[Federal Register Volume 71, Number 101 (Thursday, May 25, 2006)]
[Proposed Rules]
[Pages 30094-30097]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E6-8078]


-----------------------------------------------------------------------

DEPARTMENT OF TRANSPORTATION

Federal Aviation Administration

14 CFR Part 193

[Docket No. FAA-2006-24855]


Voluntary Disclosure Reporting Program

AGENCY: Federal Aviation Administration (FAA), DOT.

ACTION: Notice of Proposed Order Designating Information as Protected 
from Disclosure.

-----------------------------------------------------------------------

SUMMARY: The FAA is proposing that information provided to the agency 
from a Voluntary Disclosure Reporting Program (VDRP) be designated by 
an FAA order as protected from public disclosure in accordance with the 
provisions of 14 CFR part 193. Under 49 U.S.C. 40123, the FAA is 
required to protect the information from disclosure to the public, 
including disclosure under the Freedom of Information Act (5 U.S.C. 
552) or other laws, following issuance of such order. The designation 
is intended to encourage participation in the VDRP.

DATES: Comments must be received on or before June 26, 2006.

ADDRESSES: You may send comments [identified by Docket Number [Insert 
docket number, for example, FAA-200X-24855]] using any of the following 
methods:
     DOT Docket Web site: Go to http://dms.dot.gov and follow 
the instructions for sending your comments electronically.
     Government-wide rulemaking Web site: Go to http://www.regulations.gov and follow the instructions for sending your 
comments electronically.
     Mail: Docket Management Facility; U.S. Department of 
Transportation, 400 Seventh Street, SW., Nassif Building, Room PL-401, 
Washington, DC 20590-0001.
     Fax: 1-202-493-2251.
     Hand Delivery: Room PL-401 on the plaza level of the 
Nassif Building, 400 Seventh Street, SW., Washington, DC, between 9 
a.m. and 5 p.m., Monday through Friday, except Federal holidays.
    For more information on the rulemaking process, see the 
SUPPLEMENTARY INFORMATION section of this document.
    Privacy: We will post all comments we receive, without change, to 
http://dms.dot.gov, including any personal information you provide. For 
more information, see the Privacy Act discussion in the SUPPLEMENTARY 
INFORMATION section of this document.
    Docket: To read background documents or comments received, go to 
http://dms.dot.gov at any time or to Room PL-401 on the plaza level of 
the Nassif Building, 400 Seventh Street, SW., Washington, DC, between 9 
a.m. and 5 p.m., Monday through Friday, except Federal holidays.

FOR FURTHER INFORMATION CONTACT: Dr. Thomas Longridge, Flight Standards 
Service, AFS-230, Federal Aviation Administration, 800 Independence 
Ave., SW., Washington DC 20591, telephone (703) 661-0275.

SUPPLEMENTARY INFORMATION:

[[Page 30095]]

Comments Invited

    The FAA invites interested persons to participate in this 
rulemaking by submitting written comments, data, or views. We also 
invite comments relating to the economic, environmental, energy, or 
federalism impacts that might result from adopting the proposals in 
this document. The most helpful comments reference a specific portion 
of the proposal, explain the reason for any recommended change, and 
include supporting data. We ask that you send us two copies of written 
comments.
    We will file in the docket all comments we receive, as well as a 
report summarizing each substantive public contact with FAA personnel 
concerning this proposed rulemaking. The docket is available for public 
inspection before and after the comment closing date. If you wish to 
review the docket in person, go to the address in the ADDRESSES section 
of this preamble between 9 a.m. and 5 p.m., Monday through Friday, 
except Federal holidays. You may also review the docket using the 
Internet at the Web address in the ADDRESSES section.
    Privacy Act: Using the search function of our docket Web site, 
anyone can find and read the comments received into any of our dockets, 
including the name of the individual sending the comment (or signing 
the comment on behalf of an association, business, labor union, etc.). 
You may review DOT's complete Privacy Act Statement in the Federal 
Register published on April 11, 2000 (65 FR 19477-78) or you may visit 
http://dms.dot.gov.
    Before acting on this proposal, we will consider all comments we 
receive on or before the closing date for comments. We will consider 
comments filed late if it is possible to do so without incurring 
expense or delay. We may change this proposal in light of the comments 
we receive.
    If you want the FAA to acknowledge receipt of your comments on this 
proposal, include with your comments a pre-addressed, stamped postcard 
on which the docket number appears. We will stamp the date on the 
postcard and mail it to you.

Availability of This Proposed Designation

    You can get an electronic copy using the Internet by:
    (1) Searching the Department of Transportation's electronic Docket 
Management System (DMS) Web page (http://dms.dot.gov/search);
    (2) Visiting the FAA's Regulations and Policies Web page at http://www.faa.gov/regulations_policies/; or
    (3) Accessing the Government Printing Office's Web page at http://www.gpoaccess.gov/fr/index.html.

Background

    Under 49 U.S.C. 40123, certain voluntarily provided safety and 
security information is protected from disclosure to encourage persons 
to provide the information to the FAA. The FAA must issue an order 
making certain findings before the information is protected from 
disclosure. The FAA's rules implementing that section are in 14 CFR 
part 193. If the Administrator issues an order designating information 
as protected under 49 U.S.C. 40123, that information will not be 
disclosed under the Freedom of Information Act (5 U.S.C. 552) or other 
laws except as provided in 49 U.S.C. 40123, 14 CFR part 193, and the 
order designating the information as protected. This proposed order is 
issued under 14 CFR 193.11, which sets out the notice procedure for 
designating information as protected.

Description of the Proposed Information Sharing Program.

    Civil penalties under the FAA's enforcement program have always 
been considered a means to promote compliance with the FAA's 
regulations, not an end in themselves. In addition to the deterrence 
achieved by the appropriate use of civil penalties, the public interest 
is also served by positive incentives to promote and achieve 
compliance. The FAA believes that aviation safety is well served by 
incentives for regulated entities to identify and correct their own 
instances of noncompliance and to invest more resources in efforts to 
preclude their recurrence. Under the VDRP, it is FAA policy generally 
to forgo civil penalty action when an entity detects violations, 
promptly discloses the violations to the FAA, and takes prompt 
corrective action to ensure that the same or similar violations do not 
recur. The VDRP is designed to develop long-term comprehensive fixes 
and encourage compliance with the FAA's regulations, foster safe 
operating practices, and promote the development of internal evaluation 
programs.
    A disclosure under the VDRP is accomplished by initial notification 
of an apparent violation to the FAA by a certificate holder, indirect 
air carrier, design approval holder, production approval holder, or 
other regulated entity immediately after an apparent violation has been 
discovered by that regulated entity, and before the FAA learns of the 
apparent violation by some other means, unless otherwise permitted by 
written FAA policy for a related voluntary program. For example, under 
the Aviation Safety Action Program (ASAP) as described in AC 120-66, as 
amended, a voluntary disclosure may be accepted even if the FAA has 
already learned of an apparent violation from an employee submitted 
ASAP report. In any case, the initial notification to the FAA must 
comply with Advisory Circular 00-58, as amended. The form of initial 
notification may be oral, a written hard copy, or a written electronic 
copy. The VDRP disclosure and follow-on corrective action must be 
accomplished in accordance with the criteria and procedures specified 
in Advisory Circular (AC) 00-58, as amended.
    The FAA responds by opening an enforcement investigative report 
(EIR) and sending a written acknowledgement of the regulated entity's 
initial VDRP notification. This acknowledgement includes a request for 
a written report, and is sent in place of a letter of investigation 
(LOI), provided the written report is completed in accordance with the 
procedures set forth in AC 00-58, as amended. The report must include a 
detailed description of the proposed comprehensive fix, outlining the 
planned corrective steps, the responsibilities for implementing those 
corrective steps, and the planned dates for both initial implementation 
and completion of the fix. The FAA advises the regulated entity by 
written acknowledgement when it determines that the report is or is not 
acceptable. Following initial implementation of the comprehensive fix, 
verification of it by the FAA, and an initial assessment by the FAA of 
the apparent effectiveness of the comprehensive fix, the EIR is closed 
by issuing a letter of correction (LOC) to the regulated entity that 
includes the date on which the comprehensive fix was initially 
implemented, and the expected date for final completion. Following 
issuance of the LOC, the case is closed, but remains subject to 
reopening if the agreed-upon corrective actions are not completed to 
the satisfaction of the FAA. The LOC remains on file at the FAA for a 
period of two years. [Comment: Administrative actions are expunged 
after two years only for individuals.] If the FAA determines that the 
corrective action taken is not satisfactorily completed, the LOC may be 
rescinded, the EIR re-opened, and appropriate legal enforcement action 
may be initiated.

Summary of the VDRP Voluntary Information Sharing Program

    A. Who may participate: Regulated entities as provided in Advisory

[[Page 30096]]

Circular 00-58, as amended and Advisory Circular 121-37.
    B. What voluntarily provided information would be protected from 
disclosure under this proposed designation: The content of all 
submissions by a regulated entity that are accepted under the VDRP, 
including, but not limited to, all of the items listed under Proposed 
Findings, Paragraph (2) below.
    C. How persons would participate: Regulated entities participate by 
notification of an apparent violation to the FAA by the regulated 
entity in accordance with the VDRP reporting procedures, and completion 
of corrective actions in accordance with AC 00-58, as amended.
    D. Duration of this information sharing program: This information 
sharing program would continue in effect indefinitely, unless the FAA 
terminates the VDRP, or until the order of designation under 14 CFR 
part 193 for the VDRP is withdrawn by the FAA.

Proposed Findings

    The FAA proposes to designate information received under the VDRP 
as protected under 49 U.S.C. 40123 and 14 CFR 193.7 based on the 
following findings:
    (1) Summary of why the FAA finds that the information will be 
provided voluntarily.
    The FAA finds that the information will be provided voluntarily. No 
certificate holder is required to participate in the VDRP. Initiation 
of submissions under the VDRP are indicative of the willingness of 
regulated entities to identify and correct their own instances of 
regulatory noncompliance, develop long term comprehensive fixes, and 
foster safe operating practices.
    (2) Description of the type of information that may be voluntarily 
provided under the program and a summary of why the FAA finds that the 
information is safety or security related.
    The information that would be voluntarily submitted under a VDRP is 
described in AC 00-58, as amended. Because the Federal Aviation 
Regulations specify the minimum requirements for safety, and VDRP 
submissions entail violations of those regulations, the information is 
inherently safety related. It would include the following:
    (a) Information contained in an initial notification to the FAA:

--A brief description of the apparent violation, including an estimate 
of the duration of time that it remained undetected, as well as how and 
when it was discovered;
--Verification that noncompliance ceased after it was identified;
--A brief description of the immediate action taken after the apparent 
violation was identified, the immediate action taken to terminate the 
conduct that resulted in the apparent violation, and the person 
responsible for taking the immediate action;
--Verification that an evaluation is underway to determine if there are 
any systemic problems;
--Identification of the person responsible for preparing the 
comprehensive fix; and
--Acknowledgment that a detailed written report will be provided to the 
designated FAA official within 10 working days.
    (b) Information contained in a detailed written report:

--A list of the specific FAA regulations that may have been violated;
--A description of the apparent violation, including the duration of 
time it remained undetected, as well as how and when it was detected;
--A description of the immediate action taken to terminate the conduct 
that resulted in the apparent violation, including when it was taken, 
and who was responsible for taking the action;
--An explanation that shows the apparent violation was inadvertent;
--Evidence that demonstrates the seriousness of the apparent violation 
and the regulated entity's analysis of that evidence;
--A detailed description of the proposed comprehensive fix, outlining 
the planned corrective steps, the responsibilities for implementing 
those corrective steps, and a time schedule for completion of the fix; 
and
--Identification of the company official responsible for monitoring the 
implementation and completion of the comprehensive fix.

    (3) Summary of why the FAA finds that the disclosure of the 
information would inhibit persons from voluntarily providing that type 
of information.
    The FAA finds that disclosure of the information would inhibit the 
voluntary provision of that type of information. Regulated entities are 
reluctant to voluntarily disclose instances of regulatory noncompliance 
if such submissions might be subject to public disclosure. A 
significant impediment to participation in the VDRP is concern over 
public disclosure of the information, and, if disclosed, the potential 
for it to be used for other than the system safety enhancement purposes 
for which the VDRP was created. Withholding such information from 
disclosure is consistent with the FAA's safety and security 
responsibilities because, unless the FAA can provide assurance that it 
will not be disclosed, regulated entities will be reluctant to 
participate in the program.
    Although regulated entities have voluntarily disclosed information 
under the VDRP for several years, they did so after the FAA promised 
that such information would be deidentified in the Enforcement 
Information System (EIS), which is the FAA's central and national 
database of enforcement action information. The entities were reluctant 
to participate in the VDRP without this promise for fear that 
information they disclosed would be readily available to the public 
through a FOIA request for records in the EIS. So that entities 
continue to use the VDRP, the FAA has not kept the identity of persons 
reporting, or detailed information about disclosures, under that 
program in the EIS or any other central database.
    Once information provided under the VDRP is designated as protected 
under 14 CFR part 193, more regulated entities may be willing to submit 
disclosures under the program that were previously reluctant to. In 
addition, FAA will be able to retain more information about the 
disclosures, including the identity of the reporters, in an FAA 
database, without chilling participation in the VDRP. Disclosures under 
the VDRP enable the FAA to become aware of many more instances of 
regulatory noncompliance than it otherwise would, and moreover, the 
VDRP permits the FAA to assure that appropriate corrective action is 
taken. If regulated entities do not participate, the FAA and the public 
will be deprived of the opportunity to make the system safety 
improvements that receipt of the information otherwise enables.
    (4) Summary of why the receipt of that type of information aids in 
fulfilling the FAA's safety and security responsibilities.
    The FAA finds that receipt of VDRP information aids in fulfilling 
the FAA's safety and security responsibilities. A primary purpose of 
FAA regulations is to assure public safety. Because the VDRP identifies 
and corrects instances of regulatory noncompliance of which the FAA may 
be otherwise unaware, the program offers significant potential for 
enhancement of public safety. Receipt of this otherwise unavailable 
information would also provide the FAA with an improved basis for 
modifying procedures, policies, and regulations to improve safety and 
efficiency.
    (5) Summary of why withholding such information from disclosure 
would be

[[Page 30097]]

consistent with the FAA's safety and security responsibilities, 
including a statement as to the circumstances under which, and a 
summary of why, withholding such information from disclosure would not 
be consistent with the FAA's safety and security responsibilities, as 
described in 14 CFR 193.9.
    The FAA finds that withholding VDRP information provided to the FAA 
is consistent with the FAA's safety responsibilities. The VDRP 
specifically provides that appropriate corrective action must be taken 
by the regulated entity for all instances of regulatory noncompliance 
accepted under the program. To be accepted by the FAA, apparent 
violations disclosed under the program must be inadvertent, and, where 
applicable, must not indicate a lack, or reasonable question of a lack, 
of qualification of the regulated entity. Corrective action under the 
VDRP can be accomplished by the regulated entity and verified by the 
FAA without disclosure of the protected information. If the FAA 
determines that the steps taken by the entity are not those documented 
in the written report, the submission may be excluded from the VDRP, 
and appropriate legal enforcement action may be initiated.
    The FAA will release information submitted under a VDRP as 
specified in part 193 and this proposed order. To explain the need for 
changes in FAA policies, procedures, and regulations, the FAA may 
disclose de-identified (i.e., the identity of the source of the 
information and the names of the certificate holder, employees, and 
other persons, as well as any other information that could be used to 
ascertain the identity of the submitter, redacted) summary information 
that has been extracted from submissions accepted under the VDRP. The 
FAA may disclose de-identified, summarized VDRP information that 
identifies a systemic problem in the aviation system, when other 
persons need to be advised of the problem so that they can take 
corrective action. The FAA may disclose de-identified aggregate 
statistical information concerning VDRP submissions. The FAA may 
disclose independently obtained information relating to any event 
disclosed in a VDRP report. The FAA also may disclose any information 
about a disclosure initially submitted under the VDRP that is not 
accepted, or accepted, but later excluded because of the regulated 
entity's failure to comply with the criteria of the VDRP.
    (6) Summary of how the FAA will distinguish information protected 
under part 193 from information the FAA receives from other sources.
    In accordance with AC 00-58, all VRDP submissions must be clearly 
identified as such by the regulated entity making the submission. Any 
other information received by the FAA from the regulated entity 
concerning the content of a VDRP submission must be clearly labeled as 
follows to be eligible for protection under this designation: 
``WARNING: The Information in this Document is Protected from 
Disclosure under 49 U.S.C. 40123 and 14 CFR part 193.'' If the 
information is submitted electronically, the warning notice must be 
appropriately embedded in the electronic submission in a fashion that 
assures the visibility of the warning to any viewer.

Proposed Designation

    Accordingly, the Federal Aviation Administration proposes to 
designate the above-described information submitted under a VDRP to be 
protected under 49 U.S.C. 40123 and 14 CFR part 193.

    Issued in Washington, DC, on May 17, 2006.
John M. Allen,
Acting Director, Flight Standards Service.
[FR Doc. E6-8078 Filed 5-24-06; 8:45 am]
BILLING CODE 4910-13-P