Recordkeeping Requirements for Criminal History Record Checks; Airport and Aircraft Operator Security; Technical Amendments

Issuing agencies

Abstract

The Transportation Security Administration (TSA) is issuing technical amendments to certain aviation security regulations. The technical amendments to the regulations clarify that airport operators and aircraft operators are required to retain only the criminal records, including the application for a criminal history records check (CHRC), associated with an individual's current CHRC, CHRC certification, or authorization to perform a covered function and not records associated with previous CHRCs or employment investigations. Also, the technical amendments clarify that the records may be stored in paper or electronic form.

Full Text

<html>
<head>
<title>Federal Register, Volume 90 Issue 9 (Wednesday, January 15, 2025)</title>
</head>
<body><pre>
[Federal Register Volume 90, Number 9 (Wednesday, January 15, 2025)]
[Rules and Regulations]
[Pages 3716-3719]
From the Federal Register Online via the Government Publishing Office [<a href="http://www.gpo.gov">www.gpo.gov</a>]
[FR Doc No: 2025-00773]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Transportation Security Administration

49 CFR Parts 1542 and 1544


Recordkeeping Requirements for Criminal History Record Checks; 
Airport and Aircraft Operator Security; Technical Amendments

AGENCY: Transportation Security Administration, Department of Homeland 
Security (DHS).

ACTION: Final rule; technical amendments.

-----------------------------------------------------------------------

SUMMARY: The Transportation Security Administration (TSA) is issuing 
technical amendments to certain aviation security regulations. The 
technical amendments to the regulations clarify that airport operators 
and aircraft operators are required to retain only the criminal 
records, including the application for a criminal history records check 
(CHRC), associated with an individual's current CHRC, CHRC 
certification, or authorization to perform a covered function and not 
records associated with previous CHRCs or employment investigations. 
Also, the technical amendments clarify that the records may be stored 
in paper or electronic form.

DATES: This rule is effective as of January 15, 2025.

FOR FURTHER INFORMATION CONTACT: David Siegmund; Airport Security 
Programs; Aviation Division; Policy, Plans, and Engagement; (571) 227-
4325; <a href="/cdn-cgi/l/email-protection#9ffbfee9f6fbb1ecf6faf8f2eaf1fbdfebecfeb1fbf7ecb1f8f0e9"><span class="__cf_email__" data-cfemail="abcfcaddc2cf85d8c2ceccc6dec5cfebdfd8ca85cfc3d885ccc4dd">[email&#160;protected]</span></a>.

SUPPLEMENTARY INFORMATION: You can find an electronic copy of this rule 
using the internet by accessing the Government Publishing Office's web 
page at <a href="https://www.govinfo.gov/app/collection/FR">https://www.govinfo.gov/app/collection/FR</a> to view the daily 
published Federal Register edition or by accessing the Office of the 
Federal Register's web page at <a href="https://www.federalregister.gov">https://www.federalregister.gov</a>. Copies 
are also available by contacting the individual identified in the FOR 
FURTHER INFORMATION CONTACT section.

Small Entity Inquiries

    The Small Business Regulatory Enforcement Fairness Act (SBREFA) of 
1996 requires TSA to comply with small entity requests for information 
and advice about compliance with statutes and regulations within TSA's 
jurisdiction. Any small entity that has a question regarding this 
document may contact the person listed in the FOR FURTHER INFORMATION 
CONTACT section. Persons can obtain further information regarding 
SBREFA on the Small Business Administration's web page at <a href="https://advocacy.sba.gov/resources/reference-library/sbrefa/">https://advocacy.sba.gov/resources/reference-library/sbrefa/</a>.

I. Discussion of the Rule

    TSA is making technical amendments to regulatory recordkeeping 
requirements related to CHRCs that workers for airport and aircraft 
operators are required to undergo. Beginning in 1996, the FAA required 
airport and aircraft operators to conduct employment investigations for 
certain workers. Following the terrorist attacks on September 11, 2001, 
the FAA determined that the employment investigations did not 
adequately protect transportation security and published the CHRCs 
final rule on December 6, 2001.\1\ The rule required the completion of 
CHRCs for individuals with unescorted Security Identification Display 
Area security functions such as screening of cargo or

[[Page 3717]]

accepting checked baggage for transport.\2\
---------------------------------------------------------------------------

    \1\ 66 FR 63474 (Dec. 6, 2001). FAA aviation security functions 
were transferred to TSA under 67 FR 7939 (Feb. 20, 2002).
    \2\ See also 49 CFR 1544.229 and 1544.330 (expanding CHRC 
requirements to include flightcrew members).
---------------------------------------------------------------------------

    For airport operators, the current regulations require retention of 
all employment history investigation files conducted before December 6, 
2001, the fingerprint application and CHRC results conducted after 
December 6, 2001, and any CHRC certifications received after December 
6, 2001.\3\ For aircraft operators, the current regulations require 
retention of employment history investigation files conducted before 
December 6, 2001, and fingerprint application and CHRC results 
conducted after December 6, 2001.\4\ The regulations also require 
airport and aircraft operators to retain these records until 180 days 
after the individual's access has expired or their authority to perform 
a covered function is terminated.\5\
---------------------------------------------------------------------------

    \3\ See 49 CFR 1542.209(k)(1) through (3).
    \4\ See 49 CFR 1544.229(k)(1) and (2).
    \5\ See 49 CFR 1542.209(k)(5), 1544.229(k)(4).
---------------------------------------------------------------------------

    When these regulations were promulgated, airport and aircraft 
operators were required to complete only one CHRC for covered 
individuals.\6\ However, as a result of the terrorist attacks of 
September 11, 2001, the modern threat environment, and TSA's risk-based 
approach to aviation security, TSA has issued security program 
amendments and security directives requiring airport and certain 
aircraft operator workers to undergo recurrent CHRCs. For instance, TSA 
required workers with unescorted access to airport Security 
Identification Display Areas and sterile areas to complete CHRCs every 
2 years, and then to participate in the Rap Back program. As a result 
of the recurrent CHRC requirements and a strict reading of the 
recordkeeping regulations, covered entities retain numerous copies of 
CHRC applications and results. Retaining these records is burdensome 
and costly. Moreover, TSA does not need prior CHRC applications and 
results to assess compliance with the existing CHRC requirements. 
Therefore, TSA is clarifying the existing regulations to state that 
operators must retain only the records relating to the current CHRC.
---------------------------------------------------------------------------

    \6\ 66 FR 63474 (Dec. 6, 2001).
---------------------------------------------------------------------------

    For Sec. Sec.  1542.209 and 1544.229, the technical amendments 
remove the date of December 6, 2001, and the requirements concerning 
employment investigations that applied before that date in the rule 
text because that language is no longer necessary. Also, the technical 
amendments now include the phrase ``in electronic or paper form as 
authorized by TSA'' to clarify that either hard copy or electronic 
forms are permissible. When the regulation was originally published, 
the primary means of record maintenance was in paper/hard copy, which 
has changed over time to electronic document storage. TSA is adding the 
phrase ``associated with the individual's current ID media, CHRC 
certification, or authorization to perform a covered function'' to 
clarify that only the current CHRC records must be retained. TSA is 
revising the title of ``Certification'' to ``Certifications'' to 
grammatically conform with other references to certifications in the 
rule text. Finally, TSA is removing the phrase ``all investigations'' 
to more accurately reflect that airport and aircraft operators are only 
required to preserve certain records.
    For Sec.  1544.230, the technical amendments add the phrase ``[t]he 
airport operator must maintain the following information associated 
with an individual's current authorization to be a flightcrew member, 
in electronic or paper form, as authorized by TSA.'' This change 
clarifies that either hard copy or electronic forms are permissible and 
that only the current CHRC records must be retained for flightcrew 
records checks. The technical amendments also delete extraneous phrases 
from Sec.  1544.230 so that the recordkeeping language is similar to 
Sec. Sec.  1542.209 and 1544.229.

II. Good Cause and Procedural Rule Exceptions From Notice and Comment 
and Delayed Effective Date

    TSA is issuing this final rule change as a technical amendment 
without a notice of proposed rulemaking or delayed effective date. The 
Administrative Procedure Act authorizes agencies to forgo the notice 
and comment requirements if it ``for good cause finds . . . that notice 
and public procedure thereon are impracticable, unnecessary, or 
contrary to the public interest.'' 5 U.S.C. 553(b)(B); see also 5 
U.S.C. 553(d)(3) (allowing agency to forgo a delayed effective date for 
a substantive rule upon a finding of good cause).
    TSA believes notice and comment concerning reducing the 
recordkeeping requirements is unnecessary as it is a limited amendment 
to reflect processes and security needs that have changed overtime. It 
is unnecessary to seek notice and comment on the rule changes because 
the new language imposes no new substantive burden and reflects current 
security and compliance procedures. Further, it is unnecessary for the 
rule to have a delayed effective date as the amendment merely reduces 
recordkeeping requirements. Operators may continue to retain old 
criminal applications and records but are not required to do so. For 
these reasons, TSA believes that bypassing the ordinary notice and 
comment procedure and the delayed effected date requirement is 
justified in the totality of the circumstances.
    In addition, 5 U.S.C. 553(b)(A) permits agencies to forgo notice 
and comment when issuing ``rules of agency organization, procedure, or 
practice,'' i.e., a procedural rule. ``A useful articulation of the 
exemption's critical feature is that it covers agency actions that do 
not themselves alter the rights or interests of parties, although it 
may alter the manner in which the parties present themselves or their 
viewpoints to the agency.'' \7\ The exemption ``preserve[s] agency 
flexibility when dealing with limited situations where substantive 
rights are not at stake.'' \8\ Here, TSA is removing a requirement to 
retain the old CHRC records that were written when only one CHRC was 
required. As a matter of agency procedure and practice, TSA does not 
need to review old CHRC records and applications in order to assess an 
operator's current compliance with the vetting regulations. In 
addition, the delayed effective date requirements under 5 U.S.C. 553(d) 
do not apply to procedural rules.
---------------------------------------------------------------------------

    \7\ Batterton v. Marshall, 648 F.2d 694, 707 (D.C. Cir. 1980).
    \8\ American Hospital Ass'n v. Bowen, 834 F.2d 1037, 1045 (D.C. 
Cir. 1987).
---------------------------------------------------------------------------

    TSA is issuing these final rule changes through technical 
amendments and not as a notice of proposed rulemaking. The technical 
amendments reflect current Agency procedures and impose no new 
substantive requirements. However, it is important to note that even if 
these revisions were not considered technical amendments, they fall 
within other exceptions to notice and comment under the Administrative 
Procedure Act.\9\
---------------------------------------------------------------------------

    \9\ See 5 U.S.C. 551-559.
---------------------------------------------------------------------------

III. Regulatory Analyses

A. Paperwork Reduction Act

    The Paperwork Reduction Act of 1995 (PRA) (44 U.S.C. 3501 et seq.) 
requires that TSA consider the impact of paperwork and other 
information collection burdens imposed on the public, and under the 
provisions of PRA section 3507(d), obtain approval from the Office of 
Management and Budget (OMB) for each collection of information it 
conducts, sponsors, or requires through regulations. This rule does not 
call for a new collection of information under the PRA. CHRC

[[Page 3718]]

recordkeeping requirements are currently covered under Information 
Collection Request 1652-002 (Airport Security Program). CHRC 
recordkeeping burden estimates within the Information Collection 
Request already align with CHRC recordkeeping clarifications identified 
in the technical amendment and thus do not require revision at this 
time.

B. Executive Orders 12866 and 13563 Assessment

    Executive Orders 12866 (Regulatory Planning and Review), as amended 
by Executive Order 14094 (Modernizing Regulatory Review), and 13563 
(Improving Regulation and Regulatory Review) direct agencies to assess 
the costs and benefits of available regulatory alternatives and, if 
regulation is necessary, to select regulatory approaches that maximize 
net benefits (including potential economic, environmental, public 
health and safety effects, distributive impacts, and equity). Executive 
Order 13563 emphasizes the importance of quantifying costs and 
benefits, reducing costs, harmonizing rules, and promoting flexibility.
    The OMB has not designated this rule a significant regulatory 
action under section 3(f) of Executive Order 12866, as amended by 
Executive Order 14094. Accordingly, OMB has not reviewed this 
regulatory action.
    This technical amendment clarifies CHRC recordkeeping requirements 
which may result in cost savings associated with no longer retaining 
old CHRCs and storing such records electronically. This technical 
amendment does not impose any new substantive burden and reflects 
current security and compliance procedures.

C. Regulatory Flexibility Analysis

    The Regulatory Flexibility Act of 1980 (RFA) \10\ requires that 
agencies consider the impacts of their rules on small entities. For 
purposes of the RFA, small entities include small businesses, not-for-
profit organizations, and small governmental jurisdictions. The RFA's 
regulatory flexibility analysis requirements apply only to those rules 
for which an agency is required to publish a general notice of proposed 
rulemaking pursuant to 5 U.S.C. 553 or any other law. See 5 U.S.C. 
604(a). As discussed previously, TSA did not issue a notice of proposed 
rulemaking for this action as exempted by 5 U.S.C. 553(b). Therefore, a 
regulatory flexibility analysis is not required for this rule.
---------------------------------------------------------------------------

    \10\ Public Law 96-354 (94 Stat. 1164, Sept. 19, 1980), codified 
at 5 U.S.C. 601 et seq., as amended by the Small Business Regulatory 
Enforcement Fairness Act of 1996 (SBREFA).
---------------------------------------------------------------------------

D. Unfunded Mandates Reform Act

    Title II of the Unfunded Mandates Reform Act of 1995 (2 U.S.C. 
1531-38, UMRA) requires each Federal agency to prepare a written 
statement assessing the effects of any Federal mandate in a proposed 
rule or final rule for which the agency published a proposed rule, 
which includes any Federal mandate that may result in a $100 million or 
more expenditure (adjusted annually for inflation) in any one year by 
State, local, and tribal governments, in the aggregate, or by the 
private sector.
    Regulations are only reviewable under UMRA when an agency has 
published a notice of proposed rulemaking as defined by 5 U.S.C. 
553(b).\11\ This rule is exempted from notice and comment under 5 
U.S.C. 553(b). TSA did not publish a notice of proposed rulemaking; 
thus, this rule is exempt from UMRA's requirements pertaining to the 
preparation of a written statement.
---------------------------------------------------------------------------

    \11\ See 2 U.S.C. 658(10); 5 U.S.C. 601(2).
---------------------------------------------------------------------------

E. Executive Order 13132

    Under Executive Order 13132 (Federalism), agencies must consider 
whether a rule has federalism implications. TSA has determined that 
this rule does not have federalism implications because it does not 
create a substantial direct effect on States, on the relationship 
between the National Government and States, or the distribution of 
power and responsibilities among the various levels of government.

F. International Trade Impact Assessment

    The Trade Agreement Act of 1979 prohibits Federal agencies from 
establishing any standards or engaging in related activities that 
create unnecessary obstacles to the foreign commerce of the United 
States. The Trade Agreement Act does not consider legitimate domestic 
objectives, such as essential security, as unnecessary obstacles. The 
statute also requires that international standards be considered, and 
where appropriate, that they be the basis for U.S. standards. This 
technical amendment will not have an adverse impact on international 
trade.

G. Energy Impact Analysis

    TSA assessed the energy impact of this action in accordance with 
the Energy Policy and Conservation Act,\12\ and determined that this 
technical amendment is not a major regulatory action under the 
provisions of the Energy Policy and Conservation Act.
---------------------------------------------------------------------------

    \12\ As codified at 42 U.S.C. 6362.
---------------------------------------------------------------------------

H. Environmental Analysis

    TSA has reviewed this technical amendment for purposes of the 
National Environmental Policy Act of 1969 \13\ and has determined that 
this action will not have a significant effect on the human 
environment. This action is covered by categorical exclusion numbers 
A3(a) (for actions of a strictly administrative or procedural nature) 
and (b) (that implement, without substantive change, statutory or 
regulatory requirements) in DHS Management Directive 023-01 (formerly 
Management Directive 5100.1), Environmental Planning Program, and 
Instruction Manual 023-01-001-01, Rev. 1, which guides TSA compliance 
with the National Environmental Policy Act.
---------------------------------------------------------------------------

    \13\ As codified at 42 U.S.C. 4321-4347.
---------------------------------------------------------------------------

I. The Congressional Review Act

    Before a rule can take effect, 5 U.S.C. 801, the Congressional 
Review Act (CRA), requires agencies to submit the rule and a report 
indicating whether it is a major rule to Congress and the Comptroller 
General. Under 5 U.S.C. 804(3)(C), rules of agency organization, 
procedure, or practice that do not substantially affect the rights or 
obligations of non-agency parties are not considered to be a rule for 
the purposes of the CRA. This technical amendment is a rule of agency 
organization, procedure, or practice that will not substantially affect 
the rights or obligations of non-agency parties, thus is not required 
to be submitted for review under the CRA.

List of Subjects

49 CFR Part 1542

    Airports, Aviation safety, Law enforcement officers, Reporting and 
recordkeeping requirements, Security measures.

49 CFR Part 1544

    Air carriers, Aircraft, Airmen, Airports, Aviation safety, 
Explosives, Freight forwarders, Law enforcement officers, Reporting and 
recordkeeping requirements, Security measures.

    For the reasons stated in the preamble, the Transportation Security 
Administration amends chapter XII, of title 49, Code of Federal 
Regulations as follows:

PART 1542--AIRPORT SECURITY

0
1. The authority citation for part 1542 continues to read as follows:


[[Page 3719]]


    Authority:  49 U.S.C. 114, 5103, 40113, 44901-44905, 44907, 
44913-44914, 44916-44917, 44935-44936, 44942, 46105.


0
2. Revise Sec.  1542.209(k) to read as follows:


Sec.  1542.209  Fingerprint-based criminal history records checks 
(CHRC).

* * * * *
    (k) Recordkeeping. The airport operator must maintain the following 
information associated with an individual's current identification (ID) 
media in electronic or paper form, as authorized by TSA:
    (1) Fingerprint application. Except when the airport operator has 
received a certification under paragraph (n) of this section, the 
airport operator must physically maintain, control, and, as 
appropriate, destroy the fingerprint application and the criminal 
record. Only direct airport operator employees may carry out the 
responsibility for maintaining, controlling, and destroying criminal 
records.
    (2) Certifications. The airport operator must maintain the 
certifications provided under paragraph (n) of this section.
    (3) Protection of records. The records required by this section 
must be maintained in a manner that is acceptable to TSA and in a 
manner that protects the confidentiality of the individual.
    (4) Duration. The records identified in this section with regard to 
an individual must be maintained until 180 days after the termination 
of the individual's unescorted access authority. When files are no 
longer maintained, the criminal record must be destroyed.
* * * * *

PART 1544--AIRCRAFT OPERATOR SECURITY: AIR CARRIERS AND COMMERCIAL 
OPERATORS

0
3. The authority citation for part 1544 continues to read as follows:

    Authority:  49 U.S.C. 114, 5103, 40113, 44901-44905, 44907, 
44913-44914, 44916-44918, 44932, 44935-44936, 44942, 46105.


0
4. Revise Sec.  1544.229(k) to read as follows:


Sec.  1544.229  Fingerprint-based criminal history records checks 
(CHRC): Unescorted access authority, authority to perform screening 
functions, and authority to perform check baggage or cargo functions.

* * * * *
    (k) Recordkeeping. The aircraft operator must maintain the 
following information associated with an individual's current 
identification (ID) media, CHRC certification, or authorization to 
perform a covered function in electronic or paper form, as authorized 
by TSA:
    (1) Fingerprint application. The aircraft operator must physically 
maintain, control, and, as appropriate, destroy the fingerprint 
application and the criminal record. Only direct aircraft operator 
employees may carry out the responsibility for maintaining, 
controlling, and destroying criminal records.
    (2) Protection of records. The records required by this section 
must be maintained in a manner that is acceptable to TSA and in a 
manner that protects the confidentiality of the individual.
    (3) Duration. The records identified in this section with regard to 
an individual must be maintained until 180 days after the termination 
of the individual's authority to perform a covered function. When files 
are no longer maintained, the criminal record must be destroyed.
* * * * *

0
5. Revise Sec.  1544.230(h) to read as follows:


Sec.  1544.230  Fingerprint-based criminal history records checks 
(CHRC): Flightcrew members.

* * * * *
    (h) Recordkeeping. The aircraft operator must maintain the 
following information associated with a current authorization to be a 
flightcrew member, in electronic or paper form, as authorized by TSA:
    (1) Fingerprint application process. The aircraft operator must 
physically maintain, control, and, as appropriate, destroy the 
fingerprint application and the criminal record. Only direct aircraft 
operator employees may carry out the responsibility for maintaining, 
controlling, and destroying criminal records.
    (2) Protection of records. The records required by this section 
must be maintained by the aircraft operator in a manner that is 
acceptable to TSA and in a manner that protects the confidentiality of 
the individual.
    (3) Duration. The records identified in this section with regard to 
an individual must be made available upon request by TSA and maintained 
until 180 days after the termination of the individual's privileges to 
perform flightcrew member duties with the aircraft operator. When files 
are no longer maintained, the criminal record must be destroyed.
* * * * *

    Dated: January 10, 2025.
David P. Pekoske,
Administrator.
[FR Doc. 2025-00773 Filed 1-14-25; 8:45 am]
BILLING CODE 9110-05-P


</pre><script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script></body>
</html>