[House Report 114-679]
[From the U.S. Government Publishing Office]


114th Congress   }                                       {      Report
                        HOUSE OF REPRESENTATIVES
 2d Session      }                                       {     114-679

======================================================================



 
   NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY CAMPUS SECURITY ACT

                                _______
                                

 July 11, 2016.--Committed to the Committee of the Whole House on the 
              State of the Union and ordered to be printed

                                _______
                                

     Mr. Smith of Texas, from the Committee on Science, Space, and 
                  Technology, submitted the following

                              R E P O R T

                             together with

                             MINORITY VIEWS

                        [To accompany H.R. 5636]

      [Including cost estimate of the Congressional Budget Office]

    The Committee on Science, Space, and Technology, to whom 
was referred the bill (H.R. 5636) to increase the effectiveness 
of and accountability for maintaining the physical security of 
NIST facilities and the safety of the NIST workforce, having 
considered the same, report favorably thereon without amendment 
and recommend that the bill do pass.

                                CONTENTS

                                                                   Page
Committee Statement and Views....................................     2
Section-by-Section...............................................     4
Committee Consideration..........................................     5
Application of Law to the Legislative Branch.....................     5
Statement of Oversight Findings and Recommendations of the 
  Committee......................................................     5
Statement of General Performance Goals and Objectives............     5
Duplication of Federal Programs..................................     5
Disclosure of Directed Rule Makings..............................     5
Federal Advisory Committee Act...................................     6
Unfunded Mandate Statement.......................................     6
Earmark Identification...........................................     6
Congressional Budget Office Cost Estimate........................     6
Minority Views...................................................     7

                     Committee Statement and Views


                          PURPOSE AND SUMMARY

    The purpose of the National Institute of Standards and 
Technology Campus Security Act is to increase effectiveness of 
and accountability for maintaining the physical security of 
National Institute of Standards and Technology (NIST) 
facilities and the safety of workers and nearby residents. 
Recent security incidents at both NIST campuses (Gaithersburg, 
MD and Boulder, CO) have included the explosion of an illegal 
meth lab, illicitly operated by a NIST police officer, at the 
Gaithersburg campus in July 2015 and the discovery and 
apprehension of an apparently deranged person within a secure 
Boulder laboratory at which hazardous chemicals were stored in 
April of this year. These significant security lapses 
threatened the safety and well-being of 3,400 NIST employees, 
3,500 visiting professionals from industry, academia, and other 
government agencies, and hundreds of thousands of residents of 
nearby communities.
    This legislation directs the Secretary of Commerce's Office 
of Security to directly oversee the law enforcement and 
security programs at NIST through a new Director of Security 
for NIST (with no increase in FTEs). The Director of Security 
will be required to report on NIST security issues to the Under 
Secretary for Standards and Technology and to Congress. In 
addition, the legislation directs GAO to study and report on 
the performance of the NIST Police Services Group.

                  BACKGROUND AND NEED FOR LEGISLATION

    Thousands of government and private sector scientists carry 
out sensitive research and testing at NIST campuses. The 
campuses themselves are located in populated communities. 
Safety and security concerns are exacerbated by storage, at 
both campuses, of significant quantities of dangerous 
radiological, chemical and biological materials which are used 
for testing and storage.
    Security of NIST facilities is the responsibility of the 
NIST Police Services Group, a stand-alone NIST police force for 
which the Department of Homeland Security has approved fairly 
broad law enforcement powers. In addition, screening at NIST 
campus vehicle entry points is handled by private contractors. 
Several security incidents have brought to light safety and 
security issues at NIST facilities.
    On June 3, 2015, the United States Nuclear Regulatory 
Commission issued an inspection report noting violations, and 
that specifically, ``for a period of time estimated to begin in 
the 1980s until October 2014, NIST failed to keep records 
showing the receipt, inventory (including location and unique 
identity), acquisition, transfer, and disposal of all special 
nuclear material in its possession.''\1\ Chairmen Smith and 
Loudermilk sent a letter to NIST Director Willie May requesting 
documents and information about the agency's handling of 
plutonium and any incidents that may have gone unreported.
---------------------------------------------------------------------------
    \1\NRC Inspection Report No. 07000398/2014001, available at: http:/
/pbadupws.nrc.gov/docs/ML1515/ML15154A692.pdf.
---------------------------------------------------------------------------
    In addition, on Saturday, July 18, 2015, a now former NIST 
senior security officer attempted to manufacture 
methamphetamine while on duty and on NIST property (Building 
236 on the NIST Gaithersburg campus), which caused an explosion 
and fire that damaged government property. This individual had 
been recently serving as the acting Chief of Police for the 
NIST Police Services Group.
    In the immediate wake of the illegal meth lab incident, 
Chairman Smith formally requested that NIST brief Committee 
members in person and provide regular updates regarding NIST 
security. In September 2015, Chairman Smith sent a written 
request to NIST Director Willie May for documents and 
information. At the time, NIST did not immediately comply with 
Committee requests, asserting that it would release no 
information until local law enforcement authorities had 
completed their investigations and follow-up.
    Unsolicited information and statements from NIST employees 
appeared to show a culture of waste, fraud, abuse, and 
misconduct within NIST Police Services, encouraged by poor 
leadership and the absence of managerial oversight. For 
example, the senior security officer who caused the explosion 
also committed substantial time-and-attendance fraud by 
claiming hours that he did not work.
    The local law enforcement investigation ended with the 
individual sentenced to 41 months' confinement, 2 years 
supervised release, a $100.00 fine, and $4,750.10 in 
restitution to NIST. NIST senior management promised an 
internal review, but the Committee is unaware of any findings, 
recommendations, or changes from any internal review yet.
    On Saturday, April 16, 2016, an individual with no 
identification was found inside a secure building on the 
Boulder campus. Local firefighters and first responders were 
summoned due to concerns that the individual might have been 
exposed to chlorine gas stored in the building's ``clean'' 
room. The individual was transported to the local hospital, and 
the incident is currently part of an ongoing criminal 
investigation. Just as was the case for the earlier 
Gaithersburg incident, NIST has refused to provide the 
Committee with any information until the local law enforcement 
investigation and follow-up are concluded.
    Proper security is critical for the safety of the NIST 
campuses, its employees, visitors, and the surrounding 
communities. It is important not to jeopardize NIST's mission 
to promote U.S. innovation and industrial competitiveness, 
which enhances economic security. The recent incidents and 
their aftermath have created serious doubts about NIST and NIST 
Police Services Group capacity to assure safety and security.

                          LEGISLATIVE HISTORY

    On March 16, 2016, the Research and Technology Subcommittee 
of the House Committee on Science, Space, and Technology held a 
hearing entitled, ``An Overview of the Budget Proposal for the 
National Institute of Standards and Technology for Fiscal Year 
2017.'' The sole hearing witness was Dr. Willie E. May, 
Director, National Institute of Standards and Technology, and 
Under Secretary of Commerce for Standards and Technology.

                            COMMITTEE VIEWS

NIST campus security

    The Committee expects the Department of Commerce and NIST 
to increase accountability for maintaining the physical 
security of NIST facilities and the safety of NIST workers, 
visitors, and local residents.
    The Committee expects the Secretary of Commerce's Office of 
Security to directly manage law enforcement and security 
programs at NIST through an assigned Director of Security for 
NIST. This individual will be assigned without increasing the 
number of employees at the Department of Commerce or NIST.

Director of security reports

    The Committee expects that the Director of Security for 
NIST will provide a security report on a quarterly basis for 
the first year, and then annually after that. The reports will 
be submitted to the Under Secretary for Standards and 
Technology and to the Committee on Science, Space, and 
Technology of the House of Representatives and the Committee on 
Commerce, Science, and Transportation in the Senate.

Comptroller general report

    The Committee expects the U.S. Government Accountability 
Office (GAO) to use the direction and provisions in this 
legislation to conduct a study and issue a report on the 
security of NIST's campuses. The Committee expects that the GAO 
will work with the Committee to define the scope of the work 
required to assemble needed information about the capabilities 
and performance of the NIST Police Services Group and about 
potentially better alternatives, options, and possible 
recommendations for the current NIST security regime.

                           Section-by-Section


Section 1. Short title

    This section establishes the short title of the bill as the 
``National Institute of Standards and Technology Campus 
Security Act.''

Section 2. NIST campus security

    This section requires the Secretary of Commerce's Office of 
Security to directly manage the law enforcement and security 
programs of the National Institute of Standards and Technology 
through an assigned Director of Security for the National 
Institute of Standards and Technology.
    This section will be implemented without increasing the 
amount of employees at the Department of Commerce or the 
National Institute of Standards and Technology.
    Also, this section requires the Director of Security to 
provide an activities and security report on a quarterly basis 
for the first year after the date of bill enactment, and on an 
annual basis thereafter. The report will be sent to the Under 
Secretary for Standards and Technology and to the Committee on 
Science, Space, and Technology of the House of Representatives 
and the Committee on Commerce, Science, and Transportation of 
the Senate.
    Further, this section directs the GAO to conduct a study 
evaluating the performance of the NIST Police Services Group 
and security contractors as well as provide recommendations on 
how NIST should move forward with security on its campuses and 
in its facilities to ensure that they are safe and protected.
    The GAO report will be due one year after enactment of the 
legislation, and the report will be sent to the Secretary of 
Commerce, and to the Committee on Science, Space, and 
Technology of the House of Representatives and the Committee on 
Commerce, Science, and Transportation in the Senate.

                        Committee Consideration

    On July 7, 2016, the Committee met in open session and 
ordered reported favorably the bill, H.R. 5636, by voice vote, 
a quorum being present.

              Application of Law to the Legislative Branch

    Section 102(b)(3) of Public Law 104-1 requires a 
description of the application of this bill to the legislative 
branch where the bill relates to the terms and conditions of 
employment or access to public services and accommodations. 
This bill directs the Secretary of Commerce's Office of 
Security to oversee directly the law enforcement and security 
programs at NIST through a new Director of Security for NIST. 
As such this bill does not relate to employment or access to 
public services and accommodations.

  Statement of Oversight Findings and Recommendations of the Committee

    In compliance with clause 3(c)(1) of rule XIII and clause 
(2)(b)(1) of rule X of the Rules of the House of 
Representatives, the Committee's oversight findings and 
recommendations are reflected in the descriptive portions of 
this report.

         Statement of General Performance Goals and Objectives

    H.R. 5636, the NIST Campus Security Act, would increase the 
effectiveness of and accountability for maintaining the 
physical security of NIST facilities and the safety of the NIST 
workforce.

                    Duplication of Federal Programs

    No provision of H.R. 5636 establishes or reauthorizes a 
program of the Federal Government known to be duplicative of 
another Federal program, a program that was included in any 
report from the Government Accountability Office to Congress 
pursuant to section 21 of Public Law 111-139, or a program 
related to a program identified in the most recent Catalog of 
Federal Domestic Assistance.

                  Disclosure of Directed Rule Makings

    The Committee estimates that enacting H.R. 5636 does not 
direct the completion of any specific rule makings within the 
meaning of 5 U.S.C. 551.

                     Federal Advisory Committee Act

    The Committee finds that the legislation does not establish 
or authorize the establishment of an advisory committee within 
the definition of 5 U.S.C. App., Section 5(b).

                       Unfunded Mandate Statement

    Section 423 of the Congressional Budget and Impoundment 
Control Act (as amended by Section 101(a)(2) of the Unfunded 
Mandate Reform Act, P.L. 104-4) requires a statement as to 
whether the provisions of the reported include unfunded 
mandates. In compliance with this requirement the Committee has 
received a letter from the Congressional Budget Office included 
herein.

                         Earmark Identification

    H.R. 5636 does not include any congressional earmarks, 
limited tax benefits, or limited tariff benefits as defined in 
clause 9 of Rule XXI.

               New Budget Authority and Tax Expenditures

    Clause 3(c)(2) of rule XIII of the Rules of the House of 
Representatives is inapplicable because this legislation does 
not provide new budgetary authority or increased tax 
expenditures.

               Congressional Budget Office Cost Estimate

    With respect to the requirements of clause 3(c)(3) of rule 
XIII of the Rules of the House of Representatives, an estimate 
and comparison prepared by the Director of Congressional Budget 
Office under section 402 of the Congressional Budget Act of 
1974 was not submitted to the Committee before the filing of 
the report.

                             MINORITY VIEWS

    There have been two high-profile security incidents at NIST 
facilities in the last year. Those incidents have raised 
legitimate oversight questions for the Committee. They also 
prompted the Director of NIST to convene an ad hoc panel of 
security experts to make recommendations for improved policies, 
procedures, and management of security at NIST. The expert 
panel made many significant recommendations. As a result, the 
NIST Director developed an action plan to immediately implement 
many of the recommendations while initiating more in-depth 
studies of other recommendations. We view these as very 
positive steps on the part of the agency.
    We agree with the Majority that the GAO may have an 
important role in the process of strengthening security at 
NIST. However, we are puzzled about the timing and nature of 
this particular legislation. First, the legislation was rushed 
through without regular order and without any vetting. We 
received critical comments from the subject matter experts at 
NIST and GAO only the evening before the markup, giving 
Democratic Members no time to prepare appropriate amendments. 
Further, none of the expert feedback was incorporated into the 
Majority's bill. Second, with the Director's action plan 
underway, it may be more sensible for us to wait a year and 
then ask GAO to analyze the status of NIST's efforts, or at 
least to work with NIST and GAO to develop a scope of work that 
would be most helpful in the short-term. Asking them to carry 
out another broad review just months after a similar review was 
carried out by a panel of independent security experts seems 
duplicative, and could unnecessarily delay important changes to 
NIST security policies. Finally, the Chairman already sent a 
joint request to GAO along with the Chairman of the Senate 
Committee on Commerce, Science, and Transportation for a 
similarly scoped review of NIST security. We should take the 
opportunity to work with GAO and NIST to appropriately focus 
the review that is already in the queue at GAO.
    Based on all of those points, we are unsure as to the 
purpose or efficacy of this legislation at this time. It is in 
the interest of this Committee, and in the interest of the 
taxpayer, that we make the best and most efficient use of the 
experts at GAO rather than sending them a duplicative ad 
minimally useful mandate. Finally, we object to the Committee 
micromanaging staffing at the agency, especially in a way that 
could undermine the very purpose of the legislation.
                                             Eddie Bernice Johnson.

                                  [all]