Download:
pdf |
pdfOverview of Submitters for CFATS Personnel Surety 30 Day Notice:
There were 20 comments submitted. 8 private sector companies, 9 associations, 1
training council, 1 union, and 1 government sponsored council compose of private
sector chemical facilities.
Comment #
DHS-2009-0026-0021
DHS-2009-0026-0022
DHS-2009-0026-0023
DHS-2009-0026-0024
DHS-2009-0026-0025
DHS-2009-0026-0026
DHS-2009-0026-0027
DHS-2009-0026-0028
DHS-2009-0026-0029
DHS-2009-0026-0030
DHS-2009-0026-0031
DHS-2009-0026-0032
DHS-2009-0026-0033
DHS-2009-0026-0034
DHS-2009-0026-0035
DHS-2009-0026-0036
DHS-2009-0026-0037
DHS-2009-0026-0038
DHS-2009-0026-0039
DHS-2009-0026-0040
Submitter
Institute of Makers of Explosives
Harcros Chemicals Inc.
Shell Oil Company
Compressed Gas Association
American Trucking Associations
LexisNexis® Screening Solutions
American Chemistry Council
U.S. Chamber of Commerce
National Petrochemical & Refiners
Association
Industrial Safety Training Council
Safety Council Security Consortium
Chemical Sector Coordinating Council
GROWMARK Inc.
Edison Electric Institute
International Liquid Terminals
Association
International Chemical Workers Union
Council
Southern Company Generation
Magellan Midstream Partners
American Air Liquide Holdings Inc.
The Fertilizer Institute (TFI), the
Agricultural Retailers Association
(ARA) and CropLife America
Allied Universal Corporation
Type
Association
Private Company
Private Company
Association
Association
Private Company
Association
Association
Association
Training Council
Government Sponsored
Council
Private Company
Association
Association
Union
Private Company
Private Company
Private Company
Association
Private Company
18850
Federal Register / Vol. 75, No. 70 / Tuesday, April 13, 2010 / Notices
section for
electronic access to the SECG.
FOR FURTHER INFORMATION CONTACT:
Nancy S. Bufano, Center for Food Safety
and Applied Nutrition (HFS–315), Food
and Drug Administration, 5100 Paint
Branch Pkwy., College Park, MD 20740,
301–436–1493.
SUPPLEMENTARY INFORMATION:
SUPPLEMENTARY INFORMATION
I. Background
sroberts on DSKD5P82C1PROD with NOTICES
In the Federal Register of July 9, 2009
(74 FR 33030), FDA issued a final rule
requiring shell egg producers to
implement measures to prevent
Salmonella Enteritidis (SE) from
contaminating eggs on the farm and
from further growth during storage and
transportation, and requiring these
producers to maintain records
concerning their compliance with the
rule and to register with FDA. The final
rule became effective September 8,
2009.
FDA examined the economic
implications of the final rule as required
by the Regulatory Flexibility Act (5
U.S.C. 601–612) and determined that
the final rule will have a significant
economic impact on a substantial
number of small entities. In compliance
with section 212 of the Small Business
Regulatory Enforcement Fairness Act
(Public Law 104–121), FDA is making
available this SECG stating in plain
language the requirements of the
regulation.
FDA is issuing this SECG as level 2
guidance consistent with FDA’s good
guidance practices regulation (21 CFR
10.115(c)(2)). The SECG represents
FDA’s current thinking on the
prevention of SE in shell eggs. It does
not create or confer any rights for or on
any person and does not operate to bind
FDA or the public. An alternative
approach may be used if such approach
satisfies the requirements of the
applicable statutes and regulations.
modify, or disapprove the information
collection provisions in this final rule.
An agency may not conduct or sponsor,
and a person is not required to respond
to, a collection of information unless it
displays a currently valid OMB control
number.
III. Comments
Interested persons may submit to the
Division of Dockets Management (see
ADDRESSES) electronic or written
comments regarding this SECG. Submit
a single copy of electronic comments or
two paper copies of any mailed
comments, except that individuals may
submit one paper copy. Comments are
to be identified with the docket number
found in brackets in the heading of this
document. The SECG and received
comments may be seen in the Division
of Dockets Management between 9 a.m.
and 4 p.m., Monday through Friday.
IV. Electronic Access
Persons with access to the Internet
may obtain the document at http://
www.fda.gov/FoodGuidances or http://
www.regulations.gov.
Dated: April 7, 2010.
Leslie Kux,
Acting Assistant Commissioner for Policy.
[FR Doc. 2010–8359 Filed 4–12–10; 8:45 am]
BILLING CODE 4160–01–S
DEPARTMENT OF HOMELAND
SECURITY
[Docket No. DHS–2009–0026]
National Protection and Programs
Directorate; Chemical Facility AntiTerrorism Standards Personnel Surety
Program
II. Paperwork Reduction Act of 1995
AGENCY: National Protection and
Programs Directorate, DHS.
ACTION: 30-day notice and request for
comments: New information collection
request 1670–NEW.
This SECG refers to collections of
information described in FDA’s final
rule that published in the Federal
Register of July 9, 2009 (74 FR 33030 at
33089), and that became effective on
September 8, 2009. As stated in the final
rule, these collections of information are
subject to review by the Office of
Management and Budget (OMB) under
the Paperwork Reduction Act of 1995
(the PRA) (44 U.S.C. 3501–3520). In
compliance with the PRA (44 U.S.C.
3507(d)), the agency has submitted the
information collection provisions of the
final rule to OMB for review. FDA will
publish a notice in the Federal Register
announcing OMB’s decision to approve,
The Department of Homeland
Security (DHS), National Protection and
Programs Directorate (NPPD), Office of
Infrastructure Protection (IP),
Infrastructure Security Compliance
Division (ISCD) will be submitting the
following information collection request
(ICR) to the Office of Management and
Budget (OMB) for review and clearance
in accordance with the Paperwork
Reduction Act of 1995 (PRA). The
information collection is a new
information collection. A 60-day public
notice for comments was previously
published in the Federal Register on
June 10, 2009, at 74 FR 27555.
Comments were received and responses
VerDate Nov<24>2008
17:33 Apr 12, 2010
Jkt 220001
SUMMARY:
PO 00000
Frm 00068
Fmt 4703
Sfmt 4703
are in this notice. The purpose of this
notice is to solicit additional comments
during a 30-day public comment period
prior to the submission of this collection
to OMB. The submission describes the
nature of the information collection, the
categories of respondents, the estimated
burden, and cost.
DATES: Comments are encouraged and
will be accepted until May 13, 2010.
This process is conducted in accordance
with 5 CFR 1320.8.
ADDRESSES: Interested persons are
invited to submit comments on the
proposed information collection
through the Federal Rulemaking Portal
at http://www.regulations.gov. Follow
the instructions for submitting
comments. Comments must be
identified by docket number DHS–
2009–0026.
Comments that include trade secrets,
confidential commercial or financial
information, Chemical-terrorism
Vulnerability Information (CVI),
Sensitive Security Information (SSI), or
Protected Critical Infrastructure
Information (PCII) should not be
submitted to the public regulatory
docket. Please submit such comments
separately from other comments in
response to this notice. Comments
containing trade secrets, confidential
commercial or financial information,
CVI, SSI, or PCII should be
appropriately marked and submitted by
mail to the DHS/NPPD/IP/ISCD CFATS
Program Manager at the Department of
Homeland Security, 245 Murray Lane,
SW., Mail Stop 0610, Arlington, VA
20528–0610. Comments must be
identified by docket number DHS–
2009–0026.
FOR FURTHER INFORMATION CONTACT: A
copy of this ICR, with applicable
supporting documentation, may be
obtained through the Federal
Rulemaking Portal at http://
www.regulations.gov.
SUPPLEMENTARY INFORMATION:
Program Description
The Chemical Facility Anti-Terrorism
Standards (CFATS), 6 CFR part 27,
require high-risk chemical facilities to
submit information about facility
personnel and, as appropriate,
unescorted visitors with access to
restricted areas or critical assets at those
facilities. This information will be
vetted by the Federal Government
against the Terrorist Screening Database
(TSDB), the consolidated and integrated
terrorist watchlist maintained by the
Federal Government, to identify known
or suspected terrorists (i.e., individuals
with terrorist ties).
E:\FR\FM\13APN1.SGM
13APN1
Federal Register / Vol. 75, No. 70 / Tuesday, April 13, 2010 / Notices
High-risk chemical facilities must also
perform other relevant background
checks in compliance with CFATS
Personnel Surety Risk-Based
Performance Standard 12 (RBPS–12).
See 6 CFR 27.230(a)(12)(i–iii): High-risk
chemical facilities must ‘‘perform
appropriate background checks * * *
including (i) Measures designed to
verify and validate identity; (ii)
Measures designed to check criminal
history; [and] (iii) Measures designed to
verify and validate legal authorization to
work.’’ The CFATS Personnel Surety
Program is not intended to halt, hinder,
or replace high-risk chemical facilities’
performance of background checks
which are currently required for
employment or access to secure areas of
those facilities.
sroberts on DSKD5P82C1PROD with NOTICES
Background
On October 4, 2006, the President
signed the Department of Homeland
Security Appropriations Act of 2007
(the Act), Public Law 109–295. Section
550 of the Act provides DHS with the
authority to regulate the security of
high-risk chemical facilities.
Section 550 requires that DHS
regulations establish CFATS RBPS.
RBPS–12 (6 CFR 27.230(a)(12)(iv))
requires that regulated chemical
facilities implement ‘‘measures designed
to identify people with terrorist ties.’’
The ability to identify individuals with
terrorist ties requires the use of
information held in Governmentmaintained databases, which are
unavailable to high-risk chemical
facilities. Therefore, DHS is
implementing the CFATS Personnel
Surety Program, which will allow
chemical facilities to comply with
RBPS–12 by implementing ‘‘measures
designed to identify people with
terrorist ties.’’
Overview of CFATS Personnel Surety
Process
The CFATS Personnel Surety Program
will work with the DHS Transportation
Security Administration (TSA) to
identify individuals who have terrorist
ties by comparing information
submitted by each high-risk chemical
facility to the information of known or
suspected terrorists who are listed in the
TSDB.
Information will be submitted to DHS
through the Chemical Security
Assessment Tool (CSAT), the online
data collection portal for CFATS. The
representative(s) of each high-risk
chemical facility will submit the
information of affected individuals to
DHS through CSAT. The
representative(s) of each high-risk
chemical facility will also certify that
VerDate Nov<24>2008
18:37 Apr 12, 2010
Jkt 220001
18851
the information is (1) true, correct, and
complete, and (2) collected and
submitted in compliance with the
facility’s Site Security Plan (SSP). The
representative(s) of each high-risk
chemical facility will also affirm that
notice required by the Privacy Act of
1974, 5 U.S.C. 552a, has been given to
affected individuals before their
information is submitted to DHS.
DHS will send a verification of
submission to the representative(s) of
each high-risk chemical facility when a
high-risk chemical facility (1) Submits
information about an affected individual
for the first time, (2) submits updated or
corrected information about an affected
individual, and/or (3) notifies DHS that
an affected individual no longer has
access to that facility’s restricted areas
or critical assets.
Upon receipt of each affected
individual’s information in CSAT, DHS
will send a copy of the information to
TSA. Within TSA, the Office of
Transportation Threat Assessment and
Credentialing (TTAC) conducts
screening and vetting of information
against the TSDB for many DHS
programs. On behalf of DHS, TTAC will
compare the information of affected
individuals collected by DHS to the
information of known or suspected
terrorists on the TSDB. TTAC will
forward the results from potential
matches to the Federal Bureau of
Investigation’s Terrorist Screening
Center (TSC), which will make a final
determination of whether an individual
is a match to a known or suspected
terrorist listed in the TSDB.
In the event that there is a positive
match to an identity in the TSDB, the
TSC will notify the appropriate Federal
law enforcement agency for
coordination, investigative action, and/
or response, as appropriate. DHS will
neither routinely provide vetting results
to high-risk chemical facilities, nor will
it provide results to an affected
individual whose information was
submitted by a high-risk chemical
facility. As warranted, high-risk
chemical facilities may be contacted by
the Department or Federal law
enforcement as a part of appropriate law
enforcement investigation activity. (See
the amendment to the FBI’s Terrorist
Screening Records System, published in
the Federal Register on August 22,
2007, at 72 FR 47073.)
•
•
•
•
•
•
•
Information Collected
DHS may collect the following
information from individuals:
• Full name
• Date of birth
• Place of birth
• Gender
Affected Population
6 CFR 27.230(a)(12) requires facility
personnel and, as appropriate,
unescorted visitors who have access to
restricted areas or critical assets to
undergo background checks. This
affected population will include (1)
PO 00000
Frm 00069
Fmt 4703
Sfmt 4703
Citizenship
Passport information
Visa information
Alien registration number
DHS Redress Number (if available)
Work phone number(s)
Work e-mail address(es)
DHS will collect information that
identifies the high-risk chemical facility
or facilities, to which the affected
individual has access to restricted areas
or critical assets. As applicable, DHS
will also collect information to verify
that an affected individual is currently
enrolled in a DHS program which relies
on DHS-performed TSDB checks, in
addition to other program-specific
requirements.
DHS may request additional
information on an affected individual to
confirm that the individual is or is not
a match to a known or suspected
terrorist in the TSDB. DHS may
randomly select a small percentage of
affected individuals for further
verification as part of data accuracy
review and auditing processes. In order
to assist with this confirmation and
verification, DHS may request
additional information on affected
individuals from the high-risk chemical
facilities which have submitted their
information to the Department. DHS
may also collect information about
points of contact at each high-risk
chemical facility, and which points of
contact the Department or Federal law
enforcement personnel may contact
with follow-up questions. However, a
request for additional information from
DHS does not imply, and should not be
construed to indicate, that an individual
is known or suspected to be associated
with terrorism.
DHS may collect information on
affected individuals as necessary to
enable it to provide redress for
individuals who believe that they have
been improperly impacted by the
Personnel Surety Program. The
information collected may include
information necessary to conduct
adjudications under subpart C of
CFATS, 6 CFR 27.300–27.345.
DHS will also collect administrative
or programmatic information (e.g.,
affirmations or certifications of
compliance, extension requests, brief
surveys for process improvement, etc.)
necessary to manage the CFATS
Personnel Surety Program.
E:\FR\FM\13APN1.SGM
13APN1
18852
Federal Register / Vol. 75, No. 70 / Tuesday, April 13, 2010 / Notices
facility personnel (e.g., employees and
contractors) who have access, either
unescorted or otherwise, to restricted
areas or critical assets, and (2)
unescorted visitors who have access to
restricted areas or critical assets.
These background checks do not
affect facility personnel who do not
have access to facilities’ restricted areas
or critical assets, nor do they affect
escorted visitors.
Linking Affected Individuals to Specific
CFATS Covered Facilities
To comply with CFATS, high-risk
chemical facilities are required to
identify who is an affected individual,
and at which high-risk chemical facility
or facilities each affected individual has
access to restricted areas or critical
assets. DHS intends to collect this
information through CSAT.
sroberts on DSKD5P82C1PROD with NOTICES
Personnel Surety Submission Schedule
To Check for Terrorist Ties
DHS will establish a CFATS
Personnel Surety Submission schedule
for high-risk chemical facilities when
submitting information to DHS to check
for terrorist ties under 6 CFR
27.230(a)(12)(iv). The schedule will be
published in the Federal Register. The
schedule, when published, will require:
(1) An initial submission of information
either within a certain number of days
after DHS issues a letter of authorization
or within certain number of days after
publication of the schedule, whichever
is later; (2) additional submissions for
individuals that become newly affected
(e.g., new hires or other individuals
given access to a restricted area or
critical asset); (3) updates or corrections
to information for affected individuals
whose information has previously been
submitted; and (4) notification when an
affected individual no longer has access
to a restricted area or critical asset. The
schedule will likely vary by final tier. A
proposed schedule is provided in
subpart (B) of the ‘‘Response To
Comments Received During The 60-Day
Comment Period’’ section of this 30-Day
notice. High-risk chemical facilities may
request extensions or variances from
this schedule based on unique or
unusual circumstances.
Request for Exception to the
Requirement Under 5 CFR 1320.8(b)(3)
DHS is requesting from OMB an
exception for the CFATS Personnel
Surety Program to the Paperwork
Reduction Act (PRA) requirement, as
contained in 5 CFR 1320.8(b)(3), which
requires Federal agencies to confirm
that their information collections
provide certain reasonable notices,
under the Paperwork Reduction Act, to
VerDate Nov<24>2008
17:33 Apr 12, 2010
Jkt 220001
affected individuals. If this exception is
granted, DHS will be relieved of the
potential obligation to require high-risk
chemical facilities to collect signatures
or other positive affirmations of these
notices from affected individuals.
Whether or not this exception is
granted, DHS will still require high-risk
facilities to affirm that required Privacy
Act notice has been provided to affected
individuals before personal information
is collected. See 5 U.S.C. 552a(e)(3).
DHS’s request for an exception to the
requirement under 5 CFR 1320.8(b)(3)
would not exempt high-risk chemical
facilities from having to adhere to
applicable Federal, State, local, or tribal
laws, or to regulations or policies
pertaining to the privacy of facility
personnel and the privacy of unescorted
visitors.
Responses to Comments Received
During the 60-Day Comment Period
DHS received 17 comments in
response to the 60-day notice for
comment. Comments were received
from three private citizens, four private
sector companies, seven associations,
one training council, and one
professional society. One additional
comment was a jointly submitted
comment. Many of the comments were
in response to the questions posed by
DHS in the 60-day notice for comments.
In this section of this notice, DHS first
addresses specific questions that the
Department solicited, then other
comments related to the Personnel
Surety Program, and finally unsolicited
comments received in response to the
60-day notice.
(A) On behalf of OMB, DHS solicited
comments that evaluate whether the
proposed collection of information is
necessary for the proper performance of
the functions of the agency, including
whether the information will have
practical utility.
Comment: Commenters challenged
the practical utility of requiring highrisk chemical facilities to update
previously submitted information.
Response: The information collected
by DHS is generally static. However,
DHS will require each high-risk
chemical facility to update and correct
information previously submitted about
affected individuals. Updates and
corrections do not necessarily need to
be made immediately when submitted
information changes; rather, DHS will
require high-risk facilities to make
updates and corrections in accordance
with a DHS-approved schedule.
For example, when a high-risk
chemical facility becomes aware that an
affected individual’s information has
changed (e.g., when a high-risk
PO 00000
Frm 00070
Fmt 4703
Sfmt 4703
chemical facility becomes aware that an
affected individual has changed his/her
name), the high-risk chemical facility
must update the submitted information.
DHS will also require a high-risk
chemical facility to correct previously
submitted information when the highrisk chemical facility becomes aware
that an affected individual’s information
is incorrect (e.g., an affected
individual’s place or date of birth).
Requiring high-risk chemical facilities
to update and correct information about
affected individuals will increase the
accuracy of the data collected, and
decrease the probability of incorrect
matches to the information of known or
suspected terrorists listed on the TSDB.
One piece of information that may
change is the list of high-risk chemical
facilities within one company or
organization to which an affected
individual has access. When such a
change occurs, updates are not required
immediately but rather in accordance
with a schedule to be published by
DHS.
Comment: Commenters challenged
the practical utility of requiring highrisk chemical facilities to notify the
Department when an affected individual
no longer has access to a high-risk
chemical facility’s restricted area(s) or
critical asset(s). Commenters suggested
that this notification by a high-risk
chemical facility to DHS would provide
no value in the context of terrorism
screening.
Response: DHS will not rely on a
single, one-time check to determine that
an affected individual has ties to
terrorism. Instead, DHS will continue to
vet an affected individual’s information
against new and/or updated TSDB
records as they become available, for as
long as the affected individual has
access to a high-risk chemical facility’s
restricted area(s) or critical asset(s). This
process is referred to as ‘‘recurrent
vetting’’ and is a standard DHS vetting
practice. DHS will require high-risk
chemical facilities to notify the
Department when an affected individual
no longer has access to a high-risk
chemical facility’s restricted areas or
critical assets so that the Department
can cease recurrent vetting of the
affected individual.
Comment: Many commenters
suggested that the proposed collection
of information is needless and
duplicative. Specifically, commenters
suggested that the proposed information
collection will place an undue burden
on industry—in regard to time, money
and other resources—by creating a
program which duplicates an existing
DHS screening or vetting program, such
as the Transportation Worker
E:\FR\FM\13APN1.SGM
13APN1
Federal Register / Vol. 75, No. 70 / Tuesday, April 13, 2010 / Notices
Identification Credential (TWIC)
program.
Response: TWIC’s authorizing statute,
the Maritime Transportation Security
Act of 2002 (MTSA), as amended, 46
U.S.C. 70101 et seq., explicitly applies
‘‘transportation security card’’
requirements only to: ‘‘individual[s]
allowed unescorted access to secure
area[s] designated in * * * [maritime]
vessel or [maritime] facility security
plan[s]’’ (§ 70105(b)(2)(A)); certain
MTSA license and permit holders
(§ 70105(b)(2)(B)); maritime vessel pilots
(§ 70105(b)(2)(C)); maritime towing
vessel personnel (§ 70105(b)(2)(D));
individuals with access to certain
protected maritime security information
(§ 70105(b)(2)(E)); and ‘‘other
individuals engaged in port security
activities’’ (§ 70105(b)(2)(F)).
Furthermore, individuals are only
eligible to receive TWICs if they have
not committed certain ‘‘disqualifying
criminal offense[s],’’ or if they do not
meet certain ‘‘immigration status
requirements’’ 49 CFR 1572.5(a)(1)–(2).
However, the CFATS authorizing statute
applies to ‘‘chemical facilities that * * *
present high levels of security risk’’
Department of Homeland Security
Appropriations Act of 2007, Public Law
109–295, section 550 (Oct. 4, 2006), as
amended. CFATS Personnel Surety
Program requirements apply only to
high-risk chemical facilities’ ‘‘personnel,
sroberts on DSKD5P82C1PROD with NOTICES
Initial Submission of Affected Individual’s Information.
Submission of a New Affected Individual’s Information.
Submission of Updates
and Corrections to an
Affected Individual’s Information.
Submission of notification
that an affected individual no longer has access.
determined that a TSDB check is
necessary for the purpose of protecting
restricted areas and critical assets of
high-risk chemical facilities from
persons who may have ties to terrorism.
See 72 FR 17708. The TSDB is the
Federal Government’s integrated and
consolidated terrorist watchlist and is
the appropriate database to identify
individuals with terrorist ties.
(B) On behalf of OMB, DHS solicited
comments which evaluate the accuracy
of the Department’s estimate of the
burden of the proposed collection of
information, including the validity of
the methodology and assumptions used.
Comment: Commenters suggested that
DHS did not provide sufficient detail
about the proposed information
collection to adequately evaluate the
estimated burden.
Response: In order to provide the
public with more information to
evaluate the estimated burden, the
Department has established the
information submission schedule
outlined below. The Department will
review comments received in response
to this 30-day notice when finalizing the
DHS schedule for submitting
information. High-risk chemical
facilities will be notified of the final
DHS schedule prior to its
implementation. The final DHS
schedule will also be published in the
Federal Register.
Final tier 1
Final tier 2
Final tier 3
Final tier 4
60 days after DHS issues
a letter of authorization.
60 days after DHS issues
a letter of authorization.
90 days after DHS issues
a letter of authorization.
90 days after DHS issues
a letter of authorization.
Within 30 days of being
granted access.
Within 30 days of being
granted access.
Within 60 days of being
granted access.
Within 60 days of being
granted access.
Within 90 days of becoming aware of the need
for an update or correction.
Within 90 days of access
being removed.
Within 90 days of becoming aware of the need
for an update or correction.
Within 90 days of access
being removed.
Within 90 days of becoming aware of the need
for an update or correction.
Within 90 days of access
being removed.
Within 90 days of becoming aware of the need
for an update or correction.
Within 90 days of access
being removed.
Comment: Commenters generally
believed the mechanics of the
information submission and update
process could place a heavy burden on
high-risk facilities. One commenter
indicated that DHS could expect
submissions to be in the tens of
thousands per month. Commenters
suggested that the proposed 35-minute
burden for the information collection
was based on an incomplete estimate,
and did not account for the duplicative
submission of affected individuals’
information by multiple high-risk
VerDate Nov<24>2008
and as appropriate * * * unescorted
visitors with access to restricted areas or
critical assets’’ 6 CFR 27.230(a)(12).
Moreover, facilities regulated under
MTSA are exempt from CFATS.
Accordingly, the CFATS Personnel
Surety Program is not duplicative of the
TWIC program.
DHS recognizes that some affected
individuals under CFATS possess
TWICs or other credentials that rely on
DHS-conducted TSDB vetting (e.g., an
individual vetted under the TWIC
program). DHS intends to reduce the
burden of this collection by recognizing
previous TSDB vetting results
conducted by DHS. Therefore, an
affected individual who possesses a
current and valid TWIC will likely
require less information to be submitted
than an affected individual who does
not have a TWIC. Some additional
personal information will be required in
order to verify that the affected
individual has a previous TSDB vetting
result upon which the TWIC was issued.
Comment: One comment suggested
that the vetting of affected individuals
against the TSDB has little practical
utility in identifying terrorists due to the
large number of individuals whose
names appear on the TSDB, even though
they are not actually threats to national
security.
Response: As indicated in the CFATS
interim final rule, the Department has
18853
17:33 Apr 12, 2010
Jkt 220001
chemical facilities in the cases of
individuals who have access to
restricted areas or critical assets at
multiple facilities.
Response: The estimated burden
relied on the regulatory evaluation
published for CFATS on April 1, 2007.
In the regulatory evaluation, the
Department estimated that 1,063,200
affected individuals would be vetted
against the TSDB (i.e., 29,533 per
month) over a three-year period. This
estimate allows for the possibility that a
specific individual could have access at
PO 00000
Frm 00071
Fmt 4703
Sfmt 4703
multiple high-risk chemical facilities.
The Department’s population estimate
also aligns with the commenters’
expectations that DHS should expect
tens of thousands of submissions during
each month.
The estimated time for a responsible
entity to submit the information of each
affected individual through the CSAT
portal is 0.59 hours per individual. This
estimate is based upon the CFATS
regulatory evaluation. The estimated
time per affected individual was derived
by assuming that (1) 30 minutes is
E:\FR\FM\13APN1.SGM
13APN1
sroberts on DSKD5P82C1PROD with NOTICES
18854
Federal Register / Vol. 75, No. 70 / Tuesday, April 13, 2010 / Notices
required to type in the required
information for every affected
individual once; (2) 5 percent of affected
individuals will have some element of
their information change annually,
requiring 10 additional minutes of
effort; and (3) 20 percent of affected
individuals will lose access to restricted
areas or critical assets annually, which
will require 10 additional minutes of
effort to remove each affected
individual’s information from CSAT.
DHS believes that the information
contained in this notice, in the
Personnel Surety Program’s 60-day PRA
notice preceding this notice (74 FR
27555 (June 10, 2009)), and in the
CFATS regulatory evaluation provides
sufficient detail about the proposed
Personnel Surety Program’s information
collection process.
Comment: One commenter suggested
that the Department’s estimate of the
burden may not have accounted for the
burden an affected individual incurs
from investigations and adverse
employment decisions that may result
from the individual’s possibly
unjustified presence on the TSDB.
Response: The burden outlined in this
30-day notice is limited in scope to
those activities listed in 5 CFR
1320.3(b)(1). Specifically, 5 CFR
1320.3(b)(1) requires the Department to
estimate the total time, effort, or
financial resources expended by persons
to generate, maintain, retain, or disclose
or provide information to or for a
Federal agency.
The Department is also seeking to
collect five core data elements about
each individual to be vetted under the
Personnel Surety Program: Full name,
date of birth, place of birth, gender, and
citizenship. When taken together, these
identifiers will minimize false positive
matches to the TSDB. Furthermore, each
potential match will be manually
reviewed by Department adjudicators
who have expertise in evaluating
matches prior to confirmation that an
individual’s information matches the
information of a known or suspected
terrorist.
(C) On behalf of OMB, DHS solicited
comments to enhance the quality,
utility, and clarity of the information to
be collected.
Comment: Most of the commenters
requested additional clarity about what
information DHS will routinely collect
and update. Several commenters
suggested that the information collected
should be limited to information which
is necessary to conduct an inquiry
against the TSDB. One commenter also
suggested that the information should
be limited to personal information that
is unlikely to change.
VerDate Nov<24>2008
17:33 Apr 12, 2010
Jkt 220001
Response: As outlined earlier in this
30-day notice, DHS will routinely
collect an affected individual’s full
name, date of birth, place of birth,
gender, and citizenship. DHS will also
collect information that identifies the
high-risk chemical facility or facilities to
which the affected individual has
access. DHS has limited the information
routinely collected to include only that
which is (1) Necessary to conduct a
TSDB check and adjudicate potential
matches, (2) unlikely to change, and (3)
is essential for quickly understanding
the risk a known or suspected terrorist
poses to high-risk chemical facilities.
DHS will not require immediate
reporting of updates to previously
submitted information. As previously
discussed in this notice, DHS will
permit high-risk chemical facilities to
update information on a periodic basis
in compliance with a DHS-approved
schedule.
Comment: Most commenters
commended DHS for intending to
recognize the previous TSDB vetting
results completed by other DHS
programs, such as the TWIC program.
Several commenters, however,
suggested that DHS should not collect
information from high-risk chemical
facilities for the purpose of verifying the
validity of credentials issued as part of
other DHS programs (which conduct
TSDB vetting) because the burden of
data collection necessary to verify such
credentials could be burdensome.
Response: In lieu of conducting new
TSDB vetting on all affected
individuals, DHS intends to recognize
the results of previous TSDB vetting
conducted on individuals enrolled in
certain other DHS programs.
Specifically, DHS is considering
recognizing the previous TSDB vetting
results completed by other DHS
programs, such as TWIC, and the
Trusted Traveler Programs (Secure
Electronic Network for Travelers Rapid
Inspection (SENTRI), Free and Secure
Trade (FAST), and NEXUS). Further,
DHS is also considering recognizing the
results of TSDB vetting (conducted by
DHS) upon which each State relies
when issuing a Commercial Driver’s
License with a Hazardous Materials
Endorsement (HME).
This will likely require fewer pieces
of information than are required to vet
an individual who is not enrolled in
another vetting program. DHS believes
the burden of collecting those fewer
pieces of information is accounted for in
the estimated burden.
This approach will also limit the
number of instances in which different
DHS programs may vet the same
affected individual against the TSDB. If
PO 00000
Frm 00072
Fmt 4703
Sfmt 4703
other programs’ vetting results cannot
be verified without substantial effort,
DHS may initiate new vetting of an
affected individual’s information against
the TSDB.
Comment: Several commenters
recommended that the Department
recognize and offer reciprocity to the
background checks, which include
vetting against the TSDB, as conducted
by the Department of Justice Bureau of
Alcohol, Tobacco, Firearms and
Explosives (ATF). Commenters
suggested that without this
accommodation, the regulatory overlap
between the two agencies will impose
unreasonable burdens.
Response: ATF does not conduct
recurrent vetting against the TSDB, and
thus is not appropriate as a reciprocal
program to meet the requirements of
CFATS.
(D) On behalf of OMB, DHS solicited
comments regarding the minimization
of the burden of information collection
on those who are to respond, including
through the use of appropriate
automated, electronic, mechanical, or
other technological collection
techniques or other forms of information
technology (e.g., permitting electronic
submissions of responses).
Comment: Commenters encouraged
DHS to consider the procedural and
logistical challenges of large-scale data
collection and transmission when
developing the Personnel Surety portal
component of CSAT. Specifically,
commenters suggested that DHS permit
each high-risk chemical facility to
transmit data collectively (e.g., via a
spreadsheet or other readily available
electronic means). In other words, a
high-risk chemical facility would collect
the required information in a single file
(or series of files) and upload it to DHS.
Anything to the contrary—such as
manual entry of discrete information
into data fields—would result in an
undue burden to the regulated
community, increase human error, and
raise information security concerns.
Response: DHS will enable high-risk
chemical facilities to upload
information electronically about
multiple affected individuals
collectively. DHS would welcome
suggestions about what technical
standards, formats, or export/import
capabilities are in use by high-risk
chemical facilities to facilitate such data
submission.
Comment: Many commenters
suggested that third parties be
authorized to support data submission
to the Department. Specifically, many
commenters suggested that DHS should
permit third party vendors to enter
information into CSAT on a facility’s
E:\FR\FM\13APN1.SGM
13APN1
sroberts on DSKD5P82C1PROD with NOTICES
Federal Register / Vol. 75, No. 70 / Tuesday, April 13, 2010 / Notices
behalf. One commenter suggested that
(1) Background check providers
understand the information security and
privacy protections that apply to
information; (2) a web of Federal, State,
and local laws protect information
(many corporations outsource personnel
surety needs for this reason); and (3)
experienced background check
providers will help high-risk chemical
facilities ensure that compliance with
CFATS does not cause noncompliance
with other laws which govern the
collection, use, storage, or destruction of
information.
Response: To support the submission
of information by high-risk chemical
facilities, DHS has historically
allowed—and will continue to allow—
authorized third-party access to CSAT
as a Preparer. Information about the
CSAT Preparer user role can be found
at http://www.dhs.gov/chemicalsecurity.
Comment: A few commenters
suggested that high-risk chemical
facilities receive an electronic
acknowledgement that the submitted
information has been received. Such an
acknowledgement would aid in
demonstrating a high-risk chemical
facility’s compliance with 6 CFR
27.230(a)(12)(iv).
Response: DHS will send an
electronic verification of submission to
high-risk chemical facilities when a
high-risk chemical facility (1) Submits
information about an affected individual
for the first time, (2) submits updated or
corrected information about an affected
individual, and/or (3) notifies DHS that
an affected individual no longer has
access to restricted areas or critical
assets.
(E) DHS solicited comments that
respond to the Department’s
interpretation of the population affected
by RBPS–12’s background check
requirement.
Comment: Many commenters
provided extensive responses to the
Department’s interpretation of the
population which is affected by RBPS–
12. The comments suggested that the
Department’s interpretation expanded
the definition beyond the scope of
CFATS. The comments referenced the
preamble to the CFATS Interim Final
Rule, in which DHS stated that each
facility ‘‘shall identify critical assets and
restricted areas and establish which
employees and contractors may need
unescorted access to those areas or
assets, and thus must undergo a
background check’’ 72 FR 17708 (Apr. 7,
2007). Commenters also suggested that
vetting escorted facility personnel is
inconsistent with other regulatory
schemes (e.g., TWIC).
VerDate Nov<24>2008
17:33 Apr 12, 2010
Jkt 220001
Response: The regulatory text makes
no distinction between facility
personnel who are escorted and facility
personnel who are unescorted. The
actual text of CFATS, at 6 CFR
27.230(a)(12), uses the term
‘‘unescorted’’ to modify only the noun
‘‘visitors.’’ As such, if facility personnel
have access, either unescorted or
otherwise (e.g., escorted), to restricted
areas or critical assets, then they are
affected individuals who must be
screened for the purposes of the
Personnel Surety Program.
However, the preamble to the CFATS
Interim Final Rule could be read to
imply that a different population would
undergo vetting rather than the
population suggested in the regulatory
text of CFATS. To the extent that there
is a potential conflict, the regulatory text
of CFATS takes precedence. As such,
the populations of individuals who
must be vetted under 6 CFR
27.230(a)(12) are the same as those
described in the 60-day notice
preceding this 30-day notice: (1) Facility
personnel (e.g., employees and
contractors) with access (unescorted or
otherwise) to restricted areas or critical
assets, and (2) unescorted visitors with
access to restricted areas or critical
assets.
DHS would like to underscore that a
high-risk chemical facility has wide
latitude in its unique and tailored SSP
regarding the terms under which facility
personnel will be granted access, either
unescorted or otherwise, to restricted
areas and critical assets. Each high-risk
chemical facility will need to consider
its unique security concerns when
determining which individuals will be
afforded access to restricted areas or
critical assets.
Additionally, DHS will expect that
each facility be able to explain why an
individual is an affected individual.
Specifically, an affected individual must
meet one and only one of the following
three criteria: (1) The individual is
facility personnel with unescorted
access to restricted areas or critical
assets; (2) the individual is facility
personnel with access, but not
unescorted access, to restricted areas or
critical assets; or (3) the individual is an
unescorted visitor with access to
restricted areas or critical assets.
(F) DHS solicited comments which
respond to the statement that a Federal
law enforcement agency may, if
appropriate, contact the high-risk
chemical facility as a part of a law
enforcement investigation into terrorist
ties of facility personnel.
Comment: One commenter expressed
concern that contact from a Federal law
enforcement agency about an individual
PO 00000
Frm 00073
Fmt 4703
Sfmt 4703
18855
who is properly on the watchlist but is
innocent nevertheless may result in
adverse employment decisions.
Response: Contact by a Federal law
enforcement organization does not
necessarily indicate that any affected
person is a known or suspected terrorist.
Further, employment decisions made by
a high-risk chemical facility in response
to contact by a Federal law enforcement
agency are not regulated by CFATS. A
corporation or facility should ensure
that it is complying with all applicable
laws, including applicable state
regulations, when considering
employment decisions.
It should also be noted that DHS will
randomly audit its vetting processes in
an effort to maximize vetting accuracy
and Personnel Surety Program
efficiency. As part of this auditing, DHS
may request information on a small
percentage of affected individuals after
those individuals have been initially
vetted against the TSDB. A request for
additional information does not imply,
and should not be construed to indicate,
that an individual is known or
suspected to be associated with
terrorism.
(G) DHS solicited comments which
respond to the Department’s intention to
seek an exception to the notice
requirement under 5 CFR 1320.8(b)(3).
Comment: DHS received several
comments in response to the
Department’s intention to seek an
exception to the PRA’s notice
requirement. Every comment expressed
concern about the impact to an affected
individual’s right to be granted notice
under the Privacy Act. See 5 U.S.C.
552a(e)(3).
Response: The request for an
exception to 5 CFR 1320.8(b)(3) is
related to the PRA and unrelated to the
Privacy Act; 5 CFR 1320.8(b)(3) requires
that each collection of information shall
inform and provide reasonable notice to
the potential persons to whom the
collection of information is addressed.
The request by DHS for an exception to
5 CFR 1320.8(b)(3) from OMB will
ensure that DHS will be relieved of the
potential obligation to require high-risk
chemical facilities to collect signatures
or other positive affirmations of these
notices from affected individuals
(although high-risk chemical facilities
would not be precluded from collecting
signatures or other positive affirmations
of notice if this exception is granted).
This exception will then afford high-risk
chemical facilities wide latitude in
choosing how to collect, recollect, or
leverage already collected data based
upon their unique business operations
and processes.
E:\FR\FM\13APN1.SGM
13APN1
sroberts on DSKD5P82C1PROD with NOTICES
18856
Federal Register / Vol. 75, No. 70 / Tuesday, April 13, 2010 / Notices
Because the information being
collected under this information
collection request is information that
will be used to identify individuals with
known or suspected terrorist ties, the
Department believes that it is important
for affected individuals to be informed
of the Government’s intended use of
their information. However, under
CFATS the Department regulates highrisk chemical facilities and not affected
individuals. Although the affected
individual is ultimately the source of
the collected information, the burden of
submitting the collected data to DHS
lies on the high-risk chemical facility.
(For example, high-risk chemical
facilities may collect affected
individuals’ information by having
affected individuals fill out forms, or
high-risk chemical facilities may submit
batch files extracted from databases
which contain the necessary
information previously collected from
affected individuals.) An exception to 5
CFR 1320.8(b)(3) will ensure that the
Department does not need to inspect,
audit, or receive confirmation (e.g.,
signatures of acknowledgement from
affected individuals) from high-risk
chemical facilities where every affected
individual has received notice under the
PRA of this information collection.
The Department’s request for an
exception to 5 CFR 1320.8(b)(3) of the
PRA is not a request for an exception to
provide notice to affected individuals
under the Privacy Act. If this exception
is granted, high-risk chemical facilities
will be relieved of the potential
obligation to collect signatures or other
positive affirmations from affected
individuals, but will still be obligated to
affirm that required privacy notice has
been provided to affected individuals
before personal information is collected.
Comment: Several commenters
suggested that affected individuals
should be notified in writing that they
must undergo background checks
consistent with the requirements of 6
CFR 27.230 as a condition of
employment at any high-risk chemical
facility. Commenters also suggested that
affected individuals should be advised
of their rights to contest the findings of
background checks, and of how to
contest those findings.
Response: No affirmative written
statements of this sort are required by
CFATS. However, DHS has discussed
Personnel Surety Program background
check requirements in CFATS in the
Advanced Notice of Rulemaking
preceding CFATS (71 FR 78276 (Dec.
28, 2006)), the CFATS Risk-Based
Performance Standards Guidance
Document (May 2009), and the
VerDate Nov<24>2008
17:33 Apr 12, 2010
Jkt 220001
Personnel Surety Program’s 60-day PRA
notice (74 FR 27555 (June 10, 2009)).
(H) DHS also received unsolicited
comments in response to the 60-day
notice related to the CFATS Personnel
Surety Program.
Comment: One commenter expressed
disappointment in the proposed
information collection, because the
commenter believed that the collection
approach did not guarantee the
availability of all due process
protections under notice and comment
rulemaking pursuant to the
Administrative Procedure Act (APA).
Response: Through this notice and
through DHS’s June 10, 2009, 60-day
PRA notice, 74 FR 27555 (June 10,
2009), DHS is fulfilling its obligations to
solicit and respond to public comment
under the PRA. DHS’s PRA publications
detail (1) which data points the
Department will collect in order to
conduct vetting against the TSDB; (2)
how the Department will collect those
data points; and (3) how the Department
will perform vetting against the TSDB.
This type of program description is the
type of detail which is appropriate in a
PRA notice, because it allows DHS to
solicit comments on how to improve the
proposed information collection and to
consider ways to reduce the burden the
CFATS Personnel Surety Program will
place on affected individuals and highrisk chemical facilities.
Comment: Many commenters
expressed concern that DHS would not
notify high-risk chemical facilities when
affected individuals are determined to
be known or suspected terrorists.
Commenters stated that as a result of
such lack of notification, high-risk
chemical facilities may unknowingly
grant access to individuals who are
known or suspected to have terrorist
ties, thereby subjecting facility
personnel and surrounding
communities to unnecessary risk. Some
of the commenters acknowledged that
there may be circumstances when it is
either appropriate or inappropriate to
contact a facility in the context of a law
enforcement investigation, but stated
that DHS should not withhold TSDB
vetting results as a general matter. Other
commenters suggested that DHS should
always notify facilities about known or
suspected terrorists to enable
appropriate facility action, such as
potentially limiting or denying known
or suspected terrorists’ access to
restricted areas or critical assets.
Response: DHS will not routinely
notify high-risk chemical facilities of
Personnel Surety Program vetting
results. DHS will coordinate with
Federal law enforcement entities to
monitor and/or prevent situations in
PO 00000
Frm 00074
Fmt 4703
Sfmt 4703
which known or suspected terrorists
have access to high-risk chemical
facilities. The precise manner in which
DHS or Federal law enforcement entities
could contact high-risk chemical
facilities following vetting are beyond
the scope of this PRA notice.
Comment: Commenters also suggested
that failure to notify an individual that
he/she is a known or suspected terrorist
would abrogate that individual’s right to
request an administrative adjudication
of a finding under RBPS–12 that he/she
is a potential security threat.
Response: Administrative
adjudications which contest findings
that affected individuals are potential
security threats are provided by 6 CFR
27.310(a)(1). The Department does not
intend to limit affected individuals’
abilities to request administrative
adjudications merely because it will not
routinely notify them of TSDB vetting
results. Individuals who believe they
have been adversely affected by vetting
may file Notices of Application for
Review with the Department.
Comment: One commenter
recommended that DHS should not
collect an acknowledgement of State
and local privacy law compliance from
high-risk chemical facilities. The
commenter suggested that requiring a
compliance certification would add
unnecessary procedural burden to the
Personnel Surety Program because DHS
is not responsible for State or local
privacy law compliance.
Response: DHS agrees with the
commenter and will not collect this
acknowledgement as part of Personnel
Surety Program information
submissions.
Solicitation of Comments
The Office of Management and Budget
is particularly interested in comments
which:
1. Evaluate whether the proposed
collection of information is necessary
for the proper performance of the
functions of the agency, including
whether the information will have
practical utility;
2. Evaluate the accuracy of the
agency’s estimate of the burden of the
proposed collection of information,
including the validity of the
methodology and assumptions used;
3. Enhance the quality, utility, and
clarity of the information to be
collected; and
4. Minimize the burden of the
collection of information on those who
are to respond, including through the
use of appropriate automated,
electronic, mechanical, or other
technological collection techniques or
other forms of information technology
E:\FR\FM\13APN1.SGM
13APN1
Federal Register / Vol. 75, No. 70 / Tuesday, April 13, 2010 / Notices
(e.g., permitting electronic submissions
of responses).
The Department is particularly
interested in comments which:
1. Respond to the Department’s
interpretation of the population affected
by RBPS–12 background checks, as
outlined in 6 CFR 27.230(a)(12);
2. Respond to fact that the Department
or a Federal law enforcement agency
may, if appropriate, contact the highrisk chemical facility as a part of a law
enforcement investigation into terrorist
ties of facility personnel;
3. Respond to the Department’s
intention to collect information that
identifies the high-risk chemical
facilities, restricted areas and critical
assets to which each affected individual
has access; and
4. Respond to the Department on its
intention to seek an exception to the
notice requirement under 5 CFR
1320.8(b)(3).
Analysis
sroberts on DSKD5P82C1PROD with NOTICES
Agency: Department of Homeland
Security, National Protection and
Programs Directorate, Office of
Infrastructure Protection, Infrastructure
Security Compliance Division.
Title: CFATS Personnel Surety
Program.
Form: Not Applicable.
OMB Number: 1670–NEW.
Frequency: As required by the DHSapproved schedule.
Affected Public: High-risk chemical
facilities as defined in 6 CFR part 27,
high-risk chemical facility personnel,
and as appropriate, unescorted visitors
with access to restricted areas or critical
assets.
Number of Respondents: 354,400
individuals.
Estimated Time per Respondent: 0.59
hours (35.4 minutes).
Total Burden Hours: 210,351.7 annual
burden hours.
Total Burden Cost (capital/startup):
$0.00.
Total Burden Cost (operating/
maintaining): $17,669,543.
Dated: March 6, 2010.
Thomas Chase Garwood, III,
Chief Information Officer, National Protection
and Programs Directorate, Department of
Homeland Security.
[FR Doc. 2010–8312 Filed 4–12–10; 8:45 am]
BILLING CODE 9110–9P–P
VerDate Nov<24>2008
17:33 Apr 12, 2010
Jkt 220001
DEPARTMENT OF HOMELAND
SECURITY
Office of the Secretary
[Docket No. DHS–2009–0146]
Privacy Act of 1974; Department of
Homeland Security Citizenship and
Immigration Services Ombudsman–
001 Virtual Ombudsman System of
Records
Privacy Office, DHS.
Notice of Privacy Act system of
AGENCY:
ACTION:
18857
FOR FURTHER INFORMATION CONTACT: For
general questions please contact:
Raymond Mills (202–357–8100), Privacy
Point of Contact, Office of the
Citizenship and Immigration Services
Ombudsman, Department of Homeland
Security, Washington, DC 20528. For
privacy issues please contact: Mary
Ellen Callahan (703–235–0780), Chief
Privacy Officer, Privacy Office,
Department of Homeland Security,
Washington, DC 20528.
SUPPLEMENTARY INFORMATION:
records.
I. Background
SUMMARY: In accordance with the
Privacy Act of 1974, the Department of
Homeland Security is giving notice that
it proposes to establish a new
Department of Homeland Security
system of records notice titled,
‘‘Department of Homeland Security
Citizenship and Immigration Services
Ombudsman–001 Virtual Ombudsman
System of Records.’’ This system of
records will ensure the efficient and
secure processing of information to aid
the Citizenship and Immigration
Services Ombudsman in providing
assistance to individuals, employers,
and their representatives in resolving
problems with U.S. Citizenship and
Immigration Services; identify areas in
which individuals, employers, and their
representatives have problems working
with U.S. Citizenship and Immigration
Services; and to the extent possible,
propose changes to mitigate problems
pursuant to 6 U.S.C. 272. This newly
established system will be included in
the Department of Homeland Security’s
inventory of record systems.
DATES: Submit comments on or before
May 13, 2010. This new system will be
effective May 13, 2010.
ADDRESSES: You may submit comments,
identified by docket number DHS–
2009–0146 by one of the following
methods:
• Federal e-Rulemaking Portal: http://
www.regulations.gov. Follow the
instructions for submitting comments.
• Fax: 703–483–2999.
• Mail: Mary Ellen Callahan, Chief
Privacy Officer, Privacy Office,
Department of Homeland Security,
Washington, DC 20528.
• Instructions: All submissions
received must include the agency name
and docket number for this rulemaking.
All comments received will be posted
without change to http://
www.regulations.gov, including any
personal information provided.
• Docket: For access to the docket to
read background documents or
comments received go to http://
www.regulations.gov.
Pursuant to the Privacy Act of 1974,
(5 U.S.C. 552a), the Department of
Homeland Security (DHS) Citizenship
and Immigration Services Ombudsman
(CISOMB) is giving notice that it
proposes to establish a new DHS system
of records notice titled, ‘‘DHS/CISOMB–
001 Virtual Ombudsman System of
Records.’’ This system of records will
ensure the efficient and secure
processing of information to aid the
CISOMB in providing assistance to
individuals, employers, and their
representatives in resolving problems
with U.S. Citizenship and Immigration
Services (USCIS); identify areas in
which individuals, employers, and their
representatives have problems working
with USCIS; and to the extent possible,
propose changes to mitigate problems
pursuant 6 U.S.C. 272.
CISOMB has developed the DHS/
CISOMB–001 Virtual Ombudsman
System of Records to ensure the
efficient and secure processing of
information and to aid the Ombudsman
in assisting individuals and employers
in making systemic recommendations to
USCIS. The core of the DHS/CISOMB–
001 Virtual Ombudsman System of
Records is CISOMB’s Web form 7001
which is a user interface Web-based
form which will automatically convert
information submitted by an individual
or employer into a case within
CISOMB’s account within Internet
Quorum/Enterprise Correspondence
Tracking (IQ/ECT) system. IQ/ECT is the
Department’s enterprise-wide
correspondence and case management
tracking system. This system allows the
Department’s headquarters and
components to manage cases and
resolve issues in a coordinated and
timely manner. For more information on
IQ/ECT, please view the Enterprise
Correspondence Tracking System PIA at
http://www.dhs.gov/privacy. The system
also enables CISOMB to segregate data
into several categories to generate
internal reports, provide customized
feedback to individuals and employers,
and supply real-time aggregated
PO 00000
Frm 00075
Fmt 4703
Sfmt 4703
E:\FR\FM\13APN1.SGM
13APN1
PUBLIC SUBMISSION
As of: May 13, 2010
Received: May 11, 2010
Status: Posted
Posted: May 11, 2010
Tracking No. 80aeaaf4
Comments Due: May 13, 2010
Submission Type: Web
Docket: DHS-2009-0026
Chemical Facility Anti-Terrorism Standard, PRA Notices for Comments on New Personnel Surety
Information Collection Request
Comment On: DHS-2009-0026-0020
Agency Information Collection Activities; Proposals, Submissions, and Approvals: Chemical Facility
Anti-Terrorism Standards Personnel Surety Program
Document: DHS-2009-0026-0021
Comment Submitted by Cynthia Hilton, Institute of Makers of Explosives- 2nd Comment
Submitter Information
Name: Cynthia Hilton
Address:
1120 Nineteenth St., NW
Suite 310
Washington, DC, 20036
Email: chilton@ime.org
Phone: 202-266-4319
Organization: Institute of Makers of Explosives
General Comment
See attached file.
Attachments
DHS-2009-0026-0021.1: Comment Submitted by Cynthia Hilton, Institute of Makers of
Explosives (Attachment)- 2nd Comment
file:///D|/Documents%20and%20Settings/matthew.bettridge/Desktop/DHS-2009-0026-0021_CP.html[5/13/2010 9:08:34 AM]
____________________________________________________________________________________________
The safety and security institute of the commercial explosives industry since 1913
May 11, 2010
Infrastructure Security Compliance Division
Office of Infrastructure Protection
National Protection and Programs Directorate
US Department of Homeland Security
Washington, DC 20528
RE: DHS‐2009‐0026 1
Information Collection Activity: Chemical Facility Anti‐Terrorism Standards Personnel Surety Program
OMB Control Number: 1670‐NEW
Dear Sir or Madam:
On behalf of the Institute of Makers of Explosives (IME), I am submitting comments on the US Department
of Homeland Security (DHS) Infrastructure Security Compliance Division’s (ISCD) new information collection
request (ICR) that deals with personnel surety requirements under the Chemical Facility Anti‐Terrorism
Standards (CFATS), which the agency will be submitting to the Office of Management and Budget (OMB).
Interest of the IME
The IME is a non‐profit association founded to provide accurate information and comprehensive
recommendations concerning the safety and security of commercial explosive materials. The IME
represents U.S. manufacturers and distributors of commercial explosive materials and oxidizers as well as
companies providing related services. These products are used in every state of the Union, and they are
literally the workhorse of our industrial society for which there is currently no alternative. Explosives are
essential to energy production, metals and minerals mining, construction activities and supplies, and
consumer products. IME members that are participating in the CFATS program will be impacted by the ISCD
personnel surety requirements.
Background
Since 1970, the safety and security of explosives has been closely regulated by the Bureau of Alcohol,
Tobacco, Firearms and Explosives (ATF) under Federal Explosives Law (FEL). In recognition of this close
regulation by ATF, the CFATS program applies to only a few named explosives. Nevertheless, explosives
manufacturing involves chemical precursors that are covered by the CFATS program. As a result, some
explosives manufacturing sites are subject to both programs.
FEL requires persons who import, manufacture, store, or distribute explosives to obtain a license, and those
who receive or use explosives and do not have a license, to obtain a permit. Among the many requirements
that these business entities must meet in order to obtain a license or a permit is to submit the names of all
employees who are authorized to possess 2 explosives or those empowered to make management decisions
or policies to ATF for a background check. The FEL standards for the background checks conducted by ATF
1
2
75 FR 18850 (April 13, 2010).
“Possession” is interpreted as both actual and constructive.
1120 Nineteenth St., NW, Suite 310, Washington, DC 20036 ◊ 202‐429‐9280
2
are the forerunner of the background check standards that were subsequently adopted by DHS for the
plethora of programs it administers for transportation workers. 3 Each is these DHS programs has adopted
the core disqualifications used by the ATF. The ATF threat assessment also includes a check against the
terrorist screening database (TSDB).
Comments
IME provided comments to ISCD’s initial June 10, 2009 notice of its intention to collect information about
persons with access to CFAT‐regulated restricted areas or critical assets for the purpose vetting the
information against the TSDB. 4 We appreciate ISCD’s clarifications and accommodation of some of our
comments as explained in this second agency notice. However, issues remain. With this perspective, IME
offers the following comments:
• Process: In our June 2009 comments, we expressed disappointment that ISCD has chosen to implement
this regulatory requirement through an ICR to OMB because it does not guarantee all of the process
protections available under notice and comment rulemaking pursuant to the Administrative Procedures
Act (APA). ISCD defends the ICR approach by pointing out that public comment was solicited. That is
one aspect of the protections that the APA affords the public. However, the ICR approach is deficient
because the agency cannot, based on the public comment received, amend its rules. ISCD provides the
clearest example of the merit of the rulemaking approach in its summary of comments objecting to the
scope of the population of individuals to be covered by the personnel surety background check
requirement. 5 The agency states that it cannot alter the plain words of the current rule which covers
facility personnel, including those that are escorted, and visitors who are unescorted, irrespective of the
fact that this scope is inconsistent with other DHS vetting schemes. The ICR approach is inadequate to
the task of establishing requirements for personnel surety, and sets a disturbing precedent.
Without the benefit of rules which would be published in the Code of Federal Regulations, how are
future covered facilities to know what identifying information is to be provided on individuals, within
what timeframes, and other regulatory aspects of this ICR? An ICR is simple an inadequate substitute
for rules. This ICR will render standards for personnel surety invisible. The penalties and stakes are too
high to base compliance with these requirements on an information collection.
• Avoiding Regulatory Overlaps: A purpose of the Paperwork Reduction Act is to “minimize the burden of
the collection of information on those who are to respond.” In CFATS risk‐based performance standards
(RBPS) 12, ISCD states that that the standard “is not intended to alter, limit, or conflict with other
Federal … laws and rules” concerning background checks. In retrospect, ISCD should have included in its
statement of intentions not to duplicate existing laws and rules as well.
In our June 2009 comments, we asked ISCD to take the critically important step toward minimizing the
compliance burden of the CFATS personnel surety requirements by allowing reciprocity with other DHS
background check programs. In support of our position, we quoted from ISCD guidance on RBPS 12 that
“workers … who [have] successfully undergone a security threat assessment conducted by DHS and [are]
in possession of a valid DHS credential … will not need to undergo additional vetting by DHS.”6 Since,
ISCD qualified that the “document is a ‘guidance document’ and does not establish any legally
3
Hazardous materials endorsement threat assessment, Transportation worker identification credential (TWIC),
Free and secure trade credential, NEXUS, etc.
4
Comments to DHS‐2009‐0026 from IME dated August 6, 2009.
5
See discussion 75 FR 18855 (April 13, 2010).
6
Risk‐based Performance Standards Guidance, May 2009, page 97, FN 22.
3
enforceable requirements,” we asked ISCD to ensure that this policy be implemented. 7 Regrettably,
ISCD has inexplicably refused to grant reciprocity to DHS’ own, well‐established vetting and
credentialing programs, such as the Transportation Worker Identification Credential (TWIC) or
commercial driver’s licenses with hazardous materials endorsements (CDL‐HME). 8 Holders of these
credentials have already been vetted by the federal government to each of the required background
check screens – identity, criminal history, citizenship, and terrorist ties. Although ISCD is prepared to
add nothing to the rigor of the government’s background check standards, ISCD puts itself forward as an
arbiter of whether other DHS vetting and credentialing schemes are sufficient. This is not a role
envisioned by Congress for ISCD or the CFATS program. ISCD’s role is to offer facilities a service to check
against the TSDB for those employees and unescorted visitors who have not been vetted against the
TSDB by another equivalent federal background check program.
Likewise, in our June 2009 comments, we explained, as noted above, that ATF performs a security
background check on all employees. 9 Yet, ISCD flat out refuses to accept ATF clearances because it
alleges that ATF “does not conduct recurrent vetting against the TSDB.” 10 We are dumbfounded. We
have been assured by ATF that it does run checks of employees of ATF licensees and permittees against
the same TSDB. Moreover, ATF states that it is actively working with DHS to share information and
results from TSDB “hits.” 11 It should be unacceptable to OMB that ISCD will not accept the vetting
results that the ATF is willing to provide about individuals employed at those facilities now regulated by
both agencies given that ATF has historically regulated these facilities since the 1970s and has
successfully vetted employees to equivalent DHS standards since 2003. Without this accommodation,
the regulatory overlaps between the two agencies will impose unreasonable burdens on this segment of
the regulated community without any corollary enhancement to security. ISCD’s support for this
accommodation should be prerequisite to OMB’s approval of this ICR.
OMB should insist that ISCD grant reciprocity for purposes of RBPS 12 to all equivalent federal security
vetting programs. Leveraging other equivalent federal background checks will reduce the cost burden of
RBPS 12 for both the government and industry without compromising security.
•
7
Compliance & Implementation: ISCD states as a justification for its need to require duplicative
information from individuals already vetted by equivalent government programs that “additional
personal information will be required in order to verify that the affected individual has a previous TSDB
[terrorist screening database] vetting result upon which the TWIC was issued.” 12 (Emphasis added.)
This is absurd. The same TSDB is used in the vetting of TWIC, CDL‐HME, FAST, SIDA and other DHS‐
security credentialed applicants. Drivers with CDL‐HMEs will be particularly hard hit by this policy. A
majority of them already were forced to obtain a TWIC, although the department has declared that the
Risk‐based Performance Standards Guidance, May 2009, page 97, footer.
DHS is considering recognizing the previous TSDB vetting results completed by other DHS programs, such as
TWIC, and the Trusted Traveler Programs (Secure Electronic Network for Travelers Rapid Inspection (SENTRI), Free and
Secure Trade (FAST), and NEXUS). Further, DHS is also considering recognizing the results of TSDB vetting (conducted
by DHS) upon which each State relied when issuing a [CDL‐HME].” (Emphasis added.) 75 FR 18854 (April 13, 2010).
9
As required by the FEL, the ATF conducts the same background check ‐ identity, criminal history, and
citizenship – that ISCD tasks to employers, as well as the TSDB screen for terrorist ties. The FEL standard also screens
for and precludes mental defectives and individuals with dishonorable discharges from the armed forces.
10
75 FR 18854 (April 13, 2010).
11
Currently, a TSDB “hit” is not, in and of itself, a disqualifying offense that would preclude an individual from
working for an ATF licensee or permittee. However, “hits” are not ignored. The FBI manages the TSDB and
immediately follows up on all “hits”.
12
75 FR 18853 (April 13, 2010). We assume that ISCD’s specific use of the term “TWIC” is intended to be a
generic reference to all equivalent DHS‐issued security credentials.
8
4
CDL‐HME and the TWIC vetting schemes are equivalent. 13 Yet, ISCD insists that these credentialed
individuals allow ISCD to verify that they have a previous TSDB vetting. The “proof” of this vetting is the
possession of a TWIC or CDL‐HME credential. These credentials should stand on their own.
While it is reasonable the ISCD should expect facilities to make a visual inspection of equivalent security
credentials to order to verify that the credential is valid, facilities should not have to report the
individuals who possess these credentials to the agency. If ISCD believes that these credentials are
insufficient for personnel surety validation, the agency should take its proof of a vulnerability gap to
those other agencies within DHS that administer these credentialing programs for their action. Likewise,
ISCD should accept that the possession by an employer of a valid ATF license or permit means that ATF
has vetted and cleared all of the employees covered by the license or permit. No security purpose
would be served to resubmit personal identifying information on these persons to ISCD. Also, there
should be no expectation that non‐MTSA facilities should be equipped with “readers” for TWIC
credentials. Recently, the House Homeland Security Committee stated that for non‐MTSA facilities,
“the Committee does not intend to require that card readers be installed at all shipping facilities, rather,
the Committee recognizes that a visual inspection of the card will provide the same level of security as
provided under the current HME licensing process.” 14 Again, we ask OMB, given the objectives of the
ICR review, to require ISCD to deem persons with valid DHS security credentials to have met the CFATS
personnel surety standard.
Not all facility personnel or unaccompanied visitors will have a federal government issued security
credential or will be been vetted through an equivalent federal program like ATF’s as described above.
For these individuals, we appreciate ISCD’s position that employers do not have to wait for a notification
of clearance before covered individuals may be permitted unescorted access to restricted areas and
critical assets, and we support the proposed notification schedule. However, we oppose ISCD’s plan to
“collect information that identifies the high‐risk chemical facility or facilities to which the affected
individual has access.” 15 ISCD has failed to justify this level of intrusive oversight. ISCD also runs the risk
of amassing so much information that it will be meaningless. OMB should not sanction the collection of
this overreaching level of detail. Rather, as noted below, ISCD should reach out to the facility contact
that submitted an individual’s information to determine specifics about the individual’s site assess when
circumstances warrant.
Finally, IME seeks guidance on compliance with RBPS 12 as it applies to emergency responders. Any
number of non‐terrorist related situations or circumstances may involve site access by emergency
personnel – a medical emergency, fire, workplace violence, and the like. Facilities should not impede
the access of such personnel coming or going from the site of an emergency by insisting on the
collection of personal identifying information.
• Employer notification: We support the agency’s plan to provide employers with an electronic
acknowledgement that information submitted for such individuals has been received. However, we
continue to oppose ISCD’s policy that it “will not routinely notify high‐risk chemical facilities of Personnel
Surety Program vetting results.” (Emphasis added.) This policy is inconsistent that other federal
security vetting programs used by the private sector, and it is inconsistent with RBPS 12.
13
Based on congressional and public complaint about program overlaps and redundancy, TSA has initiated a
rulemaking to revise and standardize the procedures, adjudication criteria, and fees for all its credentialed security
threat assessments programs that have been deemed equivalent. RIN 1652‐AA61.
14
H.Rept. 111‐123, page 56.
15
75 FR 18854 (April 13, 2010).
5
The ATF background check program provides notice to the employer and the employee whether
employee has or has not cleared the agency’s background check. This notice does not reveal to the
employer facts that led the agency to disqualify the employee, but it does allow the employer the
opportunity to immediately, if appropriate, remove the employee from work functions that would allow
the individual to process explosives. The notice to the employee explains the grounds for the
determination and provides information on how the disability may be relieved or appealed. Likewise,
Congress mandated that the Transportation Security Administration develop and implement a process
for notifying hazmat employers designated by an applicant for a CDL‐HME of the results of the
applicant’s background check. Both of these approaches contrast with that of the proposed CFATS
personnel surety program in that neither employers nor employees will receive notification of a TSDB
match.
RBSP 12 provides that “[a]ccess to restricted areas or critical assets is allowed after appropriate
background checks have been successfully completed.” (Emphasis added.) It is unclear how this
standard will be met when ISCD will not share the results of the TSDB review. We do not believe that it
is in the best interest of other workers, the employer, or the public who remain in proximity to a suspect
worker. At minimum, ISCD should give notice to the employer that reveals the name of any employee
who has failed the TSDB assessment.
Conclusion
We appreciate the importance of assuring that employees and unescorted visitors with access to restricted
areas and critical assets at CFATS’ regulated sites undergo background checks. At the same, all federal
agencies that require security‐based background checks should actively look for opportunities to harmonize
the requirements for these checks and should reciprocally‐recognize equivalent programs. The ISCD should
carefully tailor the implementation of its personnel surety program, including recordkeeping and reporting,
so that it is capturing only those individuals not already covered and vetted under other equivalent
programs. Finally, the requirements of this program should be established through APA rulemaking and
codified in the Code of Federal Regulations.
Thank you for the opportunity to comment.
Respectfully,
Cynthia Hilton
Executive Vice President
PUBLIC SUBMISSION
As of: May 13, 2010
Received: May 11, 2010
Status: Posted
Posted: May 12, 2010
Tracking No. 80aeb304
Comments Due: May 13, 2010
Submission Type: Web
Docket: DHS-2009-0026
Chemical Facility Anti-Terrorism Standard, PRA Notices for Comments on New Personnel Surety
Information Collection Request
Comment On: DHS-2009-0026-0020
Agency Information Collection Activities; Proposals, Submissions, and Approvals: Chemical Facility
Anti-Terrorism Standards Personnel Surety Program
Document: DHS-2009-0026-0022
Comment Submitted by Clifford M. Wiksten Jr., Harcros Chemicals Inc.
Submitter Information
Name: Clifford M Wiksten Jr.
Address:
5200 Speaker Rd.
P.O. Box 2930 (66110)
Kansas City, KS, 66106
Email: cwiksten@harcros.com
Phone: 913-621-7844
Fax: 913-621-7817
Organization: Harcros Chemicals Inc.
General Comment
I believe that DHS should utilize processes and programs that are already in place to accomplish the
RBPS – 13 Personnel Surety. (“Visitors” would include any person that is going to be on the company
property unescorted.) For unescorted visitors the background checks that are conducted to obtain a
Commercial Drivers License with a HazMat Endorsement or obtain a TWIC card are sufficient. A
company should be able to allow unescorted visitors on the property if they hold a valid CDL/HM or a
TWIC card. Those persons that are requesting access, and the company will allow, that do not have
either of these documents could be checked through the DHS-PSP or would have to be escorted
while on the property. Performing the check when the visitor shows up will not accomplish DHS’s
intended purpose because the visitor could be on and off the property before the company receives a
response from DHS.
For employee, requiring each employee to obtain a TWIC card will again meet the requirements of
the DHS-PSP. Random rechecks of employees could be performed on some type of schedule.
I recommend that DHS reconsider it thinking that a background check should be performed each
time a visitor requests access to company facilities.
file:///D|/Documents%20and%20Settings/matthew.bettridge/Desktop/DHS-2009-0026-0022_CP.html[5/13/2010 9:08:35 AM]
PUBLIC SUBMISSION
As of: May 13, 2010
Received: May 11, 2010
Status: Posted
Posted: May 12, 2010
Tracking No. 80aeb937
Comments Due: May 13, 2010
Submission Type: Web
Docket: DHS-2009-0026
Chemical Facility Anti-Terrorism Standard, PRA Notices for Comments on New Personnel Surety
Information Collection Request
Comment On: DHS-2009-0026-0020
Agency Information Collection Activities; Proposals, Submissions, and Approvals: Chemical Facility
Anti-Terrorism Standards Personnel Surety Program
Document: DHS-2009-0026-0023
Comment Submitted by Terry F. Whitley, Shell Oil Company
Submitter Information
Name: Terry F Whitley
Address:
910 Louisiana
Suite 4430A
Houston, TX, 77025
Email: terry.whitley@shell.com
Phone: 713-241-4061
Fax: 713-241-1099
Organization: Shell Oil Company
General Comment
See Attached Comment.
Attachments
DHS-2009-0026-0023.1: Comment Submitted by Terry F. Whitley, Shell Oil Company
(Attachment)
file:///D|/Documents%20and%20Settings/matthew.bettridge/Desktop/DHS-2009-0026-0023_CP.html[5/13/2010 9:08:35 AM]
Terry F. Whitley CPP CFE
Senior Security Manager North America
Shell Oil Company
P.O.BOX 2463
Houston, Texas 77252-2463
Tel: +1 713 241-4061
Email:terry.whitley@shell.com
Internet http://www.shell.com
May 11, 2010
U.S. Department of Homeland Security
National Protection and Programs Directorate
Office of Infrastructure Protection
Infrastructure Security Compliance Division
Mail Stop 8100
Washington, DC 20528
Re: Docket No. DHS-2009-0026—Submission for Chemical Facility Anti-Terrorism Standards
Personnel Surety Program Information Collection 1670-NEW
Dear Sir or Madam:
Shell Oil Company US (Shell) appreciates the opportunity to provide comments on the above. As you
know, Shell has worked with DHS since its creation and has been heavily engaged with DHS since the
inception of the CFATS program. We are active members of the Oil and Natural Gas Sector Coordinating
Council as well as the CIPAC and have offered assistance to DHS in every way possible during the
development of CFATS. We have volunteered for many DHS initiatives and have hosted a number of
site visits to help educate DHS staff and inspectors.
Shell has long recognized the importance a Personnel Surety Program (PSP) plays in the protection of
our employees, contractors, vendors, visitors, assets and facilities. We also understand the importance of
an effective PSP in protecting our critical infrastructure. We have been, and remain, highly concerned
about the suitability of persons to whom we grant access at our sites; it is, after all, in our own best
interest to provide for the safety and security of our sites and all who work therein.
Long before DHS was created Shell implemented a policy in the US requiring both employee and
contractor background checks. Given that our program has been in place for many years, we have
accumulated significant amount of experience in screening personnel and over time have learned what is
practical and prudent, and what is not.
We fully support DHS’ effort to implement an effective PSP. We are concerned, however, that some of
the proposed requirements detailed in the Notice are neither practical nor prudent, and if implemented will
ultimately be found by DHS to be ineffective and/or unmanageable. The following general comments
summarize our major concerns:
Publishing these requirements through an ICR to OMB is, in our opinion, improper in that is does
not guarantee all the process protections available under the Administrative Procedures Act
(APA). Further, this approach is deficient as DHS cannot amend its rules based on public
comments received. We believe that implementation of a PSP program is of such a impact and
significance that using the ICR approach is not adequate for the task at hand, and we see it as a
most disturbing precedence.
There is no doubt DHS, and the Infrastructure Compliance Division in particular, is under
tremendous pressure to implement the CFATS (and the PSP Program) as quickly as possible.
However, shortcutting legitimate processes may put the PSP, and the entire CFATS program, at
risk of judicial review thereby further delaying implementation.
As proposed, the PSP program is overly burdensome and cumbersome for business, industry
and DHS. DHS intends to impose data gathering and submission requirements that are
needlessly redundant, greatly complicate the program and substantially increase manpower and
funding requirements on both industry and DHS while doing little to enhance security of the
regulated sites themselves.
DHS has, in our opinion, grossly underestimated the number of employee, contractor, vendor and
other third party personnel the proposed PSP will impact. For example, DHS does not distinguish
between a contractor, who is on site for a defined period of time to provide a service (could be
days, week or months), and a vendor who is on-site for very brief periods (as little as 10-15
minutes or less in some cases) to deliver things such as mail and packages, food, bottled water,
supplies or materials. In the case of vendors, such as mail and package services, any given
driver may potentially access a dozen or more CFATS sites in one day with his or her name being
entered into the system upon each separate entry. Requirements of this type will dramatically
increase the workload on DHS and industry, and could easily overwhelm both parties who are
short on resources.
Many of the numerous problems encountered by TSA and the US Coast Guard (USCG) with
TWIC implementation are now being attributed to TSA’s prodigious error in underestimating the
number of TWICs that would be required to ensure industry compliance with MTSA. It seems
only logical that DHS would be judicious in this regard and make every effort to avoid much of the
embarrassment seen in the TWIC rollout as a result of underestimating the affected population.
DHS has not accurately estimated the costs that both they (DHS) or the industry will incur to
implement and maintain the PSP program as proposed, primarily as a result of underestimating
the population that will be affected.
We believe DHS has exceeded its mandate by attempting to structure the PSP such that it can be
used by DHS at a tool to track individuals from site-to-site and, incredibly, even within the
confines of a site (see the propose procedure to require by-name tracking of persons accessing
restricted areas and critical assets within a regulated site).
This purpose is in great contrast to DHS’ stated goal of establishing a program to simply conduct
a terrorist screening check against the Terrorist Screening Data Base for persons accessing
regulated facilities. We are highly concerned DHS has does not fully understand or appreciate
the impact of adding hundreds of thousands (if not millions), of unnecessary data submissions to
the system annually, and the tremendous burden such will place on both DHS and industry.
In an effort to avoid repetition, and in lieu of providing further statistics, detail or recommendations
regarding the above points, DHS should note that Shell has carefully reviewed the comments
prepared for submission by the National Petrochemical and Refiner’s Association (NPRA), and
that we share the same concerns expressed by them. We fully support NPRA in their comments,
observations, conclusions and recommendations. Given that NPRA represents a significant portion
of our industry, we encourage DHS to carefully consider the many valid points set forth in their
correspondence.
2
DHS vs. TSA - Use of the TWIC
A final ancillary issue related to use of the TWIC at CFATS regulated sites warrants discussion. Shell
supports DHS’ proposal to accept the TWIC card (as well as other federal-issued credentials such as the
HME, FAST, and NEXUS cards) as evidence of a satisfactory background check. However, there
remains a stumbling block to using the TWIC card which we request DHS correct.
There is no language in the Marine Transportation Security Act (MTSA) that expressly prohibits the use of
the TWIC at non-maritime facilities. As a result, and in response to repeated inquiries from industry as
the TWIC program was initially rolled out, the Transportation Security Administration (TSA) issued an
Informational Bulletin on August 28, 2008, titled “Transportation Worker Identification Credential (TWIC)
Program. In this bulletin, which takes the form of Frequently Asked Questions (FAQs), TSA asks and
answers the following questions:
“Can employers require their employees to enroll for a TWIC even if their job does not
require them to have unescorted access to facilities and vessels regulated by the Maritime
Security Act (MTSA).”
“No. All applicants must certify that they need a TWIC to perform their job. Applicants
must be, or are applying to be, a port worker who requires unescorted access to secure
areas of maritime facilities and vessels regulated by MTSA; or they are a commercial
HME driver licensed in Canada or Mexico. Applicants also certify that the information
they provide during the enrollment process is true, complete, and correct. If required,
civil or criminal action may be taken if an individual provides false information or makes
false certifications (per 49 CFR 1570.5 and 18 U.S.C. 1001).”
“Where in the TWIC regulation is this topic covered?”
“49CFR 1572.17 Applicant information required for TWIC security threat assessment
(e) the applicant must certify the following statement in writing: As part of my employment
duties I am required to have unescorted access to secure areas of maritime facilities
or vessels in which a Transportation Worker Identification Credential is required; I am
now, or I am applying to be, a credentialed merchant mariner; or I am a commercial
driver licensed in Canada or Mexico transporting hazardous materials in accordance
with 49 CFR 1572.201”
The above guidance from TSA, as well as language found in the TWIC application itself, has created a
problem for CFATS sites that would prefer to use the TWIC for their employee or contractor personnel.
Simply stated, to its credit DHS is has declared the TWIC will acceptable as evidence of a background
check at CFTAS sites (which have no maritime nexus) while TSA has stated it can only be used for those
sites with a maritime nexus.
We recognize that not all companies will agree that the use of the TWIC as a means to satisfy PSP
requirements is a desired or preferred solution; many may prefer other options they see as more
effective or less intrusive and costly. We also fully understand and appreciate that DHS cannot prescribe
the use of any security measure at a regulated site and we are not asking DHS do so with regard to use
of the TWIC. However, we do believe that DHS can, and should, assist in removing administrative
roadblocks that either complicate the PSP program or prohibit measures that actually simplify and
enhance the PSP program. The TSA bulletin in question is a prime example of an administrative
roadblock easily eliminated with inter-agency cooperation.
An expressed goal of DHS, as stated recently by the DHS Assistant Secretary for Infrastructure
Protection and other senior members of his staff, is to harmonize DHS regulations with other federal
agency regulations in order to reduce redundancies and conflicts, thereby reducing the burden on
industry. Amending or rescinding the TSA bulletin (as well as the TWIC application form) is consistent
with this goal and would ensure those companies that elect to use the TWIC at CFATS facilities can do so
3
without fear of repercussion. In consideration of this recommendation DHS should note that the use of
the TWIC at CFATS sites offers a number of advantages to those companies who chose to do so. For
example:
Background checks for MTSA and CFATS sites would be consistent in their scope and conduct
thereby harmonizing efforts with both TSA and the USCG. Note this is an issue that will take on
added significance as DHS moves to upgrade MTSA site security programs to CFATS standards.
Companies would have more flexibility in the administration and management of their PSP
programs; they could either use the TWIC or implement other measures that best meet their
individual facility or company needs.
Use of the TWIC will simplify the background check and processes over those processes that will
be required in the absence of the TWIC Program. In some cases the need for a given individual,
such as a vendor or contractor employee, to undergo repeated backgrounds by multiple
companies they service would be eliminated.
Budgeting for background checks would be simplified and over time the cost on industry to
perform background checks should diminish as more and more workers acquire the TWIC.
For companies with multiple sites, use of the TWIC at CFATS sites would facilitate the transfer or
temporary assignment of employees from a CFATS regulated site (which does not require a
TWIC) to an MTSA regulated site (which does require a TWIC).
Use of the TWIC at CFATS sites would provide companies flexibility in the use of emergency
responders from CFATS sites who, in a crisis such as a hurricane, may respond to an MTSA site
(often from outside the local area). This aspect has the added advantage of improving resiliency
in the event of a crisis or disaster, a stated goal of the Department of Energy (DOE).
For the above reasons we believe it is in the best interest of both industry and DHS to resolve this issue.
We encourage DHS to engage TSA in an joint-effort to amend or rescind the August 2008 TSA Bulletin,
as well as and TWIC application, thereby providing industry an option for the use of the TWIC at CFATS
regulated sites that is unencumbered.
In closing Shell strongly recommends that DHS respond to all comments received as a result of this
notice, as well as to those comments submitted in June, 2009, that to date have been ignored and remain
open issues in the minds of the affected parties.
Thank you for the opportunity to comment and please accept our standing offer to participate with DHS in
efforts to improve both the CFATS and the proposed PSP Program. In the end, we all have the same
goal… the safety and protection of our personnel and facilities. We can best accomplish this goal by
working together for optimal solutions.
Respectfully submitted,
Terry F. Whitley
Terry F. Whitley, CPP CFE
Senior Security Manager North America
4
PUBLIC SUBMISSION
As of: May 13, 2010
Received: May 12, 2010
Status: Posted
Posted: May 12, 2010
Tracking No. 80aebdd7
Comments Due: May 13, 2010
Submission Type: Web
Docket: DHS-2009-0026
Chemical Facility Anti-Terrorism Standard, PRA Notices for Comments on New Personnel Surety
Information Collection Request
Comment On: DHS-2009-0026-0020
Agency Information Collection Activities; Proposals, Submissions, and Approvals: Chemical Facility
Anti-Terrorism Standards Personnel Surety Program
Document: DHS-2009-0026-0024
Comment Submitted by Marc Meteyer, Compressed Gas Association- 2nd Comment
Submitter Information
Name: Marc Meteyer
Address:
4221 Walney Road
5th Floor
Chantilly, VA, 20151
Email: ngerike@cganet.com
Phone: 703-788-2745
Fax: 703-961-1831
Submitter's Representative: Marc Meteyer
Organization: Compressed Gas Association
General Comment
See attached letter for Compressed Gas Association comments.
Attachments
DHS-2009-0026-0024.1: Comment Submitted by Marc Meteyer, Compressed Gas Association
(Attachment)- 2nd Comment
file:///D|/Documents%20and%20Settings/matthew.bettridge/Desktop/DHS-2009-0026-0024_CP.html[5/13/2010 9:09:13 AM]
4221 Walney Road, 5th Floor, Chantilly, VA 20151-2923
(703) 788-2700 Fax: (703) 961-1831 E-mail: cga@cganet.com Web Site: www.cganet.com
May 12, 2010
U.S. Department of Homeland Security
National Protection and Programs Directorate
Office of Infrastructure Protection
Infrastructure Security Compliance Division CFATS
Program Manager at the Department of Homeland Security
245 Murray Lane, SW, Mail Stop 0610
Arlington, VA 20528-0610
Docket No. DHS-2009-0026, Information Collection 1670 - NEW
To Whom It May Concern:
On behalf of the Compressed Gas Association (CGA), I am submitting comments regarding the
Chemical Facility Anti-Terrorism Standards Personnel Surety Program Information Collection 1670 NEW (Docket No. DHS-2009-0026) published on Tuesday, April 13, 2010, in the Federal Register.
CGA, founded in 1913, is dedicated to the development and promotion of safety standards and safe
practices in the industrial and medical gas industry. CGA represents over 125 member companies in
all facets of the industry: manufacturers, distributors, suppliers, and transporters of gases, cryogenic
liquids, and related products and services. Through a committee system, CGA develops technical
specifications, safety standards, and training and educational materials, and works with government
agencies to formulate responsible regulations and standards and to promote compliance with these
regulations and standards.
CGA reviewed the comments and information collection request and provides the following comments
regarding personnel surety practices based on the information presented in the Federal Register on
April 13, 2010:
⎯ The CFATS Personnel Surety Program does not provide owner operators of regulated facilities with a
value added tool to screen potential personnel, contractors, and visitors or to identify potential security
risks. The proposed program is a one-way process that provides information to DHS on personnel with
access to restricted areas, without any feedback provided to the owner operators of regulated facilities
on their personnel.
⎯ The proposed program places undue burdens and costs on businesses that operate multiple regulated
facilities where it would require redundant entries for a given individual who visits multiple sites.
⎯ CGA strongly recommends that DHS use a preexisting approved federal security review program (e.g.
TWIC, NEXUS, FAST, HME) rather than creating a new procedure that does not provide an added
value to the partnership between DHS and regulated facilities.
CGA commends the Department of Homeland Security for the continued development of the
Chemical Facility Anti-Terrorism Standards programs and providing stakeholders the opportunity to
provide comments on personnel surety practices.
Sincerely,
Marc J. Meteyer
President and CEO
PUBLIC SUBMISSION
As of: May 13, 2010
Received: May 12, 2010
Status: Posted
Posted: May 12, 2010
Tracking No. 80aeb82f
Comments Due: May 13, 2010
Submission Type: Web
Docket: DHS-2009-0026
Chemical Facility Anti-Terrorism Standard, PRA Notices for Comments on New Personnel Surety
Information Collection Request
Comment On: DHS-2009-0026-0020
Agency Information Collection Activities; Proposals, Submissions, and Approvals: Chemical Facility
Anti-Terrorism Standards Personnel Surety Program
Document: DHS-2009-0026-0025
Comment Submitted by Boyd Stephenson, American Trucking Associations- 2nd Comment
Submitter Information
Name: Boyd Stephenson
Address:
950 N Glebe Rd. Ste 210
Arlington, VA, 22203
Email: bstephenson@trucking.org
Phone: 703-838-7982
Submitter's Representative: Self
Organization: American Trucking Associations
General Comment
Please find the attached comments of the American Trucking Associations on DHS' Chemical Facility
Anti-Terrorism Standards' Personnel Surety Standards.
Attachments
DHS-2009-0026-0025.1: Comment Submitted by Boyd Stephenson, American Trucking
Associations (Attachment)- 2nd Comment
file:///D|/Documents%20and%20Settings/matthew.bettridge/Desktop/DHS-2009-0026-0025_CP.html[5/13/2010 9:09:13 AM]
American Trucking Associations
950 N. Glebe Road, Suite 210, Arlington, VA 22203
Driving Trucking’s Success
May 12, 2010
Via Regulations.gov
Thomas Chase Garwood, III
DHS/NPPD/IP/ISCD CFATS
Department of Homeland Security
Re:
Docket No. DHS-2009-0026: National Protection and Programs Directorate; Chemical Facility
Anti-Terrorism Standards Personnel Surety Program Information Collection 1670-NEW
The American Trucking Associations (ATA) 1 is pleased to offer its comments on the
Department of Homeland Security’s (DHS) National Protection and Programs Directorate’s Office of
Infrastructure Protection’s Submission for Chemical Facility Anti-Terrorism Standards (CFATS)
Personnel Surety Program Information Collection 1670-NEW. 2 As the primary representative of the
trucking industry, ATA has an interest in the impact that the Chemical Facility Anti-Terrorism
Standards will have upon its members that transport Appendix A chemicals as well as other nonregulated loads to and from CFATS-regulated facilities. 3
Although DHS found truck terminals’ security requirements promulgated by the Department of
Transportation (DOT) to be sufficient to exempt them from direct regulation under CFATS program,
motor carriers are still significantly impacted by the program when picking up from or delivering to a
regulated facility. ATA appreciates the opportunity to inform DHS about these impacts and offers the
following suggestions to improve the CFATS Personnel Security Standards:
•
•
DHS must definitively state which credentials will be accepted as having an acceptable
background investigation to meet the regulatory burden imposed in 6 CFR 27.230 (a)(12)(iiv) and
DHS must exempt drivers possessing a DHS-recognized credential from additional
screening under the Chemical Security Assessment Tool (CSAT).
Credentials & Background Checks
As part of the CFATS program, regulated facilities must meet 18 different Risk-Based
Performance Standards outlined in 6 CFR 27.230. The Personnel Surety Standards are among them
and mandate that management of CFATS-regulated facilities must verify (1) the identity, (2) criminal
history, (3) legal authorization to work, and (4) potential terrorist ties of facility personnel and visitors
1
ATA is a federation of motor carriers, state trucking associations, and national trucking conferences that promotes and
protects the interests of the trucking industry. Directly, and through its affiliated organizations, ATA represents more than
37,000 motor carriers of every size, type, and class in the U.S., Canada and Mexico.
2
See 75 Federal Register 18850-18857 (April 13, 2010).
3
See 72 Federal Register 65395-65435 (November 20, 2007).
Comments of the American Trucking Associations
Page 2 of 3
who will have unescorted access to chemicals with the potential to be weaponized. 4 Potential privacy
implications surround the checking of the first three of these. The last one is beyond the scope of any
private organization to check and is clearly the responsibility of the federal government. ATA is
pleased that the Department has developed the CSAT portal that allows facilities to submit employee
and visitors’ information for vetting.
In its April 13, 2010 proposal, DHS states that it is, “considering recognizing the previous
TSDB [Terrorist Screening Database] vetting results completed by other DHS programs” and then lists
those credentials under the Department’s examination. 5 These include the Transportation Worker
Identification Credential (TWIC), various Customs and Border Protection credentials including the
Free And Secure Trade (FAST) card, and a Hazardous Materials Endorsement (HME) on a
commercial drivers license (CDL) among others. ATA supports the inclusion of these credentials as
meeting the requirements of the Personnel Surety Standard but is troubled by the proposal’s statement
that the Department is merely “considering” their inclusion. DHS should definitively list those
credentials which will be considered as meeting the CFATS standard and accept comment on them
before submitting the proposed information collection to the Office of Management and the Budget
(OMB). We further recommend and urge that DHS prohibit CFATS facilities from requiring truck
drivers that possess a DHS-approved credential from having to obtain an additional security credential.
Registering Drivers in CSAT
ATA further urges DHS to allow facilities to accept drivers bearing these credentials to enter
without registering in the CSAT. The Department has indicated that those possessing these forms of
identification “will likely require fewer pieces of information to vet an individual who is not enrolled
in another vetting program,” 6 but has stopped short of stating that such individuals will not have to
register with the CSAT. All three credentials require a DHS-performed Security Threat Assessment
(STA), which verifies an applicant’s identity, criminal history, and legal work status in addition to
checking him/her against the TSDB. 7
DHS’ primary reason for requiring this information is to perform “recurrent vetting” on
individuals—essentially running their names through the TSDB database each time it updates. Yet, the
credentials previously mentioned already are subject to the same recurrent vetting processes. DHS
plans to accomplish recurrent vetting under this program by forwarding individuals’ information
received through the CSAT to TSA’s Transportation Threat Assessment and Credentialing (TTAC)
office. TTAC, of course, is the division of TSA that issues both the TWIC and an HME on a CDL.
Furthermore, TSA recognizes the FAST card as meeting the background check requirements of both
the TWIC and HME STA processes. All three of these cards are subject to recurrent vetting, meaning
that submission of these credentialed individuals through the CSAT tool is nothing more than a
redundant screening process.
The perpetual vetting process associated with TWIC, FAST, and the HME clearly exceeds the
threshold established by 6 CFR 27.230 (a)(12)(i-iv). There are 1.5 million HM endorsed CDL-holders
in the U.S. right now, and they are the only ones who can legally haul the chemicals listed on CFATS
4
See 6 CFR 27.230 (a)(12)(i-iv).
75 Federal Register at 18854.
6
75 Federal Register at 18854.
7
See TSA’s TWIC Frequently Asked Questions Page at:
http://www.tsa.gov/what_we_do/layers/twic/twic_faqs.shtm#eligibility_requirements, listing specific databases and
disqualifying criteria for TWIC, HME, and the FAST Programs,,71 Federal Register 44873-44881 (August 7, 2006).
5
Comments of the American Trucking Associations
Page 3 of 3
Appendix A to these facilities. 8 Because TSA has already vetted these drivers against categories that
are more stringent than those proposed by the Personnel Surety Standard, there should be no need to
collect information on them.
While CFATS-regulated facilities receive deliveries of Appendix A hazardous materials, they
also receive deliveries of general freight, and there are no comparable background check requirements
for the issuance of a CDL alone. However, thousands of these drivers possess FAST cards and almost
300,000 possess TWICs, which meet or exceed the Personnel Surety Standards. 9
Finally, DHS proposes to grant facilities thirty days to notify it via CSAT after they have
admitted a visitor for unescorted access. ATA questions the efficacy of such a requirement—
especially for drivers. Although some facilities can expect to see a regular driver on a regular delivery
schedule, there will always be vacations, sick days, schedule changes, employment changes, etc.
affecting who will be dispatched to a particular client. Rather than trust in a system where the facility
submits a driver’s information via CSAT within 30 days, ATA believes that CFATS-regulated
facilities would prefer to trust in the explicit vetting guarantees from government background checks
on the HME, the TWIC, and the FAST card.
Conclusion
Thank you for considering ATA’s concerns on the CSAT Information Collection. Again, ATA
believes that DHS should implement the following policies:
•
•
Establish that the STAs of the TWIC, FAST, and HME on a CDL meet the
requirements outlined in 6 CFR 27.230 (a)(12)(i-iv) and, thus, that no further STA is
required of the holders of such credentials; and,
Exempt facilities from submitting information about drivers holding those credentials
into the CSAT system.
By implementing these recommendations, DHS has an opportunity to simultaneously maintain
rigorous security standards, reduce significantly the burden on industry, while facilitating the flow of
commerce. The trucking industry looks forward to continued partnership with DHS to secure out
nation and our economic wellbeing. Should you have any questions related to these issues, please
contact the undersigned at 703-838-7982 or bstephenson@trucking.org.
Respectfully submitted,
Boyd Stephenson
Manager
Security and Cross Border Operations
American Trucking Associations
8
See Testimony of the Honorable David Heyman, Assistant Secretary for Policy at DHS, to the Senate Committee on
Commerce, Science, and Transportation, April 21, 2010.
9
See Lockheed Martin and Transportation Security Administration. TWIC Dashboard. April 15, 2010.
PUBLIC SUBMISSION
As of: May 13, 2010
Received: May 12, 2010
Status: Posted
Posted: May 12, 2010
Tracking No. 80aeb8b6
Comments Due: May 13, 2010
Submission Type: Web
Docket: DHS-2009-0026
Chemical Facility Anti-Terrorism Standard, PRA Notices for Comments on New Personnel Surety
Information Collection Request
Comment On: DHS-2009-0026-0020
Agency Information Collection Activities; Proposals, Submissions, and Approvals: Chemical Facility
Anti-Terrorism Standards Personnel Surety Program
Document: DHS-2009-0026-0026
Comment Submitted by Steven Emmert, Reed Elsevier Inc.
Submitter Information
Name: Steven Emmert
Address:
1150 18th St. NW
Suite 600
Washington, DC, 20036
Email: steven.emmert@reedelsevier.com
Phone: 202-857-8254
Organization: Reed Elsevier Inc.
General Comment
See attached file(s)
Attachments
DHS-2009-0026-0026.1: Comment Submitted by Steven Emmert, Reed Elsevier Inc.
(Attachment)
file:///D|/Documents%20and%20Settings/matthew.bettridge/Desktop/DHS-2009-0026-0026_CP.html[5/13/2010 9:09:13 AM]
May 13, 2010
U.S. Department of Homeland Security
National Protection and Programs Directorate
Office of Infrastructure Protection
Infrastructure Security Compliance Division
Re:
Docket No. DHS-2009-0026
National Protection and Programs Directorate
Chemical Facility Anti-Terrorism Standards Personnel Surety Program
30-day notice and request for comments
New information collection request 1670-NEW
Comments by LexisNexis Screening Solutions
LexisNexis® Screening Solutions, a part of LexisNexis Risk Solutions, helps clients gain
confidence in their staffing decisions by identifying risks associated with the individuals they
screen. LexisNexis Screening Solutions leads the industry with the most advanced technology
and comprehensive data solutions, so our clients can make the right decisions quickly about the
individuals given access to their sites—both contractors and employees. LexisNexis Screening
Solutions supports its user-friendly screening solutions with service excellence, compliance
updates and best practices that allow clients to drive efficiencies into their workflows and
maximize value. LexisNexis Screening Solutions has successfully set the standards for
mitigating employment and contractor risk with nearly a third of the largest companies
worldwide. Our experience of over 30 years supplying innovative screening answers provides
clients with proven insight, speed, and accuracy so they can confidently make the right
decisions every day.
LexisNexis is a leading global provider of content-enabled workflow solutions designed
specifically for professionals in the legal, risk management, corporate, government, law
enforcement, accounting, and academic markets. LexisNexis Risk Solutions builds on the
LexisNexis tradition as a trusted provider and custodian of quality information, and leverages
new cutting-edge technology, unique data and advanced scoring analytics to create total
solutions to address client needs. A member of Reed Elsevier, LexisNexis serves customers in
more than 100 countries with 18,000 employees worldwide.
LexisNexis Screening Solutions is aware of the importance of authenticating the identity of
persons accessing high-risk chemical facilities and of screening persons to identify those with
connections to known or suspected terrorists. Identity authentication should be performed for all
employees, contractors, and unescorted visitors to high-risk chemical facilities, including
screening such persons in accordance with the Chemical Facility Anti-Terrorism Standards
(CFATS) which require high-risk chemical facilities to submit information about facility personnel
and, as appropriate, unescorted visitors with access to restricted areas or critical assets at those
facilities. This information is vetted by the federal government against the Terrorist Screening
Database (TSDB), the consolidated and integrated terrorist watch list maintained by the federal
government to identify known or suspected terrorists.
LexisNexis Screening Solutions currently provides personnel surety solutions for the chemical
industry through partnerships with industrial safety training councils and directly with many
national and international chemical companies and petroleum refiners. LexisNexis is also a
vetted vendor partner in a nationally recognized chemical industry contractor screening
consortium known as the Safety Council Security Consortium (SCSC).
Section 550 of Public Law 109-295, the Department of Homeland Security Appropriations Act of
2007 (the Act) requires that the U.S. Department of Homeland Security (DHS) regulations
establish CFATS Risk-Based Performance Standards (RBPS) for regulated chemical facilities
designed to identify people with terrorist ties, set forth in RBPS-12. The ability to identify people
with terrorist ties requires the use of information held in government-maintained databases,
which are unavailable to high-risk chemical facilities. The CFATS Personnel Surety Program
will allow chemical facilities to comply with RBPS-12 by implementing ―measures designed to
identify people with terrorist ties.‖
1. DHS Should Allow Qualified Chemical Industry Safety Training Councils, Contractor
Personnel Surety Consortiums, and Qualified Personnel Screening Service Providers
to Submit Information on Individuals to be Screened to TSDB on Behalf of High-Risk
Chemical Facilities.
High-risk chemical facilities employ significant numbers of individuals, including contractors and
service personnel who require unescorted facility access. Chemical facilities face a significant
burden in screening personnel, requiring specialized, dedicated staff and outside resources.
The burden of these requirements is often costly and time consuming. This burden can be
eased greatly through the use of advanced systems and tools offered by certified service
providers like LexisNexis Screening Solutions, including electronic submission of information to
the TSDB if permitted under the regulations.
Many high-risk chemical facilities are currently working with qualified service providers and
consortium based programs to facilitate the screening of potential employees, contractors, and
unescorted visitors. The service providers in these programs authenticate the identities of the
individuals based upon applicant information transmitted to them by the chemical facilities and
their contractors by matching provided information against databases of public and proprietary
identifying information. The service providers provide the chemical facility with information
relating to the identity of the individual as well as information regarding past criminal offenses.
The facility then decides whether to hire the individual or to allow the individual access to the
facility. If the decision is made to hire or allow access, then the facility must also submit
information to DHS for processing against TSDB in accordance with CFATS. This submission
to the TSDB can be facilitated by allowing the service providers to submit information on the
individual to DHS for processing against the TSDB on behalf of the chemical facility at their
request. The service providers already have complete information on the individual in electronic
form, based in part on the initial submission by the chemical facility and contractors and in part
on the previously completed screening process and can use this information complete the
submission to TSDB electronically.
Qualified third party service providers who engage in commercial background screening,
employ significant privacy and security safeguards and are capable of complying with the
requirements of CFATS in handling data submissions. These service providers are also
required by law to adhere to applicable federal and state laws regarding employment screening,
most notably the Fair Credit Reporting Act (FCRA) and state versions of the FCRA. As such,
these service providers are well equipped to assist high-risk chemical facilities with compliance
of the requirements of CFATS while maintaining compliance with other applicable federal and
state laws. Additionally, these service providers are typically well equipped to maintain high
standards of data security, consumer privacy and management of any applicable adverse action
processes.
Electronic data submissions have definite advantages over manual processes. In addition to
speed and efficiency, errors are significantly reduced when compared to manual submissions as
the information is ―touched‖ fewer times, limiting the risk of introduced errors, and is repeatedly
validated throughout the entire screening process, thereby reducing the risk that errors will pass
undetected. Also, electronic data processing is faster and creates incremental cost savings due
to lower administrative processing and decreased staff intervention.
2. DHS Should Provide Chemical Facility Owners and/or their Qualified Service
Providers, an Electronic Confirmation Message Acknowledging Receipt of
Electronically Submitted Information to be Matched Against the TSDB.
Electronic systems permit a high volume of submissions to be completed with minimal staff
intervention. The discretion to process the data submitted, and the decision whether to share
the results of any TSDB search must necessarily remain with DHS. However, as it is a
requirement of CFATS that data on employees, contractors, and unescorted visitors be
submitted, and as high-risk chemical facilities face potential sanctions for failure to comply with
CFATS, the electronic submission process should be developed to include an electronic
confirmation of receipt for each individual submitted.
Confirmation receipts can be generated electronically using minimal information: date of receipt,
time of receipt, and an identification or item number that corresponds to the record of the
individual submitted, and if necessary an identification number for the facility making the
submission. Records of this submission receipt can be maintained by DHS, the high-risk
chemical facility and the authorized service provider, if any, involved in the submission, creating
an audit trail that can be used to document compliance by the chemical facility and the service
provider with the requirements of CFATS.
3. DHS Should Establish a Uniform Standard for Electronic Submissions for the TSDB.
In an effort to maintain consistency, data security and scalability for any future electronic data
submission and validation processes, DHS should consider establishing uniform information
technology standards utilizing the latest industry standards. Further dialogue with qualified
industry leading service providers should be considered regarding these technology standards.
4. DHS Should Consider the Deployment of a “Pilot Program” for Proof Testing of an
Electronic Submission Process to the TSDB
In an effort to assure an efficient, timely and quality delivery of any future electronic data
submission process, a pilot program testing process should be considered. A pilot program
process should be considered that leverages existing and best-practice technology solutions.
LexisNexis Screening Solutions hopes that DHS finds the above suggestions to be helpful and
is prepared to discuss these suggestions in detail with DHS. Should DHS require additional
information, please feel free to contact me at 859-351-3865 or via email at
trey.benson@lexisnexis.com.
Sincerely,
Trey Benson
AVP Strategic Sales – Chemical & Petrochemical Markets
PUBLIC SUBMISSION
As of: May 14, 2010
Received: May 12, 2010
Status: Posted
Posted: May 13, 2010
Tracking No. 80aec5c0
Comments Due: May 13, 2010
Submission Type: Web
Docket: DHS-2009-0026
Chemical Facility Anti-Terrorism Standard, PRA Notices for Comments on New Personnel Surety
Information Collection Request
Comment On: DHS-2009-0026-0020
Agency Information Collection Activities; Proposals, Submissions, and Approvals: Chemical Facility
Anti-Terrorism Standards Personnel Surety Program
Document: DHS-2009-0026-0027
Comment Submitted by William Erny, American Chemistry Council
Submitter Information
Name: William Erny
Address:
1300 Wilson Blvd
Arlington, VA, 22209
Email: bill_erny@americanchemistry.com
Phone: 703-741-5246
Organization: American Chemistry Council
General Comment
See attached file(s)
Attachments
DHS-2009-0026-0027.1: Comment Submitted by William Erny, American Chemistry Council
(Attachment)
file:///D|/Documents%20and%20Settings/matthew.bettridge/Desktop/DHS-2009-0026-0027_CP.html[5/14/2010 6:39:47 AM]
May 13, 2009
Mr. Todd M. Keil
Assistant Secretary for Infrastructure Protection
U. S. Department of Homeland Security
Washington, D.C. 20528
Re: Docket No. DHS-2010-0019—Submission for Chemical Facility Anti-Terrorism Standards
Personnel Surety Program Information Collection Request
Assistant Secretary Keil:
The American Chemistry Council (ACC) provides the following comments on the DHS Submission for
Chemical Facility Anti-Terrorism Standards (CFATS) Personnel Surety Program Information Collection.
Many ACC members are subject to these standards and have a significant interest in how this program is
developed and implemented.
Ensuring that well qualified and trustworthy personnel are employed by and work for chemical facilities
continues to be a priority for ACC members. Under the Responsible Care Security Code, ACC member
companies are required to conduct background checks of employees and contractors who have access to
restricted areas and critical assets. Periodic reassessments are also required as well. We believe that the
core elements of the CFATS program for personnel surety as outlined in RBPS 12 are consistent with the
background checks already utilized by ACC members and generally within the chemical industry. We
support a robust, comprehensive and effective approach to screening employees and contractors that have
unescorted access to restricted areas and critical assets at high risk facilities. However, some of the
approaches proposed by the DHS to gather information of affected individuals will have severe
unintended consequence and will create significant burden without additional benefit or practical utility.
Following is a detailed discussion of these issues.
1. DHS has Exceeded the Legislative Intent of the Personnel Surety Program
ACC believes that DHS is extending the personnel surety program (PSP) beyond the legislative intent of
its personnel surety obligation at great cost and burden to the regulated community. The intent of the PSP
is to ensure that employees and visitors who have unescorted access to restricted areas at covered
facilities are properly screened against the TSDB. Further, in the Final Rule on CFATS published on
April 9, 2007, page 17709 it states:
“To minimize redundant background checks of workers, DHS agrees that a person who has successfully
undergone a security threat assessment conducted by DHS and is in possession of a valid DHS credential
such as a TWIC, HME, NEXUS, or FAST, will not need to undergo additional vetting by DHS.”
However, as was explained by DHS during the personnel surety briefing at ACC on Wednesday, April
28, the reason why DHS wants all facilities to submit redundant information on affected individuals is to
know all the locations at every facility and the specific COIs that every affected individual has access to.
This information would then be used for analysis and investigative purposes. ACC contends that this
purpose extends far beyond the intended purpose of ensuring personnel surety by checking against the
Terrorist Screening Database.
ACC believes that persons who hold a valid TWIC or other federally issued credential such as HME,
NEXUS, or FAST satisfy the intent of the personnel surety requirements as outlined in RBPS 12, and
such persons need not be submitted into the DHS CSAT Database.
2. Will the PSP be Counter-Productive to Reducing Security Risk?
ACC questions the wisdom of requiring redundant reporting by covered facilities who will be required to
submit the same information on affected individuals. From a data quality perspective, having all covered
facilities collect, verify, submit and maintain this information creates a situation that is ripe for data entry
errors and presents a significant challenge to keep all the information up to date. Further, having so many
sources of this information creates an unnecessary and significant vulnerability of the information getting
into the wrong hands, which is counter-productive to the mission of enhancing our National security. It
also creates a significant increased legal liability for covered facilities that have to accurately and timely
collect, verify, report, maintain and protect this sensitive information.
3. DHS has Grossly Underestimated the Burden of the Personnel Surety Program
DHS estimates that the personal surety program will include 1,063,200 affected individuals. ACC is
concerned that DHS has grossly underestimated this impact. Simply looking at another similar DHS
program, there are currently 1.5 million active TWICs in existence today. The Coast Guard’s original
estimate of 400,000 turned out to be off by nearly a factor of four. In comparison, the number of CFATS
facilities is nearly double that of MTSA (roughly 6000 versus 3200), and when you consider the
additional CFATS requirement for reporting escorted facility employees and the multiple and redundant
entries that are required by each covered facility and for reporting when affected individuals no longer
have access to restricted areas, ACC estimates that the number of affected individuals will be upwards of
10 million. The administrative burden this will create for both the public and private sectors is simply
enormous.
DHS estimates that the amount of time for a responsible entity to submit the information on each affected
individual into the CSAT portal is 0.59 hours per individual. DHS also clarified that this time burden is
limited in scope to those activities listed in 5 CFR 1320.3(b)(1). ACC believes this time does not
accurately reflect the actual time burden imposed on industry associated with the proposed personnel
surety program. Specifically, it does not account for investigations, legal review, privacy accommodations
and adverse employment decisions. With that said, simply using the 0.59 hours per affected individual
estimate and multiplying by a realistic estimate for the number of affected individuals (as described
above), ACC believes that a more realistic estimate of the total time burden associated with collecting,
verifying, reporting, maintaining and protecting information for each affected individual would be
upwards of 6,000,000 man hours. From a cost burden perspective, based on an average hourly wage of
$20 per hour for an appropriate individual with the proper security level and training, the total cost burden
imposed on the regulated community would be $120 million.
Executive Order 12866 directs agencies [to] assess the effects of Federal regulatory actions on State,
local, and tribal governments, and the private sector and to provide a qualitative and quantitative
assessment of the anticipated costs and benefits of a Federal mandate resulting in annual expenditures of
$100 million or more, including the costs and benefits to State, local, and tribal governments or the
private sector. ACC believes DHS should carefully review as to whether this action qualifies as a
significant rulemaking and therefore be subject to the appropriate administrative procedures.
4. DHS expands the Definition of Affected Population
The definition of “Affected Population” expands the Scope of the requirements beyond those established
in the regulation at 6 CFR § 27.230(a)(12), which states that a covered facility must “[p]erform
appropriate background checks on and ensure appropriate credentials for facility personnel, and as
appropriate, for unescorted visitors with access to restricted areas or critical assets . . . .” Furthermore, the
guidance in RBPS 12 for existing employees does not require escorted employees to be included in the
personnel surety requirements for compliance. Following is an excerpt from RBPS 12, Table 17:
Metric 12.1 –
New/Prospective
Employees &
Unescorted
Visitors
All new/prospective employees and contractors, as well as any unescorted
visitors, who have access to restricted areas or critical assets have appropriate
background checks. Access to restricted areas or critical assets is allowed after
appropriate background checks have been successfully completed.
Thus, individuals with escorted access to restricted areas or critical assets fall outside of the scope of the
affected population and should not be subject to a background check for CFATS compliance purposes.
Only those persons that are escorted by a qualified employee or contractor who has been submitted to
DHS and has been cleared through the TSDB will be permitted access to these areas. Further, employees
who have not been cleared by DHS will not be permitted unescorted access. This is consistent with other
similar security programs such as MTSA and TWIC.
DHS expands the definition of affected individual in the Information Collection Request (ICR) by stating
that “(1) facility personnel (e.g., employees and contractors) with access (unescorted or otherwise) to
restricted areas or critical assets, and (2) unescorted visitors with access to restricted areas or critical
assets” would need the background checks. DHS acknowledged that their intent is to include escorted
facility personnel under the personnel surety requirements since it is their belief that these persons pose a
greater risk of terrorism and therefore need to be watched. ACC disagrees with DHS that personnel
employed by the facility who may have escorted access to restricted areas pose a greater risk of terrorism.
Facility employees are required to go through an extensive hiring and application process that ensures
identify verification. In addition, if such employees would require access to restricted areas they would
have to be escorted by someone who has met the PSP requirement. This new CFATS requirement for
escorted facility personnel to meet the PSP requirements would significantly increase the reporting
burden and should be eliminated from this program.
5. Some Possible Solutions
DHS should consider reissuing the Personnel Surety Program to OMB as a significant rulemaking thus
requiring compliance with the full administrative procedures, including risk/benefit analysis. The
Paperwork Reduction Act was not intended for conducting rulemaking as comprehensive as the Personnel
Surety Program. Additionally, DHS should consider as a part of the rulemaking that it conduct a public
meeting so that members of the regulated community and the public would have the opportunity to air its
concerns and engage the Agency. This would help to ensure that a reasonable approach is considered that
adequately affords the proper level of security at high risk chemical facilities while minimizing regulatory
burden.
DHS should accept TWIC and HME and other Federal security credential programs as meeting the
CFATS personal surety requirement. DHS should NOT require covered facilities to submit into the DHS
CSAT portal redundant information on affected individuals who have already been screened and cleared
against the TSDB and who hold an active, valid TWIC or other Federal security credential. This one step
alone would help to considerably alleviate the reporting burden on the regulated community, without
compromising security. Additionally, this would allow DHS to focus its resources and attention on those
affected individuals who have not yet been screened.
As a practical matter, many companies should be permitted to develop groups of employee submittals that
could be provided to DHS. These submittals would not be facility based. The DHS requirement for
facility-based reporting would essentially undercut existing practices by having the owner/operator
submit names based upon each site. This leaves little flexibility if employees work at multiple sites.
Further the requirement for notifying DHS when someone leaves their employment adds burden for
facilities with no discernible benefit.
Lastly, the new CFATS requirement for escorted facility personnel to have a background check is
inconsistent with the congressional intent, the regulatory language and the RBPS guidance and should be
eliminated entirely from this program.
Again, thank you for this opportunity to provide comments on this important issue. Please feel free to
reach out to me if you have any questions or require further information.
Sincerely,
William J. Erny
Senior Director, Security
American Chemistry Council
PUBLIC SUBMISSION
As of: May 14, 2010
Received: May 13, 2010
Status: Draft
Tracking No. 80aec453
Comments Due: May 13, 2010
Submission Type: Web
Docket: DHS-2009-0026
Chemical Facility Anti-Terrorism Standard, PRA Notices for Comments on New Personnel Surety
Information Collection Request
Comment On: DHS-2009-0026-0020
Agency Information Collection Activities; Proposals, Submissions, and Approvals: Chemical Facility
Anti-Terrorism Standards Personnel Surety Program
Document: DHS-2009-0026-DRAFT-0028
Comment Submitted by
Submitter Information
Name: Ann M. Beauchesne
Address:
1615 H Street, NW
Washington, DC, 20062
Email: meggers@uschamber.com
Phone: 202-463-3100
Fax: 202-463-3177
Submitter's Representative: Matthew J. Eggers
Organization: U.S. Chamber of Commerce
General Comment
See attached file(s)
Attachments
DHS-2009-0026-DRAFT-0028.1: Comment Submitted by
file:///D|/Documents%20and%20Settings/matthew.bettridge/Desktop/DHS-2009-0026-DRAFT-0028_CP.html[5/14/2010 6:39:47 AM]
May 13, 2010
The Honorable Rand Beers
Under Secretary for National Protection and Programs
U.S. Department of Homeland Security
Washington, DC 20528
Re: Docket No. DHS-2009-0026
Dear Under Secretary Beers:
The U.S. Chamber of Commerce, the world’s largest business federation representing the
interests of more than three million businesses and organizations of every size, sector, and
region, writes to thank the Department of Homeland Security (DHS) for collecting public
comments on the Chemical Facilities Anti-Terrorism Standards (CFATS) Personnel Surety
program.1 The Chamber’s concerns and views relating to the CFATS Personnel Surety program
include:
(Conflicting) Laws Applying to Background Checks; Screening Facility Personnel, Visitors
The Chamber is concerned that the Chemical Security Assessment Tool (CSAT) Site
Security Plan (SSP) Questions document asks for information related to Personnel Surety that is
either protected under existing U.S. privacy laws or unavailable due to the lack of a direct
employment relationship between the facility site owner and the individual (e.g., an employee of
a contractor, a first responder). For example: CSAT SSP question 18.3-16663,2 related to
Terrorist Screening Database (TSDB) Records, asks whether a facility will implement a process
to submit personally identifiable information about facility personnel, and as appropriate,
unescorted visitors, who have access to restricted areas or critical assets so DHS can perform
TSDB background checks. This question raises several issues.
1
See 75 Federal Register (FR), pages 18850-18857, available at http://edocket.access.gpo.gov/2010/pdf/20108312.pdf (April 13, 2010).
2
CSAT questions available at www.dhs.gov/xlibrary/assets/chemsec_csat_ssp_questions.pdf.
2
DHS has not explained how it will request this information from facilities. In June 2009,
DHS published an information collection request entitled “Submission for Chemical
Facility Anti-Terrorism Standards Personnel Surety Program Information Collection
1670-NEW”3 but DHS has not published a final tool to guide compliance by
owners/operators.
Screening might yield a high number of false positives or information not germane to
whether a person has ties to terrorism that could delay access for essential
workers/visitors.
Various federal and state laws, such as the Fair Credit Reporting Act (FCRA),4 require
protection of personally identifiable information. Obligations that a facility has under the
FCRA might preclude a facility from providing such information in an SSP. Potential
conflicts exist between CFATS, the FCRA, and other laws that need to be clarified.
Also, because of privacy laws, site facilities might not be able to obtain personally
identifiable information for workers that are not employees of the site owner (e.g.,
contractors and subcontractors).
The Chamber supports eliminating the requirement that facilities must re-notify when an
affected person(s) no longer has access to a facility’s restricted areas or critical assets.
Likewise, it makes practical sense to eliminate the requirement to vet through the TSDB,
or conduct several types of background checks on, a person who is escorted on-site.
The Chamber is uncertain about how DHS will define contractors, which some
companies or facilities may use extensively. The department is expected to consider
individual contractors as “visitors.” It is unclear if facilities will have to screen
contractors, many of whom may work several facilities, against the CSAT. The Chamber
understands that facility owners/operators must notify DHS when contractors are no
longer at a facility. In effect, a facility needs to notify DHS prior to when a contractor
accesses the sensitive areas of a facility; then a facility must notify DHS when they leave.
The burden here would be considerable, to put things lightly.
DHS should propose guidance to explain the difference between contractors and visitors,
whether escorted or unescorted. Concern exists about how DHS will treat corporate
employees who may go from one company site to another several times a year for audits,
etc. DHS has suggests that they be “escorted” so nothing related to background checks
will need to be submitted.
Another example: CSAT SSP question 18.39-18800, which attempts to ask how a facility
will identify facility personnel and unescorted visitors with access to restricted areas or critical
assets if they have ties to terrorism, is difficult to answer as posed by DHS officials.
3
See 74 Federal Register, pages 27555-2757, available at http://edocket.access.gpo.gov/2009/pdf/E9-13618.pdf
(June 10, 2009).
4
See www.ftc.gov/os/statutes/031224fcra.pdf.
3
Depending on the facility and its circumstances, delivery and emergency personnel
(including, but not limited to, firefighters) may find themselves in a restricted area. This
question implies that such individuals should not be permitted access absent screening,
which could create a host of practical problems.
As currently defined by DHS, the scope of the population affected by 6 CFR §
27.230(a)(12) raises significant concerns for the regulated community. DHS states, “[I]f
facility personnel have access, either unescorted or otherwise (e.g., escorted), to restricted
areas or critical assets, then they are affected individuals who must be screened for the
purposes of the Personnel Surety Program.”5 This may disallow escorting, thereby
enlarging the population of affected individuals without any corresponding security
benefit, and implicitly mandate that a covered facility subject all “facility personnel” to
the Personnel Surety program. Permitting escorting for individuals who have not been
subject to a government-mandated background check, but who otherwise need legitimate
access to security-sensitive areas, is a hallmark of other regulatory programs designed to
enhance the security of the nation’s critical infrastructure. Escorting should be allowed
for CFATS-regulated facilities. In particular, the U.S. Coast Guard permits individuals
without a Transportation Worker Identification Credential (TWIC) to access the secure
areas of a Maritime Transportation Security Act-regulated facility so long as the
individual is escorted.6 Why DHS has seemingly departed from this policy in the context
of CFATS is not clear. Commenters raised this issue in response to DHS’s June 10,
2009, information collection request, but DHS has not provided a meaningful response.
DHS has recognized the potential inability of facilities to provide personally identifiable
information for emergency and delivery personnel. The CSAT Tool Frequently Asked
Questions website (1368)7 indicates that fire department personnel are not required to
undergo background checks. Also, DHS’s response to public comments on the draft
RBPS, or Risk Based Performance Standards Guidance document, indicates that a facility
is not required to prescreen every third-party visitor or delivery personnel prior to entry.8
Accepting Other Credentials to Reduce the Financial Burden; Limiting Liability
The Chamber recognizes that an appropriate personnel security threat assessment is
required under CFATS and can improve a facility’s ability to deter and protect against insider
threats or covert attacks. The CFATS Personnel Surety program is similar to the TWIC card,
Hazardous Material Endorsement license, and other licensing and credentialing programs.
5
75 FR, page 18855.
See enclosure number 3 in “Navigation and Vessel Inspection Circular No. 03-07,” U.S. Coast Guard (July 2,
2007) www.tsa.gov/assets/pdf/twic_nvic_07-02-07.pdf.
7
See http://csat-help.dhs.gov/pls/apex/f?p=100:1:2610238360839734.
8
See www.dhs.gov/xlibrary/assets/chemsec_cfats_riskbased_performance_standards_comments_received.pdf.
6
4
9
Performing a battery of background checks on both facility personnel (e.g., employees
and contractors) who have access to restricted areas or critical assets and on unescorted
visitors who have access to these sensitive areas will be costly. Industry has argued that
there are many federal identification programs, like TWIC, that have already vetted
people through terrorist watch lists. DHS suggests9 that it wants to minimize redundant
background checks of people who have successfully undergone a security threat
assessment conducted by DHS and holds a valid DHS credential. However, the dominant
impression of many owners and operators is that facilities in practice will have to provide
background and identifying information about individuals in such detail that will negate
the benefits of reciprocity between and among a number of DHS credentials. DHS
should make explicit that it will accept TWIC and other credentials rather than make
facilities run people through the TSDB again. Such as move would go far to reduce the
resource burden on covered facilities and DHS. DHS should be cognizant of minimizing
adverse financial and operational impacts on businesses, especially on small businesses.
According to the April 13, 2010, Federal Register notice, “DHS recognizes that some
affected individuals under CFATS possess TWICs or other credentials that rely on DHSconducted TSDB vetting (e.g., an individual vetted under the TWIC program). DHS
intends to reduce the burden of this collection by recognizing previous TSDB vetting
results conducted by DHS” [italics added]. DHS goes on to say, “In lieu of conducting
new TSDB vetting on all affected individuals, DHS intends to recognize the results of
previous TSDB vetting conducted on individuals enrolled in certain other DHS programs.
Specifically, DHS is considering recognizing the previous TSDB vetting results
completed by other DHS programs, such as TWIC,” and other related programs.10 The
Chamber support any and all efforts by DHS to reduce the heavy reporting burden on
facilities.
Regarding legal liability concerns, DHS requires facilities to screen individuals (e.g.,
employees, contractors, unescorted visitors) against the TSDB. However, key questions
remain: When individuals’ names get screened against the TSDB, what happens if there
is an affirmative match? Does DHS send that information back to the facility? Is it
shared with another federal agency, such as the FBI? Implementing anything other than a
strict, standardized process could expose a company to potential discrimination claims.
The legal liability implications, as well as the likelihood of coordination missteps and
confusion, are substantial.
A footnote to the CFATS RBPS states, in a somewhat confusing way: “Note that to minimize redundant
background checks of workers, a person who has successfully undergone a security threat assessment conducted by
DHS and is in possession of a valid DHS credential (such as a TWIC, hazardous materials endorsement (HME)
license, NEXUS, or Free and Secure Trade (FAST) credential) will not need to undergo additional vetting by DHS.
The facility, however, still must provide DHS with sufficient identifying information about the individual and his
credential to allow DHS to verify that the credential still is valid” [italics added]; see page 97 of
www.dhs.gov/xlibrary/assets/chemsec_cfats_riskbased_performance_standards.pdf.
10
75 FR, pages 18853-18854.
5
Screening Database and Watch Lists Should be Accessible to Allow for Efficient,
Consistent Background Checks; No Notice of Positive Matches to TSDB a Concern
As you know, DHS does not share the background screening requirements, or provide
public access to the watch lists that officials use to conduct its screening. However,
numerous other U.S. and partner nation agencies do share this information in the public
domain, which allows for regulated entities to engage a third-party vendor to facilitate the
background screening (e.g., Office of Foreign Assets Control watch lists). Additionally,
there is no central database that covered entities could query to validate that an already
existing background screening may be on file with DHS.
The Chamber suggests that the screening database and watch lists be accessible by the
public, or that DHS establish a process to authorize regulated entities to use the database
and watch list, in order to facilitate efficient and consistent vetting of facility personnel
and unescorted visitors.
The April 13, 2010, Federal Register notice states that DHS “will not routinely notify”
facilities of the Personnel Surety program vetting results. Instead, DHS will coordinate
with federal law enforcement entities “to monitor and/or prevent situations in which
known or suspected terrorists have access to high-risk chemical facilities.” DHS goes on
to say that the manner in which the department or federal law enforcement officials
contact facilities following vetting are beyond the scope of this notice.11 However, some
in industry reasonably believe that facility owners/operators should be notified when
there is a positive match to an identity in the TSDB.
Conclusion: The Chamber Supports the CFATS Program and Welcomes a Dialogue on
Shaping Its Continued Success
The Chamber appreciates the opportunity to present its view on the CFATS Personnel
Surety program. We thank you and DHS for reaching out to the private sector to solicit our
concerns and views. While the Chamber has serious concerns with a number of the Personnel
Surety program components, the Chamber applauds your efforts to address the nation’s chemical
security, and we look forward to working with you and your DHS colleagues on this important
issue. Please let me know if you have any questions. Thank you.
Sincerely,
Ann M. Beauchesne
11
75 FR, page 18856.
PUBLIC SUBMISSION
As of: May 14, 2010
Received: May 13, 2010
Status: Draft
Tracking No. 80aecc81
Comments Due: May 13, 2010
Submission Type: Web
Docket: DHS-2009-0026
Chemical Facility Anti-Terrorism Standard, PRA Notices for Comments on New Personnel Surety
Information Collection Request
Comment On: DHS-2009-0026-0020
Agency Information Collection Activities; Proposals, Submissions, and Approvals: Chemical Facility
Anti-Terrorism Standards Personnel Surety Program
Document: DHS-2009-0026-DRAFT-0029
Comment Submitted by
Submitter Information
Name: David Friedman
Address:
1667 K Street NW
Washington, DC, 20006
Email: dfriedman@npra.org
Phone: 202-552-8461
Fax: 202-457-0486
Submitter's Representative: David Friedman
Organization: National Petrochemical and Refiners Association
General Comment
Please see the attached comments from the National Petrochemical and Refiners Association.
Attachments
DHS-2009-0026-DRAFT-0029.1: Comment Submitted by
file:///D|/Documents%20and%20Settings/matthew.bettridge/Desktop/DHS-2009-0026-DRAFT-0029_CP.html[5/14/2010 6:39:48 AM]
National Petrochemical & Refiners Association
1667 K Street, NW
Suite 700
Washington, DC
20006
202.457.0480 voice
202.457.0486 fax
May 13, 2010
National Protection and Programs Directorate
Office of Infrastructure Protection
Infrastructure Security Compliance Division
U.S. Department of Homeland Security
RE: NPRA Comments on Docket No. DHS-2009-0026 – Submission for Chemical Facility AntiTerrorism Standards Personnel Surety Program Information Collection 1670-NEW
NPRA, the National Petrochemical & Refiners Association, represents more than 450
businesses, including virtually all U.S. refiners and petrochemical manufacturers, their
suppliers, and vendors. NPRA members supply consumers with a wide variety of products
used daily in their homes and businesses, including fuels, lubricants, and chemicals that serve
as building blocks for everything from plastics to clothing, medicine, and computers.
NPRA appreciates the opportunity to provide comments on the “Submission for
Chemical Facility Anti-Terrorism Standards Personnel Surety Program Information
Collection” notice (75 FR 18850, April 13, 2010). Many NPRA members are subject to the
Chemical Facility Anti-Terrorism Standards (CFATS) and have a considerable interest in
personnel surety and in the development and implementation of the Personnel Surety
Program (PSP).
CFATS require high-risk chemical facilities to submit to the U.S. Department of
Homeland Security (DHS) personally identifiable information (PII) for facility personnel
and, when appropriate, unescorted visitors with access to restricted areas or critical assets.
The purpose of the PII submissions is to provide sufficient information for DHS to screen
individuals against the Terrorist Screening Data Base (TSDB). High-risk chemical facilities
are also required to conduct background checks to comply with the CFATS risk-based
performance standard (RBPS) for personnel surety, otherwise known as RBPS 12.
I.
Executive Summary of Comments
NPRA members fully support the need to screen affected parties against the TSDB to
ensure the protection of high-risk chemical facilities from insider threats. In fact, many sites
regulated by the Maritime Transportation Security Act (MTSA) already conduct background
checks as part of the Transportation Worker Identification Card (TWIC) program. The
process described in this Information Collection Request (ICR) appears to be an attempt to
shift responsibility for ensuring that workers are not terrorists from the government to the
1
private sector. Specifically, NPRA has the following concerns related to this notice: (1) the
regulatory vehicle used to present the procedures and processes outlined in this ICR; (2) the
potentially redundant reporting requirements; (3) the overly prescriptive measures to comply
with the CFATS performance standards; (4) whether DHS is going beyond the scope of
screening for potential terrorists; (5) the legal implications placed on industry as an
unintended consequence of CFATS implementation; and, (6) the burden estimate outlined in
the ICR.
The remainder of these comments will expand on NPRA’s concerns on each of these
topics.
II.
A Formal Rulemaking with Notice and Comment is More Appropriate than an
Information Collection Request
The imposition of new reporting requirements by a federal agency that establish binding,
prescriptive future actions on the regulated community typically go through a rulemaking
process with notice and comment. The processes and procedures outlined in this ICR do not
reflect a simple information collection under an existing rule; rather, the prescriptions in this
ICR establish new requirements and burdens on industry. Additionally, for future
compliance purposes, the requirements outlined in this ICR should be published in the Code
of Federal Regulations, which would be the result of a rulemaking. Whether intended or not,
agency action can be considered a rule if it imposes new requirements that have never been
outlined in a previous rule or subject to notice and comment. The following examples are
from court cases that demonstrate when rulemaking is appropriate.
In DIA Navigation Co., Ltd v. Pomeroy, 34 F.3d 1255 (3rd Cir. 1994), the court
concluded that agency policies having a binding effect on the regulated community
are rules and require notice and comment.
In Phillips Petroleum Co. v. Johnson, 22 F.3d 616 (5th Cir. 1994) the court
determined that unpublished internal agency documents that prescribe actions to be
applied in a mandatory fashion are rules that require notice and comment.
In Shell Offshore Inc. v. Babbitt , 238 F.3d 622, 629-630 (5th Cir. 2001), the court
found that new interpretations of existing regulations are considered new rules and
subject to notice and comment.
NPRA recommends that DHS first establish this reporting under a formal rulemaking,
followed by a series of future ICRs, which will establish and fully explain the authority for
the action and provide the regulated community with explicit instructions for future
compliance.
III.
DHS Can Reduce the Potential Regulatory Burden Posed by this ICR by
Excluding Escorted Employees and Persons Who Have Already Been Screened
Against the TSDB
2
One of the overarching principles involved in federal government actions to collect
information from the regulated community is to avoid redundant or duplicative reporting. To
achieve this objective, persons who have already been screened against the TSDB for other
programs, such as the Transportation Worker Identity Card (TWIC) program, Secure
Electronic Network for Travelers Rapid Inspection (SENTRI), Free and Secure Trade
(FAST) and NEXUS should be excluded from this program. In addition, DHS should also
recognize state initiatives that use this type of screening when issuing Hazardous Materials
Endorsements (HMEs).
Persons who need access to multiple facilities also face duplicative reporting
requirements under the language of this ICR. The purpose of this ICR is to collect
information that will allow for screening against the TSDB, not for tracking the movements
of employees, contractors and visitors. NPRA agrees that screening is not a static process;
however, trying to capture information on the coming and going of employees, contractors
and visitors will result in redundant reporting that lends nothing to the objective of screening
against the TSDB.
Lastly, employees who are not allowed access to restricted areas or critical assets unless
they are escorted do not pose a threat like those who are unescorted. The guidance for RBPS
12 for existing personnel only speaks to unescorted employees and does not require escorted
personnel to meet the personnel surety requirements set out in the standard. Excluding
escorted employees from this ICR would be consistent with other surety programs under the
federal government, e.g., MTSA. There is little practical utility to information collected on
escorted employees, just like there being little utility to information collected on any escorted
contractor or visitor.
IV.
The Measures Found in this ICR May be Too Prescriptive for Meeting a Riskbased Performance Standard under CFATS
DHS cannot deny a Site Security Plan for failure to implement a particular security
measure. In essence, this ICR is prescribing what each facility is required to do to meet
RBPS 12. However, CFATS also has provisions that require DHS to screen persons for
potential ties to terrorism. The only way to resolve the limitations of prescription and
requirements for screening that have been placed on DHS is to make individual employees,
contractors and certain types of unescorted visitors responsible for providing information
directly to DHS, much in the same way terrorist screening is approached under other
programs. Through this process DHS would not be prescribing requirements to meet RBPS
12, but would be able to obtain the necessary information for screening against the TSDB.
V.
The Requirements Outlined in this ICR Clearly Transcend the Intended
Purpose of Collecting Information to Allow for Screening against the TSDB
3
The purpose of this ICR is to allow DHS to collect sufficient information for terrorist
screening, not to track the movements of employees, contractors and other types of
unescorted visitors. Information related to temporary changes in access status or other such
administrative details have little practical utility for screening against the TSDB.
VI.
Companies May be Put in a Legally Vulnerable Position as a Result of the ICR
Facilities are rarely in a legal position to guarantee the truth, correctness or completeness
of information related to contractors, vendors, truck drivers or any other non-employees.
Requiring signed documents by company officials will not ensure that information from
parties outside of their legal control is true, correct and complete. Additionally, signed
documents have no practical utility in terrorist screening. DHS should provide the means for
non-employees to provide the information directly to DHS and not through a third party,
such as a chemical facility.
NPRA is also concerned that the activities under this ICR are not explicitly limited to
providing specific information that will allow for screening against the TSDB. The ICR
reads as though facilities will somehow assist the federal government in the performance of
anti-terrorism duties. Telephone companies have been sued for assisting the government in
the setup of wire taps for suspected terrorists; therefore, companies could be vulnerable to
legal actions related to privacy.
VII.
DHS has Underestimated the Potential Burden Resulting from Compliance with
this ICR
DHS estimates that the personal surety program will include 1,063,200 affected
individuals. DHS has underestimated the number of personnel who will be affected by this
ICR. A brief review of the current TWIC Program reveals the consequences of
underestimating the population potentially affected by a regulatory action. The US Coast
Guard originally estimated that 400,000 persons would require a TWIC card to comply with
MTSA. The TWIC program requires similar screening against the TSDB as is outlined by
this ICR. So far, approximately 1,566,000 TWICs have been issued, which is around four
times the original estimate. As a result TSA underestimated the number of enrollment
centers and staffing needed to implement the program, making TWIC implementation more
difficult and time-consuming than anyone imagined.
In comparison, the initial number of CFATS facilities is nearly double the number of
facilities that must comply with MTSA (roughly 6000 versus 3200). Considering the
additional CFATS requirement for reporting escorted facility employees and duplicative
reporting of employees who need access to multiple locations, it is reasonable to conclude
that the DHS burden estimate is far lower than it should be.
NPRA recently conducted a sampling of 12 members to determine how many persons
would potentially be subject to screening and the number of reports DHS could expect from
this ICR. Below is a summary of the answers supplied to NPRA:
4
Number of initial submissions required to begin program: 13,479
Number of new affected individual initial submissions (Number of new persons
granted access during a 30 day period): 21, 020
Number of changes to previously submitted data within sample 30 day period:
8,535
Number of persons who no longer have access to site within sample 30 day
period: 9,857
Number of estimated outliers (such as non-scheduled deliveries): 1,936
It is clear from this small sampling that DHS may have underestimated not only the
burden on industry, but also the burden on itself.
VIII. Option to Resolve Issues Reflected in the NPRA Comments
NPRA strongly urges DHS to shift the responsibility for ensuring that employees and
non-employees are not terrorists from the private sector back to government, which is where
it has traditionally been and should remain. DHS should consider requiring individuals who
wish to be granted unescorted access to restricted areas and critical assets to provide
information necessary for screening against the TSDB directly to DHS and not through a
third party, such as a chemical facility. DHS should set up a program similar to the TWIC
program under MTSA and require individuals to provide information and significant updates
directly to DHS, where DHS would then provide the individual with credentials in the form
of a card that verifies the person has been screened against the TSDB. Additionally,
chemical facilities should not be responsible for updating or making any changes to the
access status of employees and non-employees. These suggestions are not intended to relieve
chemical facilities from their responsibilities to meet RBPS 12 under CFATS; rather, they are
proposed here to assist DHS in collecting appropriate and useful information for terrorist
screening in a manner that does not place undue burdens or legal vulnerabilities on the
regulated community.
IX.
Conclusion
NPRA appreciates the opportunity to provide comments on the DHS Personnel Surety
Program and views personnel surety as an integral component of chemical site security. The
requirements outlined in this ICR are more suited to rule-making because these are newly
imposed requirements with a binding effect on future actions by the regulated community.
Many of the issues raised in these comments could be addressed by adopting the option
presented in Section VIII. There is nothing in Section 550 of the Department of Homeland
Security Appropriations Act of 2007 that would prevent DHS from adopting the
5
recommendations of NPRA. NPRA looks forward to its continued work with DHS and
others to ensure the security of petrochemical plants and refineries.
Respectfully submitted,
David Friedman
Senior Director, Regulatory Affairs
NPRA
6
324 Highway 69
Nederland, TX 77627
Phone (409) 724-2565
Fax (409) 724-2671
www.istc.net
8200 North Main
Baytown, TX 77521
Phone (281) 421-0459
Fax (281) 421-8130
600 Marina Street
Beaumont, TX 77703
Phone (409) 833-2378
Fax (409) 833-2376
www.bestcomplex.com
DEPARTMENT OF HOMELAND SECURITY
National Protection and Programs Directorate
Chemical Facility Anti-Terrorism Standards for Personnel Surety
Request for Comments (75 FR 18850) on
New Information Collection Request 1670-NEW
[Docket No. DHS-2009-0026]
COMMENTS OF:
Industrial Safety Training Council
Safety Council Security Consortium
I.
INTRODUCTION
The Industrial Safety Training Council (“ISTC”) and the Safety Council Security
Consortium (“SCSC”) appreciate the opportunity to comment on the Department of Homeland
Security (“DHS”) information collection request (“ICR”) on the vetting of personnel and
unescorted visitors with access to restricted areas or critical assets (“covered persons”) at highrisk chemical facility against the Terrorist Screening Database (“TSDB”) as required under the
Chemical Facility Anti-Terrorism Standards’ (“CFATS”) personnel surety Risk-Based
Performance Standard (“RBPS”).
The ISTC is a 501(c)3 non-profit training and educational organization located in
Southeast Texas. The ISTC and thirteen other safety councils comprise the SCSC. Together, the
ISTC and the SCSC operate an established, highly successful and comprehensive identification
verification and background screening program for contractors, and their employees, working at
over 100 chemical and refining facilities throughout Texas, the Gulf Coast, and also in New
Jersey, West Virginia and several other states. The ISTC's subscriber base includes well over
1,100 contractor companies, and the ISTC implements training for over 4,000 contractor
companies. The ISTC provides site-specific, in-house-designed security programs for refineries,
petrochemical plants, and manufacturing facilities.
Under Section 550 of the Homeland Security Appropriations Act of 2007, 1 Congress
gave DHS regulatory authority over security at high-risk chemical facilities. On April 9, 2007,
DHS published the CFATS interim final regulations. 2 DHS has also established 18 RBPSs
under CFATS for chemical facility security, including the personnel surety RBPS. Under the
1
2
Pub. L. 109-295, Sec. 550.
6 CFR Part 27; 72 FR 17688.
1
personnel surety RBPS-12, high-risk chemical facilities are required to implement “measures
designed to identify people with terrorist ties.” 3 Information to achieve this requirement is to be
submitted to DHS through the Chemical Security Assessment Tool ("CSAT"), an online data
collection portal. The ISTC/SCSC is looking forward to working with DHS to implement a
CSAT pilot, and the ISTC/SCSC respectfully submits the following comments.
II.
DISCUSSION
A. The ISTC/SCSC is concerned that the DHS information collection will be overly
burdensome on ISTC/SCSC member facilities and participating contractors.
The ISTC/SCSC is not aware of any facility that currently maintains, in an easily
accessible or transferrable format, the information proposed in the ICR. Because of the broad
scope of the ICR, facilities would be required to maintain a comprehensive database of personal
information about covered persons, and those facilities would further be required to perform
regular updates to keep the information current. The ISTC/SCSC member facilities have
designated the ISTC/SCSC to perform many of the functions related to covered persons that
involve collecting the types of information proposed in the ICR.
The ISTC/SCSC has already considered and dealt with the legal issues associated with
collecting information of this kind. Through nationally recognized consumer reporting agency
vendors (which are fully regulated under the federal Fair Credit Reporting Act), the ISTC/SCSC
operates an established, highly successful, comprehensive and privacy-sensitive identification
verification and background screening program. The ISTC/SCSC process verifies and validates
the identity of employees, contractor employees and unescorted guests and their current status of
authorization by a specific facility to enter that facility. The ISTC/SCSC process also already
identifies certain individuals with terrorist ties by checking names against the OFAC list. The
ISTC/SCSC welcomes the expansion and strengthening of this check for its member facilities
through CSAT.
B. Should DHS choose to move forward, then the ISTC/SCSC would be a competent
and reliable partner with DHS to ensure that all required information about
covered persons is submitted for proper vetting against the TSDB.
Although the ISTC/SCSC does not currently collect personal information for covered
persons in each category listed in the ICR, the addition of these categories can be easily
accommodated in the routine technical processes of the ISTC/SCSC information collection. The
ISTC/SCSC looks forward to working with DHS as the dialogue continues on the
appropriateness of including particular data points in the ICR. Regardless, the ISTC/SCSC can
effectively maintain and update this information as needed under the proposed DHS schedule.
The ISTC/SCSC would also be able to leverage the existing infrastructure and network
capabilities to ensure secured electronic delivery of the information to DHS.
The ISTC/SCSC has also implemented an additional layer of security not included in the
ICR by capturing digital images (photographs) of each contractor employee or other employees
3
6 CFR 27.230(a)(12)(iv).
2
who pass through the ISTC/SCSC system. Although an image as an indentifying characteristic
of a particular individual can quickly become outdated, the ISTC/SCSC digital images of the
covered persons that pass through the ISTC/SCSC system are sometimes updated daily, but in no
event are older than six months. The ISTC/SCSC has determined that incorporating current
digital images of covered persons is beneficial throughout the identification verification process
and reduces false positives.
C. The ISTC recommends that DHS permit high-risk chemical facilities to designate
third parties to collect and submit the required data to DHS.
In order to preserve the highly effective personnel surety processes currently in place at
chemical and refining facilities nationwide, the ISTC/SCSC recommends that the personnel
surety RBPS include explicit provisions that allow private sector third-parties operating on
behalf of covered facilities to prepare and to submit information on covered persons to DHS for
vetting against the TSDB. DHS already provides a process for TWIC vendors to submit names
to the TSA to be checked against the TSDB. DHS should assure that private sector third-parties
under CFATS have the ability to perform the same comprehensive TSDB functions for covered
persons at high-risk chemical facilities.
CFATS provides high-risk chemical facilities with the discretion to choose and
implement security measures that satisfy the RBPSs. Further, the CSAT User Guide 4 states that
the system, "was designed to allow each company to determine the best way to provide
information." However, the ability of third parties to provide facilities with assistance is limited
to the role of a "preparer" to enter the data into the CSAT system. At present, only a designated
company employee may submit the information collected in the CSAT system to DHS.
The ISTC/SCSC is well-positioned to serve as a preparer of information. The
ISTC/SCSC has deep knowledge of each of its members’ facilities through its safety and security
training of personnel and contractors. The ISTC/SCSC is also ready to step into the role as a
regional supplier of information to DHS in order to ease the administrative burden on the
ISTC/SCSC member facilities. As a conduit for these facilities, the ISTC/SCSC can provide a
universal format to submit information to DHS. Therefore, we urge DHS to remain flexible on
the source of the information collected. The ISTC/SCSC believes that the facilities should have
the discretion to designate a third party to perform both the preparation and the submission of
information in order to further minimize the burden of the ICR on high-risk chemical facilities.
DHS has recognized that many chemical facilities are not prepared to handle, “the
potential sensitivity of the information uncovered” during a background check, which “are
subject to a unique set of laws and regulations to protect employees and consumers in the event
of misuse of data or fraud.” 5 Similarly, the information to be collected to perform a check for
terrorist ties against the TSDB under the ICR may also involve sensitive personal information
that facilities may not be prepared to handle. A private sector third-party, such as the
ISTC/SCSC that specializes in compliance with the Fair Credit Reporting Act and other
4
http://www.dhs.gov/xlibrary/assets/chemsec_csatuserregismanual.pdf
5
http://www.dhs.gov/xlibrary/assets/chemsec_cfats_riskbased_performance_standards.pdf
3
applicable federal and state information, privacy, and security laws would allow participating
chemical facilities to preserve valuable administrative resources. Because a significant number
of facilities currently use private sector third-parties to comply with other requirements of the
personnel surety RBPS, these facilities should be able to designate these same service providers
to prepare and to submit information through CSAT to DHS.
III.
CONCLUSION
We appreciate your consideration of these comments by the ISTC and the SCSC.
Respectfully submitted,
Russell Melancon Jr., CAE
President & CEO
Industrial Safety Training Council
324 Hwy 69
Nederland, TX 77627
4
PUBLIC SUBMISSION
As of: May 14, 2010
Received: May 13, 2010
Status: Draft
Tracking No. 80aed106
Comments Due: May 13, 2010
Submission Type: Web
Docket: DHS-2009-0026
Chemical Facility Anti-Terrorism Standard, PRA Notices for Comments on New Personnel Surety
Information Collection Request
Comment On: DHS-2009-0026-0020
Agency Information Collection Activities; Proposals, Submissions, and Approvals: Chemical Facility
Anti-Terrorism Standards Personnel Surety Program
Document: DHS-2009-0026-DRAFT-0031
Comment Submitted by
Submitter Information
Name: Dan Walters
Address:
600 Fourth St
Sioux City, IA, 51102-6000
Email: danielb.walters@gmail.com
Phone: 7122336565
Organization: Chemical Sector Coordinating Council
General Comment
See attached file(s)
Attachments
DHS-2009-0026-DRAFT-0031.1: Comment Submitted by
file:///D|/Documents%20and%20Settings/matthew.bettridge/Desktop/DHS-2009-0026-DRAFT-0031_CP.html[5/14/2010 6:40:28 AM]
May 13, 2010
American Coatings Association
American Chemistry Council
Todd M. Keil
Assistant Secretary
Office of Infrastructure Protection
National Protection and Programs Directorate
Department of Homeland Security
Washington, DC 20528
American Petroleum Institute
Re:
Docket No. DHS-2009-0026—Chemical Facility Anti-Terrorism
Standards Personnel Surety Program Information Collection
Request
Agricultural Retailers Association
Chemical Producers & Distributors
Association
The Chlorine Institute
CropLife America
Compressed Gas Association
The Fertilizer Institute
International Institute of Ammonia
Refrigeration
International Liquid Terminals
Association
Institute of Makers of Explosives
National Association of Chemical
Distributors
National Petrochemical &
Refiners Association
Dear Mr. Keil:
On behalf of the Chemical Sector Coordinating Council (CSCC)1, I am
writing to provide comments on the Department of Homeland
Security (DHS)’s proposed Chemical Facility Anti-Terrorism Standards
(CFATS) Personnel Surety Program (PSP) Information Collection
Request (ICR) (75 Fed. Reg. 18850, April 13, 2010).
CSCC members have a vital interest in having successful personnel
surety programs at our facilities and are committed to implementing
solutions that both comply with DHS requirements and are workable
for private sector owner/operators. CSCC members already follow a
series of voluntary practices, guidelines and standards to ensure that
only qualified and trustworthy personnel are hired to work at chemical
facilities. We support a robust and comprehensive approach to
screening potential and current employees and contractors that work
at our facilities – regardless of whether those facilities are deemed
“high risk” under the CFATS program. However, we have serious
concerns about the approach proposed by the DHS to gather
information on affected individuals. As discussed below, we believe
the proposed PSP:
•
Society of Chemical Manufacturers and
Affiliates
Is inconsistent with the CFATS statute because it is not a
performance standard;
1
The mission of the CSCC is to advance the physical and cyber security and
emergency preparedness of the nation’s chemical sector infrastructure.
Membership in the CSCC is open to any industry association predominantly
representing chemical sector businesses. The CSCC manages its activities consistent
with Homeland Security Presidential Directive 7 and related authorities.
1
•
Is an expansion of the Interim Final Rule that requires rulemaking;
•
Is unnecessary to that extent, duplicative of existing credentialing systems, and will
create significant burdens on facilities; and
•
Requires analysis under E.O. 12866 and statutes that protect small businesses.
Below we present a detailed discussion of these issues. We urge DHS to implement the PSP in a
way that remains within the scope of Interim Final Rule. We look forward to working with you
to help facilitate that process.
1.
PSP Conflicts with the Congressional Mandate that DHS Implement Performance
Standards
Since each chemical facility faces different security challenges, Congress explicitly directed DHS
to issue regulations "establishing risk-based performance standards for security chemical
facilities."2 Performance standards are particularly appropriate in a security context because
they provide the extraordinary diversity of CFATS facilities with flexibility to address their
equally diverse and unique security challenges. Using performance standards rather than
prescriptive standards also helps to increase the overall security of the sector by varying the
security practices used by different chemical facilities. Security measures that differ from
facility to facility mean that each presents a new and unique problem for an adversary to solve.
The Office of Management and Budget (OMB)’s Circular A-119 (Feb. 10, 1998) explains that
performance standards “state requirements in terms of required result with criteria for
verifying compliance but without stating the methods for achieving required results.” DHS
cited this OMB Circular in the proposed CFATS rules3 and in its Risk-Based Performance
Standards Guidance for CFATS issued in May 2009.4
Consistent with Congressional intent and the OMB Guidance, the CFATS interim final rule
established RBPS # 12, which requires facilities to “perform appropriate background checks on
and ensure appropriate credentials for facility personnel and as appropriate, for unescorted
visitors with access to restricted areas or critical assets, including . . . [m]easures designed to
identify people with terrorist ties.”
Unfortunately, the proposed PSP conflicts with Congress’s intent in enacting the CFATS statute,
and the OMB Circular, because it takes away a high-risk facility’s flexibility to achieve
compliance with RBPS-12. The CFATS statute, and RBPS #12, allow a facility to meet its
obigations by any method that is “designed to identify people with terrorist ties.” The
preamble to the interim Final Rule (IFR) clarified that “[t]his . . . standard can be achieved by
2
Pub. L. No. 109-295, § 550(a), 6 U.S.C. § 121 note.
See 71 FR 78282-83 (Dec. 28, 2006).
4
Risk-Based Performance Standards Guidance, Chemical Facility Anti-Terrorism Standards, v. 2.4 (Oct. 2008), at 9.
3
2
checking against the consolidated Terrorist Screening Database (TSDB).”5 As a result, therefore,
a facility should be deemed to satisfy RBPS #12 by any personnel surety program that entails a
TSDB check – for example, a system that requires presentation of a TWIC, HME, NEXUS or FAST
credential. Also, while it is essential for DHS to establish a mechanism to enable facilities to run
personnel against the TSDB (especially personnel who do not have one of the foregoing
credentials), DHS should not impose any obligations on facilities seeking to use that mechanism
beyond whatever minimal requirements are needed to ensure that users are legitimate and do
not impair its functionality.
The preamble to the IFR stated that, “[t]o minimize redundant background checks of workers,
DHS agrees that a person who has successfully undergone a security threat assessment
conducted by DHS and is in possession of a valid DHS credential such as a TWIC, HME, NEXUS,
or FAST, will not need to undergo additional vetting by DHS.”6 DHS has no legal authority to
now impose more terrorist background checking requirements than were announced in the IFR.
Neither the CFATS statute nor RBPS #12 authorize DHS, in the context of the CFATS program, to
demand more, or to now question the sufficiency of other federal vetting and credentialing
programs for CFATS purposes.
2. The PSP Changes the IFR and thus Must Go Through Notice & Comment Rulemaking
The CSCC is concerned about aspects of the ICR, and statements by DHS staff, indicating that
DHS may be retreating from statements in the IFR or adding new requirements upon facilities
not contained there. These include:
•
DHS’s new plan to conduct “recurrent vetting” of cleared personnel, thus requiring
facilities to notify DHS when a person no longer has access to restricted areas or critical
assets.
•
DHS’s intention to require facilities to submit updates on a DHS-approved schedule
whenever an approved person’s “information has changed.”
•
The statements in the ICR that DHS is now only “considering recognizing the previous
TSDB vetting results completed by other DHS programs.”
•
Statements by DHS staff that DHS intends to use the PSP as a way of linking each person
screened through it to a particular facility.
The sum effect of these changes is that the PSP is prescribing specific protocols for
administering background checks that take a categorically different approach than all other
TSDB background check programs currently administered in the United States. They suggest
5
6
72 Fed. Reg. 17709 (April 9, 2007).
Id.
3
that DHS does not intend to utilize the PSP merely as a mechanism to ensure that individuals
who are known to be threats are prohibited from accessing our nation’s critical infrastructure,
but rather to leverage private sector resources to track all individuals with access to these
facilities, regardless of whether they have been identified as terrorist threats to the homeland.
The IFR is a final regulation, and can only be retracted or expanded by notice and comment
rulemaking. Because this transformation of RBPS #12 into a public/private potential terrorist
tracking system is inconsistent with the IFR, DHS would have to go through rulemaking to
implement it. As DHS staff have publicly recognized, the ICR notices are not proposed rules,
and hence do not satisfy that requirement. Therefore, DHS should initiate the public notice and
comment process established by the Administrative Procedure Act (APA) if the agency decides
to go ahead with these additional provisions. That process would properly alert the public to
DHS’s intentions and would obligate DHS to properly respond to all substantive comments.
If DHS does not institute a new rulemaking process, the PSP program will be an illegal or “de
facto” rule to the extent that it varies from what was described in the IFR. The APA provides a
broad definition of a “rule” as an “agency statement of general or particular applicability and
future effect designed to implement, interpret, or prescribe law or policy or describing the
organization, procedure, or practice requirements of an agency and includes the approval or
prescription for the future”7 Agency actions such as the PSP can be considered a rule even if
not issued as such. Determining whether an agency action is a rule has been the subject of
much litigation, and case law provides extensive examples of spurious rules that were
invalidated:
•
In DIA Navigation Co., Ltd v. Pomeroy, 34 F.3d 1255 (3rd Cir. 1994), the court concluded
that an INS policy, applied in a binding form to carriers and based on an internal legal
opinion that required carriers to pay for the detention of stowaways was, in fact, a rule
that required notice-and-comment rulemaking due to its binding effect on carriers.
•
In Phillips Petroleum Co. v. Johnson, 22 F.3d 616 (5th Cir. 1994), an unpublished internal
paper that the Interior Department applied in a mandatory fashion was held to be a rule
that required notice-and-comment rulemaking.
Even if the PSP were viewed as a “new interpretation” of the IFR, that would require noticeand-comment rulemaking:
•
7
In Shell Offshore Inc. v. Babbitt , 238 F.3d 622, 629-630 (5th Cir. 2001) the court
determined that an offshore leasing rate was a “new interpretation” of a regulation
governing acceptance of a tariff, which was a “new substantive rule” also subject to
notice and comment.
See 5 U.S.C. § 551(4).
4
If DHS is determined to proceed with these changes to the IFR, it should explain their necessity
and legal authority in a proposed rule. In doing so, DHS will have to comply with E.O. 12866,
the Regulatory Flexibility Act and the Small Business Regulatory Enforcement Fairness Act since,
as explained in Section 4 below, the PSP as currently envisioned will itself:
Cost over $100 million in a single year and thus be a “major” rule; and
Have a significant impact on a substantial number of small entities.
Or, as we recommend, DHS should simply drop these changed features and proceed with a
simplified PSP designed simply to enable facilities to meet their obligations under RBPS # 12.
3.
The Proposed PSP Will Impose Reporting Obligations that Are Unnecessary,
Redundant and Far More Burdensome than Necessary
The ICR requests comments on whether the PSP will comply with the Paperwork Reduction Act
(PRA), and in particular whether it is necessary, whether it minimizes the burdens associated
with it, and whether those burdens have been estimated accurately.8 As explained below, the
PSP does not satisfy the PRA because (i) aspects of it are unnecessary, (ii) it will impose
redundant requirements, and (iii) DHS’s estimate of reporting burden is dramatically low.
a.
Aspects of the PSP Are Unnecessary
Section 1 of these comments explains how the PSP exceeds DHS’s statutory authority, because
it limits the flexibility that facilities are entitled to under a statute that authorizes only
“performance standards,” not prescriptive requirements. To the extent that the PSP goes
beyond DHS’s legal authority, it is by definition not “necessary for the proper performance of
the functions of the agency.”
b.
The PSP Would Lead to Redundant Collection of Information
Among the individuals that will have access to restricted areas or critical assets at high-risk
chemical facilities are those that have already been vetted against the TSDB; received other
relevant background checks – identity, criminal history, and citizenship; and, in most cases,
received a credential from a federal agency.9 The proliferation of federal security screening
programs has already led to thousands of individuals being subject to more than one screening
program. This redundancy is unnecessary and wasteful for the regulated population and the
government, and is exactly the sort of thing that the Paperwork Reduction Act was intended to
flag and curtail. To its credit, earlier this year the White House issued recommendations to
federal agencies to promote comparability and reciprocity of assessments across credentialing
8
75 Fed. Reg. 18856.
Security background checks administered by the Transportation Security Administration, the US Coast Guard, the
Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF), the Department of Defense, and the like.
9
5
and screening programs and to implement the principle of ‘enroll once, use many’ to reuse the
information of individuals applying for multiple access privileges.10 The proposed PSP
establishes yet another federal background check program for many of these same individuals,
and is at odds with the Administration’s overall effort to harmonize existing federal background
check programs.
As noted above, the IFR stated bluntly that, “[t]o minimize redundant background checks of
workers, DHS agrees that a person who has successfully undergone a security threat
assessment conducted by DHS and is in possession of a valid DHS credential such as TWIC, HME,
NEXUS, or FAST, will not need to undergo additional vetting by DHS.”11 We support this
position. However, the PSP dramatically rolls back this clear position, instead saying that:
DHS is considering recognizing the previous TSDB vetting results completed by other
DHS programs, such as TWIC, and the Trusted Traveler Programs (Secure Electronic
Network for Travelers Rapid Inspection (SENTRI), Free and Secure Trade (FAST), and
NEXUS). Further, DHS is also considering recognizing the results of TSDB vetting
(conducted by DHS) upon which each State relies when issuing a Commercial Driver's
License with a Hazardous Materials Endorsement (HME).12
It is particularly remarkable that, while the Administration is struggling to get different federal
agencies to grant reciprocity to each other, DHS is not willing to accept equivalent federal
background checks, including those conducted by itself, as sufficient for the CFATS standard.
Instead, the agency’s proposal requires facilities to “submit the name and credential
information for these persons along with the application data for other employees [and directs]
facilities … not [to] allow unescorted access to a critical asset or restricted area to a person in
possession of a DHS credential unless information on that person has been submitted [because]
DHS [needs to] determine whether the applicant poses a security threat.”13 (Emphasis added.)
According to written testimony provided by David Heyman, DHS Assistant Secretary for Policy,
on April 21, 2010 before the Senate Commerce, Science and Transportation Committee, TSA’s
security threat assessment for the HME vetting program “covers approximately 3 million drivers
authorized to transport hazardous materials.” Heyman also testified that “TSA has conducted a
full security threat assessment of, and issued a Transportation Worker Identification Credential
(TWIC) to, 1.6 million workers requiring unescorted access to secure areas of port facilities.”
HME drivers are already one of the largest groups of TWIC holders. Individuals with these types
of credentials must go through a “rigorous vetting program,” as Assistant Secretary Heyman
correctly pointed out to Congress. Many of these credentialed workers are either directly
employed by a high-risk facility or provide service to these facilities as a contractor or transport
carrier delivering or picking up a chemical of interest (COI).
10
Surface Transportation Security Priority Assessment, White House, March 2010.
Transportation Worker Identification Credential (TWIC), Hazardous Materials Endorsement (HME), Fast and
Secure Trade (FAST).
12
75 Fed. Reg. 18854 (emphasis added).
13
67 FR 17709 (April 9, 2007).
11
6
In the case of any high-risk facility that is also licensed or permitted by the ATF to manufacture,
import, distribute, or use explosives, the redundancy of the CFATS program will be 100 percent,
because all individuals that are authorized to possess explosives, and those empowered to
make management decisions or policies, are subject to a background check that is equivalent to
TWIC, HME, FAST, or any other DHS vetting programs.14
For this ICR to be approved, DHS needs to explain why the “rigorous vetting program” for
HMEs, TWICs, and other equivalent vetting programs needs to be duplicated by the CFATS
program. We simply see no additional security return. The CSCC cannot imagine any reason,
other than DHS’s apparent plan, noted above, to use the PSP to create a new potential terrorist
tracking system – something which we also have explained is beyond DHS’s CFATS authority.
c.
DHS Has Grossly Underestimates the PSP’s Real Burdens
We believe DHS is significantly underestimating the number of times affected individuals that
will be impacted by this proposal, given the large universe of existing credentialed employees
and contractors working at high-risk facilities:
o
In cases such as an agricultural retail or distribution facility, all employees at some point
in a day will likely be in a restricted area or near critical assets. In many cases, such
facilities cannot feasibly isolate restricted areas or critical assets to a limited number of
employees or visitors.
o
DHS’s estimate fails to take into account the additional facilities that may fall under the
CFATS program once the “indefinite time extension” issued by DHS on January 9, 2008 is
removed for farms, ranches, nurseries and other agricultural operations.
o
Many high-risk facilities in the retail segment of the economy during peak times of the
year could see a large number of visitors (i.e. customers) coming onto the facility.
Depending on how DHS defines “unescorted visitor,” and given the existing population
of 5,333 finally or preliminarily tiered facilities, the number of affected individuals could
be an order of magnitude greater than the 354,400 figure estimated by the agency
The CSCC also believes that DHS does not fully recognize the background checking
consequences that will flow from the certain fact that many individuals, such as truck drivers or
project contractors, will require ongoing access to facilities.
14
th
Contrary to the statement in the agency’s April 13 notice, the ATF vetting program does include a check against
the TSDB. The FBI operates the National Instant Criminal Background Check System (NICS) that ATF uses to vet
employees. One of the databases that NICS searches is the National Crime Information Center database, which
includes the TSDB.
7
The PSP also fails to take into account the potential for certain Maritime Transportation
Security Act (MTSA)-regulated facilities to be subject to CFATS in the future, as the
Administration calls for. Currently, there are approximately 3,200 MTSA-regulated facilities. If
the current MTSA exemption is eliminated, the number of CFATS-regulated facilities could
increase by more than 50% above the existing population. The number of affected individuals
might increase even further, based on the relative size of certain marine facilities to their inland
counterparts.
The administrative burden that PSP would create for both the public and private sectors is
simply enormous. As a standard of comparison – and warning – the Coast Guard’s original
estimate of 400,000 people requiring TWICs has already proven to be understated by factor of
four. Based on likely populations and multiple facility access requirements, the CSCC estimates
that the number of submittals required by PSP would affect upwards of 10 million. DHS
estimates that the amount of time for a responsible entity to submit the information on each
affected individual into the CSAT portal is 0.59 hours per individual. DHS also clarified that this
time burden is limited in scope to those activities listed in 5 CFR § 1320.3(b)(1). CSCC believes
this time does not account for investigations, increased liability, privacy accommodations and
adverse employment decisions. But even accepting the 0.59 hour estimate and multiplying by a
more likely estimate for the number of affected individuals (as described above), the total time
burden associated with collecting, verifying, reporting, maintaining and protecting information
for each affected individual could exceed 6,000,000 person hours. Based on an average hourly
wage of $20 per hour for an appropriate individual with the proper security level and training,
the total cost burden imposed on the regulated community would be $120 million.
4.
DHS Should Comply with E.O. 128866, the RFA and SBREFA
For the reasons just discussed, the economic impacts of a PSP program could be staggering.
This has several consequences.
First, Executive Order 12866 directs agencies to assess the effects of Federal regulatory actions
on State, local, and tribal governments, and the private sector, and to provide a qualitative and
quantitative assessment of the anticipated costs and benefits of a Federal mandate resulting in
annual expenditures of $100 million or more. The CSCC believes DHS should treat this
attemped expansion of the Interim Final Rule as a significant rulemaking and comply with the
Executive Order.
Second, the impacts of the proposed PSP will be especially profound on small businesses. In
fact, the CSCC believes the PSP will have a significant economic impact on a substantial number
of small entities, which requires DHS to conduct a Regulatory Flexibility Analysis in accordance
with the Regulatory Flexibility Act, and to convene a Small Business Regulatory Enforcement
Fairness Act panel.
The Regulatory Flexibility Act has two complementary objectives. The first is to ensure that
federal agencies follow specific procedures to assess the economic impacts of their regulatory
8
actions on small entities, and then consider regulatory alternatives that would reduce those
impacts. The second, broader objective is to change the culture within federal agencies so that
they appreciate the importance of small entities and reflect this appreciation in their regulatory
actions. For many years, the RFA, as a tool for regulatory reform, seemed to be doing poorly at
both objectives. Agencies either essentially ignored the RFA or conducted perfunctory
regulatory flexibility analyses.15
The Small Business Regulatory Enforcement Fairness Act of 1996 (SBREFA)16 reinforced the RFA
by making agency noncompliance with the RFA judicially reviewable.17 SBREFA also requires an
agency to convene a special review panel consisting of OMB and representatives of affected
small entities whenever it has to prepare a regulatory flexibility analysis.18
CSCC members appreciate that DHS has voluntary provided an initial analysis of the PSP’s
potential impacts on small entities, but this was conducted prior to final tiering. The new cost,
time and technical burdens make it clear that the PSP will have a significant impact on a
substantial number of small entities. Therefore, DHS should reassess its compliance with a
small business analysis should be re-evaluated by DHS.
Conclusion
CSCC members remain committed to complying with CFATS through the implementation of
suitable security measures at our facilities. Furthermore, we openly welcome frank discussions
with DHS as to how we achieve this mutual objective. The The CSCC strongly urges DHS to
consult with it about future program development before such regulatory initiatives are
prescribed to help ensure that errors such as those introduced in PSP do not continue in future
rulemakings.
CSCC is also concerned that the current ICR notice does not respond to every significant
comment filed on the initial ICR. We hope that DHS will fully respond to the significant
comments contained here, as well as to others submitted to the docket under current, past and
future ICR notices.
Thank you for your consideration of our views and concerns.
Respectfully,
Dan Walters
Chairman
15
Keith W. Holman, The regulatory flexibility act at 25: Is the law achieving its goal?, 33 Fordham Urb. L.J.
1119,1132 (2006).
16
Pub. L. No. 104-121.
17
5 U.S.C. § 611
18
5 U.S.C. §609(b).
9
PUBLIC SUBMISSION
As of: May 14, 2010
Received: May 13, 2010
Status: Draft
Tracking No. 80aed14d
Comments Due: May 13, 2010
Submission Type: Web
Docket: DHS-2009-0026
Chemical Facility Anti-Terrorism Standard, PRA Notices for Comments on New Personnel Surety
Information Collection Request
Comment On: DHS-2009-0026-0020
Agency Information Collection Activities; Proposals, Submissions, and Approvals: Chemical Facility
Anti-Terrorism Standards Personnel Surety Program
Document: DHS-2009-0026-DRAFT-0032
Comment Submitted by
Submitter Information
Name: Lindsay Otten
Address:
1701 Towanda Ave
Bloomington, IL, 61702-2500
Email: lotten@growmark.com
Phone: 309-557-6818
Organization: GROWMARK, Inc.
General Comment
See attached file(s)
Attachments
DHS-2009-0026-DRAFT-0032.1: Comment Submitted by
file:///D|/Documents%20and%20Settings/matthew.bettridge/Desktop/DHS-2009-0026-DRAFT-0032_CP.html[5/14/2010 6:40:28 AM]
PUBLIC SUBMISSION
As of: May 14, 2010
Received: May 13, 2010
Status: Draft
Tracking No. 80aed289
Comments Due: May 13, 2010
Submission Type: Web
Docket: DHS-2009-0026
Chemical Facility Anti-Terrorism Standard, PRA Notices for Comments on New Personnel Surety
Information Collection Request
Comment On: DHS-2009-0026-0020
Agency Information Collection Activities; Proposals, Submissions, and Approvals: Chemical Facility
Anti-Terrorism Standards Personnel Surety Program
Document: DHS-2009-0026-DRAFT-0033
Comment Submitted by
Submitter Information
Name: Gail Royster
Address:
701 Pennsylvania Avenue NW
Edison Electric Institute
Washington, DC, 20004
Email: groyster@eei.org
Phone: 202-508-5587
Fax: 202-508-5673
Submitter's Representative: Gail Royster
Organization: Edison Electric Institute
General Comment
Comments of the Edison Electric Institute: Chemical Facility Anti-Terrorism Standards Personnel
Surety
Attachments
DHS-2009-0026-DRAFT-0033.1: Comment Submitted by
file:///D|/Documents%20and%20Settings/matthew.bettridge/Desktop/DHS-2009-0026-DRAFT-0033_CP.html[5/14/2010 6:40:29 AM]
May 13, 2010
U.S. Department of Homeland Security
National Protection and Programs Directorate
Infrastructure Security Compliance Division
Office of Infrastructure Protection
Mail Stop #8100
Washington, D.C. 20528
Subject: Chemical Facility Anti-Terrorism Standards Personnel Surety
To whom it may concern:
The Edison Electric Institute (“EEI”),1 on behalf of its member companies, hereby
respectfully submits these comments in response to the April 13, 2010 Department of
Homeland Security (“DHS”) notice 75 Fed. Reg. 18,850, and request for comments in
Docket No. DHS-2009-0026, regarding a proposed information collection request
(“ICR”) pertaining to the Chemical Facility Anti-Terrorism Standards (“CFATS”). EEI
wishes to commend DHS for its efforts and also to express the electric industry’s
appreciation for providing an opportunity for interested stakeholders to submit comments
on CFATS.
Some of our members have facilities that are subject to CFATS by virtue of processes
that are necessary for purposes of environmental quality and compliance. They place the
very highest priority on the safety and security of its employees, facilities, and neighbors.
Any utility facility subject to CFATS has been subject to robust security measures since
before the creation of DHS’s chemical security program. Those measures have been
designed specifically with electric utility issues in mind. We urge DHS to exercise
restraint and judgment prior to imposing security measures designed with chemical
companies in mind on other industries. Notwithstanding the applicability of CFATS, the
presence of a chemical of interest may or may not reflect the most important security
issues at an electric utility facility. Any use of DHS’s narrow chemical authority to divert
a disproportionate amount of scarce security resources from more significant needs at an
electric utility facility has the potential to be counterproductive.
1
EEI is the trade association for shareholder-owned electric companies and serves international affiliates
and industry associates worldwide. Our U.S. member companies serve 95 percent of the ultimate
customers in the shareholder-owned segment of the industry and nearly 70 percent of all electric utility
customers in the nation. EEI members own approximately 60 percent of the nation’s circuit miles of
transmission. EEI membership includes vertically integrated and stand-alone utility business models.
1
EEI is concerned that the proposed ICR may reflect intent to require particular security
measures at regulated facilities. According to the statute, DHS “may not disapprove a
site security plan submitted under this section based on the presence or absence of a
particular security measure, but the Secretary may disapprove a site security plan if the
plan fails to satisfy the risk-based performance standards established by this section.”
Pub. L. No. 109-295, § 550, 120 Stat. 1355, 1388 (2006). However, the proposed ICR
indicates DHS will require all regulated facilities at all risk tiers to produce background
checks for all “facility personnel and, as appropriate, unescorted visitors” who are
deemed to have access to “restricted areas or critical assets.” See 75 Fed. Reg. at 18,851,
18,853.
An electric utility’s facility is subject to CFATS if it possesses one or more chemicals of
interest above the screening threshold quantity. Such facilities are likely to be “restricted
areas” in the sense that there is perimeter fencing and individual screening by trained
security personnel at the access point. The particular chemicals giving rise to DHS
jurisdiction may or may not be subject to additional fencing or access restrictions.
Depending on site-specific situations, there may be safety-related reasons not to further
restrict access to the chemical storage area within the larger, facility-wide restricted area.
That means anybody on the premises could conceivably be deemed to have access to
restricted areas.
In addition, from time to time, electric utility facilities may be subject to substantial
projects for the installation of new pollution control devices or for other purposes. Those
projects may call for hundreds of contractors to be within the fence on some portion of
the facility’s grounds for several months or years at a time. Contractor employees are not
necessarily escorted by facility personnel as they go about their functions. Obviously,
that fact raises certain security issues that a covered facility must take into account.
However, it would not be appropriate or lawful for DHS to impose a mandatory
requirement, subject to penalties of $25,000 per day per violation, see 6 C.F.R. § 27.300,
for a covered electric utility to perform background checks on every contractor employee
who may be on some portion of the facility at some time. Whether across-the-board
background checks are appropriate at a particular covered facility should be determined
as the statute requires: on a facility-specific basis, taking into account the particular
security risks and conditions at the site.
If DHS were to interpret its own regulations as requiring this particular security measure
to be mandatory for all covered facilities at all risk tiers, then the regulations also would
be contrary to the statute. However, it would be arbitrary and capricious to read DHS's
regulations that way. The personnel surety risk-based performance standard (“RBPS”)
requires “appropriate background checks on and ensure appropriate credentials for
facility personnel and as appropriate, for unescorted visitors with access to restricted
areas or critical assets . . . .” 6 C.F.R. § 27.230(a) (12) (emphases added). The proposed
ICR indicates DHS is interpreting the regulations in a manner that ignores the word
“appropriate.” That is the heart of the concern.
Accordingly, EEI urges DHS to clarify that it will apply this RBPS and other standards in
a risk-based manner, taking into account facility-specific conditions. We further urge
DHS to clarify that it will not impose a background check requirement for all persons
2
who may have access to covered facilities, except as determined to be necessary for riskbased reasons on a facility-specific basis.
Thank you again for this opportunity to provide comments. If you have any questions
about these comments please feel free to contact Gail Royster, Program Manager, at 202508-5587 or groyster@eei.org, or Aryeh Fishman, Director, Regulatory Legal Affairs, at
202-508-5023 or afishman@eei.org. EEI looks forward to working closely with DHS in
the future.
Respectfully submitted
/s/ James P. Fama
James P. Fama
Executive Director, Energy Delivery
Edison Electric Institute
701 Pennsylvania Avenue, NW
Washington, DC 20004-2696
(202) 508-5000
3
PUBLIC SUBMISSION
As of: May 14, 2010
Received: May 13, 2010
Status: Draft
Tracking No. 80aed28d
Comments Due: May 13, 2010
Submission Type: Web
Docket: DHS-2009-0026
Chemical Facility Anti-Terrorism Standard, PRA Notices for Comments on New Personnel Surety
Information Collection Request
Comment On: DHS-2009-0026-0020
Agency Information Collection Activities; Proposals, Submissions, and Approvals: Chemical Facility
Anti-Terrorism Standards Personnel Surety Program
Document: DHS-2009-0026-DRAFT-0034
Comment Submitted by
Submitter Information
Name: R. Peter Weaver
Address:
1444 I Street NW
Suite 400
Washington, DC, 20005
Email: rpweaver@ilta.org
Phone: (202) 842-9200
Fax: (202) 326-8660
Submitter's Representative: R. Peter Weaver
Organization: ILTA
General Comment
ILTA is pleased to submit the attached additional comments on DHS’s proposed Personnel Surety
Program, Docket No. DHS-2009-0026. These are provided in response to the Department’s April 13,
2010 notice and request for comments, 75 Fed. Reg. 18850.
Attachments
DHS-2009-0026-DRAFT-0034.1: Comment Submitted by
file:///D|/Documents%20and%20Settings/matthew.bettridge/Desktop/DHS-2009-0026-DRAFT-0034_CP.html[5/14/2010 6:40:29 AM]
May 13, 2010
Todd M. Keil
Assistant Secretary
Office of Infrastructure Protection
National Protection and Programs Directorate
Department of Homeland Security
Re: Second Request for Comments by DHS on its Chemical
Facility Anti-Terrorism Standards Personnel Surety
Program, Docket No. DHS-2009-0026
Dear Assistant Secretary Keil:
The International Liquid Terminals Association (ILTA) is pleased to submit
additional comments on the above-referenced Department of Homeland Security
(DHS) information collection request for submittal to the Office of Management
and Budget. The following comments augment an earlier submission by ILTA
on August 10, 2009, which responded to DHS’s initial information collection
request, 74 Fed. Reg. 27555.
ILTA is an international trade association that represents eighty commercial
operators of bulk liquid terminals, aboveground storage tank facilities and
pipelines located in the United States and 42 other countries. In addition, ILTA
includes in its membership more than three hundred companies that supply
products and services to the bulk liquid storage industry.
ILTA member facilities include deepwater, barge, and pipeline terminals whose
bulk liquid commodities are essential to our economy. These terminals
interconnect with and provide services to the various modes of bulk liquid
transportation, including oceangoing tankers, barges, tank trucks, rail cars, and
pipelines. The commodities handled include chemicals, crude oil, petroleum
products, renewable fuels, asphalt, animal fats and oils, vegetable oils, molasses,
and fertilizers. Customers who store products at these terminals include oil
producers, chemical manufacturers, product manufacturers, food growers and
producers, utilities, transportation companies, commodity brokers, government
agencies, and the military.
CFATS Personnel Surety Program, Docket No. DHS-2009-0026
Additional Comments of the International Liquid Terminals Association
May 13, 2010
ILTA and its terminal member companies recognize the importance of providing effective
personnel surety at our nation’s high-risk chemical facilities in order to ensure that individuals
with unescorted access to restricted areas or critical assets have suitable backgrounds for their
level of access. Effective personnel surety includes a comparison of appropriate personally
identifiable information (PII) against that of known and suspected terrorists as maintained in the
government’s Terrorist Screening Database (TSDB). ILTA strongly agrees with DHS’s May
2009 Risk-Based Performance Standards (RBPS) guidance for personnel surety in that regard.
In the Department’s April 13, 2010 notice and request for comments, 75 Fed. Reg. 18850, DHS
requested “additional comments” on its personnel surety program (PSP) for review and clearance
in accordance with the Paperwork Reduction Act of 1995 (PRA). Through this submittal, ILTA
is responding to new OMB and DHS questions with additional comments, including the
following main points:
1. PSP violates the statutory Congressional requirement for performance standards in
DHS’s regulation of the Chemical Facility Anti-Terrorism Standards (CFATS).
2. PSP is fundamentally at odds with DHS’s guidance for its performance standard on
personnel surety, RBPS-12, by failing to provide a mechanism for facilities to ensure that
individuals have suitable backgrounds for their level of access. This raises the question
as to whether DHS plans to utilize the PSP, not to ensure that individuals who are known
to be threats are prohibited from accessing our nation’s critical infrastructure, but rather
to leverage private sector resources for the purpose of tracking all individuals with access
to these facilities, regardless of whether they have been identified as security threats.
3. Submissions of PII by facilities to DHS for personnel or unescorted visitors who can
demonstrate through an existing credential that they have been successfully screened
against the TSDB is duplicative, wasteful, and serves no legitimate purpose.
4. DHS has underestimated the likely affected population and, correspondingly, the cost and
burden of administering the proposed PSP. The accuracy of its estimates may be further
undermined by the potential for future additions of currently exempted maritime or
agricultural facilities.
5. DHS’s request for an exemption from the PRA is unwarranted and raises privacy
concerns.
The proposed PSP raises concerns important issues about DHS’s objectives in implementing
CFATS. To address these issues, ILTA poses the following questions:
2
CFATS Personnel Surety Program, Docket No. DHS-2009-0026
Additional Comments of the International Liquid Terminals Association
May 13, 2010
•
If DHS’s Infrastructure Security Compliance Division (ISCD) believes that an individual
listed on the TSDB should be prohibited from accessing a “high risk chemical facility,”
then why wouldn’t the PSP include measures to enable a facility to recognize whether its
employees, contractors, truck drivers, or unescorted visitors were identified on that list?
•
Why does ISCD believe that is relevant to national security to identify the high-risk
chemical facilities to which an approved individual might require access?
•
How does ISCD intend to manage redundant submissions of PII that it would obtain from
multiple facilities submitting information on personnel, including truck drivers and
contractors? How will ISCD effectively update its database when an individual is
removed from one facility yet not from others where he has also been granted access?
ILTA maintains that such a duplicative process would likely increase the probability of
data entry error or breaches in data security.
•
How is a facility to determine whether truck drivers or certain contractors will be visiting
the facility on a future occasion? When such information is unknown, would it be
appropriate to submit the individual’s data to ISCD within the time allowed and at a later
date, report that the individual no longer has access? Would this process repeat upon a
future return of the individual to perform work the facility?
•
Can ISCD explain why it would need to verify that a background check was completed
for an individual who already holds a government-issued security credential, which
requires a successful check against the TSDB prior to its issuance?
•
Why is it that ISCD has chosen to decouple the four required background check elements
required by 27.230(a)(12), rather than address them in a single process as has been
accomplished, for instance, by both the Coast Guard and Department of Transportation?
•
Finally, would ISCD articulate its specific objectives for PSP and explain how it will
efficiently or effectively meet these objectives?
General ILTA Comments
1. PSP Conflicts with the Congressional Mandate to Implement Performance Standards
The proposed PSP prescribes specific protocols for administering background checks with a
categorically distinct approach from other TSDB background check programs currently
administered in the United States. This proposal goes against the foundational “performance
standards” basis of the CFATS interim final rule.
3
CFATS Personnel Surety Program, Docket No. DHS-2009-0026
Additional Comments of the International Liquid Terminals Association
May 13, 2010
In the initial authorization language for CFATS, Congress explicitly directed DHS to issue
regulations "establishing risk-based performance standards for security chemical facilities." At
that time, performance standards were deemed particularly appropriate in the security context
because they provided individual facilities with the flexibility to address their unique security
challenges. Using performance standards rather than prescriptive standards would further help
increase overall chemical sector security by varying the security practices used by different
facilities as differing facility-specific security measures present new and unique problems for an
adversary to overcome.
Office of Management and Budget (OMB) Circular A-119 (Feb. 10. 1998) explains that
performance standards “state requirements in terms of required result with criteria for verifying
compliance but without stating the methods for achieving required results.” This OMB Circular
is referenced in DHS’s May 2009 RBPS guidance. But PSP is in direct conflict with both the
OMB Circular and the intention of Congress with regard to performance rather than prescriptive
standards. If mandated, PSP would remove a high-risk facility’s flexibility to achieve
compliance in accord with the guidance for RBPS-12 which allows for the facility to determine
the sufficiency of federal vetting and credentialing programs, rather than ISCD.
For these reasons, it would be appropriate for ISCD to offer PSP as an option for facilities to
consider for checking personnel against the TSDB as required under RBPS-12. But such a
prescriptive measure cannot be required under CFATS. Facilities should be allowed to utilize
any of the numerous equivalent federal programs to check such individuals against the TSDB,
including the Coast Guard’s Transportation Worker Identification Credential (TWIC), the
Department of Transportation’s Hazardous Materials Endorsement (HME), or the United States
and Canada’s joint Free and Secure Trade (FAST) program.
2. DHS’s Personnel Surety Program Conflicts with RBPS 12.
ILTA maintains that the proposed PSP is significantly flawed. This is due to the program’s
inability to achieve the inherent goal of TSDB screening, as stated in RBPS 12, to “ensure that
individuals allowed on-site have suitable backgrounds for their level of access.” DHS’s first
request for comments on the PSP was published in the Federal Register on June 10, 2009, just
one month after its RBPS guidance was issued.
According to the PSP, a high-risk facility may grant access to any individual, including those
who may be listed on the TSDB, long before PII is submitted to DHS. Additional weeks could
pass before any actions were initiated that might inhibit the individual’s access. At no point
would such a facility be able to verify that the individual has a “suitable background,” based on
exclusion from the TSDB.
4
CFATS Personnel Surety Program, Docket No. DHS-2009-0026
Additional Comments of the International Liquid Terminals Association
May 13, 2010
A disclaimer in the guidance states that it “reflects DHS’s current views on certain aspects of the
Risk-Based Performance Standards” and “does not establish legally enforceable requirements.”
The disclaimer continues, stating that “(h)igh risk facility owners/operators have the ability to
choose and implement other measures to meet the RBPSs…” and that specific security measures
and practices in the document are “neither mandatory or necessarily the ‘preferred solution.’”
Nevertheless, given the highly subjective nature of CFATS obligations, it is reasonable to expect
that a facility that complies with the guidance would be in compliance with the regulation.
In addition, each of DHS’s relevant metrics supporting personnel surety compliance (guidance
metrics 12.1 through 12.5) is in conflict with the PSP:
Metric 12.1
RBPS 12:
“All new/prospective employees and contractors, as well as any unescorted visitors, who
have access to restricted areas or critical assets have appropriate background checks.
Access to restricted areas or critical assets is allowed after appropriate background checks
have been successfully completed.”
PSP:
The PSP would do nothing to prevent an employee, contractor or unescorted visitor from
being given access to restricted areas or critical assets at any time. “Initial Submission of
Affected Individual’s information” would not be required for submission to ISCD until
90 days after the individual is first allowed on site at a tier 3 or tier 4 regulated facility
(60 days for tier 1 and tier 2 facilities). Only then would the information be available to
DHS for submission to the Transportation Security Administration (TSA) for an
obligatory review against the TSDB. Regardless of the time required for the government
to complete this process, the facility would never receive any information as to whether
the individual poses a known threat. Thus, according to PSP, the facility would not be
prompted to further restrict access to facility personnel, nor would it know whether an
individual has had his data submitted for background investigations, know whether
appropriate background checks have been completed, or receive the results of the
investigation. Therefore, a facility would be unable to demonstrate compliance with
Metric 12.1 if it adheres strictly to the PSP.
Additionally, the PSP only references affected populations as “facility personnel” and
“unescorted visitors.” This reference to facility personnel does not align with RBPS-12
categorizations of “employees” and “contractors.” Under PSP, it remains ambiguous
whether a DHS inspector would characterize an escorted contractor as part of the
5
CFATS Personnel Surety Program, Docket No. DHS-2009-0026
Additional Comments of the International Liquid Terminals Association
May 13, 2010
“affected population.” For instance, would a truck driver be an “employee” or could he
be an “escorted visitor”? This confusion persists through Metric 12.2 and 12.4 as well.
Metric 12.2
RBPS 12:
“All existing employees and contractors who have access to restricted areas or critical
assets undergo background investigations in an expedited but reasonable period from the
date of preliminary approval of the [Site Security Plan]. [For tiers 1, 2, and 3,]
investigations are repeated for all individuals at regular intervals thereafter.”
PSP:
The PSP requires that the affected population have their data submitted to ISCD within
60 or 90 days, depending on tier. It also requires that all facilities submit notification
within 90 days of when “an affected individual no longer has access,” regardless of tier.
ISCD has stated that this requirement is intended to assist DHS in the elimination of
unnecessary repeat investigations. However PSP fails to recognize that RBPS guidance
excludes any requirement for persons with access to restricted areas or critical assets at
tier 4 facilities to undergo repeat background checks.
Metric 12.3
RBPS 12:
“The background checks are conducted in accordance with documented requirements
established by the corporation, facility, or FSO.”
PSP:
The PSP is highly prescriptive, requiring that the facility submit data on each “affected
individual,” regardless of whether that employee, unescorted visitor, contractor or truck
driver can demonstrate a current and successful completion of all required government
background checks. Such a requirement conflicts directly with Metric 12.3 which allows
the background check process to be determined by the corporation, facility or FSO.
6
CFATS Personnel Surety Program, Docket No. DHS-2009-0026
Additional Comments of the International Liquid Terminals Association
May 13, 2010
Metric 12.4
RBPS 12:
“Processes are in place to provide DHS with the necessary information to allow DHS to
screen individuals (e.g., employees, contractors, unescorted visitors) who have access to
restricted areas or critical assets against the TSDB.”
PSP:
PSP language apparently presupposes that “DHS” does not include TSA, the agency
responsible for coordinating access to the TSDB. While the FBI, not TSA, manages this
list, TSA coordinates access to the TSDB for all the current government vetting
programs. PSP would obligate facilities to present background information on
individuals to ISCD, through use of its Chemical Security Assessment Tool (CSAT).
ISCD would then be expected to forward the received information to TSA. It is unclear
why this would be required for individuals who have already submitted their data to TSA
directly in obtaining effectively the same background check, as administered under
programs such as TWIC, HME or FAST. ILTA respectfully requests ISCD to explain
what it intends to achieve by requiring direct submissions to the CSAT even when
individuals have previously submitted to DHS background checks against the TSDB.
Metric 12.5
RBPS 12:
“The background check program is audited annually.”
PSP:
Company or facility audits of background check programs are not addressed in the PSP.
3. Requiring the Submission of PII to Verify Individuals Successfully Screened Against
the TSDB is Duplicative, Wasteful, and Serves No Legitimate Purpose.
According to the April 21, 2010 written testimony of David Heyman, DHS Assistance Secretary
for Policy before the Senate Commerce, Science and Transportation Committee, TSA’s security
threat assessment for the HME vetting program “covers approximately three million drivers
authorized to transport hazardous materials.” Heyman noted that “TSA has conducted a full
security threat assessment of, and issued a Transportation Worker Identification Credential
(TWIC), to 1.6 million workers requiring unescorted access to secure areas of port facilities.”
7
CFATS Personnel Surety Program, Docket No. DHS-2009-0026
Additional Comments of the International Liquid Terminals Association
May 13, 2010
HME drivers are already one of the largest groups of TWIC holders, and individuals with these
credentials go through a “rigorous vetting program.” These workers may also be directly
employed by a high-risk facility or provide service to these facilities as contractors or truck
drivers delivering and /or picking up a chemical of interest (COI). Many of these workers will
require access to one or more CFATS-regulated facilities. The proliferation of federal security
screening programs has already led to many thousands of individuals being subject to one or
more screening programs.
The Interim Final Rule for CFATS published in the Federal Register on April 9, 2007 states:
“To minimize redundant background checks of workers, DHS agrees that a person who has
successfully undergone a security threat assessment conducted by DHS and is in possession of a
valid DHS credential such as TWIC, HME, or FAST, will not need to undergo additional vetting
by DHS.” ILTA strongly supports this position.
However, the proposed PSP indicates that ISCD is unwilling to accept these equivalent federal
background checks as sufficient for the CFATS standard. The proposal requires facilities to
“submit the name and credential information for these persons along with the application data for
other employees [and directs] facilities … not [to] allow unescorted access to a critical asset or
restricted area to a person in possession of a DHS credential unless information on that person
has been submitted [because] DHS [needs to] determine whether the applicant poses a
security threat.” Such a position is simply without merit for individuals who have already
undergone and maintain current, comparable background checks.
DHS should not require duplicative submissions for persons who are known not to be on the
TSDB. There is no legitimate security purpose for tracking these individuals. Equally
important, the quality and reliability of information collected on personnel not previously
screened against the TSDB through an alternate and comparable program would be enhanced by
not loading the system with records of cleared individuals.
The submission of data for individuals at each high-risk facility where access is granted, as
required under the proposed PSP, would be redundant for all individuals already holding a valid
credential demonstrating successful vetting against the TSDB. Such a requirement would also
exceed the guidance provided for personnel surety under RBPS-12. Such redundancy is
unnecessary and wasteful and can adversely impact both the regulated population and the
government.
During a Surface Transportation Security Priority Assessment in March 2010, the White House
issued recommendations to federal agencies to (1) promote comparability and reciprocity of
assessments across credentialing and screening programs and (2) implement “the principle of
‘enroll once, use many’ to reuse the information of individuals applying for multiple access
8
CFATS Personnel Surety Program, Docket No. DHS-2009-0026
Additional Comments of the International Liquid Terminals Association
May 13, 2010
privileges. The PSP proposal is at odds with the Administration’s overall effort to harmonize
existing federal background check programs. Establishing another federal background check
program for the same individuals will not further enhance security at these high-risk facilities.
ILTA cannot envision how the ISCD approach will enhance security when limited resources are
diverted to tracking individuals who have already been cleared against the TSDB.
The practice of tracking approved citizens with access to high-risk facilities introduces
potentially significant privacy concerns. PSP is overly prescriptive, unnecessarily burdensome
and highly duplicative. It demands the reporting of significant quantities of data yet it fails to
achieve the objectives of RBPS-12. ILTA contends that the administrative burden on ISCD if
this duplicative requirement persists will be onerous and conducive to error while providing no
security return. Therefore, the information collection, as stated, is not necessary for many, if not
most, potentially impacted individuals.
4. DHS has Understated the Likely Size of an Affected Population
ILTA believes that ISCD is significantly underestimating the number of affected individuals that
will be impacted by this proposal given the large universe of existing credentialed employees and
contractors working at high-risk facilities. ISCD may also be significantly underestimating the
number of facilities that certain affected individuals will be required to access. Furthermore, it
overestimates the ability of facilities, especially storage terminals, to isolate restricted areas or
critical assets from selected employees or visitors. It also appears as though ISCD has not
considered a persistent uncertainty that exists regarding whether certain individuals, such as
truck drivers or project contractors, require ongoing access. In addition, the estimation of a likely
affected population has a unique complexity under CFATS in that the definition of an “asset,”
particularly with networked computer systems, can extend beyond the physical perimeter of the
facility. As such, ILTA believes that the DHS estimate of 354,400 respondents is likely off by
an order of magnitude when considering the current population of 5,333 tiered facilities.
Currently, an exemption exists for facilities regulated by the Maritime Transportation Security
Act (MTSA). If the exemption is eliminated at some point in the future, as is currently being
considered by Congress, approximately 3,200 MTSA-regulated facilities could become subject
to regulation under CFATS, increasing the number of affected facilities by 50%. The number of
affected individuals and facility submissions would likely increase disproportionately, based on
the larger size of certain marine facilities relative to their inland counterparts.
The DHS estimate also excludes consideration of the farms, ranches, nurseries and other
agricultural operations that may fall under the CFATS program at some later date once the
9
CFATS Personnel Surety Program, Docket No. DHS-2009-0026
Additional Comments of the International Liquid Terminals Association
May 13, 2010
“indefinite time extension,” issued by DHS in January 2008, is removed. Depending on how
DHS defines “unescorted visitor,” the number of affected individuals at these facilities alone
could far outweigh DHS’s current estimated number of respondents.
Based on likely populations and multiple facility access requirements, the Chemical Sector
Coordinating Council (CSCC) has estimated that the current scope of DHS’s proposed PSP
would require upwards of 10 million individual submissions of PII. For comparison, the Coast
Guard’s original estimate of 400,000 TWIC holders has already proven to be understated by a
factor of four. The administrative burden that ISCD’s proposal would create for both the public
and private sectors is simply enormous. DHS estimates that the amount of time for a responsible
entity to submit the information on each affected individual into the CSAT portal is 0.59 hours
per individual for activities listed in 5 CFR 1320.3(b)(1). Using this value as well as the CSCC
estimate for the required number of submissions, the total time burden associated with collecting,
verifying, reporting, maintaining and protecting information for each affected individual would
approach six million man hours. Assuming an average hourly wage of $20 per hour for an
appropriate individual with the proper security level and training, the total cost burden imposed
on the regulated community would be nearly $120 million.
Executive Order 12866 directs agencies to assess the effects of Federal regulatory actions on
state, local, and tribal governments, as well as the private sector. It also requires a qualitative
and quantitative assessment of the anticipated costs and benefits of a Federal mandate resulting
in annual expenditures of $100 million or more among all referenced parties. ILTA believes that
the PSP qualifies as a significant rulemaking, and should it become a requirement rather than an
option, it must be held to the appropriate administrative procedures.
5. DHS’s Request for an Exemption to the PRA is Unwarranted
ISCD claims that its request for an exemption to the Paperwork Reduction Act (PRA) is for the
purpose of efficiency so that facilities would not be obligated to collect signatures from
individuals from whom PII is collected. ILTA maintains that the signature collection burden
would be minimal in comparison to the burden of obtaining the PII itself. The PRA exemption
request is simply unwarranted.
ILTA has articulated its concerns regarding the PRA exemption request in its August 10, 2009
submission to this docket. Those comments addressed ILTA’s belief that such an exemption
would inappropriately allow the use of information about an individual without his or her
knowledge or consent, regardless of DHS’s intent.
10
CFATS Personnel Surety Program, Docket No. DHS-2009-0026
Additional Comments of the International Liquid Terminals Association
May 13, 2010
ILTA Recommendation
ILTA recommends that DHS offer PSP as an option for facilities to consider in meeting the
objectives of RBPS 12. To require individual facilities to constantly update and correct
information about affected individuals will neither “increase the accuracy of data collected,” nor
“decrease the probability of incorrect matches” with the TSDB. It will, however, significantly
increase the administrative burden on companies required to provide the information. In so
doing, it increases the likelihood that the data, at times, will be incomplete and/or inaccurate.
While certain entities regulated under the CFATS program may elect to adopt some or all of the
practices proposed in the PSP, ILTA objects to utilizing it as a means of enforcing certain
practices at high-risk chemical facilities where the facility is otherwise able to demonstrate
adherence to official DHS guidance on RBPS-12 through other mechanisms.
Mandating PSP to achieve personnel surety for all personnel at every CFATS-regulated facility
is not an effective means of improving our nation’s overall security posture.
Thank you for your consideration of these comments.
Sincerely,
R. Peter Weaver
Director of Regulatory Compliance and Safety
11
PUBLIC SUBMISSION
As of: May 14, 2010
Received: May 13, 2010
Status: Draft
Tracking No. 80aecec0
Comments Due: May 13, 2010
Submission Type: Web
Docket: DHS-2009-0026
Chemical Facility Anti-Terrorism Standard, PRA Notices for Comments on New Personnel Surety
Information Collection Request
Comment On: DHS-2009-0026-0020
Agency Information Collection Activities; Proposals, Submissions, and Approvals: Chemical Facility
Anti-Terrorism Standards Personnel Surety Program
Document: DHS-2009-0026-DRAFT-0035
Comment Submitted by
Submitter Information
Name: John S Morawetz
Address:
329 Race Street
Cincinnati, OH, 45202
Email: JMorawetz@ICWUC.org
Phone: 513-621-8882
Fax: 513-621-8247
Organization: ICWUC/UFCW
General Comment
See attached file(s)
Attachments
DHS-2009-0026-DRAFT-0035.1: Comment Submitted by
file:///D|/Documents%20and%20Settings/matthew.bettridge/Desktop/DHS-2009-0026-DRAFT-0035_CP.html[5/14/2010 6:40:30 AM]
PUBLIC SUBMISSION
As of: May 14, 2010
Received: May 13, 2010
Status: Draft
Tracking No. 80aed2e7
Comments Due: May 13, 2010
Submission Type: Web
Docket: DHS-2009-0026
Chemical Facility Anti-Terrorism Standard, PRA Notices for Comments on New Personnel Surety
Information Collection Request
Comment On: DHS-2009-0026-0020
Agency Information Collection Activities; Proposals, Submissions, and Approvals: Chemical Facility
Anti-Terrorism Standards Personnel Surety Program
Document: DHS-2009-0026-DRAFT-0036
Comment Submitted by
Submitter Information
Name: Helen R. Nalley
Address:
Post Office Box 2641
Birmingham, AL, 35291
Email: HRNALLEY@southernco.com
Organization: Southern Company
General Comment
Southern Company's comments are attached.
Attachments
DHS-2009-0026-DRAFT-0036.1: Comment Submitted by
file:///D|/Documents%20and%20Settings/matthew.bettridge/Desktop/DHS-2009-0026-DRAFT-0036_CP.html[5/14/2010 6:40:30 AM]
Southern Company Generation
600 North 18th Street
Post Office Box 2641
Birmingham, Alabama 35291
May 13, 2010
SUBMITTED VIA WWW.REGULATIONS.GOV
DOCKET NO. DHS-2009-0026
Mr. Dennis Deziel, Deputy Director
Infrastructure Security Compliance Division
Office of Infrastructure Protection
U.S. Department of Homeland Security
Mail Stop #8100
Washington, D.C. 20528
Re:
Chemical Facility Anti-Terrorism Standards Personnel Surety
Dear Mr. Deziel:
This letter provides comments on behalf of Southern Company (“Southern”) in response
to a notice and request for comments regarding a proposed information collection request
(“ICR”) pertaining to the Chemical Facility Anti-Terrorism Standards (“CFATS”), as
published by the Department of Homeland Security (“DHS”) on April 13, 2010. 75 Fed.
Reg. 18,850. Thank you for the opportunity to comment.
Southern is an investor-owned utility based in Atlanta, Georgia. We serve 4.4 million
customers with more than 42,000 megawatts of generating capacity. Southern’s
operating company subsidiaries include Alabama Power Company, Georgia Power
Company, Gulf Power Company, Mississippi Power Company, and Southern Power
Company. Some facilities of Southern’s operating companies are subject to CFATS by
virtue of processes that are necessary for purposes of environmental quality and
compliance.
Southern places the very highest priority on the safety and security of its employees,
facilities, and neighbors. Any facility subject to CFATS has been subject to robust
security measures since before the creation of DHS’s chemical security program. Those
measures have been designed specifically with electric utility issues in mind. Southern
urges DHS to exercise restraint and judgment prior to imposing security measures
designed with chemical companies in mind on electric generating facilities.
Notwithstanding the applicability of CFATS, the presence of a chemical of interest may
May 13, 2010
Page 2
or may not reflect the most important security issues at an electric utility facility. Any
use of DHS’s chemical facility authority that would result in a diversion of a
disproportionate amount of security resources at an electric utility facility has the
potential to be counterproductive.
Southern is concerned that the proposed ICR may reflect intent to require particular
security measures at regulated facilities. According to the statute, DHS “may not
disapprove a site security plan submitted under this section based on the presence or
absence of a particular security measure, but the Secretary may disapprove a site security
plan if the plan fails to satisfy the risk-based performance standards established by this
section.” Pub. L. No. 109-295, § 550, 120 Stat. 1355, 1388 (2006). However, the
proposed ICR indicates DHS will require all regulated facilities at all risk tiers to produce
background checks for all “facility personnel and, as appropriate, unescorted visitors”
who are deemed to have access to “restricted areas or critical assets.” See 75 Fed. Reg. at
18,851, 18,853.
An electric utility’s facility is subject to CFATS if it possesses one or more chemicals of
interest above the screening threshold quantity. Such facilities, including those of
Southern’s operating companies, are likely to be “restricted areas” in the sense that there
is perimeter fencing and individual screening by trained security personnel at the access
point. The particular chemicals giving rise to DHS jurisdiction may or may not be
subject to additional fencing or access restrictions. Depending on site-specific situations,
there may be operational or safety-related reasons not to further restrict access to the
chemical storage area within the larger, facility-wide restricted area. That means
anybody on the premises could conceivably be deemed to have access to restricted areas
for purposes of the chemical facility program.
In addition, from time to time, electric utility facilities may be subject to construction
projects for the installation of new pollution control devices or for other purposes. Those
projects may call for hundreds of contractors to be within the fence on some portion of
the facility’s grounds for several months or years at a time. Contractor employees are not
necessarily escorted by facility personnel as they go about their functions. Obviously,
that fact raises certain security issues that Southern’s operating companies must take into
account. However, it would not be appropriate or lawful for DHS to impose a mandatory
requirement, subject to penalties of $25,000 per day per violation, see 6 C.F.R. § 27.300,
for a covered electric utility to perform background checks on every contractor employee
who may be on some portion of the facility at some time. Whether across-the-board
background checks are appropriate at a particular covered facility should be determined
as the statute requires: on a facility-specific basis, taking into account the particular
security risks and conditions at the site.
If DHS were to interpret its own regulations as requiring this particular security measure
to be mandatory for all covered facilities at all risk tiers, then the regulations also would
be contrary to the statute. However, it is not necessary to read DHS’s regulations that
way. The personnel surety risk-based performance standard (“RBPS”) requires
“appropriate background checks on and ensure appropriate credentials for facility
May 13, 2010
Page 3
personnel, and as appropriate, for unescorted visitors with access to restricted areas or
critical assets . . . .” 6 C.F.R. § 27.230(a)(12) (emphases added). The proposed ICR
indicates DHS is interpreting the regulations in a manner that ignores the word
“appropriate.” That is Southern’s concern.
Accordingly, Southern urges DHS to clarify that it will apply this RBPS and other
standards in a risk-based manner, taking into account facility-specific conditions. We
further urge DHS to clarify that it will not impose a background check requirement for all
persons who may have access to the covered facilities of Southern’s operating
companies, except as determined to be necessary for risk-based reasons on a facilityspecific basis.
Thank you again for this opportunity to provide comments. Please feel free to contact
David Marsh at (205) 257-1809 or dgmarsh@southernco.com or me if we can provide
additional information or assistance.
Sincerely,
Helen Nalley
Compliance Director
Southern Company Generation
PUBLIC SUBMISSION
As of: May 14, 2010
Received: May 13, 2010
Status: Draft
Tracking No. 80aed333
Comments Due: May 13, 2010
Submission Type: Web
Docket: DHS-2009-0026
Chemical Facility Anti-Terrorism Standard, PRA Notices for Comments on New Personnel Surety
Information Collection Request
Comment On: DHS-2009-0026-0020
Agency Information Collection Activities; Proposals, Submissions, and Approvals: Chemical Facility
Anti-Terrorism Standards Personnel Surety Program
Document: DHS-2009-0026-DRAFT-0037
Comment Submitted by
Submitter Information
Address:
One Williams Center, MD 27-2
Tulsa, OK, 74172
Email: rick.fahrenkrog@magellanlp.com
Phone: 918-574-7480
Submitter's Representative: Rick Fahrenkrog
Organization: Magellan Midstream Partners
General Comment
Please see attached document.
Attachments
DHS-2009-0026-DRAFT-0037.1: Comment Submitted by
file:///D|/Documents%20and%20Settings/matthew.bettridge/Desktop/DHS-2009-0026-DRAFT-0037_CP.html[5/14/2010 6:40:30 AM]
PUBLIC SUBMISSION
As of: May 14, 2010
Received: May 13, 2010
Status: Draft
Tracking No. 80aed335
Comments Due: May 13, 2010
Submission Type: Web
Docket: DHS-2009-0026
Chemical Facility Anti-Terrorism Standard, PRA Notices for Comments on New Personnel Surety
Information Collection Request
Comment On: DHS-2009-0026-0020
Agency Information Collection Activities; Proposals, Submissions, and Approvals: Chemical Facility
Anti-Terrorism Standards Personnel Surety Program
Document: DHS-2009-0026-DRAFT-0038
Comment Submitted by
Submitter Information
Name: susan amodeo cathey
Address:
2700 post oak blvd
houston, TX, 77056
Email: susan.amodeo-cathey@airliquide.com
Phone: 7136248214
Organization: Air Liquide
General Comment
See attached file(s)
Attachments
DHS-2009-0026-DRAFT-0038.1: Comment Submitted by
file:///D|/Documents%20and%20Settings/matthew.bettridge/Desktop/DHS-2009-0026-DRAFT-0038_CP.html[5/14/2010 6:40:31 AM]
PUBLIC SUBMISSION
As of: May 14, 2010
Received: May 13, 2010
Status: Draft
Tracking No. 80aecf54
Comments Due: May 13, 2010
Submission Type: Web
Docket: DHS-2009-0026
Chemical Facility Anti-Terrorism Standard, PRA Notices for Comments on New Personnel Surety
Information Collection Request
Comment On: DHS-2009-0026-0020
Agency Information Collection Activities; Proposals, Submissions, and Approvals: Chemical Facility
Anti-Terrorism Standards Personnel Surety Program
Document: DHS-2009-0026-DRAFT-0039
Comment Submitted by
Submitter Information
Name: Richard D Gupton
Address:
1156 15th Street, NW
Suite 302
Washington, DC, 20005
Email: richard@aradc.org
Phone: 202-457-0825
Fax: 202-457-0864
Organization: Agricultural Retailers Association
General Comment
This document is being submitted on behalf of the Agribusiness Security Working Group, which is
comprised of the Agricultural Retailers Association, The Fertilizer Institute, and CropLife America.
Attachments
DHS-2009-0026-DRAFT-0039.1: Comment Submitted by
file:///D|/Documents%20and%20Settings/matthew.bettridge/Desktop/DHS-2009-0026-DRAFT-0039_CP.html[5/14/2010 6:40:31 AM]
Agribusiness Security Working Group
May 13, 2010
Todd Keil
National Protection and Programs Directorate
Office of Infrastructure Protection
Infrastructure Security Compliance Division
Department of Homeland Security
245 Murray Lane, S.W., Mail Stop 0610
Arlington, VA 20528-0610
Re:
Docket No. DHS-2009-0026—Chemical Facility Anti-Terrorism
Standards Personnel Surety Program Information Collection Request
Dear Mr. Keil:
On behalf of The Fertilizer Institute (TFI), the Agricultural Retailers Association (ARA) and CropLife America,
we appreciate the opportunity to comment on the Department of Homeland Security’s (DHS) Submission for
Chemical Facility Anti-Terrorisum Standards (CFATS) Personnel Surety Program (PSP) Information
Collection Request.
TFI is the national trade association for the fertilizer industry, representing fertilizer producers, retailers and
wholesalers. The mission of TFI is to represent fertilizer from the plant it is produced to the plants where it is
used and all points in between.
ARA is a non-profit trade association representing the interests of agricultural retailers and distributors across
the United States on legislative and regulatory issues. ARA members range in size from family-held businesses
to farmer cooperatives to large companies with many outlet stores. Retail facilities are scattered throughout all
50 states and supply valuable goods and services to our nation’s farmers including seed, crop protection
chemicals, fertilizer, fuel, crop scouting, soil testing, custom application services and development of
comprehensive nutrient management plans.
CropLife America (CLA) represents the developers, manufacturers, formulators and distributors of plant
science solutions for agriculture and pest management in the United States. CropLife America’s member
companies produce, sell and distribute virtually all the crop protection and biotechnology products used by
American farmers.
Our industry has limited resources available to address all security related matters and it is very important that
those resources are spent wisely to coincide with the appropriate level of risk for that particular facility and
chemical of interest (COI).
Vetting of employees and others who have access to restricted areas where COI are stored at fertilizer and
chemical facilities is a priority for our member companies. The fertilizer and crop protection industries are
diverse and range from large production facilities with several hundred employees to small retail cooperatives
or independent retail fertilizer businesses that, in many cases, have between five and ten employees. In either of
these cases, many are subject to the Chemical Facility Anti-Terrorism Standards (CFATS), the Maritime
Transportation Security Act (MTSA), and Department of Transportation (DOT) hazardous materials
regulations. Background checks on employees and contractors are already conducted and many of these
individuals have hazardous material endorsements (HME), possess a Transportation Worker Identification Card
(TWIC), or other federally issued credentials.
Under the CFATS Interim Final Rule (DHS-2006-0073; RIN 1601-AA41; 6 CFR Part 27) issued in April 2007,
it states that DHS “may disapprove a Site Security Plan (SSP) that fails to satisfy the risk-based performance
standards established in 27.230.” Section 27.230 lists the Risk Based Performance Standards (RBPS) each
CFATS facility must select, develop in their SSP, and implement appropriate measures to satisfy the
performance standards, which includes Personnel Surety.
RBPS #12 was issued for personnel surety and DHS has developed a CSAT application for high-risk chemical
facilities to submit information about facility personnel and, as appropriate, unescorted visitors with access to
restricted areas or critical assets at those facilities. The goal as stated by DHS is to identify known or suspected
terrorists. While we fully agree with this goal we question the manner in which DHS has decided to fulfill this
RBPS as we feel it goes beyond the statutory intent of Congress for chemical facilities to take measures
designed to identify people with terrorist ties. RBPS #12, as stated in the April 9, 2007 interim final rule states
that chemical facilities are to perform appropriate background checks on and ensure appropriate credentials for
facility personnel, and as appropriate, for unescorted visitors with access to restricted areas or critical assets,
including (1) measures designed to verify and validate identity; (2) measures designed to check criminal
history; (3) measures designed to verify and validate legal authorization and work; and (4) measures designed to
identify people with terrorist ties.
Prior Vetting Through TSDB for Employees and Contractors
TFI, ARA and CLA believe that our employees and contractors who hold a valid TWIC, HME, or other
federally issued credentials satisfy employer’s compliance with the intent of personnel surety requirements of
RBPS #12. DHS itself stated in the CFATS interim final rule that those who have successfully undergone a
security threat assessment conducted by DHS and who is in possession of a valid DHS credential such as a
TWIC, HME, NEXUS or FAST, will not need to undergo additional vetting by DHS through the Terrorist
Screening Database (TSDB). In the April 13, 2010 notice, DHS now appears to want these individual’s
information submitted, even though it will require “less information” than those who do not possess a federally
issued credential. The redundancy is unnecessary for the regulated community and the government. It is our
position that DHS should not require any further submission of information for those individuals holding
federally issued credentials. We believe DHS’PSP proposal is at odds with the Administration’s position as
stated in the Surface Transportation Security Priority Assessment (March 2010) which recommended that
2
federal agencies promote comparability and reciprocity of assessments across credentialing and screening
programs.
Entering Restricted Areas
In the agricultural retail business, farm fertilizers such as anhydrous ammonia and ammonium nitrate are stored
on site and, as such, subject to CFATS regulations. These facilities range in size and it is not unusual for a
retail facility to hire part-time employees during the busy spring planting or fall harvesting seasons. Regardless
whether they are full time or part-time employees at some point during the course of a normal working day,
they will likely be in a restricted area. As a result, a facility will be required to submit all employees to DHS to
check against the TSDB. Often times the farmer customer will come to the facility to pick up his own farm
supplies. If a facility individual, cleared through the TSDB, is present in the restricted area and loads the
chemical of interest for the farmer, is the farmer considered “escorted” and thus not required to be cleared
through the TSDB? What if the farmer arrives in the restricted area to find the loader has left the area?
Currently there is an “indefinite time extension” for farms, ranches, nurseries and other agricultural operations.
Has DHS taken into consideration the additional facilities that may fall under CFATS and the personnel surety
requirements when the extension is lifted? Depending on how DHS defines “unescorted” the number of
affected individuals could be far greater than DHS anticipates and this will place an administrative burden on
both the facility and DHS will no significant security return.
Duplicate Vetting
Fertilizer and crop protection production and retail companies have multiple facilities. Corporate personnel in
areas such as finance, security and information technology visit their facilities throughout the year. Many
industries have suggested to DHS that a person’s employer be allowed to submit information once for all
corporate personnel but DHS has resisted this approach advising that it wants to associate individuals with
“facilities” to assist in investigations. As a result, corporate personnel will have to be repeatedly entered by
each facility. We see this as being redundant and burdensome with no security return.
Cost of Compliance with the Personnel Surety Proposal
Our members generally fall into two categories – large manufacturing facilities and smaller, local independent
or cooperative retail dealerships who sell fertilizer, crop protection products and other farm supplies directly to
farmers. In both cases, these facilities are covered under CFATS.
In a survey of several manufacturers and retailers, one facility has determined that the first year cost for
personnel surety compliance for two facilities will total $598,750 and $537,869 in subsequent years. Another
manufacturing facility anticipates a minimum of $500,000, with another 1000 to 1500 individuals needing to be
submitted when its plants are taken down for routine maintenance. One retailer reports that between managerial
and administrative staff its costs will average $40 and $20 per hour per facility respectively with 20 facilities
covered under CFATS.
3
Other Comments
We are concerned that the time and money spent to comply with the PSP will reap little to no security benefit.
Facilities will have no knowledge of the results of their submissions since DHS appears to have no intention of
notifying facilities if there is a match and facilities have 60 to 90 days to submit the information to DHS after an
individual has access to a restricted area or leaves the facility and possibility moves on to another facility.
The lack of notification to CFATS facilities of the results of the TSDB check appears contrary to the April 2007
CFATS interim final rule that states “where appropriate, DHS will notify the facility and applicant via U.S.
mail, with information concerning the nature of the finding and how the applicant may contest the finding.
Applicants will have the opportunity to seek an adjudication proceeding and appeal.”
Conclusion
TFI, ARA, and CLA members remain committed to the implementation of security measures at our facilities.
We look forward to continued dialogue with DHS on this very important issue. If you have any questions,
please contact TFI Vice President of Member Services Pam Guffain by telephone at (202) 515-2704 or via email at pguffain@tfi.org; ARA’s Vice President of Legislative Policy and Counsel Richard Gupton by
telephone at (202) 457-0825 or via e-mail at richard@aradc.org or CropLife America’s Director of Government
Affairs Kellie Bray by telephone at 202-872-3899 or kbray@croplifeamerica.org.
Sincerely,
Ford West
President
Daren Coppock
President & CEO
4
Jay Vroom
President & CEO
PUBLIC SUBMISSION
As of: May 14, 2010
Received: May 13, 2010
Status: Draft
Tracking No. 80aed40e
Comments Due: May 13, 2010
Submission Type: Web
Docket: DHS-2009-0026
Chemical Facility Anti-Terrorism Standard, PRA Notices for Comments on New Personnel Surety
Information Collection Request
Comment On: DHS-2009-0026-0020
Agency Information Collection Activities; Proposals, Submissions, and Approvals: Chemical Facility
Anti-Terrorism Standards Personnel Surety Program
Document: DHS-2009-0026-DRAFT-0040
Comment Submitted by
Submitter Information
Name: Jim Palmer
Address:
3901 NW 115th Avenue
Miami, FL, 33178
Email: jimp@allieduniversal.com
Phone: 3058882623
Fax: 3054638369
Organization: Allied Universal Corporation
General Comment
See attached file(s)
Attachments
DHS-2009-0026-DRAFT-0040.1: Comment Submitted by
file:///D|/Documents%20and%20Settings/matthew.bettridge/Desktop/DHS-2009-0026-DRAFT-0040_CP.html[5/14/2010 6:40:32 AM]
..
..
..
..
.
3901 NW 115th Avenue
Miami, Florida 33178
305-888-2623 office
305-885-4671 fax
May 13, 2010
Mr. Thomas Chase Garwood III
Chief Information Officer
National Protection and Programs Directorate
Department of Homeland Security
RE: Docket No. DHS-2009-0026, 75 FR 18850-18857 April 13, 2010
Dear Mr. Garwood,
Our company, Allied Universal Corporation (Allied), is a small business as defined by the U.S.
Small Business Administration. It operates eight chemical manufacturing and distributing facilities
throughout the Southeastern United States. It employs nearly 350 individuals and provides materials
to a number of industries critical to our nation’s and several states’ economies and public health. We
are writing to you to express our concerns regarding the Chemical Facility Anti-Terrorism Standards
Personnel Surety Program Information Collection Request.
Security is a high priority for Allied Universal Corp. We are members of the Chlorine Institute and
National Association of Chemical Distributors (NACD), which requires our participation in the
Responsible Distribution Process, an environmental, health, safety, and security management
program. Regulated under CFATS, Allied has attended all chemical security summits and most
threat briefings. We have requested DHS compliance assistance reviews as well as site and cyber
security vulnerability surveys. We have proactively contacted our area FBI Weapons of Mass
Destruction agents and Protective Security Advisors, attended DHS training seminars as well as
undertaken a number of company policies, facility, chemical process and information technology
physical changes. Allied has budgeted over a million dollars in capital improvement projects for
security each of the last four years. We do not embellish when we state that a significant amount of
our company’s resources, capital, human and other, has been spent and will continue to be spent on
security as Allied works to address the CFATS program and any identified vulnerabilities. Being a
small business with a limited number of resources, it is a daunting task.
3901 NW 115 Avenue
Miami, Florida 33178
305-888-2623
9501 Rangeline Road
Ft. Pierce, Florida 34987
772-464-6195
30 Neil Gunn Drive
Ellisville, MS 39437
601-477-2550
5215 W. Tyson Avenue
Tampa, Florida 33611
813-832-4868
8350 NW 93rd Street
Miami, Florida 33166
305-888-2623
204 SCM Road
Brunswick, GA 31525
912-267-9470
1405 Possum Hollow Road
Ranger, GA 30734
706-334-7377
2100 Port Road
West Memphis, AR 72301
870-732-3107
May 14, 2010
Page 2
Allied Universal Corporation
Docket No. DHS-2009-0025
We do not understand nor do we see the merit of the proposed Personnel Surety Program. It is
redundant in its reporting requirements and an unnecessary burden on our business. This program is
in addition to the Commercial Drivers’ License Hazardous Material Endorsement (HME) program,
the Transportation Worker Identification Card (TWIC) program, and our company’s internal
employee background verification process (which includes a minimum of seven different
background checks). Why are businesses being asked to vet personnel and visitors so many times?
Why is a new program being proposed when existing programs, such as the TWIC program, are
already in use and working at a number of locations, including chemical facilities similar to CFATS
only regulated under MTSA? DHS Assistant Secretary David Hyman states that TWIC holders have
undergone a “rigorous vetting program” while testifying before Congress. Given Secretary Hyman’s
testimony, and the fact the TWIC program is already implemented in a number of MTSA regulated
chemical plants, TWICs should be required at all CFATS chemical facilities rather than create an
entirely new Personnel Surety Program.
Another problem is, given the small size of our operations, we are limited in our capability of
restricting access to the plant as the entire plant is a restricted area. All employees, contractors, truck
delivery drivers, corporate personnel, visitors, railcar delivery personnel, public utility workers,
package/mail delivery carriers, vending machine suppliers, uniform suppliers, mechanics, etc. have a
need to access the plant on a routine basis for work. For a number of these personnel, background
performance checks under the proposed program would be completely redundant (i.e. it would be
100% for all HME drivers and those with TWICs).
We also believe that the number estimated for those who will need to undergo this proposed vetting
is greatly underestimated. The U.S. Coast Guard originally estimated that under a half-a-million
people would need a TWIC. Their estimate was wrong, with well over a million needing a TWIC
per current records. Allied has several facilities not in a MTSA regulated area, but numerous
employees already have a TWIC as they had to obtain one to conduct business with a number of our
customers. We envision having to vet more than a thousand individuals for our facilities in one year
under the proposed Personnel Surety Program and at this time do not have anyone to manage such
an undertaking given numerous other responsibilities including the day-to-day business operations
that sustains our business.
We have serious liability concerns with the proposed Personnel Surety Program. The current
proposed program provides no immunity from any legal challenges from disgruntled or un-credential
employees. Realistically, small chemical businesses like Allied do not have the personnel or
expertise to set-up TWIC like redress or redetermination processes, which is an inherently
governmental function under the TWIC regulations. With only one human resource manager, one
human resource generalist and one assistant for both, along with no internal legal staff, it is a
struggle to understand how the regulations will apply in the employment law arena, especially when
models of such a procedure do not exist. The demand for hiring law intelligence is now an absolute
May 14, 2010
Page 3
Allied Universal Corporation
Docket No. DHS-2009-0025
necessity for this program, creating a large financial and personnel burden on regulated small
businesses. Allied and like businesses cannot sustain such a burden.
In closing, we remain committed to the implementation of suitable security measures at our
facilities. We strongly urge DHS to review the economic impact of the proposed Personnel Surety
Program on small businesses as it is required to do under the Small Business Regulatory
Enforcement Fairness Act of 1996. DHS should also consider meeting with representatives of
affected small entities, such as industry trade associations (i.e. National Association of Chemical
Distributors and the Chlorine Institute). Finally, we strongly support and request DHS to accept and
require a valid TWIC (similar to the U.S. Coast Guard requiring for all MTSA sites) as meeting the
CFATS Personnel Surety requirement.
I would like to thank you in advance for your consideration. Please feel free to contact me should
you have any questions regarding the above mentioned.
Sincerely,
Jim Palmer
Chief Executive Officer
Allied Universal Corporation
3901 NW 115th Avenue
Miami, Florida 33178-1859
(305) 888 – 2623, extension 109
JimP@Allieduniversal.com
www.allieduniversal.com
cc:
R. Bolte, Regulatory Affairs Manager
B. Namoff, Chairman of the Board
M. Koven, Chief Financial Officer
T. Tucker, Vice President of Operations
File Type | application/pdf |
File Title | Document |
Subject | Extracted Pages |
Author | U.S. Government Printing Office |
File Modified | 2010-05-14 |
File Created | 2010-05-14 |