Reader Comment 08-04-10 Chlorine Security

Yesterday, Jeff Sloan, Senior Director, Chlorine Chemistry Division, American Chemistry Council, posted a comment about my earlier blog about chlorine theft scenarios. As one would expect he expressed some concern that my comments “may leave a false impression that government-mandated security measures are the only security measures in place”. He went on to explain that many of the security the measures that members of the ACC had undertaken to protect facilities that produce or utilize chlorine predated the CFATS regulations. He also noted that the Chlorine Institute had developed chlorine specific security measures to be used by such facilities. While much of what Sloan writes is part of the standard ACC response to questions about chemical facility security (including the “invested $8 billion to enhance security at facilities across the country” that probably needs to be updated for a surely higher value after the CFATS efforts are added), his tone is not defensive and he does make a number of important points about industry security efforts. After all, they don’t want their facilities attacked any more than their neighbors do. We could certainly discuss the nuances of the security codes of Responsible Care® or similar programs under SOCMA, NPRA, NCDA, or other major chemical organizations, but I think that those groups (and their member companies) have taken significant efforts to enhance the security of their covered facilities. We could certainly find shortcomings in all of those programs (there is no perfect security program after all), but industry is to be commended on the fact that they implemented these programs absent any government mandate to do so. The point that all of these organizations ignore in their defense of the security programs at member facilities is that they all represent voluntary associations. No one requires chemical facilities to be members of these groups. If facility management finds the security standards burdensome or inconvenient they either ignore those standards, or (where these organizations mandate acceptance/compliance) they cancel their membership. And many facilities never become members of these organizations in the first place. I am much more concerned about chemical security (and environmental and safety compliance issues) at the facilities that are not part of these major organizations. Most of these facilities are smaller organizations that don’t have the requisite on-staff expertise to establish and maintain adequate security measures. Most of these facilities will want to maintain at least a minimum level of security to protect their business interests, but they won’t have the knowledge base to understand the security risks and how to respond to them. In my discussion of the potential for chlorine theft I pointed out that many of these facilities will not fall under the CFATS regulations because DHS made a conscious decision not to include a significant number of facilities that would have less than 500 lbs of chlorine gas on-site. In many ways I understand the reasoning; DHS would just not have the resources to enforce the CFATS regulations at all of those facilities (or all of the facilities with less than 60,000 lbs of propane on site). The good folks at the understaffed and underfunded ISCD are having a hard enough time getting through the SSP inspection/validation process at Tier 1 facilities. They certainly don’t need hundreds of additional Tier 4 facilities to worry about as well. That will be of little comfort to the casualties of a chlorine-based attack like I described in that earlier blog. I don’t have an answer, but it is certainly a problem that the security community and the chemical community need to consider. I was very happy to see Jeff Sloan close out his comment by saying “I would welcome further discussion of this issue.” Further discussion is certainly needed.