FRA Notifies Railroads that SERC Notifications Will Continue

The DOT’s Federal Railroad Administration (FRA) announced today that it was sending a letter to railroads that they were going to continue to require railroads to make notifications to “State Emergency Response Commissions (SERCs) and Tribal Emergency Response Commissions (TERCs) of the expected movement of Bakken crude oil trains through individual states and tribal regions”. That requirement comes from an Emergency Order issued in May 2014 affecting all trains carrying more than million gallons of crude oil from the Bakken oil fields.

Conflict with OMB

The HHFT final rule issued by Pipeline and Hazardous Material Safety Administration (PHMSA) in May actually contained provisions that cancelled the reporting requirements from the Emergency Order effective March 31^st, 2016; the day before the railroads were to have completed their route selection requirements under the revised 49 CFR 172.820.

The FRA had notified the OMB’s Office of Information and Regulatory Affairs (OIRA) of their intent to continue this reporting requirement until a new regulation on Oil Spill Response Planning could codify the requirements when they sought routine approval of the information collection request (ICR) supporting this reporting requirement. OIRA only approved the ICR thru March 31^st of next year noting that:

“Per the joint PHMSA-FRA HHFT final rule (RIN 2137-AE91), the information collection requirements in the May 7, 2014 emergency order remain in effect until March 31, 2016. OMB is therefore approving this collection until that date. FRA may submit a request to continue this collection after soliciting public comment per the PRA's [Paperwork Reduction Act; specifically 44 USC 3506(c)] requirements.”

This does not mean, that the extension of the ICR will not be approved, but it does mean that the railroads will have another political opportunity to derail the effort.

Rail Routing Information is SSI

Because of the changes that the HHFT final rule made to §172.820 the routing information of highly-hazardous flammable trains (HHFT) is protected as Sensitive Security Information (SSI) under 49 CFR 15 and 49 CFR 1520. And the crude oil trains covered in the Emergency Order are certainly covered under the HHFT definition.

One of the reasons that railroads had objected to sharing the information required in the Emergency Order was that it was specifically not protected under SSI procedures. This left the public dissemination of that information up to the discretion of the local agency and the State rules that governed information sharing. And, as the railroads feared, much of that information was released to the public; making it accessible to people that might attempt to disrupt the flow of those trains.

The wording of §172.820(h)(2) makes it clear that the protected information is limited to the routing information not the volume or type of oil carried or the frequency with which the trains would traverse the selected routes. A close reading of the regulation would seem to indicate that the routing information does not actually become SSI until the first time that the railroads complete their route analysis under §172.820(c). That won’t officially be done until April 1^st, 2016.

The FRA could have adopted the position in today’s letter to the railroads that for the purpose of moving forward with the continued notification and updates to SERTS that the routing portion of the information provided could be classified as SSI under authority of §172.820(c), thus pre-empting State and local sunshine act or freedom of information act laws for that information. Thus, SERTS would be required to only share that information with personnel with a need to know which would certainly include local emergency response and emergency planning agencies. The FRA obviously chose not to do so, adhering to the tightest interpretation of the rule.

This will have to be an issue that FRA addresses when they go back and re-submit the ICR for and extension of the reporting requirement past March 31^st, since after that date the routing information is clearly protected from public disclosure under the banner SSI.

Congressional Hearings – Week of 04-10-15

Both the House and Senate will be back in Washington after a long two week spring break. The committee calendars are on the light side, particularly in the Senate. That may be due to slow posting of committee meetings, however. There are four hearings this week that may be of specific interest to readers of this blog: one hazmat transportation, two cybersecurity and one that will deal with MTSA activities.

DOT Regulations Update

The Subcommittee on Railroads, Pipelines, and Hazardous Materials of the House Transportation and Infrastructure Committee will be holding an oversight hearing on Tuesday on ongoing DOT rail, pipeline and hazmat rulemakings. Two acting administrators (FRA and PHMSA) and the NTSB Chair will be witnesses.

The Committee Staff has put together a nice overview document for the hearing. Topics of interest will include:

∙ Automatic and Remote-Controlled Shut-Off Valves for New Transmission Pipelines;

∙ Maximum Allowable Operating Pressure;

∙ Integrity Management;

∙ Leak Detection;

∙ DOT “High-Hazard Flammable Train” Rule;

∙ Special Permits and Approvals;

∙ Hazardous Materials Safety Permits; and

∙ Tank truck wet lines

This will probably be a pretty contentious hearing. Interesting side note; the Staff report notes that the HHFT rule is due to be published May 12^th. We will have to wait and see how that works out.

Cybersecurity Markups

This week there will be markup of two draft cybersecurity bills; both on Tuesday. The first will be another information sharing bill (National Cybersecurity Protection Advancement Act of 2015). This will be a full committee markup by the House Homeland Security Committee. The second is a breach notification bill (Data Security and Breach Notification Act of 2015). This will also be a full committee markup, this time by the House Energy and Commerce Committee and it will include two other bills so a two day hearing is scheduled.

There are some interesting differences between this bill and the other introduced earlier. It does not specifically include industrial control systems in the definition of ‘information system’, but it does specifically make the DHS ICS-CERT the agency responsible for sharing control system security information. I’ll have more information on all of these bills in a later post.

At present there is nothing in the breach notification bill that applies to control systems since it only deals with breaches where personally identifiable information is involved. I’ll watch the approved amendments to see if anything expands that to include control system information.

Coast Guard Mission

On Wednesday the Subcommittee on Coast Guard and Maritime Transportation of the House Transportation and Infrastructure Committee will be holding an oversight hearing on the mission of the Coast Guard. The only witness scheduled is Deputy Commandant for Operations. The Committee Staff has again produced an overview document.

An interesting point made in this document is that the ‘Ports, Waterways and Coastal Security’ mission of the Coast Guard is the most costly in terms of spending and ‘resource hours’. Given this fact it is interesting to note that of all Homeland Security Missions PWCS has had the history of meeting its operational metrics. In fact of the six sub-missions listed for PWCS only one had not successfully met its operations performance measures in 2013; Security Compliance Rate for High Risk Maritime Facilities (the MTSA program). It will be interesting to hear more about the problems in this program.