[Federal Register: May 26, 2006 (Volume 71, Number 102)]
[Rules and Regulations]
[Page 30477-30517]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr26my06-17]
[[Page 30477]]
-----------------------------------------------------------------------
Part II
Department of Homeland Security
-----------------------------------------------------------------------
Transportation Security Administration
-----------------------------------------------------------------------
49 CFR Parts 1520, 1540, 1542, et al.
Air Cargo Security Requirements; Final Rule
[[Page 30478]]
-----------------------------------------------------------------------
DEPARTMENT OF HOMELAND SECURITY
Transportation Security Administration
49 CFR Parts 1520, 1540, 1542, 1544, 1546, and 1548
[Docket No. TSA-2004-19515; Amendment Nos. 1520-4, 1540-7, 1542-2,
1544-5, 1546-2, and 1548-2]
RIN 1652-AA23
Air Cargo Security Requirements
AGENCY: Transportation Security Administration (TSA), DHS.
ACTION: Final rule.
-----------------------------------------------------------------------
SUMMARY: The Transportation Security Administration is amending its
regulations to enhance and improve the security of air cargo
transportation. This final rule requires airport operators, aircraft
operators, foreign air carriers, and indirect air carriers to implement
security measures in the air cargo supply chain as directed under the
Aviation and Transportation Security Act. This final rule also amends
the applicability of the requirement for a ``twelve-five'' security
program for aircraft with a maximum certificated takeoff weight of
12,500 pounds or more to those aircraft with a maximum certificated
takeoff weight of more than 12,500 pounds to conform to recent
legislation.
DATES: Effective Date: This final rule is effective October 23, 2006.
Compliance Date: By November 22, 2006, Indirect air carriers must
comply with the requirements for Indirect air carrier training under
Sec. 1548.11.
By December 1, 2006, aircraft operators, foreign air carriers, and
indirect air carriers must comply with the requirements for--
Security threat assessments under Sec. Sec. 1544.228, 1546.213,
1548.15, and 1548.16; and
Indirect air carriers that do not currently hold a security program
under part 1548, and that offer cargo to an aircraft operator operating
under a full all-cargo program or a comparable foreign air carrier
under Sec. 1546.101(e), establishment of, and operation under, a TSA
security program in part 1548.
FOR FURTHER INFORMATION CONTACT: Tamika McCree, Office of
Transportation Sector Network Management (TSA-28), Transportation
Security Administration, 601 South 12th Street, Arlington, VA 22202;
(571-227-2632); tamika.mccree@dhs.gov.
SUPPLEMENTARY INFORMATION:
Availability of Rulemaking Documents
You can get an electronic copy using the Internet by--
(1) Searching the Department of Transportation's electronic Docket
Management System (DMS) Web page (http://dms.dot.gov/search); (2) Accessing the Government Printing Office's Web page at http://
http://www.gpoaccess.gov/fr/index.html; or
(3) Visiting TSA's Law and Policy Web page at http://www.tsa.gov
and accessing the link for ``Law and Policy'' at the top of the page.
In addition, copies are available by writing or calling the
individual in the FOR FURTHER INFORMATION CONTACT section. Make sure to
identify the docket number of this rulemaking.
Small Entity Inquiries
The Small Business Regulatory Enforcement Fairness Act (SBREFA) of
1996 requires TSA to comply with small entity requests for information
and advice about compliance with statutes and regulations within TSA's
jurisdiction. Any small entity that has a question regarding this
document may contact the person listed in FOR FURTHER INFORMATION
CONTACT. Persons can obtain further information regarding SBREFA on the
Small Business Administration's Web page at http://www.sba.gov/advo/laws/law_lib.html
.
Abbreviations and Terms Used in This Preamble
AAAE American Association of Airport Executives
AAPA Association of Asia Pacific Airlines
ACCA Air Courier Conference of America
ACISP All-Cargo International Security Procedures
ACI-NA Airports Council International-North America
AEA Association of European Airlines
AES Automated Export System
ALPA Air Line Pilots Association International
AOPA Aircraft Owners and Pilots Association
ASAC Aviation Security Advisory Committee
ATA Air Transport Association
ATSA Aviation and Transportation Security Act
CAA Cargo Airline Association
CBP U.S. Customs and Border Protection
CFR Code of Federal Regulations
CHRC Criminal History Records Check
DHS Department of Homeland Security
DSIP Domestic Security Integration Program
EA Emergency Amendment
FAA Federal Aviation Administration
HAZMAT Hazardous Materials
IAC Indirect Air Carrier
IACSSP Indirect Air Carrier Standard Security Program
IATA International Air Transport Association
MSP Model Security Program
MTOW Maximum certificated take-off weight
NACA National Armored Car Association
NATA National Air Transport Association
NCBFAA National Customs Brokers and Forwarders Association
RAA Regional Airline Association
RACCA Regional Air Cargo Carriers Association
SIDA Security Identification Display Area
SD Security Directive
SSI Sensitive Security Information
STA Security Threat Assessment
TSA Transportation Security Administration
TFSSP Twelve-Five Standard Security Program
UPS United Parcel Service
Outline of Final Rule
I. Background
II. Comment Disposition
A. Security Threat Assessments
B. Acceptance and Screening of Cargo
C. Security Identification Display Area
D. Known Shipper Program
E. Adoption and Implementation of the Security Programs
F. Cost of IAC Training and Materials
G. Cost Benefit Analysis
H. 100 Percent Inspection of Cargo
I. Unknown Shipper Cargo
J. Terms Used in This Chapter
K. Persons and Property Aboard the Aircraft
L. Other Issues and Sections
III. Section-by-Section Analysis of Changes
IV. Fee Authority for Security Threat Assessment
V. Rulemaking Analyses and Notices
A. Regulatory Evaluation Summary
B. Paperwork Reduction Act
C. International Compatibility
D. International Trade Impact Assessment
E. Unfunded Mandates Reform Act Analyses
F. Executive Order 13132, Federalism
G. Environmental Analysis
H. Energy Impact
VI. List of Subjects
VII. The Amendment
I. Background
This final rule implements air cargo security requirements under
the Aviation and Transportation Security Act (ATSA), Pub. L. 107-71.
ATSA requires TSA to implement the following requirements:
Provide for screening of all property, cargo, carry-on and
checked baggage, and other articles, that will be carried aboard a
passenger aircraft operated by a domestic or foreign air carrier;\1\
and
---------------------------------------------------------------------------
\1\ 49 U.S.C. 44901(a).
---------------------------------------------------------------------------
Establish a system to screen, inspect, or otherwise ensure
the security of freight that is to be transported in all-cargo aircraft
as soon as practicable.\2\
---------------------------------------------------------------------------
\2\ 49 U.S.C. 44901(f).
---------------------------------------------------------------------------
TSA published a notice of proposed rulemaking in the Federal
Register on
[[Page 30479]]
November 10, 2004, at 69 FR 65258, to solicit public comment on the
proposed air cargo regulations. Please see the NPRM for additional
background information on the development of these regulations. The
NPRM proposed, among other requirements, to:
Address two critical risks in the air cargo environment:
(1) The hostile takeover of an all-cargo aircraft leading to its use as
a weapon; and (2) the use of cargo to introduce an explosive device
onboard a passenger aircraft.
Create a new mandatory security regime for aircraft
operators and foreign air carriers in all-cargo operations using
aircraft with a maximum certificated take-off weight more than 45,500
kg.
Create requirements for foreign air carriers in all-cargo
operation with an aircraft having a maximum certificated take-off
weight more than 12,500 pounds but no more than 45,500 kg, and a
separate program for aircraft with a maximum certificated take-off
weight more than 45,500 kg.
Require a Security Threat Assessment for individuals with
unescorted access to air cargo.
Enhance existing requirements for indirect air carriers
(IAC).
Expand Security Identification Display Area requirements
at regulated airports to include areas where cargo is loaded and
unloaded.
The NPRM was based in part on recommendations received from the
Department of Transportation Office of Inspector General's (DOT OIG's)
September 2002 audit of the air cargo security program,\3\ the General
Accounting Office's (GAO's) December 2002 report entitled,
``Vulnerabilities and Potential Improvements for the Air Cargo
System'',\4\ and the Aviation Security Advisory Committee
recommendations of October 1, 2003. TSA was also guided by the Air
Cargo Strategic Plan, which was completed in November 2003, and
approved by the Department of Homeland Security in January 2004. The
NPRM proposed a threat-based, risk-managed program for securing the air
cargo transportation system.
---------------------------------------------------------------------------
\3\ Report Number SC-2002-113, September 19, 2002. This report
is SSI.
\4\ GAO-03-344, December 20, 2002.
---------------------------------------------------------------------------
This final rule adopts the regulations proposed in the NPRM with
minor revisions to clarify certain provisions from the proposed rule.
Specifically, the final rule clarifies both of the populations who are
subject to Security Threat Assessments (STAs), and the areas where
airports must extend Security Identification Display Area (SIDA)
measures for cargo.
During this rulemaking, another critical security enhancement has
been implemented, that is, an increase in the inspection of cargo by
aircraft operators and foreign air carriers. The NPRM proposed to
codify the requirement for the aircraft operators and foreign air
carriers to inspect cargo in accordance with their security programs.
These operators already were inspecting a portion of their cargo as
required by Security Directives issued by TSA in November 2003.
Following the publication of the NPRM, the Department of Homeland
Security Appropriations Act, 2005 was enacted.\5\ Section 513 of the
Act requires TSA to amend Security Directives and programs to triple
the percentage of cargo inspected on passenger aircraft, which TSA did.
Details of these security measures are protected by TSA as Sensitive
Security Information,\6\ and therefore are not available for release to
the general public.
---------------------------------------------------------------------------
\5\ FY `05, Pub. L. 108-334.
\6\ ``Sensitive Security Information'' or ``SSI'' is information
obtained or developed in the conduct of security activities, the
disclosure of which would constitute an unwarranted invasion of
privacy, reveal trade secrets or privileged or confidential
information, or be detrimental to the security of transportation.
The protection of SSI is governed by 49 CFR part 1520.
---------------------------------------------------------------------------
Although the details are not in the rule, the regulatory evaluation
for this final rule analyzes the cost incurred by aircraft operators
and foreign air carriers to comply with this inspection requirement.
The cost of inspection of air cargo on passenger aircraft accounts for
about $1.491 billion of the total $2 billion costs of this rule, as
discussed further in the Regulatory Evaluation Summary (Section V.A.)
of this preamble. This inspection requirement accounts for the largest
single cost of this final rule. This inspection requirement is not a
new responsibility under this final rule; rather, TSA is taking this
opportunity to provide a cost estimate for inspection of air cargo on
passenger aircraft, as currently required under existing Security
Directives. TSA provided cost estimates for these inspections in the
NPRM, and has since revised them to account for the effect of the
congressional directive and public comments. These Security Directives
were first issued in November 2003. TSA subsequently issued security
program amendments to reflect the inspection requirements of the
Security Directives and the congressional mandates. These amendments
have been implemented since July 2005. This rulemaking marks TSA's
first opportunity to account for costs associated with the issuance of
these security measures. The specific requirements for these
inspections are SSI and are not appropriate for public disclosure as
part of this rulemaking.
Accordingly, about 75 percent of the approximately $2 billion
overall 10-year cost of the requirements implemented under this rule
are associated with requirements that did not originate with this rule.
These costs originated with TSA Security Directives issued in November
2003 and security program amendments issued in March 2005. The cost of
implementing requirements that originate under this final rule is
estimated to be about $167 million over a 10-year period.
In conjunction with the publication of this final rule, TSA is
issuing to regulated parties for comment proposed amendments to their
security programs to implement this final rule as authorized under 49
CFR 1542.105, 1544.105, 1546.105, and 1548.5.
II. Comment Disposition
TSA received 134 letters commenting on the NPRM. These comments
were submitted by a broad cross-section of parties with an interest in
air cargo security; including aircraft operators, foreign air carriers,
trade associations, airports, state and local governments, and indirect
air carriers (IACs).\7\ These comments are addressed below, organized
by major issues.
---------------------------------------------------------------------------
\7\ ``Indirect air carrier'' or ``IAC'' means any person or
entity within the United States not in possession of an FAA air
carrier operating certificate, which undertakes to engage indirectly
in air transportation of property, and uses for all, or any part, of
such transportation the services of an air carrier. This does not
include the U.S. Postal Service (USPS) or its representative while
acting on the behalf of the USPS. See 49 CFR 1540.5. This definition
reflects an amendment pursuant to this final rulemaking.
---------------------------------------------------------------------------
II.A. Security Threat Assessments (STAs)
TSA received approximately 140 comments on the proposed requirement
for security threat assessments (STAs) for persons with access to air
cargo. The STA proposed by TSA would include a search by TSA of
domestic and international databases to assess any potential terrorist
threats from those individuals with access to air cargo. TSA currently
requires a variety of individuals working in aviation to submit to a
criminal history records check and an additional name-based background
check. Generally, these individuals work on airport grounds and have
access to secure areas. However, many other persons who have not been
subjected to such background checks have access to air cargo. TSA
[[Page 30480]]
proposed to require that STAs be conducted on additional categories of
persons who have unescorted access to air cargo to verify that these
individuals do not pose a security threat. Individuals who undergo
security checks required for unescorted access to a security
identification display area (SIDA), or who have successfully completed
another STA that TSA approves as comparable, would not be required to
submit to an STA.
Applicability and Definitions
Comment: The majority of comments addressing the proposed STA
requirement expressed uncertainty about which employees would be
required to have an STA, and what TSA considers to be ``unescorted
access to cargo'' for purpose of triggering the STA requirement. In
addition, the Regional Airline Association (RAA) states that the
proposed language appears much broader than the scope previously
recommended by the Aviation Security Advisory Committee (ASAC) because
the requirement conceivably could apply to individuals who work outside
of the airport environment. RAA believes that only individuals under
the direct control of all-cargo airlines working at the airport should
be subject to the STA requirement.
The National Air Transport Association (NATA) suggests that TSA
clarify specifically which persons are covered by the STA requirement--
either under this rule or by amendment to a security program--and which
persons are excluded from the STA requirement. NATA states that because
of industry confusion, a number of aircraft operators are unclear of
their status with regard to the threat assessment requirement.
The Air Transport Association (ATA) commented that they fully
support TSA's conclusion that it is not necessary to require every
employee of an entity regulated by TSA that is in the business of cargo
transportation to submit to an STA. However, ATA believes that the
proposed language in Sec. Sec. 1540.201 and 1544.228 is overly broad
and subject to various interpretations.
ATA states that, as written, the rules could apply to individuals
who work outside the airport perimeter in cargo storage facilities or
holding areas, truck drivers, and others who move cargo to airports on
behalf of shippers. ATA believes that the rule also could apply to
individuals who work at non-U.S. locations and employees of entities at
the airport who share space or have access to air cargo areas operated
by the regulated party, such as employees of fixed base operators who
provide fuel and other supplies to regulated parties. ATA states that
such broad coverage would be impractical and disruptive to timely air
cargo transport, and urges TSA to clarify the language to limit the
applicability.
In addition, ATA recommends amending this section to apply to
direct employees and authorized representatives of aircraft operators
with unescorted access to cargo accepted by such aircraft operator.
Federal Express (FedEx) recommends that TSA limit the STA requirement,
to the extent permitted by applicable law, to employees who have
unescorted access to the aircraft or cargo, or employees who they know
or have reason to know will have access to cargo that will be tendered
to a passenger carrier to be flown on a passenger aircraft.
A number of comments asked for clarification as to what other
security checks are approved by TSA, and, thus, would not require
completion of an STA for that individual.
TSA response: TSA agrees that not every employee should be subject
to the STA requirement. Instead, TSA requires an STA for employees and
agents of aircraft operators, foreign air carriers, and IACs who have
unescorted access to cargo at certain times. TSA also requires an STA
for certain IAC principals. TSA has revised the provisions of the
regulations to clarify the STA requirement. While these revisions
comport with the scope of the NPRM, we have restructured the sections
to indicate more clearly which personnel are required to meet the STA
requirements. The revisions clarify that the STA requirements apply:
Only in the United States.
To aircraft operators with a full program, or a full all-
cargo program; foreign air carriers under Sec. 1546.101(a), (b), or
(e); and indirect air carriers.
To individuals with unescorted access to cargo who are
employees or agents of-- \8\
---------------------------------------------------------------------------
\8\ The STA requirements also extend to an officer, director,
and person who holds 25 percent or more of total outstanding voting
stock of an IAC. However, TSA did not receive requests for
clarification to this requirement.
---------------------------------------------------------------------------
Aircraft operators with a full program and foreign air
carriers under Sec. 1546.101(a) or (b) where they accept cargo;
Aircraft operators with a full all-cargo program and
foreign air carriers under Sec. 1546.101(e) where they consolidate or
inspect cargo;
IACs which accept cargo for transportation on aircraft
operated by an aircraft operator with a full program, or a foreign air
carrier under Sec. 1546.101(a) or (b); or
IACs where they consolidate or hold cargo for
transportation aboard an aircraft operated by an aircraft operator with
a full or full all-cargo program, or a foreign air carrier under Sec.
1546.101(a), (b) or (e).
Unless the employee or agent has a Criminal History
Records Check (CHRC) for unescorted authority to a SIDA, or another STA
approved by TSA as comparable to an STA under subpart C.
It is helpful to note where employees and agents are not required
to have an STA. Appropriate background checks for access to airport-
restricted areas are obligatory under International Civil Aviation
Organization (ICAO) Annex 17 Standards. TSA does not require STAs for
unescorted access to cargo at foreign locations.
Individuals do not need an STA if a person with the appropriate
background check escorts them. Individuals who work near cargo, but do
not require unescorted access to cargo, do not need an STA where the
regulated entity has adopted access control measures to prevent
unescorted access to the cargo. TSA will provide guidance on specific
access control measures in their security programs and regulated
entities may work with TSA to establish additional measures for TSA
approval.
Ensuring that individuals are properly escorted, or that cargo is
in a locked, inaccessible area, are two of many possible examples of
access control measures that may be available to regulated entities.
Generally, TSA relies on the access control measures that have been in
place through FAA and TSA regulations for many years. Regulated
entities should contact their TSA principal security inspectors, or
other appropriate TSA point of contact, if they have further questions
regarding access control measures.
Where employees and agents subject to STA requirements have
successfully completed a CHRC for unescorted access authority to a
SIDA, they have met their requirement and do not need to get a separate
STA under this final rule. TSA already requires airport operators to
send to TSA certain personal information for each individual who has
undergone a CHRC for a current SIDA or sterile area ID in order to
perform an additional background check that is comparable to an STA.
TSA is providing instruction to aircraft operators with a full or
full-all-cargo program to send to TSA the same type of information for
cargo screeners who do not have current SIDA or sterile area IDs, and
will also perform the additional check on this population. Most of
these cargo screeners already
[[Page 30481]]
have SIDA IDs; and, thus, already are checked. Likewise, an employee or
agent who has undergone another STA that TSA approves as being
comparable does not need a separate STA under this rule. TSA considers
the threat assessments it conducts for a person holding a commercial
driver's license with a hazardous materials endorsement as comparable
to an STA for purposes of this rule. See 49 CFR part 1572. TSA may
determine that other threat assessments are comparable to the STA
requirement under this rule and will expressly notify regulated
entities with security program amendments from TSA upon making that
determination. An employee or agent authorized to engage in the actions
described below, who does not meet one of these means of compliance,
must obtain an STA as directed in part 1540 of this rulemaking.
For cargo accepted by an aircraft operator with a full program and
a foreign air carrier under Sec. 1546.101(a) and (b), each employee or
agent, whom the operator authorizes to have unescorted access, must
have an STA.\9\ The STA requirement for these employees and agents
applies at the point of acceptance, whether from a shipper, another
aircraft operator, foreign air carrier, or indirect air carrier.
---------------------------------------------------------------------------
\9\ Employees and agents do not need this STA if they have
successfully completed a background check for unescorted access to
SIDA, or have another threat assessment that TSA approves in this
context.
---------------------------------------------------------------------------
For cargo accepted in the United States by an aircraft operator
under a full all-cargo program, or a foreign air carrier under Sec.
1546.101(e), this provision applies to each employee or agent
authorized to have unescorted access to cargo from the time the
regulated entity consolidates or inspects cargo until it is loaded on
an aircraft. TSA has determined that security procedures for these all-
cargo operations are best focused, and more efficiently applied, at
locations where cargo is consolidated or inspected. Reasons for this
determination include the layered security approach and the focus on
interdicting stowaways.
STA requirements for IAC employees and agents parallel measures
from both passenger and all-cargo aircraft operators. Each IAC employee
or agent who has unescorted access to cargo for transportation on a
passenger aircraft must have an STA. For transportation aboard an all-
cargo aircraft, each IAC employee and agent must have an STA, if the
IAC authorizes them to have unescorted access to cargo, from the time
the cargo reaches an IAC facility where the IAC consolidates or holds
the cargo.
Comment: A few commenters note that there seems to be a conflict
between proposed Sec. 1540.201 and proposed Sec. 1544.228;
specifically, proposed part 1544 includes a provision of applicability
of STAs to operators, but part 1540 does not. The commenters request
that TSA clarify the scope of these sections, recognizing that the
exclusion of all-cargo operators from Sec. 1540.201 may have been
inadvertent.
TSA response: TSA's omission of aircraft operators under a full
all-cargo security program in Sec. 1540.201(a)(1) was an oversight. We
have provided a technical amendment to that subparagraph, adding ``or
(h)'' to the end of the provision.
Operators' Responsibility
Comment: The Air Line Pilots Association International (ALPA) does
not support the STA requirement because ALPA favors requiring persons
with unescorted access to cargo to submit to a CHRC. ALPA argues that
under the proposed rules, TSA could approve for unescorted access to
air cargo an individual convicted of any of the 28 defined crimes
because his or her name does not appear on government-maintained lists
of individuals suspected of having a link to terrorism. ALPA states
that criminal history, financial status, and many other factors can be
indicators of an individual's character, reliability, maturity, and
susceptibility to compromise.
TSA response: TSA recognizes that there are a number of background
check techniques that potentially could be applied to various persons
in the supply chain. In accordance with our risk based, threat managed
approach; TSA has determined that requiring persons with unescorted
access to cargo to submit to an STA provides a significant enhancement
while limiting costs. We note that persons with more sensitive
positions, such as cargo screeners, are subject to CHRCs and additional
background checks.
Comment: Federal Express (FedEx) states, that in many cases, it
would be unlawful for operators to conduct background checks on persons
not directly employed by them. FedEx recommends requiring an operator
to conduct such checks only on its direct employees. FedEx also
expresses concern about requirements to have STAs for agents due to
possible labor and employment law issues.
FedEx also commented that for an IAC to fulfill this requirement,
it will have to maintain employee records for all the truckers and
warehousemen used by the IAC. Further, IACs will have to ensure that
their vendors provide them timely updates of changes in employment and
monitor unescorted access to cargo. FedEx believes that for the
majority of IACs this would be an impossible task.
Another comment supports the proposed section, but asserts that
carriers should not be responsible for completing third party STAs. The
commenter asserts that each entity should be responsible for completing
its own STAs, and TSA should be responsible for funding any new
background checks.
TSA response: Aircraft operators, foreign air carriers, and IACs
are responsible for carrying out all security measures as regulated
parties. They do so using employees and agents, as they choose. They
authorize unescorted access to cargo by agents and employees. Under
these regulations, however, these regulated parties are not responsible
for conducting the required background checks; rather they must ensure
that the necessary information about their employees and agents is
transferred to TSA for TSA to conduct the STA.
TSA has carefully examined the scope of the need for an STA. TSA
has revised the language of proposed Sec. Sec. 1544.228, 1546.213, and
1548.15 to pertain to those individuals specifically authorized to have
unescorted access to cargo. This final rule provides the aircraft
operator, foreign air carrier, and IAC latitude in authorizing
unescorted access to cargo in order to limit the number of persons
requiring an STA. The requirement for an STA does not extend to
employees or agents who are only near air cargo where the aircraft
operator, foreign air carrier, or IAC has in place other security
measures to control access to the cargo.
If a regulated entity uses a third party agent to meet its security
program requirements, which regulated entity is responsible for
ensuring that the third party has an STA, just as they are responsible
for other security duties their agents carry out. TSA is aware of no
conflict with other laws with regard to collecting STA information.
Comment: National Armored Car Association (NACA) states that
requiring additional background checks on employees, who have already
been investigated and certified by State agencies charged with
licensing security personnel, is redundant and wasteful. NACA suggests
that TSA accept certifications based on State investigations which
include FBI fingerprint examinations, and issue any necessary TSA
credentials based on these background checks.
[[Page 30482]]
The American Trucking Association states that placing direct
responsibility on operators to perform STAs on their agents,
contractors, or subcontractors places a substantial financial burden on
the operator and driver, and potentially will create a confusing,
frustrating, and unworkable system.
Other concerns of the American Trucking Association include whether
STAs are transferable (i.e., would follow the employee as he or she
changes employment), and how often individuals are required to renew
their security authorization. The American Trucking Association
proposes the use of TSA's Transportation Worker Identification
Credential as an alternative solution to implementing STAs on
individuals having unescorted access to air cargo.
TSA response: In general, TSA does not anticipate accepting the
background check of a private company or a state agency as comparable
to a CHRC or STA approved by TSA. The TSA STA checks intelligence
databases that are inaccessible to the private sector and not widely
used by state agencies. As mentioned under Sec. 1540.201, STA
requirements apply to those aircraft operators, foreign air carriers,
and IAC employees and agents who are authorized and required to handle
air cargo in the performance of their duties. STA requirements do not
apply to employees and agents who have only incidental access to air
cargo, or employees and agents who are required to submit to another
TSA-approved STA, such as TSA HAZMAT driver's license requirements.\10\
TSA will consider accepting other TSA-approved STAs, such as the
Transportation Worker Identity Credential upon broader implementation
of its use.
---------------------------------------------------------------------------
\10\ See 70 FR 22268 (Apr. 29, 2005), to be codified at 49 CFR
part 383.
---------------------------------------------------------------------------
Consistent with TSA policy on transferability of a CHRC conducted
for unescorted access authority to a SIDA, an employee or agent who has
successfully completed an STA for one employer need not complete it for
another employer if the employee or agent has been continuously
employed in a position that requires an STA. Additionally, as detailed
in the response to the first comment on `Notification' below, there is
no requirement to renew an STA as long as the STA-holder qualifies as
continuously employed. TSA will provide further guidance to aircraft
operators, foreign air carriers, and indirect air carriers upon
request.
Notification
Comment: Several commenters note the potential lengthy turn-around
time for STA notifications under Sec. 1540.205 and recommend that TSA
include a time frame in which it will make the notification. Many of
these commenters propose that TSA should specify an anticipated
response time of 10 working days to provide authorization or initial
denial to submitted STAs. One commenter notes that TSA will need to
increase staffing to handle the impact of processing the STAs in a
timely manner.
The American Trucking Association commented that the proposed rule
excludes certain employers from receiving STA results on their drivers.
Without employer notification, trucking companies are unable to make
informed personnel decisions regarding their drivers. The American
Trucking Association recommends amending this section to include
notification to the individual, operator, and employer.
TSA response: TSA agrees that an anticipated response time of 10
working days in providing authorization or initial denial is
appropriate and achievable in most cases. While some individual
situations may require a longer timeframe for adjudication, TSA should
provide the vast majority of approvals well within 10 working days. TSA
further notes that once it approves an STA, by issuing a
``Determination of No Security Threat'', the STA will remain valid for
an employee or agent from one job to another in accordance with
Sec. Sec. 1544.228(b)(2), 1546.213(b)(2), and 1548.15(b)(2), and
consistent with TSA policy on continuous employment for holders of
unescorted access authority to SIDA. However, TSA notes that the
regulated party and the agent's direct employer are not prohibited from
communicating about the notification.
Appeals Procedures
Comment: The Airport Consultants Council proposes new language to
clarify the requests for materials under the appeals procedure of Sec.
1540.207(c)(1).
TSA response: Rather than adopt new language, TSA revised Sec.
1540.205(c)(4) by adding a cross-reference to Sec. 1540.207. Section
1540.207(c) allows an appeal, including a written request for
materials, within 30 days of receipt of the ``Initial Determination of
Threat Assessment'' from TSA.
STA Fee
Comment: United Parcel Service (UPS) states that they already
conduct extensive background checks, including checking all airline
employees against Federal governmental watch lists. If the TSA check
merely duplicates what the air carrier already is doing, UPS contends
there is no need for TSA to conduct the test and for the air carriers
to pay the fee under Sec. 1540.209. UPS suggests that if TSA wants
additional name checks with the proposed STA, then TSA should add the
additional checks to the current listings and let the air carriers run
them. This method does not place additional costs on TSA or the air
carrier because the programming and personnel already are in place.
Additional commenters request clarification on the procedures
involved in an STA, because they do not understand the nature of the
analysis or the basis of the $39 cost figure in the NPRM. The
commenters believe that the proposed cost for the STA is excessive,
given the cost of the comparable and more extensive CHRC checks.
The Air Courier Conference of America (ACCA) and Purolator Courier
oppose the fee, and state that TSA should carefully define the
applicable population before it requires any new screening. They
recommend that TSA conduct the screening against watch lists and the
National Crime Information Center.
FedEx states that, the new STA program will, contrary to TSA's
expectations, increase both direct and indirect costs. They state that
the direct cost of $39 for each STA is significantly more than the
average cost of a CHRC. In addition, FedEx contends that the name-based
methodology of an STA will result in indirect costs resulting from
operational delays and disruptions due to false positives. FedEx argues
that such indirect costs will exceed those that currently result from
the CHRC.
Like UPS, FedEx believes that air carriers should not have to pay
TSA or another party to do something that they are already doing. The
International Air Transport Association (IATA), Yellow Roadway, British
Airways, Delta, and other commenters oppose the fee proposed in this
section and believe that it is the Government's responsibility to
provide protection from terrorists and to absorb any costs related to
the STAs.
TSA response: Private companies do not have access to all of the
intelligence databases that TSA will use to conduct STAs. Further, TSA
must make judgments as to the information received from the databases,
which it has the expertise to apply. Accordingly, TSA has decided to
conduct the STAs. Statutory provisions \11\ require that
[[Page 30483]]
industry should reimburse the agency for direct costs associated with
accomplishing STAs. The STAs will not duplicate checks that the
carriers are already accomplishing, as TSA has access to a variety of
Government watch lists that are not appropriate for dissemination to
the private sector. The $39 fee referenced in the NPRM assumed TSA
would need to pay the FBI for access to the FBI's Automated Case System
files. Subsequent to NPRM publication, TSA decided not to include the
Automated Case System component in its STA. With increased vetting and
credentialing experience, TSA has refined the necessary threat
assessment sources to be included. As a result, the revised STA fee is
$28.
---------------------------------------------------------------------------
\11\ Department of Homeland Security Appropriations Act, 2004,
Sec. 520 (Pub. L. 108-90, Oct. 1, 2003, 117 Stat. 1137).
---------------------------------------------------------------------------
The rule provides for a phased-in implementation for compliance
with the STA requirements. Regulated entities may mitigate delay in
processing by timely submitting the STA application. Subsequent to the
compliance date, any possible delay due to a false positive would occur
prior to the applicant's authorization to have unescorted access to
cargo. These new hires would constitute a small portion of the entire
population subject to the STA. TSA expects that the percentage of false
positives among these new hires will be minimal. Further, TSA analysts
will be able to resolve most false positives quickly within the
anticipated time frame for returning results.
Section 1546.213 STAs for Cargo Personnel in the United States
Comment: Japan Airlines wants TSA to clarify whether this section
would require foreign air carrier employees to undergo STAs or other
checks when accessing off-airport facilities, despite the non-
application of SIDA-like requirements to such facilities. Nippon Cargo
Airlines asks if the rule will apply only to new employees or if it
will affect existing employees.
TSA response: Foreign air carrier employees and agents within the
United States are subject to the same requirements off-airport as
corresponding U.S. aircraft operator employees and agents.
If the foreign air carrier authorizes its employee or agent to have
unescorted access to cargo at an off-airport facility and this facility
is used to consolidate or inspect cargo until it is loaded on the
aircraft, or an employee or agent accepts cargo from a known shipper,
then the requirements of Sec. 1546.213 apply. The requirements apply
to both new and existing employees and agents who have unescorted
access authority granted by the foreign air carrier.
Section 1548.15 STAs for Individuals With Unescorted Access to Air
Cargo
TSA received 15 comments on this section. Most commenters have
doubts about the responsibilities of IACs regarding this rule. They
want to know who will need the STA and whether the requirements are
retroactive for current employees.
Comment: Atlanta-Hartsfield International Airport (ATL) asks if
this requirement includes personnel in the manufacturing and shipping
phase of preparing air cargo, and if so, whether an IAC will be
responsible for filing an STA application on each loading dock employee
and transport driver in the shipping chain. ATL also asks if these
requirements are retroactive for current IAC employees or other cargo
related businesses, and if so, for how many years into the past and how
soon will the applications need to be filed.
TSA response: The STA requirements apply to those aircraft
operator, foreign air carrier, and IAC employees and agents who are
authorized to have unescorted access to air cargo in the performance of
their duties. Manufacturing or shipping personnel would only be
required to have an STA if they are acting as an agent and have
unescorted access to cargo for an aircraft operator, foreign air
carrier, or IAC.
Current IAC employees and agents are required to complete an STA
successfully. TSA is providing 180 days from the date of publication of
this rule for aircraft operators, foreign air carriers, and IACs to
comply with the STA requirements.
Comment: Air Courier Conference of America (ACCA) asks to which
employees this section will apply, and why some employees will need to
undergo a background check against TSA's lists while others may undergo
a CHRC. They note that most ACCA members already check employee names
against the ``no fly'' and ``selectee'' watch lists as a standard
element of their Security Directives, and as an added safeguard.
TSA response: This rule requires STAs within the United States for
employees and agents authorized by aircraft operators, foreign air
carriers, and indirect air carriers to have unescorted access to cargo.
Persons who have CHRCs for unescorted access authority to a SIDA
already have undergone TSA name-based checks comparable to the STA and
therefore will not have to undergo another one.
Comment: ATA supports a reasonable extension of STAs for IACs, but
warns of significant potential for system disruptions, unless TSA
defines IAC and air carrier responsibilities with regard to STA
clearance. ATA asserts that air carriers cannot be responsible for
ensuring the clearance of each IAC handler who may have contact with
cargo before the delivery to the air carrier. ATA believes that this is
not a workable process given the inherent time sensitivities in air
cargo transport, the number of IACs providing cargo to air carriers,
and the nature of an IAC's workforce scheduling.
TSA response: TSA inspectors verify IAC compliance with STA
requirements in the normal course of regulatory compliance inspections.
Air carriers are not required to verify the IAC's compliance as part of
the air cargo acceptance process.
Comment: National Customs Brokers and Forwarders Association
(NCBFAA) questions whether longtime employees, and licensed customs
brokers, many of whom are also IACs and certified by U.S. Customs and
Border Protection (CBP) under the Customs-Trade Partnership Against
Terrorism program (C-TPAT), are subject to STA requirements. NCBFAA
believes that these employees have proven their reliability and
conscientiousness on security matters and it would be inefficient and
unnecessary to subject them to background checks. NCBFAA recommends
that TSA either exempt individuals previously approved by the CBP, or
work with CBP to harmonize their respective screening processes. NCBFAA
also proposes that TSA exempt IAC employees with a certain level of
experience. NCBFAA believes it would be redundant to require a second
DHS screening for many IAC employees. In addition, the NCBFAA
recommends that TSA limit STA screening to a five-year period for
persons who remain in good standing.
TSA response: TSA will not exempt any employee from STA
requirements based on length of service. TSA believes that performing
background checks on individuals playing critical roles in the air
cargo supply chain is a necessary step in ensuring aviation security.
TSA currently is working with other DHS components to consider
background checks performed by those components to determine if they
are comparable to checks performed by TSA. Regulated entities will be
able to refer to their security programs as provided by TSA for
information on comparable checks. Regulated entities have incentive to
determine whether an applicant has already completed a comparable check
because the employee would not have to wait for clearance for
unescorted access to cargo. Also TSA is providing in security programs
that regulated entities
[[Page 30484]]
must accept the comparable check in lieu of the STA.
II.B. Acceptance and Screening of Cargo
Comment: The majority of commenters on Sec. Sec. 1544.205,
1546.205, and 1548.9 regarding inspection and screening of cargo are
not sure how to accomplish compliance.
TSA response: Specific Sensitive Security Information (SSI)
measures will be proposed as amendments to airport, aircraft operator,
foreign air carrier, and IAC security programs. The contents of these
programs are not appropriate for public disclosure as part of this
rulemaking. TSA is providing airport operators, aircraft operators,
foreign air carriers, and IACs the opportunity to comment on the
proposed amendments to their security programs upon issuance, and
before the effective date of this final rule. It is helpful to note
that many of these measures already appear in current Security
Directives and security program requirements.
Comment: UPS, ATA, Regional Airline Association (RAA), and Cargo
Airline Association (CAA) state that Sec. 1544.205(a) and (b) are
imprecise and redundant, and propose alternative language to
consolidate the paragraphs.
TSA response: Paragraph (a) of Sec. 1544.205 provides the general
requirement and performance standard for carriage of cargo. Paragraph
(b) provides the specific requirement for screening and inspecting
cargo. Other paragraphs provide other specific requirements. The
revision also extends those requirements to all-cargo aircraft
operations with a maximum certificated take-off weight (MTOW) of more
than 45,500 kg (100,309.3 lbs.). These paragraphs do not provide
details of how these requirements must be met, because such details are
Sensitive Security Information under 49 CFR part 1520 and are contained
in security programs that are available only to persons with a need to
know.
Comment: Several commenters oppose requiring regulated entities to
refuse cargo for transport if the shipper does not consent to screening
and inspection of the cargo under Sec. Sec. 1544.205(d) and
1546.205(b). They state that high cash value cargo, such as jewelry,
currency, bullion, and other sensitive cargo, is shipped in sealed
containers that cause damage or losses to cargo when opened. They
suggest additional consideration and industry input on how to deal with
these situations and ask whether the Government will provide
indemnification if damage occurs during inspection by the Government or
Government contractor personnel.
TSA response: Regulated entities must refuse to transport cargo as
required under, and consistent with, their security programs. TSA
understands that requiring shippers, like drug companies, to consent to
inspection of cargo is problematic. TSA agrees that the screening of
certain types of cargo present unique challenges, and recognizes the
safety and security concerns related to screening such cargo. TSA
revised the wording in sections that require consent to screen cargo,
and provides specific exceptions and alternative procedures in the
proposed security program amendments for shipments whose contents would
be damaged or compromised if the aircraft operator inspected the cargo.
These procedures largely will be transferred from current Security
Directives that address these concerns for later consideration in
amendments to applicable security programs.
Comment: NACA and NATA ask if the terms ``inspect'' and ``screen''
are interchangeable.
TSA response: The terms ``inspect'' and ``screen'' are not
interchangeable. Generally, screening means the systematic evaluation
of a person or property to assess whether either poses a threat to
security. TSA interprets inspection as a subset of screening. An
inspection is a method of conducting such an evaluation, but is not the
only method. For instance, the known shipper program is an information-
based method of screening. The known shipper program involves the
screening of cargo based upon information known to an aircraft
operator, foreign air carrier, or indirect air carrier about the
shipper of the cargo. Additionally, a certain percentage of that cargo
is inspected for the presence of persons and any unauthorized
explosives, incendiaries, and other destructive substances or items.
TSA will provide specific guidance to regulated entities in their
respective security program amendments.
Comment: FedEx wants TSA to clarify that the proposed rule does not
require or authorize TSA to impose any additional screening beyond the
screening they already are doing under SDs and security program
amendments. Several all-cargo air carriers ask if TSA will bear the
costs of the screening workforce and equipment required under Sec.
1544.205, and want TSA to clarify who has the responsibility for
screening cargo.
TSA response: Aircraft operators incur the cost for the screening
of cargo transported aboard their aircraft and must comply with the
procedures for screening incorporated in their security programs.
Specific screening requirements are promulgated in amendments to such
programs and regulated parties are provided the opportunity to comment
on these amendments, as appropriate.
Regarding screening of cargo for transportation aboard passenger
aircraft, 49 U.S.C. 44901(a) provided an exception for Federal
screening for the known shipper program. The inspection of a portion of
known shipper cargo is considered a part of the known shipper program
and need not be conducted by Federal employees. This rule does not
address the amount or type of cargo screening that is required. TSA
will respond to changing conditions as needed. Additionally, TSA is
considering whether the current system for selecting cargo for
inspection will be changed with the TSA Freight Assessment System
(FAS). The FAS might be used to identify cargo posing an elevated risk
for the application of security measures in the aircraft operator's
security program.
Comment: FedEx, UPS, CAA, and ATA note that Sec. 1544.205(e)
appears to prohibit the acceptance of cargo for air transportation from
a variety of retail outlets, such as the UPS Store, FedEx, Kinko's, and
other authorized shipping outlets. The commenters note that these
outlets are neither the shipper nor an entity specifically mentioned
with a comparable security program under Sec. 1544.205(e). However,
the commenters believe that the exception under Sec. 1544.205(e) will
permit them to continue to accept cargo from these retail outlets as is
currently allowed in their security programs. The commenters want TSA
to clarify that this is, in fact, TSA's intention. Further, if this is
not the intention of TSA, they recommend excluding carriers operating
under all-cargo programs from the application of this section, and
propose using the following language for Sec. 1544.205(e): ``Each
aircraft operator operating under a full program or an all-cargo
program may accept cargo for air transportation on a passenger air
carrier only from a known shipper, or from an aircraft operator,
foreign air carrier, or IAC operating under a security program under
this chapter with a comparable cargo security program.''
TSA response: Aircraft operators under a full all-cargo security
program are not prohibited from accepting cargo from retail entities as
described in these comments. Under these rules, such retail outlets may
operate either under an IACSSP, or as an agent with security
responsibilities under the aircraft
[[Page 30485]]
operator's security program. For a further discussion of the
differences between IACs and agents of aircraft operators, please see
the Section-by-Section Analysis for Sec. 1548.5.
Comment: UPS, CAA, ATA, and others commenters express concern about
the extraterritorial applicability of Sec. 1544.205(f). CAA states
that the rule seems to apply to international air cargo movements and
notes that commercial realities and foreign government resistance make
the application of this rule unattainable. UPS wants TSA to clarify
this section to recognize that foreign law may limit the extent to
which carriers may be able to comply with security programs outside the
United States. ATA states that foreign countries may impose screening
requirements that differ and even conflict with those in the carrier's
security program and recommends that TSA permit air carriers to comply
with either the security programs imposed by the foreign country or
those contained in the TSA-approved security program.
TSA response: TSA recognizes, as indicated by the commenters, that
the imposition of regulatory requirements on a U.S. aircraft operator
operating from foreign locations may be impacted by the legal
requirements applied by the host government at such foreign locations.
The requirement for a U.S aircraft operator to screen cargo at foreign
locations is no different from any other current or proposed aviation
security requirement placed upon a U.S. aircraft operator operating
outside the United States. The specific security program mandates for
the screening of cargo outside of the United States take into
consideration cargo security restrictions, as well as requirements
mandated at some foreign locations.
Comment: Several smaller air carriers state that they cannot comply
with the proposed rule requirement to open packages before loading at
unsecured airports.
TSA response: This rule codifies requirements for screening that
already are in place through SDs and security program amendments. The
fact that an aircraft operator operates at an airport without a
security program has not been found to inhibit screening.
Comment: Several airport operators and air carriers ask how to
accomplish screening at rural airports.
TSA response: Each aircraft operator and foreign air carrier
security program must take into consideration the different locations
at which cargo must be screened. Aircraft operators and foreign air
carriers must conduct screening at rural airports in accordance with
the specific requirements of their security programs.
Acceptance and Screening of Cargo From Locations Outside the United
States
Comment: Association of Asia Pacific Airlines (AAPA), British
Airways, Association of European Airlines (AEA), and Singapore Airlines
state that Sec. 1546.205 lacks provisions regarding the acceptance and
recognition of National Aviation Security Program requirements that
many foreign airlines use. They recommend standardizing requirements
for acceptance and screening of cargo, and implementing threat-based
measures for inspection of cargo.
TSA response: TSA continues to recognize National Aviation Security
Programs of foreign countries in accepted security programs.
Comment: Several commenters, including British Airways, IATA, and
AEA want TSA to clarify the term comparable security program in Sec.
1546.205(e), and ask what this term includes. In addition, these
commenters recommend amending Sec. 1546.205(f) to clarify that it
applies only to cargo loaded outside the United States that is destined
for the United States and that foreign air carriers may accept cargo
destined for the United States from any lawful entity, subject to a
compatible National Aviation Security Program as approved by the
carrier's national government.
TSA response: A comparable security program includes cargo security
measures identical or equivalent to those required of the accepting
aircraft operator or foreign air carrier. If the transferring aircraft
operator, foreign air carrier, or IAC, has performed these cargo
security measures, there is no further need for the accepting aircraft
operator or foreign air carrier to repeat those measures. For instance,
for transfers to aircraft operators with a full program, TSA will
consider such security measures as: Whether the known shipper program
was applied, from whom the operator accepted the cargo, the type of
cargo screening or inspection that was done, and other relevant
security measures.
Overall, part 1546 applies to the operation, landing, or taking off
within the United States of a foreign air carrier. Only cargo destined
to, or transported through, the United States is subject to this final
rule when loaded at a foreign airport. Section 1546.205(f) requires
that foreign air carriers subject to this part carry out the
requirements of their security programs. Section 1546.101 applies where
a foreign air carrier lands or takes off in the United States.
Acceptance of Cargo by an Indirect Air Carrier
Comment: Most comments to Sec. 1548.9 support this section and
recommend that TSA allow IACs to screen cargo provided they demonstrate
the capability to do so. The Yellow Road Corporation expresses concerns
about the costs and redundancy associated with enforcing cargo security
requirements for IACs, and recommends the adoption of varying levels of
cargo screening with emphasis on loading cargo on the aircraft. IBM
wants clarification on the requirement to obtain the shipper's consent
to search or inspect cargo, and suggests allowing the shipper to give a
blanket authorization to the IAC as part of its contract.
TSA response: While TSA does not state in which manner the
shipper's consent to search or inspect cargo be obtained, it does
require that the consent be explicit and in writing. TSA allows
aircraft operators, foreign air carriers, and IACs to manage the
collection of consent to search in a manner consistent with individual
operational needs. The regulations allow a shipper to provide a blanket
authorization, as proposed by IBM.
II.C. Security Identification Display Area (SIDA)
Comment: American Association of Airport Executives (AAAE)
disagrees with TSA's assessment that airports easily will be able to
extend SIDAs to areas where cargo is loaded and unloaded under Sec.
1542.205. AAAE states that the rule does not adequately address the
complexities of expanding SIDAs at airports with diverse operational
configurations, property ownership, and jurisdictional control.
Aircraft Owners and Pilots Association (AOPA) states that while
this rule may not impose direct mandates for general aviation areas at
airports regulated by TSA under 49 CFR part 1542, AOPA is concerned
that the practical implementation of this requirement will result in
SIDA requirements in many general aviation areas. In addition, AOPA
notes that many airports specifically exclude general aviation areas
from the SIDA because of time and distance separation from the air
carrier areas. This layered approach to security limits access points
and the number of individuals needing the background check and
identification requirements for the SIDA, and establishes clear
distinctions of security areas.
[[Page 30486]]
AOPA recommends using the standard of the operational area of the
aircraft principle for air cargo operations at part 1542 regulated
airports, similar to that proposed for operations at non-part 1542 TSA
regulated airports. AOPA further states that the operational area of
the aircraft should include the immediate footprint of the cargo
aircraft and handling area, with a procedure to limit unauthorized
persons near the aircraft while it is being loaded and unloaded, but
not the entire ramp.
The Department of Transportation of Alaska states that this final
rule will require CHRCs for most people working at an airport, and
contends that expansion of the CHRC requirement will not effectively
increase security for air cargo.
TSA received some comments that relate to the fact that areas
designated as SIDAs primarily are subject to airport operator control
rather than aircraft operator control.
CAA states that expansion of the SIDA is not the best way to secure
the area surrounding cargo aircraft. It further asserts that the ASAC
Working Groups did not recommend such a SIDA expansion, but rather
recommended the imposition of SIDA-like requirements on air carriers
operating from these cargo areas. CAA, UPS, DHL, and FedEx comments
that the difference is significant from an operational, but not a
security, standpoint, noting that it is essential that the all-cargo
air carriers retain access control so they can carry out their
requirements and internal company procedures. CAA recommends requiring
air carriers to amend security programs to include SIDA-like measures
at non-SIDA operational areas of U.S. airports where cargo is loaded or
unloaded from aircraft.
FedEx states that this section extends SIDA requirements to areas
where operators sort loaded or unloaded cargo on airport grounds.
However, Sec. 1542.205(a)(2) does not contain this important language.
FedEx recommends adding the phrase ``on airport grounds'' after every
reference to ``each area'' in the rule to clarify that facilities such
as FedEx stations, world service centers, and non-airport sort
locations are not to be included in SIDAs. UPS also proposes extensive
revisions to this section.
Airports Council International-North America (ACI-NA), ATA, and RAA
do not support the extension of SIDA requirements. They state that the
language is very broad and could potentially extend SIDA requirements
far beyond what is necessary to ensure air cargo security. They
recommend amending the SIDA requirements only to airport areas used to
load or unload cargo from aircraft.
The Miami International Airport, Atlanta-Hartsfield International
Airport, ACI-NA, and the Airports Consultants Council agree that the
new requirement will enhance the overall level of security, but only if
designated in those areas under airport control. They argue that the
SIDA should begin at the wall of the cargo facility adjacent to the
airside ramp locations. The commenters also oppose requiring airports
to extend, or enforce the security of the SIDA into tenant-leased
facilities.
Eleven small aircraft operators, AOPA, and Regional Air Cargo
Carriers Association (RACCA) express concern about extending SIDA to
cargo operating areas. The commenters state that the SIDA extension is
impractical for aircraft operating under the TFSSP, since operations
are conducted on common public areas like the general aviation and FBO
ramps, and it would be impossible to extend SIDA requirements to these
areas. The Juneau International Airport asks to designate dual use
areas that are SIDA only during times that the cargo activity is
performed, and asks if SIDA need to be contiguous. The Anchorage
International Airport recommends allowing the local FSD to determine
which areas, if any, need to be classified as SIDAs.
TSA response: TSA has determined that measures to prevent
individuals from gaining unauthorized access to the cargo operations
area are necessary to prevent tampering with the aircraft or the cargo
and to remove a potential access point for stowaways. TSA considered
requiring aircraft operators and foreign air carriers in all-cargo
operations to implement SIDA-like requirements. However, TSA has
determined that airport operators with security programs under 49 CFR
1542.101(a) are able to implement more efficiently the requirements to
extend SIDAs.
These airports are better positioned with the necessary
infrastructure to provide security measures, as they are able to
leverage the existing resources that support SIDAs currently in place.
Airports also will be able to rely on, or more easily expand, existing
identification media and security check capabilities, law enforcement
support, and training programs.
TSA considered limiting the extension of SIDAs to areas of a ramp
where cargo is loaded or unloaded from the aircraft. However, the
inside of facilities where cargo is sorted, stored, staged,
consolidated, processed, screened or transferred, present numerous, and
perhaps more, opportunities for someone to tamper with the cargo just
before it is loaded onto an aircraft.
TSA also considered extending the SIDA requirement for similar
cargo areas off-airport. TSA determined that the complexity and cost of
applying these measures off-airport would be too great because they
lack existing resources to expand. These off-airport locations would
disproportionately incur significant start-up costs.
Accordingly, the final rule provides that SIDA security measures
must be extended to secured areas and air operations areas that are
regularly used to load cargo on, or unload cargo from, an aircraft
operator under a full or full all-cargo program as provided in Sec.
1544.101(a) or (h), or under a foreign air carrier program under Sec.
1546.101(a), (b), or (e). Adoption of a security program under these
sections applies to operation of an aircraft with an MTOW of more than
45,500 kg (100,309.3 lbs.). The requirements do not extend to areas
used by aircraft with an MTOW of more than 12,500 lbs., but not more
than 45,500 kg (100,309.3 lbs.).
Additionally, the SIDA security measures must be extended on an
airport to areas where cargo is present after an aircraft operator,
foreign air carrier, or indirect air carrier accepts cargo. In
particular, this includes inside buildings such as cargo facilities,
loading and unloading vehicle docks, and other areas where an aircraft
operator, foreign air carrier, or indirect air carrier stores, stages,
consolidates, processes, screens, or transfers cargo. As clarified in
Sec. 1542.205(a)(3), the SIDA is not required to include access routes
between the perimeter entry point of the airport and the cargo
facility, or one of these other locations, for the purpose of
transporting cargo to or from an aircraft operator, foreign air
carrier, or indirect air carrier.
There may be areas within a cargo facility that do not need to be
SIDAs. For example, some parts of cargo facilities are not restricted
to employees and agents of an aircraft operator, foreign air carrier,
or indirect air carrier. These areas may have a counter where one of
these operators accepts cargo from shippers, or the shipper's agents.
The area leading up to this counter need not be a SIDA if there is no
cargo in these areas that already has been accepted. Additionally, on a
limited basis other security measures, such as access control measures
or active and continuing surveillance or monitoring, may mitigate the
need for SIDA in areas where an operator's customer or the
[[Page 30487]]
customer's agent is present to tender cargo.
Each airport security program will specify the actual limits of the
cargo operations area to be included in a SIDA, subject to review and
approval by TSA. Amendments to security programs may address the
particular circumstances of an airport's layout and operations and
accommodate other aviation operations to the extent practical. Note
that under Sec. 1542.111, an aircraft operator or foreign air carrier
may enter into an exclusive area agreement with an airport operator to
take responsibility for the SIDA.
Additionally, under Sec. 1542.111 TSA encourages airports to grant
an aircraft operator's request to enter into an exclusive area
agreement for the inside of a building of any cargo facility on its
airport where cargo is present after the aircraft operator accepts the
cargo. For example, TSA recognizes that some aircraft operators may
have buildings that house their own operations and they have an
interest in maintaining their own security systems. In such cases, the
aircraft operator may elect to carry out the requirements for the SIDA
inside the building rather than the airport operator doing so.
Airport operations are able to use existing procedures and
resources to cover these new SIDAs and will not need to create
different procedures and resources in order to comply with the
requirements of this final rule. This approach also ensures that common
standards apply on these airports.
In contrast, airports that are not required to have security
programs under part 1542 are not required to create SIDAs. At these
airports, TSA requires aircraft operators under full all-cargo security
programs to prevent unauthorized access to the operational areas of the
aircraft, rather than requiring the airports to create SIDAs and
corresponding support structures. TSA determined that requiring these
airports to create SIDAs would necessitate that they adopt TSA-approved
security programs.
TSA declined to extend the scope of these regulatory requirements
to entities that currently do not have TSA-approved security programs.
TSA determined that requiring aircraft operators to meet the security
requirements of Sec. 1544.225 would provide the greatest operational
flexibility at airports that do not have TSA-approved security
programs.
Many commenters appear to have interpreted the proposed
requirements to extend the airport SIDA to cargo operations areas in
Sec. 1542.205(a)(2) as applying to off-airport facilities or general
aviation areas where cargo may be loaded on or unloaded from smaller
all-cargo aircraft. TSA is reiterating the intent of the proposal and
clarifying the applicability of this section by modifying the proposed
language in the final rule. As stated in the NPRM ``[t]he SIDA would
only be extended to areas on airport grounds.'' \12\ Part 1542 only
applies to airports.
---------------------------------------------------------------------------
\12\ 69 FR 65270 (Nov. 10, 2004).
---------------------------------------------------------------------------
TSA's intent in expanding the SIDA is to deny unauthorized
individuals access to the cargo operations areas in order to prevent
tampering with the aircraft and cargo and to deny a potential access
point for stowaways. TSA believes that expanding the SIDA will
minimally affect areas where general aviation aircraft operate.
However, TSA acknowledges that each airport is different and some
consideration must be given to how SIDA expansion affects general
aviation. Each Federal Security Director has authority to work with
airport operators to design the SIDA based on local airport
characteristics and security requirements.
In response to a question by Juneau International Airport, there is
no requirement that SIDAs for cargo operations be contiguous with other
SIDAs at the airport. For instance, TSA understands that some airports
have SIDAs where passenger operations are conducted that are on the
opposite side of the airport from areas where cargo operations are
conducted. The area between these locations may not need to be a SIDA.
Comment: UPS recommends that TSA require airports with electronic
fingerprint equipment to accept the aircraft operator's and IAC's
Submitting Office Number to reduce the costs to the aircraft operator
and IAC. UPS states that the Submitting Office Number allows the
aircraft operator and indirect air carrier to be billed directly for
the CHRC and to identify where the results should be routed.
Additionally, UPS states that it is impractical for aircraft operators
and indirect air carriers to have electronic fingerprint equipment at
all locations for employees that need a CHRC.
TSA response: TSA does not prohibit airport operators from
electronically submitting requests for a CHRC by an aircraft operator
using that aircraft operator's Submitting Office Number. TSA does not
regulate how airports use their equipment in this context. However,
IACs are not authorized to conduct CHRCs under this rule.
II.D. Known Shipper Program
Comment: Several IACs and the National Industrial Transportation
League request that TSA clarify issues surrounding accessibility of the
proposed known shipper database and recommend the establishment of a
central database managed by TSA. In addition, the commenters seek
clarification from TSA on how, and to what extent, air carriers'
internal systems would be able to interface with the database.
TSA response: TSA agrees, and has developed a centralized database
of known shippers.\13\ This database is available to the regulated
parties. Participating aircraft operators, foreign air carriers, and
IACs verify shippers against the database. If the shipper is known in
the system, an IAC may offer the cargo for transport to, and the
aircraft operator or foreign air carrier may transport their cargo on,
a passenger aircraft. The regulated parties may access the system
through a web-based portal or by establishing direct access through
their air cargo management system.
---------------------------------------------------------------------------
\13\ This database is covered under the Privacy Act system of
records notice. Transportation Security Threat Assessment System
(DHS/TSA 002), which was published in the Federal Register on
September 24, 2004, and amended on December 10, 2004. It can be
found at 69 FR 57348, 57349 and at 69 FR 71837.
---------------------------------------------------------------------------
Comment: A number of commenters believe that the known shipper
program should be a TSA-operated function, in order to protect
commercially sensitive information. The commenters believe that TSA
should establish specific requirements for inclusion in the known
shipper list or database, vet shippers for inclusion in the program,
populate and maintain the list or database, and make provision for
automated verification of shippers against the database.
TSA response: TSA agrees that the operation and management of the
known shipper database is a TSA function. However, TSA believes that in
order to maintain the carrier's domain awareness and client-vendor
relationship, the regulated parties, and not TSA, should perform
submissions of known shipper data for inclusion in the database. TSA
vets shippers in the database via electronic means. Regulated parties
are automatically able to verify shippers against the database through
a direct access linkage of their air cargo management system to the
known shipper database.
Comment: UPS and FedEx oppose requirements under Sec. 1544.239 to
submit known shipper information to a mandatory database. They state
that use of the database will diminish rather
[[Page 30488]]
than enhance security, and question the ability of the TSA database to
process the volume of requests and the number of shippers that will be
added to the system. In addition, they argue that their competitors
could use the database in a manner that would promote unfair
competition, and that the servers supporting the database could become
inoperable at inopportune times. FedEx states further that the web-
based known shipper database will not necessarily be technologically
compatible with existing Information Technology (IT) infrastructure and
operational demands. UPS wants TSA to treat all information in the
database as SSI, and apply stringent privacy protections.
ATA supports the concept of a centralized known shipper database,
if the database is secure, transparent to authorized users, accurate,
and efficient. ATA states that, at times, the current database is not
easily accessible through carrier computer systems and needs a
standardized query vehicle, such as a unique identifier for each
shipper. ATA states that a mandatory, centralized clearance system
raises many questions and challenges for all-cargo carriers not
discussed by the ASAC Cargo Working Groups. Therefore, ATA recommends
creating a separate task force to examine issues relating to whether
all-cargo carriers should participate in the centralized database
because of the significant ramifications for the industry. ATA
recommends also that TSA fund all carrier costs associated with
participation in the known shipper program.
TSA response: TSA believes that the known shipper database will be
able to handle the volume of queries. Regulated entities will not be
required to have each satellite location equipped with a direct
connection to TSA. Rather, these locations may work through a single
corporate point of contact.
TSA understands that some operators have expressed concerns that
the database may be used in a manner inconsistent with fair
competition. TSA notes that regulated entities with access to the
database will not be able to produce the entire list of known shippers
in a single query. Rather, regulated entities will only be able to
confirm a single known shipper at a time. Additionally, TSA notes that
it will soon be far less costly for customers to become known shippers
with the transition to TSA-vetting. At present, each regulated entity
must invest time and effort in making customers known shippers. In the
future, TSA will transition this system to allow regulated parties to
request that TSA verify that a shipper may be a known shipper.
Accordingly, there will be fewer competitiveness issues. TSA remains
sensitive to issues of connectivity and competitiveness, and will
continue to work with interested stakeholders as we develop these
systems.
Currently, the known shipper database employs a verification
process to match the information submitted to other publicly available
information and for maintaining data integrity. TSA believes that the
use of the known shipper database will expedite the process of shipper
verification, while providing the Government the necessary tools to vet
shippers adequately before the transportation of cargo on a passenger
aircraft.
Air carriers will be able to maintain their current systems and
practices, such as the manner in which they flag known shippers within
their own systems. In addition, TSA believes that the aviation industry
benefits from the reduced time it will take to convert a shipper from
unknown to known.
TSA disagrees that a centralized database weakens air cargo
security. A Government-owned and -managed database that contains all
known shippers affords TSA the opportunity to further vet known
shippers, evaluate the threat posed by those who use the air
transportation system to move goods before the goods are loaded on
passenger aircraft and improve efficiency in vetting known shippers.
The database treats information that aircraft operators, foreign air
carriers, and IACs submit as SSI. TSA will continue to work with
regulated parties who have concerns about system continuity and issues
of competitiveness as we further develop these systems.
Comment: One commenter proposes merging known shipper and the
Automated Export System (AES) databases to avoid redundancy.
TSA response: The AES is a joint venture between Federal agencies
and the export trade community. It is the central point through which
export shipment data, required by multiple agencies, is filed
electronically with CBP, using an electronic interchange.
TSA and CBP are working on the development of TSA's Freight
Assessment System. TSA is looking at ways to leverage CBP's systems in
order to avoid duplication of effort. TSA will study the feasibility of
merging the known shipper database with CBP's AES as part of this
effort.
Comment: Several commenters request that TSA clarify the criteria
to establish a shipper as a known shipper. Other commenters request
that TSA clarify whether the definition will be uniform for all types
of freight and that TSA indicate whether it will expand the known
shipper program to include small aircraft operators.
TSA response: The specific criteria that TSA uses for the known
shipper program are SSI. TSA does not disclose specifics of the
criteria in public documents. The shipper itself does not have a need
to know the criteria. Rather, aircraft operators, foreign air carriers,
and IACs contact the shipper to qualify it as a known shipper. Known
shipper program requirements only apply to the transportation of cargo
on: (1) A passenger aircraft under a full program; (2) a passenger
aircraft operated by a foreign air carrier under Sec. 1546.101(a) or
(b); or (3) cargo being transferred to a passenger aircraft operation
under these sections. The known shipper requirements do not apply to
cargo transported exclusively on all-cargo aircraft.
Comment: The Air Transport Association of Canada proposes
reciprocity between TSA and Canadian known shipper databases to avoid
duplication of data.
TSA response: TSA and Transport Canada continue to coordinate on
this issue. In general, we welcome the opportunity to collaborate with
foreign governments in the harmonization of global air-cargo security
requirements.
Known Shipper Program and Foreign Air Carriers
Comment: Several commenters, including Nippon Cargo Airlines,
question whether TSA requires foreign air carriers to comply with the
known shipper program and ask how TSA implements the program with
respect to foreign air carriers. The British Embassy asks TSA to
clarify whether foreign air carriers are able to accept only cargo from
consigners on a TSA-approved list, and requests that TSA confirm that
application of the rule is limited to cargo loaded in the United
States.
TSA response: Currently, passenger foreign air carriers operating
from U.S. airports are subject to the provisions of the Model Security
Program (MSP), which requires the adoption of the known shipper
program. All cargo loaded on a passenger aircraft at a U.S. airport is
subject to this requirement, whether under an aircraft operator or
foreign air carrier security program. These requirements are not
applicable to cargo loaded outside the United States.
Known Shipper Program and IACs
Comment: TNT USA, an IAC, contends that the regulation is
duplicative of existing anti-terrorism
[[Page 30489]]
regulations and legislation. The commenter also states that the rule is
a barrier to free trade.
TSA response: TSA disagrees. Rather than acting as a barrier to
free trade, this rule enhances the capability of aircraft operators,
foreign air carriers, and IACs to more efficiently comply with security
program requirements. These regulations are not duplicative as they
have a different purpose and address a different security threat than
those of other U.S. government agencies, like CBP. As stated in the
NPRM, CBP and TSA have distinct security missions in securing air
cargo. CBP's mission is preventing terrorist and terrorist weapons,
including weapons of mass destruction, from entering the United
States.\14\ TSA, on the other hand, is responsible for securing both
U.S. aircraft and foreign flights destined for the United States from
destruction or hijacking and, as a result, is primarily concerned with
the illicit loading of explosives, incendiaries, or stowaways on board.
---------------------------------------------------------------------------
\14\ Additionally, customs regulations allow for the movement of
cargo ``in bond'' from the initial port of arrival to an inland CBP
location where it will be released (inspections prior to release are
also conducted at these inland locations) into the commerce of the
United States. Under the in-bond process, the cargo remains in
customs control with requirements as to who may transport it, and
where it may be stored (bonded warehouses) until is released by CBP.
---------------------------------------------------------------------------
Comment: NCBFAA wants TSA to clarify how long it will take to
qualify a known shipper and if an IAC can accept cargo from the shipper
during the qualification period. NCBFAA states that the known shipper
database must be precise in order to avoid delays and confusion over
shipper names and asks if known shipper status applies to all office
branches of a qualified shipper. Further, NCBFAA asks if the database
is the only source of known shipper information, and how TSA notifies
IACs of known shipper revocations. Finally, the NCBFAA asks whether air
carriers need to consult the database if an IAC already has verified
the shipper status and if there is reciprocity for a known shipper
under a similar program in another country.
TSA response: Regulated entities must separately list each location
for a known shipper. TSA anticipates that the vetting process will take
less time than the current process specified in the security programs
and is mindful of the competitive commercial environment in which the
regulated entities operate. TSA will address other specific process
questions about the database in the security programs in order to
protect sensitive security information.
Aircraft operators may accept a certification from the IAC that the
cargo has been accepted from a known shipper. There is not presently
reciprocity to establish a known shipper in the database based upon a
determination under a program in another country.
Comment: The Airforwarders Association wants TSA to address the
consolidations of IAC operations, where IACs tender shipments to
another IAC, in order to achieve efficiency and expedite the shipment
of air cargo. They state that the rule does not consider this
consolidation as within the known shipper program allowances, even if
the shipper is known to the IAC supplying the shipment.
TSA response: TSA agrees and is addressing this issue in the IACSSP
amendments, which will be available for IACs to comment on soon after
the publication of this final rule.
II.E. Adoption and Implementation of the Security Programs
The following are comments to Sec. Sec. 1544.101, 1546.101,
1546.103 and 1548.5.
Comment: AOPA does not want TSA to apply security requirements
under these sections to on-demand cargo operations, and wants TSA to
limit the application of such requirements to scheduled operations. In
addition, a domestic air carrier states that terrorists would likely
not choose unscheduled airlines for a hostile takeover, or for
placement of an explosive device, because of the inability to plan for
the location of the planes. The air carrier also wants to limit the
regulations to scheduled air cargo transportation.
TSA response: TSA does not believe that distinguishing charter
operations as scheduled or unscheduled in this manner would provide for
the appropriate level of security. TSA notes that the flight departures
of some unscheduled charters are predictable.
Comment: FedEx, Swiss International Air Lines, Air France, and the
International Brotherhood of Teamsters recommend adopting one security
program for all aircraft operators and foreign air carriers in the
industry, without differentiating between weight and type of aircraft
or operation.
TSA response: TSA requirements do not prohibit an air carrier from
adopting a single security plan for all of its categories of aircraft
sizes provided that the plan meets or exceeds the security requirements
for each aircraft used in those operations.
TSA recognizes historical patterns of terrorist attacks and a
threat-based, risk-managed approach to security. Terrorists have
demonstrated the destructive potential of large turbine-powered
aircraft with large capacity fuel loads and speeds. Accordingly, a
security regime that differentiates between aircraft on the basis of
weight is appropriate, regardless of whether a particular aircraft
carries passengers or cargo. At the same time, TSA is mindful of the
historical link between terrorist operations and passenger aircraft.
Therefore, measures that prevent cargo and cargo operations from being
used to carry unauthorized explosives, incendiaries, and other
destructive substances or items against passenger aircraft must be
provided, regardless of aircraft weight. This rationale underscores
TSA's security regime and the particular measures that TSA has
developed across the spectrum of civil aircraft operations, whether
passenger, cargo, or mixed. Requiring the highest level of security for
all sizes of aircraft would add a burden for smaller aircraft, which is
not warranted by the current threat.
Comment: FedEx states that, in the past, TSA field agents and
foreign government officials have incorrectly assumed that the full
all-cargo security program is limited or somehow inferior to the
passenger aircraft's full program because it did not contain the term
``full program.'' FedEx states that this misunderstanding has resulted
in a loss of confidence in their security program, and in some cases,
undue scrutiny and delay. ATA CAA, FedEx, and RAA recommend either
eliminating the word ``full'' from the names of all security programs
or rename the cargo program.
TSA response: TSA notes that the all-cargo program does not require
all of the same security measures as the full program that applies to
passenger operations. TSA has changed the title to ``full all-cargo
program'' in this final rule for the security program required by Sec.
1544.101(h).
Comment: UPS agrees with the creation of this program as long as
the Domestic Security Integration Program (DSIP) remains intact and up
to date in the final rule. UPS is opposed to adopting any security
program other than the DSIP. UPS believes also that bringing the all-
cargo industry up to the standard of the DSIP is an effective way to
enhance supply chain security.
British Airways asks whether TSA will eliminate or maintain the
DSIP after the incorporation of the two programs. British Airways
argues that if the DSIP remains, along with the full all-cargo security
program, it would give rise to two standards. They oppose this outcome
and recommend treating all cargo operations equally.
[[Page 30490]]
TSA response: TSA is conforming the existing cargo aircraft
operator security programs and the cargo sections of security programs
for passenger aircraft operations to the requirements of this final
rule. The mandatory program will supersede the DSIP for all-cargo
aircraft operators. This new mandatory program will now be referred to
as the full all-cargo security program. The DSIP was a program that
all-cargo aircraft operators were authorized to adopt voluntarily in
order to engage in certain business operations. However, it is
important to note that, in addition to adopting a full all-cargo
security program, aircraft operators with an MTOW of more than 45,500
kg that transfer cargo to an aircraft operator in passenger service
with a full program under Sec. Sec. 1544.101(a) or 1546.101(a) or (b),
must also register with TSA to engage in these transfers. While each
full all-cargo program will contain an option to implement the security
procedures to transfer cargo to these passenger carrying aircraft, only
those aircraft operators that have also registered with TSA to transfer
cargo to passenger operations may do so.
TSA recognizes that some aircraft operators under a full all-cargo
program are not in the business of transferring cargo to passenger
operations. These aircraft operators do not need to register with TSA
or carry out the special security procedures, as long as they do not
transfer cargo to passenger operations. Each existing DSIP holder, and
any additional aircraft operators with an MTOW of more than 45,500 kg
in all-cargo operations, must carry out the specific security
procedures and register with TSA prior to transferring cargo to
passenger operations. Aircraft operators in passenger services under a
full program or under Sec. 1546.101(a) or (b) will be required to
verify that the aircraft operator with a full all-cargo security
program is on an approved list maintained by TSA in order to accept
cargo from it.
Comment: AAPA and Singapore Airlines oppose implementation of
extraterritorial measures and instead emphasize collaborative
discussions to mitigate the terrorist threat without affecting air
cargo operations.
TSA response: In this final rule, TSA regulates the civil
operations of U.S. aircraft operators, wherever they may operate. The
application of the final rule to part 1546 air carriers is generally
limited to operations from and within the United States, or to the
United States, effective at the last point of departure. In the latter
case, compliance with foreign government security requirements that TSA
determines are equivalent to U.S. part 1544 requirements generally
comply.
Comment: Japan Airlines asks whether Sec. Sec. 1546.101 and
1546.103 apply to cargo flights making only a technical stop in the
United States.
TSA response: Foreign air carriers operating aircraft in all-cargo
operations must apply security measures for technical stops in a
similar manner as for passenger operations. These security measures are
detailed in TSA-approved security programs, related Security
Directives, and emergency amendments. The specific security measures
are sensitive security information.
Comment: Several commenters, including Singapore Airlines and the
British Embassy, want TSA to treat foreign air carriers under part 1546
as equal to domestic aircraft operators under part 1544. In addition,
the British Embassy states that many countries' national security
program requirements exceed those proposed by TSA, and wants
confirmation that, in such cases, these national security programs will
be deemed acceptable to TSA.
TSA response: Parts 1544 and 1546 are functionally equivalent. The
United States recognizes that part 1546 air carrier operations
conducted in accordance with foreign government procedures, and with a
similar level of security to U.S. part 1544 operations, generally
suffice to meet TSA security requirements. Foreign government
procedures may include measures that are at least comparable to what is
required of part 1544 operations.
Comment: IATA and Japan Airlines recommend allowing foreign air
carriers to submit existing security programs for approval instead of
submitting a new program under these rules. In addition, Singapore
Airlines and Nippon Cargo Airlines ask if TSA will accept the current
All-Cargo International Security Procedures (ACISP).
TSA response: TSA is adjusting security programs such as the Model
Security Program (MSP) and ACISP to achieve the security requirements
of the final rule. TSA is issuing these security programs to the
regulated parties for review and comment sometime on or after
publication of the final rule. Foreign air carriers must still submit
all such programs to TSA for review and consideration before final
approval. The measures of a part 1546 security program that provide a
level of security similar to the U.S. part 1544 operations are
generally sufficient for operations departing to the United States,
satisfy the requirements of the final rule, and are acceptable to TSA.
TSA acts through its international air carrier principal security
inspector and works with the regulated party to develop measures
capable of producing a similar level of security.
Form, Content, and Availability of Security Program
Comment: Singapore Airlines supports Sec. 1546.103 and AAPA wants
TSA to provide air carriers with the information about cargo shippers
and IAC security programs. Japan Airlines asks if foreign air carriers
have flexibility and discretion with respect to fashioning security
measures for inclusion in security programs, so long as those measures
are acceptable to TSA.
TSA response: TSA considers all security programs SSI and restricts
access to applicable regulated entities. Regulated entities may request
amendments to their security program following the procedures
established in the regulations applicable to their specific operation.
Aircraft operators do not have a need to know the contents of an
IACSSP.
Comment: NCBFAA recommends creating a frequently asked questions
section on the TSA Web site to address issues regarding each new
proposed regulation.
TSA response: TSA offers regulated entities security program
updates, including information similar to frequently asked questions
sections, through secure web-boards. Questions about accessing these
web-boards should be directed to a regulated entity's principal TSA
contact.
II.F. Costs of IAC Training and Materials
Comment: Several IACs, British Airways, the Airforwarders
Association, and Singapore Airlines support Sec. 1548.11 on training
and knowledge for individuals with security-related duties. Other IACs,
NACA, RACCA, and Brinks, want TSA to clarify what the required training
includes. These commenters ask:
Who is going to pay for the training?
What training will TSA require?
Who will provide the training and training materials?
How often must IACs train the personnel?
What is the timeframe for accomplishing the training?
FedEx proposes that TSA offer training and certification directly
to any trucker or warehouseman who wishes to volunteer, and use vendor
certification as evidence of IAC training. In addition, FedEx states
that the contractors should directly pay for training, and TSA should
pay for the expense of administering the training.
[[Page 30491]]
TSA response: TSA is developing computer-based instructional
materials and a testing tool, including a minimum standard that an
employee must meet and protocols for situations where employees fail to
meet the threshold. TSA also is developing the curriculum and training
materials, and is including specific requirements for training and
testing IAC employees in the revision of the IACSSP. The rule requires
that training be completed at least annually for each authorized
employee or agent. The IAC bears the cost of training each of their
employees or agents.
Comment: FedEx objects to holding IACs responsible for training and
testing employees of contractors, subcontractors, or agents, such as
truckers or warehousemen, who may have unescorted access to cargo. They
believe the proposal is impractical, cost-prohibitive, and that it
would impose an unfair burden on IACs. FedEx argues that TSA has
underestimated the number of individuals who will require training, as
well as the cost associated with the training. FedEx states that TSA
calculated only the cost associated with training employees of an IAC,
but that it did not include the cost associated with an IAC training
the employees of any agents, contractors, or subcontractors that may
have unescorted access to air cargo. FedEx interprets this requirement
to mean that they would have to train all drivers, warehouse, and
office staff of any trucker or courier who may pick up cargo designated
for shipping via airfreight. They state further that there are several
million licensed drivers in the United States, and even if only 25
percent (approximately 500,000) drivers are involved in the delivery of
air cargo, according to TSA's estimate of $100 per individual for the
cost of training, the cost to IACs will exceed $50 million. This
estimate does not include the cost associated with training new hires,
as there is a high turnover employee rate in the trucking industry.
TSA response: TSA has clarified the applicability of IAC
requirements. The regulation requirements apply to regulated party
employees and agents. If an IAC uses others to perform functions that
have security consequences, the IAC must make sure that those persons
have proper training. TSA is not requiring air cargo operators with a
security program to comply with IAC requirements and believes FedEx has
extended its estimate beyond the requirements of this regulation.
II.G. Cost Benefit Analysis
A separate final regulatory analysis is provided on the docket. A
summary of the final regulatory analysis appears in this document under
the section ``V. Rulemaking Analyses and Notices, A. Regulatory
Evaluation Summary.'' To assist the readers of this section, TSA is
providing a table that shows, at the summary level, the changes from
the NPRM to the final rule. The details of these changes are found in
the full regulatory evaluation on the docket. Summary of changes:
----------------------------------------------------------------------------------------------------------------
10 year cost
Requirement --------------------------------------- Remarks
NPRM Final rule Delta
----------------------------------------------------------------------------------------------------------------
Costs First Associated With Requirements Under November 2003 SD & March 2005 Security Program Amendments
----------------------------------------------------------------------------------------------------------------
Passenger Flight Cargo Screening (first $493.1M $1,491.1M +$998.0M Cost driven by congressional
implemented under SD, currently done mandate to triple cargo
under security program amendment). inspections and public
comment.
All-Cargo Flight Cargo Screening 166.4M 328.0M +161.6M Public inputs on costs.
(currently done under SD).
Require All-Cargo operators to screen 33.7M 35.2M +1.5M Implementation cost change.
persons entering aircraft(currently
done under SD).
All-Cargo Security Coordinators 0.2M 0.0M -0.2M Double Counted in NPRM.
(currenlty done under SD).
---------------------------------------
Subtotal............................ 693.4M 1,854.5M 1,160.9M
----------------------------------------------------------------------------------------------------------------
Costs Associated With Requirements Originating Under This Rule
----------------------------------------------------------------------------------------------------------------
Security Threat Assessment.............. $3.7M $4.6M + $1.0M Population Increase but admin
cost greatly reduced.
Security Identification Display Area 0.9M 10.9M +10.0M Costs Identified in comments.
(SIDA).
CHRCs for individuals inspecting cargo.. 0.5M 5.7M +5.2M Increased Population.
Implementation of All-Cargo security 26.6M 0.7M -25.9M Removed LEO costs.
program for aircraft over 45,000 kg.
New aircraft inspection requirements.... 36.6M 38.2M +1.6M Implementation cost change.
TSA Managed Known Shipper Database...... 24.5M 24.5M ........... Remained the same.
Develop/implement IAC and Agent Training 15.1M 35.6M +20.5M Increase in population
requiring training and
training development cost.
IAC Security Program Requirements....... 36.0M 46.5M +10.5M Change in Population.
---------------------------------------
Subtotal............................ 143.9M 166.7M +22.9M
=======================================
Total............................... 837.3M 2,011.9M +1,183.8M
----------------------------------------------------------------------------------------------------------------
Comment: ACI-NA and the Atlanta International Airport believe that
airports and IACs should not be obligated to obtain equipment and staff
to support these regulations. They believe that TSA or DHS should
either fund the new security mandates or take responsibility for
securing cargo operations. United Airlines believes that the NPRM's
economic analysis fails to consider the impact on U.S. passenger
carriers. United Airlines believes the solution is to enact a cargo-
screening program based on Federal screening of freight as Congress
intended. United Airlines believes that TSA should review methods of
defraying costs borne by carriers before they pursue screening
initiatives that burden carriers.
TSA response: Only cargo accepted under the known shipper program
may
[[Page 30492]]
be transported on a passenger aircraft; however, Congress chose not to
require Federal Government employees to conduct screening of such
cargo. Moreover, Congress did not require that Federal employees must
conduct cargo screening for aircraft in all-cargo operations. TSA has
required aircraft operators conduct cargo screening since November
2003, and, in part to mitigate the costs cited by the commenter,
provides a degree of flexibility for the operators to fulfill these
requirements within their operational environment.
Comment: RACCA estimates that because of the high turnover rate in
the industry, actual STA cost per employee is $150. RACCA believes that
air carriers need this money for applications that have a direct
bearing on safety, like pilot training and aircraft maintenance. RACCA
states that the threat is minimal, but the cost may be crippling for an
industry that operates with narrow margins. They state further that
these costs are a burden for many small air cargo operators and may
precipitate cost-cutting measures that will have a negative impact on
overall safety.
TSA response: RACCA did not provide sufficient information to
determine how they computed actual STA costs per employee. TSA has been
able to further refine the STA systems and eliminate some costs,
lowering the cost of STA per applicant. As our vetting and
credentialing capabilities have grown, we are now able to accomplish
these checks more expeditiously and economically. TSA allows certain
comparable checks in lieu of an STA. Additionally, there is no
requirement to renew an STA as long as the STA-holder qualifies as
continuously employed. Lastly, in a post 9/11 world, industry must meet
both safety and security requirements.
Comment: IATA estimates implementation will be 2 to 4 times higher
than the TSA estimate ($3.7 million), or $7.4 to 14.8 million over 10
years. For the expansion of SIDA, IATA estimates that the cost to the
industry is 4 times the TSA estimate ($1.4 million), or $5.6 million
over 10 years. IATA estimates that the actual cost to implement full
all-cargo security programs will be 3 to 4 times the TSA estimate
($26.6 million), or $80 to $106 million over 10 years. Although TSA did
not provide any cost estimates for the implementation of the known
shipper database, IATA estimates the cost to the industry to be between
$1 and $2 million per year. For the enhancements to the IACSSP, IATA
estimates that the costs are 25 to 30 percent greater than the TSA
estimate ($36 million), or $45.0 to $47.0 million over 10 years. IATA
estimates that the training requirements for IACs will be 2 times that
TSA estimate ($15.1 million), or $30 million over 10 years. Overall,
IATA estimates that the proposed rules will cost the industry 80
percent more than the TSA estimate ($49 million), or $88 million a
year.
TSA response: Although the STA population numbers did in fact
increase in the final regulatory analysis, there was a corresponding
decrease in the unit costs of the STA as TSA was able to eliminate some
costs. The new number for the STA is $4.6 million for the 10 years. TSA
is providing a reduction in the unit cost of the STA check from $55 to
$38, which explains TSA's computed cost of $4.6 million versus IATA's
$7.4 to $14.8 million. TSA accepted recommendations from IATA and
others, and the SIDA expansion rounds to $10.9 million over 10 years.
TSA's recalculation for the IACSSP of $46.5 million is near the top of
IATA's $45-47 million. The new IAC training numbers are $35.6 million
versus IATA's $30 million. Contrary to IATA's comment that TSA did not
provide information on Known Shipper costs, TSA documented those costs
as TSA costs rather than industry costs in the NPRM evaluation. A
discussion of the Known Shipper program costs are on page 46 of the
final regulatory evaluation.
Comment: ATA and British Airways question the distribution of the
funding for the proposed rules. They state that, as currently
allocated, the costs fall disproportionately on air carriers, because
estimated air carrier allocation ($758 million) constitutes 90 percent
of the total estimated security costs ($837 million). They state
further that the annual costs to all parties will exceed the $100
million annual threshold and would make the NPRM significant under
Executive Order 12866.
TSA response: TSA has determined that this rule is significant
under Executive Order 12866 guidelines, as discussed in the Regulatory
Evaluation Summary of this preamble (Section V.A.). TSA has listened to
concerns both about cost and security. The largest portions of costs
are directly related to the actual screening conducted by the airlines.
TSA believes it has complied with legislative intent that this be a
private sector responsibility rather than a governmental function. TSA
is unaware of a mechanism for the government to redistribute private
sector costs for the required inspections.
Comment: Delta estimates that the financial impact to aircraft
operators in year one will be $56.2 million, or $493.1 million in 10
years, and states that the proposed unfunded security mandates add
significant costs to their business. Delta believes that TSA's
assumptions about aircraft operator's ability to secure operating and
capital funding for screening are not correct. Delta believes further
that TSA-based calculations from an early 2002 report are significantly
inaccurate, and expresses concern about the continued viability of
cargo in the passenger air carrier market.
TSA response: TSA computes the ten year impact to the carriers at
$1.9 billion versus approximately $760 million in the NPRM evaluation.
TSA has accepted numerous inputs from the public comments to revise the
cost estimates. The largest portion of these costs, the screening
costs, has been in place for sometime, through Security Directives and
security program amendments. TSA is codifying these measures at this
time. Also, the tripling of cargo screening as required by legislation
was the single largest source of change. TSA is not making any
assumptions about capital availability to aircraft operators. The fact
that the screening requirements have been in place would suggest that
the market has already adjusted to a requirement affirmed in
legislation. Assumptions about capital expenditures in the full
evaluation were based upon the likelihood of future cost savings using
automated equipment over manual inspections. The evaluation reiterates
that TSA has not mandated the purchase of any screening equipment in
this rule. Other than screening equipment, TSA is unaware of what other
capital costs Delta might be referencing.
Comment: FedEx states that as proposed, the rules will require STAs
for over 500,000 drivers that have potential access to cargo. According
to this estimate, STA implementation will cost the industry $27.5
million for only truck drivers ($55 per individual). NACA states that
the TSA estimate of employees that will require training is below the
actual number, and NACA estimates that in their industry alone, 20,000
people will need the proposed training.
TSA response: The public comments clearly reflected a broader
assumption about requirements than TSA intended. TSA has examined the
need for STAs in passenger and cargo operations and has reworded the
scope of the new requirements more clearly to state which employees and
agents of a carrier do require the STA in accordance with security
considerations. TSA has adjusted these costs with these new population
estimates to reflect TSA's expectation of a narrower coverage than
reflected in the public comments.
[[Page 30493]]
Comment: NCBFAA states that TSA underestimates the cost of the new
measures for air forwarders, many of which are small businesses. NCBFAA
questions the basis for TSA's estimate of 3,800 IAC entities and 26,600
IAC employees. NCBFAA questions the lack of underlying support for this
conclusion, and believes more employees will be affected by the
proposed rules. To support this, NCBFAA states that most IACs are also
surface and ocean forwarders, non-vessel operating common carriers,
customs brokers, warehousemen, and motor carrier brokers. Hence, the
number of employees directly involved in airfreight operations is only
a portion of the total employees that might have access to cargo.
Consequently, NCBFAA states that the TSA estimate for total compliance
($51 million) is an understatement of the true cost to the industry.
NCBFAA recommends TSA undertake a more comprehensive impact and
regulatory flexibility analysis of the IAC industry for more accurate
assessment of the IAC population.
TSA response: TSA maintains an operational database that reflects
approximately 3800 IACs who have identified themselves to TSA. These
businesses already interact with TSA security personnel and TSA has
identified them as currently providing services to aircraft operators.
During preparation of the final rule, the 2002 Economic Census data
became available which revealed both more firms and a higher average
employee per firm value for the general group of freight forwarders.
Public input during the comment period and discussions at TSA revealed
that there was a misunderstanding of the STA coverage. Clearer language
has been provided and consequentially this evaluation expanded the
numbers to use the 2002 Economic Census \15\ numbers, which were
unavailable at the time of the original evaluation. Please see the
separate full regulatory evaluation available on the docket. STAs and
the changes are discussed in the section labeled Cost of Compliance:
Name Based Background checks and Table 17.
---------------------------------------------------------------------------
\15\ 2002 Economic Census, Support Activities for
Transportation: 2002, Transportation and Warehousing Industry Series
at http://www. census.gov/econ/census02/guide/INDRPT48. HTM.
---------------------------------------------------------------------------
Comment: AAAE believes that the proposed rules are an unfunded
mandate for airports. They state further that the cost of expanding
SIDA involves more than just the physical expansion of the space;
airports with more remote cargo operating locations will need to
increase the number of law enforcement personnel on the cargo ramp,
while diverting law enforcement resources away from the passenger
terminal facility. In addition, AAAE states that airports may need to
expand significantly their badging offices to accommodate the
additional cargo personnel, and states that the Memphis-Shelby Airport
will have to badge 15,000 FedEx personnel.
TSA response: TSA reiterates that not every worker requires a
background check, SIDA clearance, and a new badge. The SIDA guidelines
have been adjusted to allow the airports to work with aircraft
operators to minimize the expansion of the SIDA, while still providing
the necessary security. For example, the final evaluation clarifies
that additional law enforcement officers do not need to be employed.
Rather, the requirement is to have the ability to contact existing law
enforcement officials. Also in the full regulatory evaluation, section
on ``Cost of Compliance: Airport Operators,'' TSA has shown how it used
the public comments to revise the costs and population needing badges.
Based upon the information in comments, TSA believes it reasonable to
reject the need to increase staffing for this expected one time
increase. Memphis is an example of several locations that have national
hubs for the Nation's largest parcel and express shippers. TSA invites
the airport and shippers to work with us in order to use the
flexibility and alternatives that TSA authorizes.
Comment: IATA states that TSA underestimates the number of affected
employees, and two IATA members indicate that depending on the
definition of unescorted access to cargo, they will have at least
63,000 impacted staff, mainly cargo handlers and drivers. The
Airforwarders Association states that TSA's estimate of the number of
IACs is correct, but that the number of affected IAC employees is
incorrect, and recommends revaluation. ATA states that depending on the
scope of the requirement, the number of individuals subject to either
an STA or CHRC could be ten times greater than the 63,000 estimated by
TSA.
TSA response: TSA has examined the public comments along with new
data available in the 2002 Economic Census.\16\ Census numbers do not
support a three-fold expansion of the population while keeping the
number of businesses constant. The new Census number of firms and the
average employee per business value increased only slightly.
Additionally, given that some of the public comments agree with TSA's
original numbers, TSA believes that there has been confusion on to the
extent the STA or CHRC were going to be required. The full regulatory
evaluation provides several pages of detail in the section ``Cost of
Compliance: Indirect Air Carriers'' and in the full evaluation tables
13-17. Based on extensive internal discussion of very knowledgeable
subject matter experts, TSA believes the new language provides much
clearer guidance and the Census number adjustments are an appropriate
estimate.
---------------------------------------------------------------------------
\16\ Support Activities for Transportation: 2002, Transportation
and Warehousing Industry Series at http://www.census. gov/econ/
census02/guide/INDRPT48. HTM.
---------------------------------------------------------------------------
II.H. 100 Percent Inspection of Cargo
TSA invited comments in the NPRM, but did not propose requirements,
for the physical inspection of 100 percent of air cargo.
Comment: The majority of comments TSA received on this issue,
including comments from Air France, ATA, British Airways, IATA,
Singapore Airlines, and several IACs, oppose 100 percent inspection of
air cargo. The consensus of these comments is that requiring 100
percent inspection of air cargo would be impractical in an industry
dependent on just-in-time deliveries, without advances in targeting
methodology, data, and technology. ATA states further that the 100
percent inspection of cargo is not warranted or required under ATSA,
nor is it justified under any risk-based analysis that TSA has shared
with the industry. A small minority of comments, including comments
from ALPA and the International Brotherhood of Teamsters, support 100
percent inspection of air cargo.
TSA response: TSA is not requiring 100 percent inspection of air
cargo at this time. As mentioned in the proposal at 69 FR 65266, TSA
considered requiring 100 percent inspection of air cargo, but
determined to continue with a layered approach of security measures and
to pursue a risk-based targeting strategy to identify higher risk cargo
for additional scrutiny. This conclusion is affirmed by, and derived
from, the Government Accountability Office report on Vulnerabilities
and Potential Improvements for the Air Cargo System,\17\ the Department
of Transportation's Office of the Inspector General Audit of the Cargo
Security Program,\18\ and TSA's Air Cargo
[[Page 30494]]
Security Scenario Analysis. These reports have cautioned that, in the
absence of an appropriate targeting methodology and data, requiring
inspection of 100 percent of air cargo would severely burden the just-
in-time delivery that is currently a key competitive feature of many
U.S. manufacturing and distribution industries. In addition, 100
percent inspection could have particularly severe negative impacts on
aircraft operators, IACs, and their employees and agents. TSA has
focused on deploying currently available tools, resources, and
infrastructure in a targeted manner to provide effective security in
the air cargo environment, and has laid out a path for accelerated
research and development of even more effective tools.
---------------------------------------------------------------------------
\17\ GAO-03-344, December 2002.
\18\ Report Number SC-2002-113, Sep. 19, 2002. This report is
SSI.
---------------------------------------------------------------------------
II.I. Unknown Shipper Cargo
TSA invited comments in the NPRM, but did not propose requirements,
about allowing unknown shipper cargo on passenger aircraft after proper
screening.
Comment: ATA, CAA, Delta, RAA, and other commenters request that
TSA consider allowing cargo from unknown shippers into passenger
aircraft after proper screening. These comments assert that TSA should
permit cargo on passenger carriers subject to inspection.
TSA response: While TSA appreciates these comments, at this time
TSA declines to allow the transport of unknown shipper cargo on
passenger aircraft. Currently, no technology or inspection techniques
exist with sufficient versatility to handle the vast array of cargo
configurations, and commodities to ensure security, while maintaining
acceptable throughput, or processing time. TSA continues to collaborate
with the industry in an effort to develop technology solutions to
improve the effectiveness and efficiency of the cargo screening
process.
II.J. Terms Used in This Subchapter
Comment: British Airways, AEA, IATA, and the International
Brotherhood of Teamsters support the definition of ``Indirect air
carrier'' in Sec. 1540.5. British Airways and AEA state that the
expanded coverage is consistent with proposals from the European
Commission. AAPA and IATA suggest that the definition should include
equivalent entities of IACs operating outside of the United States.
Purolator suggests that the United States Postal Service and foreign
postal services should be included in the definition.
TSA response: TSA is working closely with the European Commission
to establish the basis of mutual recognition of its regulated agent
and/or IACSSP. The U.S. Postal Service is not subject to the provisions
of this rule. The security of the U.S. Mail is covered under a Mail
Security Program that provides an appropriate level of security for
mail transported via aircraft.
Comment: The Denver International Airport wants TSA to define the
term airport grounds, and three commenters recommend adopting a
definition for the terms ``cargo'' and ``access to air cargo.''
TSA response: ``Cargo'' is defined in 49 CFR 1540.5. TSA is
revising the language of Sec. Sec. 1544.228, 1546.213, and 1548.15 to
include those individuals specifically authorized by the aircraft
operator, foreign air carrier, or IAC to have unescorted access to air
cargo. As stated in the preamble to the NPRM at 69 FR 65270, ``The SIDA
would only be extended to areas on airport grounds.'' The requirement
to extend SIDA to cargo operations is specific to the area used by an
aircraft operator under a full all-cargo program, as provided in Sec.
1544.104(h) and by a foreign air carrier under Sec. 1546.101(e).
Therefore, the proposed extension of the SIDA applies only to those
areas regularly used to load or unload cargo on larger all-cargo
aircraft under a full all-cargo security program. TSA is modifying
Sec. 1542.205(a)(2) to reflect this intention by adding the words
``air operations area'' instead of the words ``airport grounds'' and by
deleting the reference to areas used ``to sort cargo.''
Comment: Air France and Global Express Association propose that TSA
harmonize terms used in cargo operations, like ``known shipper,''
``consignor,'' ``regulated agent,'' and ``IAC.''
TSA response: TSA believes that the terms ``known consignor'' and
``known shipper'' are similar, in general. However, TSA's use of the
term ``known shipper'' is specifical