OMB Approves CG Final Rule on 2nd Delay of TWIC Reader Implementation

Yesterday, the OMB’s Office of Information and Regulatory Affairs (OIRA) announced that it had approved the Coast Guard’s final rule on “TWIC--Reader Requirements; Second Delay of Effective Date”. The rule was sent to OIRA on July 10^th, 2024. The notice of proposed rulemaking for this action was published on December 6^th, 2022. 

According to the Spring 2024 Unified Agenda entry for thisrulemaking:

“On August 23, 2016, the Coast Guard issued a final rule, requiring owners and operators of certain vessels and facilities regulated by the Coast Guard to conduct electronic inspections of Transportation Worker Identification Credentials (TWICs) as an access control measure (81 FR 57652).  On August 2, 2018, the TWIC Credential Accountability Act of 2018 was enacted.  It prohibited implementation of the 2016 rule until after the Coast Guard submitted a report reviewing the security value of the TWIC program.  On March 9, 2020, the Coast Guard published its first TWIC delay rule (85 FR 13493).  On December 6, 2022, the Coast Guard proposed to further delay portions of the 2016 final rule for three categories of facilities until May 8, 2026, or later depending on the outcome of the Homeland Security Operational Analysis Center (HSOAC) study and consideration of public comments.  On December 23, 2022, Congress enacted the James M. Inhofe National Defense Authorization Act for Fiscal Year 2023, which directs the Secretary not to implement the 2016 final rule for covered facilities before May 8, 2026.  On April 17, 2023, the Coast Guard published a conforming amendment rule that removed from the CFR earlier implementation dates for facilities covered by this legislation (88 FR 23349).  The Coast Guard plans to issue a final rule to respond to comments from the NPRM and address whether the implementation date should be set beyond May 8, 2026.”

OMB Approves TWIC Reader Delay Rule

Yesterday the OMB’s Office of Information and Regulatory Affairs (OIRA) announced that it had approved the Coast Guard’s final rule on TWIC Reader Requirements; Delay of Effective Date. This rule regards the use of Transportation Workers Identification Credential (TWIC) readers at a limited number of facilities that handle certain dangerous cargoes (CDCs) in bulk or receive vessels carrying CDC in bulk. The notice of proposed rulemaking for this rule was published in June of 2018.

This is remarkably quick action by OIRA as the final rule was just sent to them last week. This may mean that we will see this sooner rather than later in the Federal Register.

Senate Passes HR 5729 – TWIC Reader Delay

Yesterday the Senate passed HR 5729, the Transportation Worker Identification Credential Accountability Act of 2018. The bill was passed by unanimous consent at the end of the session; no debate and no vote.

The bill now goes to the President’s desk. There is no indication that there will be any problem with the President signing the bill.

OMB Approves TWIC Reader Delay Rule

Yesterday the OMB’s Office of Information and Regulatory Affairs (OIRA) announced that it had approved a proposed rule from the Coast Guard partially delaying the TWIC Reader Rule implementation date. According to the Unified Agenda, the delay would only apply to “certain facilities or vessels that carry or handle certain dangerous cargoes (CDCs) in bulk”.

The Trump Administration does not have a strong history of promptly publishing ‘approved’ regulations. There is no telling when this will appear in the Federal Register.

OMB Approves CG TWIC Reader Final Rule

On Saturday the OMB’s Office of Information and Regulatory Affairs (OIRA) announced their approval of the final rule for the Coast Guard’s Transportation Workers Identification Credential (TWIC) Card Reader Requirements. The final rule had been submitted to OIRA back in April. The notice of proposed rulemaking (NPRM) for this rule was published in June of 2013 and I did a series of blog posts on the public comments the CG received about the NPRM.

As I have mentioned earlier this final rule will have no effect on facilities covered by the Chemical Facility Anti-Terrorism Standards (CFATS) program as it only applies to Maritime Transportation Security Act (MTSA) covered facilities which are exempt from CFATS coverage. There is, however, an outside chance that some provisions from this rule could be included in the CFATS revisions that we are expecting to see in the not too distant (hopefully) future.

I expect that the final rule will be published in the Federal Register later this week.

CG Sends TWIC Reader Final Rule to OMB

On Saturday the OMB’s Office of Information and Regulatory Affairs (OIRA) announced that the Coast Guard had submitted their final rule on Transportation Worker Identification Credential (TWIC); Card Reader Requirements (RIN: 1625-AB21) for review. The notice of proposed rulemaking for this action was published in March 2013.

The abstract for this rulemaking listed in the Fall 2015 Unified Agenda describes the rule this way:

“The Coast Guard is establishing electronic card reader requirements for maritime facilities and vessels to be used in combination with TSA's Transportation Worker Identification Credential (TWIC). Congress enacted several statutory requirements within the Security and Accountability for Every (SAFE) Port Act of 2006 to guide regulations pertaining to TWIC readers, including the need to evaluate TSA's final pilot program report as part of the TWIC reader rulemaking. During the rulemaking process, we will take into account the final pilot data and the various conditions in which TWIC readers may be employed. For example, we will consider the types of vessels and facilities that will use TWIC readers, locations of secure and restricted areas, operational constraints, and need for accessibility. Recordkeeping requirements, amendments to security plans, and the requirement for data exchanges (i.e., Canceled Card List) between TSA and vessel or facility owners/operators will also be addressed in this rulemaking.”

While the Chemical Facility Anti-Terrorism Standards (CFATS) program is not directly affected by this rulemaking, I suspect that facilities that are using Option 3 in the CFATS personnel surety program (PSP) might want to take a look at this rulemaking when it comes out. At some point in time, the DHS Infrastructure Security Compliance Division may consider adding some or all of the requirements from this final rule to their implementation of the TWIC Readers under Option 3. That change, if it comes, would not likely take place until the second phase of the PSP is put into place to include Tier III and Tier IV facilities.

I expect that it will take a couple of months, at least, for OIRA to review and approve this rulemaking.

HR 3202 Reported in House – TWIC Assessment

Last week the House Homeland Security Committee published their report on HR 3202, the Essential Transportation Worker Identification Credential Assessment Act. The bill is now available for consideration by the Whole House and could be considered next week under suspension of the rules.

There has been some fine tuning made to the requirements for the independent report on the efficacy of the TWIC program, though nothing of major significance. It does expand the reporting requirements for the Comptroller General to include reporting on the progress made in implementing the plan developed by DHS.

There is one major change made in the reported bill. The Committee back-tracked on supporting the GAO report recommendation that the current TWIC Reader Rule be delayed until a comprehensive review of the efficacy of the TWIC program is completed. The new version of the bill adds §2(e)(2) that exempts the current rulemaking from any delay caused by this bill. The report explains that this way (pg 8 of the report):

“The Committee has been critical of the Department’s delay in issuing a final rule for the use of card readers at MTSA regulated vessels and facilities and, at this time, the Committee believes that the current card reader rule should move forward. The Committee directs DHS to incorporate the results of this comprehensive assessment into any additional rule making or changes to existing rules.”

One can certainly sympathize with the Committees impatience; the TWIC Reader Rule was supposed to be in place years ago. Of course, industry may not be too pleased with this change. The TWIC Readers are going to be expensive to install, use and maintain. If the TWIC program has to undergo major revisions because of the assessment required in this bill, the Readers may not be useful too far into the future. That assumes, of course, that Congress and DHS can act in an expeditious manner to implement any changes recommended by the study.

As I mentioned in an earlier blog post, I expect that this bill will receive substantial bipartisan support when it comes to the floor. With that in mind, I would not be surprised to see it considered early next week under suspension of the rules. That way the House would be done with it before the recess. I think the bill would have a good chance of passing in the Senate in September, even with the electioneering and short schedule.

HR 3202 Introduced – TWIC Review

As I mentioned in an earlier blog post Rep. Jackson-Lee (D,TX) introduced HR 3202, the Essential Transportation Worker Identification Credential Assessment Act. This bill would mandate an independent assessment of the Transportation Workers Identification Credential (TWIC) program.

Presumably this bill is in response to the GAO report presented to Congress, but there is no mention of that report or the specific research recommended in the report. Instead this bill would require the DHS Secretary to commission a study by an “independent not-for-profit laboratory with appropriate expertise” {§2(a)} and submit a report to Congress on that study within one year of the enactment of this bill.

The Study

As mandated by this bill the study would have to address:

• The extent to which the program addresses known security risks in the maritime environment;

• The extent to which the program has addressed which internal control deficiencies identified by the Comptroller General;

• A cost-benefit analysis of the program; and

• Consideration of alternate biometric technologies.

The report that the GAO recommended, a review of the TWIC Reader Pilot, is not mentioned in this report.

The Club

To ensure that DHS actually complies with this mandate the bill includes a rather large stick. Section 2(e) provides that the Department cannot put the final TWIC Reader Rule into place until Comptroller General informs the Congress that the completed study is “substantially responsive to the recommendations of the Comptroller General” and the Department has published a list “of transportation security card readers that are compatible with active transportation security cards”.

GAO Recommendations Ignored

As I mentioned earlier the Government Accounting Office published a report this spring that questioned the results of the TSA TWIC Reader Pilot Study. They identified a number of problems with the study plan and execution. In their conclusion they noted:

“Given that the results of the pilot are unreliable for informing the TWIC card reader rule on the technology and operational impacts of using TWIC cards with readers, we recommended that Congress should consider repealing the requirement that the Secretary of Homeland Security promulgate final regulations that require the deployment of card readers that are consistent with the findings of the pilot program; and that Congress should consider requiring that the Secretary of Homeland Security complete an assessment that evaluates the effectiveness of using TWIC with readers for enhancing port security.”

This recommendation is not addressed in this proposed legislation. It may be part of the proposed amendment in the form of a substitute that Ms. Jackson-Lee is supposed to present at the mark-up hearing for this bill on Wednesday.

Moving Forward

The markup of this bill by the Border and Maritime Security Subcommittee (of which Rep. Jackson-Lee is the Ranking Member) has already been postponed once. If and when the Congress finally gets moving again on non-spending issues (which could be next year the way things are going) this bill will probably make its way to the floor of the House where it will be passed with substantial bipartisan support. The same will probably happen in the Senate.

Update DHS Spending Mark-up Information

Earlier this week I mentioned that the House Appropriations Committee would be holding a mark-up of the DHS FY 2014 spending bill. Today the Committee placed additional information on the hearing web site. They provided an updated draft version of the bill and a draft copy of the Committee Report that will accompany the bill. Both documents contain important provisions for DHS cybersecurity and chemical security operations.

Draft Bill

This new draft bill is apparently different than the version that I reviewed during the approach of the Homeland Security Subcommittee hearing last week. All of the CFATS provisions and TWIC Reader provisions that I discussed in that earlier post remain the same in this new version of the bill.

Draft Report

In many ways the Committee Report that accompanies these spending bills is more important than spending bill. The reports provide the Appropriations Committee a certain level of oversight over individual programs through the pocket book. Most times programs like CFATS never get mentioned in the main bill, but do frequently get attention in the report.

Some of the items discussed in this draft report include:

• TSA requirement to develop “a program to facilitate the tracking of motor carrier shipments of highway security-sensitive materials (HSSM)” (pg 59);

• Detailed TWIC Reader discussion (pgs 61-2);

• CFATS funding at FY 2013 level (pg 82);

• Detailed CFATS discussion (pgs 83-86);

• Ammonium Nitrate security discussion (pgs 85-86) and

• Cybersecurity discussion (pgs 86-88)

Several of these items deserve a detailed discussion. If they remain in the final Committee Report, I will address them in more detail.

TWIC Reader Hearing

Well, I finally had a chance to go back and watch the web cast of last Thursday’s hearing of the

Government Operations Subcommittee of the House Oversight and Government Affairs Committee on the GAO’s report on the TWIC Reader Pilot. Well, it was supposed to be about Federal Government Approaches to Issuing Biometric IDs, but no other agencies could show up and there was this GAO report, so it was essentially about the report.

Now I described the report in an earlier post, but in summary the GAO found all sorts of methodological problems with the way the TWIC Reader Pilot was run by TSA. As a result of those problems GAO questions whether the conclusions drawn from the pilot report can be used to justify the use of TWIC Readers. GAO did not question the utility or performance of the Readers, just whether or not the TWIC Reader Pilot results could be used to justify the use of the Readers.

Politics

The hearing was very poorly attended on both sides of the Committee Room. There were only four congressmen present, the Chair and Vice-Chair, the Ranking Members of both the Committee and Sub-Committee. The Rep. Mica (R,FL) noted that there were only three people in the press gallery. Even with the advanced notice of the results of the GAO report, there was little interest in the hearing.

The hearing was, however, a model of bipartisan agreement; TSA was in deep trouble and had a great deal of explaining to do. With only four congresscritters asking questions there was a great deal of follow-up questioning and when one congressman’s turn was done the next took up the same line of questioning as if it were rehearsed.

For the most part the questioners did listen to the responses and modify their subsequent questions appropriately. The only major exception to this was Chairman Mica’s continuing reference to the susceptibility of the TWIC to forgery, even after Mr. Lord explained that the GAO’s forged cards did not pass muster in the TWIC Reader. Lord explained that the holders were allowed facility entrance despite the lack of TWIC Reader approval; certainly not the fault of TSA.

To TWIC or Not To TWIC

Every one of the Subcommittee members present questioned whether or not DHS should consider replacing the TWIC with something more effective. Committee Ranking Member Cummings (D,MD) made the comment in his opening remarks that there is no “reliable data proving that the TWIC card” is part of an effective port security program. Mr. Sadler from TSA disagreed, of course, but even Mr. Lord from GSA admitted that there was no proof that the TWIC wasn’t effective.

Mr. Sadler said time and again (in very repetitive language, obviously rehearsed to emphasize the limitations) that, when properly installed and maintained, and the operators and card holders were properly trained, the TWIC Readers in the study properly performed their scanning and verification function. No one disputed this oft repeated statement.

What wasn’t directly mentioned here was the fact that neither TSA or GAO have any control over whether or not the TWIC program continues, is cancelled or is significantly modified. All of that rests with the Congress. Of course, scrapping the program and starting anew will cost a great deal of money, something that will be politically impossible to do. Even making significant changes to the TWIC program will be costly and politically difficult to achieve in the current political and economic environment.

Interestingly, the GAO does not recommend making changes to either the TWIC or the TWIC Readers. The conclusion of this report states:

“Given that the results of the pilot are unreliable for informing the TWIC card reader rule on the technology and operational impacts of using TWIC cards with readers, we recommended that Congress should consider repealing the requirement that the Secretary of Homeland Security promulgate final regulations that require the deployment of card readers that are consistent with the findings of the pilot program; and that Congress should consider requiring that the Secretary of Homeland Security complete an assessment that evaluates the effectiveness of using TWIC with readers for enhancing port security. This would be consistent with the recommendation that we made in our May 2011 report. These results could then be used to promulgate a final regulation as appropriate.” (pg 10)

In other words, Congress should remove their mandate to use the TWIC Reader Pilot as the justification for requiring the use of TWIC Readers and put the burden back on DHS to justify the use of TWIC Readers on the basis of improved security. The reason for requiring the TWIC Reader shouldn’t be that it works, but rather that it is needed.

TWIC Antennas

There was an important technical issue that was only peripherally addressed in this hearing and in the GAO report. The GAO report noted that there was insufficient information provided in the TWIC Reader pilot to identify how many cards were not read due to broken antennas. Since the TWIC is an RFID device that can be remotely queried by the TWIC Reader a broken antenna makes it useless as a contactless identification.

Mr. Sadler noted in response to questioning that the contactless mode of operation is what distinguishes the TWIC from the Common Access Card (CAC) readers used by the military. He used this to explain why the Subcommittee members {particularly Ranking Member Connolly (D,VA)} should not try to compare the ruggedness of the CAC to the less robust TWIC.

He then claimed that only a contactless reader could be used at port facility truck gates. This does not appear to be factually correct. There are hand-held TWIC Readers that could be used, allowing the more robust antenna available on such devices to be used to contact a local base station rather than using the embedded antennas to allow the TWIC to communicate with the Reader.

IRIS Biometric

A topic near and dear to the heart of Chairman Mica is the lack of an iris scan biometric encoded in the TWIC. Each time he brings this up, apparently, he has been told that NIST does not yet established a standard for encoding the iris biometric, but is coming in the next couple of months. TSA rightly maintains that it is not up to them to establish the standard, just to implement one if it is feasibly available.

Mica requested both witnesses and the committee staff to contact NIST to see if they could get a consistent answer as to when such a standard might become available.

TWIC NPRM Reader Extension

Mr. Lord did note in response to some question about the timetable for the implementation of the TWIC Reader NPRM (a concept that Chairman Mica appeared to be completely unfamiliar with) that the Coast Guard had recently extended the comment period on the NPRM to 90 days. Then, almost in passing, he suggested that they might want to make another 90 day extension to allow comments to be formulated about the results of the GAO report on the TWIC Reader Pilot.

Since there have been no comments to date on the TWIC Reader Pilot, I would not be surprised to hear that someone in industry doesn’t request another extension to review their initial acceptance of the NPRM in light of the reported inconsistencies in the pilot report. With just a little over a month remaining on the revised comment period, the Coast Guard would certainly be justified in approving such a request.

Video Timeline

A long time reader, Donald Bruce of the Houston/Galveston, TX Area Maritime Security Committee, was kind enough to send me an annotated timeline of the important parts (in his estimation) of the web cast of the hearing. I have not checked every listing, but it was helpful to me in following the video so I thought that I would pass it along. Note: Everything up to about the 39 minute mark was essentially opening statements.

Min 39 - Iris Scan issues

Min 42 – Use of Fake Cards

Min 43 – Questions from Rep. Connolly – Was the Pilot Successful?

Min 57 – What if we cancel the program?

Min 58 – We should recommend readers

Min 110 – Answer to benefit of TWIC Pilot – Definition of a Successful Reader Project

Min 111 – We will go forward

Min 113 – The TWIC Pilot is very useful for the USCG in the NPRM

Min 114 – CAC described use in Afghanistan – a success story

Min 119 –Contact biometric will not work in a maritime environment

Min 120 – TSA Given 60 days to review over Biometric Card success (CAC)

Min 122 – Look NIST Iris standard (Alternate Biometric)

Moving Forward

Chairman Mica said that the Subcommittee will be holding additional hearings looking at other forms of Federal identification that include encoded biometrics. He also gave Mr. Sadler 60 days to look at the CAC and get back to the Committee with an explanation of why the TWIC and the CAC should/should not be compared.

CFATS PSP – TWIC Readers

This is part of a continuing series of blog posts about the CFATS Personnel Surety Program that was described in a 60-day information collection request (ICR) notice in Friday’s Federal Register. This post will look at how TWIC Readers could be used in PSP. The earlier posts in the series are listed below.

DHS Publishes CFATS PSP 60-day ICR Notice

CFATS PSP – Data Submission Options

CFATS PSP – Who Gets Screened

CFATS PSP – Who Submits Information?

CFATS PSP – Other Information to be Collected

CFATS PSP – Only Tier 1 and 2 Facilities Impacted

CFATS PSP Comments – 03-30-31

CFATS PSP – Facility Analysis

Many high-risk chemical facilities covered by CFATS share a significant work force, corporate and contract, with MTSA covered facilities. Additionally transportation workers (truck drivers and railroad personnel) may make up a significant number of the ‘visitors’ that a site might expect to extend some level of unescorted access to critical areas of the facility. As a result there was a major level of vocal concern with the original CFATS PSP proposal because it did not provide an easy option for facilities to take advantage of the fact that TWIC holders had already been vetted against the Terrorist Screening Database (TSDB). The new ICR notice specifically addresses this concern providing for the use of TWIC Readers as one of the vetting alternatives specifically available to facility security managers.

TWIC Reader Requirements

The ICR notice does not provide any specific guidance on how the TWIC Readers would be used at a high-risk chemical facility. This is not surprising given the §550 prohibition against requiring any specific security measure for the approval of a facility’s SSP. The notice provides the following guidance:

“High-risk chemical facilities could propose, in their SSPs or ASPs, to share the costs of TWIC readers and any associated infrastructure at central locations, or high-risk chemical facilities could propose to purchase and install TWIC readers for their own use. The Department will assess the adequacy of such proposals on a facility-by-facility basis, in the course of evaluating each facility's SSP or ASP.”

TWIC Reader at the Gates

The classic implementation of the TWIC Reader would be to install readers at a gate to allow security personnel to automate the verification of identity and appropriate vetting against the TSDB. This is the type of use expected to be employed at high-risk MTSA facilities where all personnel with unescorted access to the covered facilities or vessels are required to have a TWIC.

If TWIC Readers were to be used for vetting all personnel entering a facility for unescorted access each time they entered the facility, this would be a significant extension of the vetting requirements outline in the other two vetting options provided in this ICR notice as personnel would effectively be vetted against the TSDB every time the TWIC Reader updated its access to the Canceled Card List (CCL).

For facilities that have a large number of recurring visitors that are to be given even some limited amount of unescorted access to the facility, truck drivers and delivery personnel for instance, this could simplify the vetting requirements for these personnel by simply requiring that they possess a TWIC and then validating that TWIC with a TWIC Reader each time they access the facility.

TWIC Reader at Personnel Processing Center

The other option suggested in this ICR notice is the use of the TWIC Reader at a shared central location. The most obvious example of this would be to have a TWIC Reader at the Corporate Human Resources Department where an individual’s TWIC would be validated as part of the corporate hiring process. One would suppose that ISCD would prefer to see some sort of periodic revalidation of the TWIC outlined in the SSP since they intend to do periodic rechecks against the TSDB for personnel whom facilities submit information under the PSP.

Because of the high-cost of TWIC Readers (this notice suggests that the annualized three year cost of a TWIC reader and its upkeep at $99,953.33 per reader) smaller facilities, or facilities separated from corporate HR might wish to contract out the TWIC Reader validation to a third-party such as a back-ground check vendor or security contractor. Again one would suppose that there should be some sort of periodic revalidation of those checks outlined in the facility SSP.

ISCD TWIC Expectations

ISCD clearly does not expect very many facilities to avail themselves of the TWIC Reader option for personnel vetting. According to Table 22 in the notice they only expect that four facilities will install TWIC Readers as part of their PSP, three at Tier 2 theft/diversion facilities and one at a Tier 2 Group C (distribution type facility) facility. They base that on the number of facilities that share MTSA and CFATS status. This would be the type facility that would already be intending to use the TWIC Reader because of the impending requirements under the recently published TWIC Reader NPRM.

Does this mean that only those facilities will be allowed to use TWIC Readers as part of their PSP? I don’t think so. These are clearly facilities that would be expected to find the use of TWIC Readers to be most valuable since they will already be in use at certain entrances (MTSA covered areas of the facility) and virtually all personnel will already be required to possess a TWIC. But, ISCD clearly expects that the cost of the TWIC Reader will be a disincentive for its general use at facilities that are not already required to implement use of the TWIC for facility access.

TWIC Reader NPRM – Miscellaneous Changes

This is the third in a continuing series of blog posts about the recently published notice of proposed rulemaking concerning the implementation of the use of TWIC Readers at MTSA regulated facilities. This post looks at some of the minor miscellaneous changes to the Coast Guard’s Maritime Security Regulations (33 CFR Subchapter H) included in this NPRM. The earlier blog posts in the series are listed below:

Coast Guard Publishes TWIC Reader NPRM

CG Announces TWIC Reader Meeting – 4-18-13

Definitions

The NPRM would add a number of definitions to the §101.105. They include the definition of the following terms:

• Biometric match;

• Canceled Card List (CCL);

• Card authentication;

• Card Holder Unique Identifier (CHUID);

• Card validity check;

• Mobile Offshore Drilling Unit (MODU);

• Offshore Supply Vessel (OSV);

• Physical Access Control System (PACS);

• Risk Group; and

• TWIC reader.

One definition would be removed from the list of definitions; recurring unescorted access. This term is no longer needed because of other changes that would be made in the rule, particularly the minimum crew exemption.

Minimum Crew Exemption

The NPRM would add in the new §101.520  a paragraph that would exempt vessels with crews less than 15 people (“14 or fewer TWIC-holding crewmembers”) from the requirement to use a TWIC Reader {§101.520(e)}. This was included as a response to the Safe Port Act (PL 109-347) requirements to establish a minimum crew size that warrants the use of a TWIC Reader {46 USC §70105(m)(1)}. It also reflects the belief that personal recognition on a vessel of that size is better identification than any credential. Crew members would still be required to possess a TWIC and it would need to be visually checked upon boarding.

The same crew-size exemption does not apply to facilities. The Coast Guard reasons that while only 14 people may work at the facility, there is an increased likelihood that non-crew members would also be requesting access to the facility.

MARSEC 2 and MARSEC 3

I have already noted that increased MARSEC levels will require an increased frequency of checking the Canceled Card List (CCL) going from once a week (“no more than 7 days old”) to daily (“no more than 1 day old”). The actual requirement will be a bit more complicated than that. Any time that there is an increase in MARSEC level the CCL must be updated within 12 hours of the increase {§101.520(c)}.

Just to make it absolutely clear, the new language specifically requires that only “the most recently obtained CCL information shall be used to conduct card validity checks” {§101.520(d)}.

COPT Temporary Exemptions

The crafters of the rule understood that under some conditions, requiring a full biometric identity check, card authentication and validation could impede the flow of personnel into a facility to the extent that the back-up of traffic could be its own safety or security hazard. In these exceptional cases the COPT is authorized to “to temporarily suspend TWIC reader requirements at that facility” {§101.520(f)}. During that suspension the TWIC would still need to be visibly inspected.

Special Circumstances

This proposed rule also provides exceptions for ‘special circumstance’ {§105.535}; those times when things happen to TWICs or their owners that make it impossible to use the TWIC Reader. Those circumstances include:

• Lost, stolen or damaged TWIC {§105.535(a)};

• Fingerprints cannot be read {§105.535(b)}; or

• TWIC Reader malfunctions {§105.535(c)}.

Alternative procedures are spelled out for each of these special circumstances. Common to all of those procedures is the requirement that the individual be known to the owner/operator and has been previously granted unescorted access.

Coast Guard Publishes TWIC Reader NPRM

On Friday the Coast Guard published a notice of proposed rulemaking in the Federal Register (78 FR 17781-17833) regarding the requirements for the use of a TWIC Reader at MTSA covered vessels and facilities. Public comments on the NPRM are being solicited.

Risk-Based Deployment

The Coast Guard is taking a risk-based approach to targeting the required deployment of TWIC Readers. Coast Guard and TSA experts conducted a risk-based analysis of MTSA-regulated vessels and facilities to assess the risk of a transportation security incident (TSI). That analysis assessed three factors:

• Maximum consequences to that vessel or facility resulting from a terrorist attack;

• Criticality to the nation's health, economy, and national security; and

• Utility of the TWIC in reducing risk.

Based upon this risk analysis the Coast Guard developed three risk groups (Risk Group A, Risk Group B, and Risk Group C) that it would use to manage the requirements for deployment of TWIC Readers. In this NPRM the Coast Guard is only considering mandating TWIC Reader deployment to vessels and facilities falling under the criteria for Risk Group A. Future rulemakings may be used to expand that requirement.

Risk Group A

The Coast Guard has developed fairly simple operational definitions of what vessels and facilities fall into Risk Group A. For vessels this definition is based upon the hazardous nature of the cargo carried or the number of passengers carried. Similarly, for facilities the definition revolves around the nature of the hazardous materials (Certain Dangerous Cargo- CDC – 33 CFR 160.204) handled or the number of passengers accessing the facility.

Risk Group A Vessels -

• Vessels that carry CDC in bulk;

• Vessels certificated to carry more than 1,000 passengers; or

• Vessels towing one of the above.

Risk Group A Facilities –

• Facilities that handle CDC in bulk;

• Facilities that receive vessels certificated to carry more than 1,000 passengers; or

• Barge fleeting facilities that receive barges carrying CDC in bulk.

Use of TWIC Reader

Risk Group A vessels and facilities would be required to use TSA approved TWIC Readers to verify identity and to authenticate and validate the TWIC. For vessels this would be required upon boarding the vessel. For facilities it would be required before being granted unescorted access to secure areas.

Identity would be verified by comparing the individual’s fingerprint against one of the two fingerprint exemplars encoded in the TWIC. For facilities that are using a Physical Access Control System (PACS) that utilizes an alternative biometric identification (retina scan, for instance) “the TWIC would need to be read and the stored biometric identifier matched against the TWIC-holder's fingerprint at least once, when the individual's information is entered into the PACS” (78 FR 17792).

Card validation would be done by the TWIC Reader comparing the TWIC data against the Canceled Card List (CCL), thus requiring the TWIC Reader to periodically download the CCL. While at MARSEC level 1, this would need to be accomplished on a weekly basis. At MARSEC levels 2 and 3 daily updates would be required.

Public Comments

The Coast Guard is planning on holding at least one public meeting on this NPRM, but a date and location have yet to be determined. An announcement of the meeting will be published in the Federal Register.

The Coast Guard is soliciting public comments on the NPRM. Comments may be submitted via the Federal eRulemaking Portal (www.Regulations.gov; Docket # USCG-2007-28915). Comments should be submitted by May 21^st, 2013.

CFATS PSP – Data Submission Options

This is the second in a series of blog posts about the CFATS Personnel Surety Program that was described in a 60-day information collection request (ICR) notice in Friday’s Federal Register. This post will look at the data submission options for vetting personnel against the Terrorist Screening Database (TSDB). The earlier post in the series is listed below.

DHS Publishes CFATS PSP 60-day ICR Notice

The PSP Requirement

The CFATS program regulations require facilities to establish a personnel surety program (PSP) vetting process {6 CFR 27.230(a)(12)}. That program is required to perform four types of background checks on “facility personnel, and as appropriate, for unescorted visitors with access to restricted areas or critical assets”. Those required checks are:

• Measures designed to verify and validate identity;

• Measures designed to check criminal history;

• Measures designed to verify and validate legal authorization to work; and

• Measures designed to identify people with terrorist ties.

Facility management has a wide degree of latitude in establishing the methodology for conducting the first three types of checks. The last measure “is an inherently governmental function and necessarily requires the use of information held in government-maintained databases that are unavailable to high-risk chemical facilities” (FR 17681). It is this vetting requirement that is addressed in this ICR notice.

Data Submission

The DHS Infrastructure Security Compliance Division (ISCD) has plans to introduce a new data collection application in the Chemical Security Assessment Tool (CSAT) to allow facility security managers or their designees to submit information to ISCD to complete the vetting process. This ICR, if/when approved by the Office of Management and Budget (OMB), serves as the approval of that application to collect the required information.

DHS outlines in this notice three different options that facilities will have for conducting the vetting of personnel against the government’s TSDB. Facilities will be able to use almost any combination of the three options in the establishment of their PSP that will be outlined in the facility site security plan.

The three options are:

• Option One - Direct Vetting

• Option Two - Use of Vetting Conducted Under Other DHS Programs

• Option Three - Electronic Verification of TWIC

Option One

Option One requires the most comprehensive submission of information to ISCD via the PSP application. The following information would be required for each individual vetted under Option One:

• For U.S. Persons (U.S. citizens and nationals as well as U.S. lawful permanent residents):

• Full Name

• Date of Birth

• Citizenship or Gender

• For Non-U.S. Persons:

• Full Name

• Date of Birth

• Citizenship

• Passport information and/or alien registration number

Interestingly, there is no requirement to supply biometric information (finger prints for instance) to verify the identity of the individual. Apparently ISCD believes that the identify verification requirements that the facility is already required to perform under other provisions of its PSP will be adequate to ensure that the information required above will be adequate to the task of vetting against the TSDB.

The PSP CSAT application will also allow the submission of the following information under Option One to help avoid misidentification of individuals:

• Aliases

• Gender (for Non-U.S. Persons)

• Place of Birth

• Redress Number

TSA has a program to allow people who believe that they have been improperly identified as having potential terrorist ties to have a more thorough investigation completed to correct the record. The ‘Redress Number’ provides a reference to that investigation to ensure that the same mistaken identification is not made again. This ‘Redress Number’ is probably the only item of information that the high-risk chemical facility is not already collecting in support of its personnel surety program.

Option Two

There are already a number of DHS programs that vet various people against the TSDB. Those programs include:

• Transportation Worker Identification Credential (TWIC) Program;

• Hazardous Materials Endorsement (HME) Program;

• NEXUS;

• Secure Electronic Network for Travelers Rapid Inspection (SENTRI);

• Free and Secure Trade (FAST); and

• Global Entry Trusted Traveler Programs

If individuals have already been vetted under one of these programs DHS does not need to complete the same level of investigation to ensure that they are not listed on the TSDB. All ISCD needs to do is to verify that the previous vetting is still current and valid. To do that the following information would need to be submitted via the PSP application:

• Full Name;

• Date of Birth; and

• Program-specific information or credential information, such as unique number, or issuing entity (e.g., State for Commercial Driver's License (CDL) associated with an HME).

Again, there would be provisions for submitting additional information to help to avoid misidentification of personnel. For Option 2 these include:

• Aliases

• Gender

• Place of Birth

• Citizenship

Option Three

When the original PSP ICR was submitted a couple of years ago one of the main industry complaints was having to submit information on personnel that had a TWIC. At the time ISCD maintained that they needed to collect the information to ensure that the TWIC was still valid. While this is still the justification for the use of Option 2, the availability of TWIC readers that have been validated by TSA provides a new alternative.

Option 3 would allow a “high-risk chemical facility (or others acting on their behalf) electronically verify and validate the affected individuals' TWICs through the use of TWIC readers (or other technology that is periodically updated using the Canceled Card List)”. It is not clear from the description in the notice whether this would require daily presentation of the card at the facility or whether it could be accomplished on a less frequent basis as a personnel action.

Option Four

While there is no official Option Four the notice does mention some ways that the high-risk chemical facility can limit the number of people that have to be vetted under the PSP. This discussion in the notice does not specifically state that it applies only to visitors (and perhaps contractors) since all facility employees are required by the CFATS regulations {6 CFR 27.230(a)(12)} to be vetted, whether or not they have unescorted access to restricted or sensitive areas of the high-risk facility.

The options outlined in the notice include:

• Restricting the numbers and types of persons whom they allow to access their restricted areas and critical assets, thus limiting the number of persons who will need to be checked for terrorist ties;

• Defining the restricted areas and critical assets in the SSPs or ASPs, thus potentially limiting the number of persons who will need to be checked for terrorist ties; or

• Choosing to escort visitors to restricted areas and critical assets in lieu of performing the background checks required by RBPS 12.

Combining Options

There is nothing in the notice that would even appear to suggest that a high-risk chemical facility is limited to just one of the options in establishing the terrorist link vetting portion of their PSP. In fact there are a number of areas where it is suggested that different classes of employees or visitors may be better covered by different options.

All a facility has to do in their site security plan (or alternative site security plan) is to outline how they will determine which class of employees will be addressed by each of the three options provided by the ISCD program. It will also have to address how it will ensure that all employees, and the contractors and visitors with unescorted access to restricted or sensitive areas are vetted through at least one of the options provided.

NOTE: I have taken the liberty of lumping ‘contractors’ with visitors in the above statement. The CFATS regulations do not specify how contractors will be treated in the vetting process. An argument could certainly be made that at many high-risk chemical facilities contractors are essentially employees since they will be working at the facility on a daily basis for long periods of time. Legalistically, however, a contractor is not an employee of the facility. The distinction should be clearly made in the facility site security plan to avoid possible repercussions down the line.

DHS Publishes CFATS PSP 60-day ICR Notice

As I noted yesterday, today DHS published a 60-day information collection request (ICR) in the Federal Register (78 FR 17680-17701) supporting the long awaited revised CFATS Personnel Surety Program (PSP). As one would expect this is a very complicated and detailed ICR and will require a number of blog posts to delve into all of the details.

Program Summary

ISCD envisions the PSP to be a four part background check to be conducted by high-risk chemical facilities under the CFATS program {6 CFR 27.230(a)(12)(iv)} for personnel granted unescorted access to sensitive or restricted areas within the facility. Only one of those checks would involve data submission to ISCD via a new PSP tool within the current on-line Chemical Security Assessment Tool (CSAT); that would be the vetting against the terrorist screening database (TSDB).

Facilities would have three options for conducting this TSDB vetting:

• Submit a full suite of personally identifiable information (PII) thru the PSP tool;

• Submit a limited amount of PII on personnel holding a credential that already requires a TSA security threat assessment (STA) such as a TWIC, HME.; or

• Electronically verify the validity of the credential and the identy of a person currently holding a TWIC via a TWIC Reader.

The ICR notice still does not include a commitment to notify facilities if a person is identified as having terrorist ties as a result of the PSP TSDB vetting.

Facilities will have the option of having corporate submission of data thru the PSP tool or third party submission of data in addition to the facility submitting the data.

Tier 1 and 2 facilities will have 60-days from the notification that the PSP Tool is up and running to submit their initial data to ISCD and Tier 3 and 4 facilities will have 90-days. Once that initial data dump is completed, facilities will be required to submit data on new individuals 48 hours before they are allowed unescorted access to sensitive or restricted areas as defined in the facility site security plan.

Public Comment

DHS ISCD is soliciting public comments on this 60-day ICR notice. Comments may be submitted via the Federal eRulemaking Portal (www.Regulations.gov; Docket # DHS-2012-0061). Comments need to be submitted by May 21, 2013.

TWIC Reader NPRM and CFATS PSP Tomorrow

I don’t normally announce the publication of documents in the Federal Register the day before, but in this case we have been waiting so long for both of these programs to move forward, I’m going to make an exception.

The Coast Guard’s TWIC Reader NPRM will be published in tomorrow’s Federal Register. A pre-publication draft copy is available here. It’s not the official version and it doesn’t have the page numbers, but it is available for reading.

The same goes true for the CFATS personnel surety program (PSP) 60-day ICR notice. It can be found here.

As you might expect, I’ll be looking at both documents in some detail.

BTW: Apologies for casting aspersions on Under Secretary Beers’ announcement that these two documents had been sent to the Federal Register last week. Apparently the follow through was done in a timely manner this time.

Thoughts on CFATS Hearing

I finally got a chance to sit down and watch the video of last Thursday’s hearing about the CFATS program before the Environment and the Economy Subcommittee of the House Energy and Commerce Committee. I didn’t have time to stop and replay sections to get detailed and accurate quotes, so this discussion will be more about what I heard than about accurate detailed reporting of what was said.

I do want to say that I was generally impressed with the conduct of the hearing. There was very little of the talking past each other that one sees in the typical congressional hearing. The witnesses generally attempted to answer questions directly and it seemed that the Congressmen (and only men, that was odd) actually listened to the answers, even if they didn’t like everything that they heard.

Progress in Inspections

Everyone was impressed with the recent improvement in the CFATS authorization and approval rate, but no one was satisfied. Even ISCD Director Wulf said that the 6 to 9 years that the GAO said it would take to complete authorizations at the current rate was “unacceptable”. He did note that he expected that the rate of inspections would continue to increase as more facilities began using Alternative Security Programs for their SSP submission and further improvement were made to the evaluation process.

Interestingly there was no mention in the effects of the change in mix of facilities that would be seen as more Tier 3 and Tier 4 facilities were addressed. I would expect that the average size of these facilities would be smaller and the types of risks addressed would change as more of the facilities would have just theft/diversion chemicals of interest on site. Smaller facility size may allow for a reduced number of Chemical Security Inspectors (CSI) per site which may allow for an increased rate of authorization inspections.

Cybersecurity

For the first time I heard questions being asked of Under Secretary Beers and Director Wulf addressing the cybersecurity aspects of the CFATS process. It seemed to catch them a little bit by surprise. Beers did impress me by his comments about control systems (specifically including security systems) being the primary concern about cybersecurity in CFATS facilities.

He then negated some of that when he bragged about NPPD having some of the world’s best control system security folks in ICS organization (certainly a reference to ICS-CERT). Bragging about ICS-CERT maybe justified, but I haven’t seen anything indicating that they are involved in the CFATS inspection process.

I do know that there are at least three CSI that have some background in control systems applications, but that is hardly enough to form a reasonable cadre of control systems inspectors to cover the large number of high-risk facilities that have industrial control systems impacting the use of DHS chemicals of interest (COI).

There was an interesting exchange between Beers and an unnamed (because I didn’t catch his name) Congressman about the potential for retaliation against someone who conducted a cyber-attack on a CFATS facility. Beers rightly passed that response off to DOD (who, of course, had no one present to answer), but the slightly surreal conversation did show the increased interest in cybersecurity in Congress.

Personnel Surety Program

I was disappointed that Chairman Shimkus (R,IL) did not take Rand Beers to task for failing to live up to his promise at the last hearing of having the personnel surety program (PSP) ICR printed within 30 days. He did accept at face value the new promise that the PCP ICR had been sent to the Federal Register and would be printed next (now this) week.

There were the expected questions about the use of the TWIC and assurances by Beers that the new PSP would accept the use of the TWIC. Of course, the old PSP that was withdrawn ‘accepted the use’ of the TWIC, but the implementation of that was unacceptable to most of the regulated community because data submissions were still required for TWIC holders. It is not yet clear that that has changed because no one specifically asked about it.

There was an interesting question asked by Ranking Member Tonko (D,NY) about the PSP. He asked if ISCD had included any unions in their discussion about the new PSP program. Wulf was forced to answer in the negative. This is surprising because of the involvement of labor organizations in the opposition to the old proposed program. For a federal agency in a Democratic administration to not consult with unions on a program of clear interest to them is quite unusual. I’m not sure if this is a sign of political ineptitude on the part of ISCD or a general lack of attention to labor issues by the Obama Administration.

Risk Model

I think that it is fair to say that the main focus of the hearing was the risk model that DHS is using for the Tiering of facilities. I partially addressed this in my earlier post about the GAO report presented at the meeting. Chairman Shimkus and Congressmen on both sides of the dais were concerned that the risk model currently being used focused almost entirely on consequences to the exclusion of threat and vulnerability.

Beers and Wulf had a consistent response that the approach of holding threat and vulnerability as constants in the risk equation was reasonable in the tiering area because the remainder of the process addressed the vulnerability issue. The threat issue was kind of glossed over until an industry witness noted that DHS had admitted to industry that there was not current credible specific threat of an impending attack on any chemical facility.

Wulf and Beers consistently fell back on the position that the peer review process being carried out by Sandia Labs would provide a disinterested evaluation of the model and DHS would make appropriate adjustments based upon the report of that peer review. This sounded reasonable until the GAO witness in the second panel questioned whether or not the peer review included a validation and verification (V&V) review, with the clear implication that it did not.

The Subcommittee members were clearly not happy with the responses to their questions. The point was raised that significant changes to the risk model used in the tiering process would probably result in changes to the tier assignment of at least some facilities and that could require significant changes in site security plans. As he was in the process of dismissing Beers and Wulf, Chairman Shimkus mentioned that they Subcommittee was likely to hold a future hearing to specifically address the risk model questions.

TWIC Reader

One of the most surprising things that I heard at the hearing was virtually ignored by most observers; Rand Beers announced that DHS had sent the TWIC Reader NPRM to the Federal Register. That is surprising on two levels, first his organization has nothing to do with the TWIC Reader Rule; it is a Coast Guard rule with TSA input. Both are part of DHS to be sure, but they have nothing to do with NPPD.

The second surprise in that is that the OMB just approved that NPRM just last Tuesday and they approved it with changes. That typically means a delay of at least a couple of weeks while the changes are made and reviewed within the Department. Turning the NPRM around in just a couple of days would be remarkable.

Having said all of that, there is another possible explanation that is remotely possible. ISCD could be floating their own TWIC Reader Rule for use at CFATS facilities (clearly not included in the Coast Guard rule). If that is the case it would be a remarkable about-face on the use of TWICS; potentially signifying a wholesale shift to the use of that as the personnel surety program. Such a shift would cause a huge up-tick in the number of TWIC applications that would have to be processed by TSA.

End of CFATS

Okay, that is a little over-the-top, even for a headline. But this is a point that needs to be mentioned. For the longest time there was nearly unanimous support for the CFATS program; differences in how the program should address certain issues to be sure, but general support for the program. That has been eroding as ISCD problems with implementation of the program are being better understood.

Last week Beers was pressed on a peculiar question; does any European nation have a CFATS-like program? The clear implication (dutifully ignored by Beers) was that if Europe, which has experienced many more terrorist attacks than the United States, did not need chemical facility security regulations, then perhaps neither does the US.

Continued problems at ISCD, combined with the lack of any clear, specific terrorist threat against chemical facilities will inevitably lead to an evolving lack of support for the program. I don’t think this will be a serious issue until we start to hear complaints from industry about the program.

To date, the chemical industry has been firmly supportive of the CFATS framework even while they complain about specific implementation issues. The main reason has been that industry has feared the imposition of a more comprehensive program that could include things like inherently safer technology (IST) mandates and civilian enforcement suits. If the drive for those measures lessens then industry is going to start complaining about the costs of burdensome regulation, and CFATS is costly, not only in added security costs, but also in administrative costs.

ISCD has a short window of time to get their act together. It appears that they are taking some steps in that direction, but they need to be running, not baby-stepping. Beers and Wulf had better have some more acceptable answers about the risk model the next time they come before this Subcommittee, or they may see their program whittled away in cost saving measures until it is no longer supportable.

OMB Approves ‘Emergency’ TWIC ICR Revision

Yesterday the Office of Management and Budget (OMB) approved an ‘Emergency’ information collection request (ICR) revision submitted by TSA last October. TSA had been directed by the Office of Information and Regulatory Affairs (the OMB office that processes and approves ICRs) to submit an emergency ICR revision request when they approved the TWIC ICR just weeks after TSA published their TWIC renewal Exemption notice last June.

The Revised ICR

The emergency ICR was necessary because the short-term change in policy regarding the renewal of most TWIC pending the establishment of the final TWIC Reader Rule would reduce the number of people that would be filling out the TWIC application form for some time into the future. This reduces the estimated number of annual responses, burden hours and burden cost associated with the TWIC ICR.

The projected reduction in collections (applications) was 69,744. This translated into a burden hours decrease of 65,200 hours and a cost savings of $10,389,606.

The Emergency ICR process only allows for a 6-month approval, leaving this approval to expire on September 30^th, 2013. It also allow for filing of the Emergency ICR without the standard publication of pre-filing notices in the Federal Register by the agency involved, in this case TSA.

Approved With Change

It is not too unusual for OIRA to request some minor revisions when the approve the ICR. Typically, however, the do not publicly list what that ‘change’ is. In this case they did; the ICR approval notes:

“For the survey portion of this collection, TSA should consider offering the instrument in Spanish, since this has been identified as a potential reason for low response rates. In the next submission, the survey response scales should be modified as discussed. Also, TSA should consider the sample size/number of respondents, since only a small fraction of the responses are used to calculate customer service satisfaction.”

They are of course talking about a customer satisfaction survey that TSA asks TWIC applicants to complete voluntarily and anonymously. While I have no personal problem with providing survey’s in Spanish (being raised in California in the 60’s I’m used to bilingual governments) I’m kind of surprised that OIRA thinks that this would make a significant difference in the response rate.

TWIC Reader Rule Impact

With the TWIC Reader NPRM being issued in the near future we are just a little closer to the final rule, but it will still be sometime in 2014 before we can possibly expect to see the final rule published. This means that TSA will have to re-submit the renewal of the data in the Emergency ICR sometime before September. Then they will have to include a new ICR submission as part of their publication of the final rule.

Cost Burden

It was interesting to see that TSA included a cost burden in this ICR. That has been an almost obsolete part of the ICR. TSA did not include a cost burden, for example, in their Certified Cargo Screening Program ICR that was recently approved by OMB. Kudos to TSA for at least attempting to quantify the cost of compliance in this instance.

Senate Appropriations Substitute Language for HR 933

The Senate Appropriations Committee published the text of the amendment that will be offered as a substitute for the recently passed HR 933, the Department of Defense, Military Construction and Veterans Affairs, and Full-Year Continuing Appropriations Act, 2013. Among other things this substitute language would change the title of the bill to Consolidated and Further Continuing Appropriations Act, 2013. The reason for the change is that three additional full spending bills have been added to the bill, including Homeland Security.

CFATS Extension

As you might expect this is a large documents, 587 pages, so I haven’t had a chance to look at it too closely yet, but I did note that §537 of Division D would extend the current CFATS authorization until, October 4, 2013 [Typo corrected 0710 CST, 3-13-13].

Explanatory Remarks

I have spent a little more time looking at the ‘Homeland Security Explanatory Remarks’ document that was also published on the Committee web site. This provides detailed guidance to federal agencies that is not quite a full legal requirement. Remembering that those agencies have to come back to the Committee next year for funds (actually later this year, hopefully) agencies have to be extremely careful in their failure to comply with these unofficial requirements.

At this point, I’ll just provide a list of the ‘remarks’ that I think reader’s might find interesting. Full comment on these may come in a later post.

TWIC Reader Rule: The Department, and in particular the Coast Guard and the Transportation Security Administration (TSA), is directed to take all necessary action to expedite the completion and publication of a final rule governing the Transportation Worker Identification Credential (TWIC) reader requirement.

Chemical Security: Congress directed the Coast Guard and the National Protection and Programs Directorate to complete a planned Memorandum of Understanding (MOU) to harmonize chemical security responsibilities established by the Chemical Facilities Anti-Terrorism Standards (CFATS) regulations and Maritime Transportation Security Act (MTSA) regulatory programs no later than March 30, 2012, but the agreement has not been finalized. The MOU is to be completed expeditiously. The Deputy Secretary is also directed to continue semiannual reporting to the Committees on these matters as outlined in Senate Report 112-74.

Moving Forward

A report over at TheHill.com notes that the debate on the substitute language for HR 933 will begin today and that it appears that an agreement is in place to allow floor amendments to the bill. This could get interesting over the next week or so.

CG Announces CTAC Meeting

The Coast Guard published a notice in this Monday’s Federal Register (77 FR 70453-70454; available on-line today) that the Chemical Transportation Advisory Committee (click through the HomePort link for more information) would be holding a 2-day meeting on December 12^th in Washington, DC. The Committee will address issues related to the maritime transportation of bulk-hazardous chemicals. This Committee was re-established last year after having been idle since their 2008 meeting.

Agenda

The Committee will receive presentations from the Coast Guard on:

• Hazardous Substances Response Plans;

• Vapor control systems and mobile vapor control systems;

• Classification of Biofuels and Biofuel blends;

• Shipments and use as fuel of Liquefied Natural Gas and Compressed Natural Gas;

• Air emissions;

• Tank Barge best practices;

• Certification of 3rd party witnesses for the International Convention for the Prevention of Pollution from Ships prewash;

• Material Safety Data Sheets requirement for oils carried as cargo and fuel;

• Pending International Maritime Organization issues;

• Security, Transportations Worker Identification Credential, etc;

• USCG Centers of Excellence; and

• Food grade product safety.

In addition the Committee will establish their initial prioritization of issues and establish the agenda and meeting schedules for Subcommittees and Working Groups to address the topics listed above.

It is possible (but not real likely) that there might be additional information provided on the TWIC Reader Rule recently submitted to the OMB.

Public Comments

The Coast Guard is soliciting public comments on the agenda topics listed above. Written comments and requests to make oral comments at the meeting need to be submitted by November 29^th. Written comments can be submitted via the Federal eRulemaking Portal (www.Regulations.gov; Docket # USCG-2012-1030). Personnel wishing to make oral comments (limited to 3 minutes each) before the Committee should contact Lieutenant Sean Peterson, ADFO (ph – 202-372-1403; fax – 202-372-1926).