HR 5175 Introduced – Pipeline Security

Last week Rep. Upton (R,MI) introduced HR 5175, the Pipeline and LNG Facility Cybersecurity Preparedness Act. The bill would require the Secretary of Energy to establish policies and procedures for the physical security and cybersecurity for pipelines and liquefied natural gas facilities.

Requirements

The bill would require the Secretary to {§2}:

• Establish policies and procedures to coordinate Federal agencies, States, and the energy sector to ensure the security, resiliency, and survivability of natural gas pipelines (including natural gas transmission and distribution pipelines), hazardous liquid pipelines, and liquefied natural gas facilities;

• Coordinate response and recovery by Federal agencies, States, and the energy sector, to physical incidents and cyber incidents impacting the energy sector;

• Develop advanced cybersecurity applications and technologies for natural gas pipelines (including natural gas transmission and distribution pipelines), hazardous liquid pipelines, and liquefied natural gas facilities;

• Perform pilot demonstration projects relating to physical security and cybersecurity for natural gas pipelines (including natural gas transmission and distribution pipelines), hazardous liquid pipelines, and liquefied natural gas facilities with representatives of the energy sector;

• Develop workforce development curricula for the energy sector relating to physical security and cybersecurity for natural gas pipelines (including natural gas transmission and distribution pipelines), hazardous liquid pipelines, and liquefied natural gas facilities; and

• Provide mechanisms to help the energy sector evaluate, prioritize, and improve physical security and cybersecurity capabilities for natural gas pipelines (including natural gas transmission and distribution pipelines), hazardous liquid pipelines, and liquefied natural gas facilities.

Moving Forward

Upton is the Chair of the Energy Subcommittee of the House Energy and Commerce Committee. The bill is scheduled for markup on Wednesday. The bill will probably pass in both the Subcommittee and subsequent full Committee markup with substantial bipartisan support.

The main problem with this bill is that there will likely be substantial opposition from the Chair of the Homeland Security Committee since the Transportation Security Administration (over which Homeland Security has jurisdiction) already has official responsibility for security of pipeline operations. Not that the TSA has done much (nor have they been authorized to do much) about pipeline security beyond publishing security guidelines and conducting courtesy (without enforcement authority) inspections.

There is also likely to be opposition from the Transportation and Infrastructure Committee since that Committee has jurisdiction over the DOT’s Pipeline and Hazardous Material Safety Administration’s oversight of the safe operations of the pipelines covered in this bill. Many of the provisions of this bill directly impact safe operations as well as secure operations.

These intra-party conflicts between committee chairs will probably prevent this bill from reaching the floor of the House.

Commentary

This is another apple pie and motherhood bill that ‘shows’ that Congress is taking pipeline security (specifically including cybersecurity) seriously without allowing the executive branch to issue any regulations that would require industry to comply. It would eventually allow industry to work with DOE in the establishment of the policies and procedures without having to worry about spending a penny more than they thought necessary for protecting their investments.

The other major problem with this bill is that there is no authorization of funds or personnel to carry out these objectives. While it may be possible to establish ‘policies and procedures’ with no additional funding (as long as you have no timetable to meet), the development of ‘advanced cybersecurity applications and technologies’ requires unique expertise and research funding. Anything that is done in this area (and work does need to be done) will come at the expense of other DOE programs.