Air Cargo Screening, 47672-47710 [E9-21794]

Download as PDF 47672 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations DEPARTMENT OF HOMELAND SECURITY Transportation Security Administration 49 CFR Parts 1515, 1520, 1522, 1540, 1544, 1546, 1548, and 1549 [Docket No. TSA–2009–0018; Amendment Nos. 1515–1, 1520–8, 1522–New, 1540–10, 1544–9, 1546–5, 1548–5, 1549–New] RIN 1652–AA64 Air Cargo Screening sroberts on DSKD5P82C1PROD with RULES AGENCY: Transportation Security Administration, DHS. ACTION: Interim final rule; request for comments. SUMMARY: This rule codifies a statutory requirement of the Implementing Recommendations of the 9/11 Commission Act that the Transportation Security Administration (TSA) establish a system to screen 100 percent of cargo transported on passenger aircraft by August 3, 2010. To assist in carrying out this mandate, this rule establishes a program under which TSA will certify cargo screening facilities located in the U.S. that volunteer to screen cargo prior to tendering it to aircraft operators for carriage on passenger aircraft. This rule requires affected passenger aircraft operators to ensure that either an aircraft operator or certified cargo screening facility that does so in accordance with TSA standards, or TSA itself, screens all cargo loaded on passenger aircraft. TSA will require certified cargo screening facilities (CCSFs) to screen cargo using TSA-approved methods and implement chain of custody measures to ensure the security of the screened cargo throughout the air cargo supply chain prior to tendering it for transport on passenger aircraft. CCSF personnel must successfully undergo a TSA-conducted security threat assessment (STA) and pay a fee for that assessment. TSA proposes a fee to cover the Government’s costs in conducting the STA and requests comment on the fee and the methodology used to develop the fee. Before being certified and periodically thereafter, the CCSF must undergo examination by a TSA-approved validator. Validators must have specified qualifications, complete training regarding the certified cargo screening program (CCSP), and successfully undergo a TSA-conducted STA as described in the discussion of part 1540 in this preamble, and pay a fee for that assessment. DATES: Effective Date: This rule is effective November 16, 2009. VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 Comment Date: Comments must be received by November 16, 2009. ADDRESSES: You may submit comments, identified by the TSA docket number to this rulemaking, to the Federal Docket Management System (FDMS), a government-wide, electronic docket management system, using any one of the following methods: Electronically: You may submit comments through the Federal eRulemaking portal at http:// www.regulations.gov. Follow the online instructions for submitting comments. Mail, In Person, or Fax: Address, hand-deliver, or fax your written comments to the Docket Management Facility, U.S. Department of Transportation, 1200 New Jersey Avenue, SE., West Building Ground Floor, Room W12–140, Washington, DC 20590–0001; Fax 202–493–2251. The Department of Transportation (DOT), which maintains and processes TSA’s official regulatory dockets, will scan the submission and post it to FDMS. See SUPPLEMENTARY INFORMATION for format and other information about comment submissions. FOR FURTHER INFORMATION CONTACT: Tamika McCree, Manager, Air Cargo Stakeholder Relations, Air Cargo Security, TSA–28, Transportation Security Administration, 601 South 12th Street, Arlington, VA 20598–6028; telephone (571) 227–2632; facsimile (571) 227–1947; e-mail AirCargo ScreeningCommentsIFR@dhs.gov. SUPPLEMENTARY INFORMATION: Comments Invited TSA adopts this interim rule without prior notice and prior public comment. In this rule, however, TSA seeks prior public comment on our proposed fee to cover the cost of the STAs. To the maximum extent possible, DHS provides an opportunity for public comment on regulations issued without prior notice. Accordingly, TSA invites interested persons to participate in this rulemaking by submitting written comments, data, or views on the proposed fee for the STA, as well as all other aspects of this rule. We also invite comments relating to the economic, environmental, energy, or federalism impacts that might result from this rulemaking action. See ADDRESSES above for information on where to submit comments. With each comment, please identify the docket number at the beginning of your comments. TSA encourages commenters to provide their names and addresses. The most helpful comments reference a specific portion of the rulemaking, explain the reason for any PO 00000 Frm 00002 Fmt 4701 Sfmt 4700 recommended change, and include supporting data. You may submit comments and material electronically, in person, by mail, or fax as provided under ADDRESSES, but please submit your comments and material by only one means. If you submit comments by mail or delivery, submit them in an unbound format, no larger than 8.5 by 11 inches, suitable for copying and electronic filing. If you would like TSA to acknowledge receipt of comments submitted by mail, include with your comments a selfaddressed, stamped postcard on which the docket number appears. We will stamp the date on the postcard and mail it to you. TSA will file in the public docket all comments received by TSA, except for comments containing confidential information and sensitive security information (SSI),1 TSA will consider all comments received on or before the closing date for comments and will consider comments filed late to the extent practicable. The docket is available for public inspection before and after the comment closing date. Handling of Confidential or Proprietary Information and Sensitive Security Information (SSI) Submitted in Public Comments Do not submit comments that include trade secrets, confidential commercial or financial information, or SSI to the public regulatory docket. Please submit such comments separately from other comments on the rulemaking. Comments containing this type of information should be appropriately marked as containing such information and submitted by mail to the address listed in FOR FURTHER INFORMATION CONTACT section. Upon receipt of such comments, TSA will not place the comments in the public docket and will handle them in accordance with applicable safeguards and restrictions on access. TSA will hold documents containing SSI, confidential business information, or trade secrets in a separate file to which the public does not have access, and place a note in the public docket that TSA has received such materials from the commenter. If TSA determines, however, that portions of these comments may be made publicly available, TSA may include a redacted 1 ‘‘Sensitive Security Information’’ or ‘‘SSI’’ is information obtained or developed in the conduct of security activities, the disclosure of which would constitute an unwarranted invasion of privacy, reveal trade secrets or privileged or confidential information, or be detrimental to the security of transportation. The protection of SSI is governed by 49 CFR part 1520. E:\FR\FM\16SER2.SGM 16SER2 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations version of the comment in the public docket. If TSA receives a request to examine or copy information that is not in the public docket, TSA will treat it as any other request under the Freedom of Information Act (FOIA) (5 U.S.C. 552) and the FOIA regulation of the Department of Homeland Security found in 6 CFR part 5. Reviewing Comments in the Docket Please be aware that anyone is able to search the electronic form of all comments received into any of our dockets by the name of the individual who submitted the comment (or signed the comment, if submitted on behalf of an association, business, labor union, etc.). You may review the applicable Privacy Act Statement published in the Federal Register on April 11, 2000 (65 FR 19477) and modified on January 17, 2008 (73 FR 3316). You may review TSA’s electronic public docket on the Internet at http:// www.regulations.gov. In addition, DOT’s Docket Management Facility provides a physical facility, staff, equipment, and assistance to the public. To obtain assistance or to review comments in TSA’s public docket, you may visit this facility between 9 a.m. to 5 p.m., Monday through Friday, excluding legal holidays, or call (202) 366–9826. This docket operations facility is located in the West Building Ground Floor, Room W12–140 at 1200 New Jersey Avenue, SE., Washington, DC 20590. Availability of Rulemaking Document You can get an electronic copy using the Internet by— (1) Searching the electronic Federal Docket Management System (FDMS) Web page at http://www.regulations.gov; (2) Accessing the Government Printing Office’s Web page at http:// www.gpoaccess.gov/fr/index.html; or (3) Visiting TSA’s Security Regulations Web page at http:// www.tsa.gov and accessing the link for ‘‘Research Center’’ at the top of the page. In addition, copies are available by writing or calling the individual in the FOR FURTHER INFORMATION CONTACT sroberts on DSKD5P82C1PROD with RULES section. Make sure to identify the docket number of this rulemaking. Small Entity Inquiries The Small Business Regulatory Enforcement Fairness Act (SBREFA) of 1996 requires TSA to comply with small entity requests for information and advice about compliance with statutes and regulations within TSA’s jurisdiction. Any small entity that has a question regarding this document may contact the person listed in FOR FURTHER INFORMATION CONTACT. Persons can VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 obtain further information regarding SBREFA on the Small Business Administration’s Web page at http:// www.sba.gov/advo/laws/law_lib.html. Abbreviations and Terms Used in This Document CBP U.S. Customs and Border Protection CCSF Certified Cargo Screening Facility CCSP Certified Cargo Screening Program CFR Code of Federal Regulations CHRC Criminal History Records Check DHS Department of Homeland Security FSD Federal Security Director IAC Indirect Air Carrier IED Improvised Explosive Device MSP Model Security Program SIDA Security Identification Display Area SSI Sensitive Security Information STA Security Threat Assessment TSA Transportation Security Administration Outline of Interim Final Rule I. Summary of Rule II. Background A. Current Air Cargo Screening B. 9/11 Act Requirements C. Development of the Certified Cargo Screening Program D. Certified Cargo Screening Pilot Programs III. TSA’s Program for Achieving the Statutory Mandates for Cargo Loaded Domestically IV. Organization of the Rule V. Section-by-Section Analysis VI. Good Cause for Immediate Adoption VII. Paperwork Reduction Act VIII. Economic Impact Analyses A. Regulatory Evaluation Summary B. Executive Order 12866 Assessment C. Regulatory Flexibility Act Assessment D. International Trade Impact Assessment E. Unfunded Mandates Assessment IX. Executive Order 13132, Federalism X. Environmental Analyses XI. Energy Impact Analysis List of Subjects The Amendments I. Summary of Rule This rule provides that affected U.S. aircraft operators and foreign air carriers 2 must have screened at least 50 percent of its cargo transported on passenger aircraft by February 3, 2009, and must screen 100 percent of cargo by August 3, 2010, to carry out sec. 1602 of the Implementing the Recommendations of the 9/11 Commission Act of 2007 (Pub. L. 110– 53, 121 Stat. 266, 478, Aug. 3, 2007) (9/ 11 Act). The rule applies to certain commercial passenger operations, and 2 The affected aircraft operators are U.S. aircraft operators with full programs under 49 CFR 1544.101(a) and foreign air carriers with security programs under 49 CFR 1546.101(a) or (b). This includes aircraft operators with scheduled or public charter operations with an aircraft having a passenger seating configuration of 61 or more seats, and those operating smaller aircraft when passengers are enplaned from or deplaned into a sterile area. PO 00000 Frm 00003 Fmt 4701 Sfmt 4700 47673 applies to foreign air carriers the same standards that apply to U.S. aircraft operators, for the same types of flights. This rule applies only to cargo loaded in the United States. It does not apply to either U.S. aircraft operators or foreign air carriers when they load cargo outside the U.S. and transport it into the U.S., nor to U.S. or foreign all-cargo operations. This rule will not cover general aviation operations. The Transportation Security Administration (TSA) concluded that this mandate could not be achieved by relying solely on U.S. aircraft operators and foreign air carriers to conduct screening. Aircraft operators do not have the capacity to screen the approximately 12 million pounds of cargo that is now transported on passenger aircraft daily. Requiring passenger aircraft operators to screen 100 percent of air cargo would result in carrier delays, backlogs of unscreened cargo, and missed flights, which could significantly impede the flow of commerce. Accordingly, TSA will establish the certified cargo screening program (CCSP) to allow entities other than aircraft operators to conduct screening off-airport. Under the CCSP, facilities upstream in the air cargo supply chain, such as shippers, manufacturers, warehousing entities, distributors, third party logistics companies, and Indirect Air Carriers (IACs) that are located in the U.S., may apply to TSA to become certified cargo screening facilities (CCSFs). Aircraft operators that screen cargo off-airport must also become CCSFs in order to screen cargo for transport on passenger aircraft. These applicants must submit to TSA an application for certification of a single facility, including a TSA-approved validator’s evaluation of the applicant’s security measures. Once certified, the CCSF must— • Implement the certified cargo screening standard security program that TSA develops and any amendments to it; • Appoint security coordinators at the corporate and facility levels and alternates to be available 24 hours per day, 7 days per week; • Ensure that the following individuals successfully undergo a TSAconducted STA: (1) Each employee and authorized representative who screens cargo or has unescorted access to screened cargo, and (2) each security coordinator and alternate, senior manager of the facility, and other individual who implements the cargo screening program; E:\FR\FM\16SER2.SGM 16SER2 sroberts on DSKD5P82C1PROD with RULES 47674 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations • Adhere to strict physical and access control measures for the storage, handling, and screening of cargo; • Screen cargo using TSA-approved methods; • Implement chain of custody requirements, including the use of tamper evident technology, which must begin when the cargo is screened and remain intact until the cargo is tendered to the aircraft operator for transport on a passenger aircraft; and • Apply for recertification, including a new examination by a TSA-approved validator, every 36 months. TSA believes that it is important for CCSFs to submit to a recertification assessment of their security programs every three years in order to maintain good standing in the CCSP. Within the 36 month period, TSA will inspect the CCSF for compliance and the CCSFs will conduct quarterly self-audits. TSA based the 36-month cycle on a similar program in the United Kingdom, the Known Consignor program discussed in section II.C. below. This rule establishes procedures under which firms may apply for TSA’s approval to conduct validation assessments of CCSF facilities. Approved validation firms must hold and carry out a TSA-approved security program, must have security coordinators to be the primary point of contact for security at the facility, and must ensure that individuals conducting assessments have professional qualifications, receive training, do not have conflicts of interest with facilities to be assessed, and conduct assessments impartially. The rule requires validators and their supervisors and validation firm security coordinators and their alternates to successfully undergo a TSA-conducted STA. Individuals conducting validation assessments must— • Be a citizen or national of the United States or be a lawful permanent resident alien; • Hold a certification or accreditation from a TSA-recognized organization qualified to certify or accredit a validator; • Have at least five years of experience in inspection or validating compliance with certain government and industry organizations; • Have sufficient knowledge of certain regulations, policies, and security programs and be able to determine compliance; • Have sufficient knowledge of the CCSP; and • Conduct no more than two assessments of a facility seeking approval, unless TSA authorizes otherwise. VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 This rule also amends the threat assessment provisions that currently exist in 49 CFR part 1540, subpart C, for individuals who work in the air cargo sector to enhance TSA’s ability to effectively conduct STAs. II. Background A. Current Air Cargo Screening Since 2002, TSA has implemented a multilayered, risk-based system for securing cargo transported on passenger aircraft. U.S. aircraft operators and foreign air carriers must ensure that cargo transported on passenger aircraft is screened or inspected as set forth in their security programs. 49 CFR 1544.205, 1546.205. IACs must screen a certain percentage of cargo prior to tendering the cargo for transport or take other security measures as required in the applicable Security Directives and in their security programs.3 U.S. aircraft operators, foreign air carriers, and IACs must screen 100 percent of cargo considered to present an ‘‘elevated risk,’’ and TSA screens 100 percent of all cargo transported on passenger aircraft at Category II–IV airports.4 Currently, aircraft operators conduct screening of most cargo at the airports. Generally applicable TSA-approved methods of screening include x-ray, explosives trace detection (ETD), explosive detection systems (EDS), explosives detection canine teams, and physical inspection along with verification of the description of the cargo on the shipping manifest. There are certain categories of cargo for which these generally applicable methods of screening may not be effective or feasible, so the aircraft operators and IACs use TSA-approved alternative methods of screening. B. 9/11 Act Requirements The 9/11 Act amended 49 U.S.C. 44901(g)(1), which provides, in pertinent part: Not later than 3 years after the date of enactment of the [9/11 Act], the Secretary of Homeland Security shall establish a system to screen 100 percent of cargo transported on passenger aircraft operated by an air carrier or foreign air carrier in air transportation or intrastate air transportation to ensure the 3 Security Directives and security programs are SSI and the details are non-public information. See footnote 1. 4 There are several categories of airport designations that are based largely on the number of enplanements. Category II–IV airports include those with less than five million annual domestic enplanements or with five million or more annual domestic enplanements, but less than one million international enplanements. Overall, approximately 99 percent of cargo loaded on passenger aircraft in the United States is loaded at Category X and I airports. PO 00000 Frm 00004 Fmt 4701 Sfmt 4700 security of all such passenger aircraft carrying cargo. As amended by the 9/11 Act, 49 U.S.C. 44901(g)(2) provides that the system used to screen cargo on passenger aircraft shall provide a level of security ‘‘commensurate with the level of security for the screening of passenger checked baggage’’ and directs that— • Fifty percent of such cargo must be screened not later than February 3, 2009; and • One hundred percent of such cargo must be screened not later than August 3, 2010. Section 44901(g)(3)(B) explicitly authorizes TSA to issue an interim final rule (IFR) to implement the requirements. If TSA issues an IFR, TSA must issue a final rule not later than one year after the effective date of the IFR. The 9/11 Act defines the term ‘‘screening’’ in sec. 44901(g)(5) to mean ‘‘a physical examination or nonintrusive method of assessing whether cargo poses a threat to transportation security. Methods include x-ray systems, explosives detection systems, explosives trace detection, explosives detection canine teams certified by TSA or a physical search together with manifest verification.’’ This section further provides that TSA may approve additional methods to ensure that the cargo does not pose a threat to transportation security and to assist in meeting the requirements of the 9/11 Act. TSA will continue to consider different technologies or methods for screening cargo transported on passenger or cargo flights. TSA would approve these additional methods and technologies based on their applicability and effectiveness in screening specific commodities. C. Development of the Certified Cargo Screening Program TSA recognized that it needed to develop a program that could achieve the 9/11 Act’s requirement for 100 percent screening while still allowing for the flow of commerce. Approximately 12 million pounds of cargo are transported on passenger aircraft in the United States each day. In evaluating the practical implications of 100 percent screening, the Congressional Research Service has stated that ‘‘* * * given the sheer volume of cargo that must be expediently processed and loaded on aircraft * * * full screening of air cargo, as is now required of checked passenger baggage, is likely to present significant logistic and operational challenges.’’ CRS Report for Congress, Air Cargo Security, Updated July 30, 2007, CRS–2. E:\FR\FM\16SER2.SGM 16SER2 sroberts on DSKD5P82C1PROD with RULES Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations TSA has developed the CCSP by working closely with U.S. and international agencies and associations to incorporate key aspects of similar security programs in other countries and in the United States. In particular, TSA studied the Known Consignor programs in Great Britain and Ireland. Such programs have been in effect for several years and operate successfully. TSA also examined the security measures of the Customs-Trade Partnership Against Terrorism (C–TPAT), a U.S. Customs and Border Protection (CBP) program. Like the programs in Great Britain and Ireland, CBP’s C–TPAT program adopts the concept of supply chain security in its voluntary program under which participants benefit from expedited CBP processing. The United Kingdom (UK) Known Consignor program has key features that TSA has incorporated into the CCSP. First, like the CCSP, the UK Known Consignor program relies on authorized entities to augment air carriers’ screening of cargo. Both programs rely on a chain of custody concept, requiring verification that no tampering has occurred between the time of screening and the time the cargo is tendered to the air carrier. Second, the UK Known Consignor program requires approved validators to assess Known Consignors and requires Known Consignors to pay a fee for these assessments. TSA based the validator requirements in this IFR, in part, on the UK program. In both programs, entities wishing to serve as validators seek approval from the government regulatory agency. In both programs, the government reviews the validators’ assessments and, where appropriate, government agents may conduct inspections to determine if enforcement action is necessary. In addition to these structural similarities, some of the methods to secure cargo will be similar in the two programs. For example, the UK program makes use of tamper-resistant seals, tamper evident tape, and procedures to document that the cargo is not subject to unauthorized access from the time the cargo is screened until it is tendered to an aircraft operator for transport on a passenger aircraft. These are key elements in the CCSP ‘‘chain of custody’’ framework. The UK program has been in place since 2003 and has achieved the benefits TSA seeks to gain from the CCSP. Known consignors screen close to 50 percent of cargo that otherwise would be screened by aircraft operators and foreign air carriers on airports; the rest of the cargo is screened by air carriers. Having aircraft operators and VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 foreign air carriers screen all cargo at airports could result in delays in flights and backlogs of cargo to be screened. The UK program significantly reduces potential adverse impacts on the flow of commerce that otherwise could result if aircraft operators and foreign air carriers were required to screen all cargo. The same concerns exist for screening cargo at U.S. airports. D. Certified Cargo Screening Pilot Programs TSA is testing the concept of screening earlier in the supply chain by conducting two parallel pilot programs: (1) The CCSP pilot involving shippers and other entities, such as manufacturers, distributors, and third party logistics companies, and (2) the IAC technology pilot. The CCSP pilots began at the following major gateway airports representing over 65% of all air cargo loaded on passenger flights: San Francisco (SFO), Chicago (ORD), Philadelphia (PHL), Seattle (SEA), Los Angeles (LAX), Dallas-Fort Worth (DFW), Miami (MIA), Atlanta (ATL), and New York/Newark (JFK/EWR). The IAC pilot is now in effect at all U.S. airports. Over 65 percent of all cargo transported on passenger aircraft is carried on wide-body passenger aircraft, such as a B–767, from the airports listed above. Approximately 43 percent of cargo transported on wide-body aircraft originates in 6 of these airports. Thus, TSA focused its outreach for the pilot programs on the entities using the airports with the highest volume of cargo transported on wide body passenger aircraft. Industry agreed to participate in the pilots. TSA conducted outreach for the CCSP pilot program by contacting 120 shippers and other entities in 9 major cities. The CCSP pilot focuses on the ability of these entities to screen cargo according to methods approved by TSA, primarily by physical search of the shipping box before it is closed, sealed, and leaves the facility using a secure chain of custody. Shippers, manufacturers, distributors, and thirdparty logistics companies are in the best position to screen the contents of the box before it leaves their facility, as they know what should be in the box and can spot anomalies quickly. As long as the screening is conducted in accordance with TSA procedures and the chain of custody remains intact when the cargo is loaded on passenger aircraft, the cargo does not have to be rescreened. The IAC technology pilot is evaluating the effectiveness of cargo screening technology and processes recommended by TSA by commodity PO 00000 Frm 00005 Fmt 4701 Sfmt 4700 47675 class at each participant’s consolidation facility. Congressional appropriations provided TSA with funds for the screening of air cargo. TSA is using these funds in part to assist in the deployment of appropriate screening technology for use in the IAC pilot. The IAC technology pilot participants must use either x-ray or Explosive Trace Detection (ETD) equipment during the screening process. This pilot is also evaluating the IAC community’s ability to screen cargo volumes, and the use of chain of custody procedures. When the IFR becomes effective, the CCSP pilot program will end. Participants will become CCSFs under the IFR. The IACs in the IAC technology pilot will continue to collect and submit information to TSA regarding the cargo screening technology until August 2010. TSA will collect information after the IFR becomes effective under OMB’s Paperwork Reduction Act approval for the IFR; this information will include the data collected during the IAC technology pilot. After the completion of the IAC technology pilot, DHS will conduct an evaluation of the pilot. III. TSA’s Program for Achieving the Statutory Mandates for Cargo Loaded Domestically With respect to cargo loaded within the United States, TSA implemented two measures that assisted industry in achieving the requirement that 50 percent of cargo transported on passenger aircraft be screened by February 3, 2009. First, on August 1, 2008, TSA issued an amendment to the Aircraft Operator Standard Security Program that requires 100 percent screening of cargo transported on narrow-body passenger aircraft. Narrowbody aircraft represent 96 percent of all domestic passenger flights, and approximately one-quarter of all cargo on passenger aircraft travels on narrowbody aircraft. TSA has required that all cargo on narrow-body passenger aircraft, such as a B–737, must be screened. This requirement was a key component of achieving the 9/11 Act’s requirement to ensure that 50 percent of cargo on passenger aircraft was screened by February 2009. The second key component was to have IACs participating in the pilot program at the major gateway airports screen cargo prior to their consolidating the cargo for the airlines. Data from the pilot programs, as well as inspections by TSA Inspectors, demonstrates that industry has achieved the 50 percent milestone of the 9/11 Act. This rule is a key component of our strategy to maintain 50 percent screening as of February 3, 2009, and to E:\FR\FM\16SER2.SGM 16SER2 47676 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations sroberts on DSKD5P82C1PROD with RULES achieve 100 percent screening by August 3, 2010. The rule will allow shippers to screen their cargo prior to tendering it to the airlines. We have developed this IFR implementing the permanent CCSP based on lessons learned in the CCSP pilot program. We estimate that, at full implementation, certified cargo screening facilities and aircraft operators will screen cargo traveling on passenger aircraft as follows: • Of the 4.3 billion pounds of cargo shipped on passenger aircraft annually, aircraft operators will screen 30 percent of the cargo or 1.3 billion pounds; • CCSFs using screening equipment will screen 38 percent of the cargo or 1.6 billion pounds; and • CCSFs using physical search methods to screen will screen 32 percent of the cargo or 1.4 billion pounds. carriers with respect to the cargo screening and acceptance of cargo from CCSFs. • The rule also amends 49 CFR parts 1544, 1546, and 1548 to clarify which individuals are subject to the STA requirements and to better reflect current TSA requirements in the standard security programs for U.S. aircraft operators, foreign air carriers, and IACs. • The rule adds a new 49 CFR part 1549, which provides the regulatory requirements for facilities participating in the CCSP. Requirements include qualifications of screening personnel, STAs, adoption of security programs, and cargo screening procedures. IV. Organization of the Rule The section-by-section analysis below is organized sequentially to follow the CFR numbering. This rule amends a number of TSA’s existing regulations and adds several new parts to the CFR. Briefly, these changes include the following: • The rule expands 49 CFR part 1515 to provide redress procedures for individuals who undergo STAs in connection with their air cargo work for aircraft operators, certified cargo screening facilities, and validation firms, if they receive an adverse decision from TSA. • The rule amends 49 CFR part 1520, the regulations governing sensitive security information (SSI), requiring these newly-regulated populations, such as CCSFs and validators, to protect such information from disclosure. • The rule adds a new 49 CFR part 1522, establishing a system to authorize TSA-approved validators to perform assessments of CCSFs. It also provides a framework for potential future use in other TSA programs. • The rule amends the existing STA regulations in 49 CFR part 1540, subpart C, to encompass newly-required STAs for certain personnel of certified cargo screening facilities and approved validation firms. Also, the rule amends the list of biographic information that applicants and operators must provide TSA, so that TSA can conduct more efficient threat assessments. In addition, the rule adds provisions to facilitate the use of comparable threat assessments in place of the assessments that TSA requires in subpart C of part 1540. • The rule amends 49 CFR parts 1544 and 1546 to impose new requirements on U.S. aircraft operators and foreign air Section 1515.1—Scope In part 1515, TSA sets forth redress procedures for many of the transportation workers who must successfully complete an STA. These STAs are described more fully in the Section-by-Section analysis for part 1540, subpart C. The redress procedures include administrative appeals, requests for waivers, and review of certain cases by administrative law judges. This rule amends § 1515.1 to expand the scope of part 1515 to include applicants engaged in air cargo operations who work for certified cargo screening facilities or validation firms who have applied for an STA and wish to appeal an Initial Determination of Threat Assessment or an Initial Determination of Threat Assessment and Immediate Revocation. VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 by an administrative law judge and the TSA Final Decision Maker. Part 1520—Protection of Sensitive Security Information Implementation of this rule will create new types of sensitive security information (SSI) and new populations of persons with access to, and responsibilities for, protecting all SSI. See Footnote 1. Therefore, TSA is making the following changes to part 1520, which implements the SSI program. Section 1515.9—Appeal of Security Threat Assessment Based on Other Analyses This rule revises § 1515.9 to expand its scope to allow applicants engaged in air cargo operations who work for certified cargo screening facilities or validation firms to appeal an Initial Determination of Threat Assessment in which TSA has determined that the applicants pose a security threat under 49 CFR 1549.107. Section 1520.5—Sensitive Security Information This rule amends the list of information constituting SSI in § 1520.5 to include the SSI to be created under this rule. Specifically, TSA adds ‘‘air cargo’’ to paragraph (b)(1)(i) of this section, which contains the listing of security programs that constitute SSI. Such programs include those for IACs as well as for CCSFs and validation firms. TSA has determined that validation firm security programs (operating under part 1522) and CCSF security programs (operating under part 1549) to be SSI because they will contain specific information about how the operation will implement measures for personnel security, physical security, chain-ofcustody controls, and other measures that—if publicly disclosed—would allow a terrorist or other person with malicious intent to jeopardize air cargo security. In a related, clarifying change, this rule amends § 1520.3 to remove the definition of ‘‘security program.’’ This definition, which is only used in § 1520.5, is unnecessary, because it only describes which security programs are SSI, a subject which is entirely covered in § 1520.5. Removing this duplicative provision will preclude possible confusion. TSA moved the phrase ‘‘including any comments, instructions, or implementing guidance’’ from the definition of security program to § 1520.5(b)(1) to make clear that comments, instructions, and implementing guidance for security programs are protected in the same way as the security programs themselves. Section 1515.11—Review by Administrative Law Judge and TSA Final Decision Maker This rule revises § 1515.11 to allow applicants engaged in air cargo operations who work for certified cargo screening facilities or validation firms and who have received Final Determinations of Threat Assessment after appeals as described in § 1515.9 to obtain review of these determinations Section 1520.7—Covered Persons This rule also amends the definition of ‘‘covered person’’ in § 1520.7 to include personnel of certified cargo screening facilities and of validation firms. These persons will have access to SSI, including security programs and applicable security directives and orders. Including these persons as ‘‘covered individuals’’ brings them within the scope of the responsibilities V. Section-by-Section Analysis Part 1515—Appeal and Waiver Procedures for Security Threat Assessments for Individuals PO 00000 Frm 00006 Fmt 4701 Sfmt 4700 E:\FR\FM\16SER2.SGM 16SER2 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations for protecting SSI that are contained in 49 CFR 1520.9. These include the duty to protect SSI from disclosure and to report incidents of unauthorized disclosure to TSA. sroberts on DSKD5P82C1PROD with RULES Part 1522—TSA-Approved Validation Firms and Validators The provisions of part 1522 establish a system in which TSA approves validation firms; these firms are responsible for hiring individuals, called validators, who must have specific qualifications. These validators are responsible for conducting the assessments of the facility seeking certification or recertification as a CCSF operating under part 1549. The CCSF applicants (whether they are individual companies or IACs) will pay the validation firm for the validation assessment. TSA will not charge or establish a fee for that purpose. Firms that seek to perform the functions of validation firms for purposes of the CCSP must apply to TSA for approval and, once approved, must perform the functions in accordance with TSA’s requirements. The criteria for approval and the performance requirements are set forth in part 1522 and described below. Part 1522 also addresses the qualifications and responsibilities of individual validators, who, on behalf of a validation firm, actually perform the assessments of persons, operations, or facilities regulated under this chapter. Section 1522.1—Scope and Terms Used in This Part Section 1522.1(a) explains that part 1522 governs the use of private firms employing individual validators to assess whether certain persons regulated by TSA are complying with security programs applicable to those persons and other TSA requirements. Paragraph (b) of § 1522.1 defines the terms used in part 1522. The rule defines ‘‘TSA-approved validation firm’’ or ‘‘validation firm’’ as a firm that has received TSA’s approval to make such assessments on whether regulated persons have complied with security programs and other TSA requirements applicable to those persons. The rule defines ‘‘applicant’’ as a firm seeking to become a TSA-approved validation firm. The rule’s definition of ‘‘firm’’ includes business enterprises, including individuals operating as a business, as well as other non-governmental organizations, such as non-profit corporations. The term ‘‘validator’’ means the particular individual assigned by the validation firm to perform a given assessment; thus, the terms ‘‘validation firm’’ and ‘‘validator’’ VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 are not synonymous. The term ‘‘assessment’’ as defined in § 1522.1, refers to the validator’s evaluation of compliance with the relevant requirements of a security program. The rule also defines the term ‘‘national of the United States.’’ For purposes of this rule, ‘national’ means a citizen of the United States, or a person who, though not a citizen, owes permanent allegiance to the United States, as defined in 8 U.S.C. 1101(a)(22), and includes American Samoa and Swains Island. It is consistent with the definition of the same term (49 CFR 1570.3) in the Maritime and Land Transportation Security regulations and with the definition in 8 U.S.C. 1101(a)(22). Validation firms and validators must be free of conflicts of interest to perform assessments for TSA programs. Section 1522.129(a) requires validation firms to maintain records demonstrating compliance with this regulation, including the conflict-of-interest requirements. As part of the inspection process, TSA may review records concerning a facility’s compliance with conflict of interest provisions. Section 1522.1(b) defines ‘‘conflict of interest’’ as a situation in which a relationship with, or a financial interest in, the person being assessed may adversely affect the impartiality of the assessment. This definition encompasses the validation firm as an entity, as well as the individuals of the firm who will be conducting, or assisting in conducting, the assessment, and their immediate family members. This definition is derived in part from the Government Auditing Standards established by the Government Accountability Office (GAO) for ensuring that Government auditors or their employees do not have business or personal impairments that would interfere with their ability to maintain their independence. See GAO, Government Auditing Standards (July 2007), ch. 3. The definition is also derived, in part, from the postgovernmental employment restrictions applicable to Federal employees. The definition of ‘‘conflict of interest’’ in § 1522.1(b) contains several examples. It includes examples of conflict-of-interest situations applicable to a validation firm as an entity, such as parent-subsidiary relationships and common management or organizational governance (for example, interlocking boards of directors). It also includes an example of a conflict of interest situation in which the validation firm, or validator, or the individual assisting the validator, or his or her immediate family member as an individual, is a PO 00000 Frm 00007 Fmt 4701 Sfmt 4700 47677 creditor or debtor of the person being assessed. It also lists examples of conflicts of interest related to financial interests, such as investments in debt and equity, in the person being assessed. The other examples of conflict of interest in the definition address situations in which the validator or an individual assisting the validator, or his or her immediate family member, is a former employee, officer, or contractor including a consultant of the person being assessed. If the former duties and responsibilities of the validator or individual assisting the validator involved the operations or functions to be assessed, he or she has a permanent conflict of interest; such an individual may never conduct or assist in conducting an assessment of an operation or function with respect to which he or she had duties or responsibilities. If the former duties and responsibilities of the validator or individual assisting the validator did not involve the operations or functions to be assessed, he or she must observe a two-year ‘‘cooling-off period’’ during which he or she may not conduct assessments of his or her former employer. These concepts are consistent with the post-employment restrictions applicable to governmental employees found at 18 U.S.C. 207. Individuals who are former employees of the person being assessed who will not be conducting or assisting in the assessment do not create a conflict of interest if they are segregated from the assessment work. Section 1522.3—Fraud and Intentional Falsification of Records Section 1522.3 includes provisions that prohibit any person, whether the validation firm, the validator, or another individual, from making or providing any fraudulent or intentionally false statements, reports, records, access mediums, or identification. The same prohibitions apply to persons regulated under TSA’s Civil Aviation Security regulations; see 49 CFR 1540.103, on which this section is based. Any intentional falsification or fraud may constitute a basis for TSA to withdraw the validator’s approval. In addition, any intentional falsification or fraud may constitute a violation of certain criminal laws such as 18 U.S.C. 1001. In appropriate cases TSA will refer potential criminal violations to the U.S. Attorney for investigation. Section 1522.5—TSA Inspection Authority Section 1522.5 sets out TSA’s broad authority to inspect a validation firm E:\FR\FM\16SER2.SGM 16SER2 47678 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations sroberts on DSKD5P82C1PROD with RULES and a validator, including on-site inspections and the copying of records. TSA needs such broad authority to perform its role in monitoring compliance with this part. Paragraph (a) requires each validation firm to allow TSA to enter the facility to make inspections or tests, including copying records. A validation firm’s operations are unlikely to give rise to the kinds of emergencies that would require afterhours inspections, so this paragraph only refers to TSA inspections during normal business hours. This paragraph also provides that the inspection may be without advance notice. While TSA expects often to provide advance notice of an inspection, we must have the ability to do so unannounced to verify compliance by the validation firm and its personnel and to otherwise assess security. The inspections referred to in paragraph (a) include inspections for compliance with the statute and TSA rules, and includes inspections that TSA may make to carry out duties assigned to TSA in 49 U.S.C. 114(f), as set out in § 1522.5(a)(2). Section 1522.5(b) provides that at the request of TSA each validation firm and validator must provide evidence of compliance with the TSA regulations, which are located in 49 CFR chapter XII, including parts 1500–1699. This may include providing records to TSA or other evidence to show compliance. Paragraph (c) provides that TSA and DHS officials working with TSA may conduct inspections without access media issued or approved by a validation firm or other person. This is to facilitate the inspection process and make it possible for TSA to conduct unannounced inspections. It is based on a similar provision in § 1542.5(e) that applies to airport operators. Taken as a whole, this section will allow TSA to evaluate the validation firm’s and the validator’s respective performance, and to evaluate the reliability of the validator’s assessments. Section 1522.101—Applicability Subpart B, which begins at § 1522.101, applies specifically to the use of TSA-approved validation firms and validators in the context of the CCSP. Each facility that seeks to be a CCSF will need to engage a validation firm to assess whether that facility complies with the security program that TSA requires under 49 CFR 1549.5. Section 1522.103—Requirements for Validation Firms Section 1522.103 establishes the general requirements for validation firms. Paragraph (a) states the fundamental requirement, which is that VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 the firm must have the necessary facilities, resources, and personnel to conduct assessments. Among other things, this requirement entails the demonstrated capability to define, execute, and document standardized business processes. The validation firm must also demonstrate its capability to hire and train personnel to perform operations similar to the assessments required under this subpart and part 1549. The purpose of this requirement is to establish a basis on which TSA may evaluate whether a firm has the experience and capabilities to perform as a validation firm. Paragraph (b) provides that each validation firm must have a Security Coordinator and one or more alternates. This provision is based on the concept of Security Coordinator for IACs as implemented in 49 CFR 1548.13. These individuals must be senior officers or employees to ensure that they have the authority necessary to fulfill their functions. They serve as the validation firm’s primary point of contact with TSA on security-related matters. Because a validation firm has a support (as opposed to an operational) role in the certified cargo security program, the Security Coordinator or an alternate must be available during regular business hours (rather than on a 24-hour basis). Also, the Security Coordinator and alternates bear the responsibility of immediately initiating corrective action if the firm discovers an instance of noncompliance with any applicable TSA security requirement. These requirements ensure that each validation firm has at least one readily available and accountable individual with adequate authority to monitor security-related matters. Under paragraph (c) of § 1522.103, the validation firm must hold and carry out a TSA-approved security program. This topic is covered in more detail in the discussion of § 1522.105, below. Paragraph (d) of § 1522.103 imposes an affirmative obligation on the validation firm to ensure that its personnel carry out the requirements of TSA’s regulations and the security program. ‘‘Personnel’’ includes direct employees, contractors, agents, and other persons acting on behalf of the validation firm. Finally, paragraph (e) requires the validation firm to notify TSA of all pertinent changes in information that the validation firm must submit to TSA. Examples of such information include changes of address, changes in the identity of the Security Coordinator or alternates, and significant changes in the ownership of the firm. A significant change in the ownership would include, PO 00000 Frm 00008 Fmt 4701 Sfmt 4700 for example, acquisition of the firm by another business entity, or the form of the firm’s organization, for example, incorporation. It would not include a minor change in the identity of shareholders. Section 1522.105—Adoption and Implementation of the Security Program Paragraph (a) of § 1522.105 provides that a validation firm must hold and carry out an approved security program in order to operate as a validation firm. Paragraph (b) outlines the requirements for the content of the validation firm standard security program. These requirements are generally consistent with the similar requirement for IACs in part 1548. Paragraph (b)(1) states the fundamental purpose of the security program, which is to provide for the security of aircraft and protect against threats to air security. Paragraph (b)(1) thus establishes that validation firms, even though they serve a supporting role, are important components in the overall certified cargo security program. Key among these requirements for security programs is that the programs must specify the processes and procedures that the firm will use to maintain the qualifications of its validators and its personnel assisting validators with assessments. This is important, because the quality of the validation firm’s operational performance depends primarily on the expertise of its personnel, especially the validators. Thus, the security program must describe in detail how the validation firm will maintain the current qualifications, accreditations, credentials, training, and STAs for its relevant personnel. The security program must also include provisions for a Security Coordinator, as well as for setting managerial responsibilities for ensuring that the firm’s personnel carry out their responsibilities under TSA regulations and the security program. Paragraph (c) of § 1522.105 sets out procedures by which an applicant or a validation firm may request amendments to a security program. Paragraph (d) sets out the process by which TSA will initiate amendment of a security program. Paragraph (e) covers emergency amendments, which TSA may make without prior notice and which take effect immediately. The provisions of paragraphs (c), (d), and (e) are analogous to similar provisions relating to IAC security programs (49 CFR 1548.7), which provides that TSA may issue emergency amendments to aircraft operators if there is an emergency requiring immediate action E:\FR\FM\16SER2.SGM 16SER2 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations with respect to safety in air transportation or in air commerce that makes procedures in § 1522.105 contrary to the public interest; such provisions establish an orderly process for revising security programs when circumstances change. Similar provisions exist in 49 CFR 1542.105(d) (airport operators), 1544.105(d) (aircraft operators), 1546.105(d) (foreign air carriers), and 1548.7(e) (indirect air carriers). Paragraph (f), parallel with 49 CFR 1548.5(d), provides basic requirements on availability of the security program to the firm’s personnel and to TSA and requires measures to protect it as SSI. Section 1522.107—Application Section 1522.107 sets out the procedures by which a firm may apply for approval to operate as a validation firm. TSA will prescribe the form and manner of the application, which must be in writing and submitted at least 90 days in advance. Paragraph (a) enumerates the required items that applicants must include in their applications. Among other items, applicants must include a statement declaring whether the applicant is a small business; the collection of this information assists TSA in developing appropriate civil penalty formulas. Paragraph (b) of § 1522.107 discusses the next step in the application process. After TSA receives the initial application specified in paragraph (a), and after the applicant’s Security Coordinator has successfully completed a STA, TSA will send the validation firm, via the Security Coordinator, a copy of the Validation Firm Standard Security Program. TSA anticipates that all information will be sent to participants via electronic means in a password protected mode. TSA also plans to develop a secure Web address that will be available to the participating validation firms to obtain copies of the security program. The validation firm must also submit a supplement to its security plan that specifies processes and procedures that the firm will use to maintain the qualification of its validators and its personnel assisting validators with assessments to the designated TSA official for approval. This provision establishes a baseline of standardization, while allowing for flexibility in appropriate circumstances. TSA will seek comment on the validation firm security program from applicants as part of the application process. Thereafter, any approved validation firm may request amendments to its security program. Section 1522.109—TSA Review and Approval Paragraph (a) of § 1522.109 lists the criteria that TSA will employ in reviewing an application submitted under § 1522.107. As provided in paragraph (b), TSA will approve or disapprove the application based on these criteria. In either case, TSA will provide written notice to the applicant. In the case of an approval, TSA may approve or require modifications to the security program applicable to the applicant. The validation firm will also demonstrate to TSA how the validators employed by the firm will meet TSA qualifications. In the case of a disapproval, TSA will state the basis for the disapproval in writing. Under paragraphs (b)(1) and (2), a validation firm may commence operations only after it receives approval of its security program and approval to operate as a validation firm, and after the relevant personnel have completed all required training and STAs. These paragraphs make it clear that the validation firm must satisfy all of these elements before the validation firm may conduct assessments. As provided in paragraph (c), the duration of an approval granted under this section is 12 months. The following table demonstrates the certification and training cycles for CCSFs and validation firms. IAC operating certificate (renewal application) Shipper/CCSF ................................ IAC/CCSF ...................................... Validation Firm/Validator ................ Validation firm operating approval Certification N/A ................................. Annually ......................... N/A ................................. N/A ................................. N/A ................................. Annually ......................... Every three years .......... Every three years .......... N/A ................................. sroberts on DSKD5P82C1PROD with RULES Section 1522.111—Reconsideration of Disapproval of an Application Section 1522.111 describes the review and petition process for TSA’s reconsideration of disapproval of the validator’s application. If an applicant challenges the disapproval, the applicant must submit a written petition for reconsideration within 30 days of receipt of the notice of disapproval. The petition must include a statement, with supporting documentation, explaining why the applicant believes the application meets the criteria of § 1522.103. Reconsideration may result in confirmation of the disapproval or in an approval. Disposition pursuant to this section constitutes a final agency action for purposes of review under 49 U.S.C. 46110. VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 Section 1522.113—Withdrawal of Approval Section 1522.113 establishes procedures by which TSA may withdraw a previously-granted approval of a validation firm. This may occur if the validation firm no longer meets the qualification standards, if the validation firm fails to conduct assessments in compliance with TSA’s requirements, or if withdrawal is in the interest of security or the public. 49 CFR 1522.113(a). If TSA withdraws a validation firm’s approval, the validation firm must immediately stop performing any and all activities related to assessments. In determining whether withdrawal is appropriate, TSA considers the number, frequency, and severity of security violations committed by a regulated party. If TSA determines withdrawal is appropriate, TSA will remove the validation firm PO 00000 Frm 00009 Fmt 4701 Sfmt 4700 47679 Recurrent training Annually. Annually. Annually. from the list of approved validation firms. Under paragraph (b) of § 1522.113, TSA will provide the validation firm with a written notice of proposed withdrawal of approval that will include a statement of the basis for the proposed withdrawal of approval. Paragraph (c) provides for immediate withdrawal of approval in emergency circumstances. Upon receipt of a notice of emergency withdrawal under paragraph (c), the validation firm must immediately stop performing assessments, and must discontinue any assessments in progress. Paragraphs (d) and (e) provide a reconsideration procedure that may result in confirmation of the withdrawal of approval or in a decision to allow the validation to retain (or regain) its approval. Disposition pursuant to this section constitutes a final agency action E:\FR\FM\16SER2.SGM 16SER2 47680 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations for purposes of review under 49 U.S.C. 46110. sroberts on DSKD5P82C1PROD with RULES Section 1522.115—Review of TSA Approval It is important that validation firms meet TSA’s standards both before and after they begin performing validations. TSA will actively monitor validations through a process of initial and recurrent reviews. Approved validation firms must apply for renewal of approval annually. During these reviews, TSA will examine, among other things, whether the validation firm’s personnel have received required training and whether the relevant personnel have maintained the required accreditations and/or certifications. The review will also focus on the firm’s compliance with part 1522 and with its security program. Section 1522.117—Qualifications for Validators Section 1522.117 prescribes the necessary qualifications for individuals selected by validation firms to serve as validators for particular assessments. The requirements establish minimum levels of expertise and experience that an individual must have before he or she may be employed as a validator. As explained in the discussion of § 1522.123 below, a properly qualified validator must be directly responsible for the conduct of each assessment. A validation firm may assign an individual to be a validator with direct responsibility for an assessment only if the individual meets the qualifications specified in § 1522.117(a)(1)–(5) described below. The validation firm will be responsible for determining whether an individual has the appropriate qualifications to serve as a validator, and TSA will inspect for compliance with these requirements. Pursuant to paragraph (a)(1) of § 1522.117, an individual must be a U.S. citizen or national, or be an alien lawfully admitted to the United States as a Lawful Permanent Resident (LPR) in order to function as a validator. For aliens to become LPRs (commonly referred to as ‘‘green card’’ holders), the U.S. Government must have determined that they are admissible to the United States as immigrants; that determination requires security and criminal checks. TSA will allow LPRs to function as validators based on the fact that the U.S. Government has already performed security and criminal checks on these individuals. Validators must have extensive experience in conducting assessments, inspections, or audits before undertaking duties under this part. VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 Paragraph (a)(2) identifies two bases on which individuals can establish they possess the appropriate level of experience. Under the first basis, he or she must have an accreditation or certification from an organization that TSA recognizes as qualified to certify or accredit a validator assessing facilities, such as certified cargo screening facilities, or the individual must have five years or more experience in conducting inspections under State or Federal regulatory programs in the security industry, the aviation industry, or other government programs. TSA will review the accreditation of a validator when the validation firm submits a plan to TSA demonstrating how the firm will ensure that the validators in the firm meet TSA qualifications. If a validator does not meet the accreditation standards, TSA may deny approval to the validation firm or may approve the firm but direct that the individual without the necessary accreditation not be used for the CCSP program. Examples of an organization qualified to accredit a validator would include the International Standards Organization and ASIS International. TSA will make publicly available on the TSA public Web site a list of acceptable accreditation or certification organizations. The individual must have had this experience within the past ten years. Under the second basis, he or she must show relevant experience and expertise by having been employed by a Federal or State government agency as an inspector, assessor, or auditor in assessment or inspection tasks similar to the assessments under this part. Inspectors for governmental agencies receive thorough training and are subject to rigorous qualification standards. For example, a former Department of Transportation safety inspector would presumably have this kind of experience. Under paragraph (a)(3), the individual must have three current professional references. The purpose of this requirement, which is related to the requirements of paragraph (a)(2), is to allow the validation firm and TSA to further verify the experience and expertise of the validator. The expertise and experience of the validators is a critical component of this program. Paragraph (a)(4) states the requirement that validators must understand the requirements of the program in order to perform their functions. A validation firm must be able to demonstrate that each of its validators has this understanding. Although a validator’s successful completion of the training required in § 1522.119 will demonstrate initial PO 00000 Frm 00010 Fmt 4701 Sfmt 4700 understanding, a validator must also demonstrate the necessary knowledge and its practical application when the validator conducts assessments under this program. Section 1522.119—Training As stated above, validators must understand the requirements of the program and applicable technologies and practices before they begin conducting assessments. The validation firm must ensure that all employees associated with the assessment process complete training to ensure that they are capable of effective performance of their duties, and are knowledgeable about their security responsibilities. This is consistent with training requirements in other TSA regulatory programs. TSA plans to make a training program available for the validation firms. As program requirements change and technologies and practices improve, validators will need to keep up-to-date. Therefore, § 1522.119 requires validators and other individuals who assist in conducting assessments to complete initial and annual recurrent training provided by TSA. Under § 1522.119(a), the relevant individuals must complete initial TSA training on the standards, procedures, and forms prescribed by TSA for assessments of a CCSF before undertaking an assessment under subpart B. Under § 1522.119(b), validators and other relevant individuals must complete annual training; the training will include current information and will confirm that the validators and other individuals have maintained the necessary expertise to continue to perform assessments. Paragraph (c) outlines the general requirements for the content of the training; this outline is not exhaustive. Section 1522.119(c) provides that the ‘‘training required by this section will include coverage of the applicable provisions of this chapter, including this part, part 1520, and section 1540.105.’’ (Part 1520 covers Sensitive Security Information (SSI), and § 1540.105 covers security responsibilities of employees and other persons.) TSA intends to specify more detailed training requirements in the applicable security programs. Section 1522.121—Security Threat Assessments for Personnel of TSAApproved Validators This section requires individuals supervising, performing, or assisting in the performance of validation assessments, and the validation firm’s Security Coordinator and alternates, to successfully undergo a STA conducted by TSA under 49 CFR part 1540, subpart E:\FR\FM\16SER2.SGM 16SER2 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations sroberts on DSKD5P82C1PROD with RULES C, or an STA that TSA deems comparable. See the discussion of 49 CFR part 1540, subpart C for a full description of those requirements. Section 1522.123—Conduct of Assessments Section 1522.123(a) establishes the general rule that a validator must conduct each assessment of a CCSF under this part in a form and manner to be prescribed by TSA. The provision will increase the standardization of assessments across the program, promoting security and fairness. While other individuals may assist a validator, the validator must be directly responsible for the assessment and must sign the assessment report required by part 1522. This provision emphasizes the authority and accountability of the validator within the overall regulatory scheme. Section 1522.123(b) provides that validators may not undertake an assessment in which the validator, the validation firm for which he or she works, or any other individual who would work on the assessment, has a conflict of interest as defined in § 1522.1. Section 1522.123(c) applies when a validator, while conducting an assessment, learns that there is or may be an instance of noncompliance with TSA’s requirements that presents an imminent threat to transportation security or public safety. In such a situation, the validator must report the noncompliance to TSA, through the Security Coordinator immediately. The purpose of this provision is to allow TSA the opportunity to address and correct potentially dangerous situations promptly. Section 1522.123(d) provides that neither a validation firm nor a validator may require the CCSF being assessed to take remedial action. While a validator may suggest ‘‘on the spot’’ remedial actions in the course of conducting an assessment, the validator does not have the authority to require such remedial action. The validator will, of course, include in the report to TSA any matters that he or she believes are not in compliance with TSA requirements. The rule also clarifies that the validation firm and validator may not take disciplinary or enforcement action against a facility it has assessed. Only TSA may take disciplinary action against the CCSF. If the validator reports non-compliance, TSA will evaluate all the facts and circumstances, likely will conduct an inspection, and determine whether to take action. Section 1522.123(e) provides that a validator must not conduct more than VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 two consecutive assessments of a given facility seeking approval, or renewal of approval, to operate a CCSF. Under § 1549.7(b) each CCSF must apply for renewal every three years. Thus, if a validator has conducted the initial assessment and the first renewal assessment, or two consecutive renewal assessments, for a given CCSF, that validator may not conduct the next assessment on that CCSF. The purposes of this requirement are to maximize the objectivity of the validator and to assure a fresh assessment for each CCSF every few years. Section 1522.125—Protection of Information Section 1522.125(a) specifies that validation firms must comply with TSA’s regulations (49 CFR part 1520) for identifying, handling, and protecting SSI. Under paragraph (b) of § 1522.125, validation firms may not disclose any proprietary information that is disclosed to the validator during the assessment. This provision is intended to protect the facilities being assessed and to encourage their full cooperation with the validators. Section 1522.127—Assessment Report Section 1522.127 requires a validator to prepare an assessment report that must include information about the assessment process and the validator’s assessment of the CCSF’s compliance with applicable TSA requirements. The validator must submit the assessment report within 30 days after completing the assessment. The validator must attest that he or she performed the assessment professionally and impartially. TSA will use the assessment report to determine whether additional TSA action, such as further inspection by TSA personnel, is required. The assessment report must contain the information specified in § 1522.127(b). Section 1522.129—Recordkeeping Requirements Section 1522.129(a) requires validation firms to maintain records demonstrating compliance. Paragraph (b) requires the firms to retain records pertaining to individuals, including training, STAs, and qualification of validators (including conflicts of interest), until the 180th day after the individual leaves the employment of the validation firm. The retention period parallels the record retention requirements related to STAs under part 1540. Paragraph (c) covers records about the validation firms’ approvals from TSA, which each validation firm must retain PO 00000 Frm 00011 Fmt 4701 Sfmt 4700 47681 until completion of the validation firm’s next review under § 1522.115. This retention period should help ensure that TSA has the necessary documentation with which to complete the review. Paragraph (d) covers assessment reports and back-up documentation, which includes working papers and interview notes, pertaining to particular assessments conducted by the validation firm. Validation firms must retain records covered under this paragraph for 42 months after completion of the assessment. This retention period should assure that the materials will be available at least until the CCSF’s next recertification. With respect to each of the record retention periods specified in § 1522.129, the validation firm may destroy a record upon the expiration of the period, unless TSA instructs the firm to retain the record longer. Part 1540—Civil Aviation Security: General Rules Section 1540.5—Terms Used in This Subchapter This rule amends § 1540.5 to add definitions of the terms ‘‘certified cargo screening program’’ and ‘‘certified cargo screening facility.’’ ‘‘Certified cargo screening program’’ means the program, established under 49 CFR part 1549, under which TSA authorizes facilities to screen cargo to be offered for transport on certain passenger aircraft. A ‘‘certified cargo screening facility’’ is a facility that TSA certifies to screen this cargo and perform the other functions required by part 1549. As used in this chapter, ‘‘certified cargo screening facility’’ refers to the legal entity that operates a CCSF at a particular location. Part 1540—Civil Aviation Security: General Rules Subpart C—Security Threat Assessments This subpart covers the STAs that are required throughout the aviation security rules, including those for certain aircraft operator, foreign air carrier, and IAC personnel. This rule expands the subpart to include CCSF and TSA-approved validation firm personnel. The STA process works as follows. First, the CCSF employee submits the biographic data for their STA application through secure, Web-based tool. Required biographic data includes: • Legal name; • Current mailing address; • Gender; • Date and place of birth; • Social security number; • Citizenship status; E:\FR\FM\16SER2.SGM 16SER2 47682 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations sroberts on DSKD5P82C1PROD with RULES • Alien registration number if employee is not a U.S. citizen; • Daytime phone number; and • Name, address, and telephone number of individual’s employer. Next, TSA sends the STA application data to an automated vetting engine where a name-based terrorism check is performed. The name-based terrorism check consists of matching against the Terrorist Screening Database (TSDB), which includes the No-fly list and Selectee list. If TSA determines that the individual poses a security threat, TSA issues an Initial Determination of Threat Assessment (IDTA) to the individual. The determination includes a statement that explains why TSA believes the individual is not eligible or may pose a security threat and the process by which the individual may appeal the determination. All STA results, favorable or unfavorable, are communicated to the CCSF though the TSNM STA Tool. Section 1540.201—Applicability and Terms Used in This Subpart This rule amends § 1540.201 to provide that the STA requirements in subpart C on part 1540 ‘‘Security Threat Assessments’’ now apply to validation firms and facilities participating in the CCSP. Paragraphs (a)(6) through (a)(12) list persons who must comply with this subpart, which includes entities that are subject to the subpart and the specific individuals in the CCSP who must undergo STAs in accordance with subpart C: • Each CCSF; • Individuals at CCSFs performing or supervising screening; • Individuals at CCSFs with unescorted access to screened cargo; • The senior manager or representative in control of the operations of a CCSF; • Employees of validation firms supervising, performing, or assisting in validations under 49 CFR part 1522; and • Security coordinators and alternates of certified cargo screening facilities and validation firms. These individuals must successfully complete STAs, because they will have unescorted access to cargo and, thus, the opportunity to compromise the security and safety of the process. In this rule, TSA requires these individuals to complete the name-based check of relevant domestic and international watch lists, which also includes a limited immigration check. In the future, TSA may propose rules to require these individuals to also complete a fingerprint-based criminal history records check (CHRC) and a VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 more thorough immigration status check. However, TSA has not yet developed the enrollment system necessary to gather fingerprints from these applicants. These individuals play important roles in securing cargo transported on certain passenger aircraft and would have the opportunity to contaminate cargo if they so desired. Therefore, it is critical that TSA vet them to determine whether they may pose a threat to national or transportation security before allowing them access to the cargo screening system. TSA is also expanding the definition of ‘‘operator’’ in paragraph (b) to include CCSFs and validators. Section 1540.203—Security Threat Assessment We revise § 1540.203(a) to include the new individuals who must successfully complete an STA, listed above in §§ 1540.201(a)(6)–(12). We revise the identity and work authorization requirements in paragraph (b) of this section. Former paragraph (b) required operators to authenticate an applicant’s identity by reviewing two forms of identification, one of which must be a government-issued picture identification. Amended paragraph (b) requires operators to verify the identity and work authorization of each applicant by examining standard identity and work authorization documents and examine the documents to determine whether they appear to be genuine and relate to the applicant presenting them. TSA recommends that operators use the identity and work authorization documents approved for such use by the U.S. Citizenship and Immigration Services (USCIS) in the ‘‘Form I–9, Employment Eligibility Verification, List of Acceptable Documents’’ to meet the identity and work authorization verification. See http://www.uscis.gov/files/form/I-9.pdf for the most current list of documents approved by USCIS for identity and work authorization verification. Also, we now require operators to retain a copy of the document(s) used to verify identity and work authorization for at least 180 calendar days after the applicant is no longer employed by the operator. 49 CFR 1540.201(d). This will enable the TSA to conduct periodic document inspections to verify that operators are satisfying the requirements. Identity verification and confirmation that an individual is authorized to work in the United States are critical steps in the STA process. If an individual presents fraudulent documents with an incorrect name, date of birth, country of PO 00000 Frm 00012 Fmt 4701 Sfmt 4700 citizenship, or other data, TSA’s STA will be flawed at inception. Companies with more sophisticated personnel systems may opt to scan the identity and work authorization documents electronically and use fraud detection software to ‘‘score’’ the documents for authenticity. These software programs are becoming economically and operationally desirable as a standard process in many industries, and TSA uses these systems in other vetting programs where TSA is responsible for enrolling applicants. Paragraph (c) of this section describes the information operators must collect from applicants and transmit to TSA for the STA. The rule amends this list in some respects to ensure that we have the best information on which to base an accurate STA and that TSA can easily contact the applicant if we need to resolve incomplete or conflicting information. The rule now requires submission of the applicant’s daytime phone number and the name, address, and telephone number of the applicant’s employer. TSA has found that this information is very helpful in the adjudication process when we need additional information to determine the outcome of the STA. TSA’s adjudicators often contact applicants by telephone with questions, and this step typically saves time and expense for the applicant and TSA by resolving issues immediately. The Privacy Act Notice that operators must provide to applicants when they begin the STA process is set out in the next paragraph. In the Privacy Act Notice, TSA explains why TSA collects personal information from the applicant and how TSA may use the information. We amend the Notice to include an acknowledgement that TSA may notify the applicant’s employer if TSA or other law enforcement agency becomes aware that the applicant poses an imminent security threat. TSA does not anticipate that it will be necessary to notify an employer often, but we believe all applicants should be aware that this notification may take place. In addition, we amend the Notice to state that TSA may transmit the applicant’s fingerprint information to the DHS’ Automated Biometrics Identification System (IDENT) and Social Security Number to the Social Security Administration (SSA). Using IDENT and SSA data are additional tools TSA has available to aid the STA process, and applicants should be aware that we may use those tools in the future. The Privacy Act notice is provided below but may be updated in the future: E:\FR\FM\16SER2.SGM 16SER2 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations sroberts on DSKD5P82C1PROD with RULES Privacy Act Notice: Authority: The authority for collecting this information is 49 U.S.C. 114, 40113. Purpose: This information is needed to verify your identity and to conduct a security threat assessment to evaluate your suitability for completing the functions required by this position. Failure to furnish this information, including your Social Security Number (SSN), will result in delays in processing your application and may prevent completion of your security threat assessment. DHS will use the biographic information to conduct a security threat assessment and where applicable, will forward any fingerprint information to the Federal Bureau of Investigation to conduct a criminal history records check. DHS may also transmit the fingerprint information into the US–VISIT’s Automated Biometrics Identification System (IDENT). If you provide your SSN, DHS may provide your name and SSN to the Social Security Administration (SSA) in order to compare that information against SSA’s records to ensure the validity of your name and SSN. Routine Uses: This information may be shared with third parties during the course of a security threat assessment, employment investigation, or adjudication of a waiver or appeal, to the extent necessary to obtain information pertinent to the assessment, investigation, or adjudication of your applicant or in accordance with the routine uses identified in the Transportation Security Threat Assessment System, DHS/TSA 002. This rule amends paragraphs (f)–(j) of § 1540.203, which address the comparability of other STAs conducted by TSA or other government agencies. TSA may determine that a threat assessment or background check that TSA conducts for another program, or that another governmental agency conducts, is comparable to the STA outlined in subpart C of part 1540. If an applicant has completed a comparable STA, it will not be necessary for the individual to complete the threat assessment pursuant to part 1540. This process reduces redundant background checks and the costs associated with them. We developed a similar process through notice and comment rulemaking for surface and maritime workers in 49 CFR 1572.5(e), and paragraphs (f)–(j) harmonize with § 1572. Paragraph (i) requires a worker asserting completion of a comparable threat assessment to present the credential that the other agency issued as a result of the assessment, and the operator must retain a copy of it. Also, applicants must notify operators if the agency that issued the credential that corresponds to the comparable assessment revokes the credential for any reason. This is necessary to ensure that a worker who is disqualified from holding access privileges to secure areas in other programs does not continue to have unescorted access to cargo until VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 TSA and the operator can determine if such access is appropriate. In considering whether another background check is comparable to the STA required in part 1540, TSA examines the standards used for the other threat assessments, such as the kind of databases that the other agency checks and the lookback period for the check. Also, TSA reviews the frequency of the check and the date of the most recent check. If TSA determines that another check is comparable, TSA will notify the public by publishing a notice in the Federal Register, amending rule text through rulemaking in the Federal Register, or posting the information on pertinent Web sites to ensure that the affected population is aware of the determination. It is important to note that TSA will consider only threat assessments performed by other government agencies as comparable. 49 CFR 1540.203(f) introductory text. We restrict the checks we will consider as comparable, because critical data sources for security purposes, such as the government’s consolidated terrorist watch lists, are not accessible by private entities. This factor is so fundamental to the threat assessments TSA conducts that we are unwilling to accept any other check as comparable. It is also important to note that TSA has the capability to conduct checks perpetually against critical security-related data sources, allowing TSA to compare applicant names automatically with new names that appear on watch lists. This provides a significant improvement over other background checks, and TSA considers it important in making comparability determinations. Section 1540.203(h) lists the STAs that TSA has determined are comparable to the STA process in part 1540, subpart C. These include a CHRC conducted in accordance with 49 CFR 1542.209, 1544.229, or 1544.230 that also include a TSA name-based check; the STA that TSA conducts under 49 CFR part 1572 for commercial drivers authorized to transport hazardous materials and maritime workers applying for a Transportation Worker Identification Credential (TWIC); and the STA that CBP conducts for the Free and Secure Trade program. New § 1540.203(j) provides that the STA expires in five years or when the applicant is no longer in the United States lawfully. If the applicant has completed a comparable threat assessment, the STA will expire five years from the date on which the credential associated with the comparable assessment expires. When the five-year expiration of the STA PO 00000 Frm 00013 Fmt 4701 Sfmt 4700 47683 required in this subpart or a comparable threat assessment approaches, the applicant must submit new identifying information to TSA, and TSA will conduct a new threat assessment. Section 1540.205—Procedures for Security Threat Assessment This rule amends § 1540.205 by adding new paragraph (c), which states that if TSA becomes aware that an applicant is the subject of an outstanding want or warrant or is a deportable alien, TSA will notify the appropriate law enforcement or immigration agency. We added a provision in new paragraph (d)(3) relating to cases in which we believe an applicant may pose an imminent threat. TSA may serve an Initial Determination of Threat Assessment and Immediate Revocation on an applicant if TSA believes the applicant poses an immediate security threat. This situation would most likely involve a worker who completed an STA in the past and has unescorted access to cargo or sensitive areas, if TSA believes it is important to immediately revoke the worker’s access even before the worker has an opportunity to file an appeal on the Initial Determination with TSA. TSA developed this process for use in the threat assessments process for surface and maritime workers, and we believe it is an important tool that should be available in the aviation industry as well. Section 1540.209—Fees for Security Threat Assessments Pursuant to sec. 520 of the 2004 DHS Appropriations Act (Pub. L. 108–90, 117 Stat. 1137, Oct. 1, 2003), TSA will charge a fee to individuals who must obtain an STA under this regulation. The fees will reimburse TSA for the costs of administering the program. Pursuant to the general user fee statute (31 U.S.C. 9701) and OMB circular A–25, TSA establishes user fees after providing the public notice and an opportunity to comment on the amount of the fee and the methodology TSA used to develop the fee amount. Therefore, in this preamble, TSA proposes a fee range and invites comment on the amount of the fee and the assumptions we use to estimate the fee. After reviewing all comments received, TSA will issue a Notice in the Federal Register that summarizes and addresses the comments we receive, and establishes the final fee amount, after which the fee will be charged to applicants. Note that the rule text that appears in this IFR relating to fees (49 CFR 1540.209), will not have to be amended at that time because it does E:\FR\FM\16SER2.SGM 16SER2 47684 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations not list the specific fee amounts. TSA expects that the total fee will be approximately $13 to $21, although that figure may increase or decrease as the costs involved in the calculation may change between now and when TSA issues the Notice announcing the final fee. TSA will charge a fee once the Notice is published, at which time TSA will announce the exact fee. TSA calculated the estimated fee from an estimate of the number of applicants (population), the cost of processing the applications, the cost of performing the STAs, and the cost of maintaining the information systems to support the process. Table 1 presents the methodology supporting the population estimates. Table 2, in the Costs section, presents the calculations supporting the estimated fee. Population TSA estimates that approximately 1,202,566 applicants would be required to complete a STA during the first five years of the program. This estimate is derived from the following population figures that have been gathered for specific segments of the regulated population. TABLE 1—CCSP POPULATION ESTIMATES Operational year 1st year 2nd year 3rd year 4th year 5th year Total Screening-Base Enrollments ........................................... Screening-Turnover Enrollments ..................................... Approved Validators ......................................................... 18,200 6,461 1,510 195,000 75,686 .................... 328,644 192,355 .................... .................... 192,355 .................... .................... 192,355 .................... 541,844 659,212 1,510 Grand Total ............................................................... 26,171 270,686 520,999 192,355 192,355 1,202,566 Costs required to pay a fee to cover the following costs: TSA proposes that individuals required to undergo a STA would be TABLE 2—CCSP COST ESTIMATES Operational year 1st year 2nd year 3rd year 4th year 5th year Total Estimated Annual Applicants ................... Cost Components: Name Check ..................................... Platforms/Systems ............................ Personnel .......................................... 26,171 270,686 520,999 192,355 192,355 1,202,566 $102,067 5,584,410 1,139,223 $1,072,055 2,512,723 1,370,137 $2,223,775 2,229,868 1,683,908 $1,237,843 2,293,938 1,682,020 $1,237,843 2,358,006 1,754,441 $5,873,583 14,978,945 7,629,729 Grand Totals .............................. 6,825,700 4,954,915 6,137,551 5,213,801 5,350,290 28,482,257 sroberts on DSKD5P82C1PROD with RULES For the STA, TSA will check each applicant’s information against multiple databases and other information sources. The threat assessment process includes an appeals process for individuals who believe the records upon which TSA bases its determination are incorrect. TSA would need to implement and maintain the appropriate systems, resources, and personnel to process applicant information and to allow TSA to receive, and act on, the results of the STA. TSA estimates that the total cost of STA services will be $28,482,257 over five years. The estimate for STA services includes $5,873,583 for TSA namebased checks, $14,978,945 for platforms/systems costs, and $7,629,729 for personnel necessary to facilitate the STA processing. Total Fee The fee TSA establishes for the STA should cover all costs related to the STA process. TSA estimates that the resulting applicant charge would be $13 to $21 per applicant, based on the total estimated cost of services provided VerDate Nov<24>2008 19:41 Sep 15, 2009 Jkt 217001 ($28,482,257). A portion of this total cost will be funded through a $5,875,000 Congressional appropriation. Therefore, the fee will cover only the remaining $22,607,257 in program costs. The remaining cost of $22,607,257 will be divided by the estimated population (1,202,566) receiving the service. The resulting $13 to $21 estimated fee will be sufficient to fully recover the remaining STA costs. TSA will continue to work to minimize all costs. Additionally, pursuant to the Chief Financial Officers Act of 1990 (Pub. L. 101–576, 104 Stat. 2838, Nov. 15, 1990), DHS/TSA is required to review fees no less than every two years (31 U.S.C. 3512). Upon review, if TSA finds that the fees are either too high (that is, total fees exceed the total cost to provide the services) or too low (that is, total fees do not cover the total costs to provide the services), TSA will adjust the fee. Finally, TSA will be able to adjust the fees for inflation following publication of the final rule. If TSA were to adjust the fees for this reason, TSA would publish a PO 00000 Frm 00014 Fmt 4701 Sfmt 4700 notice in the Federal Register notifying the public of the change. TSA invites comment on the proposed fee of $13 to $21 and the methodology and population estimates we used to arrive at this amount. Revised § 1540.209 provides that TSA will calculate fees for STAs based on widely accepted accounting principles and practices and in accordance with the provisions of 31 U.S.C. 9701 and other Federal law that may affect the collection, computation, or issuance of fees. Part 1544—Aircraft Operator Security: Air Carriers and Commercial Operators and Part 1546—Foreign Air Carrier Security Scope Part 1544 and part 1546 apply to a variety of operators, including different sizes of passenger aircraft and all-cargo aircraft, by U.S. operators and foreign air carriers, respectively. This rule does not apply to all such operators. The requirement to comply with the enhanced cargo screening requirements in the 9/11 Act and this rule apply only E:\FR\FM\16SER2.SGM 16SER2 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations to U.S. aircraft operators under § 1544.101(a) and to foreign air carriers under §§ 1546.101(a) and (b). See 49 CFR 1544.205(g) and 1546.205(g). The operators that must comply are air carriers or commercial operators under FAA rule 14 CFR part 119 (which are U.S. operators), and foreign air carriers, in scheduled or public charter passenger operations with an aircraft having a passenger seating configuration of 61 or more seats, or that will provide deplaned passengers access to a sterile area of an airport or will enplane passengers from a sterile area. See 49 CFR 1540.5, 1544.101(a), and 1546.101(a) and (b). This rule does not apply to general aviation operators. The 9/11 Act covers cargo originating in the United States as well as cargo destined to the United States from foreign countries. TSA is taking a twopronged approach to addressing the 100 percent screening mandate for cargo loaded in the United States and cargo loaded outside the United States that is inbound to the U.S. This rule and the CCSP, which require TSA regulatory oversight and enforcement authority for the entire air cargo supply chain, apply only to cargo loaded in the United States. TSA does not have this same regulatory reach to the entire supply chain in the international realm 5 and therefore is taking a different approach to implementing the 9/11 screening mandate for inbound cargo. This approach focuses on harmonization efforts including bi-lateral and multilateral agreements, working on updating International Civil Aviation Organization (ICAO) standards, and applying risk assessment for inbound cargo. Note that U.S. aircraft operators and foreign air carriers that load cargo in other countries inbound to the United States must carry out security measures for that cargo that are set out in their TSA-approved or accepted security programs. Sections 1544.205 and 1546.205— Acceptance and Screening of Cargo sroberts on DSKD5P82C1PROD with RULES Section 1544.205 sets forth the requirements for the acceptance and screening of cargo by aircraft operators. Current § 1544.205(e) provides that a full program operator may only accept cargo from a shipper, aircraft operator, foreign air carrier, or indirect air carrier. 5 For example, while TSA regulates both air carriers and indirect air carriers (IACs) domestically, and has regulatory authority over U.S.-bound foreign air carriers, TSA does not have direct authority over foreign IAC equivalents. Through the CCSP, TSA is expanding the domestic screening requirements beyond the aircraft operators and foreign air carriers, to include manufacturers, shippers, IACs, and other entities. VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 This rule revises § 1544.205(e) to allow full-program operators to accept screened cargo from a CCSF. New paragraph (g) includes the major revisions to comply with the 9/11 Act mandates for air cargo screening. TSA adds new paragraph (g)(1) to this section, which provides that, with respect to cargo loaded within the United States, full-program operators must have ensured that at least 50 percent of its cargo was screened prior to transport by February 3, 2009, and that 100 percent will be screened by August 3, 2010. TSA adds new paragraph (g)(2), which explains the methods of screening identified in the 9/11 Act, including physical examination or nonintrusive methods of assessing cargo such as x-ray systems, explosive detection systems, explosives trace detection, and explosives detection canine teams certified by TSA. TSA adds new paragraph (g)(3), which imposes requirements for screening methods and identifies who may conduct screening. The following persons may conduct screening: The aircraft operator on an airport; another aircraft operator or foreign air carrier under the Aircraft Operator Standard Security Program or Foreign Air Carrier Model Security Program; or a CCSF. TSA is harmonizing, to the extent practicable, all requirements for air cargo screening and chain of custody. Aircraft operators now conduct most of their cargo screening on-airport in accordance with their security programs and that will continue. Under section 1544.205(b), aircraft operators must ensure that cargo is screened for any unauthorized explosives as specified in their security programs. If they screen off-airport, however, to promote consistent chain of custody requirements that ensure that the cargo remains safe and secure from the time of screening until the cargo is transported on a passenger aircraft, new § 1544.205(g)(3) provides that an aircraft operator who screens cargo off-airport must be certified as a CCSF. This ensures that all screening conducted offairport be subject to the same requirements of part 1549, including the same chain-of-custody requirements. The phrase ‘‘on airport’’ in paragraph (g)(3) has the same meaning as in 49 CFR 1542.205(a)(3). Under that paragraph all areas on-airport that are used for certain cargo functions, including screening, must be a security identification display area (SIDA). A SIDA is that portion of an airport within the United States, specified in the security program, in which individuals must display an airport-issued or PO 00000 Frm 00015 Fmt 4701 Sfmt 4700 47685 approved ID and carry out other security measures. 49 CFR 1540.5 and 1542.205. Personnel screening cargo in such areas are subject to all SIDA requirements including ID media, STAs and CHRCs. TSA has provided guidance regarding what ‘‘on-airport’’ means under § 1542.205(a)(3), and the same guidance applies to § 1544.205(g)(3) in this rule. ‘‘On-airport’’ cargo screening facilities include cargo screening facilities that— • Are located on the AOA or border the AOA perimeter, as the Airport Security Program (ASP) defines the perimeter’s boundary; and • Share a wall with the AOA perimeter boundary, such that an individual could enter from the public side and exit the facility into the AOA or secured area. Facilities located entirely outside these areas, including where there is public area between the facility and one of these areas, are ‘‘off-airport.’’ The Federal Security Director (FSD) for each airport determines whether a facility is on-airport or off-airport for these purposes. Under new paragraph (g)(4), if the operator accepts screened cargo from a CCSF, the operator must verify that there has been no break in the chain of custody for the screened cargo between the time of screening and the time the CCSF tenders it to the aircraft operator. If a break has occurred, the aircraft operator must re-screen the cargo prior to transporting it on a passenger aircraft. In this rule, TSA has amended the text currently located at § 1546.205, which applies to foreign air carriers, to make the text essentially the same as the corresponding provisions in § 1544.205 regarding domestic aircraft operators. Sections 1544.228, 1546.213, and 1548.15—Access to Cargo and Cargo Screening: Security Threat Assessments for Cargo Personnel in the United States We amend § 1544.228 to clarify which persons must undergo an STA. Individuals must undergo an STA as specified in the appropriate security programs if they meet any of the following conditions: • Are authorized by the aircraft operator to have unescorted access to cargo and have knowledge that such cargo will be transported on a passenger aircraft; • Have unescorted access to cargo that has been screened for transport on a passenger aircraft; • Perform certain functions related to the transportation, dispatch, or security of cargo for transport on a passenger aircraft or all-cargo aircraft; or • Screen cargo or supervise the screening of cargo. E:\FR\FM\16SER2.SGM 16SER2 47686 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations Section 1546.213 makes similar clarifications that apply to foreign air carriers. Section 1548.15 makes similar clarifications that apply to IACs. See the discussion of 49 CFR part 1540, subpart C, for a full description of the threat assessment process. Part 1544 Subpart E and Part 1546 Subpart E—Screener Qualifications We are removing outdated material in subpart E of parts 1544 and 1546, which apply when the aircraft operator or foreign air carrier conduct screening. TSA added these subparts when the civil aviation security rules were transferred from the FAA to TSA (Civil Aviation Security Rules, 67 FR 8340, Feb. 22, 2002). At that time, TSA included in the rule the screener qualifications and training requirements for aircraft operators and foreign air carriers that were applicable at the time. TSA also included additional requirements for screeners that would apply after November 19, 2002. The rule referred to these as ‘‘current screeners’’ and ‘‘new screeners.’’ The new screener requirements became effective several years ago, so we have deleted these outdated sections. Note that while TSA conducts all screening of passengers and their property in the United States for aircraft operators under a full program under § 1544.101(a), and for foreign air carriers under program under § 1546.101(a) and (b), the aircraft operators and foreign air carriers continue to conduct some passenger and checked baggage screening, such as for certain private charter operations and for certain operations departing locations outside of the United States. They also conduct cargo screening. Thus we continue to have a need for the requirements in subpart E of parts 1544 and 1546. Part 1549—Certified Cargo Screening Program sroberts on DSKD5P82C1PROD with RULES Section 1549.1—Applicability This new part applies to each facility that applies for TSA certification as a CCSF or operates as a CCSF. The regulatory text does not limit who may apply to be certified as a CCSF. Examples of facilities that may apply include: Manufacturers; third party logistics companies; IACs; warehouses, distribution centers and other entities, if they own a facility that directly tenders cargo to an IAC, an aircraft operator, foreign air carrier, or another CCSF for transport on a passenger aircraft. For example, a manufacturer could physically inspect the box prior to closing it and initiating chain of custody, then tender the cargo to a third VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 party logistics company who is a CCSF, who then tenders it to the aircraft operator for transport on a passenger aircraft. If the CCSF could transfer the cargo to a non-regulated entity, it would be difficult to ensure that the chain of custody measures remained intact when the non-regulated entity tendered the cargo to the aircraft operator. Certifications will apply to a single facility, not to a single company owning several locations where screening would occur, because security measures and the level of security will vary from one facility to another. TSA must evaluate and make a determination on the security measures of the specific facility applying for certification. Section 1549.3—TSA Inspection Authority This section codifies TSA’s inspection authority. Section 1549.3(a) provides that a CCSF must allow TSA, at any time or place, to enter the facility and make any inspections or tests to determine compliance of the CCSF. These areas may include areas off of the airport or areas operated by the CCSF’s agent in furtherance of the CCSF’s security responsibilities. Section 1549.3(b) explains that a CCSF must provide evidence of compliance with this part, if TSA requests such evidence. Section 1549.3(a) states that the CCSF must allow TSA and other authorized DHS officials, at any time and in a reasonable manner, without advance notice, to enter, inspect, and test as necessary to carry out TSA’s securityrelated duties. We note that the CCSF potentially may operate at all hours of the day. Even when the CCSF is not in operation it must maintain access control measures to, for instance, secure any screened cargo at the facility from entry by an unauthorized person. This section makes clear TSA’s authority, and is based on similar sections that apply to airport operators, aircraft operators, and IACs. See 49 CFR 1542.5, 1544.3, 1546.3, and 1548.3. TSA may enter and be present, at any time, areas where a CCSF carries out security measures. TSA inspectors may enter without access media or identification media issued or approved by such a facility, but they will have TSA-issued identification credentials. TSA may copy records, to determine compliance of the facility with applicable regulations, statutory requirements, security programs, directives, or other requirements. Certified cargo screening facilities must allow TSA inspectors to perform these functions, regardless of whether the inspectors provide advance notice of an inspection. PO 00000 Frm 00016 Fmt 4701 Sfmt 4700 TSA has statutory authorities and responsibilities that support this extensive authority to conduct compliance inspections. For example, TSA must be able to inspect at any time in order to carry out its security-related statutory and regulatory authorities, including the following authorities in 49 U.S.C. 114(f): (2) Assess threats to transportation. (7) Enforce security-related regulations and requirements. (9) Inspect, maintain, and test security facilities, equipment, and systems. (10) Ensure the adequacy of security measures for the transportation of cargo. (11) Oversee the implementation, and ensure the adequacy, of security measures at airports and other transportation facilities. (15) Carry out such other duties, and exercise such other powers, relating to transportation security as the Assistant Secretary considers appropriate, to the extent authorized by law. Because the transportation system may be compromised by the introduction of an Improvised Explosive Device (IED) or other destructive instrument, the authority for transportation security necessarily includes authority to inspect, as necessary, the facilities that screen cargo prior to aircraft operators’ acceptance of that cargo on passenger aircraft. The law does not limit TSA to protecting the security of cargo only while it is on a particular vehicle of transportation, but extends to the entire transportation system. The statute references TSA’s responsibility to protect security facilities and transportation facilities.6 Thus, TSA has explicit authority to inspect all parts of certified cargo screening facilities that relate to screening, including loading and unloading areas, areas where screening and storage occur, and areas where CCSFs prepare or maintain records pertaining to compliance with TSA’s requirements. Although TSA has the broad legal authority described above, TSA will conduct inspections in a reasonable manner consistent with TSA guidance for its inspectors. Section 1549.5—Adoption and Implementation of the Security Program Section 1549.5 is very similar to § 1548.5 on the Adoption and Implementation of the Security Program for IACs. Section 1549.5(a) specifies that no person may screen cargo to be tendered to an aircraft operator with a full program under part 1544, a foreign air carrier operating under §§ 1546.101(a) or (b) or an indirect air 6 49 E:\FR\FM\16SER2.SGM U.S.C. 114(f)(9) and 114(f)(11). 16SER2 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations sroberts on DSKD5P82C1PROD with RULES carrier operating under § 1548.5 for carriage on a passenger aircraft, unless that person holds and carries out an approved security program. Section 1549.5(b) describes the required content of each security program and provides that the security program must be designed to protect against the entry into the aircraft of any unauthorized explosive, incendiary, and other destructive substance or item. Section 1549.5(c) makes clear that the CCSF is responsible to ensure that their agents and employees carry out the CCSF’s security program. Section 1549.5(d) provides that alternate procedures and amendments to the security program are all part of the CCSF’s security program that the CCSF must comply with. Paragraph (e) is parallel with 49 CFR 1548.5(d), providing basic requirements on the availability of the security program to the firm’s personnel and to TSA, and requirements to protect the security program as SSI. Section 1549.7—Approval, Amendment, Renewal of the Security Program and Certification of a Certified Cargo Screening Facility To participate as a CCSF, the applicant must apply for a security program and for certification as a CCSF at a particular location in a form and manner prescribed by TSA not less than 90 calendar days before the applicant intends to begin operations. TSA will only approve a facility to operate as a CCSF if the facility is located in the United States. For example, TSA will not allow a CCSF to be located in Canada and truck cargo to the U.S. for loading onto passenger aircraft. TSA must be able to inspect readily the facility for compliance with TSA requirements. The applicant must provide information about the business; information about the key individuals at the business (including their names and copies of their identification); and information required for TSA to conduct STAs of the applicant’s employees and senior managers. 49 CFR 1549.7(a)(1). After the Security Coordinator for an applicant successfully completes an STA, TSA will provide the applicant with the certified cargo screening standard security program. This program is SSI and cannot be shared with unauthorized persons. The applicant may accept the standard program or submit a proposed modification. 49 CFR 1549.7(a)(2)(i). Once the applicant has the security program it can determine how it will meet the requirements of the security program. The applicant must then be VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 assessed by either a TSA-approved validator under 49 CFR part 1522 or by TSA. 49 CFR 1549.7(a)(2)(ii). Under §§ 1549.7(a)(3), (4), and (5), a CCSF at a particular location may begin screening operations after (1) TSA has reviewed the assessment prepared by the validator and approved and certified the facility, and (2) after the CCSF has successfully completed the training and STAs required under part 1549. Section 1549.7(b) provides that certified cargo screening facilities must apply for a renewal of certification every 36 months, providing the information that TSA requires. Generally, the security program will be a standard program provided by TSA. Sections 1549.7(c), (d), and (e) include provisions allowing applicants to request amendments to the security program and allowing TSA to amend security programs if warranted by considerations of safety and the public interest. Except in cases of emergency, TSA-initiated amendments will comply with notice and comment procedures before they become effective. Section 1549.101—Acceptance, Screening, and Transfer of Cargo This section requires each CCSF to implement procedures in the security program to deter the carriage of explosives or incendiaries onboard aircraft. 49 CFR 1549.101(a). It also requires each CCSF to ensure that cargo is screened and inspected for any unauthorized explosive, incendiary, or other destructive substance or item. 49 CFR 1549.101(b). If the shipper does not consent to search or inspection of the cargo in accordance with this part, the CCSF must not offer such cargo for transport to: (1) Another CCSF, (2) an aircraft operator with a full program under 49 CFR 1544.101(a), or (3) a foreign air carrier operating under 1546.101(a) or (b). 49 CFR 1549.101(c). Finally, § 1549.101(d) requires the CCSF to protect the cargo from unauthorized access from the time the facility screens the cargo until the time the facility tenders it to another CCSF, an IAC, an aircraft operator under part 1544, or a foreign air carrier under part 1546. These chain-of-custody requirements are central to the concept of the CCSP. The regulation does not require specific chain-of-custody controls. Based on knowledge of other programs and on the TSA cargo pilot programs, TSA expects that certified cargo screening facilities will use the following methods: tamper-evident technologies, conveyance level seals, and documented processes. The certified cargo screening standard PO 00000 Frm 00017 Fmt 4701 Sfmt 4700 47687 security program will include specific requirements. Section 1549.103—Qualifications and Training of Individuals with SecurityRelated Duties In accordance with this provision, each CCSF must ensure that employees and agents who are involved in the cargo screening process or who have unescorted access to cargo that has been screened for transport on a passenger aircraft successfully undergo STAs. 49 CFR 1549.103(a). Each CCSF must also ensure that such individuals have completed the training required by TSA and have knowledge of their responsibilities under the CCSP, the STA provisions of TSA’s regulations, and TSA’s SSI regulations. 49 CFR 1549.103(b)–(c). Section 1549.103(d) specifies certain qualifications for individuals performing screening. These qualifications are designed to ensure that these individuals understand the applicable security program, can communicate verbally, and are capable of operating screening equipment. The requirements in § 1549.103(d) closely parallel the existing requirements for screeners of passengers and checked baggage found in 49 CFR 1544.405, to the extent they apply to the screening of cargo. They include the requirement that the screener be a citizen or national of the United States or be an alien lawfully admitted for permanent residence. The discussion of § 1522.117 in this section-by-section analysis explains the importance of such requirements. A screener must also have a high school diploma or equivalent and must have color perception and physical coordination sufficient to operate effectively cargo screening technologies that a CCSF would use. Additionally, § 1540.103(d)(4) requires that the screener have the ability to read, write, and understand English well enough to carry out written and oral instructions regarding the proper performance of screening duties, or be under the direct supervision of someone who has this ability. This requirement is related to the type of work the screener does. If the screener’s duties do not include reading labels, then TSA believes that such an employee need not be able to read and write English sufficiently to write log entries; a supervisor who can read and write English well enough for that purpose would satisfy that requirement. However, if the employee needs to read shipping documentation or seals on the cargo, English proficiency is required. E:\FR\FM\16SER2.SGM 16SER2 47688 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations Section 1549.105—Recordkeeping This provision requires each CCSF to maintain records demonstrating compliance with all applicable statutes regulations, directives, orders, and security programs. It also requires the CCSF to maintain copies of training records, documents pertaining to the application and renewal of the facility (including copies of the validator’s report), documents establishing TSA’s certification and renewal of certification, and records demonstrating satisfaction of the STA requirements. 49 CFR 1549.105(a). With the exception of the training records, the CCSF must retain these records until the next recertification. 49 CFR 1549.105(b). The facility must retain records indicating satisfaction of the rule’s employee training requirements for an individual for 180 days after the individual is no longer employed or acting as an agent of the CCSF. 49 CFR 1549.105(a)(1). Section 1549.107—Corporate and Facility Security Coordinators This section requires each facility to designate a Security Coordinator and alternate appointed at the corporate level, and a Security Coordinator and alternate appointed at each facility that will conduct screening. A corporate level Security Coordinator is needed if a single company has multiple facilities. The Security Coordinator must have corporate authority to represent and speak for the company and to serve as TSA’s point of contact with that company. A facility-based Security Coordinator is needed so that TSA has a point of contact that is familiar with the operations and procedures of the particular facility certified as a CCSF. A corporate level Security Coordinator may also serve as a facility level Security Coordinator. Both Security Coordinators, or their alternates at the corporate and facility level, must be available 24 hours per day to address any adverse security incidents that may arise or to receive information from TSA or others that might jeopardize the security of the cargo handled at the facility. sroberts on DSKD5P82C1PROD with RULES Section 1549.109—Security Directives and Information Circulars This provision requires each CCSF to comply with any security directives that TSA may issue to address a security concern that requires immediate action. TSA may issue Information Circulars, which provide information to regulated parties. These do not include mandatory security measures but provide useful information about potential threats. VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 Section 1549.111—Security Threat Assessments for Personnel of Certified Cargo Screening Facilities This section requires personnel of certified cargo screening facilities to undergo the STA described in 49 CFR part 1540, subpart C. We are requiring STAs for the following individuals: • Individuals authorized to perform cargo screening or supervise cargo screening; • Individuals authorized to have unescorted access to cargo from the time of screening until the time it is offered to an IAC for transport on passenger aircraft, an aircraft operator under part 1544, or a foreign air carrier under part 1546; • The senior manager or representative of the CCSFs in control of the operations; and • Security Coordinators and their alternates. TSA is requiring STAs for the individuals listed above to reduce the likelihood of a terrorist’s gaining employment in a position with access to cargo for the purpose of introducing an explosive or other destructive substance into cargo on a passenger aircraft. Extending the STAs to such individuals in a CCSF provides a degree of security comparable to TSA’s other programs, including the IAC program, in that all personnel of regulated parties with access to cargo from the time of screening until the time the aircraft operator loads it will undergo a check against the terrorist databases. For a full description of the STA process, see the discussion of 49 CFR part 1540, subpart C. VI. Good Cause for Immediate Adoption TSA is taking this action without providing the public prior opportunity for notice and comment. The 9/11 Act requires TSA to have developed a system for the screening of 50 percent of cargo transported by passenger aircraft by February 2009, and to develop a system for the screening of 100 percent of such cargo by August 2010. In 49 U.S.C. 44901(g)(2)(A), Congress specifically authorized TSA to issue an IFR ‘‘as a temporary regulation to implement this section without regard to the provisions of chapter 5 of title 5.’’ The Act further states that if TSA issues an IFR, then TSA must follow it with a final rule within 12 months of the effective date of the IFR. 49 U.S.C. 44901(g)(2)(B)(i). TSA cannot meet the screening requirements established in the 9/11 Act for cargo loaded in the U.S. without a system in place to screen cargo off- PO 00000 Frm 00018 Fmt 4701 Sfmt 4700 airport by parties other than aircraft operators, as this rule will accomplish. TSA could not achieve this mandate by relying solely on aircraft operators and foreign air carriers to conduct screening. There is insufficient space and capacity for aircraft operators and foreign air carriers to screen the approximately 12 million pounds of cargo transported on passenger aircraft in the United States. Much of this cargo is gathered by IACs off-airport, consolidated into Unit Load Devises or pallets, and brought to the airport for loading on aircraft. There currently is not a way to adequately screen most consolidations of cargo without breaking them down. Aircraft operators and foreign air carriers do not have sufficient space or time to remove the cargo from the consolidations, screen it, and re-consolidate it, before loading it onto aircraft. This rule establishes more cost-effective and efficient options for CCSFs to screen the cargo off-airport before it is consolidated so that it may be taken to the airport and loaded onto aircraft with little delay. Aircraft operators, foreign air carriers, IACs, and facilities that may decide to become CCSFs must have sufficient finality in the regulations to develop their screening programs and have them fully operational in time to meet the statutory deadlines. It would be contrary to the public interest to delay this rule. Meeting the statutory requirements for the screening of cargo on passenger aircraft with this IFR will provide substantial security benefits by providing the stakeholders with finality in the rule at an earlier stage, which will allow them to determine how best to comply with the requirements. For instance, IACs, shippers, and other facilities that choose to become CCSFs will have time to comply with the new requirements and become certified. The rationale for issuing this rule as an IFR is fully consistent with sections 553(b) and (d) of the Administrative Procedure Act (APA) (5 U.S.C. 553), which authorize agencies to issue final rules without affording the public a prior opportunity to comment is ‘‘impracticable, unnecessary, or contrary to the public interest.’’ VII. Paperwork Reduction Act The Paperwork Reduction Act of 1995 (PRA) (44 U.S.C. 3501 et seq.) requires that TSA consider the impact of paperwork and other information collection burdens imposed on the public and, under the provisions of PRA section 3507(d), obtain approval from the Office of Management and Budget (OMB) for each collection of information it conducts, sponsors, or E:\FR\FM\16SER2.SGM 16SER2 sroberts on DSKD5P82C1PROD with RULES Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations requires through regulations. This interim final rule contains new information collection activities subject to the PRA. Accordingly, TSA has submitted the following information requirements to OMB for its review. Title: Certified Cargo Screening Program Interim Final Rule. Summary: Section 1602 of the Implementing Recommendations of the 9/11 Commission Act of 2007 (Pub. L. 110–53) (August 2007) requires the development of a system to screen 100 percent of the cargo transported on a passenger aircraft operating within the United States by August 2010 and to have screened 50 percent of all air cargo by February 2009. This rule amends several parts of Title 49 of the Code of Federal Regulations (CFR) and adds new parts, as described in prior sections of this preamble. The rule creates several new information collections. Through this rule, TSA is including the following information collections: First, an entity that seeks to become a CCSF under 49 CFR part 1549 must submit an application to TSA. Second, a validator from a TSAapproved validation firm must assess each CCSF every three years. An entity that seeks to become a TSA-approved validation firm under 49 CFR part 1522 must submit an application to TSA. Third, TSA must conduct STAs for key personnel of CCSFs and validation firms. The key personnel must submit personal data to TSA for the STAs. This STA portion is a previously approved collection under OMB control number 1652–0040, but this IFR expands the population from which the information is collected. Fourth, CCSFs and TSA-approved validation firms must accept or submit security programs for approval. CCSFs must accept a standard security program provided by TSA or submit a proposed modified security program to the designated TSA official for approval initially and periodically thereafter as required. Validation firms must accept a standard security program provided by TSA or submit a proposed modified security program to the designated TSA official for approval initially and periodically thereafter as required. The validation firm must also submit a supplement to the security plan that specifies processes and procedures that the firm will use to maintain the qualification of its validators and its personnel assisting validators with assessments to the designated TSA official for approval. Fifth, CCSP participants, indirect air carriers, and TSA-approved validation firms must maintain records of compliance with the IFR and make them VerDate Nov<24>2008 20:09 Sep 15, 2009 Jkt 217001 available for TSA inspection (see 49 CFR 1522.129 and 1549.105). Sixth, TSA-approved validation firms must submit their validators’ assessments of CCSFs to TSA. Finally, CCSFs and air carriers must submit TSA-determined monthly cargo screening metrics to TSA. Use of: TSA will use the applications of entities seeking to become CCSFs to approve the entity as a CCSF. TSA will use the applications of entities seeking to become TSA-approved validation firms to approve the entities as approved validation firms. TSA will collect personally identifiable information from CCSFs, validation firms, and indirect air carriers about their key personnel in order to conduct STAs on these individuals, which is an important security measure that should apply to individuals who screen cargo and have unescorted access to screened cargo as well as to other key individuals. CCSF and validation firm security programs are necessary because they contain specific measures to deter incidents that may jeopardize transportation security. CCSFs must maintain records and provide TSAapproved validators access to their records, equipment, and facilities necessary for the validators to conduct assessments. TSA will require the validators to submit their assessment reports to TSA in a manner and form prescribed by TSA, and to also retain validation reports that they have prepared for a minimum of 36 months. TSA will use the reports to determine whether CCSFs and validation firms are complying with TSA regulations. Finally, CCSFs and TSA-approved validation firms must submit security programs for approval. These security programs contain specific measures to deter incidents that may jeopardize transportation security. TSA requires CCSFs to provide information on the amount of cargo screened at an approved facility in order to evaluate the compliance and performance of the CCSFs and to provide information needed for congressional reporting and future rulemaking relating to air cargo security. Respondents (including number of): The likely respondents to this proposed information requirement are the 22,541 entities that seek to become CCSFs under 49 CFR part 1549 and the 83 entities that seek to become TSAapproved validation firms. Frequency: CCSFs will submit an application for recertification every three years. The rule will require CCSFs to submit an application once annually. TSA estimates that CCSFs, TSAapproved validation firms, and indirect PO 00000 Frm 00019 Fmt 4701 Sfmt 4700 47689 air carriers will submit personally identifiable information of their key personnel so that TSA can conduct STAs every five years. The rule will require CCSFs and validation firms to accept or submit a security program once, and TSA estimates CCSFs will submit updates to their security program on average once annually. TSA estimates that validators will submit their assessment reports to TSA as frequently as they perform the assessments. The recordkeeping requirements will be continuous. The requirement for CCSFs to provide information on the amount of cargo screened and other screening data at an approved facility will be a monthly collection. Annual Burden Estimate: TSA estimates that the 7,514 entities who will seek to become CCSFs annually will spend approximately 2 hours each to complete the applications for an annual burden of 15,028 hours. TSA estimates that the 28 entities who will seek to become TSA-approved validation firms annually will spend approximately 30 minutes each to complete the applications for an annual burden of 14 hours. TSA estimates 312,433 annual responses from CCSFs, validation firms, and indirect air carriers and the time spent annually submitting personally identifiable information of key personnel for TSA to conduct STAs for an annual burden of 78,108 hours. The time to complete an STA application is estimated at 15 minutes per individual. TSA has estimated that a total of 16,989 CCSFs and validation firms will adopt their security programs for an average of 5,663 security programs annually. Each firm will devote approximately 42 hours to their initial security program, resulting in an annual burden of 237,846 hours. TSA has estimated that a total 31,589 CCSFs and validation firms will be required to maintain and update their security programs for an average of 10,530 security programs updated annually. Each firm will devote approximately 4 hours each annually, beginning in the second year, updating their security programs for an annual hour burden of 42,119. TSA estimates all CCSFs and validation firms will be required to maintain records of compliance with the IFR. This includes a time burden of approximately 5 minutes (0.083 hours) for every CCSF and validation firm employee who is required to have an STA as well as other records of compliance. This also includes validation firm filings of validation assessment reports, resulting in 312,433 annual record updates. TSA E:\FR\FM\16SER2.SGM 16SER2 47690 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations estimates an annual burden of approximately 25,932 hours. TSA estimates that 28 TSA-approved validation firms will spend approximately 4 hours each annually to prepare their findings and submit them to TSA, for annual burden of 22,541 hours. TSA estimates that 5,635 CCSFs will complete monthly cargo reports at an estimated time of one hour per week for an estimated annual burden of 293,037 hours. INFORMATION COLLECTION AND HOUR BURDEN SUMMARY [17,117 unique respondents over 3 years] Annual respondents Function CCSF Applications ................................. Annual responses Time per response Annual hours (3-year total) Regulation cite (Initial application is a one time collection, re-certification is every three years) One Year ............................................... Three Years ........................................... 7,514 22,541 7,514 22,541 2 hours ........ 2 hours ........ Validation Firm Applications .................. 15,028 45,083 419E 419E § 1549.7 § 1549.7 419G 419G § 1522.107 § 1522.107 Annual collection One Year ............................................... Three Years ........................................... 28 83 28 83 STA Applications .................................... .5 hours ....... .5 hours ....... 14 42 Collected every five years after initial application One Year ............................................... Three Years ........................................... 312,433 937,300 312,433 937,300 .25 hours ..... .25 hours ..... Security Programs Creations ................. 78,108 234,325 419F 419F §§ 1549.11 & 1549.103 §§ 1522.117 & 1522.121 One time collection One Year ............................................... Three Years ........................................... 5,663 16,989 5,663 16,989 42 hours ...... 42 hours ...... Updates .................................................. 237,846 713,538 .................... .................... § 1522.105 § 1522.105 N/A .................... § 1549.5 § 1549.5 N/A .................... §§ 1549.105 & 1522.129 §§ 1549.105 & 1522.129 N/A .................... § 1522.127 § 1522.127 N/A .................... N/A § 1549.105 § 1549.105 § 1549.105 Once annually One Year ............................................... Three Years ........................................... 10,530 31,589 10,530 31,589 4 hours ........ 4 hours ........ Recordkeeping ....................................... 42,119 126,356 Continuous as needed One Year ............................................... Three Years ........................................... 312,433 937,300 312,433 937,300 .083 hours ... .083 hours ... Validation Assessment Reports ............. 25,932 77,796 Continuous as needed One Year ............................................... Three Years ........................................... 28 83 5,635 16,906 4 hours ........ 4 hours ........ Cargo Reporting .................................... 22,541 67,624 Monthly collection One Year ............................................... Three Years ........................................... CCSF Subset—1 year ........................... 5,635 16,906 121 67,624 202,872 1,452 52 hours ...... 52 hours ...... 2.5 hours ..... 293,037 879,112 3,630 TOTAL for One Year ...................... 654,385 723,312 ..................... 718,255 TOTAL for Three Years .................. sroberts on DSKD5P82C1PROD with RULES TSA Form Number 1,962,791 2,165,580 ..................... 2,143,875 TSA requests comments to— (1) Evaluate whether the proposed information requirement is necessary for the proper performance of the functions of the agency, including whether the information will have practical utility; (2) Evaluate the accuracy of the agency’s estimate of the burden; (3) Enhance the quality, utility, and clarity of the information to be collected; and (4) Minimize the burden of the collection of information on those who are to respond, including using appropriate automated, electronic, mechanical, or other technological VerDate Nov<24>2008 20:09 Sep 15, 2009 Jkt 217001 collection techniques or other forms of information technology. Individuals and organizations may submit comments on the information collection requirements by November 16, 2009. Direct the comments to the address listed in the ADDRESSES section of this document, and fax a copy of them to the Office of Information and Regulatory Affairs, Office of Management and Budget, Attention: DHS–TSA Desk Officer, at (202) 395– 5806. A comment to OMB is most effective if OMB receives it within 30 days of publication. As protection provided by the Paperwork Reduction Act, as amended, PO 00000 Frm 00020 Fmt 4701 Sfmt 4700 an agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless it displays a currently valid OMB control number. VIII. Economic Impact Analyses A. Regulatory Evaluation Summary Changes to Federal regulations must undergo several economic analyses. First, Executive Order 12866 (EO 12866), Regulatory Planning and Review, directs each Federal agency to propose or adopt a regulation only upon a reasoned determination that the benefits of the intended regulation E:\FR\FM\16SER2.SGM 16SER2 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations sroberts on DSKD5P82C1PROD with RULES justify its costs. Second, the Regulatory Flexibility Act of 1980 (5 U.S.C. 601 et seq., as amended by the Small Business Regulatory Enforcement Fairness Act (SBREFA) of 1996) requires agencies to analyze the economic impact of regulatory changes on small entities. Third, the Trade Agreements Act (19 U.S.C. 2531–2533) prohibits agencies from setting standards that create unnecessary obstacles to the foreign commerce of the United States. Fourth, the Unfunded Mandates Reform Act of 1995 (2 U.S.C. 1531–1538) requires agencies to prepare a written assessment of the costs, benefits, and other effects of proposed or final rules that include a Federal mandate likely to result in the expenditure by State, local, or Tribal governments, in the aggregate, or by the private sector, of $100 million or more annually (adjusted for inflation). TSA has prepared a separate detailed analysis document which is available to the public in the docket. With respect to these analyses, TSA provides the following conclusions and summary information: • This rule is considered to be an economically significant rule within the definition of EO 12866, as estimated annual costs or benefits exceed $100 million in any year. TSA has included the mandatory OMB Circular A–4 Accounting Statement in the separate analysis document and thus has not repeated it here. • Under the Regulatory Flexibility Act of 1980, an agency need not publish a formal analysis of the impact to small entities with the interim final rule. Therefore, TSA has not determined whether or not this interim final rule will have a significant impact on a substantial number of small entities. • This regulatory evaluation provides the required assessment of the Trade Agreement Act of 1979. • The regulatory evaluation provides the required written assessment of Unfunded Mandates. This interim final rule is not likely to result in the expenditure by State, local, or Tribal governments, in the aggregate, of $100 million or more annually (adjusted for inflation). However, because the rule is economically significant as defined by Executive Order 12866, it does have an unfunded mandate impact on the VerDate Nov<24>2008 20:09 Sep 15, 2009 Jkt 217001 economy as a whole. The separate analysis of the costs and benefits of the rule satisfies the requirements of the Unfunded Mandates Reform Act. B. Executive Order 12866 Assessment This IFR is a major rule within the definition of Executive Order (EO) 12866, as annual costs or benefits to all parties exceed the $100 million threshold in any year. TSA has not identified any significant economic impacts for each of the required analyses of small business impact, international trade, or unfunded mandates. This summary highlights the costs and benefits of the rule. Costs This section summarizes the types of costs of this rule, which would be borne by five relevant parties: CCSFs, nonCCSF entities that receive screened cargo from CCSFs, validation firms, aircraft operators (including, in this context, both U.S. aircraft operators and foreign air carriers), and TSA. A summary table at the end of this section provides an overview of the cost estimates. The following paragraphs provide brief descriptions of the cost components. This rule will require expenditures by CCSFs, approved validation firms, and aircraft operators. CCSFs and approved validation firms must adopt security programs and, in the case of CCSFs, undergo assessment of their security measures by a TSAapproved validation firm prior to joining the program. CCSFs and validation firms must complete TSAconducted STAs for individuals who will be screening cargo or who have unescorted access to screened cargo, as well as for personnel supporting these functions. CCSFs and validation firms must employ security coordinators and alternates. CCSFs must also implement training for individuals who perform securityrelated duties. CCSFs may need to purchase equipment to perform their responsibilities under this program. Validation firms will need to pay for training for individuals involved in conducting assessments. Aircraft operators will need to purchase equipment and hire personnel to handle their additional screening burdens. PO 00000 Frm 00021 Fmt 4701 Sfmt 4700 47691 TSA will incur costs to implement the rule. These will include the costs associated with reviewing applications and security programs, reviewing validation reports, conducting STAs, and inspecting CCSFs and validation firms. In addition, TSA will incur the cost of developing or approving training programs for validation firms and TSA employees and of developing the Air Cargo Data Management System. Total TSA costs can be found in the Total section in Table 1, and in Table 32 of the Regulatory Evaluation. Total In summary, over the 10-year period of the analysis, TSA estimates the aggregate costs of this rulemaking to total approximately $2.8 billion, undiscounted. Discounted at seven percent, the cost is $1.9 billion, and discounted at three percent, the cost is $2.4 billion. Additionally, industry will bear a cost for delayed shipment of cargo estimated at $297.1 million over the 10-year analysis period ($203.1 million discounted at seven percent and $250.4 million discounted at three percent). The regulatory impact analysis provides detailed estimates of these costs. TSA anticipates bearing costs to administer the provisions of the rulemaking at $384 million over the 10year analysis period. TSA presents details in the regulatory impact analysis on how it developed these estimates. The following table displays the annual costs of the rule over the 10-year analysis period. The total is broken out by costs to TSA; costs to industry, estimated using the U.K. Known Consignor program as a proxy for screening fees; and the estimated delay costs due to screening. The TSA total represents the estimated costs TSA will incur to implement the CCSP and enforce compliance. The industry cost is estimated using the U.K. fee proxies and accounts for the 70 percent of cargo shipped on passenger planes expected to be screened at CCSFs as well as the additional fifteen percent that aircraft operators are expected to screen. The delay cost assumes the 30 percent of cargo expected to be screened by the aircraft operators will be the only cargo subject to delay. E:\FR\FM\16SER2.SGM 16SER2 47692 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations TABLE 1—10-YEAR TOTAL COST SUMMARY OF CCSP [$millions] Year Industry cost TSA cost Delay cost Total cost Discounted (3 percent) Discounted (7 percent) 1 ............................................................... 2 ............................................................... 3 ............................................................... 4 ............................................................... 5 ............................................................... 6 ............................................................... 7 ............................................................... 8 ............................................................... 9 ............................................................... 10 ............................................................. $62.1 24.5 25.7 35.4 28.7 38.8 43.5 37.1 38.9 49.4 $171.3 179.9 188.9 198.4 208.3 218.7 229.6 241.1 253.2 265.8 $23.6 24.8 26.0 27.3 28.7 30.1 31.7 33.2 34.9 36.6 $257.0 229.3 240.7 261.1 265.6 287.7 304.8 311.4 326.9 351.8 $249.5 216.1 220.3 232.0 229.1 240.9 247.8 245.8 250.6 261.8 $240.2 200.2 196.5 199.2 189.4 191.7 189.8 181.2 177.8 178.9 Total .................................................. Low ................................................... High ................................................... 384.2 262.4 512.8 2,155.1 1,795.9 2,514.3 297.1 281.5 318.9 2,836.4 2,339.9 3,346.0 2,394.0 1,974.7 2,824.3 1,945.0 1,604.0 2,294.8 100 Percent Aircraft Operator Screening As an alternative to establishing the CCSP, TSA considered meeting the statutory requirements by having aircraft operators screen cargo intended for transportation on passenger aircraft—that is, continuing the current cargo screening program but expanding it to 85 percent of air cargo on passenger aircraft. TSA estimates that the remaining fifteen percent will be transferred to alternate means of transportation due to the increased delays and costs of shipping this IFR might incur. The cost of the modal shift assumed by TSA was not estimated as the cost components of this shift would be difficult to estimate. Under this alternative, aircraft operators would bear the costs of screening additional cargo, and industry would bear significant costs because of delays. TSA would not incur costs as a result of this alternative. TSA currently requires aircraft operators to screen cargo intended for transport on passenger aircraft at levels set out in their security programs. As a result, TSA would not have to take any new action. Under this alternative, the cost drivers for this alternative are screening equipment, personnel for screening, training of personnel, and delays. Delays are the largest cost component, totaling $7.0 billion over 10 years, undiscounted. In summary, the undiscounted 10 year cost of the alternative is $11.1 billion. Discounted at three percent, the cost is $9.4 billion and discounted at seven percent, the cost is $7.7 billion. The following table presents the costs of the 100 percent aircraft operator screening alternative, as well as high and low variations and totals discounted at 3 percent and 7 percent. TABLE 2—10-YEAR TOTAL COST SUMMARY OF 100 PERCENT AIR CARRIER SCREENING [$millions] Year Equipment Personnel Domestic delays Training Total 3% Discount 7% Discount $85 10 10 10 10 10 10 85 10 10 $307 322 338 355 373 391 411 431 453 476 $4.9 2.7 2.9 3.0 3.2 3.3 3.5 3.7 3.8 4.0 $613 631 649 668 687 707 728 750 772 796 $1,009 965 1,000 1,035 1,073 1,112 1,152 1,269 1,239 1,286 $980 910 915 920 925 931 937 1,002 950 957 $943 843 816 790 765 741 718 739 674 654 Total .................................................. Low ................................................... High ................................................... sroberts on DSKD5P82C1PROD with RULES 1 ............................................................... 2 ............................................................... 3 ............................................................... 4 ............................................................... 5 ............................................................... 6 ............................................................... 7 ............................................................... 8 ............................................................... 9 ............................................................... 10 ............................................................. 249 187 311 3,856 2,892 4,820 35.0 26 44 7,002 5,251 8,752 11,142 8,356 13,927 9,427 7,070 11,784 7,683 5,762 9,603 Benefits The interim final rule will allow for more standard governance in cargo screening and will provide benefits in terms of increased security of commercial passenger aviation. The benefits are four fold. First, the passenger airline industry will be more firmly protected against an act of terrorism or other malicious behaviors VerDate Nov<24>2008 19:45 Sep 15, 2009 Jkt 217001 by the screening of 100 percent of cargo shipped on passenger aircraft; currently, only a portion of this cargo is screened before being loaded onto the plane. Second, allowing the screening process to occur throughout the supply chain via the CCSP will reduce potential bottlenecks and delays at the aircraft operators. Third, the interim final rule will allow market forces to identify the PO 00000 Frm 00022 Fmt 4701 Sfmt 4700 most efficient venue for screening along the supply chain. As the most costeffective venue for screening varies widely depending on the type of goods being shipped on passenger aircraft operators, the interim final rule will permit any entity on the supply chain to apply for TSA certification to screen cargo and apply chain-of-custody procedures to secure that cargo. Finally, E:\FR\FM\16SER2.SGM 16SER2 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations validation firms will perform assessments of the entities that become CCSFs. These assessments will enable TSA to set priorities for compliance inspections while leveraging TSA inspectors with vetted and trained validation firms, thereby adding an extra layer of security. Alternatively, TSA has assessed the benefits of this rule via a break-even analysis of the cost of the reduction in risk with the dollar amount of the benefit from the rule. The break-even analysis illustrates the tradeoff between program costs and program benefits. For purposes of the analysis, TSA evaluated four scenarios in which an explosive device was placed in the aircraft’s cargo hold via air cargo and detonated, destroying the airplane and all passengers and crew on board. For each scenario, TSA derived a total monetary cost of consequence from an estimated value of the statistical human lives lost and the value of the plane (including cargo) destroyed. TSA obtained a value of the monetary cost of an attack under a certain probability (the value of which equals the total estimated monetary cost of the attack multiplied by the probability of an attack of that nature over a year-long time period) and compared it to the undiscounted, annualized cost of the CCSP to estimate how often an attack of that nature would need to be averted for the expected benefits to equal costs. Table 3 summarizes the results of the break-even analysis, based on the 10year cost of the rule, annualized at seven percent. Below we describe the four scenarios that we used in that analysis. To judge the value or effectiveness of this IFR in the context of these scenarios, it is necessary to compare the extent of monetary consequence from a successful attack with the cost of a program like the IFR that would be deployed to reduce the risk or likelihood of such an attack being successfully undertaken. The first scenario describes the impact of a situation in which an explosive device placed in the cargo shipped on the flight in the belly of the plane destroys a standard narrow body aircraft (from the fleets used by major U.S. aircraft operators) during flight. This incident results in the loss of the lives of all passengers and crew members on board, along with the total destruction of the airplane. TSA estimated 119 total people to be on board, including both passengers and crew. The value of these statistical lives is approximately $690.2 million in 2006 U.S. dollars, based on the Department of Transportation Value of a Statistical Life (VSL) estimation of $5.8 million per person. The estimated aircraft cost is just under $17 million on average, again in 2006 dollars. Adding these two together, and assuming no damage on impact to the crash site, TSA estimates the total monetary consequence of the attack at $707.2 million. The second scenario depicts a situation where an explosive device placed in the cargo shipped on the flight in the belly of the plane destroys an average U.S. commercial passenger aircraft (from the fleets used by major U.S. aircraft operators) in flight. This attack results in loss of life for passengers and crew members, along with complete destruction of the aircraft. Based on data reported in the FAA Critical Values Guidance, there is an assumed loss of 133 lives (128 passengers and 5 crew members), along with an assumed complete loss of the aircraft, which on average would be valued at $22 million in 2006 dollars. The monetary estimate associated with the loss of life is $771 million. Combining the loss of life monetary estimate with the weighted average aircraft market value, TSA estimates the total monetary consequence of this scenario at $793 million. The third scenario depicts a situation where an explosive device placed in the cargo shipped on the flight in the belly of the plane destroys an average U.S. commercial passenger wide-body aircraft (from the fleets used by major U.S. aircraft operators) in flight. This attack scenario, like the first scenario, results in loss of life for passengers and crew members, along with complete destruction of the wide-body aircraft. Based on data reported in the FAA Critical Values Guidance, there is an assumed loss of 210 lives (202 47693 passengers and 8 crew members) along with the complete loss of the aircraft, which on average would be valued at $49.6 million in 2006 dollars. Using the DOT VSL of $5.8 million, the monetary estimate associated with the loss of life is $1.22 billion. Combining the loss of life monetary estimate with the weighted average aircraft market value, TSA estimates the total monetary consequence of this scenario at $1.27 billion. The fourth scenario is an extension of the third that takes into account a situation involving multiple planes destroyed by an explosive device. In our case, four wide body aircraft are the targets of the attack. Our estimation of the monetary damage took the value of the single wide body aircraft attack and multiplied that total monetary consequential amount by a factor of four. Therefore, the resulting estimate of monetary damage caused in this scenario is $5.1 billion, in 2006 dollars. This includes approximately 840 passenger and crew member lives lost, and an estimated $198.2 million loss due to the destruction of the four wide body airplanes. The table below presents the number of attacks averted (expressed as a number of years between attacks), required for the IFR to break even under each of the four scenarios. In this analysis the comparison is made between the estimated scenario consequence and the seven percent discount annualized Air Cargo Screening IFR cost of $276.9 million; the ‘‘required risk reduction in attack frequency’’ for break-even can be derived as the multiplicative inverse of the ratio between this annualized program cost and the scenario consequence total (a ratio which expresses a breakeven annual likelihood of attack). As shown in the following table, the rule will need to reduce the existing or baseline frequency of terror attack by one attack every 2.6 years for Scenario 1, one attack every 2.8 years for Scenario 2, one attack every 4.5 years for Scenario 3, or one attack every 18.2 years for Scenario 4 in order for the IFR to break even. TABLE 3—FREQUENCY OF ATTACKS AVERTED FOR PASSENGER AIR CARGO SCREENING IFR COSTS TO EQUAL EXPECTED BENEFITS, BY ATTACK SCENARIO sroberts on DSKD5P82C1PROD with RULES [Annualized at 7 percent] 1. Narrow Body Target ........ VerDate Nov<24>2008 18:23 Sep 15, 2009 Lives lost Valuation at $0.0058 M ($ billion) Avg. aircraft market value ($ billion) Property loss ($ billion) Total consequence ($ billion) Attacks averted by air cargo sec to break-even A Attack scenario B = A × 0.0058 C D E=B+C+D = E ÷ $276.9 ** 119 Jkt 217001 $0.69 PO 00000 Frm 00023 $0.017 Fmt 4701 Sfmt 4700 $0.0 E:\FR\FM\16SER2.SGM $0.71 16SER2 One every 2.6 years. 47694 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations TABLE 3—FREQUENCY OF ATTACKS AVERTED FOR PASSENGER AIR CARGO SCREENING IFR COSTS TO EQUAL EXPECTED BENEFITS, BY ATTACK SCENARIO—Continued [Annualized at 7 percent] Lives lost Valuation at $0.0058 M ($ billion) Avg. aircraft market value ($ billion) Property loss ($ billion) Total consequence ($ billion) Attacks averted by air cargo sec to break-even A Attack scenario B = A × 0.0058 C D E=B+C+D = E ÷ $276.9 ** 0.79 1.27 5.07 One every 2.8 years. One every 4.5 years. One every 18.2 years. 2. Avg. AO Target ............... 3. Wide Body Target ........... 4. Multiple Wide Body ......... 133 210 840 0.77 1.22 4.87 0.022 0.050 0.198 0.0 0.0 0.0 ** The total cost of the rule annualized at 7 percent. C. Regulatory Flexibility Act Assessment Sections 603(a) and 604(a) of the Regulatory Flexibility Act (RFA) require that, when an agency issues a interim final rule or promulgates a final rule ‘‘after being required * * * to publish a general notice of proposed rulemaking,’’ the agency must determine whether a proposed or final rule will have a significant economic impact on a substantial number of small entities and, if so, must prepare a regulatory flexibility analysis as described in the Act. For purposes of the RFA, small entities include small businesses, notfor-profit organizations, and small governmental jurisdictions. Individuals and States are not included in the definition of a small entity. These requirements do not apply where, as here, an agency issues an interim final rule. Congress explicitly authorized TSA to issue an IFR in the 9/11 Act. TSA invites comments that address whether this rule would have a significant economic impact on a substantial number of small entities. TSA will consider this information in developing the final rule. sroberts on DSKD5P82C1PROD with RULES D. International Trade Impact Assessment The Trade Agreement Act of 1979 prohibits Federal agencies from establishing any standards or engaging in related activities that create unnecessary obstacles to the foreign commerce of the United States. Legitimate domestic objectives, such as safety, are not considered unnecessary obstacles. The statute also requires consideration of international standards and, where appropriate, that they be the basis for U.S. standards. TSA has assessed the potential effect of this interim final rule and has determined that the same measures must apply to both U.S. aircraft operators and foreign air carriers loading cargo on passenger aircraft. At most, the impact of this rule creates an even competitive cost structure. VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 E. Unfunded Mandates Assessment The Unfunded Mandates Reform Act of 1995 (UMRA) is intended, among other things, to curb the practice of imposing unfunded Federal mandates on State, local, and Tribal governments. Title II of UMRA requires each Federal agency to prepare a written statement assessing the effects of any Federal mandate in a proposed or final agency rule that may result in an expenditure of $100 million or more (adjusted annually for inflation) in any one year by State, local, and Tribal governments, in the aggregate, or by the private sector, such a mandate is deemed to be a ‘‘significant regulatory action.’’ This interim final rule does not exceed this threshold with respect to State, local, and Tribal governments, because it does not require them to take any action. The impact on the overall economy, however, does exceed the threshold, resulting in an unfunded mandate on the private sector; this regulatory evaluation documents the costs and alternatives associated with this regulatory action. TSA will publish a final analysis, including its response to public comments, when it publishes a final rule. IX. Executive Order 13132, Federalism TSA has analyzed this final rule under the principles and criteria of Executive Order 13132, Federalism. We determined that this action will not have a substantial direct effect on the States, or the relationship between the national government and the States, or on the distribution of power and responsibilities among the various levels of government, and, therefore, does not have federalism implications. X. Environmental Analysis We have analyzed this interim final rule under DHS Management Directive 5100.1 ‘‘Environmental Planning Program’’ (see also 71 FR 16790, Apr. 4, 2006), which guides DHS in complying with the National Environmental Policy Act of 1969 (NEPA) (42 U.S.C. 4321– PO 00000 Frm 00024 Fmt 4701 Sfmt 4700 4370f). We have concluded that this rule is part of a category of actions described in items A3, A4, A7, B3, H1 and H2 of Table 1 in Appendix A of the Management Directive. This interim final rule would not have individually or cumulatively a significant effect on the human environment and, therefore, neither an environmental assessment nor an environmental impact statement is necessary. XI. Energy Impact Analysis TSA has assessed the energy impact of this rule in accordance with the Energy Policy and Conservation Act (EPCA), Public Law 94–163, as amended (42 U.S.C. 6362). We have determined that this rulemaking is not a major regulatory action under the provisions of the EPCA. List of Subjects 49 CFR Part 1515 Appeals, Commercial drivers license, Criminal history background checks, Explosives, Facilities, Hazardous materials, Incorporation by reference, Maritime security, Motor carriers, Motor vehicle carriers, Ports, Seamen, Security measures, Security threat assessment, Vessels, Waivers. 49 CFR Part 1520 Air transportation, Law enforcement officers, Maritime carriers, Reporting and recordkeeping requirements, Security measures. 49 CFR Part 1522 Accounting, Aircraft operators, Aviation safety, Reporting and recordkeeping requirements, Security measures. 49 CFR Part 1540 Air carriers, Aircraft, Airports, Civil aviation security, Law enforcement officers, Reporting and recordkeeping requirements, Security measures, Screening. E:\FR\FM\16SER2.SGM 16SER2 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations 49 CFR Part 1542 Air carriers, Aircraft, Airport security, Aviation safety, Security measures. § 1515.9 Appeal of security threat assessment based on other analyses. (a) * * * (3) TSA had determined that an individual engaged in air cargo operations who works for certain aircraft operators, foreign air carriers, indirect air carriers (IACs), certified cargo screening facilities, or validation firms poses a security threat as provided in 49 CFR 1549.109. * * * * * (c) * * * (1) * * * (iv) In the case of a certified cargo screening facilities worker, TSA serves a Final Determination of Threat Assessment on the operator. (v) In the case of a validator of certified cargo screening facilities, TSA serves a Final Determination of Threat Assessment on the operator. * * * * * (f) * * * (3) If TSA withdraws a Determination of No Security Threat for an individual engaged in air cargo operations who works for certain aircraft operators, foreign air carriers, IACs, certified cargo screening facilities, or validation firms. ■ 4. Amend § 1515.11 by revising paragraph (a)(3) to read as follows: 49 CFR Part 1544 Air carriers, Aircraft, Aviation safety, Freight forwarders, Incorporation by reference, Reporting and recordkeeping requirements, Security measures. 49 CFR Part 1546 Aircraft, Aviation safety, foreign air carriers, Incorporation by reference, Reporting and recordkeeping requirements, Security measures. 49 CFR Part 1549 Air transportation, Reporting and recordkeeping requirements, Security measures. The Amendments For the reasons set forth in the preamble, the Transportation Security Administration amends Chapter XII, of Title 49, Code of Federal Regulations as follows: ■ Subchapter A—Administrative and Procedural Rules PART 1515—APPEAL AND WAIVER PROCEDURES FOR SECURITY THREAT ASSESSMENTS FOR INDIVIDUALS § 1515.11 Review by administrative law judge and TSA Final Decision Maker. 1. The authority citation for part 1515 continues to read as follows: ■ Authority: 46 U.S.C. 70105; 49 U.S.C. 114, 5103a, 40113, and 46105; 18 U.S.C. 842, 845; 6 U.S.C. 469. 2. Amend § 1515.1 by revising paragraph (a) to read as follows: ■ sroberts on DSKD5P82C1PROD with RULES § 1515.1 Scope. (a) Appeal. This part applies to applicants who are appealing an Initial Determination of Threat Assessment or an Initial Determination of Threat Assessment and Immediate Revocation in a security threat assessment (STA) as described in each of the following: (1) 49 CFR part 1572 for a hazardous materials endorsement (HME) or a Transportation Worker Identification Credential (TWIC). (2) 49 CFR part 1540, Subpart C, which includes individuals engaged in air cargo operations who work for certain aircraft operators, foreign air carriers, IACs, certified cargo screening facilities, or validation firms. * * * * * ■ 3. Amend § 1515.9 by adding paragraphs (a)(3), (c)(1)(iv) and (v), and revising paragraph (f)(3) to read as follows: VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 (a) * * * (3) An individual engaged in air cargo operations who works for certain aircraft operators, foreign air carriers, IACs, certified cargo screening facilities, or validation firms who has been issued a Final Determination of Threat Assessment after an appeal as described in 49 CFR 1515.9. * * * * * Subchapter B—Security Rules for All Modes of Transportation PART 1520—PROTECTION OF SENSITIVE SECURITY INFORMATION 5. The authority citation for part 1520 continues to read as follows: ■ Authority: 46 U.S.C. 70102–70106, 70117; 49 U.S.C. 114, 40113, 44901–44907, 44913– 44914, 44916–44918, 44935–44936, 44942, 46105. § 1520.3 [Amended] 6. In § 1520.3, remove the definition of ‘‘Security program’’. ■ 7. Amend § 1520.5 by revising paragraph (b)(1) to read as follows: ■ § 1520.5 Sensitive security information. * * * * * (b) * * * (1) Security programs and contingency plans. Any security PO 00000 Frm 00025 Fmt 4701 Sfmt 4700 47695 program or security contingency plan issued, established, required, received, or approved by DOT or DHS, including any comments, instructions, or implementing guidance, including— (i) Any aircraft operator, airport operator, fixed base operator, or air cargo security program, or security contingency plan under this chapter; (ii) Any vessel, maritime facility, or port area security plan required or directed under Federal law; (iii) Any national or area security plan prepared under 46 U.S.C. 70103; and (iv) Any security incident response plan established under 46 U.S.C. 70104. * * * * * ■ 8. Amend § 1520.7 by revising paragraph (b) to read as follows: § 1520.7 Covered persons. * * * * * (b) Each indirect air carrier (IAC), as described in 49 CFR part 1548; each validation firm and its personnel, as described in 49 CFR 1522; and each certified cargo screening facility and its personnel, as described in 49 CFR 1549. * * * * * 9. Add new part 1522 to Subchapter B to read as follows: ■ PART 1522—TSA-APPROVED VALIDATION FIRMS AND VALIDATORS Subpart A—General Sec. 1522.1 Scope and terms used in this part. 1522.3 Fraud and intentional falsification of records. 1522.5 TSA inspection authority. Subpart B—TSA-Approved Validation Firms and Validators for the Certified Cargo Screening Program 1522.101 Applicability. 1522.103 Requirements for validation firms. 1522.105 Adoption and implementation of the security program. 1522.107 Application. 1522.109 TSA review and approval. 1522.111 Reconsideration of disapproval of an application. 1522.113 Withdrawal of approval. 1522.115 Renewal of TSA approval. 1522.117 Qualifications of validators. 1522.119 Training. 1522.121 Security threat assessments for personnel of TSA-approved validation firms. 1522.123 Conduct of assessments. 1522.125 Protection of information. 1522.127 Assessment report. 1522.129 Recordkeeping requirements. Authority: 49 U.S.C. 114, 5103, 40113, 44901–44907, 44913–44914, 44916–44918, 44932, 44935–44936, 44942, 46105. E:\FR\FM\16SER2.SGM 16SER2 47696 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations Subpart A—General sroberts on DSKD5P82C1PROD with RULES § 1522.1 part. Scope and terms used in this (a) This part governs the use of TSAapproved validation firms and individual validators to assess whether certain persons regulated under this chapter are in compliance with this chapter. (b) In addition to the terms in §§ 1500.3 and 1540.5 of this chapter, the following terms apply in this part: Applicant means a firm that seeks to become a TSA-approved validation firm under this part. Assessment means the physical inspections, records reviews, personnel interviews, and other procedures conducted by a validator to assess whether a person is in compliance with relevant requirements of a security program. Conflict of interest means a situation in which the validation firm, the validator, or an individual assisting in the assessment, or the spouse or immediate family member of such person, has a relationship with, or an interest in, the person under assessment that may adversely affect the impartiality of the assessment. Examples of conflict of interest situations include, but are not limited to, any of the following: (1) The validation firm is a parent company or subsidiary of the person under assessment, has a financial interest in the person under assessment, or has common management or organizational governance (for example, interlocking boards of directors) with the person under assessment. (2) The validation firm, the validator, or an individual who will assist in conducting the assessment, or an immediate family member of such a validator or individual, is a creditor or debtor of the person under assessment. (3) The validator, or an individual who will assist in conducting the assessment, or the spouse or immediate family member of such a person, is, or within the past two years has been, an employee, officer, or contractor of the person under assessment whose duties did not involve the operations being assessed. (4) The validator, or an individual who will assist in conducting the assessment, or the spouse or immediate family member of such a person, is, or at any time has been, an individual, officer, or contractor of the person under assessment whose duties or responsibilities did involve the operations being assessed. (5) The validator, or an individual who will assist in conducting the VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 assessment, or the spouse or immediate family member of such a person, has a financial interest in the person under validation. Firm means a business enterprise or other non-governmental organization, including a sole proprietorship, partnership, limited liability partnership, limited liability corporation, and a corporation. National of the United States means a citizen of the United States, or a person who, though not a citizen, owes permanent allegiance to the United States, as defined in 8 U.S.C. 1101(a)(22), and includes American Samoa and Swains Island. TSA-approved validation firm or validation firm means a firm that has been approved under this part to conduct an assessment under this chapter. Validator means an individual assigned by the validation firm to be responsible for conducting a given assessment under this part. (iv) Ensure the adequacy of security measures for the transportation of passengers and cargo; (v) Oversee the implementation, and ensure the adequacy, of security measures at airports and other transportation facilities; (vi) Review security plans; and (vii) Carry out such other duties, and exercise such other powers, relating to transportation security as the Assistant Secretary of Homeland Security for the TSA considers appropriate, to the extent authorized by law. (b) At the request of TSA, each validation firm and validator must provide evidence of compliance with this chapter, including copying records. (c) TSA and DHS officials working with TSA may conduct inspections under this section without access media or identification media issued or approved by a validation firm or other person, except that the TSA and DHS officials will have identification media issued by TSA or DHS. § 1522.3 Fraud and intentional falsification of records. Subpart B—TSA-Approved Validation Firms and Validators for the Certified Cargo Screening Program No person may make, or cause to be made, any of the following: (a) Any fraudulent or intentionally false statement in any application under this part. (b) Any fraudulent or intentionally false entry in any record or report that is kept, made, or used to show compliance with this subchapter, or used to exercise any privilege under this part. (c) Any reproduction or alteration, for fraudulent purpose, of any report, record, security program, access medium, or identification medium issued or submitted under this part. § 1522.5 TSA inspection authority. (a) Each validation firm and each validator must allow TSA, during normal business hours, in a reasonable manner, without advance notice, to enter the facility and make any inspections or tests, including copying records, to— (1) Determine compliance of a validation firm or validator with this chapter and 49 U.S.C. 114 and Subtitle VII, as amended; or (2) Carry out TSA’s statutory or regulatory authorities, including its authority to— (i) Assess threats to transportation; (ii) Enforce security-related regulations, directives, and requirements: (iii) Inspect, maintain, and test the security of facilities, equipment, and systems; PO 00000 Frm 00026 Fmt 4701 Sfmt 4700 § 1522.101 Applicability. This subpart governs the use of TSAapproved validation firms and validators to assess whether certified cargo screening facilities (CCSFs), or facilities seeking to be approved as such, comply with the requirements of 49 CFR part 1549. § 1522.103 firms. Requirements for validation In addition to the other requirements of this part, a validation firm must meet the following requirements to be approved to assess certified cargo screening facilities: (a) Resources. The validation firm must have sufficient facilities, resources, and personnel to conduct the assessments. (b) Security Coordinator. The validation firm must designate and use a Security Coordinator and at least one alternate Security Coordinator. (1) The Security Coordinator and alternates must be senior employees or officers of the firm, and must be readily available during normal business hours. (2) The Security Coordinator and designated alternates must serve as the validation firm’s primary contact for security-related activities and communications with TSA. (3) The Security Coordinator must immediately initiate corrective action for any instance of non-compliance by the validation firm with any applicable TSA security requirement. E:\FR\FM\16SER2.SGM 16SER2 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations (c) Security Program. The validation firm must obtain TSA approval of a security program and must implement the security program. (d) Personnel. The validation firm must ensure that its personnel carry out the requirements of this chapter and the validation firm’s security program. (e) Change in information. (1) The validation firm must inform TSA, in a form and manner prescribed by TSA, of any change in the information required to be submitted by the validation firm to TSA under this part within seven days of the change. (2) Changes included within the requirement of this paragraph include, but are not limited to, changes in the validation firm’s address, phone number, or other contact information, the identity of the Security Coordinator or alternate, significant changes in ownership of the firm. sroberts on DSKD5P82C1PROD with RULES § 1522.105 Adoption and implementation of the security program. (a) Security program required. No person may operate as a validation firm unless that person holds and carries out an approved security program under this part. (b) Content. The validation firm standard security program together with approved alternate procedures and amendments that TSA has issued to that particular firm constitutes that firm’s security program. Each security program under this part must— (1) Provide for the security of aircraft, as well as that of persons and property traveling in air transportation, against acts of criminal violence and air piracy, and against the introduction into aircraft of any unauthorized explosive, incendiary, and other destructive substance or item; (2) Describe the processes and procedures to be used to maintain current qualifications, credentials, or accreditations, training, and security threat assessments for relevant personnel; (3) Describe the facilities, support personnel, and other resources to be used in conducting assessments; and (4) Require that the validation firm designate and use a Security Coordinator and at least one alternate Security Coordinator. (c) Amendment requested by a validation firm or applicant. A validation firm or applicant may file a request for an amendment to its security program with the TSA designated official at least 45 calendar days before the date it proposes for the amendment to become effective, unless the designated official allows a shorter period. Any validation firm may submit VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 to TSA a group proposal for an amendment that is on behalf of it and other validation firms that co-sign the proposal. (1) Within 30 calendar days after receiving a proposed amendment, the designated official, in writing, must either approve or deny the request to amend. (2) An amendment to a validation firm’s security program may be approved if the designated official determines that safety and the public interest will allow it, and if the proposed amendment provides the level of security required under this part. (3) Within 30 calendar days after receiving a denial of the proposed amendment, the validation firm may petition TSA to reconsider the denial. A Petition for Reconsideration must be filed with the designated official. (4) Upon receipt of a Petition for Reconsideration, the designated official must either approve the request to amend the security program or transmit the petition, along with any pertinent information, to TSA for reconsideration. TSA will make a determination on the petition within 30 calendar days of receipt by either directing the designated official to approve the amendment or by affirming the denial. (d) Amendment by TSA. TSA may amend a security program in the interest of safety and the public interest, as follows: (1) TSA must notify the validation firm, in writing, of the proposed amendment, fixing a period of not less than 30 calendar days within which the validation firm may submit written information, views, and arguments on the amendment. (2) After considering all relevant material, the designated official must notify the validation firm of any amendment adopted or rescind the notice of amendment. If the amendment is adopted, it becomes effective not less than 30 calendar days after the validation firm receives the notice of amendment, unless the validation firm disagrees with the proposed amendment and petitions the TSA to reconsider, no later than 15 calendar days before the effective date of the amendment. The validation firm must send the petition for reconsideration to the designated official. A timely Petition for Reconsideration stays the effective date of the amendment. (3) Upon receipt of a Petition for Reconsideration, the designated official must either amend or withdraw the notice of amendment, or transmit the Petition, together with any pertinent information, to TSA for reconsideration. TSA must make a determination on the PO 00000 Frm 00027 Fmt 4701 Sfmt 4700 47697 Petition within 30 calendar days of receipt, either by directing the designated official to withdraw or amend the notice of amendment, or by affirming the notice of amendment. (e) Emergency Amendments. (1) If TSA finds that there is an emergency requiring immediate action that makes compliance with the procedural requirements in this section contrary to the public interest, the designated official may issue an emergency amendment, without the prior notice and comment procedures described in paragraph (d) of this section. (2) The emergency amendment is effective without stay on the date the validation firm receives notification. TSA will incorporate in the notification a brief statement of the reasons and findings for the emergency amendment to be adopted. (3) The validation firm may file a Petition for Reconsideration with TSA no later than 15 calendar days after TSA issues the emergency amendment. The certified cargo screening facility must send the Petition for Reconsideration to the designated official; however, the filing does not stay the effective date of the emergency amendment. (f) Availability. Each validation firm having a security program must do the following: (1) Maintain an original of the security program at its corporate office. (2) Have accessible a complete copy, or the pertinent portions of its security program, or appropriate implementing instructions, at each office where it conducts validation services. An electronic version is adequate. (3) Make a copy of the security program available for inspection upon the request of TSA. (4) Restrict the distribution, disclosure, and availability of information contained in its security program to persons with a need to know, as described in part 1520 of this chapter. (5) Refer requests for such information by other persons to TSA. § 1522.107 Application. (a) Initial application and approval. Unless otherwise authorized by TSA, each applicant must apply for a security program and for approval to operate as a validation firm, in a form and a manner prescribed by TSA, not less than 90 calendar days before the applicant intends to begin operations. The application must be in writing and include the following: (1) The firm’s legal name; other names, including doing business as names; state of incorporation or E:\FR\FM\16SER2.SGM 16SER2 47698 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations licensing, if applicable; and tax identification number. (2) The names of the senior officers or employees of the applicant who will serve as the Security Coordinator and alternates. (3) A signed statement from each person listed in paragraph (a)(2) of this section stating whether he or she has been a senior manager or representative of any operator, whether or not a validation firm, that had its security program withdrawn by TSA. (4) Copies of Government-issued identification of persons listed in paragraph (a)(2) of this section. (5) The street address and e-mail address of the applicant. (6) A statement acknowledging the requirement that all personnel of the applicant who are subject to training under the requirements of this part must successfully complete such training before performing security-related duties. (7) Other information requested by TSA concerning security threat assessments. (8) A statement acknowledging that all personnel of the applicant who must successfully complete a security threat assessment under the requirements of this part must do so before the applicant authorizes the personnel to perform duties under this part. (b) Standard security program. After the Security Coordinator successfully completes a security threat assessment, TSA will provide to the applicant the validation firm standard security program, any security directives, and amendments to the security program and other alternative procedures that apply to validation firms. The applicant may either notify TSA that it accepts the standard security program or submit to TSA a proposed modified security program to the designated official for approval. The validation firm must also submit a supplement to the security program that specifies processes and procedures that the firm will use to maintain the qualification of its validators and its personnel assisting validators with assessments to the designated TSA official for approval. TSA will approve the security program under § 1522.109, or issue a written notice to modify under § 1522.109(b). sroberts on DSKD5P82C1PROD with RULES § 1522.109 TSA review and approval. (a) Review. TSA will review an application received under § 1522.107 to determine whether— (1) The applicant has met the requirements of this part, the proposed security program, and any applicable Emergency Amendment and Security Directive; VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 (2) The applicant is able and willing to carry out the requirements of this part, its security program, and an applicable Emergency Amendment and Security Directive; (3) The approval of such applicant’s security program is not contrary to the interests of security and the public interest; (4) The applicant has not held a security program that was withdrawn within the previous year, unless otherwise authorized by TSA; and (5) TSA determines that the applicant is qualified to be a validation firm. (b) Notice. (1) Approval. If an application is approved, TSA will send the applicant a written notice of approval of its security program, and approval to operate as a validation firm. (2) Commencement of operations. A validation firm may commence operations when it has received approval under this section, and successfully completed training and security threat assessments for all relevant personnel. (3) Disapproval. If an application is disapproved, TSA will serve a written notice of disapproval to the applicant. The notice of disapproval will include the basis of the disapproval of the application. (c) Duration of security program. A security program approved under this section will remain effective until the end of the calendar month 12 months after the month it was approved or until the program has been surrendered or withdrawn, whichever is earlier. § 1522.111 Reconsideration of disapproval of an application. (a) Petition for reconsideration. If TSA disapproves an application under section 1522.107, the applicant may seek reconsideration of the decision by submitting a written petition for reconsideration to the Assistant Secretary or his or her designee within 30 days of receiving the notice of disapproval. The written petition for reconsideration must include a statement and any supporting documentation explaining why the applicant believes the reason for disapproval is incorrect. (b) Review of petition. Upon review of the petition for reconsideration, the Assistant Secretary or designee makes a determination on the petition by either affirming the disapproval of the application or approving the application. The Assistant Secretary or designee may request additional information from the applicant prior to rendering a decision. This disposition is a final agency action for purposes of 49 U.S.C. 46110. PO 00000 Frm 00028 Fmt 4701 Sfmt 4700 § 1522.113 Withdrawal of approval. (a) Basis for withdrawal of approval. TSA may withdraw approval of a TSAapproved validation firm if the validation firm ceases to meet the standards for approval, fails to fulfill its responsibilities under this subpart, or if TSA determines that continued operation is contrary to safety and the public interest. (b) Notice of withdrawal of approval. (1) Except as provided in paragraph (c) of this section, TSA will provide a written notice of proposed withdrawal of approval to the validation firm. (2) The notice of proposed withdrawal of approval will include the basis for the withdrawal of approval. (3) Unless the validation firm files a written petition for reconsideration under paragraph (d) of this section, the notice of proposed withdrawal of approval will become a final notice of withdrawal of approval 31 days after the validation firm’s receipt of the notice of proposed withdrawal of approval. (c) Emergency notice of withdrawal of approval. (1) If TSA finds that there is an emergency requiring immediate action with respect to a TSA-approved validation firm’s ability to perform assessments, TSA may withdraw approval of that validation firm without prior notice. (2) TSA will incorporate in the emergency notice of withdrawal of approval a brief statement of the reasons and findings for the withdrawal of approval. (3) The emergency notice of withdrawal of approval is effective upon the TSA-approved validation firm’s receipt of the notice. The validation firm may file a written petition for reconsideration under paragraph (d) of this section; however, this petition does not stay the effective date of the emergency notice of withdrawal of approval. (d) Petition for reconsideration. A validation firm may seek reconsideration of the withdrawal of approval by submitting a written petition for reconsideration to the Assistant Secretary or designee within 30 days of receiving the notice of withdrawal of approval. The filing of a petition for reconsideration does not stay the effective date of the withdrawal pending the reconsideration. (e) Review of petition. Upon review of the written petition for reconsideration, the Assistant Secretary or designee makes a determination on the petition by either affirming or withdrawing the notice of withdrawal of approval. The Assistant Secretary or designee may request additional information from the validation firm prior to rendering a E:\FR\FM\16SER2.SGM 16SER2 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations decision. This disposition is a final decision for purposes of review under 49 U.S.C. 46110. § 1522.115 Renewal of TSA approval. sroberts on DSKD5P82C1PROD with RULES (a) Application. Every 12 months, computed from the date of initial approval under § 1522.107, or more frequently as required by TSA, each validation firm must apply, in a form and manner prescribed by TSA, for renewal of approval of its security program, and of approval to operate as a validation firm. If the validation firm submits the information in the month before or after it is due, the validation firm is considered to have submitted the information in the month it is due. If the validation firm timely submits its application for review of approval under this section, the validation firm may continue to conduct assessments under this subpart unless and until TSA denies the application. (b) Content. In addition to any other information required by TSA, the validation firm must submit the following information to TSA when applying for renewal: (1) If required, evidence that the validators and other individuals of the validation firm with responsibilities for participating in assessments have successfully completed the initial training under § 1522.119(a) and any recurrent training described in § 1522.119(b). (2) Evidence that the individual validators with responsibilities for conducting assessments continue to be certified or accredited by an organization that TSA recognizes as qualified to certify or accredit a validator. (3) A statement signed by a senior officer or employee of the validation firm attesting that the firm has reviewed and ensures the continuing accuracy of the contents of its initial application for a security program, subsequent renewal applications, or other submissions to TSA confirming a change of information and noting the date such applications and submissions were made to TSA, including the following certification: [Name of validation firm] (hereinafter ‘‘the validation firm’’) has adopted and is currently carrying out a security program in accordance with the Transportation Security Regulations as originally approved on [Insert date of TSA initial approval]. In accordance with TSA regulations, the validation firm has notified TSA of any new or changed information required for the validation firm’s initial security program. If new or changed information is being submitted to TSA as part of this application for reapproval, that information is stated in this filing. The validation firm understands that intentional falsification of certification may VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 be subject to both civil and criminal penalties under 49 CFR part 1540 and 18 U.S.C. 1001. Failure to notify TSA of any new or changed information required for initial approval of the validation firm’s security program in a timely fashion and in a form acceptable to TSA may result in withdrawal by TSA of approval of the validation firm’s security program. (c) Renewal. TSA will renew approval of the security program and the validation firm’s authority to conduct assessments if TSA determines that— (1) The validation firm has met the requirements of this chapter, its security program, and any Security Directive; and (2) The renewal of approval of the validation firm’s security program, and of the approval to operate as a validation firm, is not contrary to the interests of security or the public interest. (d) Effective. The renewal of approval issued pursuant to this section will remain effective until the end of the calendar month 12 months after the month it was approved or until the program has been surrendered or withdrawn, whichever is earlier. (e) Withdrawal. If a validation firm fails to comply with the requirements of this section, TSA may withdraw approval of the validation firm under § 1522.113. § 1522.117 Qualifications of validators. (a) Each assessment conducted under this subpart must be conducted by a validator who meets the following requirements: (1) He or she must be a citizen or national of the United States or be an alien lawfully admitted for permanent residence. (2) He or she must meet the requirements of paragraph (a)(2)(i) or (ii) of this section. (i) He or she must hold a certification or accreditation from an organization that TSA recognizes as qualified to certify or accredit a validator for assessments and must have at least five years of experience in inspection or validating compliance with State or Federal regulations in the security industry, the aviation industry, or government programs. The five years of experience must have been obtained within 10 years of the date of the application. (ii) He or she must have at least five years experience as an inspector for a Federal or State government agency performing inspections similar to the inspections called for in this subpart and part 1549. The five years of experience must have been obtained within 10 years of the date of the application. PO 00000 Frm 00029 Fmt 4701 Sfmt 4700 47699 (3) The validator must have three professional references that address his or her abilities in inspection, validation, and written communications. (4) The validator must have sufficient knowledge of the rules, regulations, policies, security programs, directives, and orders, pertaining to the certified cargo screening program (CCSP). (5) The validator must have the ability to apply the concepts, principles, and methods of compliance with the requirements of the certified cargo screening program to include assessment, inspection, investigation, and reporting of compliance with the certified cargo screening program. (b) Each validator and each individual who assists in conducting assessments must successfully undergo a security threat assessment as required under § 1522.121. § 1522.119 Training. (a) Initial training. The validation firm must ensure that its validators and individuals who will assist in conducting assessments have completed the initial training prescribed by TSA before conducting any assessment under this subpart. (b) Recurrent training. The validation firm must ensure that each validator and each individual assisting in conducting assessments under this subpart completes the recurrent training prescribed by TSA not later than 12 months after the validator’s or individual’s most recent TSA-prescribed training. If the validator or individual completes the recurrent training in the month before or the month after it is due, he or she is considered to have taken it in the month it is due. (c) Content. The training required by this section will include coverage of the applicable provisions of this chapter, including this part, part 1520, and § 1540.105. § 1522.121 Security threat assessments for personnel of TSA-approved validation firms. Each of the following must successfully complete a security threat assessment or comparable security threat assessment described in part 1540, subpart C of this chapter: (a) Each individual who supervises validators or individuals who will assist validators. (b) The validation firm’s validator authorized to perform assessment services under this subpart. (c) The validation firm’s Security Coordinator and alternates. (d) Each individual who will assist the validator in conducting assessments. E:\FR\FM\16SER2.SGM 16SER2 47700 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations § 1522.123 Conduct of assessments. (a) Standards for assessment. Each validator must assess, in a form and manner prescribed by TSA, whether the person seeking to operate or operating as a certified cargo screening facility is in compliance with 49 CFR part 1549. The validator may be assisted by other individuals; however, the validator is directly responsible for the assessment and must sign the assessment report. (b) Conflict of interest. A validator may not conduct an assessment for which there exists a conflict of interest as defined in § 1552.1. (c) Immediate notification to TSA. If during the course of an assessment, the validator believes that there is or may be an instance of noncompliance with TSA requirements that presents an imminent threat to transportation security or public safety, he or she must report the instance immediately to the Security Coordinator, and the Security Coordinator must report the instance immediately to TSA. (d) No authorization to take remedial or disciplinary action. Neither the validation firm nor the validator is authorized to require any remedial action by, or to take any disciplinary or enforcement action against, the facility under assessment. (e) Prohibition on consecutive assessments. Unless otherwise authorized by TSA, a validation firm must not conduct more than two consecutive assessments of a person seeking approval, or renewal of approval, to operate a certified cargo screening facility. § 1522.125 Protection of information. (a) Sensitive Security Information. Each validation firm must comply with the requirements in 49 CFR part 1520 regarding the handling and protection of Sensitive Security Information (SSI). (b) Non-disclosure of proprietary information. Unless explicitly authorized by TSA, no validation firm, or any of its officers, Security Coordinators, validators, or employees, or individuals assisting in validations, may make an unauthorized release nor disseminate any information that TSA or an entity being assessed indicates is proprietary information. sroberts on DSKD5P82C1PROD with RULES § 1522.127 Assessment report. (a) Each validator must prepare and submit to TSA a written assessment report, in a manner and form prescribed by TSA, within 30 calendar days of completing each assessment. (b) The assessment report must include the following information, in addition to any other information otherwise required by TSA: VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 (1) A description of the facilities, equipment, systems, processes, and/or procedures that were assessed and any other information as determined by TSA. (2) The validator’s assessment regarding the facility’s compliance with TSA requirements, including all elements of the applicable security program. (3) Signed attestation by the individual validator with responsibility for the assessment that no conflicts of interest existed with regard to the assessment and that the assessment was conducted impartially, professionally, and consistent with the standards set forth by TSA. § 1522.129 Recordkeeping requirements. (a) Each validation firm must maintain records demonstrating compliance with all statutes, regulations, directives, orders, and security programs that apply to operation as a validation firm, including the records listed below. (b) Each validation firm must retain the following records for 180 days after the individual is no longer employed by the validation firm or is no longer acting as the firm’s agent. (1) Records of all training and instruction given to each individual under the requirements of this subpart. (2) Records demonstrating that the validation firm has complied with the security threat assessment provisions of § 1522.121. (3) Records about the qualifications of validators it uses to conduct assessments under this subpart. (c) Each validation firm must retain the following records until completion of the validation firm’s next review under § 1522.115, after which the records may be destroyed unless TSA instructs the validation firm to retain the records for a longer period. (1) Copies of all applications for approval, or renewal of approval, by TSA to operate as a validation firm under part 1522. (2) Copies of TSA’s approval and renewals of approval as required by part 1522. (d) Each validation firm must retain assessment reports and copies of backup documentation supporting each assessment report submitted to TSA for 42 months after the assessment. Subchapter C—Civil Aviation Security PART 1540—CIVIL AVIATION AUTHORITY: GENERAL RULES 10. The authority citation for part 1540 continues to read as follows: ■ PO 00000 Frm 00030 Fmt 4701 Sfmt 4700 Authority: 49 U.S.C. 114, 5103, 40113, 44901–44907, 44913–44914, 44916–44918, 44935–44936, 44942, 46105. Subpart A—General 11. Amend § 1540.5 by adding definitions of ‘‘certified cargo screening program’’, ‘‘certified cargo screening facility’’, and ‘‘standard security program’’ in alphabetical order to read as follows: ■ § 1540.5 Terms used in this subchapter. * * * * * Certified cargo screening program (CCSP) means the program under which facilities are authorized to screen cargo to be offered for transport on certain passenger aircraft in accordance with 49 CFR part 1549. Certified cargo screening facility (CCSF) means a facility certified by TSA to screen air cargo in accordance with part 1549. As used in this subchapter, ‘‘certified cargo screening facility’’ refers to the legal entity that operates a CCSF at a particular location. * * * * * Standard security program means a security program issued by TSA that serves as a baseline for a particular type of operator. If TSA has issued a standard security program for a particular type of operator, unless otherwise authorized by TSA, each operator’s security program consists of the standard security program together with any amendments and alternative procedures approved or accepted by TSA. * * * * * ■ 12. Revise part 1540, subpart C to read as follows: Subpart C—Security Threat Assessments Sec. 1540.201 Applicability and terms used in this subpart. 1540.203 Security threat assessment. 1540.205 Procedures for security threat assessment. 1540.207 [Reserved] 1540.209 Fees for security threat assessment. § 1540.201 Applicability and terms used in this subpart. (a) This subpart includes the procedures that certain aircraft operators, foreign air carriers, indirect air carriers, certified cargo screening facilities, and TSA-approved validation firms must use to have security threat assessments performed on certain individuals pursuant to 49 CFR 1522.121, 1544.228, 1546.213, 1548.7, 1548.15, 1548.16, and 1549.113. This subpart applies to the following: E:\FR\FM\16SER2.SGM 16SER2 sroberts on DSKD5P82C1PROD with RULES Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations (1) Each aircraft operator operating under a full program or full all-cargo program described in 49 CFR 1544.101(a) or (h). (2) Each foreign air carrier operating under a program described in 49 CFR 1546.101(a), (b), or (e). (3) Each indirect air carrier operating under a security program described in 49 CFR part 1548. (4) Each applicant applying for unescorted access to cargo under one of the programs described in (a)(1) through (a)(3) of this section. (5) Each proprietor, general partner, officer, director, or owner of an indirect air carrier as described in 49 CFR 1548.16. (6) Each certified cargo screening facility described in 49 CFR part 1549. (7) Each individual a certified cargo screening facility authorizes to perform screening or supervise screening. (8) Each individual the certified cargo screening facility authorizes to have unescorted access to cargo at any time from the time it is screened until the time it is tendered to an indirect air carrier under 49 CFR part 1548, an aircraft operator under part 1544, or a foreign air carrier under part 1546. (9) The senior manager or representative of its facility in control of the operations of a certified cargo screening facility under 49 CFR part 1549. (10) Each TSA-approved validation firm for the certified cargo screening program described in 49 CFR part 1522 subpart B. (11) Each individual of the TSAapproved validation firm under 49 CFR part 1522 subpart B who supervises, conducts, or assists in the validation. (12) The security coordinator and alternates of each TSA-approved validation firm under 49 CFR part 1522 subpart B and of each certified cargo screening facility. (b) For purposes of this subpart— Applicant means the individuals listed in paragraph (a) of this section. Operator means an aircraft operator, foreign air carrier, and indirect air carrier listed in paragraphs (a)(1) through (a)(3) of this section, a certified cargo screening facility described in paragraph (a)(6) of this section, and a TSA-approved validator described in paragraph (a)(10) of this section. (c) An applicant poses a security threat under this subpart when TSA determines that he or she is known to pose or is suspected of posing a threat— (1) To national security; (2) To transportation security; or (3) Of terrorism. VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 § 1540.203 Security threat assessment. (a) Each operator subject to this subpart must ensure that each of the following undergoes a security threat assessment or a comparable security threat assessment described in § 1540.205: (1) Personnel of TSA-approved validation firms, as described in § 1522.121. (2) Cargo personnel in the United States, as described in § 1544.228. (3) Cargo personnel in the United States, as described in § 1546.213. (4) Individuals with unescorted access to cargo, as described in § 1548.15. (5) Proprietors, general partners, officers, directors, and owners of an indirect air carrier, as described in § 1548.16. (6) Personnel of certified cargo screening facilities, as described in § 1549.111. (b) Each operator must verify the identity and work authorization of each applicant and examine the document(s) presented by the applicant to prove identity and work authorization to determine whether they appear to be genuine and relate to the applicant presenting them. (c) Each operator must submit to TSA a security threat assessment application for each applicant that is dated and signed by the applicant and that includes the following: (1) Legal name, including first, middle, and last; any applicable suffix; and any other names used previously. (2) Current mailing address, including residential address if it differs from the current mailing address; all other residential addresses for the previous five years; and e-mail address if the applicant has an e-mail address. (3) Date and place of birth. (4) Social security number (submission is voluntary, although failure to provide it may delay or prevent completion of the threat assessment). (5) Gender. (6) Country of citizenship. (7) If the applicant is a U.S. citizen born abroad or a naturalized U.S. citizen, their U.S. passport number; or the 10-digit document number from the applicant’s Certificate of Birth Abroad, Form DS–1350. (8) If the applicant is not a U.S. citizen, the applicant’s Alien Registration Number. (9) The applicant’s daytime telephone number. (10) The applicant’s current employer(s), and the address and telephone number of the employer(s). (11) A Privacy Notice as required in the security program and the following statement: PO 00000 Frm 00031 Fmt 4701 Sfmt 4700 47701 The information I have provided on this application is true, complete, and correct to the best of my knowledge and belief and is provided in good faith. I understand that a knowing and willful false statement, or an omission of a material fact, on this application can be punished by fine or imprisonment or both (see section 1001 of Title 18 United States Code), and may be grounds for denial of authorization or in the case of parties regulated under this section, removal of authorization to operate under this chapter, if applicable. I acknowledge that if I do not successfully complete the security threat assessment, the Transportation Security Administration may notify my employer. If TSA or other law enforcement agency becomes aware that I may pose an imminent threat to an operator or facility, TSA may provide limited information necessary to reduce the risk of injury or damage to the operator or facility. (d) Each operator must retain the following for 180 days following the end of the applicant’s service to the operator: (1) The applicant’s signed security threat assessment application. (2) Copies of the applicant’s document(s) used to verify identity and work authorization. (3) Any notifications or documents sent to or received from TSA relating to the applicant’s application and security threat assessment. (4) As applicable, a copy of the applicant’s credential evidencing completion of a threat assessment deemed comparable under paragraph (f) of this section. (e) Records under this section may include electronic documents with electronic signature or other means of personal authentication, where accepted by TSA. (f) TSA may determine that a security threat assessment conducted by another governmental agency is comparable to a security threat assessment conducted under this subpart. Individuals who have successfully completed a comparable security threat assessment are not required to undergo the security threat assessments described in this subpart. If TSA makes a comparability determination under this section, TSA will so notify the public. In making a comparability determination, TSA will consider— (i) The minimum standards used for the security threat assessment; (ii) The frequency of the security threat assessment; (iii) The date of the most recent threat assessment; and (iv) Other factors TSA deems appropriate. (g) To apply for a comparability determination, the agency seeking the determination must contact the E:\FR\FM\16SER2.SGM 16SER2 47702 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations Assistant Program Manager, Attn: Federal Agency Comparability Check, Hazmat Threat Assessment Program, Transportation Security Administration, 601 South 12th Street, Arlington, VA 20598–6019. (h) TSA has determined that each of the following are comparable to the security threat assessment required in this subpart: (1) A CHRC conducted in accordance with §§ 1542.209, 1544.229, or 1544.230 that includes a name-based check conducted by TSA. (2) A security threat assessment conducted under 49 CFR part 1572 for the Transportation Worker Identification Credential or Hazardous Materials Endorsement programs. (3) A security threat assessment conducted for the Free and Secure Trade (FAST) program administered by U.S. Customs and Border Protection. (i) If asserting completion of a comparable threat assessment listed in paragraph (h) of this section, an individual must— (1) Present the credential that corresponds to successful completion of the comparable assessment to the operator so the operator may retain a copy of it; and (2) Notify the operator when the credential that corresponds to successful completion of the comparable assessment expires or is revoked for any reason. (j) A security threat assessment conducted under this subpart remains valid for five years from the date that TSA issues a Determination of No Security Threat or a Final Determination of Threat Assessment, except— (1) If the applicant is no longer authorized to be in the United States, the security threat assessment and the privileges it conveys expire on the date lawful presence expires; or (2) If the applicant asserts completion of a comparable threat assessment, it expires five years from the date of issuance of the credential that corresponds to the comparable assessment, or the date on which the credential is revoked for any reason. sroberts on DSKD5P82C1PROD with RULES § 1540.205 Procedures for security threat assessment. (a) Contents of security threat assessment. The security threat assessment TSA conducts under this subpart includes an intelligence-related check and a final disposition. (b) Intelligence-related check. To conduct an intelligence-related check, TSA completes the following procedures: (1) Reviews the applicant information required in 49 CFR 1540.203. VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 (2) Searches domestic and international government databases to determine if an applicant meets the requirements of 49 CFR 1540.201(c) or to confirm an applicant’s identity. (3) Adjudicates the results in accordance with 49 CFR 1540.201(c). (c) Wants, warrants, deportable aliens. If the searches listed in paragraph (b)(2) of this section indicate that an applicant has an outstanding want or warrant, or is a deportable alien under the immigration laws of the United States, TSA sends the applicant’s information to the appropriate law enforcement or immigration agency. (d) Final disposition. Following completion of the procedures described in paragraph (b), the following procedures apply, as appropriate: (1) TSA serves a Determination of No Security Threat on the applicant and operator if TSA determines that the applicant meets the security threat assessment standards in 49 CFR 1540.201(c). (2) TSA serves an Initial Determination of Threat Assessment on the applicant, if TSA determines that the applicant does not meet the security threat assessment standards in 49 CFR 1540.201(c). The Initial Determination of Threat Assessment includes— (i) A statement that TSA has determined that the applicant is suspected of posing or poses a security threat; (ii) The basis for the determination; (iii) Information about how the applicant may appeal the determination, as described in 49 CFR 1515.9; and (iv) A statement that if the applicant chooses not to appeal TSA’s determination within 60 days of receipt of the Initial Determination, or does not request an extension of time within 60 days of the Initial Determination of Threat Assessment in order to file an appeal, the Initial Determination becomes a Final Determination of Security Threat Assessment. (3) TSA serves an Initial Determination of Threat Assessment and Immediate Revocation on the applicant and the applicant’s operator or other operator as approved by TSA, where appropriate, if TSA determines that the applicant does not meet the security threat assessment standards in 49 CFR 1540.201(c) and may pose an imminent threat to transportation or national security, or of terrorism. The Initial Determination of Threat Assessment and Immediate Revocation includes— (i) A statement that TSA has determined that the applicant is PO 00000 Frm 00032 Fmt 4701 Sfmt 4700 suspected of posing or poses an imminent security threat; (ii) The basis for the determination; (iii) Information about how the applicant may appeal the determination, as described in 49 CFR 1515.5(h) or 1515.9(h), as applicable; and (iv) A statement that if the applicant chooses not to appeal TSA’s determination within 60 days of receipt of the Initial Determination, or does not request an extension of time within 60 days of the Initial Determination of Threat Assessment in order to file an appeal, the Initial Determination becomes a Final Determination of Security Threat Assessment. (4) If the applicant does not appeal the Initial Determination of Threat Assessment or Initial Determination of Threat Assessment and Immediate Revocation, or if TSA does not grant the appeal, TSA serves a Final Determination of Threat Assessment on the individual and the applicant. (5) If the applicant appeals an Initial Determination of Threat Assessment, the procedures in 49 CFR 1515.5 or 1515.9 apply. § 1540.207 [Reserved] § 1540.209 Fees for security threat assessment. This section describes the payment process for completion of the security threat assessments required under subpart. (a) Fees for security threat assessment. (1) TSA routinely establishes and collects fees to conduct the security threat assessment process. These fees apply to all entities requesting a security threat assessment. TSA reviews the amount of the fee periodically, at least once every two years, to determine the current cost of conducting security threat assessments. TSA determines fee amounts and any necessary revisions to the fee amounts based on current costs, using a method of analysis consistent with widely accepted accounting principles and practices, and calculated in accordance with the provisions of 31 U.S.C. 9701 and other applicable Federal law. (2) TSA will publish fee amounts and any revisions to the fee amounts as a notice in the Federal Register. (b) [Reserved] (c) Remittance of fees. (1) The fees required under this subpart must be remitted to TSA in a form and manner acceptable to TSA each time the applicant or an aircraft operator, foreign air carrier, indirect air carrier, certified cargo screening facility, or TSAapproved validation firm submits the information required under § 1540.203 or § 1540.207 to TSA. E:\FR\FM\16SER2.SGM 16SER2 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations (2) Fees remitted to TSA under this subpart must be payable to the ‘‘Transportation Security Administration’’ in U.S. currency and drawn on a U.S. bank. (3) TSA will not issue any fee refunds, unless a fee was paid in error. 13. Add new subpart D to part 1540 to read as follows: ■ Subpart D—Responsibilities of Holders of TSA-Approved Security Programs Sec. 1540.301 Withdrawal of approval of a security program. 1540.303 [Reserved] Subpart D—Responsibilities of Holders of TSA-Approved Security Programs sroberts on DSKD5P82C1PROD with RULES § 1540.301 Withdrawal of approval of a security program. (a) Applicability. This section applies to holders of a security program approved or accepted by TSA under 49 CFR chapter XII, subchapter C. (b) Withdrawal of security program approval. TSA may withdraw the approval of a security program, if TSA determines continued operation is contrary to security and the public interest, as follows: (1) Notice of proposed withdrawal of approval. TSA will serve a Notice of Proposed Withdrawal of Approval, which notifies the holder of the security program, in writing, of the facts, charges, and applicable law, regulation, or order that form the basis of the determination. (2) Security program holder’s reply. The holder of the security program may respond to the Notice of Proposed Withdrawal of Approval no later than 15 calendar days after receipt of the withdrawal by providing the designated official, in writing, with any material facts, arguments, applicable law, and regulation. (3) TSA review. The designated official will consider all information available, including any relevant material or information submitted by the holder of the security program, before either issuing a Withdrawal of Approval of the security program or rescinding the Notice of Proposed Withdrawal of Approval. If TSA issues a Withdrawal of Approval, it becomes effective upon receipt by the holder of the security program, or 15 calendar days after service, whichever occurs first. (4) Petition for reconsideration. The holder of the security program may petition TSA to reconsider its Withdrawal of Approval by serving a petition for consideration no later than VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 15 calendar days after the holder of the security program receives the Withdrawal of Approval. The holder of the security program must serve the Petition for Reconsideration on the designated official. Submission of a Petition for Reconsideration will not stay the Withdrawal of Approval. The holder of the security program may request the designated official to stay the Withdrawal of Approval pending review of and decision on the Petition. (5) Assistant Secretary’s review. The designated official transmits the Petition together with all pertinent information to the Assistant Secretary for reconsideration. The Assistant Secretary will dispose of the Petition within 15 calendar days of receipt by either directing the designated official to rescind the Withdrawal of Approval or by affirming the Withdrawal of Approval. The decision of the Assistant Secretary constitutes a final agency order subject to judicial review in accordance with 49 U.S.C. 46110. (6) Emergency withdrawal. If TSA finds that there is an emergency with respect to aviation security requiring immediate action that makes the procedures in this section contrary to the public interest, the designated official may issue an Emergency Withdrawal of Approval of a security program without first issuing a Notice of Proposed Withdrawal of Approval. The Emergency Withdrawal would be effective on the date that the holder of the security program receives the emergency withdrawal. In such a case, the designated official will send the holder of the security program a brief statement of the facts, charges, applicable law, regulation, or order that forms the basis for the Emergency Withdrawal. The holder of the security program may submit a Petition for Reconsideration under the procedures in paragraphs (b)(4) through (b)(5) of this section; however, this petition will not stay the effective date of the Emergency Withdrawal. (c) Service of documents for withdrawal of approval of security program proceedings. Service may be accomplished by personal delivery, certified mail, or express courier. Documents served on the holder of a security program will be served at its official place of business as designated in its application for approval or its security program. Documents served on TSA must be served to the address noted in the Notice of Withdrawal of Approval or Withdrawal of Approval, whichever is applicable. (1) Certificate of service. An individual may attach a certificate of service to a document tendered for PO 00000 Frm 00033 Fmt 4701 Sfmt 4700 47703 filing. A certificate of service must consist of a statement, dated and signed by the person filing the document, that the document was personally delivered, served by certified mail on a specific date, or served by express courier on a specific date. (2) Date of service. The date of service is— (i) The date of personal delivery; (ii) If served by certified mail, the mailing date shown on the certificate of service, the date shown on the postmark if there is no certificate of service, or other mailing date shown by other evidence if there is no certificate of service or postmark; or (iii) If served by express courier, the service date shown on the certificate of service, or by other evidence if there is no certificate of service. (d) Extension of time. TSA may grant an extension of time to the limits set forth in this section for good cause shown. A security program holder must submit a request for an extension of time in writing, and TSA must receive it at least two days before the due date in order to be considered. TSA may grant itself an extension of time for good cause. § 1540.303 [Reserved] PART 1544—AIRCRAFT OPERATOR SECURITY: AIR CARRIERS AND COMMERCIAL OPERATORS 14. The authority citation for part 1544 continues to read as follows: ■ Authority: 49 U.S.C. 114, 5103, 40113, 44901–44905, 44907, 44913–44914, 44916– 44918, 44932, 44935–44936, 44942, 46105. Subpart C—Operations 15. Amend § 1544.205 by revising paragraph (e) and adding new paragraph (g) to read as follows: ■ § 1544.205 cargo. Acceptance and screening of * * * * * (e) Acceptance of cargo only from specified persons. Each aircraft operator operating under a full program or a full all-cargo program may accept cargo to be loaded in the United States for air transportation only from the shipper, an aircraft operator, foreign air carrier, or indirect air carrier operating under a security program under this chapter with a comparable cargo security program, or, in the case of an operator under a full program, from a certified cargo screening facility, as provided in its security program. * * * * * (g) Screening of cargo loaded inside the United States by a full program E:\FR\FM\16SER2.SGM 16SER2 47704 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations operator. For cargo to be loaded in the United States, each operator under a full program in § 1544.101(a) must ensure that all cargo is screened in the United States as follows: (1) Amount screened. (i) Not later than February 3, 2009, each operator under a full program must ensure that at least 50 percent of its cargo is screened prior to transport on a passenger aircraft. (ii) Not later than August 3, 2010, each operator under a full program must ensure that 100 percent of its cargo is screened prior to transport on a passenger aircraft. (2) Methods of screening. For the purposes of this paragraph (g), the aircraft operator must ensure that cargo is screened using a physical examination or non-intrusive method of assessing whether cargo poses a threat to transportation security, as provided in its security program. Such methods may include TSA-approved x-ray systems, explosives detection systems, explosives trace detection, explosives detection canine teams certified by TSA, or a physical search together with manifest verification, or other method approved by TSA. (3) Limitation on who may conduct screening. Screening must be conducted by the aircraft operator on an airport with a complete program under 49 CFR part 1542, by another aircraft operator or foreign air carrier operating under a security program under this chapter with a comparable cargo security program on an airport, by a certified cargo screening facility in accordance with 49 CFR part 1549, or by TSA. If an aircraft operator or foreign air carrier screens cargo off an airport, it must do so as a certified cargo screening facility in accordance with part 1549. (4) Verification. The aircraft operator must verify that the chain of custody measures for the screened cargo are intact prior to loading such cargo on aircraft, or must ensure that the cargo is re-screened in accordance with this chapter. ■ 16. Revise § 1544.228 to read as follows: sroberts on DSKD5P82C1PROD with RULES § 1544.228 Access to cargo and cargo screening: Security threat assessments for cargo personnel in the United States. This section applies in the United States to each aircraft operator operating under a full program under § 1544.101(a) or a full all-cargo program under § 1544.101(h). (a) Before an aircraft operator authorizes and before an individual performs a function described in paragraph (b) of this section— VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 (1) Each individual must successfully complete a security threat assessment or comparable security threat assessment described in part 1540 subpart C of this chapter; and (2) Each aircraft operator must complete the requirements in part 1540 subpart C. (b) The security threat assessment required in paragraph (a) of this section applies to the following: (1) Each individual who has unescorted access to cargo and access to information that such cargo will be transported on a passenger aircraft; or who has unescorted access to cargo that has been screened for transport on a passenger aircraft; or who performs certain functions related to the transportation, dispatch, or security of cargo for transport on a passenger aircraft or all-cargo aircraft, as specified in the aircraft operator’s security program; from the time— (i) The cargo reaches a location where an aircraft operator with a full all-cargo program consolidates or inspects it pursuant to security program requirements until the cargo enters an airport Security Identification Display Area or is transferred to another TSAregulated aircraft operator, foreign air carrier, or indirect air carrier; or (ii) An aircraft operator with a full program accepts the cargo until the cargo— (A) Enters an airport Security Identification Display Area; (B) Is removed from the destination airport; or (C) Is transferred to another TSAregulated aircraft operator, foreign air carrier, or indirect air carrier. (2) Each individual the aircraft operator authorizes to screen cargo or to supervise the screening of cargo under § 1544.205. Subpart E—Screener Qualifications When the Aircraft Operator Performs Screening 17. Revise § 1544.401 to read as follows: ■ § 1544.401 Applicability of this subpart. This subpart applies when the aircraft operator is conducting inspections as provided in § 1544.207. § 1544.403 ■ [Removed and Reserved] 18. Remove and reserve § 1544.403. § 1544.405 Qualifications of screening personnel. 19. Revise the heading of § 1544.405 to read as set forth above. ■ 20. Amend § 1544.407 by revising the heading and paragraph (c) to read as follows: ■ PO 00000 Frm 00034 Fmt 4701 Sfmt 4700 § 1544.407 Training, testing, and knowledge of individuals who perform screening functions. * * * * * (c) Citizenship. A screener must be a citizen or national of the United States. * * * * * § 1544.409 Integrity of screener tests. 21. Revise the heading of § 1544.409 to read as set forth above. ■ § 1544.411 Continuing qualifications of screening personnel. 22. Revise the heading of § 1544.411 to read as set forth above. ■ PART 1546—FOREIGN AIR CARRIER SECURITY 23. The authority citation for part 1546 continues to read as follows: ■ Authority: 49 U.S.C. 114, 5103, 40113, 44901–44905, 44907, 44914, 44916–44917, 44935–44936, 44942, 46105. Subpart C—Operations 24. Amend § 1546.205 by revising paragraphs (d) and (e) and adding new paragraph (g) to read as follows: ■ § 1546.205 cargo. Acceptance and screening of * * * * * (d) Screening and inspection of cargo in the United States. For cargo to be loaded in the United States, each foreign air carrier operating a program under § 1546.101(1)(a), (b), (e), or (f) must ensure that cargo is screened and inspected for any unauthorized person, and any unauthorized explosive, incendiary, and other destructive substances or items as provided in the foreign air carrier’s security program and § 1546.207, and as provided in § 1546.213 for operations under § 1546.101(a) or (b), before loading it on its aircraft in the United States. (e) Acceptance of cargo only from specified persons. Except as otherwise provided in its program, each foreign air carrier operating a program under § 1546.101(a), (b), (e) or (f) may accept cargo for air transportation to be loaded in the United States only from the shipper, or from an aircraft operator, foreign air carrier, or indirect air carrier operating under a security program under this chapter with a comparable cargo security program, or, in the case of a foreign air carrier under § 1546.101(a) or (b), from a certified cargo screening facility, as provided in its security program. * * * * * (g) Screening of cargo loaded inside the United States under § 1546.101(a) or E:\FR\FM\16SER2.SGM 16SER2 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations (b). For cargo to be loaded in the United States, each foreign air carrier under § 1546.101(a) or (b) must ensure that all cargo is screened in the United States as follows: (1) Amount screened. (i) Not later than February 3, 2009, each foreign air carrier must ensure that at least 50 percent of its cargo is screened prior to transport on a passenger aircraft. (ii) Not later than August 3, 2010, each foreign air carrier must ensure that 100 percent of its cargo is screened prior to transport on a passenger aircraft. (2) Methods of screening. For the purposes of this paragraph (g), the foreign air carrier must ensure that cargo is screened using a physical examination or non-intrusive method of assessing whether cargo poses a threat to transportation security, as provided in its security program. Such methods may include TSA-approved x-ray systems, explosives detection systems, explosives trace detection, explosives detection canine teams certified by TSA, a physical search together with manifest verification, or other method approved by TSA. (3) Limitation on who may conduct screening. Screening must be conducted by the foreign air carrier on an airport, by another aircraft operator or foreign air carrier operating under a security program under this chapter with a comparable cargo security program on an airport with a complete program under 49 CFR part 1542, by a certified cargo screening facility in accordance with 49 CFR part 1549, or by TSA. If an aircraft operator or foreign air carrier screens cargo off an airport, it must do so as a certified cargo screening facility in accordance with part 1549. (4) The foreign air carrier must verify that the chain of custody measures for the screened cargo are intact prior to loading such cargo on aircraft, or must ensure that the cargo is re-screened in accordance with this chapter. ■ 25. Revise § 1546.213 to read as follows: sroberts on DSKD5P82C1PROD with RULES § 1546.213 Access to cargo: Security threat assessments for cargo personnel in the United States. This section applies in the United States to each foreign air carrier operating under § 1546.101(a), (b), or (e). (a) Before a foreign air carrier authorizes and before an individual performs a function described in paragraph (b) of this section— (1) Each individual must successfully complete a security threat assessment or comparable security threat assessment described in part 1540 subpart C of this chapter; and VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 (2) Each aircraft operator must complete the requirements in part 1540 subpart C. (b) The security threat assessment required in paragraph (a) of this section applies to the following: (1) Each individual who has unescorted access to cargo and access to information that such cargo will be transported on a passenger aircraft; or who has unescorted access to cargo that has been screened for transport on a passenger aircraft; or who performs certain functions related to the transportation, dispatch or security of cargo for transport on a passenger aircraft or all-cargo aircraft, as specified in the foreign air craft operator’s or foreign air carrier’s security program; from the time— (i) The cargo reaches a location where a foreign air carrier operating under § 1546.101(e) consolidates or inspects it pursuant to security program requirements, until the cargo enters an airport Security Identification Display Area or is transferred to another TSAregulated aircraft operator, foreign air carrier, or indirect air carrier; or (ii) A foreign air carrier under §§ 1546.101(a) or (b) accepts the cargo, until the cargo— (A) Enters an airport Security Identification Display Area; (B) Is removed from the destination airport; or (C) Is transferred to another TSAregulated aircraft operator, foreign air carrier, or indirect air carrier. (2) Each individual the foreign air carrier authorizes to screen cargo or to supervise the screening of cargo under § 1546.205. Subpart E—Screener Qualifications When the Foreign Air Carrier Conducts Screening 26. Revise § 1546.401 to read as follows: ■ § 1546.401 Applicability of this subpart. This subpart applies when the aircraft operator is conducting inspections as provided in § 1546.207. § 1546.403 ■ [Removed and Reserved] 27. Remove and reserve § 1546.403. § 1546.405 Qualifications of screening personnel. 28. Revise the heading of § 1546.405 to read as set forth above. ■ § 1546.407 Training, testing, and knowledge of individuals who perform screening functions. 29. Revise the heading of § 1546.407 to read as set forth above. ■ PO 00000 Frm 00035 Fmt 4701 Sfmt 4700 § 1546.409 47705 Integrity of screener tests. 30. Revise the heading of § 1546.409 to read as set forth above. ■ § 1546.411 Continuing qualifications of screening personnel. 31. Revise the heading of § 1546.411 to read as set forth above. ■ PART 1548—INDIRECT AIR CARRIER SECURITY 32. The authority citation for part 1548 continues to read as follows: ■ Authority: 49 U.S.C. 114, 5103, 40113, 44901–44905, 44913–44914, 44916–44917, 44932, 44935–44936, 46105. 33. Revise § 1548.7(f) to read as follows: ■ § 1548.7 Approval, amendment, annual renewal, and withdrawal of approval of the security program. * * * * * (f) Withdrawal of approval of a security program. Section 1540.301 includes procedures for withdrawal of approval of a security program. * * * * * ■ 34. Revise § 1548.15 to read as follows: § 1548.15 Access to cargo: Security threat assessments for individuals having unescorted access to cargo. (a) Before an aircraft operator authorizes and before an individual performs a function described in paragraph (b) of this section— (1) Each individual must successfully complete a security threat assessment or comparable security threat assessment described in part 1540 subpart C of this chapter; and (2) Each aircraft operator must complete the requirements in part 1540 subpart C. (b) The security threat assessment required in paragraph (a) of this section applies to the following: (1) Each individual who has unescorted access to cargo and access to information that such cargo will be transported on a passenger aircraft; or who has unescorted access to cargo screened for transport on a passenger aircraft; or who performs certain functions related to the transportation, dispatch or security of cargo for transport on a passenger aircraft or allcargo aircraft, as specified in the indirect air carrier’s security program; from the time— (i) Cargo to be transported on an allcargo aircraft operated by an aircraft operator with a full all-cargo program under § 1544.101(h) of this chapter, or by a foreign air carrier under § 1546.101(e) of this chapter, reaches an E:\FR\FM\16SER2.SGM 16SER2 47706 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations indirect air carrier facility where the indirect air carrier consolidates or holds the cargo, until the indirect air carrier transfers the cargo to an aircraft operator or foreign air carrier; or (ii) Cargo to be transported on a passenger aircraft operated by an aircraft operator with a full program under § 1544.101(a) or by a foreign air carrier under § 1546.101(a) or (b) of this chapter, is accepted by the indirect air carrier, until the indirect air carrier transfers the cargo to an aircraft operator or foreign air carrier. (2) Each individual the indirect air carrier authorizes to screen cargo or to supervise the screening of cargo under § 1548.21. ■ 35. Revise § 1548.16(a) to read as follows: 1549.109 Security Directives and Information Circulars. 1549.111 Security threat assessments for personnel of certified cargo screening facilities. § 1548.16 Security threat assessments for each proprietor, general partner, officer, director, and certain owners of the entity. § 1549.3 (a) Before an indirect air carrier permits a proprietor, general partner, officer, director, or owner of the entity to perform those functions— (1) The proprietor, general partner, officer, director, or owner of the entity must successfully complete a security threat assessment or comparable security threat assessment described in part 1540 subpart C of this chapter; and (2) Each indirect air carrier must complete the requirements in 49 CFR part 1540, subpart C. * * * * * ■ 36. Add new § 1548.21 to read as follows: § 1548.21 Screening of cargo. An IAC may only screen cargo for transport on a passenger aircraft under §§ 1544.205 and 1546.205 if the IAC is a certified cargo screening facility as provided in part 1549. ■ 37. Add new part 1549 to subchapter C to read as follows: PART 1549—CERTIFIED CARGO SCREENING PROGRAM sroberts on DSKD5P82C1PROD with RULES Subpart A—General Sec. 1549.1 Applicability. 1549.3 TSA inspection authority. 1549.5 Adoption and implementation of the security program. 1549.7 Approval, amendment, renewal of the security program and certification of the certified cargo screening facility. Subpart B—Operations 1549.101 Acceptance, screening, and transfer of cargo. 1549.103 Qualifications and Training of individuals with security-related duties. 1549.105 Recordkeeping. 1549.107 Security coordinators. VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 Authority: 49 U.S.C. 114, 5103, 40113, 44901–44905, 44913–44914, 44916–44917, 44932, 44935–44936, 46105. Subpart A—General § 1549.1 Applicability. This part applies to each facility applying for or certified by TSA as a certified cargo screening facility to screen cargo that will be transported on a passenger aircraft operated under a full program under 49 CFR 1544.101(a), or a foreign air carrier operating under a program under 49 CFR 1546.101(a) or (b). TSA inspection authority. (a) Each certified cargo screening facility must allow TSA, at any time or place, in a reasonable manner, without advance notice, to enter the facility and make any inspections or tests, including copying records, to— (1) Determine compliance of a certified cargo screening facility, airport operator, foreign air carrier, indirect air carrier, or airport tenant with this chapter and 49 U.S.C. 114 and Subtitle VII, as amended; or (2) Carry out TSA’s statutory or regulatory authorities, including its authority to— (i) Assess threats to transportation; (ii) Enforce security-related regulations, directives, and requirements: (iii) Inspect, maintain, and test the security of facilities, equipment, and systems; (iv) Ensure the adequacy of security measures for the transportation of passengers and cargo; (v) Oversee the implementation, and ensure the adequacy, of security measures at airports and other transportation facilities; (vi) Review security plans; and (vii) Carry out such other duties, and exercise such other powers, relating to transportation security as the Assistant Secretary of Homeland Security for the TSA considers appropriate, to the extent authorized by law. (b) At the request of TSA, each certified cargo screening facility must provide evidence of compliance with this chapter, including copying records. (c) TSA and DHS officials working with TSA may conduct inspections under this section without access media or identification media issued or approved by a certified cargo screening facility or other person, except that the TSA and DHS officials will have PO 00000 Frm 00036 Fmt 4701 Sfmt 4700 identification media issued by TSA or DHS. § 1549.5 Adoption and implementation of the security program. (a) Security program required. No person may screen cargo to be tendered to an aircraft operator operating under a full program under part 1544, a foreign air carrier operating under § 1546.101(a) or (b), or an indirect air carrier operating under § 1548.5 for carriage on a passenger aircraft, unless that person holds and carries out an approved security program under this part. (b) Content. Each security program under this part must— (1) Provide for the security of the aircraft, as well as that of persons and property traveling in air transportation against acts of criminal violence and air piracy and against the introduction into the aircraft of any unauthorized explosive, incendiary, and other destructive substance or item as provided in the certified cargo screening facility’s security program; (2) Be designed to prevent or deter the introduction of any unauthorized explosive, incendiary, and other destructive substance or item onto an aircraft; and (3) Include the procedures and description of the facilities and equipment used to comply with the requirements of this part. (c) Employees and agents. The certified cargo screening facility must ensure that its employees and agents carry out the requirements of this chapter and the certified cargo screening facility’s security program. (d) Facility’s security program. The certified cargo screening facility standard security program together with approved alternate procedures and amendments issued to a particular facility constitutes that facility’s security program. (e) Availability. Each certified cargo screening facility must: (1) Maintain an original of the security program at its corporate office. (2) Have accessible a complete copy, or the pertinent portions of its security program, or appropriate implementing instructions, at its facility. An electronic version is adequate. (3) Make a copy of the security program available for inspection upon the request of TSA. (4) Restrict the distribution, disclosure, and availability of information contained in its security program to persons with a need to know, as described in part 1520 of this chapter. (5) Refer requests for such information by other persons to TSA. E:\FR\FM\16SER2.SGM 16SER2 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations sroberts on DSKD5P82C1PROD with RULES § 1549.7 Approval, amendment, renewal of the security program and certification of a certified cargo screening facility. (a) Initial application and approval. (1) Application. Unless otherwise authorized by TSA, each applicant must apply for a security program and for certification as a certified cargo screening facility at a particular location, in a form and a manner prescribed by TSA not less than 90 calendar days before the applicant intends to begin operations. TSA will only approve a facility to operate as a CCSF if it is located in the United States. The CCSF application must be in writing and include the following: (i) The business name; other names, including doing business as; state of incorporation, if applicable; and tax identification number. (ii) The name of the senior manager or representative of the applicant in control of the operations at the facility. (iii) A signed statement from each person listed in paragraph (a)(1)(ii) of this section stating whether he or she has been a senior manager or representative of a facility that had its security program withdrawn by TSA. (iv) Copies of government-issued identification of persons listed in paragraph (a)(1)(ii) of this section. (v) The street address of the facility where screening will be conducted. (vi) A statement acknowledging and ensuring that each individual and agent of the applicant, who is subject to training under § 1549.11, will have successfully completed the training outlined in its security program before performing security-related duties. (vii) Other information requested by TSA concerning Security Threat Assessments. (viii) A statement acknowledging and ensuring that each individual will successfully complete a Security Threat Assessment under § 1549.111 before the applicant authorizes the individual to have unescorted access to screened cargo or to screen or supervise the screening of cargo. (2) Standard security program and assessment. (i) After the Security Coordinator for an applicant successfully completes a security threat assessment, TSA will provide to the applicant the certified cargo screening standard security program, any security directives, and amendments to the security program and other alternative procedures that apply to the facility. The applicant may either accept the standard security program or submit a proposed modified security program to the designated official for approval. TSA will approve the security program under paragraphs (a)(3) and (a)(4) of the VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 section or issue a written notice to modify under paragraph (a)(4) of this section. (ii) An applicant must successfully undergo an assessment by a TSAapproved validation firm under 49 CFR part 1522 or by TSA. (3) Review. TSA will review a facility at a particular location to determine whether— (i) The applicant has met the requirements of this part, its security program, and any applicable Security Directive; (ii) The applicant has successfully undergone an assessment by a TSAapproved validation firm under 49 CFR part 1522 or by TSA; (iii) The applicant is able and willing to carry out the requirements of this part, its security program, and an applicable Security Directive; (iv) The approval of such applicant’s security program is not contrary to the interests of security and the public interest; (v) The applicant has not held a security program that was withdrawn within the previous year, unless otherwise authorized by TSA; and (vi) TSA determines that the applicant is qualified to be a certified cargo screening facility. (4) Approval and certification. If TSA determines that the requirements of paragraph (a)(4) of this section are met and the application is approved, TSA will send the applicant a written notice of approval of its security program, and certification to operate as a certified cargo screening facility. (5) Commencement of operations. The certified cargo screening facility may operate under a security program when it meets all TSA requirements, including but not limited to a validation by TSA or a TSA-approved validation firm, successful completion of training, and Security Threat Assessments by relevant personnel. (6) Duration of security program. The security program will remain effective until the end of the calendar month three years after the month it was approved or until the program has been surrendered or withdrawn, whichever is earlier. (7) Requirement to report changes in information. Each certified cargo screening facility under this part must notify TSA, in a form and manner approved by TSA, of any changes to the information submitted during its initial application. (i) The CCSF must submit this notification to TSA not later than 30 days prior to the date the change is expected to occur. PO 00000 Frm 00037 Fmt 4701 Sfmt 4700 47707 (ii) Changes included in the requirement of this paragraph include, but are not limited to, changes in the certified cargo screening facility’s contact information, senior manager or representative, business addresses and locations, and form of business facility. (iii) If the certified cargo screening facility relocates, TSA will withdraw the existing certification and require the new facility to undergo a validation and certification process. (b) Renewal Application. Upon timely submittal of an application for renewal, and unless and until TSA denies the application, the certified cargo screening facility’s approved security program remains in effect. (1) Unless otherwise authorized by TSA, each certified cargo screening facility must timely submit to TSA, at least 30 calendar days prior to the first day of the 36th anniversary month of initial approval of its security program, an application for renewal of its security program in a form and a manner approved by TSA. (2) The certified cargo screening facility must demonstrate that it has successfully undergone a revalidation of its operations by a TSA or a TSAapproved validation firm prior to the first day of the 36th anniversary month of initial approval of its security program. (3) The application for renewal must be in writing and include a signed statement that the certified cargo screening facility has reviewed and ensures the continuing accuracy of the contents of its initial application for a security program, subsequent renewal applications, or other submissions to TSA confirming a change of information and noting the date such applications and submissions were sent to TSA, including the following certification: [Name of certified cargo screening facility] (hereinafter ‘‘the CCSF’’) has adopted and is currently carrying out a security program in accordance with the Transportation Security Regulations as originally approved on [Insert date of TSA initial approval]. In accordance with TSA regulations, the CCSF has notified TSA of any new or changed information required for the CCSF’s initial security program. If new or changed information is being submitted to TSA as part of this application for reapproval, that information is stated in this filing. The CCSF understands that intentional falsification of certification to an aircraft operator, foreign air carrier, indirect air carrier, or to TSA may be subject to both civil and criminal penalties under 49 CFR part 1540 and 18 U.S.C. 1001. Failure to notify TSA of any new or changed information required for initial approval of the CCSF’s security program in a timely fashion and in a form acceptable to TSA may result in E:\FR\FM\16SER2.SGM 16SER2 47708 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations sroberts on DSKD5P82C1PROD with RULES withdrawal by TSA of approval of the CCSF’s security program. (4) TSA will renew approval of the security program if TSA determines that— (i) The CCSF has met the requirements of this chapter, its security program, and any Security Directive; and (ii) The renewal of its security program is not contrary to the interests of security and the public interest. (5) If TSA determines that the certified cargo screening facility meets the requirements of paragraph (b)(3) of this section, it will renew the certified cargo screening facility’s security program and certification. The security program and certification will remain effective until the end of the calendar month three years after the month it was renewed. (c) Amendment requested by a certified cargo screening entity or applicant. A certified cargo screening facility or applicant may file a request for an amendment to its security program with the TSA designated official at least 45 calendar days before the date it proposes for the amendment to become effective, unless the designated official allows a shorter period. Any certified cargo screening facility may submit to TSA a group proposal for an amendment that is on behalf of it and other certified cargo screening facilities that co-sign the proposal. (1) Within 30 calendar days after receiving a proposed amendment, the designated official, in writing, either approves or denies the request to amend. (2) TSA may approve an amendment to a certified cargo screening facility’s security program, if the TSA designated official determines that safety and the public interest will allow it, and if the proposed amendment provides the level of security required under this part. (3) Within 30 calendar days after receiving a denial of the proposed amendment, the certified cargo screening facility may petition TSA to reconsider the denial. The CCSF must file the Petition for Reconsideration with the designated official. (4) Upon receipt of a Petition for Reconsideration, the designated official either approves the request to amend or transmits the petition, together with any pertinent information, to TSA for reconsideration. TSA will dispose of the petition within 30 calendar days of receipt by either directing the designated official to approve the amendment or by affirming the denial. (d) Amendment by TSA. TSA may amend a security program in the interest VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 of safety and the public interest, as follows: (1) TSA notifies the certified cargo screening facility, in writing, of the proposed amendment, fixing a period of not less than 30 calendar days within which the certified cargo screening facility may submit written information, views, and arguments on the amendment. (2) After considering all relevant material, the designated official notifies the certified cargo screening facility of any amendment adopted or rescinds the notice of amendment. If the amendment is adopted, it becomes effective not less than 30 calendar days after the certified cargo screening facility receives the notice of amendment, unless the certified cargo screening facility disagrees with the proposed amendment and petitions the TSA to reconsider, no later than 15 calendar days before the effective date of the amendment. The certified cargo screening facility must send the petition for reconsideration to the designated official. A timely Petition for Reconsideration stays the effective date of the amendment. (3) Upon receipt of a Petition for Reconsideration, the designated official either amends or withdraws the notice of amendment, or transmits the Petition, together with any pertinent information, to TSA for reconsideration. TSA disposes of the Petition within 30 calendar days of receipt, either by directing the designated official to withdraw or amend the notice of amendment, or by affirming the notice of amendment. (e) Emergency amendments. (1) If TSA finds that there is an emergency requiring immediate action, with respect to aviation security that makes procedures in this section contrary to the public interest, the designated official may issue an emergency amendment, without the prior notice and comment procedures described in paragraph (d) of this section. (2) The emergency amendment is effective without stay on the date the certified cargo screening facility receives notification. TSA will incorporate in the notification a brief statement of the reasons and findings for the emergency amendment to be adopted. (3) The certified cargo screening facility may file a Petition for Reconsideration with the TSA no later than 15 calendar days after TSA issued the emergency amendment. The certified cargo screening facility must send the Petition for Reconsideration to the designated official; however, the filing does not stay the effective date of the emergency amendment. PO 00000 Frm 00038 Fmt 4701 Sfmt 4700 Subpart B—Operations § 1549.101 Acceptance, screening, and transfer of cargo. (a) Preventing or deterring the carriage of any explosive or incendiary. Each certified cargo screening facility must use the facilities, equipment, and procedures described in its security program to prevent or deter the carriage onboard an aircraft of any unauthorized explosives, incendiaries, and other destructive substances or items in cargo onboard an aircraft, as provided in the facility’s security program. (b) Screening and inspection of cargo. Each certified cargo screening facility must ensure that cargo is screened and inspected for any unauthorized explosive, incendiary, and other destructive substance or item as provided in the facility’s security program before it is tendered to another certified cargo screening facility, an aircraft operator with a full program under part 1544, a foreign air carrier operating under §§ 1546.101(a) or (b), or an indirect air carrier operating under § 1548.5 for transport on a passenger aircraft. Cargo that the facility represents as screened, must be screened in accordance with this part. (c) Refusal to transport. Each certified cargo screening facility must refuse to offer to another certified cargo screening facility, an aircraft operator with a full program under part 1544, a foreign air carrier operating under §§ 1546.101(a) or (b), or an indirect air carrier operating under § 1548.5 for transport on a passenger aircraft any cargo, if the shipper does not consent to a search or inspection of that cargo in accordance with this part, or parts 1544, 1546, or 1548 of this chapter. (d) Chain of custody. Each certified cargo screening facility must protect the cargo from unauthorized access from the time it is screened until the time it is tendered to another certified cargo screening facility as approved by TSA, an indirect air carrier under 49 CFR part 1548, an aircraft operator under part 1544, or a foreign air carrier under part 1546. § 1549.103 Qualifications and training of individuals with security-related duties. (a) Security threat assessments. Each certified cargo screening facility must ensure that individuals listed in 49 CFR 1540.201(a)(6), (7), (8), (9), and (12) relating to a certified cargo screening facility complete a security threat assessment or comparable security threat assessment described in part 1540, subpart C of this chapter, before conducting screening or supervising screening or before having unescorted E:\FR\FM\16SER2.SGM 16SER2 sroberts on DSKD5P82C1PROD with RULES Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations access to screened cargo, unless the individual is authorized to serve as law enforcement personnel at that location. (b) Training required. Each certified cargo screening facility must ensure that individuals have received training, as specified in this section and its security program, before such individual perform any duties to meet the requirements of its security program. (c) Knowledge and training requirements. Each certified cargo screening facility must ensure that each individual who performs duties to meet the requirements of its security program have knowledge of, and annual training in, the— (1) Applicable provisions of this chapter, including this part, part 1520, and § 1540.105; (2) The certified cargo screening facility’s security program, to the extent that such individuals need to know in order to perform their duties; (3) Applicable Security Directives and Information Circulars; and (4) The applicable portions of approved airport security program(s) and aircraft operator security program(s). (d) Screener qualifications. Each certified cargo screening facility must ensure that each individual who screens cargo or who supervises cargo screening— (1) Is a citizen or national of the United States, or an alien lawfully admitted for permanent residence; (2) Has a high school diploma, a General Equivalency Diploma, or a combination of education and experience that the certified cargo screening facility has determined to have equipped the person to perform the duties of the position; (3) Has basic aptitudes and physical abilities including color perception, visual and aural acuity, physical coordination, and motor skills to the extent required to effectively operate cargo screening technologies that the facility is authorized to use. These include: (i) The ability to operate x-ray equipment and to distinguish on the xray monitor the appropriate imaging standard specified in the certified cargo screening facility security program. Wherever the x-ray system displays colors, the operator must be able to perceive each color. (ii) The ability to distinguish each color displayed on every type of screening equipment and explain what each color signifies. (iii) The ability to hear and respond to the spoken voice and to audible alarms generated by screening equipment. VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 (4) Has the ability to read, write and understand English well enough to carry out written and oral instructions regarding the proper performance of screening duties or be under the direct supervision of someone who has this ability, including reading labels and shipping papers, and writing log entries into security records in English. § 1549.105 Recordkeeping. (a) Each certified cargo screening facility must maintain records demonstrating compliance with all statutes, regulations, directives, orders, and security programs that apply to operation as a certified cargo screening facility, including the records listed below, at the facility location or other location as approved by TSA: (1) Records of all training and instructions given to each individual under § 1549.103. The CCSF must retain these records for 180 days after the individual is no longer employed by the certified cargo screening facility or is no longer acting as the facility’s agent. (2) Copies of all applications for, or renewals of, TSA certification to operate under part 1549. Copies of reports by TSA-certified validators must be included in these records. (3) Documents establishing TSA’s certification and renewal of certification as required by part 1549. (4) Records demonstrating that each individual has complied with the security threat assessment provisions of § 1549.111. (b) Unless otherwise stated, records must be retained until the next recertification. § 1549.107 Security coordinators. Each certified cargo screening facility must have a Security Coordinator and designated alternate Security Coordinator appointed at the corporate level. In addition, each certified cargo screening facility must have a facility Security Coordinator and alternate facility Security Coordinator appointed at the facility level. The facility Security Coordinator must serve as the certified cargo screening facility’s primary contact for security-related activities and communications with TSA, as set forth in the security program. The Security Coordinator and alternate appointed at the corporate level, as well as the facility Security Coordinator and alternate, must be available on a 24hour, 7-days a week basis. § 1549.109 Security Directives and Information Circulars. (a) TSA may issue an Information Circular to notify certified cargo screening facilities of security concerns. PO 00000 Frm 00039 Fmt 4701 Sfmt 4700 47709 (b) When TSA determines that additional security measures are necessary to respond to a threat assessment, or to a specific threat against civil aviation, TSA issues a Security Directive setting forth mandatory measures. (1) Each certified cargo screening facility must comply with each Security Directive that TSA issues to it, within the time prescribed in the Security Directive for compliance. (2) Each certified cargo screening facility that receives a Security Directive must comply with the following: (i) Within the time prescribed in the Security Directive, acknowledge in writing receipt of the Security Directive to TSA. (ii) Within the time prescribed in the Security Directive, specify the method by which the measures in the Security Directive have been implemented (or will be implemented, if the Security Directive is not yet effective). (3) In the event that the certified cargo screening facility is unable to implement the measures in the Security Directive, the certified cargo screening facility must submit proposed alternative measures and the basis for submitting the alternative measures to TSA for approval. (i) The certified cargo screening facility must submit the proposed alternative measures within the time prescribed in the Security Directive. (ii) The certified cargo screening facility must implement any alternative measures approved by TSA. (4) Each certified cargo screening facility that receives a Security Directive may comment on it by submitting data, views, or arguments in writing to TSA. (i) TSA may amend the Security Directive based on comments received. (ii) Submission of a comment does not delay the effective date of the Security Directive. (5) Each certified cargo screening facility that receives a Security Directive or Information Circular, and each person who receives information from a Security Directive or Information Circular, must— (i) Restrict the availability of the Security Directive or Information Circular, and information contained in either document, to those persons with a need-to-know; and (ii) Refuse to release the Security Directive or Information Circular, and information contained in either document, to persons other than those with a need-to-know without the prior written consent of TSA. E:\FR\FM\16SER2.SGM 16SER2 47710 Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / Rules and Regulations § 1549.111 Security threat assessments for personnel of certified cargo screening facilities. sroberts on DSKD5P82C1PROD with RULES (a) Scope. This section applies to the following: (1) Each individual the certified cargo screening facility authorizes to perform cargo screening or supervise cargo screening. (2) Each individual the certified cargo screening facility authorizes to have unescorted access to cargo at any time from the time it is screened until the time it is tendered to another certified cargo screening facility, an indirect air VerDate Nov<24>2008 18:23 Sep 15, 2009 Jkt 217001 carrier under 49 CFR part 1548 for transport on a passenger aircraft, an aircraft operator under part 1544, or a foreign air carrier under part 1546. (3) The senior manager or representative of its facility in control of the operations. (4) The security coordinators and their alternates. (b) Security threat assessment. Before a certified cargo screening facility authorizes an individual to perform the functions described in paragraph (a) of this section, and before the individual performs those functions— PO 00000 Frm 00040 Fmt 4701 Sfmt 4700 (1) Each individual must successfully complete a security threat assessment or comparable security threat assessment described in part 1540, subpart C of this chapter; and (2) Each certified screening facility must complete the requirements in 49 CFR part 1540, subpart C. Issued in Arlington, VA, on September 1, 2009. Gale D. Rossides, Acting Administrator. [FR Doc. E9–21794 Filed 9–15–09; 8:45 am] BILLING CODE 9110–05–P E:\FR\FM\16SER2.SGM 16SER2

Agencies

[Federal Register Volume 74, Number 178 (Wednesday, September 16, 2009)]
[Rules and Regulations]
[Pages 47672-47710]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: E9-21794]



[[Page 47671]]

-----------------------------------------------------------------------

Part III





Department of Homeland Security





-----------------------------------------------------------------------



Transportation Security Administration



-----------------------------------------------------------------------



49 CFR Parts 1515, 1520, 1522, et al.



Air Cargo Screening; Interim Final Rule

Federal Register / Vol. 74, No. 178 / Wednesday, September 16, 2009 / 
Rules and Regulations

[[Page 47672]]


-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Transportation Security Administration

49 CFR Parts 1515, 1520, 1522, 1540, 1544, 1546, 1548, and 1549

[Docket No. TSA-2009-0018; Amendment Nos. 1515-1, 1520-8, 1522-New, 
1540-10, 1544-9, 1546-5, 1548-5, 1549-New]
RIN 1652-AA64


Air Cargo Screening

AGENCY: Transportation Security Administration, DHS.

ACTION: Interim final rule; request for comments.

-----------------------------------------------------------------------

SUMMARY: This rule codifies a statutory requirement of the Implementing 
Recommendations of the 9/11 Commission Act that the Transportation 
Security Administration (TSA) establish a system to screen 100 percent 
of cargo transported on passenger aircraft by August 3, 2010. To assist 
in carrying out this mandate, this rule establishes a program under 
which TSA will certify cargo screening facilities located in the U.S. 
that volunteer to screen cargo prior to tendering it to aircraft 
operators for carriage on passenger aircraft. This rule requires 
affected passenger aircraft operators to ensure that either an aircraft 
operator or certified cargo screening facility that does so in 
accordance with TSA standards, or TSA itself, screens all cargo loaded 
on passenger aircraft.
    TSA will require certified cargo screening facilities (CCSFs) to 
screen cargo using TSA-approved methods and implement chain of custody 
measures to ensure the security of the screened cargo throughout the 
air cargo supply chain prior to tendering it for transport on passenger 
aircraft. CCSF personnel must successfully undergo a TSA-conducted 
security threat assessment (STA) and pay a fee for that assessment. TSA 
proposes a fee to cover the Government's costs in conducting the STA 
and requests comment on the fee and the methodology used to develop the 
fee.
    Before being certified and periodically thereafter, the CCSF must 
undergo examination by a TSA-approved validator. Validators must have 
specified qualifications, complete training regarding the certified 
cargo screening program (CCSP), and successfully undergo a TSA-
conducted STA as described in the discussion of part 1540 in this 
preamble, and pay a fee for that assessment.

DATES: Effective Date: This rule is effective November 16, 2009.
    Comment Date: Comments must be received by November 16, 2009.

ADDRESSES: You may submit comments, identified by the TSA docket number 
to this rulemaking, to the Federal Docket Management System (FDMS), a 
government-wide, electronic docket management system, using any one of 
the following methods:
    Electronically: You may submit comments through the Federal 
eRulemaking portal at http://www.regulations.gov. Follow the online 
instructions for submitting comments.
    Mail, In Person, or Fax: Address, hand-deliver, or fax your written 
comments to the Docket Management Facility, U.S. Department of 
Transportation, 1200 New Jersey Avenue, SE., West Building Ground 
Floor, Room W12-140, Washington, DC 20590-0001; Fax 202-493-2251. The 
Department of Transportation (DOT), which maintains and processes TSA's 
official regulatory dockets, will scan the submission and post it to 
FDMS.
    See SUPPLEMENTARY INFORMATION for format and other information 
about comment submissions.

FOR FURTHER INFORMATION CONTACT: Tamika McCree, Manager, Air Cargo 
Stakeholder Relations, Air Cargo Security, TSA-28, Transportation 
Security Administration, 601 South 12th Street, Arlington, VA 20598-
6028; telephone (571) 227-2632; facsimile (571) 227-1947; e-mail 
AirCargoScreeningCommentsIFR@dhs.gov.

SUPPLEMENTARY INFORMATION:

Comments Invited

    TSA adopts this interim rule without prior notice and prior public 
comment. In this rule, however, TSA seeks prior public comment on our 
proposed fee to cover the cost of the STAs. To the maximum extent 
possible, DHS provides an opportunity for public comment on regulations 
issued without prior notice. Accordingly, TSA invites interested 
persons to participate in this rulemaking by submitting written 
comments, data, or views on the proposed fee for the STA, as well as 
all other aspects of this rule. We also invite comments relating to the 
economic, environmental, energy, or federalism impacts that might 
result from this rulemaking action. See ADDRESSES above for information 
on where to submit comments.
    With each comment, please identify the docket number at the 
beginning of your comments. TSA encourages commenters to provide their 
names and addresses. The most helpful comments reference a specific 
portion of the rulemaking, explain the reason for any recommended 
change, and include supporting data. You may submit comments and 
material electronically, in person, by mail, or fax as provided under 
ADDRESSES, but please submit your comments and material by only one 
means. If you submit comments by mail or delivery, submit them in an 
unbound format, no larger than 8.5 by 11 inches, suitable for copying 
and electronic filing.
    If you would like TSA to acknowledge receipt of comments submitted 
by mail, include with your comments a self-addressed, stamped postcard 
on which the docket number appears. We will stamp the date on the 
postcard and mail it to you.
    TSA will file in the public docket all comments received by TSA, 
except for comments containing confidential information and sensitive 
security information (SSI),\1\ TSA will consider all comments received 
on or before the closing date for comments and will consider comments 
filed late to the extent practicable. The docket is available for 
public inspection before and after the comment closing date.
---------------------------------------------------------------------------

    \1\ ``Sensitive Security Information'' or ``SSI'' is information 
obtained or developed in the conduct of security activities, the 
disclosure of which would constitute an unwarranted invasion of 
privacy, reveal trade secrets or privileged or confidential 
information, or be detrimental to the security of transportation. 
The protection of SSI is governed by 49 CFR part 1520.
---------------------------------------------------------------------------

Handling of Confidential or Proprietary Information and Sensitive 
Security Information (SSI) Submitted in Public Comments

    Do not submit comments that include trade secrets, confidential 
commercial or financial information, or SSI to the public regulatory 
docket. Please submit such comments separately from other comments on 
the rulemaking. Comments containing this type of information should be 
appropriately marked as containing such information and submitted by 
mail to the address listed in FOR FURTHER INFORMATION CONTACT section.
    Upon receipt of such comments, TSA will not place the comments in 
the public docket and will handle them in accordance with applicable 
safeguards and restrictions on access. TSA will hold documents 
containing SSI, confidential business information, or trade secrets in 
a separate file to which the public does not have access, and place a 
note in the public docket that TSA has received such materials from the 
commenter. If TSA determines, however, that portions of these comments 
may be made publicly available, TSA may include a redacted

[[Page 47673]]

version of the comment in the public docket. If TSA receives a request 
to examine or copy information that is not in the public docket, TSA 
will treat it as any other request under the Freedom of Information Act 
(FOIA) (5 U.S.C. 552) and the FOIA regulation of the Department of 
Homeland Security found in 6 CFR part 5.

Reviewing Comments in the Docket

    Please be aware that anyone is able to search the electronic form 
of all comments received into any of our dockets by the name of the 
individual who submitted the comment (or signed the comment, if 
submitted on behalf of an association, business, labor union, etc.). 
You may review the applicable Privacy Act Statement published in the 
Federal Register on April 11, 2000 (65 FR 19477) and modified on 
January 17, 2008 (73 FR 3316).
    You may review TSA's electronic public docket on the Internet at 
http://www.regulations.gov. In addition, DOT's Docket Management 
Facility provides a physical facility, staff, equipment, and assistance 
to the public. To obtain assistance or to review comments in TSA's 
public docket, you may visit this facility between 9 a.m. to 5 p.m., 
Monday through Friday, excluding legal holidays, or call (202) 366-
9826. This docket operations facility is located in the West Building 
Ground Floor, Room W12-140 at 1200 New Jersey Avenue, SE., Washington, 
DC 20590.

Availability of Rulemaking Document

    You can get an electronic copy using the Internet by--
    (1) Searching the electronic Federal Docket Management System 
(FDMS) Web page at http://www.regulations.gov;
    (2) Accessing the Government Printing Office's Web page at http://www.gpoaccess.gov/fr/index.html; or
    (3) Visiting TSA's Security Regulations Web page at http://www.tsa.gov and accessing the link for ``Research Center'' at the top 
of the page.
    In addition, copies are available by writing or calling the 
individual in the FOR FURTHER INFORMATION CONTACT section. Make sure to 
identify the docket number of this rulemaking.

Small Entity Inquiries

    The Small Business Regulatory Enforcement Fairness Act (SBREFA) of 
1996 requires TSA to comply with small entity requests for information 
and advice about compliance with statutes and regulations within TSA's 
jurisdiction. Any small entity that has a question regarding this 
document may contact the person listed in FOR FURTHER INFORMATION 
CONTACT. Persons can obtain further information regarding SBREFA on the 
Small Business Administration's Web page at http://www.sba.gov/advo/laws/law_lib.html.

Abbreviations and Terms Used in This Document

CBP U.S. Customs and Border Protection
CCSF Certified Cargo Screening Facility
CCSP Certified Cargo Screening Program
CFR Code of Federal Regulations
CHRC Criminal History Records Check
DHS Department of Homeland Security
FSD Federal Security Director
IAC Indirect Air Carrier
IED Improvised Explosive Device
MSP Model Security Program
SIDA Security Identification Display Area
SSI Sensitive Security Information
STA Security Threat Assessment
TSA Transportation Security Administration

Outline of Interim Final Rule

I. Summary of Rule
II. Background
    A. Current Air Cargo Screening
    B. 9/11 Act Requirements
    C. Development of the Certified Cargo Screening Program
    D. Certified Cargo Screening Pilot Programs
III. TSA's Program for Achieving the Statutory Mandates for Cargo 
Loaded Domestically
IV. Organization of the Rule
V. Section-by-Section Analysis
VI. Good Cause for Immediate Adoption
VII. Paperwork Reduction Act
VIII. Economic Impact Analyses
    A. Regulatory Evaluation Summary
    B. Executive Order 12866 Assessment
    C. Regulatory Flexibility Act Assessment
    D. International Trade Impact Assessment
    E. Unfunded Mandates Assessment
IX. Executive Order 13132, Federalism
X. Environmental Analyses
XI. Energy Impact Analysis
List of Subjects
The Amendments

I. Summary of Rule

    This rule provides that affected U.S. aircraft operators and 
foreign air carriers \2\ must have screened at least 50 percent of its 
cargo transported on passenger aircraft by February 3, 2009, and must 
screen 100 percent of cargo by August 3, 2010, to carry out sec. 1602 
of the Implementing the Recommendations of the 9/11 Commission Act of 
2007 (Pub. L. 110-53, 121 Stat. 266, 478, Aug. 3, 2007) (9/11 Act). The 
rule applies to certain commercial passenger operations, and applies to 
foreign air carriers the same standards that apply to U.S. aircraft 
operators, for the same types of flights. This rule applies only to 
cargo loaded in the United States. It does not apply to either U.S. 
aircraft operators or foreign air carriers when they load cargo outside 
the U.S. and transport it into the U.S., nor to U.S. or foreign all-
cargo operations. This rule will not cover general aviation operations.
---------------------------------------------------------------------------

    \2\ The affected aircraft operators are U.S. aircraft operators 
with full programs under 49 CFR 1544.101(a) and foreign air carriers 
with security programs under 49 CFR 1546.101(a) or (b). This 
includes aircraft operators with scheduled or public charter 
operations with an aircraft having a passenger seating configuration 
of 61 or more seats, and those operating smaller aircraft when 
passengers are enplaned from or deplaned into a sterile area.
---------------------------------------------------------------------------

    The Transportation Security Administration (TSA) concluded that 
this mandate could not be achieved by relying solely on U.S. aircraft 
operators and foreign air carriers to conduct screening. Aircraft 
operators do not have the capacity to screen the approximately 12 
million pounds of cargo that is now transported on passenger aircraft 
daily. Requiring passenger aircraft operators to screen 100 percent of 
air cargo would result in carrier delays, backlogs of unscreened cargo, 
and missed flights, which could significantly impede the flow of 
commerce.
    Accordingly, TSA will establish the certified cargo screening 
program (CCSP) to allow entities other than aircraft operators to 
conduct screening off-airport. Under the CCSP, facilities upstream in 
the air cargo supply chain, such as shippers, manufacturers, 
warehousing entities, distributors, third party logistics companies, 
and Indirect Air Carriers (IACs) that are located in the U.S., may 
apply to TSA to become certified cargo screening facilities (CCSFs). 
Aircraft operators that screen cargo off-airport must also become CCSFs 
in order to screen cargo for transport on passenger aircraft. These 
applicants must submit to TSA an application for certification of a 
single facility, including a TSA-approved validator's evaluation of the 
applicant's security measures. Once certified, the CCSF must--
     Implement the certified cargo screening standard security 
program that TSA develops and any amendments to it;
     Appoint security coordinators at the corporate and 
facility levels and alternates to be available 24 hours per day, 7 days 
per week;
     Ensure that the following individuals successfully undergo 
a TSA-conducted STA: (1) Each employee and authorized representative 
who screens cargo or has unescorted access to screened cargo, and (2) 
each security coordinator and alternate, senior manager of the 
facility, and other individual who implements the cargo screening 
program;

[[Page 47674]]

     Adhere to strict physical and access control measures for 
the storage, handling, and screening of cargo;
     Screen cargo using TSA-approved methods;
     Implement chain of custody requirements, including the use 
of tamper evident technology, which must begin when the cargo is 
screened and remain intact until the cargo is tendered to the aircraft 
operator for transport on a passenger aircraft; and
     Apply for recertification, including a new examination by 
a TSA-approved validator, every 36 months.
    TSA believes that it is important for CCSFs to submit to a 
recertification assessment of their security programs every three years 
in order to maintain good standing in the CCSP. Within the 36 month 
period, TSA will inspect the CCSF for compliance and the CCSFs will 
conduct quarterly self-audits. TSA based the 36-month cycle on a 
similar program in the United Kingdom, the Known Consignor program 
discussed in section II.C. below.
    This rule establishes procedures under which firms may apply for 
TSA's approval to conduct validation assessments of CCSF facilities. 
Approved validation firms must hold and carry out a TSA-approved 
security program, must have security coordinators to be the primary 
point of contact for security at the facility, and must ensure that 
individuals conducting assessments have professional qualifications, 
receive training, do not have conflicts of interest with facilities to 
be assessed, and conduct assessments impartially. The rule requires 
validators and their supervisors and validation firm security 
coordinators and their alternates to successfully undergo a TSA-
conducted STA. Individuals conducting validation assessments must--
     Be a citizen or national of the United States or be a 
lawful permanent resident alien;
     Hold a certification or accreditation from a TSA-
recognized organization qualified to certify or accredit a validator;
     Have at least five years of experience in inspection or 
validating compliance with certain government and industry 
organizations;
     Have sufficient knowledge of certain regulations, 
policies, and security programs and be able to determine compliance;
     Have sufficient knowledge of the CCSP; and
     Conduct no more than two assessments of a facility seeking 
approval, unless TSA authorizes otherwise.
    This rule also amends the threat assessment provisions that 
currently exist in 49 CFR part 1540, subpart C, for individuals who 
work in the air cargo sector to enhance TSA's ability to effectively 
conduct STAs.

II. Background

A. Current Air Cargo Screening

    Since 2002, TSA has implemented a multilayered, risk-based system 
for securing cargo transported on passenger aircraft. U.S. aircraft 
operators and foreign air carriers must ensure that cargo transported 
on passenger aircraft is screened or inspected as set forth in their 
security programs. 49 CFR 1544.205, 1546.205. IACs must screen a 
certain percentage of cargo prior to tendering the cargo for transport 
or take other security measures as required in the applicable Security 
Directives and in their security programs.\3\ U.S. aircraft operators, 
foreign air carriers, and IACs must screen 100 percent of cargo 
considered to present an ``elevated risk,'' and TSA screens 100 percent 
of all cargo transported on passenger aircraft at Category II-IV 
airports.\4\
---------------------------------------------------------------------------

    \3\ Security Directives and security programs are SSI and the 
details are non-public information. See footnote 1.
    \4\ There are several categories of airport designations that 
are based largely on the number of enplanements. Category II-IV 
airports include those with less than five million annual domestic 
enplanements or with five million or more annual domestic 
enplanements, but less than one million international enplanements. 
Overall, approximately 99 percent of cargo loaded on passenger 
aircraft in the United States is loaded at Category X and I 
airports.
---------------------------------------------------------------------------

    Currently, aircraft operators conduct screening of most cargo at 
the airports. Generally applicable TSA-approved methods of screening 
include x-ray, explosives trace detection (ETD), explosive detection 
systems (EDS), explosives detection canine teams, and physical 
inspection along with verification of the description of the cargo on 
the shipping manifest. There are certain categories of cargo for which 
these generally applicable methods of screening may not be effective or 
feasible, so the aircraft operators and IACs use TSA-approved 
alternative methods of screening.

B. 9/11 Act Requirements

    The 9/11 Act amended 49 U.S.C. 44901(g)(1), which provides, in 
pertinent part:

    Not later than 3 years after the date of enactment of the [9/11 
Act], the Secretary of Homeland Security shall establish a system to 
screen 100 percent of cargo transported on passenger aircraft 
operated by an air carrier or foreign air carrier in air 
transportation or intrastate air transportation to ensure the 
security of all such passenger aircraft carrying cargo.

As amended by the 9/11 Act, 49 U.S.C. 44901(g)(2) provides that the 
system used to screen cargo on passenger aircraft shall provide a level 
of security ``commensurate with the level of security for the screening 
of passenger checked baggage'' and directs that--
     Fifty percent of such cargo must be screened not later 
than February 3, 2009; and
     One hundred percent of such cargo must be screened not 
later than August 3, 2010.

Section 44901(g)(3)(B) explicitly authorizes TSA to issue an interim 
final rule (IFR) to implement the requirements. If TSA issues an IFR, 
TSA must issue a final rule not later than one year after the effective 
date of the IFR.
    The 9/11 Act defines the term ``screening'' in sec. 44901(g)(5) to 
mean ``a physical examination or non-intrusive method of assessing 
whether cargo poses a threat to transportation security. Methods 
include x-ray systems, explosives detection systems, explosives trace 
detection, explosives detection canine teams certified by TSA or a 
physical search together with manifest verification.'' This section 
further provides that TSA may approve additional methods to ensure that 
the cargo does not pose a threat to transportation security and to 
assist in meeting the requirements of the 9/11 Act. TSA will continue 
to consider different technologies or methods for screening cargo 
transported on passenger or cargo flights. TSA would approve these 
additional methods and technologies based on their applicability and 
effectiveness in screening specific commodities.

C. Development of the Certified Cargo Screening Program

    TSA recognized that it needed to develop a program that could 
achieve the 9/11 Act's requirement for 100 percent screening while 
still allowing for the flow of commerce. Approximately 12 million 
pounds of cargo are transported on passenger aircraft in the United 
States each day. In evaluating the practical implications of 100 
percent screening, the Congressional Research Service has stated that 
``* * * given the sheer volume of cargo that must be expediently 
processed and loaded on aircraft * * * full screening of air cargo, as 
is now required of checked passenger baggage, is likely to present 
significant logistic and operational challenges.'' CRS Report for 
Congress, Air Cargo Security, Updated July 30, 2007, CRS-2.

[[Page 47675]]

    TSA has developed the CCSP by working closely with U.S. and 
international agencies and associations to incorporate key aspects of 
similar security programs in other countries and in the United States. 
In particular, TSA studied the Known Consignor programs in Great 
Britain and Ireland. Such programs have been in effect for several 
years and operate successfully. TSA also examined the security measures 
of the Customs-Trade Partnership Against Terrorism (C-TPAT), a U.S. 
Customs and Border Protection (CBP) program. Like the programs in Great 
Britain and Ireland, CBP's C-TPAT program adopts the concept of supply 
chain security in its voluntary program under which participants 
benefit from expedited CBP processing.
    The United Kingdom (UK) Known Consignor program has key features 
that TSA has incorporated into the CCSP. First, like the CCSP, the UK 
Known Consignor program relies on authorized entities to augment air 
carriers' screening of cargo. Both programs rely on a chain of custody 
concept, requiring verification that no tampering has occurred between 
the time of screening and the time the cargo is tendered to the air 
carrier.
    Second, the UK Known Consignor program requires approved validators 
to assess Known Consignors and requires Known Consignors to pay a fee 
for these assessments. TSA based the validator requirements in this 
IFR, in part, on the UK program. In both programs, entities wishing to 
serve as validators seek approval from the government regulatory 
agency. In both programs, the government reviews the validators' 
assessments and, where appropriate, government agents may conduct 
inspections to determine if enforcement action is necessary.
    In addition to these structural similarities, some of the methods 
to secure cargo will be similar in the two programs. For example, the 
UK program makes use of tamper-resistant seals, tamper evident tape, 
and procedures to document that the cargo is not subject to 
unauthorized access from the time the cargo is screened until it is 
tendered to an aircraft operator for transport on a passenger aircraft. 
These are key elements in the CCSP ``chain of custody'' framework.
    The UK program has been in place since 2003 and has achieved the 
benefits TSA seeks to gain from the CCSP. Known consignors screen close 
to 50 percent of cargo that otherwise would be screened by aircraft 
operators and foreign air carriers on airports; the rest of the cargo 
is screened by air carriers. Having aircraft operators and foreign air 
carriers screen all cargo at airports could result in delays in flights 
and backlogs of cargo to be screened. The UK program significantly 
reduces potential adverse impacts on the flow of commerce that 
otherwise could result if aircraft operators and foreign air carriers 
were required to screen all cargo. The same concerns exist for 
screening cargo at U.S. airports.

D. Certified Cargo Screening Pilot Programs

    TSA is testing the concept of screening earlier in the supply chain 
by conducting two parallel pilot programs: (1) The CCSP pilot involving 
shippers and other entities, such as manufacturers, distributors, and 
third party logistics companies, and (2) the IAC technology pilot. The 
CCSP pilots began at the following major gateway airports representing 
over 65% of all air cargo loaded on passenger flights: San Francisco 
(SFO), Chicago (ORD), Philadelphia (PHL), Seattle (SEA), Los Angeles 
(LAX), Dallas-Fort Worth (DFW), Miami (MIA), Atlanta (ATL), and New 
York/Newark (JFK/EWR). The IAC pilot is now in effect at all U.S. 
airports.
    Over 65 percent of all cargo transported on passenger aircraft is 
carried on wide-body passenger aircraft, such as a B-767, from the 
airports listed above. Approximately 43 percent of cargo transported on 
wide-body aircraft originates in 6 of these airports. Thus, TSA focused 
its outreach for the pilot programs on the entities using the airports 
with the highest volume of cargo transported on wide body passenger 
aircraft. Industry agreed to participate in the pilots.
    TSA conducted outreach for the CCSP pilot program by contacting 120 
shippers and other entities in 9 major cities. The CCSP pilot focuses 
on the ability of these entities to screen cargo according to methods 
approved by TSA, primarily by physical search of the shipping box 
before it is closed, sealed, and leaves the facility using a secure 
chain of custody. Shippers, manufacturers, distributors, and third-
party logistics companies are in the best position to screen the 
contents of the box before it leaves their facility, as they know what 
should be in the box and can spot anomalies quickly. As long as the 
screening is conducted in accordance with TSA procedures and the chain 
of custody remains intact when the cargo is loaded on passenger 
aircraft, the cargo does not have to be rescreened.
    The IAC technology pilot is evaluating the effectiveness of cargo 
screening technology and processes recommended by TSA by commodity 
class at each participant's consolidation facility. Congressional 
appropriations provided TSA with funds for the screening of air cargo. 
TSA is using these funds in part to assist in the deployment of 
appropriate screening technology for use in the IAC pilot. The IAC 
technology pilot participants must use either x-ray or Explosive Trace 
Detection (ETD) equipment during the screening process. This pilot is 
also evaluating the IAC community's ability to screen cargo volumes, 
and the use of chain of custody procedures.
    When the IFR becomes effective, the CCSP pilot program will end. 
Participants will become CCSFs under the IFR. The IACs in the IAC 
technology pilot will continue to collect and submit information to TSA 
regarding the cargo screening technology until August 2010. TSA will 
collect information after the IFR becomes effective under OMB's 
Paperwork Reduction Act approval for the IFR; this information will 
include the data collected during the IAC technology pilot. After the 
completion of the IAC technology pilot, DHS will conduct an evaluation 
of the pilot.

III. TSA's Program for Achieving the Statutory Mandates for Cargo 
Loaded Domestically

    With respect to cargo loaded within the United States, TSA 
implemented two measures that assisted industry in achieving the 
requirement that 50 percent of cargo transported on passenger aircraft 
be screened by February 3, 2009. First, on August 1, 2008, TSA issued 
an amendment to the Aircraft Operator Standard Security Program that 
requires 100 percent screening of cargo transported on narrow-body 
passenger aircraft. Narrow-body aircraft represent 96 percent of all 
domestic passenger flights, and approximately one-quarter of all cargo 
on passenger aircraft travels on narrow-body aircraft. TSA has required 
that all cargo on narrow-body passenger aircraft, such as a B-737, must 
be screened. This requirement was a key component of achieving the 9/11 
Act's requirement to ensure that 50 percent of cargo on passenger 
aircraft was screened by February 2009. The second key component was to 
have IACs participating in the pilot program at the major gateway 
airports screen cargo prior to their consolidating the cargo for the 
airlines. Data from the pilot programs, as well as inspections by TSA 
Inspectors, demonstrates that industry has achieved the 50 percent 
milestone of the 9/11 Act.
    This rule is a key component of our strategy to maintain 50 percent 
screening as of February 3, 2009, and to

[[Page 47676]]

achieve 100 percent screening by August 3, 2010. The rule will allow 
shippers to screen their cargo prior to tendering it to the airlines. 
We have developed this IFR implementing the permanent CCSP based on 
lessons learned in the CCSP pilot program. We estimate that, at full 
implementation, certified cargo screening facilities and aircraft 
operators will screen cargo traveling on passenger aircraft as follows:
     Of the 4.3 billion pounds of cargo shipped on passenger 
aircraft annually, aircraft operators will screen 30 percent of the 
cargo or 1.3 billion pounds;
     CCSFs using screening equipment will screen 38 percent of 
the cargo or 1.6 billion pounds; and
     CCSFs using physical search methods to screen will screen 
32 percent of the cargo or 1.4 billion pounds.

IV. Organization of the Rule

    The section-by-section analysis below is organized sequentially to 
follow the CFR numbering. This rule amends a number of TSA's existing 
regulations and adds several new parts to the CFR. Briefly, these 
changes include the following:
     The rule expands 49 CFR part 1515 to provide redress 
procedures for individuals who undergo STAs in connection with their 
air cargo work for aircraft operators, certified cargo screening 
facilities, and validation firms, if they receive an adverse decision 
from TSA.
     The rule amends 49 CFR part 1520, the regulations 
governing sensitive security information (SSI), requiring these newly-
regulated populations, such as CCSFs and validators, to protect such 
information from disclosure.
     The rule adds a new 49 CFR part 1522, establishing a 
system to authorize TSA-approved validators to perform assessments of 
CCSFs. It also provides a framework for potential future use in other 
TSA programs.
     The rule amends the existing STA regulations in 49 CFR 
part 1540, subpart C, to encompass newly-required STAs for certain 
personnel of certified cargo screening facilities and approved 
validation firms. Also, the rule amends the list of biographic 
information that applicants and operators must provide TSA, so that TSA 
can conduct more efficient threat assessments. In addition, the rule 
adds provisions to facilitate the use of comparable threat assessments 
in place of the assessments that TSA requires in subpart C of part 
1540.
     The rule amends 49 CFR parts 1544 and 1546 to impose new 
requirements on U.S. aircraft operators and foreign air carriers with 
respect to the cargo screening and acceptance of cargo from CCSFs.
     The rule also amends 49 CFR parts 1544, 1546, and 1548 to 
clarify which individuals are subject to the STA requirements and to 
better reflect current TSA requirements in the standard security 
programs for U.S. aircraft operators, foreign air carriers, and IACs.
     The rule adds a new 49 CFR part 1549, which provides the 
regulatory requirements for facilities participating in the CCSP. 
Requirements include qualifications of screening personnel, STAs, 
adoption of security programs, and cargo screening procedures.

V. Section-by-Section Analysis

Part 1515--Appeal and Waiver Procedures for Security Threat Assessments 
for Individuals

Section 1515.1--Scope
    In part 1515, TSA sets forth redress procedures for many of the 
transportation workers who must successfully complete an STA. These 
STAs are described more fully in the Section-by-Section analysis for 
part 1540, subpart C. The redress procedures include administrative 
appeals, requests for waivers, and review of certain cases by 
administrative law judges. This rule amends Sec.  1515.1 to expand the 
scope of part 1515 to include applicants engaged in air cargo 
operations who work for certified cargo screening facilities or 
validation firms who have applied for an STA and wish to appeal an 
Initial Determination of Threat Assessment or an Initial Determination 
of Threat Assessment and Immediate Revocation.
Section 1515.9--Appeal of Security Threat Assessment Based on Other 
Analyses
    This rule revises Sec.  1515.9 to expand its scope to allow 
applicants engaged in air cargo operations who work for certified cargo 
screening facilities or validation firms to appeal an Initial 
Determination of Threat Assessment in which TSA has determined that the 
applicants pose a security threat under 49 CFR 1549.107.
Section 1515.11--Review by Administrative Law Judge and TSA Final 
Decision Maker
    This rule revises Sec.  1515.11 to allow applicants engaged in air 
cargo operations who work for certified cargo screening facilities or 
validation firms and who have received Final Determinations of Threat 
Assessment after appeals as described in Sec.  1515.9 to obtain review 
of these determinations by an administrative law judge and the TSA 
Final Decision Maker.

Part 1520--Protection of Sensitive Security Information

    Implementation of this rule will create new types of sensitive 
security information (SSI) and new populations of persons with access 
to, and responsibilities for, protecting all SSI. See Footnote 1. 
Therefore, TSA is making the following changes to part 1520, which 
implements the SSI program.
Section 1520.5--Sensitive Security Information
    This rule amends the list of information constituting SSI in Sec.  
1520.5 to include the SSI to be created under this rule. Specifically, 
TSA adds ``air cargo'' to paragraph (b)(1)(i) of this section, which 
contains the listing of security programs that constitute SSI. Such 
programs include those for IACs as well as for CCSFs and validation 
firms. TSA has determined that validation firm security programs 
(operating under part 1522) and CCSF security programs (operating under 
part 1549) to be SSI because they will contain specific information 
about how the operation will implement measures for personnel security, 
physical security, chain-of-custody controls, and other measures that--
if publicly disclosed--would allow a terrorist or other person with 
malicious intent to jeopardize air cargo security.
    In a related, clarifying change, this rule amends Sec.  1520.3 to 
remove the definition of ``security program.'' This definition, which 
is only used in Sec.  1520.5, is unnecessary, because it only describes 
which security programs are SSI, a subject which is entirely covered in 
Sec.  1520.5. Removing this duplicative provision will preclude 
possible confusion. TSA moved the phrase ``including any comments, 
instructions, or implementing guidance'' from the definition of 
security program to Sec.  1520.5(b)(1) to make clear that comments, 
instructions, and implementing guidance for security programs are 
protected in the same way as the security programs themselves.
Section 1520.7--Covered Persons
    This rule also amends the definition of ``covered person'' in Sec.  
1520.7 to include personnel of certified cargo screening facilities and 
of validation firms. These persons will have access to SSI, including 
security programs and applicable security directives and orders. 
Including these persons as ``covered individuals'' brings them within 
the scope of the responsibilities

[[Page 47677]]

for protecting SSI that are contained in 49 CFR 1520.9. These include 
the duty to protect SSI from disclosure and to report incidents of 
unauthorized disclosure to TSA.

Part 1522--TSA-Approved Validation Firms and Validators

    The provisions of part 1522 establish a system in which TSA 
approves validation firms; these firms are responsible for hiring 
individuals, called validators, who must have specific qualifications. 
These validators are responsible for conducting the assessments of the 
facility seeking certification or recertification as a CCSF operating 
under part 1549. The CCSF applicants (whether they are individual 
companies or IACs) will pay the validation firm for the validation 
assessment. TSA will not charge or establish a fee for that purpose.
    Firms that seek to perform the functions of validation firms for 
purposes of the CCSP must apply to TSA for approval and, once approved, 
must perform the functions in accordance with TSA's requirements. The 
criteria for approval and the performance requirements are set forth in 
part 1522 and described below. Part 1522 also addresses the 
qualifications and responsibilities of individual validators, who, on 
behalf of a validation firm, actually perform the assessments of 
persons, operations, or facilities regulated under this chapter.
Section 1522.1--Scope and Terms Used in This Part
    Section 1522.1(a) explains that part 1522 governs the use of 
private firms employing individual validators to assess whether certain 
persons regulated by TSA are complying with security programs 
applicable to those persons and other TSA requirements.
    Paragraph (b) of Sec.  1522.1 defines the terms used in part 1522. 
The rule defines ``TSA-approved validation firm'' or ``validation 
firm'' as a firm that has received TSA's approval to make such 
assessments on whether regulated persons have complied with security 
programs and other TSA requirements applicable to those persons. The 
rule defines ``applicant'' as a firm seeking to become a TSA-approved 
validation firm. The rule's definition of ``firm'' includes business 
enterprises, including individuals operating as a business, as well as 
other non-governmental organizations, such as non-profit corporations. 
The term ``validator'' means the particular individual assigned by the 
validation firm to perform a given assessment; thus, the terms 
``validation firm'' and ``validator'' are not synonymous. The term 
``assessment'' as defined in Sec.  1522.1, refers to the validator's 
evaluation of compliance with the relevant requirements of a security 
program.
    The rule also defines the term ``national of the United States.'' 
For purposes of this rule, `national' means a citizen of the United 
States, or a person who, though not a citizen, owes permanent 
allegiance to the United States, as defined in 8 U.S.C. 1101(a)(22), 
and includes American Samoa and Swains Island. It is consistent with 
the definition of the same term (49 CFR 1570.3) in the Maritime and 
Land Transportation Security regulations and with the definition in 8 
U.S.C. 1101(a)(22).
    Validation firms and validators must be free of conflicts of 
interest to perform assessments for TSA programs. Section 1522.129(a) 
requires validation firms to maintain records demonstrating compliance 
with this regulation, including the conflict-of-interest requirements. 
As part of the inspection process, TSA may review records concerning a 
facility's compliance with conflict of interest provisions.
    Section 1522.1(b) defines ``conflict of interest'' as a situation 
in which a relationship with, or a financial interest in, the person 
being assessed may adversely affect the impartiality of the assessment. 
This definition encompasses the validation firm as an entity, as well 
as the individuals of the firm who will be conducting, or assisting in 
conducting, the assessment, and their immediate family members. This 
definition is derived in part from the Government Auditing Standards 
established by the Government Accountability Office (GAO) for ensuring 
that Government auditors or their employees do not have business or 
personal impairments that would interfere with their ability to 
maintain their independence. See GAO, Government Auditing Standards 
(July 2007), ch. 3. The definition is also derived, in part, from the 
post-governmental employment restrictions applicable to Federal 
employees.
    The definition of ``conflict of interest'' in Sec.  1522.1(b) 
contains several examples. It includes examples of conflict-of-interest 
situations applicable to a validation firm as an entity, such as 
parent-subsidiary relationships and common management or organizational 
governance (for example, interlocking boards of directors). It also 
includes an example of a conflict of interest situation in which the 
validation firm, or validator, or the individual assisting the 
validator, or his or her immediate family member as an individual, is a 
creditor or debtor of the person being assessed. It also lists examples 
of conflicts of interest related to financial interests, such as 
investments in debt and equity, in the person being assessed.
    The other examples of conflict of interest in the definition 
address situations in which the validator or an individual assisting 
the validator, or his or her immediate family member, is a former 
employee, officer, or contractor including a consultant of the person 
being assessed. If the former duties and responsibilities of the 
validator or individual assisting the validator involved the operations 
or functions to be assessed, he or she has a permanent conflict of 
interest; such an individual may never conduct or assist in conducting 
an assessment of an operation or function with respect to which he or 
she had duties or responsibilities. If the former duties and 
responsibilities of the validator or individual assisting the validator 
did not involve the operations or functions to be assessed, he or she 
must observe a two-year ``cooling-off period'' during which he or she 
may not conduct assessments of his or her former employer. These 
concepts are consistent with the post-employment restrictions 
applicable to governmental employees found at 18 U.S.C. 207. 
Individuals who are former employees of the person being assessed who 
will not be conducting or assisting in the assessment do not create a 
conflict of interest if they are segregated from the assessment work.
Section 1522.3--Fraud and Intentional Falsification of Records
    Section 1522.3 includes provisions that prohibit any person, 
whether the validation firm, the validator, or another individual, from 
making or providing any fraudulent or intentionally false statements, 
reports, records, access mediums, or identification. The same 
prohibitions apply to persons regulated under TSA's Civil Aviation 
Security regulations; see 49 CFR 1540.103, on which this section is 
based. Any intentional falsification or fraud may constitute a basis 
for TSA to withdraw the validator's approval. In addition, any 
intentional falsification or fraud may constitute a violation of 
certain criminal laws such as 18 U.S.C. 1001. In appropriate cases TSA 
will refer potential criminal violations to the U.S. Attorney for 
investigation.
Section 1522.5--TSA Inspection Authority
    Section 1522.5 sets out TSA's broad authority to inspect a 
validation firm

[[Page 47678]]

and a validator, including on-site inspections and the copying of 
records. TSA needs such broad authority to perform its role in 
monitoring compliance with this part. Paragraph (a) requires each 
validation firm to allow TSA to enter the facility to make inspections 
or tests, including copying records. A validation firm's operations are 
unlikely to give rise to the kinds of emergencies that would require 
after-hours inspections, so this paragraph only refers to TSA 
inspections during normal business hours. This paragraph also provides 
that the inspection may be without advance notice. While TSA expects 
often to provide advance notice of an inspection, we must have the 
ability to do so unannounced to verify compliance by the validation 
firm and its personnel and to otherwise assess security. The 
inspections referred to in paragraph (a) include inspections for 
compliance with the statute and TSA rules, and includes inspections 
that TSA may make to carry out duties assigned to TSA in 49 U.S.C. 
114(f), as set out in Sec.  1522.5(a)(2).
    Section 1522.5(b) provides that at the request of TSA each 
validation firm and validator must provide evidence of compliance with 
the TSA regulations, which are located in 49 CFR chapter XII, including 
parts 1500-1699. This may include providing records to TSA or other 
evidence to show compliance. Paragraph (c) provides that TSA and DHS 
officials working with TSA may conduct inspections without access media 
issued or approved by a validation firm or other person. This is to 
facilitate the inspection process and make it possible for TSA to 
conduct unannounced inspections. It is based on a similar provision in 
Sec.  1542.5(e) that applies to airport operators. Taken as a whole, 
this section will allow TSA to evaluate the validation firm's and the 
validator's respective performance, and to evaluate the reliability of 
the validator's assessments.
Section 1522.101--Applicability
    Subpart B, which begins at Sec.  1522.101, applies specifically to 
the use of TSA-approved validation firms and validators in the context 
of the CCSP. Each facility that seeks to be a CCSF will need to engage 
a validation firm to assess whether that facility complies with the 
security program that TSA requires under 49 CFR 1549.5.
Section 1522.103--Requirements for Validation Firms
    Section 1522.103 establishes the general requirements for 
validation firms. Paragraph (a) states the fundamental requirement, 
which is that the firm must have the necessary facilities, resources, 
and personnel to conduct assessments. Among other things, this 
requirement entails the demonstrated capability to define, execute, and 
document standardized business processes. The validation firm must also 
demonstrate its capability to hire and train personnel to perform 
operations similar to the assessments required under this subpart and 
part 1549. The purpose of this requirement is to establish a basis on 
which TSA may evaluate whether a firm has the experience and 
capabilities to perform as a validation firm.
    Paragraph (b) provides that each validation firm must have a 
Security Coordinator and one or more alternates. This provision is 
based on the concept of Security Coordinator for IACs as implemented in 
49 CFR 1548.13. These individuals must be senior officers or employees 
to ensure that they have the authority necessary to fulfill their 
functions. They serve as the validation firm's primary point of contact 
with TSA on security-related matters. Because a validation firm has a 
support (as opposed to an operational) role in the certified cargo 
security program, the Security Coordinator or an alternate must be 
available during regular business hours (rather than on a 24-hour 
basis). Also, the Security Coordinator and alternates bear the 
responsibility of immediately initiating corrective action if the firm 
discovers an instance of non-compliance with any applicable TSA 
security requirement. These requirements ensure that each validation 
firm has at least one readily available and accountable individual with 
adequate authority to monitor security-related matters.
    Under paragraph (c) of Sec.  1522.103, the validation firm must 
hold and carry out a TSA-approved security program. This topic is 
covered in more detail in the discussion of Sec.  1522.105, below.
    Paragraph (d) of Sec.  1522.103 imposes an affirmative obligation 
on the validation firm to ensure that its personnel carry out the 
requirements of TSA's regulations and the security program. 
``Personnel'' includes direct employees, contractors, agents, and other 
persons acting on behalf of the validation firm.
    Finally, paragraph (e) requires the validation firm to notify TSA 
of all pertinent changes in information that the validation firm must 
submit to TSA. Examples of such information include changes of address, 
changes in the identity of the Security Coordinator or alternates, and 
significant changes in the ownership of the firm. A significant change 
in the ownership would include, for example, acquisition of the firm by 
another business entity, or the form of the firm's organization, for 
example, incorporation. It would not include a minor change in the 
identity of shareholders.
Section 1522.105--Adoption and Implementation of the Security Program
    Paragraph (a) of Sec.  1522.105 provides that a validation firm 
must hold and carry out an approved security program in order to 
operate as a validation firm. Paragraph (b) outlines the requirements 
for the content of the validation firm standard security program. These 
requirements are generally consistent with the similar requirement for 
IACs in part 1548.
    Paragraph (b)(1) states the fundamental purpose of the security 
program, which is to provide for the security of aircraft and protect 
against threats to air security. Paragraph (b)(1) thus establishes that 
validation firms, even though they serve a supporting role, are 
important components in the overall certified cargo security program.
    Key among these requirements for security programs is that the 
programs must specify the processes and procedures that the firm will 
use to maintain the qualifications of its validators and its personnel 
assisting validators with assessments. This is important, because the 
quality of the validation firm's operational performance depends 
primarily on the expertise of its personnel, especially the validators. 
Thus, the security program must describe in detail how the validation 
firm will maintain the current qualifications, accreditations, 
credentials, training, and STAs for its relevant personnel.
    The security program must also include provisions for a Security 
Coordinator, as well as for setting managerial responsibilities for 
ensuring that the firm's personnel carry out their responsibilities 
under TSA regulations and the security program.
    Paragraph (c) of Sec.  1522.105 sets out procedures by which an 
applicant or a validation firm may request amendments to a security 
program. Paragraph (d) sets out the process by which TSA will initiate 
amendment of a security program. Paragraph (e) covers emergency 
amendments, which TSA may make without prior notice and which take 
effect immediately. The provisions of paragraphs (c), (d), and (e) are 
analogous to similar provisions relating to IAC security programs (49 
CFR 1548.7), which provides that TSA may issue emergency amendments to 
aircraft operators if there is an emergency requiring immediate action

[[Page 47679]]

with respect to safety in air transportation or in air commerce that 
makes procedures in Sec.  1522.105 contrary to the public interest; 
such provisions establish an orderly process for revising security 
programs when circumstances change. Similar provisions exist in 49 CFR 
1542.105(d) (airport operators), 1544.105(d) (aircraft operators), 
1546.105(d) (foreign air carriers), and 1548.7(e) (indirect air 
carriers). Paragraph (f), parallel with 49 CFR 1548.5(d), provides 
basic requirements on availability of the security program to the 
firm's personnel and to TSA and requires measures to protect it as SSI.
Section 1522.107--Application
    Section 1522.107 sets out the procedures by which a firm may apply 
for approval to operate as a validation firm. TSA will prescribe the 
form and manner of the application, which must be in writing and 
submitted at least 90 days in advance.
    Paragraph (a) enumerates the required items that applicants must 
include in their applications. Among other items, applicants must 
include a statement declaring whether the applicant is a small 
business; the collection of this information assists TSA in developing 
appropriate civil penalty formulas.
    Paragraph (b) of Sec.  1522.107 discusses the next step in the 
application process. After TSA receives the initial application 
specified in paragraph (a), and after the applicant's Security 
Coordinator has successfully completed a STA, TSA will send the 
validation firm, via the Security Coordinator, a copy of the Validation 
Firm Standard Security Program. TSA anticipates that all information 
will be sent to participants via electronic means in a password 
protected mode. TSA also plans to develop a secure Web address that 
will be available to the participating validation firms to obtain 
copies of the security program. The validation firm must also submit a 
supplement to its security plan that specifies processes and procedures 
that the firm will use to maintain the qualification of its validators 
and its personnel assisting validators with assessments to the 
designated TSA official for approval. This provision establishes a 
baseline of standardization, while allowing for flexibility in 
appropriate circumstances. TSA will seek comment on the validation firm 
security program from applicants as part of the application process. 
Thereafter, any approved validation firm may request amendments to its 
security program.
Section 1522.109--TSA Review and Approval
    Paragraph (a) of Sec.  1522.109 lists the criteria that TSA will 
employ in reviewing an application submitted under Sec.  1522.107. As 
provided in paragraph (b), TSA will approve or disapprove the 
application based on these criteria. In either case, TSA will provide 
written notice to the applicant. In the case of an approval, TSA may 
approve or require modifications to the security program applicable to 
the applicant. The validation firm will also demonstrate to TSA how the 
validators employed by the firm will meet TSA qualifications. In the 
case of a disapproval, TSA will state the basis for the disapproval in 
writing.
    Under paragraphs (b)(1) and (2), a validation firm may commence 
operations only after it receives approval of its security program and 
approval to operate as a validation firm, and after the relevant 
personnel have completed all required training and STAs. These 
paragraphs make it clear that the validation firm must satisfy all of 
these elements before the validation firm may conduct assessments.
    As provided in paragraph (c), the duration of an approval granted 
under this section is 12 months.
    The following table demonstrates the certification and training 
cycles for CCSFs and validation firms.

----------------------------------------------------------------------------------------------------------------
                                     IAC operating
                                      certificate       Validation firm
                                       (renewal       operating approval     Certification    Recurrent training
                                     application)
----------------------------------------------------------------------------------------------------------------
Shipper/CCSF....................  N/A...............  N/A...............  Every three years.  Annually.
IAC/CCSF........................  Annually..........  N/A...............  Every three years.  Annually.
Validation Firm/Validator.......  N/A...............  Annually..........  N/A...............  Annually.
----------------------------------------------------------------------------------------------------------------

Section 1522.111--Reconsideration of Disapproval of an Application
    Section 1522.111 describes the review and petition process for 
TSA's reconsideration of disapproval of the validator's application. If 
an applicant challenges the disapproval, the applicant must submit a 
written petition for reconsideration within 30 days of receipt of the 
notice of disapproval. The petition must include a statement, with 
supporting documentation, explaining why the applicant believes the 
application meets the criteria of Sec.  1522.103. Reconsideration may 
result in confirmation of the disapproval or in an approval. 
Disposition pursuant to this section constitutes a final agency action 
for purposes of review under 49 U.S.C. 46110.
Section 1522.113--Withdrawal of Approval
    Section 1522.113 establishes procedures by which TSA may withdraw a 
previously-granted approval of a validation firm. This may occur if the 
validation firm no longer meets the qualification standards, if the 
validation firm fails to conduct assessments in compliance with TSA's 
requirements, or if withdrawal is in the interest of security or the 
public. 49 CFR 1522.113(a). If TSA withdraws a validation firm's 
approval, the validation firm must immediately stop performing any and 
all activities related to assessments. In determining whether 
withdrawal is appropriate, TSA considers the number, frequency, and 
severity of security violations committed by a regulated party. If TSA 
determines withdrawal is appropriate, TSA will remove the validation 
firm from the list of approved validation firms.
    Under paragraph (b) of Sec.  1522.113, TSA will provide the 
validation firm with a written notice of proposed withdrawal of 
approval that will include a statement of the basis for the proposed 
withdrawal of approval. Paragraph (c) provides for immediate withdrawal 
of approval in emergency circumstances. Upon receipt of a notice of 
emergency withdrawal under paragraph (c), the validation firm must 
immediately stop performing assessments, and must discontinue any 
assessments in progress. Paragraphs (d) and (e) provide a 
reconsideration procedure that may result in confirmation of the 
withdrawal of approval or in a decision to allow the validation to 
retain (or regain) its approval. Disposition pursuant to this section 
constitutes a final agency action

[[Page 47680]]

for purposes of review under 49 U.S.C. 46110.
Section 1522.115--Review of TSA Approval
    It is important that validation firms meet TSA's standards both 
before and after they begin performing validations. TSA will actively 
monitor validations through a process of initial and recurrent reviews. 
Approved validation firms must apply for renewal of approval annually. 
During these reviews, TSA will examine, among other things, whether the 
validation firm's personnel have received required training and whether 
the relevant personnel have maintained the required accreditations and/
or certifications. The review will also focus on the firm's compliance 
with part 1522 and with its security program.
Section 1522.117--Qualifications for Validators
    Section 1522.117 prescribes the necessary qualifications for 
individuals selected by validation firms to serve as validators for 
particular assessments. The requirements establish minimum levels of 
expertise and experience that an individual must have before he or she 
may be employed as a validator. As explained in the discussion of Sec.  
1522.123 below, a properly qualified validator must be directly 
responsible for the conduct of each assessment. A validation firm may 
assign an individual to be a validator with direct responsibility for 
an assessment only if the individual meets the qualifications specified 
in Sec.  1522.117(a)(1)-(5) described below. The validation firm will 
be responsible for determining whether an individual has the 
appropriate qualifications to serve as a validator, and TSA will 
inspect for compliance with these requirements.
    Pursuant to paragraph (a)(1) of Sec.  1522.117, an individual must 
be a U.S. citizen or national, or be an alien lawfully admitted to the 
United States as a Lawful Permanent Resident (LPR) in order to function 
as a validator. For aliens to become LPRs (commonly referred to as 
``green card'' holders), the U.S. Government must have determined that 
they are admissible to the United States as immigrants; that 
determination requires security and criminal checks. TSA will allow 
LPRs to function as validators based on the fact that the U.S. 
Government has already performed security and criminal checks on these 
individuals.
    Validators must have extensive experience in conducting 
assessments, inspections, or audits before undertaking duties under 
this part. Paragraph (a)(2) identifies two bases on which individuals 
can establish they possess the appropriate level of experience. Under 
the first basis, he or she must have an accreditation or certification 
from an organization that TSA recognizes as qualified to certify or 
accredit a validator assessing facilities, such as certified cargo 
screening facilities, or the individual must have five years or more 
experience in conducting inspections under State or Federal regulatory 
programs in the security industry, the aviation industry, or other 
government programs. TSA will review the accreditation of a validator 
when the validation firm submits a plan to TSA demonstrating how the 
firm will ensure that the validators in the firm meet TSA 
qualifications. If a validator does not meet the accreditation 
standards, TSA may deny approval to the validation firm or may approve 
the firm but direct that the individual without the necessary 
accreditation not be used for the CCSP program.
    Examples of an organization qualified to accredit a validator would 
include the International Standards Organization and ASIS 
International. TSA will make publicly available on the TSA public Web 
site a list of acceptable accreditation or certification organizations. 
The individual must have had this experience within the past ten years. 
Under the second basis, he or she must show relevant experience and 
expertise by having been employed by a Federal or State government 
agency as an inspector, assessor, or auditor in assessment or 
inspection tasks similar to the assessments under this part. Inspectors 
for governmental agencies receive thorough training and are subject to 
rigorous qualification standards. For example, a former Department of 
Transportation safety inspector would presumably have this kind of 
experience.
    Under paragraph (a)(3), the individual must have three current 
professional references. The purpose of this requirement, which is 
related to the requirements of paragraph (a)(2), is to allow the 
validation firm and TSA to further verify the experience and expertise 
of the validator.
    The expertise and experience of the validators is a critical 
component of this program. Paragraph (a)(4) states the requirement that 
validators must understand the requirements of the program in order to 
perform their functio