[House Report 117-85]
[From the U.S. Government Publishing Office]


117th Congress   }                                      {       Report
                        HOUSE OF REPRESENTATIVES
 1st Session     }                                      {       117-85

======================================================================



 
                         PIPELINE SECURITY ACT

                                _______
                                

 July 13, 2021.--Committed to the Committee of the Whole House on the 
              State of the Union and ordered to be printed

                                _______
                                

 Mr. Thompson of Mississippi, from the Committee on Homeland Security, 
                        submitted the following

                              R E P O R T

                        [To accompany H.R. 3243]

    The Committee on Homeland Security, to whom was referred 
the bill (H.R. 3243) to codify the Transportation Security 
Administration's responsibility relating to securing pipelines 
against cybersecurity threats, acts of terrorism, and other 
nefarious acts that jeopardize the physical security or 
cybersecurity of pipelines, and for other purposes, having 
considered the same, reports favorably thereon with amendments 
and recommends that the bill as amended do pass.

                                CONTENTS

                                                                   Page
Purpose and Summary..............................................     2
Background and Need for Legislation..............................     3
Hearings.........................................................     4
Committee Consideration..........................................     4
Committee Votes..................................................     4
Committee Oversight Findings.....................................     4
C.B.O. Estimate, New Budget Authority, Entitlement Authority, and 
  Tax Expenditures...............................................     4
Federal Mandates Statement.......................................     5
Duplicative Federal Programs.....................................     5
Statement of General Performance Goals and Objectives............     5
Congressional Earmarks, Limited Tax Benefits, and Limited Tariff 
  Benefits Advisory Committee Statement..........................     5
Applicability to Legislative Branch..............................     5
Section-by-Section Analysis of the Legislation...................     5
Changes in Existing Law Made by the Bill, as Reported............     8

    The amendments (stated in terms of the introduced bill) are 
as follows:
  Strike ``pipeline security section'' each place such term 
appears (including in any headings and in the amendment to the 
item relating to section 1631 added to the table of sections) 
and insert ``pipeline security division''.

  Page 3, line 7, strike ``section'' and insert ``division''.

  Page 3, line 21, strike ``section'' and insert ``division''.

  Page 3, line 21, insert ``in the executive service of the 
Administration'' after ``individual''.

  Page 3, line 24, strike ``section''and insert ``division''.

  Page 4, line 1, strike ``section'' and insert ``division''.

  Page 4, line 2, strike ``section'' and insert ``division''.

  Page 4, line 22, insert before the period the following: ``, 
unless such guidelines are superseded by directives or 
regulations''.

  Page 5, beginning line 5, strike ``to provide 
recommendations'' and insert ``, or mandatory security 
assessments if required by superseding directives or 
regulations, to provide recommendations or requirements''.

  Page 5, line 18, insert before the period the following: ``or 
superseding directives or regulations''.

  Page 5, strike lines 19 through 21 and insert the following:

          ``(6) Supporting the development and implementation of a 
        security directive or regulation when the Administrator issues 
        such a directive or regulation.

  Page 5, line 22, strike ``section's'' and insert 
``division's''.

  Page 6, line 11, insert before the period the following: ``, 
except to the extent such guidelines have been superseded by 
directives or regulations''.

  Page 7, after line 24, insert the following (and redesignate 
subsequent subsections accordingly):

          (c) Cybersecurity Expertise.--The strategy shall include an 
        assessment of the cybersecurity expertise determined necessary 
        by the Administrator of the Transportation Security 
        Administration and a plan for developing such expertise within 
        the Administration.
  Page 8, line 18, insert ``directives, regulations,'' after 
``guidelines,''.

                          Purpose and Summary

    H.R. 3243, the ``Pipeline Security Act,'' seeks to enhance 
the cybersecurity and physical security of our Nation's 
pipeline infrastructure by clarifying the Transportation 
Security Administration's (TSA) responsibility related to 
securing pipelines against cybersecurity threats, acts of 
terrorism, and other nefarious acts. The bill also sets 
requirements for a pipeline security division within TSA to 
help carry out this mission. Under this bill, TSA's pipeline 
security division must develop guidelines for pipeline 
security, conduct inspections of pipelines and pipeline 
facilities, and assist with the development and implementation 
of security directives and regulations related to pipeline 
security. In addition, the bill requires TSA and the 
Cybersecurity and Infrastructure Security Agency (CISA) to 
coordinate and develop a pipeline security personnel strategy 
to ensure TSA maintains appropriate pipeline security staffing 
and cybersecurity expertise. Finally, the bill requires TSA to 
annually report to Congress regarding pipeline security, 
instructs the Government Accountability Office (GAO) to conduct 
a review of the implementation of this Act, and enhances TSA's 
engagement with pipeline security stakeholders.

                  Background and Need for Legislation

    Since its establishment in 2001, pipeline security has been 
a part of TSA's mission to secure all modes of transportation, 
as pipelines have long been defined in law as a mode of 
transportation. To carry out this mission, TSA also has 
authority to promulgate mandatory security directives and 
regulations related to pipeline security, as it did on May 27, 
2021, when it issued a security directive requiring pipeline 
operators to report cybersecurity incidents, designate incident 
response coordinators, and assess compliance with TSA security 
guidance.
    Recently, the vulnerability of the Nation's oil and natural 
gas infrastructure was brought into sharp focus when, in May 
2021, the Nation's largest fuel pipeline operator was the 
victim of a ransomware attack that caused a 6-day shutdown of 
the pipeline. The ransomware attack on the Colonial Pipeline 
Company resulted in communities across the East Coast 
experiencing extreme gasoline shortages and highlighted the 
importance of enhancing the cybersecurity and physical security 
of pipeline systems as well as the regulatory framework for 
protecting such systems.
    H.R. 3243 builds upon TSA's existing statutory authority to 
secure pipelines to enhance efforts to address the evolving 
threat landscape. Under this legislation, TSA's pipeline 
security functions will be housed within a dedicated pipeline 
security division with senior-level leadership and personnel 
with cybersecurity expertise. Among its key functions, the 
pipeline security division would be charged with developing and 
maintaining guidelines for pipeline security and conducting 
inspections and risk assessments. The division would also 
assist with the development and implementation of security 
directives and regulations related to pipeline security, 
including forthcoming directives announced by the Secretary of 
Homeland Security on May 27, 2021.
    As illustrated by the May 2021 Colonial Pipeline attack, 
the need for the Federal government to raise the bar on 
cybersecurity among pipeline operators is particularly acute. 
TSA, as a component of the Department of Homeland Security 
(DHS), is ideally positioned to coordinate with CISA, which has 
significant cybersecurity expertise. Further, TSA's position 
within DHS also ensures it has access to key Federal resources 
and intelligence related to physical threats against pipelines. 
H.R. 3243 facilitates intradepartmental collaboration by 
instructing TSA, in coordination with CISA, to develop a 
personnel strategy for the pipeline security division. This 
strategy is specifically required to include a plan for 
developing and maintaining appropriate cybersecurity expertise 
within TSA.
     Finally, H.R. 3243 contains important oversight provisions 
regarding TSA's pipeline security efforts. It requires TSA to 
conduct additional stakeholder engagement, establishes annual 
pipeline security report requirements for TSA, and provides GAO 
with a mandate to review the legislation's implementation.

                                Hearings

    For the purposes of clause 3(c)(6) of rule XIII, the 
following hearing was used to develop H.R. 3243:
    The Committee did not hold a legislative hearing on H.R. 
3243 in the 117th Congress. The legislation was informed by a 
hearing held in the 116th Congress. On February 22, 2019, the 
Subcommittee on Transportation and Maritime Security and the 
Subcommittee on Cybersecurity, Infrastructure Protection, and 
Innovation held a hearing entitled ``Securing U.S. Surface 
Transportation from Cyber Attacks.'' The Subcommittees received 
testimony from Sonya Proctor, Director for the Surface 
Division, Office of Security Policy and Industry Engagement, 
TSA; Bob Kolasky, Director of National Risk Management Center, 
CISA; James Lewis, Senior Vice President and Director, 
Technology Policy Program, Center for Strategic & International 
Studies; Rebeca Gagliostro, Director of Security, Reliability, 
and Resilience, Interstate Natural Gas Association of America; 
Erik Olson, Vice President, Rail Security Alliance; and John 
Hultquist, Director of Intelligence Analysis, FireEye.

                        Committee Consideration

    The Committee met on May 18, 2021, with a quorum being 
present, to consider H.R. 3243 and ordered the measure to be 
reported to the House with a favorable recommendation, with 
amendments, by unanimous consent.

                            Committee Votes

    Clause 3(b) of rule XIII of the Rules of the House of 
Representatives requires the Committee to list the recorded 
votes on the motion to report legislation and amendments 
thereto.
    No recorded votes were requested during consideration of 
H.R. 3243.

                      Committee Oversight Findings

    In compliance with clause 3(c)(1) of rule XIII of the Rules 
of the House of Representatives, the Committee advises that the 
findings and recommendations of the Committee, based on 
oversight activities under clause 2(b)(1) of rule X of the 
Rules of the House of Representatives, are incorporated in the 
descriptive portions of this report.

Congressional Budget Office Estimate, New Budget Authority, Entitlement 
                    Authority, and Tax Expenditures

    With respect to the requirements of clause 3(c)(2) of rule 
XIII of the Rules of the House of Representatives and section 
308(a) of the Congressional Budget Act of 1974, and with 
respect to the requirements of clause 3(c)(3) of rule XIII of 
the Rules of the House of Representatives and section 402 of 
the Congressional Budget Act of 1974, the Committee has 
requested but not received from the Director of the 
Congressional Budget Office a statement as to whether this bill 
contains any new budget authority, spending authority, credit 
authority, or an increase or decrease in revenues or tax 
expenditures.

                       Federal Mandates Statement

    An estimate of Federal mandates prepared by the Director of 
the Congressional Budget Office pursuant to section 423 of the 
Unfunded Mandates Reform Act was not made available to the 
Committee in time for the filing of this report. The Chairman 
of the Committee shall cause such estimate to be printed in the 
Congressional Record upon its receipt by the Committee.

                      Duplicative Federal Programs

    Pursuant to clause 3(c) of rule XIII, the Committee finds 
that H.R. 3243 does not contain any provision that establishes 
or reauthorizes a program known to be duplicative of another 
Federal program.

         Statement of General Performance Goals and Objectives

    Pursuant to clause 3(c)(4) of rule XIII of the Rules of the 
House of Representatives, the objectives of H.R. 3243 are to 
clarify TSA's pipeline security responsibilities and bolster 
its activities related to securing pipelines against 
cybersecurity threats, acts of terrorism, and other nefarious 
acts that jeopardize the cybersecurity or physical security of 
pipelines.

   Congressional Earmarks, Limited Tax Benefits, and Limited Tariff 
                 Benefits Advisory Committee Statement

    In compliance with rule XXI of the Rules of the House of 
Representatives, this bill, as reported, contains no 
congressional earmarks, limited tax benefits, or limited tariff 
benefits as defined in clause 9(d), 9(e), or 9(f) of the rule 
XXI.

                  Applicability to Legislative Branch

    The Committee finds that H.R. 3243 does not relate to the 
terms and conditions of employment or access to public services 
or accommodations within the meaning of section 102(b)(3) of 
the Congressional Accountability Act.

             Section-by-Section Analysis of the Legislation


Section 1. Short Title.

    This section provides that this bill may be cited as the 
``Pipeline Security Act.''

Sec. 2. Pipeline Security Responsibilities.

    This section amends subsection (f) of section 114 of title 
49, United States Code, to add a new paragraph directing that 
the TSA Administrator, in coordination with the CISA Director, 
maintain responsibility relating to securing pipeline 
transportation and pipeline facilities against cybersecurity 
threats, acts of terrorism, and other nefarious acts that 
jeopardize the physical security or cybersecurity of pipeline 
transportation or facilities. The Committee believes that 
incorporating language calling on TSA to coordinate with CISA, 
an entity that was not established as a DHS component until 
2018, uniquely positions TSA to carry out its pipeline security 
mission in the evolving threat landscape.

Sec. 3. Pipeline Security Division.

    This section amends title XVI of the Homeland Security Act 
of 2002 by establishing a pipeline security division within TSA 
to carry out pipeline security programs. The mission of the 
pipeline security division is to oversee, in coordination with 
CISA, the security of pipeline transportation and pipeline 
facilities against cybersecurity threats, acts of terrorism, 
and other nefarious acts that jeopardize the physical security 
or cybersecurity of such transportation or facilities.
    Additionally, this section requires the TSA Administrator 
to appoint a division head to the pipeline security division 
who has pipeline industry and security expertise. This 
individual must be in the executive service of TSA. This 
section further specifies that the division will be staffed by 
a workforce that includes personnel with cybersecurity 
expertise.
    This section also articulates certain responsibilities of 
the pipeline security division. These responsibilities include 
developing guidelines for the physical security and 
cybersecurity of pipeline transportation and pipeline 
facilities, in coordination with relevant government, public, 
and private sector stakeholders. These guidelines must be 
updated based on intelligence and risk assessments no less than 
every three years and shared, as appropriate, with key pipeline 
security stakeholders, unless they are superseded by mandatory 
security directives or regulations. The division is further 
instructed to conduct cybersecurity and physical security 
assessments of pipelines to ensure voluntary compliance with 
these security guidelines and, as applicable, mandated 
compliance with security directives or regulations related to 
pipeline security. Other responsibilities of the division 
include carrying out a program to inspect pipelines and 
pipeline facilities, including inspections of pipeline 
facilities determined to be critical. The division is also 
tasked with supporting the development and implementation of 
security directives and regulations related to pipeline 
security.
    Furthermore, the TSA Administrator and CISA Director are 
authorized to detail personnel between their components under 
this section. The pipeline security division will also be 
required to publish updated security guidelines within one year 
of the date of enactment, except if such guidelines have been 
superseded by security directives or regulations.
    The Committee believes that establishing a division within 
TSA that is dedicated to pipeline security will enhance TSA's 
execution of its pipeline security mission by ensuring this 
mission receives senior-level leadership, personnel, and 
institutional visibility commensurate with its importance. 
Additionally, the Committee believes that by specifically 
articulating key responsibilities and authorities of this 
division, TSA will be able to more effectively engage with 
pipeline security stakeholders and assist with the development 
and implementation of guidance, security directives, and 
regulations on such matters. The Committee also believes that 
requiring a program to inspect critical pipelines and pipeline 
facilities is key to ensuring pipelines and pipeline facilities 
continually meet security standards. Finally, the Committee 
believes that authorizing the TSA Administrator and CISA 
Director to detail personnel between their components will help 
drive interagency communication and collaboration and ensure 
DHS leverages the expertise of its different components 
effectively.

Sec. 4. Personnel Strategy.

    This section requires TSA, in coordination with CISA, to 
develop a personnel strategy for the staffing of the pipeline 
security division within 180 days of the date of enactment. 
Upon development of the strategy, the TSA Administrator must 
provide the Committee on Homeland Security of the House of 
Representatives and the Committee on Commerce, Science, and 
Transportation of the Senate with a copy of such a strategy. 
The strategy must take into consideration the most recently 
published versions of key DHS and TSA strategy documents. 
Additionally, it must contain an assessment of the resources 
needed to carry out the pipeline security division's 
responsibilities and an assessment of TSA's pipeline security 
cybersecurity expertise, including a plan to further develop 
such expertise.
    The Committee believes the development of a personnel 
strategy for the staffing of the pipeline security division 
will help TSA build upon its ongoing efforts to develop a 
workforce capable of ensuring the security of the pipeline 
sector, and that specifically assessing the need for 
cybersecurity expertise will help TSA acquire the workforce 
needed to counter current threats.

Sec. 5. Oversight.

    This section requires the TSA Administrator to report to 
the Committee on Homeland Security of the House of 
Representatives and the Committee on Commerce, Science, and 
Transportation of the Senate about the activities of the 
pipeline security division, including information with respect 
to guidelines, security directives, regulations, security 
assessments, and inspections, no less than annually. Each 
report must include a determination by the Administrator 
regarding whether a need exists for additional regulations or 
non-regulatory initiatives and provide a justification for such 
determination.
    Finally, the section requires GAO to conduct a review of 
the implementation of the Act, not later than two years after 
the date of enactment.
    The Committee believes the requirements for regular reports 
to Congress and a GAO review will assist Congress in conducting 
effective oversight of TSA's pipeline security efforts. Such 
oversight will be key to ensuring the success of the pipeline 
security division.

Sec. 6. Stakeholder Engagement.

     This section requires the TSA Administrator to convene not 
less than two industry days to engage with pipeline 
transportation and pipeline facilities stakeholders. These 
industry days shall occur not later than one year after the 
date of enactment.
     The Committee has heard from pipeline stakeholders 
regarding the importance of information-sharing between the 
government and the private sector, as well as about the value 
of TSA's pipeline security capabilities in particular. 
Stakeholders have also noted that, during critical incidents, 
it is essential to have established lines of communication with 
key regulators. The Committee believes that the combination of 
a standing division dedicated to pipeline security and 
requirements for meetings will enhance engagement between TSA 
and pipeline operators.

         Changes in Existing Law Made by the Bill, as Reported

  In compliance with clause 3(e) of rule XIII of the Rules of 
the House of Representatives, changes in existing law made by 
the bill, as reported, are shown as follows (existing law 
proposed to be omitted is enclosed in black brackets, new 
matter is printed in italics, and existing law in which no 
change is proposed is shown in roman):

                      TITLE 49, UNITED STATES CODE




           *       *       *       *       *       *       *
SUBTITLE I--DEPARTMENT OF TRANSPORTATION

           *       *       *       *       *       *       *


CHAPTER 1--ORGANIZATION

           *       *       *       *       *       *       *



Sec. 114. Transportation Security Administration

  (a) In General.--The Transportation Security Administration 
shall be an administration of the Department of Homeland 
Security.
  (b) Leadership.--
          (1) Head of transportation security administration.--
                  (A) Appointment.--The head of the 
                Administration shall be the Administrator of 
                the Transportation Security Administration 
                (referred to in this section as the 
                ``Administrator''). The Administrator shall be 
                appointed by the President, by and with the 
                advice and consent of the Senate.
                  (B) Qualifications.--The Administrator must--
                          (i) be a citizen of the United 
                        States; and
                          (ii) have experience in a field 
                        directly related to transportation or 
                        security.
                  (C) Term.--Effective with respect to any 
                individual appointment by the President, by and 
                with the advice and consent of the Senate, 
                after the date of enactment of the TSA 
                Modernization Act, the term of office of an 
                individual appointed as the Administrator shall 
                be 5 years. The term of office of an individual 
                serving as the Administrator on the date of 
                enactment of the TSA Modernization Act shall be 
                5 years beginning on the date that the 
                Administrator began serving.
          (2) Deputy administrator.--
                  (A) Appointment.--There is established in the 
                Transportation Security Administration a Deputy 
                Administrator, who shall assist the 
                Administrator in the management of the 
                Transportation Security Administration. The 
                Deputy Administrator shall be appointed by the 
                President.
                  (B) Vacancy.--The Deputy Administrator shall 
                be Acting Administrator during the absence or 
                incapacity of the Administrator or during a 
                vacancy in the office of Administrator.
                  (C) Qualifications.--The Deputy Administrator 
                must--
                          (i) be a citizen of the United 
                        States; and
                          (ii) have experience in a field 
                        directly related to transportation or 
                        security.
          (3) Chief counsel.--
                  (A) Appointment.--There is established in the 
                Transportation Security Administration a Chief 
                Counsel, who shall advise the Administrator and 
                other senior officials on all legal matters 
                relating to the responsibilities, functions, 
                and management of the Transportation Security 
                Administration.
                  (B) Qualifications.--The Chief Counsel must 
                be a citizen of the United States.
  (c) Limitation on Ownership of Stocks and Bonds.--The 
Administrator may not own stock in or bonds of a transportation 
or security enterprise or an enterprise that makes equipment 
that could be used for security purposes.
  (d) Functions.--The Administrator shall be responsible for 
security in all modes of transportation, including--
          (1) carrying out chapter 449, relating to civil 
        aviation security, and related research and development 
        activities; and
          (2) security responsibilities over other modes of 
        transportation that are exercised by the Department of 
        Transportation.
  (e) Screening Operations.--The Administrator shall--
          (1) be responsible for day-to-day Federal security 
        screening operations for passenger air transportation 
        and intrastate air transportation under sections 44901 
        and 44935;
          (2) develop standards for the hiring and retention of 
        security screening personnel;
          (3) train and test security screening personnel; and
          (4) be responsible for hiring and training personnel 
        to provide security screening at all airports in the 
        United States where screening is required under section 
        44901, in consultation with the Secretary of 
        Transportation and the heads of other appropriate 
        Federal agencies and departments.
  (f) Additional Duties and Powers.--In addition to carrying 
out the functions specified in subsections (d) and (e), the 
Administrator shall--
          (1) receive, assess, and distribute intelligence 
        information related to transportation security;
          (2) assess threats to transportation;
          (3) develop policies, strategies, and plans for 
        dealing with threats to transportation security;
          (4) make other plans related to transportation 
        security, including coordinating countermeasures with 
        appropriate departments, agencies, and 
        instrumentalities of the United States Government;
          (5) serve as the primary liaison for transportation 
        security to the intelligence and law enforcement 
        communities;
          (6) on a day-to-day basis, manage and provide 
        operational guidance to the field security resources of 
        the Administration, including Federal Security Managers 
        as provided by section 44933;
          (7) enforce security-related regulations and 
        requirements;
          (8) identify and undertake research and development 
        activities necessary to enhance transportation 
        security;
          (9) inspect, maintain, and test security facilities, 
        equipment, and systems;
          (10) ensure the adequacy of security measures for the 
        transportation of cargo;
          (11) oversee the implementation, and ensure the 
        adequacy, of security measures at airports and other 
        transportation facilities;
          (12) require background checks for airport security 
        screening personnel, individuals with access to secure 
        areas of airports, and other transportation security 
        personnel;
          (13) work in conjunction with the Administrator of 
        the Federal Aviation Administration with respect to any 
        actions or activities that may affect aviation safety 
        or air carrier operations;
          (14) work with the International Civil Aviation 
        Organization and appropriate aeronautic authorities of 
        foreign governments under section 44907 to address 
        security concerns on passenger flights by foreign air 
        carriers in foreign air transportation;
          (15) establish and maintain a National Deployment 
        Office as required under section 44948 of this title; 
        [and]
          (16) maintain responsibility, in coordination with 
        the Director of the Cybersecurity and Infrastructure 
        Security Agency, as appropriate, relating to securing 
        pipeline transportation and pipeline facilities (as 
        such terms are defined in section 60101 of this title) 
        against cybersecurity threats (as such term is defined 
        in section 102 of the Cybersecurity Information Sharing 
        Act of 2015 (Public Law 114-113; 6 U.S.C. 1501)), an 
        act of terrorism (as such term is defined in section 
        3077 of title 18), and other nefarious acts that 
        jeopardize the physical security or cybersecurity of 
        such transportation or facilities; and
          [(16)] (17) carry out such other duties, and exercise 
        such other powers, relating to transportation security 
        as the Administrator considers appropriate, to the 
        extent authorized by law.
  (g) National Emergency Responsibilities.--
          (1) In general.--Subject to the direction and control 
        of the Secretary of Homeland Security, the 
        Administrator, during a national emergency, shall have 
        the following responsibilities:
                  (A) To coordinate domestic transportation, 
                including aviation, rail, and other surface 
                transportation, and maritime transportation 
                (including port security).
                  (B) To coordinate and oversee the 
                transportation-related responsibilities of 
                other departments and agencies of the Federal 
                Government other than the Department of Defense 
                and the military departments.
                  (C) To coordinate and provide notice to other 
                departments and agencies of the Federal 
                Government, and appropriate agencies of State 
                and local governments, including departments 
                and agencies for transportation, law 
                enforcement, and border control, about threats 
                to transportation.
                  (D) To carry out such other duties, and 
                exercise such other powers, relating to 
                transportation during a national emergency as 
                the Secretary of Homeland Security shall 
                prescribe.
          (2) Authority of other departments and agencies.--The 
        authority of the Administrator under this subsection 
        shall not supersede the authority of any other 
        department or agency of the Federal Government under 
        law with respect to transportation or transportation-
        related matters, whether or not during a national 
        emergency.
          (3) Circumstances.--The Secretary of Homeland 
        Security shall prescribe the circumstances constituting 
        a national emergency for purposes of this subsection.
  (h) Management of Security Information.--In consultation with 
the Transportation Security Oversight Board, the Administrator 
shall--
          (1) enter into memoranda of understanding with 
        Federal agencies or other entities to share or 
        otherwise cross-check as necessary data on individuals 
        identified on Federal agency databases who may pose a 
        risk to transportation or national security;
          (2) establish procedures for notifying the 
        Administrator of the Federal Aviation Administration, 
        appropriate State and local law enforcement officials, 
        and airport or airline security officers of the 
        identity of individuals known to pose, or suspected of 
        posing, a risk of air piracy or terrorism or a threat 
        to airline or passenger safety;
          (3) in consultation with other appropriate Federal 
        agencies and air carriers, establish policies and 
        procedures requiring air carriers--
                  (A) to use information from government 
                agencies to identify individuals on passenger 
                lists who may be a threat to civil aviation or 
                national security; and
                  (B) if such an individual is identified, 
                notify appropriate law enforcement agencies, 
                prevent the individual from boarding an 
                aircraft, or take other appropriate action with 
                respect to that individual; and
          (4) consider requiring passenger air carriers to 
        share passenger lists with appropriate Federal agencies 
        for the purpose of identifying individuals who may pose 
        a threat to aviation safety or national security.
  (i) View of NTSB.--In taking any action under this section 
that could affect safety, the Administrator shall give great 
weight to the timely views of the National Transportation 
Safety Board.
  (j) Acquisitions.--
          (1) In general.--The Administrator is authorized--
                  (A) to acquire (by purchase, lease, 
                condemnation, or otherwise) such real property, 
                or any interest therein, within and outside the 
                continental United States, as the Administrator 
                considers necessary;
                  (B) to acquire (by purchase, lease, 
                condemnation, or otherwise) and to construct, 
                repair, operate, and maintain such personal 
                property (including office space and patents), 
                or any interest therein, within and outside the 
                continental United States, as the Administrator 
                considers necessary;
                  (C) to lease to others such real and personal 
                property and to provide by contract or 
                otherwise for necessary facilities for the 
                welfare of its employees and to acquire, 
                maintain, and operate equipment for these 
                facilities;
                  (D) to acquire services, including such 
                personal services as the Secretary of Homeland 
                Security determines necessary, and to acquire 
                (by purchase, lease, condemnation, or 
                otherwise) and to construct, repair, operate, 
                and maintain research and testing sites and 
                facilities; and
                  (E) in cooperation with the Administrator of 
                the Federal Aviation Administration, to utilize 
                the research and development facilities of the 
                Federal Aviation Administration.
          (2) Title.--Title to any property or interest therein 
        acquired pursuant to this subsection shall be held by 
        the Government of the United States.
  (k) Transfers of Funds.--The Administrator is authorized to 
accept transfers of unobligated balances and unexpended 
balances of funds appropriated to other Federal agencies (as 
such term is defined in section 551(1) of title 5) to carry out 
functions assigned by law to the Administrator.
  (l) Regulations.--
          (1) In general.--The Administrator is authorized to 
        issue, rescind, and revise such regulations as are 
        necessary to carry out the functions of the 
        Administration.
          (2) Emergency procedures.--
                  (A) In general.--Notwithstanding any other 
                provision of law or executive order (including 
                an executive order requiring a cost-benefit 
                analysis), if the Administrator determines that 
                a regulation or security directive must be 
                issued immediately in order to protect 
                transportation security, the Administrator 
                shall issue the regulation or security 
                directive without providing notice or an 
                opportunity for comment and without prior 
                approval of the Secretary.
                  (B) Review by transportation security 
                oversight board.--Any regulation or security 
                directive issued under this paragraph shall be 
                subject to review by the Transportation 
                Security Oversight Board established under 
                section 115. Any regulation or security 
                directive issued under this paragraph shall 
                remain effective for a period not to exceed 90 
                days unless ratified or disapproved by the 
                Board or rescinded by the Administrator.
          (3) Factors to consider.--In determining whether to 
        issue, rescind, or revise a regulation under this 
        section, the Administrator shall consider, as a factor 
        in the final determination, whether the costs of the 
        regulation are excessive in relation to the enhancement 
        of security the regulation will provide. The 
        Administrator may waive requirements for an analysis 
        that estimates the number of lives that will be saved 
        by the regulation and the monetary value of such lives 
        if the Administrator determines that it is not feasible 
        to make such an estimate.
          (4) Airworthiness objections by faa.--
                  (A) In general.--The Administrator shall not 
                take an aviation security action under this 
                title if the Administrator of the Federal 
                Aviation Administration notifies the 
                Administrator that the action could adversely 
                affect the airworthiness of an aircraft.
                  (B) Review by secretary.--Notwithstanding 
                subparagraph (A), the Administrator may take 
                such an action, after receiving a notification 
                concerning the action from the Administrator of 
                the Federal Aviation Administration under 
                subparagraph (A), if the Secretary of 
                Transportation subsequently approves the 
                action.
  (m) Personnel and Services; Cooperation by Administrator.--
          (1) Authority of administrator.--In carrying out the 
        functions of the Administration, the Administrator 
        shall have the same authority as is provided to the 
        Administrator of the Federal Aviation Administration 
        under subsections (l) and (m) of section 106.
          (2) Authority of agency heads.--The head of a Federal 
        agency shall have the same authority to provide 
        services, supplies, equipment, personnel, and 
        facilities to the Administrator as the head has to 
        provide services, supplies, equipment, personnel, and 
        facilities to the Administrator of the Federal Aviation 
        Administration under section 106(m).
  (n) Personnel Management System.--
          (1) In general.--The personnel management system 
        established by the Administrator of the Federal 
        Aviation Administration under section 40122 shall apply 
        to employees of the Transportation Security 
        Administration, or, subject to the requirements of such 
        section, the Administrator may make such modifications 
        to the personnel management system with respect to such 
        employees as the Administrator considers appropriate, 
        such as adopting aspects of other personnel systems of 
        the Department of Homeland Security.
          (2) Meritorious executive or distinguished executive 
        rank awards.--Notwithstanding section 40122(g)(2) of 
        this title, the applicable sections of title 5 shall 
        apply to the Transportation Security Administration 
        personnel management system, except that--
                  (A) for purposes of applying such provisions 
                to the personnel management system--
                          (i) the term ``agency'' means the 
                        Department of Homeland Security;
                          (ii) the term ``senior executive'' 
                        means a Transportation Security 
                        Administration executive serving on a 
                        Transportation Security Executive 
                        Service appointment;
                          (iii) the term ``career appointee'' 
                        means a Transportation Security 
                        Administration executive serving on a 
                        career Transportation Security 
                        Executive Service appointment; and
                          (iv) The term ``senior career 
                        employee'' means a Transportation 
                        Security Administration employee 
                        covered by the Transportation Security 
                        Administration Core Compensation System 
                        at the L or M pay band;
                  (B) receipt by a career appointee or a senior 
                career employee of the rank of Meritorious 
                Executive or Meritorious Senior Professional 
                entitles the individual to a lump-sum payment 
                of an amount equal to 20 percent of annual 
                basic pay, which shall be in addition to the 
                basic pay paid under the applicable 
                Transportation Security Administration pay 
                system; and
                  (C) receipt by a career appointee or a senior 
                career employee of the rank of Distinguished 
                Executive or Distinguished Senior Professional 
                entitles the individual to a lump-sum payment 
                of an amount equal to 35 percent of annual 
                basic pay, which shall be in addition to the 
                basic pay paid under the applicable 
                Transportation Security Administration pay 
                system.
          (3) Definition of applicable sections of title 5.--In 
        this subsection, the term ``applicable sections of 
        title 5'' means--
                  (A) subsections (b), (c) and (d) of section 
                4507 of title 5; and
                  (B) subsections (b) and (c) of section 4507a 
                of title 5.
  (o) Authority of Inspector General.--The Transportation 
Security Administration shall be subject to the Inspector 
General Act of 1978 (5 U.S.C. App.) and other laws relating to 
the authority of the Inspector General of the Department of 
Homeland Security.
  (p) Law Enforcement Powers.--
          (1) In general.--The Administrator may designate an 
        employee of the Transportation Security Administration 
        or other Federal agency to serve as a law enforcement 
        officer.
          (2) Powers.--While engaged in official duties of the 
        Administration as required to fulfill the 
        responsibilities under this section, a law enforcement 
        officer designated under paragraph (1) may--
                  (A) carry a firearm;
                  (B) make an arrest without a warrant for any 
                offense against the United States committed in 
                the presence of the officer, or for any felony 
                cognizable under the laws of the United States 
                if the officer has probable cause to believe 
                that the person to be arrested has committed or 
                is committing the felony; and
                  (C) seek and execute warrants for arrest or 
                seizure of evidence issued under the authority 
                of the United States upon probable cause that a 
                violation has been committed.
          (3) Guidelines on exercise of authority.--The 
        authority provided by this subsection shall be 
        exercised in accordance with guidelines prescribed by 
        the Administrator, in consultation with the Attorney 
        General of the United States, and shall include 
        adherence to the Attorney General's policy on use of 
        deadly force.
          (4) Revocation or suspension of authority.--The 
        powers authorized by this subsection may be rescinded 
        or suspended should the Attorney General determine that 
        the Administrator has not complied with the guidelines 
        prescribed in paragraph (3) and conveys the 
        determination in writing to the Secretary of Homeland 
        Security and the Administrator.
  (q) Authority To Exempt.--The Administrator may grant an 
exemption from a regulation prescribed in carrying out this 
section if the Administrator determines that the exemption is 
in the public interest.
  (r) Nondisclosure of Security Activities.--
          (1) In general.--Notwithstanding section 552 of title 
        5, the Administrator shall prescribe regulations 
        prohibiting the disclosure of information obtained or 
        developed in carrying out security under authority of 
        the Aviation and Transportation Security Act (Public 
        Law 107-71) or under chapter 449 of this title if the 
        Administrator decides that disclosing the information 
        would--
                  (A) be an unwarranted invasion of personal 
                privacy;
                  (B) reveal a trade secret or privileged or 
                confidential commercial or financial 
                information; or
                  (C) be detrimental to the security of 
                transportation.
          (2) Availability of information to congress.--
        Paragraph (1) does not authorize information to be 
        withheld from a committee of Congress authorized to 
        have the information.
          (3) Limitation on transferability of duties.--Except 
        as otherwise provided by law, the Administrator may not 
        transfer a duty or power under this subsection to 
        another department, agency, or instrumentality of the 
        United States.
          (4) Limitations.--Nothing in this subsection, or any 
        other provision of law, shall be construed to authorize 
        the designation of information as sensitive security 
        information (as defined in section 1520.5 of title 49, 
        Code of Federal Regulations)--
                  (A) to conceal a violation of law, 
                inefficiency, or administrative error;
                  (B) to prevent embarrassment to a person, 
                organization, or agency;
                  (C) to restrain competition; or
                  (D) to prevent or delay the release of 
                information that does not require protection in 
                the interest of transportation security, 
                including basic scientific research information 
                not clearly related to transportation security.
  (s) Transportation Security Strategic Planning.--
          (1) In general.--The Secretary of Homeland Security 
        shall develop, prepare, implement, and update, as 
        needed--
                  (A) a National Strategy for Transportation 
                Security; and
                  (B) transportation modal security plans 
                addressing security risks, including threats, 
                vulnerabilities, and consequences, for 
                aviation, railroad, ferry, highway, maritime, 
                pipeline, public transportation, over-the-road 
                bus, and other transportation infrastructure 
                assets.
          (2) Role of secretary of transportation.--The 
        Secretary of Homeland Security shall work jointly with 
        the Secretary of Transportation in developing, 
        revising, and updating the documents required by 
        paragraph (1).
          (3) Contents of national strategy for transportation 
        security.--The National Strategy for Transportation 
        Security shall include the following:
                  (A) An identification and evaluation of the 
                transportation assets in the United States 
                that, in the interests of national security and 
                commerce, must be protected from attack or 
                disruption by terrorist or other hostile 
                forces, including modal security plans for 
                aviation, bridge and tunnel, commuter rail and 
                ferry, highway, maritime, pipeline, rail, mass 
                transit, over-the-road bus, and other public 
                transportation infrastructure assets that could 
                be at risk of such an attack or disruption.
                  (B) The development of risk-based priorities, 
                based on risk assessments conducted or received 
                by the Secretary of Homeland Security 
                (including assessments conducted under the 
                Implementing Recommendations of the 9/11 
                Commission Act of 2007) across all 
                transportation modes and realistic deadlines 
                for addressing security needs associated with 
                those assets referred to in subparagraph (A).
                  (C) The most appropriate, practical, and 
                cost-effective means of defending those assets 
                against threats to their security.
                  (D) A forward-looking strategic plan that 
                sets forth the agreed upon roles and missions 
                of Federal, State, regional, local, and tribal 
                authorities and establishes mechanisms for 
                encouraging cooperation and participation by 
                private sector entities, including nonprofit 
                employee labor organizations, in the 
                implementation of such plan.
                  (E) A comprehensive delineation of 
                prevention, response, and recovery 
                responsibilities and issues regarding 
                threatened and executed acts of terrorism 
                within the United States and threatened and 
                executed acts of terrorism outside the United 
                States to the extent such acts affect United 
                States transportation systems.
                  (F) A prioritization of research and 
                development objectives that support 
                transportation security needs, giving a higher 
                priority to research and development directed 
                toward protecting vital transportation assets. 
                Transportation security research and 
                development projects shall be based, to the 
                extent practicable, on such prioritization. 
                Nothing in the preceding sentence shall be 
                construed to require the termination of any 
                research or development project initiated by 
                the Secretary of Homeland Security or the 
                Secretary of Transportation before the date of 
                enactment of the Implementing Recommendations 
                of the 9/11 Commission Act of 2007.
                  (G) A 3- and 10-year budget for Federal 
                transportation security programs that will 
                achieve the priorities of the National Strategy 
                for Transportation Security.
                  (H) Methods for linking the individual 
                transportation modal security plans and the 
                programs contained therein, and a plan for 
                addressing the security needs of intermodal 
                transportation.
                  (I) Transportation modal security plans 
                described in paragraph (1)(B), including 
                operational recovery plans to expedite, to the 
                maximum extent practicable, the return to 
                operation of an adversely affected 
                transportation system following a major 
                terrorist attack on that system or other 
                incident. These plans shall be coordinated with 
                the resumption of trade protocols required 
                under section 202 of the SAFE Port Act (6 
                U.S.C. 942) and the National Maritime 
                Transportation Security Plan required under 
                section 70103(a) of title 46.
          (4) Submission of plans.--
                  (A) In general.--The Secretary of Homeland 
                Security shall submit the National Strategy for 
                Transportation Security, including the 
                transportation modal security plans and any 
                revisions to the National Strategy for 
                Transportation Security and the transportation 
                modal security plans, to appropriate 
                congressional committees not less frequently 
                than April 1 of each even-numbered year.
                  (B) Periodic progress report.--
                          (i) Requirement for report.--Each 
                        year, in conjunction with the 
                        submission of the budget to Congress 
                        under section 1105(a) of title 31, 
                        United States Code, the Secretary of 
                        Homeland Security shall submit to the 
                        appropriate congressional committees an 
                        assessment of the progress made on 
                        implementing the National Strategy for 
                        Transportation Security, including the 
                        transportation modal security plans.
                          (ii) Content.--Each progress report 
                        submitted under this subparagraph shall 
                        include, at a minimum, the following:
                                  (I) Recommendations for 
                                improving and implementing the 
                                National Strategy for 
                                Transportation Security and the 
                                transportation modal and 
                                intermodal security plans that 
                                the Secretary of Homeland 
                                Security, in consultation with 
                                the Secretary of 
                                Transportation, considers 
                                appropriate.
                                  (II) An accounting of all 
                                grants for transportation 
                                security, including grants and 
                                contracts for research and 
                                development, awarded by the 
                                Secretary of Homeland Security 
                                in the most recent fiscal year 
                                and a description of how such 
                                grants accomplished the goals 
                                of the National Strategy for 
                                Transportation Security.
                                  (III) An accounting of all--
                                          (aa) funds requested 
                                        in the President's 
                                        budget submitted 
                                        pursuant to section 
                                        1105 of title 31 for 
                                        the most recent fiscal 
                                        year for transportation 
                                        security, by mode;
                                          (bb) personnel 
                                        working on 
                                        transportation security 
                                        by mode, including the 
                                        number of contractors; 
                                        and
                                          (cc) information on 
                                        the turnover in the 
                                        previous year among 
                                        senior staff of the 
                                        Department of Homeland 
                                        Security, including 
                                        component agencies, 
                                        working on 
                                        transportation security 
                                        issues. Such 
                                        information shall 
                                        include the number of 
                                        employees who have 
                                        permanently left the 
                                        office, agency, or area 
                                        in which they worked, 
                                        and the amount of time 
                                        that they worked for 
                                        the Department of 
                                        Homeland Security.
                          (iii) Written explanation of 
                        transportation security activities not 
                        delineated in the national strategy for 
                        transportation security.--At the end of 
                        each fiscal year, the Secretary of 
                        Homeland Security shall submit to the 
                        appropriate congressional committees a 
                        written explanation of any Federal 
                        transportation security activity that 
                        is inconsistent with the National 
                        Strategy for Transportation Security, 
                        including the amount of funds to be 
                        expended for the activity and the 
                        number of personnel involved.
                  (C) Classified material.--Any part of the 
                National Strategy for Transportation Security 
                or the transportation modal security plans that 
                involve information that is properly classified 
                under criteria established by Executive order 
                shall be submitted to the appropriate 
                congressional committees separately in a 
                classified format.
                  (D) Appropriate congressional committees 
                defined.--In this subsection, the term 
                ``appropriate congressional committees'' means 
                the Committee on Transportation and 
                Infrastructure and the Committee on Homeland 
                Security of the House of Representatives and 
                the Committee on Commerce, Science, and 
                Transportation, the Committee on Homeland 
                Security and Governmental Affairs, and the 
                Committee on Banking, Housing, and Urban 
                Affairs of the Senate.
          (5) Priority Status.--
                  (A) In general.--The National Strategy for 
                Transportation Security shall be the governing 
                document for Federal transportation security 
                efforts.
                  (B) Other plans and reports.--The National 
                Strategy for Transportation Security shall 
                include, as an integral part or as an 
                appendix--
                          (i) the current National Maritime 
                        Transportation Security Plan under 
                        section 70103 of title 46;
                          (ii) the report required by section 
                        44938 of this title;
                          (iii) transportation modal security 
                        plans required under this section;
                          (iv) the transportation sector 
                        specific plan required under Homeland 
                        Security Presidential Directive-7; and
                          (v) any other transportation security 
                        plan or report that the Secretary of 
                        Homeland Security determines 
                        appropriate for inclusion.
          (6) Coordination.--In carrying out the 
        responsibilities under this section, the Secretary of 
        Homeland Security, in coordination with the Secretary 
        of Transportation, shall consult, as appropriate, with 
        Federal, State, and local agencies, tribal governments, 
        private sector entities (including nonprofit employee 
        labor organizations), institutions of higher learning, 
        and other entities.
          (7) Plan distribution.--The Secretary of Homeland 
        Security shall make available and appropriately 
        publicize an unclassified version of the National 
        Strategy for Transportation Security, including its 
        component transportation modal security plans, to 
        Federal, State, regional, local and tribal authorities, 
        transportation system owners or operators, private 
        sector stakeholders, including nonprofit employee labor 
        organizations representing transportation employees, 
        institutions of higher learning, and other appropriate 
        entities.
  (t) Transportation Security Information Sharing Plan.--
          (1) Definitions.--In this subsection:
                  (A) Appropriate congressional committees.--
                The term ``appropriate congressional 
                committees'' has the meaning given that term in 
                subsection (s)(4)(E).
                  (B) Plan.--The term ``Plan'' means the 
                Transportation Security Information Sharing 
                Plan established under paragraph (2).
                  (C) Public and private stakeholders.--The 
                term ``public and private stakeholders'' means 
                Federal, State, and local agencies, tribal 
                governments, and appropriate private entities, 
                including nonprofit employee labor 
                organizations representing transportation 
                employees.
                  (D) Transportation security information.--The 
                term ``transportation security information'' 
                means information relating to the risks to 
                transportation modes, including aviation, 
                public transportation, railroad, ferry, 
                highway, maritime, pipeline, and over-the-road 
                bus transportation, and may include specific 
                and general intelligence products, as 
                appropriate.
          (2) Establishment of plan.--The Secretary of Homeland 
        Security, in consultation with the program manager of 
        the information sharing environment established under 
        section 1016 of the Intelligence Reform and Terrorism 
        Prevention Act of 2004 (6 U.S.C. 485), the Secretary of 
        Transportation, and public and private stakeholders, 
        shall establish a Transportation Security Information 
        Sharing Plan. In establishing the Plan, the Secretary 
        of Homeland Security shall gather input on the 
        development of the Plan from private and public 
        stakeholders and the program manager of the information 
        sharing environment established under section 1016 of 
        the Intelligence Reform and Terrorism Prevention Act of 
        2004 (6 U.S.C. 485).
          (3) Purpose of plan.--The Plan shall promote sharing 
        of transportation security information between the 
        Department of Homeland Security and public and private 
        stakeholders.
          (4) Content of plan.--The Plan shall include--
                  (A) a description of how intelligence 
                analysts within the Department of Homeland 
                Security will coordinate their activities 
                within the Department and with other Federal, 
                State, and local agencies, and tribal 
                governments, including coordination with 
                existing modal information sharing centers and 
                the center described in section 1410 of the 
                Implementing Recommendations of the 9/11 
                Commission Act of 2007;
                  (B) the establishment of a point of contact, 
                which may be a single point of contact within 
                the Department of Homeland Security, for each 
                mode of transportation for the sharing of 
                transportation security information with public 
                and private stakeholders, including an 
                explanation and justification to the 
                appropriate congressional committees if the 
                point of contact established pursuant to this 
                subparagraph differs from the agency within the 
                Department of Homeland Security that has the 
                primary authority, or has been delegated such 
                authority by the Secretary of Homeland 
                Security, to regulate the security of that 
                transportation mode;
                  (C) a reasonable deadline by which the Plan 
                will be implemented; and
                  (D) a description of resource needs for 
                fulfilling the Plan.
          (5) Coordination with information sharing.--The Plan 
        shall be--
                  (A) implemented in coordination, as 
                appropriate, with the program manager for the 
                information sharing environment established 
                under section 1016 of the Intelligence Reform 
                and Terrorism Prevention Act of 2004 (6 U.S.C. 
                485); and
                  (B) consistent with the establishment of the 
                information sharing environment and any 
                policies, guidelines, procedures, instructions, 
                or standards established by the President or 
                the program manager for the implementation and 
                management of the information sharing 
                environment.
          (6) Annual report on plan.--The Secretary of Homeland 
        Security shall annually submit to the appropriate 
        congressional committees a report containing the Plan.
          (7) Security clearances.--The Secretary of Homeland 
        Security shall, to the greatest extent practicable, 
        take steps to expedite the security clearances needed 
        for designated public and private stakeholders to 
        receive and obtain access to classified information 
        distributed under this section, as appropriate.
          (8) Classification of material.--The Secretary of 
        Homeland Security, to the greatest extent practicable, 
        shall provide designated public and private 
        stakeholders with transportation security information 
        in an unclassified format.
  (u) Enforcement of Regulations and Orders of the Secretary of 
Homeland Security.--
          (1) Application of subsection.--
                  (A) In general.--This subsection applies to 
                the enforcement of regulations prescribed, and 
                orders issued, by the Secretary of Homeland 
                Security under a provision of chapter 701 of 
                title 46 and under a provision of this title 
                other than a provision of chapter 449 (in this 
                subsection referred to as an ``applicable 
                provision of this title'').
                  (B) Violations of chapter 449.--The penalties 
                for violations of regulations prescribed and 
                orders issued by the Secretary of Homeland 
                Security or the Administrator under chapter 449 
                of this title are provided under chapter 463 of 
                this title.
                  (C) Nonapplication to certain violations.--
                          (i) Paragraphs (2) through (5) do not 
                        apply to violations of regulations 
                        prescribed, and orders issued, by the 
                        Secretary of Homeland Security under a 
                        provision of this title--
                                  (I) involving the 
                                transportation of personnel or 
                                shipments of materials by 
                                contractors where the 
                                Department of Defense has 
                                assumed control and 
                                responsibility;
                                  (II) by a member of the armed 
                                forces of the United States 
                                when performing official 
                                duties; or
                                  (III) by a civilian employee 
                                of the Department of Defense 
                                when performing official 
                                duties.
                          (ii) Violations described in 
                        subclause (I), (II), or (III) of clause 
                        (i) shall be subject to penalties as 
                        determined by the Secretary of Defense 
                        or the Secretary of Defense's designee.
          (2) Civil penalty.--
                  (A) In general.--A person is liable to the 
                United States Government for a civil penalty of 
                not more than $10,000 for a violation of a 
                regulation prescribed, or order issued, by the 
                Secretary of Homeland Security under an 
                applicable provision of this title.
                  (B) Repeat violations.--A separate violation 
                occurs under this paragraph for each day the 
                violation continues.
          (3) Administrative imposition of civil penalties.--
                  (A) In general.--The Secretary of Homeland 
                Security may impose a civil penalty for a 
                violation of a regulation prescribed, or order 
                issued, under an applicable provision of this 
                title. The Secretary shall give written notice 
                of the finding of a violation and the penalty.
                  (B) Scope of civil action.--In a civil action 
                to collect a civil penalty imposed by the 
                Secretary of Homeland Security under this 
                subsection, a court may not re-examine issues 
                of liability or the amount of the penalty.
                  (C) Jurisdiction.--The district courts of the 
                United States shall have exclusive jurisdiction 
                of civil actions to collect a civil penalty 
                imposed by the Secretary of Homeland Security 
                under this subsection if--
                          (i) the amount in controversy is more 
                        than--
                                  (I) $400,000, if the 
                                violation was committed by a 
                                person other than an individual 
                                or small business concern; or
                                  (II) $50,000 if the violation 
                                was committed by an individual 
                                or small business concern;
                          (ii) the action is in rem or another 
                        action in rem based on the same 
                        violation has been brought; or
                          (iii) another action has been brought 
                        for an injunction based on the same 
                        violation.
                  (D) Maximum penalty.--The maximum civil 
                penalty the Secretary of Homeland Security 
                administratively may impose under this 
                paragraph is--
                          (i) $400,000, if the violation was 
                        committed by a person other than an 
                        individual or small business concern; 
                        or
                          (ii) $50,000, if the violation was 
                        committed by an individual or small 
                        business concern.
                  (E) Notice and opportunity to request 
                hearing.--Before imposing a penalty under this 
                section the Secretary of Homeland Security 
                shall provide to the person against whom the 
                penalty is to be imposed--
                          (i) written notice of the proposed 
                        penalty; and
                          (ii) the opportunity to request a 
                        hearing on the proposed penalty, if the 
                        Secretary of Homeland Security receives 
                        the request not later than 30 days 
                        after the date on which the person 
                        receives notice.
          (4) Compromise and setoff.--
                  (A) The Secretary of Homeland Security may 
                compromise the amount of a civil penalty 
                imposed under this subsection.
                  (B) The Government may deduct the amount of a 
                civil penalty imposed or compromised under this 
                subsection from amounts it owes the person 
                liable for the penalty.
          (5) Investigations and proceedings.--Chapter 461 
        shall apply to investigations and proceedings brought 
        under this subsection to the same extent that it 
        applies to investigations and proceedings brought with 
        respect to aviation security duties designated to be 
        carried out by the Secretary of Homeland Security.
          (6) Definitions.--In this subsection:
                  (A) Person.--The term ``person'' does not 
                include--
                          (i) the United States Postal Service; 
                        or
                          (ii) the Department of Defense.
                  (B) Small business concern.--The term ``small 
                business concern'' has the meaning given that 
                term in section 3 of the Small Business Act (15 
                U.S.C. 632).
          (7) Enforcement transparency.--
                  (A) In general.--The Secretary of Homeland 
                Security shall--
                          (i) provide an annual summary to the 
                        public of all enforcement actions taken 
                        by the Secretary under this subsection; 
                        and
                          (ii) include in each such summary the 
                        docket number of each enforcement 
                        action, the type of alleged violation, 
                        the penalty or penalties proposed, and 
                        the final assessment amount of each 
                        penalty.
                  (B) Electronic availability.--Each summary 
                under this paragraph shall be made available to 
                the public by electronic means.
                  (C) Relationship to the freedom of 
                information act and the privacy act.--Nothing 
                in this subsection shall be construed to 
                require disclosure of information or records 
                that are exempt from disclosure under sections 
                552 or 552a of title 5.
  (v) Authorization of Appropriations.--There are authorized to 
be appropriated to the Transportation Security Administration 
for salaries, operations, and maintenance of the 
Administration--
          (1) $7,849,247,000 for fiscal year 2019;
          (2) $7,888,494,000 for fiscal year 2020; and
          (3) $7,917,936,000 for fiscal year 2021.
  (w) Leadership and Organization.--
          (1) In general.--For each of the areas described in 
        paragraph (2), the Administrator of the Transportation 
        Security Administration shall appoint at least 1 
        individual who shall--
                  (A) report directly to the Administrator or 
                the Administrator's designated direct report; 
                and
                  (B) be responsible and accountable for that 
                area.
          (2) Areas described.--The areas described in this 
        paragraph are as follows:
                  (A) Aviation security operations and 
                training, including risk-based, adaptive 
                security--
                          (i) focused on airport checkpoint and 
                        baggage screening operations;
                          (ii) workforce training and 
                        development programs; and
                          (iii) ensuring compliance with 
                        aviation security law, including 
                        regulations, and other specialized 
                        programs designed to secure air 
                        transportation.
                  (B) Surface transportation security 
                operations and training, including risk-based, 
                adaptive security--
                          (i) focused on accomplishing security 
                        systems assessments;
                          (ii) reviewing and prioritizing 
                        projects for appropriated surface 
                        transportation security grants;
                          (iii) operator compliance with 
                        surface transportation security law, 
                        including regulations, and voluntary 
                        industry standards; and
                          (iv) workforce training and 
                        development programs, and other 
                        specialized programs designed to secure 
                        surface transportation.
                  (C) Transportation industry engagement and 
                planning, including the development, 
                interpretation, promotion, and oversight of a 
                unified effort regarding risk-based, risk-
                reducing security policies and plans (including 
                strategic planning for future contingencies and 
                security challenges) between government and 
                transportation stakeholders, including 
                airports, domestic and international airlines, 
                general aviation, air cargo, mass transit and 
                passenger rail, freight rail, pipeline, highway 
                and motor carriers, and maritime.
                  (D) International strategy and operations, 
                including agency efforts to work with 
                international partners to secure the global 
                transportation network.
                  (E) Trusted and registered traveler programs, 
                including the management and marketing of the 
                agency's trusted traveler initiatives, 
                including the PreCheck Program, and 
                coordination with trusted traveler programs of 
                other Department of Homeland Security agencies 
                and the private sector.
                  (F) Technology acquisition and deployment, 
                including the oversight, development, testing, 
                evaluation, acquisition, deployment, and 
                maintenance of security technology and other 
                acquisition programs.
                  (G) Inspection and compliance, including the 
                integrity, efficiency and effectiveness of the 
                agency's workforce, operations, and programs 
                through objective audits, covert testing, 
                inspections, criminal investigations, and 
                regulatory compliance.
                  (H) Civil rights, liberties, and traveler 
                engagement, including ensuring that agency 
                employees and the traveling public are treated 
                in a fair and lawful manner consistent with 
                Federal laws and regulations protecting privacy 
                and prohibiting discrimination and reprisal.
                  (I) Legislative and public affairs, including 
                communication and engagement with internal and 
                external audiences in a timely, accurate, and 
                transparent manner, and development and 
                implementation of strategies within the agency 
                to achieve congressional approval or 
                authorization of agency programs and policies.
          (3) Notification.--The Administrator shall submit to 
        the appropriate committees of Congress--
                  (A) not later than 180 days after the date of 
                enactment of the TSA Modernization Act, a list 
                of the names of the individuals appointed under 
                paragraph (1); and
                  (B) an update of the list not later than 5 
                days after any new individual is appointed 
                under paragraph (1).

           *       *       *       *       *       *       *

                              ----------                              


                     HOMELAND SECURITY ACT OF 2002


SECTION 1. SHORT TITLE; TABLE OF CONTENTS.

  (a) Short Title.--This Act may be cited as the ``Homeland 
Security Act of 2002''.
  (b) Table of Contents.--The table of contents for this Act is 
as follows:

Sec. 1. Short title; table of contents.
     * * * * * * *

                   TITLE XVI--TRANSPORTATION SECURITY

                     Subtitle A--General Provisions

Sec. 1601. Definitions.

     Subtitle B--Transportation Security Administration Acquisition 
                              Improvements

Sec. 1611. 5-year technology investment plan.
Sec. 1612. Acquisition justification and reports.
Sec. 1613. Acquisition baseline establishment and reports.
Sec. 1614. Inventory utilization.
Sec. 1615. Small business contracting goals.
Sec. 1616. Consistency with the Federal acquisition regulation and 
          departmental policies and directives.
[1617. Diversified security technology industry marketplace.]
Sec. 1617. Diversified security technology industry marketplace.

         Subtitle C--Maintenance of security-related technology

[1621. Maintenance validation and oversight.]
Sec. 1621. Maintenance validation and oversight.

                      Subtitle D--Pipeline Security

Sec. 1631. Pipeline security division.

           *       *       *       *       *       *       *


TITLE XVI--TRANSPORTATION SECURITY

           *       *       *       *       *       *       *


                     Subtitle D--Pipeline Security

SEC. 1631. PIPELINE SECURITY DIVISION.

  (a) Establishment.--There is within the Administration a 
pipeline security division to carry out pipeline security 
programs in furtherance of section 114(f)(16) of title 49, 
United States Code.
  (b) Mission.--The mission of the division referred to in 
subsection (a) is to oversee, in coordination with the 
Cybersecurity and Infrastructure Security Agency of the 
Department, the security of pipeline transportation and 
pipeline facilities (as such terms are defined in section 60101 
of title 49, United States Code) against cybersecurity threats 
(as such term is defined in section 102 of the Cybersecurity 
Information Sharing Act of 2015 (Public Law 114-113; 6 U.S.C. 
1501)), an act of terrorism (as such term is defined in section 
3077 of title 18, United States Code), and other nefarious acts 
that jeopardize the physical security or cybersecurity of such 
transportation or facilities.
  (c) Leadership; Staffing.--The Administrator shall appoint as 
the head of the division an individual in the executive service 
of the Administration with knowledge of the pipeline industry 
and security best practices, as determined appropriate by the 
Administrator. The division shall be staffed by a workforce 
that includes personnel with cybersecurity expertise.
  (d) Responsibilities.--The division shall be responsible for 
carrying out the duties of the division as directed by the 
Administrator, acting through the head appointed pursuant to 
subsection (c). Such duties shall include the following:
          (1) Developing, in consultation with relevant 
        Federal, State, local, Tribal, and territorial entities 
        and public and private sector stakeholders, guidelines 
        for improving the security of pipeline transportation 
        and pipeline facilities against cybersecurity threats, 
        an act of terrorism, and other nefarious acts that 
        jeopardize the physical security or cybersecurity of 
        such transportation or facilities, consistent with the 
        National Institute of Standards and Technology 
        Framework for Improvement of Critical Infrastructure 
        Cybersecurity and any update to such guidelines 
        pursuant to section 2(c)(15) of the National Institute 
        for Standards and Technology Act (15 U.S.C. 
        272(c)(15)).
          (2) Updating such guidelines as necessary based on 
        intelligence and risk assessments, but not less 
        frequently than every three years, unless such 
        guidelines are superseded by directives or regulations.
          (3) Sharing of such guidelines and, as appropriate, 
        intelligence and information regarding such security 
        threats to pipeline transportation and pipeline 
        facilities, as appropriate, with relevant Federal, 
        State, local, Tribal, and territorial entities and 
        public and private sector stakeholders.
          (4) Conducting voluntary security assessments based 
        on such guidelines, or mandatory security assessments 
        if required by superseding directives or regulations, 
        to provide recommendations or requirements for the 
        improvement of the security of pipeline transportation 
        and pipeline facilities against cybersecurity threats, 
        an act of terrorism, and other nefarious acts that 
        jeopardize the physical security or cybersecurity of 
        such transportation or facilities, including the 
        security policies, plans, practices, and training 
        programs maintained by owners and operators of pipeline 
        facilities.
          (5) Carrying out a program through which the 
        Administrator identifies and ranks the relative risk of 
        pipelines and inspects pipeline facilities designated 
        by owners and operators of such facilities as critical 
        based on such guidelines or superseding directives or 
        regulations.
          (6) Supporting the development and implementation of 
        a security directive or regulation when the 
        Administrator issues such a directive or regulation.
  (e) Details.--In furtherance of the division's mission, as 
set forth in subsection (b), the Administrator and the Director 
of the Cybersecurity and Infrastructure Security Agency may 
detail personnel between their components to leverage 
expertise. Personnel detailed from the Cybersecurity and 
Infrastructure Security Agency may be considered as fulfilling 
the cybersecurity expertise requirements in referred to in 
subsection (c).

           *       *       *       *       *       *       *


                                  [all]