Proposed Rule2023-10131
Vetting of Certain Surface Transportation Employees
Primary source
Metadata and text below are from the Federal Register, a public-domain U.S. government work. Always verify the official published version before relying on it for any legal matter.
Published
May 23, 2023
Issuing agencies
Homeland Security DepartmentTransportation Security Administration
Abstract
The Transportation Security Administration (TSA) is proposing a regulation to implement provisions of the Implementing Recommendations of the 9/11 Commission Act of 2007 (9/11 Act) that require security vetting of certain public transportation, railroad, and over-the-road-bus (OTRB) employees. In accordance with the 9/11 Act, TSA proposes to require security-sensitive employees of certain public transportation operators and railroads to undergo a Level 2 security threat assessment (STA) that includes an immigration check and terrorism watchlist check to determine whether the applicant may pose a security threat. Further, TSA proposes to require security coordinators of certain public transportation, railroad, and OTRB operators to undergo a Level 3 STA, which includes the Level 2 check plus a criminal history records check. TSA proposes appeal and waiver procedures for individuals who are adversely impacted by the vetting. Finally, TSA proposes to establish user fees to recover TSA's costs for vetting, as required by law.
Full Text
<html>
<head>
<title>Federal Register, Volume 88 Issue 99 (Tuesday, May 23, 2023)</title>
</head>
<body><pre>
[Federal Register Volume 88, Number 99 (Tuesday, May 23, 2023)]
[Proposed Rules]
[Pages 33472-33522]
From the Federal Register Online via the Government Publishing Office [<a href="http://www.gpo.gov">www.gpo.gov</a>]
[FR Doc No: 2023-10131]
[[Page 33471]]
Vol. 88
Tuesday,
No. 99
May 23, 2023
Part V
Department of Homeland Security
-----------------------------------------------------------------------
Transportation Security Administration
-----------------------------------------------------------------------
49 CFR Parts 1500, 1530, 1570, et al.
Vetting of Certain Surface Transportation Employees; Proposed Rule
��Federal Register / Vol. 88 , No. 99 / Tuesday, May 23, 2023 /
Proposed Rules��
[[Page 33472]]
-----------------------------------------------------------------------
DEPARTMENT OF HOMELAND SECURITY
Transportation Security Administration
49 CFR Parts 1500, 1530, 1570, 1572, 1580, 1582, 1584
[Docket No. TSA-2023-0001]
RIN 1652-AA69
Vetting of Certain Surface Transportation Employees
AGENCY: Transportation Security Administration, DHS.
ACTION: Notice of proposed rulemaking (NPRM).
-----------------------------------------------------------------------
SUMMARY: The Transportation Security Administration (TSA) is proposing
a regulation to implement provisions of the Implementing
Recommendations of the 9/11 Commission Act of 2007 (9/11 Act) that
require security vetting of certain public transportation, railroad,
and over-the-road-bus (OTRB) employees. In accordance with the 9/11
Act, TSA proposes to require security-sensitive employees of certain
public transportation operators and railroads to undergo a Level 2
security threat assessment (STA) that includes an immigration check and
terrorism watchlist check to determine whether the applicant may pose a
security threat. Further, TSA proposes to require security coordinators
of certain public transportation, railroad, and OTRB operators to
undergo a Level 3 STA, which includes the Level 2 check plus a criminal
history records check. TSA proposes appeal and waiver procedures for
individuals who are adversely impacted by the vetting. Finally, TSA
proposes to establish user fees to recover TSA's costs for vetting, as
required by law.
DATES: Submit comments on or August 21, 2023.
ADDRESSES: You may submit comments, identified by the TSA docket number
to this rulemaking, to the Federal Docket Management System (FDMS), a
government-wide, electronic docket management system. To avoid
duplication, please use only one of the following methods:
<bullet> Electronic Federal eRulemaking Portal: <a href="https://www.regulations.gov">https://www.regulations.gov</a>. Follow the online instructions for submitting
comments.
<bullet> Mail: Docket Management Facility (M-30), U.S. Department
of Transportation, 1200 New Jersey Avenue SE, West Building Ground
Floor, Room W12-140, Washington, DC 20590-0001. The U.S. Department of
Transportation (DOT), which maintains and processes TSA's official
regulatory dockets, will scan the submission and post it to FDMS.
<bullet> Fax: (202) 493-2251.
See SUPPLEMENTARY INFORMATION section for format and other
information about comment submissions.
FOR FURTHER INFORMATION CONTACT: For program questions: Victor Parker,
Surface Division, Policy, Plans, and Engagement, TSA-28, Transportation
Security Administration, 6595 Springfield Center Drive, Springfield, VA
20598-6002; telephone (571) 227-1039; email <a href="/cdn-cgi/l/email-protection#3e685b4a4a5750596e5152575d477e4a4d5f105a564d10595148"><span class="__cf_email__" data-cfemail="c197a4b5b5a8afa691aeada8a2b881b5b2a0efa5a9b2efa6aeb7">[email protected]</span></a>.
For legal questions: Christine Beyer, Chief Counsel's office, TSA-
2, Transportation Security Administration, 6595 Springfield Center
Drive, Springfield, VA 20598-6002; telephone (571) 227-3653; email
<a href="/cdn-cgi/l/email-protection#e98a819b809a9d80878cc78b8c908c9ba99d9a88c78d819ac78e869f"><span class="__cf_email__" data-cfemail="096a617b607a7d60676c276b6c706c7b497d7a68276d617a276e667f">[email protected]</span></a>.
SUPPLEMENTARY INFORMATION:
Public Participation
TSA invites interested persons to participate in this rulemaking by
submitting written comments, data, or views. We also invite comments
relating to the economic, environmental, energy, or federalism impacts
that might result from this rulemaking action, as well as on TSA's
collections of information under the Paperwork Reduction Act as
described further below. You may submit comments, identified by the TSA
docket number for this rulemaking, to the ADDRESSES noted above. With
each comment, please include this docket number at the beginning of
your comments. You may submit comments and material electronically, in
person, by mail, or fax as provided under ADDRESSES, but please submit
your comments and material by only one means. If you submit comments by
mail or in person submit them in an unbound format, no larger than 8.5
by 11 inches, suitable for copying and electronic filing. If you would
like TSA to acknowledge receipt of comments submitted by mail, include
with your comments a self-addressed, stamped postcard or envelope on
which the docket number appears. TSA will stamp the date on the
postcard and we will mail it to you.
All comments, except those that include confidential information
and sensitive security information (SSI) \1\ will be posted to <a href="https://www.regulations.gov">https://www.regulations.gov</a>, and will include any personal information you have
provided. Should you wish your personally identifiable information
redacted prior to filing in the docket, please clearly indicate this
request in your submission. TSA will consider all comments that are in
the docket on or before the closing date for comments and will consider
comments filed late to the extent practicable. The docket is available
for public inspection before and after the comment closing date.
---------------------------------------------------------------------------
\1\ ``Sensitive Security Information'' or ``SSI'' is information
obtained or developed in the conduct of security activities, the
disclosure of which would constitute an unwarranted invasion of
privacy, reveal trade secrets or privileged or confidential
information, or be detrimental to the security of transportation.
The protection of SSI is governed by 49 CFR part 1520.
---------------------------------------------------------------------------
Handling of Confidential or Proprietary Information and SSI Submitted
in Public Comments
Do not submit comments that include trade secrets, confidential
commercial or financial information, or SSI to the public regulatory
docket. Comments containing this type of information should be
submitted separately from other comments, appropriately marked as
containing such information, and submitted by mail to one of the
addresses listed in the FOR FURTHER INFORMATION CONTACT section. TSA
will take the following actions for all submissions containing SSI:
<bullet> TSA will not place comments containing SSI in the public
docket and will handle them in accordance with applicable safeguards
and restrictions on access.
<bullet> TSA will hold documents containing SSI, confidential
business information, or trade secrets in a separate file to which the
public does not have access, and place a note in the public docket
explaining that commenters have submitted such documents.
<bullet> TSA may include a redacted version of the comment in the
public docket.
<bullet> TSA will treat requests to examine or copy information
that is not in the public docket as any other request under the Freedom
of Information Act (FOIA) (5 U.S.C. 552) and the Department of Homeland
Security's (DHS') FOIA regulation found in 6 CFR part 5.
Privacy Act
Please be aware that anyone is able to search the electronic form
of all comments in any of our dockets by the name of the individual who
submitted (or signed the comment (e.g., if submitted by an association,
business, labor union, etc.) For more about privacy and the docket,
review the Privacy and Security Notice for the FDMS at <a href="https://www.regulations.gov/privacyNotice">https://www.regulations.gov/privacyNotice</a>, as well as the System of Records
Notice DOT/ALL 14--Federal Docket Management System (73 FR
[[Page 33473]]
3316, January 17, 2008) and the System of Records Notice DHS/ALL 044--
eRulemaking (85 FR 14226, March 11, 2020).
Reviewing Docket Comments and Documents
You can review TSA's electronic public docket at <a href="https://www.regulations.gov">https://www.regulations.gov</a>. In addition, DOT's Docket Management Facility
provides a physical facility, staff, equipment, and assistance to the
public. To obtain assistance or to review items in TSA's public docket,
you may visit this facility between 9 a.m. and 5 p.m., Monday through
Friday, excluding legal holidays, or call (202) 366-9826. This DOT
operations facility is located in the West Building Ground Floor, Room
W12-140 at 1200 New Jersey Avenue SE, Washington, DC 20590.
You can find an electronic copy of rulemaking documents through the
internet by-searching the electronic FDMS web page at <a href="https://www.regulations.gov">https://www.regulations.gov</a>; or at <a href="https://www.federalregister.gov">https://www.federalregister.gov</a>. In
addition, copies are available by writing or calling the individual in
the FOR FURTHER INFORMATION CONTACT section. Make sure to identify the
docket number of this rulemaking.
Abbreviations and Terms Used in This Document
ALJ--Administrative Law Judge
ATSA--Aviation and Transportation Security Act
CBP--U.S. Customs and Border Protection
CFR--Code of Federal Regulations
CHRC--Criminal History Records Check
CJIS--Criminal Justice Information Services
DHS--U.S. Department of Homeland Security
DOE--Determination of Eligibility
ESVP--Enrollment Services and Vetting Programs
FAST--Free and Secure Trade Program
FBI--Federal Bureau of Investigation
FDI--Final Determination of Ineligibility
HME--Hazardous Materials Endorsement
IDENT--Automated Biometrics Identification System
NPRM--Notice of Proposed Rulemaking
OTRB--Over-the-Road Bus
PDI--Preliminary Determination of Ineligibility
PDIIR--Preliminary Determination of Ineligibility with Immediate
Revocation
SAVE--Systematic Alien Verification for Entitlements Program
SENTRI--Secure Electronic Network for Travelers Rapid Inspection
Program
SSI--Sensitive Security Information
STA--Security Threat Assessment
TSA--Transportation Security Administration
TWIC--Transportation Worker Identification Credential
U.S.C.--United States Code
USCIS--U.S. Citizenship and Immigration Services
Table of Contents
I. Executive Summary
A. Purpose of the Regulation
B. Summary of Major Provisions
II. Background
A. Statutory and Regulatory History
B. Specific Provisions
1. Security-Sensitive Employees
2. Security Coordinators
3. IDENT and Rap Back
4. Identity Verification
5. Use of TSA Enrollment Centers
6. Vetting Structure
7. Effective Dates and Compliance
III. Analysis of Proposed Part 1530
A. Introduction
B. Proposed Subpart A--General
1. Proposed Sec. 1530.1
2. Proposed Sec. 1530.3
3. Proposed Sec. 1530.5
4. Proposed Sec. 1530.7
5. Proposed Sec. 1530.9
6. Proposed Sec. 1530.11
7. Proposed Sec. 1530.13
C. Proposed Subpart B--Individual Enrollment Requirements
Continuing Responsibilities
1. Introduction
2. Proposed Sec. 1530.101
3. Proposed Sec. 1530.103
4. Proposed Sec. 1530.105
5. Proposed Sec. 1530.107
6. Proposed Sec. 1530.109
D. Proposed Subpart C--Reserved
E. Proposed Subpart D--Fees
1. Introduction
2. Costs
3. Populations
4. Fees
5. Proposed Sec. 1530.301
6. Proposed Sec. 1530.303
7. Proposed Sec. 1530.305
8. Proposed Sec. 1530.307
9. Proposed Sec. 1530.309
F. Proposed Subpart E--Adjudication Procedures
1. Introduction
2. Proposed Sec. 1530.401
3. Proposed Sec. 1530.403
4. Proposed Sec. 1530.405
5. Sections 1530.407, 1530.409, 1530.411--Reserved
6. Proposed Sec. 1530.413
7. Proposed Sec. 1530.415
8. Proposed Sec. 1530.417
9. Proposed Sec. 1530.419
G. Proposed Subpart F--Standards
1. Introduction
2. Proposed Sec. 1530.501
3. Proposed Sec. 1530.503
4. Proposed Sec. 1530.505
5. Proposed Sec. 1530.507
6. Proposed Sec. 1530.509
H. Proposed Subpart G--Appeal and Waiver Procedures for Security
Threat Assessments
1. Introduction
2. Proposed Sec. 1530.601
3. Proposed Sec. 1530.603
4. Exhaustion of Administrative Remedies
5. Proposed Sec. 1530.605
6. Proposed Sec. 1530.607
7. Proposed Sec. 1530.609
8. Proposed Sec. 1530.611
9. Proposed Sec. 1530.613
IV. Analysis of Proposed Changes to Parts 1500, 1570, 1572, 1580,
1582, and 1584
A. Introduction
B. Proposed Changes to Part 1500
C. Proposed Changes to Part 1570
D. Proposed Changes to Part 1572
E. Proposed Changes to Part 1580
1. Proposed Sec. 1580.301
2. Proposed Sec. 1580.303
3. Proposed Sec. 1580.305
4. Proposed Sec. 1580.307
F. Proposed Changes to Part 1582
1. Proposed Sec. 1582.201
2. Proposed Sec. 1582.203
3. Proposed Sec. 1582.205
4. Proposed Sec. 1582.207
G. Proposed Changes to Part 1584
1. Proposed Sec. 1584.201
2. Proposed Sec. 1584.203
3. Proposed Sec. 1584.205
4. Proposed Sec. 1584.207
I. Executive Summary
A. Purpose of the Regulation
This proposed rulemaking would serve three purposes:
(1) Surface transportation security vetting. The NPRM proposes to
implement requirements in the 9/11 Act \2\ to vet certain public
transportation, railroad, and OTRB employees:
---------------------------------------------------------------------------
\2\ The Implementing Recommendations of the 9/11 Commission Act,
Public Law 110-53 (121 Stat. 266; Aug. 3, 2007).
---------------------------------------------------------------------------
<bullet> Conduct a ``name-based security background check against
the consolidated terrorist watchlist and an immigration check'' for
frontline public transportation employees \3\ and frontline railroad
employees.\4\
---------------------------------------------------------------------------
\3\ 9/11 Act, sec. 1411; codified at 6 U.S.C. 1140.
\4\ 9/11 Act, sec. 1520.
---------------------------------------------------------------------------
<bullet> Require security coordinators of railroads \5\ and OTRBs
\6\ to be U.S. citizens, unless TSA waives this requirement after an
appropriate background check of the individual and a satisfactory
review of the consolidated terrorist watchlist.
---------------------------------------------------------------------------
\5\ 9/11 Act, sec. 1512; codified at 6 U.S.C. 1162(e)(2).
\6\ 9/11 Act, sec. 1531; codified at 6 U.S.C. 1181.
---------------------------------------------------------------------------
(2) Fees. TSA is proposing an equitable fee schedule to recover the
costs of vetting services. TSA must sustain vetting programs, like
those proposed in this rulemaking, through user fees in accordance with
6 U.S.C. 469, Fees for Credentialing and Background Investigations in
Transportation.
(3) Redress. The 9/11 Act provides that if TSA issues a regulation
requiring operators to conduct vetting of public transportation \7\ and
railroad employees,\8\ TSA must require the operators to provide appeal
and waiver procedures, like the procedures TSA
[[Page 33474]]
established in the Transportation Worker Identification Credential
(TWIC) program in accordance with 46 U.S.C. 70105 and codified at 49
CFR parts 1515, 1572. TSA proposes appeals, waivers, review by
Administrative Law Judges (ALJs), and review by the TSA Final Decision
Maker for individuals who are adversely affected by the vetting.
---------------------------------------------------------------------------
\7\ 9/11 Act sec. 1414; codified at 6 U.S.C. 1143(d).
\8\ 9/11 Act sec. 1522; codified at 6 U.S.C. 1170(d).
---------------------------------------------------------------------------
B. Summary of Major Provisions
In accordance with the 9/11 Act and risk-based principles, TSA
proposes to require frontline or ``security-sensitive'' employees of
public transportation and railroad operators to undergo a Level 2 STA,
which includes an immigration check and a terrorism check and other
analyses (terrorism/other analyses).\9\ Specifically, sections 1411 and
1520 of the 9/11 Act require TSA to conduct terrorist and immigration
status vetting of public transportation and railroad employees, similar
to the check TSA conducted in 2006 in the maritime sector. In sections
1143 and 1170 of the Act, Congress defines a security background check
as vetting that includes criminal, immigration and terrorist checks,
and provides that if TSA issues a rulemaking to require operators to
conduct security background checks, TSA must require use of the
criminal standards and redress required by 46 U.S.C. 70105, and 49 CFR
part 1572.
---------------------------------------------------------------------------
\9\ This portion of the STA is called ``terrorism check and
other analyses.'' This portion of the STA may include searches of
many data sources, such as the consolidated terrorist watchlist
(TSDB), U.S. Marshal's Service wants and warrants, U.S. Department
of State lost and stolen passports, and Interpol.
---------------------------------------------------------------------------
Further, TSA proposes to require security coordinators of public
transportation, railroad, and OTRB operators to complete a Level 3 STA,
which includes an immigration check, criminal check, and terrorism/
other analyses check. Table 1 below provides a summary of these
proposed vetting requirements. Also, TSA proposes a robust redress
process for individuals who are deemed ineligible for a position as a
result of the vetting, to ensure that they are not disqualified in
error. Finally, TSA proposes user fees to cover the costs of TSA's
vetting, as required by statute.\10\
---------------------------------------------------------------------------
\10\ See 6 U.S.C. 469.
Table 1--Affected Population by Mode and STA Requirement
----------------------------------------------------------------------------------------------------------------
Proposed rule requirements
Affected -------------------------------------------------
Mode Risk level population Terrorism/ other Immigration
analyses check CHRC
----------------------------------------------------------------------------------------------------------------
Freight Rail................ High Risk...... Security- [ballot] [ballot] ............
Sensitive
Employees.
------------------------------------------------------------------
............... Security [ballot] [ballot] [ballot]
Coordinators
-----------------------------------------------------------------------------------
Non-High-Risk.. Security- ................. ............... ............
Sensitive
Employees.
------------------------------------------------------------------
............... Security [ballot] [ballot] [ballot]
Coordinators
----------------------------------------------------------------------------------------------------------------
PTPR........................ High-Risk...... Security- [ballot] [ballot] ............
Sensitive
Employees.
------------------------------------------------------------------
............... Security [ballot] [ballot] [ballot]
Coordinators
-----------------------------------------------------------------------------------
Non-High-Risk.. Security- ................. ............... ............
Sensitive
Employees.
------------------------------------------------------------------
............... Security [ballot] [ballot] [ballot]
Coordinators
----------------------------------------------------------------------------------------------------------------
OTRB........................ High-Risk...... Security- ................. ............... ............
Sensitive
Employees.
------------------------------------------------------------------
............... Security [ballot] [ballot] [ballot]
Coordinators
-----------------------------------------------------------------------------------
Non-High-Risk.. Security- ................. ............... ............
Sensitive
Employees.
------------------------------------------------------------------
............... Security ................. ............... ............
Coordinators
----------------------------------------------------------------------------------------------------------------
C. Costs and Benefits
Table 2 identifies estimated 10-year costs to certain freight
railroad carriers, public transportation and passenger railroad (PTPR)
operators, OTRB operators, and TSA; and the overall cost of this
proposed rule.
Table 2--Cost of the Proposed Rule
------------------------------------------------------------------------
Estimated costs (millions,
over 10 years, discounted at
7 percent)
------------------------------------------------------------------------
Freight Railroad.......................... $31.43
Public Transportation and Passenger 52.96
Railroads................................
(PTPR)....................................
OTRB...................................... 0.92
TSA....................................... 1.27
-----------------------------
Total................................. 86.58
------------------------------------------------------------------------
[[Page 33475]]
As compared to attacks carried out by passengers, attacks carried
out by employees pose a higher likelihood of success and/or a larger
impact due to employees' knowledge of the systems, infrastructure,
vulnerabilities and operations. Also, employees possess unique access
to critical operations and areas, which permits them to move with ease
in sensitive areas where similar actions by passengers would be more
readily identified as suspicious activity, and increases the
opportunity and confidence to commit an attack. Known or suspected
terrorists (KSTs) are more likely to be responsible for a
disproportionate number of all attacks as compared to their proportion
of the population, and thus moving KSTs and other higher-risk
individuals out of the `insider' positions employees hold reduces risk,
while affecting a very small percentage of all employees. Initial
vetting inhibits applicants or existing employees from commencing or
continuing their employment, which deters their ability to carry out an
act. Recurrent vetting ensures employees who become threats can be
removed quickly, reducing the overall net risk to this industry. While
is it not possible to quantify the net risk reduction employee vetting
creates, TSA's comprehensive vetting of transportation workers has
effectively identified insider threats. The effort creates a meaningful
reduction of risk of an insider attack, which benefits transportation
security.
II. Background
A. Statutory and Regulatory History
Following the terrorist attacks of September 11, 2001, Congress
created the National Commission on Terrorist Attacks Upon the United
States (9/11 Commission).\11\ The 9/11 Commission investigated the
facts and circumstances relating to the attacks, and, on July 22, 2004,
issued its Report.\12\
---------------------------------------------------------------------------
\11\ Title VI, Intelligence Authorization Act for Fiscal Year
2003, Public Law 107-306 (116 Stat. 2383; Nov. 7, 2002).
\12\ The 9/11 Commission Report is available at <a href="https://www.9-11commission.gov/">https://www.9-11commission.gov/</a>.
---------------------------------------------------------------------------
In the Report, the 9/11 Commission recognized that transportation
involves more than just aviation, noting that ``[a]bout 6,000 agencies
provide transit services through buses, subways, ferries, and light-
rail service to about 14 million Americans.'' \13\ The 9/11 Commission
also recognized that ``[o]pportunities to do harm are as great, or
greater, in maritime or surface transportation'' as they are in
aviation.\14\ The Commission specifically noted the ``use of insiders''
as a possible terrorist tactic.\15\ The Commission included in its
report numerous recommendations for further action by the U.S.
Government and other actors.\16\
---------------------------------------------------------------------------
\13\ Report, p. 390-1.
\14\ Report, p. 391.
\15\ Report, p. 392.
\16\ Report, pp. 367-398.
---------------------------------------------------------------------------
In the 9/11 Act, Congress implemented many of the 9/11 Commission's
recommendations. Congress requires TSA to issue regulations on security
training, vetting, vulnerability assessments, and security plans for
surface transportation entities. TSA is complying with the statute by
issuing separate, but related rulemakings.\17\ This rulemaking
addresses the 9/11 Act requirements to conduct ``security background
checks'' of certain public transportation, railroad carrier, and OTRB
employees. For purposes of this rulemaking and consistent with common
vetting terminology, TSA uses the term ``security threat assessment
(STA)'' in place of ``security background checks'' and the terms have
the same meaning.
---------------------------------------------------------------------------
\17\ See Security Training for Surface Transportation Employees
Final Rule, 85 FR 16456 (March 23, 2020), as amended by 85 FR 25315
(May 1, 2020), 85 FR 67681 (Oct. 26, 2020), and 86 FR 23629 (May 4,
2021) (Security Training Final Rule).
---------------------------------------------------------------------------
The 9/11 Act requires TSA to evaluate an individual in the STA
process to identify ``individuals who may pose a threat to
transportation security or national security, or of terrorism.'' \18\
Individuals who may pose such threats are not eligible to perform
security-sensitive or security coordinator functions. TSA proposes to
use this standard set forth in the 9/11 Act for all individuals who
apply for an STA under this rulemaking.
---------------------------------------------------------------------------
\18\ See 6 U.S.C. 1143(a)(1), 1170(a)(1).
---------------------------------------------------------------------------
Under the 9/11 Act, TSA must conduct an STA of frontline public
transportation employees \19\ and railroad employees \20\ that includes
a terrorism and immigration check. TSA calls this a Level 2 check. The
9/11 Act does not require a Level 2 check of frontline OTRB employees.
The 9/11 Act also states that public transportation \21\ and railroad
\22\ employees who are subject to security vetting should have an
adequate redress process available to them to ensure that they are not
removed or deemed ineligible in error. Finally, the 9/11 Act requires
security coordinators of railroads \23\ and OTRB \24\ owner/operators
to be U.S. citizens, unless TSA waives this requirement after
conducting an appropriate STA.
---------------------------------------------------------------------------
\19\ See 6 U.S.C. 1140.
\20\ 9/11 Act sec. 1520.
\21\ See 6 U.S.C. 1143(d).
\22\ See 6 U.S.C. 1170(d).
\23\ See 6 U.S.C. 1162(e)(2).
\24\ See 6 U.S.C. 1181(e)(2).
---------------------------------------------------------------------------
TSA has extensive responsibility for and experience in vetting
individuals who access the nation's transportation system. TSA has
broad general authority to ``require background checks for airport
security screening personnel, individuals with access to secure areas
of airports, and other transportation security personnel.'' \25\ In
addition, there are statutes that require TSA to conduct STAs of
specific individuals, such as: (1) certain airport and airline workers;
\26\ (2) certain merchant mariners and individuals who require
unescorted access to secure areas of vessels and maritime facilities;
\27\ (3) individuals seeking hazardous materials endorsements (HMEs) on
commercial driver's licenses issued by the States; \28\ and (4)
applicants for trusted traveler status to participate in the TSA
PreCheck[supreg] Application Program.\29\
---------------------------------------------------------------------------
\25\ See 49 U.S.C. 114(f)(12).
\26\ See 49 U.S.C. 44936; 49 CFR 1542.209, 1544.229, 1544.230.
\27\ See 46 U.S.C. 70105; 49 CFR part 1572.
\28\ See 49 U.S.C. 5103a; 49 CFR part 1572.
\29\ See 49 U.S.C 114 note; 78 FR 72922 (Dec. 4, 2013).
---------------------------------------------------------------------------
An STA is an inquiry to confirm an individual's identity and
determine whether the individual poses or may pose a security threat to
transportation or national security, or of terrorism. Individuals who
TSA determines do not to pose a threat may be eligible for access to
transportation infrastructure or assets, or other privileges and
credentials. An STA consists of one or more checks against certain data
sources, which may include terrorist or other government or
intelligence watchlists, Interpol, immigration records, and criminal
history records. As explained below, the specific checks TSA performs
vary depending on the governing statutory requirements and the security
needs associated with the access, privilege, or credential the
individual seeks. In this NPRM, we propose the vetting standards and
redress required by the 9/11 Act. In addition, we propose to conduct
recurrent vetting and renewal of the STA every 5 years. The recurrent
vetting and STA renewal is not required by the 9/11 Act, but is
necessary to create a useful and effective inquiry into these
transportation workers.
B. Specific Provisions
1. Security-Sensitive Employees. Like the 9/11 Act training
requirements that were the subject of a separate
[[Page 33476]]
rulemaking,\30\ the 9/11 Act vetting requirements refer to
``frontline'' employees (that is, ``public transportation frontline
employees'' in section 1411 and ``frontline railroad employees'' in
section 1520). The 9/11 Act provides definitions for ``frontline
employee'' within each mode of transportation.\31\ For instance, the
statute defines the term ``railroad frontline employees'' to mean
security personnel, dispatchers, locomotive engineers, conductors,
trainmen, other onboard employees, maintenance and maintenance support
personnel, bridge tenders, and any other railroad employees that the
Secretary of Homeland Security determines should receive security
training. The statute provides similar definitions for OTRB and public
transportation operations.
---------------------------------------------------------------------------
\30\ See Security Training for Surface Transportation Employees
Final Rule, 85 FR 16456 (March 23, 2020), as amended by 85 FR 25315
(May 1, 2020), 85 FR 67681 (Oct. 26, 2020), and 86 FR 23629 (May 4,
2021).
\31\ See 6 U.S.C. 1151(6) (railroads), 6 U.S.C. 1131(4) (public
transportation), and 6 U.S.C. 1151(5) (OTRB).
---------------------------------------------------------------------------
As part of the Security Training rulemaking, TSA adopted the term
``security-sensitive employees'' instead of ``frontline employees'' to
capture the individuals who are subject to the 9/11 Act
requirements.\32\ TSA analyzed the employees listed in the 9/11 Act's
definitions of ``frontline employees'' and considered whether employees
are in a position to detect suspicious activity because of where they
work, their interaction with the public, or their access to
information. TSA also considered which individuals may need to know how
to report or respond to these potential threats. As a result of this
analysis, TSA determined that employees who perform functions with a
direct nexus to, or impact on transportation security, should be called
``security-sensitive employees'' rather than ``frontline employees.''
---------------------------------------------------------------------------
\32\ See 81 FR 91336, 91353-91355; 85 FR 16456, 16475.
---------------------------------------------------------------------------
In this rulemaking, consistent with the 9/11 Act (which, as noted
above, uses the ``frontline employee'' terminology with respect to both
training and vetting), and the applicability and terminology of the
Security Training rulemaking, TSA proposes to implement the requirement
to vet ``frontline'' rail and public transportation employees by
issuing vetting regulations that apply to the same population of
``security-sensitive'' rail and public transportation employees covered
by the Security Training rulemaking.\33\ The following tables, taken
from the Security Training rulemaking, describe the security-sensitive
functions that, under this rule, would be subject to new vetting
requirements.\34\
---------------------------------------------------------------------------
\33\ See 49 CFR 1580.3, 1582.3, and 1584.3 in the Security
Training Final Rule.
\34\ Note that we are not providing a chart of the OTRB
employees who are considered ``security-sensitive'' because the
statute does not require TSA to conduct STAs of OTRB security-
sensitive employees, and TSA has determined that it is unnecessary
to impose such a requirement at this time.
Table 3--Security-Sensitive Functions for Freight Rail
----------------------------------------------------------------------------------------------------------------
Examples of job titles
Categories Security-sensitive job functions for freight rail applicable to these
functions *
----------------------------------------------------------------------------------------------------------------
A. Operating a vehicle.......... 1. Employees who operate or directly control the Engineer, conductor.
movements of locomotives or other self-powered rail
vehicles.
2. Train conductor, trainman, brakeman, or utility
employee or performs acceptance inspections, couples
and uncouples rail cars, applies handbrakes, or
similar functions..
3. Employees covered under the Federal hours of
service laws as ``train employees.'' See 49 U.S.C.
21101(5) and 21103.
B. Inspecting and maintaining Employees who inspect or repair rail cars and Carman, car repairman,
vehicles. locomotives. car inspector,
engineer, conductor.
C. Inspecting or maintaining 1. Employees who-- Signalman, signal
building or transportation a. Maintain, install, or inspect communications and maintainer, trackman,
infrastructure. signal equipment.. gang foreman, bridge
b. Maintain, install, or inspect track and and building laborer,
structures, including, but not limited to, bridges, roadmaster, bridge,
trestles, and tunnels.. and building inspector/
operator.
2. Employees covered under the Federal hours of
service laws as ``signal employees.'' See 49 U.S.C.
21101(3) and 21104.
D. Controlling dispatch or 1. Employees who-- Yardmaster, dispatcher,
movement of a vehicle. a. Dispatch, direct, or control the movement of block operator, bridge
trains.. operator.
b. Operate or supervise the operations of moveable
bridges..
c. Supervise the activities of train crews, car
movements, and switching operations in a yard or
terminal..
2. Employees covered under the Federal hours of
service laws as ``dispatching service employees.''
See 49 U.S.C. 21101(2) and 21105.
E. Providing security of the Employees who provide for the security of the Police officer, special
owner/operator's equipment and railroad carrier's equipment and property, including agent; patrolman;
property. acting as a railroad police officer (as that term is watchman; guard.
defined in 49 CFR 207.2).
F. Loading or unloading cargo or Includes, but is not limited to, employees that load Service track employee.
baggage. or unload hazardous materials.
G. Interacting with travelling Employees of a freight railroad operating in Conductor, engineer,
public (on board a vehicle or passenger service. agent.
within a transportation
facility).
H. Complying with security 1. Employees who serve as security coordinators Security coordinator,
programs or measures, including designated in Sec. 1570.201 of this subchapter, as train master,
those required by Federal law. well as any designated alternates or secondary assistant train
security coordinators. master, roadmaster,
2. Employees who--................................... division roadmaster.
a. Conduct training and testing of employees when the
training or testing is required by TSA's security
regulations.
b. Perform inspections or operations required by Sec.
1580.205 of this subchapter.
c. Manage or direct implementation of security plan
requirements.
----------------------------------------------------------------------------------------------------------------
* These job titles are provided solely as a resource to help understand the functions described; whether an
employee must be trained is based upon the function, not the job title.
[[Page 33477]]
Table 4--Security-Sensitive Functions for Public Transportation and
Passenger Railroads
------------------------------------------------------------------------
Security-sensitive job functions for
Categories Public Transportation and Passenger
Railroads (PTPR)
------------------------------------------------------------------------
A. Operating a vehicle....... 1. Employees who--
a. Operate or control the movements of
trains, other rail vehicles, or transit
buses.
b. Act as train conductor, trainman,
brakeman, or utility employee or
performs acceptance inspections, couples
and uncouples rail cars, applies
handbrakes, or similar functions.
2. Employees covered under the Federal
hours of service laws as ``train
employees.'' See 49 U.S.C. 21101(5) and
21103.
B. Inspecting and maintaining Employees who--
vehicles. 1. Perform activities related to the
diagnosis, inspection, maintenance,
adjustment, repair, or overhaul of
electrical or mechanical equipment
relating to vehicles, including
functions performed by mechanics and
automotive technicians.
2. Provide cleaning services to vehicles
owned, operated, or controlled by an
owner/operator regulated under this
subchapter.
C. Inspecting or maintaining Employees who--
building or transportation 1. Maintain, install, or inspect
infrastructure. communication systems and signal
equipment related to the delivery of
transportation services.
2. Maintain, install, or inspect track
and structures, including, but not
limited to, bridges, trestles, and
tunnels.
3. Provide cleaning services to stations
and terminals owned, operated, or
controlled by an owner/operator
regulated under this subchapter that are
accessible to the general public or
passengers.
4. Provide maintenance services to
stations, terminals, yards, tunnels,
bridges, and operation control centers
owned, operated, or controlled by an
owner/operator regulated under this
subchapter.
5. Employees covered under the Federal
hours of service laws as ``signal
employees.'' See 49 U.S.C. 21101(4) and
21104.
D. Controlling dispatch or Employees who--
movement of a vehicle. 1. Dispatch, report, transport, receive
or deliver orders pertaining to specific
vehicles, coordination of transportation
schedules, tracking of vehicles and
equipment.
2. Manage day-to-day management delivery
of transportation services and the
prevention of, response to, and redress
of service disruptions.
3. Supervise the activities of train
crews, car movements, and switching
operations in a yard or terminal.
4. Dispatch, direct, or control the
movement of trains or buses.
5. Operate or supervise the operations of
moveable bridges.
6. Employees covered under the Federal
hours of service laws as ``dispatching
service employees.'' See 49 U.S.C.
21101(2) and 21105.
E. Providing security of the Employees who--
owner/operator's equipment 1. Provide for the security of PTPR
and property. equipment and property, including acting
as a police officer.
2. Patrol and inspect property of an
owner/operator regulated under this
subchapter to protect the property,
personnel, passengers and/or cargo.
F. Loading or unloading cargo Employees who load, or oversee loading
or baggage. of, property tendered by or on behalf of
a passenger on or off of a portion of a
train that will be inaccessible to the
passenger while the train is in
operation.
G. Interacting with Employees who provide services to
travelling public (on board passengers on-board a train or bus,
a vehicle or within a including collecting tickets or cash for
transportation facility). fares, providing information, and other
similar services. Including:
1. On-board food or beverage employees.
2. Functions on behalf of an owner/
operator regulated under this subchapter
that require regular interaction with
travelling public within a
transportation facility, such as ticket
agents.
H. Complying with security 1. Employees who serve as security
programs or measures, coordinators designated in Sec.
including those required by 1570.201 of this subchapter, as well as
Federal law. any designated alternates or secondary
security coordinators.
2. Employees who--
a. Conduct training and testing of
employees when the training or testing
is required by TSA's security
regulations.
b. Manage or direct implementation of
security plan requirements.
------------------------------------------------------------------------
The 9/11 Act uses the term `employees' when discussing the
individuals who must undergo an STA. However, TSA understands this term
to include any individual who performs the security-sensitive functions
outlined in the charts above or acts as a security coordinator,
regardless of whether they have a strict employer/employee relationship
with the operator. If an operator enters into a contract with a company
to provide on-board food and beverage service on public transportation,
as described in Line G in the chart above, the individuals who perform
those security-sensitive services are in positions to create security
vulnerabilities regardless of whether they are `employees' or
authorized representatives, including contract personnel, of the
operator.
TSA defines an authorized representative in 49 CFR 1500.3 as a
person who is not a direct employee of the operator, but is authorized
to act on the operator's behalf to perform required security measures.
The term `authorized representative' includes agents, contractors, and
subcontractors. Also, TSA defines contractor in 49 CFR 1570.3 as a
person or organization that provides a service for an owner/operator
regulated under this subchapter consistent with a specific
understanding or arrangement. The understanding can be a written
contract or an informal arrangement that reflects an ongoing
relationship between the parties.
For purposes of this proposed rulemaking, TSA intends that an
employee or authorized representative (including contractor) of an
operator who performs security-sensitive functions or acts as a
security coordinator would be subject to the vetting requirements set
forth in the 9/11 Act. TSA believes Congress intends TSA to apply the
same level of scrutiny to employees or authorized representatives
(including contractors) who perform these security functions. An
alternate view in which an authorized representative performing
security functions would not be subject to the STA an employee must
undergo for performing the same functions would undermine the purpose
of the 9/11 Act provisions and create obvious security risks. In all
modes of transportation where TSA requires individuals who perform
security functions or have access to secured areas to undergo an STA,
an employer/employee relationship is not required to trigger the STA.
For purposes of the vetting standards TSA administers, the individual's
access or function that can impact the security of operations is the
factor that determines whether an STA is required. If TSA adopted
standards in which an employer could evade vetting requirements
altogether by using
[[Page 33478]]
authorized representatives/contractors, the vetting framework would be
a sieve permitting individuals with bad intent to move undetected in
the transportation system.
The 9/11 Act provides that TSA must complete a ``name-based
security background check against the consolidated terrorist watchlist
and an immigration status check'' \35\ that is similar to the threat
assessment screening program that TSA conducted for maritime employees
and longshoremen pursuant to a notice issued by the U.S. Coast Guard
(USCG) in 2006.\36\ That Notice required port facility owner/operators
to provide biographic information of all longshoremen and other
individuals who enter the port regularly on spreadsheets to the USCG.
The USCG then delivered the information to TSA, and TSA conducted a
name-based terrorism and immigration status check using the biographic
information provided. The Notice required facility operators and unions
to ``provide, on a continuing basis, the above-listed information for
all new facility employees or longshoremen in a timely manner.'' \37\
The use of spreadsheets was necessary because TSA had not yet
established enrollment centers to collect the necessary information
electronically. TSA conducted this vetting while preparing the TWIC
rulemaking that established the enrollment and vetting process it now
uses for maritime employees. After publication of the Notice, TSA and
USCG issued a joint rulemaking in January 2007 that established the
TWIC vetting program. The rule established tiers of vetting,
disqualification standards, and the requirement to renew the STA every
5 years. Once the TWIC rule became effective, it supplanted any vetting
that was being done under the Notice.
---------------------------------------------------------------------------
\35\ 9/11 Act, sec. 1411, 1520.
\36\ 71 FR 25066 (April 28, 2006).
\37\ Id. at 25067.
---------------------------------------------------------------------------
While this process achieved the purpose of conducting vetting of
the maritime workforce, it was resource-intensive and subject to errors
due to the manual data collection and entry process. Since 2006, TSA's
enrollment and vetting capabilities have matured substantially, and the
new electronic processes are faster, more accurate, and more efficient.
Also, various terrorist databases administered by other agencies have
matured and grown. TSA is better positioned now to collect the
necessary data and conduct recurrent \38\ (daily) vetting
electronically. Therefore, TSA proposes to conduct the STA called for
in the 9/11 Act using the improved procedures and capabilities we now
possess and use regularly in other vetting programs. Also, TSA proposes
to conduct recurrent vetting of the terrorism/other analysis check for
this population, as TSA does for all other vetting programs. A one-time
vet of names would be viewed as substandard and the cost reduction
would not justify the loss of security benefits. All of the vetting
databases change daily, and thus a snapshot of a workforce in place for
one day in time serves minimal long-term security benefit. An
individual who passes a terrorism check Monday, may be newly identified
as a threat and appear on a terrorist watchlist Tuesday. TSA's
recurrent vetting does not require the vetted individual to perform any
additional efforts; TSA's systems simply continue to run the biographic
data collected against the watchlists each time they are amended,
permitting TSA to conduct an investigation if any new information is
discovered during the course of an individual's authorized access to
indicate that they may pose a security threat. While the 9/11 Act does
not expressly require recurrent vetting or renewal of the STA, TSA is
authorized \39\ to use its discretion and expertise in vetting to
propose these procedures. Moreover, we believe Congress fully intends
that TSA establish programs that are effective in identifying risks to
transportation security.
---------------------------------------------------------------------------
\38\ The term `recurrent vetting' means TSA vets a name against
the database each time the database is amended with new or revised
information. This typically happens on a daily basis, and often more
than once a day. TSA continues to recurrently conduct the terrorism
check for the duration of the STA, which is typically 5 years.
\39\ See 49 U.S.C. 114(f).
---------------------------------------------------------------------------
Consistent with the 9/11 Act, TSA proposes to require security-
sensitive employees of covered public transportation and railroad
operators to undergo a Level 2 check that includes an immigration check
and terrorism/other analyses check. For the terrorism/other analyses
check, TSA reviews biographic information, documents, and databases to
confirm an individual's identity, and searches government and non-
government databases, including terrorist watchlists, criminal wants
and warrants, Interpol, and other domestic and international sources,
relevant to determining whether an individual may pose or poses a
threat to transportation or national security, or of terrorism. If TSA
determines that the individual poses or may pose a threat, the
individual is not eligible for the security-sensitive position.
TSA conducts the terrorism/other analyses check recurrently for the
duration of the STA, which is 5 years in most TSA vetting programs, and
we propose the same for surface employees. Thus, if an individual
initially ``passes'' the STA, but is later placed on a watchlist, TSA
can quickly take appropriate action to disqualify the worker or
otherwise minimize the threat.
The immigration check TSA proposes for security-sensitive employees
would verify that the individual is a U.S. citizen or national, or a
non-citizen who is a lawful permanent resident, refugee, asylee, lawful
nonimmigrant, paroled into the U.S., or is otherwise authorized to work
in the U.S. TSA conducts immigration checks by using the U.S.
Citizenship and Immigration Services' (USCIS) Systematic Alien
Verification for Entitlements (SAVE) Program. The SAVE Program is a
government system designed to assist Federal, State, tribal, and local
government agencies in determining an individual's immigration category
to ensure that authorized individuals lawfully receive benefits or
licenses.
As noted above, the 9/11 Act does not require TSA to conduct STAs
of OTRB security-sensitive employees, and we are not proposing a Level
2 check of these individuals in this NPRM. However, TSA is considering
adding that requirement in the final rule and invites comment from
industry stakeholders on such a requirement. TSA is concerned that new
terrorism-related tactics have emerged since passage of the 9/11 Act,
including the use of vehicles in crowds to injure and kill innocent
pedestrians. Beginning with the attack in Nice, France in 2016, vehicle
ramming attacks have escalated. In 2017, 17 vehicle ramming attacks
throughout the world were verified as terrorist-based, resulting in 173
fatalities and 667 injuries.
Moreover, buses, including those used for OTRB routes, are often
provided extraordinary access and proximity to special events, athletic
games, concerts or shopping venues, as a convenience to event-goers and
as a traffic congestion tool for organizers. An ``insider,'' such as an
OTRB driver, would have greater opportunity to harm event attendees by
using a vehicle-borne improvised explosive device or simply conducting
a ramming attack at passenger staging areas. The opportunity for harm
using an OTRB may be greater than with use of a public transportation
vehicle because OTRB operations include interstate business, which
requires the vehicles to be capable of travelling much greater
distances with much
[[Page 33479]]
heavier loads than transit buses. As a result, the typical OTRB is
larger, heavier, and equipped with underfloor luggage storage areas not
found in transit buses. Based upon its design, the OTRB is capable of
transporting large volumes of dangerous materials that could be used in
a terrorist attack.
TSA estimates that the addition of OTRB security-sensitive employee
vetting would affect an additional estimated 47,423 OTRB employees,
compared with the current public transportation/passenger rail
population of approximately 179,337 and freight rail population
estimated at 122,236. TSA estimates that the total annualized cost of
compliance would increase by $2.2 million.
TSA invites comment on requiring Level 2 vetting for OTRB security-
sensitive employees as part of this rulemaking. TSA has broad statutory
authority to assess the need for and require vetting of transportation
workers.\40\ Under this authority, TSA may require OTRB workers to
undergo the same vetting that we are proposing to require for security-
sensitive public transportation and railroad workers. We invite
stakeholders to comment on the relative security risks that are
associated with OTRB operations, including insider threats and public
sector vulnerabilities. Also, TSA invites comment and data on the costs
to owner/operators and individuals as a result of new vetting
requirements, and ways to reduce costs.
---------------------------------------------------------------------------
\40\ See 49 U.S.C. 114(f).
---------------------------------------------------------------------------
2. Security Coordinators. In the Security Training rulemaking, TSA
requires covered public transportation, railroad, and OTRB owner/
operators to employ security coordinators.\41\ Security coordinators
perform important security functions, including coordinating the owner/
operator's security procedures internally and with appropriate law
enforcement and emergency response agencies. These individuals
typically have access to SSI, Personally Identifiable Information and
sensitive information from government threat briefings, all of which
require responsible handling. For these reasons, TSA proposes to
require a more comprehensive Level 3 STA for security coordinators. TSA
proposes that security coordinators must successfully complete a
fingerprint-based criminal history records check (CHRC) in addition to
the immigration and terrorism/other analyses checks. TSA requires
security coordinators in other modes of transportation and certain
individuals with access to SSI to undergo this more thorough STA as
well.
---------------------------------------------------------------------------
\41\ See Security Training for Surface Transportation Employees
Final Rule, 85 FR 16456 (March 23, 2020), as amended by 85 FR 25315
(May 1, 2020), 85 FR 67681 (Oct. 26, 2020), and 86 FR 23629 (May 4,
2021) (Security Training Final Rule).
---------------------------------------------------------------------------
TSA is proposing the same CHRC standards that currently apply in
the TWIC and HME programs, codified at 49 CFR part 1572, for the Level
3 STA in this rulemaking. In the 9/11 Act, Congress provided that if
TSA chose to require a CHRC for these surface workers, the TWIC/HME
standards for CHRCs and redress should apply.\42\ Also, TSA proposes to
codify the redress procedures in place for TWIC and HME applicants that
are currently codified in 49 CFR part 1515, for security coordinators
covered by this NPRM. Depending on the nature of the disqualification,
individuals may appeal TSA's eligibility decision by asserting that the
records on which TSA made its decision are incorrect; apply for a
waiver of the criminal standards by asserting that the individual is
rehabilitated; appeal TSA's waiver denial to an Administrative Law
Judge; or seek review by the TSA Decision Maker.
---------------------------------------------------------------------------
\42\ See 6 U.S.C. 1143(c)-(d) for public transportation; 6
U.S.C. 1170(c)-(d) for railroads. Because TSA is conducting the
vetting, rather than requiring the operator to do so, TSA would
implement the redress standards Congress intended to apply to
individuals who receive adverse vetting results, and not the
operators.
---------------------------------------------------------------------------
The 9/11 Act provides that an individual serving as a security
coordinator for a rail carrier or an OTRB owner/operator must be a
citizen of the United States, unless TSA conducts an STA in place of
the citizenship requirement.\43\ TSA proposes more thorough vetting for
security coordinators, and this level of vetting satisfies the 9/11 Act
as a substitute for the U.S. citizenship requirement. The security
coordinator vetting requirements would apply to all rail carrier and
OTRB security coordinators, including individuals who are not U.S.
citizens.
---------------------------------------------------------------------------
\43\ See 6 U.S.C. 1162(e)(2), 1181(e)(2).
---------------------------------------------------------------------------
3. Rap Back and IDENT. For all STAs that require a CHRC, TSA plans
to conduct the CHRC through the Federal Bureau of Investigation (FBI),
as is customary. Also, TSA plans to implement the FBI's Criminal
Justice Information System (CJIS) ``Rap Back'' service for these
individuals. Rap Back enables TSA to receive new criminal history
information after the initial submission of fingerprints. Prior to the
implementation of Rap Back, TSA had to submit new fingerprints and fees
to obtain any new criminal history on an individual. The Rap Back
service provides a ``recurrent'' criminal vetting capability that will
enhance security significantly by providing TSA with timely criminal
history information, rather than waiting for long periods, sometimes
several years, to obtain the most recent criminal information. With Rap
Back, TSA can determine that an individual who initially passed the
CHRC and was eligible for access has become ineligible due to a recent
disqualifying criminal offense. Rap Back has become an integral part of
a CHRC and is now the industry standard for criminal vetting. TSA has
implemented Rap Back for other vetting programs such as airport and
aircraft operator employees and TWIC holders, and proposes to use it
for the CHRCs that would be conducted under this proposed rule. The
implementation of Rap Back will not affect the type or amount of
information TSA must collect from each individual at enrollment.
TSA also plans to submit the fingerprints to the Automated
Biometrics Identification System (IDENT), which is operated by the
DHS's Office of Biometric Identity Management. IDENT is the
Departmental biometric repository and provides additional, important
information for TSA to use as part of the vetting process.
4. Identity (ID) Verification. TSA is proposing to require in-
person ID verification at a TSA enrollment center as part of the
vetting process. Accurately verifying the identity of each individual
whom TSA vets remains one of the most important aspects of combatting
insider threats and fraud. In-person ID verification provides a higher
level of confidence that individuals are who they claim to be. TSA's
enrollment personnel are trained to examine documents for evidence of
fraud and may use electronic software that scores the identity
documents for fraud. Also, if the documents presented are of concern to
the enrollment agents, the agents can flag them for further analysis
during the adjudication process, when adjudicators can compare the
biographic information presented with other government or public
records.
TSA considered proposing an entirely on-line ID verification and
enrollment process, particularly where there is no need to collect
fingerprints or take a photograph. However, TSA believes on-line ID
verification creates opportunities for fraud relative to TSA's capacity
to detect fraud at a physical enrollment center. TSA invites comments
from stakeholders on potential ways to instill the same or greater
level of reliability in on-line ID verification as we have for in-
person ID verification.
[[Page 33480]]
5. Use of TSA enrollment centers. TSA proposes in this rulemaking
to use its established enrollment process for vetting the individuals
covered by this rule. TSA operates a network of more than 300
enrollment centers that are widely dispersed throughout the United
States and abroad, and currently service TSA's TWIC, HME, and TSA
PreCheck[supreg] programs. In addition to the stationary sites, TSA's
enrollment contractor offers opportunities for setting up mobile
enrollment sites at specific workplaces. Each employer would be able to
contact TSA's provider directly to discuss the number of employees who
must enroll, potential locations, whether the provider would charge a
fee for the service, and other details necessary to finalize an on-
site, mobile enrollment center. These mobile sites minimize work
disruption and employee travel time to an enrollment center. Also,
employers can ensure that the entire workforce enrolls in a finite,
relatively short period of time.
TSA's contractor also provides employers the capability to conduct
their own enrollments. This enrollment method is called an ``authorized
non-public enrollment capability.'' If an employer is interested in
hosting their own enrollment center to service their employees, they
work directly with the contractor to reach a mutually acceptable
agreement regarding the requirements and any associated costs for this
arrangement. Employers would provide the enrollment center space and
resources (such as Trusted Agents to act as enrollment personnel) to
operate the enrollment center. The space and personnel must meet the
contractual requirements, which include internet connectivity,
sufficient furniture, and privacy screens to protect an applicant's
personal information as it is entered into the enrollment system. The
employer's Trusted Agents would have to undergo a Level 3 STA, given
their access to personally identifiable information, just as TSA's
contractor Trusted Agents do. TSA's contractor would provide the
enrollment hardware, software, and other equipment required to conduct
enrollments. Additionally, the contractor would provide training and
quality assurance oversight for the authorized non-public enrollment
center. The agreement to operate an authorized non-public enrollment
center is a contract between the interested employer and TSA's
contractor, and not an agreement with TSA directly. Under this
scenario, the owner/operators are not `regulated' by TSA as an
enrollment provider, but work directly with the contractor and ensure
that they satisfy the contractual requirements.
TSA considered the alternative of requiring or permitting owner/
operators subject to this NPRM to act as enrollment providers, rather
than using the TSA enrollment contractor for these services. Under this
scenario, the owner/operators would be directly regulated by TSA to
meet standards that are similar to the contractual requirements TSA and
TSA's enrollment provider have developed. The owner/operators would
provide their own trained Trusted Agents to collect information and
fees from STA applicants and develop secure connections to TSA's
systems that meet all Federal cyber security requirements. The
employers would be required to ensure that the Trusted Agents adhere to
minimum enrollment standards for verifying identity, protecting
personal information, accurately collecting biometric and biographic
information, and processing TSA's fees correctly. This alternative
would eliminate the need for employees to travel to an enrollment site
outside the workplace. However, owner/operators would be subject to
compliance inspections and potentially civil penalties if their
enrollment procedures were noncompliant. Also, the owner/operators
would have to bear the significant costs associated with establishing
and maintaining the electronic systems and staff to conduct enrollment.
An owner/operator would have to undergo significant system testing,
certification, and accreditation to connect to TSA's vetting systems to
meet heightened Federal security and privacy requirements, and maintain
a high level of security and performance to remain certified. Firewalls
would have to be developed and used to ensure that an owner/operator
could access only their employee data, and to prevent any damage to
TSA's systems if the owner/operator's system malfunctioned. Given the
nature of cyber threats and capabilities, TSA's previous experience
with shared enrollment roles, and the extremely sensitive information
that must be transmitted, TSA is currently unwilling to permit private
employers to connect to its vetting systems.
TSA invites public comment on using TSA enrollment services or
permitting owner/operators to conduct enrollment for this population.
6. Vetting structure. In this rulemaking, TSA proposes to add a new
part 1530 where the vetting standards, fees, and redress procedures
would be codified. TSA proposes to organize all facets of the vetting
process in one part for the convenience of the parties who must undergo
vetting, and to aid in providing consistent standards and fees. TSA
currently operates approximately 30 different vetting programs, such as
the aviation workers (airport and aircraft owner/operators), TWIC, HME,
and TSA PreCheck[supreg] programs and proposes to leverage the
experience and best practices from them in new part 1530.
As discussed above, TSA proposes three ``levels'' of STAs, labeled
Level 1, Level 2, and Level 3. The ``lowest'' level STA (Level 1) would
provide the minimum vetting TSA would conduct and the ``higher'' levels
(Level 2 and Level 3) would provide increased scrutiny, given statutory
requirements and the risks associated with the functions that an
individual performs.
This modular, standardized approach would increase the ability for
individuals to reuse all or part of an earlier STA to satisfy a later
STA requirement. For example, an employee who successfully completes a
Level 2 STA for a public transportation agency will be able, in most
circumstances, to use that Level 2 STA for a position that requires a
Level 2 STA with a railroad operator, as long as the STA has not
expired. As described below, all STAs would expire at the end of 5
years. Also, even if the entire STA is not comparable, one or more of
the checks that comprise the STA may be re-usable. Consider the example
of a security-sensitive employee for a public transportation operator
who successfully completes a Level 2 STA, and who subsequently takes a
job as a security coordinator, which would require a Level 3 STA under
this rulemaking. Even though the Level 2 and Level 3 STAs are different
and thus not comparable in their entirety, they nonetheless share
certain checks in common. In this example, both levels of STA require
an immigration check and terrorism/other analyses check. TSA would be
able re-use the earlier terrorism/other analyses and immigration checks
(assuming they are still valid) for purposes of the second STA. This
means the individual would only have to complete the CHRC required for
the Level 3 STA. Note that the Level 3 STA would expire when the Level
2 STA expired.
7. Effective dates and compliance. TSA recognizes that this
rulemaking would affect many surface transportation owner/operators and
many individuals who have not previously had to comply with security
vetting requirements. There may be logistical issues involved with
achieving initial compliance, including implementing new management
[[Page 33481]]
policies, employee education, and related administrative tasks.
Therefore, TSA proposes to take a risk-based, phased approach to
implementation of this rule. TSA anticipates that there are far fewer
security coordinators than security-sensitive workers, and understands
that security coordinators play a more critical role in the overall
security regime contemplated by the 9/11 Act. For these reasons, TSA
proposes an implementation period of 6 months for requirements relating
to security coordinators, and 12 months for requirements relating to
security-sensitive employees. These timeframes represent our initial
judgment about how to balance security against the burden on regulated
parties. TSA invites comment on how the rule's requirements should be
phased in and become effective, including the appropriate timeframes.
III. Analysis of Proposed Part 1530
A. Introduction
Proposed part 1530 would provide a complete framework for
conducting vetting, collecting user fees, and administering appeals and
waivers. TSA is using 49 CFR part 1515, which currently applies to
individuals required to undergo STAs for TWIC, HME, or Indirect Air
Carrier credentials, as a model for proposed part 1530. Proposed 1530
includes organizational and language improvements over part 1515 to
address issues that TSA has become aware of over time, but it is
substantively very similar to part 1515. The proposed procedures and
standards for conducting STAs set out in part 1530 would apply to the
surface transportation owner/operators and employees covered by this
rulemaking. When finalized, part 1530 will address these surface
workers and TSA will take the appropriate regulatory action to apply
part 1530 to the populations currently covered by 1515.
We propose to organize part 1530 into six subparts. Subpart A would
address topics generally applicable to the STA process, such as
definitions. Each subsequent subpart would address a particular stage
in the STA process. Subpart B would focus on the individual, addressing
topics such as the information he or she must provide when applying for
the STA, procedures for verifying the individual's identity and
immigration category in the United States, procedures for collecting
fingerprints, and establishing the individual's continuing
responsibilities throughout the process. Subpart C would be reserved,
and subpart D would address the fees necessary to recover the costs of
conducting STAs, and how TSA must process the fees. Subpart E would set
out the procedures that TSA proposes to use to conduct the various
checks that comprise an STA, such as how TSA would conduct a CHRC or
immigration check. Subpart F would establish the standards or criteria
that TSA uses to adjudicate the results of the checks conducted during
the STA. For example, a section of subpart F would explain the lists of
crimes TSA would use to determine whether the individual has a
disqualifying criminal conviction. Subpart G would establish the appeal
and waiver procedures for individuals who receive an adverse STA
result.
B. Proposed Subpart A--General
1. Proposed Sec. 1530.1. This section would set out the scope of
the proposed part. Paragraph (a) would establish that part 1530 applies
to individuals required to apply for an STA. In this rulemaking, this
includes individuals who perform security-sensitive functions and are
required to receive security training under 49 CFR 1580.101 (rail) and
49 CFR 1582.101 (public transportation, passenger rail), or act as
security coordinators of owner/operators regulated under parts 1580,
1582, and 1584.
Paragraph (b) would establish that part 1530 applies to operators
who must ensure that individuals who perform security-sensitive
functions in rail and public transportation, or act as security
coordinators for the owner/operators regulated under parts 1580, 1582,
and 1584, as established in the Security Training rulemaking.
2. Proposed Sec. 1530.3. In this section, TSA proposes definitions
for key terms used in part 1530, and proposes that the definitions from
parts 1500, 1503, 1540, 1570, and 1572 apply if those terms appear in
part 1530. TSA proposes a definition for ``individual'' to accurately
identify the person who applies for the STA, holds a valid STA, or is
seeking redress. TSA also proposes definitions for standard redress
terms that are consistent with 49 CFR 1515.3 and are largely self-
explanatory.
TSA is proposing to add a definition to part 1530 for the term
``incarceration.'' Currently, TSA has defined ``incarceration'' as well
as ``imprisoned/imprisonment'' in 49 CFR 1570.3, but TSA believes two
definitions for this concept are confusing and unnecessary. We propose
to eliminate ``imprisoned/imprisonment'' and revise the definition of
incarceration for part 1530. The new proposed definition of
``incarceration'' means under the custody of a bureau of prisons and
confined to a prison, jail, or institution for the criminally insane
pursuant to a sentence imposed as the result of a criminal conviction
or finding of not guilty by reason of insanity. Time spent under the
custody of a bureau of prisons or confined or restricted to a half-way
house, treatment facility, home incarceration, or similar institution,
pursuant to a sentence imposed as the result of a criminal conviction
or finding of not guilty by reason of insanity, constitutes
incarceration for purposes of this rule. The primary difference between
this proposed definition and the current definitions of incarceration
and imprisoned in 49 CFR 1570.3 is that the definition of incarceration
now explicitly includes a sentence to home confinement as a result of a
criminal conviction or finding of not guilty by reason of insanity.
3. Proposed Sec. 1530.5. This section would define the three
``levels'' of STAs that TSA proposes to conduct. Each STA level would
be generically defined in terms of the particular kinds of vetting
(called ``checks'') that comprise the level.
A ``Level 1'' STA would consist of a terrorism check and other
analyses (referred to as `terrorism/other analyses check' throughout
the preamble of this NPRM). TSA is not proposing use of a Level 1 STA
in this NPRM, but may propose it for other populations in the future. A
``Level 2'' STA would consist of the terrorism/other analyses and
immigration checks. A ``Level 3'' STA would consist of the checks
required for a Level 2 STA, plus a CHRC. In accordance with the 9/11
Act, TSA proposes that the security-sensitive employees, as described
in the Surface Training rulemaking and codified in 49 CFR parts 1580,
1582, and 1584, would be required to undergo a Level 2 STA. TSA
proposes to require security coordinators under 49 CFR parts 1580,
1582, and 1584 to undergo a Level 3 STA.
4. Proposed Sec. 1530.7. This section proposes a standard duration
of 5 years for the STAs that TSA conducts and the associated
determinations of eligibility (DOE) that TSA issues. This 5-year term
begins on the date TSA completes the STA, determines the individual is
eligible for the security-sensitive or security coordinator position,
and issues a DOE. This timeframe aligns with similar governmental
programs such as Top Secret and Q security clearances issued by the
Office of Personnel Management; other TSA vetting programs such as TWIC
and HME; and U.S. Customs and Border Protection's (CBP)'s Trusted
Traveler programs, such as Free and Secure Trade (FAST),
[[Page 33482]]
NEXUS, Secure Electronic Network for Travelers Rapid Inspection
(SENTRI), and Global Entry.
TSA proposes that the general 5-year term would be subject to two
exceptions. The exceptions would apply if: (1) an individual uses a
comparable STA completed earlier as the basis of the new STA; or (2) an
initially successful individual no longer meets the eligibility
standards for the STA. As to the first exception, the duration of the
STA would be 5 years from the date on which the initial or comparable
check was issued. Therefore, if TSA issues a DOE based on an
immigration check conducted 2 years earlier in connection with a
previous STA, the duration of the new STA would be 3 years.
The second exception, proposed in paragraph (b), would occur if TSA
determines that an approved individual no longer meets the STA
eligibility standards. In this case, the STA would expire on the date
that TSA serves a Final Determination of Ineligibility (FDI) or a
Preliminary Determination of Ineligibility with Immediate Revocation
(PDIIR) on the individual. Issuance of an FDI means that the
adjudication on any redress processes has run its course and TSA has
finalized its determination that the individual does not meet the STA
standards. In such cases, the DOE is no longer valid, and is deemed
expired. As explained in the discussion of proposed Sec. 1530.417
below, TSA issues a PDIIR when it determines that an imminent security
threat may exist and the DOE must be revoked immediately.
Paragraph (b)(3) would apply to individuals who have successfully
completed a Level 3 STA, but who subsequently are indicted, convicted,
or found not guilty by reason of insanity, of any of the disqualifying
crimes under proposed Sec. 1530.503. These individuals would no longer
meet the STA standards as of the date of indictment, conviction, or
finding of not guilty by reason of insanity. Paragraph (b)(3),
therefore, provides notice that the DOE of such an individual expires
as of the date of indictment, conviction, or finding, regardless of
whether TSA has yet issued an FDI or PDIIR.
Paragraph (b)(4) would apply to individuals who have been issued a
DOE, but whose immigration category subsequently changes and no longer
meet the standards in section 1530.505. Paragraph (b)(4) provides
notice that the DOE of such an individual expires as of the date that
individual no longer meets the immigration standard, regardless of
whether TSA has yet issued an FDI or PDIIR.
5. Proposed Sec. 1530.9. Paragraph (a)(1) would forbid any person
from making, or causing to be made, fraudulent or intentionally false
statements in documents required by, or used to show compliance with,
proposed part 1530. Paragraph (a)(2) would forbid any person from
making or causing to be made, for fraudulent purposes, any reproduction
or alteration of any report, record, security program, access medium,
identification medium, biometric data (fingerprints or photographs), or
credential issued under proposed part 1530. The purpose of paragraph
(a) is to provide a regulatory basis for enforcement action against a
person who takes these actions, which undermine transportation
security.
Paragraph (b) explains that anyone who violates paragraph (a) is
ineligible for the access, privileges, or credential associated with
the STA.
6. Proposed Sec. 1530.11. This section would forbid the fraudulent
use of, or representation concerning, a DOE or STA conducted under part
1530. Paragraph (a) would forbid the use, or attempted use, of an STA
issued or conducted for another person. Paragraph (b) would forbid a
person from causing or attempting to cause another to violate paragraph
(a). Collectively, these provisions are intended to protect the
integrity and reliability of STAs. Paragraph (c) would establish that
any person who violates this section is ineligible for the access,
privileges, or credential associated with the STA.
7. Proposed Sec. 1530.13. Paragraph (a) pertains to compliance,
inspection, and enforcement activities associated with the vetting
process. Specifically, TSA proposes that each individual who is
required to undergo an STA, and each owner/operator whose employees or
authorized representatives must undergo an STA, must permit DHS, at any
time or place, to make inspections or tests, including the copying of
records, to determine compliance with this part and part 1520, which
pertains to sensitive security information. Paragraph (b) would provide
that TSA may require each person with responsibilities under proposed
part 1530 to provide evidence of compliance with parts 1530 and 1520,
including copies of records.
C. Proposed Subpart B--Individual's Enrollment Requirements and
Continuing Responsibilities
1. Introduction. Proposed subpart B would focus on the information
the individual must provide when applying for the STA. Subpart B would
also establish the individual's continuing responsibilities throughout
the duration of the STA, such as disclosing any new disqualifying
information.
TSA must collect and process information, documents, and fees from
individuals in order to conduct the checks that make up an STA. TSA
refers generally to this part of the STA as ``processing.'' Subpart B
proposes the procedures TSA would use in the enrollment process. TSA
uses this enrollment model in existing vetting programs, such as for
TWIC and HME applicants under part 1572, and has a high level of
confidence in this approach. TSA operates over 300 enrollment sites
throughout the United States and abroad \44\ where individuals who are
required to undergo certain STAs go to provide biographic, documentary,
and if necessary, biometric information. Many of these individuals also
have the option to provide some of this information on-line. The
enrollment method set out in proposed subpart B has been designed to
provide as much flexibility as possible for individuals and their
employers, while maintaining efficient, manageable, and secure
interaction with TSA systems.
---------------------------------------------------------------------------
\44\ A complete list of the more than 300 enrollment centers,
along with information about the locations, hours of service,
contact information, etc., will be made available on the TSA
website.
---------------------------------------------------------------------------
TSA generally uses a contractor to provide enrollment services and,
throughout this document, we refer to ``TSA'' to include TSA's
contractor engaged in enrollment activities. Through the contracting
process, TSA can provide cost-effective services to a large number of
individuals at all sorts of locations. A TSA contractor under this
proposed rulemaking would perform functions similar to the functions
performed by a ``TSA Agent'' under current 49 CFR part 1572, subparts E
and F, for the current HME and TWIC programs. TSA conducts a
comprehensive Level 3 STA on these agents before they may work at a TSA
enrollment center.
The proposed rule offers optional enrollment processes through the
TSA contractor separate from the alternative in which enrollment is
completely performed by the regulated party. To maximize the benefits
of TSA-run enrollment services and minimize employee time away from
work to enroll, TSA's enrollment provider may establish ``mobile
enrollment'' sites at particular workplaces where a large volume of
individuals need to apply for an STA. Also, the enrollment provider may
enter into agreements with a private employer to share some enrollment
duties at the workplace, and
[[Page 33483]]
whether the provider would charge a fee for this service.
As discussed in greater detail above in section II.B.5., TSA
considered the alternative of requiring or permitting owner/operators
subject to this NPRM to act as enrollment providers, providing their
own trained and vetted ``trusted agents'' to collect information and
fees from STA applicants, verify their identity, and send all
information through secure pathways to TSA. Under this alternative, the
employers would be required to ensure that the trusted agents adhere to
minimum enrollment standards for verifying identity, protecting privacy
information, accurately collecting biometric and biographic
information, and processing TSA's fees correctly. This alternative
would eliminate the need for employees to travel to an enrollment site
outside the workplace. However, owner/operators would also bear the
significant costs required to establish and maintain secure systems and
the staff to conduct enrollment.
TSA invites public comment on the use of TSA enrollment services,
and the alternative to permit owner/operators to conduct enrollment for
this population.
2. Proposed Sec. 1530.101. Paragraph (a) would provide a road map
to the section. Paragraph (b) would list the biographic information and
copies of documents that each STA applicant must provide. Paragraphs
(b)(1)-(9) would require standard items of biographic information, such
as name, address, gender, date of birth, and country of citizenship,
which are necessary to identify the individual conclusively and to
accomplish the vetting process.
Paragraph (b)(10) would require the individual's employer
information, including address, telephone number, and facsimile number
(if available), which are important if TSA needs to take follow-up
action regarding the individual. For example, if an individual
``passes'' initial vetting as a security-sensitive employee, but is
subsequently disqualified, TSA would have to contact the relevant
owner/operator to communicate that the individual is no longer
authorized to work as a security-sensitive employee.
Paragraph (b)(11) is related to the immigration check explained in
the discussion of the standards in subpart F of part 1530. The purpose
of this proposed requirement is to obtain documentary evidence to
improve the reliability of the immigration check. Under paragraph
(b)(11), each individual would be required at the time of the STA
application, to present documentation in a form and manner specified by
TSA, to verify the immigration category they maintain. For individuals
claiming to be U.S. citizens or U.S. nationals by birth, examples of
such documentation would include a passport book or passport card; a
certified copy of a birth certificate from one of the 50 States, the
District of Columbia, American Samoa, Swain's Island, Puerto Rico, U.S.
Virgin Islands, Northern Mariana Islands, or Guam; an American Indian
Tribal Card with photo indicating U.S. citizenship (Form I-872); an
unexpired Native American Tribal Card approved by the Secretary to
denote identity and U.S. citizenship; a U.S. Coast Guard Merchant
Mariner Credential or Document; a U.S. Enhanced Driver's license; and a
Trusted Traveler Program Card (FAST, NEXUS, SENTRI, or Global Entry).
For individuals claiming U.S. citizenship who were born abroad, in
addition to many of the documents listed above, examples would include
a Certificate of Citizenship and Consular Report of Birth Abroad, or a
naturalization certificate. For individuals not claiming U.S.
citizenship, examples would include visas and proof of U.S. lawful
permanent residence status. During the enrollment process, TSA proposes
to scan the documentation presented by the individual into the
electronic enrollment record.
The information requested in proposed paragraphs (c)(1)-(5),
including social security number, passport information, Department of
State Consular Report of Birth Abroad, information about previous STA
applications, and information about the individual's Federal security
clearance, is voluntary. Failure to provide this information would not
prevent TSA from processing the application. However, providing the
information requested in paragraph (c), if available, may speed up the
process for the individual.
In addition to the biographic information and documentation
specified in proposed paragraphs (b) and (c), TSA proposes to require
every individual to sign certain statements as part of the application
process. Paragraph (d) would require each individual to sign a
statement attesting that the information provided in the application is
true, complete, and correct to the best of the individual's knowledge,
and that the individual acknowledges that knowing and willful false
statements or material omissions may result in criminal prosecution and
other consequences.
Paragraph (e) would require all individuals to certify in writing
that they understand that if TSA determines an individual does not meet
the STA standards, TSA may notify the employer, and, in the case of an
imminent threat to an owner/operator, TSA may provide the employer
limited information necessary to reduce risk of injury or damage.
Paragraph (f) would require all individuals to certify that there
is a continuing obligation to report certain events to TSA. Not every
event listed in this proposed section will necessarily apply to every
individual. For example, one of the events that must be reported is a
conviction, or finding of not guilty by reason of insanity, for a
disqualifying criminal offense. This event is relevant only for
security coordinator applicants applying for an STA that includes a
CHRC.
3. Proposed Sec. 1530.103. This section would require individuals
whose STA includes a CHRC to provide fingerprints in a form and manner
prescribed by TSA. TSA must collect and transmit fingerprints
electronically according to procedures and standards the FBI requires
of all agencies that submit fingerprints for a CHRC.
In addition to using the fingerprints to obtain criminal history
information from the FBI, TSA will use the fingerprints to conduct
biometric vetting through IDENT. IDENT is the DHS repository for all
biometrics collected by agencies within DHS, and some external
agencies, such as the Department of Defense. Using IDENT biometric
vetting capabilities enhances TSA's STA process. TSA would receive the
results of these searches and use the information as part of the STA
eligibility decision. We invite comment from all interested parties on
the use of IDENT for TSA vetting purposes.
4. Proposed Sec. 1530.105. This section proposes that each
individual applying for an STA must pay the fee associated with the STA
at the time of application. TSA is statutorily required to fund all
vetting and credentialing services through user fees,\45\ and
consequently, TSA will not process STA applications until the fees are
paid. TSA begins incurring costs as soon as it begins processing the
application. Also, TSA cannot refund fees, even if the individual
decides at a later date to withdraw the application, because TSA has
already expended resources that must be covered through fees.
---------------------------------------------------------------------------
\45\ See 6 U.S.C. 469.
---------------------------------------------------------------------------
5. Proposed Sec. 1530.107. Each individual who applies for an STA
has continuing responsibilities for the life of the STA. Paragraph (a)
would establish the requirement to report certain events to TSA within
24 hours of occurrence.
[[Page 33484]]
Each of the events that must be reported relate directly to whether the
individual is still eligible to serve as a security-sensitive employee
or security coordinator.
Paragraph (a)(1) involves individuals whose STA includes a CHRC (in
this rulemaking, security coordinators), both those who have applied
for an STA, and those who have already successfully completed an STA
that included a CHRC. These individuals would be required to report an
occurrence, indictment, conviction, or finding of not guilty by reason
of insanity of disqualifying crimes within 24 hours. The list of
disqualifying crimes is in proposed Sec. 1530.503, and is explained
below. The 24-hour reporting requirement would also apply to
individuals who are adjudicated as lacking mental capacity, or
committed to a mental health facility.
Paragraph (a)(2) would apply to all individuals whose STA includes
an immigration check, which are security coordinators and security-
sensitive employees in this rulemaking. These individuals would be
required to report any change in immigration category that results in
no longer meeting the immigration standards.
Paragraph (b) would require all individuals who have successfully
completed an STA to notify TSA if certain contact information changes.
Specifically, each individual would be required to notify TSA of any
legal name changes (proposed Sec. 1530.101(b)(1)), address changes
(proposed Sec. 1530.101(b)(2)), or daytime telephone number changes
(proposed Sec. 1530.101(b)(9)). TSA needs reliable contact information
in order to administer the STA after the DOE is issued. For example,
TSA may have to contact an individual to provide a notice of
ineligibility and redress procedures, if TSA discovers potentially
adverse information about an individual. This notification requirement
would continue until the DOE expires.
6. Proposed Sec. 1530.109. This section proposes the procedures
TSA would use to verify the individual's identity. Paragraph (a) would
provide that TSA must be able to verify each individual's identity at
the time of enrollment. This element is critical to attain a high a
degree of certainty that the individual is who he or she claims to be.
Paragraph (b) would require the individual to present two forms of
identification, at least one of which must be a government-issued photo
identification. Government-issued photo identification is relatively
reliable and is not burdensome or costly for individuals to obtain. TSA
uses fraud detection software as part of the enrollment process at some
locations and continues to explore expanding and improving the use of
technology to aid the identification verification process. As of the
writing of this NPRM, some biometric technologies other than
fingerprints, including facial recognition and iris scans, are being
used by governmental entities to produce identity documents. However,
this practice is not yet widespread or reliable enough to ensure
identity verification in this rulemaking. As a result, TSA believes
that requiring government-issued photo identification is the most
practical balance between trustworthiness and burden to ensure accurate
identify verification at this time. To the extent new technologies
become more widespread and trustworthy, TSA will consider alternative
means of providing identity verification. Paragraph (c) would require
examination of the documents presented by the individual to determine
whether they appear to be genuine, unexpired, and relate to the
individual presenting them.
D. Subpart C Is Reserved
E. Proposed Subpart D--Fees
1. Introduction. The fee structure proposed in this rulemaking is
designed to cover TSA's anticipated costs of conducting and
administering STA services over the 5-year duration of each STA. TSA
calculated the proposed fees based on estimates for the cost of each
respective service and the expected populations that will receive
benefit from the services.
2. Costs. TSA incurs costs during all phases of the vetting
process. During the initial phase of vetting, resources are required to
establish and operate physical locations for individuals to complete
certain parts of the application process. As noted previously, TSA uses
contractors to find, lease, and operate these enrollment centers. The
resources needed to establish, equip, and staff such locations
throughout the country have been grouped together and labeled
``Processing.''
Similarly, some interactions with TSA to perform a vetting function
may be accomplished entirely by using an online platform, and resources
are required to establish and operate such a platform for individuals
to complete certain aspects of the vetting process. Additionally, TSA
assumes that some online interactions would result in customer service
expenses that would also be covered by this fee. The resources to
design, establish, maintain, and staff such a platform and offer
customer service are grouped together and labeled ``Reduced
Processing.''
Once individual information is captured and records are
established, TSA incurs costs to administer the information through the
various databases that comprise the STA. As explained in the discussion
of proposed Sec. 1530.5, TSA performs different levels of STAs. The
three levels of STAs vary depending on the specific checks included in
the STA, such as terrorism/other analyses, immigration, or criminal
history. Thus, the cost to conduct the STA depends on the resources TSA
needs to complete the STA services. TSA proposes to segment the costs
according to how individuals interact with TSA and the consumption of
services to complete the STA. Thus, the Processing Fee or Reduced
Processing Fee would be imposed when an individual uses processing
services, the criminal check fee would be imposed for each individual
required to complete a CHRC, and so on. Each individual would pay fees
only for the services TSA provides for his or her STA.
To complete the terrorism/other analyses check, TSA incurs costs to
construct, maintain, and operate the information technology (IT)
platform that enables comparing the applicant's biographic information
to multiple terrorism and law enforcement databases, and other
information sources. TSA incurs additional expenses to evaluate the
information received from these sources, make decisions as to whether
an individual poses or may pose a threat, engage in redress with the
individual when necessary, and communicate with other entities, such as
the individual's employer or governmental agencies. TSA must also
recover the cost of staffing this service through fees. TSA has labeled
this grouping of costs ``terrorism/other analyses'' fees.
TSA incurs costs similar to those discussed above for completion of
immigration checks and CHRCs. Those fees are segmented respectively and
labeled accordingly.
With respect to the CHRC fee, TSA must collect the fees the FBI
charges to process the initial criminal check and the Rap Back
recurrent criminal history service, in addition to TSA's costs to
adjudicate the results of the initial criminal check and any subsequent
Rap Back notifications, and provide redress.
TSA's cost-estimating methodology includes both an analysis of
actual costs TSA has incurred for existing STAs and an analysis of
future investments that are necessary to develop, operate, and maintain
a robust STA platform. In
[[Page 33485]]
some instances, TSA has been able to develop a unit cost for a
particular STA-related service. In other instances, TSA developed a
resource investment estimate that is equitably shared by all
individuals who benefit from the investment. TSA has consulted with
programmatic and industry experts, and acquired data from internal
sources, other governmental agencies, and publicly available sources.
Table 5 below is a summary of costs that TSA estimates it will incur
over the first 5-year period of this effort.\46\ Additional details
regarding the cost estimates used to determine the service fees can be
found in the Fee Report in the rulemaking docket.
---------------------------------------------------------------------------
\46\ The costs in this table reflect the total population of
STAs in this proposed rule using services for processing and checks
equivalent to Levels 2 and 3, for security sensitive employees and
security coordinators, respectively. TSA does not have data on the
newly regulated industries to estimate the number of covered
individuals who may have a comparable STA and could pay the reduced
processing fee, but acknowledges that costs could be less those
reported in this table.
Table 5--Estimated TSA Service Costs Over First Five-Year Period
[$ Thousands]
----------------------------------------------------------------------------------------------------------------
TSA estimated costs
Service ------------------------------------------------------------ Total
Year 1 Year 2 Year 3 Year 4 Year 5
a b c d e f =
[Sigma]a,b,c,d,
e
----------------------------------------------------------------------------------------------------------------
Processing......................... $16,700 $1,422 $1,423 $1,423 $1,424 $22,393
Terrorism/Other Analyses........... 2,429 207 207 207 207 3,257
Immigration........................ 911 78 78 78 78 1,221
Criminal History................... 43 4 4 4 4 59
----------------------------------------------------------------------------
Total.......................... 20,084 1,710 1,711 1,712 1,713 26,930
----------------------------------------------------------------------------------------------------------------
Note: Calculations may not be exact in the table due to rounding.
3. Populations. TSA has consulted with programmatic and industry
experts, and acquired data from internal sources, other governmental
agencies, and public sources to analyze the number of transportation
workers who would be covered under this rulemaking. Table 6 below is a
summary of populations that TSA estimates it would impact over the
first 5-year period of this effort. Additional details regarding the
population estimates used to determine fees can be found in the Fee
Report and the Preliminary Regulatory Impact Analysis in the rulemaking
docket.
Table 6--Number of Employees Affected by the Proposed Rule Over First Five-Year Period by Industry
[Thousands]
----------------------------------------------------------------------------------------------------------------
Number of employees affected by year
Industry ------------------------------------------------------------ Total
Year 1 Year 2 Year 3 Year 4 Year 5
a b c d e f =
[Sigma]a,b,c,d,
e
----------------------------------------------------------------------------------------------------------------
Freight Rail Total................. 123.13 4.93 4.88 4.83 4.77 142.55
Security-Sensitive Employees... 122.24 4.89 4.84 4.78 4.73 141.47
Security Coordinators.......... 0.90 0.04 0.04 0.04 0.04 1.07
PTPR Total......................... 179.57 20.82 20.89 20.95 21.01 263.24
Security-Sensitive Employees... 179.34 20.79 20.86 20.92 20.98 262.88
Security Coordinators.......... 0.23 0.03 0.03 0.03 0.03 0.36
OTRB Total......................... 0.44 0.06 0.06 0.06 0.06 0.69
----------------------------------------------------------------------------
Total...................... 303.14 25.82 25.83 25.84 25.85 406.47
----------------------------------------------------------------------------------------------------------------
Calculations may not be exact in the table due to rounding.
4. Fees. To comply with 6 U.S.C. 469, which requires TSA to fund
vetting and credentialing programs through user fees, TSA proposes to
establish user fees for individuals who receive STA services under this
proposed rule. TSA determined the proposed fees in accordance with
Office of Management and Budget (OMB) Circular No. A-25. The proposed
fees are set to recover a share of the service costs from all
individuals that use a particular service, and a description of the
processes that went into estimating the proposed fees is available in
the Fee Report in the rulemaking docket. TSA may increase or decrease
the fees described in this regulation for changes in cost due to, for
instance, new efficiencies, inflation, changes in contractual services,
changes in populations, or other factors following publication of the
final rule. TSA will publish a notice in the Federal Register notifying
the public of any fee changes.
[[Page 33486]]
Table 7--Fees by Type of Service
----------------------------------------------------------------------------------------------------------------
Service fee Low Primary High
----------------------------------------------------------------------------------------------------------------
Processing Fee.................................................. $44.00 $55.00 $66.00
Reduced Processing Fee.......................................... 24.00 30.00 36.00
Terrorism/Other Analyses Fee.................................... 6.00 8.00 10.00
Immigration Fee................................................. 2.00 3.00 4.00
CHRC/Initial Fee................................................ 17.00 21.00 25.00
CHRC/Renewal Fee................................................ 8.00 10.00 12.00
----------------------------------------------------------------------------------------------------------------
The following table presents combinations of services that coincide
with STA levels in the proposed rule.
Table 8--Fees by STA Level With In-Person Enrollment
----------------------------------------------------------------------------------------------------------------
STA level Low Primary High
----------------------------------------------------------------------------------------------------------------
Level 1 (Processing, Terrorism/Other Analyses).................. $50.00 $63.00 $76.00
Level 2 (Processing, Terrorism/Other Analyses, Immigration)..... 52.00 66.00 80.00
Level 3 (Processing, Terrorism/Other Analyses, Immigration, 69.00 87.00 105.00
Initial CHRC)..................................................
----------------------------------------------------------------------------------------------------------------
Table 9--Fees by STA Level With Online Renewal
----------------------------------------------------------------------------------------------------------------
STA level Low Primary High
----------------------------------------------------------------------------------------------------------------
Level 1 (Reduced Processing, Terrorism/Other Analyses).......... $30.00 $38.00 $46.00
Level 2 (Reduced Processing, Terrorism/Other Analyses, 32.00 41.00 50.00
Immigration....................................................
Level 3 (Reduced Processing, Terrorism/Other Analyses, 40.00 51.00 62.00
Immigration, CHRC/Renewal).....................................
----------------------------------------------------------------------------------------------------------------
Table 10--Fees by STA Level With In-Person Renewal
----------------------------------------------------------------------------------------------------------------
STA level Low Primary High
----------------------------------------------------------------------------------------------------------------
Level 1 (Processing, Terrorism/Other Analyses).................. $50.00 $63.00 $76.00
Level 2 (Processing, Terrorism/Other Analyses, Immigration)..... 52.00 66.00 80.00
Level 3 (Reduced Processing, Terrorism/Other Analyses, 60.00 76.00 92.00
Immigration, CHRC/Renewal).....................................
----------------------------------------------------------------------------------------------------------------
5. Proposed Sec. 1530.301. Paragraph (a) would explain that TSA
calculates the fees using widely accepted accounting principles and
practices, in accordance with the provisions of 31 U.S.C. 9701, which
direct agencies to make their services self-sustaining to the extent
possible, and in accordance with other applicable laws. Generally, TSA
totals all costs associated with the vetting program over the life of
the STAs (5 years), divides the total by the number of individuals
vetted, and sets aside a small portion of the funds collected to cover
emergencies, such as necessary system changes, natural disasters such
as pandemics, or other unforeseen events. At least every 2 years, TSA
would review the costs of conducting the STAs and the associated fees
collected, using the same method of analysis, to ensure that fees
recover, but do not exceed, the full cost of services. TSA prepared a
Fee Report for this proposed rule, which discusses the methodology and
factors TSA used to arrive at the proposed fees, and placed the Report
in the rulemaking docket. TSA would revise the fees, if necessary,
following this evaluation, by publishing a notice in the Federal
Register.
Paragraph (b) explains the procedures that TSA would use to make
inflation adjustments to the fees, as necessary.
6. Proposed Sec. 1530.303. This proposed section describes each
STA service for which TSA charges a fee, service-by-service, computed
as explained above. TSA provides an estimate of the fees based on
information concerning population numbers and the costs of the
services. TSA will be able to finalize these fees after receiving
information concerning the number of employees subject to proposed
vetting requirements from affected entities as part of this rulemaking
process, and an accounting of internal costs at the time the proposed
rule would become final. TSA will publish the final fee amounts through
a notice in the Federal Register.
Paragraph (b) proposes the fees that would cover TSA's processing
costs. Paragraph (b)(1) proposes that the Processing Fee would cover
the costs associated with an applicant's interaction with TSA, such as
enrollment center operations, collecting applicant information,
verifying applicant identity, processing the vetting information, and
program management. TSA estimates the processing fee to be $43 to $65,
and proposes to codify that range in the rule. Paragraph (b)(2)
proposes the Reduced Processing Fee that would apply when an
individual's interaction with TSA can be completed entirely online and
does not involve services at an enrollment center. TSA estimates the
Reduced Processing Fee to be $24 to $36.
Paragraph (c) describes the fee to cover TSA's costs of conducting
the terrorism/other analyses check, the substance of which is explained
in the discussion of proposed Sec. 1530.507. This service includes the
costs of querying the relevant data sources, adjudicating the
information TSA receives from the queries, and processing appeal
requests. TSA estimates the Terrorism/other analyses Check Fee to be
$6.00 to
[[Page 33487]]
$10.00, and proposes to codify that range in the rulemaking.
Paragraph (d) describes the fee to cover TSA's costs of conducting
the Immigration check in the United States. This service includes the
costs of querying the relevant data sources, adjudicating the
information TSA receives from the queries, and processing appeal
requests. TSA estimates the Immigration Check Fee to be $2.00 to $4.00,
and proposes to codify that range in the rulemaking.
Paragraph (e) proposes the fee to cover the costs of conducting the
CHRC. This service includes the cost of collecting fingerprints
electronically; transmitting them to the FBI; adjudicating any rap
sheets associated with the fingerprints to determine whether the
individual has a disqualifying conviction, arrest, or indictment in
accordance with section 1530.503; adjudicating new criminal information
that the FBI's Rap Back service provides; and conducting an appeal or
waiver, where applicable. TSA estimates the CHRC fee for the initial
CHRC, which occurs in-person at a TSA enrollment center to be $17.00 to
$25.00, which is proposed in paragraph (e)(1) of this section. Given
the benefits of the Rap Back system, applicants would not be required
to provide new fingerprints for a new CHRC when renewing the STA. The
individual's fingerprints would be enrolled in Rap Back and thus, any
criminal history associated with those prints would be transmitted to
TSA. Therefore, the renewal of an STA would not require in-person
enrollment at an enrollment center to provide fingerprints, and
consequently, the fees for a renewal CHRC are lower than for the
initial CHRC. In paragraph (e)(2), TSA proposes the renewal CHRC fee of
$8.00 to $12.00. TSA proposes to codify these ranges in the rulemaking.
TSA will continue to work to minimize all costs and would finalize
fee amounts in conjunction with publication of the final rule.
Following publication of the final rule, TSA may, by notice in the
Federal Register, increase or decrease the fees to reflect changes in
costs. The total TSA fee for any given STA would be the sum of the fees
for each service that comprises that level of STA. These total fees,
broken out by level of STA, are explained in proposed Sec. 1530.305
discussed below.
7. Proposed Sec. 1530.305. This section would set out the fees TSA
must charge for each STA proposed in this rulemaking, organized by
level of STA, with paragraphs (a)-(c) corresponding to STA Levels 1-3,
respectively. Each paragraph lists the fees associated with the
relevant STA.
8. Proposed Sec. 1530.307. This section on fee comparability
explains how TSA computes fees when TSA is able to rely on an earlier
STA to complete a new STA. This concept of comparability is explained
more completely in the discussion of proposed Sec. 1530.509, below. If
TSA can rely on an earlier check, rather than conducting a new check,
paragraph (b) provides that we would only charge the fee for the
services that we must provide for the current STA. This results in a
lower fee for the applicant and lower costs for TSA. Table 10 below
provides examples of how using a comparable STA affects fees.
Table 11--How a Comparable STA Affects Fees
----------------------------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------------------
If I have a . . . And I need a . . . I will not have to I may . . . I must . . .
repeat . . .
----------------------------------------------------------------------------------------------------------------
TWIC (Level 3).................. Level 2 for Terrorism/other Enroll online..... Pay Reduced
Security- analyses or Processing Fee.
Sensitive Immigration.
position.
----------------------------------------------------------------------------------------------------------------
If I have a . . . And I need a . . . I will not have to I must . . . I must . . .
repeat . . .
----------------------------------------------------------------------------------------------------------------
Level 2 (security-sensitive Level 3 for Terrorism/other Visit Enrollment Pay Processing and
position). Security analyses or Center to provide CHRC Fees.
Coordinator Immigration. fingerprints and
position. complete CHRC.
----------------------------------------------------------------------------------------------------------------
9. Proposed Sec. 1530.309. This section proposes that fees must be
paid through a method approved by TSA. Currently, TSA accepts STA fees
through a third-party vendor or through the <a href="http://www.pay.gov">www.pay.gov</a> website during
processing, and we may continue to use that process. TSA is exploring
other methods of payment that may be equally cost-effective and
resistant to fraud. Paragraph (b) would make it clear that TSA cannot
act on an STA until the required fees have been recognized by TSA.
Paragraph (c) provides that TSA would not issue refunds. TSA will not
begin processing an STA until the individual pays the fee. Once TSA
begins the STA, TSA incurs costs that must be recovered through fees.
F. Proposed Subpart E--Adjudication Procedures
1. Introduction. Once TSA collects biographic information,
biometrics (where needed for a CHRC), and fees from an individual, TSA
transmits the information to the various databases associated with the
checks. TSA then evaluates the information that is returned from the
databases to determine if it contains data that is disqualifying
according to the standards that apply. TSA then makes an initial
determination on eligibility and notifies the individual. This process
is called adjudication.
2. Proposed Sec. 1530.401. This proposed section sets out
procedures for conducting CHRCs, which in this rulemaking apply to
security coordinators. Paragraphs (a) and (b) explain that TSA would
transmit the fingerprints collected during enrollment to the FBI, and
receive and adjudicate the results of the check.
3. Proposed Sec. 1530.403. This section explains the procedures
for conducting the terrorism/other analyses check, which in this
rulemaking would apply to security coordinators and security-sensitive
employees. TSA would check certain domestic and international databases
that include information on terrorists, individuals with ties to
terrorism or international criminal networks, fugitives from justice,
and databases that assist in confirming an individual's identity. In
paragraph (a) TSA proposes the procedures that TSA would use to conduct
a terrorism/other analyses check.
Paragraph (b) provides notice that TSA may send the individual's
information to the appropriate law enforcement or immigration agency if
the terrorism/other analyses check
[[Page 33488]]
reveals that the individual has an outstanding want or warrant, or is
subject to a removal order. Under these circumstances, TSA would share
the individual's information with the agency that posted the want,
warrant, or removal order to ensure that the issue can be resolved
lawfully.
4. Proposed Sec. 1530.405. This section proposes the procedure TSA
would use to conduct the immigration check. This check would verify
that the individual is in one of the following categories: a U.S.
citizen, U.S. National, lawful permanent resident, refugee, asylee,
lawful nonimmigrant, granted parole, or is otherwise authorized to work
in the U.S. TSA proposes to use relevant Federal databases, primarily
the SAVE program administered by USCIS to verify that an individual's
alien registration number, I-94 Arrival-Departure Form number, or other
pertinent document number is valid and associated with the individual.
5. Sections 1530.407, 1530.409, and 1530.411. These sections would
be reserved.
6. Proposed Sec. 1530.413. This section applies to all individuals
who must undergo an STA and proposes that TSA issue a DOE if TSA
determines that an individual meets the STA standards. TSA would notify
the individual of the DOE and would make that information available to
the owner/operator. TSA may notify the individual via letter in the
U.S. postal service, an email, or another method yet to be determined.
TSA intends to create a web portal that owner/operators would access to
determine whether a particular worker has passed the appropriate STA
for the position in which he or she works. TSA invites comment on this
proposal from all interested parties, as to preferences for
notifications. In current vetting programs, TSA asks individuals how
they wish to be notified of the final STA determination, and then uses
that method, if possible. Workers who are relatively stationary often
prefer a letter, and those who are mobile may prefer email or other
electronic notification.
7. Proposed Sec. 1530.415. This section describes the procedures
that would apply when an individual may not meet, or may no longer
meet, the STA standards set out in proposed Sec. 1530.501. When this
occurs, TSA would notify the individual or holder of the STA of the
factors that may be disqualifying by issuing a Preliminary
Determination of Ineligibility (PDI) to the individual.\47\
---------------------------------------------------------------------------
\47\ In existing vetting regulations, TSA uses the term
``Initial Determination of Threat Assessment.'' See 49 CFR
1572.15(d). However, TSA believes ``preliminary'' better describes
this step. TSA also proposes to use the word ``ineligibility''
rather than the term ``threat assessment'' to more clearly identify
the type of determination TSA is making. The STA is used to
determine whether an employee is eligible or ineligible for certain
roles or functions and thus, we propose to use that terminology.
---------------------------------------------------------------------------
As set forth in paragraph (b), TSA would also state the basis for
the determination in the PDI.
Under paragraphs (c)(1) and (2), the PDI would include information
about how the individual may appeal or, if applicable, request a waiver
of ineligibility, including the time deadlines associated with these
requests. TSA proposes that the individual must appeal the PDI, request
a waiver of the PDI, or request an extension of time, generally within
60 days of service of the PDI. TSA may consider requests for extensions
of time beyond 60 days for good cause. If the individual does not
appeal, the PDI would automatically convert to a FDI. TSA uses these
timelines in other vetting programs, and believes they provide
sufficient time for an individual to seek redress.
Paragraph (d), ``Determination of Arrest Status,'' would apply when
the results of the CHRC show an arrest for a potentially disqualifying
crime, but no indication of whether the arrest resulted in a
conviction, dismissal, or acquittal. In such cases, TSA would notify
the individual of the arrest without disposition, and provide
instructions on how to clear the disposition under paragraph (d)(2).
Under this paragraph, the burden would be on the individual to provide
written proof to TSA that the arrest did not result in a conviction for
a disqualifying criminal offense. Such written proof may include a
record of conviction for a misdemeanor that is not disqualifying, or a
dismissal of the charges from the prosecution. Individuals who do not
provide the evidence that the arrest did not result in a conviction
within 60 days of service of the PDI, or request an extension of time,
would be disqualified.
In paragraph (e), TSA proposes to permit an individual to take
certain corrective action if the CHRC discloses an arrest for a
disqualifying crime. Specifically, the individual may contact the local
jurisdiction responsible for the criminal information and the FBI to
complete or correct the information. Paragraph (d) would also establish
a 60-day timeframe in which TSA must receive a certified true copy of
the revised record.
8. Proposed Sec. 1530.417. This section would apply if TSA
determines that an individual who initially passed the STA may no
longer meet the STA standards, may pose an imminent threat, and
immediate revocation of the associated credential, access, or
authorization is warranted. In these cases, TSA would issue a PDIIR.
This scenario would arise where new information creates significant
security concerns about the individual's continued eligibility and
suggests the access should be revoked until a final determination is
possible. If TSA determines that the information is not disqualifying,
TSA would reinstate the DOE.
Under paragraph (a), TSA proposes to issue the PDIIR to the
individual and, as applicable, the owner/operator, facility, or
employer. Paragraph (b) would provide that a PDIIR would otherwise be
processed in accordance with proposed Sec. 1530.415, which addresses
PDIs.
Paragraph (c) would apply when TSA does not issue a FDI (see
proposed Sec. 1530.419 below) after having issued a PDIIR. In such
cases, the individual's access, privileges, and/or credentials would be
reinstated, at no cost to the individual. TSA would also notify the
individual, and if applicable, the employer, of the reinstatement.
9. Proposed Sec. 1530.419. In paragraph (a) TSA proposes that if
an individual does not appeal or a request a waiver of a PDI or PDIIR,
the preliminary finding automatically converts to an FDI and the
individual's eligibility is revoked.
Paragraph (b) would apply when an individual appeals or requests a
waiver of a PDI or PDIIR, and TSA denies the appeal or waiver request.
In these cases, TSA would serve the FDI on the individual, and the
employer where applicable.
G. Proposed Subpart F--Standards
1. Introduction. Subpart F proposes the standards that TSA would
use to make decisions about eligibility based on the information
obtained from the checks that comprise an STA.
2. Proposed Sec. 1530.501. This section would set out the
standards that an individual must meet to successfully complete an STA
and receive a DOE. Each of the standards in paragraph (a)(1)-(4) is
related to the checks that may be included in an STA. Not every
standard will apply in every adjudication because not every check is
included in every STA. For example, in adjudicating the results of a
Level 2 STA for a security-sensitive employee, which does not include a
CHRC, the standard in paragraph (a)(4), which applies to the results of
CHRCs, would not apply.
Under paragraph (a)(1), TSA would not issue a DOE unless the
individual's identity could be verified. See the discussion of proposed
Sec. 1530.109
[[Page 33489]]
regarding identity verification procedures.
Paragraph (a)(2) pertains to the terrorism/other analyses check.
TSA would review the information returned from the data sources queried
as part of this check, which are described in proposed Sec. 1530.507,
to determine whether the individual is eligible. If TSA determines that
information indicates the individual poses or may pose a threat to
transportation or national security, or of terrorism, TSA would deem
the individual ineligible to serve in a security-sensitive position.
Paragraph (a)(3) would apply to individuals whose STAs include a
check for immigration in the United States. If the individual is not in
a permissible immigration category, TSA would not issue a DOE. The
substantive requirements of the immigration check are explained in the
discussion of proposed Sec. 1530.505, below.
Paragraph (a)(4) would apply to the individuals whose STA includes
a CHRC (Level 3 STA). Under this paragraph, an individual would be
disqualified if he or she has a disqualifying criminal offense or lacks
mental capacity, as described in proposed Sec. 1530.503.
Based on TSA's vetting experience, the issue of mental incapacity
comes to light in the course of the criminal check, such as when an
individual is found not guilty by reason of insanity. TSA does not have
access to health records of STA applicants, and therefore, the primary
way TSA becomes aware of an individual's mental capacity is through the
criminal check. For this reason, we propose to place the mental
capacity standard in the same paragraph as the criminal standards.
Paragraph (b) explains that individuals may reapply for an STA if
the condition that originally made them ineligible no longer exists.
3. Proposed Sec. 1530.503. Paragraph (a) proposes the criminal
look-back periods, crimes, and other factors that would be
disqualifying for an individual required to complete a Level 3 STA. An
individual who has a conviction, or finding of not guilty by reason of
insanity, for one or more of these crimes would not be eligible if a
Level 3 STA is required. TSA proposes to use the disqualifying crimes
and lookback period that currently apply to the HME and TWIC programs
\48\ for the surface employees subject to this NPRM for two reasons.
First, this population is part of surface transportation, like the HME
drivers, and the security threats are similar for all surface modes,
and differ from aviation. Second, the list of crimes and lookback
period that apply to HME and TWIC workers constitute Congress' most
recent expression as to the appropriate disqualifying criteria for
transportation programs. Congress adopted these criminal standards in
2007,\49\ whereas the standards for aviation were adopted prior to 9/11
when the security climate was quite different.
---------------------------------------------------------------------------
\48\ See 49 CFR 1572.103.
\49\ See Section 1309 of the Implementing Recommendations of the
9/11 Commission Act of 2007, Public Law 110-53 (121 Stat. 397-400;
August 3, 2007).
---------------------------------------------------------------------------
Paragraph (a)(1) lists serious crimes that would be deemed
permanently disqualifying. Paragraph (a)(2) lists proposed look-back
periods that would apply to interim disqualifying offenses. The
proposed interim crimes would be disqualifying if the conviction, or
finding of not guilty by reason of insanity, is within 7 years of the
date of the application; or if the individual was incarcerated for that
crime and released from incarceration within 5 years of the date of the
application.
Paragraph (a)(3) lists the interim disqualifying criminal offenses
we propose to use for security coordinators in this rulemaking. This
list of crimes is identical to the list of interim offenses codified in
section 1572.103 for the TWIC and HME programs, except that it also
lists manslaughter as an interim disqualifying offense. TSA has treated
manslaughter as a disqualifying offense in the TWIC and HME programs as
a lesser included offense of murder, but it has not been listed in
section 1572.103.
Paragraph (b) would be reserved.
Paragraph (c) would be based on 49 CFR 1572.103(c), which provides
that an individual who is under want, warrant, or indictment in any
civilian or military jurisdiction for a disqualifying crime, is
disqualified until the want or warrant is released, or the indictment
is dismissed. TSA proposes to revise this provision by adding the
issuance of a criminal complaint to the grounds for disqualification
pending release or dismissal. The sole purpose of the proposed revision
is to account for cases in which the jurisdiction begins a criminal
proceeding with a complaint rather than an indictment. Under the
Federal Rules of Criminal Procedure, a complaint is a written statement
of the essential facts constituting the offense that is charged, and is
under oath before a magistrate judge or, if none is reasonably
available, before a state or local judicial officer.\50\ In other
vetting programs, TSA has found cases in which the jurisdiction
initiates a criminal action through a complaint, rather than a want or
indictment, and proposes to make it clear that this would also be
disqualifying under this proposed rule.
---------------------------------------------------------------------------
\50\ See Rule 3, Federal Rules of Criminal Procedure, as amended
December 1, 2019.
---------------------------------------------------------------------------
Paragraph (d) of this section proposes that an individual who has
been declared mentally incompetent or involuntarily committed to mental
health facility would be disqualified. This is the same standard that
currently applies to TWIC and HME applicants, but TSA proposes to move
it into the criminal standards in this NPRM, because TSA becomes aware
of mental incapacity through the criminal check.
4. Proposed Sec. 1530.505. As explained above, applicants for a
Level 2 or Level 3 STA must be a U.S. citizen, U.S. national, or non-
citizen who is a lawful permanent resident, a refugee, an asylee, a
lawful nonimmigrant, is paroled into the U.S., or is otherwise
authorized to work in the U.S. Note that individuals with Deferred
Action for Childhood Arrivals are authorized to work in the U.S. and
thus are eligible to apply for a security sensitive or security
coordinator position under this rulemaking. The standard proposed in
this section would require applicants to be in one of these listed,
permissible categories at the time of application. TSA is not proposing
that individuals must belong to a particular category of noncitizen to
successfully complete the STA, because TSA does not assess a particular
level of security risk associated with one immigration category as
compared to another.
Paragraph (b) explains that TSA determines whether an individual is
in a listed, permissible category by checking relevant Federal
databases, primarily the SAVE program administered by the USCIS. Also,
TSA may verify an applicant's social security number, alien
registration number, or I-94 number as part of the vetting process, to
identify any instance of identity fraud.
5. Proposed Sec. 1530.507. In this section, TSA proposes the
standards for the terrorism check and other analyses. TSA would conduct
this portion of the STA recurrently, which means each time a watchlist
or database receives new or updated information, TSA compares the
individual's name to the revised list. TSA would continue to
recurrently vet the individual for the life of the STA, which TSA
proposes to be 5 years in this NPRM. The recurrent vetting process
allows TSA to receive notification if a vetted individual is
subsequently added to a terrorist watchlist. If TSA determines, based
on the information generated during this vetting, that an individual
poses or may
[[Page 33490]]
pose a threat to transportation or national security, or of terrorism,
TSA would deem the individual to be ineligible to work as a security
coordinator or security-sensitive employee.
TSA searches several databases in this portion of the STA,
including the consolidated terrorist database (TSDB), the U.S. Marshals
Service federal wants and warrants, Interpol, the Department of State
lost and stolen passport file, and the U.S. Treasury Office of Foreign
Asset Control database of individuals who are sanctioned due to
terrorism or national security issues.\51\ If TSA matches an
applicant's identity to an identity included in one of these lists, TSA
conducts an investigation to determine whether, under the totality of
the circumstances, an applicant is ineligible.
---------------------------------------------------------------------------
\51\ Note that the complete list of data sources TSA uses in
this portion of the STA is Sensitive Security Information and
subject to protection in accordance with 49 CFR part 1520.
---------------------------------------------------------------------------
Paragraph (b) proposes that TSA may determine an individual is
ineligible if the check reveals extensive foreign or domestic criminal
convictions, a conviction for a serious crime not otherwise covered by
the regulation, or a period of foreign or domestic imprisonment that
exceeds 365 consecutive days. TSA sometimes receives foreign criminal
history records when conducting this check, such as through Interpol,
which are not identified in the CHRC we conduct through the FBI's
database. This paragraph would expressly provide TSA the discretion to
disqualify an individual based on an overall view of the individual's
record, even where some of the criminal history does not involve
disqualifying offenses, but is indicative of an individual who may pose
or poses a threat to national or transportation security, or of
terrorism.
6. Proposed Sec. 1530.509. This section proposes to permit the use
of existing, valid STA results for satisfying requirements for a new
STA. TSA's goal is to be able to rely, in whole or in part, on an STA
that was already conducted on an individual when that individual
subsequently applies for another STA. Relying on comparable STAs
conserves time and resources for TSA and individuals by eliminating
redundant checks.
Paragraph (a) proposes that TSA may deem an earlier check
comparable to a currently needed check based on certain factors listed
in proposed paragraph (d), below, and if three conditions are met.
First, as proposed in paragraph (a)(1), the original check cannot be
expired. Second, as proposed in paragraph (a)(2), the original check
must be part of a DOE that is not expired, revoked, or suspended.
Third, as proposed in paragraph (a)(3), the earlier check must be
adjudicated under standards that are comparable to the standards for
the new STA.
For example, individuals applying for a security coordinator STA
under this NPRM who hold a current TWIC would be able to use the CHRC
conducted for TWIC as a comparable check because both the TWIC CHRC and
the security coordinator CHRC are adjudicated against the same look-
back period and list of disqualifying crimes.
Paragraph (b) proposes that TSA may accept a valid, unexpired STA,
background check, or investigation conducted by TSA or another Federal
governmental agency to satisfy the STA requirement. Unlike proposed
paragraph (a), which addresses the comparability of a given check
(terrorism/other analyses, immigration, or CHRC) from one STA to
another, proposed paragraph (b) addresses whether an entire STA,
background check, or investigation may satisfy a subsequent STA
requirement without the need for further checks. For example, as
explained below, TSA may determine that a Level 3 STA is comparable to
a Level 2 STA (because the former includes all of checks included in
the latter). Thus, TSA may rely on the fact that an individual has
already successfully completed a Level 3 STA to satisfy a subsequent
requirement for a Level 2 STA under a different regulatory program for
the same individual. Proposed paragraph (b) would refer to the factors
in proposed paragraph (d) as the basis for the determination.
Paragraph (c) would impose an important constraint on comparability
based on timing. If TSA relies on a comparable check from an earlier
STA, the duration of the new STA will be backdated to the date of the
earliest check in the STA. This would ensure that no part of the STA is
older than 5 years.
Paragraph (d) sets out the criteria that TSA would use to decide
whether STAs, background checks, or other investigations are comparable
in whole or in part. Paragraph (d)(5) would allow TSA to consider other
factors it deems appropriate when making a comparability determination.
For instance, an agency may ask TSA to consider the use of different
databases that TSA does not use as comparable sources of information.
TSA needs this latitude because of the widely variable factual and
policy circumstances that can surround how a given governmental agency
may conduct the background check or investigation on which TSA may
rely.
Paragraph (e) is reserved.
Paragraph (f) proposes the responsibilities of an individual who
asserts completion of a comparable STA to satisfy a new STA
requirement. Paragraph (f)(3) would require an individual asserting
completion of a comparable STA to complete enrollment and pay the
associated STA fees. A new enrollment is necessary because TSA needs
complete, up-to-date enrollment information to accurately identify the
individual and notify him or her of the outcome of the STA.
Paragraphs (g)-(i) would list certain comparability determinations
that TSA would set forth in the regulatory text. Each more thorough STA
is comparable to the less thorough STAs. For instance, a Level 2 STA is
comparable to a Level 1 STA, and a Level 3 STA is comparable to both a
Level 2 and a Level 1 STA.
TSA has already determined that an STA for the FAST program,
administered by CBP, is comparable to the TWIC and HME STA.\52\ Since
the requirements for the Level 3 STA proposed in this rulemaking are
comparable to the TWIC and HME programs, the STA for a FAST card is
comparable in whole to a Level 3 STA.
---------------------------------------------------------------------------
\52\ See 49 CFR 1572.5(e)(6).
---------------------------------------------------------------------------
In addition to the FAST program, CBP administers the NEXUS,\53\
SENTRI,\54\ and Global Entry \55\ programs. These programs include
thorough criminal history, terrorism, and immigration checks conducted
by CBP, and in the case of Global Entry, also include an interview
conducted by a CBP law enforcement officer. CBP's criminal checks view
all of the disqualifying offenses we propose in this NPRM as
disqualifying in their programs. Similarly, the CBP terrorism and
immigration checks include comparable data sources and standards. For
these reasons, TSA has determined that the STAs for these programs are
comparable to the proposed Level 3 STA. Finally, the TSA
PreCheck[supreg] STA would be comparable to the Level 3 STA in this
proposed rule. For TSA PreCheck[supreg], TSA uses TWIC and HME criminal
offenses and look-back period, and terrorism standards. Also, the
immigration standard for TSA PreCheck[supreg] is more stringent than
the standards for TWIC
[[Page 33491]]
and HME. Consequently, individuals who have successfully passed the TSA
PreCheck[supreg] STA have completed a comparable Level 3 STA.
---------------------------------------------------------------------------
\53\ For information about the NEXUS program, see <a href="https://www.cbp.gov/travel/trusted-traveler-programs/nexus">https://www.cbp.gov/travel/trusted-traveler-programs/nexus</a>.
\54\ For information about the SENTRI program, see <a href="https://www.cbp.gov/travel/trusted-traveler-programs/sentri">https://www.cbp.gov/travel/trusted-traveler-programs/sentri</a>.
\55\ See 8 CFR parts 103 and 235.
---------------------------------------------------------------------------
This proposed section on comparability and proposed Sec. 1530.307
on fee comparability are closely related. As explained in the
discussion of proposed Sec. 1530.307, the fee structure proposed in
this rulemaking is portioned into segments based on the services TSA
provides when conducting STAs. When processing an STA application, if
TSA can rely on a comparable check from an earlier STA, it does not
have to perform that service again, and it will not have to charge the
individual the full fee for that service. This reduces the financial
burden on individuals requiring more than one STA.
H. Proposed Subpart G--Appeal and Waiver Procedures for Security Threat
Assessments
1. Introduction. In subpart G, TSA proposes redress provisions for
individuals adversely affected by the STA requirements in 49 CFR part
1530. These proposed standards are consistent with the redress
provisions codified in 49 CFR part 1515, Appeal and Waiver Procedures
for Security Threat Assessments for Individuals, for individuals who
are required to undergo STAs for the TWIC, HME, and certain air cargo
programs.\56\ Part 1515 will continue to apply according to its terms
(although TSA may revise the part heading in the final rule for this
rulemaking to clarify the scope of part 1515), and subpart G of part
1530 would apply to individuals who work for public transportation,
railroads, and OTRB operators and undergo an STA set forth in this
rulemaking. The standards in part 1515 were previously subject to
notice and comment and have been in place for over 10 years. TSA
believes the redress procedures we propose in subpart G are effective,
efficient, and relatively easy to follow for individuals, including
those who do not wish to hire an attorney for this process. However,
TSA welcomes comments from covered entities that may be impacted by the
proposed rule and the public on ways to improve the vetting process
while still reducing security risk in the respective transportation
modes.
---------------------------------------------------------------------------
\56\ For a full discussion of the development of the provisions
in 49 CFR part 1515, see the HME interim final rule (68 FR 23852,
May 5, 2003), and the TWIC final rule (72 FR 3492, Jan. 25, 2007).
---------------------------------------------------------------------------
Proposed subpart G describes the procedures for: (1) requesting
waivers of the criminal standards; (2) appealing disqualifications
based on the criminal history, immigration, or terrorism/other analyses
checks; (3) ALJ review of TSA's waiver and appeal determinations; and
(4) review of ALJ decisions by the TSA Final Decision Maker.
2. Proposed Sec. 1530.601. TSA proposes the scope and general
requirements for subpart G in this section. Paragraphs (a) and (b)
would establish that individuals who apply for an STA under part 1530
and who are eligible to request an appeal or waiver, fall within the
scope of this part. Paragraph (c) explains that TSA does not disclose
classified information or other information that is protected by law,
or for which disclosure is not warranted. Paragraph (d) explains that
an individual may, but is not required to, hire an attorney to
represent them in an appeal or waiver proceeding, at the individual's
expense. Paragraph (e) explains that the individual may request an
extension of time for submitting appeal or waiver paperwork to TSA.
These requests must be in writing, explain the reason for the
extension, and be served on TSA prior to the deadline that needs to be
extended. TSA generally grants extensions of time in the redress
process when individuals meet these proposed standards.
3. Proposed Sec. 1530.603. Reserved.
4. Exhaustion of Administrative Remedies. Before explaining the
redress procedures an individual would use to appeal a TSA final
decision (which are set forth below), it is important to discuss the
principle of exhausting the administrative remedies TSA provides in
subpart G before seeking review by the courts. The doctrine of
exhaustion of remedies is based on the need to conserve judicial
resources and ensure that factual issues are resolved by the agency
with the expertise and responsibility for administering the program at
issue. The doctrine allows agencies to develop a full factual record,
correct errors, minimize costs, and create a uniform approach to the
issues within its jurisdiction. This process benefits individuals by
resolving disputes more quickly and at lower cost through TSA rather
than the Federal courts. If the individual ultimately seeks review in
the Court of Appeals following TSA's final agency order, the court will
have a full record on which to base its review and the issues will be
narrowed to those that truly require judicial review. In a case where
TSA issued a preliminary denial of a TWIC application and the
individual sought review by a U.S. District Court rather than first
appealing the decision to TSA, the court dismissed his claim stating
that he must first exhaust the administrative remedies in TSA's redress
regulations.\57\ The court stated that it needed a more developed
factual record to effectively evaluate the case. Also, the court held
that TSA should have the opportunity to correct any errors and narrow
the issues, which can be achieved through exhausting administrative
remedies, before initiating judicial review.
---------------------------------------------------------------------------
\57\ See Mohamed Al Seraji v. Gowadia, No. 8:16-cv-01637-JLS-JCG
(C.D. Cal. Apr. 28, 2017).
---------------------------------------------------------------------------
For all of the foregoing reasons, TSA is proposing to require
individuals to exhaust the administrative remedies set forth in subpart
G before seeking judicial review.
Under this proposal, an individual would not seek judicial review
until TSA has issued its ``final agency order.'' Throughout proposed
subpart G, we clearly identify the point at which a TSA decision is a
``final agency order,'' and thus, when an individual may pursue
judicial review. Note that for purposes of the rulemaking, ``final
agency order'' and ``final agency action'' have the same meaning.
5. Proposed Sec. 1530.605. In this section, TSA proposes the
procedures that would apply to appeals to TSA concerning the criminal,
immigration, and mental capacity standards in part 1530.
Paragraph (a)(3) pertains to appeals based on determinations that
an individual lacks mental capacity under proposed Sec. Sec. 1530.501
and 1530.503. It is important to note that TSA does not have access to
health-related databases and information concerning mental health
issues. However, TSA may become aware of mental health issues through
the CHRC, when an individual is found not guilty by reason of insanity
of a disqualifying criminal conviction.
Paragraph (b) of this section proposes the grounds for appeal that
may be raised. Individuals may assert that they do meet the eligibility
standards and (1) TSA's decision was based on factually incorrect
information; or (2) TSA failed to apply the eligibility standards in
accordance with the regulations. For instance, if a criminal rap sheet
reveals a conviction for a disqualifying offense, but fails to include
the fact that the conviction was later overturned, an individual may
use this as the basis for an appeal. Also, if TSA fails to correctly
apply the list of criminal disqualifiers that appear in part 1530, this
failure to adhere to the standards would constitute grounds for an
appeal.
Paragraphs (c)-(h) of this section propose the procedures and
timeframes for initiating an appeal, responding to a PDI or a PDIIR,
correcting inaccurate records, and TSA's issuance of a final
[[Page 33492]]
determination. Under these procedures, an individual must request an
appeal in writing to TSA, and it may be in the form of a request for
the records on which TSA's PDI or PDIIR are based, or as a reply to the
PDI or PDIIR. The individual must initiate the appeal within 60 days of
service of the PDI or PDIIR, or request an extension of time. TSA may
request documents from appellants that are necessary to make a final
determination. If the data on which TSA made its preliminary decision
of ineligibility is incomplete or inaccurate, proposed Sec.
1530.605(f) describes how an individual can correct the information.
Paragraph (g) of this section proposes the procedures TSA would
follow in making a final determination on eligibility and the
individual's appeal. If TSA determines that the PDI/PDIIR is incorrect,
TSA would withdraw the PDI/PDIIR and notify the individual, and the
employer or operator, where applicable. If TSA determines that the
preliminary determination was correct, TSA would serve a FDI on the
individual, and where applicable, the employer or operator.
Paragraph (h) explains that TSA's FDI based on criminal,
immigration, and mental capacity standards would constitute a final
agency order or action under 49 U.S.C. 46110.\58\ This means that upon
receiving the FDI, there are no additional redress procedures within
TSA for an individual to use. At this point, the individual may seek
review in the Court of Appeals or accept TSA's final determination.
These appeals based on criminal, mental capacity, and immigration
involve objective facts and documents, and thus, it would be highly
unlikely for TSA's final decision to be in error and need further
review by an ALJ or the TSA Final Decision Maker.
---------------------------------------------------------------------------
\58\ This section of the code governs judicial review of TSA's
final agency orders, and requires litigants to challenge final
agency orders in the U.S. Court of Appeals for the District of
Columbia Circuit within 60 days of TSA's order.
---------------------------------------------------------------------------
6. Proposed Sec. 1530.607. In this section, TSA sets forth
proposed standards for requesting a waiver due to criminal offense or
mental capacity. Under this proposed rule, TSA would not consider
waiver requests for failure to meet immigration standards or for the
terrorism/other analysis checks. It would be inconsistent with the 9/11
Act, the principles of security vetting, and similar waiver programs to
entertain waiver requests for these issues. There is no reasonable
basis on which TSA would determine that a waiver should be granted to
an individual who does not meet the immigration standards or is deemed
to pose a threat to national or transportation security, or of
terrorism under 1530.507(a). As proposed in paragraph (b), however, TSA
would consider a waiver when an individual (1) who committed a
disqualifying offense, now asserts that he or she is rehabilitated and
no longer poses a security risk; (2) who suffered from mental capacity
issues, asserts that those health issues no longer exist; or (3) was
disqualified for a criminal history under Sec. 1530.507(b).
In paragraph (c), TSA proposes that individuals must complete the
enrollment process, including paying all applicable fees, before he or
she may apply for a waiver. For instance, an individual who knows he
was convicted of a disqualifying offense within the previous 7 years
and wishes to apply for a waiver of that offense, must complete the
enrollment process so that TSA receives the pertinent criminal records
from the FBI that verify the disqualifying issue. The applicant may
submit a request for a waiver, which must be received no earlier than
the date that the individual submitted the application and fee, and no
later than 60 days after final disposition of an appeal undertaken
consistent with Sec. 1530.605 of this subpart. An individual preserves
the right submit a waiver request if he or she requests an extension of
time in accordance with Sec. 1530.601(e) of this part and the request
is granted.
Paragraph (c)(2) describes the factors that TSA would consider when
evaluating a waiver request, including the circumstances of the crime,
restitution the individual has paid, court or other official records
indicating that the individual no longer lacks mental capacity, the
length of the prison term, the time that has elapsed since release from
prison, criminal activity that has occurred following release from
prison, and other factors relevant to the individual's waiver request.
TSA would consider letters of reference from employers, clergy,
probation officers, family members, and others with knowledge of the
individual's character and rehabilitation since the crime occurred.
TSA adjudicators and analysts would evaluate the paperwork
submitted, and communicate with the individual, if necessary, to gain
additional information to ensure that the waiver request package is
complete. TSA has established a Waiver Review Board, which includes
security analysts and senior managers, to meet regularly to consider
each waiver request. Because waiver decisions are somewhat subjective,
TSA established this process to ensure consistency and avoid individual
bias in reviewing waiver requests. The Waiver Review Board makes a
recommendation to grant or deny a waiver to the Assistant
Administrator. The Assistant Administrator reviews the recommendation
and waiver paperwork and makes a final decision to grant or deny the
waiver request.
Paragraph (d) explains that, within 60 days of TSA receiving the
waiver request, TSA would serve a written decision granting or denying
the waiver request on the individual. If TSA denies the waiver, the
individual may appeal the decision to an ALJ. TSA's waiver denial is
not a final agency action under 49 U.S.C. 46110. The individual may
not, therefore, appeal this decision to the court system at this time,
but must first seek review by an ALJ (as described in Sec. 1530.611)
and then if necessary, a TSA Final Decision Maker (as described in
Sec. 1530.613).
7. Proposed Sec. 1530.609. In this section, TSA proposes the
procedures an individual would use to appeal TSA's preliminary
determination that the individual failed the terrorism/other analyses
portion of the STA. Paragraph (b) explains that the only grounds for an
appeal of the terrorism/other analyses PDI is an assertion that the
individual meets the standards for the STA for which he or she is
applying. For instance, an individual could argue that he or she has
been misidentified as another person who poses a security threat. Also,
the individual may assert that even if he or she has been correctly
identified, nonetheless, the person does not pose a security threat.
Paragraph (c) states that the procedures proposed for Sec.
1530.605(c)-(h), described above, also apply to this section.
In paragraph (d)(1) of this section, TSA proposes that 60 days
after service of the individual's appeal, TSA would serve a final
determination on the individual, and where applicable, the individual's
employer. For instance, in this rulemaking, public transportation
operators may not employ an individual in a security-sensitive position
unless the individual successfully completed a Level 2 STA, which
includes the terrorism/other analyses check. If TSA determines that an
individual does not pass the Level 2 STA, TSA would have to notify the
operator of this determination so that the operator does not assign the
individual a security-sensitive position.
As proposed in paragraph (d)(2), if TSA determines that the PDI or
PDIIR was issued in error, TSA would withdraw it by serving
notification on the individual, and where appropriate, the employer.
[[Page 33493]]
Paragraph (e) addresses further review of a case in which TSA
denies the individual's appeal. TSA's denial of the appeal under this
section is not a final agency action under 49 U.S.C. 46110, and,
therefore, the individual may not seek review in the courts at this
juncture. If the individual wishes to seek additional review of TSA's
final determination, he or she would seek review by an ALJ, and those
procedures are set forth in proposed Sec. 1530.611, described below.
If the individual does not seek review by an ALJ within 30 days of
TSA's decision, the decision then becomes final.
8. Proposed Sec. 1530.611. In this section, TSA proposes the
procedures for an individual who wishes to seek review of a TSA
decision by an ALJ. Paragraph (a) describes the two types of appeals
that are eligible for ALJ review. An ALJ may review (1) an appeal of
TSA's decision to deny a waiver as set forth in Sec. 1530.607, and (2)
an appeal of TSA's decision to deny an appeal based on the terrorism/
other analyses check as set forth in Sec. 1530.609.
Paragraph (b) explains how the individual must request ALJ review.
The request must be in writing and served within 30 days of the date
that TSA served the decision that the individual seeks to appeal to the
ALJ. The individual must include the issues that the individual wants
the ALJ to consider, copies of the individual's request for a waiver or
initial appeal with all supporting documents, and copies of TSA's
denial of the waiver request or appeal. Paragraph (b)(5) provides the
address to use for ALJ review requests.
Paragraph (b)(2) explains that a request for ALJ review may not
include material, evidence, or information that was not also presented
to TSA in the original waiver request or appeal. As stated in paragraph
(b)(3), if the individual has new material, evidence, or information
that was not available to TSA, the individual should file a new waiver
request or appeal with TSA, and the ALJ review request would be
dismissed. To preserve ALJ resources and ensure that TSA makes
decisions that fall within its expertise, in keeping with principles of
the exhaustion of administrative remedies, any new information should
be used to begin a new review by TSA, not the ALJ.
Paragraph (b)(4) explains that the individual may request an in-
person hearing before the ALJ. Paragraph (c) addresses extensions of
time during the ALJ review process. Both parties may request extensions
of time in writing, and they should be received by the ALJ within a
reasonable time before the date that must be extended. Paragraph (d)
describes the duties of the ALJ, which are the same procedures that
currently apply to cases that ALJs review in TWIC and HME waiver
denials, and are fairly standard for administrative process. TSA
proposes that the ALJ must have the appropriate level of security
clearance necessary to review any information, including classified
information, that is relevant to reviewing the case. As proposed, the
ALJ should consider a request for an in-person hearing, by evaluating
whether there are genuine issues of fact about the evidence or
information the individual submits as part of his or her waiver request
or appeal to TSA, or whether TSA's determination on the waiver or
appeal was completed in accordance with the regulations. If an in-
person hearing takes place, a verbatim transcript would be made, at no
cost to the individual. If the individual fails to appear, the ALJ may
issue a default judgment against the individual. The standard of proof
for the hearing would be substantial evidence on the record.
Under the ALJ procedures, we propose that TSA will not disclose
classified information or other information protected under the law.
TSA, however, may prepare an unclassified summary of the information
for the appealing party, if an unclassified summary can be provided
consistent with national security concerns. The ALJ would review the
record of decision, including any classified information upon which the
decision relies, on an ex parte, in camera basis, and may consider this
information in making a final decision if the information appears to be
material and relevant.
Paragraph (f) describes the procedures that apply for the ALJ's
final decision. As proposed, the ALJ would issue a final decision
within 60 days from the close of the record, and serve the decision on
the parties. Either party may appeal the ALJ decision to the TSA Final
Decision Maker. If the ALJ overturns TSA's waiver or appeal decision
and TSA does not appeal that to the Final Decision Maker, TSA would
issue an order granting the waiver or withdraw the final determination
on the appeal, as applicable. If the ALJ upholds TSA's decision and the
individual does not seek review by the TSA Final Decision Maker, TSA
would issue a final agency order denying a waiver to the individual or
issue a Final Order of Ineligibility, as applicable.
9. Proposed Sec. 1530.613. TSA proposes the procedures for
appealing an ALJ decision to the TSA Final Decision Maker in this
section. The non-prevailing party in the ALJ proceeding may request a
review of the ALJ's decision by the TSA Final Decision Maker within 30
days from the date of service of the ALJ's decision. Requests for
review must be in writing, served on the opposing party, and relate
only to whether the ALJ's decision was based on substantial evidence on
the record. Within 60 days of receiving the request for review (or
within 30 days of receiving a response from the other party), the TSA
Final Decision Maker would issue the final decision. The decision of
the TSA Final Decision Maker constitutes a final agency order in
accordance with 49 U.S.C. 46110. If the individual wishes to appeal the
TSA Decision Maker's final order, that appeal must be filed in the U.S.
Court of Appeals for the District of Columbia Circuit or in the court
of appeals of the United States for the circuit in which the person
resides or has its principal place of business within 60 days of the
TSA Decision Maker's final order.
IV. Analysis of Proposed Changes to Parts 1500, 1570, 1572, 1580, 1582,
and 1584
A. Introduction
TSA proposes to make changes to 49 CFR parts 1500, 1570, 1572,
1580, 1582, and 1584 in this rulemaking. Each of these proposed changes
are described below.
B. Proposed Changes to Part 1500
``Security threat assessment'' would mean a procedure conducted by
TSA consisting of one or more checks of relevant databases and other
sources of information to verify an individual's identity, and to
determine whether the individual is eligible for certain access to the
nation's transportation systems, or for certain privileges or
credentials. The proposed definition would provide a concrete
understanding of the term that encapsulates the entire process of
vetting the individual. It would also promote consistent use of
terminology throughout TSA's regulations, most importantly that a
security threat assessment is the overall process, which is comprised
of one or more checks, such as a CHRC, or a check of databases. TSA
considers the terms ``security threat assessment,'' as proposed here,
and ``security background check,'' as established in the Security
Training rulemaking to be functionally synonymous. TSA intends
generally to reserve the use of ``security background check'' to the
specific context of proposed Sec. 1570.305.
[[Page 33494]]
C. Proposed Changes to Part 1570
As explained previously, this proposed rule is one of three
rulemakings TSA is presently conducting to implement the 9/11 Act. The
Security Training NPRM proposed extensive changes to part 1570,
including reserving subpart D for proposals related to vetting. In this
rulemaking, we propose changes to part 1570, subpart D, that build on
the proposals in the Security Training NPRM.
TSA proposes to add Sec. 1570.307 to subpart D to explain that
specific vetting requirements for maritime and land transportation
would be set in the parts that relate to each industry. For instance,
the proposals for the owner/operators and individuals in freight rail
would be in part 1580, public transportation and passenger rail would
be in part 1582, and OTRB would be in part 1584.
As a matter of organization and clarity, we think it would be
easier for each type of owner/operator and its employees to first look
at the part of TSA regulations that applies to it, in order to
determine who must be vetted and the level of vetting required. The
requirements may vary, and we believe placing them in the specific part
of title 49 that corresponds to that type of operator would be best.
D. Proposed Change to Part 1572
TSA proposes to revise the title of part 1572 from ``Credentialing
and Security Threat Assessments'' to ``Credentialing and Security
Threat Assessments for the Hazardous Materials Endorsement and
Transportation Worker Identification Credential Programs.'' This is an
administrative change TSA proposes to make to clarify that part 1572
applies only to the HME and TWIC programs. As our vetting authorities
expand and there are new vetting standards in various parts of the CFR,
we believe it is necessary to change the title of part 1572 so that
individuals and owner/operators understand that it applies only to two
programs.
E. Proposed Changes to Part 1580
TSA proposes to add ``Subpart D--Security Threat Assessment
Requirements for Owner/Operators and Individuals'' to part 1580, as
promulgated in the Security Training rulemaking, to implement the 9/11
Act vetting requirements in freight rail.\59\
---------------------------------------------------------------------------
\59\ See 9/11 Act sections 1520 and 1522, which are codified at
6 U.S.C. 1170(d).
---------------------------------------------------------------------------
1. Proposed Sec. 1580.3. This section would make clear that the
terms defined in Sec. Sec. 1500.3, 1500.5, and 1503.103, of subchapter
A, Sec. 1530.3 of subchapter B, and Sec. 1570.3 of subchapter D of
this chapter, also apply when used in this part.
2. Proposed Sec. 1580.301. Paragraph (a) would set out the
obligations of freight rail owner/operators with regard to STA
requirements for the security coordinators who would be designated
according to the requirements of the Security Training rulemaking.
Section 1570.201(a), as set forth in the Security Training final rule,
requires freight rail owner/operators to designate and use a primary
and at least one alternate security coordinator. These requirements
apply to the operators listed in 49 CFR 1580.101, which are:
<bullet> Class 1 freight railroad carriers;
<bullet> Rail hazardous materials shippers that transport one or
more of the categories and quantities of rail security-sensitive
materials (RSSM) in a high threat urban area (HTUA);
<bullet> Rail carrier that serves as a host railroad to a Class 1
carrier, rail hazardous materials shipper that transports RSSM in an
HTUA, or a passenger operation described in 49 CFR 1582.101.
Proposed paragraph (a)(1) would set out the primary requirement
that a covered freight rail owner/operator must not authorize or permit
an individual to serve as a primary or alternate security coordinator
unless he or she has successfully completed a Level 3 STA and holds a
current DOE from TSA.
As explained above in section II.B.2. of the preamble, security
coordinators should undergo a Level 3 STA because of their access to
sensitive-security and personally-identifiable information, as well as
the critical security functions they perform. These responsibilities
and functions require a high level of confidence that the individual is
trustworthy. As explained above, a Level 3 STA consists of a criminal
history, terrorism/other analyses, and immigration check. Successful
completion of this Level 3 STA would increase confidence that the
individual is sufficiently trustworthy to assume the position.
To comply with proposed paragraph (a)(1), owner/operators would
need a definitive source of information from TSA regarding an
individual's STA. TSA expects to create a web-based portal for owner/
operators to access, which would include the results of the STAs of
that owner/operator's workers. TSA has considered other methods of
employer notification, such as mailing letters, but believes this
method would be more cost-effective and minimizes the risk of fraud or
missing records associated with paper documents and mail service. TSA
invites comment from the industry as to other potential methods of
notification, as well as the relative advantages and disadvantages of
the options.
Paragraph (a)(2) would require the owner/operator to retain records
documenting compliance with paragraph (a)(1). TSA does not propose a
specific format of documentation. TSA prefers to retain flexibility to
permit various formats depending on owner/operator needs and
capabilities. TSA will work with each owner/operator to assure that the
recordkeeping process complies with TSA's inspection needs. As part of
inspecting compliance with the STA requirements, TSA must be able to
review these records to ensure that the STA requirements have been met
at the appropriate time. TSA invites comment from owner/operators as to
how most will satisfy this requirement and other ideas for meeting it.
Paragraph (b)(1) would set out the primary requirement that a
covered freight rail owner/operator must not authorize or permit an
individual to serve as a security-sensitive employee, unless he or she
has successfully completed a Level 2 STA and holds a current DOE from
TSA. TSA proposes to require a Level 2 STA, consisting of terrorism/
other analyses and immigration check in the United States, for
security-sensitive employees, which satisfies the requirements of
section 1520 of the 9/11 Act.
As explained above in the discussion of security coordinator STA
requirements, TSA expects to create a web-based portal for owner/
operators to access, which would include the results of the STAs of
that owner/operator's security-sensitive employees.
Proposed paragraph (b)(2), with regard to recordkeeping, is similar
to proposed paragraph (a)(2) explained above.
Paragraph (c) proposes continuing responsibilities for owner/
operators after the initial vetting of security coordinators and
security-sensitive employees. Paragraph (c)(1) would require an owner/
operator to remove an individual from a position as a security
coordinator or a security-sensitive employee if notified by TSA that
the individual is no longer eligible for the position. TSA would issue
such a notification if, for example, the recurrent terrorism/other
analyses check subsequently reveals information indicating that the
individual poses or may pose a threat to transportation security or
national security, or of terrorism.
[[Page 33495]]
Paragraph (c)(2) would require an owner/operator that becomes aware
of information that an individual is or may not be eligible to serve as
a security coordinator or security-sensitive employee to notify TSA
immediately. This responsibility would arise, for example, if the
owner/operator becomes aware that a security coordinator has been
arrested for or convicted of a potentially disqualifying crime.
Paragraph (c)(3) would provide that an owner/operator may reassign
an individual as a security coordinator or security-sensitive employee
if notified by TSA that he or she regained eligibility. For example, if
TSA notified an owner/operator under proposed paragraph (c)(1) that an
individual is ineligible, but subsequently determines that the factor
causing the ineligibility had been resolved, TSA would notify the
owner/operator under paragraph (c)(3).
2. Proposed Sec. 1580.303. This section would set out the
obligations of individuals employed by covered freight rail owner/
operators who must undergo an STA, either as a security coordinator
(proposed paragraph (a)) or a security-sensitive employee (proposed
paragraph (b)).
Paragraph (a) would provide that an individual must not work as a
security coordinator for a freight rail owner/operator, unless he or
she successfully completes a Level 3 STA and holds a current
Determination of Eligibility. Paragraph (a) would also specify that the
criminal history records check conducted as part of the Level 3 STA
would be adjudicated against the list of disqualifying crimes in
proposed Sec. 1530.503, which, as described above, would be the list
of disqualifying crimes that currently apply to certain surface and
maritime workers under Sec. 1572.103.
Paragraph (b) would provide that an individual must not work as a
security-sensitive employee unless he or she successfully completes a
Level 2 STA and holds a current Determination of Eligibility. The
rationale for requiring this level of vetting is explained above in
section II.B.1. of the preamble.
3. Proposed Sec. 1580.305. This section would require the use of
TSA enrollment centers by individuals, as well as the owner/operators
of those individuals, required to apply for an STA under these proposed
regulations. The reasons for this proposed requirement is explained
above in section II.B.5. of the preamble.
4. Proposed Sec. 1580.307. As explained above in section II.B.7.
of the preamble, TSA proposes a phased implementation of the vetting
requirements proposed in this rule. Under paragraph (a), the vetting
requirements for primary and alternate security coordinators would
become effective 6 months from the publication date of the final rule.
Under paragraph (b), the vetting requirements for security-sensitive
employees would become effective 12 months from the publication date of
the final rule. It is important to note that the time it takes to
process Level 2 STA processing is typically less than 10 days, and less
than 30 days for Level 3 STA processing. We invite comment from
employers and workers on these proposed effective dates. Specifically,
TSA is interested in the time employers anticipate it will take to
prepare for the effective dates, how many employees fall into each
category, and whether the number of employees can be vetted within the
allotted time.
F. Changes to Part 1582
TSA proposes to add ``Subpart C--Security Threat Assessment
Requirements for Owner/Operators and Individuals'' to part 1582, as set
forth in the Security Training final rule, to implement the vetting
requirements of the 9/11 Act for public transportation and passenger
rail.
1. Proposed Sec. 1582.3. This section would make clear that the
terms defined in Sec. Sec. 1500.3, 1500.5, and 1503.103, of subchapter
A, Sec. 1530.3 of subchapter B, and Sec. 1570.3 of subchapter D of
this chapter, also apply when used in this part.
2. Proposed Sec. 1582.201. This section would set out the
obligations of covered public transportation and passenger rail owner/
operators with regard to STA requirements for the security coordinators
who would be designated according to the requirements of the Security
Training rulemaking. Under the Training final rule, section 1570.201(a)
requires public transportation and passenger rail owner/operators
described in Sec. 1582.1(a) to designate and use a primary and at
least one alternate security coordinator. These owner/operators
include: passenger railroad carriers, public transportation agencies,
and operators of rail transit systems that are not operating on tracks
that are part of the general railroad system, including heavy rail
transit, light rail transit, automated guideway, cable car, inclined
plane, funicular, and monorail systems.
Proposed paragraph (a)(1) would set out the primary requirement
that a covered public transportation and passenger railroad operator
must not authorize or permit an individual to serve as a primary or
alternate security coordinator, unless he or she has successfully
completed a Level 3 STA and holds a current DOE from TSA. As set forth
in the Security Training final rule, this requirement would apply to
all owner/operators described in Sec. 1582.1(a)(1)-(3), and to an
owner/operator described in Sec. 1582.1(a)(4), if it is notified by
TSA that a threat exists pursuant to 49 CFR 1570.201(b)). As explained
above in section II.B.2. of the preamble, TSA believes that security
coordinators should be required to undergo a Level 3 STA based on the
access to sensitive-security and personally-identifiable information
they have. As explained previously, a Level 3 STA consists of a
criminal history, terrorism/other analyses, and immigration check.
Successful completion of this Level 3 STA will increase confidence that
the individual is sufficiently trustworthy to assume the position, and
the proposed requirement that he or she continues to hold a current DOE
would require his or her removal if he or she becomes ineligible in the
future.
To comply with proposed paragraph (a)(1), owner/operators would
receive a notification from TSA regarding an individual's STA. TSA
expects to create a web-based portal for owner/operators to access,
which would include the results of the STAs of that owner/operator's
workers. TSA has considered other methods of employer notification,
such as mailing letters, but believes this method would be more cost-
effective and minimizes the risk of fraud or missing records associated
with paper documents and mail service. TSA invites comment from the
industry as to other potential methods of notification, and the
relative advantages and disadvantages of the options.
Paragraph (a)(2) would require the owner/operator to retain records
documenting compliance with proposed paragraph (a)(1). TSA proposes to
allow owner/operators flexibility as to the format, paper or digital,
of storage, as long as the form and manner is authorized by TSA. As
part of inspecting compliance with the STA requirements, TSA must be
able to review these records to ensure that the STA requirements have
been met at the appropriate time. TSA invites comment from owner/
operators as to how most will satisfy this requirement and other ideas
for meeting it.
In proposed Sec. 1580.203 (b) and as discussed above, TSA proposes
to require that such security-sensitive employees successfully complete
a Level 2 STA. Paragraph (b)(1) of this section tracks the same
requirements as in paragraph (a)(1), but for security-sensitive
employees instead of security coordinators. TSA proposes that a
[[Page 33496]]
covered owner/operator must not authorize or permit a person to serve a
security-sensitive employee, unless he or she has successfully
completed a Level 2 STA and holds a current DOE. This level of vetting
satisfies section 1411 of the 9/11 Act.
Proposed paragraph (b)(2) with regard to recordkeeping is similar
to proposed paragraph (a)(2) explained above.
Paragraph (c) proposes continuing responsibilities for owner/
operators after the initial vetting of security coordinators and
security-sensitive employees. Paragraph (c)(1) would require an owner/
operator to remove an individual from a position as a security
coordinator, or a security-sensitive employee, if notified by TSA that
the individual is no longer eligible for the position. TSA would issue
such a notification if, for example, the recurrent terrorism check
subsequently reveals information indicating that the individual poses
or may pose a threat to transportation security or national security,
or of terrorism.
Paragraph (c)(2) would require an owner/operator that becomes aware
of information that an individual may not be eligible to serve as a
security coordinator or security-sensitive employee to notify TSA
immediately. This responsibility would arise, for example, if the
owner/operator becomes aware that a security coordinator has been
convicted for a potentially disqualifying crime.
Paragraph (c)(3) would provide that an owner/operator may reassign
an individual as a security coordinator or security-sensitive employee
if notified by TSA that he or she regained eligibility. For example, if
TSA notified an owner/operator under proposed paragraph (c)(1) that an
individual is ineligible, but subsequently determines that the factor
causing the ineligibility had been resolved, TSA would notify the
owner/operator under paragraph (c)(3).
3. Proposed Sec. 1582.203. This section would set out the
obligations of individuals employed by covered public transportation
and passenger rail owner/operators who must undergo an STA, either to
serve as a security coordinator (proposed paragraph (a)) or as a
security-sensitive employee (proposed paragraph (b)).
Proposed paragraph (a) would provide that an individual must not
work as a security coordinator for a public transportation or passenger
rail owner/operator unless he or she successfully completes a Level 3
STA and holds a current DOE. The reasons for requiring a Level 3 STA,
and the checks that would compose this level of vetting are explained
above in section II.B.2. of the preamble. Paragraph (a) would also
specify that the CHRC conducted as part of the Level 3 STA would be
adjudicated against the list of disqualifying crimes in proposed Sec.
1530.503(a), which is the list of disqualifying crimes applicable to
surface and maritime vetting conducted by TSA.
Paragraph (b) would provide that an individual must not work as a
security-sensitive employee unless he or she successfully completes a
Level 2 STA, and holds a current DOE. The rationale for requiring this
level of vetting is explained above in section II.B.1. of the preamble.
4. Proposed Sec. 1582.205. This section would require the use of
TSA enrollment centers by individuals, and their owner/operators,
required to apply for an STA under these proposed regulations. The
reasons for this proposed requirement is explained above in section
II.B.5. of the preamble.
5. Proposed Sec. 1582.207. As explained above in section II.B.7.
of the preamble, TSA proposes a phased implementation of the vetting
requirements proposed in this rule. Under paragraph (a), the vetting
requirements for primary and alternate security coordinators would
become effective 6 months from the publication date of the final rule.
Under paragraph (b), the vetting requirements for security-sensitive
employees would become effective 12 months from the publication date of
the final rule.
We invite comment from employers and workers on these proposed
effective dates. Specifically, TSA is interested in the time employers
anticipate it will take to prepare for the effective dates, how many
employees fall into each category, and whether the number of employees
can be vetted within the allotted time.
F. Proposed Changes to Part 1584
In this rulemaking, TSA proposes to add ``Subpart C--Security
Threat Assessment Requirements for Owner/Operators and Individuals'' to
part 1584, in keeping with provisions established in the Security
Training rule for the 9/11 Act vetting requirements for OTRB.
1. Proposed Sec. 1584.3. This section would make clear that the
terms defined in Sec. Sec. 1500.3, 1500.5, and 1503.103, of subchapter
A, Sec. 1530.3 of subchapter B, and Sec. 1570.3 of subchapter D of
this chapter, also apply when used in this part.
2. Proposed Sec. 1584.201. This section would set out the
obligations of OTRB owner/operators with regard to STA requirements for
the security coordinators designated in accordance with the Security
Training final rule. Section 1570.201(a) requires OTRB owner/operators
described in Sec. 1584.101 to designate and use a primary and at least
one alternate security coordinator. Under Sec. 1584.101 these OTRB
owner/operators are limited to those that originate, travel through, or
in, a geographic location identified in appendix A to 49 CFR part 1584.
Proposed paragraph (a)(1) would set out the primary requirement
that a covered OTRB owner/operator must not authorize or permit an
individual to serve as a primary or alternate security coordinator,
unless he or she has successfully completed a Level 3 STA and holds a
current DOE. As explained above in section II.B.2. of the preamble, TSA
believes that security coordinators should undergo a Level 3 STA based
on their access to sensitive security and personally identifiable
information. As explained above, a Level 3 STA consists of criminal
history, terrorism/other analyses, and immigration checks. Successful
completion of this Level 3 STA will increase confidence that the
individual is sufficiently trustworthy to assume the position, and the
proposed requirement that he or she continues to hold a current DOE
would require his or her removal if he or she becomes ineligible in the
future.
To comply with proposed paragraph (a)(1), owner/operators must
receive a definitive notification from TSA regarding an individual's
STA. TSA expects to create a web-based portal for owner/operators to
access, which will include the results of the STAs of that owner/
operator's workers. TSA has considered other methods of employer
notification, such as mailing letters, but believes this method would
be more cost-effective and minimizes the risk of fraud or missing
records associated with paper documents and mail service. TSA invites
comment from the industry as to other potential methods of
notification, as well as the relative advantages and disadvantages of
the options.
Paragraph (a)(2) would require the owner/operator to retain records
documenting compliance with proposed paragraph (a)(1). TSA proposes to
allow owner/operators flexibility as to the format, paper or digital,
of storage, as long as the form and manner is authorized by TSA. As
part of inspecting compliance with the STA requirements, TSA must be
able to review these records to ensure that the STA requirements have
been met at the appropriate time. TSA invites comment from owner/
operators as to how most will satisfy this requirement and other ideas
for meeting it.
[[Page 33497]]
Paragraph (b) proposes continuing responsibilities for owner/
operators after the initial vetting of security coordinators. Paragraph
(b)(1) would require an owner/operator to remove an individual from a
position as a security coordinator, if notified by TSA that the
individual is no longer eligible for the position. TSA would issue such
a notification if, for example, the recurrent terrorism check
subsequently reveals information indicating that the individual poses
or may pose a threat to transportation security or national security,
or of terrorism.
Paragraph (b)(2) would require an owner/operator that becomes
[…truncated; see source link]Indexed from Federal Register on May 23, 2023.
This is legal information, not legal advice. Laws vary by jurisdiction and change frequently. Always verify current law with official sources and consult a licensed attorney in your jurisdiction for advice on your specific situation.