respectively. Future references will be to the codified sections. \4\ Id. --------------------------------------------------------------------------- Summary of the Rule This rule, which implements the 9/11 requirements, establishes the process for any person \5\ to receive a receipt for making a report to TSA regarding any transportation-related security problem, deficiency, or vulnerability. This mechanism to receive a receipt for reports applies to all modes of transportation, including aviation, commercial motor vehicle, maritime, pipeline, public transportation, and railroad transportation. --------------------------------------------------------------------------- \5\ For purpose of TSA regulations, ``person'' is defined in 49 CFR 1500.3. --------------------------------------------------------------------------- In Sec. 1503.3(a) of the rule, TSA designates the addresses and a telephone number that a person must use in order to obtain a receipt for their report. In order to obtain a receipt, the person must use one of these reporting mechanisms and provide valid contact information. Paragraph (b) indicates how TSA will provide a receipt acknowledging the report. Reports submitted by mail or through the Internet will receive written confirmation. Internet receipts will include the content of the report. Reports submitted by phone will receive a call identifier number. The call identifier number is linked to a copy of the information as recorded by TSA, which will be maintained according to TSA's record retention schedules (currently, these records are scheduled to be retained by TSOC for two years). To receive a written copy of the report, the person will need to contact TSA at the address identified in the rule within two years of their call and request a paper copy. Paragraph (c) reiterates TSA's commitment to review and consider all information received and to take appropriate steps. Paragraph (d) clarifies that a report made voluntarily under this subpart will not satisfy any separate legal obligation of any person to report information to TSA or any other Government agency under any other law. Operators must comply with those provisions regardless of whether a report has been submitted through the new part 1503 procedures. Finally, paragraph (e) is a reminder that these reporting mechanisms are not to be used for reporting immediate or emergency security or safety concerns. These concerns should be immediately reported to the appropriate emergency services operator, such as by calling 911. Alleged waste, fraud, and abuse in TSA programs should be reported to the Department of Homeland Security Inspector General: (800) 323-8603, or [email protected]. Authorities As previously discussed, the 9/11 Act requires DHS to issue this regulation for transportation security-related reports affecting public transportation, rail, and motor carriers. TSA has determined that the security benefits of receiving these reports applies to modes of transportation not enumerated in the statute: Aviation, maritime, and pipeline. Aspects of this rule not required by the 9/11 Act are supported by TSA's statutory authority to enhance security for all modes of transportation.\6\ TSA has broad regulatory authority and may issue, rescind, and revise such regulations as are necessary to carry out its transportation security functions.\7\ --------------------------------------------------------------------------- \6\ See 49 U.S.C. 114(d). The TSA Administrator's current authorities under ATSA have been delegated to him by the Secretary of Homeland Security. Section 403(2) of the Homeland Security Act (HSA) of 2002, Public Law 107-296, 116 Stat. 2315 (Nov. 25, 2002), transferred all functions of TSA, including those of the Secretary of Transportation and the Under Secretary of Transportation of Security related to TSA, to the Secretary of Homeland Security. Pursuant to DHS Delegation Number 7060.2, the Secretary of Homeland Security delegated to the Administrator, subject to the Secretary's guidance and control, the authority vested in the Secretary with respect to TSA, including that in sec. 403(2) of the HSA. \7\ 49 U.S.C. 114(l)(1). --------------------------------------------------------------------------- Changes From the Notice of Proposed Rulemaking (NPRM) This final rule adopts the regulations proposed in the NPRM \8\ with minor revisions. A scope provision has been added. Addresses for providing reports by mail, through the Internet, or by phone have been added to 49 CFR part 1503. Information on how to obtain a receipt has also been provided. This preamble does not address technical corrections or corrected typographical errors. --------------------------------------------------------------------------- \8\ Published in the Federal Register on August 26, 2009 (74 FR 43088). --------------------------------------------------------------------------- While the text of the rule has not been significantly altered since the NPRM, the costs estimated for this regulation have been significantly lowered. At the time that the NPRM was published, TSA intended to extensively publicize the reporting mechanism for use by the general public to report any transportation-related security concern. The costs in the NPRM reflected that assumption. Since that time, however, DHS has launched the ``See Something, Say Something'' campaign. The ``See Something, Say Something'' campaign is part of DHS's commitment to promoting a vigilant citizenry that actively participates in protecting national security. In her September 2010 speech to first responders at the NYC Emergency Operations Center, Secretary Napolitano noted in her prepared remarks: ``Recall that it was a New York street vendor who tipped off a policeman about the bombing attempt in Times Square. It was a group of passengers on Flight 253 who intervened to stop the bombing attempt on Christmas Day.'' She then continued, ``Making individuals and citizens better informed and empowered is crucial, and DHS has therefore launched, and is expanding, a national campaign around a slogan you probably know well: `If You See Something, Say Something.' '' The purpose of the campaign, as stated by the Secretary, is to raise ``awareness of potential terrorist tactics, and emphasizing the importance of reporting suspicious activity to law enforcement.'' The implementation of that campaign has changed TSA's assumptions regarding how the mechanisms required by the 9/11 Act are likely to be used. Where the NPRM estimated costs based on the most currently available number of all security-related calls to the Contact Center and then increased that amount based on additional publicity, TSA now assumes that most reports under this rule will be made by a subset of the individuals who contact TSA with security concerns, primarily made up of employees within the transportation sector seeking a reporting mechanism that will provide them with documentation of their report in the event they may need it in the future. This results in far fewer estimated reports resulting from the mechanisms [[Page 22627]] under this final rule than estimated in the NPRM. As a result, the estimated costs have been significantly reduced from those provided in the NPRM. This specifically relates to estimates for the number of reports received and the TSA costs for processing those reports. In addition, TSA has developed new automated mechanisms for providing receipts to persons who report security concerns through e-mail; all security-related reports, regardless of whether they are being made as a result of this rule or for other reasons, will automatically receive an e-mail receipt. This substantially reduces the potential costs for TSA. Public Comments on the NPRM The public comment period for the NPRM closed on October 26, 2009. TSA received two public comments, from a commercial airline and a trade association representing members of the aviation industry. TSA addresses these comments below. Including the Aviation Industry Comments: One commenter objected to including the aviation industry in the scope of this rule because this sector is already highly regulated and required to report suspicious activities and events. As part of these requirements, they assert that knowledgeable employees report deficiencies, incidents, and vulnerabilities. They question whether untrained persons will be able to ``identify true vulnerabilities within commercial aviation without the understanding or comprehension of our security programs?'' TSA Response: This rule does not create a reporting requirement; it provides a voluntary reporting and receipt mechanism. Therefore, it is neither imposing an additional regulatory burden upon the industry nor duplicating the requirements for air carriers or other owner/operators to report security incidents and events. It is intended to provide a mechanism for anyone reporting transportation-related security problems, deficiencies, and vulnerabilities to obtain a receipt of their report. TSA is not limiting the scope for who can benefit from this mechanism, recognizing that transportation employees and members of the general public are capable of identifying things that are out of the ordinary. TSA will evaluate the information and determine whether further investigation or validation is necessary and by whom. While the language regarding the reporting and receipt mechanism is inclusive, referencing ``any person,'' \9\ we note that the requirement for TSA to develop this mechanism is contained in statutory provisions that are focused on providing protections for surface transportation employees who report concerns to authorities and are subsequently subject to retaliation, discharge, or discrimination.\10\ The 9/11 Act can be seen as an extension of these protections previously enacted for aviation employees.\11\ The processes set forth in this rule provide all transportation-related employees with the ability to obtain a receipt for reports. --------------------------------------------------------------------------- \9\ 6 U.S.C. 1142(i), 49 U.S.C. 20109(i), and 49 U.S.C. 31105(i). \10\ 6 U.S.C. 1142, 49 U.S.C. 20109, and 49 U.S.C. 31105. \11\ See 49 U.S.C. 42121. --------------------------------------------------------------------------- TSA Rewards Program Comments: As noted in the preamble of the NPRM,\12\ TSA is in the process of developing a program to confer monetary or other recognition on persons who provide valuable information to TSA about criminal acts or other violations relating to transportation security. One commenter raised questions regarding how TSA is planning to administer a rewards program for persons who provide valuable information related to transportation security. --------------------------------------------------------------------------- \12\ See 74 FR 43090 (August 26, 2009). --------------------------------------------------------------------------- TSA Response: The rewards program is still under development. Any information regarding implementation of a rewards program by TSA will be contained in other documents when appropriate. Costs of the Rule Comments: One commenter asserted that implementation of this rule will cost the taxpayers $1,000,000 annually and provide no benefit. They asserted the ``traveling consumer should not bear the monetary burden of this program.'' TSA response: Costs for implementing this statutorily-required rule have been revised and are discussed in Economic Impact Analyses section of this preamble. TSA disagrees that there is no benefit from providing this mechanism. It is important for the public, travelers, and employees to remain vigilant and play an active role in keeping the country's transportation network, and the people who rely on it, safe and secure. Similar to the ``If You See Something, Say Something'' campaign originally implemented by New York City's Metropolitan Transit Authority, it is important to raise awareness and ensure reporting of vulnerabilities and weaknesses in security measures that could make the transportation sector a weak target for terrorists and others with malicious intent. Coordination With the ``General Aviation Hotline'' Program Comments: One commenter urged TSA to ensure that the processes identified in this rule complement the existing ``General Aviation Hotline'' program. They state that this program is well known within the general aviation industry and is part of an ongoing effort to develop a more comprehensive reporting for aviation security. TSA response: The mechanism created by this rule complements the General Aviation Hotline program. The General Aviation Hotline program, also known as the General Aviation Secure Program, was developed by TSA's Office of Transportation Sector Network Management (TSNM) General Aviation Division by working with the industry and community to build upon the Airport Watch program, encouraging everyone to be vigilant about General Aviation security and report any unusual activities to TSA. Now seen in the context of the Department of Homeland Security's broader ``See Something, Say Something Campaign,'' the program includes a number where suspicions regarding operations can be reported, such as pilots appearing to be under the control of others, unfamiliar persons loitering around the field, suspicious aircraft lease or rental requests, anyone making threats, and unusual, suspicious activities or circumstances. Information from reports made by persons under this rule will be processed and analyzed through the same TSA component as information received through the General Aviation program, providing TSA with a more comprehensive picture of threats and vulnerabilities to transportation security. Paperwork Reduction Act The Paperwork Reduction Act of 1995 (PRA) (44 U.S.C. 3501, et seq.) requires that TSA consider the impact of paperwork and other information collection burdens imposed on the public and, under the provisions of PRA, 44 U.S.C. section 3507(d), obtain approval from the Office of Management and Budget (OMB) for each collection of information it conducts, sponsors, or requires through regulations. As protection provided by the Paperwork Reduction Act, as amended, an agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless it displays a currently valid OMB control number. TSA has determined there are no current or new information [[Page 22628]] collection requirements associated with this rule. Economic Impact Analyses Regulatory Evaluation Changes to Federal regulations must undergo several economic analyses. First, Executive Order (EO) 12866, Regulatory Planning and Review,\13\ directs each Federal agency to propose or adopt a regulation only upon a reasoned determination that the benefits of the intended regulation justify its costs. Second, the Regulatory Flexibility Act of 1980 (5 U.S.C. 601 et seq., as amended by the Small Business Regulatory Enforcement Fairness Act (SBREFA) of 1996) requires agencies to consider the economic impact of regulatory changes on small entities. Third, the Trade Agreements Act (19 U.S.C. 2531-2533) prohibits agencies from setting standards that create unnecessary obstacles to the foreign commerce of the United States. Fourth, the Unfunded Mandates Reform Act of 1995 (2 U.S.C. 1531-1538) requires agencies to prepare a written assessment of the costs, benefits, and other effects of proposed or final rules that include a Federal mandate likely to result in the expenditure by State, local, or Tribal governments, in the aggregate, or by the private sector, of $100 million or more annually (adjusted for inflation). --------------------------------------------------------------------------- \13\ 58 FR 51735 (Oct. 4, 1993). --------------------------------------------------------------------------- Executive Order 12866 Assessment In conducting these analyses, TSA determined: 1. This rulemaking is not a ``significant regulatory action'' as defined in the Executive Order. 2. This rulemaking will not have a significant economic impact on a substantial number of small entities. 3. This rulemaking will not constitute a barrier to international trade. 4. This rulemaking does not impose an unfunded mandate on State, local, or Tribal governments, or on the private sector. The basis for these conclusions is set forth below. Costs This rule enhances the ability for any person to report to TSA--via regular mail, through the Internet, or telephone--security problems, deficiencies, or vulnerabilities related to aviation, maritime, railroad, motor vehicle, pipeline, or public transportation. As previously discussed, when TSA prepared its initial draft of this rule, it intended to extensively publicize the reporting mechanism for use by the general public to report any transportation-related security concern. The costs in the NPRM reflected that assumption. Since that time, however, DHS has developed the ``See Something, Say Something'' campaign. The implementation of that campaign has changed TSA's assumptions for how the reporting and receipt mechanisms required by the 9/11 Act are likely to be used. TSA now assumes that most reports under this rule will be made by a subset of the general population, primarily made up of employees within the transportation sector seeking a reporting mechanism that will provide them with documentation of their report in the event they may need it in the future. This results in far fewer estimated reports under this final rule than estimated in the NPRM. As a result, the estimated costs have been significantly reduced from those provided in the NPRM. This specifically relates to estimates for the number of reports received and the TSA costs for processing those reports. In addition, TSA has developed new automated mechanisms for providing receipts to persons who report security concerns through e-mail; all security-related reports, regardless of whether they are being made as a result of this rule or for other reasons, will automatically receive an e-mail receipt. Consistent with the estimates of the NPRM, TSA assumes that the costs associated with the operation of this reporting system will be incurred by TSA and the person making the report. TSA currently provides the public with the ability to communicate security concerns by contacting TSA's Contact Center (1-866-289-9673) or through the TSA Web site (http://www.tsa.gov), by clicking on the ``Contact Us'' link at the top of the home page, clicking on the ``Security Issues'' link, and submitting an online form describing the security-related issue (received by TSA as an e-mail). If someone misses that link and scrolls on down the page, there is another heading (``Security Violations and Concerns'') that provides an additional opportunity to submit a report. As a result of this rulemaking, the ``Security Violation and Concerns'' section of the site will include a hyperlink back to the ``Security Issues'' form and the additional contact addresses identified in this rule. Therefore, this analysis of costs and benefits assumes that all Web-based reports under this rule will be through the ``Security Issues'' form on TSA's Web site. As noted, the public will also be able to make reports by contacting TSA directly through a designated phone number or submitting a report through the mail to a designated address. There is no accurate method for gauging how many additional e-mail messages, telephone calls, and letters reporting transportation security concerns these changes to the Web site could generate. While estimating an accurate cost to the public of voluntarily reporting security concerns to TSA is difficult, one can use fiscal year (FY) 2010 TSA Contact Center (TCC) data as a starting point to estimate the cost of potential scenarios. For this analysis, we assumed that the rule will incrementally expand the number of security-related telephone calls and e-mail messages TSA received in FY 2010 by 25 percent. In FY 2010, the TCC fielded 393 security-related telephone calls that could be categorized as reporting a transportation-related security problem, deficiency, or vulnerability. (While the TCC may receive many more calls that a person has self-selected to be ``security-related,'' not all of those are within the scope of what is anticipated to be relevant to this rule.) These calls are addressed by security specialists who help determine whether the issue involves an issue related to transportation security or other complaints or concerns that the caller may have. They also determine whether the information provided will fit within the scope of the rule. Issues requiring action by TSA are routed to the appropriate TSA components. The security specialists also route information relevant to sister agencies to their designated points of contact. According to the TCC, the average telephone conversation involving a security specialist during FY 2010 lasted 3.25 minutes. For purposes of the NPRM, TSA estimated the calls would last approximately 4 minutes.\14\ However, the Transportation Security Operations Center (TSOC), which will start fielding these calls in FY 2011, assumes that calls from the public as a result of this rule will mostly come from a subset of callers who want a receipt acknowledging their call; processing these calls may require more detailed information than the average call. This primarily includes the information needed to provide the person with a receipt, which is not required for all calls received by TSOC. TSOC considers ten minutes to be a reasonable estimate for the length of such a call. If one projects that the public will place 98 additional calls (.25 x 393) as a result of the rule (for the purposes of this analysis, TSA assumes that all of these [[Page 22629]] calls will be from individuals wanting a receipt and providing the necessary contact information), then the public would spend 980 minutes (98 calls at about 10 minutes per call) on the telephone with TSA. At $19.32 per hour,\15\ the total annual cost to the public for the additional telephone calls will be $316 ($19.32 per hour x 980 minutes/ 60 minutes per hour). --------------------------------------------------------------------------- \14\ See 75 FR 43090. \15\ For purposes of this rulemaking, TSA uses the May 2009 Bureau of Labor Statistics (BLS) mean hourly wage rate for all Transportation and Material Moving Occupations (SOC Code 53-0000), adjusted for inflation. To access this information, go to the following BLS Web sites: http://data.bls.gov/cgi-bin/print.pl/oes/2009/may/naics2_48-49.htm and http://www.bls.gov/cpi/cpid1012.pdf. The $19.00 mean hourly wage rate found at the first Web site is converted to 2010 dollars by multiplying it times 1.0168, the amount by which the Consumer Price Index for Urban Wage Earners and Clerical Workers (CPI-W) rose between 2009 and 2010 (215.262/211.703 = 1.0168). --------------------------------------------------------------------------- To estimate the cost of contacting TSA electronically, this analysis used other data collected by the TCC as a starting point. In FY 2010 the TCC received 1,527 security-related e-mail messages from customers who logged onto the TSA Web site and used the links described above. TSA receives information submitted through the Web site in the form of an e-mail. As noted under the analysis for phone calls, the TCC may receive many more e-mails that a person has self-selected than are within the scope of what is anticipated to be relevant to this rule. The estimates reflect those e-mails that are relevant to the rule. If one assumes that TSA will receive an additional 382 e-mail messages (1,527 x .25) as a result of this rule and that the average e- mail message will require thirty minutes to prepare, one can modify the value-of-time formula used to calculate the FY 2010 cost of security- related telephonic reports to TSA to estimate the cost to the public of e-mailing its concerns: 382 e-mail messages x 30/60 hours per e-mail message x $19.32 per hour = $3,690. TSA has doubled the time estimate assumed in the NPRM due to the more detailed information one would expect to be provided; a person who is reporting a security vulnerability or deficiency is likely to have more information regarding security requirements that are not being followed.\16\ Because the receipt mechanism for persons making reports through TSA's Web site is automated, any person who reports through this mechanism will receive a receipt if they provide contact information. --------------------------------------------------------------------------- \16\ See 75 FR 43091. --------------------------------------------------------------------------- The rule will also allow the public to report transportation- related security problems, deficiencies, and vulnerabilities by regular mail (the mailing address will be posted on the TSA Web site). As previously noted, TSA assumes the majority of persons contacting TSA by mail and requesting a receipt will be subset of the general population, primarily made up of employees within the transportation sector seeking a reporting mechanism that will provide them with documentation of their report in the event they may need it in the future. In addition, TSA also assumes that most persons will report by e-mail as they will be provided with a more comprehensive verification of their report as the automated e-mail will include the exact text that they submitted. As a result, the estimated costs have been significantly reduced from those provided in the NPRM. If one projects that this rule will generate 50 letters per year and that it takes the average letter writer 30 minutes to write a report and 15 minutes to mail it, the value of the public's time for this exercise equates to $725 (50 letters x 45/60 hour per letter x $19.32 per hour). This increase in time from the NPRM is consistent with that for the other reporting mechanisms. When the cost of postage is included (50 letters x $.44 per stamp = $22), using regular mail to report transportation security- related problems, deficiencies, and vulnerabilities to TSA will cost the public $747. The projected cost of the three modes of communication--$316 for telephone calls, $3,690 for Web-based communications, and $747 for regular mail--is $4,753. As reporting under this rule is voluntary, the public would assume this direct cost voluntarily; the cost is not imposed by this rule. In addition to this direct cost to the public, TSA will incur expenses in handling the increased volume of reports. Although it is not feasible to accurately establish the number of additional telephonic, e-mail, and regular mail reports this rule will generate, TSOC is prepared to dedicate one full time equivalent (FTE) employee (at an overall cost of $80,208 \17\ per year) to handle the increased volume of communications. In addition to the labor costs associated with responding to the increase in security-related contacts, TSA will incur two non-labor expenses. This reduction from the estimates in the NPRM \18\ is consistent with the reductions in estimates for the public. --------------------------------------------------------------------------- \17\ Data from TSA's Office of Financial Management show that this was the average amount of personal compensation and benefits paid out in FY 2010 to a G-Band employee. The total comprises $51,933 in base pay and $28,275 in benefits. \18\ See 75 FR 43091. --------------------------------------------------------------------------- The hardware and software needed to implement the ``auto-response'' function for Web-based reports will cost $2,060 ($1,100 for a dedicated desktop computer and $960 for software). This feature provides an electronic receipt including the content of their report to anyone who uses the ``Security Issues'' Web form on the TSA Web site to submit security concerns (people who contact TSA by phone will be provided a unique identifier number for the call). Persons who submit reports by mail will receive a receipt in the mail. If one projects that this rule will generate 50 letters per year and that all the letters will have return addresses, the cost of mailing a response will be $22 (50 letters x $.44 per stamp = $22). Taken together, the estimated labor expense ($80,208) and receipt processes ($2,060 for auto-response and $22 for mail) yield a total annual cost to TSA of $82,290.\19\ --------------------------------------------------------------------------- \19\ TSOC will incur no incremental costs for training because in-house training has already been funded. There also will be no additional expenses for space, computers, and telephones; existing equipment at TSOC will be used to handle the expected increase in telephonic and electronic reporting. --------------------------------------------------------------------------- Benefits This rulemaking provides the following benefits: 1. It reminds the public that TSA wants to receive these reports, possibly alerting TSA to transportation security concerns that may otherwise have been overlooked. It is quite possible that reports from the public could prevent a national security problem that otherwise would have gone unaddressed. 2. It encourages employees and other persons who may hesitate to make a report for fear of retaliation or other adverse action to obtain the necessary documentation to support any future claims under 6 U.S.C. 1142, 49 U.S.C. 20109, 49 U.S.C. 31105, and 49 U.S.C. 42121. Regulatory Flexibility Act Assessment The Regulatory Flexibility Act (RFA) of 1980 requires that agencies perform a review to determine whether a proposed or final rule will have a significant economic impact on a substantial number of small entities. If the determination is that it will, the agency must prepare a regulatory flexibility analysis as described in the RFA. For purposes of the RFA, small entities include small businesses, not-for-profit organizations, and small governmental [[Page 22630]] jurisdictions. Individuals and States are not included in the definition of a small entity. This rule enhances the public's ability to report security concerns voluntarily to TSA. TSA and the public will incur some costs in the operation of this enhanced reporting system. As stated previously, the public will voluntarily assume the direct cost of reporting problems and deficiencies to TSA; the cost is not imposed by this rule. TSA certifies that this rulemaking will not have a significant economic impact on a substantial number of small entities. International Trade Impact Assessment The Trade Agreement Act of 1979 prohibits Federal agencies from establishing any standards or engaging in related activities that create unnecessary obstacles to the foreign commerce of the United States. Legitimate domestic objectives, such as safety, are not considered unnecessary obstacles. The statute also requires consideration of international standards and, where appropriate, that they be the basis for U.S. standards. TSA has assessed the potential effect of this rulemaking and has determined that it will impose the same costs on domestic and international entities and thus have a neutral trade impact. Unfunded Mandates Assessment The Unfunded Mandates Reform Act of 1995 (UMRA), Public Law 104-4, is intended, among other things, to curb the practice of imposing unfunded Federal mandates on State, local, and Tribal governments. Title II of the Act requires each Federal agency to prepare a written statement assessing the effects of any Federal mandate in a proposed or final rule that may result in a $100 million or more expenditure (adjusted annually for inflation) in any one year by State, local, and Tribal governments, in the aggregate, or by the private sector; such a mandate is deemed to be a ``significant regulatory action.'' This rulemaking does not contain such a mandate. The requirements of Title II of the Act, therefore, do not apply and TSA has not prepared a statement under the Act. Executive Order 13132, Federalism TSA has analyzed this final rule under the principles and criteria of Executive Order 13132, Federalism. We determined that this action will not have a substantial direct effect on the States, or the relationship between the National Government and the States, or on the distribution of power and responsibilities among the various levels of government, and, therefore, does not have federalism implications. Environmental Analysis TSA has reviewed this action for purposes of the National Environmental Policy Act of 1969 (NEPA) (42 U.S.C. 4321-4347) and has determined that this action will not have a significant effect on the human environment. Energy Impact Analysis The energy impact of the action has been assessed in accordance with the Energy Policy and Conservation Act (EPCA), Public Law 94-163, as amended (42 U.S.C. 6362). We have determined that this rulemaking is not a major regulatory action under the provisions of the EPCA. List of Subjects in 49 CFR Part 1503 Administrative practice and procedure, Investigations, Law enforcement, Penalties, Transportation. The Amendments For the reasons set forth in the preamble, the Transportation Security Administration amends part 1503 in chapter XII of title 49, Code of Federal Regulations to read as follows: PART 1503--INVESTIGATIVE AND ENFORCEMENT PROCEDURES 0 1. The authority citation for part 1503 is revised to read as follows: Authority: 6 U.S.C. 1142; 18 U.S.C. 6002; 28 U.S.C. 2461 (note); 49 U.S.C. 114, 20109, 31105, 40113-40114, 40119, 44901-44907, 46101- 46107, 46109-46110, 46301, 46305, 46311, 46313-46314. 0 2. Add subpart A to part 1503 to read as follows: Subpart A--General Sec. Sec. 1503.1 Scope. Sec. 1503.3 Reports by the public of security problems, deficiencies, and vulnerabilities. Subpart A--General Sec. 1503.1 Scope. This part provides information on TSA's investigative and enforcement procedures. Sec. 1503.3 Reports by the public of security problems, deficiencies, and vulnerabilities. This section prescribes the reporting mechanisms that persons may use in order to obtain a receipt for reports to TSA regarding transportation-related security problems, deficiencies, and vulnerabilities. (a) Any person who reports to TSA a transportation security-related problem, deficiency, or vulnerability--including the security of aviation, commercial motor vehicle, maritime, pipeline, any mode of public transportation, or railroad transportation--will receive a receipt for their report if they provide valid contact information and report through one of the following: (1) U.S. mail to Transportation Security Administration HQ, TSA-2; Attn: 49 CFR 1503.3 Reports; 601 South 12th Street; Arlington, VA 20598-6002; (2) Internet at http://www.tsa.gov/contact, selecting ``Security Issues''; or (3) Telephone (toll-free) at 1-866-289-9673. (b) Reports submitted by mail will receive a receipt through the mail, reports submitted by the Internet will receive an e-mail receipt, and reports submitted by phone will receive a call identifier number linked to TSA documents held according to published record schedules. To obtain a paper copy of reports provided by phone, the person who made the report, or their authorized representative, must contact TSA at the address identified in (a)(1) of this section within that period and provide the identifier number. (c) TSA will review and consider the information provided in any report submitted under this section and take appropriate steps to address any problems, deficiencies, or vulnerabilities identified. (d) Nothing in this section relieves a person of a separate obligation to report information to TSA under another provision of this title, a security program, or a security directive, or to another Government agency under other law. (e) Immediate or emergency security or safety concerns should be reported to the appropriate local emergency services operator, such as by telephoning 911. Alleged waste, fraud, and abuse in TSA programs should be reported to the Department of Homeland Security Inspector General: telephone (toll-free) 1-800-323-8603, or e-mail [email protected]. Issued in Arlington, Virginia, on April 1, 2011. John S. Pistole, Administrator. [FR Doc. 2011-9629 Filed 4-21-11; 8:45 am] BILLING CODE 9110-05-P