2 June 2006 updated
29 May 2006
-----------------------------------------------------------------------[Federal Register: June 2, 2006 (Volume 71, Number 106)] [Rules and Regulations] [Page 31964-31965] From the Federal Register Online via GPO Access [wais.access.gpo.gov] [DOCID:fr02jn06-13] ======================================================================= ----------------------------------------------------------------------- DEPARTMENT OF HOMELAND SECURITY Transportation Security Administration 49 CFR Parts 1544, 1546, and 1548 [Docket No. TSA-2004-19515; Amendment Nos. 1520-4, 1540-7, 1542-2, 1544-5, 1546-2, and 1548-2] RIN 1652-AA23 Air Cargo Security Requirements; Correction AGENCY: Transportation Security Administration (TSA), DHS. ACTION: Final rule; correction. ----------------------------------------------------------------------- SUMMARY: This document makes a correction to the final rule published in the Federal Register on May 26, 2006. That rule enhances and improves the security of air cargo transportation by requiring airport operators, aircraft operators, foreign air carriers, and indirect air carriers to implement security measures in the air cargo supply chain as directed under the Aviation and Transportation Security Act. The final rule also amends the applicability of the requirement for a ``twelve-five'' security program for aircraft with a maximum certificated takeoff weight of 12,500 pounds or more to those aircraft with a maximum certificated takeoff weight of more than 12,500 pounds to conform to recent legislation. TSA listed an incorrect compliance date in certain sections of parts 1544, 1546, and 1548 dealing with security threat assessments and a mandatory security program requirement for operators. This document adds the correct compliance date to these sections. DATES: Effective October 23, 2006. FOR FURTHER INFORMATION CONTACT: Tamika McCree, Office of Transportation Sector Network Management (TSA-28), Transportation Security Administration, 601 South 12th Street, Arlington, VA 22202; (571-227-2632); tamika.mccree@dhs.gov. SUPPLEMENTARY INFORMATION: Background On May 26, 2006, TSA published a final rule in a separate Part II of the Federal Register (71 FR 30478), revising various regulations to enhance and improve the security of air cargo transportation. Although TSA listed the correct compliance dates in the DATES section of the final rule preamble, we incorrectly listed the compliance date dealing with security threat assessments in Sec. Sec. 1544.228(d), 1546.213(d), 1548.5(a), and 1548.16(a), and a mandatory security program requirement in Sec. 1548.15(d) for operators. This document corrects the date in these sections from the incorrect date of November 22, 2006, to the correct date of December 1, 2006. Correction In rule FR Doc. 06-4800, published on May 26, 2006 (71 FR 30478), make the following corrections: Sec. 1544.228 [Corrected] 0 1. On page 30511, in the second column, in Sec. 1544.228 Access to Cargo: Security threat assessments for cargo personnel in the United States, at the end of paragraph (d), remove the date ``November 22, 2006'' and add in its place, the date ``December 1, 2006''. Sec. 1546.213 [Corrected] 0 2. On page 30512, in the third column, in Sec. 1546.213 Access to Cargo: Security threat assessments for cargo personnel in the United States, at the end of paragraph (d), remove the date ``November 22, 2006'' and add in its place, the date ``December 1, 2006''. Sec. 1548.5 [Corrected] 0 3. On page 30513, in the second column, in Sec. 1548.5 Adoption and implementation of the security program, at the end of paragraph (a), remove the date ``November 22, 2006'' and add in its place, the date ``December 1, 2006''. [[Page 31965]] Sec. 1548.15 [Corrected] 0 4. On page 30516, in the second column, in Sec. 1548.15 Access to Cargo: Security threat assessments for individuals having unescorted access to cargo, at the end of paragraph (d), remove the date ``November 22, 2006'' and add in its place, the date ``December 1, 2006''. Sec. 1548.16 [Corrected] 0 5. On page 30516, in the second column, in Sec. 1548.16 Security threat assessments for each proprietor, general partner, officer, director, and certain owners of the entity, at the end of paragraph (a), remove the date ``November 22, 2006'' and add in its place, the date ``December 1, 2006''. Issued in Arlington, Virginia, on May 26, 2006. Mardi Ruth Thompson, Deputy Chief Counsel for Regulations. [FR Doc. E6-8584 Filed 6-1-06; 8:45 am] BILLING CODE 9110-05-P----------------------------------------------------------------------- [Federal Register: May 26, 2006 (Volume 71, Number 102)][Rules and Regulations] [Page 30477-30517] From the Federal Register Online via GPO Access [wais.access.gpo.gov] [DOCID:fr26my06-17] [[Page 30477]] ----------------------------------------------------------------------- Part II Department of Homeland Security ----------------------------------------------------------------------- Transportation Security Administration ----------------------------------------------------------------------- 49 CFR Parts 1520, 1540, 1542, et al. Air Cargo Security Requirements; Final Rule [[Page 30478]] ----------------------------------------------------------------------- DEPARTMENT OF HOMELAND SECURITY Transportation Security Administration 49 CFR Parts 1520, 1540, 1542, 1544, 1546, and 1548 [Docket No. TSA-2004-19515; Amendment Nos. 1520-4, 1540-7, 1542-2, 1544-5, 1546-2, and 1548-2] RIN 1652-AA23 Air Cargo Security Requirements AGENCY: Transportation Security Administration (TSA), DHS. ACTION: Final rule. ----------------------------------------------------------------------- SUMMARY: The Transportation Security Administration is amending its regulations to enhance and improve the security of air cargo transportation. This final rule requires airport operators, aircraft operators, foreign air carriers, and indirect air carriers to implement security measures in the air cargo supply chain as directed under the Aviation and Transportation Security Act. This final rule also amends the applicability of the requirement for a ``twelve-five'' security program for aircraft with a maximum certificated takeoff weight of 12,500 pounds or more to those aircraft with a maximum certificated takeoff weight of more than 12,500 pounds to conform to recent legislation. DATES: Effective Date: This final rule is effective October 23, 2006. Compliance Date: By November 22, 2006, Indirect air carriers must comply with the requirements for Indirect air carrier training under Sec. 1548.11. By December 1, 2006, aircraft operators, foreign air carriers, and indirect air carriers must comply with the requirements for-- Security threat assessments under Sec. Sec. 1544.228, 1546.213, 1548.15, and 1548.16; and Indirect air carriers that do not currently hold a security program under part 1548, and that offer cargo to an aircraft operator operating under a full all-cargo program or a comparable foreign air carrier under Sec. 1546.101(e), establishment of, and operation under, a TSA security program in part 1548. FOR FURTHER INFORMATION CONTACT: Tamika McCree, Office of Transportation Sector Network Management (TSA-28), Transportation Security Administration, 601 South 12th Street, Arlington, VA 22202; (571-227-2632); tamika.mccree@dhs.gov. SUPPLEMENTARY INFORMATION: Availability of Rulemaking Documents You can get an electronic copy using the Internet by-- (1) Searching the Department of Transportation's electronic Docket Management System (DMS) Web page (http://dms.dot.gov/search); (2) Accessing the Government Printing Office's Web page at http:// http://www.gpoaccess.gov/fr/index.html; or (3) Visiting TSA's Law and Policy Web page at http://www.tsa.gov and accessing the link for ``Law and Policy'' at the top of the page. In addition, copies are available by writing or calling the individual in the FOR FURTHER INFORMATION CONTACT section. Make sure to identify the docket number of this rulemaking. Small Entity Inquiries The Small Business Regulatory Enforcement Fairness Act (SBREFA) of 1996 requires TSA to comply with small entity requests for information and advice about compliance with statutes and regulations within TSA's jurisdiction. Any small entity that has a question regarding this document may contact the person listed in FOR FURTHER INFORMATION CONTACT. Persons can obtain further information regarding SBREFA on the Small Business Administration's Web page at http://www.sba.gov/advo/laws/law_lib.html . Abbreviations and Terms Used in This Preamble AAAE American Association of Airport Executives AAPA Association of Asia Pacific Airlines ACCA Air Courier Conference of America ACISP All-Cargo International Security Procedures ACI-NA Airports Council International-North America AEA Association of European Airlines AES Automated Export System ALPA Air Line Pilots Association International AOPA Aircraft Owners and Pilots Association ASAC Aviation Security Advisory Committee ATA Air Transport Association ATSA Aviation and Transportation Security Act CAA Cargo Airline Association CBP U.S. Customs and Border Protection CFR Code of Federal Regulations CHRC Criminal History Records Check DHS Department of Homeland Security DSIP Domestic Security Integration Program EA Emergency Amendment FAA Federal Aviation Administration HAZMAT Hazardous Materials IAC Indirect Air Carrier IACSSP Indirect Air Carrier Standard Security Program IATA International Air Transport Association MSP Model Security Program MTOW Maximum certificated take-off weight NACA National Armored Car Association NATA National Air Transport Association NCBFAA National Customs Brokers and Forwarders Association RAA Regional Airline Association RACCA Regional Air Cargo Carriers Association SIDA Security Identification Display Area SD Security Directive SSI Sensitive Security Information STA Security Threat Assessment TSA Transportation Security Administration TFSSP Twelve-Five Standard Security Program UPS United Parcel Service Outline of Final Rule I. Background II. Comment Disposition A. Security Threat Assessments B. Acceptance and Screening of Cargo C. Security Identification Display Area D. Known Shipper Program E. Adoption and Implementation of the Security Programs F. Cost of IAC Training and Materials G. Cost Benefit Analysis H. 100 Percent Inspection of Cargo I. Unknown Shipper Cargo J. Terms Used in This Chapter K. Persons and Property Aboard the Aircraft L. Other Issues and Sections III. Section-by-Section Analysis of Changes IV. Fee Authority for Security Threat Assessment V. Rulemaking Analyses and Notices A. Regulatory Evaluation Summary B. Paperwork Reduction Act C. International Compatibility D. International Trade Impact Assessment E. Unfunded Mandates Reform Act Analyses F. Executive Order 13132, Federalism G. Environmental Analysis H. Energy Impact VI. List of Subjects VII. The Amendment I. Background This final rule implements air cargo security requirements under the Aviation and Transportation Security Act (ATSA), Pub. L. 107-71. ATSA requires TSA to implement the following requirements:Provide for screening of all property, cargo, carry-on and checked baggage, and other articles, that will be carried aboard a passenger aircraft operated by a domestic or foreign air carrier;\1\ and --------------------------------------------------------------------------- \1\ 49 U.S.C. 44901(a). --------------------------------------------------------------------------- Establish a system to screen, inspect, or otherwise ensure the security of freight that is to be transported in all-cargo aircraft as soon as practicable.\2\ --------------------------------------------------------------------------- \2\ 49 U.S.C. 44901(f). --------------------------------------------------------------------------- TSA published a notice of proposed rulemaking in the Federal Register on [[Page 30479]] November 10, 2004, at 69 FR 65258, to solicit public comment on the proposed air cargo regulations. Please see the NPRM for additional background information on the development of these regulations. The NPRM proposed, among other requirements, to: Address two critical risks in the air cargo environment: (1) The hostile takeover of an all-cargo aircraft leading to its use as a weapon; and (2) the use of cargo to introduce an explosive device onboard a passenger aircraft. Create a new mandatory security regime for aircraft operators and foreign air carriers in all-cargo operations using aircraft with a maximum certificated take-off weight more than 45,500 kg. Create requirements for foreign air carriers in all-cargo operation with an aircraft having a maximum certificated take-off weight more than 12,500 pounds but no more than 45,500 kg, and a separate program for aircraft with a maximum certificated take-off weight more than 45,500 kg. Require a Security Threat Assessment for individuals with unescorted access to air cargo. Enhance existing requirements for indirect air carriers (IAC). Expand Security Identification Display Area requirements at regulated airports to include areas where cargo is loaded and unloaded. The NPRM was based in part on recommendations received from the Department of Transportation Office of Inspector General's (DOT OIG's) September 2002 audit of the air cargo security program,\3\ the General Accounting Office's (GAO's) December 2002 report entitled, ``Vulnerabilities and Potential Improvements for the Air Cargo System'',\4\ and the Aviation Security Advisory Committee recommendations of October 1, 2003. TSA was also guided by the Air Cargo Strategic Plan, which was completed in November 2003, and approved by the Department of Homeland Security in January 2004. The NPRM proposed a threat-based, risk-managed program for securing the air cargo transportation system. --------------------------------------------------------------------------- \3\ Report Number SC-2002-113, September 19, 2002. This report is SSI. \4\ GAO-03-344, December 20, 2002. --------------------------------------------------------------------------- This final rule adopts the regulations proposed in the NPRM with minor revisions to clarify certain provisions from the proposed rule. Specifically, the final rule clarifies both of the populations who are subject to Security Threat Assessments (STAs), and the areas where airports must extend Security Identification Display Area (SIDA) measures for cargo. During this rulemaking, another critical security enhancement has been implemented, that is, an increase in the inspection of cargo by aircraft operators and foreign air carriers. The NPRM proposed to codify the requirement for the aircraft operators and foreign air carriers to inspect cargo in accordance with their security programs. These operators already were inspecting a portion of their cargo as required by Security Directives issued by TSA in November 2003. Following the publication of the NPRM, the Department of Homeland Security Appropriations Act, 2005 was enacted.\5\ Section 513 of the Act requires TSA to amend Security Directives and programs to triple the percentage of cargo inspected on passenger aircraft, which TSA did. Details of these security measures are protected by TSA as Sensitive Security Information,\6\ and therefore are not available for release to the general public. --------------------------------------------------------------------------- \5\ FY `05, Pub. L. 108-334. \6\ ``Sensitive Security Information'' or ``SSI'' is information obtained or developed in the conduct of security activities, the disclosure of which would constitute an unwarranted invasion of privacy, reveal trade secrets or privileged or confidential information, or be detrimental to the security of transportation. The protection of SSI is governed by 49 CFR part 1520. --------------------------------------------------------------------------- Although the details are not in the rule, the regulatory evaluation for this final rule analyzes the cost incurred by aircraft operators and foreign air carriers to comply with this inspection requirement. The cost of inspection of air cargo on passenger aircraft accounts for about $1.491 billion of the total $2 billion costs of this rule, as discussed further in the Regulatory Evaluation Summary (Section V.A.) of this preamble. This inspection requirement accounts for the largest single cost of this final rule. This inspection requirement is not a new responsibility under this final rule; rather, TSA is taking this opportunity to provide a cost estimate for inspection of air cargo on passenger aircraft, as currently required under existing Security Directives. TSA provided cost estimates for these inspections in the NPRM, and has since revised them to account for the effect of the congressional directive and public comments. These Security Directives were first issued in November 2003. TSA subsequently issued security program amendments to reflect the inspection requirements of the Security Directives and the congressional mandates. These amendments have been implemented since July 2005. This rulemaking marks TSA's first opportunity to account for costs associated with the issuance of these security measures. The specific requirements for these inspections are SSI and are not appropriate for public disclosure as part of this rulemaking. Accordingly, about 75 percent of the approximately $2 billion overall 10-year cost of the requirements implemented under this rule are associated with requirements that did not originate with this rule. These costs originated with TSA Security Directives issued in November 2003 and security program amendments issued in March 2005. The cost of implementing requirements that originate under this final rule is estimated to be about $167 million over a 10-year period. In conjunction with the publication of this final rule, TSA is issuing to regulated parties for comment proposed amendments to their security programs to implement this final rule as authorized under 49 CFR 1542.105, 1544.105, 1546.105, and 1548.5. II. Comment Disposition TSA received 134 letters commenting on the NPRM. These comments were submitted by a broad cross-section of parties with an interest in air cargo security; including aircraft operators, foreign air carriers, trade associations, airports, state and local governments, and indirect air carriers (IACs).\7\ These comments are addressed below, organized by major issues. --------------------------------------------------------------------------- \7\ ``Indirect air carrier'' or ``IAC'' means any person or entity within the United States not in possession of an FAA air carrier operating certificate, which undertakes to engage indirectly in air transportation of property, and uses for all, or any part, of such transportation the services of an air carrier. This does not include the U.S. Postal Service (USPS) or its representative while acting on the behalf of the USPS. See 49 CFR 1540.5. This definition reflects an amendment pursuant to this final rulemaking. --------------------------------------------------------------------------- II.A. Security Threat Assessments (STAs) TSA received approximately 140 comments on the proposed requirement for security threat assessments (STAs) for persons with access to air cargo. The STA proposed by TSA would include a search by TSA of domestic and international databases to assess any potential terrorist threats from those individuals with access to air cargo. TSA currently requires a variety of individuals working in aviation to submit to a criminal history records check and an additional name-based background check. Generally, these individuals work on airport grounds and have access to secure areas. However, many other persons who have not been subjected to such background checks have access to air cargo. TSA [[Page 30480]] proposed to require that STAs be conducted on additional categories of persons who have unescorted access to air cargo to verify that these individuals do not pose a security threat. Individuals who undergo security checks required for unescorted access to a security identification display area (SIDA), or who have successfully completed another STA that TSA approves as comparable, would not be required to submit to an STA. Applicability and Definitions Comment: The majority of comments addressing the proposed STA requirement expressed uncertainty about which employees would be required to have an STA, and what TSA considers to be ``unescorted access to cargo'' for purpose of triggering the STA requirement. In addition, the Regional Airline Association (RAA) states that the proposed language appears much broader than the scope previously recommended by the Aviation Security Advisory Committee (ASAC) because the requirement conceivably could apply to individuals who work outside of the airport environment. RAA believes that only individuals under the direct control of all-cargo airlines working at the airport should be subject to the STA requirement. The National Air Transport Association (NATA) suggests that TSA clarify specifically which persons are covered by the STA requirement-- either under this rule or by amendment to a security program--and which persons are excluded from the STA requirement. NATA states that because of industry confusion, a number of aircraft operators are unclear of their status with regard to the threat assessment requirement. The Air Transport Association (ATA) commented that they fully support TSA's conclusion that it is not necessary to require every employee of an entity regulated by TSA that is in the business of cargo transportation to submit to an STA. However, ATA believes that the proposed language in Sec. Sec. 1540.201 and 1544.228 is overly broad and subject to various interpretations. ATA states that, as written, the rules could apply to individuals who work outside the airport perimeter in cargo storage facilities or holding areas, truck drivers, and others who move cargo to airports on behalf of shippers. ATA believes that the rule also could apply to individuals who work at non-U.S. locations and employees of entities at the airport who share space or have access to air cargo areas operated by the regulated party, such as employees of fixed base operators who provide fuel and other supplies to regulated parties. ATA states that such broad coverage would be impractical and disruptive to timely air cargo transport, and urges TSA to clarify the language to limit the applicability. In addition, ATA recommends amending this section to apply to direct employees and authorized representatives of aircraft operators with unescorted access to cargo accepted by such aircraft operator. Federal Express (FedEx) recommends that TSA limit the STA requirement, to the extent permitted by applicable law, to employees who have unescorted access to the aircraft or cargo, or employees who they know or have reason to know will have access to cargo that will be tendered to a passenger carrier to be flown on a passenger aircraft. A number of comments asked for clarification as to what other security checks are approved by TSA, and, thus, would not require completion of an STA for that individual. TSA response: TSA agrees that not every employee should be subject to the STA requirement. Instead, TSA requires an STA for employees and agents of aircraft operators, foreign air carriers, and IACs who have unescorted access to cargo at certain times. TSA also requires an STA for certain IAC principals. TSA has revised the provisions of the regulations to clarify the STA requirement. While these revisions comport with the scope of the NPRM, we have restructured the sections to indicate more clearly which personnel are required to meet the STA requirements. The revisions clarify that the STA requirements apply: Only in the United States. To aircraft operators with a full program, or a full all- cargo program; foreign air carriers under Sec. 1546.101(a), (b), or (e); and indirect air carriers. To individuals with unescorted access to cargo who are employees or agents of-- \8\ --------------------------------------------------------------------------- \8\ The STA requirements also extend to an officer, director, and person who holds 25 percent or more of total outstanding voting stock of an IAC. However, TSA did not receive requests for clarification to this requirement. --------------------------------------------------------------------------- Aircraft operators with a full program and foreign air carriers under Sec. 1546.101(a) or (b) where they accept cargo; Aircraft operators with a full all-cargo program and foreign air carriers under Sec. 1546.101(e) where they consolidate or inspect cargo; IACs which accept cargo for transportation on aircraft operated by an aircraft operator with a full program, or a foreign air carrier under Sec. 1546.101(a) or (b); or IACs where they consolidate or hold cargo for transportation aboard an aircraft operated by an aircraft operator with a full or full all-cargo program, or a foreign air carrier under Sec. 1546.101(a), (b) or (e). Unless the employee or agent has a Criminal History Records Check (CHRC) for unescorted authority to a SIDA, or another STA approved by TSA as comparable to an STA under subpart C. It is helpful to note where employees and agents are not required to have an STA. Appropriate background checks for access to airport- restricted areas are obligatory under International Civil Aviation Organization (ICAO) Annex 17 Standards. TSA does not require STAs for unescorted access to cargo at foreign locations. Individuals do not need an STA if a person with the appropriate background check escorts them. Individuals who work near cargo, but do not require unescorted access to cargo, do not need an STA where the regulated entity has adopted access control measures to prevent unescorted access to the cargo. TSA will provide guidance on specific access control measures in their security programs and regulated entities may work with TSA to establish additional measures for TSA approval. Ensuring that individuals are properly escorted, or that cargo is in a locked, inaccessible area, are two of many possible examples of access control measures that may be available to regulated entities. Generally, TSA relies on the access control measures that have been in place through FAA and TSA regulations for many years. Regulated entities should contact their TSA principal security inspectors, or other appropriate TSA point of contact, if they have further questions regarding access control measures. Where employees and agents subject to STA requirements have successfully completed a CHRC for unescorted access authority to a SIDA, they have met their requirement and do not need to get a separate STA under this final rule. TSA already requires airport operators to send to TSA certain personal information for each individual who has undergone a CHRC for a current SIDA or sterile area ID in order to perform an additional background check that is comparable to an STA. TSA is providing instruction to aircraft operators with a full or full-all-cargo program to send to TSA the same type of information for cargo screeners who do not have current SIDA or sterile area IDs, and will also perform the additional check on this population. Most of these cargo screeners already [[Page 30481]] have SIDA IDs; and, thus, already are checked. Likewise, an employee or agent who has undergone another STA that TSA approves as being comparable does not need a separate STA under this rule. TSA considers the threat assessments it conducts for a person holding a commercial driver's license with a hazardous materials endorsement as comparable to an STA for purposes of this rule. See 49 CFR part 1572. TSA may determine that other threat assessments are comparable to the STA requirement under this rule and will expressly notify regulated entities with security program amendments from TSA upon making that determination. An employee or agent authorized to engage in the actions described below, who does not meet one of these means of compliance, must obtain an STA as directed in part 1540 of this rulemaking. For cargo accepted by an aircraft operator with a full program and a foreign air carrier under Sec. 1546.101(a) and (b), each employee or agent, whom the operator authorizes to have unescorted access, must have an STA.\9\ The STA requirement for these employees and agents applies at the point of acceptance, whether from a shipper, another aircraft operator, foreign air carrier, or indirect air carrier. --------------------------------------------------------------------------- \9\ Employees and agents do not need this STA if they have successfully completed a background check for unescorted access to SIDA, or have another threat assessment that TSA approves in this context. --------------------------------------------------------------------------- For cargo accepted in the United States by an aircraft operator under a full all-cargo program, or a foreign air carrier under Sec. 1546.101(e), this provision applies to each employee or agent authorized to have unescorted access to cargo from the time the regulated entity consolidates or inspects cargo until it is loaded on an aircraft. TSA has determined that security procedures for these all- cargo operations are best focused, and more efficiently applied, at locations where cargo is consolidated or inspected. Reasons for this determination include the layered security approach and the focus on interdicting stowaways. STA requirements for IAC employees and agents parallel measures from both passenger and all-cargo aircraft operators. Each IAC employee or agent who has unescorted access to cargo for transportation on a passenger aircraft must have an STA. For transportation aboard an all- cargo aircraft, each IAC employee and agent must have an STA, if the IAC authorizes them to have unescorted access to cargo, from the time the cargo reaches an IAC facility where the IAC consolidates or holds the cargo. Comment: A few commenters note that there seems to be a conflict between proposed Sec. 1540.201 and proposed Sec. 1544.228; specifically, proposed part 1544 includes a provision of applicability of STAs to operators, but part 1540 does not. The commenters request that TSA clarify the scope of these sections, recognizing that the exclusion of all-cargo operators from Sec. 1540.201 may have been inadvertent. TSA response: TSA's omission of aircraft operators under a full all-cargo security program in Sec. 1540.201(a)(1) was an oversight. We have provided a technical amendment to that subparagraph, adding ``or (h)'' to the end of the provision. Operators' Responsibility Comment: The Air Line Pilots Association International (ALPA) does not support the STA requirement because ALPA favors requiring persons with unescorted access to cargo to submit to a CHRC. ALPA argues that under the proposed rules, TSA could approve for unescorted access to air cargo an individual convicted of any of the 28 defined crimes because his or her name does not appear on government-maintained lists of individuals suspected of having a link to terrorism. ALPA states that criminal history, financial status, and many other factors can be indicators of an individual's character, reliability, maturity, and susceptibility to compromise. TSA response: TSA recognizes that there are a number of background check techniques that potentially could be applied to various persons in the supply chain. In accordance with our risk based, threat managed approach; TSA has determined that requiring persons with unescorted access to cargo to submit to an STA provides a significant enhancement while limiting costs. We note that persons with more sensitive positions, such as cargo screeners, are subject to CHRCs and additional background checks. Comment: Federal Express (FedEx) states, that in many cases, it would be unlawful for operators to conduct background checks on persons not directly employed by them. FedEx recommends requiring an operator to conduct such checks only on its direct employees. FedEx also expresses concern about requirements to have STAs for agents due to possible labor and employment law issues. FedEx also commented that for an IAC to fulfill this requirement, it will have to maintain employee records for all the truckers and warehousemen used by the IAC. Further, IACs will have to ensure that their vendors provide them timely updates of changes in employment and monitor unescorted access to cargo. FedEx believes that for the majority of IACs this would be an impossible task. Another comment supports the proposed section, but asserts that carriers should not be responsible for completing third party STAs. The commenter asserts that each entity should be responsible for completing its own STAs, and TSA should be responsible for funding any new background checks. TSA response: Aircraft operators, foreign air carriers, and IACs are responsible for carrying out all security measures as regulated parties. They do so using employees and agents, as they choose. They authorize unescorted access to cargo by agents and employees. Under these regulations, however, these regulated parties are not responsible for conducting the required background checks; rather they must ensure that the necessary information about their employees and agents is transferred to TSA for TSA to conduct the STA. TSA has carefully examined the scope of the need for an STA. TSA has revised the language of proposed Sec. Sec. 1544.228, 1546.213, and 1548.15 to pertain to those individuals specifically authorized to have unescorted access to cargo. This final rule provides the aircraft operator, foreign air carrier, and IAC latitude in authorizing unescorted access to cargo in order to limit the number of persons requiring an STA. The requirement for an STA does not extend to employees or agents who are only near air cargo where the aircraft operator, foreign air carrier, or IAC has in place other security measures to control access to the cargo. If a regulated entity uses a third party agent to meet its security program requirements, which regulated entity is responsible for ensuring that the third party has an STA, just as they are responsible for other security duties their agents carry out. TSA is aware of no conflict with other laws with regard to collecting STA information. Comment: National Armored Car Association (NACA) states that requiring additional background checks on employees, who have already been investigated and certified by State agencies charged with licensing security personnel, is redundant and wasteful. NACA suggests that TSA accept certifications based on State investigations which include FBI fingerprint examinations, and issue any necessary TSA credentials based on these background checks. [[Page 30482]] The American Trucking Association states that placing direct responsibility on operators to perform STAs on their agents, contractors, or subcontractors places a substantial financial burden on the operator and driver, and potentially will create a confusing, frustrating, and unworkable system. Other concerns of the American Trucking Association include whether STAs are transferable (i.e., would follow the employee as he or she changes employment), and how often individuals are required to renew their security authorization. The American Trucking Association proposes the use of TSA's Transportation Worker Identification Credential as an alternative solution to implementing STAs on individuals having unescorted access to air cargo. TSA response: In general, TSA does not anticipate accepting the background check of a private company or a state agency as comparable to a CHRC or STA approved by TSA. The TSA STA checks intelligence databases that are inaccessible to the private sector and not widely used by state agencies. As mentioned under Sec. 1540.201, STA requirements apply to those aircraft operators, foreign air carriers, and IAC employees and agents who are authorized and required to handle air cargo in the performance of their duties. STA requirements do not apply to employees and agents who have only incidental access to air cargo, or employees and agents who are required to submit to another TSA-approved STA, such as TSA HAZMAT driver's license requirements.\10\ TSA will consider accepting other TSA-approved STAs, such as the Transportation Worker Identity Credential upon broader implementation of its use. --------------------------------------------------------------------------- \10\ See 70 FR 22268 (Apr. 29, 2005), to be codified at 49 CFR part 383. --------------------------------------------------------------------------- Consistent with TSA policy on transferability of a CHRC conducted for unescorted access authority to a SIDA, an employee or agent who has successfully completed an STA for one employer need not complete it for another employer if the employee or agent has been continuously employed in a position that requires an STA. Additionally, as detailed in the response to the first comment on `Notification' below, there is no requirement to renew an STA as long as the STA-holder qualifies as continuously employed. TSA will provide further guidance to aircraft operators, foreign air carriers, and indirect air carriers upon request. Notification Comment: Several commenters note the potential lengthy turn-around time for STA notifications under Sec. 1540.205 and recommend that TSA include a time frame in which it will make the notification. Many of these commenters propose that TSA should specify an anticipated response time of 10 working days to provide authorization or initial denial to submitted STAs. One commenter notes that TSA will need to increase staffing to handle the impact of processing the STAs in a timely manner. The American Trucking Association commented that the proposed rule excludes certain employers from receiving STA results on their drivers. Without employer notification, trucking companies are unable to make informed personnel decisions regarding their drivers. The American Trucking Association recommends amending this section to include notification to the individual, operator, and employer. TSA response: TSA agrees that an anticipated response time of 10 working days in providing authorization or initial denial is appropriate and achievable in most cases. While some individual situations may require a longer timeframe for adjudication, TSA should provide the vast majority of approvals well within 10 working days. TSA further notes that once it approves an STA, by issuing a ``Determination of No Security Threat'', the STA will remain valid for an employee or agent from one job to another in accordance with Sec. Sec. 1544.228(b)(2), 1546.213(b)(2), and 1548.15(b)(2), and consistent with TSA policy on continuous employment for holders of unescorted access authority to SIDA. However, TSA notes that the regulated party and the agent's direct employer are not prohibited from communicating about the notification. Appeals Procedures Comment: The Airport Consultants Council proposes new language to clarify the requests for materials under the appeals procedure of Sec. 1540.207(c)(1). TSA response: Rather than adopt new language, TSA revised Sec. 1540.205(c)(4) by adding a cross-reference to Sec. 1540.207. Section 1540.207(c) allows an appeal, including a written request for materials, within 30 days of receipt of the ``Initial Determination of Threat Assessment'' from TSA. STA Fee Comment: United Parcel Service (UPS) states that they already conduct extensive background checks, including checking all airline employees against Federal governmental watch lists. If the TSA check merely duplicates what the air carrier already is doing, UPS contends there is no need for TSA to conduct the test and for the air carriers to pay the fee under Sec. 1540.209. UPS suggests that if TSA wants additional name checks with the proposed STA, then TSA should add the additional checks to the current listings and let the air carriers run them. This method does not place additional costs on TSA or the air carrier because the programming and personnel already are in place. Additional commenters request clarification on the procedures involved in an STA, because they do not understand the nature of the analysis or the basis of the $39 cost figure in the NPRM. The commenters believe that the proposed cost for the STA is excessive, given the cost of the comparable and more extensive CHRC checks. The Air Courier Conference of America (ACCA) and Purolator Courier oppose the fee, and state that TSA should carefully define the applicable population before it requires any new screening. They recommend that TSA conduct the screening against watch lists and the National Crime Information Center. FedEx states that, the new STA program will, contrary to TSA's expectations, increase both direct and indirect costs. They state that the direct cost of $39 for each STA is significantly more than the average cost of a CHRC. In addition, FedEx contends that the name-based methodology of an STA will result in indirect costs resulting from operational delays and disruptions due to false positives. FedEx argues that such indirect costs will exceed those that currently result from the CHRC. Like UPS, FedEx believes that air carriers should not have to pay TSA or another party to do something that they are already doing. The International Air Transport Association (IATA), Yellow Roadway, British Airways, Delta, and other commenters oppose the fee proposed in this section and believe that it is the Government's responsibility to provide protection from terrorists and to absorb any costs related to the STAs. TSA response: Private companies do not have access to all of the intelligence databases that TSA will use to conduct STAs. Further, TSA must make judgments as to the information received from the databases, which it has the expertise to apply. Accordingly, TSA has decided to conduct the STAs. Statutory provisions \11\ require that [[Page 30483]] industry should reimburse the agency for direct costs associated with accomplishing STAs. The STAs will not duplicate checks that the carriers are already accomplishing, as TSA has access to a variety of Government watch lists that are not appropriate for dissemination to the private sector. The $39 fee referenced in the NPRM assumed TSA would need to pay the FBI for access to the FBI's Automated Case System files. Subsequent to NPRM publication, TSA decided not to include the Automated Case System component in its STA. With increased vetting and credentialing experience, TSA has refined the necessary threat assessment sources to be included. As a result, the revised STA fee is $28. --------------------------------------------------------------------------- \11\ Department of Homeland Security Appropriations Act, 2004, Sec. 520 (Pub. L. 108-90, Oct. 1, 2003, 117 Stat. 1137). --------------------------------------------------------------------------- The rule provides for a phased-in implementation for compliance with the STA requirements. Regulated entities may mitigate delay in processing by timely submitting the STA application. Subsequent to the compliance date, any possible delay due to a false positive would occur prior to the applicant's authorization to have unescorted access to cargo. These new hires would constitute a small portion of the entire population subject to the STA. TSA expects that the percentage of false positives among these new hires will be minimal. Further, TSA analysts will be able to resolve most false positives quickly within the anticipated time frame for returning results. Section 1546.213 STAs for Cargo Personnel in the United States Comment: Japan Airlines wants TSA to clarify whether this section would require foreign air carrier employees to undergo STAs or other checks when accessing off-airport facilities, despite the non- application of SIDA-like requirements to such facilities. Nippon Cargo Airlines asks if the rule will apply only to new employees or if it will affect existing employees. TSA response: Foreign air carrier employees and agents within the United States are subject to the same requirements off-airport as corresponding U.S. aircraft operator employees and agents. If the foreign air carrier authorizes its employee or agent to have unescorted access to cargo at an off-airport facility and this facility is used to consolidate or inspect cargo until it is loaded on the aircraft, or an employee or agent accepts cargo from a known shipper, then the requirements of Sec. 1546.213 apply. The requirements apply to both new and existing employees and agents who have unescorted access authority granted by the foreign air carrier. Section 1548.15 STAs for Individuals With Unescorted Access to Air Cargo TSA received 15 comments on this section. Most commenters have doubts about the responsibilities of IACs regarding this rule. They want to know who will need the STA and whether the requirements are retroactive for current employees. Comment: Atlanta-Hartsfield International Airport (ATL) asks if this requirement includes personnel in the manufacturing and shipping phase of preparing air cargo, and if so, whether an IAC will be responsible for filing an STA application on each loading dock employee and transport driver in the shipping chain. ATL also asks if these requirements are retroactive for current IAC employees or other cargo related businesses, and if so, for how many years into the past and how soon will the applications need to be filed. TSA response: The STA requirements apply to those aircraft operator, foreign air carrier, and IAC employees and agents who are authorized to have unescorted access to air cargo in the performance of their duties. Manufacturing or shipping personnel would only be required to have an STA if they are acting as an agent and have unescorted access to cargo for an aircraft operator, foreign air carrier, or IAC. Current IAC employees and agents are required to complete an STA successfully. TSA is providing 180 days from the date of publication of this rule for aircraft operators, foreign air carriers, and IACs to comply with the STA requirements. Comment: Air Courier Conference of America (ACCA) asks to which employees this section will apply, and why some employees will need to undergo a background check against TSA's lists while others may undergo a CHRC. They note that most ACCA members already check employee names against the ``no fly'' and ``selectee'' watch lists as a standard element of their Security Directives, and as an added safeguard. TSA response: This rule requires STAs within the United States for employees and agents authorized by aircraft operators, foreign air carriers, and indirect air carriers to have unescorted access to cargo. Persons who have CHRCs for unescorted access authority to a SIDA already have undergone TSA name-based checks comparable to the STA and therefore will not have to undergo another one. Comment: ATA supports a reasonable extension of STAs for IACs, but warns of significant potential for system disruptions, unless TSA defines IAC and air carrier responsibilities with regard to STA clearance. ATA asserts that air carriers cannot be responsible for ensuring the clearance of each IAC handler who may have contact with cargo before the delivery to the air carrier. ATA believes that this is not a workable process given the inherent time sensitivities in air cargo transport, the number of IACs providing cargo to air carriers, and the nature of an IAC's workforce scheduling. TSA response: TSA inspectors verify IAC compliance with STA requirements in the normal course of regulatory compliance inspections. Air carriers are not required to verify the IAC's compliance as part of the air cargo acceptance process. Comment: National Customs Brokers and Forwarders Association (NCBFAA) questions whether longtime employees, and licensed customs brokers, many of whom are also IACs and certified by U.S. Customs and Border Protection (CBP) under the Customs-Trade Partnership Against Terrorism program (C-TPAT), are subject to STA requirements. NCBFAA believes that these employees have proven their reliability and conscientiousness on security matters and it would be inefficient and unnecessary to subject them to background checks. NCBFAA recommends that TSA either exempt individuals previously approved by the CBP, or work with CBP to harmonize their respective screening processes. NCBFAA also proposes that TSA exempt IAC employees with a certain level of experience. NCBFAA believes it would be redundant to require a second DHS screening for many IAC employees. In addition, the NCBFAA recommends that TSA limit STA screening to a five-year period for persons who remain in good standing. TSA response: TSA will not exempt any employee from STA requirements based on length of service. TSA believes that performing background checks on individuals playing critical roles in the air cargo supply chain is a necessary step in ensuring aviation security. TSA currently is working with other DHS components to consider background checks performed by those components to determine if they are comparable to checks performed by TSA. Regulated entities will be able to refer to their security programs as provided by TSA for information on comparable checks. Regulated entities have incentive to determine whether an applicant has already completed a comparable check because the employee would not have to wait for clearance for unescorted access to cargo. Also TSA is providing in security programs that regulated entities [[Page 30484]] must accept the comparable check in lieu of the STA. II.B. Acceptance and Screening of Cargo Comment: The majority of commenters on Sec. Sec. 1544.205, 1546.205, and 1548.9 regarding inspection and screening of cargo are not sure how to accomplish compliance. TSA response: Specific Sensitive Security Information (SSI) measures will be proposed as amendments to airport, aircraft operator, foreign air carrier, and IAC security programs. The contents of these programs are not appropriate for public disclosure as part of this rulemaking. TSA is providing airport operators, aircraft operators, foreign air carriers, and IACs the opportunity to comment on the proposed amendments to their security programs upon issuance, and before the effective date of this final rule. It is helpful to note that many of these measures already appear in current Security Directives and security program requirements. Comment: UPS, ATA, Regional Airline Association (RAA), and Cargo Airline Association (CAA) state that Sec. 1544.205(a) and (b) are imprecise and redundant, and propose alternative language to consolidate the paragraphs. TSA response: Paragraph (a) of Sec. 1544.205 provides the general requirement and performance standard for carriage of cargo. Paragraph (b) provides the specific requirement for screening and inspecting cargo. Other paragraphs provide other specific requirements. The revision also extends those requirements to all-cargo aircraft operations with a maximum certificated take-off weight (MTOW) of more than 45,500 kg (100,309.3 lbs.). These paragraphs do not provide details of how these requirements must be met, because such details are Sensitive Security Information under 49 CFR part 1520 and are contained in security programs that are available only to persons with a need to know. Comment: Several commenters oppose requiring regulated entities to refuse cargo for transport if the shipper does not consent to screening and inspection of the cargo under Sec. Sec. 1544.205(d) and 1546.205(b). They state that high cash value cargo, such as jewelry, currency, bullion, and other sensitive cargo, is shipped in sealed containers that cause damage or losses to cargo when opened. They suggest additional consideration and industry input on how to deal with these situations and ask whether the Government will provide indemnification if damage occurs during inspection by the Government or Government contractor personnel. TSA response: Regulated entities must refuse to transport cargo as required under, and consistent with, their security programs. TSA understands that requiring shippers, like drug companies, to consent to inspection of cargo is problematic. TSA agrees that the screening of certain types of cargo present unique challenges, and recognizes the safety and security concerns related to screening such cargo. TSA revised the wording in sections that require consent to screen cargo, and provides specific exceptions and alternative procedures in the proposed security program amendments for shipments whose contents would be damaged or compromised if the aircraft operator inspected the cargo. These procedures largely will be transferred from current Security Directives that address these concerns for later consideration in amendments to applicable security programs. Comment: NACA and NATA ask if the terms ``inspect'' and ``screen'' are interchangeable. TSA response: The terms ``inspect'' and ``screen'' are not interchangeable. Generally, screening means the systematic evaluation of a person or property to assess whether either poses a threat to security. TSA interprets inspection as a subset of screening. An inspection is a method of conducting such an evaluation, but is not the only method. For instance, the known shipper program is an information- based method of screening. The known shipper program involves the screening of cargo based upon information known to an aircraft operator, foreign air carrier, or indirect air carrier about the shipper of the cargo. Additionally, a certain percentage of that cargo is inspected for the presence of persons and any unauthorized explosives, incendiaries, and other destructive substances or items. TSA will provide specific guidance to regulated entities in their respective security program amendments. Comment: FedEx wants TSA to clarify that the proposed rule does not require or authorize TSA to impose any additional screening beyond the screening they already are doing under SDs and security program amendments. Several all-cargo air carriers ask if TSA will bear the costs of the screening workforce and equipment required under Sec. 1544.205, and want TSA to clarify who has the responsibility for screening cargo. TSA response: Aircraft operators incur the cost for the screening of cargo transported aboard their aircraft and must comply with the procedures for screening incorporated in their security programs. Specific screening requirements are promulgated in amendments to such programs and regulated parties are provided the opportunity to comment on these amendments, as appropriate. Regarding screening of cargo for transportation aboard passenger aircraft, 49 U.S.C. 44901(a) provided an exception for Federal screening for the known shipper program. The inspection of a portion of known shipper cargo is considered a part of the known shipper program and need not be conducted by Federal employees. This rule does not address the amount or type of cargo screening that is required. TSA will respond to changing conditions as needed. Additionally, TSA is considering whether the current system for selecting cargo for inspection will be changed with the TSA Freight Assessment System (FAS). The FAS might be used to identify cargo posing an elevated risk for the application of security measures in the aircraft operator's security program. Comment: FedEx, UPS, CAA, and ATA note that Sec. 1544.205(e) appears to prohibit the acceptance of cargo for air transportation from a variety of retail outlets, such as the UPS Store, FedEx, Kinko's, and other authorized shipping outlets. The commenters note that these outlets are neither the shipper nor an entity specifically mentioned with a comparable security program under Sec. 1544.205(e). However, the commenters believe that the exception under Sec. 1544.205(e) will permit them to continue to accept cargo from these retail outlets as is currently allowed in their security programs. The commenters want TSA to clarify that this is, in fact, TSA's intention. Further, if this is not the intention of TSA, they recommend excluding carriers operating under all-cargo programs from the application of this section, and propose using the following language for Sec. 1544.205(e): ``Each aircraft operator operating under a full program or an all-cargo program may accept cargo for air transportation on a passenger air carrier only from a known shipper, or from an aircraft operator, foreign air carrier, or IAC operating under a security program under this chapter with a comparable cargo security program.'' TSA response: Aircraft operators under a full all-cargo security program are not prohibited from accepting cargo from retail entities as described in these comments. Under these rules, such retail outlets may operate either under an IACSSP, or as an agent with security responsibilities under the aircraft [[Page 30485]] operator's security program. For a further discussion of the differences between IACs and agents of aircraft operators, please see the Section-by-Section Analysis for Sec. 1548.5. Comment: UPS, CAA, ATA, and others commenters express concern about the extraterritorial applicability of Sec. 1544.205(f). CAA states that the rule seems to apply to international air cargo movements and notes that commercial realities and foreign government resistance make the application of this rule unattainable. UPS wants TSA to clarify this section to recognize that foreign law may limit the extent to which carriers may be able to comply with security programs outside the United States. ATA states that foreign countries may impose screening requirements that differ and even conflict with those in the carrier's security program and recommends that TSA permit air carriers to comply with either the security programs imposed by the foreign country or those contained in the TSA-approved security program. TSA response: TSA recognizes, as indicated by the commenters, that the imposition of regulatory requirements on a U.S. aircraft operator operating from foreign locations may be impacted by the legal requirements applied by the host government at such foreign locations. The requirement for a U.S aircraft operator to screen cargo at foreign locations is no different from any other current or proposed aviation security requirement placed upon a U.S. aircraft operator operating outside the United States. The specific security program mandates for the screening of cargo outside of the United States take into consideration cargo security restrictions, as well as requirements mandated at some foreign locations. Comment: Several smaller air carriers state that they cannot comply with the proposed rule requirement to open packages before loading at unsecured airports. TSA response: This rule codifies requirements for screening that already are in place through SDs and security program amendments. The fact that an aircraft operator operates at an airport without a security program has not been found to inhibit screening. Comment: Several airport operators and air carriers ask how to accomplish screening at rural airports. TSA response: Each aircraft operator and foreign air carrier security program must take into consideration the different locations at which cargo must be screened. Aircraft operators and foreign air carriers must conduct screening at rural airports in accordance with the specific requirements of their security programs. Acceptance and Screening of Cargo From Locations Outside the United States Comment: Association of Asia Pacific Airlines (AAPA), British Airways, Association of European Airlines (AEA), and Singapore Airlines state that Sec. 1546.205 lacks provisions regarding the acceptance and recognition of National Aviation Security Program requirements that many foreign airlines use. They recommend standardizing requirements for acceptance and screening of cargo, and implementing threat-based measures for inspection of cargo. TSA response: TSA continues to recognize National Aviation Security Programs of foreign countries in accepted security programs. Comment: Several commenters, including British Airways, IATA, and AEA want TSA to clarify the term comparable security program in Sec. 1546.205(e), and ask what this term includes. In addition, these commenters recommend amending Sec. 1546.205(f) to clarify that it applies only to cargo loaded outside the United States that is destined for the United States and that foreign air carriers may accept cargo destined for the United States from any lawful entity, subject to a compatible National Aviation Security Program as approved by the carrier's national government. TSA response: A comparable security program includes cargo security measures identical or equivalent to those required of the accepting aircraft operator or foreign air carrier. If the transferring aircraft operator, foreign air carrier, or IAC, has performed these cargo security measures, there is no further need for the accepting aircraft operator or foreign air carrier to repeat those measures. For instance, for transfers to aircraft operators with a full program, TSA will consider such security measures as: Whether the known shipper program was applied, from whom the operator accepted the cargo, the type of cargo screening or inspection that was done, and other relevant security measures. Overall, part 1546 applies to the operation, landing, or taking off within the United States of a foreign air carrier. Only cargo destined to, or transported through, the United States is subject to this final rule when loaded at a foreign airport. Section 1546.205(f) requires that foreign air carriers subject to this part carry out the requirements of their security programs. Section 1546.101 applies where a foreign air carrier lands or takes off in the United States. Acceptance of Cargo by an Indirect Air Carrier Comment: Most comments to Sec. 1548.9 support this section and recommend that TSA allow IACs to screen cargo provided they demonstrate the capability to do so. The Yellow Road Corporation expresses concerns about the costs and redundancy associated with enforcing cargo security requirements for IACs, and recommends the adoption of varying levels of cargo screening with emphasis on loading cargo on the aircraft. IBM wants clarification on the requirement to obtain the shipper's consent to search or inspect cargo, and suggests allowing the shipper to give a blanket authorization to the IAC as part of its contract. TSA response: While TSA does not state in which manner the shipper's consent to search or inspect cargo be obtained, it does require that the consent be explicit and in writing. TSA allows aircraft operators, foreign air carriers, and IACs to manage the collection of consent to search in a manner consistent with individual operational needs. The regulations allow a shipper to provide a blanket authorization, as proposed by IBM. II.C. Security Identification Display Area (SIDA) Comment: American Association of Airport Executives (AAAE) disagrees with TSA's assessment that airports easily will be able to extend SIDAs to areas where cargo is loaded and unloaded under Sec. 1542.205. AAAE states that the rule does not adequately address the complexities of expanding SIDAs at airports with diverse operational configurations, property ownership, and jurisdictional control. Aircraft Owners and Pilots Association (AOPA) states that while this rule may not impose direct mandates for general aviation areas at airports regulated by TSA under 49 CFR part 1542, AOPA is concerned that the practical implementation of this requirement will result in SIDA requirements in many general aviation areas. In addition, AOPA notes that many airports specifically exclude general aviation areas from the SIDA because of time and distance separation from the air carrier areas. This layered approach to security limits access points and the number of individuals needing the background check and identification requirements for the SIDA, and establishes clear distinctions of security areas. [[Page 30486]] AOPA recommends using the standard of the operational area of the aircraft principle for air cargo operations at part 1542 regulated airports, similar to that proposed for operations at non-part 1542 TSA regulated airports. AOPA further states that the operational area of the aircraft should include the immediate footprint of the cargo aircraft and handling area, with a procedure to limit unauthorized persons near the aircraft while it is being loaded and unloaded, but not the entire ramp. The Department of Transportation of Alaska states that this final rule will require CHRCs for most people working at an airport, and contends that expansion of the CHRC requirement will not effectively increase security for air cargo. TSA received some comments that relate to the fact that areas designated as SIDAs primarily are subject to airport operator control rather than aircraft operator control. CAA states that expansion of the SIDA is not the best way to secure the area surrounding cargo aircraft. It further asserts that the ASAC Working Groups did not recommend such a SIDA expansion, but rather recommended the imposition of SIDA-like requirements on air carriers operating from these cargo areas. CAA, UPS, DHL, and FedEx comments that the difference is significant from an operational, but not a security, standpoint, noting that it is essential that the all-cargo air carriers retain access control so they can carry out their requirements and internal company procedures. CAA recommends requiring air carriers to amend security programs to include SIDA-like measures at non-SIDA operational areas of U.S. airports where cargo is loaded or unloaded from aircraft. FedEx states that this section extends SIDA requirements to areas where operators sort loaded or unloaded cargo on airport grounds. However, Sec. 1542.205(a)(2) does not contain this important language. FedEx recommends adding the phrase ``on airport grounds'' after every reference to ``each area'' in the rule to clarify that facilities such as FedEx stations, world service centers, and non-airport sort locations are not to be included in SIDAs. UPS also proposes extensive revisions to this section. Airports Council International-North America (ACI-NA), ATA, and RAA do not support the extension of SIDA requirements. They state that the language is very broad and could potentially extend SIDA requirements far beyond what is necessary to ensure air cargo security. They recommend amending the SIDA requirements only to airport areas used to load or unload cargo from aircraft. The Miami International Airport, Atlanta-Hartsfield International Airport, ACI-NA, and the Airports Consultants Council agree that the new requirement will enhance the overall level of security, but only if designated in those areas under airport control. They argue that the SIDA should begin at the wall of the cargo facility adjacent to the airside ramp locations. The commenters also oppose requiring airports to extend, or enforce the security of the SIDA into tenant-leased facilities. Eleven small aircraft operators, AOPA, and Regional Air Cargo Carriers Association (RACCA) express concern about extending SIDA to cargo operating areas. The commenters state that the SIDA extension is impractical for aircraft operating under the TFSSP, since operations are conducted on common public areas like the general aviation and FBO ramps, and it would be impossible to extend SIDA requirements to these areas. The Juneau International Airport asks to designate dual use areas that are SIDA only during times that the cargo activity is performed, and asks if SIDA need to be contiguous. The Anchorage International Airport recommends allowing the local FSD to determine which areas, if any, need to be classified as SIDAs. TSA response: TSA has determined that measures to prevent individuals from gaining unauthorized access to the cargo operations area are necessary to prevent tampering with the aircraft or the cargo and to remove a potential access point for stowaways. TSA considered requiring aircraft operators and foreign air carriers in all-cargo operations to implement SIDA-like requirements. However, TSA has determined that airport operators with security programs under 49 CFR 1542.101(a) are able to implement more efficiently the requirements to extend SIDAs. These airports are better positioned with the necessary infrastructure to provide security measures, as they are able to leverage the existing resources that support SIDAs currently in place. Airports also will be able to rely on, or more easily expand, existing identification media and security check capabilities, law enforcement support, and training programs. TSA considered limiting the extension of SIDAs to areas of a ramp where cargo is loaded or unloaded from the aircraft. However, the inside of facilities where cargo is sorted, stored, staged, consolidated, processed, screened or transferred, present numerous, and perhaps more, opportunities for someone to tamper with the cargo just before it is loaded onto an aircraft. TSA also considered extending the SIDA requirement for similar cargo areas off-airport. TSA determined that the complexity and cost of applying these measures off-airport would be too great because they lack existing resources to expand. These off-airport locations would disproportionately incur significant start-up costs. Accordingly, the final rule provides that SIDA security measures must be extended to secured areas and air operations areas that are regularly used to load cargo on, or unload cargo from, an aircraft operator under a full or full all-cargo program as provided in Sec. 1544.101(a) or (h), or under a foreign air carrier program under Sec. 1546.101(a), (b), or (e). Adoption of a security program under these sections applies to operation of an aircraft with an MTOW of more than 45,500 kg (100,309.3 lbs.). The requirements do not extend to areas used by aircraft with an MTOW of more than 12,500 lbs., but not more than 45,500 kg (100,309.3 lbs.). Additionally, the SIDA security measures must be extended on an airport to areas where cargo is present after an aircraft operator, foreign air carrier, or indirect air carrier accepts cargo. In particular, this includes inside buildings such as cargo facilities, loading and unloading vehicle docks, and other areas where an aircraft operator, foreign air carrier, or indirect air carrier stores, stages, consolidates, processes, screens, or transfers cargo. As clarified in Sec. 1542.205(a)(3), the SIDA is not required to include access routes between the perimeter entry point of the airport and the cargo facility, or one of these other locations, for the purpose of transporting cargo to or from an aircraft operator, foreign air carrier, or indirect air carrier. There may be areas within a cargo facility that do not need to be SIDAs. For example, some parts of cargo facilities are not restricted to employees and agents of an aircraft operator, foreign air carrier, or indirect air carrier. These areas may have a counter where one of these operators accepts cargo from shippers, or the shipper's agents. The area leading up to this counter need not be a SIDA if there is no cargo in these areas that already has been accepted. Additionally, on a limited basis other security measures, such as access control measures or active and continuing surveillance or monitoring, may mitigate the need for SIDA in areas where an operator's customer or the [[Page 30487]] customer's agent is present to tender cargo. Each airport security program will specify the actual limits of the cargo operations area to be included in a SIDA, subject to review and approval by TSA. Amendments to security programs may address the particular circumstances of an airport's layout and operations and accommodate other aviation operations to the extent practical. Note that under Sec. 1542.111, an aircraft operator or foreign air carrier may enter into an exclusive area agreement with an airport operator to take responsibility for the SIDA. Additionally, under Sec. 1542.111 TSA encourages airports to grant an aircraft operator's request to enter into an exclusive area agreement for the inside of a building of any cargo facility on its airport where cargo is present after the aircraft operator accepts the cargo. For example, TSA recognizes that some aircraft operators may have buildings that house their own operations and they have an interest in maintaining their own security systems. In such cases, the aircraft operator may elect to carry out the requirements for the SIDA inside the building rather than the airport operator doing so. Airport operations are able to use existing procedures and resources to cover these new SIDAs and will not need to create different procedures and resources in order to comply with the requirements of this final rule. This approach also ensures that common standards apply on these airports. In contrast, airports that are not required to have security programs under part 1542 are not required to create SIDAs. At these airports, TSA requires aircraft operators under full all-cargo security programs to prevent unauthorized access to the operational areas of the aircraft, rather than requiring the airports to create SIDAs and corresponding support structures. TSA determined that requiring these airports to create SIDAs would necessitate that they adopt TSA-approved security programs. TSA declined to extend the scope of these regulatory requirements to entities that currently do not have TSA-approved security programs. TSA determined that requiring aircraft operators to meet the security requirements of Sec. 1544.225 would provide the greatest operational flexibility at airports that do not have TSA-approved security programs. Many commenters appear to have interpreted the proposed requirements to extend the airport SIDA to cargo operations areas in Sec. 1542.205(a)(2) as applying to off-airport facilities or general aviation areas where cargo may be loaded on or unloaded from smaller all-cargo aircraft. TSA is reiterating the intent of the proposal and clarifying the applicability of this section by modifying the proposed language in the final rule. As stated in the NPRM ``[t]he SIDA would only be extended to areas on airport grounds.'' \12\ Part 1542 only applies to airports. --------------------------------------------------------------------------- \12\ 69 FR 65270 (Nov. 10, 2004). --------------------------------------------------------------------------- TSA's intent in expanding the SIDA is to deny unauthorized individuals access to the cargo operations areas in order to prevent tampering with the aircraft and cargo and to deny a potential access point for stowaways. TSA believes that expanding the SIDA will minimally affect areas where general aviation aircraft operate. However, TSA acknowledges that each airport is different and some consideration must be given to how SIDA expansion affects general aviation. Each Federal Security Director has authority to work with airport operators to design the SIDA based on local airport characteristics and security requirements. In response to a question by Juneau International Airport, there is no requirement that SIDAs for cargo operations be contiguous with other SIDAs at the airport. For instance, TSA understands that some airports have SIDAs where passenger operations are conducted that are on the opposite side of the airport from areas where cargo operations are conducted. The area between these locations may not need to be a SIDA. Comment: UPS recommends that TSA require airports with electronic fingerprint equipment to accept the aircraft operator's and IAC's Submitting Office Number to reduce the costs to the aircraft operator and IAC. UPS states that the Submitting Office Number allows the aircraft operator and indirect air carrier to be billed directly for the CHRC and to identify where the results should be routed. Additionally, UPS states that it is impractical for aircraft operators and indirect air carriers to have electronic fingerprint equipment at all locations for employees that need a CHRC. TSA response: TSA does not prohibit airport operators from electronically submitting requests for a CHRC by an aircraft operator using that aircraft operator's Submitting Office Number. TSA does not regulate how airports use their equipment in this context. However, IACs are not authorized to conduct CHRCs under this rule. II.D. Known Shipper Program Comment: Several IACs and the National Industrial Transportation League request that TSA clarify issues surrounding accessibility of the proposed known shipper database and recommend the establishment of a central database managed by TSA. In addition, the commenters seek clarification from TSA on how, and to what extent, air carriers' internal systems would be able to interface with the database. TSA response: TSA agrees, and has developed a centralized database of known shippers.\13\ This database is available to the regulated parties. Participating aircraft operators, foreign air carriers, and IACs verify shippers against the database. If the shipper is known in the system, an IAC may offer the cargo for transport to, and the aircraft operator or foreign air carrier may transport their cargo on, a passenger aircraft. The regulated parties may access the system through a web-based portal or by establishing direct access through their air cargo management system. --------------------------------------------------------------------------- \13\ This database is covered under the Privacy Act system of records notice. Transportation Security Threat Assessment System (DHS/TSA 002), which was published in the Federal Register on September 24, 2004, and amended on December 10, 2004. It can be found at 69 FR 57348, 57349 and at 69 FR 71837. --------------------------------------------------------------------------- Comment: A number of commenters believe that the known shipper program should be a TSA-operated function, in order to protect commercially sensitive information. The commenters believe that TSA should establish specific requirements for inclusion in the known shipper list or database, vet shippers for inclusion in the program, populate and maintain the list or database, and make provision for automated verification of shippers against the database. TSA response: TSA agrees that the operation and management of the known shipper database is a TSA function. However, TSA believes that in order to maintain the carrier's domain awareness and client-vendor relationship, the regulated parties, and not TSA, should perform submissions of known shipper data for inclusion in the database. TSA vets shippers in the database via electronic means. Regulated parties are automatically able to verify shippers against the database through a direct access linkage of their air cargo management system to the known shipper database. Comment: UPS and FedEx oppose requirements under Sec. 1544.239 to submit known shipper information to a mandatory database. They state that use of the database will diminish rather [[Page 30488]] than enhance security, and question the ability of the TSA database to process the volume of requests and the number of shippers that will be added to the system. In addition, they argue that their competitors could use the database in a manner that would promote unfair competition, and that the servers supporting the database could become inoperable at inopportune times. FedEx states further that the web- based known shipper database will not necessarily be technologically compatible with existing Information Technology (IT) infrastructure and operational demands. UPS wants TSA to treat all information in the database as SSI, and apply stringent privacy protections. ATA supports the concept of a centralized known shipper database, if the database is secure, transparent to authorized users, accurate, and efficient. ATA states that, at times, the current database is not easily accessible through carrier computer systems and needs a standardized query vehicle, such as a unique identifier for each shipper. ATA states that a mandatory, centralized clearance system raises many questions and challenges for all-cargo carriers not discussed by the ASAC Cargo Working Groups. Therefore, ATA recommends creating a separate task force to examine issues relating to whether all-cargo carriers should participate in the centralized database because of the significant ramifications for the industry. ATA recommends also that TSA fund all carrier costs associated with participation in the known shipper program. TSA response: TSA believes that the known shipper database will be able to handle the volume of queries. Regulated entities will not be required to have each satellite location equipped with a direct connection to TSA. Rather, these locations may work through a single corporate point of contact. TSA understands that some operators have expressed concerns that the database may be used in a manner inconsistent with fair competition. TSA notes that regulated entities with access to the database will not be able to produce the entire list of known shippers in a single query. Rather, regulated entities will only be able to confirm a single known shipper at a time. Additionally, TSA notes that it will soon be far less costly for customers to become known shippers with the transition to TSA-vetting. At present, each regulated entity must invest time and effort in making customers known shippers. In the future, TSA will transition this system to allow regulated parties to request that TSA verify that a shipper may be a known shipper. Accordingly, there will be fewer competitiveness issues. TSA remains sensitive to issues of connectivity and competitiveness, and will continue to work with interested stakeholders as we develop these systems. Currently, the known shipper database employs a verification process to match the information submitted to other publicly available information and for maintaining data integrity. TSA believes that the use of the known shipper database will expedite the process of shipper verification, while providing the Government the necessary tools to vet shippers adequately before the transportation of cargo on a passenger aircraft. Air carriers will be able to maintain their current systems and practices, such as the manner in which they flag known shippers within their own systems. In addition, TSA believes that the aviation industry benefits from the reduced time it will take to convert a shipper from unknown to known. TSA disagrees that a centralized database weakens air cargo security. A Government-owned and -managed database that contains all known shippers affords TSA the opportunity to further vet known shippers, evaluate the threat posed by those who use the air transportation system to move goods before the goods are loaded on passenger aircraft and improve efficiency in vetting known shippers. The database treats information that aircraft operators, foreign air carriers, and IACs submit as SSI. TSA will continue to work with regulated parties who have concerns about system continuity and issues of competitiveness as we further develop these systems. Comment: One commenter proposes merging known shipper and the Automated Export System (AES) databases to avoid redundancy. TSA response: The AES is a joint venture between Federal agencies and the export trade community. It is the central point through which export shipment data, required by multiple agencies, is filed electronically with CBP, using an electronic interchange. TSA and CBP are working on the development of TSA's Freight Assessment System. TSA is looking at ways to leverage CBP's systems in order to avoid duplication of effort. TSA will study the feasibility of merging the known shipper database with CBP's AES as part of this effort. Comment: Several commenters request that TSA clarify the criteria to establish a shipper as a known shipper. Other commenters request that TSA clarify whether the definition will be uniform for all types of freight and that TSA indicate whether it will expand the known shipper program to include small aircraft operators. TSA response: The specific criteria that TSA uses for the known shipper program are SSI. TSA does not disclose specifics of the criteria in public documents. The shipper itself does not have a need to know the criteria. Rather, aircraft operators, foreign air carriers, and IACs contact the shipper to qualify it as a known shipper. Known shipper program requirements only apply to the transportation of cargo on: (1) A passenger aircraft under a full program; (2) a passenger aircraft operated by a foreign air carrier under Sec. 1546.101(a) or (b); or (3) cargo being transferred to a passenger aircraft operation under these sections. The known shipper requirements do not apply to cargo transported exclusively on all-cargo aircraft. Comment: The Air Transport Association of Canada proposes reciprocity between TSA and Canadian known shipper databases to avoid duplication of data. TSA response: TSA and Transport Canada continue to coordinate on this issue. In general, we welcome the opportunity to collaborate with foreign governments in the harmonization of global air-cargo security requirements. Known Shipper Program and Foreign Air Carriers Comment: Several commenters, including Nippon Cargo Airlines, question whether TSA requires foreign air carriers to comply with the known shipper program and ask how TSA implements the program with respect to foreign air carriers. The British Embassy asks TSA to clarify whether foreign air carriers are able to accept only cargo from consigners on a TSA-approved list, and requests that TSA confirm that application of the rule is limited to cargo loaded in the United States. TSA response: Currently, passenger foreign air carriers operating from U.S. airports are subject to the provisions of the Model Security Program (MSP), which requires the adoption of the known shipper program. All cargo loaded on a passenger aircraft at a U.S. airport is subject to this requirement, whether under an aircraft operator or foreign air carrier security program. These requirements are not applicable to cargo loaded outside the United States. Known Shipper Program and IACs Comment: TNT USA, an IAC, contends that the regulation is duplicative of existing anti-terrorism [[Page 30489]] regulations and legislation. The commenter also states that the rule is a barrier to free trade. TSA response: TSA disagrees. Rather than acting as a barrier to free trade, this rule enhances the capability of aircraft operators, foreign air carriers, and IACs to more efficiently comply with security program requirements. These regulations are not duplicative as they have a different purpose and address a different security threat than those of other U.S. government agencies, like CBP. As stated in the NPRM, CBP and TSA have distinct security missions in securing air cargo. CBP's mission is preventing terrorist and terrorist weapons, including weapons of mass destruction, from entering the United States.\14\ TSA, on the other hand, is responsible for securing both U.S. aircraft and foreign flights destined for the United States from destruction or hijacking and, as a result, is primarily concerned with the illicit loading of explosives, incendiaries, or stowaways on board. --------------------------------------------------------------------------- \14\ Additionally, customs regulations allow for the movement of cargo ``in bond'' from the initial port of arrival to an inland CBP location where it will be released (inspections prior to release are also conducted at these inland locations) into the commerce of the United States. Under the in-bond process, the cargo remains in customs control with requirements as to who may transport it, and where it may be stored (bonded warehouses) until is released by CBP. --------------------------------------------------------------------------- Comment: NCBFAA wants TSA to clarify how long it will take to qualify a known shipper and if an IAC can accept cargo from the shipper during the qualification period. NCBFAA states that the known shipper database must be precise in order to avoid delays and confusion over shipper names and asks if known shipper status applies to all office branches of a qualified shipper. Further, NCBFAA asks if the database is the only source of known shipper information, and how TSA notifies IACs of known shipper revocations. Finally, the NCBFAA asks whether air carriers need to consult the database if an IAC already has verified the shipper status and if there is reciprocity for a known shipper under a similar program in another country. TSA response: Regulated entities must separately list each location for a known shipper. TSA anticipates that the vetting process will take less time than the current process specified in the security programs and is mindful of the competitive commercial environment in which the regulated entities operate. TSA will address other specific process questions about the database in the security programs in order to protect sensitive security information. Aircraft operators may accept a certification from the IAC that the cargo has been accepted from a known shipper. There is not presently reciprocity to establish a known shipper in the database based upon a determination under a program in another country. Comment: The Airforwarders Association wants TSA to address the consolidations of IAC operations, where IACs tender shipments to another IAC, in order to achieve efficiency and expedite the shipment of air cargo. They state that the rule does not consider this consolidation as within the known shipper program allowances, even if the shipper is known to the IAC supplying the shipment. TSA response: TSA agrees and is addressing this issue in the IACSSP amendments, which will be available for IACs to comment on soon after the publication of this final rule. II.E. Adoption and Implementation of the Security Programs The following are comments to Sec. Sec. 1544.101, 1546.101, 1546.103 and 1548.5. Comment: AOPA does not want TSA to apply security requirements under these sections to on-demand cargo operations, and wants TSA to limit the application of such requirements to scheduled operations. In addition, a domestic air carrier states that terrorists would likely not choose unscheduled airlines for a hostile takeover, or for placement of an explosive device, because of the inability to plan for the location of the planes. The air carrier also wants to limit the regulations to scheduled air cargo transportation. TSA response: TSA does not believe that distinguishing charter operations as scheduled or unscheduled in this manner would provide for the appropriate level of security. TSA notes that the flight departures of some unscheduled charters are predictable. Comment: FedEx, Swiss International Air Lines, Air France, and the International Brotherhood of Teamsters recommend adopting one security program for all aircraft operators and foreign air carriers in the industry, without differentiating between weight and type of aircraft or operation. TSA response: TSA requirements do not prohibit an air carrier from adopting a single security plan for all of its categories of aircraft sizes provided that the plan meets or exceeds the security requirements for each aircraft used in those operations. TSA recognizes historical patterns of terrorist attacks and a threat-based, risk-managed approach to security. Terrorists have demonstrated the destructive potential of large turbine-powered aircraft with large capacity fuel loads and speeds. Accordingly, a security regime that differentiates between aircraft on the basis of weight is appropriate, regardless of whether a particular aircraft carries passengers or cargo. At the same time, TSA is mindful of the historical link between terrorist operations and passenger aircraft. Therefore, measures that prevent cargo and cargo operations from being used to carry unauthorized explosives, incendiaries, and other destructive substances or items against passenger aircraft must be provided, regardless of aircraft weight. This rationale underscores TSA's security regime and the particular measures that TSA has developed across the spectrum of civil aircraft operations, whether passenger, cargo, or mixed. Requiring the highest level of security for all sizes of aircraft would add a burden for smaller aircraft, which is not warranted by the current threat. Comment: FedEx states that, in the past, TSA field agents and foreign government officials have incorrectly assumed that the full all-cargo security program is limited or somehow inferior to the passenger aircraft's full program because it did not contain the term ``full program.'' FedEx states that this misunderstanding has resulted in a loss of confidence in their security program, and in some cases, undue scrutiny and delay. ATA CAA, FedEx, and RAA recommend either eliminating the word ``full'' from the names of all security programs or rename the cargo program. TSA response: TSA notes that the all-cargo program does not require all of the same security measures as the full program that applies to passenger operations. TSA has changed the title to ``full all-cargo program'' in this final rule for the security program required by Sec. 1544.101(h). Comment: UPS agrees with the creation of this program as long as the Domestic Security Integration Program (DSIP) remains intact and up to date in the final rule. UPS is opposed to adopting any security program other than the DSIP. UPS believes also that bringing the all- cargo industry up to the standard of the DSIP is an effective way to enhance supply chain security. British Airways asks whether TSA will eliminate or maintain the DSIP after the incorporation of the two programs. British Airways argues that if the DSIP remains, along with the full all-cargo security program, it would give rise to two standards. They oppose this outcome and recommend treating all cargo operations equally. [[Page 30490]] TSA response: TSA is conforming the existing cargo aircraft operator security programs and the cargo sections of security programs for passenger aircraft operations to the requirements of this final rule. The mandatory program will supersede the DSIP for all-cargo aircraft operators. This new mandatory program will now be referred to as the full all-cargo security program. The DSIP was a program that all-cargo aircraft operators were authorized to adopt voluntarily in order to engage in certain business operations. However, it is important to note that, in addition to adopting a full all-cargo security program, aircraft operators with an MTOW of more than 45,500 kg that transfer cargo to an aircraft operator in passenger service with a full program under Sec. Sec. 1544.101(a) or 1546.101(a) or (b), must also register with TSA to engage in these transfers. While each full all-cargo program will contain an option to implement the security procedures to transfer cargo to these passenger carrying aircraft, only those aircraft operators that have also registered with TSA to transfer cargo to passenger operations may do so. TSA recognizes that some aircraft operators under a full all-cargo program are not in the business of transferring cargo to passenger operations. These aircraft operators do not need to register with TSA or carry out the special security procedures, as long as they do not transfer cargo to passenger operations. Each existing DSIP holder, and any additional aircraft operators with an MTOW of more than 45,500 kg in all-cargo operations, must carry out the specific security procedures and register with TSA prior to transferring cargo to passenger operations. Aircraft operators in passenger services under a full program or under Sec. 1546.101(a) or (b) will be required to verify that the aircraft operator with a full all-cargo security program is on an approved list maintained by TSA in order to accept cargo from it. Comment: AAPA and Singapore Airlines oppose implementation of extraterritorial measures and instead emphasize collaborative discussions to mitigate the terrorist threat without affecting air cargo operations. TSA response: In this final rule, TSA regulates the civil operations of U.S. aircraft operators, wherever they may operate. The application of the final rule to part 1546 air carriers is generally limited to operations from and within the United States, or to the United States, effective at the last point of departure. In the latter case, compliance with foreign government security requirements that TSA determines are equivalent to U.S. part 1544 requirements generally comply. Comment: Japan Airlines asks whether Sec. Sec. 1546.101 and 1546.103 apply to cargo flights making only a technical stop in the United States. TSA response: Foreign air carriers operating aircraft in all-cargo operations must apply security measures for technical stops in a similar manner as for passenger operations. These security measures are detailed in TSA-approved security programs, related Security Directives, and emergency amendments. The specific security measures are sensitive security information. Comment: Several commenters, including Singapore Airlines and the British Embassy, want TSA to treat foreign air carriers under part 1546 as equal to domestic aircraft operators under part 1544. In addition, the British Embassy states that many countries' national security program requirements exceed those proposed by TSA, and wants confirmation that, in such cases, these national security programs will be deemed acceptable to TSA. TSA response: Parts 1544 and 1546 are functionally equivalent. The United States recognizes that part 1546 air carrier operations conducted in accordance with foreign government procedures, and with a similar level of security to U.S. part 1544 operations, generally suffice to meet TSA security requirements. Foreign government procedures may include measures that are at least comparable to what is required of part 1544 operations. Comment: IATA and Japan Airlines recommend allowing foreign air carriers to submit existing security programs for approval instead of submitting a new program under these rules. In addition, Singapore Airlines and Nippon Cargo Airlines ask if TSA will accept the current All-Cargo International Security Procedures (ACISP). TSA response: TSA is adjusting security programs such as the Model Security Program (MSP) and ACISP to achieve the security requirements of the final rule. TSA is issuing these security programs to the regulated parties for review and comment sometime on or after publication of the final rule. Foreign air carriers must still submit all such programs to TSA for review and consideration before final approval. The measures of a part 1546 security program that provide a level of security similar to the U.S. part 1544 operations are generally sufficient for operations departing to the United States, satisfy the requirements of the final rule, and are acceptable to TSA. TSA acts through its international air carrier principal security inspector and works with the regulated party to develop measures capable of producing a similar level of security. Form, Content, and Availability of Security Program Comment: Singapore Airlines supports Sec. 1546.103 and AAPA wants TSA to provide air carriers with the information about cargo shippers and IAC security programs. Japan Airlines asks if foreign air carriers have flexibility and discretion with respect to fashioning security measures for inclusion in security programs, so long as those measures are acceptable to TSA. TSA response: TSA considers all security programs SSI and restricts access to applicable regulated entities. Regulated entities may request amendments to their security program following the procedures established in the regulations applicable to their specific operation. Aircraft operators do not have a need to know the contents of an IACSSP. Comment: NCBFAA recommends creating a frequently asked questions section on the TSA Web site to address issues regarding each new proposed regulation. TSA response: TSA offers regulated entities security program updates, including information similar to frequently asked questions sections, through secure web-boards. Questions about accessing these web-boards should be directed to a regulated entity's principal TSA contact. II.F. Costs of IAC Training and Materials Comment: Several IACs, British Airways, the Airforwarders Association, and Singapore Airlines support Sec. 1548.11 on training and knowledge for individuals with security-related duties. Other IACs, NACA, RACCA, and Brinks, want TSA to clarify what the required training includes. These commenters ask: Who is going to pay for the training? What training will TSA require? Who will provide the training and training materials? How often must IACs train the personnel? What is the timeframe for accomplishing the training? FedEx proposes that TSA offer training and certification directly to any trucker or warehouseman who wishes to volunteer, and use vendor certification as evidence of IAC training. In addition, FedEx states that the contractors should directly pay for training, and TSA should pay for the expense of administering the training. [[Page 30491]] TSA response: TSA is developing computer-based instructional materials and a testing tool, including a minimum standard that an employee must meet and protocols for situations where employees fail to meet the threshold. TSA also is developing the curriculum and training materials, and is including specific requirements for training and testing IAC employees in the revision of the IACSSP. The rule requires that training be completed at least annually for each authorized employee or agent. The IAC bears the cost of training each of their employees or agents. Comment: FedEx objects to holding IACs responsible for training and testing employees of contractors, subcontractors, or agents, such as truckers or warehousemen, who may have unescorted access to cargo. They believe the proposal is impractical, cost-prohibitive, and that it would impose an unfair burden on IACs. FedEx argues that TSA has underestimated the number of individuals who will require training, as well as the cost associated with the training. FedEx states that TSA calculated only the cost associated with training employees of an IAC, but that it did not include the cost associated with an IAC training the employees of any agents, contractors, or subcontractors that may have unescorted access to air cargo. FedEx interprets this requirement to mean that they would have to train all drivers, warehouse, and office staff of any trucker or courier who may pick up cargo designated for shipping via airfreight. They state further that there are several million licensed drivers in the United States, and even if only 25 percent (approximately 500,000) drivers are involved in the delivery of air cargo, according to TSA's estimate of $100 per individual for the cost of training, the cost to IACs will exceed $50 million. This estimate does not include the cost associated with training new hires, as there is a high turnover employee rate in the trucking industry. TSA response: TSA has clarified the applicability of IAC requirements. The regulation requirements apply to regulated party employees and agents. If an IAC uses others to perform functions that have security consequences, the IAC must make sure that those persons have proper training. TSA is not requiring air cargo operators with a security program to comply with IAC requirements and believes FedEx has extended its estimate beyond the requirements of this regulation. II.G. Cost Benefit Analysis A separate final regulatory analysis is provided on the docket. A summary of the final regulatory analysis appears in this document under the section ``V. Rulemaking Analyses and Notices, A. Regulatory Evaluation Summary.'' To assist the readers of this section, TSA is providing a table that shows, at the summary level, the changes from the NPRM to the final rule. The details of these changes are found in the full regulatory evaluation on the docket. Summary of changes: ---------------------------------------------------------------------------------------------------------------- 10 year cost Requirement --------------------------------------- Remarks NPRM Final rule Delta ---------------------------------------------------------------------------------------------------------------- Costs First Associated With Requirements Under November 2003 SD & March 2005 Security Program Amendments ---------------------------------------------------------------------------------------------------------------- Passenger Flight Cargo Screening (first $493.1M $1,491.1M +$998.0M Cost driven by congressional implemented under SD, currently done mandate to triple cargo under security program amendment). inspections and public comment. All-Cargo Flight Cargo Screening 166.4M 328.0M +161.6M Public inputs on costs. (currently done under SD). Require All-Cargo operators to screen 33.7M 35.2M +1.5M Implementation cost change. persons entering aircraft(currently done under SD). All-Cargo Security Coordinators 0.2M 0.0M -0.2M Double Counted in NPRM. (currenlty done under SD). --------------------------------------- Subtotal............................ 693.4M 1,854.5M 1,160.9M ---------------------------------------------------------------------------------------------------------------- Costs Associated With Requirements Originating Under This Rule ---------------------------------------------------------------------------------------------------------------- Security Threat Assessment.............. $3.7M $4.6M + $1.0M Population Increase but admin cost greatly reduced. Security Identification Display Area 0.9M 10.9M +10.0M Costs Identified in comments. (SIDA). CHRCs for individuals inspecting cargo.. 0.5M 5.7M +5.2M Increased Population. Implementation of All-Cargo security 26.6M 0.7M -25.9M Removed LEO costs. program for aircraft over 45,000 kg. New aircraft inspection requirements.... 36.6M 38.2M +1.6M Implementation cost change. TSA Managed Known Shipper Database...... 24.5M 24.5M ........... Remained the same. Develop/implement IAC and Agent Training 15.1M 35.6M +20.5M Increase in population requiring training and training development cost. IAC Security Program Requirements....... 36.0M 46.5M +10.5M Change in Population. --------------------------------------- Subtotal............................ 143.9M 166.7M +22.9M ======================================= Total............................... 837.3M 2,011.9M +1,183.8M ---------------------------------------------------------------------------------------------------------------- Comment: ACI-NA and the Atlanta International Airport believe that airports and IACs should not be obligated to obtain equipment and staff to support these regulations. They believe that TSA or DHS should either fund the new security mandates or take responsibility for securing cargo operations. United Airlines believes that the NPRM's economic analysis fails to consider the impact on U.S. passenger carriers. United Airlines believes the solution is to enact a cargo- screening program based on Federal screening of freight as Congress intended. United Airlines believes that TSA should review methods of defraying costs borne by carriers before they pursue screening initiatives that burden carriers. TSA response: Only cargo accepted under the known shipper program may [[Page 30492]] be transported on a passenger aircraft; however, Congress chose not to require Federal Government employees to conduct screening of such cargo. Moreover, Congress did not require that Federal employees must conduct cargo screening for aircraft in all-cargo operations. TSA has required aircraft operators conduct cargo screening since November 2003, and, in part to mitigate the costs cited by the commenter, provides a degree of flexibility for the operators to fulfill these requirements within their operational environment. Comment: RACCA estimates that because of the high turnover rate in the industry, actual STA cost per employee is $150. RACCA believes that air carriers need this money for applications that have a direct bearing on safety, like pilot training and aircraft maintenance. RACCA states that the threat is minimal, but the cost may be crippling for an industry that operates with narrow margins. They state further that these costs are a burden for many small air cargo operators and may precipitate cost-cutting measures that will have a negative impact on overall safety. TSA response: RACCA did not provide sufficient information to determine how they computed actual STA costs per employee. TSA has been able to further refine the STA systems and eliminate some costs, lowering the cost of STA per applicant. As our vetting and credentialing capabilities have grown, we are now able to accomplish these checks more expeditiously and economically. TSA allows certain comparable checks in lieu of an STA. Additionally, there is no requirement to renew an STA as long as the STA-holder qualifies as continuously employed. Lastly, in a post 9/11 world, industry must meet both safety and security requirements. Comment: IATA estimates implementation will be 2 to 4 times higher than the TSA estimate ($3.7 million), or $7.4 to 14.8 million over 10 years. For the expansion of SIDA, IATA estimates that the cost to the industry is 4 times the TSA estimate ($1.4 million), or $5.6 million over 10 years. IATA estimates that the actual cost to implement full all-cargo security programs will be 3 to 4 times the TSA estimate ($26.6 million), or $80 to $106 million over 10 years. Although TSA did not provide any cost estimates for the implementation of the known shipper database, IATA estimates the cost to the industry to be between $1 and $2 million per year. For the enhancements to the IACSSP, IATA estimates that the costs are 25 to 30 percent greater than the TSA estimate ($36 million), or $45.0 to $47.0 million over 10 years. IATA estimates that the training requirements for IACs will be 2 times that TSA estimate ($15.1 million), or $30 million over 10 years. Overall, IATA estimates that the proposed rules will cost the industry 80 percent more than the TSA estimate ($49 million), or $88 million a year. TSA response: Although the STA population numbers did in fact increase in the final regulatory analysis, there was a corresponding decrease in the unit costs of the STA as TSA was able to eliminate some costs. The new number for the STA is $4.6 million for the 10 years. TSA is providing a reduction in the unit cost of the STA check from $55 to $38, which explains TSA's computed cost of $4.6 million versus IATA's $7.4 to $14.8 million. TSA accepted recommendations from IATA and others, and the SIDA expansion rounds to $10.9 million over 10 years. TSA's recalculation for the IACSSP of $46.5 million is near the top of IATA's $45-47 million. The new IAC training numbers are $35.6 million versus IATA's $30 million. Contrary to IATA's comment that TSA did not provide information on Known Shipper costs, TSA documented those costs as TSA costs rather than industry costs in the NPRM evaluation. A discussion of the Known Shipper program costs are on page 46 of the final regulatory evaluation. Comment: ATA and British Airways question the distribution of the funding for the proposed rules. They state that, as currently allocated, the costs fall disproportionately on air carriers, because estimated air carrier allocation ($758 million) constitutes 90 percent of the total estimated security costs ($837 million). They state further that the annual costs to all parties will exceed the $100 million annual threshold and would make the NPRM significant under Executive Order 12866. TSA response: TSA has determined that this rule is significant under Executive Order 12866 guidelines, as discussed in the Regulatory Evaluation Summary of this preamble (Section V.A.). TSA has listened to concerns both about cost and security. The largest portions of costs are directly related to the actual screening conducted by the airlines. TSA believes it has complied with legislative intent that this be a private sector responsibility rather than a governmental function. TSA is unaware of a mechanism for the government to redistribute private sector costs for the required inspections. Comment: Delta estimates that the financial impact to aircraft operators in year one will be $56.2 million, or $493.1 million in 10 years, and states that the proposed unfunded security mandates add significant costs to their business. Delta believes that TSA's assumptions about aircraft operator's ability to secure operating and capital funding for screening are not correct. Delta believes further that TSA-based calculations from an early 2002 report are significantly inaccurate, and expresses concern about the continued viability of cargo in the passenger air carrier market. TSA response: TSA computes the ten year impact to the carriers at $1.9 billion versus approximately $760 million in the NPRM evaluation. TSA has accepted numerous inputs from the public comments to revise the cost estimates. The largest portion of these costs, the screening costs, has been in place for sometime, through Security Directives and security program amendments. TSA is codifying these measures at this time. Also, the tripling of cargo screening as required by legislation was the single largest source of change. TSA is not making any assumptions about capital availability to aircraft operators. The fact that the screening requirements have been in place would suggest that the market has already adjusted to a requirement affirmed in legislation. Assumptions about capital expenditures in the full evaluation were based upon the likelihood of future cost savings using automated equipment over manual inspections. The evaluation reiterates that TSA has not mandated the purchase of any screening equipment in this rule. Other than screening equipment, TSA is unaware of what other capital costs Delta might be referencing. Comment: FedEx states that as proposed, the rules will require STAs for over 500,000 drivers that have potential access to cargo. According to this estimate, STA implementation will cost the industry $27.5 million for only truck drivers ($55 per individual). NACA states that the TSA estimate of employees that will require training is below the actual number, and NACA estimates that in their industry alone, 20,000 people will need the proposed training. TSA response: The public comments clearly reflected a broader assumption about requirements than TSA intended. TSA has examined the need for STAs in passenger and cargo operations and has reworded the scope of the new requirements more clearly to state which employees and agents of a carrier do require the STA in accordance with security considerations. TSA has adjusted these costs with these new population estimates to reflect TSA's expectation of a narrower coverage than reflected in the public comments. [[Page 30493]] Comment: NCBFAA states that TSA underestimates the cost of the new measures for air forwarders, many of which are small businesses. NCBFAA questions the basis for TSA's estimate of 3,800 IAC entities and 26,600 IAC employees. NCBFAA questions the lack of underlying support for this conclusion, and believes more employees will be affected by the proposed rules. To support this, NCBFAA states that most IACs are also surface and ocean forwarders, non-vessel operating common carriers, customs brokers, warehousemen, and motor carrier brokers. Hence, the number of employees directly involved in airfreight operations is only a portion of the total employees that might have access to cargo. Consequently, NCBFAA states that the TSA estimate for total compliance ($51 million) is an understatement of the true cost to the industry. NCBFAA recommends TSA undertake a more comprehensive impact and regulatory flexibility analysis of the IAC industry for more accurate assessment of the IAC population. TSA response: TSA maintains an operational database that reflects approximately 3800 IACs who have identified themselves to TSA. These businesses already interact with TSA security personnel and TSA has identified them as currently providing services to aircraft operators. During preparation of the final rule, the 2002 Economic Census data became available which revealed both more firms and a higher average employee per firm value for the general group of freight forwarders. Public input during the comment period and discussions at TSA revealed that there was a misunderstanding of the STA coverage. Clearer language has been provided and consequentially this evaluation expanded the numbers to use the 2002 Economic Census \15\ numbers, which were unavailable at the time of the original evaluation. Please see the separate full regulatory evaluation available on the docket. STAs and the changes are discussed in the section labeled Cost of Compliance: Name Based Background checks and Table 17. --------------------------------------------------------------------------- \15\ 2002 Economic Census, Support Activities for Transportation: 2002, Transportation and Warehousing Industry Series at http://www. census.gov/econ/census02/guide/INDRPT48. HTM. --------------------------------------------------------------------------- Comment: AAAE believes that the proposed rules are an unfunded mandate for airports. They state further that the cost of expanding SIDA involves more than just the physical expansion of the space; airports with more remote cargo operating locations will need to increase the number of law enforcement personnel on the cargo ramp, while diverting law enforcement resources away from the passenger terminal facility. In addition, AAAE states that airports may need to expand significantly their badging offices to accommodate the additional cargo personnel, and states that the Memphis-Shelby Airport will have to badge 15,000 FedEx personnel. TSA response: TSA reiterates that not every worker requires a background check, SIDA clearance, and a new badge. The SIDA guidelines have been adjusted to allow the airports to work with aircraft operators to minimize the expansion of the SIDA, while still providing the necessary security. For example, the final evaluation clarifies that additional law enforcement officers do not need to be employed. Rather, the requirement is to have the ability to contact existing law enforcement officials. Also in the full regulatory evaluation, section on ``Cost of Compliance: Airport Operators,'' TSA has shown how it used the public comments to revise the costs and population needing badges. Based upon the information in comments, TSA believes it reasonable to reject the need to increase staffing for this expected one time increase. Memphis is an example of several locations that have national hubs for the Nation's largest parcel and express shippers. TSA invites the airport and shippers to work with us in order to use the flexibility and alternatives that TSA authorizes. Comment: IATA states that TSA underestimates the number of affected employees, and two IATA members indicate that depending on the definition of unescorted access to cargo, they will have at least 63,000 impacted staff, mainly cargo handlers and drivers. The Airforwarders Association states that TSA's estimate of the number of IACs is correct, but that the number of affected IAC employees is incorrect, and recommends revaluation. ATA states that depending on the scope of the requirement, the number of individuals subject to either an STA or CHRC could be ten times greater than the 63,000 estimated by TSA. TSA response: TSA has examined the public comments along with new data available in the 2002 Economic Census.\16\ Census numbers do not support a three-fold expansion of the population while keeping the number of businesses constant. The new Census number of firms and the average employee per business value increased only slightly. Additionally, given that some of the public comments agree with TSA's original numbers, TSA believes that there has been confusion on to the extent the STA or CHRC were going to be required. The full regulatory evaluation provides several pages of detail in the section ``Cost of Compliance: Indirect Air Carriers'' and in the full evaluation tables 13-17. Based on extensive internal discussion of very knowledgeable subject matter experts, TSA believes the new language provides much clearer guidance and the Census number adjustments are an appropriate estimate. --------------------------------------------------------------------------- \16\ Support Activities for Transportation: 2002, Transportation and Warehousing Industry Series at http://www.census. gov/econ/ census02/guide/INDRPT48. HTM. --------------------------------------------------------------------------- II.H. 100 Percent Inspection of Cargo TSA invited comments in the NPRM, but did not propose requirements, for the physical inspection of 100 percent of air cargo. Comment: The majority of comments TSA received on this issue, including comments from Air France, ATA, British Airways, IATA, Singapore Airlines, and several IACs, oppose 100 percent inspection of air cargo. The consensus of these comments is that requiring 100 percent inspection of air cargo would be impractical in an industry dependent on just-in-time deliveries, without advances in targeting methodology, data, and technology. ATA states further that the 100 percent inspection of cargo is not warranted or required under ATSA, nor is it justified under any risk-based analysis that TSA has shared with the industry. A small minority of comments, including comments from ALPA and the International Brotherhood of Teamsters, support 100 percent inspection of air cargo. TSA response: TSA is not requiring 100 percent inspection of air cargo at this time. As mentioned in the proposal at 69 FR 65266, TSA considered requiring 100 percent inspection of air cargo, but determined to continue with a layered approach of security measures and to pursue a risk-based targeting strategy to identify higher risk cargo for additional scrutiny. This conclusion is affirmed by, and derived from, the Government Accountability Office report on Vulnerabilities and Potential Improvements for the Air Cargo System,\17\ the Department of Transportation's Office of the Inspector General Audit of the Cargo Security Program,\18\ and TSA's Air Cargo [[Page 30494]] Security Scenario Analysis. These reports have cautioned that, in the absence of an appropriate targeting methodology and data, requiring inspection of 100 percent of air cargo would severely burden the just- in-time delivery that is currently a key competitive feature of many U.S. manufacturing and distribution industries. In addition, 100 percent inspection could have particularly severe negative impacts on aircraft operators, IACs, and their employees and agents. TSA has focused on deploying currently available tools, resources, and infrastructure in a targeted manner to provide effective security in the air cargo environment, and has laid out a path for accelerated research and development of even more effective tools. --------------------------------------------------------------------------- \17\ GAO-03-344, December 2002. \18\ Report Number SC-2002-113, Sep. 19, 2002. This report is SSI. --------------------------------------------------------------------------- II.I. Unknown Shipper Cargo TSA invited comments in the NPRM, but did not propose requirements, about allowing unknown shipper cargo on passenger aircraft after proper screening. Comment: ATA, CAA, Delta, RAA, and other commenters request that TSA consider allowing cargo from unknown shippers into passenger aircraft after proper screening. These comments assert that TSA should permit cargo on passenger carriers subject to inspection. TSA response: While TSA appreciates these comments, at this time TSA declines to allow the transport of unknown shipper cargo on passenger aircraft. Currently, no technology or inspection techniques exist with sufficient versatility to handle the vast array of cargo configurations, and commodities to ensure security, while maintaining acceptable throughput, or processing time. TSA continues to collaborate with the industry in an effort to develop technology solutions to improve the effectiveness and efficiency of the cargo screening process. II.J. Terms Used in This Subchapter Comment: British Airways, AEA, IATA, and the International Brotherhood of Teamsters support the definition of ``Indirect air carrier'' in Sec. 1540.5. British Airways and AEA state that the expanded coverage is consistent with proposals from the European Commission. AAPA and IATA suggest that the definition should include equivalent entities of IACs operating outside of the United States. Purolator suggests that the United States Postal Service and foreign postal services should be included in the definition. TSA response: TSA is working closely with the European Commission to establish the basis of mutual recognition of its regulated agent and/or IACSSP. The U.S. Postal Service is not subject to the provisions of this rule. The security of the U.S. Mail is covered under a Mail Security Program that provides an appropriate level of security for mail transported via aircraft. Comment: The Denver International Airport wants TSA to define the term airport grounds, and three commenters recommend adopting a definition for the terms ``cargo'' and ``access to air cargo.'' TSA response: ``Cargo'' is defined in 49 CFR 1540.5. TSA is revising the language of Sec. Sec. 1544.228, 1546.213, and 1548.15 to include those individuals specifically authorized by the aircraft operator, foreign air carrier, or IAC to have unescorted access to air cargo. As stated in the preamble to the NPRM at 69 FR 65270, ``The SIDA would only be extended to areas on airport grounds.'' The requirement to extend SIDA to cargo operations is specific to the area used by an aircraft operator under a full all-cargo program, as provided in Sec. 1544.104(h) and by a foreign air carrier under Sec. 1546.101(e). Therefore, the proposed extension of the SIDA applies only to those areas regularly used to load or unload cargo on larger all-cargo aircraft under a full all-cargo security program. TSA is modifying Sec. 1542.205(a)(2) to reflect this intention by adding the words ``air operations area'' instead of the words ``airport grounds'' and by deleting the reference to areas used ``to sort cargo.'' Comment: Air France and Global Express Association propose that TSA harmonize terms used in cargo operations, like ``known shipper,'' ``consignor,'' ``regulated agent,'' and ``IAC.'' TSA response: TSA believes that the terms ``known consignor'' and ``known shipper'' are similar, in general. However, TSA's use of the term ``known shipper'' is specifically dependent on meeting the criteria and required measures in TSA-approved security programs. Similarly, the terms ``regulated agent'' and ``indirect air carrier'' are alike, in general. However, TSA's use of the term ``indirect air carrier'' only applies to entities within the United States, and subject to the required measures in TSA-approved security programs, while ``regulated agents'' are located outside of the United States and subject to ICAO standards and a State's national requirements. II.K. Persons and Property Aboard the Aircraft Comment: CAA, FedEx, NACA, and UPS recommend that TSA revise Sec. Sec. 1544.202 and 1546.202 to apply only to persons who board the aircraft for transportation. ATA recommends distinguishing individuals and the applicable screening requirements to require 100 percent screening of individuals boarding the aircraft for the purpose of transportation, and random screening of those boarding the aircraft for a limited purpose and amount of time. TSA response: TSA is adding the phrase ``for transportation'' in Sec. Sec. 1544.202 and 1546.202. The intent of proposed Sec. Sec. 1544.202 and 1546.202 is to screen persons who are onboard the aircraft in flight, for weapons, explosives, incendiaries, and other destructive substances or items. Persons who enter the aircraft on the ground for servicing or maintenance are subject to other security measures, which may include some screening for prohibited items, in airport areas where all-cargo aircraft operations are conducted. II.L. Other Issues and Sections Proposed Compliance Schedule Comment: AAAE, the Savannah Airport Commission, the NCBFAA, and others state that the compliance schedules are brief and unrealistic. AAAE recommends providing waivers to airports that cannot comply in 90 days. Only one commenter, an insurance company, states that the 180-day schedule to introduce new training requirements is too long. TSA response: TSA believes this final rule allows adequate time for airport operators, aircraft operators, foreign air carriers, and IACs to comply. Further, TSA notes that the complexities involved in compliance, as well as anticipated costs, have been carefully weighed where deadlines are established. Where difficulties are encountered, airport operators, aircraft operators, foreign air carriers, and IACs are encouraged to contact their TSA Principal Security Inspector or local Federal Security Director. TSA attempts to ensure a realistic approach to compliance timeframes, but recognizes that such timeframes are sometimes not met for good cause, and is prepared to extend reasonable consideration on a case-by-case basis, as warranted. Use of Loring Air Force Base Comment: Ten commenters, including the U.S. Senate Committee on Government Affairs, a U.S. Representative from Maine and the Governor of Maine, recommend the use of Loring Air Force Base in Northern Maine as an emergency site to land inbound international cargo aircraft found to pose an imminent threat. [[Page 30495]] TSA response: The Intelligence Reform and Terrorism Prevention Act of 2004 requires the Secretary of Homeland Security, in coordination with U.S. Department of Defense and FAA, to submit a report on current procedures to address the threat of all-cargo aircraft that are inbound to the United States from outside the United States, and an analysis of the benefits of establishing secure facilities along established aviation routes for the purposes of diverting and securing aircraft that may pose a threat. While this rule does not specifically address this issue, TSA is considering these comments in the development of the report to Congress on the feasibility of establishing these sites as required by sec. 4054 of the Intelligence Reform and Terrorism Prevention Act of 2004. STA for Passengers of All-Cargo Aircraft TSA invited comments in the NPRM, but did not propose requirements, about requiring each person who boards an aircraft for transportation under an all-cargo security program to submit to an STA. TSA also invited comments about requiring persons who board an aircraft under an all-cargo security program who require prohibited items during the flight to perform their duties to submit to the assessment. There are five comments on this issue. Comment: Three commenters, British Airways, Air France, and ALPA, support STAs for individuals who board all-cargo aircraft for transportation. ALPA states that TSA must minimize access to the aircraft and the flight deck by permitting only those persons to board who have been properly vetted by a 10-year, fingerprint-based CHRC. They also state that TSA should reconsider the practice of allowing employees who have not been vetted to ride aboard all-cargo aircraft as an employment benefit, without requiring them to meet the same security requirements applicable to other employees who work on or around the aircraft. In addition, ALPA notes that many foreign nationals travel as animal attendants aboard all-cargo aircraft, and often sit unsupervised just outside of the cockpit, in possession of items normally prohibited on aircraft. Two commenters, ATA and IATA, oppose this requirement. IATA states that STAs for personnel boarding all-cargo aircraft are unnecessary when the Government has already vetted such personnel through the submission of master crew lists and flight manifests. Similarly, ATA recommends permitting air carriers to use current comparable procedures in these locations like submission of crew manifests to TSA. TSA response: TSA appreciates the responses to this particular issue and is further evaluating the impact and benefit of establishing an STA requirement for individuals onboard an all-cargo aircraft. At this time, TSA declines to extend an STA requirement to these individuals. Screening requirements for individuals transported are addressed in applicable security programs, Security Directives, and Emergency Amendments. Individuals transported are currently checked against the TSA ``No Fly'' list and their persons and accessible property are inspected for prohibited items. Security of Aircraft and Facilities Comment: UPS recommends further clarification of ``operational area of the aircraft'' in Sec. 1544.225(d) and suggests alternative regulatory text. The Airports Consultants Council asks if this provision transfers the responsibility for airport access control for an Exclusive Use Area and states that, if it does, TSA should clarify. TSA response: TSA declines to amend Sec. 1544.225(d). TSA is providing more clarification to this section through the security program revision. This provision does not transfer the responsibility for airport access control for Exclusive Use Areas. Under Sec. Sec. 1542.111 and 1544.227, airports and aircraft operators may agree that control over a SIDA at cargo operations can be transferred to an aircraft operator. Fingerprint-Based CHRCs: Unescorted Access Authority, Authority To Perform Screening Functions, and Authority To Perform Checked Baggage or Cargo Functions Comment: Four commenters, including ATA and ALPA, support Sec. 1544.229. Swiss International Airlines notes that fingerprinting may not be necessary for an effective background check, and suggests that TSA harmonize these requirements with existing EU regulations. TSA response: TSA continues to collaborate with its foreign counterparts, where possible, in harmonizing security measures. IAC Security Programs: Approval, Amendment, Annual Renewal, and Withdrawal of Approval Comment: While the majority of commenters support Sec. 1548.7, some believe that the process requires applicants to submit information already held by DHS under CBP's Customs-Trade Partnership Against Terrorism program. The Airforwarders Association asks if Sec. 1548.7(a)(1)(v) requires only addresses for United States and not foreign locations. In addition, the Airforwarders Association recommends facilitating the requirements of Sec. 1548.7(a)(5) through harmonization of a non-governmental organization accreditation program. ACC opposes the duration of the Sec. 1548.7(a)(4) security program, and proposes instead that TSA grant only one initial approval, subject to continued inspection, to avoid processing of thousands of security programs each year. TSA response: TSA currently is evaluating the synergies that may exist between TSA's IAC and CBP's Customs-Trade Partnership Against Terrorism programs, and would consider changes to the IACSSP if appropriate. Part 1548 does not apply to stations or locations outside the United States. TSA believes that the yearly revalidation process assists the IAC in reviewing its security posture and compliance with TSA requirements. Furthermore, TSA believes that a yearly revalidation requirement does not impose an unreasonable burden on the IAC community. IAC Security Coordinators Comment: Singapore Airlines, British Airways, ACC, and others support Sec. 1548.13. ACC, ACI-NA, and the Atlanta International Airport ask if this requirement is similar to aircraft operator security coordinator requirements and ask if aircraft operators must update their security programs to include IAC security information. TSA response: This requirement is based on the model of requirements for aircraft operator security coordinators. TSA does not require aircraft operators, foreign air carriers, or airport operators to maintain records of IAC security coordinators as part of their security programs. Comment: Freight Forwarders International questions the purpose of the security coordinator and what specific information TSA requires from this person. TSA response: The purpose of the security coordinator is to act as the security liaison between the regulated party and TSA. The security coordinator provides a single point of contact for communications involving threat information or security procedures, particularly those that are time-sensitive in nature. TSA is revising the IACSSP to include specific requirements for security coordinators. Comment: NCBFAA believes that the security coordinator requirement is impractical and unworkable for many [[Page 30496]] IACs, and imposes a particularly unnecessary burden upon smaller companies. As an alternative, NCBFAA recommends permitting an IAC to contract with a third party to act as its security coordinator or to rely on a contact person who works with the air carrier. TSA response: TSA believes that IAC personnel must perform the functions of the Security Coordinator. It is crucial that the security coordinator be in a position to identify security problems, raise issues with corporate leadership, and initiate corrective action when needed. The security coordinator and alternates must be appointed at the corporate level, and must serve as the IAC's primary contact for security-related activities and communications with TSA. Furthermore, TSA believes that having a single person responsible better assists the IAC to meet current IAC requirements for oversight of the actions of agents performing security functions on behalf of the IAC. Security Directives and Information Circulars for IACs Comment: Many commenters support Sec. 1548.19, and IBM recommends making a sanitized Information Circular available to the shipping public, in particular if there is need for additional screening or inspections. TSA response: In principle, TSA agrees that there must be wide- ranging public access to security information, particularly as needed for compliance with security requirements and procedures. However, information that, singly or collectively, might indicate intelligence sources, methods or procedures, or aviation security procedures, must be protected. Striking the balance between these principles generally requires that access to particular pieces of security information be considered on a case-by-case basis. III. Section-by-Section Analysis of Changes PART 1520--PROTECTION OF SENSITIVE SECURITY INFORMATION Section 1520.5 Sensitive Security Information TSA provides the conforming amendments to Sec. 1520.5(b) consistent with our proposals to restrict this information from public dissemination. TSA now expressly includes as SSI Security Directives and Information Circulars for IACs. PART 1540--CIVIL AVIATION SECURITY: GENERAL RULES Section 1540.5 Terms Used in This Subchapter TSA is amending the definition of ``Indirect Air Carrier'' to conform to other changes pursuant to this final rule. With these changes, freight forwarders who offer cargo to operators of larger all- cargo aircraft must have a TSA-approved security program. Accordingly, TSA has modified the definition of ``Indirect Air Carrier'' by removing the word ``passenger'' from ``uses for all or any part of such transportation the services of a passenger air carrier'' in order to be consistent with TSA's goal of extending a security regime to full all- cargo aircraft operations. TSA has also provided a definition for ``unescorted access to cargo.'' Section 1540.111 Carriage of Weapons, Explosives, and Incendiaries by Individuals TSA has expanded the applicability of this section to include persons on all-cargo aircraft. TSA amended paragraph (a)(1) by qualifying the applicability of this provision to the entire subchapter (Subchapter C--Civil Aviation Security) rather than to specific sections. This amendment is consistent with the expansion of security functions to persons and property onboard all-cargo aircraft under Sec. 1544.202. Sections 1540.201 Through 1540.209 Subpart C--Security Threat Assessments This subpart sets out the scope and basic requirements of a Security Threat Assessment (STA), including related fees. The STA includes a search by TSA of domestic and international databases to determine the existence of indicators of potential terrorist threats that meet the standards set in subpart C of part 1540. The section also provides for review of a TSA determination that an individual should be denied unescorted access to cargo. Operators are required to ensure that employees and agents whom they authorize to have unescorted access to cargo undergo Security Threat Assessments or other TSA-approved checks under Sec. Sec. 1544.228, 1546.312, and 1548.15. For a further discussion of the scope for each of these sections, see the section-by-section analysis of Sec. 1544.228 below. Under Sec. 1540.203 operators are required to verify the identity of the employee or agent and submit specified information about that individual to TSA. TSA has provided a modest amendment to the information each individual must submit under Sec. 1540.203. This amendment includes decreases in the information required on previous residential addresses from seven to five years and adds a requirement to list the gender of the individual. TSA has determined that these changes provide sufficient information to conduct a thorough Security Threat Assessment. After assessing this data to determine whether the individual poses or is suspected of posing a threat to national security, to transportation security or of terrorism, under Sec. 1540.205, TSA would notify the regulated party and the individual of its determination. This determination can take three forms: 1. Determination of No Security Threat. This determination indicates that TSA has not found that the individual presents a known or suspected threat to security. Upon receipt of this notification, the operator may authorize the individual unescorted access to air cargo. 2. Initial Determination of Threat Assessment. TSA issues this determination if TSA knows or suspects the individual of posing a security threat. The individual is able to appeal this determination through adjudication. Individuals are not permitted unescorted access to air cargo while the appeal is pending. For each proprietor, general partner, officer, director and owner of the entity as identified in Sec. 1548.16, issuance of an Initial Determination of Threat Assessment may delay TSA approval of authority to operate under an IACSSP. 3. Final Determination of Threat Assessment. If the individual was determined to present a threat after an initial determination was issued and the individual has an opportunity to appeal that determination, this determination informs the operator and the individual that he or she is barred from having unescorted access to air cargo. For each proprietor, general partner, officer, director, and each owner of the entity as identified in Sec. 1548.16, issuance of a Final Determination of Threat Assessment may prevent TSA approval of authority to operate under an IACSSP. On a case-by-case basis, TSA may withhold authorization of an IACSSP until the IAC, or an applicant to be an IAC, demonstrates to TSA that a proprietor, partner, officer, director, or owner under Sec. 1548.16 who received a Final Determination of Threat Assessment is unable to influence business practices of the IAC. Section 1540.207 sets out the appeals procedures to provide appropriate due process to individuals determined to [[Page 30497]] pose a security threat under this subsection, including a written request for materials, within 30 days of receipt of the Initial Determination of Threat Assessment from TSA. TSA has included a cross reference to Sec. 1540.207 in Sec. 1540.205(c)(4). Throughout the STA adjudication process, TSA may consult with other Federal law enforcement or intelligence agencies in assessing whether an individual poses a security threat under this subsection. Section 1540.209 establishes the fee requirements necessary to recover associated costs for Security Threat Assessments. TSA has modified the sum of the fee from the NPRM to reflect the most recent calculations, as described in the regulatory evaluation. The operator must not permit employees or agents to handle cargo, until TSA notifies the operator and the individuals of a Determination of No Security Threat. In cases where TSA issues a Determination of Threat Assessment, TSA may notify Government agencies for law enforcement or security purposes, or in the interests of national security. TSA recognizes that the requirement for security threat assessments under this final rule may cause affected businesses to alter their hiring practices. However, TSA believes that the security benefits of this requirement will be considerable and that TSA will be able to conduct the initial assessments in an expeditious fashion, providing timely notice to the regulated party. PART 1542--AIRPORT SECURITY Section 1542.1 Applicability of This Part Part 1542 currently applies to certain airports that serve certain passenger aircraft operations identified in parts 1544 and 1546. These airports are required to have security programs. Some airports are not required to have security programs even though the aircraft operators served by the airport hold security programs under parts 1544 or 1546. These aircraft operators include operations of a twelve-five program under Sec. 1544.101(d) and of a full all-cargo program under Sec. 1544.101(h). The new Sec. 1542.1(d) expands the applicability of part 1542 to include each airport that does not have a part 1542 security program that serves an aircraft operator with a security program under part 1544, or a foreign air carrier under part 1546. This addition makes clear that TSA may enter an airport to inspect aircraft operators and foreign air carriers even if they are using an airport that is not otherwise required to operate under a TSA-approved security program. It is critical that TSA have access to those aircraft operations to conduct its inspection functions under Sec. 1542.5(e) to determine whether they are in compliance with applicable security requirements. Section 1542.5 Inspection Authority TSA added Sec. 1542.5(e) to clarify that TSA may enter and be present at an airport that is not otherwise required to have a TSA- approved security program under part 1542 in order to inspect a TSA- regulated aircraft operator or foreign air carrier. Section 1542.101 General Requirements TSA deletes ``under this part'' from the sentence ``No person may operate an airport subject to this part unless it adopts and carries out a security program'' in Sec. 1542.101(a), and adds ``subject to Sec. 1542.103'' to further clarify that airports under Sec. 1542.1(d) are not required to meet other requirements of this part. TSA revises Sec. 1542.101(b) by deleting ``The airport'' and adding ``Each airport subject to ``Sec. 1542.103'', and Sec. 1542.101(c) by adding ``subject to Sec. 1542.103'' after ``Each airport operator'' for the same reason. Section 1542.205 Security of the Security Identification Display Area (SIDA) TSA has clarified the applicability of this section in this final rule by modifying the language that was proposed in the NPRM for Sec. 1542.205(a)(2) to now include the phrase ``the air operations area'' in the section, and has deleted the reference to areas used ``to sort cargo,'' and added new paragraphs (a)(3) and (a)(4). Airports are required to create new, or expand existing, SIDAs to encompass areas on airport grounds where cargo is regularly loaded on, or unloaded from, an aircraft operated under a full program or a full all-cargo program, or foreign air carriers under a security program as provided in Sec. 1546.101(a), (b), or (e). Additionally, TSA clarified the scope of this requirement by adding that the SIDA must be extended on an airport to areas where an aircraft operator, foreign air carrier, or indirect air carrier accepts cargo. Acceptance in this context means taking physical control of the cargo from persons such as a shipper, aircraft operator, foreign air carrier, indirect air carrier, or their respective employees or agents. In particular, this includes inside buildings such as cargo facilities, loading and unloading vehicle docks, and other areas where an aircraft operator, foreign air carrier, or indirect air carrier sorts, stores, stages, consolidates, processes, screens, or transfers cargo. TSA also revised Sec. 1542.205(b)(2), which stated that an individual must undergo an employment history verification under Sec. 1542.209 before gaining unescorted access to a SIDA. This section requires individuals to complete a fingerprint-based criminal history records check pursuant to Sec. 1542.209, rather than an employment history verification, and is consistent with Sec. 1542.209. Finally, TSA adds Sec. 1542.205(c) to clarify that an airport operator that is not required to have a complete program under Sec. 1542.103(a), is not required to establish a SIDA under Sec. 1542.205. PART 1544--AIRCRAFT OPERATOR SECURITY: AIR CARRIERS AND COMMERCIAL OPERATORS Section 1544.3 Inspection Authority This section currently refers to TSA inspection authority in secure areas, AOAs, and SIDAs. TSA amended this section under this final rule also to reflect authority to inspect other areas operated by an aircraft operator where it carries out security measures. These areas may include areas off of the airport, or operated by its agent in furtherance of the aircraft operator's security responsibilities. The amended Sec. 1544.3(c) clarifies that TSA may enter and be present where an aircraft operator carries out security measures without access media or identification media issued or approved by an airport operator or aircraft operator, in order to inspect or test compliance, or perform other such duties as TSA may direct. Section 1544.101 Adoption and Implementation Under this final rule, all-cargo aircraft operations conducted in aircraft with a maximum certificated take-off weight of more than 45,500 kg (100,309.3 lbs.) must meet security requirements for a full all-cargo program under Sec. 1544.101(h) and (i). TSA refers to these security measures as the ``full all-cargo security program.'' Operations under a full all-cargo security program are no longer authorized to operate under the current twelve-five program, as provided in Sec. 1544.101(d)(1), or under a voluntary domestic security integration program (DSIP). TSA revised Sec. 1544.101(e)(1), which lists the elements of the twelve-five program in all-cargo operations, to include: Sec. 1544.202 (Persons and property onboard the all-cargo aircraft) and Sec. 1544.205(a), (b), (d), and (f) (Acceptance and screening of cargo: [[Page 30498]] Preventing or deterring the carriage of any explosive or incendiary, Screening and inspection of cargo, Refusal to transport, and Acceptance and screening of cargo outside the United States). This section also amends the requirements for aircraft under a twelve-five program from a maximum certificated takeoff weight ``of 12,500 pounds or more'' to ``more than 12,500 pounds'' as authorized under the Century of Aviation Reauthorization Act.\19\ --------------------------------------------------------------------------- \19\ Vision 100--Century of Aviation Reauthorization Act, Sec. 606 (Pub. L. 108-176, 117 Stat. 2490, 2568, Dec. 12, 2003). --------------------------------------------------------------------------- Section 1544.202 Persons and Property Onboard the All-Cargo Aircraft Section 1544.202 requires aircraft operators to apply security measures to persons who board their aircraft for transportation, and to the property of those persons. The words ``who are carried aboard the aircraft'' are added in place of ``board the aircraft'' to provide clarification of the scope of covered persons. This technical correction is consistent with the language of FAA requirements regarding carriage of persons under 14 CFR 121.583. Section 1544.202 provides the means to prevent persons, who may pose a security threat from boarding, and to prevent or deter the carriage of unauthorized explosives, incendiaries, and other destructive substances or items. This section also provides for TSA to incorporate into security programs screening for unauthorized persons, or substances or items that could be used to pose a threat to transportation security. These requirements apply to both the twelve-five program in all-cargo operations and the new full all-cargo security program. Section 1544.205 Acceptance and Screening of Cargo TSA requires aircraft operators operating under a full, full all- cargo, or twelve-five program to prevent or deter the carriage of, and screen and inspect cargo for, any unauthorized persons, and any unauthorized explosives, incendiaries, and other destructive substances or items. This amendment is necessary to prevent and deter the introduction of stowaway hijackers, explosive devices, or other threats into air cargo. Section 1544.205(c) requires aircraft operators to prevent unauthorized access by persons other than an aircraft operator employee or agent, and adds that persons authorized by the airport operator or host government also may have access. For example, individuals such as customs inspectors and airport law enforcement officers must have access to such areas. TSA revised paragraph (c)(1) by adding ``any unauthorized person, and any unauthorized explosive, incendiary, or other destructive substance or item'' in place of ``unauthorized explosive or incendiary'' to be consistent with the requirement throughout this rulemaking and the identified critical risks. TSA also strengthened the cargo acceptance requirements applicable to aircraft operators operating under a full program or a full all- cargo program. Pursuant to Sec. 1544.205(e), an aircraft operator may accept cargo for air transportation only from entities that have comparable security programs. TSA will provide more information on comparable programs within the standard security programs. These requirements parallel those currently applied to operations conducted under a full passenger security program, in which the aircraft operator may only accept cargo from another aircraft operator or foreign air carrier with a comparable security program. TSA also requires each aircraft operator to carry out the requirements of its security program, for cargo to be loaded on its aircraft outside the United States under Sec. 1544.205(f). TSA recognizes that not all the requirements of part 1544 can be carried out in other countries. Accordingly, we work with the host governments, under international agreements, to ensure that the security measures in place provide the appropriate level of security. Section 1544.217 Law Enforcement Personnel TSA is providing clarifying amendments to paragraphs (a) and (b), to add missing cross-references. Currently, operations under twelve- five programs and under private charter programs must comply with Sec. 1544.217, regarding arranging for law enforcement support at airports where they operate. See Sec. 1544.101(b), (c), (d), and (e). Requirements for law enforcement personnel are already a part of the security programs for the twelve-five and private charter programs. However, Sec. 1544.217 does not currently refer to those operators. This clarification adds these cross references, as well as adding a cross reference to the new full all-cargo program under Sec. 1544.101(h) and (i). Section 1544.225 Security of Aircraft and Facilities New Sec. 1544.225 is amended to add paragraph (d), which requires operators of aircraft operating under a full program or a full all- cargo security program to prevent unauthorized access to the operational area of the aircraft while loading or unloading cargo. This requirement applies to operations conducted both within and outside a SIDA. TSA recognizes that current paragraph (b) requires all aircraft operators operating under security programs to prevent unauthorized access to each aircraft. The revisions to this section broaden this requirement for aircraft operated under a full or a full all-cargo security program, clarifying that the aircraft operator must prevent unauthorized access to the operational area around the aircraft during cargo loading and unloading operations. Section 1544.228 Security Threat Assessments for Cargo Personnel in the United States In this final rule, TSA has provided revisions to each section about a regulated entity's responsibilities for STAs. While these revisions comport with the scope of the NPRM, we have restructured the sections significantly, in order to be responsive to comments and provide greater clarity on the scope of personnel who are required to meet the STA requirements. The revisions clarify that the requirements apply to employees and agents of aircraft operators operating under a full program pursuant to Sec. 1544.101(a) or a full all-cargo program pursuant to Sec. 1544.101(h), who are authorized to perform certain security duties without an escort. Likewise, these requirements apply to employees and agents of foreign air carriers under Sec. Sec. 1546.101(a), (b), or (e), and IACs.\20\ Please refer back to the previous TSA responses regarding security threat assessments under section II. Comment Disposition, for more information on this topic. --------------------------------------------------------------------------- \20\ The STA requirements also extend to an officer, director, and person who holds 25 percent or more of total outstanding voting stock of an IAC. However, TSA did not receive requests for clarification to this requirement. --------------------------------------------------------------------------- This section is also satisfied by completion of a CHRC for unescorted access to SIDA, or by another STA approved by TSA. For instance, if the employee or agent has an STA for the issuance of a hazardous materials endorsement on a commercial driver's license, in accordance with Sec. 1572.5, TSA would approve that as acceptable for compliance with Sec. 1544.228. [[Page 30499]] Section 1544.229 Fingerprint-Based Criminal History Records Checks (CHRC): Unescorted Access Authority, Authority To Perform Screening Functions, and Authority To Perform Checked Baggage or Cargo Functions In the case of passenger aircraft operated under a full program, TSA already requires cargo screeners and their immediate supervisors in the United States to meet the CHRC requirements under Sec. 1544.229(a)(3)(i). This amendments requires that individuals and their immediate supervisors in the United States who screen cargo to be transported on an all-cargo aircraft with a full all-cargo program under Sec. 1544.101(h) submit to a CHRC under Sec. 1544.229. As stated earlier, TSA already requires airport operators to send to TSA certain personal information for each individual who has undergone a CHRC for a current SIDA or sterile area ID in order to perform an additional background check that is comparable to an STA. TSA is providing instruction to aircraft operators with a full or full- all-cargo security program to send to TSA the same type of information for cargo screeners who do not have current SIDA or sterile area IDs, and will also perform the additional check on this population. Most of these cargo screeners already have SIDA IDs and, thus, already are checked. Section 1544.239 Known Shipper Program Section 1544.239 codifies the known shipper program in the Federal regulations. The ``known shipper'' concept, which differentiates cargo being shipped by recognized entities from that originating with unknown parties, has been a fundamental element of air cargo security since 1976. The program has also been recognized as a global standard by the International Air Transport Association (IATA) and was recognized by the U.S. Congress as a form of screening in the ATSA.\21\ Passenger aircraft operators operating under a full program are required to have a known shipper program, including measures to ensure the shippers' validity and integrity, to inspect or further screen cargo, and to provide shipper data to TSA. Aircraft operators must meet these requirements in accordance with the standards detailed in their security program. The known shipper program applies to passenger operations under full programs, and to those operations that elect to have a comparable security program that allows interlining cargo to operations under a full program. --------------------------------------------------------------------------- \21\ 49 U.S.C. 44901(a). --------------------------------------------------------------------------- PART 1546--FOREIGN AIR CARRIER SECURITY Section 1546.3 TSA Inspection Authority TSA is adding paragraph (c) relating to TSA authority to enter and be present in certain areas in order to inspect or test compliance or perform other duties. This amendment is parallel to the provisions in Sec. 1544.3(c). This amendment reflects TSA's authority in the specified areas. Section 1546.101 Adoption and Implementation Cargo operations of foreign air carriers that land or takeoff in the United States are required to conform to essentially the same requirements as those applicable to comparable operations by U.S. aircraft operators. This section broadens the provisions of Sec. 1546.101 to require each foreign air carrier, landing or taking off in the United States, to adopt and carry out an appropriate security program for each covered all-cargo operation. This section establishes the requirements of an appropriate security program for a covered foreign air carrier conducting all-cargo operations in aircraft having a maximum certificated take-off weight greater than 45,500 kg (100,309.3 pounds) (analogous to a U.S. full all-cargo security program under part 1544), and in aircraft having a maximum certificated take- off weight greater than 12,500 pounds but not more than 45,500 kg (100,309.3 pounds) (analogous to a U.S. twelve-five program in all- cargo operations under part 1544). The requirement that a foreign air carrier with operations in aircraft that have a maximum certificated take-off weight greater than 12,500 pounds but not more than 45,500 kg under Sec. 1546.101(f) will supersede the current All-Cargo International Security Procedures requirements under Sec. 1550.7. See 69 FR 3939, Jan. 27, 2004. Section 1546.103 Form, Content, and Availability of Security Program In this section, TSA makes an administrative change to paragraph (a), removing the word ``passenger'' and changing ``U.S. air carriers'' to ``U.S. aircraft operators'' to acknowledge that certain all-cargo operations by a foreign air carrier now must be under a security program. In paragraph (b), TSA adds references to paragraphs (e) and (f) to the introductory text. This change broadens this section's requirements to encompass cargo operations. Section 1546.202 Persons and Property Onboard the Aircraft This section parallels the requirements of those for aircraft operations in the United States. The words ``are carried aboard the aircraft'' are added in this final rule in place of ``board the aircraft,'' which was used in the NPRM, to provide clarification of the scope of covered persons. This technical correction is consistent with the language of FAA regulations at 14 CFR 121.583. The rationale for this addition is described in the Section-by-Section Analysis for Sec. 1544.202. Section 1546.205 Acceptance and Screening of Cargo This section clarifies aviation security regulations with respect to the duty of foreign air carriers for the security of air cargo loaded in, or destined for, the United States. TSA amends paragraph (a) and (b), and adds new paragraphs (c), (d), (e), and (f) to Sec. 1546.205. These paragraphs are parallel to those for U.S. aircraft operators in Sec. 1544.205. Paragraph (d), ``Screening and inspection of cargo in the United States,'' provides that each foreign air carrier must ensure that, as required in its security program, cargo is screened and inspected for any unauthorized persons, and any unauthorized explosives, incendiaries, and other destructive substances or items as provided in the foreign air carrier's security program, in accordance with Sec. Sec. 1546.207 and 1546.215, if applicable, before loading it on its aircraft in the United States. Paragraph (e), ``Acceptance of cargo in the United States,'' provides that each foreign air carrier may accept cargo in the United States only from the shipper, or from an aircraft operator, foreign air carrier, or IAC operating under a security program under this chapter, with a comparable cargo security program as provided in its security program. Paragraph (f) provides that, for cargo to be loaded on its aircraft outside the United States, each foreign air carrier must carry out the requirements of its security program. Section 1546.213 Security Threat Assessment for Cargo Personnel in the United States In response to comments, TSA has revised this section from the NPRM to provide greater clarity to the scope of personnel who are required to meet the STA requirements. The rationale for the changes in this section are the same as [[Page 30500]] stated in the Section-by-Section Analysis for Sec. 1544.228. Section 1546.215 Known Shipper Program TSA is codifying the Known Shipper program for foreign air carriers, parallel to the known shipper program applicable to domestic air carriers in Sec. 1544.239. The rationale for adding this section is the same as stated in the Section-by-Section Analysis for Sec. 1544.239. Section 1546.301 Bomb or Air Piracy Threats TSA has revised the opening paragraph of this section by deleting the text ``in passenger operations'' and the off-setting commas around this text. This amend provides that foreign air carriers in passenger and all-cargo operations are required to meet parallel security measures as aircraft operators in the same operations. PART 1548--INDIRECT AIR CARRIER SECURITY Section 1548.3 TSA Inspection Authority TSA added Sec. 1548.3(c) to clarify that TSA may enter and be present where an IAC carries out security measures in order to inspect or test compliance, or perform other such duties as TSA may direct. Section 1548.5 Adoption and Implementation of the Security Program TSA has revised paragraphs (a), (b), and (c) of Sec. 1548.5 regarding the adoption and implementation of the IACSSP. Paragraph (a) specifies that no IAC may offer cargo to an aircraft operator operating under a full program or a full all-cargo program specified in part 1544, or to a foreign air carrier conducting a passenger operation under Sec. 1546.101(a) and (b), or an all-cargo program under Sec. 1546.101(e), unless that IAC has and carries out an approved security program under part 1548. Where this part referred to ``employees, agents, contractors, and subcontractors'' in the NPRM, it now reads ``employees and agents.'' This change is not substantive, as contractors and subcontractors are agents with regard to security responsibilities. This change should provide a simplified understanding of persons with security responsibilities. Paragraph (b) broadens the scope of security measures that may be required in an individual IAC's security program. Consistent with amendments made throughout this final rule, TSA is codifying existing requirements to prevent and deter unauthorized persons from using cargo to access passenger aircrafts. IACs currently having cargo screening responsibilities under current Sec. 1548.5(b)(1) and their approved security programs must ``[p]rovide for the safety of persons and property traveling in air transportation against acts of criminal violence and air piracy and the introduction of any unauthorized explosive or incendiary into cargo aboard a passenger aircraft.'' The IAC now must ``provide for the security of persons and property traveling in air transportation against acts of criminal violence and air piracy and against the introduction of any unauthorized person, and any unauthorized explosive, incendiary, and other destructive substance or item as provided in the indirect air carrier's security program.'' This section also broadens the scope of IACs' duties to include cargo to be carried on an aircraft operated under a full all-cargo security program, rather than solely in passenger operations. This change parallels the cargo security requirements in Sec. Sec. 1544.205 and 1546.205. Under paragraph (b)(1)(i), this requirement applies from the time the IAC accepts the cargo, to the time it transfers the cargo to an entity that is not an employee or agent of the IAC. This provision clarifies the existing IACSSP requirement that the IAC is responsible for carrying out security measures under this part when its employee or agent fulfills its function. Paragraph (b)(1)(ii) makes clear that security program requirements apply while the cargo is stored, en route, or otherwise being handled by an employee or agent of the IAC. Paragraph (b)(1)(iii) makes clear that security program requirements apply regardless of whether or not the IAC ever has physical possession of the cargo. For example, TSA notes that some IACs conduct their services only through telephone conversations or communications over the computer and use agents to transport the cargo physically. In these circumstances, the person with physical possession on behalf of the IAC is the IAC's agent. When the agent has possession, the IAC remains responsible for ensuring that its security program requirements are met. Paragraph (b) also requires the IAC to ensure that its employees and agents carry out the requirements of the IACSSP. Thus, TSA's change to paragraph (c) ensures that the content of each IACSSP reflects the scope of security measures established under Sec. 1548.5(b), references known shipper program requirements that are codified in Sec. 1548.17, and establishes a new requirement that each IACSSP include documentation of the procedures and curriculum used to accomplish the training, under Sec. 1548.11, of persons who accept, store, transport or deliver cargo on behalf of the IAC. Section 1548.7 Approval, Amendment, Annual Renewal, and Withdrawal of Approval of the Security Program Paragraph (a) reflects that TSA has developed the IACSSP, rather than having each IAC develop its own security program. Thus, consistent with current practices, rather than submitting a security program for TSA approval, an applicant requests approval to operate under the IACSSP. This paragraph explains how an applicant must seek approval to operate under the IACSSP, including a record-keeping requirement, and a list of information that the applicant must submit to TSA for consideration. Paragraph (a) also outlines the process for approving an applicant's operation under a security program, that approvals are effective for one year, and that the approved IAC must notify TSA of changes to the initial application. TSA uses the information submitted by IAC applicants to verify their legitimacy through a check of publicly-available records, and cross checks that information against data on terrorist databases. Paragraph (b) presents the processes an IAC must follow annually to seek renewed TSA approval to operate under the IACSSP. Annual renewal is a continuation, and codification, of the current practice under the IACSSP. IACs must submit the renewal request to TSA at least 30 calendar days prior to expiration of the IACSSP, as well as other standards for the submission. Paragraphs (c), (d), and (e) primarily parallel changes made previously to similar requirements for airport operator security programs and aircraft operator security programs in Sec. Sec. 1542.105 and 1544.105. This section adds a new paragraph (c)(6), allowing a group of IACs to submit a proposed amendment together. Paragraph (d) is the same as the current paragraph (c). Paragraph (d) is separated into three subparagraphs for easier reading. Paragraph (d)(1) substitutes ``aviation security'' for ``safety in air transportation or in air commerce'' to clarify the breadth of TSA's EA authority. Paragraph (d)(2) reorganizes existing EA standards to emphasize immediate effectiveness and that TSA will provide a brief statement regarding the rationale for the EA. Finally, paragraph (d)(3) provides the IAC with 15 days to file a petition for reconsideration but provides that the [[Page 30501]] filing of the petition does not stay the effective date of the amendment. Paragraph (e) revises the existing Emergency Amendments (EA) standards of the existing paragraph (d). TSA codifies procedures for TSA to withdraw an IAC's approval to operate under the IACSSP with the addition of paragraph (f). The standard for withdrawal is a TSA determination that the operation is contrary to security and the public interest. Paragraph (f) provides procedures for notice, response, and petition for reconsideration. The affected IAC would be able to request a stay of the withdrawal. TSA also codifies emergency withdrawal procedures. This codification creates procedural guidelines to implement withdrawal of a security program and affords due process to the IAC. The emergency procedures allow the IAC to submit a petition for reconsideration, but the filing of a petition will not stay the effective date of withdrawal. Paragraph (g) adds provisions for the proper service of documents in the withdrawal proceedings. Procedures for time extensions are found at paragraph (h). Section 1548.9 Acceptance of Cargo Paragraph 1548.9(a) broadens the scope of the IAC's duty to prevent or deter the carriage of any unauthorized persons and any unauthorized destructive substances or items on board an aircraft to the existing requirements that focus on preventing and deterring explosives and incendiaries. This provision requires IACs to carry out these procedures whenever offering cargo for air transportation on all-cargo aircraft under a full all-cargo program, as well as on passenger aircraft under a full program. This paragraph adds a requirement that the IAC request the shipper's consent to search or inspect the cargo. Under the former paragraph 1548.9(b), this duty extended only to cargo that was intended for shipment aboard a passenger aircraft. By removing the word ``passenger,'' this paragraph extends to cargo for shipment aboard certain all-cargo aircraft operations regulated by TSA. Paragraph 1548.9(b) deletes the requirement that the IAC must search or inspect cargo. Such inspections are to be done by the aircraft operator or foreign air carrier only. Section 1548.11 Training and Knowledge for Individuals with Security- Related Duties Certain employees and agents of IACs are subject to security- related training. These enhanced requirements for training cover individuals who perform security-related duties to ensure the appropriate security standards are met. Paragraph 1548.11(a) specifies that an IAC must not use any individual to perform any security-related duties to meet the requirements of its security program unless the individual has received training as specified in its security program. This requirement covers employees and agents performing security-related duties for the IAC. Under Sec. 1548.11(b), additional training requirements are specified for individuals who accept, handle, transport, or deliver cargo for or on behalf of the IAC. This training must include, at a minimum, requirements contained in the applicable provisions of part 1548, applicable Security Directives and Information Circulars, the approved airport security program applicable to their location, and the aircraft operator's or IAC's security program to the extent that such individuals need to know in order to perform their duties. Paragraph 1548.11(c) requires annual recurrent training of covered individuals in these elements of knowledge. Pursuant to Sec. 1548.7(a), initial training of the identified individuals performing duties for the IAC must be completed before an IAC may begin operations under its approved security program. TSA is providing a training curriculum to the IAC in this regard. Section 1548.13 Security Coordinators TSA requires each IAC to designate and use an Indirect Air Carrier Security Coordinator (IACSC). The IAC is required to appoint the IACSC at the corporate level, and the IACSC is the IAC's primary contact for security-related activities and communications with TSA, as set forth in the IACSSP. Either the IACSC or an alternate IACSC must be available on a 24-hour basis. This addition parallels existing security coordinator positions required of airport operators in Sec. 1542.3 and aircraft operators in Sec. 1544.215. Section 1548.15 Security Threat Assessments for Individuals Having Unescorted Access to Cargo TSA has provided revisions to this section consistent with the scope of the NPRM. This section is significantly restructured in order to be responsive to comments and provide greater clarity to the scope of personnel who are required to meet the STA requirements. The rationale for the changes in this section are the same as stated in the Section-by-Section Analysis for Sec. 1544.228. Section 1548.16 Security Threat Assessments for Each Proprietor, General Partner, Officer, Director, and Specified Owner of the Entity TSA has added this section to provide reference within part 1548 to the STA requirement at Sec. 1540.209(a). TSA has provided further clarification to the scope of persons covered under this section such as to cover partnerships and proprietors. In large part, TSA has adopted the meaning of ``owner,'' ``same family,'' and ``voting securities and other voting interests'' as are found at 31 CFR 103.175, for regulation of foreign banks. Section 1548.17 Known Shipper Program Section 1548.17 codifies the Known Shipper program in regulation. This addition is essentially the same as that for aircraft operators under proposed Sec. 1544.239. Section 1548.19 Security Directives and Information Circulars This section provides a procedure for TSA to issue emergency security measures to IACs through Security Directives (SD). This section authorizes TSA to issue Security Directives and Information Circulars to regulated IACs, and mandates compliance by the IAC with each Security Directive that it receives. Section 1548.19 also requires the IAC to acknowledge in writing receipt of the SD within the time prescribed in the SD, and to specify the method by which the measures in the SD have been implemented (or will be implemented, if the SD is not yet effective) within the time prescribed in the SD. In the event that the IAC is unable to implement the measures in a SD, Sec. 1548.19 authorizes the IAC to submit proposed alternative measures and the basis for the alternative measures to TSA for approval. The IAC must submit the proposed alternative measures within the time prescribed in the SD and, if they are approved by TSA, the IAC must implement them. Section 1548.19 also provides that each IAC that receives a SD may comment on the SD by submitting data, views, or arguments in writing to TSA, and that TSA may amend the SD based on comments received. Section 1548.19 also provides that submission of a comment does not delay the effective date of the SD. Section 1548.19 also provides that each IAC that receives a Security Directive or Information Circular and each person who receives information from a Security Directive or Information Circular must restrict the availability of [[Page 30502]] the Security Directive or Information Circular, and information contained in either document, to those persons with a need-to-know. The IAC must refuse to release the Security Directive or Information Circular, and information contained in either document, to persons other than those with a need-to-know without the prior written consent of TSA. IV. Fee Authority for Security Threat Assessment On October 1, 2003, legislation was enacted requiring TSA to collect reasonable fees to cover the costs of providing credentialing and background investigations in the transportation field.\22\ Fees collected under this legislation (Section 520) may be used to pay for the costs of conducting or obtaining a criminal history records check (CHRC); reviewing available law enforcement databases, commercial databases, and records of other governmental and international agencies; reviewing and adjudicating requests for waivers and appeals of TSA decisions; and any other costs related to performing a background records check or providing a credential. --------------------------------------------------------------------------- \22\ Department of Homeland Security Appropriations Act, 2004, Sec. 520 (Pub. L. 108-90, Oct. 1, 2003, 117 Stat. 1137). --------------------------------------------------------------------------- Section 520 mandates that any fee collected shall be available for expenditure only to pay for the costs incurred in providing services in connection with performing a background check or providing a credential. The fee shall remain available until expended. TSA is establishing this fee in accordance with the criteria set forth in 31 U.S.C. 9701 (General User Fee Statute), which requires fees to be fair and based on (1) costs to the government, (2) the value of the service or thing to the recipient, (3) public policy or interest served, and (4) other relevant facts. Summary of Security Threat Assessment Requirement TSA currently requires a variety of individuals working in aviation to submit to criminal history records checks to reduce the likelihood that a terrorist would gain employment that would give them access to the aircraft. Generally, these individuals work on airport grounds and have unescorted access to secure areas. In the cargo environment, many other persons have access to cargo before someone who has had such a check handles it. TSA recognizes that the number of individuals with unescorted access to cargo is very large and that extending fingerprint-based records checks to all of these people would likely be a very time-consuming and costly process that would cause a major disruption to the domestic and international transportation of goods. TSA focused the STA program on a review of terrorist databases to determine whether individuals seeking unescorted access to cargo present a terrorist threat. Flexibility will be achieved by ensuring that each of the following individuals are required to have either an STA or a background check for unescorted SIDA access authority. The covered individuals include: (1) Each proprietor, general partner, officer, director, and owner identified under Sec. 1548.16 of an IAC, or applicant to be an IAC. (2) Each employee and agent authorized to have unescorted access to cargo where: Aircraft operators with a full program and foreign air carriers under Sec. 1546.101(a) or (b) accept cargo; Aircraft operators with a full all-cargo program and foreign air carriers under Sec. 1546.101(e) consolidate or inspect cargo; IACs accept cargo for transportation on aircraft operated by an aircraft operator with a full program or a foreign air carrier under Sec. 1546.101(a) or (b); or IACs consolidate or hold cargo for transportation aboard an aircraft operated by an aircraft operator with a full or full all- cargo program, or a foreign air carrier under Sec. 1546.101(a), (b), or (e). Security Threat Assessment Population The above-referenced personnel who are authorized to have unescorted access to cargo on behalf of an IAC, an aircraft operator, or a foreign air carrier would be required to undergo a name-based STA. TSA approximates a ``de minimis'' number of persons who own 25 percent or more of these IACs that are not also officers or directors of the entity. Accordingly, TSA has not accounted for these individuals separately. However, those personnel with unescorted SIDA access already have undergone a criminal history records check. TSA would accept the criminal history records check in lieu of the proposed STA for these personnel. The Indirect Air Carrier Population TSA estimates that there are approximately 5,000 companies that are defined as IACs under this rule. TSA further estimates that there are, on average, approximately 13 employees per IAC, of whom an average of 10 would typically require regular unescorted access to air cargo and thus would need an STA under this rule. Therefore, the total IAC population requiring an STA is estimated to be 50,000 (5,000 x 10). Further discussion of TSA's IAC population estimates can be found in the full Regulatory Evaluation. Cargo Personnel Not Subject to Other TSA Security Threat Assessments TSA estimates that there are approximately 65 aircraft operators and foreign air carriers operating all-cargo flights that have employees who are subject to the proposed STA. As discussed in the Regulatory Evaluation aircraft operators and foreign air carriers have some employees who are required to submit to the fingerprint-based SIDA check, while others will only be required to submit to an STA. Because most of the aircraft operator employees are already covered by the SIDA background check requirements, TSA believes that only a limited number of employees would be required to submit to an STA. TSA estimates that there are, on average, approximately 25 employees for each aircraft operator and foreign air carrier operating all-cargo flights who would be required to submit to an STA. Therefore this total population is estimated to be 1,625 (65 x 25). Further discussion of TSA's estimates for affected all-cargo employees can be found in the full Regulatory Evaluation. Total Initial Population Given the estimated IAC population of 50,000 and 1,625 additional employees of relevant aircraft operators and foreign air carriers operating all-cargo flights, the total population subject to an STA is 51,625. This is the initial population TSA estimates will be required to submit to an STA during the first year of the program. Recurring Population TSA estimates approximately 15 percent of the initial total population will be required to submit to an STA each year after the initial assessment. Further discussion of TSA's recurring population estimate can be found in the full Regulatory Evaluation. This percentage represents annual new employers or employees with a new requirement for the STA. Therefore, the recurring population that would be required to submit to an STA annually is estimated to be 7,744 (15 percent x 51,625). Five Year Population Given the first year estimated population of 51,625 and subsequent annual recurring population of 7,744, TSA estimates the total population [[Page 30503]] receiving an STA over the first 5 years to be 82,601 (51,625 + (4 x 7,744)). TSA employs a five-year population period for calculating the STA fee to distribute the costs of delivering these services to the entire population more equitably, as required under this rule. Program Costs This section summarizes TSA's estimated costs for establishing the program, processes, and resources necessary to establish and perform the STA on the population as required under this rule. Leveraging Existing Resources Where possible, TSA will leverage processes, infrastructure and personnel that are currently utilized for other federal government air cargo regulatory initiatives and threat assessment services. These efforts will minimize the need for new government expenditures and keep fee levels to a minimum. For example, TSA is expanding its existing IAC database management system, currently used to manage regulatory relationships with IACs that ship cargo on passenger aircraft, to be able to collect and process the required applicant information from air cargo employees and agents that require an STA. Moreover, TSA is leveraging other existing applicant vetting processes and infrastructure, which TSA threat assessment programs benefit from collectively, so as not to create overlapping resource requirements. Start-Up Costs The startup costs are not incorporated in fee calculations. TSA has made this determination because these expenses are largely the result of extending information systems already built for other regulatory activities within the air cargo/IAC industry. As such, TSA is not including these startup costs in the fee. Five-Year Recurring Costs The entire population covered under this rule must submit to an STA within 180 days of rule publication, and thereafter only a small fraction (15 percent) of applications are expected annually. TSA must ensure that the fixed costs of the program are not borne solely by the smaller pool of new applicants in Year 1. Therefore, TSA averages the estimated total five-year recurring program costs and divides this value by the estimated five-year STA population to generate its per applicant fee. TSA estimates the five-year recurring costs to be $2,322,702. These costs include $1,837,500 for all required program personnel, $320,000 for all information management and hardware/software costs, and $165,202 for all vetting process costs. See Figure 1 below for additional details. Figure 1.--TSA Security Threat Assessment Program Costs Estimates ---------------------------------------------------------------------------------------------------------------- Five-year Category and sub-category Description Year 1 Years 2-5 recurring costs ---------------------------------------------------------------------------------------------------------------- Hardware/Software: IAC MS Database System Modifications Modification of existing IAC/ $0 $70,000 $280,000 air cargo database to accommodate new Security Threat Assessment (STA) information management requirements. Annual recurring system expense estimated to be 10 percent of start-up modification costs. Screening Gateway Interface Modification of existing 0 10,000 40,000 Development. interface to conform to program needs. Annual recurring system expense estimated to be 10 percent of start-up modification costs. System Security Testing, Set-up and Costs related to system set-up 0 0 0 Hosting. required for application hosting. -------------------------------------- Hardware/Software Total......... ............................... 0 80,000 320,000 Support Functions: Additional Program Personnel........ Two additional federal employee 210,000 210,000 1,050,000 full-time equivalents (FTEs) will be required to perform functions associated with the STA. Total cost to TSA is estimated at $105,000 per FTE (fully loaded, including administrative overhead costs). Finance/Accounting Personnel........ One half of an FTE (.5) will be 52,500 52,500 262,500 required to perform accounting and reconciliation functions and provide financial reports to program personnel. Total cost to TSA is estimated at $105,000 per FTE (fully loaded, including administrative overhead costs). -------------------------------------- Support Functions Total......... ............................... 262,500 262,500 1,312,500 Security Threat Assessment: Threat Assessment Analysis.......... A security threat analysis is 103,250 15,488 165,202 the process of querying applicant names against various terrorism-related government sources. This cost is derived by multiplying the total estimated program population by the TSA's estimated cost of $2 per applicant. Assumes 15 percent annual employee turnover. [[Page 30504]] Threat Assessment Process Personnel. One additional FTE at $105,000 105,000 105,000 525,000 annually will be necessary to provide support for background check component. Will also perform support functions. Total cost to TSA is estimated at$105,000 per FTE. -------------------------------------- Security Threat Assessment Total ............................... 208,250 120,488 690,202 -------------------------------------- Total Costs..................... ............................... 470,750 462,988 2,322,702 ---------------------------------------------------------------------------------------------------------------- Cost Adjustments Pursuant to the Chief Financial Officers Act of 1990, DHS/TSA will review this fee at least every two years.\23\ Upon review, if it is found that the fee is either too high (i.e., total fees exceed the total cost to provide the services) or too low (i.e., total fees do not cover the total costs to provide the services), TSA may propose changes to the fees. In addition, as DHS and TSA identify and implement additional efficiencies across numerous threat assessment and credentialing programs, resulting cost savings will be incorporated into the fee levels accordingly. --------------------------------------------------------------------------- \23\ 31 U.S.C. 902. --------------------------------------------------------------------------- Fee Calculation TSA is charging a fee to cover the recurring costs of the program. TSA estimates that total recurring program costs for the first 5 years (not including start-up costs) will be approximately $2,322,702 (($470,750 + (462,988 x 4)). These total costs, divided by the estimated five-year total of 82,601 applicants, yields a per applicant fee of $28 ($2,322,702/82,601), rounded down from $28.12. Fee Remittance Process TSA will employ a third party to establish the infrastructure for collecting the required financial data and fees for forwarding to TSA. This process will function in a similar manner to that of other TSA threat assessment programs and may include the services of Pay.gov, https://www.pay.gov/paygov/, the government-wide solution for Internet- based online payment services. V. Rulemaking Analyses and Notices V.A. Regulatory Evaluation Summary Changes to Federal regulations must undergo several economic analyses. First, Executive Order 12866 directs each Federal agency to propose or adopt a regulation only if the agency makes a reasoned determination that the benefits of the intended regulation justify its costs. Second, the Regulatory Flexibility Act of 1980 requires agencies to analyze the economic impact of regulatory changes on small entities. Third, the Trade Agreements Act (19 U.S.C. 2531-2533) prohibits agencies from setting standards that create unnecessary obstacles to the foreign commerce of the United States. In developing U.S. standards, this Trade Act requires agencies to consider international standards and where appropriate, as the basis of U.S. standards. Fourth, the Unfunded Mandates Reform Act of 1995 (Pub. L. 104-4) requires agencies to prepare a written assessment of the costs, benefits and other effects of proposed or final rules that include a Federal mandate likely to result in the expenditure by State, local or tribal governments, in the aggregate, or by the private sector, of $100 million or more annually (adjusted for inflation). In conducting these analyses, TSA has determined this rule-- (1) Is a ``significant regulatory action'' as defined in Executive Order 12866; (2) Will not have a significant impact on a substantial number of small entities; (3) Imposes no significant barriers to international trade; and (4) Does not impose an unfunded mandate on State, local, or tribal governments, but does on the private sector. Because TSA has determined that this rule is a significant regulatory action under Executive Order 12866, this rule has been reviewed and approved by the Office of Management and Budget (OMB). Economic Impacts This summary highlights the costs and benefits of the final rule to amend the transportation security regulations to further enhance and improve the security of air cargo transportation. TSA has determined that this is a major rule within the definition of Executive Order 12866, as annual costs or benefits to all parties do pass the $100 million threshold in any year. There are no significant economic impacts for each of the required analyses of small business impact, international trade, or unfunded mandates. Details of the proposed rule and the associated analysis were provided to the public for comment. This final regulatory analysis covers changes to the previous analysis in response both to public comments and changes TSA has made with the final rule. The complete analysis and the associated references are not repeated here. The required OMB Circular A-4 accounting statement is presented in the full regulatory evaluation, which is available in the docket as ``Final Regulatory Evaluation, Regulatory Flexibility Determination, Trade Impact Assessment, and Unfunded Mandate Assessment.'' Costs The following sections summarize the estimated costs of this rulemaking by general category of who pays. A detailed summary table in the full regulatory evaluation provides an overview of the cost items, section of the regulation that creates the requirement, and a description of cost elements. Both in this summary and the economic evaluation, descriptive language is used to try and relate the consequences of the regulation. Although the regulatory evaluation attempts to mirror the terms and wording of the regulation, no attempt is made to precisely replicate the regulatory language and readers are cautioned that the actual regulatory text, not the text of the evaluation, is binding. Throughout the evaluation rounding in displayed values may result in minor differences in displayed totals. Aircraft Operators will incur additional costs to comply with requirements of this rulemaking over [[Page 30505]] the 10-year period of 2005-2014. Cargo aircraft operators are estimated to incur costs totaling approximately $1.9 billion to comply with the requirements to require background checks for individuals who screen cargo for all-cargo aircraft, their supervisors, as well as for employees with unescorted access to the cargo. The rulemaking requires all-cargo aircraft operators to screen all persons entering the aircraft. This requirement is estimated to impose costs of approximately $35.2 million over the ten-year period of this analysis. They also are required to take additional measures to secure the aircraft and facilities at an estimated cost of $0.8 million. All-cargo aircraft operators with a maximum certificated take-off weight greater than 45,500 kg (100,309.3 lbs) need to ensure they have coordinated law enforcement notification and response capability to comply with the requirements to extend or create new secure areas to encompass air cargo operations. This requirement is not an expansion of law enforcement staffing. As a result, costs previously attributed to the LEO function have been removed. Finally, the codifying of existing Security Directive requirements and costs for random screening of air cargo on passenger aircraft and all-cargo flights are estimated to cost of $1.491 billion, and $328 million, respectively. Much of this increase is related to increased screening levels as mandated by Congress. Airport Operators that have one or more SIDAs are required to extend or create a new SIDA to encompass air cargo operations. This change applies only to aircraft operations conducted with aircraft having a maximum certificated take-off weight greater than 45,500 kg (100,309.3 lbs) operating a full program or a full all-cargo security program. TSA estimates the cost of this requirement to be $10.9 million over the ten-year period of this analysis. This cost reflects the cost of additional employee badges, additional airports, and the administrative costs of updating the airports' security plans. Indirect Air Carriers are impacted in several ways by this rulemaking. They are now required to complete security threat assessments for certain individuals. This requirement is estimated to impose costs totaling $4.6 million over ten years. IACs are also required to implement training and develop a testing tool for individuals who perform security related duties to meet the requirements of their security programs. These costs are estimated at $35.2 million over the ten-year period 2005-2014. They include the cost of initial training for the entire IAC labor force and annual recurrent training for the IAC labor force. This rulemaking establishes new requirements for IACs to obtain approval, to amend, and for annual recertification of their security programs. The costs estimated to comply with these requirements are $43.9 million over the period of this analysis. Foreign Air Carriers costs inside the United States are considered domestic costs for the purpose of this analysis and, therefore, are not estimated separately from domestic carrier costs; a separate discussion for these costs is not included. This costing method reflects the way the Department of Transportation reports data on foreign aircraft operations in the U.S. and the way it reports the cost impact of such aircraft operations on the U.S. economy. Security requirements of this rulemaking apply equally to foreign air carriers just as they apply to domestic carriers. For their overseas operations, individual foreign carriers are expected to experience financial impacts at levels similar to those experienced by domestic carriers and are not estimated here. TSA will incur costs as a result of the rule. Development of training for IAC employees will cost the agency approximately $450K. TSA also will incur costs of approximately $24.5 million to administer the Known Shipper program. The cost to TSA for the vetting of IACs is estimated at $2.6 million. TSA will also be modifying its current IAC compliance management system to accommodate the Security Threat Assessments in this rule. The costs of utilizing this system and some STA support costs are captured in the unit costs used to develop the fee costs for the aircraft operators and indirect air carriers. In summary, the cost impacts of this rulemaking are estimated to total approximately $2.0 billion undiscounted (discounted: $1.5 billion at 7 percent, $1.8 billion at 3 percent), over the period 2005-2014. Aircraft operators will incur costs totaling $1.9 billion, airport operators $10.9 million, IACs $83.6 million and TSA anticipates cost expenditures to administer the provisions of the rulemaking at $27.6 million over the ten year analysis period. Details on how estimates were developed, as well as the discounted value comparisons, were presented in the original evaluation. A separate Final Regulatory Evaluation is available on the docket and details the changes from the Initial Regulatory Evaluation. The full evaluation also includes detailed tables showing constant dollars; discounted costs at 7 percent and 3 percent; and a table of changes from the NPRM. Final Regulatory Flexibility Analysis (FRFA) The Regulatory Flexibility Act of 1980 (RFA) establishes ``as a principle of regulatory issuance that agencies shall endeavor, consistent with the objective of the rule and of applicable statutes, to fit regulatory and informational requirements to the scale of the business, organizations, and governmental jurisdictions subject to regulation.'' To achieve that principle, the RFA requires agencies to solicit and consider flexible regulatory proposals and to explain the rationale for their actions. The RFA covers a wide range of small entities, including small businesses, not-for-profit organizations, and small governmental jurisdictions. Agencies must perform a review to determine whether a proposed or final rule will have a significant economic impact on a substantial number of small entities. If the determination is that it will, the agency must prepare a regulatory flexibility analysis as described in the Act. However, if an agency determines that a proposed or final rule is not expected to have a significant economic impact on a substantial number of small entities, section 605(b) of the 1980 RFA provides that the head of the agency may so certify and a regulatory flexibility analysis is not required. The certification must include a statement providing the factual basis for this determination, and the reasoning should be clear. TSA conducted the required initial review of this rule and indicated that TSA believed it would not have a significant economic impact on a substantial number of small entities. There are two primary sources of change related to the RFA analysis. Although IAC costs in total went up, the population of both workers and businesses both went up. The cost impact per employee and business unit were calculated and summed to get a total business cost per business. TSA examined the smallest businesses' revenue and compared the cost as a percent of the revenue. This calculation in the Initial Regulatory Flexibility Analysis rounded to 0.0 percent. When recomputed in the Final Regulatory Flexibility Analysis (FRFA) the same computation still rounds to 0.0 percent. Therefore, TSA finds that there is not a significant impact on a substantial number of small businesses. More detail on the FRFA can be found in the separate Final Regulatory Evaluation, available on the docket. [[Page 30506]] V.B. Paperwork Reduction Act TSA did not receive comments that provided substantive information for consideration regarding the Paperwork Reduction Act. Under the Paperwork Reduction Act of 1995 (PRA) (44 U.S.C. 3501, et seq.), a Federal agency must obtain approval from OMB for each collection of information it conducts, sponsors, or requires through regulations. This proposal contains information collection activities subject to the PRA. Accordingly, the following information requirements are being submitted to OMB for its review. Title: Air Cargo Security Requirements. Summary: TSA is amending the transportation security regulations to further enhance and improve the security of air cargo transportation. Specifically, TSA is creating a mandatory security program for all- cargo aircraft operations over 45,500 kg (100,309.3 lbs.) and is amending existing security regulations and programs for aircraft operators, foreign air carriers, airport operators, and IACs. TSA is expanding STA requirements to new populations, including certain individuals who have unescorted access to air cargo, each proprietor, general partner, officer, and director, and certain owners of an IAC or applicant to be an IAC. Use of: Security programs that are developed or amended as a result of this final rule will be kept on file and updated so that TSA inspectors may check for regulatory compliance and uniform application of the rules. Evidence of appropriate employee training in security matters will also become a part of this record. STAs conducted as a result of this final rule will be used to determine employment suitability for those who have unescorted access to cargo and each proprietor, general partner, officer, and director, and certain owners of an IAC or applicant to be an IAC. Similarly, employees and agents of aircraft operators must successfully complete a CHRC prior to screening cargo. Respondents (including number of): The respondents to this information requirement are aircraft operators, foreign air carriers, IACs, and their employees who undergo STAs for a total of approximately 51,625 respondents the first year and approximately 7,744 respondents each following year, for an average of 22,371 respondents for each of the three years. Respondents also include carriers and their employees who undergo CHRCs, for a total of approximately 50,000 respondents the first year and approximately 7,651 each following year, for an average of 21,742 respondents for each of the three years. The combined average number of respondents for STAs and CHRCs is approximately 49,395 for each of the three years. The annual number of respondents includes both new entrants and renewals. The number consists of 65 all-cargo operators, 5,000 IACs, and their affected employees. TSA made these estimates after reviewing public comments. Frequency: Upon implementation, security programs related to this final rule, including employee training records, will need to be kept on file and updated as necessary. STAs will be conducted for all existing and subsequent new employees who have unescorted access to cargo where such employees do not already have unescorted SIDA access. CHRCs will be conducted on individuals who are employees of aircraft operators and who have the responsibility to screen cargo. Annual Burden Estimate: The annual burden associated with the security program is estimated to be 43,143 hours. The annual burden associated with the STA is estimated to average 5,593 hours over the three years, while the annual burden associated with the CHRCs is estimated to average 10,871 hours over the three years for a combined average annual total of 59,607 hours. The agency invited comments to-- (1) Evaluate whether the proposed information requirement is necessary for the proper performance of the functions of the agency, including whether the information will have practical utility; (2) Evaluate the accuracy of the agency's estimate of the burden; (3) Enhance the quality, utility, and clarity of the information to be collected; and (4) Minimize the burden of the collection of information on those who are to respond, including through the use of appropriate automated, electronic, mechanical, or other technological collection techniques or other forms of information technology. As protection provided by the Paperwork Reduction Act, as amended, an agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless it displays a currently valid OMB control number. The OMB control number for this information collection will be published in the Federal Register after OMB approves it. V.C. International Compatibility In keeping with United States obligations under the Convention on International Civil Aviation, it is TSA policy to comply with International Civil Aviation Organization (ICAO) Standards and Recommended Practices to the maximum extent practicable. TSA has determined that these regulations are consistent with ICAO Standards and Recommended Practices. V.D. International Trade Impact Assessment The Trade Agreement Act of 1979 prohibits Federal agencies from establishing any standards or engaging in related activities that create unnecessary obstacles to the foreign commerce of the United States. Legitimate domestic objectives, such as safety, are not considered unnecessary obstacles. The statute also requires consideration of international standards and, where appropriate, that they be the basis for U.S. standards. TSA has assessed the potential effect of this final rule and has determined that carrier operations at overseas locations must provide an equivalent level of security. At most the impact of this rule creates an even competitive cost structure. V.E. Unfunded Mandates Reform Act Analysis The Unfunded Mandates Reform Act of 1995 (the Act) is intended, among other things, to curb the practice of imposing unfunded Federal mandates on State, local, and tribal governments. Title II of the Act requires each Federal agency to prepare a written statement assessing the effects of any Federal mandate in a proposed or final agency rule that may result in an expenditure of $100 million or more (adjusted annually for inflation) in any one year by State, local, and tribal governments, in the aggregate, or by the private sector, such a mandate is deemed to be a ``significant regulatory action.'' This final rule does not contain such a mandate on State, local, and tribal governments. The overall impact on the economy does exceed the threshold in the aggregate. The full regulatory evaluation documents costs, public comments, alternatives, and TSA accommodation of the public comments. V.F. Executive Order 13132, Federalism TSA has analyzed this final rule under the principles and criteria of Executive Order 13132, Federalism. We determined that this action would not have a substantial direct effect on the States, on the relationship between the national Government and the States, or on the distribution of power and responsibilities among the various levels of government, and therefore would not have federalism implications. [[Page 30507]] V.G. Environmental Analysis TSA has reviewed this action for purposes of the National Environmental Policy Act of 1969 (NEPA) (42 U.S.C. 4321-4347) and has determined that this action will not have a significant effect on the human environment. In accordance with FAA Order 1050.1D, appendix 4, paragraph 4(j), this rulemaking action qualifies for a categorical exclusion. The FAA order continues to apply to TSA in accordance with the Homeland Security Act (Pub. L. 107-296), until DHS publishes its NEPA implementing regulations. V.H. Energy Impact The energy impact of this document has been assessed in accordance with the Energy Policy and Conservation Act (EPCA), Pub. L. 94-163, as amended (42 U.S.C. 6362). We have determined that this rulemaking is not a major regulatory action under the provisions of the EPCA. VI. List of Subjects 49 CFR Part 1520 Air transportation, Law enforcement officers, Reporting and recordkeeping requirements, Security measures. 49 CFR Part 1540 Air carriers, Aircraft, Airports, Civil aviation security, Law enforcement officers, Reporting and recordkeeping requirements, Security measures. 49 CFR Part 1542 Air carriers, Aircraft, Airport security, Aviation safety, Security measures. 49 CFR Part 1544 Air carriers, Aircraft, Aviation safety, Freight forwarders, Incorporation by reference, Reporting and recordkeeping requirements, Security measures. 49 CFR Part 1546 Aircraft, Aviation safety, Foreign air carriers, Incorporation by reference, Reporting and recordkeeping requirements, Security measures. 49 CFR Part 1548 Air transportation, Reporting and recordkeeping requirements, Security measures. VII. The Amendment 0 For the reasons set forth above, the Transportation Security Administration amends title 49 of the Code of Federal Regulations parts 1520, 1540, 1542, 1544, 1546, and 1548 to read as follows: PART 1520--PROTECTION OF SENSITIVE SECURITY INFORMATION 0 1. The authority citation for part 1520 continues to read as follows: Authority: 49 U.S.C. 114, 5103, 40119, 44901-44907, 44913-44914, 44916-44918, 44935-44936, 44942, 46105. 0 2. Amend Sec. 1520.5 by revising paragraphs (b)(2)(i), (b)(3)(i), and (b)(4)(i) to read as follows: Sec. 1520.5 Sensitive security information. * * * * * (b) * * * (2) * * * (i) Issued by TSA under 49 CFR 1542.303, 1544.305, 1548.19, or other authority; * * * * * (3) * * * (i) Information circular issued by TSA under 49 CFR 1542.303, 1544.305, 1548.19, or other authority; and * * * * * (4) * * * (i) Any device used by the Federal Government or any other person pursuant to any aviation or maritime transportation security requirements of Federal law for the detection of any person, and any weapon, explosive, incendiary, or destructive device, item, or substance; and * * * * * SUBCHAPTER C--CIVIL AVIATION SECURITY PART 1540--CIVIL AVIATION SECURITY: GENERAL RULES 0 3. The authority citation for part 1540 continues to read as follows: Authority: 49 U.S.C. 114, 5103, 40113, 44901-44907, 44913-44914, 44916-44918, 44935-44936, 44942, 46105. 0 4. Amend Sec. 1540.5 by revising the definition of ``indirect air carrier'' and adding a new definition of ``unescorted access to cargo'' in alphabetical order to read as follows: Sec. 1540.5 Terms used in this subchapter. * * * * * Indirect air carrier (IAC) means any person or entity within the United States not in possession of an FAA air carrier operating certificate, that undertakes to engage indirectly in air transportation of property, and uses for all or any part of such transportation the services of an air carrier. This does not include the United States Postal Service (USPS) or its representative while acting on the behalf of the USPS. * * * * * Unescorted access to cargo means the authority granted by an aircraft operator or IAC to individuals to have access to air cargo without an escort. 0 5. Amend Sec. 1540.111 by revising paragraph (a)(1) to read as follows: Sec. 1540.111 Carriage of weapons, explosives, and incendiaries by individuals. (a) * * * (1) When performance has begun of the inspection of the individual's person or accessible property before entering a sterile area, or before boarding an aircraft for which screening is conducted under this subchapter; * * * * * 0 6. Add new Subpart C--Security Threat Assessments to read as follows: Subpart C--Security Threat Assessments Sec. 1540.201 Applicability and terms used in this subpart. 1540.203 Operator responsibilities. 1540.205 Notification. 1540.207 Appeal procedures. 1540.209 Security threat assessment fee. Subpart C--Security Threat Assessments Sec. 1540.201 Applicability and terms used in this subpart. (a) This subpart includes the procedures that certain aircraft operators, foreign air carriers, and indirect air carriers must use to have security threat assessments done on certain individuals pursuant to 49 CFR 1544.228, 1546.213, 1548.7, 1548.15, and 1548.16. This subpart applies to-- (1) Each aircraft operator operating under a full program or full all-cargo program described in 49 CFR 1544.101(a) or (h); (2) Each foreign air carrier operating under a program described in 49 CFR 1546.101(a), (b), or (e); (3) Each indirect air carrier operating under a security program described in 49 CFR 1548; and (4) Each individual with, or applying for, unescorted access to cargo under one of the programs described in (a)(1) through (a)(3) of this section. (5) Each proprietor, general partner, officer, director, or owner of an indirect air carrier as described in 49 CFR 1548.16. (b) For purposes of this subpart-- Individuals means the individuals listed in paragraphs (a)(4) and (a)(5) of this section. Operator means an aircraft operator, foreign air carrier, and indirect air carrier listed in paragraphs (a)(1) through (a)(3) of this section. (c) An individual poses a security threat under this subpart when TSA determines that he or she is known to pose or suspected of posing a threat-- [[Page 30508]] (1) To national security; (2) To transportation security; or (3) Of terrorism. (d) For purposes of this subpart: (1) Date of service means-- (i) The date of personal delivery in the case of personal service; (ii) The mailing date shown on the certificate of service; (iii) The date shown on the postmark if there is no certificate of service; (iv) Another mailing date shown by other evidence if there is no certificate of service or postmark; or (v) The date in an e-mail showing when it was sent. (2) Day means calendar day. Sec. 1540.203 Operator responsibilities. (a) Each operator subject to this subpart must ensure that each individual described in Sec. 1540.201(a)(4) and (a)(5) completes the Security Threat Assessment described in this section. (b) Each operator must: (1) Authenticate the identity of the individual by-- (i) Reviewing two forms of identification, one of which must be a government-issued picture identification; or (ii) Other means approved by TSA. (2) Submit to TSA a Security Threat Assessment application for each individual that is signed by the individual and that includes: (i) Legal name, including first, middle, and last; any applicable suffix; and any other names used previously. (ii) Current mailing address, including residential address if it differs from the current mailing address, and all other residential addresses for the previous five years, and e-mail address, if the individual has an e-mail address. (iii) Date and place of birth. (iv) Social security number, (submission is voluntary, although recommended). (v) Gender. (vi) Country of citizenship, and if naturalized in the United States, date of naturalization and certificate number. (vii) Alien registration number, if applicable. (viii) The following statement reading: Privacy Act Notice: Authority: The authority for collecting this information is 49 U.S.C. 114, 40113, and 49 U.S.C. 5103a. Purpose: This information is needed to verify your identity and to conduct a Security Threat Assessment to evaluate your suitability for completing the functions required by this position. Failure to furnish your SSN may result in delays in processing your application, but will not prevent completion of your Security Threat Assessment. Furnishing the other information is also voluntary; however, failure to provide it may delay or prevent the completion of your Security Threat Assessment, without which you may not be granted authorization to have unescorted access to air cargo subject to TSA security requirements. Routine Uses: Routine uses of this information include disclosure to TSA contractors or other agents who are providing services relating to the Security Threat Assessments; to appropriate governmental agencies for law enforcement or security purposes, or in the interests of national security; and to foreign and international governmental authorities in accordance with law and international agreement. For further information, please consult DHS/TSA 002 Transportation Security Threat Assessment System. The information I have provided on this application is true, complete, and correct to the best of my knowledge and belief and is provided in good faith. I understand that a knowing and willful false statement, or an omission of a material fact, on this application can be punished by fine or imprisonment or both (see section 1001 of Title 18 United States Code), and may be grounds for denial of authorization or in the case of parties regulated under this section, removal of authorization to operate under this chapter, if applicable. (3) Retain the individual's signed Security Threat Assessment application and any communications with TSA regarding the individual's application, for 180 days following the end of the individual's service to the operator. (c) Records under this section may include electronic documents with electronic signature or other means of personal authentication, where accepted by TSA. Sec. 1540.205 Notification. (a) TSA review. In conducting the Security Threat Assessment, TSA reviews-- (1) The information required in Sec. 1540.203(b) and transmitted to TSA; and (2) Domestic and international databases relevant to determining whether an individual poses a security threat or that confirm an individual's identity. (b) Determination of No Security Threat. TSA serves a Determination of No Security Threat on the individual and the operator, if TSA determines that an individual does not pose a security threat. (c) Initial Determination of Threat Assessment. TSA serves an Initial Determination of Threat Assessment on the individual and the operator, if TSA determines that the individual poses a security threat. The Initial Determination of Threat Assessment includes-- (1) A statement that TSA has determined that the individual poses a security threat; (2) The basis for the determination; (3) Information about how the individual may appeal the determination; and (4) A statement that if the individual chooses not to appeal TSA's determination within 30 days of receipt of the Initial Determination of Threat Assessment in accordance with Sec. 1540.207, or does not request an extension of time within 30 days of the Initial Determination of Threat Assessment in order to file an appeal, the Initial Determination of Threat Assessment becomes a Final Determination of Threat Assessment. (d) Final Determination of Threat Assessment. If TSA determines that an individual poses a security threat, TSA serves a Final Determination of Threat Assessment on the operator and the individual who appealed the Initial Determination of Threat Assessment. (e) Withdrawal by TSA. TSA serves a Withdrawal of the Initial Determination of Threat Assessment on the individual and a Determination of No Security Threat on the operator, if the appeal results in a determination that the individual does not pose a security threat. Sec. 1540.207 Appeal procedures. (a) Scope. This section applies to individuals who wish to appeal an Initial Determination of Threat Assessment. (b) Grounds for Appeal. An individual may appeal an Initial Determination of Threat Assessment if the individual is asserting that he or she does not pose a security threat. (c) Appeal. An individual initiates an appeal by submitting a written reply or written request for materials from TSA or by requesting more time in accordance with Sec. 1540.205(c)(4). If the individual fails to initiate an appeal within 30 days of receipt, the Initial Determination of Threat Assessment becomes final, and TSA serves a Final Determination of Threat Assessment on the operator and the individual. (1) Request for materials. An individual receiving an Initial Determination of Threat Assessment may serve upon TSA a written request for copies of the materials upon which the Initial Determination of Threat Assessment was based. (2) TSA response. Within 30 days of receiving the individual's request for materials, TSA serves copies upon the individual of the releasable materials upon which the Initial Determination of Threat Assessment was based. TSA will exclude any classified information or other protected information described in paragraph (f) of this section. [[Page 30509]] (3) Correction of records. If the Initial Determination of Threat Assessment was based on a record that the individual believes is erroneous, he or she may correct the record, as follows: (i) The individual may contact the jurisdiction or entity responsible for the information and attempt to correct or complete information contained in his or her record. (ii) The individual must then provide TSA with the revised record, or a certified true copy of the information from the appropriate entity, before TSA may determine that the individual meets the standards for the Security Threat Assessment. (4) Reply. (i) The individual may serve upon TSA a written reply to the Initial Determination of Threat Assessment within 30 days of service of the Initial Determination of Threat Assessment, or 30 days after the date of service of TSA's response to the individual's request for materials under paragraph (c)(1) of this section, if the individual served such a request. (ii) In an individual's reply, TSA will consider only material that is relevant to verifying identification or determining that the individual does not pose a security threat. (5) Final determination. Within 30 days after TSA receives the individual's reply, TSA serves a Final Determination of Threat Assessment or a Withdrawal of the Initial Determination of Threat Assessment. (d) Final Determination of Threat Assessment. (1) If TSA determines that the individual poses a security threat, TSA serves a Final Determination of Threat Assessment upon the individual and the operator. The Final Determination of Threat Assessment includes-- (2) A statement that TSA has reviewed the Initial Determination of Threat Assessment, the individual's reply, if any, and any other materials or information available to him or her and has determined that the individual poses a security threat. (e) Withdrawal of Initial Determination of Threat Assessment. If TSA concludes that the individual does not pose a security threat, TSA serves a Withdrawal of the Initial Determination of Threat Assessment on the individual and the operator. (f) Nondisclosure of certain information. In connection with the procedures under this section, TSA does not disclose to the individual or counsel classified information, as defined in sec. 1.1(d) of Executive Order 12968, and reserves the right not to disclose any other information or material not warranting disclosure or protected from disclosure under law. (g) Extension of time. TSA may grant an individual an extension of time of the limits set forth in this section for good cause shown. An individual's request for an extension of time must be in writing and be received by TSA at least 2 days before the due date to be extended. TSA may grant itself an extension of time for good cause. (h) Judicial review. The Final Determination of Threat Assessment constitutes a final TSA order subject to judicial review in accordance with 49 U.S.C. 46110. Sec. 1540.209 Security threat assessment fee. (a) Imposition of fees. The fee of $28 is required for TSA to conduct a security threat assessment for an individual. (b) Remittance of fees. (1) The fee required under this subpart must be remitted to TSA, in a form and manner acceptable to TSA, each time the individual or an aircraft operator, foreign air carrier, or indirect air carrier submits the information required under Sec. 1540.203 to TSA. (2) Fees remitted to TSA under this subpart must be payable to the ``Transportation Security Administration''' in U.S. currency and drawn on a U.S. bank. (3) TSA will not issue any fee refunds, unless a fee was paid in error. PART 1542--AIRPORT SECURITY 0 7. The authority citation for part 1542 continues to read as follows: Authority: 49 U.S.C. 114, 5103, 40113, 44901-44905, 44907, 44913-44914, 44916-44917, 44935-44936, 44942, 46105. 0 8. Amend Sec. 1542.1 by adding new paragraph (d) to read as follows: Sec. 1542.1 Applicability of this part. * * * * * (d) Each airport operator that does not have a security program under this part that serves an aircraft operator operating under a security program under part 1544 of this chapter, or a foreign air carrier operating under a security program under part 1546 of this chapter. Such airport operators must comply with Sec. 1542.5(e). 0 9. Amend Sec. 1542.5 by adding paragraph (e) to read as follows: Sec. 1542.5 Inspection authority. * * * * * (e) TSA may enter and be present at an airport that does not have a security program under this part, without access media or identification media issued or approved by an airport operator or aircraft operator, to inspect an aircraft operator operating under a security program under part 1544 of this chapter, or a foreign air carrier operating under a security program under part 1546 of this chapter. 0 10. Amend Sec. 1542.101 by revising paragraphs (a) introductory text, (b), and (c) introductory text to read as follows: Sec. 1542.101 General requirements. (a) No person may operate an airport subject to Sec. 1542.103 unless it adopts and carries out a security program that-- * * * * * (b) Each airport operator subject to Sec. 1542.103 must maintain one current and complete copy of its security program and provide a copy to TSA upon request. (c) Each airport operator subject to Sec. 1542.103 must-- * * * * * 0 11. Amend Sec. 1542.205 by revising paragraphs (a) and (b)(2), and adding new paragraph (c) to read as follows: Sec. 1542.205 Security of the security identification display area (SIDA). (a) Each airport operator required to have a complete program under Sec. 1542.103(a) must establish at least one SIDA, as follows: (1) Each secured area must be a SIDA. (2) Each part of the air operations area that is regularly used to load cargo on, or unload cargo from, an aircraft that is operated under a full program or a full all-cargo program as provided in Sec. 1544.101(a) or (h) of this chapter, or a foreign air carrier under a security program as provided in Sec. 1546.101(a), (b), or (e), must be a SIDA. (3) Each area on an airport where cargo is present after an aircraft operator operating under a full program or a full all-cargo program under Sec. 1544.101(a) or (h) of this chapter, or a foreign air carrier operating under a security program under Sec. 1546.101(a), (b), or (e) of this chapter, or an indirect air carrier, accepts it must be a SIDA. This includes areas such as: Cargo facilities; loading and unloading vehicle docks; and areas where an aircraft operator, foreign air carrier, or indirect air carrier sorts, stores, stages, consolidates, processes, screens, or transfers cargo. (4) Other areas of the airport may be SIDAs. (b) * * * (2) Subject each individual to a criminal history records check as described in Sec. 1542.209 before authorizing unescorted access to the SIDA. * * * * * [[Page 30510]] (c) An airport operator that is not required to have a complete program under Sec. 1542.103(a) is not required to establish a SIDA under this section. PART 1544--AIRCRAFT OPERATOR SECURITY: AIR CARRIERS AND COMMERCIAL OPERATORS 0 12. The authority citation for part 1544 continues to read as follows: Authority: 49 U.S.C. 114, 5103, 40113, 44901-44905, 44907, 44913-44914, 44916-44918, 44932, 44935-44936, 44942, 46105. 0 13. Amend Sec. 1544.3 by revising paragraph (c) to read as follows: Sec. 1544.3 TSA inspection authority. * * * * * (c) TSA may enter and be present within secured areas, AOAs, SIDAs, and other areas where security measures required by TSA are carried out, without access media or identification media issued or approved by an airport operator or aircraft operator, in order to inspect or test compliance, or perform other such duties as TSA may direct. * * * * * 0 14. Amend Sec. 1544.101 by revising paragraphs (d)(1), (d)(4), and (e)(1), and adding new paragraphs (h) and (i) to read as follows: Sec. 1544.101 Adoption and implementation. * * * * * (d) * * * (1) Is an aircraft with a maximum certificated takeoff weight of more than 12,500 pounds; * * * * * (4) Is not under a full program, partial program, or full all-cargo program under paragraph (a), (b), or (h) of this section. (e) * * * (1) The requirements of Sec. Sec. 1544.215, 1544.217, 1544.219, 1544.223, 1544.230, 1544.235, 1544.237, 1544.301(a) and (b), 1544.303, and 1544.305; and in addition, for all-cargo operations of Sec. Sec. 1544.202, 1544.205(a), (b), (d), and (f). * * * * * (h) Full all-cargo program--adoption: Each aircraft operator must carry out the requirements of paragraph (i) of this section for each operation that is-- (1) In an aircraft with a maximum certificated takeoff weight of more than 45,500 kg (100,309.3 pounds); and (2) Carrying cargo and authorized persons and no passengers. (i) Full all-cargo program--contents: For each operation described in paragraph (h) of this section, the aircraft operator must carry out the following, and must adopt and carry out a security program that meets the applicable requirements of Sec. 1544.103(c): (1) The requirements of Sec. Sec. 1544.202, 1544.205, 1544.207, 1544.209, 1544.211, 1544.215, 1544.217, 1544.219, 1544.225, 1544.227, 1544.228, 1544.229, 1544.230, 1544.231, 1544.233, 1544.235, 1544.237, 1544.301, 1544.303, and 1544.305. (2) Other provisions of subpart C of this part that TSA has approved upon request. (3) The remaining requirements of subpart C of this part when TSA notifies the aircraft operator in writing that a security threat exists concerning that operation. 0 15. Add a new Sec. 1544.202 to read as follows: Sec. 1544.202 Persons and property onboard an all-cargo aircraft. Each aircraft operator operating under a full all-cargo program, or a twelve-five program in an all-cargo operation, must apply the security measures in its security program for persons who board the aircraft for transportation, and for their property, to prevent or deter the carriage of any unauthorized persons, and any unauthorized weapons, explosives, incendiaries, and other destructive devices, items, or substances. 0 16. Revise Sec. 1544.205 to read as follows: Sec. 1544.205 Acceptance and screening of cargo. (a) Preventing or deterring the carriage of any explosive or incendiary. Each aircraft operator operating under a full program, a full all-cargo program, or a twelve-five program in an all-cargo operation, must use the procedures, facilities, and equipment described in its security program to prevent or deter the carriage of any unauthorized persons, and any unauthorized explosives, incendiaries, and other destructive substances or items in cargo onboard an aircraft. (b) Screening and inspection of cargo. Each aircraft operator operating under a full program or a full all-cargo program, or a twelve-five program in an all-cargo operation, must ensure that cargo is screened and inspected for any unauthorized person, and any unauthorized explosive, incendiary, and other destructive substance or item as provided in the aircraft operator's security program and Sec. 1544.207, and as provided in Sec. 1544.239 for operations under a full program, before loading it on its aircraft. (c) Control. Each aircraft operator operating under a full program or a full all-cargo program must use the procedures in its security program to control cargo that it accepts for transport on an aircraft in a manner that: (1) Prevents the carriage of any unauthorized person, and any unauthorized explosive, incendiary, and other destructive substance or item in cargo onboard an aircraft. (2) Prevents unescorted access by persons other than an authorized aircraft operator employee or agent, or persons authorized by the airport operator or host government. (d) Refusal to transport. Except as otherwise provided in its program, each aircraft operator operating under a full program, a full all-cargo program, or a twelve-five program in an all-cargo operation, must refuse to transport any cargo if the shipper does not consent to a search or inspection of that cargo in accordance with the system prescribed by this part. (e) Acceptance of cargo only from specified persons. Each aircraft operator operating under a full program or a full all-cargo program may accept cargo for air transportation only from the shipper, or from an aircraft operator, foreign air carrier, or indirect air carrier operating under a security program under this chapter with a comparable cargo security program, as provided in its security program. (f) Acceptance and screening of cargo outside the United States. For cargo to be loaded on its aircraft outside the United States, each aircraft operator must carry out the requirements of its security program. 0 17. Amend Sec. 1544.217 by revising paragraphs (a)(2) introductory text and (b) introductory text to read as follows: Sec. 1544.217 Law enforcement personnel. (a) * * * (2) For operations under a partial program under Sec. 1544.101(b) and (c), a twelve-five program under Sec. 1544.101(d) and (e), a private charter program under Sec. 1544.101(f), or a full all-cargo program under Sec. 1544.101(h) and (i), each aircraft operator must-- * * * * * (b) The following applies to operations at airports required to hold security programs under part 1542 of this chapter. For operations under a partial program under Sec. 1544.101(b) and (c), a twelve-five program under Sec. 1544.101(d) and (e), a private charter program under Sec. 1544.101(f), or a full all-cargo program under Sec. 1544.101(h) and (i), each aircraft operator must-- * * * * * 0 18. Amend Sec. 1544.225 by adding new paragraph (d) to read as follows: Sec. 1544.225 Security of aircraft and facilities. * * * * * [[Page 30511]] (d) When operating under a full program or a full all-cargo program, prevent unauthorized access to the operational area of the aircraft while loading or unloading cargo. 0 19. Add a new Sec. 1544.228 to read as follows: Sec. 1544.228 Access to cargo: Security threat assessments for cargo personnel in the United States. This section applies in the United States to each aircraft operator operating under a full program under Sec. 1544.101(a), or a full all- cargo program under Sec. 1544.101(h) of this part. (a) This section applies for each employee and agent the aircraft operator authorizes to have unescorted access to cargo from the time-- (1) The cargo reaches a location where an aircraft operator with a full all-cargo program consolidates or inspects it pursuant to security program requirements until the cargo enters an airport Security Identification Display Area or is transferred to another TSA-regulated aircraft operator, foreign air carrier, or indirect air carrier; or (2) An aircraft operator with a full program accepts the cargo until the cargo: (i) Enters an airport Security Identification Display Area; (ii) Is removed from the destination airport; or (iii) Is transferred to another TSA-regulated aircraft operator, foreign air carrier, or indirect air carrier. (b) Before an aircraft operator authorizes, and before an employee or agent gains, unescorted access to cargo as described in paragraph (a) of this section, each employee or agent must successfully complete one of the following: (1) A criminal history records check under Sec. Sec. 1542.209, 1544.229, or 1544.230 of this chapter, if the employee or agent is otherwise required to undergo that check. (2) A Security Threat Assessment under part 1540 subpart C of this chapter. An employee or agent who has successfully completed this Security Threat Assessment for one employer need not complete it for another employer if the employee or agent has been continuously employed in a position that requires a Security Threat Assessment. (3) Another Security Threat Assessment approved by TSA as comparable to paragraphs (b)(1) or (2) of this section. (c) Each aircraft operator must ensure that each individual who has access to its cargo-- (1) Has successfully completed one of the checks in paragraph (b) of this section; (2) Is escorted by an employee or agent who has successfully completed one of the checks in paragraph (b) of this section; or (3) Is authorized to serve as law enforcement personnel at that location. (d) Operators must comply with the requirements of this section not later than November 22, 2006. 0 20. Amend Sec. 1544.229 by adding introductory text, and revising paragraph (a)(1)(iii) to read as follows: Sec. 1544.229 Fingerprint-based criminal history records checks (CHRC): Unescorted access authority, authority to perform screening functions, and authority to perform checked baggage or cargo functions. This section applies to each aircraft operator operating under a full program, a private charter program, or a full all-cargo program. (a) * * * (1) * * * (iii) Each individual granted authority to perform the following screening functions at locations within the United States (referred to as ``authority to perform screening functions''): (A) Screening passengers or property that will be carried in a cabin of an aircraft of an aircraft operator required to screen passengers under this part. (B) Serving as an immediate supervisor (checkpoint security supervisor (CSS)), and the next supervisory level (shift or site supervisor), to those individuals described in paragraphs (a)(1)(iii)(A) or (a)(1)(iii)(C) of this section. (C) Screening cargo that will be carried on an aircraft of an aircraft operator with a full all-cargo program. * * * * * 0 21. Add a new Sec. 1544.239 to read as follows: Sec. 1544.239 Known shipper program. This section applies to each aircraft operator operating under a full program under Sec. 1544.101(a) of this part and to each aircraft operator with a TSA security program approved for transfer of cargo to an aircraft operator with a full program or a foreign air carrier under paragraphs Sec. 1546.101(a) or (b) of this chapter. (a) For cargo to be loaded on its aircraft in the United States, each aircraft operator must have and carry out a known shipper program in accordance with its security program. The program must-- (1) Determine the shipper's validity and integrity as provided in the security program; (2) Provide that the aircraft operator will separate known shipper cargo from unknown shipper cargo; and (3) Provide for the aircraft operator to ensure that cargo is screened or inspected as set forth in its security program. (b) When required by TSA, each aircraft operator must submit in a form and manner acceptable to TSA-- (1) Information identified in its security program regarding a known shipper, or an applicant for that status; and (2) Corrections and updates of this information upon learning of a change to the information specified in paragraph (b)(1) of this section. PART 1546--FOREIGN AIR CARRIER SECURITY 0 22. The authority citation for part 1546 continues to read as follows: Authority: 49 U.S.C. 114, 5103, 40113, 44901-44905, 44907, 44914, 44916-44917, 44935-44936, 44942, 46105. 0 23. Amend Sec. 1546.3 by adding new paragraph (c) to read as follows: Sec. 1546.3 TSA inspection authority. * * * * * (c) TSA may enter and be present within secured areas, AOAs, SIDAs, and other areas where security measures required by TSA are carried out, without access media or identification media issued or approved by an airport operator or aircraft operator, in order to inspect or test compliance, or perform other such duties as TSA may direct. 0 24. Amend Sec. 1546.101 by revising the introductory text and paragraph (a), and by adding new paragraphs (e) and (f) to read as follows: Sec. 1546.101 Adoption and implementation. Each foreign air carrier landing or taking off in the United States must adopt and carry out, for each scheduled and public charter passenger operation or all-cargo operation, a security program that meets the requirements of-- (a) Section 1546.103(b) and subparts C, D, and E of this part for each operation with an aircraft having a passenger seating configuration of 61 or more seats; * * * * * (e) Sections 1546.103(b)(2) and (b)(4), 1546.202, 1546.205(a), (b), (c), (d), (e), and (f), 1546.207, 1546.211, 1546.213, and 1546.301 for each all-cargo operation with an aircraft having a maximum certificated take-off weight more than 45,500 kg (100,309.3 lbs.); and [[Page 30512]] (f) Sections 1546.103(b)(2) and (b)(4), 1546.202, 1546.205(a), (b), (d), and (f), 1546.211, and 1546.301 for each all-cargo operation with an aircraft having a maximum certificated take-off weight more than 12,500 pounds but not more than 45,500 kg (100,309.3 lbs.). 0 25. Amend Sec. 1546.103 by revising paragraph (a)(1) and paragraph (b) introductory text to read as follows: Sec. 1546.103 Form, content, and availability of security program. (a) * * * (1) Acceptable to TSA. A foreign air carrier's security program is acceptable only if TSA finds that the security program provides a level of protection similar to the level of protection provided by U.S. aircraft operators serving the same airports. Foreign air carriers must employ procedures equivalent to those required of U.S. aircraft operators serving the same airport, if TSA determines that such procedures are necessary to provide a similar level of protection. * * * * * (b) Content of security program. Each security program required by Sec. 1546.101(a), (b), (c), (e), or (f) must be designed to-- * * * * * 0 26. Add a new Sec. 1546.202 to read as follows: Sec. 1546.202 Persons and property onboard the aircraft. Each foreign air carrier operating under Sec. 1546.101(e) or (f) must apply the security measures in its security program for persons who board the aircraft for transportation, and for their property, to prevent or deter the carriage of any unauthorized persons, and any unauthorized weapons, explosives, incendiaries, and other destructive devices, items, or substances. 0 27. Revise Sec. 1546.205 to read as follows: Sec. 1546.205 Acceptance and screening of cargo. (a) Preventing or deterring the carriage of any explosive or incendiary. Each foreign air carrier operating a program under Sec. 1546.101(a), (b), (e), or (f) must use the procedures, facilities, and equipment described in its security program to prevent or deter the carriage of any unauthorized person, and any unauthorized explosive, incendiary, and other destructive substance or item in cargo onboard an aircraft. (b) Refusal to transport. Each foreign air carrier operating a program under Sec. 1546.101(a), (b), (e), or (f) must refuse to transport any cargo, if the shipper does not consent to a search or inspection of that cargo in accordance with the system prescribed by this part. (c) Control. Each foreign air carrier operating a program under Sec. 1546.101(a), (b), or (e) must use the procedures in its security program to control cargo that it accepts for transport on an aircraft in a manner that-- (1) Prevents the carriage of any unauthorized person, and any unauthorized explosive, incendiary, and other destructive substance or item onboard the aircraft. (2) Prevents access by unauthorized persons other than an authorized foreign air carrier employee or agent, or persons authorized by the airport operator or host government. (d) Screening and inspection of cargo in the United States. Each foreign air carrier operating a program under Sec. 1546.101(a), (b), (e), or (f) must ensure that, as required in its security program, cargo is screened and inspected for any unauthorized persons, and any unauthorized explosives, incendiaries, and other destructive substances or items as provided in the foreign air carrier's security program, and Sec. 1546.207, and as provided in Sec. 1546.213 for operations under Sec. 1546.101(a) or (b) before loading it on its aircraft in the United States. (e) Acceptance of cargo in the United States only from specified persons. Each foreign air carrier operating a program under Sec. 1546.101(a), (b), or (e) of this part may accept cargo in the United States only from the shipper, or from an aircraft operator, foreign air carrier, or indirect air carrier operating under a security program under this chapter with a comparable cargo security program as provided in its security program. (f) Acceptance of cargo to be loaded for transport to the United States. Each foreign air carrier subject to this part that accepts cargo to be loaded on its aircraft for transport to the United States must carry out the requirements of its security program. 0 28. Add a new Sec. 1546.213 to read as follows: Sec. 1546.213 Access to cargo: Security threat assessments for cargo personnel in the United States. This section applies in the United States to each foreign air carrier operating under Sec. 1546.101(a), (b), or (e). (a) This section applies to each employee or agent in the United States whom the foreign air carrier authorizes to have unescorted access to cargo from the time-- (1) The cargo reaches a location where a foreign air carrier operating under Sec. 1546.101(e) consolidates or inspects it pursuant to security program requirements, until the cargo enters an airport Security Identification Display Area or is transferred to another TSA- regulated aircraft operator, foreign air carrier, or indirect air carrier, or (2) A foreign air carrier under Sec. 1546.101(a) or (b) accepts the cargo, until the cargo-- (i) Enters an airport Security Identification Display Area; (ii) Is removed from the destination airport; or (iii) Is transferred to another TSA-regulated aircraft operator, foreign air carrier, or indirect air carrier. (b) Before a foreign air carrier authorizes, and before an employee or agent gains, unescorted access to cargo as described in paragraph (a) of this section, each employee or agent must successfully complete one of the following: (1) A criminal history records check under Sec. Sec. 1542.209, 1544.229, or 1544.230 of this chapter, if the employee or agent is otherwise required to undergo that check. (2) A Security Threat Assessment under part 1540 subpart C of this chapter. An employee or agent who has successfully completed this Security Threat Assessment for one employer need not complete it for another employer, if the employee or agent has been continuously employed in a position that requires a Security Threat Assessment. (3) Another Security Threat Assessment approved by TSA as comparable to paragraphs (b)(1) or (2) of this section. (c) Each foreign air carrier must ensure that each individual who has access to its cargo-- (1) Has successfully completed one of the checks in paragraph (b) of this section; (2) Is escorted by an employee or agent who has successfully completed one of the checks in paragraph (b) of this section; or (3) Is authorized to serve as law enforcement personnel at that location. (d) Operators must comply with the requirements of this section not later than November 22, 2006. 0 29. Add a new Sec. 1546.215 to read as follows: Sec. 1546.215 Known shipper program. This section applies to each foreign air carrier operating a program under Sec. 1546.101(a) or (b). (a) For cargo to be loaded on its aircraft in the United States, each foreign air carrier must have and carry out a known shipper program in accordance with its security program. The program must-- [[Page 30513]] (1) Determine the shipper's validity and integrity as provided in the foreign air carrier's security program; (2) Provide that the foreign air carrier will separate known shipper cargo from unknown shipper cargo; and (3) Provide for the foreign air carrier to ensure that cargo is screened or inspected as set forth in its security program. (b) When required by TSA, each foreign air carrier must submit in a form and manner acceptable to TSA-- (1) Information identified in its security program regarding an applicant to be a known shipper or a known shipper; and (2) Corrections and updates to the information upon learning of a change to the information specified in paragraph (b)(1) of this section. 0 30. Amend Sec. 1546.301 by revising the introductory text to read as follows: Sec. 1546.301 Bomb or air piracy threats. No foreign air carrier may land or take off an airplane in the United States after receiving a bomb or air piracy threat against that airplane, unless the following actions are taken: * * * * * PART 1548--INDIRECT AIR CARRIER SECURITY 0 31. The authority citation for part 1548 continues to read as follows: Authority: 49 U.S.C. 114, 5103, 40113, 44901-44905, 44913-44914, 44916-44917, 44932, 44935-44936, 46105. 0 32. Amend Sec. 1548.3 by adding new paragraph (c) to read as follows: Sec. 1548.3 TSA inspection authority. * * * * * (c) TSA may enter and be present within areas where security measures required by TSA are carried out without access media or identification media issued or approved by the indirect air carrier, an airport operator, or aircraft operator, in order to inspect or test compliance, or perform other such duties as TSA may direct. 0 33. Amend Sec. 1548.5 by revising paragraphs (a), (b), and (c) to read as follows: Sec. 1548.5 Adoption and implementation of the security program. (a) Security program required. No indirect air carrier may offer cargo to an aircraft operator operating under a full program or a full all-cargo program specified in part 1544 of this subchapter, or to a foreign air carrier operating under a program under Sec. 1546.101(a), (b), or (e) of this subchapter, unless that indirect air carrier has and carries out an approved security program under this part. Each indirect air carrier that does not currently hold a security program under part 1548, and that offers cargo to an aircraft operator operating under a full all-cargo program or a comparable operation by a foreign air carrier must comply with this section not later than November 22, 2006. (b) General requirements. (1) The security program must provide for the security of the aircraft, as well as that of persons and property traveling in air transportation against acts of criminal violence and air piracy and against the introduction into the aircraft of any unauthorized person, and any unauthorized explosive, incendiary, and other destructive substance or item as provided in the indirect air carrier's security program. This requirement applies-- (i) From the time the indirect air carrier accepts the cargo to the time it transfers the cargo to an entity that is not an employee or agent of the indirect air carrier; (ii) While the cargo is stored, en route, or otherwise being handled by an employee or agent of the indirect air carrier; and (iii) Regardless of whether the indirect air carrier has or ever had physical possession of the cargo. (2) The indirect air carrier must ensure that its employees and agents carry out the requirements of this chapter and the indirect air carrier's security program. (c) Content. Each security program under this part must-- (1) Be designed to prevent or deter the introduction of any unauthorized person, and any unauthorized explosive, incendiary, and other destructive substance or item onto an aircraft. (2) Include the procedures and description of the facilities and equipment used to comply with the requirements of Sec. Sec. 1548.9 and 1548.17 regarding the acceptance and offering of cargo. (3) Include the procedures and syllabi used to accomplish the training required under Sec. 1548.11 of persons who accept, handle, transport, or deliver cargo on behalf of the indirect air carrier. * * * * * 0 34. Revise Sec. 1548.7 to read as follows: Sec. 1548.7 Approval, amendment, annual renewal, and withdrawal of approval of the security program. (a) Original Application--(1) Application. The applicant must apply for a security program in a form and a manner prescribed by TSA not less than 90 calendar days before the applicant intends to begin operations. The application must be in writing and include: (i) The business name; other names, including doing business as; state of incorporation, if applicable; and tax identification number. (ii) The applicant names, addresses, and dates of birth of each proprietor, general partner, officer, director, and owner identified under Sec. 1548.16. (iii) A signed statement from each person listed in paragraph (a)(1)(ii) of this section stating whether he or she has been a proprietor, general partner, officer, director, or owner of an IAC that had its security program withdrawn by TSA. (iv) Copies of government-issued identification of persons listed in paragraph (a)(1)(ii) of this section. (v) Addresses of all business locations in the United States. (vi) A statement declaring whether the business is a ``'small business''' pursuant to section 3 of the Small Business Act (15 U.S.C. 632). (vii) A statement acknowledging and ensuring that each employee and agent of the indirect air carrier, who is subject to training under Sec. 1548.11, will have successfully completed the training outlined in its security program before performing security-related duties. (viii) Other information requested by TSA concerning Security Threat Assessments. (ix) A statement acknowledging and ensuring that each employee and agent will successfully complete a Security Threat Assessment under Sec. 1548.15 before authorizing the individual to have unescorted access to cargo. (2) Approval. TSA will approve the security program by providing the indirect air carrier with the Indirect Air Carrier Standard Security Program and any Security Directive upon determining that-- (i) The indirect air carrier has met the requirements of this part, its security program, and any applicable Security Directive; (ii) The approval of its security program is not contrary to the interests of security and the public interest; and (iii) The indirect air carrier has not held a security program that was withdrawn within the previous year, unless otherwise authorized by TSA. (3) Commencement of operations. The indirect air carrier may operate under a security program when it meets all requirements, including but not limited to successful completion of training and Security Threat Assessments by relevant personnel. [[Page 30514]] (4) Duration of security program. The security program will remain effective until the end of the calendar month one year after the month it was approved. (5) Requirement to report changes in information. Each indirect air carrier with an approved security program under this part must notify TSA, in a form and manner approved by TSA, of any changes to the information submitted during its initial application. (i) This notification must be submitted to the designated official not later than 30 days after the date the change occurred. (ii) Changes included in the requirement of this paragraph include, but are not limited to, changes in the indirect air carrier's contact information, owners, business addresses and locations, and form of business entity. (b) Renewal Application. Upon timely submittal of an application for renewal, and unless and until TSA denies the application, the indirect air carrier's approved security program remains in effect. (1) Unless otherwise authorized by TSA, each indirect air carrier that has a security program under this part must timely submit to TSA, at least 30 calendar days prior to the first day of the anniversary month of initial approval of its security program, an application for renewal of its security program in a form and a manner approved by TSA. (2) The application for renewal must be in writing and include a signed statement that the indirect air carrier has reviewed and ensures the continuing accuracy of the contents of its initial application for a security program, subsequent renewal applications, or other submissions to TSA confirming a change of information and noting the date such applications and submissions were sent to TSA, including the following certification: [Name of indirect air carrier] (hereinafter ``the IAC'') has adopted and is currently carrying out a security program in accordance with the Transportation Security Regulations as originally approved on [Insert date of TSA initial approval]. In accordance with TSA regulations, the IAC has notified TSA of any new or changed information required for the IAC's initial security program. If new or changed information is being submitted to TSA as part of this application for reapproval, that information is stated in this filing. The IAC understands that intentional falsification of certification to an air carrier or to TSA may be subject to both civil and criminal penalties under 49 CFR 1540 and 1548 and 18 U.S.C. 1001. Failure to notify TSA of any new or changed information required for initial approval of the IAC's security program in a timely fashion and in a form acceptable to TSA may result in withdrawal by TSA of approval of the IAC's security program. (3) TSA will renew approval of the security program if TSA determines that-- (i) The indirect air carrier has met the requirements of this chapter, its security program, and any Security Directive; and (ii) The renewal of its security program is not contrary to the interests of security and the public interest. (4) If TSA determines that the indirect air carrier meets the requirements of paragraph (b)(3) of this section, it will renew the indirect air carrier's security program. The security program will remain effective until the end of the calendar month one year after the month it was renewed. (c) Amendment requested by an indirect air carrier or applicant. An indirect air carrier or applicant may file a request for an amendment to its security program with the TSA designated official at least 45 calendar days before the date it proposes for the amendment to become effective, unless the designated official allows a shorter period. Any indirect air carrier may submit a group proposal for an amendment that is on behalf of it and other indirect air carriers that co-sign the proposal. (1) Within 30 calendar days after receiving a proposed amendment, the designated official, in writing, either approves or denies the request to amend. (2) An amendment to an indirect air carrier security program may be approved, if the designated official determines that safety and the public interest will allow it, and if the proposed amendment provides the level of security required under this part. (3) Within 30 calendar days after receiving a denial of the proposed amendment, the indirect air carrier may petition TSA to reconsider the denial. A petition for reconsideration must be filed with the designated official. (4) Upon receipt of a petition for reconsideration, the designated official either approves the request to amend or transmits the petition, together with any pertinent information, to the TSA for reconsideration. TSA will dispose of the petition within 30 calendar days of receipt by either directing the designated official to approve the amendment or by affirming the denial. (d) Amendment by TSA. TSA may amend a security program in the interest of safety and the public interest, as follows: (1) TSA notifies the indirect air carrier, in writing, of the proposed amendment, fixing a period of not less than 30 calendar days within which the indirect air carrier may submit written information, views, and arguments on the amendment. (2) After considering all relevant material, the designated official notifies the indirect air carrier of any amendment adopted or rescinds the notice of amendment. If the amendment is adopted, it becomes effective not less than 30 calendar days after the indirect air carrier receives the notice of amendment, unless the indirect air carrier disagrees with the proposed amendment and petitions the TSA to reconsider, no later than 15 calendar days before the effective date of the amendment. The indirect air carrier must send the petition for reconsideration to the designated official. A timely petition for reconsideration stays the effective date of the amendment. (3) Upon receipt of a petition for reconsideration, the designated official either amends or withdraws the notice of amendment, or transmits the petition, together with any pertinent information, to TSA for reconsideration. TSA disposes of the petition within 30 calendar days of receipt, either by directing the designated official to withdraw or amend the notice of amendment, or by affirming the notice of amendment. (e) Emergency Amendments. (1) If TSA finds that there is an emergency requiring immediate action, with respect to aviation security that makes procedures in this section contrary to the public interest, the designated official may issue an emergency amendment, without the prior notice and comment procedures described in paragraph (d) of this section. (2) The emergency amendment is effective without stay on the date the indirect air carrier receives notification. TSA will incorporate in the notification a brief statement of the reasons and findings for the emergency amendment to be adopted. (3) The indirect air carrier may file a petition for reconsideration with the TSA no later than 15 calendar days after TSA issued the emergency amendment. The indirect air carrier must send the petition for reconsideration to the designated official; however, the filing does not stay the effective date of the emergency amendment. (f) Withdrawal of approval of a security program. TSA may withdraw the approval of the indirect air carrier's security program, if TSA determines [[Page 30515]] continued operation is contrary to safety and the public interest, as follows: (1) Notice of proposed withdrawal of approval. The designated official will serve a notice of proposed withdrawal of approval, which notifies the indirect air carrier, in writing, of the facts, charges, and applicable law, regulation, or order that form the basis for the determination. (2) Indirect air carrier reply. The indirect air carrier may respond to the notice of proposed withdrawal of approval no later than 15 calendar days after receipt of the withdrawal by providing the designated official, in writing, with any material facts, arguments, applicable law, and regulation. (3) TSA review. The designated official will consider all information available, including any relevant material or information submitted by the indirect air carrier, before either issuing a withdrawal of approval of the indirect air carrier's security program or rescinding the notice of proposed withdrawal of approval. If TSA issues a withdrawal of approval, it becomes effective upon receipt by the indirect air carrier, or 15 calendar days after service, whichever occurs first. (4) Petition for reconsideration. The indirect air carrier may petition the TSA to reconsider the withdrawal of approval by serving a petition for consideration no later than 15 calendar days after the indirect air carrier receives the withdrawal of approval. The indirect air carrier must serve the petition for reconsideration on the designated official. Submission of a petition for reconsideration will not automatically stay the withdrawal of approval. The indirect air carrier may request the designated official to stay the withdrawal of approval pending consideration of the petition. (5) Assistant Secretary's review. The designated official transmits the petition together with all pertinent information to the Assistant Secretary for reconsideration. The Assistant Secretary will dispose of the petition within 15 calendar days of receipt by either directing the designated official to rescind the withdrawal of approval or by affirming the withdrawal of approval. The decision of the Assistant Secretary is a final order subject to judicial review in accordance with 49 U.S.C. 46110. (6) Emergency withdrawal. If TSA finds that there is an emergency requiring immediate action, with respect to aviation security that makes procedures in this section contrary to the public interest, the designated official may issue an emergency withdrawal of the indirect air carrier's security program, without first issuing a notice of proposed withdrawal, effective without stay on the date that the indirect air carrier receives notice of the emergency withdrawal. In such a case, the designated official will send the indirect air carrier a brief statement of the facts, charges, and applicable law, regulation, or order that forms the basis for the emergency withdrawal. The indirect air carrier may submit a petition for reconsideration under the procedures in paragraphs (f)(2) through (f)(5) of this section; however, this petition will not stay the effective date of the emergency withdrawal. (g) Service of documents for withdrawal of approval of security program proceedings. Service may be accomplished by personal delivery, certified mail, or express courier. Documents served on an indirect air carrier will be served at the indirect air carrier's official place of business as designated in its application for approval or its security program. Documents served on TSA must be served to the address noted in the notice of withdrawal of approval or withdrawal of approval, whichever is applicable. (1) Certificate of service. An individual may attach a certificate of service to a document tendered for filing. A certificate of service must consist of a statement, dated and signed by the person filing the document, that the document was personally delivered, served by certified mail on a specific date, or served by express courier on a specific date. (2) Date of service. The date of service will be-- (i) The date of personal delivery; (ii) If served by certified mail, the mailing date shown on the certificate of service, the date shown on the postmark, if there is no certificate of service, or other mailing date shown by other evidence if there is no certificate of service or postmark; or (iii) If served by express courier, the service date shown on the certificate of service, or by other evidence if there is no certificate of service. (h) Extension of time. TSA may grant an extension of time of the limits set forth in this section for good cause shown. An indirect air carrier's request for an extension of time must be in writing and be received by TSA at least 2 days before the due date to be extended. TSA may grant itself an extension of time for good cause. 0 35. Revise Sec. 1548.9 to read as follows: Sec. 1548.9 Acceptance of cargo. (a) Preventing or deterring the carriage of any explosive or incendiary. Each indirect air carrier must use the facilities, equipment, and procedures described in its security program to prevent or deter the carriage onboard an aircraft of any unauthorized person, and any unauthorized explosive, incendiary, and other destructive substance or item, as provided in the indirect air carrier's security program. (b) Refusal to transport. Each indirect air carrier must refuse to offer for transport on an aircraft any cargo, if the shipper does not consent to a search or inspection of that cargo in accordance with this part, or parts 1544 or 1546 of this chapter. 0 36. Add a new Sec. 1548.11 to read as follows: Sec. 1548.11 Training and knowledge for individuals with security- related duties. (a) No indirect air carrier may use an employee or agent to perform any security-related duties to meet the requirements of its security program, unless that individual has received training, as specified in its security program, including his or her personal responsibilities in Sec. 1540.105 of this chapter. (b) Each indirect air carrier must ensure that each of its authorized employees or agents who accept, handle, transport, or deliver cargo have knowledge of the-- (1) Applicable provisions of this part; (2) Applicable Security Directives and Information Circulars; (3) The approved airport security program(s) applicable to their location(s); and (4) The aircraft operator's or indirect air carrier's security program, to the extent necessary in order to perform their duties. (c) Each indirect air carrier must ensure that each of its authorized employees or agents under paragraph (b) of this section successfully completes recurrent training at least annually on their individual responsibilities in-- (1) Section 1540.105 of this chapter; (2) The applicable provisions of this part; (3) Applicable Security Directives and Information Circulars; (4) The approved airport security program(s) applicable to their location(s); and (5) The aircraft operator's or indirect air carrier's security program, to the extent that such individuals need to know in order to perform their duties. (d) Operators must comply with the requirements of this section by November 22, 2006. 0 37. Add a new Sec. 1548.13 to read as follows: [[Page 30516]] Sec. 1548.13 Security coordinators. Each indirect air carrier must designate and use an Indirect Air Carrier Security Coordinator (IACSC). The IACSC and alternates must be appointed at the corporate level and must serve as the indirect air carrier's primary contact for security-related activities and communications with TSA, as set forth in the security program. Either the IACSC or an alternate IACSC must be available on a 24-hour basis. 0 38. Add a new Sec. 1548.15 to read as follows: Sec. 1548.15 Access to Cargo: Security threat assessments for individuals having unescorted access to cargo. This section applies to each indirect air carrier operating under this part. (a) This section applies to each employee or agent the indirect air carrier authorizes to have unescorted access to cargo from the time-- (1) Cargo to be transported on an aircraft operated by an aircraft operator with a full all-cargo program under Sec. 1544.101(h) of this chapter, or by a foreign air carrier under Sec. 1546.101(e) of this chapter, reaches an indirect air carrier facility where the indirect air carrier consolidates or holds the cargo until the indirect air carrier transfers the cargo to an aircraft operator or foreign air carrier, or (2) Cargo to be transported on an aircraft operated by an aircraft operator with a full program or by a foreign air carrier under Sec. 1546.101(a) or (b) of this chapter, is accepted by the indirect air carrier. (b) Before an indirect air carrier authorizes, and before an employee or agent gains, unescorted access to cargo as described in paragraph (a) of this section, each employee or agent must successfully complete one of the following: (1) A criminal history records check under Sec. Sec. 1542.209, 1544.229, or 1544.230 of this chapter, if the individual is otherwise required to undergo that check. (2) A Security Threat Assessment under part 1540 subpart C of this chapter. An employee or agent who has successfully completed this Security Threat Assessment for one employer need not complete it for another employer if the employee or agent has been continuously employed in a position that requires a Security Threat Assessment. (3) Another Security Threat Assessment approved by TSA as comparable to paragraphs (b)(1) or (b)(2) of this section. (c) Each indirect air carrier must ensure that each individual who has access to its cargo-- (1) Has successfully completed one of the checks in paragraph (b) of this section; (2) Is escorted by a person who has successfully completed one of the checks in paragraph (b) of this section; or (3) Is authorized to serve as law enforcement personnel at that location. (d) Operators must comply with the requirements of this section not later than November 22, 2006. 0 39. Add a new Sec. 1548.16 to read as follows: Sec. 1548.16 Security threat assessments for each proprietor, general partner, officer, director, and certain owners of the entity. (a) Each indirect air carrier, or applicant to be an indirect air carrier, must ensure that each proprietor, general partner, officer, director, and owner of the entity has successfully completed a Security Threat Assessment under part 1540 subpart C of this chapter. Each indirect air carrier must comply with the requirements of this section not later than November 22, 2006. (b) For purposes of this section, owner means-- (1) A person who directly or indirectly owns, controls, or has power to vote 25 percent or more of any class of voting securities or other voting interests of an IAC or applicant to be an IAC; or (2) A person who directly or indirectly controls in any manner the election of a majority of the directors (or individuals exercising similar functions) of an IAC, or applicant to be an IAC. (c) For purposes of this definition of owner-- (1) Members of the same family must be considered to be one person. (i) Same family means parents, spouses, children, siblings, uncles, aunts, grandparents, grandchildren, first cousins, stepchildren, stepsiblings, and parents-in-law, and spouses of any of the foregoing. (ii) Each member of the same family, who has an ownership interest in an IAC, or an applicant to be an IAC, must be identified if the family is an owner as a result of aggregating the ownership interests of the members of the family. (iii) In determining the ownership of interests of the same family, any voting interest of any family member must be taken into account. (2) Voting securities or other voting interests means securities or other interests that entitle the holder to vote for or select directors (or individuals exercising similar functions). 0 40. Add a new Sec. 1548.17 to read as follows: Sec. 1548.17 Known shipper program. This section applies to cargo that an indirect air carrier offers to an aircraft operator operating under a full program under Sec. 1544.101(a) of this chapter, or to a foreign air carrier operating under Sec. 1546.101(a) or (b) of this chapter. (a) For cargo to be loaded on aircraft in the United States, each indirect air carrier must have and carry out a known shipper program in accordance with its security program. The program must-- (1) Determine the shipper's validity and integrity as provided in its security program; (2) Provide that the indirect air carrier will separate known shipper cargo from unknown shipper cargo. (b) When required by TSA, each indirect air carrier must submit to TSA, in a form and manner acceptable to TSA-- (1) Information identified in its security program regarding an applicant to be a known shipper or a known shipper; and (2) Corrections and updates of this information upon learning of a change to the information specified in paragraph (b)(1) of this section. 0 41. Add a new Sec. 1548.19 to read as follows: Sec. 1548.19 Security Directives and Information Circulars. (a) TSA may issue an Information Circular to notify indirect air carriers of security concerns. (b) When TSA determines that additional security measures are necessary to respond to a threat assessment, or to a specific threat against civil aviation, TSA issues a Security Directive setting forth mandatory measures. (1) Each indirect air carrier that is required to have an approved indirect air carrier security program must comply with each Security Directive that TSA issues to it, within the time prescribed in the Security Directive for compliance. (2) Each indirect air carrier that receives a Security Directive must comply with the following: (i) Within the time prescribed in the Security Directive, acknowledge in writing receipt of the Security Directive to TSA. (ii) Within the time prescribed in the Security Directive, specify the method by which the measures in the Security Directive have been implemented (or will be implemented, if the Security Directive is not yet effective). (3) In the event that the indirect air carrier is unable to implement the [[Page 30517]] measures in the Security Directive, the indirect air carrier must submit proposed alternative measures and the basis for submitting the alternative measures to TSA for approval. (i) The indirect air carrier must submit the proposed alternative measures within the time prescribed in the Security Directive. (ii) The indirect air carrier must implement any alternative measures approved by TSA. (4) Each indirect air carrier that receives a Security Directive may comment on it by submitting data, views, or arguments in writing to TSA. (i) TSA may amend the Security Directive based on comments received. (ii) Submission of a comment does not delay the effective date of the Security Directive. (5) Each indirect air carrier that receives a Security Directive or Information Circular, and each person who receives information from a Security Directive or Information Circular, must: (i) Restrict the availability of the Security Directive or Information Circular, and information contained in either document, to those persons with a need-to-know. (ii) Refuse to release the Security Directive or Information Circular, and information contained in either document, to persons other than those with a need-to-know without the prior written consent of TSA. Issued in Arlington, Virginia, on May 17, 2006. Kip Hawley, Assistant Secretary. [FR Doc. 06-4800 Filed 5-25-06; 8:45 am] BILLING CODE 9110-05-P