Large Aircraft Security Program, Other Aircraft Operator Security Program, and Airport Operator Security Program, 64790-64855 [E8-23685]
Download as PDF
<![CDATA[
64790
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
DEPARTMENT OF HOMELAND
SECURITY
Transportation Security Administration
49 CFR Parts 1515, 1520, 1522, 1540,
1542, 1544, and 1550
[Docket No. TSA–2008–0021]
RIN 1652–AA53
Large Aircraft Security Program, Other
Aircraft Operator Security Program,
and Airport Operator Security Program
Transportation Security
Administration, DHS.
ACTION: Notice of proposed rulemaking.
sroberts on PROD1PC70 with PROPOSALS
AGENCY:
SUMMARY: The Transportation Security
Administration (TSA) proposes to
amend current aviation transportation
security regulations to enhance the
security of general aviation by
expanding the scope of current
requirements and by adding new
requirements for certain large aircraft
operators and airports serving those
aircraft. TSA is proposing to require that
all aircraft operations, including
corporate and private operations, with
aircraft with a maximum certificated
takeoff weight (MTOW) above 12,500
pounds (‘‘large aircraft’’) adopt a large
aircraft security program (LASP). This
security program would be based on the
current security program that applies to
operators providing scheduled or
charter services.
TSA also proposes to require large
aircraft operators to contract with TSAapproved auditors to conduct audits of
the operators’ compliance with their
security programs and with TSAapproved watch-list service providers to
verify that their passengers are not on
the No Fly and/or Selectee portions of
the consolidated terrorist watch-list
maintained by the Federal Government.
This proposed rule describes the
process and criteria under which
auditors and companies that perform
watch-list matching would obtain TSA
approval.
TSA also proposes further security
measures for large aircraft operators in
all-cargo operations and for operators of
passenger aircraft with a MTOW of over
45,500 kilograms (100,309.3 pounds),
operated for compensation or hire. TSA
also proposes to require that certain
airports that serve large aircraft adopt
security programs and amend the
security program for full program and
full all-cargo operators.
DATES: Submit comments by December
29, 2008.
ADDRESSES: You may submit comments,
identified by the TSA docket number to
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
this rulemaking, to the Federal Docket
Management System (FDMS), a
government-wide, electronic docket
management system, using any one of
the following methods:
Electronically: You may submit
comments through the Federal
eRulemaking portal at https://
www.regulations.gov. Follow the online
instructions for submitting comments.
Mail, In Person, or Fax: Address,
hand-deliver, or fax your written
comments to the Docket Management
Facility, U.S. Department of
Transportation, 1200 New Jersey
Avenue, SE., West Building Ground
Floor, Room W12–140, Washington, DC
20590–0001; Fax 202–493–2251. The
Department of Transportation (DOT),
which maintains and processes TSA’s
official regulatory dockets, will scan the
submission and post it to FDMS.
See SUPPLEMENTARY INFORMATION for
format and other information about
comment submissions.
FOR FURTHER INFORMATION CONTACT: For
program questions: Erik Jensen, Branch
Chief—Policy, Plans & Stakeholder
Affairs, Office of General Aviation,
TSNM, TSA–28, Transportation
Security Administration, 601 South
12th Street, Arlington, VA 22202–4220;
telephone (571) 227–2401; facsimile
(571) 227–2920; e-mail LASP@dhs.gov.
For questions regarding Sensitive
Security Information (SSI): Andrew
Colsky, Director, SSI Office, Office of
the Special Counselor (OSC), TSA–31,
Transportation Security Administration,
601 South 12th Street, Arlington, VA
22202–4220; telephone (571) 227–3513;
facsimile (571) 227–2945; e-mail
SSI@dhs.gov.
SUPPLEMENTARY INFORMATION:
Comments Invited
TSA invites interested persons to
participate in this rulemaking by
submitting written comments, data, or
views. We also invite comments relating
to the economic, environmental, energy,
or federalism impacts that might result
from this rulemaking action. See
ADDRESSES above for information on
where to submit comments.
With each comment, please identify
the docket number at the beginning of
your comments. TSA encourages
commenters to provide their names and
addresses. The most helpful comments
reference a specific portion of the
rulemaking, explain the reason for any
recommended change, and include
supporting data. You may submit
comments and material electronically,
in person, by mail, or fax as provided
under ADDRESSES, but please submit
your comments and material by only
PO 00000
Frm 00002
Fmt 4701
Sfmt 4702
one means. If you submit comments by
mail or delivery, submit them in an
unbound format, no larger than 8.5 by
11 inches, suitable for copying and
electronic filing.
If you want TSA to acknowledge
receipt of comments submitted by mail,
include with your comments a selfaddressed, stamped postcard on which
the docket number appears. We will
stamp the date on the postcard and mail
it to you.
TSA will file in the public docket all
comments received by TSA, except for
comments containing confidential
information and Sensitive Security
Information (SSI).1 TSA will consider
all comments received on or before the
closing date for comments and will
consider comments filed late to the
extent practicable. The docket is
available for public inspection before
and after the comment closing date.
Handling of Confidential or Proprietary
Information and Sensitive Security
Information (SSI) Submitted in Public
Comments
Do not submit comments that include
trade secrets, confidential commercial,
or financial information, or SSI to the
public regulatory docket. Please submit
such comments separately from other
comments on the rulemaking.
Comments containing this type of
information should be appropriately
marked as containing such information
and submitted by mail to the address
listed in FOR FURTHER INFORMATION
CONTACT section.
Upon receipt of such comments, TSA
will not place the comments in the
public docket and will handle them in
accordance with applicable safeguards
and restrictions on access. TSA will
hold them in a separate file to which the
public does not have access, and place
a note in the public docket that TSA has
received such materials from the
commenter. If TSA receives a request to
examine or copy this information, TSA
will treat it as any other request under
the Freedom of Information Act (FOIA)
(5 U.S.C. 552) and the Department of
Homeland Security’s (DHS) FOIA
regulation found in 6 CFR part 5.
Reviewing Comments in the Docket
Please be aware that anyone is able to
search the electronic form of all
comments received into any of our
1 ‘‘Sensitive Security Information’’ or ‘‘SSI’’ is
information obtained or developed in the conduct
of security activities, the disclosure of which would
constitute an unwarranted invasion of privacy,
reveal trade secrets or privileged or confidential
information, or be detrimental to the security of
transportation. The protection of SSI is governed by
49 CFR part 1520.
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
dockets by the name of the individual
submitting the comment (or signing the
comment, if submitted on behalf of an
association, business, labor union, etc.).
You may review the applicable Privacy
Act Statement published in the Federal
Register on April 11, 2000 (65 FR
19477), or you may visit https://
docketinfo.gov.
You may review TSA’s electronic
public docket on the Internet at https://
www.regulations.gov. In addition, DOT’s
Docket Management Facility provides a
physical facility, staff, equipment, and
assistance to the public. To obtain
assistance or to review comments in
TSA’s public docket, you may visit this
facility between 9 a.m. 5 p.m., Monday
through Friday, excluding legal
holidays, or call (202) 366–9826. This
docket operations facility is located in
the West Building Ground Floor, Room
W12–140 at 1200 New Jersey Avenue,
SE., Washington, DC 20590.
Availability of Rulemaking Document
You can get an electronic copy using
the Internet by—
(1) Searching the electronic Federal
Docket Management System (FDMS)
Web page at https://www.regulations.gov;
(2) Accessing the Government
Printing Office’s web page at https://
www.gpoaccess.gov/fr/; or
(3) Visiting TSA’s Security
Regulations web page at https://
www.tsa.gov and accessing the link for
‘‘Research Center’’ at the top of the page.
In addition, copies are available by
writing or calling the individual in the
FOR FURTHER INFORMATION CONTACT
sroberts on PROD1PC70 with PROPOSALS
section. Make sure to identify the docket
number of this rulemaking.
Abbreviations and Terms Used in This
Document
AICPA—American Institute of Certified
Public Accountants
ALJ—Administrative Law Judge
AOSC—Aircraft Operator Security
Coordinator
AOSSP—Aircraft Operator Standard Security
Program
ATSA—Aviation and Transportation
Security Act
CFR—Code of Federal Regulations
CHRC—Criminal History Records Check
CJIS—Criminal Justice Information Services
CBP—U.S. Customs and Border Protection
DHS—U.S. Department of Homeland
Security
FAMs—Federal Air Marshals
FAA—Federal Aviation Administration
FACAOSSP—Full All-Cargo Aircraft
Operator Standard Security Program
FBI—Federal Bureau of Investigation
FISMA—Federal Information Security
Management Act
GA—General Aviation
HME—Hazardous Materials Endorsement
IPA—Independent Public Accounting firm
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
IT—Information Technology
LASP—Large Aircraft Security Program
LEO—Law Enforcement Officer
MTOW—Maximum Certificated Take-Off
Weight
NIST—National Institute of Standards and
Technology
PPSSP—Partial Program Standard Security
Program
PCSSP—Private Charter Standard Security
Program
SSI—Sensitive Security Information
STA—Security Threat Assessment
TSC—Terrorist Screening Center
TSA—Transportation Security
Administration
TWIC—Transportation Worker Identification
Credential
TFSSP—Twelve-Five Standard Security
Program
Outline of the Notice of Proposed
Rulemaking
I. Introduction
A. Current Standard Security Programs
B. Current Security Programs for Large
Aircraft
C. Implementation and Compliance
Schedule
II. Major Proposed Elements in This NPRM
A. Major Requirements in the Proposed
Large Aircraft Security Program
B. Proposed Requirements for Certain
Airports
C. Passenger Checking Against the Watchlist
D. Third-Party Audits for Large Aircraft
Operators
E. Proposed Amendments to the Full
Program and the Full All-Cargo Program
III. Section-by-Section Analysis
IV. Regulatory Requirements
A. Paperwork Reduction Act
B. Regulatory Impact Analyses
1. Regulatory Evaluation Summary
2. Executive Order 12866 Assessment
3. Regulatory Flexibility Act Assessment
4. International Trade Impact Assessment
5. Unfunded Mandates Assessment
C. Executive Order 13132, Federalism
D. Environmental Analysis
E. Energy Impact Analysis
List of Subjects
The Proposed Amendments
I. Introduction
The aviation industry is composed of
thousands of operators that conduct
different types of operations in
numerous different types of aircraft.
Many aircraft operators are air carriers
or commercial operators that offer
transportation to the public for
compensation or hire. Others are general
aviation (GA) operators that do not offer
transportation to the public. These
operators often are corporate or private
owners of aircraft that operate their
aircraft for their own use or provide
transportation for compensation or hire
only to certain customers without
PO 00000
Frm 00003
Fmt 4701
Sfmt 4702
64791
offering transportation to the public in
general.2
To date, the Federal Government’s
primary focus with regard to aviation
security has been on air carriers and
commercial operators that offer
transportation for compensation or hire
to the public. TSA requires these
carriers and operators to develop and
operate under a particular security
program depending on the precise
nature of their operations. A security
program is a set of security procedures
that will meet the requirements of
applicable TSA regulations. For
example, a security program would
include specific measures to screen
cargo, to transport Federal Air Marshals,
to use personnel identification systems,
and to provide training to employees, if
the operator were subject to those
requirements in TSA’s regulation.
With few exceptions, TSA does not
currently require security programs for
GA aircraft operators. As vulnerabilities
and risks associated with air carriers
and commercial operators have been
reduced or mitigated, terrorists may
view general aviation aircraft as more
vulnerable and thus attractive targets. If
hijacked and used as a missile, these
aircraft would be capable of inflicting
significant damage.
The Federal Aviation
Administration’s (FAA) long-standing
definition of ‘‘large aircraft’’ is an
aircraft with a maximum certificated
takeoff weight (MTOW) of over 12,500
pounds. See 14 CFR 1.1. Based on the
aviation industry’s familiarity with this
definition and TSA’s belief that aircraft
of this size pose a potential risk, TSA is
proposing to require security programs
for all operators of aircraft—GA or
otherwise—that have a MTOW of over
12,500 pounds, excluding certain
governmental operations (collectively,
‘‘large aircraft operators’’).3
Currently, TSA requires many large
aircraft operators that are air carriers or
commercial operators to implement
security programs such as the TwelveFive Security Program or the Private
Charter Security Program.4 TSA is
2 There is no statutory or regulatory definition of
‘‘general aviation.’’ For the purposes of this NPRM,
we use the term to refer to aircraft operations that
are not air carriers or commercial, governmental or
military operators.
3 In general, aircraft that weigh over 12,500
pounds MTOW are those aircraft equipped with
twin turboprop or turbojet engines. Typically
corporate and charter aircraft have a seating
configuration for 6–8 passengers, while similar
aircraft used in scheduled passenger service would
likely have 18 or more seats.
4 Although aircraft operators that are subject to
the full program under 49 CFR 1544.101(a), or the
full all-cargo program under § 1544.101(h), operate
large aircraft, TSA does not include them in
E:\FR\FM\30OCP2.SGM
Continued
30OCP2
sroberts on PROD1PC70 with PROPOSALS
64792
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
proposing to expand this requirement to
include previously unregulated large
aircraft operators—namely, GA with a
MTOW of over 12,500 pounds. Doing so
will expand the large aircraft operator
population required to have a TSAapproved security program to
approximately 10,000 operators from
the approximately 650 operators today.
In addition, TSA is proposing to
establish a single large aircraft security
program (LASP) to replace the various
security programs used by currently
regulated large aircraft operators, such
as air carriers and commercial operators.
It is TSA’s view that the proposed rule
would enhance security significantly.
TSA recognizes that this would
greatly increase the number and type of
operators subject to a TSA-approved
security program. TSA invites
comments on the weight threshold of
aircraft covered by this proposed rule.
For instance, parties may choose to
comment on whether the security goals
discussed herein would be met if
security programs were required for GA
aircraft only over some greater weight
threshold. For example, we explain
below that aircraft over 45,500 kg
(100,309.3 pounds) MTOW are currently
covered by the ‘‘private charter’’
security program, which includes
security measures in addition to those
outlined in the ‘‘twelve-five’’ security
program. Since incidents involving
heavier aircraft have the potential to
lead to greater damages and loss of life
under one of the scenarios studied in
our regulatory impact analysis, we
specifically solicit comment on whether
this would be a logical alternative
weight threshold to consider for the
increased security requirements for
general aviation. Although TSA has
concluded in this NPRM that the
security benefits of the lower weight
threshold of 12,500 lbs are justified by
the risk and therefore justify the
additional cost of the lower threshold,
we welcome commenters’ views on that
topic, as well as on the cost-benefit
impact of alternate weight thresholds.
Below is a list of the major
requirements GA aircraft operators
would be required to adopt under the
LASP; a more detailed discussion of the
LASP and the individual requirements
is in sections II and III of this preamble:
• Ensure that their flight crew
members have undergone a fingerprintbased criminal history records check
(CHRC).
references to operators of large aircraft and large
aircraft operators for purposes of this NPRM. Full
program operators are generally known as the
commercial airlines.
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
• Conduct watch-list matching of
their passengers through TSA-approved
watch-list matching service providers.
• Undergo a biennial audit of their
compliance by a TSA-approved third
party auditor.
• Comply with the current cargo
requirements for the twelve-five allcargo program if conducting an all-cargo
operation.
• For aircraft with a MTOW of over
45,500 kilograms operated for
compensation or hire, screen passengers
and their accessible property.
• Check property on board for
unauthorized persons.
In addition, TSA is proposing
amendments to its regulations regarding
airport security programs.5 TSA is
proposing to require additional airports
to adopt security programs, because
these airports serve aircraft operators
that either currently must carry out a
security program or would be required
to have a security program under the
proposed rule. TSA proposes to require
the following airports to adopt a
security program:
• Reliever airports, which perform
the function of relieving congestion at
commercial service airports and provide
more GA access to the overall
community.
• Airports that regularly serve large
aircraft with scheduled or public charter
service.
A. Current Aircraft Operator Security
Programs
TSA requires security programs for air
carriers and commercial operators that
require security measures for
individuals, property, and cargo aboard
aircraft. Currently TSA requires security
programs for full program, full all-cargo,
partial, private charter, and twelve-five
program operators. For full program
operators,6 the standard security
program 7 is called an aircraft operator
standard security program (AOSSP). For
the full all-cargo program operators 8
operating all-cargo aircraft over 45,500
kg MTOW, the standard security
program is the full all-cargo aircraft
operator standard security program
(FACAOSSP). The partial program 9
applies to scheduled passenger or
public charter operations in an aircraft
5 The
regulations are in 49 CFR 1542.101.
CFR 1544.101(a).
7 A standard security program is a security
program issued by TSA that serves as the baseline
for a particular type of operator. An aircraft
operator’s security program consists of the
appropriate standard security program, together
with any amendments and alternative procedures to
the security program, if approved by TSA.
8 49 CFR 1544.101(h).
9 49 CFR 1544.101(b).
6 49
PO 00000
Frm 00004
Fmt 4701
Sfmt 4702
with 31 or more, but 60 or fewer
passenger seats that does not enplane
from or deplane into a sterile area. The
standard security program for private
charters is the private charter standard
security program.10 For other scheduled
or charter flights, or all-cargo
operations, in an aircraft with a MTOW
of over 12,500 pounds, the standard
security program is the twelve-five
standard security program.11
The full program, the full all-cargo
program, the partial program, the
private charter program, and the twelvefive program aircraft operators all are
covered under TSA regulations in 49
CFR part 1544. They all must hold FAA
air carrier operating certificates or FAA
operating certificates in accordance with
the Federal Aviation Administration
(FAA) regulations in 14 CFR part 119.12
They all engage in interstate common
carriage or intrastate common
carriage.13 TSA has also required certain
operators not engaged in common
carriage to hold and carry out security
programs. Operators of aircraft with a
MTOW of over 12,500 pounds must
conduct operations in accordance with
the FAA rules in 14 CFR part 125 (part
125 operators).14 By notice published in
the Federal Register, TSA required
these operators to carry out the twelvefive standard security program for
operations in aircraft over 12,500
pounds but not over 45,500 kg, and to
carry out the private charter standard
security program for operations in
aircraft over 45,500 kg.15 These part 125
operators conduct operations when
common carriage is not involved. They
may conduct operations for
compensation or hire, however, and
they may also conduct operations not
for compensation or hire.16
Finally, all civil aircraft must operate
under FAA regulations 14 CFR part 91,
Air Traffic and General Operating Rules.
These operators, when not also subject
to another FAA regulation, such as part
119 or part 125, are often referred to in
the industry as part 91 operators. TSA
generally has not required such
operators to carry out security measures.
The main objectives of the proposed
rule are: (1) To merge the partial, private
charter and twelve-five programs into a
large aircraft security program and to
10 49
CFR 1544.101(f).
CFR 1544.101(d).
12 49 CFR 1544.1.
13 49 U.S.C. 40102 and 14 CFR 119.21.
14 14 CFR 119.23.
15 69 FR 61516 (Oct. 19, 2004).
16 14 CFR 119.3 and 119.23. After TSA adopted
the full all-cargo program, it required part 125
operators in all-cargo operations using aircraft over
45,500 kg to have and carry out a full all-cargo
program. See 71 FR 30478 (May 26, 2006).
11 49
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
expand its scope to include general
aviation operators using aircraft with a
MTOW of over 12,500 pounds; and (2)
to enhance the security of these
operations.
B. Current Security Programs for Large
Aircraft
Large aircraft are operated by a
diverse group of air carriers, commercial
operators, and GA operators. As stated
above, to date, TSA has mandated
security programs for the air carrier and
commercial operator segments of the
aviation industry including scheduled
passenger operations, private charters,
public charters, and all-cargo operations
in large aircraft through the twelve-five
program, the partial program, and the
private charter program. With limited
exceptions, TSA has not required
security programs for large aircraft in
general aviation.
Large GA aircraft are most often
operated by corporate entities, though
some large GA aircraft are operated by
individuals. Corporate aviation, with a
population of approximately 10,000
operators flying 15,000 aircraft, is
largely unregulated for security
purposes. Yet many of these aircraft are
of the same size and weight of the air
carriers and commercial operators that
TSA regulates, and they could be used
effectively to commit a terrorist act.
Complicating the situation is the fact
that many GA operators have the
authorization to function under several
different FAA regulations and operating
certificates, which may require different
TSA security programs or no TSA
security program at all.
TSA considered developing a new
regulatory program to be used solely on
GA aircraft and their potential security
risks. This decision would have created
yet another security program applicable
to large aircraft operators. Instead of five
separate security programs that would
apply to large aircraft operators
depending on the type of service they
provide, TSA is proposing one security
64793
program that would apply to all large
aircraft operators (except certain
government operations) and would
replace the current security programs
for partial program operators, twelvefive program operators, and private
charter operators. The LASP would
establish a consistent set of regulations
for air carriers and commercial
operators, as well as GA operators using
large aircraft. Indeed, LASP would
provide large aircraft operators not
covered under the full program, or the
full all-cargo security program, with one
set of regulations that would form the
core of their security programs distinct
to their operational and security needs.
Table 1 below identifies the different
types of large aircraft operators that
currently are required to have a security
program and the major security
requirements for these operators. It also
identifies the types of operators that
would be subject to the new proposed
LASP.
TABLE 1—STANDARD SECURITY PROGRAMS APPLICABLE TO AIRCRAFT OPERATORS
An aircraft operator
that operates this
type of service, other
than all-cargo
And
In this size aircraft
Must have this
program #
Currently using this
standard security
program
Would be using this
standard security
program under the
NPRM
61 or more passenger seats.
.................................................
Full Program
§ 1544.101(a)(1).
AOSSP ...................
No change.
60 or fewer passenger seats.
It enplanes from, or deplanes
into, an existing sterile area.
Full Program
§ 1544.101(a)(2).
AOSSP ...................
No change.
31 or more but 60
or fewer passenger seats.
It does not enplane from, or
deplane into, an existing
sterile area.
Partial Program
§ 1544.101(b)(1).
Scheduled, public
charter, or private
charter; passenger *.
More than 12,500
pounds MTOW.
Twelve-Five Program
§ 1544.101(d).
Any size ..................
It does not enplane from, or
deplane into, an existing
sterile area, and it is not
under a Full Program or a
Partial Program.
It enplanes from, or deplanes
into, an existing sterile area.
Partial Program
Proposed
Standard Security
LASSP **** with
Program (PPSSP).
component for
aircraft greater
than 45,500 kg (if
applicable).
Twelve-Five StandProposed LASSP.
ard Security Program (TFSSP).
Private charter * .......
Private charter * .......
sroberts on PROD1PC70 with PROPOSALS
Scheduled passenger or public
charter passenger *.
Scheduled passenger or public
charter passenger *.
Scheduled passenger or public
charter passenger *.
More than 45,500
kg, OR 61 or
more passenger
seats.
More than 45,500
kg MTOW.
Under an FAA certificate issued under
14 CFR part 125 **.
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
It does not enplane from, or
deplane into, an existing
sterile area, and it is not a
government charter.
It is carrying passengers or
property for compensation
or hire and is not under another TSA security program.
PO 00000
Frm 00005
Fmt 4701
Private Charter Program
§ 1544.101(f)(1)(i).
Private Charter
Standard Security
Program
(PCSSP).
Private Charter Pro- PCSSP ...................
gram
§ 1544.101(f)(1)(ii).
§ 1550.7; (69 FR
61516, 10/19/
2004).
Sfmt 4702
PCSSP ...................
E:\FR\FM\30OCP2.SGM
30OCP2
Proposed LASSP
with component
for aircraft greater
than 45,500 kg (if
applicable) and
alternative procedures for enplaning from or
deplaning into an
existing sterile
area.
Proposed LASSP
with component
for aircraft greater
than 45,500 kg.
Proposed LASSP
with component
for aircraft greater
than 45,500 kg or
61 or more seats.
64794
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
TABLE 1—STANDARD SECURITY PROGRAMS APPLICABLE TO AIRCRAFT OPERATORS—Continued
An aircraft operator
that operates this
type of service, other
than all-cargo
In this size aircraft
Must have this
program #
And
Currently using this
standard security
program
Would be using this
standard security
program under the
NPRM
Under an FAA certifi- 61 or more pascate issued under
senger seats.
14 CFR part 125 **.
It is carrying passengers or
property for compensation
or hire and is not under another TSA security program.
§ 1550.7; (69 FR
61516, 10/19/
2004).
PCSSP ...................
Under an FAA certifi- More than 45,500
cate issued under
kg MTOW.
14 CFR part 125 **.
It is not carrying passengers
or property for compensation or hire and not under
another TSA security program.
It is not carrying passengers
or property for compensation or hire and not under
another TSA security program.
It is not under another TSA
security program.
§ 1550.7; (69 FR
61516, 10/19/
2004).
PCSSP ...................
Proposed LASSP
with component
for aircraft greater
than 45,500 kg or
61 or more seats.
Proposed LASSP.
§ 1550.7; (69 FR
61516, 10/19/
2004).
PCSSP ...................
Proposed LASSP.
§ 1550.7 ..................
TFSSP ....................
Proposed LASSP.
It enplanes from, or deplanes
into, an existing sterile area.
General Aviation
Operations using
a sterile area
§ 1550.5.
No standard program.
General Aviation
Operations using
a sterile area
§ 1550.5.
Not required to
have a security
program.
No standard program.
Proposed LASSP
with alternative
procedures for
enplaning from or
deplaning into an
existing sterile
area.
No change.
Not required to
have a security
program.
Proposed LASSP.
Not required to
have a security
program.
Not required to
have a security
program.
No change.
DCA Access Program part 1562.
DCA Access Standard Security Program (DASSP).
No change.
Limited program
§ 1544.101(g).
No standard program.
No change.
Under an FAA certifi- 61 or more pascate issued under
senger seats.
14 CFR part 125 **.
Under an FAA certifi- More than 12,500
cate issued under
pounds MTOW.
14 CFR part 125 **.
Operating under 14
More than 12,500
CFR part 91
pounds.
only **.
Operating under 14
CFR part 91
only **.
12,500 pounds or
less.
It enplanes from, or deplanes
into, an existing sterile area.
Operating under 14
CFR part 91
only **.
More than 12,500
pounds.
Operating under 14
CFR part 91
only **.
12,500 pounds or
less.
Passenger operations into and out
of Ronald Reagan
Washington National Airport
(DCA) ***.
Other operations ** ..
Any size ..................
It is not under another TSA
security program, and does
not enplane from or deplane
to an existing sterile area.
It is not under another TSA
security program, and does
not enplane from or deplane
to an existing sterile area.
It is not under a Full Program
Any size ..................
Is not under any other required program but aircraft
operator requests a security
program.
* These aircraft operators are considered air carriers or commercial operators.
** These aircraft operators are considered general aviation.
*** May be air carriers, commercial operators, or general aviation operators.
**** After issuing the LASP final rule, TSA would develop and issue a standard security program to implement the LASP called the Large Aircraft Standard Security Program (LASSP).
# Cites in this column are to 49 CFR.
An all-cargo aircraft
operator that
operates this type of
service: ##
Would be using this
standard security
program under the
NPRM
And
Must have this
program #
Currently using this
standard
security program
All-cargo .....................
sroberts on PROD1PC70 with PROPOSALS
In this size aircraft
Greater than 45,500
kg, OR 61 or more
passenger seats.
Full All-Cargo Program.
§ 1544.101(h) ............
Full All-Cargo Aircraft
Operator Standard
Security Program
(FACAOSSP).
No change.
All-cargo .....................
Over 12,500 lbs but
not over 45,500 kg.
Operating under a
FAA certificate
issued under 14
CFR part 119 or
125.
...................................
Twelve-Five Program
in all-cargo operations.
§ 1544.101(d) ............
TFSSP in all-cargo
operations.
LASSP with all-cargo
component.
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
PO 00000
Frm 00006
Fmt 4701
Sfmt 4702
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
An all-cargo aircraft
operator that
operates this type of
service: ##
All-cargo under an
FAA certificate
issued under 14
CFR part 125.
In this size aircraft
And
Must have this
program #
Currently using this
standard
security program
More than 45,500 kg
...................................
FACAOSSP ..............
FACAOSSP + ...........
64795
Would be using this
standard security
program under the
NPRM
No change.
# Cites in this column are to 49 CFR.
## All-cargo operations carry cargo and authorized persons, but no passengers.
In developing the proposed rule, TSA
analyzed the existing security programs
to determine which security measures
have been effective and would be
appropriate for inclusion in the
proposed LASP. The LASP would
combine the essential elements of some
of the current security programs into
one consolidated and comprehensive
program.
In this rulemaking, TSA is also
proposing to reorganize certain existing
regulations in 49 CFR part 1544.
Specifically, TSA has clarified the
meaning of the rule, simplified the text,
and harmonized regulations between
the different industry populations. This
reorganization may affect the currently
regulated population in addition to the
proposed newly regulated population.
TSA is also proposing to reorganize
certain sections in 49 CFR part 1544 to
account for the proposed addition of the
LASP. The reorganization would not
make any substantive changes to the
regulations.
sroberts on PROD1PC70 with PROPOSALS
C. Implementation and Compliance
Schedule
Based on industry data, TSA
anticipates that this proposed rule
would require approximately 10,000
aircraft operators and 315 airport
operators, most of whom are not
currently required to do so, to
implement security programs. Due to
the large number of aircraft operators
and airport operators that would be
required to implement security
programs, TSA proposes using a phased
approach in the implementation of the
proposed rule. The proposed
compliance schedule would allow for
proper and adequate support and
staffing within TSA and also would
allow sufficient time for compliance on
the part of the newly regulated aircraft
operators and airport operators.
Following issuance of a final rule, TSA
would implement a communication
plan commencing with a wide
distribution of press releases, web-site
postings, and industry association
briefings and meetings. These briefings
and meetings would communicate,
educate, and confirm which operators
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
would be affected by the final rule, what
actions the aircraft operators and airport
operators would be required to take to
comply with the rule, and the time
period within which the aircraft
operator and airport operators would be
required to submit their applications
and other supporting documents. At
that time, TSA would provide the
process, procedures, and necessary
forms to the aircraft operators and
airport operators to enable the operators
to apply for the large aircraft program,
or the airport partial program, via a
secure web-board.
TSA’s implementation schedule
would divide the country into five
areas, taking into account which areas of
the country contain the largest affected
populations of aircraft operators and
airport operators. TSA anticipates six
phases of compliance, targeting
approximately 20 percent of the large
aircraft operator and airport operators
population that currently do not hold
security programs in each of the first
five phases. The sixth and final phase
would include aircraft operators that
currently hold a security program.17 The
following timeline for compliance
would start upon the effective date of
the final rule, which would be 60 days
after publication of the final rule in the
Federal Register:
Phase 1, Mid-Atlantic region—months
1–4 after the effective date of the final
rule.
Phase 2, North-East region—months 5–
8 after the effective date of the final
rule.
Phase 3, Southern region—months 9–12
after the effective date of the final
rule.
Phase 4, Mid-West region—months 13–
16 after the effective date of the final
rule.
Phase 5, Western region—months 17–20
after the effective date of the final
rule.
Phase 6, Existing security program
holders—months 21–24 after the
effective date of the final rule.
The phase in which a large aircraft
operator would fall would be
17 There are no airport operators that currently
hold a partial program.
PO 00000
Frm 00007
Fmt 4701
Sfmt 4702
determined by where the aircraft is
based. For large aircraft operators that
have multiple bases for their aircraft, the
phase would be determined by the
location of the large aircraft operator’s
headquarters. We seek comment on this
phased approach and on determining
which phase would be applicable to
each large aircraft operator based on the
location of the aircraft or headquarters.
II. Major Elements in This NPRM
A. Major Requirements in the Proposed
Large Aircraft Security Program
To provide greater consistency across
all large aircraft operations, the
proposed regulation would create the
Large Aircraft Standard Security
Program (LASSP) to replace the current
security programs for partial program
operators, twelve-five program
operators, and private charter program
operators. The major requirements in
this proposed rule are based on the
requirements in the Twelve-Five and
the Private Charter Security Programs.
The proposed LASP provides a core
security program for all large aircraft,
irrespective of the FAA regulations
under which they operate, whether they
are air carriers, commercial operators, or
GA. Beyond the core requirements for
large aircraft with a MTOW of over
12,500 pounds, the proposed LASP
would include a component for large
aircraft with a MTOW of over 45,500
kilograms operated for compensation or
hire. The following is a summary of the
major security measures in the proposed
LASP.
1. Proposed Core Requirements of the
Large Aircraft Security Program in
§ 1544.103(e)
In TSA’s experience, the current
Twelve-Five Security Program has
proven to be effective in safeguarding
the operations of scheduled and charter
operations in aircraft with MTOW of
over 12,500 pounds without unduly
burdening the aircraft operators.
Accordingly, TSA would base the core
requirements of the LASP on the
Twelve-Five Security Program. The
LASP, however, would include
additional requirements that would
E:\FR\FM\30OCP2.SGM
30OCP2
64796
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
sroberts on PROD1PC70 with PROPOSALS
strengthen the existing security
measures. Below is a discussion of the
major requirements of the LASP.
Security Threat Assessment With
Criminal History Records Check for
Flight Crew Members
Under the current security programs
that apply to large aircraft operators,
TSA requires aircraft operators to ensure
that their flight crew members have
undergone a fingerprint-based criminal
history records check (CHRC). TSA
views this as an important security
measure that should apply to flight crew
members of all large aircraft. Pilots are
in control of the aircraft and other flight
crew members are in the cockpit and
could obtain control of the aircraft.
Consequently, TSA proposes to require
that large aircraft operators ensure that
all of their flight crew members undergo
a security threat assessment (STA) that
includes a CHRC and other analyses,
including checks of appropriate terrorist
watch-lists and other databases. The list
of disqualifying crimes of the CHRC
would be the same as for the full and
full all-cargo operations. 49 CFR
1544.229 and 1544.230.
After TSA adopted the Twelve-Five
Security Program requirements, it
became clear that most operators of that
size were not well-prepared to conduct
adjudication of the CHRCs. Accordingly,
while the twelve-five operators have
been ensuring that their flight crew
members submit their fingerprints, TSA
has been adjudicating the criminal
histories; that is, TSA reviews the
history to determine whether the flight
crew member has a disqualifying
criminal offense. TSA is proposing to
codify that practice and to charge a fee
for the services. See the section-bysection analysis for proposed part 1544,
subpart G.
TSA recognizes that a flight crew
member may be contracted to work for
more than one large aircraft operator.
We seek comment on whether the STA
should be transferable so that the flight
crew member would need to undergo
only one STA every five years,
regardless of the number of employers
the flight crew members may have
within the five-year period. Potential
employers would check the status of the
flight crew member’s STA through a
mechanism required by TSA.
TSA also is considering ways to
positively identify pilots conducting
both domestic and international flight
operations and effectively link them to
the aircraft they are operating. We seek
comment and recommended methods
for positively identifying pilots and
effectively linking them to the aircraft
they are operating.
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
Watch-List Matching of Passengers
The Federal Government maintains a
terrorist watch-list. The watch-list,
which includes the No Fly List and the
Selectee List components of the
Terrorist Screening Database maintained
by the Terrorist Screening Center (TSC),
is the basis for the pre-flight passenger
watch-list matching currently
conducted by certain aircraft operators.
Watch-list matching of passengers on
large aircraft is an important security
measure, because it can prevent
individuals who are believed to pose a
risk from boarding a large aircraft and,
potentially, gaining control of the
aircraft, to use it as a weapon. TSA
studies have shown that significant loss
of lives and other damage could result
from such an incident. Matching
passenger information against the No
Fly List component of the terrorist
watch-list would identify individuals
who, if permitted to board aircraft, may
pose a threat to the aircraft and/or
persons on board. Matching passenger
information against the Selectee List
component of the terrorist watch-list
also would identify individuals who
may be potential threats and would
allow TSA and/or the aircraft operators
to take appropriate action, if necessary.
Under the current watch-list matching
process, TSA provides the No Fly and
Selectee List to twelve-five, partial
program, and private charter aircraft
operators to enable them to conduct the
watch-list matching. When an aircraft
operator receives passenger information
that is similar to, or the same as, a name
on the No Fly or Selectee List, the
aircraft operator is required to notify
law enforcement personnel and TSA in
order to determine whether that
passenger is in fact the individual listed
on the No Fly or Selectee List. The
aircraft operator may not board a
passenger until TSA has instructed the
aircraft operator that the passenger is
clear to board the aircraft.
a. Removing watch-list from aircraft
operators. Per Homeland Security
Presidential Directive-16/National
Security Presidential Directive-47,
section 4012(a) of the Intelligence
Reform and Terrorism Prevention Act,18
and in support of 9/11 commission
recommendations, the U.S. government
is in the process of assuming control
over watch-list matching in the aviation
environment. TSA is concerned that
providing the watch-list to
approximately 10,000 large aircraft
operators as part of the LASP program
would increase the risk that the watchlist would be disseminated to
18 Public
Law 108-458, 118 Stat. 3638, Dec. 17,
2004; 49 U.S.C. 44903 (j)(2).
PO 00000
Frm 00008
Fmt 4701
Sfmt 4702
unauthorized persons and that the
watch-list would be misused and/or
compromised. Since it is not possible to
bring the watch-list matching function
into the federal government in one step,
TSA is considering ways to provide this
list to a more limited set of holders
while TSA considers the most effective
method to assume the watch-list
matching responsibility from all aircraft
operators required to conduct watch-list
matching through the Secure Flight
program.
TSA recognizes that the Secure Flight
program has not yet achieved the
operational capability to conduct watchlist matching for general aviation, nor is
such capability anticipated by the time
TSA would require large general
aviation and charter aircraft operators to
implement the LASP. Therefore, TSA is
proposing a solution for watch-list
matching in this NPRM for the time
period in which the Secure Flight
program does not have the capability to
conduct watch-list matching for large
aircraft passengers. If TSA is able to
develop the capability for the Secure
Flight program to conduct watch-list
matching for large aircraft passengers,
TSA may amend the scope of the Secure
Flight program to include large aircraft
operators in the final rule for this
NPRM.19
b. Watch-list Service Providers. Under
the proposed rule, TSA would not
provide the No Fly List to large aircraft
operators, which means that TSA would
no longer provide the watch-list to the
approximately 800 aircraft operators
now receiving it under the twelve-five
program, partial program and private
charter operators and would not begin
providing it to the additional
approximately 9,300 general aviation
operators that would be under the
LASP. Instead, TSA would provide the
watch-list to watch-list service
providers approved by TSA. Large
aircraft operators would transmit their
passenger information to these watchlist service providers, who would
conduct the automated watch-list
matching function and transmit the
results back to the large aircraft
operators.
TSA is proposing this approach for
two reasons. First, this would greatly
reduce the number of entities receiving
the watch-list, thus reducing the risk
that it would be disseminated to
unauthorized persons or misused.
Second, having a small number of
watch-list service providers conduct
watch-list matching in accordance with
19 For example, proposed § 1560.1(a) may be
amended to include large aircraft operators. See
Secure Flight NPRM, 72 FR at 48387.
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
sroberts on PROD1PC70 with PROPOSALS
TSA standards would result in greater
consistency in the application of the
watch-list matching function. These
watch-list service providers will have
been determined to have appropriate
security, including Information
Technology (IT) security and
performance capabilities, to perform
this important function in the interim.
TSA invites comments on the role that
watch-list service providers may
continue to have if the responsibility for
watch-list matching shifts to the U.S.
Government in the future. For example,
would watch-list service providers offer
their services to consolidate passenger
information from large aircraft operators
and to transmit the passenger
information to Secure Flight?
While the watch-list service providers
would perform the watch-list matching
function, large aircraft operators would
have several responsibilities under the
proposed rule. Large aircraft operators
would be responsible for all costs
associated with watch-list matching,
including any fee charged by the watchlist service providers.
c. Compliance with CBP programs.
Large aircraft operators would not be
required to transmit passenger
information to their watch-list service
providers for any flight for which the
large aircraft operator has submitted
advance passenger information to U.S.
Customs and Border Protection (CBP)
under 19 CFR part 122. For passengers
on flights in commercial aircraft, as
defined in 19 CFR 122.1, the large
aircraft operator are required to submit
advance passenger information under 19
CFR 122.49a and 122.75a and comply
with the CBP boarding instruction
regarding each passenger.
TSA notes that CBP published a
notice of proposed rulemaking,
‘‘Advance Information on Private
Aircraft Arriving in and Departing from
the United States,’’ proposing to
implement certain passenger manifest
and advance passenger screening
requirements for private aircraft
departing foreign ports for U.S.
destinations or departing the United
States for foreign ports. Under the CBP
proposed rule, a private aircraft, in
contrast to a commercial aircraft,20 is
generally any aircraft engaged in a
personal or business flight to or from the
United States that is not carrying
passengers and/or cargo for commercial
purposes.21 See 19 CFR 122.1(h). CBP’s
20 19 CFR 122.1(d) defines ‘‘commercial aircraft’’
as any aircraft transporting passengers and/or cargo
for some payment or other consideration, including
money or services rendered.
21 19 CFR 122.1(h) also defines a private aircraft
as any aircraft leaving the United States carrying
neither passengers nor cargo in order to lade
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
Advance Passenger Information System
(APIS) requirements and proposed
eAPIS requirements apply to both U.S.operated and foreign-operated aircraft.
To avoid process redundancies, DHS
would require operators and pilots of
private large aircraft that would be
subject to this TSA proposed rule and
CBP’s eAPIS private aircraft regulations
to submit their passenger manifest to
CBP only and not to watch-list service
providers. TSA would deem U.S.
operators of private large aircraft to be
in compliance with the proposed rule’s
requirements to submit passenger
information for watch-list matching for
international flights if the pilot submits
passenger information required under
the proposed eAPIS regulations. See
proposed 19 CFR 122.22.
The TSA and CBP screening processes
work in tandem for flights departing
foreign ports destined for the United
States and flights departing the United
States for foreign destinations. If CBP
grants the pilot landing rights under 19
CFR 122.49a, 122.75a, or 122.22, TSA
would allow the large aircraft operator
to permit all passengers, for whom the
aircraft operator submitted advance
passenger information to CBP, to board
the aircraft. If CBP identifies a passenger
as a selectee under 19 CFR 122.49a,
122.75a, or 122.22, TSA would allow
the large aircraft operator to permit the
passenger to board the aircraft, and TSA
would require the large aircraft operator
to comply with the procedures in its
security program pertaining to
passengers that are identified as
selectees, as discussed in further detail
below. If CBP identifies a passenger as
‘‘not cleared’’ under 19 CFR 122.49a,
122.75a, or 122.22, TSA would not
allow the large aircraft operator to
permit the passenger to board the
aircraft. CBP would instruct the large
aircraft operator to contact TSA
regarding the passenger who has been
identified as ‘‘not cleared’’ for further
resolution.
d. Passenger information. This
proposed rule would require large
aircraft operators to request full name,
gender, date of birth, and redress
number 22 (if available) from all
passengers. TSA has determined that an
individual’s full name, gender, and date
of birth are critically important for
effective automated watch-list matching
passengers and/or cargo in a foreign area for
commercial purposes; or returning to the United
States carrying neither passengers nor cargo in
ballast after leaving with passengers and/or cargo
for commercial purposes.
22 The redress number is the number assigned by
DHS to an individual processed through the redress
procedures described in 49 CFR part 1560, subpart
C, as proposed in the Secure Flight NPRM.
PO 00000
Frm 00009
Fmt 4701
Sfmt 4702
64797
of that individual against those
individuals on the watch-list.23 The full
name is the primary attribute used to
conduct watch-list matching and would
be required for all passengers. Partial
names would increase the likelihood of
false positive matches, because partial
names are more likely to match a
number of different entries on the
watch-list. As a result, this proposed
rule would require individuals to
provide their full names and would
prohibit aircraft operators from boarding
a passenger who does not provide a full
name. Date of birth and gender would
be optional for the passenger. This
proposed requirement on passengers to
provide the full name is consistent with
TSA’s proposal in the Secure Flight
NPRM. In the Secure Flight NPRM, TSA
proposes to require passengers on
commercial flights operated by full
program operators and foreign air
carriers to provide their full name when
they make a reservation for a flight. See
proposed § 1540.107(b) in the Secure
Flight NPRM, 72 FR at 48386.
Many names do not indicate gender,
because they can be used by either
gender. Additionally, names not derived
from the Latin alphabet, when
transliterated into English, often do not
denote gender. Providing information
on gender will reduce the number of
false positive watch-list matches,
because the information will distinguish
persons who have the same or similar
names but who are of a different gender.
The date of birth is also helpful in
distinguishing a passenger from an
individual on a watch-list with the same
or similar name, thereby reducing the
number of false positive watch-list
matches.
This proposed rule would also require
aircraft operators to request an
individual’s redress number, if
available. DHS will assign this unique
number to individuals who use the DHS
Traveler Redress Inquiry Program (DHS
TRIP), because they believe they have
been incorrectly delayed or denied
boarding. Individuals may be less likely
to be delayed by false positive matches
to the watch-list if they provide their
redress number, if available.
Under the proposed rule, individuals
would not be compelled to provide their
gender, date of birth, or redress number
when requested by the aircraft
operators. However, without this
information, the watch-list service
provider may be unable to perform
effective automated watch-list matching
and, as a result, the individuals may be
more likely to be denied boarding, or
under certain circumstances, be subject
23 See
E:\FR\FM\30OCP2.SGM
Secure Flight NPRM, 72 FR at 48364.
30OCP2
sroberts on PROD1PC70 with PROPOSALS
64798
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
to additional screening. TSA is
considering whether to require all
individuals to provide their gender and
date of birth to assist in the watch-list
matching and resolution process.
The proposed rule would require
large aircraft operators to transmit to the
watch-list service provider the
passengers’ full names and also transmit
the passengers’ genders, dates of birth,
and redress numbers, to the extent they
are available. In addition, the proposed
rule would require large aircraft
operators to transmit certain
information from an individual’s
passport (full name, passport number,
country of issuance, expiration date,
gender, and date of birth), if it is
available and was provided to the
aircraft operator. Based on TSA’s
experience in conducting security threat
assessments that include watch-list
matching, TSA has determined that
passport information would help
resolve possible false positive matches
and make the watch-list matching
process more accurate.
TSA is not proposing a minimum
time in advance of the flight that large
aircraft operators would be required to
submit passenger information to the
watch-list service provider. TSA
anticipates that the large aircraft
operators would work with their service
providers to establish a minimum time
that the service provider would need to
complete watch-list matching in
advance of a flight. Nevertheless, TSA
seeks comment on whether it should
establish a minimum time for
submission of passenger information to
the service providers, what that
minimum time should be, and the
reasons supporting the suggested
minimum time.
Upon submission of the passenger
information by the aircraft operator to
the watch-list service provider, the
service provider would conduct the
automated vetting of the passenger
information provided against the watchlist which is comprised of the No Fly
and Selectee List components of the
Terrorist Screening Database. The
watch-list service provider would
inform the aircraft operator of the
results of the watch-list matching by
transmitting instructions to the large
aircraft operator for each passenger. The
large aircraft operator would not be able
to permit a passenger aboard an aircraft
until the large aircraft operator receives
the instructions from the watch-list
service provider that would allow the
aircraft operator to board the passenger.
The large aircraft operator would be
required to comply with the
instructions.
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
Upon submission of the passenger
information by the aircraft operator to
the watch-list service provider, the
service provider would conduct the
automated comparison using the
passenger information provided. If an
automated comparison indicates that
the passenger is not a match to the
watch-list, the service provider would
instruct the aircraft operator that the
passenger is cleared to board the
aircraft. If the automated comparison
using the passenger information
identifies a potential match to the
watch-list, the watch-list service
provider would contact TSA for
resolution of the potential match. TSA
would coordinate with the TSC for
resolution if necessary and would
provide further instructions concerning
the passenger to the service provider.
If TSA cannot determine from the
information provided by the watch-list
service provider whether the individual
is a match to the watch-list, it may be
necessary for the passenger to provide
additional information to resolve the
possible match. In these instances, TSA
would inform the watch-list service
provider to instruct the large aircraft
operator to contact TSA directly to
resolve the possible match between the
passenger and the watch-list record, and
TSA would provide final instructions
concerning the possible match and the
passenger’s status to the large aircraft
operator.
e. Aircraft operator procedures. TSA
believes that it is important for large
aircraft operators and their pilots, as the
in-flight security coordinators, to know
whether a passenger is identified as a
selectee so they can make appropriate
security decisions. If the passenger is
identified as a selectee, TSA would
allow the large aircraft operator to
permit the passenger to board the
aircraft. However, TSA would require
the aircraft operator to comply with the
procedures described in its security
program pertaining to passengers
identified as selectees. Although TSA
would not require large aircraft
operators to conduct screening of
selectees and their accessible property
on a normal basis, if warranted by
security considerations, TSA may
require some or all large aircraft
operators to screen selectees and their
accessible property. In this
circumstance, TSA would coordinate
with the large aircraft operators on the
appropriate screening protocols.
If the watch-list service provider
instructs the large aircraft operator that
a passenger must be denied boarding,
the large aircraft operator would not be
able to permit the passenger to board
unless explicitly authorized by TSA.
PO 00000
Frm 00010
Fmt 4701
Sfmt 4702
Additionally, if the aircraft operator
becomes aware that any data element in
the passenger information has changed,
the large aircraft operator would be
required to transmit to the watch-list
service provider updated passenger
information, which includes the full
name, and if available, gender, date of
birth, redress number, and passport
information. If the large aircraft operator
sends updated passenger information to
the watch-list service provider for a
passenger for whom the service provider
has already transmitted instruction, the
large aircraft operator would not be able
to permit the passenger on board until
the large aircraft operator receives
updated instructions from the watch-list
service provider. Any previous
instruction regarding the passenger
would be void; the large aircraft
operator would be required to comply
with any updated instruction from the
service provider.
f. Master passenger list. TSA
recognizes that many large aircraft
operators carry the same passengers on
most or all of their flights and that it
would be burdensome for the large
aircraft operators to send the required
information for the same individuals on
each flight. Consequently, the proposed
rule includes a provision for a master
passenger list. Under this optional
proposed provision, individuals on a
master passenger list would be subject
to continuous vetting of their names
against the watch-list.24 TSA would not
require large aircraft operators to
transmit information on these
passengers every time they are on a
flight operated by the large aircraft
operator. This master list would be
applied for domestic flights only; CBP
would require aircraft operators and
their pilots to transmit advance
passenger information to CBP for
international flights departing from or
arriving in the United States under
CBP’s eAPIS NPRM, and passengers
would need to present their passports
pursuant to CBP regulations.
Prior to collecting passenger
information from an individual to place
that individual on a master passenger
list, the large aircraft operator would be
required to inform the individual that
he or she would have the option of
being placed on the master passenger
list, to provide the individual with
notice of the purpose and procedures
related to a master passenger list, and to
obtain from the individual a signed,
written statement affirmatively
24 The proposed rule would define ‘‘continuous
vetting’’ as the process in which the passenger’s
information is continuously matched against the
most current watch-list.
E:\FR\FM\30OCP2.SGM
30OCP2
sroberts on PROD1PC70 with PROPOSALS
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
requesting that he or she be placed on
a master passenger list. These
requirements would ensure that
individuals would be informed that
their inclusion in a master passenger list
would be voluntary and contingent
upon their providing written consent
and that a watch-list service provider
would continuously maintain their
passenger information and compare the
information against the watch-list.
In order to place an individual on the
master passenger list, the large aircraft
operator would be required to comply
with the following: (1) Request and
obtain the full name, gender, date of
birth, redress number, and passport
information of the individual; (2)
transmit the passenger information and
any updated passenger information to a
watch-list service provider and
designate the individual for continuous
vetting; (3) ensure that the watch-list
service provider is responsible for
continuous vetting for that individual at
the time the individual boards an
aircraft; (4) receive an instruction that
the individual is cleared in response to
the initial transmission of passenger
information or transmission of updated
passenger information; and (5) receive
any instruction to prohibit the
individual from boarding an aircraft.
g. Aircraft operators under a full
program. Under 49 CFR 1544.101(a),
TSA requires full program aircraft
operators to conduct watch-list
matching of their passengers under their
security program. Some of the full
program aircraft operators also operate
flights under the other security
programs in 49 CFR 1544.101. Many of
these aircraft operators use the same
system or process to conduct watch-list
matching for their flights operated
under their full security program, as
well as flights operated under their
other security programs. Under the
proposed rule, TSA would require full
program aircraft operators to transmit
the passenger information for
passengers on their flights operated
under the LASP to watch-list service
providers approved by TSA to conduct
the watch-list matching on their behalf.
TSA requests comment on whether full
program aircraft operators should be
permitted to conduct watch-list
matching for passengers on flights
operated under their LASP using the
system or process that they use for
flights operated under their full security
program, including TSA’s Secure Flight
Program when it is available.
h. Privacy notice and data retention.
TSA would only receive passenger
information if the watch-list service
provider’s automated vetting system
identifies an individual as a potential
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
match to the watch-list; this is much
like the current practice where aircraft
operators conduct watch-list matching
pursuant to their security programs.
TSA is considering requiring aircraft
operators to provide a privacy notice to
passengers in the LASP. Most LASP
aircraft operators do not have a
reservation system and are on-demand
operations, such as charter, corporate,
fractional, and recreational (friends and
family) operations. LASP aircraft
operators may find it challenging and
burdensome to provide a privacy notice
to their passengers when collecting the
information. TSA is seeking comments
on how a privacy notice could be
provided during the collection of
information while considering the
feasibility, costs, and effectiveness of
providing such notice. Should TSA
require large aircraft operators to
provide a privacy notice on web sites
through which passenger service is
offered, either on their own web site or
through an internet travel web site that
offers seats on charter flights, or via
other means that would provide notice
to passengers on aircraft operated by
LASP operators?
TSA is considering data and record
retention requirements for records for
watch-list service providers and large
aircraft operators. TSA seeks comment
on whether the proposed record
retention for the Secure Flight Program
should be applied to large aircraft
operators and watch-list service
providers to ensure that personally
identifiable information is not retained
for longer than necessary. As explained
in the Secure Flight NPRM, TSA would
retain passenger information for seven
days for passengers that are cleared,
seven years for passengers that have
been identified as potential matches to
the watch-list, and 99 years for
passengers who are confirmed matches
to the watch-list under the Secure Flight
Program.25 If TSA were to require a
similar record retention schedule for
records collected, transmitted, and
received under proposed § 1544.245 and
part 1544, subpart F, large aircraft
operators’ watch-list service providers
would retain and destroy passenger
information and watch-list matching
results in accordance to this schedule.
TSA is also considering requiring large
aircraft operators and watch-list service
providers to retain passenger
information for passengers who are
cleared, for three years, to facilitate the
audit that large aircraft operators would
undergo every two years under
25 See
PO 00000
Secure Flight NPRM, 72 FR at 48363.
Frm 00011
Fmt 4701
Sfmt 4702
64799
proposed § 1544.243 and compliance
oversight.
i. Secure Flight. As noted above, the
long-term plan is for TSA to assume the
watch-list matching responsibility from
all aircraft operators required to conduct
watch-list matching and to conduct the
watch-list matching through the Secure
Flight Program. Under the current stage
of Secure Flight development, Secure
Flight will not have the capability to
conduct watch-list matching for large
aircraft operators for several years.
Under the Secure Flight NPRM, TSA
would assume the watch-list matching
only for full program operators and
certain foreign air carriers. If the Secure
Flight Program is capable of assuming
the watch-list matching responsibility
from large aircraft operators when TSA
would require implementation of the
LASP, TSA may amend the scope of the
Secure Flight regulations to include
large aircraft operators in the final rule
for this NPRM.
Under the Secure Flight Program,
TSA may require large aircraft operators
to collect and transmit the same data
elements, called Secure Flight Passenger
Data (SFPD), to TSA for all passengers
that full program operators must collect
and transmit for their passengers.
Although, in the Secure Flight NPRM,
TSA did not propose to cover the large
aircraft population in the Secure Flight
Program, TSA is proposing, in this
LASP NPRM, to align the LASP
passenger information requirements
with those of the Secure Flight Program.
Consequently, the passenger
information requirement in proposed
§ 1544.245 of this LASP NPRM is
similar to proposed § 1560.101 in the
Secure Flight NPRM.26 TSA’s intent is
to align the data requirements of LASP
and the Secure Flight Program, so that
they match when the final rules are
implemented.
The methods for transmitting SFPD to
TSA would be described in the standard
security program for large aircraft
operators. Possible methods of
transmission may include a direct
connection to TSA, similar to the
connection that some full program
operators will establish, and an internetbased application. Similar to the
requirements proposed for the watchlist service provider, large aircraft
operators would not be able to board
passengers until they received boarding
instructions from TSA. TSA would also
require large aircraft operators to
comply with the boarding instructions.
TSA would transmit the boarding
instructions after conducting the watchlist matching of the passengers.
26 72
E:\FR\FM\30OCP2.SGM
FR at 48388.
30OCP2
sroberts on PROD1PC70 with PROPOSALS
64800
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
TSA has determined that watch-list
matching of passengers on large aircraft
is an important security measure,
because it can prevent individuals who
are believed to pose a risk from boarding
a large aircraft and, potentially, gaining
control of the aircraft, to use it as a
weapon or to cause harm to aviation or
national security. Such considerations
extend beyond the simple use of aircraft
as missiles, but also include aircraft as
delivery vectors for other catastrophic
payloads (e.g., chemical, biological,
radiological or nuclear materials). Given
the security concerns, TSA believes a
reliable mechanism for watch-list
matching for large aircraft must be
operational without undue delay. The
watch-list matching service providers
would provide the needed security and
do so in a timely fashion. While the
Secure Flight Program would also
provide a reliable mechanism, its ability
to absorb the watch-list matching
function for the large aircraft population
is likely to be several years away, and
it is likely that it would not be available
to address this important security need
when TSA would be ready to
implement the LASP. Thus, TSA
believes that the using the watch-list
service providers will be the more
viable security solution for watch-list
matching when TSA is ready to
implement the LASP.
While TSA anticipates that Secure
Flight would be the long-term
mechanism for conducting watch-list
matching of passengers, TSA seeks
comments on whether the watch-list
matching service providers should serve
as part of the long-term solution to large
aircraft watch-list matching, such as by
gathering the passenger information
from the aircraft operators and
submitting it to TSA for watch-list
matching, then receiving the results
from TSA. One possible advantage of
the watch-list service providers may be
that the master passenger list system
developed by these providers would
remain undisturbed, a convenience for
passengers on those lists and the large
aircraft operators. Additionally, TSA
seeks comment on whether maintaining
the watch-list matching service
providers may reduce the costs
associated with a transition to the
Secure Flight Program. There may also
be benefit to TSA in limiting the
number of different entities to which the
Secure Flight program would maintain
direct links, requiring only links with
the watch-list service providers, not all
large aircraft operators.
Audit Requirement
Due to the large size and widelydispersed geographical locations of the
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
aircraft operator population that would
be subject to this proposed rule, TSA
would need an effective mechanism to
verify large aircraft operators’
compliance with the large aircraft
program. While TSA intends to develop
a compliance program for, and conduct
inspections of, large aircraft operators, it
is not possible for TSA to visit
approximately 10,000 large aircraft
operators on a regular basis.
TSA proposes the use of TSAapproved third-party auditors. These
TSA-approved third-party auditors
would support existing TSA resources
and would enhance compliance with
TSA regulations and the aircraft
operator’s security program. Auditors
would conduct audits of large aircraft
operators for their compliance with
their security program and TSA
regulations. The auditors would submit
their findings in the manner and form
prescribed by TSA. Auditors’ reports
would assist TSA inspectors in the
conduct of compliance inspections as
necessary. TSA would use the thirdparty auditors’ reports as one tool in
establishing inspection priorities. The
audits would also assist large aircraft
operators in assessing the security
measures in place for their own aircraft.
TSA proposes to require large aircraft
operators to contract with TSAapproved auditors to conduct a biennial
audit of their compliance with TSA
regulations and their security programs.
Large aircraft operators would initially
undergo an audit within 60 days of
TSA’s approval of the large aircraft
operators’ security program and then
every two years thereafter. Large aircraft
operators would also be required to
provide auditors access to their records,
equipment, and facilities necessary for
the auditor to conduct an audit. The
aircraft operators would receive a copy
of the audit report and would be
provided an opportunity to submit
comments on the audit report to TSA.
In this NPRM, TSA is proposing that
large aircraft operators may select any
TSA-approved auditor to perform the
audit function. However, TSA is
considering instituting a system that
would assign auditors to large aircraft
operators on a random basis in order to
assure overall consistency of the
auditing program, thereby enhancing
security. TSA seeks comment on
whether to include a system of assigning
auditors in the final rule and on
methods of doing so.
As stated above, many full program
aircraft operators also operate flights
under the private charter program. TSA
routinely conducts inspections of full
program aircraft operators, and these
inspections include any private charter
PO 00000
Frm 00012
Fmt 4701
Sfmt 4702
operations the aircraft operators may
have. Given these TSA inspections, TSA
requests comment on whether it is
necessary to require full program
aircraft operators that also operate
flights under a LASP to contract with a
third party auditor to conduct a biennial
audit of their operations for compliance
with their security program and TSA
regulations.
Unauthorized Persons and Accessible
Weapons on Board Large Aircraft
TSA would require large aircraft
operators to apply security measures in
their security program to prevent or
deter the carriage of unauthorized
persons and unauthorized weapons,
explosives, incendiaries, and other
destructive substances or items on board
a large aircraft. This proposed security
measure is designed to prevent
unauthorized persons, such as a
stowaway, or accessible weapons, from
being placed in a large aircraft. Under
the proposed security measure, the large
aircraft operator would check for
weapons and check any container,
cargo, or company material that may be
used to hide a stowaway, or explosives,
incendiaries, or other destructive
substances or items. The security
program would describe the method for
conducting the checks, such as visual
inspection of the exterior of the persons
or containers of certain sizes and
weights, with further evaluation if
necessary. This proposed rule would
only apply to property that may be
accessible to the cabin of the aircraft.
For example, if the property is stowed
in a cargo hold that would not allow
access to the cabin of the aircraft, then
that property would be exempt from
inspection.
For purposes of screening passengers
on air carrier flights under a full
program, TSA considers weapons to
include items on its prohibited items
list, which is posted on TSA’s Web site
at https://www.tsa.gov. This list includes,
among other things, guns, firearms, and
certain sharp objects or tools such as
knives, including steak knives and
pocket knives. TSA is proposing to
require large aircraft operators to adopt
and carry out procedures to prevent
passengers from carrying prohibited
items onto the aircraft. We understand,
however, that large aircraft operators
currently not subject to a TSA security
program 27 may have special
circumstances that should be
considered. TSA seeks comment on the
following issues: First, for large aircraft
27 Private charters and twelve-five operators
currently must ensure there are no prohibited items
accessible in the cabin.
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
operators that are not carrying persons
or property for compensation or hire,
should ‘‘weapons’’ be limited to guns
and firearms? Further, should there be
a different requirement depending on
whether the aircraft has a MTOW of
45,500 kg or less or more than 45,500
kg?
TSA understands that a significant
portion of the large aircraft population
may not have inaccessible cargo hold
compartments, but may have a need to
transport weapons, such as when
transporting hunters. Therefore, TSA
proposes that weapons may be stored in
a cargo hold, if the aircraft has such a
cargo hold, or may be stored in a locked
box in the cabin under the direct control
of the in-flight security coordinator. In
these instances, the weapons would be
considered inaccessible to the persons
on board.
sroberts on PROD1PC70 with PROPOSALS
Additional Requirements
The LASP would also include the
following requirements: designation of
Aircraft Operator Security Coordinators,
Ground Security Coordinators, and InFlight Security Coordinators;
regulations concerning law enforcement
personnel; the carriage of TSA Federal
Air Marshals (FAMs) onboard an
aircraft; the aviation security
contingency plan; and procedures for
handling bomb and air piracy threats.
These proposed requirements are
discussed in further detail in the
Section-by-Section Analysis portion of
the preamble.
The economic analysis for this NPRM
suggests that the aircraft operator
security coordinator requirement is the
highest-cost measure in this proposed
rule, and TSA invites comment on
whether there is a more cost-effective
means of meeting the same or
substantially similar security goals as
detailed herein. Although our
preliminary view is that the benefits of
the security coordinator requirements as
proposed justify their costs, we are
interested in comment on alternatives.
Is there a current industry practice that
could provide a suitable alternative?
Should certain general aviation
operators be exempted from the
requirements or portions of the
requirements? Are there operational
limitations that prevent aircraft
operators from designating security
coordinators for multiple flight
segments? TSA also invites comments
on the use of a single individual for
multiple security coordinator roles.
Comments that specifically address the
costs and benefits of alternatives to the
security coordinator requirements
would be welcome.
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
2. Aircraft of MTOW Over 45,500 kg or
With a Passenger Seating Configuration
of 61 Seats or More Operated for
Compensation or Hire
TSA has determined that aircraft over
45,500 kilograms or with a passenger
seating configuration of 61 seats or more
operated for compensation or hire
should be subject to increased security
requirements. The current private
charter program, which applies to
aircraft of this size and weight, includes
more security measures than the current
twelve-five program. Part 125 (14 CFR)
operators using this size aircraft also
currently must comply with the private
charter program. This approach is
supported by the International Civil
Aviation Organization (ICAO), which
requires that aircraft of more than 60
passengers, or with a MTOW of over
45,500 kilograms, be regulated and
protected from intrusion and ballistic
threats.
Although the private charter program
would be merged into the large aircraft
program, TSA believes that maintaining
a higher level of security for aircraft
over 45,500 kilograms, or with a
passenger seating configuration of 61
seats or more, operated for
compensation or hire would be an
important security measure. Thus, for
these aircraft, the proposed rule would
continue the requirements now in the
Private Charter Program for the
operators to inspect passengers and
their property and to perform CHRCs on
their employees who conduct screening.
3. All-Cargo Operations
TSA recently issued a final rule
regarding air cargo security, including
all-cargo operations in an aircraft with
a MTOW over 12,500 pounds. See Final
Rule for Air Cargo Security
Requirements, 71 FR 30478 (May 26,
2006).28 Because cargo security remains
an important part of aviation security,
TSA proposes to retain the requirements
for all-cargo operations in the LASP.
Consequently, large aircraft all-cargo
operations would be required to comply
with the cargo requirements in 49 CFR
1544.202 and 1544.205(a), (b), (d), and
(f) in addition to the core requirements
of the LASP.
The large aircraft all-cargo program
would replace the existing Twelve-Five
All-Cargo Program. Current aircraft
operators that are subject to the TwelveFive All-Cargo Program would be
subject to the proposed requirements for
large aircraft in all-cargo operations.
Additionally, 14 CFR part 125 operators
in all-cargo operations, which currently
28 The effective date of the final rule was Oct. 23,
2006.
PO 00000
Frm 00013
Fmt 4701
Sfmt 4702
64801
are required to comply with the TwelveFive All-Cargo Program, would also be
subject to § 1544.202.
All-cargo operations with an aircraft
with an MTOW of over 45,500
kilograms currently must use the full
all-cargo program and this would be
reflected in the rule.
4. Sensitive Security Information
Protection of Sensitive Security
Information (SSI), as codified at 49 CFR
part 1520, would apply to each aircraft
operator operating under the large
aircraft program. Airport and aircraft
operator security programs and related
amendments, Security Directives and
Information Circulars, technical
specifications of security screening and
detection systems and devices, among
other types of information, constitute
SSI under current 1520.5 and are
prohibited from public disclosure.
Watch-list service providers’
instructions to the large aircraft
operators would also be SSI. The SSI
regulations would apply to LASPs as
well.
Access to SSI is strictly limited to
those covered persons with a need to
know, as defined in 49 CFR 1520.7 and
1520.11. In general, a person has a need
to know specific SSI when he or she
requires access to the information to
carry out transportation security
activities that are government-approved,
-accepted, -funded, -recommended, or
-directed, including for purposes of
training on, and supervision of, such
activities or to provide legal or technical
advice to airport operators, aircraft
operators or their employees regarding
security-related requirements.
Accordingly, the protection of SSI
would apply to each large aircraft
operator operating under a security
program pursuant to 1544.101(b).
5. Existing and Proposed Requirements
for Large Aircraft
Table 2 below illustrates the
requirements for large aircraft operators
and whether these requirements would
be new or modified for current holders
of security programs. The table indicates
how the proposed rule would affect the
current large aircraft operators. The first
column describes the proposed content
requirements for the LASP. The
remaining five columns list five types of
aircraft operators that would be required
to adopt and implement the large
aircraft security program under the
proposed rule. The table indicates
whether each type of aircraft operator is
currently required to comply with each
content requirement of the proposed
LASP or whether the proposed content
requirement is a new requirement for
E:\FR\FM\30OCP2.SGM
30OCP2
64802
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
the aircraft operator. Additionally, as
part of this rule, TSA would modify
some of the content requirements for the
current Twelve-Five Security Program
and the Private Charter Security
Program. The table also indicates
existing requirements that would be
modified under the proposed rule.
Table 3 compares the proposed large
aircraft program with the Full Program
and the Full All-Cargo Program.
TABLE 2—REGULATORY REQUIREMENTS FOR LARGE AIRCRAFT
Scheduled or charter operations in
aircraft with 31–60
seats required to
have a partial
program
Scheduled or charter operations required to have a
twelve-five
program
All-cargo operations required to
have a twelve-five
program
Private charters
required to have a
private charter
program
Acceptance & screening of individuals
and
accessible
property
(§ 1544.201).
Acceptance and screening of cargo
(§ 1544.205).
Does not apply .....
Does not apply .....
Does not apply .....
Does not apply.
Does not apply .....
Does not apply .....
Does not apply.
Persons and property on board a
large aircraft (§ 1544.206).
Screening of individuals and property
(§ 1544.207).
New requirement ..
Currently applies
and would continue.
Does not apply .....
Currently applies
and would continue.
Does not apply .....
New requirement ..
New requirement ..
New requirement.
Does not apply .....
Does not apply .....
Does not apply .....
Does not apply.
Required to have security coordinators (§ 1544.215).
Currently applies
and would continue.
Currently applies
and would continue.
Currently applies
and would continue.
Currently applies;
would be modified.
New requirement ..
Currently applies
and would continue.
Currently applies
and would continue.
Currently applies
and would continue.
Currently applies;
would be modified.
New requirement ..
Currently applies
and would continue.
Currently applies
and would continue.
Currently applies
and would continue.
Currently applies
and would continue.
New requirement ..
New requirement.
Security training for security coordinators and crew (§ 1544.233).
New requirement ..
New requirement ..
New requirement ..
New requirement.
Training Program—Individual securityrelated duties (§ 1544.235).
Currently applies
and would continue.
New requirement ..
Currently applies
and would continue.
New requirement ..
Currently applies
and would continue.
Currently applies
and would continue.
Currently applies
and would continue.
New requirement ..
Currently applies
and would continue.
Currently applies
and would continue.
Currently applies
and would continue.
Currently applies;
would be modified.
New requirement ..
Currently applies
and would continue.
New requirement ..
New requirement.
New requirement ..
New requirement ..
New requirement ..
New requirement ..
New requirement.
New requirement ..
New requirement ..
New requirement ..
New requirement ..
New requirement.
New requirement ..
New requirement ..
New requirement ..
New requirement ..
New requirement.
Currently applies
and would continue.
Currently applies
and would continue.
Currently applies
and would continue.
Currently applies
and would continue.
Currently applies
and would continue.
Currently applies
and would continue.
Currently applies
and would continue.
Currently applies
and would continue.
Currently applies
and would continue.
Currently applies
and would continue.
Currently applies
and would continue.
Currently applies
and would continue.
New requirement.
Description of proposed LASP
requirement
Provision of law enforcement personnel at airports serving the aircraft operators (§ 1544.217).
Carriage of accessible weapons on
board aircraft (§ 1544.219).
Requirement to
(§ 1544.223).
transport
FAMs
Provide for security of aircraft and facilities (§ 1544.225).
Program to permit passengers to provide volunteer emergency services
(§ 1544.241).
Required to undergo third-party audits
(§ 1544.243).
Required to send flight manifest to
approved vendor for watch-list
matching
of
passengers
(§ 1544.245).
Security threat assessment with criminal history records check for flight
crew (part 1544, subpart G).
Develop and implement contingency
plan in response to threats
(§§ 1544.301(a) & (b)).
Bomb
and
hijacking
threats
(§ 1544.303).
sroberts on PROD1PC70 with PROPOSALS
Comply with security directives and
information circulars (§ 1544.305).
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
PO 00000
Frm 00014
Fmt 4701
Sfmt 4702
E:\FR\FM\30OCP2.SGM
30OCP2
Large aircraft operators not currently required to
have a security
program
New requirement.
New requirement.
New requirement.
New requirement.
New requirement.
New requirement.
New requirement.
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
64803
TABLE 3—COMPARISON OF AIRCRAFT OPERATOR SECURITY PROGRAMS
Description of security requirement
Full program
operators
Full all-cargo
program operators
Proposed
large aircraft
program
operators
Acceptance & screening of individuals and accessible property (§ 1544.201) ...........................
Screening of individuals and property (watch-list & accessible weapons) (§ 1544.202) ............
Acceptance and screening of checked baggage (§ 1544.203) ..................................................
Acceptance and screening of cargo and accessible property (§ 1544.205) ..............................
Check property on board (§ 1544.206) ........................................................................................
Screening of individuals and property (§ 1544.207) ....................................................................
Use of metal detection devices (§ 1544.209) ..............................................................................
Use of X-ray systems (§ 1544.211) .............................................................................................
Use of explosives detection systems (§ 1544.213) .....................................................................
Required to have security coordinators (§ 1544.215) .................................................................
Provision for law enforcement personnel at airports serving the aircraft operators
(§ 1544.217) .............................................................................................................................
Carriage of accessible weapons on board aircraft (§ 1544.219) ................................................
Carriage of prisoners under the control of armed law enforcement officers (§ 1544.221) .........
Requirement to transport FAMs (§ 1544.223) .............................................................................
Provide for security of aircraft and facilities (§ 1544.225) ...........................................................
Exclusive area agreements (§ 1544.227) ....................................................................................
Access to cargo and security threat assessments for cargo personnel in the United States
(§ 1544.228) .............................................................................................................................
CHRC: Unescorted access to SIDA, screening, baggage/cargo checks (§ 1544.229) ..............
CHRC: Flight crew members (§ 1544.230) .................................................................................
Airport-approved and exclusive area personnel identification systems (§ 1544.231) .................
Security training for security coordinators and crew (§ 1544.233) ..............................................
Training Program—Individual security-related duties (§ 1544.235) ............................................
Flight deck privileges (§ 1544.237) ..............................................................................................
Program to permit passengers to provide volunteer emergency services (§ 1544.241) ............
Required to undergo third-party audits (§ 1544.243) ..................................................................
Required to send flight manifest to approved vendor for watch-list matching of passengers
(§ 1544.245) .............................................................................................................................
Security threat assessment with criminal history records check for flight crew, individuals authorized to perform screening functions, applicants to become TSA-approved auditors, and
watch-list service provider cover personnel (Part 1544, subpart G) .......................................
Develop and implement contingency plan in response to threats (§ 1544.301) .........................
Bomb and hijacking threats (§ 1544.303) ....................................................................................
Comply with security directives and information circulars (§ 1544.305) .....................................
X
........................
X
X
........................
X
X
X
X
X
........................
X
........................
X
........................
X
X
X
........................
X
X
X
........................
X
X
X
........................
........................
........................
X
X
X
X
X
X
X
X
X
........................
X
X
X
X
X
........................
X
X
........................
X
X
X
X
X
X
X
X
........................
X
X
X
X
X
X
X
........................
........................
........................
........................
........................
........................
X
X
........................
X
X
........................
........................
X
........................
X
X
X
........................
X
X
X
X
X
X
X
sroberts on PROD1PC70 with PROPOSALS
B. Proposed Requirements for Certain
Airports
Currently, the regulations extend
airport security program requirements to
airports that regularly serve aircraft
operations using full programs, partial
programs, private charter programs, and
corresponding foreign air carriers.29
These regulations for airport operators
provide for the safety and security of
persons and property on an aircraft
operating in air transportation against
an act of criminal violence and aircraft
piracy. An enhanced security
environment at the airports where large
aircraft operate would support
enhanced security for the large aircraft.
Thus, as part of the proposal to provide
security for large aircraft through a large
aircraft program for aircraft operators,
TSA also proposes to require certain
29 49 CFR 1544.101(a), (b), and (f), and
1546.101(a), (b), (c), and (d). However, there are no
airports that currently hold a security program
because they regularly serve an aircraft operator
holding a partial program or a private charter
program, or their foreign air carrier equivalent.
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
airports that serve large aircraft to adopt
a security program.
There are thousands of GA airports
that serve large aircraft. TSA considered
the heavy burden involved for all these
airports to adopt a security program.
Many are very small and may have
limited resources and limited large
aircraft activity. TSA proposes to
require two types of airports to hold a
security program because of the type of
service they provide.
The first type of airport that would be
required to hold a partial program is a
GA airport that is designated as a
‘‘reliever’’ airport by the Secretary of
Transportation, as defined in 49 U.S.C.
47102(22). These airports perform the
function of relieving congestion at a
commercial service airport by diverting
GA from the commercial services airport
to the reliever airport and provide more
GA access to the overall community.
Reliever airports are generally near
metropolitan areas and thus serve and
are close to large populations—thus the
need for greater security at these
airports.
PO 00000
Frm 00015
Fmt 4701
Sfmt 4702
The second type of airport is an
airport that regularly serves scheduled
or public charter operations in large
aircraft. These operations have farepaying passengers on a regular basis.
TSA proposes to require these airports
to adopt the partial program. This
program would provide a basic level of
security enhancement to compliment
and support the security measures that
TSA would require large aircraft
operators to adopt and implement.
Table 4 below illustrates how the
proposed rule would affect the various
types of airports. Table 5 compares the
three types of airport security
programs—complete program,
supporting program, and partial
program. TSA believes that the
requirements of the partial program for
airport operators would not be
burdensome for reliever airports, and
airports that regularly serve scheduled
or public charter operations, to adopt
and carry out. TSA also believes that the
requirement for these airports to
implement security programs will not
place a significant burden on local law
E:\FR\FM\30OCP2.SGM
30OCP2
64804
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
enforcement agencies, because TSA
expects that there will be few incidents
requiring law enforcement response at
these airports.
TABLE 4—AIRPORT OPERATOR SECURITY PROGRAMS
An airport operator must have this
program
Current: If it regularly serves aircraft operations
under these security programs in 49 CFR
Complete program § 1542.101(a) .....
full program under § 1544.101(a)(1); or foreign air
carrier program under § 1546.101(a).
full program under § 1544.101(a)(2); or ....................
Supporting program § 1542.101(b) ...
private charter program under § 1544.101(f); or ......
foreign air carrier program under § 1546.101(c) .......
Partial program § 1542.101(c) ..........
partial program under § 1544.101(b); or ...................
None required * .................................
None required * .................................
None required * .................................
foreign air carrier program under § 1546.101(d) ......
twelve-five program under § 1544.101(d) .................
limited program under § 1544.101(g) ........................
full all-cargo program under § 1544.101(h) ..............
Proposed: If it meets the following criteria:
No change.
Regularly serves full program aircraft operator
under § 1544.101(a)(2) (no change); or
Regularly serves foreign air carrier aircraft operator
program under § 1546.101(b) (no change); or
Regularly serves foreign air carrier under
§ 1546.101(c) (no change).
Regularly serves large aircraft operator in scheduled or public charter passenger operations
under § 1544.101(b); or
Is a reliever airport.
Large aircraft not described above.
No change.
No change.
* TSA may enter airports to inspect an aircraft operator that is operating under a part 1544 or 1546 security program. 49 CFR 1542.5(e).
TABLE 5—COMPARISON OF AIRPORT SECURITY PROGRAMS
Complete
program
Supporting
program
Partial program
Designate Airport Security Coordinator (§ 1542.3) ..................................................................................
Description of secured areas of the airport .............................................................................................
Description of the Airport Operations Area .............................................................................................
Description of the Security Identification Display Area (SIDA) ...............................................................
Description of the sterile area .................................................................................................................
Criminal history records check of airport operator, airport user, individuals with unescorted access to
a SIDA, and individuals seeking unescorted access authority ............................................................
Description of personnel identification systems (§ 1542.211) .................................................................
Escort procedures (§ 1542.211(e)) ..........................................................................................................
Challenge procedures (§ 1542.211(d)) ....................................................................................................
Training program for individuals performing security-related functions for the airport operator
(§ 1542.213) .........................................................................................................................................
Training program for law enforcement personnel (§ 1542.217(c)(2) .......................................................
Description of law enforcement support ..................................................................................................
System for maintaining records (§ 1542.221) ..........................................................................................
Procedures and description of facilities and equipment used to support TSA inspection of individuals,
property, and aircraft operator and foreign air carrier screening functions .........................................
Contingency plan (§ 1542.301) ................................................................................................................
Procedures for the distribution, storage, and disposal of Sensitive Security Information (including security program, Security Directives, Information Circulars, and implementing instructions), and, as
appropriate, classified information .......................................................................................................
Procedures for posting of public advisories (§ 1542.305)) ......................................................................
Incident management procedures (§ 1542.307) ......................................................................................
Alternate security procedures, if any, that the airport intends to use in the event of natural disasters,
and other emergency and unusual conditions. ....................................................................................
Exclusive area agreement (§ 1542.111) ..................................................................................................
Airport tenant security program (§ 1542.113) ..........................................................................................
sroberts on PROD1PC70 with PROPOSALS
Description of security requirement
X
X
X
X
X
X
....................
....................
....................
....................
X
....................
....................
....................
....................
X
X
X
X
....................
....................
....................
....................
....................
....................
....................
....................
X
X
X
X
....................
X
X
X
....................
X
X
X
X
X
....................
X
....................
....................
X
X
X
X
X
X
X
X
X
X
X
X
....................
....................
....................
....................
....................
....................
In addition to the two types of
airports in the proposed rule text, TSA
requests comments on whether other
types of airports should also be required
to adopt a security program, such as the
partial program. For example, should
TSA require airports that regularly serve
aircraft used in private charter
operations-aircraft with MTOW of over
45,500 kilograms or a passenger seating
configuration of 61 or more seats—to
adopt a partial program? If TSA were to
adopt such an approach, how should
VerDate Aug<31>2005
18:31 Oct 29, 2008
Jkt 217001
TSA determine whether an airport
‘‘regularly serves’’ a large aircraft with
MTOW of over 45,500 kilograms or a
passenger seat configuration of 61 or
more seats? Should TSA require airports
that serve any large aircraft with MTOW
of over 45,500 kilograms or a passenger
seat configuration of 61 or more seats to
adopt a partial program, regardless of
frequency?
In addition to the proposed
amendments to § 1542.101(b) and (c),
TSA is seeking comments on whether
PO 00000
Frm 00016
Fmt 4701
Sfmt 4702
the content requirements of the partial
program and the supporting program
should be amended. For example, TSA
is considering whether it should require
airport security coordinators at locations
with partial programs to undergo the
same security training that airport
security coordinators at locations with a
supporting or complete program under
§ 1542.3 undergo or whether a shorter
training program would be appropriate.
TSA is also considering whether
airport operators should be required to
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
sroberts on PROD1PC70 with PROPOSALS
undertake a risk-based self assessment
of their security programs. The ‘‘TSA
Information Publication (A–001),
Security Guidelines for General
Aviation,’’ includes the Airport
Characteristic Measurement Tool, which
lists the most significant airport
characteristics that can potentially affect
a facility’s security posture.
TSA may develop a computer based
training, available online or in a DVD
format, which incorporates GA security
awareness, elements of the existing
‘‘TSA Information Publication (A–001),
Security Guidelines for General
Aviation Airports,’’ and industry best
practices. Airport operators may be able
to use this training and accompanying
self-assessment tool to fulfill a riskbased self assessment should TSA
decide to include it as part of the partial
program.
C. Passenger Checking Against the
Watch-List
As discussed above in section II.A of
the preamble, the proposed rule would
require large aircraft operators to
transmit passenger information to thirdparty entities called watch-list service
providers to conduct watch-list
matching of their passengers. Because
watch-list service providers would
perform an important security function,
TSA is proposing to require potential
watch-list service providers to obtain
approval from TSA prior to conducting
watch-list matching for any large aircraft
operator. The proposed approval
process would ensure that the watch-list
service provider has the appropriate
personnel and systems to process and
keep secure sensitive and personally
identifiable information.
The following are the major
requirements that potential watch-list
matching service providers would have
to satisfy to obtain approval from TSA.
The individual requirements are
described and discussed in further
detail in the section-by-section analysis
of proposed § 1544.503.
• Demonstrate ability to conduct
automated watch-list matching and
continuous vetting.
• Adopt and implement a system
security plan for the system that
contains personally identifiable
information or is used to conduct
watch-list matching.
• Demonstrate ability to receive
passenger information from large
aircraft operators and transmit watchlist matching results back to large
aircraft operators.
• Successfully undergo a suitability
assessment by TSA.
• Watch-list service provider’s
covered personnel would be required to
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
successfully complete security threat
assessments.
• Adopt a security program that
complies with TSA requirements.
The proposed rule describes the
approval process that would apply and
includes a provision allowing
prospective watch-list service providers
to seek reconsideration of an initial
disapproval.
Once TSA approves a watch-list
service provider, the provider would
have several responsibilities. TSA lists
the major responsibilities below and
then describes them in greater detail in
the section-by-section analysis of
proposed §§ 1544.513 and 1544.515.
• Carry out its security program,
which details the requirements for
conducting watch-list matching,
security of the systems and physical
property used to conduct watch-list
matching, and training of personnel.
• Develop and execute procedures to
identify, handle, and protect Sensitive
Security Information and maintain the
confidentiality of other information
provided by TSA and aircraft operators.
• Submit to inspection by TSA.
Under the proposed rule, TSA would
retain the authority to withdraw a
watch-list service provider’s approval to
conduct watch-list matching if the
watch-list service provider failed to
meet the qualification requirements or
its responsibilities under the rule or if
it were in the interest of transportation
or national security. Watch-list service
providers would be able to seek
reconsideration of the withdrawal of
approval to conduct watch-list matching
from the Assistant Secretary or
designee.
D. Third-Party Audits for Large Aircraft
Operators
As described in section II.A of this
NPRM, TSA would require large aircraft
operators to contract with TSAapproved auditors to conduct audits of
their compliance with TSA regulations
and their security programs. To ensure
that auditors have the qualification and
responsibilities to produce audits that
would be useful to TSA and the large
aircraft operators and to identify,
handle, and protect Sensitive Security
Information and other sensitive
information, TSA proposes the
following major qualifications and
responsibilities that would apply to
auditors. These qualifications and
responsibilities, as well as other
requirements, are described and
discussed in further detail in the
section-by-section analysis of proposed
part 1522.
• Successfully undergo a TSA
security threat assessment.
PO 00000
Frm 00017
Fmt 4701
Sfmt 4702
64805
• Currently hold or be able to obtain
a certification or accreditation from an
organization recognized by TSA.
• Have sufficient knowledge and
skills to conduct a security audit of an
aircraft operator.
• Receive initial and biennial
training.
• Conduct independent and impartial
audits, submit audit reports to TSA, and
retain audit reports for 36 months.
• Identify, handle, and protect
Sensitive Security Information and keep
confidential other information provided
by TSA and large aircraft operators.
• Submit to inspection by TSA.
The proposed rule describes the
approval process that would apply to
auditors. Auditors would be able to seek
reconsideration of the disapproval to be
a TSA-approved auditor from the
Assistant Secretary or designee.
Under the proposed rule, TSA would
be able to withdraw approval of an
auditor or responsibilities under the
proposed rule or in the interest of
transportation or national security.
Auditors would be able to seek
reconsideration of the withdrawal of
approval to conduct audits from the
Assistant Secretary or designee.
E. Proposed Amendments to the Full
Program and the Full All-Cargo Program
As part of this NPRM, TSA is also
proposing a few minor amendments to
the full program and the full all-cargo
program. TSA proposes to require these
aircraft operators to provide the
following information when they submit
their security program for approval
under § 1544.105: business name; other
names including ‘‘doing business as’’;
state of incorporation; tax identification
number; and the address of the aircraft
operator’s primary place of business or
headquarters. This information would
provide TSA the means to identify the
aircraft operators and to obtain basic
information about the aircraft operator
in the course of reviewing a new
security program for approval.
Additionally, TSA proposes to add a
provision of voluntary services to the
full program and the full all-cargo
program, as explained in further detail
in the section-by-section analysis of
proposed § 1544.241. Finally, as
explained in the section-by-section
analysis of § 1544.101, TSA proposes to
clarify that the full program applies to
operators holding FAA operating
certificates under 14 CFR part 119 and
that the full all-cargo program applies to
operators holding FAA operating
certificates under 14 CFR part 119 or
part 125.
E:\FR\FM\30OCP2.SGM
30OCP2
64806
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
III. Section-By-Section Analysis
The proposed rule sets forth the
security regulations that would apply to
large aircraft operators, including the
requirements for the security program.
TSA is also proposing to amend several
other sections of part 1544 and adding
new subparts F and G to set forth the
procedures for watch-list service
providers to obtain TSA approval and
for large aircraft flight crews, auditors,
and watch-list service providers’
covered personnel to obtain security
threat assessments, respectively. TSA is
proposing to add a new provision in
part 1540 to govern withdrawals of
approved security programs. In
addition, TSA is proposing to add a new
part 1522, which establishes procedures
for accrediting third-party auditors and
for prescribing their functions in the
LASP program. With respect to airports
serving large aircraft, TSA is proposing
to amend portions of part 1542 by
regulating reliever airports, as
designated by the Secretary of
Transportation. TSA is also proposing
changes to part 1520 to include the
proposed LASP in the coverage of the
regulations regarding Sensitive Security
Information and minor changes to part
1550 to maintain consistency between
regulations.
Part 1520—Protection of Sensitive
Security Information
sroberts on PROD1PC70 with PROPOSALS
Section 1520.5 Sensitive Security
Information
TSA proposes to amend
§ 1520.5(b)(1)(i) to protect watch-list
service provider security programs as
Sensitive Security Information. The
watch-list service provider would have
access to, and handle information on,
the No Fly and Selectee Lists, which are
SSI. The proposed change to this section
would protect this SSI from
unauthorized disclosure by the TSAapproved auditor, the watch-list service
provider, the aircraft operator, or any
other covered person.
Section 1520.7—Covered Persons
As explained in the section-by-section
analysis of proposed part 1522 and
§ 1544.243, TSA would require large
aircraft operators to engage independent
TSA-approved auditors to audit their
compliance with their security programs
and TSA regulations. TSA-approved
auditors would have access to and
handle SSI regarding the aircraft
operator and TSA security standards as
they relate to large aircraft operators.
Similarly, the watch-list service
provider would have access to and
handle the No Fly and Selectee Lists,
which are SSI. Accordingly, TSA would
VerDate Aug<31>2005
18:31 Oct 29, 2008
Jkt 217001
amend § 1520.7(a) to include TSAapproved auditors and watch-list
service providers as covered persons
that are subject to the requirements of
part 1520 as they apply to SSI.
Part 1522—TSA Approved Auditors
As described in section II.D, aircraft
operators subject to this rule would
need to engage independent TSAapproved auditors to audit their
compliance with their security
programs. TSA is proposing a new part
1522 to establish a framework for this
new third-party auditor program. This
third-party auditor program would
initially apply only to aircraft operators
under the LASP. TSA may expand its
use to other programs in the future. The
broad scope of part 1522 would allow
TSA to use the process set forth in part
1522 for other programs that it may
determine may benefit from an audit
program.
Part 1522 would have two
components: (1) qualifications and
procedures for individuals who seek
TSA’s approval for conducting audits;
and (2) specific qualifications and
required content of audit reports for the
LASP. The first of these components
would apply to all programs in which
TSA would require third-party auditors.
The second component would apply to
the LASP.
Subpart A—General
Section 1522.1
in This Part
Scope and Terms Used
Proposed § 1522.1 explains that
individuals who wish to conduct audits
of operators’ compliance with security
programs must obtain TSA’s approval in
accordance with part 1522. Section
1522.1 also defines terms used in the
subpart. Proposed § 1522.1 defines
‘‘applicant’’ to mean the individual who
is seeking to become a TSA-approved
auditor.
Section 1522.1 defines ‘‘conflict of
interest’’ as a situation when the TSAapproved auditor has a personal
impairment that might affect their
ability to do their work and report their
findings impartially. This definition is
derived from the Government Auditing
Standards established by the
Government Accountability Office
(GAO) for ensuring that auditors do not
have personal impairments that would
interfere with their ability to maintain
their independence. The proposed
definition includes examples of conflict
of interest situations, such as family or
employment relationships.
Relationships with family members that
may be a conflict of interest would
PO 00000
Frm 00018
Fmt 4701
Sfmt 4702
include relationships with parents,
children, and siblings.
Other proposed examples of conflict
of interest include financial
relationships and business relationships
between the auditor and the operators to
be audited. Financial interest would
include, for example, the auditor
owning stocks or bonds of the operator
or the auditor having an employment,
rather than a contractual, relationship
with the operator. Examples of business
relationships that would give rise to a
conflict of interest would be where the
auditor had previous decision-making
or managerial authority that would
affect current operations or program
being audited. Additionally, an auditor
or the company that employs the
auditor would not be able to provide
non-audit services to the operator if the
non-audit services relate to the
operator’s security program. TSA seeks
comments on these examples as well as
suggestions for other examples that TSA
should consider. TSA is also
considering expressing the conflict of
interest concept as auditor
independence. Rather than defining and
prohibiting conflicts of interest, TSA
would define independence and would
require an auditor to have independence
from the entity the auditor would audit.
If TSA were to adopt a definition of
‘‘independence’’ in the final rule, the
definition of ‘‘independence’’ would
describe circumstances similar to those
described in the proposed definition of
‘‘conflict of interest.’’ This approach
would be consistent with the GAO’s
Government Auditing Standards and the
Securities and Exchange Commissions
regulations at 17 CFR 210.2–01
concerning audits by certified public
accountants.
The final definition in proposed
§ 1522.1 is ‘‘TSA-approved auditor’’ or
‘‘auditor.’’ These terms would mean an
individual who has been approved
under proposed part 1522 to conduct an
audit under 49 CFR chapter XII.
Section 1522.3 Qualifications
Section 1522.3 would establish
qualifications for third-party auditors
that would apply to such auditors in
any program in which TSA would
require their use. These qualifications
are designed to ensure that auditors
have the resources and expertise
required to conduct an audit and to
prepare the required reports. With
respect to qualifications, TSA is
proposing that auditors have experience
with Federal statutes and regulations
and have a certification or accreditation
from a highly-regarded organization in
the appropriate field. Such an
organization might include, for
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
example, the International Standards
Organization. For auditors that would
be involved with the large aircraft
program, the International Civil
Aviation Organization or the
International Business Aviation Council
would also be acceptable. TSA would
make publicly available a list of
acceptable accreditation or certification
organizations. TSA requests comments
on whether this qualification is
appropriate and on other organizations
that might have the stature to provide
the necessary certification or
accreditation.
Finally, applicants would be required
to undergo a successful security threat
assessment that includes a criminal
history records check.
The proposed rule text does not
require auditors to be U.S. citizens, U.S.
nationals, or lawful permanent residents
of the United States. We invite
comments on whether individuals with
these important duties should be subject
to such a qualification.
Section 1522.5 Application
Proposed § 1522.5 describes the
information and documentation that
applicants would be required to submit
to TSA. The information would include
the applicant’s name, business address,
business phone number, and business email address. TSA would also require
the applicant to submit a copy of his or
her accreditation or certification from
one of the organizations TSA
determines are acceptable for this
purpose and a statement of how he or
she meets the requirements in proposed
§ 1522.3.
sroberts on PROD1PC70 with PROPOSALS
Section 1522.7 TSA Review and
Approval
Proposed § 1522.7 describes the
review and approval process which TSA
would carry out upon receipt of the
auditor’s application. The procedures by
which TSA would review applications
for the third-party auditor program may
involve several steps. After TSA
receives an application, TSA would
decide whether to approve or
disapprove the application and would
send a written notice of approval or
disapproval to the applicant. If the
application is disapproved, the
applicant would be able to seek
reconsideration under proposed
§ 1522.9.
Section 1522.9 Reconsideration of
Disapproval of an Application
Proposed § 1522.9 describes the
review and petition process for
reconsideration of disapproval of the
auditor’s application. If an applicant
seeks to challenge the disapproval of his
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
or her application, the applicant would
be required to submit a written petition
for reconsideration within 30 days of
receipt of the notice of disapproval. The
petition would include a statement
explaining why the applicant believes
he or she meets the criteria in § 1522.3
with any supporting documentation.
Reconsideration may result in
confirmation of the disapproval or in a
determination that the application
should be approved.
Section 1522.11 Withdrawal of
Approval
Under proposed § 1522.11, TSA
would be able to withdraw the approval
of an auditor if the auditor ceased to
meet the qualification standards, the
auditor failed to meet his or her
responsibilities, or it is in the interest of
security or the public. If TSA withdraws
an auditor’s approval, the auditor would
no longer be able to perform an audit
under TSA regulations.
Under proposed § 1522.11, before
revoking an auditor’s authority, TSA
would provide the auditor with a
proposed notice of withdrawal of
approval that would include the basis
for the withdrawal of approval. The
auditor would be able to file a written
petition for reconsideration to challenge
the proposed notice. To challenge the
proposed notice of withdrawal of
approval, an auditor would be required
to submit the petition for
reconsideration within 30 days of
receipt of the proposed notice.
Reconsideration may result in
confirmation of the disapproval or in a
determination that the application
should be approved. If the auditor does
not file a petition for reconsideration,
the proposed notice of withdrawal of
approval would become a final notice
31 days after the auditor receives the
proposed notice.
In emergency situations, proposed
§ 1522.11 would allow TSA to issue an
emergency notice of withdrawal of
approval that would be effective upon
receipt by the auditor. The auditor
would be able to challenge the
emergency notice of withdrawal of
approval by submitting a written
petition for reconsideration but
submission of the petition would not
stay the withdrawal of approval.
Section 1522.13 Responsibilities of
TSA-Approved Auditors
Proposed § 1522.13 prescribes the
responsibilities of TSA-approved
auditors. Auditors would not be allowed
to undertake an audit where the auditor
had a conflict of interest as defined in
proposed § 1522.1. Auditors would be
required to submit reports to TSA that
PO 00000
Frm 00019
Fmt 4701
Sfmt 4702
64807
meet TSA standards for the particular
program. Auditors would be required to
comply with TSA’s regulations for
identifying, handling, and protecting
SSI. Under this section, auditors would
also be prohibited from disclosure of
any proprietary information.
Importantly, if an auditor conducting an
audit believes that there is an instance
of noncompliance that presents an
imminent threat to transportation
security or public safety, the auditor
would be required to notify TSA
immediately. The auditor would not be
authorized to require any remedial
action.
Section 1522.15 Fraud and Intentional
Falsification of Records
Proposed § 1522.15 includes
provisions that would prohibit any
person from making or providing any
fraudulent statements, reports, records,
access mediums, or identification. Any
falsification of records or fraudulent
actions would be a violation of the
regulations and 18 U.S.C. 1001, and it
would be a basis for TSA to withdraw
the auditor’s approval under proposed
§ 1522.13.
Section 1522.17 Inspections
Under proposed § 1522.17, auditors
would be required to permit TSA to
inspect their facilities and copy records.
This section would allow TSA to
evaluate the auditor’s performance and
an operator’s compliance with TSA
regulations and its security program.
Subpart C—Auditors for the Large
Aircraft Security Program
Section 1522.201 Applicability
Proposed § 1522.201 states that
subpart C would apply to auditors
seeking to obtain TSA’s approval to
conduct audits for the large aircraft
program.
Section 1522.203 Additional
Qualification Requirements
Proposed § 1522.203 describes the
additional requirements that auditors
for the LASP would be required to meet
to be considered for approval. These
requirements would include:
• At least five years of experience in
inspection or auditing relating to
governmental programs in security or
aviation;
• Three professional references;
• Accreditation from an outside
organization within the last ten years;
and
• Knowledge and ability to assess
compliance with Federal statutes and
regulations.
These additional requirements would
demonstrate that the auditor possesses
E:\FR\FM\30OCP2.SGM
30OCP2
64808
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
sufficient experience and knowledge in
auditing compliance with governmental
programs and that the auditor has
credentials that reflect knowledge of the
aviation industry. Auditors would be
able to satisfy the five-year experience
requirement as a government employee
or private consultant or contractor. TSA
requests comments on these
requirements as well as other
requirements that TSA should consider
for auditors of LASPs.
Section 1522.205 Audit Report
Section 1522.205 would require an
auditor to prepare an audit report that
would include information about the
audit process and the auditor’s findings
and conclusions of the audit. TSA
would require the auditor to submit the
audit report within 30 days after the
audit was conducted. TSA would also
require the auditor to sign an attestation
that the audit was performed
professionally and impartially. The
audit report would be an important tool
in TSA’s compliance program by
enabling TSA to evaluate a large aircraft
operator’s compliance with TSA
regulations and the operator’s security
program and to ascertain if additional
TSA action is required.
Section 1522.207 Training
Under proposed § 1522.207, TSA
would require auditors to undergo
initial and recurrent training. Through
the initial training, auditors would
acquire the necessary information on
the process, procedures, and forms
associated with the TSA-required audit.
Recurrent TSA prescribed training
would provide auditors with up-to-date
information and would ensure that the
auditor has maintained the necessary
expertise to continue to perform audits.
Recurrent training would be required
every 24 months.
sroberts on PROD1PC70 with PROPOSALS
Section 1522.209 Biennial Review
To ensure that a TSA-approved
auditor continues to possess the
requisite qualification and expertise to
conduct audits, TSA would require the
auditor to submit to a biennial review.
The review would consist of submitting
evidence that an auditor’s training has
been successfully completed and is
current and that an auditor continues to
hold the necessary accreditation or
certification.
Part 1540—Civil Aviation Security:
General Rules
Section 1540.107 Submission to
Screening and Inspection
As discussed in section II.A, TSA
would require large aircraft operators to
contract with a watch-list service
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
provider to determine whether their
passengers may board the aircraft.
Watch-list service providers, who must
be approved by TSA, would compare
passenger names against the watch-list.
Under proposed § 1544.245(b), large
aircraft operators would be required to
request and obtain the full name of their
passengers to transmit their passengers’
information to a watch-list service
provider to conduct watch-list matching
prior to the passengers boarding the
aircraft. Because full name is essential
in conducting effective watch-list
matching, TSA proposes to require
passengers to provide their full name
when the large aircraft operator requests
their full name.
TSA has published the Secure Flight
NPRM, which also includes a proposal
to require individuals who make
reservations for a covered flight to
provide their full names.30 Under the
proposed Secure Flight Program, full
name would be the full name that
appears on the individual’s verifying
identity document. A verifying identity
document would be an unexpired photo
identification issued by a government
(Federal, State, or tribal) bearing the
individual’s full name and date of birth
or an unexpired foreign passport.
Examples of verifying identity
documents are driver’s licenses and
passports. Accordingly, proposed
§ 1540.107(c) would apply the same
requirements to passengers of large
aircraft operators.
Section 1540.301 Withdrawal of
Approval of a Security Program
Various entities, such as airport
operators and aircraft operators, must
submit their security programs to TSA
for approval. Once TSA approves a
security program, the operator must
implement and operate under its
approved security program. The
regulations, however, do not specifically
address the process through which TSA
may withdraw its approval of a security
program, when appropriate.
TSA currently has withdrawal
procedures only for indirect air carriers
in 49 CFR 1548.7(f). To standardize the
regulations, TSA proposes a new
§ 1540.301 to codify procedures for TSA
to withdraw approval of any operator’s
security program held under subchapter
C. The proposed standard for
withdrawal would be a TSA
determination that the operation is
contrary to security and the public
interest. Proposed § 1540.301 provides
30 ‘‘Covered flight’’ is defined as a flight operated
by an aircraft operator subject to a full program
under 49 CFR 1544.101(a) or by a foreign air carrier
subject to 49 CFR 1546.101(a) or (b). Proposed
§ 1560.3, 72 FR at 48387.
PO 00000
Frm 00020
Fmt 4701
Sfmt 4702
procedures for notice, response, and
appeal of a TSA decision to withdraw
approval. The affected airport operator,
aircraft operator, or large aircraft
operator would also be able to request
a stay of the withdrawal pending appeal
of the notice.
TSA further proposes the codification
of emergency withdrawal procedures.
This proposal would create procedural
guidelines to implement withdrawal of
a security program and affords due
process to the airport operator, aircraft
operator, and large aircraft operator. The
emergency procedures would allow the
operator to appeal the withdrawal, but
the filing of the appeal would not stay
the effective date of withdrawal because
of the extant circumstances giving rise
to the emergency.
Part 1542—Airport Security
Section 1542.103 Content
Section 1542.103 describes the
airports that TSA requires to adopt a
security program. TSA requires airports
that regularly serve full program aircraft
operators described in § 1544.101(a)(1)
or foreign air carriers described in
§ 1546.101(a) to adopt a complete
program. 49 CFR 1542.103(a). TSA also
requires airports that regularly serve full
program aircraft operators described in
§ 1544.101(a)(2), private charter aircraft
operators described in § 1544.101(f), or
a foreign air carrier described in
§ 1546.101(b) or (c) to adopt a
supporting program. 49 CFR
1542.103(b). Additionally, TSA requires
airports regularly serving operations of
an aircraft operator or foreign air carrier
described in § 1544.101(b) or
§ 1546.101(d) to adopt a partial program.
49 CFR 1542.103(c).
As explained in section II.B of this
NPRM, TSA proposes to expand the
types of airports that would be required
to adopt a partial program to include
reliever airports and airports that
regularly serve large aircraft with
scheduled or public charter service.
Furthermore, TSA would amend
§ 1542.103(b) to remove airports
regularly serving aircraft operators that
are subject to the private charter
program under § 1544.101(f) from
among the airport operators that are
subject to the supporting program.
An airport that would not be required
to adopt a security program under
§ 1542.101(a), (b), or (c) may
nevertheless seek TSA approval for its
security program. To address this
situation, TSA proposes to adopt
§ 1542.101(e), which would allow TSA
to approve a security program for this
type of airport, if the airport makes a
request to TSA.
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
Part 1544—Aircraft Operator Security
Section 1544.1
Part
Applicability of This
Currently, § 1544.1(a)(1) limits part
1544 to aircraft operators that hold a
FAA operating certificate under 14 CFR
part 119. Because part 1544 would
apply to other aircraft operators under
this NPRM, TSA would amend
§ 1544.1(a)(1) to clarify that part 1544
applies to all aircraft operators engaged
in civil aviation in an aircraft with a
MTOW of more than 12,500 pounds, not
just those that hold a operating
certificate under 14 CFR part 119.
Section 1544.101
Implementation
Adoption and
sroberts on PROD1PC70 with PROPOSALS
TSA is proposing this rulemaking to
regulate any civil aviation operations.
To ensure consistent treatment of
similar aircraft operators, TSA proposes,
in § 1544.101(b), to apply the same
threshold by requiring that the existing
partial program, twelve-five program,
and private charter program operations
be consolidated and covered under a
single LASP. Note that the LASP would
replace the above stated programs in
§§ 1544.101(b) through (f).
Operations under the LASP would
include civil operations of aircraft,
including passenger and all-cargo
operations, and scheduled, charter, or
other service, with a MTOW over 12,500
pounds, that do not operate under the
full program (§ 1544.101(a)) or the full
all-cargo program (§ 1544.101(h)), and
do not operate as a public aircraft as
described in 49 U.S.C. § 40102 or as a
government charter under the definition
of private charter in § 1540.5 of this
chapter. ‘‘Public aircraft’’ is defined in
49 U.S.C. 40102(37) as follows:
‘‘public aircraft’’ means any of the following:
(A) Except with respect to an aircraft
described in subparagraph (E), an aircraft
used only for the United States Government,
except as provided in section 40125(b).
(B) An aircraft owned by the Government
and operated by any person for purposes
related to crew training, equipment
development, or demonstration, except as
provided in section 40125(b).
(C) An aircraft owned and operated by the
government of a State, the District of
Columbia, or a territory or possession of the
United States or a political subdivision of
one of these governments, except as provided
in section 40125(b).
(D) An aircraft exclusively leased for at
least 90 continuous days by the government
of a State, the District of Columbia, or a
territory or possession of the United States or
a political subdivision of one of these
governments, except as provided in section
40125(b).
(E) An aircraft owned or operated by the
armed forces or chartered to provide
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
transportation to the armed forces under the
conditions specified by section 40125(c).
The government maintains direct
responsibility for the operation of public
aircraft. Public aircraft are not subject to
many of the safety regulations that cover
other aircraft operations.31 They are not
included in the statutory definition of
‘‘civil aircraft’’ and thus are not subject
to many of the same requirements that
apply to civil aircraft. See 49 U.S.C.
40102(16). There are strict limitations
on how such aircraft may be used. See
49 U.S.C. 40124. Many of the operations
are highly specialized and require
unique procedures, including security
procedures. TSA is proposing to make
clear that public aircraft would not be
subject to the LASP.
A government private charter under
TSA regulations means any aircraft
operator flight—
(2) For which the total passenger capacity
of the aircraft is used for the purpose of
civilian or military air movement conducted
under contract with the Government of the
United States or the government of a foreign
country.
See 49 CFR 1540.5. Currently TSA
regulations exempt most such
operations from the Private Charter
Security Program. See 49 CFR
1544.101(f)(1)(ii). The rationale has been
that such charters can, and do, carry out
procedures on a regular basis to address
the security concerns at issue. The U.S.
Department of Defense (DOD) and
Federal agencies use private charter
operations to transport persons and
property in furtherance of their
government missions. See 67 FR 41635
(June 19, 2002). TSA is concerned,
however, that the chartering government
agency may not always understand that
it would be responsible for security of
the operation. Unlike with public
aircraft discussed above, a government
charter may be for a short duration, even
one flight at a time, and thus normal
safety regulations continue to apply.
Accordingly, the rule would make clear
that TSA would exempt government
charter operations from complying with
the LASP, only if the government takes
security responsibility for the following:
(A) The aircraft;
(B) Persons onboard; and
(C) Property onboard.
See proposed § 1544.101(b)(3)(iv). If the
chartering government agency does not
take responsibility for the security of the
operation, the normal TSA requirements
would apply.
31 FAA limits many of its regulations to operation
of civil aircraft, which do not include public
aircraft. For example, see 14 CFR part 91, subpart
E—Maintenance, Preventive Maintenance, and
Alterations.
PO 00000
Frm 00021
Fmt 4701
Sfmt 4702
64809
Note, however, that under the current
rule, government charters must comply
with the Private Charter Program if the
charter enplanes passengers from, or
deplanes passengers into, a sterile area
at an airport. This minimizes the risk
that any weapon or other prohibited
item the government personnel may be
carrying could inadvertently or
purposefully be used to taint the sterile
area. This requirement would continue
under the proposed rule. TSA would
require government charters that
deplane into, or enplane from, sterile
areas to comply with the LASP,
including obtaining an alternate
procedure for deplaning into, or
enplaning from, a sterile area.
The full program, the limited
program, and the full all-cargo program
would not be included in the large
aircraft regulations. However, because
TSA proposes to amend § 1544.1(a) to
make part 1544 applicable to operators
of aircraft with MTOW of over 12,500
pounds, TSA would also need to amend
§§ 1544.101(a) and (h) to maintain the
status quo as to which aircraft operators
are subject to the full program.
Consequently, TSA would amend
§ 1544.101(a) to state that aircraft
operators that hold a FAA certificate
under 14 CFR part 119 would have to
adopt and carry out a full program if
they meet the conditions described in
§ 1544.101(a)(1) or (a)(2). Similarly, TSA
would amend § 1544.101(h) to state that
the full all-cargo program applies to
aircraft operators that hold a FAA
certificate under 14 CFR part 119 or part
125. The limited program is for aircraft
operators that have unique operations
that do not fall within any other
category of operations requiring a
security program under other sections of
part 1544. Nevertheless, the aircraft
operator adopts a security program for
its operations and TSA approves the
security program and classifies it as a
limited program.
Section 1544.103 Form, Content, and
Availability
Proposed § 1544.103 sets forth the
form, content, and availability
requirements for the security programs
required under § 1544.101. There have
been standard security programs for
certain aircraft operators since 1976.
TSA is proposing to recognize the use
of standard security programs by TSA
and aircraft operators in current
requirements for aircraft operators and
proposed under part 1544. This
proposed rule would clarify that each
particular operator’s security program
would be the standard security program
issued by TSA, together with any
amendments and alternate procedures
E:\FR\FM\30OCP2.SGM
30OCP2
sroberts on PROD1PC70 with PROPOSALS
64810
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
approved or accepted by TSA for that
aircraft operator.
Currently, § 1544.103(c) lists the
content requirements of a security
program for a full program aircraft
operator. The specific security
regulations are set forth in part 1544,
subpart C—Operations. TSA proposes to
add new paragraphs (d), (e), and (f) to
describe the content requirements for
full all-cargo and LASPs, respectively.
Also, TSA would amend paragraph (c)
to add the new requirements of
proposed § 1544.241 regarding
volunteer emergency services for full
program operators.
The content requirements for the full
all-cargo security programs in proposed
paragraph (d) are essentially the same
requirements in the current
§ 1544.101(i), except for the addition of
proposed § 1544.241 concerning
volunteer emergency services. The
content requirements for the LASP are
described in section II.A of the
preamble. The individual elements, not
discussed in this section of the
preamble, are discussed in further detail
in the section-by-section analysis of
§§ 1544.202, 1544.205, 1544.206,
1544.207, 1544.215, 1544.217, 1544.223,
1544.225, 1544.233, 1544.235, 1544.241,
1544.245, and subpart G.
The existing partial program and
private charter program include a few
security measures that would not be
part of the LASP, because these
measures would be unnecessary under
the LASP. First, the partial program
requires that aircraft operators under
that program participate in any airportsponsored exercise of the airport
contingency plan in § 1544.301(c).
Currently, there are very few aircraft
operators that hold a partial program
and are subject to § 1544.301(c). Also,
most large aircraft operators operate out
of GA airports that are not required to
have a contingency plan, including
those that TSA proposed to require to
adopt and carry out a partial program
under proposed § 1542.103(c). Thus it
would be unnecessary to require large
aircraft operators to participate in an
airport-sponsored exercise of the airport
contingency plan and to include this
security measure in the LASP.
TSA is also proposing not to include
the requirements in §§ 1544.209 and
1544.211 regarding the use of metal
detection devices and X-ray systems
that are in the current private charter
program. Because private charter
operators currently do not use these
devices or systems in their screening
processes, it would be unnecessary to
include those requirements in the LASP.
If a large aircraft operator plans to use
a metal detection device or an X-ray
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
system, the operator would apply for an
amendment or alternate procedure to its
security program, which would describe
the requirements and procedures for
using such devices or systems.
Section 1544.105 Approval and
Amendments to the Security Program
Aircraft operators that are required to
adopt a security program under
§ 1544.101 must apply for a security
program from TSA. TSA provides the
standard security program and may
amend the program on its own
initiative, or as requested by the aircraft
operator and approved by TSA.
Similarly, TSA would provide large
aircraft operators with a standard
security program. At that time, the
aircraft operator would be able to
submit any amendment to their security
program to TSA for approval. If the
aircraft operator fully accepts the
standard TSA security program, they
would not be required to submit any
amendments to TSA. Accordingly, TSA
proposes to amend § 1544.105 to apply
to large aircraft operators.
Unlike the full program and full allcargo program operators, a large aircraft
operator would need to submit
additional information, such as the
names, addresses, and phone numbers
of the owners and aircraft operator
security coordinator of the large aircraft,
and the FAA certificate number if the
aircraft operator holds an FAA
certificate, when it submits its
application for approval of its security
program. Full program and full all-cargo
program operators hold certificates from
the FAA and DOT, and the Federal
Government has reviewed the operators,
including their key personnel, in
connection with the certification
processes; thus the operators are known
to the Federal Government. Large
aircraft operators, however, are a diverse
group of operators that range from
individuals who own and operate their
aircraft to large corporations that
operate aircraft using owned and/or
leased aircraft. As a result, TSA would
need the additional information to
identify the owners and operators of
large aircraft and to evaluate their
security programs for approval.
TSA believes that aviation security
will be enhanced if TSA conducts an
analysis to determine whether operators
of aircraft subject to this proposed
regulation are legitimate business
entities and whether their owners are
individuals who appear to pose a risk to
aviation security. Accordingly, TSA is
considering various options to achieve
the objective. For checking on whether
the aircraft operator is a legitimate
business entity, TSA may rely on a
PO 00000
Frm 00022
Fmt 4701
Sfmt 4702
check against Dun & Bradstreet or a
similar commercial database and/or
governmental databases, such as the
FAA’s Aircraft Registration Database.
For individuals who would be
identified as a proprietor, general
partner, officer, director, or owner in
proposed section 1544.105(a)(1)(ii)(B),
TSA does not intend to use commercial
or publicly available data to determine
whether the individuals pose or may
pose a threat to transportation or
national security. For these individuals,
TSA seeks comment on whether it
should require these individuals to
undergo the security threat assessment
(STA) described in proposed part 1544,
subpart G. TSA requests public
comment on these options and on other
approaches that would achieve the
desired result.
TSA would also use the information
to identify and contact aircraft and their
respective operators for operational or
security reasons.
The proposed rule would not change
the process for amending a security
program, either by the aircraft operator
or TSA. Proposed § 1544.105(f) would
provide TSA with a mechanism to
withdraw its approval of an aircraft
operator’s security program pursuant to
the procedures set forth in proposed
§ 1540.301.
Section 1544.107 Fractional
Ownership of Large Aircraft
Proposed § 1544.107 addresses
situations in which a large aircraft is
under fractional ownership program
under the FAA rules in 14 CFR part 91,
subpart K, for purposes of determining
who would be the aircraft operator
under proposed § 1544.101(b). We
propose to use essentially the same
requirements that apply in the FAA
rules for this purpose. See 14 CFR
91.1011. Each owner in operational
control of a program flight would be
ultimately responsible for safe
operations and for complying with all
applicable requirements, including
those related to security issues. An
owner would be considered in
operational control when the owner has
the legal rights to the aircraft, has
directed that the aircraft carry
passengers or property designated by
the owner, and the aircraft is carrying
those passengers or property.
Although TSA would consider each
owner as the aircraft operator, the owner
would be able to delegate some or all of
the performance of the tasks associated
with carrying out this security
responsibility to the program manager.
For operations where the owner in
operational control delegates
performance of security tasks to the
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
sroberts on PROD1PC70 with PROPOSALS
program manager, the TSA would
consider the owner and the program
manager to be holding the security
program jointly, and the owner and the
program manager would be jointly and
individually responsible for
compliance. In the event that a program
manager manages multiple aircraft, the
program manager would have one large
aircraft program that applies to all its
operations.
An owner would be considered not in
operational control when an aircraft is
used for a flight for administrative
purposes, such as demonstration,
positioning, ferrying, maintenance, or
crew training, and no passengers or
property that were designated by the
owner are being carried. Further, if the
aircraft is operated under 14 CFR part
121 or 135, then the owner would be
considered not to be in operational
control.
This approach to determining the
party that would be considered the
aircraft operator for purposes of the
LASP is based on the FAA regulations
found in 14 CFR part 91, subpart K,
regarding fractional ownership
operations. TSA invites comments on
whether we should provide additional
features of subpart K in these
regulations, such as the requirement in
14 CFR 91.1013 that the program
manager brief the fractional owner.
Section 1544.202 Persons and Property
Onboard All-Cargo Aircraft
Current § 1544.202 requires each
aircraft operator operating under the full
all-cargo program and the twelve-five
program in all-cargo operations to apply
the security measures in their security
programs to persons who board the
aircraft and their property. ‘‘Cargo’’ is
defined as property tendered for air
transportation accounted for on an air
waybill. Company materials and other
property not under an air waybill are
not cargo; Rather, they are property that
would be subject to proposed
§ 1544.206, as discussed in section II.A
of this preamble and below.
Section 1544.202 is intended to
prevent persons who may pose a
security threat from boarding and to
prevent or deter the carriage of any
unauthorized persons and unauthorized
explosives, incendiaries, and other
destructive substances or items. This
provides the opportunity for aircraft
operators to conduct an on-site check of
persons and property for compliance,
and provides TSA with the means to
perform security database checks.
Section 1544.202 remains an important
security measure for aircraft with
MTOW of over 12,500 pounds in allcargo operation. Consequently, we
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
propose to revise § 1544.202 to apply to
aircraft operated under the LASP in an
all-cargo operation and to remove the
references to the twelve-five program in
all-cargo operations.
Section 1544.205 Acceptance and
Screening of Cargo
Section 1544.205 sets forth the
requirements for screening cargo on full
program operations that carry cargo, full
all-cargo operations, and twelve-five allcargo operations. As with § 1544.202,
cargo under § 1544.205 is property
tendered for air transportation
accounted for on an air waybill. As
discussed above, TSA would require
operators of large aircraft that are allcargo operations to screen persons,
accessible property, and cargo onboard
the aircraft to prevent and deter the
carriage of any unauthorized persons or
the unauthorized carriage of weapons or
explosives. Sections 1544.205(a), (b),
(d), and (f) would apply to all large
aircraft with an MTOW of over 12,500
pounds in all-cargo operations.
Section 1544.206 Persons and Property
on Board a Large Aircraft
As discussed in section II.A of the
preamble, TSA proposes § 1544.206,
which would require aircraft operators
operating under a large aircraft program
under § 1544.101(b) to apply security
measures in its security program to
prevent or deter the carriage of
unauthorized persons or unauthorized
weapons, explosives, incendiaries, and
other destructive substances or items.
TSA also notes that 18 U.S.C. 922(e) and
(f) impose criminal penalties for the
unlawful transport or delivery of
firearms or ammunition by any person
or by common or contract carriers,
respectively.
Section 1544.207 Inspection of
Individuals and Property
Current § 1544.207 describes which
entities conduct screening under which
circumstances: TSA, a foreign
government, or the aircraft operator.
TSA is proposing to amend § 1544.207
to clarify which aircraft operator is
subject to this section and which entity
is responsible for conducting the
required screening.
TSA would amend § 1544.207(a) to
state clearly that this section applies to
full program operators, full all-cargo
program operators, and operations in a
large aircraft with a MTOW over 45,500
kilograms operated for compensation or
hire, as described in proposed
§ 1544.103(f)(1).
Proposed § 1544.207(b) applies to full
program operators and is substantively
the same as the current requirements for
PO 00000
Frm 00023
Fmt 4701
Sfmt 4702
64811
these operators. This section originally
was written before TSA assumed the
responsibility for all passenger and
checked baggage screening in the United
States and does not currently clearly
state where TSA conducts the screening.
TSA proposes to clarify this section. For
locations in the United States, each full
program operator must not board a
passenger, or load his or her accessible
or checked property, unless TSA or a
TSA contractor has conducted the
necessary inspection. In locations
outside of the United States where the
foreign country conducts the screening,
each full program operator must not
board a passenger, or load his or her
accessible or checked property, unless
the foreign country has conducted the
necessary screening. TSA may require
supplemental screening of some
passengers. In locations outside of the
United States where the foreign country
does not conduct part or all of the
required screening, each full program
operator must not board a passenger, or
load his or her accessible or checked
property, unless the operator or its
authorized representative has conducted
the required screening.
Proposed § 1544.207(c) applies to full
all-cargo programs and to operations in
a large aircraft with a MTOW over
45,500 kilograms operated for
compensation or hire, which currently
are referred to as private charters. These
aircraft operators are generally required
to conduct their own screening. They
would be required to follow the security
procedures in their security programs
and the requirements in 49 CFR part
1544, subpart E, regarding screener
qualifications when the aircraft operator
conducts the screening.
In the event that the aircraft enplanes
or deplanes from a sterile area, the large
aircraft operator would be required to
obtain an alternate procedure for its
security program.
Section 1544.217 Law Enforcement
Personnel
Section 1544.217 currently requires
aircraft operators under the partial
program, the twelve-five program, the
private charter program, and the full allcargo program to provide for law
enforcement personnel that meet TSA’s
requirements. TSA proposes to replace
the referenced partial program, the
twelve-five program, and the private
charter program, with the LASP,
requiring large aircraft operators to
perform the same duties required under
§ 1544.217. TSA proposes that large
aircraft operators must provide their
employees, including crewmembers,
current information regarding
procedures for obtaining law
E:\FR\FM\30OCP2.SGM
30OCP2
64812
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
enforcement assistance, to enable them
to contact local law enforcement
personnel expeditiously in the event of
a security need.
Section 1544.223 Transportation of
Federal Air Marshals
Current § 1544.223 requires that full
program operators and large aircraft
over 45,500 kilograms that operate for
compensation or hire under
§ 1544.103(f) carry Federal Air Marshals
(FAMs). In this NPRM, TSA proposes to
add § 1544.223(g) to require other large
aircraft operators not covered by
§ 1544.103(f)(1) to carry FAMs only
upon notification by TSA. This would
affect mostly private/corporate aircraft
owners. The regulation change would
provide TSA with the ability to require
these operators to put a FAM on board
a large aircraft, pursuant to prior
notification, if the need arises. TSA
understands that maintaining the
confidentiality of the FAM onboard a
large aircraft may not be possible, and
therefore TSA proposes to limit
§ 1544.223(g) to those operating under a
full program or a LASP in an aircraft
with MTOW over 45,500 kilograms.
sroberts on PROD1PC70 with PROPOSALS
Section 1544.237 Flight Deck
Privileges
Section 1544.237(b) currently allows
for access to the flight deck by FAA air
carrier inspectors, authorized
representatives of the National
Transportation Safety Board, and U.S.
Secret Service agents. This NPRM
proposes to amend § 1544.237(b) to
include Department of Defense (DOD)
commercial air carrier evaluators who
may seek admittance to the aircraft
flight deck. TSA proposes to amend
§ 1544.237 to harmonize with FAA
regulations at 14 CFR 121.547. DOD
commercial air carrier evaluators will
assess the effectiveness of a carrier’s
operations department, including crew
coordination and safety awareness. DOD
evaluators are required to pre-arrange all
flight deck evaluations.
Section 1544.241 Voluntary Provision
of Emergency Services
Congress has enacted statutory
provisions that provide certain
exemptions from liability for qualified
law enforcement officers, firefighters,
and emergency medical technicians
who provide emergency services during
emergencies; and that directs TSA to
establish a program to allow such
individuals to volunteer to provide such
emergency services. 49 U.S.C. 44944.
TSA has already incorporated this
program into the AOSSP for full
program operators and now proposes to
codify the provisions in new § 1544.241.
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
Because the statute limits these
provisions to air carriers, TSA proposes
to limit the application of § 1544.241 to
aircraft operators that hold an air carrier
operating certificate under 14 CFR part
119.
The statute provides that a qualified
individual shall not be liable for
damages in any action brought in
Federal or State court which arises from
the act or omission of that individual in
providing or attempting to provide
assistance in an in-flight emergency,
absent gross negligence or willful
misconduct. TSA must establish the
requirements for qualifications of these
individuals. Consistent with the statute,
TSA’s proposed regulation requires air
carriers operating under a full program
to implement a method or a program for
qualified individuals who are law
enforcement officers, firefighters, or
emergency medical technicians to
present their credentials to the carrier
and to give their consent to be called
upon during an in-flight emergency.
As required in the statute,
§ 1544.241(b) sets out proposed
qualifications for the law enforcement
officers, firefighters, and emergency
medical technicians who would be
exempted from liability under the
statute and who would be able to
volunteer under this section. TSA
proposes that an individual is qualified
for purposes of this section if the
individual is qualified under Federal,
State, local, or tribal law, or under the
law of a foreign government, has valid
standing with the licensing or
employing agency that produced the
credentials, and is a scheduled, on-call,
paid, or volunteer employee, as one of
the following:
1. A law enforcement officer who is
an employee or authorized by the
Federal, state, local or tribal government
or under the law of a foreign
government, with the primary purpose
of the prevention, investigation,
apprehension, or detention of
individuals suspected or convicted of
Government offenses.
2. A firefighter who is an employee,
whether paid or a volunteer, of a fire
department of any Federal, state, local,
or tribe who is certified as a firefighter
as a condition of employment and
whose duty it is to extinguish fires, to
protect life, and to protect property.
3. An emergency medical technician
who is trained and certified to appraise
and initiate the administration of
emergency care for victims of trauma or
acute illness. We request comments on
whether these are the appropriate
qualifications to carry out the purposes
of the statute.
PO 00000
Frm 00024
Fmt 4701
Sfmt 4702
This exemption from liability
provided in the statute is stated for
information in proposed
§ 1544.241(b)(1). The statutory
exemption from liability applies only to
the three named groups above. The
proposed rule in § 1544.241(b)(2)
includes the statutory provision that the
exemption shall not apply in any case
where an individual provides or
attempts to provide assistance in a
manner that constitutes gross negligence
or willful misconduct. The statute does
not require the individual volunteer to
identify himself or herself before
departure to be subject to this
exemption. Proposed § 1544.241(b)(3)
states expressly that the exemption
would apply regardless of whether the
individuals identify themselves in
advance of departure. The proposed rule
also makes clear that an individual need
not have his or her credentials with
himself or herself at the time of
providing assistance for the exemption
from liability to apply. For instance, if
a firefighter who did not volunteer
before the flight as provided in
paragraph (c), and who did not have his
credentials with him, were to provide
assistance in the case of an in-flight
emergency, the statutory exemption
from liability would apply. After the
incident, to show that the exemption
applied, the firefighter may have to
establish that he was qualified as
provided in paragraph (a), but the lack
of credentials present at the time of the
emergency would not preclude the
application of the exemption.
Proposed § 1544.241(c) contains the
requirement for aircraft operators to
implement a program for individuals
who meet the qualifications in
paragraph (a) to volunteer, prior to
departure, to be called on by a
crewmember or flight attendant to
provide emergency services in the event
of an in-flight emergency. The required
procedures would include a check of
the credentials of individuals
identifying themselves pre-departure.
Under this program, TSA would not
expect FAMs and LEOs who are flying
armed under § 1544.219 to volunteer to
assist in an emergency situation prior to
departure. Since the FAMs and LEOs
must identify themselves to the aircraft
operator prior to departure and must
have taken appropriate training to fly
armed, it is not necessary for the aircraft
operator or the FAM or LEO to carry out
§ 1544.241. The flight crew knows
where each FAM and armed LEO is
seated and is able to request their
assistance if the need arises. The
statutory exemption from liability
would apply if a FAM or LEO were to
assist during an emergency.
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
Proposed § 1544.241 would not
preclude passengers from assisting in an
emergency, even if they did not meet
the qualifications in paragraph (a). We
note that any passenger may assist in an
emergency, and in the past, physicians,
nurses, and others have provided vital
help when needed, and they will
continue to be able to do so.
Generally, the aircraft operator will
determine whether to request assistance
and from whom to request it based on
all the circumstances and information
available to the aircraft operator. For
instance, while the statute does not
apply to doctors or nurses, if there is a
medical emergency and the aircraft
operator is aware that a doctor or a
nurse is on board, the aircraft operator
may request assistance of them instead
of other individuals who may have
volunteered under this program.
However, the statute limits liability
protection to qualified law enforcement
officers, firefighters, and emergency
medical technicians. State Good
Samaritan Laws and other protections
may apply to other individuals, not
mentioned in the statute, who assist in
an emergency.
Additionally, in accordance with 49
U.S.C. 44944(a), the aircraft operator
must keep all information of the identity
or personal information of the qualified
individual confidential and must not
provide such information to any
individual, other than the appropriate
aircraft operator personnel.
Section 1544.243
Third Party Audit
As discussed in section II.A of the
preamble, proposed § 1544.243 would
require a large aircraft operator to
contract with a TSA-approved auditor to
audit its compliance with the
requirements of 49 CFR chapter XXII
and its security program. The
regulations include procedures for
obtaining TSA approval and for
conducting audits.
sroberts on PROD1PC70 with PROPOSALS
Section 1544.245 Passenger Vetting for
Large Aircraft Operators
TSA would require large aircraft
operators to contract with watch-list
service providers to conduct watch-list
matching of their passengers before
allowing them to board. Passengers
determined to be on the No Fly list
would not be able to board an aircraft.
Proposed § 1544.245 establishes the
procedures that large aircraft operators
would be required to follow in order to
comply with the requirements for
watch-list matching. Section II.A of this
preamble provides a detailed discussion
of the requirements and process.
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
64813
Subpart F—Watch-List Service
Providers
Section 1544.503 Qualification
Standards for Approval
Under proposed § 1544.245, large
aircraft operators would submit
passenger information to watch-list
service providers approved by TSA to
conduct watch-list matching. Proposed
part 1544, subpart F, sets forth the
proposed requirements and procedures
for entities to obtain and maintain TSA
approval to conduct watch-list
matching. TSA would require watch-list
service providers to maintain high IT
system security, to develop and
implement a robust system capable of
conducting automated watch-list
matching quickly and continuous
vetting of master passenger lists, to
protect personally identifiable
information and sensitive security
information, and to adopt and
implement a security program. Because
of these requirements, TSA expects that
limited number of entities would be
approved to be watch-list service
providers. TSA is also considering
whether to limit in the final rule the
number of watch-list service providers
that it would approve. This would
preserve the security of the watch-list by
restricting the distribution of the watchlist to a small number of entities that
would have access to the watch-list.
TSA seeks comment on limiting the
number of entities that would be
approved watch-list service providers,
including what criteria would be used
to determine which applicants would be
approved and how many watch-list
service providers should be approved.
For instance, TSA is considering criteria
such as the level of IT system security,
the type of watch-list matching system,
and the ability of the service provider to
quickly conduct the service.
Proposed § 1544.503 would establish
qualification standards for approval of
applicants to conduct watch-list
matching. The applicant would need to
demonstrate the ability to receive
passenger information from large
aircraft operators and to conduct
automated watch-list matching,
including using continuously updated
information from TSA, and to transmit
the watch-list matching results to the
large aircraft operator in a secure
manner. The applicant would be
required to obtain an attestation from an
independent public accounting (IPA)
firm that the system that the applicant
would use to contain SSI and personally
identifiable information collected as
part of the watch-list matching process
and to perform the necessary
transmissions and matching are in
compliance with the applicant’s
approved system security plan and TSA
standards. In addition, TSA would
require the applicant to successfully
undergo a suitability assessment by
TSA, and the applicant’s covered
personnel to successfully undergo a
security threat assessment by TSA.
Finally, TSA would require the
applicant to be incorporated within the
United States, and the applicant’s
operations and systems for conducting
the watch-list matching to be located in
the United States. Under this proposal,
eligibility to be a watch-list service
provider would be limited to U.S.
companies and U.S. subsidiaries of
foreign corporations that are
incorporated and located in the United
States. This requirement would lessen
the possibility that the SSI and the
personally identifiable information that
would be part of the watch-list matching
process would be exported to a foreign
country, which would limit the U.S.
Government’s ability to protect that
information. The requirement would
also allow for better TSA oversight and
control over this watch-list matching
process. Because the watch-list
matching process involves personally
identifiable information and SSI, TSA
seeks comments on whether to require
covered personnel to be U.S. citizens,
U.S. nationals, or lawful permanent
residents of the United States.
Section 1544.501 Scope and Terms
Used in This Subpart
Subpart F would apply to watch-list
service providers who conduct watchlist matching on behalf of large aircraft
operators. The definition of ‘‘applicant’’
would mean the entity that is seeking
approval from TSA to conduct watchlist matching for large aircraft operators.
‘‘Large aircraft operators’’ are defined as
those operators described in
§§ 1544.101(b) or 1544.107. The final
definition in proposed § 1544.501 is
‘‘covered personnel.’’ This term would
mean an employee, officer, principal, or
program manager of the watch-list
service provider who collects, handles
or uses passenger information or watchlist matching results or who conducts
watch-list matching.
PO 00000
Frm 00025
Fmt 4701
Sfmt 4702
Section 1544.505
Application
Proposed § 1544.505 would require
every applicant to submit an application
in a form and manner prescribed by
TSA. The application would include the
following: (1) Applicant’s full name,
business address, business phone, and
business email address; (2) a statement
E:\FR\FM\30OCP2.SGM
30OCP2
sroberts on PROD1PC70 with PROPOSALS
64814
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
and other supporting documentation
providing evidence of the applicants’
abilities and satisfaction of the required
qualifications; (3) a system security plan
that would satisfy standards set forth by
TSA; and (4) a security program that
meets the requirements set out in
§ 1544.515.
TSA proposes to require watch-list
service providers to adopt a system
security plan that satisfies TSA
standards to ensure that watch-list
service providers protect personally
identifiable information and SSI. TSA
standards would be based on the
National Institute of Standards and
Technology (NIST) Special Publication
800–53, ‘‘Recommended Security
Control for Federal Information
Systems,’’ (NIST Special Publication
800–53). The objective of NIST Special
Publication 800–53 is to provide
security controls that are consistent
with and complementary to other
established security standards. The
catalog of security controls provided in
NIST Special Publication 800–53 can be
effectively used to demonstrate
compliance with a variety of
governmental, organizational, or
institutional security standards. NIST
Special Publication 800–53 is a widely
recognized body of security criteria for
Federal systems.
TSA standards for the systems
security plan would likely be organized
into three classes: Management,
Operational, and Technical.
Management controls would focus on
security systems program risk.
Operational controls would address
security methods of mechanisms that
people (as opposed to systems) would
implement and execute. Technical
controls would manage security controls
that the watch-list service provider’s
systems would execute. These controls
would provide automated protection
from unauthorized access or misuse,
facilitate detection of security
violations, and support security
requirements for applications and data.
Furthermore, the NIST Federal
Information Processing Standards
Publication 199, ‘‘Standards for Security
Categorization of Federal Information
and Information Systems,’’ February
2004, establishes security categories for
both Federal information and
information systems. The security
categories are based on potential impact
should certain events occur. Based on
analysis of potential impacts, TSA
believes that security categorization for
confidentiality, integrity, and
availability would be ‘‘High.’’
Consequently, security controls that
should be applied are those that are
commensurate with a High security
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
category system. NIST Special
Publication 800–53 contains
implementation requirements for this
categorization.
Under proposed §§ 1544.505 and
1544.515, TSA would require watch-list
service providers to submit a system
security plan as part of their application
for TSA approval, and that system
security plan would be part of the
watch-list service providers’ security
program. TSA requests comments on
which standards and controls in the
NIST Special Publication 800–53 should
apply to watch-list service providers’
systems. TSA would develop the
specific standards for the system
security by reviewing all of the
standards and controls in NIST Special
Publication 800–53 and the comments
received in response to this NPRM.
Based on its review, TSA would issue
a system security plan template that
would incorporate the standards and
controls that TSA determines would be
appropriate to require of the watch-list
service providers for their systems,
similar to the process that TSA used to
develop the information systems
security standards for the Registered
Traveler Interoperability Pilot.32 Watchlist service providers would have an
opportunity to comment on the template
including the standards.
Section 1544.507 TSA Review and
Approval
Section 1544.507 proposes procedures
for TSA’s review and approval of
applications to perform watch-list
matching. Upon receipt of the
application, TSA would review the
application and might conduct a site
visit of the applicant’s place of business
to determine whether the applicant
meets TSA’s qualifications. Upon final
review of the application by TSA, TSA
would notify the applicant of approval
or disapproval by written notice. After
TSA approves an application and
receives an attestation report for an IPA
firm opining that the watch-list service
provider’s system is in compliance with
its system security plan and TSA
standards, the watch-list service
provider would be able to begin
passenger vetting pursuant to the
regulations.
Section 1544.509 Reconsideration of
Disapproval of an Application
Proposed § 1544.509 would allow an
applicant whose application has been
disapproved to petition for
reconsideration of TSA’s decision by
32 ‘‘The Registered Traveler Security, Privacy and
Compliance Standards for Sponsoring Entities and
Service Providers,’’ including all appendices, is
available on TSA’s Web site at www.tsa.gov.
PO 00000
Frm 00026
Fmt 4701
Sfmt 4702
submitting a written petition to the
Assistant Secretary or designee within
30 days of the notice of disapproval.
The petition for reconsideration would
need to include the applicant’s contact
information and any documentation that
the applicant believes may assist the
Assistant Secretary in making a final
decision. The Assistant Secretary or
designee would also be able to request
additional information from the
applicant that may assist in disposing of
the petition.
Section 1544.511
Approval
Withdrawal of
Proposed § 1544.511 would state the
procedure for TSA to withdraw the
approval of the watch-list service
provider if it ceases to meet the
standards for approval, fails to fulfill its
responsibilities, or if it is in the interest
of security or the public. If TSA decides
to withdraw the approval of a service
provider, TSA would provide the
service provider with a written notice of
proposed withdrawal of approval,
which would include the basis of the
withdrawal of approval. The initial
notice would become a final notice of
withdrawal of approval if TSA does not
receive a written petition of
reconsideration within 31 days after the
service provider’s receipt of TSA’s
notice of proposed withdrawal of
approval. Except in an emergency,
during the 31 days prior to the TSA’s
receipt of the written petition, the
service provider would be able to
continue conducting watch-list
matching. Additionally, if the watch-list
service provider did file a timely written
petition for reconsideration, the service
provider would be able to continue
conducting watch-list matching, unless
and until the service provider receives
a final notice of withdrawal of approval.
Once the watch-list service provider
received a final notice of withdrawal of
approval, the service provider would
not be able to continue conducting
watch-list matching.
If TSA found an emergency situation
requiring immediate withdrawal of the
service provider’s approval, the
proposed rule would allow TSA to
withdraw the approval without prior
notice. The emergency notice would
include the basis of the emergency
withdrawal of approval and would be
effective upon receipt by the watch-list
service provider. As above, the service
provider would be able to file a written
petition for reconsideration within 30
days of receipt of the emergency notice;
however, this would not stay the
effective date of the emergency notice of
withdrawal of approval.
E:\FR\FM\30OCP2.SGM
30OCP2
sroberts on PROD1PC70 with PROPOSALS
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
Section 1544.513 Responsibilities of
Watch-List Service Providers
Proposed § 1544.513 describes the
responsibilities of watch-list service
providers under this part. These
responsibilities would ensure that the
watch-list service providers are
conducting watch-list matching in a
manner that is consistent with TSA
standards and that protects personally
identifiable information and SSI. Under
proposed § 1544.513, watch-list service
providers would have the following
responsibilities: (1) Adopt and carry out
a security program that meets the
requirements of proposed § 1544.515;
(2) comply with the system security
plan; (3) contract with an IPA firm to
perform periodic attestation of their
compliance with their systems security
plan and TSA standards, as explained in
further detail below; (4) identify,
handle, and protect SSI in accordance
with 49 CFR part 1520; (5) not disclose
information received from or sent to the
aircraft operator or to TSA, unless
otherwise authorized by TSA; (6) allow
TSA to inspect watch-list service
providers to determine their compliance
with TSA regulations and their security
programs; (7) adopt and make public a
privacy policy; (8) provide
documentation establishing compliance
if requested by TSA; and (9) only use
the watch-list for watch-list matching
under proposed part 1544, subpart F.
Because watch-list matching involves
security and privacy issues, TSA
proposes to require watch-list service
providers to contract with a qualified
IPA firm to perform an attestation of
their compliance with their system
security plan and TSA standards. TSA
would consider an IPA firm qualified if
their selection is consistent with the
American Institute of Certified Public
Accountants’ (AICPA) guidance
regarding independence, and the firm
demonstrates the capability to assess
information system security and process
controls. TSA would reserve the right to
reject the IPA firm’s attestation if, in
TSA’s judgment, the IPA firm is not
sufficiently qualified to perform these
services.
TSA proposes to require that the IPA
firm conduct the attestation in
accordance with AICPA ‘‘Statement for
Standards on Attestation Engagements’’
No. 10 and TSA standards. TSA would
also require the IPA firm to prepare and
submit a report, in a form and manner
prescribed by TSA.
As stated above, TSA would require
watch-list service providers to obtain an
attestation report prior to
commencement of operations to
conduct watch-list matching.
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
Additionally, TSA would require watchlist service providers to obtain periodic
attestation reports for the duration of
their watch-list matching. TSA would
require watch-list service providers to
undergo an attestation every year and
the IPA firm would submit an
attestation report to TSA approximately
12 months after submission of the
previous attestation report.
Section 1544.515
Security Program
Proposed § 1544.515 would set forth
the content requirements for a security
program. These requirements would
ensure that watch-list service providers
have the capability and proper
procedures to conduct watch-list
matching under this subpart. Watch-list
service providers would be required to
adopt and carry out security programs
that include the procedures for
receiving passenger information from
the aircraft operators, conducting watchlist matching of the passengers,
including continuous vetting of
passengers, and transmitting the watchlist matching results to the operator. The
security program would also contain
procedures for the service provider to
contact TSA for resolution of passengers
who are potential matches to the watchlist.
Because a watch-list service
provider’s system would contain
personally identifiable information
about passengers and SSI, the security
program would include various security
requirements to protect this
information. These requirements
include procedures for compliance with
the watch-list service provider’s system
security plan, and procedures for the
physical security of the system used to
conduct watch-list matching.
Under proposed § 1544.515, TSA
would require service providers to
provide personnel who are available to
TSA 24-hours a day, 7-days a week.
TSA would operate on a 24-hour basis,
and therefore TSA would require the
service providers to be available at all
times for resolution of potential watchlist matches.
The service provider would also be
responsible for training its covered
personnel on the requirements in the
TSA regulations and the security
program. TSA training requirements
would also include topics related to
identifying, handling, and protecting
SSI and personally identifiable
information, and the procedures used to
perform the watch-list matching and to
resolve any potential matches.
PO 00000
Frm 00027
Fmt 4701
Sfmt 4702
64815
Subpart G—Security Threat
Assessments for Large Aircraft Flight
Crew, Applicants to Become TSAApproved Auditors, and Watch-List
Service Providers Covered Personnel
As stated in section II of the preamble,
TSA proposes to require that flight
crews for large aircraft operators,
individuals authorized to perform
screening functions, applicants to
become TSA-approved auditors, and
key employees to watch-list service
providers undergo a TSA security threat
assessment (STA). The STA would
include fingerprint-based criminal
history records checks and other
analyses, including checks of
appropriate terrorist watch-lists and
other databases. The proposed
information required and the
procedures used for the STA are very
similar to the procedures that apply to
applicants for a hazardous materials
endorsement (HME) on their
commercial driver’s licenses, or a
Transportation Worker Identification
Credential (TWIC) under 49 CFR part
1572. The proposed rule would add
subpart G to part 1544 to set forth the
requirements and procedures that
would apply to these individuals.
Section 1544.601
Expiration
Scope and
Subpart G would apply to flight crews
of large aircraft operators, individuals
authorized to perform screening
functions, applicants to become TSAapproved auditors, and key employees
of watch-list service providers that TSA
would require to undergo security threat
assessments. The same requirements
and procedures would apply to all of
these individuals. However, flight crew
members or individuals authorized to
perform screening functions who have
undergone a criminal history records
check under § 1544.229 or 1544.230
would be grandfathered on a limited
basis, such that they would not be
required to undergo a STA until five
years after TSA provided the results of
their original CHRC.
A Determination of No Security
Threat would be valid for five years
unless TSA withdraws the
determination. Prior to the expiration of
the five years, TSA would require flight
crew members, applicants to become
TSA-approved auditors, and watch-list
service providers’ key employees to
reapply for a new STA to continue with
their No Security Threat status.
Section 1544.603 Enrollment for
Security Threat Assessments
For TSA to conduct a comprehensive
STA, individuals would need to provide
E:\FR\FM\30OCP2.SGM
30OCP2
64816
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
TSA with biographic information and
their fingerprints. TSA is proposing
§ 1544.603 to require individuals to
provide biographic and biometric
information necessary for TSA to
complete the fingerprint-based checks
and other analyses. These applicants
would provide the information
necessary for enrollment, including
personal information such as gender
and date of birth.
To ensure that correct and accurate
information is provided to TSA, the
application would include, and the
individual would sign, a statement
providing that the statements made on
the application are true, complete, and
correct pursuant to penalty of law. TSA
would also require the individual to
include a statement that he or she has
not been convicted, or found not guilty
by reason of insanity, of any of the
disqualifying crimes listed in
§ 1544.229(d) during the 10 years before
submission of the individual’s
application. These are the same
disqualifying criminal offenses that
currently apply to flight crew members
under § 1544.230 and to many persons
at airports under § 1542.209. The
statement would also include language
that the individual understands that he
or she must immediately inform TSA of
any conviction of a disqualifying offense
that occurs while he or she is a TSAapproved auditor or a watch-list service
provider.
TSA anticipates that the individuals
would provide their information though
an enrollment provider under contract
with TSA. The enrollment provider
would verify the identity of the
individual, advise the individual that a
copy of the criminal record would be
provided if requested, and identify a
point of contact for any questions the
individual may have, prior to
fingerprinting. The enrollment provider
would then collect, control, and process
the fingerprints of the individual and
submit the data and the application to
TSA.
sroberts on PROD1PC70 with PROPOSALS
Section 1544.605 Content of Security
Threat Assessment
TSA proposes that the STA would
include a criminal history records
check, other analyses, and a final
disposition.
Section 1544.607 Criminal History
Records Check
As part of the security threat
assessment, TSA proposes to perform a
CHRC. TSA would submit the
fingerprints provided by the individuals
as part of the enrollment process to the
Federal Bureau of Investigation’s (FBI)
Criminal Justice Information Services
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
(CJIS) to obtain any criminal history
records that correspond to the
fingerprints. Upon receipt of the results
from FBI/CJIS, TSA would adjudicate
the results based on the disqualifying
criminal offenses in § 1544.229(d).
At times, a CHRC may result in data
that discloses an arrest for a
disqualifying offense, but does not
provide a disposition for the offense.
The individual would be required to
provide further documentation that the
arrest did not result in a disqualifying
offense. A conviction of a disqualifying
offense would be reason to disqualify
the individual. However, if the
disposition did not result in a
conviction, or in a finding of not guilty
by reason of insanity, of a disqualifying
offense, the individual would then not
be disqualified under this section,
provided that the applicant explains
how the arrest was resolved.
If the results received from the FBI
provide a reason for disqualifying the
individual, TSA would notify the
individual of the disqualifying reasons.
The individual may request a copy of
the record on which TSA’s
determination is based. The individual
would be able to contact the FBI in
order to complete or correct his or her
record, if the individual contacts TSA
within 30 days of being notified that the
FBI record disclosed a disqualifying
offense. Otherwise, TSA would make a
Final Determination of Threat
Assessment.
TSA also proposes to require a
continuing obligation of individuals
who receive a Determination of No
Security Threat, by requiring immediate
notice (within 24 hours) to TSA of any
conviction of a disqualifying offense
that occurs while he or she holds a
determination of no security threat that
has not expired.
Section 1544.609 Other Analyses
TSA proposes to conduct other
analyses through domestic and
international government databases to
confirm the individual’s identity and
whether he or she poses a security
threat. These would include checks
against terrorist-related and immigration
databases, as well as other governmental
information sources such as those that
identify open wants and warrants. TSA
would adjudicate the results of all
searches conducted including searches
that reveal extensive foreign or domestic
criminal convictions, convictions for a
serious crime not listed in 49 CFR
1572.103, or periods of foreign or
domestic imprisonment that exceeds
365 consecutive days.
If an individual who has successfully
undergone an initial security threat is
PO 00000
Frm 00028
Fmt 4701
Sfmt 4702
subsequently found not to meet TSA’s
criteria, TSA may withdraw its
Determination of No Security Threat
under proposed § 1544.613.
Section 1544.611 Final Disposition
TSA proposes that after conducting a
CHRC and other analyses, it would
serve a Determination of No Security
Threat if TSA determines that an
individual meets the STA standards.
TSA also proposes to serve an Initial
Determination of Threat Assessment on
the individual if TSA determines that
the individual does not meet the STA
standards. The Initial Determination of
Threat Assessment would include the
following:
1. A statement that TSA has
determined that the individual poses, or
is suspected of posing, a security threat
warranting disapproval of the
application for which a STA is required;
2. The basis for the determination;
3. Information about how the
individual may appeal the
determination, as described in
§ 1544.615; and
4. A statement that if the individual
chooses not to appeal TSA’s Initial
Determination within 30 days after
receipt of the Initial Determination, or
does not request an extension of time
within 30 days after receipt of the Initial
Determination in order to file an appeal,
the Initial Determination becomes a
Final Determination of Security Threat
Assessment.
TSA also proposes to serve a
Withdrawal of the Initial Determination
of Threat Assessment or a Withdrawal
of Final Determination of Threat
Assessment on the individual, if the
appeal results in a finding that the
individual does not pose a threat to
security.
Section 1544.613 Withdrawal of
Determination of No Security Threat
TSA would be able to withdraw a
Determination of No Security Threat at
any time under proposed § 1544.613, if
it determines that a TSA-auditor or
watch-list service provider poses, or is
suspected of posing, a security threat
warranting withdrawal of the
Determination of No Security Threat. If
TSA determines that the individual
does not meet the STA standards, TSA
would serve a withdrawal of the
Determination of No Security Threat on
the individual. The notice would
include the following:
1. A statement that TSA has
determined that the individual poses, or
is suspected of posing, a security threat
warranting disapproval of the
application for which a STA is required;
2. The basis for the determination;
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
3. Information about how the
individual may appeal the
determination; and
4. A statement that if the individual
chooses not to appeal TSA’s Initial
Determination within 30 days after
receipt of the withdrawal of the
Determination of No Security Threat, or
does not request an extension of time
within 30 days after receipt of the
withdrawal of the Determination of No
Security Threat to file an appeal, the
withdrawal of the Determination of No
Security Threat becomes a Final
Determination of Security Threat
Assessment.
TSA also proposes to serve a
Withdrawal of Final Determination of
Threat Assessment on the individual, if
the appeal results in a finding that the
individual does not pose a threat to
security.
Section 1544.615 Appeals
If the individual appeals the Initial
Determination of Threat Assessment or
a Withdrawal of the Determination of
No Security Threat as discussed above,
the procedures in 49 CFR part 1515
would apply. The section-by-section
analysis of part 1515 discusses which
provisions of part 1515 would apply.
Operational year
1st year
Fees
To comply with the mandates of sec.
520 of the 2004 DHS Appropriations
Act, 2004 (Pub. L. 108–90, 117 Stat.
1137, 1156, Oct. 1, 2003), TSA proposes
to establish fees for individuals who are
required to complete background
investigations under this program.
Costs
TSA proposes that individuals
required to undergo a STA would be
required to pay a fee to cover the
following costs:
3rd year
4th year
5th year
Total
27,918
21,034
10,074
9,975
10,115
79,116
$418,776
$315,507
$151,108
$149,626
$151,728
$1,186,745
481,592
139,592
0
579,593
362,833
105,169
0
579,593
173,774
50,369
0
579,593
172,070
49,875
0
579,593
174,488
50,576
0
579,593
1,364,757
395,582
0
2,897,965
Security Threat Assessment Cost-Subtotal ..............
1,200,777
1,047,594
803,736
801,539
804,657
4,658,303
Grand Totals ......................................................
sroberts on PROD1PC70 with PROPOSALS
Estimated Annual Applicants ...........................................
Cost Components
Enrollment Costs ..............................................................
Security Threat Assessment Cost
FBI Criminal History Records Check ........................
Other analyses ..........................................................
System Costs ............................................................
Personnel Costs .......................................................
2nd year
Section 1544.617
64817
1,619,553
1,363,102
954,844
951,164
956,385
5,845,049
1. Enrollment. Part of the fee for the
STA covers the cost for TSA or its agent
to enroll applicants, collect, format, and
process the required information and to
submit the information accordingly. The
STA process would require individuals
who apply for a STA to submit their
fingerprints and biographic information
to TSA or its agent. Based on TSA’s
research of the costs of both commercial
and government fingerprint and
information collection services, as well
as a prior competitive bidding and
acquisition process for similar services,
TSA preliminarily estimates that the per
applicant cost to collect and transmit
fingerprints and other required data
electronically is likely to be $15. TSA
may adjust this estimated amount
upwards or downwards in the final rule
based on its final calculations of its
costs. This cost would also cover related
administrative support, help desk
services, quality control, and related
logistics.
2. Security Threat Assessment. Part of
the fee for the STA covers the cost for
TSA to conduct a STA. For the STA,
each applicant’s information would be
checked against multiple databases and
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
other information sources so that TSA
would be able to determine whether the
applicant poses a security threat that
warrants denial of approval. The threat
assessment would include an appeals
process for individuals who believe that
the records upon which TSA bases its
determination are incorrect.
As part of the STA, TSA would
submit fingerprints to the FBI to obtain
any criminal history records that
correspond to the fingerprints. The FBI
is authorized to establish and collect
fees to process fingerprint identification
records. See Title II of the Judiciary
Appropriations Act, 1991 (Pub. L. 101–
515, Nov. 5, 1990, 104 Stat. 2112),
codified in a note to 28 U.S.C. 534.
Pursuant to Criminal Justice Information
Services Information Letter 07–3 (Jun. 1,
2007), this fee is currently set at $17.25,
effective October 1, 2007. If the FBI
increases or decreases its fee to
complete the criminal history records
check, the increase or decrease would
apply to this regulation on the date that
the new FBI fee becomes effective.
TSA would need to implement and
maintain the appropriate systems,
resources, and personnel to ensure that
PO 00000
Frm 00029
Fmt 4701
Sfmt 4702
fingerprints and applicant information
are appropriately linked and that TSA
would be able to receive and act on the
results of the STA. TSA would need to
have the necessary resources—including
labor, equipment, database access, and
overhead—to complete the STA process.
TSA estimates that the total cost of
threat assessment services will be
$4,658,303 over five years. This estimate
includes $1,364,757 for FBI criminal
history records checks, $395,582 for
other analyses, and $2,897,965 for
personnel necessary to facilitate the
STA processing. These estimates are
initial estimates and the final costs may
be higher or lower depending on the
final calculations which would be
discussed in the final rule.
Population
TSA estimates that approximately
79,116 applicants would be required to
complete a STA during the first five
years of the program. This estimate is
derived from the following population
figures that have been gathered for
specific segments of the regulated
population.
E:\FR\FM\30OCP2.SGM
30OCP2
64818
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
Operational year
1st year
2nd year
3rd year
4th year
5th year
Total
Flight Crew Estimate*
Part 91s ............................................................................................
Part 125s ..........................................................................................
Part 135s ..........................................................................................
19,440
293
7,886
16,189
244
4,586
5,427
82
4,550
5,503
83
4,374
5,580
84
4,436
52,139
785
25,831
Flight Crew Estimate-Subtotal .................................................................
Third-Party Auditor Estimate ....................................................................
Watch-list Service Provider Estimate ......................................................
27,618
150
150
21,018
8
8
10,058
8
8
9,960
8
8
10,100
8
8
78,755
180
182
Grand Total .......................................................................................
27,918
21,034
10,074
9,975
10,115
79,116
sroberts on PROD1PC70 with PROPOSALS
* Cites are to FAA regulations, 14 CFR.
Total Fee
TSA would charge a fee to recover its
STA and other program management
and oversight costs associated with the
implementation of this rule. TSA
estimates that applicant charge would
be $74 per applicant. The estimate is
based on the following preliminary
calculations by TSA: the cost of services
provided ($5,845,049) divided by the
estimated population (79,116) receiving
the service would equal $74 per
applicant. As TSA continues to review
and develop the STA program for the
large aircraft program and to work to
minimize all costs, some or all of its
preliminary calculations may change
resulting in an increase or decrease of
the per applicant cost. In the final rule,
TSA will publish the fee based on its
final calculations, and the fee may
remain $74 or it may be more or less.
TSA proposes to establish the $74 fee
to recover all enrollment costs and STA
costs. As part of the $74 fee, TSA would
collect the current FBI Fingerprinting
Fee of $17.25 for the criminal history
records checks in the STA process and
forward the fee to the FBI. If the FBI
increases or decreases that fee in the
future, TSA would collect the increased
or decreased fee.
Additionally, pursuant to the Chief
Financial Officers Act of 1990 (Pub. L.
101–576, Nov. 15, 1990, 104 Stat. 2838),
DHS is required to review fees no less
than every two years. 31 U.S.C. 3512.
Upon review, if it is found that the fees
are either too high (i.e., total fees exceed
the total cost to provide the services) or
too low (i.e., total fees do not cover the
total costs to provide the services), the
fee would be adjusted. Finally, TSA
would be able to adjust the fees for
inflation following publication of the
final rule. If TSA were to adjust the fees
for this reason, TSA would publish a
Notice in the Federal Register notifying
the public of the change.
Section 1544.619 Notice to Employers
TSA would notify employers of flight
crew members, individuals authorized
to perform screening functions, and
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
watch-list service provider covered
personnel of the results of the security
threat assessment under proposed
§ 1544.619. This notification would
allow aircraft operators or watch-list
service providers to know whether an
individual may be employed to perform
the functions that would require a
successful STA. Although TSA would
notify an aircraft operator or a watch-list
service provider that an individual
received a Final Determination of Threat
Assessment, TSA would not inform the
aircraft operator or watch-list service
provider of the basis of that
determination to protect the privacy of
that individual.
TSA proposes to require aircraft
operators and watch-list service
providers to retain the notification of
the results of the STA for five years. The
notification would serve as
documentation that an individual has
undergone a STA if the aircraft operator
or watch-list service provider is asked to
produce such documentation as part of
an audit or inspection.
Part 1515—Appeals and Waiver
Procedures for Security Threat
Assessment for Individuals
For individuals who may want to
appeal an Initial Determination of
Threat Assessment, a Final
Determination of Threat Assessment, or
a Withdrawal of an Initial or Final
Determination of Threat Assessment,
TSA proposes to apply the appeals
procedures in current part 1515. These
are the same procedures that apply to
applicants for a hazardous materials
endorsement on their commercial
driver’s license or a Transportation
Worker Identification Credential under
49 CFR part 1572, or for certain air cargo
workers under 49 CFR part 1540,
subpart C.
Section 1515.1 Scope
TSA proposes to add individuals
subject to proposed part 1544, subpart G
to the scope of part 1515 to provide
these individuals with a process to
appeal an Initial Determination of
Threat Assessment, a Final
PO 00000
Frm 00030
Fmt 4701
Sfmt 4702
Determination of Threat Assessment, or
a Withdrawal of an Initial or Final
Determination of No Security Threat.
Section 1515.5 Appeal of Initial
Determination of Threat Assessment
Based on Criminal Conviction,
Immigration Status, or Mental Capacity
Because the STAs for flight crew
members, individuals authorized to
perform screening functions, auditors,
and watch-list service provider covered
personnel involve criminal history
records checks, TSA proposes to apply
the procedures in § 1515.5 for these
individuals to appeal an Initial
Determination of Threat Assessment
based on a disqualifying criminal
offense.
An individual would be able to
appeal an Initial Determination of
Threat Assessment under § 1515.5 if he
asserts that he does not have a
disqualifying criminal offense. These
procedures would also apply to appeals
of a Withdrawal of Determination of No
Security Threat based on a disqualifying
criminal offense. An individual would
initiate an appeal by providing TSA
with a written request for the releasable
materials upon which the Initial
Determination was based, or by serving
TSA with a written reply to the Initial
Determination. The individual would be
required to serve TSA with the written
request for the releasable material or the
written reply with 60 days after the date
of service of the Initial Determination.
TSA’s response would be due no later
than 60 days after the individual is
served with a written request or the
written reply.
In response, TSA cannot provide any
classified information, as defined under
6 CFR part 7 (DHS Classified National
Security Information); or under E.O.
12958, Classified National Security
Information, as amended by E.O. 13292
(68 FR 15315, Mar. 28, 2003); and E.O.
12968, Access to Classified Information,
(60 FR 40245, Aug, 7, 1995); or any
other information or material protected
from disclosure by law. Classified
national security information is
E:\FR\FM\30OCP2.SGM
30OCP2
sroberts on PROD1PC70 with PROPOSALS
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
information that the President or
another authorized Federal official has
determined, pursuant to E.O. 12958, as
amended, and E.O. 12968, must be
protected against unauthorized
disclosure to safeguard the security of
American citizens, the country’s
democratic institutions, and America’s
participation within the community of
nations. See 60 FR 19825 (Apr. 20,
1995). E.O. 12958, as amended, and E.O.
12968 prohibit Federal employees from
disclosing classified information to
individuals who have not been cleared
to have access to such information
under the requirements of that E.O. See
also 6 CFR part 7. If TSA determines
that an applicant is requesting classified
materials, TSA would deny the request
for classified information.
In the written reply to the Initial
Determination, the individual should
explain why he or she is appealing the
Initial Determination and provide
evidence that the Initial Determination
was incorrect. In an applicant’s reply,
TSA would consider only material that
is relevant to whether he or she meets
the standards for the STA. If an
individual does not dispute or reply to
the Initial Determination, the Initial
Determination would become a Final
Determination of Threat Assessment.
An individual would have the
opportunity to correct a record on
which an adverse decision is based. As
long as the record is not classified or
protected by law from release, TSA
would notify the applicant of the
adverse information and provide a copy
of the record. If the individual wishes to
correct the inaccurate information, he or
she would need to provide written proof
that the record is inaccurate. The
individual should contact the
jurisdiction responsible for the
inaccurate information to complete or
correct the information contained in the
record. The individual would be
required to provide TSA with the
revised record or a certified true copy of
the information from the appropriate
entity before TSA can reach a
determination that the applicant does
not pose a security threat.
In considering an appeal, the
Assistant Secretary would review the
Initial Determination, the materials
upon which the Initial Determination is
based, the applicant’s reply and other
materials or information available to
TSA. The Assistant Secretary would be
able to affirm the Initial Determination
by concluding that an individual poses
a security threat. If this occurs, TSA
would serve a Final Determination of
Threat Assessment on the applicant.
The Final Determination would include
a statement that the Assistant Secretary
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
has reviewed the Initial Determination,
the materials upon which the Initial
Determination was based, the reply, if
any, and other available information
and has determined that the individual
has a disqualifying criminal offense. For
purposes of judicial review, a Final
Determination based on a disqualifying
criminal offense is a final TSA order.
If TSA determines that the individual
does not have a disqualifying criminal
offense, TSA would serve a Withdrawal
of the Initial Determination on the
individual and a Determination of No
Security Threat on the individual’s
employer if the individual is a flight
crew member, an individual authorized
to perform screening functions, or a
watch-list service provider covered
personnel.
As noted above, TSA is proposing to
apply to flight crew members,
individuals authorized to perform
screening functions, auditors, and
watch-list service provider covered
personnel the same disqualifying
criminal offenses that now apply to
certain other aviation workers under 49
CFR 1542.209 and 1544.229. These
sections are based on a statutory
provision, 49 U.S.C. 44936. The appeal
process in § 1515.5 addresses whether
or not the applicant has a disqualifying
criminal offense, that is, whether the
applicant has a conviction or a finding
of not guilty by reason of insanity of one
or more of the crimes listed in the rule
within the time specified in the rule. If
the individual does have a disqualifying
criminal offense, there is no waiver.
Accordingly, the waiver provisions that
apply to applicants for an HME or a
TWIC in § 1515.7 would not apply.
Section 1515.9 Appeal of Security
Threat Assessment Based on Other
Analyses
The STA for flight crew members,
individuals authorized to perform
screening functions, auditors, and key
employees of watch-list service
providers would also include other
analyses, including checks of
appropriate terrorist watch-lists and
related databases under proposed
§ 1544.609. TSA proposes to use the
appeals procedures in § 1515.9 for
individuals who wish to appeal an
Initial Determination of Threat
Assessment or a withdrawal of a
Determination of No Security Threat
based on the other analyses.
The procedures in § 1515.9 are similar
to the procedures in § 1515.5. However,
unlike a Final Determination of Security
Threat Assessment based on a
disqualifying criminal offense, a Final
Determination based on other analyses
would not be a final TSA order unless
PO 00000
Frm 00031
Fmt 4701
Sfmt 4702
64819
the individual fails to file an appeal to
an administrative law judge (ALJ) under
§ 1515.11.
Further, because other analyses are
often based on classified and other
sensitive information, there would be
limits on what TSA would release in
response to a request for materials. If
TSA determines that an applicant who
is appealing the other analyses is
requesting classified materials, TSA
would deny the request for classified
information.
The denial of access to classified
information under these circumstances
is also consistent with the treatment of
classified information under the
Freedom of Information Act (FOIA),
which specifically exempts such
information from the general
requirement under FOIA that
government documents are subject to
public disclosure. 5 U.S.C. 552(b)(1).
Similarly, under 49 U.S.C. 114(s), the
Assistant Secretary of TSA shall,
notwithstanding the FOIA statute,
prescribe regulations prohibiting the
public disclosure of information that
would be detrimental to the security of
transportation. Information that is
designated as SSI must only be
disclosed to people with a need to
know, such as those needing to carry
out regulatory security duties. 49 CFR
1520.11. The Assistant Secretary has
defined information concerning threats
against transportation as SSI by
regulation. See 49 CFR 1520.5. Thus,
information that TSA obtains indicating
that an applicant poses a security threat,
including the source of such
information and the methods through
which the information was obtained,
will commonly be at least SSI and may
be classified information. The purpose
of designating such information as SSI
is to ensure that persons who seek to
harm the transportation system do not
obtain access to information that will
enable them to evade the government’s
efforts to detect and prevent their
activities. Disclosure of this
information, especially to an individual
specifically suspected of posing a threat
to the transportation system, is precisely
the type of harm that Congress sought to
avoid by authorizing the Assistant
Secretary to define and protect SSI.
Other pieces of information also are
protected from disclosure by law due to
their sensitivity in law enforcement and
intelligence. In some instances, the
release of information about a particular
individual or his or her supporters or
associates could have a substantial
adverse impact on security matters. The
release by TSA of the identities or other
information regarding individuals
related to a security threat
E:\FR\FM\30OCP2.SGM
30OCP2
64820
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
sroberts on PROD1PC70 with PROPOSALS
determination could jeopardize sources
and methods of the intelligence
community, the identities of
confidential sources, and techniques
and procedures for law enforcement
investigations or prosecution. See 5
U.S.C. 552(b)(7)(D) and (E). Release of
such information also could have a
substantial adverse impact on ongoing
investigations being conducted by
Federal law enforcement agencies, by
revealing the course and progress of an
investigation. In certain instances,
release of information could alert coconspirators to the extent of the Federal
investigation and the imminence of
their own detection, thus provoking
flight.
For the reasons discussed above, TSA
would not provide classified
information or SSI to an individual, and
TSA reserves the right to withhold SSI
or other sensitive material protected
from disclosure under law. As noted
above, TSA expects that information
would be withheld only for
determinations based on § 1572.107,
which list databases that indicate
potential terrorist activity or threats.
The procedures for appeals of Initial
Determination of Threat Assessment
would also apply to appeals of a
Withdrawal of Determination of No
Security Threat.
Section 1515.11 Review by
Administrative Law Judge and TSA
Final Decision Maker
An individual who has received an
Initial Determination of Threat
Assessment or a withdrawal of
Determination of No Security Threat
based on the other analyses under
§ 1544.609 would first appeal that
determination using the procedures in
§ 1515.9. If after that appeal TSA
continues its determination that the
applicant is not qualified, the applicant
would be able to seek review by an ALJ
under § 1515.11.
The procedures would provide an
individual with 30 calendar days from
the date of service of the determination
to request a review. An ALJ who
possesses the appropriate security
clearances to review classified
information would conduct the review.
Section 1515.11 provides detailed
requirements for the conduct of the
review, such as information that
individuals must submit, requests for
extension of time, and the duties of the
ALJ.
Within 30 calendar days after the
conclusion of the hearing, the ALJ
would issue an unclassified decision to
the parties. The ALJ may issue a
classified decision to TSA. The ALJ may
decide that the decision was supported
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
by substantial evidence on the record or
that the decision was not supported by
substantial evidence on the record. If
neither party requests a review of the
ALJ’s decision, TSA would issue a final
order either granting or denying the
waiver or the appeal.
Either TSA or the individual would
be able to petition for review of the
ALJ’s decision to the TSA Final
Decision Maker. The TSA Final
Decision Maker would issue a written
decision within 60 calendar days after
receipt of the petition or within 30 days
of receipt of the other party’s response,
if a response is filed, unless a longer
period is required. The TSA Final
Decision Maker may issue an
unclassified opinion to the parties and
a classified opinion to TSA. For
purposes of judicial review, the decision
of the TSA Final Decision Maker would
be a final agency order.
Part 1550—Aircraft Security Under
General Operating and Flight Rules
Section 1550.5 Operations Using a
Sterile Area
TSA proposes to remove the reference
to scheduled passenger operations,
public charter passenger operations, and
private charter passenger operations,
and replace the language with ‘‘aircraft
operators that have a security program’’
to maintain consistency between
regulations. TSA also proposes to delete
the compliance date section since the
date has passed. Operators that must
follow this section should currently be
adhering to the applicable regulations.
Section 1550.7 Operations in Aircraft
Over 12,500 Pounds
TSA proposes to amend references to
‘‘12,500 pounds or more,’’ and replace
the language with ‘‘over 12,500 pounds’’
to maintain consistency between
regulations. The proposed changes
would provide that § 1550.7 only
applies to aircraft over 12,500 pounds,
excluding operations specified in §
1550.5 and operations under a security
program under part 1544 and 1546. The
aircraft that remain subject to this
regulation are the foreign aircraft with
an MTOW of over 12,500 pounds that
are not an all-cargo operation or are
under a security program under part
1546.
IV. Regulatory Requirements
A. Paperwork Reduction Act
The Paperwork Reduction Act of 1995
(PRA) (44 U.S.C. 3501, et seq.) requires
that TSA consider the impact of
paperwork and other information
collection burdens imposed on the
public and, under the provisions of PRA
PO 00000
Frm 00032
Fmt 4701
Sfmt 4702
section 3507(d), obtain approval from
the Office of Management and Budget
(OMB) for each collection of
information it conducts, sponsors, or
requires through regulations.
This proposed rule contains amended
information collection activities subject
to the PRA. TSA is revising a collection
that OMB has previously approved and
assigned OMB Control Number 1652–
0003 (Aircraft Operator Security).
Accordingly, TSA has submitted the
following information requirements to
OMB for its review.
Title: Large Aircraft Security Program.
Summary: TSA proposes to amend
current aviation transportation security
regulations (49 CFR part 1544) to
enhance and improve the security of GA
by issuing this NPRM that would
require revisions to a currently
approved information collection.
Through this NPRM, TSA is proposing
the following seven required
information collections in addition to
those already approved under this OMB
control number: (1) Require security
programs for all operators of aircraft that
have a maximum certificated takeoff
weight of over 12,500 pounds, except
for aircraft operators under a full
program, full all-cargo program, limited
program, or certain government aircraft
(‘‘large aircraft’’); (2) require that aircraft
operator flight crews, individuals
authorized to perform screening
functions, TSA-approved auditors, and
TSA-approved watch-list service
providers’ key personnel undergo STAs
that include a fingerprint-based criminal
history records check; (3) require large
aircraft operators to submit to an
independent, third-party audit
conducted by TSA-approved auditors
(i.e., large aircraft operators would be
required to maintain records, and
provide auditors access to their records,
equipment, and facilities necessary for
the auditor to conduct an audit); (4)
require TSA oversight of auditors (i.e.,
TSA-approved auditors would submit to
any TSA inspection, include copying of
their records, to determine their
compliance with TSA regulations); (5)
require large aircraft operators to
transmit passenger information to TSAapproved watch-list service providers to
conduct watch-list matching against the
No-Fly and Selectee Lists; (6) require
auditors and watch-list service
providers to submit applications to
become TSA-approved; and (7) require
watch-list service providers to submit
security programs for approval.
Use of: The LASP requirement would
replace some existing security programs
for large aircraft operators and would
include additional GA operators, such
that TSA would apply consistent
E:\FR\FM\30OCP2.SGM
30OCP2
sroberts on PROD1PC70 with PROPOSALS
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
security procedures to operators of large
aircraft. TSA would use the identifying
information and fingerprints collected
from flight crew members, auditors, and
key employees of TSA-approved watchlist service providers to conduct STAs
that include a criminal history records
check. The TSA-approved auditors
would review and inspect the records
aircraft operators would be required to
maintain to demonstrate compliance
with TSA requirements during their
audits. TSA would inspect the records
maintained by the auditors to determine
their compliance with TSA regulations
and to ensure that auditors have the
qualification to produce useful audits to
TSA and the aircraft operators. The
watch-list service providers would use
the passenger information transmitted
by the aircraft operators to conduct
watch-list matching against the No Fly
and Selectee Lists. TSA would use the
applications submitted by auditors and
watch-list service providers to ensure
the entities are eligible and qualified.
TSA would require watch-list service
providers to adopt and carry out a
security program to ensure that they are
taking appropriate security measures
and are consistent and accurate in
performance of their duties.
Respondents (including number of):
The likely respondents to this proposed
information requirement are: operators
of aircraft that have a maximum
certificated takeoff weight of over
12,500 pounds, except for aircraft
operators under a full program, full allcargo program, limited program, or
certain government aircraft (‘‘large
aircraft’’); individuals authorized to
perform screening functions; entities
seeking to become TSA-approved
auditors; and entities seeking to become
TSA-approved watch-list matching
service providers and key personnel.
Frequency: The proposed
recordkeeping requirements would be
ongoing and continuous. The
requirement that operators ensure their
flight crewmembers, other employees,
and individuals authorized to perform
screening functions undergo a security
threat assessment, which includes a
criminal history records check, would
be a frequency of every five years. The
aircraft operators would be required to
transmit passenger information to
watch-list service providers to conduct
watch-list matching on a per flight basis.
The watch-list service providers would
be required to report matches to the
Federal watch-list as matches occur.
Individuals and firms desiring to
become TSA-approved auditors as well
as firms seeking approval to become
watch-list service providers would be
required to send TSA an application
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
only once. Watch-list service providers
also would be required to submit a
security program to TSA once, and
would be required to ensure their
covered personnel undergo a STA
conducted by TSA once every five
years. Auditors would be required to
submit an audit report to the aircraft
operator and to TSA for every audit that
they perform.
Annual Burden Estimate: TSA is
amending this information collection to
reflect the addition of approximately
9,544 new respondents, as well as new
collection burdens, for an estimated
total 10,374 respondents. Over three
years, the new population includes
9,363 new large aircraft operators, 166
TSA-approved auditors, and 15 watchlist service providers. TSA estimates
that the large aircraft operators would
spend approximately 1 million hours
annually establishing and/or
maintaining appropriate security
programs, completing passenger watchlist matching in the prescribed manner,
completing STAs on flight
crewmembers, and completing third
party audits of established security
programs.
TSA estimates that the TSA-approved
auditors would spend approximately
19,660 hours annually, with an annual
4,990 responses, submitting application
materials and profiles, completing STAs
on their employees, and writing up their
findings and submitting copies to the
aircraft operator and TSA. TSA
estimates that the total annual hour
burden for watch-list service providers
would be approximately 88 hours,
which includes submitting application
materials (including a security program
and profile information) and conducting
STAs on their employees in order to
receive TSA approval.
TSA is also amending the cost burden
for this information collection to reflect
an expanded respondent population and
new information collection costs. As a
result of the LASP, non-AOSSP
operators would be required to pay fees
to submit passenger information to
watch-list service providers, conduct
security threat assessments on their
flight crew members and individuals
authorized to perform screening
functions, and contract with TSAapproved auditors. TSA-approved
auditors and watch-list service
providers would also pay fees to
conduct STAs on their employees. In
total, these requirements would add
$10.5 million to the average annual cost
of this information collection, bringing
the total annual cost of the information
collection (which includes costs to
AOSSP aircraft operators) to $12.9
million.
PO 00000
Frm 00033
Fmt 4701
Sfmt 4702
64821
TSA is soliciting comments to—
(1) Evaluate whether the proposed
information requirement is necessary for
the proper performance of the functions
of the agency, including whether the
information will have practical utility;
(2) Evaluate the accuracy of the
agency’s estimate of the burden;
(3) Enhance the quality, utility, and
clarity of the information to be
collected; and
(4) Minimize the burden of the
collection of information on those who
are to respond, including using
appropriate automated, electronic,
mechanical, or other technological
collection techniques or other forms of
information technology.
Individuals and organizations may
submit comments on the information
collection requirements by December
29, 2008. Direct the comments to the
address listed in the ADDRESSES section
of this document, and fax a copy of
them to the Office of Information and
Regulatory Affairs, Office of
Management and Budget, Attention:
DHS–TSA Desk Officer, at (202) 3955806. A comment to OMB is most
effective if OMB receives it within 30
days of publication. TSA will publish
the OMB control number for this
information collection in the Federal
Register after OMB approves it.
As protection provided by the
Paperwork Reduction Act, as amended,
an agency may not conduct or sponsor,
and a person is not required to respond
to, a collection of information unless it
displays a currently valid OMB control
number.
B. Regulatory Impact Analyses
1. Regulatory Evaluation Summary
Changes to Federal regulations must
undergo several economic analyses.
First, Executive Order 12866, Regulatory
Planning and Review (58 FR 51735,
October 4, 1993), directs each Federal
agency to propose or adopt a regulation
only upon a reasoned determination
that the benefits of the intended
regulation justify its costs. Second, the
Regulatory Flexibility Act of 1980 (5
U.S.C. 601, et seq., as amended by the
Small Business Regulatory Enforcement
Fairness Act (SBREFA) of 1996) requires
agencies to analyze the economic
impact of regulatory changes on small
entities. Third, OMB directs agencies to
assess the effect of regulatory changes
on international trade. Fourth, the
Unfunded Mandates Reform Act of 1995
(2 U.S.C. 1531–1538) requires agencies
to prepare a written assessment of the
costs, benefits, and other effects of
proposed or final rules that include a
Federal mandate likely to result in the
E:\FR\FM\30OCP2.SGM
30OCP2
sroberts on PROD1PC70 with PROPOSALS
64822
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
expenditure by State, local, or tribal
governments, in the aggregate, or by the
private sector, of $100 million or more
annually (adjusted for inflation).
TSA has prepared a separate detailed
analysis document, which is available to
the public in the docket. With respect to
these analyses, TSA provides the
following conclusions and summary
information.
• TSA has determined that this is an
economically significant rule within the
definition of E.O. 12866, as estimated
annual costs or benefits exceed $100
million in any year. The mandatory
OMB Circular A–4, Regulatory Analysis,
accounting statement is included in the
separate complete analysis and is not
repeated here.
• As a normal practice, we provide
the Initial Regulatory Flexibility
Analysis (IRFA) to the public, but
withhold the final formal certification of
determination as required by the RFA
until after we receive public comments
and publish the Final Regulatory
Flexibility Analysis. The IRFA reflects
substantial gaps in data where TSA was
unable to identify either impacted
entities or revenues for those that are
businesses. TSA has provided the
analysis based upon available data and
requests public comment on all aspects
of the analysis. As a result, TSA makes
no preliminary finding as to whether
there is or is not a significant impact on
a substantial number of small
businesses.
• The Trade Agreement Act of 1979
prohibits Federal agencies from
establishing any standards or engaging
in related activities that create
unnecessary obstacles to the foreign
commerce of the United States.
Legitimate domestic objectives, such as
safety, are not considered unnecessary
obstacles. The statute also requires
consideration of international standards
and, where appropriate, that they be the
basis for U.S. standards. TSA has
assessed the potential effect of this
notice of proposed rulemaking and has
determined this rule would not have an
adverse impact on international trade.
• The regulatory evaluation provides
the required written assessment of
Unfunded Mandates. The proposed rule
is not likely to result in the expenditure
by State, local, or tribal governments, in
the aggregate, of $100 million or more
annually (adjusted for inflation).
However, because the rule is
economically significant as defined by
E.O. 12866, it does have an unfunded
mandate impact on the economy as a
whole.
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
2. Executive Order 12866 Assessment
Benefits
The proposed rule would yield
benefits in the areas of security and
quality governance. The security and
governance benefits are four-fold. First,
the rule would enhance security by
expanding the mandatory use of
security measures to certain operators of
large aircraft that are not currently
required to have a security plan. These
measures would deter malicious
individuals from perpetrating acts that
might compromise transportation or
national security by using large aircraft
for these purposes. Second, it would
harmonize, as appropriate, security
measures used by a single operator in its
various operations and between
different operators. Third, the new
periodic audits of security programs
would augment TSA’s efforts to ensure
that large aircraft operators are in
compliance with their security
programs. Finally, it would consolidate
the regulatory framework for large
aircraft operators that currently operate
under a variety of security programs,
thus simplifying the regulations and
allowing for better governance. When
taken together, the security-related
benefits would act as part of the larger
benefits yielded by TSA’s layered
security approach.
At this time, TSA cannot quantify
these benefits; however, TSA conducted
a ‘‘break-even’’ analysis to determine
what reduction of overall risk of a terror
attack and resulting reduction in the
expected losses for the nation due to a
terror attack would be necessary in
order for the expected benefits of the
rule to exceed the costs. Because the
types of attacks that would be prevented
by this regulation vary widely in their
intensity and effects, depending both on
the intent of those undertaking the
attack and their effectiveness in
completing it, TSA considered three
example attack scenarios and the
monetized losses associated with each.
Similar break-even analyses have been
undertaken in support of other DHS
rules, and TSA has coordinated the
current analysis with these earlier ones,
with the aim of maintaining consistency
in DHS analyses and results. In the case
of the LASP proposed rule, some of the
types of terror attacks that might be
undertaken using aircraft operated by
those covered under the proposed rule
are similar to those that were considered
by U.S. Customs and Border Protection
(CBP), and this similarity has informed
the current analysis and examples. For
one scenario, however, TSA has relied
on DHS research into the effects of
successful delivery of a weapon of mass
PO 00000
Frm 00034
Fmt 4701
Sfmt 4702
destruction (WMD) by an aircraft of the
type affected by the proposed rule. The
conclusions of this DHS research are
consistent with results from existing
academic and think tank research into
similar issues.
In order to compare the losses
associated with each scenario to the cost
of the proposed rule, TSA converted
casualties into a monetary total. TSA
used the Value of a Statistical Life (VSL)
of $5.8 million that is used by the
Department of Transportation (DOT),
and which was recently revised to
reflect current academic and other
research into this quantity.33 The VSL
represents an individual’s willingness to
pay to avoid a fatality onboard an
aircraft, based on economic studies of
the value individuals place on small
changes in risk. Similarly, based on the
same DOT guidance, TSA valued
moderate injuries at 1.55 percent of the
VSL and severe injuries at 18.75 percent
of the VSL. TSA emphasizes that the
VSL is a statistical value of a unit
decrease in expected fatalities to be
used for regulatory comparison, and
does not suggest that the actual value of
a particular individual’s life can be
stated in dollar terms.
The following paragraphs present a
description of the four scenarios
considered by TSA with corresponding
estimates of their monetary
consequences. These scenarios make up
a wide range of possible consequences,
which reflects the varied opportunities
for attack and targeting that may exist
for those intent on doing the nation
harm. In order to compare direct costs
to direct benefits, TSA presents only the
direct economic losses estimated to
result from the attack scenarios and has
omitted economic ‘‘ripple effects’’ and
economic transfers from its calculations.
Scenario 1 contemplates a situation
where a large aircraft is used as a
missile to attack an unpopulated or
lightly populated area, resulting in
minimal loss of life, moderate injuries
and destruction of the aircraft. Of the
scenarios considered, this is the most
restrained in its level of envisioned
harm. It is assumed that a loss of 3 lives
occurs, along with 10 moderate injuries
and the complete hull loss of the
aircraft. Using the DOT VSL of $5.8
million, the monetary estimate
associated with the loss of life is $17.4
million. Again using DOT guidance,
moderate injuries to those affected are
valued at 1.55% of the VSL, or $89,900.
To estimate the value of the lost aircraft,
33 U.S. Department of Transportation
memorandum, Treatment of the Economic Value of
a Statistical Life in Departmental Analyses. Office
of the Secretary of Transportation, February 5, 2008.
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
TSA used $9.3 million, which is the
2008 average market value of a General
Aviation jet aircraft weighing between
12,500 and 65,000 pounds.34 Taken
together, the monetary consequence of
this scenario totals $32 million, or
$0.032 billion.
Scenario 2 also contemplates a
situation where a large aircraft is used
as a missile to attack a populated area,
resulting in significantly greater loss of
life and injuries, and destruction of the
aircraft. It is assumed that a loss of 250
lives occurs, along with 250 severe
injuries and the complete hull loss of
the aircraft. Using the DOT VSL of $5.8
million, the monetary estimate
associated with the loss of life is $1.45
billion. Again using DOT guidance,
severe injuries to those affected are
valued at 18.75% of the VSL, or $1.1
million, the monetary impact of these
injuries total $272 million. To estimate
the value of the lost aircraft, TSA used
$9.3 million, which is the 2008 average
market value of a General Aviation jet
aircraft weighing between 12,500 and
65,000 pounds. Taken together, the
monetary consequence of this scenario
totals $1.73 billion. The level of damage
in this type of scenario is consistent
with the scenarios considered for the
CBP APIS Final Rule analysis, although
the current analysis also includes a
component of severe injuries.35
Scenario 3 contemplates a situation
where a large aircraft is used as a
sroberts on PROD1PC70 with PROPOSALS
34 Federal Aviation Administration. 2007.
Economic Values for FAA Investment and
Regulatory Decisions, A Guide. Prepared by GRA,
Inc. December 31, 2004 (updated). Table 5–7. This
table reports 2003 value estimates, and the 2003
estimate of $7.2 million was brought to the 2008
value of $9.3 million using the FAA recommended
method described in the document in Section 9.6
(page 9–9), which relies on the BLS producer price
index series for civil aircraft, available in the
producer price index values for commodities at
https://stats.bls.gov/ppi/home.htm.
35 Regulatory Assessment & Final Regulatory
Flexibility Analysis for the Final Rule, Passenger
Manifests for Commercial Aircraft Arriving in and
Departing from the United States; Passenger and
Crew Manifests for Commercial Vessels Departing
from the United States. Table 12, page 35.
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
missile to carry out a direct attack on a
building in a densely populated urban
area. Because of these locational details,
a successful attack would result in
much more severe consequences,
including significantly increased loss of
life and widespread real property
damage, compared to Scenario 1. For
valuation purposes for this scenario,
TSA assumes 3,000 fatalities, valued at
$17.4 billion using the DOT VSL of $5.8
million. To maintain consistency with
existing DHS analyses, in particular the
APIS analysis,36 TSA assumes property
losses totaling $21.8 billion; this total is
motivated by comparison to the City of
New York Comptroller’s estimate of
direct losses to the city due to the
September 11 attacks.37 However, TSA
also assumes that 9,000 severe injuries
would also result from such an attack.
These severe injuries, valued at 18.75%
of the VSL based on the DOT guidance,
have a monetary valuation of $9.79
billion. Finally, based on the FAA
estimate of aircraft value, losses in
Scenario 3 include $9.3 million due to
complete hull loss of the aircraft used in
the attack. The scenario elements
aggregate to a total consequence of $49.0
billion.
Finally, Scenario 4 contemplates a
catastrophic situation in which a large
aircraft is used to deliver a nuclear or
biohazard device to an urban center.
The costs associated with a scenario
such as this have been examined by
DHS in detail for a nuclear device.38
This research concludes that the
consequences of such an event would be
immense, with a wide range of
uncertainty. For the present analysis,
TSA is using a value of $1 trillion for
36 Regulatory Assessment & Final Regulatory
Flexibility Analysis for the Final Rule, Passenger
Manifests for commercial Aircraft Arriving in and
Departing from the United States; Passenger and
Crew Manifests for Commercial Vessels Departing
from the United States. Table 13, page 36.
37 Thompson, Jr., William C. Comptroller, City of
New York. ‘‘One Year Later: The Fiscal Impact of
9/11 on New York City.’’ September 4, 2002.
38 ‘‘Economic Consequences of a Nuclear
Detonation in an Urban Area’’ undated DHS draft.
PO 00000
Frm 00035
Fmt 4701
Sfmt 4702
64823
the direct consequences of an attack of
this severity. This value falls in the
midrange of the values developed in the
DHS research, and is consistent with
results obtained from a review of
academic and think tank research into
the consequences of nuclear and
bioterror attacks on urban areas. The
value of $1 trillion results from loss of
life in an attacked urban area in the
hundreds of thousands and enormous
loss of property and productive assets.
Figure 1 below displays the impacts
and monetary consequences identified
for each of these scenarios. TSA
compared the monetary consequence
from a successful attack with the cost of
the proposed LASP. To judge the value
or effectiveness of the LASP proposed
rule in the context of these scenarios, it
is necessary to compare the extent of
monetary consequence from a
successful attack with the cost of a
program like LASP that would be
deployed to reduce the risk or
likelihood of such an attack being
successfully undertaken. The annual
risk reductions required for the
proposed rule to break even under each
of the four scenarios are presented
below. In this analysis the comparison
is made between the estimated scenario
consequence and the LASP discounted
annualized cost of $194.1 million, using
a discount rate of 7%; the ‘‘required risk
reduction’’ for breakeven is simply the
ratio between this annualized program
cost and the scenario consequence total.
As shown, depending on the attack
scenario, underlying baseline risk of
terror attack would have to be reduced
less than 1 percent (Scenarios 3 and 4)
to 11 percent (Scenario 2) in order for
the rule to break even. If only avoidance
of quantified direct losses is considered,
preventing the impact characterized in
Scenario 1 is not sufficient to offset the
LASP program’s annualized costs, even
if a Scenario 1 outcome were a certainty,
expressed as a baseline risk of 100%,
and the chance of this were eliminated
entirely (100 percent risk reduction).
E:\FR\FM\30OCP2.SGM
30OCP2
64824
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
FIGURE 1—REQUIRED REDUCTION IN ANNUAL RISK NECESSARY (%) FOR LASP ANNUALIZED DISCOUNTED COSTS
($194.1 M) TO EQUAL EXPECTED BENEFITS, BY ATTACK SCENARIO
Scenario
Scale
Loss of life
1 ..................
2 ..................
3 ..................
Minimal .........
Moderate ......
Major ............
4 ..................
Valuation at
VSL of $5.8
M ($ B)
Catastrophic
3
250
3000
Hull loss ($
B)
$0.02
1.45
17.4
Property loss
($ B)
$0.009
0.009
0.009
Injuries
($ B)
None
None
21.8
$0.005
0.27
9.79
$0.03
173
49.0
The following summarizes the
estimated costs of this rulemaking by
general category of who pays. A
summary table provides an overview of
the cost items and a brief description of
cost elements. Both in this summary
and the economic evaluation,
descriptive language is used to try and
relate the consequences of the
regulation. Although the regulatory
evaluation attempts to mirror the terms
and wording of the proposed rule text,
no attempt is made to precisely replicate
the regulatory language and readers are
cautioned that the actual regulatory text,
not the text of the evaluation, would be
binding. Throughout the evaluation
rounding in displayed values may result
in minor differences in displayed totals.
Aircraft operators, airport operators,
and TSA would incur costs to comply
with the requirements of the proposed
LASP rule. TSA estimated the total 10year cost of the program at $1.4 billion,
discounted at 7%. At this rate, the
annualized total rule cost per flight is
estimated at $44. Aircraft operator costs
comprise 85 percent of all estimated
costs. This is due to the large number of
newly regulated aircraft operators and
the amount of time security
coordinators are anticipated to spend on
their duties.
TSA estimated approximately 9,000
GA aircraft operators use aircraft with a
maximum takeoff weight exceeding
N/A
11.0
0.7
1,000
Large and Variable across Studies
Costs
Required risk
reduction by
LASP (%)
Total ($ B)
0.019
12,500 pounds and would thus be
subject to the proposed rule. These
aircraft operators are currently not
required to operate under any existing
TSA security programs. Costs to these
newly regulated aircraft operators
represent 84 percent of total estimated
costs, with security coordinator duties
and training making up 89.5 percent of
those new aircraft operator costs.
Security coordinator duties and training
for these operators are estimated at $1.0
billion over 10 years, discounted at 7
percent. The following figure provides
the total 10-year costs as well as
annualized costs at the 0, 7, and 3
percent discount rates for the principal
populations affected by the proposed
rule.
TOTAL AND ANNUALIZED COSTS BY AFFECTED ENTITY
10-year total costs
Annualized costs
Affected entity
3%
7%
New Aircraft Operators ............................................................................
Existing Aircraft Operators .......................................................................
Airport Operators .....................................................................................
TSA ..........................................................................................................
Passengers (Opportunity) ........................................................................
$1,655.8
19.6
7.5
194.4
91.9
$1,402.3
16.7
6.5
165.9
78.2
Total, Primary ...................................................................................
1,969.3
Total, High ........................................................................................
Total, Low .........................................................................................
sroberts on PROD1PC70 with PROPOSALS
0%
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
PO 00000
Frm 00036
Fmt 4701
0%
3%
7%
$1,143.5
13.6
5.5
136.6
64.1
$165.6
2.0
0.8
19.4
9.2
$164.4
2.0
0.8
19.4
9.2
$162.8
1.9
0.8
19.5
9.1
1,669.5
1,363.4
196.9
195.7
194.1
2,720.7
2,305.9
1,882.3
272.1
270.3
268.0
1,239.1
1,051.2
859.2
123.9
123.2
122.3
Sfmt 4702
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
expenses to collect and submit
passenger information for watch-list
matching. TSA is requesting detailed
comments to enable quantification of
this impact for new and existing
operators. The figure below displays the
PO 00000
Frm 00037
Fmt 4701
Sfmt 4725
cost segments of the proposed rule
grouped into four major cost categories:
Security coordinator duties and
training; audits and inspections; STAs;
and security programs.
E:\FR\FM\30OCP2.SGM
30OCP2
EP30OC08.000</GPH> EP30OC08.001</GPH>
sroberts on PROD1PC70 with PROPOSALS
Given several areas of uncertainty in
the cost estimates, TSA estimates of the
total cost of the rule range from $859
million to $1.9 bilion, discounted at 7
percent. TSA was unable to model some
requirements, such as aircraft operator
64825
sroberts on PROD1PC70 with PROPOSALS
64826
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
TSA estimated covered aircraft
operators would expend $1.1 billion
over 10 years to comply with the
proposed LASP, discounted at 7
percent. All covered aircraft operators
would incur costs to develop and
submit security programs and profiles.
Newly regulated aircraft operators
would be required to designate security
coordinators who would perform a
variety of security-related duties and
complete annual security training.
These aircraft operators also would be
required to ensure that their flight
crewmembers successfully undergo
STAs conducted by TSA. All aircraft
operators would need to control access
to any weapons and check property in
the cabin for possible stowaways.
Further, aircraft operators would be
required to submit names of passengers
aboard their flights to TSA-approved
service providers for purposes of
matching names against terrorist watchlists. Finally aircraft operators would
contract with TSA-approved auditors to
undergo biennial reviews demonstrating
compliance with their security
programs.
Since TSA views security programs as
a package, this rule would also require
a partial airport security program for
non-federalized airports regularly
serving large aircraft, in scheduled or
public charter operations and airports
designated by the Secretary of
Transportation as ‘‘Reliever Airports.’’
TSA has determined these airports
frequently serve as a base for aircraft
operators covered by the LASP. Covered
airports would be required to develop
and submit security programs to TSA
and comply with program requirements.
This would include the designation of
airport security coordinators and
completion of attendant training. TSA
estimated airport operators would
expend $5.5 million over 10 years,
discounted at 7 percent.
To implement and oversee this new
security program regime, TSA would
expend monies to conduct outreach to
covered aircraft and airport operators
and process security programs and
profiles, enforce compliance with the
proposed requirements, and enroll
auditors and watch-list service
providers. TSA estimated its 10-year
costs to implement the proposed
regulation would range from $133.5
million to $139.8 million, discounted at
7 percent, with a primary estimate of
$136.6 million.
Entities wishing to participate as
auditors or watch-list service providers
would incur voluntary costs to apply to
TSA for authorization to provide those
services. These service entities would
likely pass their enrollment expenses to
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
subscribing aircraft operators; thus, in
the regulatory evaluation TSA assesses
the costs directly to the affected aircraft
operators. To avoid double-counting,
the analysis does not provide a separate
estimate of auditor and watch-list
service provider enrollment costs.
However, TSA has included a
description of the enrollment process
and anticipated unit costs within the
discussion of TSA’s costs to process
auditor and watch-list service provider
applications.
Passengers on covered aircraft would
incur opportunity costs from the time
spent providing personal information to
aircraft operators, for use in Watch List
Matching, and, to a much more modest
degree, from time spent delayed when
pre-flight Watch List Matching issues
need to be resolved in real time. TSA
estimated that these passenger
opportunity costs total $64 million,
discounted at 7 percent.
As previously noted, TSA estimates
that the total 10-year cost of the program
would be $1.4 billion, discounted at 7
percent; the annualized cost (at a 7
percent discount rate) per flight would
be $44.
3. Initial Regulatory Flexibility
Assessment (IRFA)
The Regulatory Flexibility Act of 1980
establishes ‘‘as a principle of regulatory
issuance that agencies shall endeavor,
consistent with the objective of the rule
and of applicable statutes, to fit
regulatory and informational
requirements to the scale of the
business, organizations, and
governmental jurisdictions subject to
regulation.’’ To achieve that principle,
the RFA requires agencies to solicit and
consider flexible regulatory proposals
and to explain the rationale for their
actions. The RFA covers a wide range of
small entities, including small
businesses, not-for-profit organizations,
and small governmental jurisdictions.
When issuing a rulemaking, agencies
must perform a review to determine
whether a proposed or final rule will
have a significant economic impact on
a substantial number of small entities. If
the determination is that it will, the
agency must prepare a regulatory
flexibility analysis as described in the
RFA. However, if an agency determines
that a proposed or final rule is not
expected to have a significant economic
impact on a substantial number of small
entities, section 605(b) of the RFA
provides that the head of the agency
may so certify and a regulatory
flexibility analysis is not required. The
certification must include a statement
providing the factual basis for this
PO 00000
Frm 00038
Fmt 4701
Sfmt 4702
determination, and the reasoning should
be clear.
As part of implementing this NPRM,
TSA conducted this Initial Regulatory
Flexibility Analysis. The IRFA describes
the reasons for and objectives of the
proposed rule; includes a description
and estimate of the number of small
entities that would be impacted by the
proposed rule; estimates the cost of
complying with requirements for small
entities; addresses significant
alternatives to the rulemaking
considered by TSA; and, identifies
duplicative, overlapping, and
conflicting rules.
Reason for the Proposed Rule
The Aviation and Transportation
Security Act (ATSA) (Pub. L. 107–71,
115 Stat. 597, Nov. 19, 2001) granted
TSA broad statutory authority to take
measures to increase the security of civil
aviation in the United States. Since the
passage of ATSA, TSA has used its
authority to implement an array of
aviation security programs, focusing
mainly on the commercial aviation
segment of the industry.
TSA is aware that as vulnerabilities
within the air carrier and commercial
operator segment of the aviation
industry are reduced, GA operations
may become more attractive targets.
With thousands of operators flying over
100,000 aircraft, firms operating in the
GA market—including some smaller
airports—are largely unregulated with
respect to security. Many GA aircraft,
however, are of the same size and
weight of the commercial operators that
TSA regulates, meaning that they
potentially and effectively could be
used to commit a terrorist act.
Consequently, this portion of the
aviation industry may be vulnerable to
exploitation by terrorists. Except for
limited security requirements for certain
classes of GA aircraft, TSA does not
currently require security programs for
many GA aircraft operators. This
situation presents a security risk.
The proposed rule would mitigate this
risk by requiring GA aircraft operators
and certain airports to enact an
assortment of security measures.
Objectives of the Proposed Rule
The objective of the proposed rule is
to strengthen the security of civil
aviation.
Description and Estimate of the Number
of Small Entities
The proposed rule would impact
certain firms flying aircraft with a
maximum take-off weight greater than
12,500 pounds in the civil aviation
market. It would also impact certain
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
publicly- and privately-owned airports.
This section of the IRFA attempts to
describe and identify all small entities
within the aforementioned industries,
including those operating under existing
security regulations and those that are
currently not regulated.
Currently Regulated Aircraft Operators
The proposed rule would affect
aircraft operators currently offering
services under existing security
regulations. Aircraft operators utilizing
TSA-required security programs,
including the Twelve-Five Standard
Security Program (TFSSP), the All Cargo
Twelve-Five Standard Security Program
(TFSSP–AC), the Partial Program
Standard Security Program (PPSSP), and
the Private Charter Standard Security
Program (PCSSP) would be covered by
the proposed rule.
Aircraft operators offering services
under the TFSSP and the TFSSP–AC
utilize aircraft with a maximum takeoff
weight of more than 12,500 pounds;
offer scheduled or charter service; carry
passengers or cargo or both; and do not
operate under a PPSSP or PCSSP.
The PPSSP is used by scheduled
passenger or public charter passenger
operations using aircraft with seating
configurations of 31 or more, but 60 or
fewer seats that do not enplane from or
deplane into a sterile area, and by
scheduled passenger or public charter
passenger operations using aircraft with
seating configurations of 60 or fewer
seats engaged in operations to, from, or
outside the United States that do not
enplane from or deplane into a sterile
area.
The requirements of the PPSSP are
identical to those of the TFSSP, with the
exception that the PPSSP requires
operators to participate in airport
operator-sponsored exercises of airport
contingency plans. TSA estimated that
approximately 649 operators, utilizing
4,540 large aircraft, were conducting
operations either solely or primarily
under the TFSSP or PPSSP at the time
of writing. (Within the text of this IRFA,
Twelve-Five and Partial Program
operators may be referred to collectively
64827
as TFSSP operators due to the extremely
small number of Partial Program
operators, the similarities between the
two groups, and the fact that they would
be merged under the proposed
regulation.)
Conversely, aircraft operators using
privately chartered aircraft (aircraft
hired by, and for, one specific group of
people), having a MTOW greater than
45,500 kg (100,309.3 pounds); or, a
passenger seating configuration of 61 or
more seats, or, that enplane from or
deplane into a sterile area, operate
under the PCSSP. To be considered a
private charter, the charterer must have
engaged the total passenger capacity of
the aircraft, invited all of the passengers,
borne all of the costs of the charter, and
must not have advertised to the public,
in any way, to solicit passengers.
In conducting research for the
Regulatory Evaluation, TSA generated
estimates of the number of operators
offering services under each security
program described above. The estimates
are shown in the figure below.
LASP AIRCRAFT OPERATORS CURRENTLY OPERATING UNDER A TSA SECURITY PROGRAM
Number of aircraft operators
Existing security program or operating certificate
Twelve-Five Standard Security Program .............................................................................................................................................
All Cargo Twelve-Five Standard Security Program ............................................................................................................................
Private Charter Standard Security Program ........................................................................................................................................
649
48
77
Total ..............................................................................................................................................................................................
774
sroberts on PROD1PC70 with PROPOSALS
To determine if the firms identified in
the figure above qualify as small entities
as defined by the RFA and the Small
Business Administration (SBA), TSA
first attempted to classify each firm
using North American Industry
Classification System (NAICS) codes
maintained by the U.S. Census Bureau.
After analyzing the various operators’
characteristics and the NAICS codes,
TSA determined that the aircraft
operators described above would
broadly fall into the nonscheduled air
transportation market. Firms in NAICS
code 481211, Nonscheduled Chartered
Passenger Air Transportation, and code
481212, Nonscheduled Charter Freight
Air Transportation, are classified as
large or small based on employee
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
measures. Firms in these markets with
less than 1,500 employees are
considered small by the SBA.
Unfortunately, TSA could not obtain
current, detailed employee data for the
respective firms, making it difficult to
discern whether the firms are small or
large according to standards set by the
SBA. In light of the lack of current
employee data on these firms, TSA
turned to U.S. Census Bureau
information to gauge the number of
currently regulated entities affected by
the proposed rule that may be
considered small.
PO 00000
Frm 00039
Fmt 4701
Sfmt 4702
NAICS 481211—Nonscheduled
Chartered Passenger Air Transportation
As stated above, the SBA defines any
firm in the Nonscheduled Chartered
Passenger Air Transportation industry
with less than 1,500 employees as small.
Using 2002 data maintained by the U.S.
Census Bureau, TSA determined that
there are 1,400 firms in the industry,
and at least 1,178 of these firms are
small entities. The average annual
revenue for firms in this industry in
2002 was approximately $3.9 million.
The data that TSA accessed from the
Census Bureau to make this
determination did not have enough
detail for the Agency to draw a
conclusion on the remaining 222 firms.
See the figure below.
E:\FR\FM\30OCP2.SGM
30OCP2
64828
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
with less than 1,500 employees as small.
Again using Census Bureau data, TSA
determined that there are 231 firms in
the overall industry, and at least 162 of
these firms are small entities. The
average annual revenue for firms in this
industry in 2002 was approximately
$5.0 million. The data that TSA
accessed from the Census Bureau to
make this determination did not have
enough detail for the Agency to draw a
conclusion on the remaining 69 firms.
Firms operating aircraft under the
TFSSP and the PCSSP likely fall into
NAICS code 481211, Nonscheduled
Chartered Passenger Air Transportation,
described above. As previously stated,
TSA estimated that there are 649 and 77
TFSSP and PCSSP operators,
respectively, that would be affected by
the NPRM. In all likelihood, these
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
PO 00000
Frm 00040
Fmt 4701
Sfmt 4702
E:\FR\FM\30OCP2.SGM
30OCP2
EP30OC08.002</GPH> EP30OC08.003</GPH>
As previously stated, the SBA defines
any firm in the Nonscheduled Chartered
Freight Air Transportation industry
sroberts on PROD1PC70 with PROPOSALS
NAICS 481212—Nonscheduled
Chartered Freight Air Transportation
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
sroberts on PROD1PC70 with PROPOSALS
operators represent a subset of the firms
TSA identified using the Census data.
So while TSA identified 1,178 small
entities (and 222 potentially small
entities) in the overall Nonscheduled
Chartered Passenger Air Transportation
market, it is not likely that all of those
firms would be impacted by the
proposed rule.
Firms operating under the TFSSP–AC
most likely are classified by the Census
Bureau by NAICS code 481212,
Nonscheduled Chartered Freight Air
Transportation. As stated above, TSA
estimated that the proposed rule would
only affect 48 of these operators. It is
likely that the 48 operators represent a
subset of the firms TSA identified in the
Census data described above.
By adding the estimated number of
TFSSP, PCSSP, and TFSSP–AC
operators together, TSA was able to
conclude that the proposed rule would
affect a total of 774 currently regulated
operators. In 2003, pursuant to another
rulemaking, TSA estimated that of 767
TFSSP, TFSSP–AC, and PCSSP
operators, all but 15 were small entities.
Typically, these types of operators are
independently owned and operated, and
rarely employ more than 1,500
employees, making them small entities
according to the SBA. Given that TSA
has not received any new data on these
operators since 2003, and given the lack
of detail in the Census Bureau data, the
Agency assumed for the purposes of this
analysis that all but 15 of the 774
operators that would be affected by this
NPRM are small entities. The Agency
seeks comment on this preliminary
conclusion.
Newly Regulated Aircraft Operators
The proposed rule would also cover
any aircraft operator using an aircraft
having a MTOW greater than 12,500
pounds. Such operators primarily
conduct operations under 14 CFR part
91 and 14 CFR part 125. Currently, these
types of operators are generally not
covered by existing security regulations.
Part 91 operations, commonly referred
to as GA operations, can be undertaken
for a wide range of purposes, but a basic
distinction is drawn between flight
activity used to provide ‘‘common
carriage’’ and other flight activity.
Common carriage means any operation
for compensation or hire where the
operator holds itself out as willing to
furnish transportation to any member of
the public seeking the services offered.
The operator openly offers a service for
a fee (by advertising or any other means)
to members of the public.
In contrast, ‘‘private’’ or ‘‘noncommon carriage’’ does not involve
offering or holding out by the operator
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
through advertising or any other means.
Non-common carriage includes the
following:
• Carriage of operator’s own
employees or property.
• Carriage of participating members
of a club.
• Carriage of persons and property,
which is only incidental to the
operator’s primary business.
• Carriage of persons or property for
compensation or hire under a
contractual business arrangement that
did not result from the operator’s
holding out or offering. In this situation,
the customer seeks out an operator to
perform the desired service and enters
into an exclusive mutual agreement; the
operator does not seek out the customer.
Under the proposed rule, both
common carriage and non-common
carriage large aircraft operators would
be required to establish and implement
the security requirements of the LASP.
Those firms operating under common
carriage have been discussed in the
currently regulated section of this IRFA;
the following discussion relates to noncommon carrier operations.
Part 125 of 14 CFR applies to some
large aircraft operations that may
provide private carriage (but not
common carriage). Part 125 governs the
operation of large aircraft that are able
to carry 6,000 pounds or more of
payload capacity and 20 or more
passenger seats.
In conducting research for the
Regulatory Evaluation, TSA subject
matter experts determined that the
proposed rule would affect 9,000
aircraft operators regulated by 14 CFR
part 91, and 61 aircraft operators
regulated by 14 CFR part 125. Due to the
unique conditions under which these
firms conduct operations, TSA could
not identify the respective NAICS codes
for these operators. Consequently, TSA
could not determine the small entity
size standards for these businesses.
Without this information, TSA could
not reliably estimate the number of
small entities operating aircraft in these
operating categories. Moreover, TSA
could not find reliable revenue and
employee data for these firms, further
complicating the effort.
Given the constraints discussed
above, TSA could only conclude that
the proposed rule would affect between
0 and 9,000 small entities currently
regulated by 14 CFR part 91, and
between 0 and 61 small entities
currently regulated by 14 CFR part 125.
TSA seeks comment on information that
would allow it to refine its estimate of
small entities as defined by the RFA.
PO 00000
Frm 00041
Fmt 4701
Sfmt 4702
64829
Airport Operators
Airports that would be affected by the
proposed rule include airports regularly
serving scheduled or public charter
operations in large aircraft and ‘‘reliever
airports,’’ as designated by the Secretary
of Transportation. TSA determined
approximately 42 airports regularly
serving scheduled or public charter
operations and 273 reliever airports
would be subject to the proposed rule,
a total of 315 airports.
The 42 affected airports TSA has
identified that regularly serve scheduled
or public charter operations and do not
already have a TSA security program are
all owned by public entities. Because
the airports are publicly owned, the
Census Bureau classifies them using
NAICS Code 926120, Regulation and
Administration of Transportation
Programs.
Reliever airports are airports
designated by the FAA to relieve
congestion at commercial service
airports and to provide improved GA
access to members of the local
community.39 The 273 reliever airports
that would be impacted by the rule are
owned by public entities—such as State
and local governments—and private,
for-profit concerns. The publicly—and
privately-owned airports, due to their
different ownership characteristics, are
classified by different NAICS codes by
the U.S. Census Bureau. Privatelyowned airports are classified by NAICS
code 48811, Airport Operations, while
publicly owned airports are classified
by NAICS code 926120, Regulation and
Administration of Transportation
Programs.
NAICS 48811—Airport Operations
Private firms operating reliever
airports fall into NAICS code 48811,
Airport Operations. The SBA defines
firms in this industry with less than
$6.5 million in annual revenues as
small. To discern the number of small
firms likely to be impacted by the
proposed rule, TSA first obtained data
on the total number affected reliever
airports from FAA. From the FAA
information, which identified 273 total
reliever airports that would be subject to
the rule, TSA was able to identify 46
privately-held reliever airports.
Unfortunately, TSA could not find
any revenue information on the 46
privately-owned reliever airports,
making it impossible to determine if
39 U.S. Department of Transportation, Federal
Aviation Administration, ‘‘Categories of Airports,’’
Available from: https://www.faa.gov/
airportslairtraffic/airports/planninglcapacity/
passengerlallcargolstats/categories/. Accessed on
February 28, 2007.
E:\FR\FM\30OCP2.SGM
30OCP2
64830
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
they are classified as small entities.
However, given that the average annual
revenues in the industry were $3.8
million in 2002, well below the $6.5
million threshold set by SBA, it is likely
that some of the affected firms are small
entities. Due to the lack of available
revenue data, TSA assumed for the
purposes of this analysis that there are
between 0 and 46 small entities in this
industry that would be impacted by the
rule. TSA seeks comment on this
assumption.
NAICS 926120—Regulation and
Administration of Transportation
Programs
As previously stated, publicly owned
reliever airports likely fall into NAICS
code 926120, Regulation and
Administration of Transportation
Programs. Because firms in this industry
are not privately held, for-profit
companies, the SBA does not use
revenue or employment measures to
determine if they are small entities.
Instead, the SBA uses the population
of the government jurisdiction that
owns the firm to determine if it is a
small governmental jurisdiction.
Specifically, sec. 601(5) of the RFA
defines small governmental
jurisdictions as governments of cities,
counties, towns, townships, villages,
school districts, or special districts with
a population of less than 50,000.40
To determine if the proposed rule
would have an impact on any small
governmental jurisdictions, TSA again
accessed the FAA airport data. Of the
315 affected airports, TSA discerned
that 269 are owned by governments.
After researching the population of all
the affected governments using U.S.
Census Bureau population data, TSA
concluded that between 68 and 74 small
governmental jurisdictions would be
impacted by the proposed rule. See the
figure below.
Summary of Number of Small Entities
Using the data discussed above, TSA
concluded that the NPRM would impact
between 827 and 9,955 small entities.
The ambiguous nature of the revenue
and employee data for the firms in some
of the affected industries, coupled with
the lack of information on operators
covered by 14 CFR part 91 and 14 CFR
part 125, prevented TSA from making a
more refined estimate. See the figure
below.
TOTAL ESTIMATE OF SMALL ENTITIES POTENTIALLY AFFECTED BY THE LASP *
Low
estimate
High
estimate
Industry
SBA size standard
481211
Nonscheduled Chartered Passenger
Air Transportation.
1,500 employees .............................
759
774
481212
..........................................................
............
............
U
Nonscheduled Chartered Freight Air
Transportation.
U ......................................................
U ......................................................
0
9,061
48811
Airport Operations ............................
$6.5 million in annual revenue ........
0
46
Newly Regulated Aircraft Operators
(14 CFR part 91, 14 CFR part
125).
Privately-Owned Airports ..................
40 Regulatory Flexibility Act, Public Law 96–354,
Sep. 19, 1980, 94 Stat. 1164 (codified at 5 U.S.C.
601).
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
PO 00000
Frm 00042
Fmt 4701
Sfmt 4702
E:\FR\FM\30OCP2.SGM
30OCP2
EP30OC08.004</GPH>
NAICS
code
Currently Regulated Aircraft Operators (TFSSP, PCSSP, TFSSP–
AC).
sroberts on PROD1PC70 with PROPOSALS
Operator
classification
64831
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
TOTAL ESTIMATE OF SMALL ENTITIES POTENTIALLY AFFECTED BY THE LASP *
Low
estimate
High
estimate
Operator
classification
NAICS
code
Industry
SBA size standard
Public Airports ...................................
926120
Regulation and Administration of
Transportation Programs.
50,000 population of governmental
jurisdiction.
68
74
Total ...........................................
..............
..........................................................
..........................................................
827
9,955
* Total Small Entities Impacted: The NPRM would impact between 827 and 9,957 small entities.
Source: 2002 Economic Census, FAA, SBA, TSA calculations.
Notes: U means data unavailable.
The data used to determine the
number of impacted small entities in
this analysis exhibit some critical
shortcomings. First, TSA did not have
access to any comprehensive
employment data for some of the
affected aircraft operators in the
nonscheduled air transportation
industry.
Second, TSA was unable to access
comprehensive revenue or employment
data for the aircraft operators offering
services under 14 CFR part 91 and 14
CFR part 125. Additionally, TSA could
not identify the appropriate NAICS
codes for these operators, making it
impossible to identify the size standard
that would be necessary to determine if
the firms are large or small.
Third, TSA could not obtain revenue
data for firms operating privately-owned
reliever airports, making it impossible to
generate an accurate estimate of the
number of small entities in that
industry.
Finally, TSA was unable to find
reliable information on some of the
governmental jurisdictions operating
covered airports. This situation
prevented TSA from making a more
accurate estimate of the number of small
governmental jurisdictions that would
be subject to the proposed rule.
Due to the reasons described above,
TSA may have under- or over-estimated
the number of affected small entities.
TSA seeks comment on this possibility.
ranges rather than absolute values in
order to reflect the uncertainty
surrounding different estimates.
Description and Estimate of Compliance
Requirements
The proposed rule would require
firms operating certain classes of aircraft
and airports to undertake a number of
measures aimed at increasing civil
aviation security. This section of the
analysis provides a brief description of
each requirement, followed by an
estimate of the unit cost per operator to
comply with each requirement. This
part of the analysis also attempts to
make an initial determination on
whether the proposed rule would have
a significant economic impact on a
substantial number of small entities.
Given the operational and regulatory
differences between the various firms
that would be affected by the proposed
rule, compliance requirements and their
attendant costs are described separately
for currently regulated aircraft
operators, newly regulated aircraft
operators, and airport operators.
Furthermore, costs are estimated as
Currently regulated aircraft operators
affected by the proposed rule would be
required to submit a profile containing
several pieces of information and to
develop and submit a security program.
TSA would make available to all
covered aircraft operators a template
Large Aircraft Standard Security
Program that operators would have the
option to either accept without
modification or use as the basis of
developing their own security program.
In estimating costs for this requirement,
TSA assumed that nearly all covered
operators would choose to adopt the
template security program. These
requirements would impose costs on
currently regulated aircraft operators,
which are shown in the figure below.
For a more robust discussion on how
TSA estimated these costs, see the
section on security programs and
profiles located above in the Regulatory
Evaluation.
Currently Regulated Aircraft Operators
Security Programs and Profiles
UNIT COST: SECURITY PROGRAMS/PROFILES, CURRENTLY REGULATED AIRCRAFT OPERATORS
Hours
Total unit cost
Hourly compensation
Low
Primary
High
Low
Primary
High
a
b
c
d
(a) × (b)
(a) × (c)
(a) × (d)
$62.43 ..................................................................................................................
2
4
6
$125
$250
$375
sroberts on PROD1PC70 with PROPOSALS
Security Coordinator Duties
Currently regulated aircraft operators
have existing security coordinators and
would not incur new costs as a result of
this requirement.
Security Threat Assessments for Flight
Crews
Aircraft operators offering services
under existing security regulations must
utilize flight crew personnel that have
undergone a criminal history records
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
check. The proposed rule would require
LASP aircraft operators to begin
ensuring that their flight crewmembers
undergo STAs and would limit the
validity of a STA to five years. As
proposed, the STA would consist of a
CHRC and a check against government
terrorism watch-lists and related
databases. Existing aircraft operators
currently pay an estimated $30 to $35
for CHRCs; however, the collection
system used by these operators does not
PO 00000
Frm 00043
Fmt 4701
Sfmt 4702
include the terrorism check component
of the proposed STA. As a result, TSA
intends to establish a new system to
enable it to process STA applications
from covered aircraft operators. TSA is
thus proposing a fee of $74 to recover
its costs associated with this new
system and the processing of STAs.
Flight crewmembers of currently
regulated aircraft operators would be
required to submit a new STA
application upon publication of a final
E:\FR\FM\30OCP2.SGM
30OCP2
64832
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
rule if their most recent CHRC had been
completed five or more years prior to
the compliance date of the final rule.
Flight crewmembers having CHRCs
completed within five years prior to the
compliance date in a final rule would be
required to submit a STA application
once five years had passed since their
CHRC. Since TSA instituted the existing
operator security programs in early
2003, several existing operators may
need to conduct a STA on their flight
crewmembers in the first year of the
LASP.
Because this represents a new
requirement, TSA used the full
proposed fee, plus opportunity costs, to
estimate a unit cost to existing operator
small entities. As noted above, the
proposed fee is $74. TSA estimated
opportunity costs would consist of 0.5
hours of flight crewmember time to
provide the information required for the
STA application and to have
fingerprints taken. Using an average
wage rate of $51.40 for aircraft operator
flight crews,41 30 minutes represents an
opportunity cost of $25.70 per STA, for
a total STA unit cost of $99.70. TSA
estimated existing operators each
employ an average of 18 flight
crewmembers based on data provided
by TSA subject matter experts and the
American Association of Airport
Executives, the entity that processes
existing operator CHRCs. Based on an
assumed turnover rate of 15 percent,
however, TSA estimated that on average
an existing operator would have only
about eight crewmembers whose CHRCs
would be expired under the proposed
rule. Thus, the maximum per-operator
cost for STAs would be approximately
$800.
TSA has determined that in most
UNIT COST: SECURITY THREAT ASSESSMENTS,
CURRENTLY REGU- cases affected operators already comply
with the anticipated inspection
LATED AIRCRAFT OPERATORS
Unit fee (inc. opportunity costs)
Flight crewmember
STAs
Total unit
cost per
operator
a
b
(a × b)
$99.70 ...............
8
$800
Control of Access to Weapons
Aircraft operators utilizing the
TFSSP-All Cargo would be required to
control access to weapons. Presently,
these operators are required to ‘‘apply
the security measures in its security
program for persons who board the
aircraft for transportation, and for their
property, to prevent or deter the carriage
of any unauthorized persons, and any
unauthorized weapons, explosives,
incendiaries, and other destructive
devices, items, or substances.’’ 42 The
proposed rule modifies current law by
inserting between ‘‘unauthorized
weapons’’ the words ‘‘or accessible.’’
TSA has determined this requirement
would have a de minimis impact,
because few passengers are carried
aboard such flights and operators are
already required to screen them.
Further, operators would have a variety
of means of rendering weapons
inaccessible to passengers.
Check of Accessible Property
The proposed rule would require an
aircraft operator to inspect, pursuant to
the terms and method in its security
program, any property brought on board
that would be accessible to the cabin.
Property, for this section, is defined as
any container, cargo, or company
material that may be used to hide a
stowaway or explosives, incendiaries or
other destructive devices.
requirements during the normal course
of the pre-flight check. Costs associated
with this responsibility are captured in
the security coordinator duties above.
Because currently regulated aircraft
operators are not expected to incur any
marginal costs for security coordinators,
this requirement also would not add any
additional costs for these operators.
Watch-List Matching
The proposed regulation would
require each aircraft operator to request
and obtain certain passenger
information from every passenger on
each flight operated by the aircraft
operator, and transmit the information
to an entity approved by TSA to
conduct watch-list matching (known as
a watch-list service provider). Any
changes to the passenger information
prior to boarding would be required to
be resent to the watch-list service
provider.
TSA has estimated the compliance
costs for this requirement as the 10-year
undiscounted cost of WLSP averaged
over the forecast number of flights. This
average cost per flight multiplied by the
average flights per operator produces an
estimated annual cost per operator for
WLSP. TSA estimates the cost for
compliance would range from $245 to
$736 per operator with a primary cost
estimate of $491 per operator. To the
extent that small entities may make
fewer flights per year than large entities,
the actual impact to small entities may
be lower. However, TSA believes these
costs provide a conservative estimate of
the impact to small operators. For more
discussion on the costs of this
requirement, see the section on watchlist matching above, located in the
Regulatory Evaluation.
Cost estimates
Components
Low
WLSP Costs ..........................................................................................................................
Flight Forecast .......................................................................................................................
Cost per Flight .......................................................................................................................
Flights per Operator ...............................................................................................................
Cost per Operator ..................................................................................................................
sroberts on PROD1PC70 with PROPOSALS
Audits of Aircraft Operators
Under the proposed rule, each aircraft
operator must contract with an auditor
approved by TSA to conduct an audit of
41 The flight crew wage reported here is a
weighted average of the following occupations from
the 2006 NBAA Salary Survey: Aviation
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
the aircraft operator’s compliance with
its security program.
Based on similar audits undertaken
relative to other federal aviation
programs, TSA estimated the cost for
Department Manager II (does some flying), Chief
Pilot, Senior Captain, and Copilot.
PO 00000
Frm 00044
Fmt 4701
Sfmt 4702
Primary
$22,787,364
87,932,347
$0.26
946
$245
$45,574,727
87,932,347
$0.52
946
$491
High
$68,362,091
87,932,347
$0.78
946
$736
these audits to be approximately $2,257
per audit, on average. Currently, audits
are performed to review safety,
operations, and maintenance. TSA
anticipates that many of these firms will
42 49
E:\FR\FM\30OCP2.SGM
CFR 1544.202.
30OCP2
64833
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
offer the ‘‘security’’ audit as part of their
offerings to their current customers and,
perhaps, where feasible, bundle the
security audit with already scheduled
audits.
Based on interviews with 3
International Standard for Business
Aircraft Operations auditors, TSA
estimated costs for audits could range
from $1,464 to $3,050. As stated above,
of the proposed rule for currently
regulated aircraft operators. As
described above, TSA estimated that
between 759 and 774 currently
regulated small entities would be
impacted by the proposed rule.
TSA adopted the average of $2,257 as its
primary estimate. For more discussion
on these costs, see the section in the
Regulatory Evaluation that describes
this requirement.
Total Cost per Currently Regulated
Aircraft Operator
The following figure is a summary of
the requirements and compliance costs
TOTAL COMPLIANCE UNIT COST, CURRENTLY REGULATED AIRCRAFT OPERATORS
Unit cost
Requirement
Low
Primary
High
Security Programs and Profiles .................................................................................................................................
Security Coordinator Duties .......................................................................................................................................
STAs for Flight Crew .................................................................................................................................................
Control Access to Weapons ......................................................................................................................................
Screening of Accessible Property .............................................................................................................................
Watch-list Matching ...................................................................................................................................................
Audits .........................................................................................................................................................................
$125
..............
800
..............
..............
245
1,464
$250
..............
800
..............
..............
491
2,257
$375
..............
800
..............
..............
736
3,050
Total ....................................................................................................................................................................
2,634
3,797
4,960
Given the uncertainty in this analysis,
it was difficult for TSA to conclusively
determine if the proposed rule would
have a significant economic impact on
a substantial number of currently
regulated aircraft operators. Although
neither the RFA nor the SBA define the
term ‘‘significant economic impact,’’
TSA attempted to compare compliance
costs to average firm revenues to
determine if the rule would have a
considerable economic impact on
covered small entities. Unfortunately,
this review proved difficult due to the
lack of revenue data on covered firms.
As previously stated, currently
regulated aircraft operators are likely
categorized by the Census Bureau using
NAICS codes 481211, Nonscheduled
Chartered Passenger Air Transportation,
and 481212, Nonscheduled Chartered
Freight Air Transportation. In 2002,
according to the Economic Census,
firms in these industries earned annual
revenues of approximately $3.9 million
and $5.0 million, respectively. For a
firm with average annual revenues in
not believe the proposed rule would
represent a significant economic impact
on a substantial number of currently
regulated aircraft operators. TSA
requests comment on this preliminary
determination.
either of these industries, a compliance
cost of approximately $2,634 to $4,960
would not likely constitute a significant
economic impact, given that the cost
would equal less than 1 percent of
annual revenues.
For the proposed rule to have a
significant economic impact on a
currently regulated aircraft operator, the
aircraft operator would likely have to
earn annual revenues of approximately
$367,000 or less. In this scenario, the
highest estimated compliance costs
associated with the proposed rule
would represent approximately 1
percent of the firm’s annual revenue.
While conducting research for this
analysis, TSA was unable to acquire
comprehensive revenue data on
currently regulated aircraft operators,
and therefore could not make a
conclusive determination on whether
these firms would experience a
significant economic impact under the
proposed rule. However, in light of the
average annual revenues of firms in the
respective industries in 2002, TSA does
Newly Regulated Aircraft Operators
Security Programs and Profiles
As described above, covered aircraft
operators would be required to submit
a profile to TSA and to develop and
submit a security program. TSA
estimated it would take newly regulated
aircraft operators between 8 and 16
hours to review the template security
program, assemble the requisite profile
information, and submit the requisite
documents to TSA for review. TSA
assumed an average of 12 hours for its
primary estimate. To calculate costs for
newly regulated aircraft operators to
review security programs and submit
the required profile information, TSA
again multiplied the estimated hourly
range by the hourly wage of $62.43.
UNIT COST: SECURITY PROGRAMS/PROFILES, NEWLY REGULATED AIRCRAFT OPERATORS
Hours
Total unit cost
Hourly compensation
Primary
High
Low
Primary
High
a
sroberts on PROD1PC70 with PROPOSALS
Low
b
c
d
(a × b)
(a × c)
(a × d)
$62.43 ..................................................................................................................
8
12
16
$500
$750
$1,000
Security Coordinator Duties
Newly regulated large aircraft
operators would be required to
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
designate Aircraft Operator Security
Coordinators (AOSC), Ground Security
Coordinators (GSC), and In-Flight
Security Coordinators (ISC), and ensure
PO 00000
Frm 00045
Fmt 4701
Sfmt 4702
they are properly trained. Each security
coordinator position would have unique
responsibilities; however, aircraft
operator employees could be trained to
E:\FR\FM\30OCP2.SGM
30OCP2
64834
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
serve as one or all three of these
positions.
The principal AOSC or an alternate, if
applicable, must be available for contact
by TSA 24 hours a day, seven days a
week to ensure TSA is able to quickly
disseminate any intelligence of a threat
to a specific aircraft operator or industry
segment. The AOSC bears the further
responsibility for maintaining any and
all records necessary to demonstrate to
an auditor or TSA inspector the aircraft
operator’s compliance with its security
program. In addition to these AOSC
duties, security coordinators are
responsible for the enforcement of
policies and procedures relative to the
security of the aircraft, including the
vetting of crew (where required) and
passengers which must be carried out in
accordance with the operator’s security
program. Many of the aircraft operator
requirements discussed in the following
cost sections fall under the
responsibility of the security
coordinators.
TSA estimated the amount of time
security coordinators of newly regulated
aircraft operators would spend on their
duties. For a detailed discussion of
these estimates, see the section on
security coordinator duties in the
Regulatory Evaluation. The figure below
displays the annual cost per operator of
having an AOSC.
UNIT COST: SECURITY COORDINATOR DUTIES, NEWLY REGULATED AIRCRAFT OPERATORS
Hours
Total unit cost
Hourly
compensation
Low
Primary
High
Low
Primary
High
a
b
c
d
(a × b)
(a × c)
(a × d)
$53.59 ..................................................................................................................
164
284
404
$8,780
$15,210
$21,650
Newly regulated aircraft operators
would also need to ensure that security
coordinators underwent appropriate
security training in order to carry out
their required functions. The AOSC
would thus coordinate with TSA to
provide training to GSCs and ISCs.
Training would cover topics such as
procedures to notify authorities when
dealing with suspect items,
unauthorized access to the aircraft,
threat notification and response,
implementation of security directives,
and other security related topics.
Security coordinators would be required
to complete both an initial training
course and annual recurring training.
TSA again provided a range of estimates
of the amount of time newly regulated
operators would spend conducting new
and recurring training.
For the purposes of estimating costs
for this IRFA, TSA assumed that an
operator would need to conduct an
initial and recurring training of GSCs
and ISCs in one year. Although this
timeframe is unlikely, TSA feels that it
is a conservative assumption that
accounts for the maximum potential
cost of this requirement.
UNIT COST: SECURITY COORDINATOR TRAINING, NEWLY REGULATED AIRCRAFT OPERATORS
Unit cost
Requirement
Low
Primary
High
New Training ..............................................................................................................................................................
Recurring Training .....................................................................................................................................................
$460
230
$680
340
$890
440
Total ....................................................................................................................................................................
690
1,020
1,330
Security Threat Assessments for Flight
Crews
The proposed rule would also require
newly regulated aircraft operators to
ensure that their flight crewmembers
undergo security threat assessments.
The STA process would require each
flight crewmember to submit
fingerprints, along with information
such as name, date and place of birth,
Social Security Number (voluntary), and
other information necessary for TSA to
determine whether an applicant has
committed a disqualifying crime or
poses a threat to transportation or
national security. For a comprehensive
discussion of how TSA derived the total
cost of this provision, see the section of
the Regulatory Evaluation that describes
this requirement.
For the purposes of estimating costs
for this IRFA, TSA estimated the cost of
flight crews obtaining STAs on a per
operator basis. Based on input from TSA
subject matter experts, TSA assumed 1.5
flight crewmembers per aircraft, and 1.8
aircraft per Part 91 operator and 4
aircraft per part 125 operator. The figure
below displays the average cost that
each newly regulated operator would
incur as a result of this NPRM.
UNIT COST: SECURITY THREAT ASSESSMENTS, NEWLY REGULATED AIRCRAFT OPERATORS
Total unit cost
sroberts on PROD1PC70 with PROPOSALS
Requirement
Low
Security Threat Assessment ......................................................................................................................................
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
PO 00000
Frm 00046
Fmt 4701
Sfmt 4702
E:\FR\FM\30OCP2.SGM
30OCP2
$580
Primary
$580
High
$580
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
Control of Access to Weapons
As described in the more
comprehensive Regulatory Evaluation
and in the section on currently
regulated aircraft operators of this IRFA,
this requirement is anticipated to have
a de minimis impact on covered
operators.
Check of Accessible Property
As previously stated, TSA determined
that in most cases affected operators
already comply with the anticipated
inspection requirements during the
normal course of the pre-flight check.
Costs associated with this responsibility
are captured in the security coordinator
duties above.
Watch-List Matching
The estimated cost for WLSP
compliance is the same for the newly
covered and existing operators. TSA
utilizes the same methodology as above
to estimate the total unit compliance
cost for newly regulated aircraft
operators. TSA estimates the cost for
compliance would range from $245 to
$736 with a primary cost of $491 per
operator.
Audits of Aircraft Operators
Under the proposed rule, each aircraft
operator must contract with an auditor
approved by TSA to conduct an audit of
the aircraft operator’s compliance with
its security program. The cost of this
requirement for newly regulated aircraft
operators would be identical to the cost
64835
for currently regulated operators. TSA
estimated that the unit cost of an audit
would range from $1,464 to $3,050, with
$2,257 being TSA’s primary estimate for
the cost of this requirement.
Total Cost per Newly Regulated Aircraft
Operator
The following figure is a summary of
the requirements and compliance costs
of the proposed rule for newly regulated
aircraft operators. TSA estimated that
the cost of complying with the proposed
rule would range from $12,259 to
$28,356 for newly regulated aircraft
operators. As described above, TSA
estimated that between 0 and 9,061
small entities in this operator category
would be impacted by the proposed
rule.
TOTAL COMPLIANCE UNIT COST, NEWLY REGULATED AIRCRAFT OPERATORS
Unit cost
Requirement
Low
Security Programs and Profiles .....................................................................................................................
Security Coordinator Duties ...........................................................................................................................
STAs for Flight Crew .....................................................................................................................................
Control Access to Weapons ..........................................................................................................................
Screening of Accessible Property .................................................................................................................
Watch-list Matching .......................................................................................................................................
Audits .............................................................................................................................................................
Total ........................................................................................................................................................
sroberts on PROD1PC70 with PROPOSALS
TSA again encountered analytical
difficulties when attempting to
determine if the proposed rule would
have a significant economic impact on
a substantial number of newly regulated
aircraft operators. As previously stated,
TSA was unable to acquire annual
revenue data for these operators. This
lack of information prevented TSA from
making a conclusive determination of
the rule’s impact on small entities in
this operator category.
For the proposed rule to have a
significant economic impact on a newly
regulated aircraft operator, the aircraft
operator would likely have to earn
annual revenues of $2.7 million or less.
If a firm with this level of annual
revenues incurred compliance costs of
$28,356 (the high estimate in the figure
above), it would represent 1 percent of
annual revenue. Given the uncertainty
in its estimates, TSA requests comment
on whether the proposed rule would
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
have a significant economic impact on
a substantial number of newly regulated
aircraft operators.
Airport Operators
Security Programs and Profiles
The proposed rule would require
certain privately-owned airports to
develop security programs and submit
security profiles to TSA. TSA would
make available a template partial airport
security program that operators would
have the option to either accept without
modification or use as the basis of
developing their own security program.
To calculate the unit cost for airports
to comply with this requirement, TSA
assumed that nearly all covered airport
operators would choose to adopt the
template security program, thereby
minimizing the cost of implementing
this requirement. Second, TSA
estimated it would take these newly
PO 00000
Frm 00047
Fmt 4701
Sfmt 4702
Primary
High
$500
9,470
580
..................
..................
245
1,464
$750
16,230
580
..................
..................
491
2,257
$1,000
22,990
580
..................
..................
736
3,050
$12,259
$20,308
$28,356
regulated private airport operators
between 8 and 16 hours to review and
implement the template security
program and assemble the requisite
profile information. TSA adopted an
average of 12 hours as its primary
estimate. Finally, TSA multiplied each
hour estimate by a middle management
wage rate of $31.24 per hour to generate
a unit cost between $250 and $500, with
a primary estimate of $375. The
requirement to adopt and submit
security programs and profiles is not
recurring; therefore, airport operators
would only incur this cost once over the
ten-year period of analysis. This
estimate does not include completion of
a risk-based self-assessment tool that
may complement the security program.
TSA has requested comments on
whether such a tool should be
mandatory but has not set it forth as a
requirement in the proposed rule.
E:\FR\FM\30OCP2.SGM
30OCP2
64836
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
UNIT COST: SECURITY PROGRAMS/PROFILES, AIRPORT OPERATORS
Hours
Total unit cost
Hourly compensation
Low
Primary
High
Low
Primary
High
a
b
c
d
(a × b)
(a × c)
(a × d)
$31.24 ..................................................................................................................
8
12
16
$250
$375
$500
Airport Security Coordinators
The proposed rule would also require
airport operators to maintain airport
security coordinators (ASC). For a more
in-depth discussion of this requirement,
see the airport security coordinator
section of the Regulatory Evaluation.
TSA estimated airport security
coordinators would spend an average of
between 0.5 and 1 hour per week on
their duties, adopting 0.75 hours per
week as its primary estimate. To
calculate the cost on an annual basis,
TSA translated the weekly hour
estimates into annual estimates of 26,
39, and 52 hours, respectively. Finally,
to calculate the unit cost associated with
this requirement, TSA multiplied the
anticipated number annual hours by the
ASC average hourly cost of
compensation. See the figure below.
UNIT COST: SECURITY COORDINATOR DUTIES, AIRPORT OPERATORS
Hours
Total unit cost
Hourly compensation
Low
Primary
High
Low
Primary
High
a
b
c
d
(a × b)
(a × c)
(a × d)
$31.24 ..................................................................................................................
26
39
52
$810
$1,220
$1,620
Airport security coordinators would
need to undergo training to comply with
the proposed rule. TSA training
requirements for airport security
coordinators differ from those for
aircraft operator security coordinators.
ASC training is only offered twice per
year by the American Association of
Airport Executives. This 8-hour training
course is taught by professional trainers
and requires payment of a $350
registration fee. Since this training is
offered at a single location, TSA
estimated ASCs would need to expend
an additional $450 to cover travel and
other incidental expenses. TSA assumed
the need to travel to and from the
training would effectively add an
additional eight hours to the training.
To estimate the cost of this
requirement, the eight hours of class
time are added to the eight hours of
assumed travel time for a total of 16
hours of compensated ASC time. TSA
estimated airports would need to train
between one and three ASCs in order to
meet the requirements that an ASC be
available 24-hours per day. Without
more detailed information, TSA adopted
the average for its primary estimate. See
the figure below for a summary of the
costs of complying with this
requirement. TSA has requested
comments on whether it should adopt a
self-paced training program for these
airports that would reduce the impact of
this requirement. For the purposes of
the RFA, however, TSA estimated costs
for this requirement as it is proposed in
the NPRM.
UNIT COST: SECURITY COORDINATOR TRAINING, AIRPORT OPERATORS
Unit cost
Training cost item
Low
Primary
High
Training Course Fee ............................................................................................................................................
Travel Expenses ..................................................................................................................................................
ASC Compensation .............................................................................................................................................
................
................
$500
$350
450
1,000
................
................
$1,500
Total ..............................................................................................................................................................
1,300
1,800
2,300
Total Cost per Airport Operator
Using the estimates described above,
TSA concluded that the proposed rule
would impose a compliance cost of
between approximately $2,360 and
$4,420 per airport operator. The range of
compliance costs reflects the
uncertainty surrounding many of the
variables used to generate the estimates.
See the figure below.
sroberts on PROD1PC70 with PROPOSALS
TOTAL COMPLIANCE UNIT COST, AIRPORT OPERATORS
Unit cost
Requirement
Low
Security Program and Profile ....................................................................................................................................
ASC Duties ................................................................................................................................................................
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
PO 00000
Frm 00048
Fmt 4701
Sfmt 4702
E:\FR\FM\30OCP2.SGM
30OCP2
$250
810
Primary
$375
1,220
High
$500
1,620
64837
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
TOTAL COMPLIANCE UNIT COST, AIRPORT OPERATORS—Continued
Unit cost
Requirement
Low
Primary
High
1,300
1,800
2,300
Total ....................................................................................................................................................................
sroberts on PROD1PC70 with PROPOSALS
ASC Training .............................................................................................................................................................
2,360
3,395
4,420
After making the estimates described
above, TSA has initially concluded that
the proposed rule would not impose a
significant economic impact on a
substantial number of privately-owned
airport operators. In 2002, the latest year
for which data are available, firms in
this industry earned on average
approximately $3.8 million in annual
revenue according to the U.S. Census
Bureau. The cost of complying with the
proposed rule, as calculated above,
would therefore represent less than 1
percent of revenue for a firm with
average industry revenues.
Alternatively, if an airport operator
incurred the highest estimated
compliance cost described above
($4,420), it would need annual revenues
of less than $442,000 for the proposed
rule to impose costs of 1 percent of firm
revenue. Consequently, TSA has
initially determined that the rule would
not impose a significant economic
impact on these types of firms. TSA
seeks comment on this preliminary
conclusion.
As stated above, the proposed rule
would also affect publicly owned
airports. These airport operators would
have to follow the same requirements as
privately-held airport operators: adopt
security programs, submit security
profiles to TSA, and designate and
maintain airport security coordinators.
Because the requirements for these
airports are the same as for the
privately-owned airports, TSA
estimated the unit compliance costs
using the same methodology. As stated
above, TSA calculated that the proposed
rule would impose a cost of between
$2,360 and $4,420 per airport operator.
Although these airports are publicly
owned, TSA was unable to locate
revenue information for them. The
Agency was thus unable to compare
compliance costs to revenue in order to
make a judgment on whether the costs
represent a significant economic impact
to these firms.
TSA therefore requests comment on
whether the proposed rule would have
a significant economic impact on the 68
to 74 publicly owned small airport
operators that TSA identified in its
research. Specifically, TSA requests any
information that would allow it to
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
compare estimated compliance costs to
revenues typically earned by these types
of airport operators.
TSA requests comments that would
enable it to quantify these impacts.
Significant Alternatives Considered
TSA considered requiring all large
aircraft operators to conduct watch-list
matching as currently done under the
Twelve-Five and Private Charter Rules.
These aircraft operators currently run
their passengers against the No Fly List,
which they retrieve from TSA. The
proposed rule would require aircraft
operators to send passenger information
to a TSA-approved watch-list service
provider. The alternative to the
proposed rule is to extend the current
method of watch-list matching under
the Twelve-Five and Private Charter
Rules to large aircraft operators that are
not currently required to have a security
program. Operationally, this would
require that a total of approximately
9,835 aircraft operators have direct
access to the watch-list from TSA.
TSA has rejected this alternative
based on security grounds. Expanding
direct access to the watch-list from 750
aircraft operators today to 9,835 under
this alternative increases the
opportunity for the list to be
compromised and would contradict
other TSA initiatives to limit
distribution of the watch-lists. To limit
the number of entities that have access
to the watch-list, TSA proposes to
require large aircraft operators to submit
passenger information to a TSAapproved watch-list service provider.
The proposal would reduce the number
of entities with direct access to the
watch-list, thus improving security.
TSA considered four substantive
alternatives to the proposed regulation
that would have reduced compliance
costs for small businesses. First, TSA
considered using the current method of
watch-list matching employed by
aircraft operators under the TFSSP and
PCSSP rules. Second, TSA considered
using TSA inspectors to conduct audits
instead of TSA approved third party
auditors. Third, TSA considered
leveraging the Secure Flight program
currently under development, which
would use a web-based application for
transmission of passenger information
to the Secure Flight vetting engine.
Fourth, TSA evaluated the incremental
impact of raising the aircraft weight
threshold from 12,500 pounds MTOW
to 16,500 pounds MTOW and the
incremental impact of lowering the
aircraft weight threshold to 10,500
pounds MTOW. This section describes
those alternatives relative to the
proposed regulation. TSA invites
comments on these or other substantive
alternatives to the proposed rule.
TSA Inspectors
TSA considered using TSA inspectors
instead of approved third-party auditors
to complete the audits proposed in the
rule. Under such a scenario, TSA would
need to hire several new employees to
complete the inspections. Each operator
would complete a TSA inspection every
other year. Because TSA would conduct
all of the inspections, aircraft operators
would no longer pay a biennial fee for
audits. This arrangement would reduce
the primary unit cost estimate for newly
regulated small aircraft operators from
$20,308 to $18,051. Assuming a
‘‘significant impact’’ is 1 percent of an
operator’s revenues, this change would
reduce the number of affected small
entities to those having annual revenues
less than $2.5 million. Unfortunately,
TSA was unable to estimate how many
operators would be affected by this
change and, as noted in the alternatives
analysis in the Regulatory Evaluation,
PO 00000
Frm 00049
Fmt 4701
Sfmt 4702
Watch-List Matching
Secure Flight Web-Based Application
TSA has indicated the use of a webbased application for some
transmissions of passenger information
to the Secure Flight vetting engine.
While the design and development of
the Secure Flight web-based application
is in its early stages, TSA subject matter
experts have provided two approaches
to extending an already established
web-based application. These costs
reflect an early stage of development
and cannot, given this early stage,
include costs that may be identified as
TSA proceeds with system
development. The first approach would
E:\FR\FM\30OCP2.SGM
30OCP2
64838
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
be developed and implemented with the
absence of an implemented LASP and
would amount to $23.2 million
undiscounted over ten years. This
approach posits that without an
implemented LASP, Secure Flight
would be required to establish a
relationship with each of the aircraft
operators. TSA would work with aircraft
operators to develop the formatting and
transmission procedures for not only for
the upload of passenger information but
also the download of passenger vetting
results. These out-reach or ramp-up
activities will be borne by the Secure
Flight process. The second approach
would be developed and implemented
with the ability to leverage activities
associated with a fully implemented
LASP and would amount to $24.2
million undiscounted over ten years.
This approach posits that an
implemented LASP would establish a
relationship with each of the aircraft
operators during the initial deployment
of the watch-list service provider
process. During this period both TSA
and the watch-list service providers
would work with aircraft operators to
develop the formatting and transmission
procedures for not only for the upload
of passenger information but also the
download of passenger vetting results.
As a result, Secure Flight would assume
a relatively mature process.
sroberts on PROD1PC70 with PROPOSALS
Comparison of the First Three
Alternatives
TSA opted for the proposed plan as
the more efficient and effective way of
applying its limited compliance and
enforcement resources towards the
objective of increasing security. The use
of third-parties would allow TSA to
meet its security mission into four
important ways.
First, third-party auditors would
increase effective TSA oversight by
reviewing each aircraft operator’s
compliance with its security program
six months after TSA approves its
security program and every two years
thereafter.
Second, given the number of large
aircraft operators (approximately
10,000), the third-party auditor program
would allow TSA to ramp up more
quickly thereby obtaining the
assessment of all large aircraft operators
more quickly relative to a program that
relied solely on TSA inspectors, given
the associated hiring and training
associated with new hires.
Third, the third-party auditor program
would allow TSA to focus more of its
compliance and enforcement resources
on aircraft operators that are
experiencing problems with
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
implementing and complying with their
security programs.
Fourth, the watch-list matching
service providers would provide the
needed security and do so in a timely
fashion. Given the security concerns,
TSA believes a reliable mechanism for
watch-list matching for large aircraft
must be operational without undue
delay. While the Secure Flight Program
would also provide a reliable
mechanism, its development is likely to
be several years away and it is likely
that it would not be available to address
this important security need when TSA
would be ready to implement the LASP.
This proposal is consistent with
current practices in the aviation
industry, which frequently rely on the
Federal Aviation Administration’s
designee program. This type of program
has been successfully implemented in
other related aviation requirements.
Additionally, the GA industry is very
familiar with the third party auditor
concept as it relates to safety
inspections. Many GA operators
undergo third party audits each year to
comply with customer requirements.
The proposal should be easily integrated
into most GA operator’s existing audit
schedules.
Evaluating Different Aircraft Weight
Thresholds
The determination of weight must
take into account a number of factors
such as the effect on international
harmonization, existing policies and
programs, and the economic effect on
the GA community. Discussed below are
two alternatives to the threshold weight
issue.
Alternative 1: Lower threshold weight
to 10,500 pounds MTOW. This solution
will reduce the associated risk and
number of unknown aircraft operators
by incorporating an additional 3,0005,000 aircraft into a mandatory security
program. This alternative would also
include a portion of currently
unregulated types of aircraft, including
large turboprops and smaller jet aircraft.
However, in order to successfully
implement this threshold weight,
significant modifications to existing
security programs and new rulemaking
would be required, which would result
in delayed program/rule timelines.
These additional aircraft require TSA
oversight and place an additional strain
on existing TSA resources. Furthermore,
this change would require additional
international coordination, since TSA
would be moving away from the
globally accepted International Civil
Aviation Organization standards.
TSA estimates the cost impact of
option one, in terms of undiscounted
PO 00000
Frm 00050
Fmt 4701
Sfmt 4702
annualized dollars would add $23.7
million to the undiscounted annualized
cost of the rule as proposed.
Alternative 2: Raise threshold weight
to 16,000 pounds MTOW. This option
would reduce the number of regulated
aircraft and parties by approximately
9,000 aircraft which would ultimately
decrease the inspection requirements on
TSA resources. However, excluding
these aircraft would increase the
potential risk and could result in higher
damage potential. TSA believes that this
increased risk and damage potential of
aircraft between greater than 12,500
pounds MTOW and 16,000 pounds
MTOW are not justified by the
reduction in cost. Furthermore, moving
away from the common greater than
12,500 pounds MTOW threshold will
yield the same concerns discussed in
alternative one.
TSA estimates the cost impact of
option two, in terms of undiscounted
annualized dollars would subtract $26.4
million from the undiscounted
annualized cost of the rule as proposed.
Based on the above discussion and
analysis by TSNM-GA technical experts,
the program office recommends that the
threshold of greater than 12,500 pounds
MTOW be maintained as the recognized
security threshold weight standard for
current and future GA security programs
and policies. Selecting a lower
threshold weight would improve
security because more aircraft would be
subject to the LASP but would also
increase the burden to industry to the
point where the burden may not be fully
supported by increased security.
Selecting a higher threshold weight
would lower the burden on the industry
because a lower number of aircraft
would be subject to the LASP. However,
with this higher threshold weight, the
proposed LASP would not cover many
aircraft that can cause significant
damage if used as a missile or to deliver
a biological, chemical, or nuclear
weapon. TSA believes that mitigating
the potential security risk and damage
potential of large aircraft 16,000 pounds
MTOW or under outweighs the cost
difference. Consequently, TSA believes
that the weight threshold of greater than
12,500 pounds MTOW is the
appropriate balance of risk and burden.
Identification of Duplication, Overlap,
and Conflict With Other Federal Rules
TSA has identified an overlap
between the proposed LASP and U.S.
Customs and Border Protection’s (CBP)
regulations governing its Advance
Passenger Information System (APIS).
CBP requires certain aircraft flying to or
from the United States to submit
passenger manifests to APIS for
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
comparison to the watch-lists. CBP’s
watch-list comparison would thus
duplicate TSA’s proposed requirement
that large aircraft operators submit
passenger information to watch-list
service providers for comparison to the
watch-lists.
In recognition of this overlap, TSA
would exempt a flight from its watchlist requirement flights covered by its
NPRM that also are subject to APIS
regulations.
Preliminary Conclusion
Based on this preliminary analysis,
TSA has made no determination
whether the proposed rule would have
a significant economic impact on a
substantial number of small entities
under section 605(b) of the RFA. TSA
requests comment on all aspects of this
analysis. TSA will make a final
determination in the Final Regulatory
Flexibility Analysis for the Final Rule.
sroberts on PROD1PC70 with PROPOSALS
3. International Trade Impact
Assessment
The Trade Agreement Act of 1979
prohibits Federal agencies from
establishing any standards or engaging
in related activities that create
unnecessary obstacles to the foreign
commerce of the United States.
Legitimate domestic objectives, such as
safety, are not considered unnecessary
obstacles. The statute also requires
consideration of international standards
and, where appropriate, that they be the
basis for U.S. standards. TSA has
assessed the potential effect of this
notice of proposed rulemaking and has
determined this rule would not have an
adverse impact on international trade.
4. Unfunded Mandates Assessment
The Unfunded Mandates Reform Act
of 1995 is intended, among other things,
to curb the practice of imposing
unfunded Federal mandates on State,
local, and tribal governments. Title II
requires each Federal agency to prepare
a written statement assessing the effects
of any Federal mandate in a proposed or
final agency rule that may result in an
expenditure of $100 million or more
(adjusted annually for inflation) in any
one year by State, local, and tribal
governments, in the aggregate, or by the
private sector; such a mandate is
deemed to be a ‘‘significant regulatory
action.’’ This notice of proposed
rulemaking does not exceed this
threshold for State, local, and tribal
governments; however, proposed
security measures for city- or countyowned airports may nevertheless
impose a burden on some small
municipalities. The impact on the
overall economy does exceed the
VerDate Aug<31>2005
18:31 Oct 29, 2008
Jkt 217001
64839
threshold, resulting in an unfunded
mandate on the private sector. This
regulatory evaluation documents costs
and alternatives. TSA will publish a
final analysis, including its response to
public comments, when it publishes a
final rule.
49 CFR Part 1542
A. Executive Order 13132, Federalism
Aircraft, Aircraft operators, Airmen,
Airports, Arms and munitions, Aviation
safety, Explosives, Freight forwarders,
Law enforcement officers, Reporting and
recordkeeping requirements, Security
measures.
TSA has analyzed this notice of
proposed rulemaking under the
principles and criteria of E.O. 13132,
Federalism. We determined that this
action will not have a substantial direct
effect on the States, or the relationship
between the National Government and
the States, or on the distribution of
power and responsibilities among the
various levels of government, and
therefore, does not have federalism
implications.
B. Environmental Analysis
TSA has reviewed this action for
purposes of the National Environmental
Policy Act of 1969 (42 U.S.C. 4321–
4347) and has determined that this
action will not have a significant effect
on the human environment.
C. Energy Impact Analysis
TSA has assessed the energy impact
of the action in accordance with the
Energy Policy and Conservation Act
(EPCA), Public Law 94–163, as amended
(42 U.S.C. 6362). We have determined
that this rulemaking is not a major
regulatory action under the provisions
of the EPCA.
Airports, Arms and munitions,
Aviation safety, Law enforcement
officers, Reporting and recordkeeping
requirements, Security measures.
49 CFR Part 1544
49 CFR Part 1550
Aircraft, Aviation safety, Security
measures.
The Proposed Amendments
In consideration of the foregoing, the
Transportation Security Administration
proposes to amend Chapter XII of Title
49, Code of Federal Regulations, as
follows:
SUBCHAPTER A—ADMINISTRATIVE AND
PROCEDURAL RULES
PART 1515—APPEAL AND WAIVER
PROCEDURES FOR SECURITY
THREAT ASSESSMENTS FOR
INDIVIDUALS
1. The authority for part 1515
continues to read as follows:
Authority: 46 U.S.C. 70105; 49 U.S.C. 114,
5103a, 40113, and 46105; 18 U.S.C. 842, 845;
6 U.S.C. 469.
List of Subjects
2. Amend § 1515.1 by revising
paragraph (a) to read as follows:
49 CFR Part 1515
§ 1515.1
Appeals, Commercial drivers license,
Criminal history background checks,
Explosives, Facilities, Hazardous
materials, Incorporation by reference,
Maritime security, Motor carriers, Motor
vehicle carriers, Ports, Seamen, Security
measures, Security threat assessment,
Vessels, Waivers.
(a) Appeal. This part applies to
applicants who are appealing an Initial
Determination of Threat Assessment or
an Initial Determination of Threat
Assessment and Immediate Revocation
in a security threat assessment as
described in:
(1) 49 CFR part 1572 for a hazardous
materials endorsement (HME) or a
Transportation Worker Identification
Credential (TWIC);
(2) 49 CFR part 1540, subpart C, for
air cargo workers; or
(3) 49 CFR part 1544, subpart G, for
large aircraft flight crew members,
individuals authorized to perform
screening functions, TSA-approved
auditors and watch-list service provider
covered personnel.
*
*
*
*
*
3. Amend § 1515.5 by revising
introductory text in paragraphs (a), (c),
and (h), and adding paragraphs (a)(4)
and (h)(3) to read as follows:
49 CFR Part 1520
Air transportation, Law enforcement
officers, Reporting and recordkeeping
requirements, Security measures.
49 CFR Part 1522
Accounting, Aircraft operators,
Aviation safety, Reporting and
recordkeeping requirements, Security
measures.
49 CFR Part 1540
Aircraft operators, Airports, Aviation
safety, Law enforcement officers,
Reporting and recordkeeping
requirements, Security measures.
PO 00000
Frm 00051
Fmt 4701
Sfmt 4702
E:\FR\FM\30OCP2.SGM
Scope.
30OCP2
64840
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
§ 1515.5 Appeal of Initial Determination of
Threat Assessment based on criminal
conviction, immigration status, or mental
capacity.
(a) Scope. This section applies to
applicants appealing from an Initial
Determination of Threat Assessment
that was based on one or more of the
following:
*
*
*
*
*
(4) TSA has determined that a large
aircraft flight crew member, an
individual authorized to perform
screening functions, an applicant to
become a TSA-approved auditor, or a
watch-list service provider covered
personnel has a disqualifying criminal
offense described in 49 CFR
1544.229(d).
*
*
*
*
*
(c) Final Determination of Threat
Assessment. (1) If the Assistant
Administrator concludes that an HME
or TWIC applicant does not meet the
standards described in 49 CFR
1572.103, 1572.105, or 1572.109, or that
a large aircraft flight crew member, an
individual authorized to perform
screening functions, an applicant to
become a TSA-approved auditor, or a
service provider covered personnel does
not meet the requirements in 49 CFR
607, TSA serves a Final Determination
of Threat Assessment upon the
applicant. In addition—
*
*
*
*
*
(h) Appeal of immediate revocation. If
TSA directs an immediate revocation,
the applicant may appeal this
determination by following the appeal
procedures described in paragraph (b) of
this section. This applies—
*
*
*
*
*
(3) If TSA withdraws a Determination
of No Security Threat issued to a large
aircraft flight crew member, an
individual authorized to perform
screening functions, a TSA-approved
auditor, or a service provider covered
personnel.
4. Amend § 1515.9 by revising the
introductory text in paragraphs (a) and
(f), and adding paragraphs (a)(3) and
(f)(4) to read as follows:
sroberts on PROD1PC70 with PROPOSALS
§ 1515.9 Appeal of security threat
assessment based on other analyses.
(a) Scope. This section applies to an
applicant appealing an Initial
Determination of Threat Assessment as
follows:
*
*
*
*
*
(3) TSA had determined that a large
aircraft flight crew member, an
individual authorized to perform
screening functions, an applicant to
become a TSA-approved auditor, or a
watch-list service provider covered
VerDate Aug<31>2005
18:31 Oct 29, 2008
Jkt 217001
personnel poses a security threat as
provided in 49 CFR 1544.609.
*
*
*
*
*
(f) Appeal of immediate revocation. If
TSA directs an immediate revocation,
the applicant may appeal this
determination by following the appeal
procedures described in paragraph (b) of
this section. This applies—
*
*
*
*
*
(4) If TSA withdraws a Determination
of No Security Threat issued to a large
aircraft flight crew member, an
individual authorized to perform
screening functions, a TSA-approved
auditor, or a service provider covered
personnel.
5. Amend § 1515.11 by revising the
introductory text in paragraph (a) and
adding paragraph (a)(4) to read as
follows:
§ 1515.11 Review by administrative law
judge and TSA Final Decision Maker.
(a) Scope. This section applies to the
following applicants:
*
*
*
*
*
(4) A large aircraft flight crew
member, an individual authorized to
perform screening functions, a TSAapproved auditor, or a service provider
covered personnel, or an applicant to
become one, who has been issued a
Final Determination of Threat
Assessment after an appeal as described
in 49 CFR 1515.5 or 1515.9.
*
*
*
*
*
SUBCHAPTER B—SECURITY RULES FOR ALL
MODES OF TRANSPORTATION
PART 1520—PROTECTION OF
SENSITIVE SECURITY INFORMATION
6. The authority citation for part 1520
continues to read as follows:
Authority: 46 U.S.C. 70102–70106, 70117;
49 U.S.C. 114, 40113, 44901–44907, 44913–
44914, 44916–44918, 44935–44936, 44942,
46105.
7. Amend § 1520.5 by revising
paragraph (b)(1)(i) to read as follows:
§ 1520.5
Sensitive security information.
*
*
*
*
*
(b) * * *
(1) * * *
(i) Any aircraft operator, airport
operator, watch-list service provider, or
fixed base operator security program, or
security contingency plan under this
chapter;
*
*
*
*
*
8. Amend § 1520.7 by revising the
introductory text and paragraph (a) to
read as follows:
§ 1520.7
Covered persons.
Persons subject to the requirements of
part 1520 are:
PO 00000
Frm 00052
Fmt 4701
Sfmt 4702
(a) Each airport operator, aircraft
operator, TSA-approved auditor,
independent public accounting firm
attesting to compliance under part 1544,
subpart F, watch-list service provider,
and fixed base operator subject to the
requirements of subchapter C of this
chapter, and each armed security officer
under subpart B of part 1562.
*
*
*
*
*
9. Add new part 1522 to subchapter
B to read as follows:
PART 1522—TSA-APPROVED AUDITORS
Subpart A—General
Sec.
1522.1 Scope and terms used in this part.
1522.3 Qualifications.
1522.5 Application.
1522.7 TSA review and approval.
1522.9 Reconsideration of disapproval of an
application.
1522.11 Withdrawal of approval.
1522.13 Responsibilities of TSA-approved
auditors.
1522.15 Fraud and intentional falsification
of records.
1522.17 TSA Inspection authority.
Subpart B [Reserved]
Subpart C—Auditors for the Large Aircraft
Security Program.
Sec.
1522.201 Applicability.
1522.203 Additional qualification
requirements.
1522.205 Audit report.
1522.207 Training.
1522.209 Biennial Review.
Authority: 49 U.S.C. 114, 5103, 40113,
44901–44907, 44913–44914, 44916–44918,
44932, 44935–44936, 44942, 46105.
PART 1522—TSA-APPROVED
AUDITORS
Subpart A—General
§ 1522.1
part.
Scope and terms used in this
(a) This part governs the approval and
responsibilities of persons conducting
security audits of large aircraft operators
that are required to have a security
program under part 1544.
(b) In addition to the terms in §§
1500.3 and 1540.5 of this chapter, the
following terms apply in this part:
Applicant means an individual who
seeks to become a TSA-approved
auditor under this part.
Conflict of interest means a situation
when the TSA-approved auditor has
impairments that might affect their
ability to do their work and report their
findings impartially. Examples of
situations where a TSA-auditor would
have a conflict of interest include but
are not limited to any of the following:
(1) The TSA-approved auditor has
official, professional, personal, or
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
financial relationships that might cause
an auditor to limit the extent of the
inquiry, to limit disclosure, or to
weaken or distort audit findings in any
way.
(2) The TSA-approved auditor had
previous responsibility for decisionmaking or managing an entity that
would affect current operations of the
entity or program being audited.
(3) The TSA-approved auditor
currently or previously maintained the
official records that are the subject of
the audit.
(4) The TSA-approved auditor has
financial interest that is direct, or is
substantial though indirect, in the
audited entity or program.
(5) An immediate family member of
the TSA-approved auditor is an officer
of the operator that is the subject of the
audit.
(6) The TSA-approved auditor or an
entity with which the TSA-approved
auditor has an employment relationship
provides to the operator being audited
non-audit services that relate to the
operator’s security program.
TSA-approved auditor or auditor
means any individual who has been
approved under this part to conduct an
audit required under this chapter.
§ 1522.3
Qualifications.
To be considered for approval as an
auditor, the applicant must—
(a) Have sufficient facilities,
resources, and personnel to perform the
required audit responsibilities;
(b) Have knowledge of the Federal
statutory and regulatory requirements
and experience understanding and
interpreting Federal statutes and
regulations;
(c) Have sufficient, relevant
experience to perform the required audit
responsibilities;
(d) Obtain a certification or
accreditation from an organization that
TSA recognizes as qualified to certify or
accredit an auditor for the type of audit
that the applicant seeks to perform; and
(e) Demonstrate the ability to prepare
clear and thorough written reports and
other documents required for the
auditing function they will perform and
demonstrate excellent oral
communication skills.
sroberts on PROD1PC70 with PROPOSALS
§ 1522.5
Application.
(a) Each applicant must submit an
application in a form and manner
prescribed by TSA.
(b) An application must include the
following information:
(1) The applicant’s full name,
business address, business phone
number, and business email address;
(2) A copy of the applicant’s
certification from an organization that
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
TSA recognizes as qualified to certify or
accredit an auditor for the type of audit
that the applicant seeks to perform; and
(3) A statement of how the applicant
meets the qualifications set forth on
§ 1522.3.
§ 1522.7
TSA review and approval.
(a) Review. Upon receiving an
application, TSA will review the
application. TSA will approve the
application if the applicant meets the
qualifications described in § 1522.3 and
other applicable qualifications
described in this part and TSA
determines that approval is in the
interest of safety and the public.
(b) Approval. If an application is
approved, TSA will send the applicant
a written notice of approval. Once
approved, an auditor may conduct
audits in which he or she does not have
a conflict of interest.
(c) Disapproval. TSA will send a
written notice of disapproval to an
applicant whose application is
disapproved. The notice of disapproval
will include the basis of the disapproval
of the application.
§ 1522.9 Reconsideration of disapproval of
an application.
(a) Petition for reconsideration. If an
application is disapproved, the
applicant may seek reconsideration of
the decision by submitting a written
petition for reconsideration to the
Assistant Secretary or designee within
30 days of receiving the notice of
disapproval. The written petition for
reconsideration must include a
statement and any supporting
documentation explaining why the
applicant believes the reason for
disapproval is incorrect.
(b) Review of petition. Upon review of
the petition for reconsideration, the
Assistant Secretary or designee disposes
of the petition by either affirming the
disapproval of the application or
approving the application. The
Assistant Secretary or designee may
request additional information from the
applicant prior to rendering a decision.
§ 1522.11
Withdrawal of approval.
(a) Basis for withdrawal of approval.
TSA may withdraw approval of a TSAapproved auditor if the auditor ceases to
meet the standards for approval, fails to
fulfill his or her responsibilities under
§ 1522.11, or it is in the interest of
security or the public, such as failure to
report an imminent threat under
§ 1522.11(c).
(b) Notice of withdrawal of approval.
(1) Except as provided in paragraph (c)
of this section, TSA will provide a
written notice of proposed withdrawal
of approval to the auditor.
PO 00000
Frm 00053
Fmt 4701
Sfmt 4702
64841
(2) The notice of proposed withdrawal
of approval will include the basis of the
withdrawal of approval.
(3) Unless the auditor files a written
petition for reconsideration under
paragraph (d) of this section, the notice
of proposed withdrawal of approval will
become a final notice of withdrawal of
approval 31 days after the auditor’s
receipt of the notice of proposed
withdrawal of approval.
(c) Emergency notice of withdrawal of
approval. (1) If TSA finds that there is
an emergency requiring immediate
action with respect to a TSA-approved
auditor’s ability to perform audits, TSA
may withdraw approval of that auditor
without prior notice.
(2) TSA will incorporate in the
emergency notice of withdrawal of
approval a brief statement of the reasons
and findings for the withdrawal of
approval.
(3) The emergency notice of
withdrawal of approval is effective upon
the TSA-approved auditor’s receipt of
the notice. The auditor may file a
written petition for reconsideration
under paragraph (d) of this section;
however, this petition does not stay the
effective date of the emergency notice of
withdrawal of approval.
(d) Petition for reconsideration. An
auditor may seek reconsideration of the
withdrawal of approval by submitting a
written petition for reconsideration to
the Assistant Secretary or designee
within 30 days of receiving the notice of
withdrawal of approval.
(e) Review of petition. Upon review of
the written petition for reconsideration,
the Assistant Secretary or designee
disposes of the petition by either
affirming or withdrawing the notice of
withdrawal of approval. The Assistant
Secretary or designee may request
additional information from the auditor
prior to rendering a decision.
§ 1522.13 Responsibilities of TSAapproved auditors.
(a) Standards for audit. Each auditor
must perform an audit, in a form and
manner prescribed by TSA, to
determine whether the operator is in
compliance with applicable TSA
requirements.
(b) Conflict of interest. No auditor
may undertake an audit in which he or
she has a conflict of interest as defined
in § 1552.1.
(c) Audit report. Each auditor must
prepare and submit a report, in a form
and manner prescribed by TSA, for each
audit that he or she performs.
(d) Immediate notification to TSA. If
during the course of an audit the auditor
believes that there is or may be an
instance of noncompliance with TSA
E:\FR\FM\30OCP2.SGM
30OCP2
64842
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
requirements that presents an imminent
threat to transportation security or
public safety, the auditor must report
the instance immediately to TSA.
(e) Change in information. Each
auditor must inform TSA of any change
in the information described in § 1522.3
and 1522.5.
(f) No authorization to take remedial
or disciplinary action. The auditor is not
authorized to require any remedial or
disciplinary action against the person
subject to the audit.
(g) Sensitive Security Information.
Each TSA-approved auditor must
comply with the requirements in 49
CFR part 1520 regarding the handling
and protection of Sensitive Security
Information.
(h) Non-disclosure of proprietary
information. Unless explicitly
authorized by TSA, each auditor may
not make an unauthorized release or
dissemination of any information that
TSA or a large aircraft operator indicates
as proprietary information and provides
to the auditor.
§ 1522.15 Fraud and intentional
falsification of records.
No auditor may make, or cause to be
made, any of the following:
(a) Any fraudulent or intentionally
false statement in any application under
this part.
(b) Any fraudulent or intentionally
false entry in any record or report that
is kept, made, or used to show
compliance with this subchapter, or
exercise any privileges under this part.
(c) Any reproduction or alteration, for
fraudulent purpose, of any report,
record, security program, access
medium, or identification medium
issued or submitted under this part.
§ 1522.17
TSA inspection authority.
(a) Each TSA-approved auditor must
allow TSA, at any time or place, to make
any inspections, including copying
records, to determine compliance of a
TSA-approved auditor or an operator
required to submit to an audit under
this subchapter with:
(1) This subchapter and any security
program under this subchapter, and part
1520 of this chapter; and
(2) 49 U.S.C. Subtitle VII, as amended.
(b) At the request of TSA, each TSAapproved auditor must provide
evidence of compliance with this part.
sroberts on PROD1PC70 with PROPOSALS
Subpart B [Reserved]
Subpart C—Auditors for the Large
Aircraft Security Program
§ 1522.201
Applicability.
This subpart applies to auditors who
seek to obtain approval from TSA to
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
conduct audits of operators of large
aircraft that are required to have a
security program under 49 CFR
1544.101(b).
§ 1522.203 Additional qualification
requirements.
In addition to the requirements set
forth in § 1522.3, an applicant seeking to
obtain approval to audit aircraft
operators that are required to have a
security program under 49 CFR
1544.101(b) must have the following
qualifications:
(a) The applicant must have at least
five years of experience in inspection or
auditing compliance with State or
Federal regulations in the security
industry, the aviation industry, or
government programs. The five years of
experience must have been obtained
within 10 years of the date of the
application.
(b) The applicant must present three
professional references that address the
applicant’s abilities in inspection or
auditing and written communications.
(c) Maintain a current accreditation or
certification required in § 1522.3(d).
(d) The applicant must have sufficient
knowledge of, and ability to determine
compliance with, regulations, policies,
directives, rules, and regulations,
pertaining to the large aircraft security
program.
(e) The applicant must have sufficient
knowledge of and ability to apply the
concepts, principles, and methods of
compliance with the requirements of the
large aircraft security program to
include assessment, inspection,
investigation, and reporting of
compliance with the large aircraft
security program.
(f) The applicant must successfully
undergo a security threat assessment
under 49 CFR part 1544, subpart G, and
have a valid Determination of No
Security Threat.
§ 1522.205
Audit report.
(a) Each TSA-approved auditor must
prepare and submit a written audit
report to TSA in a manner and form
prescribed by TSA within 30 days of
completing an audit.
(b) The audit report must include the
following information:
(1) A description of the facilities,
equipment, systems, processes, and/or
procedures that were audited.
(2) The auditor’s findings regarding
the operator’s compliance with TSA
requirements.
(3) Conclusions on the systems,
processes, and/or procedures that were
audited.
(4) Signed attestation by the auditor
that he or she did not have any conflicts
PO 00000
Frm 00054
Fmt 4701
Sfmt 4702
of interest in conducting the audit and
that the audit was conducted
impartially, professionally, and
consistent with the standards set forth
by TSA.
(5) The third party auditor must retain
copies of completed audit reports for 36
calendar months.
§ 1522.207
Training.
(a) Initial training. Each TSAapproved auditor must complete the
initial training prescribed by TSA before
conducting any audit under this
subchapter.
(b) Recurrent training. Each TSAapproved auditor must complete
recurrent training prescribed by TSA 24
months after his or her most recent
TSA-prescribed training. If the TSAapproved auditor completes the
recurrent training in the month before or
the month after it is due, the TSAapproved auditor is considered to have
taken it in the month it is due.
§ 1522.209
Biennial review.
(a) Initial review. Except as otherwise
required by TSA, each TSA-approved
auditor must submit the following
information within 24 months after the
auditor is approved under § 1522.5. If
the TSA-approved auditor submits the
following information in the month
before or the month after it is due, the
TSA-approved auditor is considered to
have submitted the information in the
month it is due:
(1) Evidence that the auditor
successfully completed the initial
training under § 1522.207(a) and any
recurrent training described
§ 1522.207(b); and
(2) Evidence that the auditor
continues to be certified or accredited
by an organization that TSA recognizes
as qualified to certify or accredit an
auditor for the large aircraft security
program.
(b) Recurrent review. Except as
otherwise required by TSA, each TSAapproved auditor must submit the
following information 24 months after
the auditor submitted the information
required under paragraph (a) or (b) of
this section. If the TSA-approved
auditor submits the following
information in the month before or the
month after it is due, the TSA-approved
auditor is considered to have submitted
the information in the month it is due:
(1) Evidence that the auditor
successfully completed the initial
training under § 1522.207(a) and any
recurrent training described
§ 1522.207(b); and
(2) Evidence that the auditor
continues to be certified or accredited
by an organization that TSA recognizes
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
as qualified to certify or accredit an
auditor for the large aircraft security
program.
SUBCHAPTER C—CIVIL AVIATION SECURITY
PART 1540—CIVIL AVIATION
SECURITY: GENERAL RULES
10. The authority citation for part
1540 continues to read as follows:
Authority: 49 U.S.C. 114, 5103, 40113,
44901–44907, 44913–44914, 44916–44918,
44935–44936, 44942, 46105.
Subpart A—General
11. Amend § 1540.5 by adding the
definition of ‘‘Standard security
program’’ in alphabetical order to read
as follows:
§ 1540.5
Terms used in this subchapter.
*
*
*
*
*
Standard security program means a
security program issued by TSA that
serves as a baseline for a particular type
of operator. If TSA has issued a standard
security program for a particular type of
operator, unless otherwise authorized
by TSA, each operator’s security
program consists of the standard
security program together with any
amendments and alternative procedures
approved or accepted by TSA.
*
*
*
*
*
Subpart B—Responsibilities of
Passengers and Other Individuals and
Persons
12. Revise § 1540.107(c) to read as
follows:
§ 1540.107 Submission to screening and
inspection.
*
*
*
*
*
(c) An individual must provide his or
her full name, as defined in § 1560.3,
when—
(1) The individual makes a
reservation for a covered flight, as
defined in § 1560.3.
(2) The individual makes a request for
authorization to enter a sterile area.
(3) An aircraft operator described in
§ 1544.101(b) requests the individual’s
full name under § 1544.245(b).
13. Add new subpart D to part 1540
to read as follows:
sroberts on PROD1PC70 with PROPOSALS
Subpart D—Responsibilities of Holders
of TSA-Approved Security Programs
§ 1540.301 Withdrawal of approval of a
security program.
(a) Applicability. This section applies
to holders of a security program
approved or accepted by TSA under 49
CFR chapter XII, subchapter C.
(b) Withdrawal of security program
approval. TSA may withdraw the
VerDate Aug<31>2005
18:31 Oct 29, 2008
Jkt 217001
approval of a security program, if TSA
determines continued operation is
contrary to security and the public
interest, as follows:
(1) Notice of proposed withdrawal of
approval. TSA will serve a Notice of
Proposed Withdrawal of Approval,
which notifies the holder of the security
program, in writing, of the facts,
charges, applicable law, regulation, or
order that form the basis of the
determination.
(2) Security program holder’s reply.
The holder of the security program may
respond to the Notice of Proposed
Withdrawal of Approval no later than
15 calendar days after receipt of the
withdrawal by providing the designated
official, in writing, with any material
facts, arguments, applicable law, and
regulation.
(3) TSA review. The designated
official will consider all information
available, including any relevant
material or information submitted by
the holder of the security program,
before either issuing a Withdrawal of
Approval of the security program or
rescinding the Notice of Proposed
Withdrawal of Approval. If TSA issues
a Withdrawal of Approval, it becomes
effective upon receipt by the holder of
the security program, or 15 calendar
days after service, whichever occurs
first.
(4) Petition for reconsideration. The
holder of the security program may
petition TSA to reconsider its
Withdrawal of Approval by serving a
petition for consideration no later than
15 calendar days after the holder of the
security program receives the
Withdrawal of Approval. The holder of
the security program must serve the
Petition for Reconsideration on the
designated official. Submission of a
Petition for Reconsideration will not
stay the Withdrawal of Approval. The
holder of the security program may
request the designated official to stay
the Withdrawal of Approval pending
review of and decision on the Petition.
(5) Assistant Secretary’s review. The
designated official transmits the Petition
together with all pertinent information
to the Assistant Secretary for
reconsideration. The Assistant Secretary
will dispose of the Petition within 15
calendar days of receipt by either
directing the designated official to
rescind the Withdrawal of Approval or
by affirming the Withdrawal of
Approval. The decision of the Assistant
Secretary constitutes a final agency
order subject to judicial review in
accordance with 49 U.S.C. 46110.
(6) Emergency withdrawal. If TSA
finds that there is an emergency with
respect to aviation security requiring
PO 00000
Frm 00055
Fmt 4701
Sfmt 4702
64843
immediate action that makes the
procedures in this section contrary to
the public interest, the designated
official may issue an Emergency
Withdrawal of Approval of a security
program without first issuing a Notice of
Proposed Withdrawal of Approval. The
Emergency Withdrawal would be
effective on the date that the holder of
the security program receives the
emergency withdrawal. In such a case,
the designated official will send the
holder of the security program a brief
statement of the facts, charges,
applicable law, regulation, or order that
forms the basis for the Emergency
Withdrawal. The holder of the security
program may submit a Petition for
Reconsideration under the procedures
in paragraphs (b)(4) through (b)(5) of
this section; however, this petition will
not stay the effective date of the
Emergency Withdrawal.
(c) Service of documents for
withdrawal of approval of security
program proceedings. Service may be
accomplished by personal delivery,
certified mail, or express courier.
Documents served on the holder of a
security program will be served at its
official place of business as designated
in its application for approval or its
security program. Documents served on
TSA must be served to the address
noted in the Notice of Withdrawal of
Approval or Withdrawal of Approval,
whichever is applicable.
(1) Certificate of service. An
individual may attach a certificate of
service to a document tendered for
filing. A certificate of service must
consist of a statement, dated and signed
by the person filing the document, that
the document was personally delivered,
served by certified mail on a specific
date, or served by express courier on a
specific date.
(2) Date of service. The date of service
is—
(i) The date of personal delivery;
(ii) If served by certified mail, the
mailing date shown on the certificate of
service, the date shown on the postmark
if there is no certificate of service, or
other mailing date shown by other
evidence if there is no certificate of
service or postmark; or
(iii) If served by express courier, the
service date shown on the certificate of
service, or by other evidence if there is
no certificate of service.
(d) Extension of time. TSA may grant
an extension of time to the limits set
forth in this section for good cause
shown. A security program holder’s
request for an extension of time must be
in writing and be received by TSA at
least two days before the due date in
order to be considered. TSA may grant
E:\FR\FM\30OCP2.SGM
30OCP2
64844
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
itself an extension of time for good
cause.
PART 1542—AIRPORT SECURITY
14. The authority citation for part
1542 continues to read as follows:
Authority: 49 U.S.C. 114, 5103, 40113,
44901–44907, 44913–44914, 44916–44918,
44935–44936, 44942, 46105.
15. Amend § 1542.103 by revising
introductory text of paragraphs (a) and
(b), revising paragraphs (c) and (d), and
adding new paragraphs (e) and (f) to
read as follows:
Subpart B—Airport Security Program
sroberts on PROD1PC70 with PROPOSALS
§ 1542.103
Content.
(a) Complete program. Except as
otherwise approved by TSA, each
airport operator regularly serving
operations of an aircraft operator or
foreign air carrier described in
§ 1544.101(a)(1) or § 1546.101(a) of this
chapter, must adopt and carry out a
complete program, and include in its
security program the following:
*
*
*
*
*
(b) Supporting program. Except as
otherwise approved by TSA and except
for airports that are required to adopt a
complete program under paragraph (a)
of this section, each airport regularly
serving operations of an aircraft operator
or foreign air carrier described in
§ 1544.101(a)(2) or § 1546.101(b) or (c)
of this chapter, must adopt and carry
out a supporting program, and include
in its security program a description of
the following:
*
*
*
*
*
(c) Partial program. Except as
otherwise approved by TSA and except
for airports that are required to adopt a
complete program under paragraph (a)
of this section or a supporting program
under paragraph (b) of this section, each
of the following airports must adopt and
carry out a partial program, and must
include in its security program the
requirements in paragraph (d) of this
section.
(1) Each airport regularly serving large
aircraft operations of an aircraft operator
described in § 1544.101(b) with
scheduled or public charter operations.
(2) Each reliever airport as defined in
49 U.S.C. 47102(22).
(d) Partial program content. Except as
otherwise approved by TSA, each
airport described in paragraph (c) of this
section must include in its security
program a description of the following:
(1) Name, means of contact, duties,
and training requirements of the airport
security coordinator as required under
§ 1542.3.
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
(2) A description of the law
enforcement support used to comply
with § 1542.215(b).
(3) Training program for law
enforcement personnel required under
§ 1542.217(c)(2), if applicable.
(4) A system for maintaining the
records described in § 1542.221.
(5) Procedures for the distribution,
storage, and disposal of Sensitive
Security Information (which, as defined
in § 1520.5, includes security programs,
Security Directives, Information
Circulars, and implementing
instructions), and, as appropriate,
classified information.
(6) Procedures for public advisories as
specified in § 1542.305.
(7) Incident management procedures
used to comply with § 1542.307.
(e) Provisional program. (1) An airport
operator that is not subject to paragraph
(a), (b), or (c) of this section may request
TSA to review and approve its security
program.
(2) TSA may approve the security
program if it determines that approval is
in the interest of safety and the public
using the procedures described in
§ 1544.105(a).
(3) The airport operator must comply
with the security program approved
under this paragraph (e).
(4) An airport operator or TSA may
amend an approved security program
using the procedures described in
§ 1544.105.
(5) TSA may withdrawal approval of
a security program using the procedures
described in § 1540.301 if it determines
that withdrawal of approval is in the
interest of safety and the public.
(f) Use of appendices. The airport
operator may comply with paragraphs
(a), (b), (c), and (d) of this section by
including in its security program, as an
appendix, any document that contains
the information required by paragraphs
(a), (b), (c), and (d) of this section. The
appendix must be referenced in the
corresponding section(s) of the security
program.
PART 1544—AIRCRAFT OPERATOR
SECURITY
16. The authority citation for part
1544 continues to read as follows:
Authority: 49 U.S.C. 114, 5103, 40113,
44901–44905, 44907, 44913–44914, 44916–
44918, 44932, 44935–44936, 44942, 46105.
Subpart A—General
17. Amend § 1544.1 by revising
paragraph (a)(1) to read as follows:
§ 1544.1
Applicability of this part.
(a) * * *
(1) The operations of aircraft operators
engaged in any civil operation in an
PO 00000
Frm 00056
Fmt 4701
Sfmt 4702
aircraft with a maximum certificated
takeoff weight of over 12,500 pounds.
*
*
*
*
*
Subpart B—Security Program
§ 1544.101
[Amended]
18. Amend § 1544.101 as follows:
a. Revise paragraph (a) introductory
text;
b. Revise paragraph (b);
c. Remove and reserve paragraphs (c),
(d), (e), and (f);
d. Revise paragraph (g) to read as
follows;
e. Revise paragraph (h) introductory
text; and
f. Remove paragraph (i).
The revisions read as follows:
§ 1544.101
Adoption and implementation.
(a) Full program. Each aircraft
operator holding an operating certificate
under 14 CFR part 119 must carry out
the requirements in subparts C, D, and
E of this part specified in § 1544.103 (c)
and must adopt and carry out a security
program that meets the requirements of
§§ 1544.103(a), (b), and (c) for each of
the following operations:
*
*
*
*
*
(b) Large aircraft program. Each
aircraft operator must carry out the
requirements in subparts C, D, and E of
this part specified in §§ 1544.103(e) and
(f) and must adopt and carry out a
security program that meets the
requirements of §§ 1544.103(a), (b), (e),
and (f) for each operation that meets all
of the following:
(1) Is an aircraft with a maximum
certificated takeoff weight of over
12,500 pounds.
(2) Is in any civil operation.
(3) Is not one of the following:
(i) Operating under a full program
under paragraph (a) of this section;
(ii) Operating under a full all-cargo
program under paragraph (h) of this
section;
(iii) A public aircraft as described in
49 U.S.C. 40102, provided that the
aircraft operator obtains security
procedures from TSA if the aircraft
deplanes into or enplanes from a sterile
area; or
(iv) A government charter under
paragraph (2) of the definition of private
charter in § 1540.5 of this chapter,
provided that aircraft does not deplane
into or enplane from a sterile area and
the government takes security
responsibility for the following:
(A) The aircraft;
(B) Persons onboard; and
(C) Property onboard.
*
*
*
*
*
(g) Limited program. Each aircraft
operator that is not required to have a
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
full program, a large aircraft program or
a full all-cargo program, as identified in
paragraphs (a), (b), and (h) of this
section respectively, may request a
security program from TSA. Each
aircraft operator with a limited program
must carry out selected provisions of
subparts C, D, and E of this part, as
provided by TSA and must adopt and
carry out the provisions of § 1544.305,
as specified in its security program.
(h) Full all-cargo program. Each
aircraft operator holding an operating
certificate under 14 CFR part 119 or 14
CFR part 125 must carry out the
requirements in subparts C, D, and E of
this part specified in § 1544.103(d) and
must adopt and carry out a security
program that meets the requirements of
§§ 1544.103(a), (b), and (d) for each
operation that is—
*
*
*
*
*
19. Amend § 1544.103 by adding
paragraph (a)(4), revising paragraph (c),
and adding paragraphs (d), (e), and (f) to
read as follows:
sroberts on PROD1PC70 with PROPOSALS
§ 1544.103
Form, content, and availability.
(a) * * *
(4) Includes the standard security
program issued by TSA, together with
any amendments and alternate
procedures approved or accepted by
TSA for the aircraft operator.
*
*
*
*
*
(c) Content of a security program for
a full program aircraft operator. The
standard security program for a full
program aircraft operator described in
§ 1544.101(a) is the Aircraft Operator
Standard Security Program (AOSSP).
The security program must include the
following:
(1) Section 1544.201, Acceptance and
screening of individuals and accessible
property.
(2) Section 1544.203, Acceptance and
screening of checked baggage.
(3) Section 1544.205, Acceptance and
screening of cargo.
(4) Section 1544.207, Inspection of
individuals and property.
(5) Section 1544.209, Use of metal
detection devices.
(6) Section 1544.211, Use of X-ray
systems.
(7) Section 1544.213, Use of
explosives detection systems.
(8) Section 1544.215, Security
coordinators.
(9) Section 1544.217, Law
enforcement personnel.
(10) Section 1544.219, Carriage of
accessible weapons.
(11) Section 1544.221, Carriage of
prisoners under the control of armed
law enforcement officers.
(12) Section 1544.223(a) through (h),
Transportation of Federal Air Marshals.
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
(13) Section 1544.225, Security of the
aircraft and facilities.
(14) Section 1544.227, Exclusive area
agreements.
(15) Section 1544.228, Access to cargo
and security threat assessments for
cargo personnel in the United States.
(16) Sections 1544.229 and 1544.230,
Fingerprint-based criminal history
records checks.
(17) Section 1544.231, Airportapproved and exclusive area personnel
identification systems.
(18) Sections 1544.233 and 1544.235,
Security coordinators and crewmember
training and training for individuals
with security-related duties.
(19) Section 1544.237, Flight deck
privileges.
(20) Section 1544.241, Regarding
voluntary provision of emergency
services.
(21) Section 1544.301, Contingency
plan.
(22) Section 1544.303, Bomb or air
piracy threats.
(23) Section 1544.305, Security
directives and information circulars.
(d) Content of a security program for
a full all-cargo program. The standard
security program for a full all-cargo
aircraft operator described in
§ 1544.101(h) is the Full All-Cargo
Aircraft Operator Standard Security
Program (FACAOSSP). The security
program must include the following:
(1) Section 1544.202, Persons and
property onboard an all-cargo aircraft.
(2) Section 1544.205, Acceptance and
screening of cargo.
(3) Section 1544.207, Inspection of
individuals and property.
(4) Section 1544.209, Use of metal
detection devices.
(5) Section 1544.211, Use of x-ray
systems.
(6) Section 1544.215, Security
coordinators.
(7) Section 1544.217, Law
enforcement personnel.
(8) Section 1544.219, Carriage of
accessible weapons.
(9) Section 1544.223(a) through (h),
Transportation of Federal Air Marshals.
(10) Section 1544.225, Security of the
aircraft and facilities.
(11) Section 1544.227, Exclusive area
agreements.
(12) Section 1544.228, Access to cargo
and security threat assessments for
cargo personnel in the United States.
(13) Sections 1544.229 and 1544.230,
Fingerprint-based criminal history
records checks.
(14) Section 1544.231, Airportapproved and exclusive area personnel
identification systems.
(15) Sections 1544.233 and 1544.235,
Security coordinators and crewmember
PO 00000
Frm 00057
Fmt 4701
Sfmt 4702
64845
training and training for individuals
with security-related duties.
(16) Section 1544.237, Flight deck
privileges.
(17) Section 1544.301, Contingency
plan.
(18) Section 1544.303, Bomb or air
piracy threats.
(19) Section 1544.305, Security
directives and information circulars.
(20) Other provisions of subpart C of
this part that TSA has approved upon
request.
(21) The remaining requirements of
subpart C of this part when TSA notifies
the aircraft operator in writing that a
security threat exists concerning that
operation.
(e) Content of a security program for
a large aircraft operator. The standard
security program for large aircraft
operators described in § 1544.101(b) is
the large aircraft security program
(LASP). The security program must
include the following and any
applicable requirements in paragraph (f)
of this section:
(1) Section 1544.206, Person and
property onboard a large aircraft.
(2) Section 1544.215, Security
coordinators.
(3) Section 1544.217, Law
enforcement personnel.
(4) Section 1544.219, Carriage of
accessible weapons.
(5) Section 1544.223(i),
Transportation of Federal Air Marshals.
(6) Section 1544.225, Security of the
aircraft and facilities.
(7) Sections 1544.233 and 1544.235,
Security coordinators and crewmember
training.
(8) Section 1544.241, Voluntary
provision of emergency services if the
large aircraft operator holds an Air
Carrier Certificate under 14 CFR part
119.
(9) Section 1544.243, Third party
audit.
(10) Section 1544.245, Passenger
vetting for large aircraft operators.
(11) Sections 1544.301(a) and (b),
Contingency plan.
(12) Section 1544.303, Bomb or air
piracy threats.
(13) Section 1544.305, Security
directives and information circulars.
(14) Part 1544, subpart G, Security
threat assessment for flight crew.
(15) Except as provided in paragraph
(f)(1) of this section, an aircraft operator
must seek alternative procedures from
TSA for the screening of individuals
and property for an aircraft that
enplanes from or deplanes into a sterile
area.
(16) Other provisions of subparts C, D,
and E of this part that TSA has
approved upon request.
E:\FR\FM\30OCP2.SGM
30OCP2
64846
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
(17) The remaining requirements of
subparts C, D, and E of this part when
TSA notifies the aircraft operator that a
security threat exists concerning that
operation.
(f) Additional requirements for large
aircraft operators. In addition to the
requirements in paragraph (e) of this
section each aircraft operator described
in § 1544.101(b) must include in its
security program, the applicable
requirements of this paragraph (f).
(1) Large aircraft over 45,500
kilograms (100,309.3 pounds) or with a
passenger-seating configuration of 61 or
more. For large aircraft operated for
compensation or hire with a maximum
certificated take-off weight of over
45,500 kilograms (100,309.3 pounds), or
a passenger-seating configuration of 61
or more, each aircraft operator must
include in its security program the
following:
(i) Section 1544.201, Acceptance and
screening of individuals and their
accessible property.
(ii) Section 1544.207(c), Inspection of
individuals and property.
(iii) Section 1544.223(a) through (h),
Transportation of Federal Air Marshals.
(iv) Procedures for ensuring that each
of the following individuals have
successfully undergone a security threat
assessment under subpart G of this part
before granting the individual authority
to perform screening functions:
(A) Individuals who screen
passengers or property that will be
carried in a cabin of the aircraft.
(B) Individuals who serve as
immediate supervisors or the next
supervisory level to those individuals
described in paragraph (a)(1)(iv)(A) of
this section.
(2) All-Cargo operations for aircraft
with an MTOW of over 12,500 pounds.
A large aircraft operator in an all-cargo
operation must include the following in
its security program:
(i) Section 1544.202, Persons and
property onboard an all-cargo aircraft.
(ii) Sections 1544.205(a), (b), (d), and
(f), Acceptance and screening of cargo.
20. Revise § 1544.105 to read as
follows:
sroberts on PROD1PC70 with PROPOSALS
§ 1544.105 Approval and amendments to
the security program.
(a) Initial approval of security
program. (1) Application. Unless
otherwise authorized by TSA, each
aircraft operator required to have a
security program under this part must
apply for a security program in a form
and a manner prescribed by TSA at least
90 days before the intended date of
operations. The application must be in
writing.
(i) Each aircraft operator must include
in its application the following:
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
(A) The aircraft operator’s business
name and other names, including
‘‘doing business as’’;
(B) Address of the aircraft operator’s
primary place of business or
headquarters;
(C) The aircraft operator’s state of
incorporation, if applicable; and
(D) The aircraft operator’s tax
identification number.
(ii) Each aircraft operator under the
large aircraft program as described in
§ 1544.101(b) must include the
following in its application:
(A) The business name and other
names, including ‘‘doing business as.’’ If
the applicant holds or is applying for a
FAA operating certificate, the business
name must be the same as the name on
the FAA operating certificate.
(B) The names and addresses of each
proprietor, general partner, officer,
director, and owner of an aircraft
identified under § 1544.101(b).
(C) A signed statement from each
person listed in paragraph (a)(1)(ii) of
this section stating whether he or she
has been a proprietor, general partner,
officer, director, or owner of a large
aircraft that had its security program
withdrawn or suspended by TSA.
(D) If the applicant holds a FAA
operating certificate, the FAA operating
certificate number.
(E) If the applicant does not have a
FAA operating certificate, the type of
operation under which the applicant
operates, for example operating under
14 CFR part 91.
(F) The name, title, address, phone
number, and electronic mail address of
the Aircraft Operator Security
Coordinator (AOSC) and any alternates.
The telephone number provided must
be a number where at least one AOSC
may be reached.
(G) A statement acknowledging and
ensuring that each employee and agent
of the aircraft operator, who is subject
to training under § 1544.233 and 235,
will have successfully completed the
training outlined in its security program
before performing security-related
duties.
(2) Standard security program. TSA
will provide to the aircraft operator
security coordinator the appropriate
standard security program, any security
directives, and amendments to the
security program and other alternative
procedures that apply to the aircraft
operator. The aircraft operator may
either accept the standard security
program or submit a proposed modified
security program to the designated
official for approval. TSA will approve
the security program under paragraph
(a)(3) of the section or issue a written
PO 00000
Frm 00058
Fmt 4701
Sfmt 4702
notice to modify under paragraph (a)(4)
of this section.
(3) Approval. TSA will approve the
security program upon determining
that—
(i) The aircraft operator has met the
requirements of this part, its security
program, and any applicable Security
Directives;
(ii) The aircraft operator is able and
willing to carry out the requirements of
its security program;
(iii) The approval of the security
program is not contrary to the interests
of security and the public interest; and
(iv) The aircraft operator has not held
a security program that was withdrawn,
unless otherwise authorized by TSA.
(4) Modification. (i) If a security
program does not satisfy the
requirements in paragraph (a)(3) of this
section, TSA will provide the aircraft
operator written Notice to Modify the
security program to comply with the
applicable requirements of this part.
(ii) The aircraft operator may either
submit a modified security program to
TSA for approval, or a petition for
Reconsideration of Notice to Modify
within 30 days of receipt of the Notice
to modify. A Petition for
Reconsideration must be filed with the
designated official.
(iii) The designated official, upon
receipt of a Petition for Reconsideration,
either amends or withdraws the Notice,
or transmits the Petition, together with
any pertinent information, to the
Assistant Secretary for reconsideration.
The Assistant Secretary may dispose of
the Petition within 30 days of receipt by
either directing the designated official to
withdraw or amend the Notice to
Modify, or by denying the Petition and
affirming the Notice to Modify.
(5) Commencement of operations. The
aircraft operator may operate under an
approved security program when it
meets all requirements, including but
not limited to successful completion of
training and Security Threat
Assessments by relevant personnel, if
applicable.
(b) Amendment requested by an
aircraft operator. An aircraft operator
may submit a request to TSA to amend
its security program as follows:
(1) The request for an amendment
must be filed in writing, with the
designated official at least 45 days
before the date the aircraft operator
proposes for the amendment to become
effective, unless a shorter period is
allowed by the designated official.
(2) Within 30 days after receiving a
proposed amendment, the designated
official, in writing, either approves or
denies the request to amend.
E:\FR\FM\30OCP2.SGM
30OCP2
sroberts on PROD1PC70 with PROPOSALS
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
(3) An amendment to an aircraft
operator security program may be
approved if the designated official
determines that security and the public
interest will allow it, and the proposed
amendment provides the level of
security required under this part.
(4) If the proposed amendment is
denied, within 30 days after receiving a
denial, the aircraft operator may petition
the Assistant Secretary to reconsider the
denial. A Petition for Reconsideration
must be filed with the designated
official.
(5) Upon receipt of a petition for
reconsideration, the designated official
either approves the request to amend or
transmits the petition, together with any
pertinent information, to the Assistant
Secretary for reconsideration. The
Assistant Secretary disposes of the
petition within 30 days of receipt by
either directing the designated official to
approve the amendment, or denying the
Petition and affirming the denial.
(6) Any aircraft operator may submit
a group proposal for an amendment that
is on behalf of it and other aircraft
operators that co-sign the proposal.
(c) Amendment by TSA. If security
and the public interest require an
amendment, TSA may amend a security
program as follows:
(1) The designated official notifies the
aircraft operator, in writing, of the
proposed amendment, fixing a period of
not less than 30 days within which the
aircraft operator may submit written
information, views, and arguments on
the amendment.
(2) After considering all relevant
material, the designated official notifies
the aircraft operator of any amendment
adopted or rescinds the notice. If the
amendment is adopted, it becomes
effective not less than 30 days after the
aircraft operator receives the notice of
amendment, unless the aircraft operator
petitions the Assistant Secretary, in
writing, to reconsider no later than 15
days before the effective date of the
amendment. The aircraft operator must
send the written Petition for
Reconsideration to the designated
official. A timely Petition for
Reconsideration stays the effective date
of the amendment.
(3) Upon receipt of a Petition for
Reconsideration, the designated official
either amends or withdraws the notice
or transmits the Petition, together with
any pertinent information, to the
Assistant Secretary for reconsideration.
The Assistant Secretary disposes of the
Petition within 30 days of receipt by
either directing the designated official to
withdraw or amend the amendment, or
by denying the Petition and affirming
the amendment.
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
(d) Emergency amendments. If the
designated official finds that there is an
emergency requiring immediate action
with respect to security in air
transportation or in air commerce that
makes procedures in this section
contrary to the public interest, the
designated official may issue an
emergency amendment, without the
prior notice and comment procedures in
paragraph (c) of this section, effective
without stay on the date the aircraft
operator receives notice of it. In such a
case, the designated official will
incorporate in the notice a brief
statement of the reasons and findings for
the amendment to be adopted. The
aircraft operator may file a written
Petition for Reconsideration under
paragraph (c) of this section; however,
this does not stay the effective date of
the Emergency Amendment.
(e) Requirement to report changes in
information. Each aircraft operator with
an approved security program under
this part must notify TSA, in a form and
manner approved by TSA, of any
changes to the information submitted
during its initial application under
paragraph (a)(1) of this section.
(1) This notification must be
submitted in writing to the designated
official not later than 30 days after the
date the change occurred.
(2) Changes included in the
requirement of this paragraph include,
but are not limited to, changes in the
holder of a security program’s contact
information, owners, business addresses
and locations, and form of business
entity.
(f) TSA may withdraw its approval of
an aircraft operator’s security program
under § 1540.301.
21. Add new § 1544.107 to subpart B
to read as follows:
§ 1544.107
aircraft.
Fractional ownership of large
(a) This section applies to aircraft
operators operating aircraft under a
large aircraft program under
§ 1544.101(b) that are under a fractional
ownership program under 14 CFR part
91, subpart K. For operations where the
owner in operational control delegates
performance of security tasks to the
program manager, the security program
is considered to be held jointly by the
owner and the program manager, and
the owner and the program manager are
jointly and individually responsible for
compliance.
(b) A fractional program manager that
manages multiple aircraft may have one
large aircraft program that applies to all
its operations.
PO 00000
Frm 00059
Fmt 4701
Sfmt 4702
64847
Subpart C—Operations
22. Amend § 1544.201 by adding
introductory text to read as follows:
§ 1544.201 Acceptance and screening of
individuals and accessible property.
This section applies to each aircraft
operator required to comply with this
section under 49 CFR 1544.103.
*
*
*
*
*
23. Revise § 1544.202 to read as
follows:
§ 1544.202 Persons and property onboard
all-cargo aircraft.
Each aircraft operator operating under
a full all-cargo program or a large
aircraft program in an all-cargo
operation as described in
§ 1544.103(f)(2) must apply the security
measures in its security program for
persons who are carried on the aircraft,
and for their property, to prevent or
deter the carriage of any unauthorized
persons, and any unauthorized or
accessible weapons, explosives,
incendiaries, and other destructive
substances or items.
24. Amend § 1544.205 by revising
paragraphs (a), (b), and (d) to read as
follows:
§ 1544.205
cargo.
Acceptance and screening of
(a) Preventing or deterring the carriage
of any explosive or incendiary. Each
aircraft operator operating under a full
program, a full all-cargo program, or a
large aircraft program in an all-cargo
operation as described in
§ 1544.103(f)(2) must use the
procedures, facilities, and equipment
described in its security program to
prevent or deter the carriage of any
unauthorized persons, and any
unauthorized explosives, incendiaries,
and other destructive devices,
substances or items in cargo onboard an
aircraft.
(b) Screening and inspection of cargo.
Each aircraft operator operating under a
full program or a full all-cargo program,
or a large aircraft program in an allcargo operation, as described in
§ 1544.103(f)(2), must ensure that cargo
is screened and inspected for any
unauthorized person, and any
unauthorized explosive, incendiary, and
other destructive substance or item as
provided in the aircraft operator’s
security program and § 1544.207, and as
provided in § 1544.239 for operations
under a full program, before loading it
on its aircraft.
*
*
*
*
*
(d) Refusal to transport. Except as
otherwise provided in its program, each
aircraft operator operating under a full
E:\FR\FM\30OCP2.SGM
30OCP2
64848
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
program, a full all-cargo program, or a
large aircraft program in an all-cargo
operation as described in
§ 1544.103(f)(2) must refuse to transport
any cargo if the shipper does not
consent to a search or inspection of that
cargo in accordance with the system
prescribed by this part.
*
*
*
*
*
25. Add new § 1544.206 to subpart C
to read as follows:
§ 1544.206 Persons and property on board
a large aircraft.
Each aircraft operator operating under
a large aircraft program under
§ 1544.101(b), except for a large aircraft
operator in an all-cargo operation as
described in § 1544.103(f)(2), must
apply the security measures in its
security program for any persons and
accessible property onboard the aircraft,
including company materials (COMAT),
to prevent or deter the carriage of any
unauthorized persons, and any
unauthorized or accessible weapons,
explosives, incendiaries, and other
destructive devices, substances or items.
26. Revise § 1544.207 to read as
follows:
sroberts on PROD1PC70 with PROPOSALS
§ 1544.207
property.
Inspection of individuals and
(a) Applicability of this section. This
section applies to the inspection of
individuals, accessible property,
checked baggage, and cargo by each full
program operator under § 1544.101(a);
the inspection of individuals, accessible
property and cargo by each full all-cargo
program operator under § 1544.101(h);
and the inspection of individuals and
accessible property by a large aircraft
program operator under § 1544.103(f)(1),
as required under this part.
(b) Full program aircraft operators.
Each aircraft operator must ensure that
passengers and their accessible property
do not board an aircraft and that
checked baggage is not loaded onto an
aircraft unless inspection is conducted
as follows:
(1) Locations within the United States.
The inspection of passengers, accessible
property, and checked baggage is
conducted by TSA.
(2) Locations outside the United
States. (i) In non-U.S. locations where
the foreign country conducts inspection
of passengers, accessible property, and
checked baggage, the aircraft operator
must ensure that the foreign country or
its designee conducts such inspection.
TSA may require aircraft operators to
conduct supplemental inspection
operations.
(ii) In non-U.S. locations where the
foreign country does not conduct
inspection of passengers, accessible
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
property, and/or checked baggage, an
aircraft operator must conduct any
inspection not conducted by the foreign
country or must not permit noninspected individuals on the aircraft.
The aircraft operator’s personnel must
be trained and authorized to inspect
individuals, accessible property, and
checked baggage, as provided in subpart
E.
(3) All locations. Each aircraft
operator must ensure the inspection of
all cargo prior to loading on the aircraft.
The cargo must be inspected as
provided in each aircraft operator’s
security program or by TSA, or by the
foreign country. Where the foreign
country does not conduct inspection of
cargo, the aircraft operator must conduct
the inspection or must not permit noninspected cargo on the aircraft.
(c) Full all-cargo aircraft operators
and large aircraft operators. Each
aircraft operator must use the measures
in its security program and in subpart E
of this part to inspect individuals and
property.
27. Amend § 1544.217 by revising the
introductory text of paragraphs (a)(2)
and (b) to read as follows:
§§ 1544.201(d) and 1544.202, with
respect to accessible weapons, do not
apply to a LEO aboard a flight for which
screening is not required if the
requirements of paragraphs (a)(1), (3),
and (4) of this section are met.
*
*
*
*
*
29. Amend § 1544.223 by adding
introductory text and a new paragraph
(i), and revising paragraphs (b), (f), and
(g) to read as follows:
§ 1544.223
Marshals.
Transportation of Federal Air
(a) * * *
(2) For operations under a large
aircraft program under § 1544.101(b) or
a full all-cargo program under
§ 1544.101(h), each aircraft operator
must—
*
*
*
*
*
(b) This paragraph (b) applies to
operations at airports required to hold
security programs under part 1542 of
this chapter. For operations under a
large aircraft program under
§ 1544.101(b), or a full all-cargo program
under § 1544.101(h), each aircraft
operator must—
*
*
*
*
*
28. Amend § 1544.219 by adding
introductory text, and revising the
introductory text of paragraphs (a) and
(b) to read as follows:
Each aircraft operator under the full
program as described in § 1544.101(a),
full all-cargo program as described in
§ 1544.101(h), or the large aircraft
program and required to comply with
§ 1544.103(f)(1), must comply with
paragraphs (a) through (h) of this
section. Each aircraft operator under the
large aircraft program as described in
§ 1544.101(b), other than large aircraft
operators described in § 1544.103(f)(1),
must comply with paragraph (i) of this
section.
*
*
*
*
*
(b) Each aircraft operator must carry
Federal Air Marshals, in the number
and manner specified by TSA.
*
*
*
*
*
(f) The requirements of §§ 1544.219(a)
and 1544.241 do not apply for a Federal
Air Marshal on duty status.
(g) Each aircraft operator operating
under a security program pursuant to
§§ 1544.101(a), (b) and (h), must restrict
any information concerning the
presence, seating, names, and purpose
of Federal Air Marshals at any station or
on any flight to those persons with an
operational need to know.
*
*
*
*
*
(i) Upon prior notification from TSA,
large aircraft operators must carry
Federal Air Marshals, in the number
and manner specified by TSA.
30. Amend § 1544.237 by adding
introductory text and revising paragraph
(b) to read as follows:
§ 1544.219
weapons.
§ 1544.237
§ 1544.217
Law enforcement personnel.
Carriage of accessible
This section applies to each aircraft
operator required to comply with this
section under 49 CFR 1544.103.
(a) Flights for which screening is
conducted. The provisions of
§§ 1544.201(d) and 1544.202, with
respect to accessible weapons, do not
apply to a law enforcement officer (LEO)
traveling armed aboard a flight for
which screening is required, if the
requirements of this section are met.
*
*
*
*
*
(b) Flights for which screening is not
conducted. The provisions of
PO 00000
Frm 00060
Fmt 4701
Sfmt 4702
Flight deck privileges.
This section applies to each aircraft
operator required to comply with this
section under 49 CFR 1544.103:
*
*
*
*
*
(b) This section does not restrict
access for an FAA air carrier inspector,
a DOD commercial air carrier evaluator,
an authorized representative of the
National Transportation Safety Board, or
an Agent of the U.S. Secret Service,
under 14 CFR parts 121, 125, or 135, or
a Federal Air Marshal under this part.
31. Add new § 1544.241 to subpart C
to read as follows:
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
sroberts on PROD1PC70 with PROPOSALS
§ 1544.241 Voluntary provision of
emergency services.
adopt and carry out a program for
qualified individuals to volunteer, prior
This section applies to each aircraft
to departure, to be called upon by a
operator that is required to comply with crew member or flight attendant to
this section under 49 CFR 1544.103 and provide emergency services in the event
that is an air carrier.
of an in-flight emergency. Prior to
(a) Qualification under this section.
accepting an offer of voluntary
An individual is qualified for purposes
emergency services from a qualified
of this section if the individual is
individual prior to departure, the
qualified under Federal, State, local, or
aircraft operator must request and
tribal law, or under the law of a foreign
review any credential, document, and
government, has valid standing with the identification offered by the individual
licensing or employing agency that
to determine whether he or she meets
issued the credentials, and is a
the definition of a qualified individual.
scheduled, on-call, paid, or volunteer
(1) The credential, document, or
employee, as one of the following:
identification must identify the service
(1) A law enforcement officer who is
category and bear the individual’s name,
an employee or authorized by the
clear full-face picture, and signature and
Federal, state, local, or tribal
must not have expired, except as
government or under the law of a
provided in paragraph (c)(3) of this
foreign government, with the primary
section.
purpose of the prevention, investigation,
(2) If the credential does not bear an
apprehension, or detention of
expiration date, the qualified individual
individuals suspected or convicted of
must also present an official letter
government offenses.
identifying current employment in the
(2) A firefighter who is an employee,
relevant service category.
whether paid or a volunteer, of a fire
(3) If the credential does not bear a
department of any Federal, state, local,
full-face image of the individual, the
or tribal government who is certified as
individual must also present a photo
a firefighter as a condition of
identification issued by a government
employment and whose duty it is to
authority.
extinguish fires, to protect life, and to
(4) An individual whose credential
protect property.
bears an expiration date that has passed
(3) An emergency medical technician
on the date of the intended flight is not
who is trained and certified to appraise
considered a qualified individual for
and initiate the administration of
purposes of paragraph (c) of this section.
emergency care for victims of trauma or
(d) Law enforcement officers flying
acute illness.
armed and federal air marshals. The
(b) Exemption from liability. (1) Under aircraft operator need not apply the
49 U.S.C. 44944(b), an individual shall
requirements of paragraph (c) to a law
not be liable for damages in any action
enforcement officer traveling armed
brought in a Federal or State court that
pursuant to § 1544.219 or to a Federal
arises from an act or omission of the
Air Marshal on duty status pursuant to
individual in providing or attempting to §§ 1544.219 and 1544.223.
provide assistance in the case of an in(e) Discretion of the aircraft operator.
flight emergency in an aircraft of an air
The aircraft operator has full discretion
carrier if the individual meets the
to request, accept, or reject a qualified
qualifications described in paragraph (a) individual’s offer of assistance. Nothing
of this section.
in this section prohibits or requires any
(2) Under 49 U.S.C. 44944(c),
passenger’s assistance in an emergency.
exemption described in paragraph (b)(1)
(f) Confidentiality. The aircraft
of this section shall not apply in any
operator must not provide any
case in which an individual provides, or individual, other than the appropriate
attempts to provide, assistance in a
aircraft operator personnel who need to
manner that constitutes gross negligence know, the identity or any other personal
or willful misconduct.
or professional information of any
(3) The exemption described in
qualified individual offering to provide
paragraph (b)(1) of this section applies
emergency services.
whether or not the individual has
32. Add new § 1544.243 to subpart C
volunteered prior to departure under the to read as follows:
program described in paragraph (c) of
§ 1544.243 Third party audit.
this section.
(a) Applicability. This section applies
(4) For purposes of this paragraph (b),
to aircraft operators operating under a
the qualified individual need not have
his or her credentials present at the time large aircraft program under
§ 1544.101(b).
of providing or attempting to provide
(b) General. Each aircraft operator
assistance.
(c) Program for pre-departure
must contract with an auditor approved
volunteers. Each aircraft operator must
under 49 CFR part 1522 to conduct an
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
PO 00000
Frm 00061
Fmt 4701
Sfmt 4702
64849
audit of the aircraft operator’s
compliance with this chapter and its
security program in accordance with
this section.
(c) Timing. (1) Initial audit. Except as
approved by TSA, each aircraft operator
must cause the initial audit to be
conducted within sixty days of the
approval of the aircraft operator’s
security program under § 1544.105.
(2) Biennial audit. Each aircraft
operator must cause an audit to be
conducted 24 months after the aircraft
operator’s most recent audit conducted
to meet the requirements in paragraph
(c)(1) of this section or this paragraph
(c)(2). If the aircraft operator completes
the audit in the month before or the
month after it is due, the aircraft
operator is considered to have
completed the audit in the month it is
due.
(d) Auditor’s access. Each aircraft
operator must provide the auditor
access to all records, equipment, and
facilities necessary for the auditor to
conduct an audit of the aircraft
operator’s compliance with this chapter
and its security program.
(e) Audit report. Each aircraft operator
will receive a copy of the audit report
from its auditor.
(f) Comments on audit report. Within
30 days of receiving a copy of an audit
report from the auditor, an aircraft
operator may submit written comments
on the report to TSA.
33. Add new § 1544.245 to subpart C
to read as follows:
§ 1544.245 Passenger vetting for large
aircraft operators.
(a) Applicability and terms used in
this section. (1) Applicability. (i) Except
as provided in paragraph (a)(1)(ii) of this
section, this section applies to aircraft
operators operating under a large
aircraft program described in
§ 1544.101(b).
(ii) This section does not apply to any
flight operated by a large aircraft
operator for which the large aircraft
operator has submitted advance
passenger information to U.S. Custom
and Border Protection (CBP) under 19
CFR 122.49a, 122.75a, or 122.22 and has
complied with CBP’s instructions. If
CBP grants the pilot landing rights
under 19 CFR 122.49a, 122.75a, or
122.22, the large aircraft operator may
permit all passengers for whom the
aircraft operator submitted advance
passenger information to CBP to board
the aircraft. If CBP identifies a passenger
as a selectee under 19 CFR 122.49a,
122.75a, or 122.22, the large aircraft
operator may permit the passenger to
board the aircraft and the large aircraft
operator must comply with the
E:\FR\FM\30OCP2.SGM
30OCP2
sroberts on PROD1PC70 with PROPOSALS
64850
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
procedures in its security program
pertaining to passengers that are
identified as selectees. If CBP identifies
a passenger as ‘‘not cleared’’ under 19
CFR 122.49a, 122.75a, or 122.22, the
large aircraft operator must not permit
the passenger to board the aircraft.
(2) Terms used in this section. In
addition to the terms in §§ 1500.3 and
1540.5 of this chapter, the following
terms apply in this section:
Continuous vetting means the process
in which an individual’s full name, date
of birth, gender, passport information,
and Redress Number (if available) are
continuously matched against the most
current watch-list in a manner
prescribed by TSA.
Passenger information means:
(1) Full name of the passenger.
(2) Date of birth of the passenger, if
available.
(3) Gender of the passenger, if
available.
(4) Passport information, if available.
(5) Redress Number of the passenger,
if available.
Passport information means the
following information from an
individual’s passport:
(1) Passport number.
(2) Country of issuance.
(3) Expiration date.
(4) Gender.
(5) Full name.
Redress Number means the number
assigned by DHS to an individual
processed through the redress
procedures described in 49 CFR part
1560, subpart C.
Watch-list refers to the No Fly List
and Selectee List components of the
Terrorist Screening Database maintained
by the Terrorist Screening Center.
Watch-list service provider is an entity
that TSA has approved under 49 CFR
part 1544, subpart F, to conduct watchlist matching for large aircraft operators
required under this section.
(b) Request for and transmission of
passenger information. (1) Passenger
information list. Except as provided in
paragraph (b)(2) of this section, each
aircraft operator must:
(i) Request and obtain the full name
of every passenger on each flight
operated by the aircraft operator;
(ii) Request the gender, date of birth,
and Redress Number for every passenger
on each flight operated by the aircraft
operator;
(iii) Transmit the full name and other
available passenger information, and
any available passport information, to
an entity approved to conduct watch-list
matching under 49 CFR part 1544,
subpart F (‘‘Watch-list service
provider’’); and
(iv) Transmit updated passenger
information to its watch-list service
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
provider if there are revisions to the
passenger’s full name, date of birth,
gender, passport information, or Redress
Number.
(2) Master passenger list. An aircraft
operator does not need to transmit
passenger information required under
paragraph (b)(1) of this section or await
boarding instructions required under
paragraph (c) of this section for
individuals who satisfy all of the
following:
(i) Prior to obtaining and transmitting
passenger information under paragraphs
(b)(2)(ii) and (iii) of this section, the
aircraft operator must inform the
individual that inclusion in the master
passenger list is voluntary, provide the
individual with notice of the purpose
and procedures related to a master
passenger list, and obtain from the
individual a signed, written statement
affirmatively requesting that he or she
be placed on the master passenger list.
(ii) The aircraft operator has obtained
the full name, gender, date of birth, and
Redress Number (if available) of the
individuals.
(iii) The aircraft operator has
transmitted the full name, gender, date
of birth, passport information, and
Redress Number (if available) of the
individual and any updated passenger
information to a watch-list service
provider and identified the individual
as an individual that should be subject
to continuous vetting.
(iv) The aircraft operator ensures that
the watch-list service provider has
responsibility for conducting
continuous vetting of the individual at
the time that the individual boards a
flight operated by the aircraft operator.
(v) The watch-list service provider
that conducts the continuous vetting of
the individual has informed the aircraft
operator that the individual is cleared to
board an aircraft after the aircraft
operators transmits the initial passenger
information to the watch-list service
provider. If the aircraft operator
transmits updated passenger
information, the aircraft operator must
wait until the watch-list service
provider informs the aircraft operator
that the individual is cleared to board
an aircraft.
(vi) The watch-list service provider
that conducts the continuous vetting of
the individual has not informed the
aircraft operator that the individual
must be inhibited from boarding the
aircraft, unless explicitly authorized by
TSA to permit boarding of the
individual.
(c) Watch-list matching results. An
operator must not permit a passenger to
board an aircraft until the aircraft
operator’s watch-list service provider
PO 00000
Frm 00062
Fmt 4701
Sfmt 4702
informs the aircraft operator of the
results of watch-list matching for that
passenger in response to the aircraft
operator’s most recent submission of
passenger information for that
passenger. The aircraft operator must
comply with instructions transmitted by
the watch-list service provider under
this paragraph (c), unless explicitly
instructed otherwise by TSA.
(1) Cleared to board an aircraft. If the
aircraft operator’s watch-list service
provider instructs the aircraft operator
that a passenger is cleared, the aircraft
operator may permit the passenger to
board an aircraft.
(2) Passenger identified as a selectee.
If the aircraft operator’s watch-list
service provider instructs the aircraft
operator that a passenger is a selectee,
the aircraft operator may permit the
passenger to board an aircraft. The
aircraft operator must comply with the
procedures in its security program
pertaining to passengers that are
identified as selectees.
(3) Denial to board an aircraft. If the
aircraft operator’s watch-list service
provider instructs the aircraft operator
that the passenger must be inhibited
from boarding an aircraft, the aircraft
operator must not permit the passenger
to board an aircraft. If the aircraft
operator’s watch-list service provider
instructs the aircraft operator to contact
TSA for further resolution of the watchlist matching results, the aircraft
operator must contact TSA in
accordance with procedures set forth in
its security program.
(4) Override by an aircraft operator.
No aircraft operator may override an
instruction to inhibit a passenger from
boarding an aircraft, unless explicitly
authorized by TSA to do so.
(5) Updated passenger information
from an aircraft operator. When an
aircraft operator sends updated
passenger information to its watch-list
service provider under paragraph
(b)(1)(iv) of this section for a passenger
for whom the watch-list service
provider has already transmitted an
instruction, all previous instructions
concerning that passenger are voided.
The aircraft operator may not permit the
passenger to board an aircraft until it
receives an updated instruction
concerning the passenger from its
watch-list service provider. Upon
receiving an updated instruction from
its watch-list service provider, the
aircraft operator must comply with the
updated instruction and disregard all
previous instruction.
(d) Use of the watch-list matching
results. An aircraft operator must not
use any watch-list matching results
provided by the watch-list service
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
provider or TSA for purposes other than
those provided in paragraph (c) of this
section and security purposes.
34. Add new subparts F and G to part
1544 to read as follows:
Subpart F—Watch-List Service Providers
Sec.
1544.501 Scope and terms used in this
subpart.
1544.503 Qualification standards for
approval.
1544.505 Application.
1544.507 TSA review and approval.
1544.509 Reconsideration of disapproval of
an application.
1544.511 Withdrawal of approval.
1544.513 Responsibilities of watch-list
service providers.
1544.515 Security program.
Subpart F—Watch-List Service
Providers
sroberts on PROD1PC70 with PROPOSALS
§ 1544.501
subpart.
Scope and terms used in this
(a) This subpart applies to entities
that conduct watch-list matching for
large aircraft operators under §1544.245.
(b) In addition to the terms in §§
1500.3 and 1540.5 of this chapter, the
following terms apply in this part:
Applicant means an entity that seeks
approval from TSA to conduct watchlist matching for large aircraft operators
under § 1544.245.
Covered personnel means:
(1) Employees who have access to
passenger information, the watch-list, or
watch-list matching results; and
(2) Officers, principals, and program
managers responsible for access of
passenger information, the watch-list, or
watch-list matching results.
Large aircraft operator means an
aircraft operator described in
§§ 1544.101(b) or 1544.107.
Passenger information means—
(1) Full name of the passenger.
(2) Date of birth of the passenger, if
available.
(3) Gender of the passenger, if
available.
(4) Passport information, if available.
(4) Redress Number of the passenger,
if available.
Passport information means the
following information from an
individual’s passport:
(1) Passport number.
(2) Country of issuance.
(3) Expiration date.
(4) Gender.
(5) Full name.
Continuous vetting means the process
in which an individual’s full name, date
of birth, gender, passport information,
and Redress Number (if available) is
continuously matched against the most
current watch-list in a manner
prescribed by TSA.
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
Redress Number means the number
assigned by DHS to an individual
processed through the redress
procedures described in 49 CFR part
1560, subpart C.
Watch-list refers to the No Fly List
and Selectee List components of the
Terrorist Screening Database maintained
by the Terrorist Screening Center.
Watch-list service provider is an entity
that TSA has approved under this
subpart to conduct watch-list matching
for large aircraft operators under
§ 1544.507.
§ 1544.503
approval.
Qualification standards for
To be considered for approval to
conduct watch-list matching under
§ 1544.245, the applicant must satisfy
all of the following requirements.
(a) The applicant must demonstrate
the capability to receive passenger
information from large aircraft operators
described in § 1544.101(b).
(b) The applicant must demonstrate
the capability to conduct automated
watch-list matching and continuous
vetting of individuals in a system that
satisfies standards set forth by TSA for
the protection of personally identifiable
information and the security of the
system.
(c) The applicant must demonstrate
the capability to transmit watch-list
matching results to the large aircraft
operator.
(d) The applicant must successfully
undergo a suitability assessment
conducted by TSA including a
determination that it does not pose or is
suspected of posing a threat to
transportation or national security.
(e) Every covered personnel of the
applicant must successfully undergo a
security threat assessment under 49 CFR
part 1544, subpart G and have a valid
Determination of No Security Threat.
(f) The applicant is incorporated
within the United States. The
applicant’s operations and systems for
conducting watch-list matching under
this subpart must be located in the
United States.
§ 1544.505
Application.
(a) Each applicant must submit an
application in a form and manner
prescribed by TSA.
(b) An application must include the
following information:
(1) The applicant’s full name,
business address, business phone
number, and business email address.
(2) A statement and other
documentary evidence of how the
applicant meets the qualification
standards set forth on § 1544.503.
(3) A system security plan for its
information technology system that
PO 00000
Frm 00063
Fmt 4701
Sfmt 4702
64851
contains personally identifiable
information collected under this part
and § 1544.245 or is used to conduct
watch-list matching. The system
security plan must comply with
standards established by TSA.
(4) An attestation report of the
attestation conducted under
§ 1544.513(c)(1)(i).
(5) A security program that meets
requirements in § 1544.515.
§ 1544.507
TSA review and approval.
(a) Review. Upon receiving an
application, TSA will review the
application including the system
security plan as described in
§ 1544.505(b)(3). TSA may conduct a
site visit as part of its review process. At
its discretion, TSA may approve or
disapprove the application.
(b) Approval. If an application is
approved, TSA will send the applicant
a written notice of approval. Once
approved, the watch-list service
provider may perform passenger vetting
in accordance with this subpart after
TSA receives an attestation report for an
attestation conducted under
§ 1544.513(c)(1)(i) in which the
independent public accounting (IPA)
firm opines that the watch-list service
provider’s system is in compliance with
its system security plan and TSA
standards.
(c) Disapproval. TSA will send a
written notice of disapproval to an
applicant whose application is
disapproved.
§ 1544.509 Reconsideration of disapproval
of an application.
(a) Petition for reconsideration. If an
application is disapproved, the
applicant may seek reconsideration of
the decision by submitting a written
petition for reconsideration to the
Assistant Secretary or designee within
30 days of receiving the notice of
disapproval.
(b) Review of petition. Upon review of
the petition for reconsideration, the
Assistant Secretary or designee disposes
of the petition by either affirming the
disapproval of the application or
approving the application. The
Assistant Secretary or designee may
request additional information from the
applicant prior to rendering a decision.
§ 1544.511
Withdrawal of approval.
(a) Basis for withdrawal of approval.
TSA may withdraw approval to conduct
watch-list matching if a watch-list
service provider ceases to meet the
qualification standards for approval,
fails to fulfill its responsibilities, or in
the interest of security or the public.
(b) Notice of withdrawal. (1) Except as
provided in paragraph (c) of this
E:\FR\FM\30OCP2.SGM
30OCP2
64852
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
section, TSA will provide a written
notice of proposed withdrawal of
approval to the watch-list service
provider.
(2) The notice of withdrawal of
approval will include the basis of the
withdrawal of approval.
(3) Unless the watch-list service
provider files a written petition for
reconsideration under paragraph (d) of
this section, the notice of proposed
withdrawal of approval will become a
final notice of withdrawal of approval
31 days after the watch-list service
provider’s receipt of the notice of
proposed withdrawal of approval.
(c) Emergency notice of withdrawal of
approval. (1) If TSA finds that there is
an emergency requiring immediate
action with respect to a watch-list
service provider’s ability to conduct
watch-list matching, TSA may withdraw
approval of that watch-list service
provider without prior notice.
(2) TSA will incorporate in the
emergency notice of withdrawal of
approval a brief statement of the reasons
and findings for the withdrawal of
approval.
(3) The emergency notice of
withdrawal of approval is effective upon
the watch-list service provider’s receipt
of the notice. The watch-list service
provider may file a written petition for
reconsideration under paragraph (d) of
this section; however, this does not stay
the effective date of the emergency
notice of withdrawal of approval.
(d) Petition for reconsideration. A
watch-list service provider may seek
reconsideration of the withdrawal of
approval of approval by submitting a
written petition for reconsideration to
the Assistant Secretary or designee
within 30 days of receiving the notice of
withdrawal of approval.
(e) Review of petition. Upon review of
the petition for reconsideration, the
Assistant Secretary or designee disposes
of the petition by either affirming or
withdrawing the withdrawal of
approval. The Assistant Secretary or
designee may request additional
information from the watch-list service
provider prior to rendering a decision.
sroberts on PROD1PC70 with PROPOSALS
§ 1544.513 Responsibilities of watch-list
service providers.
(a) Security program. Each watch-list
service provider must adopt and carry
out a security program that meets the
requirements of § 1544.515.
(b) System security plan. Each watchlist provider must comply with its
approved system security plan.
(c) Authorized watch-list matching.
Each watch-list service provider may
only conduct watch-list matching for
aircraft operators that hold a large
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
aircraft program, as described in
§ 1544.101(b), that is approved by TSA
under § 1544.105. Each watch-list
service provider must confirm with TSA
that an aircraft operator holds an
approved large aircraft program prior to
commencement of watch-list matching
for that aircraft operator.
(d) Attestation of compliance. (1)
Each watch-list service provider must
contract with a qualified IPA firm to
conduct an attestation of the watch-list
service provider’s compliance with its
system security plan and TSA standards
for systems that are used to conduct
watch-list matching as follows:
(i) An attestation must be conducted
prior to commencement of watch-list
matching operations;
(ii) An attestation must be conducted
6 months after commencement of
watch-list matching operations; and
(iii) An attestation must be conducted
12 months after the watch-list service
provider’s most recent attestation
conducted to meet the requirements in
paragraph (c)(1)(ii) of this section or this
paragraph (c)(1)(iii). If the watch-list
service provider completes the
attestation in the month before or the
month after it is due, the watch-list
service provider is considered to have
completed the attestation in the month
it is due.
(2) The IPA firm conducts the
attestation in accordance with the
American Institute of Certified Public
Accountants’ (AICPA) Statement for
Standards on Attestation Engagements
10 and TSA standards;
(3) The IPA firm must prepare and
submit a report, in a form and manner
prescribed by TSA, for each audit
conducted under paragraph (c)(1) of this
section.
(4) An IPA firm is qualified for
purposes of paragraph (c)(1) of this
section if:
(i) The selection of the IPA firm was
in accordance with the relevant AICPA
guidance regarding independence; and
(ii) The IPA firm demonstrates the
capability to assess information system
security and process controls. TSA
reserves the right to reject the IPA firm’s
attestation if, in TSA’s judgment, the
IPA firm is not sufficiently qualified to
perform these services.
(e) Sensitive Security Information.
Each watch-list service provider must
comply with the requirements in 49
CFR part 1520 regarding the handling
and protection of Sensitive Security
Information.
(f) Non-disclosure of proprietary
information. Unless explicitly
authorized by TSA, each watch-list
service provider may not further release
or disseminate any information that
PO 00000
Frm 00064
Fmt 4701
Sfmt 4702
TSA or a large aircraft operator indicates
as proprietary information and provides
to the watch-list service provider.
(g) Privacy policy. Each watch-list
service provider must adopt and make
public a privacy policy.
(h) TSA inspection authority. (1) Each
watch-list service provider must allow
TSA, at any time or place, to make any
inspections or tests, including copying
records, to determine compliance of a
watch-list service provider or a large
aircraft operator with—
(i) This subpart, 49 CFR 1544.245, and
part 1520 of this chapter; and
(ii) 49 U.S.C. Subtitle VII, as
amended.
(2) At the request of TSA, each watchlist service provider must provide
evidence of compliance with this
subpart.
(i) Use of watch-list. Watch-list
service providers may not use the
passenger information transmitted
under § 1544.245 and obtained under
this subpart, the watch-list, or the
watch-list matching results for any
purpose other than to conduct watchlist matching under this part in
accordance with their security
programs.
§ 1544.515
Security program.
(a) Each watch-list service provider
must adopt and carry out a security
program that includes all of the
following requirements:
(1) Procedures for conducting watchlist matching in a manner prescribed by
TSA.
(2) Procedures for sending
instructions back to aircraft operators
based on the results of the watch-list
matching.
(3) Procedures for contacting TSA for
resolution of passengers that are
potential matches to the watch-list.
(4) Procedures for identifying
passengers about whom a large aircraft
operator must contact TSA for
resolution of a potential match to the
watch-list.
(5) Procedures for complying with its
system security plan.
(6) Procedures for ensuring the
physical security of the system used to
conduct watch-list matching and the
space and furniture used to receive
passenger information from aircraft
operators, to conduct watch-list
matching, to transmit watch-list results
to aircraft operators, and to store
documents related to watch-list
matching.
(7) Procedures for training covered
personnel on the requirements of this
subpart.
(8) Procedures for conducting
continuous vetting of individuals.
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
(9) Procedures for providing
personnel that is available to TSA 24
hours a day, 7 days a week.
(10) Procedures to identify, handle,
and protect Sensitive Security
Information.
(11) Procedures to maintain
confidentiality of proprietary
information.
(b) A watch-list service provider or
TSA may amend an approved security
program using the procedures in
§ 1544.105.
(c) TSA may withdraw approval of a
security program using procedures in
§ 1540.301.
Subpart G—Security Threat Assessments
for Large Aircraft Flight Crew, Applicants
To Become TSA-Approved Auditors and
Watch-List Service Providers Covered
Personnel
Sec.
1544.601 Scope and expiration.
1544.603 Enrollment for security threat
assessments.
1544.605 Content of security threat
assessment.
1544.607 Criminal history records check
(CHRC).
1544.609 Other analyses.
1544.611 Final disposition.
1544.613 Withdrawal of Determination of
No Security Threat.
1544.615 Appeals.
1544.617 Fees.
1544.619 Notice to employers.
Subpart G—Security Threat
Assessments for Large Aircraft Flight
Crew, Applicants To Become TSAApproved Auditors and Watch-List
Service Providers Covered Personnel
sroberts on PROD1PC70 with PROPOSALS
§ 1544.601
Scope and expiration.
(a) Scope. This subpart applies to the
following individuals who must
undergo a security threat assessment:
(1) Flight crew member for aircraft
operators required to hold a large
aircraft security program under
§ 1544.101(b);
(2) Individuals authorized to perform
screening functions under
§ 1544.103(f)(1);
(3) Applicant to become a TSAapproved auditor under § 1522.203; and
(4) Watch-list service provider
covered personnel under § 1544.503.
(b) Expiration. A Determination of No
Security Threat issued under
§ 1544.611(a) is valid for five years from
the date that the individual receives the
determination unless TSA issues a
withdrawal of Determination of No
Security Threat under § 1544.613 that
results in a Final Determination of
Security Threat Assessment. An
individual may renew a Determination
of No Security Threat using the
procedures set forth in this subpart.
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
(c) Individuals who have undergone a
CHRC under § 1544.229 or 1544.230.
Flight crew members or employees or
contract employees authorized to
perform screening functions who have
undergone a fingerprint-based criminal
history records check under §§ 1544.229
or 1544.230 within five years of the
effective date of this rule are not
required to undergo a security threat
assessment under this part until 5 years
after the date of their notification of the
results of their criminal history records
check.
§§ 1544.603 Enrollment for security threat
assessments.
(a) Except for paragraphs (a)(4) and
(a)(12)–(16) of this section, an
individual who is required to undergo a
security threat assessment under this
subpart must provide the following
information to TSA in a manner and
time prescribed by TSA:
(1) Legal name, including first,
middle, and last; any applicable suffix;
and any other name used previously.
(2) Current mailing address and
residential address if it differs from the
mailing address; and the previous
residential address.
(3) Date of birth.
(4) Social security number. Providing
the social security number is voluntary;
however, failure to provide it will delay
and may prevent completion of the
threat assessment.
(5) Gender.
(6) Height, weight, hair and eye color.
(7) City, state, and country of birth.
(8) Immigration status and date of
naturalization if the individual is a
naturalized citizen of the United States.
(9) Alien registration number, if
applicable.
(10) The name, telephone number,
and address of the individual’s current
employer(s). If the individual’s current
employer is the U.S. military service,
include the branch of the service.
(11) Fingerprints in a manner
prescribed by TSA.
(12) Passport number, city of
issuance, date of issuance, and date of
expiration. This information is
voluntary and may expedite the
adjudication process for individuals
who are U.S. citizens born abroad.
(13) Department of State Consular
Report of Birth Abroad. This
information is voluntary and may
expedite the adjudication process for
individuals who are U.S. citizens born
abroad.
(14) If the individual is not a national
or citizen of the United States, the alien
registration number and/or the number
assigned to the applicant on the U.S.
Customs and Border Protection Arrival-
PO 00000
Frm 00065
Fmt 4701
Sfmt 4702
64853
Departure Record, Form I–94. This
information is voluntary and may
expedite the adjudication process for
individuals who are not U.S. citizens.
(15) Whether the applicant has
previously completed a TSA threat
assessment, and if so the date and
program for which it was completed.
This information is voluntary and may
expedite the adjudication process for
applicants who have completed a TSA
security threat assessment.
(16) Whether the applicant currently
holds a federal security clearance, and
if so, the date of and agency for which
the clearance was performed. This
information is voluntary and may
expedite the adjudication process for
applicants who have completed a
federal security threat assessment.
(b) The individual must certify and
date receipt of the following statement:
Privacy Act Statement: Authority: 49
U.S.C. 114, 40113. Purpose: This information
will be used to verify your identity and to
conduct a security threat assessment to
evaluate your suitability for a position for
which this security threat assessment is
required. Furnishing this information,
including your SSN, is voluntary; however,
failure to provide it will delay and may
prevent the completion of your security
threat assessment. Routine Uses: Includes
disclosure to the FBI to retrieve your criminal
history record; to appropriate governmental
agencies for licensing, law enforcement, or
security purposes, or in the interests of
national security; and to foreign and
international governmental authorities in
accordance with law and international
agreement. For further information, see TSA
002 System of Records Notice.
(c) The individual must provide a
statement, signature, and date of
signature that he or she—
(1) Was not convicted, or found not
guilty by reason of insanity, of a
disqualifying criminal offense identified
in § 1544.229(d) in any jurisdiction
during the 10 years before the date of
the individual’s application for a
security threat assessment under this
subpart.
(2) Is not wanted, or under
indictment, in a civilian or military
jurisdiction, for a disqualifying criminal
offense identified in § 1544.229(d);
(3) Has, or has not, served in the
military, and if so, the branch in which
he or she served, the date of discharge,
and the type of discharge; and
(4) Has been informed that Federal
regulations under 49 CFR 1544.607
impose a continuing obligation on the
individual to disclose to TSA if he or
she is convicted, or found not guilty by
reason of insanity of a disqualifying
crime.
E:\FR\FM\30OCP2.SGM
30OCP2
64854
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
(d) Each individual must complete
and sign the application prior to
submitting his or her fingerprints.
(e) The individual must certify and
date receipt of the following statement,
immediately before the signature line:
The information I have provided on this
application is true, complete, and correct, to
the best of my knowledge and belief, and is
provided in good faith. I understand that a
knowing and willful false statement, or an
omission of a material fact on this
application, can be punished by fine or
imprisonment or both (see section 1001 of
Title 18 United States Code), and may be
grounds for denial of approval for the
position or privilege for which this security
threat assessment is required.
(f) A flight crew member for a large
aircraft, an individual authorized to
perform screening functions, or a watchlist service provider covered personnel
must certify the following statement in
writing:
I acknowledge that if the Transportation
Security Administration determines that I
pose a security threat, my employer may be
notified.
(g) If an Enrollment Provider enrolls
an individual, the Enrollment Provider
must:
(1) Verify the identity of the
individual through two forms of
identification prior to fingerprinting,
and ensure that the printed name on the
fingerprint application is legible. At
least one of the two forms of
identification must have been issued by
a government authority, and at least one
must include a photo.
(2) Advise the individual that a copy
of the criminal record received from the
FBI will be provided to the individual,
if requested by the individual in
writing;
(3) Identify a point of contact if the
individual has questions about the
results of the CHRC; and
(4) Collect, control, and process one
set of legible and classifiable
fingerprints under direct observation by
the enrollment provider or a law
enforcement officer.
(5) Submit the biographic or biometric
data and the application to TSA in the
manner specified by TSA.
sroberts on PROD1PC70 with PROPOSALS
§ 1544.605 Content of the security threat
assessment.
The security threat assessment TSA
conducts under this subpart includes a
criminal history records check, other
analyses, and a final disposition.
§ 1544.607
(CHRC).
Criminal history records check
(a) Fingerprints and other information
used. In conducting criminal history
record checks under this subpart, TSA
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
uses fingerprints and may use other
identifying information.
(b) Submission of fingerprints to FBI/
CJIS. In order to conduct a fingerprintbased criminal history records check,
TSA transmits the fingerprints to the
FBI/CJIS in accordance with the FBI/
CJIS fingerprint submission standards,
receives the results from the FBI/CJIS,
and adjudicates the results of the check
in accordance with this section.
(c) Adjudication of results. (1) TSA
determines that an individual does not
pose a security threat warranting denial
of approval based on a disqualifying
criminal offense if the individual does
not have a disqualifying criminal
offense described in § 1544.229(d).
(2) An applicant who is wanted, or
under indictment in any civilian or
military jurisdiction for a felony listed
in this section, is disqualified until the
want or warrant is released or the
indictment is dismissed.
(d) Determination of arrest status.
When a CHRC on an individual
described in this subpart discloses an
arrest for any disqualifying criminal
offense listed in § 1544.229(d) without
indicating a disposition, the individual
must provide documentation
demonstrating that the arrest did not
result in a disqualifying offense before
the individual may assume a position or
perform a function for which a criminal
history records check under this
Subpart is required. If the disposition
did not result in a conviction or in a
finding of not guilty by reason of
insanity of one of the offenses listed in
§ 1544.229(d), the individual is not
disqualified under this section.
(e) Limits on dissemination of results.
Criminal record information provided
by the FBI may be used only to carry out
this section and § 1544.229. No person
may disseminate the results of a CHRC
to anyone other than:
(1) The individual to whom the record
pertains, or that individual’s authorized
representative.
(2) Entities who are determining
whether to grant the individual a
position or function for which the
criminal history records check in this
subpart is required.
(3) Others designated by TSA.
(f) Correction of FBI records and
notification of disqualification. (1)
Before making a final decision to deny
a position or privilege to an individual
required to undergo a criminal history
records check prescribed by this section,
TSA will serve an Initial Determination
of Threat Assessment and advise him or
her that the FBI criminal record
discloses information that would
disqualify him or her from the position
or privilege and will provide the
PO 00000
Frm 00066
Fmt 4701
Sfmt 4702
individual a copy of the FBI record if he
or she requests it.
(2) The individual may contact the
local jurisdiction responsible for the
information and the FBI to complete or
correct the information contained in his
or her record, subject to the following
conditions—
(i) Within 30 days after being advised
that the criminal record received from
the FBI discloses a disqualifying
criminal offense, the individual must
notify TSA of his or her intent to correct
any information he or she believes to be
inaccurate.
(ii) If no notification, as described in
paragraph (f)(3)(1) of this section, is
received within 30 days, TSA will make
a final determination to deny the
individual the position or privilege.
(g) Continuing obligations to disclose.
An individual who received a
Determination of No Security Threat
under this subpart must disclose to TSA
or to another entity identified by TSA
within 24 hours if he or she is convicted
of any disqualifying criminal offense
that occurs while he or she is has a
Determination of No Security Threat
that has not expired.
§ 1544.609
Other analyses.
To conduct other analyses, TSA
completes the following procedures:
(a) Reviews the individual
information required in 49 CFR
1544.603.
(b) TSA may search domestic and
international Government databases to
determine if an individual meets the
requirements of 49 CFR 1572.107 or to
confirm an individual’s identity. TSA
may determine that an applicant poses
a security threat based on a search of the
following databases:
(1) Interpol and other international
databases, as appropriate.
(2) Terrorist watch-lists and related
databases.
(3) Any other databases relevant to
determining whether an applicant
poses, or is suspected of posing, a
security threat, or that confirm an
applicant’s identity.
§ 1544.611
Final disposition.
Following completion of the
procedures described in §§ 1544.607
and 1544.609, the following procedures
apply, as appropriate:
(a) TSA serves a Determination of No
Security Threat to the individual if TSA
determines that an individual meets the
security threat assessment standards
described in §§ 1544.607 and 1544.609.
(b) TSA serves an Initial
Determination of Threat Assessment on
the individual if TSA determines that
the individual does not meet the
E:\FR\FM\30OCP2.SGM
30OCP2
Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 / Proposed Rules
security threat assessment standards
described in §§ 1544.607 and 1544.609.
The Initial Determination of Threat
Assessment includes—
(1) A statement that TSA has
determined that the individual poses or
is suspected of posing a security threat
warranting disapproval of the
application to assume a position or
perform a function for which a security
threat assessment under this subpart is
required;
(2) The basis for the determination;
(3) Information about how the
individual may appeal the
determination, as described in
§ 1544.615; and
(4) A statement that if the individual
chooses not to appeal TSA’s
determination within 30 days after
receipt of the Initial Determination, or
does not request an extension of time
within 30 days after receipt of the Initial
Determination in order to file an appeal,
the Initial Determination becomes a
Final Determination of Threat
Assessment.
(5) TSA serves a Withdrawal of the
Initial Determination of Threat
Assessment or a Withdrawal of Final
Determination of Threat Assessment on
the individual, if the appeal results in
a finding that the individual does not
pose a threat to security.
sroberts on PROD1PC70 with PROPOSALS
§ 1544.613 Withdrawal of Determination of
No Security Threat.
(a) TSA may withdraw a
Determination of No Security Threat
issued under § 1544.611(a) at any time
it determines that a flight crew member,
an individual authorized to perform
screening functions, a TSA-approved
auditor, or a watch-list service provider
poses or is suspected of posing a
security threat warranting withdrawal of
the Determination of No Security
Threat.
(b) TSA serves withdrawal of the
Determination of No Security Threat on
the individual if TSA determines that
the individual does not meet the
security threat assessment standards
described in §§ 1544.607 and 1544.609.
The withdrawal of the Determination of
No Security Threat includes—
(1) A statement that TSA has
determined that the individual poses or
is suspected of posing a security threat
warranting disapproval of the
application to assume a position or
perform a function for which a security
threat assessment under this subpart is
required;
(2) The basis for the determination;
(3) Information about how the
individual may appeal the
determination, as described in
§ 1544.615; and
VerDate Aug<31>2005
17:19 Oct 29, 2008
Jkt 217001
(4) A statement that if the individual
chooses not to appeal TSA’s Initial
Determination within 30 days after
receipt of the withdrawal of the
Determination of No Security Threat, or
does not request an extension of time
within 30 days after receipt of the
withdrawal of the Determination of No
Security Threat in order to file an
appeal, the withdrawal of the
Determination of No Security Threat
becomes a Final Determination of
Threat Assessment.
(5) TSA serves a Final Determination
of Threat Assessment on the individual,
if the appeal results in a finding that the
individual does not pose a threat to
security.
§ 1544.615
Appeals.
If the individual appeals the Initial
Determination of Threat Assessment or
a withdrawal of the Determination of No
Security Threat, the procedures in 49
CFR part 1515 apply.
§ 1544.617
Fees.
(a) Individuals required to undergo a
security threat assessment must pay the
Security Threat Assessment fee of
$56.75 and the cost for the FBI to
process fingerprint identification
records under Public Law 101–515.
(b) The Security Threat Assessment
fee described in paragraph (a) of this
section may be adjusted annually on or
after October 1, 2007, by publication of
an inflation adjustment. A final rule in
the Federal Register will announce the
inflation adjustment. The adjustment
shall be a composite of the Federal
civilian pay raise assumption and nonpay inflation factor for that fiscal year
issued by the Office of Management and
Budget for agency use in implementing
OMB Circular A–76, weighted by the
pay and non-pay proportions of total
funding for that fiscal year. If Congress
enacts a different Federal civilian pay
raise percentage than the percentage
issued by OMB for Circular A–76, the
Department of Homeland Security may
adjust the fees to reflect the enacted
level.
(c) If the FBI amends its fee to process
fingerprint identification records under
Public Law 101–515, TSA or its agent
will collect the amended fee.
(d) When an individual submits the
enrollment information, as required
under 1544.603, to obtain or renew a
security threat assessment, the fee must
be remitted to TSA or its approved agent
in a form and manner approved by TSA.
(e) TSA will not issue any refunds of
fees required under this section.
(f) Information about payment options
is available though the designated TSA
headquarters point of contact.
PO 00000
Frm 00067
Fmt 4701
Sfmt 4702
64855
Individual personal checks are not
acceptable.
§ 1544.619
Notice to employers.
(a) If the individual is a large aircraft
flight crew member, an individual
authorized to perform screening
functions, or a watch-list service
provider covered personnel, TSA will
notify the individual’s employer that it
has served a Determination of No
Security Threat, a Final Determination
of Threat Assessment, or a Withdrawal
of Final Determination of Threat
Assessment, as applicable, to the
individual.
(b) Each employer must retain a copy
of the notification described in
paragraph (a) of this section for five
years.
PART 1550—AIRCRAFT SECURITY
UNDER GENERAL OPERATING AND
FLIGHT RULES
35. The authority citation for part
1550 continues to read as follows:
Authority: 49 U.S.C. 114, 5103, 40113,
44901–44907, 44913–44914, 44916–44918,
44935–44936, 44942, 46105.
36. Amend § 1550.5 by revising
paragraph (a), and removing and
reserving paragraph (d) to read as
follows:
§ 1550.5
Operations using a sterile area.
(a) Applicability of this section. This
section applies to all aircraft operations
in which passengers, crewmembers, or
other individuals are enplaned from or
deplaned into a sterile area, except for
aircraft operators that have a security
program accepted or approved under
part 1544 or 1546 of this chapter.
*
*
*
*
*
(d) [Reserved]
*
*
*
*
*
37. Amend § 1550.7 by revising
paragraph (a) to read as follows:
§ 1550.7 Operations in aircraft over 12,500
pounds.
(a) Applicability of this section. This
section applies to each aircraft operation
conducted in an aircraft with a
maximum certificated takeoff weight of
over 12,500 pounds except for those
operations specified in § 1550.5 and
those operations conducted under a
security program under part 1544 or
1546 of this chapter.
*
*
*
*
*
Issued in Arlington, Virginia, on October 2,
2008.
Kip Hawley,
Assistant Secretary.
[FR Doc. E8–23685 Filed 10–29–08; 8:45 am]
BILLING CODE 4910–52–P
E:\FR\FM\30OCP2.SGM
30OCP2
]]>Agencies
[Federal Register Volume 73, Number 211 (Thursday, October 30, 2008)]
[Proposed Rules]
[Pages 64790-64855]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: E8-23685]
[[Page 64789]]
-----------------------------------------------------------------------
Part III
Department of Homeland Security
-----------------------------------------------------------------------
Transportation Security Administration
-----------------------------------------------------------------------
49 CFR Parts 1515, 1520, et al.
Large Aircraft Security Program, Other Aircraft Operator Security
Program, and Airport Operator Security Program; Proposed Rule
��Federal Register / Vol. 73, No. 211 / Thursday, October 30, 2008 /
Proposed Rules��
[[Page 64790]]
-----------------------------------------------------------------------
DEPARTMENT OF HOMELAND SECURITY
Transportation Security Administration
49 CFR Parts 1515, 1520, 1522, 1540, 1542, 1544, and 1550
[Docket No. TSA-2008-0021]
RIN 1652-AA53
Large Aircraft Security Program, Other Aircraft Operator Security
Program, and Airport Operator Security Program
AGENCY: Transportation Security Administration, DHS.
ACTION: Notice of proposed rulemaking.
-----------------------------------------------------------------------
SUMMARY: The Transportation Security Administration (TSA) proposes to
amend current aviation transportation security regulations to enhance
the security of general aviation by expanding the scope of current
requirements and by adding new requirements for certain large aircraft
operators and airports serving those aircraft. TSA is proposing to
require that all aircraft operations, including corporate and private
operations, with aircraft with a maximum certificated takeoff weight
(MTOW) above 12,500 pounds (``large aircraft'') adopt a large aircraft
security program (LASP). This security program would be based on the
current security program that applies to operators providing scheduled
or charter services.
TSA also proposes to require large aircraft operators to contract
with TSA-approved auditors to conduct audits of the operators'
compliance with their security programs and with TSA-approved watch-
list service providers to verify that their passengers are not on the
No Fly and/or Selectee portions of the consolidated terrorist watch-
list maintained by the Federal Government. This proposed rule describes
the process and criteria under which auditors and companies that
perform watch-list matching would obtain TSA approval.
TSA also proposes further security measures for large aircraft
operators in all-cargo operations and for operators of passenger
aircraft with a MTOW of over 45,500 kilograms (100,309.3 pounds),
operated for compensation or hire. TSA also proposes to require that
certain airports that serve large aircraft adopt security programs and
amend the security program for full program and full all-cargo
operators.
DATES: Submit comments by December 29, 2008.
ADDRESSES: You may submit comments, identified by the TSA docket number
to this rulemaking, to the Federal Docket Management System (FDMS), a
government-wide, electronic docket management system, using any one of
the following methods:
Electronically: You may submit comments through the Federal
eRulemaking portal at https://www.regulations.gov. Follow the online
instructions for submitting comments.
Mail, In Person, or Fax: Address, hand-deliver, or fax your written
comments to the Docket Management Facility, U.S. Department of
Transportation, 1200 New Jersey Avenue, SE., West Building Ground
Floor, Room W12-140, Washington, DC 20590-0001; Fax 202-493-2251. The
Department of Transportation (DOT), which maintains and processes TSA's
official regulatory dockets, will scan the submission and post it to
FDMS.
See SUPPLEMENTARY INFORMATION for format and other information
about comment submissions.
FOR FURTHER INFORMATION CONTACT: For program questions: Erik Jensen,
Branch Chief--Policy, Plans & Stakeholder Affairs, Office of General
Aviation, TSNM, TSA-28, Transportation Security Administration, 601
South 12th Street, Arlington, VA 22202-4220; telephone (571) 227-2401;
facsimile (571) 227-2920; e-mail LASP@dhs.gov.
For questions regarding Sensitive Security Information (SSI):
Andrew Colsky, Director, SSI Office, Office of the Special Counselor
(OSC), TSA-31, Transportation Security Administration, 601 South 12th
Street, Arlington, VA 22202-4220; telephone (571) 227-3513; facsimile
(571) 227-2945; e-mail SSI@dhs.gov.
SUPPLEMENTARY INFORMATION:
Comments Invited
TSA invites interested persons to participate in this rulemaking by
submitting written comments, data, or views. We also invite comments
relating to the economic, environmental, energy, or federalism impacts
that might result from this rulemaking action. See ADDRESSES above for
information on where to submit comments.
With each comment, please identify the docket number at the
beginning of your comments. TSA encourages commenters to provide their
names and addresses. The most helpful comments reference a specific
portion of the rulemaking, explain the reason for any recommended
change, and include supporting data. You may submit comments and
material electronically, in person, by mail, or fax as provided under
ADDRESSES, but please submit your comments and material by only one
means. If you submit comments by mail or delivery, submit them in an
unbound format, no larger than 8.5 by 11 inches, suitable for copying
and electronic filing.
If you want TSA to acknowledge receipt of comments submitted by
mail, include with your comments a self-addressed, stamped postcard on
which the docket number appears. We will stamp the date on the postcard
and mail it to you.
TSA will file in the public docket all comments received by TSA,
except for comments containing confidential information and Sensitive
Security Information (SSI).\1\ TSA will consider all comments received
on or before the closing date for comments and will consider comments
filed late to the extent practicable. The docket is available for
public inspection before and after the comment closing date.
---------------------------------------------------------------------------
\1\ ``Sensitive Security Information'' or ``SSI'' is information
obtained or developed in the conduct of security activities, the
disclosure of which would constitute an unwarranted invasion of
privacy, reveal trade secrets or privileged or confidential
information, or be detrimental to the security of transportation.
The protection of SSI is governed by 49 CFR part 1520.
---------------------------------------------------------------------------
Handling of Confidential or Proprietary Information and Sensitive
Security Information (SSI) Submitted in Public Comments
Do not submit comments that include trade secrets, confidential
commercial, or financial information, or SSI to the public regulatory
docket. Please submit such comments separately from other comments on
the rulemaking. Comments containing this type of information should be
appropriately marked as containing such information and submitted by
mail to the address listed in FOR FURTHER INFORMATION CONTACT section.
Upon receipt of such comments, TSA will not place the comments in
the public docket and will handle them in accordance with applicable
safeguards and restrictions on access. TSA will hold them in a separate
file to which the public does not have access, and place a note in the
public docket that TSA has received such materials from the commenter.
If TSA receives a request to examine or copy this information, TSA will
treat it as any other request under the Freedom of Information Act
(FOIA) (5 U.S.C. 552) and the Department of Homeland Security's (DHS)
FOIA regulation found in 6 CFR part 5.
Reviewing Comments in the Docket
Please be aware that anyone is able to search the electronic form
of all comments received into any of our
[[Page 64791]]
dockets by the name of the individual submitting the comment (or
signing the comment, if submitted on behalf of an association,
business, labor union, etc.). You may review the applicable Privacy Act
Statement published in the Federal Register on April 11, 2000 (65 FR
19477), or you may visit https://docketinfo.gov.
You may review TSA's electronic public docket on the Internet at
https://www.regulations.gov. In addition, DOT's Docket Management
Facility provides a physical facility, staff, equipment, and assistance
to the public. To obtain assistance or to review comments in TSA's
public docket, you may visit this facility between 9 a.m. 5 p.m.,
Monday through Friday, excluding legal holidays, or call (202) 366-
9826. This docket operations facility is located in the West Building
Ground Floor, Room W12-140 at 1200 New Jersey Avenue, SE., Washington,
DC 20590.
Availability of Rulemaking Document
You can get an electronic copy using the Internet by--
(1) Searching the electronic Federal Docket Management System
(FDMS) Web page at https://www.regulations.gov;
(2) Accessing the Government Printing Office's web page at https://
www.gpoaccess.gov/fr/; or
(3) Visiting TSA's Security Regulations web page at https://
www.tsa.gov and accessing the link for ``Research Center'' at the top
of the page.
In addition, copies are available by writing or calling the
individual in the FOR FURTHER INFORMATION CONTACT section. Make sure to
identify the docket number of this rulemaking.
Abbreviations and Terms Used in This Document
AICPA--American Institute of Certified Public Accountants
ALJ--Administrative Law Judge
AOSC--Aircraft Operator Security Coordinator
AOSSP--Aircraft Operator Standard Security Program
ATSA--Aviation and Transportation Security Act
CFR--Code of Federal Regulations
CHRC--Criminal History Records Check
CJIS--Criminal Justice Information Services
CBP--U.S. Customs and Border Protection
DHS--U.S. Department of Homeland Security
FAMs--Federal Air Marshals
FAA--Federal Aviation Administration
FACAOSSP--Full All-Cargo Aircraft Operator Standard Security Program
FBI--Federal Bureau of Investigation
FISMA--Federal Information Security Management Act
GA--General Aviation
HME--Hazardous Materials Endorsement
IPA--Independent Public Accounting firm
IT--Information Technology
LASP--Large Aircraft Security Program
LEO--Law Enforcement Officer
MTOW--Maximum Certificated Take-Off Weight
NIST--National Institute of Standards and Technology
PPSSP--Partial Program Standard Security Program
PCSSP--Private Charter Standard Security Program
SSI--Sensitive Security Information
STA--Security Threat Assessment
TSC--Terrorist Screening Center
TSA--Transportation Security Administration
TWIC--Transportation Worker Identification Credential
TFSSP--Twelve-Five Standard Security Program
Outline of the Notice of Proposed Rulemaking
I. Introduction
A. Current Standard Security Programs
B. Current Security Programs for Large Aircraft
C. Implementation and Compliance Schedule
II. Major Proposed Elements in This NPRM
A. Major Requirements in the Proposed Large Aircraft Security
Program
B. Proposed Requirements for Certain Airports
C. Passenger Checking Against the Watch-list
D. Third-Party Audits for Large Aircraft Operators
E. Proposed Amendments to the Full Program and the Full All-
Cargo Program
III. Section-by-Section Analysis
IV. Regulatory Requirements
A. Paperwork Reduction Act
B. Regulatory Impact Analyses
1. Regulatory Evaluation Summary
2. Executive Order 12866 Assessment
3. Regulatory Flexibility Act Assessment
4. International Trade Impact Assessment
5. Unfunded Mandates Assessment
C. Executive Order 13132, Federalism
D. Environmental Analysis
E. Energy Impact Analysis
List of Subjects
The Proposed Amendments
I. Introduction
The aviation industry is composed of thousands of operators that
conduct different types of operations in numerous different types of
aircraft. Many aircraft operators are air carriers or commercial
operators that offer transportation to the public for compensation or
hire. Others are general aviation (GA) operators that do not offer
transportation to the public. These operators often are corporate or
private owners of aircraft that operate their aircraft for their own
use or provide transportation for compensation or hire only to certain
customers without offering transportation to the public in general.\2\
---------------------------------------------------------------------------
\2\ There is no statutory or regulatory definition of ``general
aviation.'' For the purposes of this NPRM, we use the term to refer
to aircraft operations that are not air carriers or commercial,
governmental or military operators.
---------------------------------------------------------------------------
To date, the Federal Government's primary focus with regard to
aviation security has been on air carriers and commercial operators
that offer transportation for compensation or hire to the public. TSA
requires these carriers and operators to develop and operate under a
particular security program depending on the precise nature of their
operations. A security program is a set of security procedures that
will meet the requirements of applicable TSA regulations. For example,
a security program would include specific measures to screen cargo, to
transport Federal Air Marshals, to use personnel identification
systems, and to provide training to employees, if the operator were
subject to those requirements in TSA's regulation.
With few exceptions, TSA does not currently require security
programs for GA aircraft operators. As vulnerabilities and risks
associated with air carriers and commercial operators have been reduced
or mitigated, terrorists may view general aviation aircraft as more
vulnerable and thus attractive targets. If hijacked and used as a
missile, these aircraft would be capable of inflicting significant
damage.
The Federal Aviation Administration's (FAA) long-standing
definition of ``large aircraft'' is an aircraft with a maximum
certificated takeoff weight (MTOW) of over 12,500 pounds. See 14 CFR
1.1. Based on the aviation industry's familiarity with this definition
and TSA's belief that aircraft of this size pose a potential risk, TSA
is proposing to require security programs for all operators of
aircraft--GA or otherwise--that have a MTOW of over 12,500 pounds,
excluding certain governmental operations (collectively, ``large
aircraft operators'').\3\
---------------------------------------------------------------------------
\3\ In general, aircraft that weigh over 12,500 pounds MTOW are
those aircraft equipped with twin turboprop or turbojet engines.
Typically corporate and charter aircraft have a seating
configuration for 6-8 passengers, while similar aircraft used in
scheduled passenger service would likely have 18 or more seats.
---------------------------------------------------------------------------
Currently, TSA requires many large aircraft operators that are air
carriers or commercial operators to implement security programs such as
the Twelve-Five Security Program or the Private Charter Security
Program.\4\ TSA is
[[Page 64792]]
proposing to expand this requirement to include previously unregulated
large aircraft operators--namely, GA with a MTOW of over 12,500 pounds.
Doing so will expand the large aircraft operator population required to
have a TSA-approved security program to approximately 10,000 operators
from the approximately 650 operators today. In addition, TSA is
proposing to establish a single large aircraft security program (LASP)
to replace the various security programs used by currently regulated
large aircraft operators, such as air carriers and commercial
operators. It is TSA's view that the proposed rule would enhance
security significantly.
---------------------------------------------------------------------------
\4\ Although aircraft operators that are subject to the full
program under 49 CFR 1544.101(a), or the full all-cargo program
under Sec. 1544.101(h), operate large aircraft, TSA does not
include them in references to operators of large aircraft and large
aircraft operators for purposes of this NPRM. Full program operators
are generally known as the commercial airlines.
---------------------------------------------------------------------------
TSA recognizes that this would greatly increase the number and type
of operators subject to a TSA-approved security program. TSA invites
comments on the weight threshold of aircraft covered by this proposed
rule. For instance, parties may choose to comment on whether the
security goals discussed herein would be met if security programs were
required for GA aircraft only over some greater weight threshold. For
example, we explain below that aircraft over 45,500 kg (100,309.3
pounds) MTOW are currently covered by the ``private charter'' security
program, which includes security measures in addition to those outlined
in the ``twelve-five'' security program. Since incidents involving
heavier aircraft have the potential to lead to greater damages and loss
of life under one of the scenarios studied in our regulatory impact
analysis, we specifically solicit comment on whether this would be a
logical alternative weight threshold to consider for the increased
security requirements for general aviation. Although TSA has concluded
in this NPRM that the security benefits of the lower weight threshold
of 12,500 lbs are justified by the risk and therefore justify the
additional cost of the lower threshold, we welcome commenters' views on
that topic, as well as on the cost-benefit impact of alternate weight
thresholds.
Below is a list of the major requirements GA aircraft operators
would be required to adopt under the LASP; a more detailed discussion
of the LASP and the individual requirements is in sections II and III
of this preamble:
Ensure that their flight crew members have undergone a
fingerprint-based criminal history records check (CHRC).
Conduct watch-list matching of their passengers through
TSA-approved watch-list matching service providers.
Undergo a biennial audit of their compliance by a TSA-
approved third party auditor.
Comply with the current cargo requirements for the twelve-
five all-cargo program if conducting an all-cargo operation.
For aircraft with a MTOW of over 45,500 kilograms operated
for compensation or hire, screen passengers and their accessible
property.
Check property on board for unauthorized persons.
In addition, TSA is proposing amendments to its regulations
regarding airport security programs.\5\ TSA is proposing to require
additional airports to adopt security programs, because these airports
serve aircraft operators that either currently must carry out a
security program or would be required to have a security program under
the proposed rule. TSA proposes to require the following airports to
adopt a security program:
---------------------------------------------------------------------------
\5\ The regulations are in 49 CFR 1542.101.
---------------------------------------------------------------------------
Reliever airports, which perform the function of relieving
congestion at commercial service airports and provide more GA access to
the overall community.
Airports that regularly serve large aircraft with
scheduled or public charter service.
A. Current Aircraft Operator Security Programs
TSA requires security programs for air carriers and commercial
operators that require security measures for individuals, property, and
cargo aboard aircraft. Currently TSA requires security programs for
full program, full all-cargo, partial, private charter, and twelve-five
program operators. For full program operators,\6\ the standard security
program \7\ is called an aircraft operator standard security program
(AOSSP). For the full all-cargo program operators \8\ operating all-
cargo aircraft over 45,500 kg MTOW, the standard security program is
the full all-cargo aircraft operator standard security program
(FACAOSSP). The partial program \9\ applies to scheduled passenger or
public charter operations in an aircraft with 31 or more, but 60 or
fewer passenger seats that does not enplane from or deplane into a
sterile area. The standard security program for private charters is the
private charter standard security program.\10\ For other scheduled or
charter flights, or all-cargo operations, in an aircraft with a MTOW of
over 12,500 pounds, the standard security program is the twelve-five
standard security program.\11\
---------------------------------------------------------------------------
\6\ 49 CFR 1544.101(a).
\7\ A standard security program is a security program issued by
TSA that serves as the baseline for a particular type of operator.
An aircraft operator's security program consists of the appropriate
standard security program, together with any amendments and
alternative procedures to the security program, if approved by TSA.
\8\ 49 CFR 1544.101(h).
\9\ 49 CFR 1544.101(b).
\10\ 49 CFR 1544.101(f).
\11\ 49 CFR 1544.101(d).
---------------------------------------------------------------------------
The full program, the full all-cargo program, the partial program,
the private charter program, and the twelve-five program aircraft
operators all are covered under TSA regulations in 49 CFR part 1544.
They all must hold FAA air carrier operating certificates or FAA
operating certificates in accordance with the Federal Aviation
Administration (FAA) regulations in 14 CFR part 119.\12\ They all
engage in interstate common carriage or intrastate common carriage.\13\
TSA has also required certain operators not engaged in common carriage
to hold and carry out security programs. Operators of aircraft with a
MTOW of over 12,500 pounds must conduct operations in accordance with
the FAA rules in 14 CFR part 125 (part 125 operators).\14\ By notice
published in the Federal Register, TSA required these operators to
carry out the twelve-five standard security program for operations in
aircraft over 12,500 pounds but not over 45,500 kg, and to carry out
the private charter standard security program for operations in
aircraft over 45,500 kg.\15\ These part 125 operators conduct
operations when common carriage is not involved. They may conduct
operations for compensation or hire, however, and they may also conduct
operations not for compensation or hire.\16\
---------------------------------------------------------------------------
\12\ 49 CFR 1544.1.
\13\ 49 U.S.C. 40102 and 14 CFR 119.21.
\14\ 14 CFR 119.23.
\15\ 69 FR 61516 (Oct. 19, 2004).
\16\ 14 CFR 119.3 and 119.23. After TSA adopted the full all-
cargo program, it required part 125 operators in all-cargo
operations using aircraft over 45,500 kg to have and carry out a
full all-cargo program. See 71 FR 30478 (May 26, 2006).
---------------------------------------------------------------------------
Finally, all civil aircraft must operate under FAA regulations 14
CFR part 91, Air Traffic and General Operating Rules. These operators,
when not also subject to another FAA regulation, such as part 119 or
part 125, are often referred to in the industry as part 91 operators.
TSA generally has not required such operators to carry out security
measures.
The main objectives of the proposed rule are: (1) To merge the
partial, private charter and twelve-five programs into a large aircraft
security program and to
[[Page 64793]]
expand its scope to include general aviation operators using aircraft
with a MTOW of over 12,500 pounds; and (2) to enhance the security of
these operations.
B. Current Security Programs for Large Aircraft
Large aircraft are operated by a diverse group of air carriers,
commercial operators, and GA operators. As stated above, to date, TSA
has mandated security programs for the air carrier and commercial
operator segments of the aviation industry including scheduled
passenger operations, private charters, public charters, and all-cargo
operations in large aircraft through the twelve-five program, the
partial program, and the private charter program. With limited
exceptions, TSA has not required security programs for large aircraft
in general aviation.
Large GA aircraft are most often operated by corporate entities,
though some large GA aircraft are operated by individuals. Corporate
aviation, with a population of approximately 10,000 operators flying
15,000 aircraft, is largely unregulated for security purposes. Yet many
of these aircraft are of the same size and weight of the air carriers
and commercial operators that TSA regulates, and they could be used
effectively to commit a terrorist act. Complicating the situation is
the fact that many GA operators have the authorization to function
under several different FAA regulations and operating certificates,
which may require different TSA security programs or no TSA security
program at all.
TSA considered developing a new regulatory program to be used
solely on GA aircraft and their potential security risks. This decision
would have created yet another security program applicable to large
aircraft operators. Instead of five separate security programs that
would apply to large aircraft operators depending on the type of
service they provide, TSA is proposing one security program that would
apply to all large aircraft operators (except certain government
operations) and would replace the current security programs for partial
program operators, twelve-five program operators, and private charter
operators. The LASP would establish a consistent set of regulations for
air carriers and commercial operators, as well as GA operators using
large aircraft. Indeed, LASP would provide large aircraft operators not
covered under the full program, or the full all-cargo security program,
with one set of regulations that would form the core of their security
programs distinct to their operational and security needs.
Table 1 below identifies the different types of large aircraft
operators that currently are required to have a security program and
the major security requirements for these operators. It also identifies
the types of operators that would be subject to the new proposed LASP.
Table 1--Standard Security Programs Applicable to Aircraft Operators
--------------------------------------------------------------------------------------------------------------------------------------------------------
Would be using this
An aircraft operator that operates Must have this Currently using this standard security
this type of service, other than In this size aircraft And program standard security program under the
all-cargo program NPRM
--------------------------------------------------------------------------------------------------------------------------------------------------------
Scheduled passenger or public 61 or more passenger ...................... Full Program Sec. AOSSP................ No change.
charter passenger *. seats. 1544.101(a)(1).
Scheduled passenger or public 60 or fewer passenger It enplanes from, or Full Program Sec. AOSSP................ No change.
charter passenger *. seats. deplanes into, an 1544.101(a)(2).
existing sterile area.
Scheduled passenger or public 31 or more but 60 or It does not enplane Partial Program Sec. Partial Program Proposed LASSP ****
charter passenger *. fewer passenger seats. from, or deplane 1544.101(b)(1). Standard Security with component for
into, an existing Program (PPSSP). aircraft greater
sterile area. than 45,500 kg (if
applicable).
Scheduled, public charter, or More than 12,500 It does not enplane Twelve-Five Program Twelve-Five Standard Proposed LASSP.
private charter; passenger *. pounds MTOW. from, or deplane Sec. 1544.101(d). Security Program
into, an existing (TFSSP).
sterile area, and it
is not under a Full
Program or a Partial
Program.
Private charter *.................. Any size.............. It enplanes from, or Private Charter Private Charter Proposed LASSP with
deplanes into, an Program Sec. Standard Security component for
existing sterile area. 1544.101(f)(1)(i). Program (PCSSP). aircraft greater
than 45,500 kg (if
applicable) and
alternative
procedures for
enplaning from or
deplaning into an
existing sterile
area.
Private charter *.................. More than 45,500 kg, It does not enplane Private Charter PCSSP................ Proposed LASSP with
OR 61 or more from, or deplane Program Sec. component for
passenger seats. into, an existing 1544.101(f)(1)(ii). aircraft greater
sterile area, and it than 45,500 kg.
is not a government
charter.
Under an FAA certificate issued More than 45,500 kg It is carrying Sec. 1550.7; (69 FR PCSSP................ Proposed LASSP with
under 14 CFR part 125 **. MTOW. passengers or 61516, 10/19/2004). component for
property for aircraft greater
compensation or hire than 45,500 kg or 61
and is not under or more seats.
another TSA security
program.
[[Page 64794]]
Under an FAA certificate issued 61 or more passenger It is carrying Sec. 1550.7; (69 FR PCSSP................ Proposed LASSP with
under 14 CFR part 125 **. seats. passengers or 61516, 10/19/2004). component for
property for aircraft greater
compensation or hire than 45,500 kg or 61
and is not under or more seats.
another TSA security
program.
Under an FAA certificate issued More than 45,500 kg It is not carrying Sec. 1550.7; (69 FR PCSSP................ Proposed LASSP.
under 14 CFR part 125 **. MTOW. passengers or 61516, 10/19/2004).
property for
compensation or hire
and not under another
TSA security program.
Under an FAA certificate issued 61 or more passenger It is not carrying Sec. 1550.7; (69 FR PCSSP................ Proposed LASSP.
under 14 CFR part 125 **. seats. passengers or 61516, 10/19/2004).
property for
compensation or hire
and not under another
TSA security program.
Under an FAA certificate issued More than 12,500 It is not under Sec. 1550.7........ TFSSP................ Proposed LASSP.
under 14 CFR part 125 **. pounds MTOW. another TSA security
program.
Operating under 14 CFR part 91 only More than 12,500 It enplanes from, or General Aviation No standard program.. Proposed LASSP with
**. pounds. deplanes into, an Operations using a alternative
existing sterile area. sterile area Sec. procedures for
1550.5. enplaning from or
deplaning into an
existing sterile
area.
Operating under 14 CFR part 91 only 12,500 pounds or less. It enplanes from, or General Aviation No standard program.. No change.
**. deplanes into, an Operations using a
existing sterile area. sterile area Sec.
1550.5.
Operating under 14 CFR part 91 only More than 12,500 It is not under Not required to have Not required to have Proposed LASSP.
**. pounds. another TSA security a security program. a security program.
program, and does not
enplane from or
deplane to an
existing sterile area.
Operating under 14 CFR part 91 only 12,500 pounds or less. It is not under Not required to have Not required to have No change.
**. another TSA security a security program. a security program.
program, and does not
enplane from or
deplane to an
existing sterile area.
Passenger operations into and out Any size.............. It is not under a Full DCA Access Program DCA Access Standard No change.
of Ronald Reagan Washington Program. part 1562. Security Program
National Airport (DCA) ***. (DASSP).
Other operations **................ Any size.............. Is not under any other Limited program Sec. No standard program.. No change.
required program but 1544.101(g).
aircraft operator
requests a security
program.
--------------------------------------------------------------------------------------------------------------------------------------------------------
* These aircraft operators are considered air carriers or commercial operators.
** These aircraft operators are considered general aviation.
*** May be air carriers, commercial operators, or general aviation operators.
**** After issuing the LASP final rule, TSA would develop and issue a standard security program to implement the LASP called the Large Aircraft Standard
Security Program (LASSP).
Cites in this column are to 49 CFR.
--------------------------------------------------------------------------------------------------------------------------------------------------------
Would be using this
An all-cargo aircraft operator that Must have this Currently using this standard security
operates this type of service: In this size aircraft And program standard security program under the
program NPRM
--------------------------------------------------------------------------------------------------------------------------------------------------------
All-cargo.......................... Greater than 45,500 Operating under a FAA Full All-Cargo Full All-Cargo No change.
kg, OR 61 or more certificate issued Program. Aircraft Operator
passenger seats. under 14 CFR part 119 Sec. 1544.101(h)... Standard Security
or 125. Program (FACAOSSP).
All-cargo......................... Over 12,500 lbs but ...................... Twelve-Five Program TFSSP in all-cargo LASSP with all-cargo
not over 45,500 kg. in all-cargo operations. component.
operations.
Sec. 1544.101(d)...
[[Page 64795]]
All-cargo under an FAA certificate More than 45,500 kg.. ...................... FACAOSSP............ FACAOSSP +.......... No change.
issued under 14 CFR part 125.
--------------------------------------------------------------------------------------------------------------------------------------------------------
Cites in this column are to 49 CFR.
All-cargo operations carry cargo and authorized persons, but no passengers.
In developing the proposed rule, TSA analyzed the existing security
programs to determine which security measures have been effective and
would be appropriate for inclusion in the proposed LASP. The LASP would
combine the essential elements of some of the current security programs
into one consolidated and comprehensive program.
In this rulemaking, TSA is also proposing to reorganize certain
existing regulations in 49 CFR part 1544. Specifically, TSA has
clarified the meaning of the rule, simplified the text, and harmonized
regulations between the different industry populations. This
reorganization may affect the currently regulated population in
addition to the proposed newly regulated population. TSA is also
proposing to reorganize certain sections in 49 CFR part 1544 to account
for the proposed addition of the LASP. The reorganization would not
make any substantive changes to the regulations.
C. Implementation and Compliance Schedule
Based on industry data, TSA anticipates that this proposed rule
would require approximately 10,000 aircraft operators and 315 airport
operators, most of whom are not currently required to do so, to
implement security programs. Due to the large number of aircraft
operators and airport operators that would be required to implement
security programs, TSA proposes using a phased approach in the
implementation of the proposed rule. The proposed compliance schedule
would allow for proper and adequate support and staffing within TSA and
also would allow sufficient time for compliance on the part of the
newly regulated aircraft operators and airport operators. Following
issuance of a final rule, TSA would implement a communication plan
commencing with a wide distribution of press releases, web-site
postings, and industry association briefings and meetings. These
briefings and meetings would communicate, educate, and confirm which
operators would be affected by the final rule, what actions the
aircraft operators and airport operators would be required to take to
comply with the rule, and the time period within which the aircraft
operator and airport operators would be required to submit their
applications and other supporting documents. At that time, TSA would
provide the process, procedures, and necessary forms to the aircraft
operators and airport operators to enable the operators to apply for
the large aircraft program, or the airport partial program, via a
secure web-board.
TSA's implementation schedule would divide the country into five
areas, taking into account which areas of the country contain the
largest affected populations of aircraft operators and airport
operators. TSA anticipates six phases of compliance, targeting
approximately 20 percent of the large aircraft operator and airport
operators population that currently do not hold security programs in
each of the first five phases. The sixth and final phase would include
aircraft operators that currently hold a security program.\17\ The
following timeline for compliance would start upon the effective date
of the final rule, which would be 60 days after publication of the
final rule in the Federal Register:
---------------------------------------------------------------------------
\17\ There are no airport operators that currently hold a
partial program.
Phase 1, Mid-Atlantic region--months 1-4 after the effective date of
the final rule.
Phase 2, North-East region--months 5-8 after the effective date of the
final rule.
Phase 3, Southern region--months 9-12 after the effective date of the
final rule.
Phase 4, Mid-West region--months 13-16 after the effective date of the
final rule.
Phase 5, Western region--months 17-20 after the effective date of the
final rule.
Phase 6, Existing security program holders--months 21-24 after the
effective date of the final rule.
The phase in which a large aircraft operator would fall would be
determined by where the aircraft is based. For large aircraft operators
that have multiple bases for their aircraft, the phase would be
determined by the location of the large aircraft operator's
headquarters. We seek comment on this phased approach and on
determining which phase would be applicable to each large aircraft
operator based on the location of the aircraft or headquarters.
II. Major Elements in This NPRM
A. Major Requirements in the Proposed Large Aircraft Security Program
To provide greater consistency across all large aircraft
operations, the proposed regulation would create the Large Aircraft
Standard Security Program (LASSP) to replace the current security
programs for partial program operators, twelve-five program operators,
and private charter program operators. The major requirements in this
proposed rule are based on the requirements in the Twelve-Five and the
Private Charter Security Programs.
The proposed LASP provides a core security program for all large
aircraft, irrespective of the FAA regulations under which they operate,
whether they are air carriers, commercial operators, or GA. Beyond the
core requirements for large aircraft with a MTOW of over 12,500 pounds,
the proposed LASP would include a component for large aircraft with a
MTOW of over 45,500 kilograms operated for compensation or hire. The
following is a summary of the major security measures in the proposed
LASP.
1. Proposed Core Requirements of the Large Aircraft Security Program in
Sec. 1544.103(e)
In TSA's experience, the current Twelve-Five Security Program has
proven to be effective in safeguarding the operations of scheduled and
charter operations in aircraft with MTOW of over 12,500 pounds without
unduly burdening the aircraft operators. Accordingly, TSA would base
the core requirements of the LASP on the Twelve-Five Security Program.
The LASP, however, would include additional requirements that would
[[Page 64796]]
strengthen the existing security measures. Below is a discussion of the
major requirements of the LASP.
Security Threat Assessment With Criminal History Records Check for
Flight Crew Members
Under the current security programs that apply to large aircraft
operators, TSA requires aircraft operators to ensure that their flight
crew members have undergone a fingerprint-based criminal history
records check (CHRC). TSA views this as an important security measure
that should apply to flight crew members of all large aircraft. Pilots
are in control of the aircraft and other flight crew members are in the
cockpit and could obtain control of the aircraft. Consequently, TSA
proposes to require that large aircraft operators ensure that all of
their flight crew members undergo a security threat assessment (STA)
that includes a CHRC and other analyses, including checks of
appropriate terrorist watch-lists and other databases. The list of
disqualifying crimes of the CHRC would be the same as for the full and
full all-cargo operations. 49 CFR 1544.229 and 1544.230.
After TSA adopted the Twelve-Five Security Program requirements, it
became clear that most operators of that size were not well-prepared to
conduct adjudication of the CHRCs. Accordingly, while the twelve-five
operators have been ensuring that their flight crew members submit
their fingerprints, TSA has been adjudicating the criminal histories;
that is, TSA reviews the history to determine whether the flight crew
member has a disqualifying criminal offense. TSA is proposing to codify
that practice and to charge a fee for the services. See the section-by-
section analysis for proposed part 1544, subpart G.
TSA recognizes that a flight crew member may be contracted to work
for more than one large aircraft operator. We seek comment on whether
the STA should be transferable so that the flight crew member would
need to undergo only one STA every five years, regardless of the number
of employers the flight crew members may have within the five-year
period. Potential employers would check the status of the flight crew
member's STA through a mechanism required by TSA.
TSA also is considering ways to positively identify pilots
conducting both domestic and international flight operations and
effectively link them to the aircraft they are operating. We seek
comment and recommended methods for positively identifying pilots and
effectively linking them to the aircraft they are operating.
Watch-List Matching of Passengers
The Federal Government maintains a terrorist watch-list. The watch-
list, which includes the No Fly List and the Selectee List components
of the Terrorist Screening Database maintained by the Terrorist
Screening Center (TSC), is the basis for the pre-flight passenger
watch-list matching currently conducted by certain aircraft operators.
Watch-list matching of passengers on large aircraft is an important
security measure, because it can prevent individuals who are believed
to pose a risk from boarding a large aircraft and, potentially, gaining
control of the aircraft, to use it as a weapon. TSA studies have shown
that significant loss of lives and other damage could result from such
an incident. Matching passenger information against the No Fly List
component of the terrorist watch-list would identify individuals who,
if permitted to board aircraft, may pose a threat to the aircraft and/
or persons on board. Matching passenger information against the
Selectee List component of the terrorist watch-list also would identify
individuals who may be potential threats and would allow TSA and/or the
aircraft operators to take appropriate action, if necessary.
Under the current watch-list matching process, TSA provides the No
Fly and Selectee List to twelve-five, partial program, and private
charter aircraft operators to enable them to conduct the watch-list
matching. When an aircraft operator receives passenger information that
is similar to, or the same as, a name on the No Fly or Selectee List,
the aircraft operator is required to notify law enforcement personnel
and TSA in order to determine whether that passenger is in fact the
individual listed on the No Fly or Selectee List. The aircraft operator
may not board a passenger until TSA has instructed the aircraft
operator that the passenger is clear to board the aircraft.
a. Removing watch-list from aircraft operators. Per Homeland
Security Presidential Directive-16/National Security Presidential
Directive-47, section 4012(a) of the Intelligence Reform and Terrorism
Prevention Act,\18\ and in support of 9/11 commission recommendations,
the U.S. government is in the process of assuming control over watch-
list matching in the aviation environment. TSA is concerned that
providing the watch-list to approximately 10,000 large aircraft
operators as part of the LASP program would increase the risk that the
watch-list would be disseminated to unauthorized persons and that the
watch-list would be misused and/or compromised. Since it is not
possible to bring the watch-list matching function into the federal
government in one step, TSA is considering ways to provide this list to
a more limited set of holders while TSA considers the most effective
method to assume the watch-list matching responsibility from all
aircraft operators required to conduct watch-list matching through the
Secure Flight program.
---------------------------------------------------------------------------
\18\ Public Law 108-458, 118 Stat. 3638, Dec. 17, 2004; 49
U.S.C. 44903 (j)(2).
---------------------------------------------------------------------------
TSA recognizes that the Secure Flight program has not yet achieved
the operational capability to conduct watch-list matching for general
aviation, nor is such capability anticipated by the time TSA would
require large general aviation and charter aircraft operators to
implement the LASP. Therefore, TSA is proposing a solution for watch-
list matching in this NPRM for the time period in which the Secure
Flight program does not have the capability to conduct watch-list
matching for large aircraft passengers. If TSA is able to develop the
capability for the Secure Flight program to conduct watch-list matching
for large aircraft passengers, TSA may amend the scope of the Secure
Flight program to include large aircraft operators in the final rule
for this NPRM.\19\
---------------------------------------------------------------------------
\19\ For example, proposed Sec. 1560.1(a) may be amended to
include large aircraft operators. See Secure Flight NPRM, 72 FR at
48387.
---------------------------------------------------------------------------
b. Watch-list Service Providers. Under the proposed rule, TSA would
not provide the No Fly List to large aircraft operators, which means
that TSA would no longer provide the watch-list to the approximately
800 aircraft operators now receiving it under the twelve-five program,
partial program and private charter operators and would not begin
providing it to the additional approximately 9,300 general aviation
operators that would be under the LASP. Instead, TSA would provide the
watch-list to watch-list service providers approved by TSA. Large
aircraft operators would transmit their passenger information to these
watch-list service providers, who would conduct the automated watch-
list matching function and transmit the results back to the large
aircraft operators.
TSA is proposing this approach for two reasons. First, this would
greatly reduce the number of entities receiving the watch-list, thus
reducing the risk that it would be disseminated to unauthorized persons
or misused. Second, having a small number of watch-list service
providers conduct watch-list matching in accordance with
[[Page 64797]]
TSA standards would result in greater consistency in the application of
the watch-list matching function. These watch-list service providers
will have been determined to have appropriate security, including
Information Technology (IT) security and performance capabilities, to
perform this important function in the interim. TSA invites comments on
the role that watch-list service providers may continue to have if the
responsibility for watch-list matching shifts to the U.S. Government in
the future. For example, would watch-list service providers offer their
services to consolidate passenger information from large aircraft
operators and to transmit the passenger information to Secure Flight?
While the watch-list service providers would perform the watch-list
matching function, large aircraft operators would have several
responsibilities under the proposed rule. Large aircraft operators
would be responsible for all costs associated with watch-list matching,
including any fee charged by the watch-list service providers.
c. Compliance with CBP programs. Large aircraft operators would not
be required to transmit passenger information to their watch-list
service providers for any flight for which the large aircraft operator
has submitted advance passenger information to U.S. Customs and Border
Protection (CBP) under 19 CFR part 122. For passengers on flights in
commercial aircraft, as defined in 19 CFR 122.1, the large aircraft
operator are required to submit advance passenger information under 19
CFR 122.49a and 122.75a and comply with the CBP boarding instruction
regarding each passenger.
TSA notes that CBP published a notice of proposed rulemaking,
``Advance Information on Private Aircraft Arriving in and Departing
from the United States,'' proposing to implement certain passenger
manifest and advance passenger screening requirements for private
aircraft departing foreign ports for U.S. destinations or departing the
United States for foreign ports. Under the CBP proposed rule, a private
aircraft, in contrast to a commercial aircraft,\20\ is generally any
aircraft engaged in a personal or business flight to or from the United
States that is not carrying passengers and/or cargo for commercial
purposes.\21\ See 19 CFR 122.1(h). CBP's Advance Passenger Information
System (APIS) requirements and proposed eAPIS requirements apply to
both U.S.-operated and foreign-operated aircraft.
---------------------------------------------------------------------------
\20\ 19 CFR 122.1(d) defines ``commercial aircraft'' as any
aircraft transporting passengers and/or cargo for some payment or
other consideration, including money or services rendered.
\21\ 19 CFR 122.1(h) also defines a private aircraft as any
aircraft leaving the United States carrying neither passengers nor
cargo in order to lade passengers and/or cargo in a foreign area for
commercial purposes; or returning to the United States carrying
neither passengers nor cargo in ballast after leaving with
passengers and/or cargo for commercial purposes.
---------------------------------------------------------------------------
To avoid process redundancies, DHS would require operators and
pilots of private large aircraft that would be subject to this TSA
proposed rule and CBP's eAPIS private aircraft regulations to submit
their passenger manifest to CBP only and not to watch-list service
providers. TSA would deem U.S. operators of private large aircraft to
be in compliance with the proposed rule's requirements to submit
passenger information for watch-list matching for international flights
if the pilot submits passenger information required under the proposed
eAPIS regulations. See proposed 19 CFR 122.22.
The TSA and CBP screening processes work in tandem for flights
departing foreign ports destined for the United States and flights
departing the United States for foreign destinations. If CBP grants the
pilot landing rights under 19 CFR 122.49a, 122.75a, or 122.22, TSA
would allow the large aircraft operator to permit all passengers, for
whom the aircraft operator submitted advance passenger information to
CBP, to board the aircraft. If CBP identifies a passenger as a selectee
under 19 CFR 122.49a, 122.75a, or 122.22, TSA would allow the large
aircraft operator to permit the passenger to board the aircraft, and
TSA would require the large aircraft operator to comply with the
procedures in its security program pertaining to passengers that are
identified as selectees, as discussed in further detail below. If CBP
identifies a passenger as ``not cleared'' under 19 CFR 122.49a,
122.75a, or 122.22, TSA would not allow the large aircraft operator to
permit the passenger to board the aircraft. CBP would instruct the
large aircraft operator to contact TSA regarding the passenger who has
been identified as ``not cleared'' for further resolution.
d. Passenger information. This proposed rule would require large
aircraft operators to request full name, gender, date of birth, and
redress number \22\ (if available) from all passengers. TSA has
determined that an individual's full name, gender, and date of birth
are critically important for effective automated watch-list matching of
that individual against those individuals on the watch-list.\23\ The
full name is the primary attribute used to conduct watch-list matching
and would be required for all passengers. Partial names would increase
the likelihood of false positive matches, because partial names are
more likely to match a number of different entries on the watch-list.
As a result, this proposed rule would require individuals to provide
their full names and would prohibit aircraft operators from boarding a
passenger who does not provide a full name. Date of birth and gender
would be optional for the passenger. This proposed requirement on
passengers to provide the full name is consistent with TSA's proposal
in the Secure Flight NPRM. In the Secure Flight NPRM, TSA proposes to
require passengers on commercial flights operated by full program
operators and foreign air carriers to provide their full name when they
make a reservation for a flight. See proposed Sec. 1540.107(b) in the
Secure Flight NPRM, 72 FR at 48386.
---------------------------------------------------------------------------
\22\ The redress number is the number assigned by DHS to an
individual processed through the redress procedures described in 49
CFR part 1560, subpart C, as proposed in the Secure Flight NPRM.
\23\ See Secure Flight NPRM, 72 FR at 48364.
---------------------------------------------------------------------------
Many names do not indicate gender, because they can be used by
either gender. Additionally, names not derived from the Latin alphabet,
when transliterated into English, often do not denote gender. Providing
information on gender will reduce the number of false positive watch-
list matches, because the information will distinguish persons who have
the same or similar names but who are of a different gender. The date
of birth is also helpful in distinguishing a passenger from an
individual on a watch-list with the same or similar name, thereby
reducing the number of false positive watch-list matches.
This proposed rule would also require aircraft operators to request
an individual's redress number, if available. DHS will assign this
unique number to individuals who use the DHS Traveler Redress Inquiry
Program (DHS TRIP), because they believe they have been incorrectly
delayed or denied boarding. Individuals may be less likely to be
delayed by false positive matches to the watch-list if they provide
their redress number, if available.
Under the proposed rule, individuals would not be compelled to
provide their gender, date of birth, or redress number when requested
by the aircraft operators. However, without this information, the
watch-list service provider may be unable to perform effective
automated watch-list matching and, as a result, the individuals may be
more likely to be denied boarding, or under certain circumstances, be
subject
[[Page 64798]]
to additional screening. TSA is considering whether to require all
individuals to provide their gender and date of birth to assist in the
watch-list matching and resolution process.
The proposed rule would require large aircraft operators to
transmit to the watch-list service provider the passengers' full names
and also transmit the passengers' genders, dates of birth, and redress
numbers, to the extent they are available. In addition, the proposed
rule would require large aircraft operators to transmit certain
information from an individual's passport (full name, passport number,
country of issuance, expiration date, gender, and date of birth), if it
is available and was provided to the aircraft operator. Based on TSA's
experience in conducting security threat assessments that include
watch-list matching, TSA
