HR 6992 Introduced – CFATS Reauthorization

Last month Rep. Katko (R,NY) introduced HR 6992, the Protecting and Securing Chemical Facilities from Terrorist Attacks Act of 2018. This is a significant re-write of the Senate bill of the same name (S 3405).

Major Changes from S 3405

There were three major changes made in crafting this new bill. Two sections found in S 3405 were deleted and one new section was added.

The removed sections were:

§3 – Risk-based performance standards (removed cybersecurity RBPS); and

§11 – Small covered chemical facilities (also removed cybersecurity requirements)

The added section (§9 in new bill) deals with products and mixtures containing DHS chemicals of interest. It would require DHS to set up process for facilities to request specific non-hazardous mixtures be exempt from COI reporting requirements.

There were some changes to the CFATS recognition program that I will address in a future post. Similarly, changes were made in the following sections:

§2 Definitions;

§5 Frequency of audits and inspections;

§7 Security risk assessment approach and corresponding tiering methodology;

§8 Security risk assessment approach and corresponding tiering methodology;

§13 Assessment, report, briefing, and updated retrospective estimate on costs;

Moving Forward

Katko and one of his six cosponsors {Rep. Fitzpatrick (R,PA)} are members of the House Homeland Security Committee; one of the committees to which this bill was assigned for consideration. The CFATS reauthorization is a ‘must pass’ bill (unless a short term extension is added to the DHS minibus) so this bill will likely be considered in Committee after the election.

It will be interesting to see how many Democrats on the Committee support this bill that has no language addressing any of the long-standing chemical facility concerns of that party. It is odd that neither Rep. Thompson (D,MS) or Rep. Jackson-Lee (D,TX) are signed on as cosponsors of this bill. With the current Republican majority in the House (at least for the remainder of this session) their support is not needed, but they are important CFATS voices on the Committee. Even more unusual is the lack of support from Rep. Ratcliffe (R,TX) who is the Chair of the Cybersecurity and Infrastructure Protection Subcommittee; the subcommittee which oversees the CFATS program.

Commentary

I am very happy to see the changes made that allow cybersecurity to remain part of the CFATS program. I wish that there was additional language that addressed the problems that were identified in the Senate CFATS hearing earlier this year, but at this point I will be somewhat satisfied if the status quo remains the status.