[Federal Register Volume 88, Number 99 (Tuesday, May 23, 2023)]
[Proposed Rules]
[Pages 33472-33522]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2023-10131]



[[Page 33471]]

Vol. 88

Tuesday,

No. 99

May 23, 2023

Part V





Department of Homeland Security





-----------------------------------------------------------------------





Transportation Security Administration





-----------------------------------------------------------------------





49 CFR Parts 1500, 1530, 1570, et al.





Vetting of Certain Surface Transportation Employees; Proposed Rule

  Federal Register / Vol. 88 , No. 99 / Tuesday, May 23, 2023 / 
Proposed Rules  

[[Page 33472]]


-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Transportation Security Administration

49 CFR Parts 1500, 1530, 1570, 1572, 1580, 1582, 1584

[Docket No. TSA-2023-0001]
RIN 1652-AA69


Vetting of Certain Surface Transportation Employees

AGENCY: Transportation Security Administration, DHS.

ACTION: Notice of proposed rulemaking (NPRM).

-----------------------------------------------------------------------

SUMMARY: The Transportation Security Administration (TSA) is proposing 
a regulation to implement provisions of the Implementing 
Recommendations of the 9/11 Commission Act of 2007 (9/11 Act) that 
require security vetting of certain public transportation, railroad, 
and over-the-road-bus (OTRB) employees. In accordance with the 9/11 
Act, TSA proposes to require security-sensitive employees of certain 
public transportation operators and railroads to undergo a Level 2 
security threat assessment (STA) that includes an immigration check and 
terrorism watchlist check to determine whether the applicant may pose a 
security threat. Further, TSA proposes to require security coordinators 
of certain public transportation, railroad, and OTRB operators to 
undergo a Level 3 STA, which includes the Level 2 check plus a criminal 
history records check. TSA proposes appeal and waiver procedures for 
individuals who are adversely impacted by the vetting. Finally, TSA 
proposes to establish user fees to recover TSA's costs for vetting, as 
required by law.

DATES: Submit comments on or August 21, 2023.

ADDRESSES: You may submit comments, identified by the TSA docket number 
to this rulemaking, to the Federal Docket Management System (FDMS), a 
government-wide, electronic docket management system. To avoid 
duplication, please use only one of the following methods:
     Electronic Federal eRulemaking Portal: https://www.regulations.gov. Follow the online instructions for submitting 
comments.
     Mail: Docket Management Facility (M-30), U.S. Department 
of Transportation, 1200 New Jersey Avenue SE, West Building Ground 
Floor, Room W12-140, Washington, DC 20590-0001. The U.S. Department of 
Transportation (DOT), which maintains and processes TSA's official 
regulatory dockets, will scan the submission and post it to FDMS.
     Fax: (202) 493-2251.
    See SUPPLEMENTARY INFORMATION section for format and other 
information about comment submissions.

FOR FURTHER INFORMATION CONTACT: For program questions: Victor Parker, 
Surface Division, Policy, Plans, and Engagement, TSA-28, Transportation 
Security Administration, 6595 Springfield Center Drive, Springfield, VA 
20598-6002; telephone (571) 227-1039; email [email protected].
    For legal questions: Christine Beyer, Chief Counsel's office, TSA-
2, Transportation Security Administration, 6595 Springfield Center 
Drive, Springfield, VA 20598-6002; telephone (571) 227-3653; email 
[email protected].

SUPPLEMENTARY INFORMATION: 

Public Participation

    TSA invites interested persons to participate in this rulemaking by 
submitting written comments, data, or views. We also invite comments 
relating to the economic, environmental, energy, or federalism impacts 
that might result from this rulemaking action, as well as on TSA's 
collections of information under the Paperwork Reduction Act as 
described further below. You may submit comments, identified by the TSA 
docket number for this rulemaking, to the ADDRESSES noted above. With 
each comment, please include this docket number at the beginning of 
your comments. You may submit comments and material electronically, in 
person, by mail, or fax as provided under ADDRESSES, but please submit 
your comments and material by only one means. If you submit comments by 
mail or in person submit them in an unbound format, no larger than 8.5 
by 11 inches, suitable for copying and electronic filing. If you would 
like TSA to acknowledge receipt of comments submitted by mail, include 
with your comments a self-addressed, stamped postcard or envelope on 
which the docket number appears. TSA will stamp the date on the 
postcard and we will mail it to you.
    All comments, except those that include confidential information 
and sensitive security information (SSI) \1\ will be posted to https://www.regulations.gov, and will include any personal information you have 
provided. Should you wish your personally identifiable information 
redacted prior to filing in the docket, please clearly indicate this 
request in your submission. TSA will consider all comments that are in 
the docket on or before the closing date for comments and will consider 
comments filed late to the extent practicable. The docket is available 
for public inspection before and after the comment closing date.
---------------------------------------------------------------------------

    \1\ ``Sensitive Security Information'' or ``SSI'' is information 
obtained or developed in the conduct of security activities, the 
disclosure of which would constitute an unwarranted invasion of 
privacy, reveal trade secrets or privileged or confidential 
information, or be detrimental to the security of transportation. 
The protection of SSI is governed by 49 CFR part 1520.
---------------------------------------------------------------------------

Handling of Confidential or Proprietary Information and SSI Submitted 
in Public Comments

    Do not submit comments that include trade secrets, confidential 
commercial or financial information, or SSI to the public regulatory 
docket. Comments containing this type of information should be 
submitted separately from other comments, appropriately marked as 
containing such information, and submitted by mail to one of the 
addresses listed in the FOR FURTHER INFORMATION CONTACT section. TSA 
will take the following actions for all submissions containing SSI:
     TSA will not place comments containing SSI in the public 
docket and will handle them in accordance with applicable safeguards 
and restrictions on access.
     TSA will hold documents containing SSI, confidential 
business information, or trade secrets in a separate file to which the 
public does not have access, and place a note in the public docket 
explaining that commenters have submitted such documents.
     TSA may include a redacted version of the comment in the 
public docket.
     TSA will treat requests to examine or copy information 
that is not in the public docket as any other request under the Freedom 
of Information Act (FOIA) (5 U.S.C. 552) and the Department of Homeland 
Security's (DHS') FOIA regulation found in 6 CFR part 5.

Privacy Act

    Please be aware that anyone is able to search the electronic form 
of all comments in any of our dockets by the name of the individual who 
submitted (or signed the comment (e.g., if submitted by an association, 
business, labor union, etc.) For more about privacy and the docket, 
review the Privacy and Security Notice for the FDMS at https://www.regulations.gov/privacyNotice, as well as the System of Records 
Notice DOT/ALL 14--Federal Docket Management System (73 FR

[[Page 33473]]

3316, January 17, 2008) and the System of Records Notice DHS/ALL 044--
eRulemaking (85 FR 14226, March 11, 2020).

Reviewing Docket Comments and Documents

    You can review TSA's electronic public docket at https://www.regulations.gov. In addition, DOT's Docket Management Facility 
provides a physical facility, staff, equipment, and assistance to the 
public. To obtain assistance or to review items in TSA's public docket, 
you may visit this facility between 9 a.m. and 5 p.m., Monday through 
Friday, excluding legal holidays, or call (202) 366-9826. This DOT 
operations facility is located in the West Building Ground Floor, Room 
W12-140 at 1200 New Jersey Avenue SE, Washington, DC 20590.
    You can find an electronic copy of rulemaking documents through the 
internet by-searching the electronic FDMS web page at https://www.regulations.gov; or at https://www.federalregister.gov. In 
addition, copies are available by writing or calling the individual in 
the FOR FURTHER INFORMATION CONTACT section. Make sure to identify the 
docket number of this rulemaking.

Abbreviations and Terms Used in This Document

ALJ--Administrative Law Judge
ATSA--Aviation and Transportation Security Act
CBP--U.S. Customs and Border Protection
CFR--Code of Federal Regulations
CHRC--Criminal History Records Check
CJIS--Criminal Justice Information Services
DHS--U.S. Department of Homeland Security
DOE--Determination of Eligibility
ESVP--Enrollment Services and Vetting Programs
FAST--Free and Secure Trade Program
FBI--Federal Bureau of Investigation
FDI--Final Determination of Ineligibility
HME--Hazardous Materials Endorsement
IDENT--Automated Biometrics Identification System
NPRM--Notice of Proposed Rulemaking
OTRB--Over-the-Road Bus
PDI--Preliminary Determination of Ineligibility
PDIIR--Preliminary Determination of Ineligibility with Immediate 
Revocation
SAVE--Systematic Alien Verification for Entitlements Program
SENTRI--Secure Electronic Network for Travelers Rapid Inspection 
Program
SSI--Sensitive Security Information
STA--Security Threat Assessment
TSA--Transportation Security Administration
TWIC--Transportation Worker Identification Credential
U.S.C.--United States Code
USCIS--U.S. Citizenship and Immigration Services

Table of Contents

I. Executive Summary
A. Purpose of the Regulation
B. Summary of Major Provisions
II. Background
    A. Statutory and Regulatory History
    B. Specific Provisions
    1. Security-Sensitive Employees
    2. Security Coordinators
    3. IDENT and Rap Back
    4. Identity Verification
    5. Use of TSA Enrollment Centers
    6. Vetting Structure
    7. Effective Dates and Compliance
III. Analysis of Proposed Part 1530
    A. Introduction
    B. Proposed Subpart A--General
    1. Proposed Sec.  1530.1
    2. Proposed Sec.  1530.3
    3. Proposed Sec.  1530.5
    4. Proposed Sec.  1530.7
    5. Proposed Sec.  1530.9
    6. Proposed Sec.  1530.11
    7. Proposed Sec.  1530.13
    C. Proposed Subpart B--Individual Enrollment Requirements 
Continuing Responsibilities
    1. Introduction
    2. Proposed Sec.  1530.101
    3. Proposed Sec.  1530.103
    4. Proposed Sec.  1530.105
    5. Proposed Sec.  1530.107
    6. Proposed Sec.  1530.109
    D. Proposed Subpart C--Reserved
    E. Proposed Subpart D--Fees
    1. Introduction
    2. Costs
    3. Populations
    4. Fees
    5. Proposed Sec.  1530.301
    6. Proposed Sec.  1530.303
    7. Proposed Sec.  1530.305
    8. Proposed Sec.  1530.307
    9. Proposed Sec.  1530.309
    F. Proposed Subpart E--Adjudication Procedures
    1. Introduction
    2. Proposed Sec.  1530.401
    3. Proposed Sec.  1530.403
    4. Proposed Sec.  1530.405
    5. Sections 1530.407, 1530.409, 1530.411--Reserved
    6. Proposed Sec.  1530.413
    7. Proposed Sec.  1530.415
    8. Proposed Sec.  1530.417
    9. Proposed Sec.  1530.419
    G. Proposed Subpart F--Standards
    1. Introduction
    2. Proposed Sec.  1530.501
    3. Proposed Sec.  1530.503
    4. Proposed Sec.  1530.505
    5. Proposed Sec.  1530.507
    6. Proposed Sec.  1530.509
    H. Proposed Subpart G--Appeal and Waiver Procedures for Security 
Threat Assessments
    1. Introduction
    2. Proposed Sec.  1530.601
    3. Proposed Sec.  1530.603
    4. Exhaustion of Administrative Remedies
    5. Proposed Sec.  1530.605
    6. Proposed Sec.  1530.607
    7. Proposed Sec.  1530.609
    8. Proposed Sec.  1530.611
    9. Proposed Sec.  1530.613
IV. Analysis of Proposed Changes to Parts 1500, 1570, 1572, 1580, 
1582, and 1584
    A. Introduction
    B. Proposed Changes to Part 1500
    C. Proposed Changes to Part 1570
    D. Proposed Changes to Part 1572
    E. Proposed Changes to Part 1580
    1. Proposed Sec.  1580.301
    2. Proposed Sec.  1580.303
    3. Proposed Sec.  1580.305
    4. Proposed Sec.  1580.307
    F. Proposed Changes to Part 1582
    1. Proposed Sec.  1582.201
    2. Proposed Sec.  1582.203
    3. Proposed Sec.  1582.205
    4. Proposed Sec.  1582.207
    G. Proposed Changes to Part 1584
    1. Proposed Sec.  1584.201
    2. Proposed Sec.  1584.203
    3. Proposed Sec.  1584.205
    4. Proposed Sec.  1584.207

I. Executive Summary

A. Purpose of the Regulation

    This proposed rulemaking would serve three purposes:
    (1) Surface transportation security vetting. The NPRM proposes to 
implement requirements in the 9/11 Act \2\ to vet certain public 
transportation, railroad, and OTRB employees:
---------------------------------------------------------------------------

    \2\ The Implementing Recommendations of the 9/11 Commission Act, 
Public Law 110-53 (121 Stat. 266; Aug. 3, 2007).
---------------------------------------------------------------------------

     Conduct a ``name-based security background check against 
the consolidated terrorist watchlist and an immigration check'' for 
frontline public transportation employees \3\ and frontline railroad 
employees.\4\
---------------------------------------------------------------------------

    \3\ 9/11 Act, sec. 1411; codified at 6 U.S.C. 1140.
    \4\ 9/11 Act, sec. 1520.
---------------------------------------------------------------------------

     Require security coordinators of railroads \5\ and OTRBs 
\6\ to be U.S. citizens, unless TSA waives this requirement after an 
appropriate background check of the individual and a satisfactory 
review of the consolidated terrorist watchlist.
---------------------------------------------------------------------------

    \5\ 9/11 Act, sec. 1512; codified at 6 U.S.C. 1162(e)(2).
    \6\ 9/11 Act, sec. 1531; codified at 6 U.S.C. 1181.
---------------------------------------------------------------------------

    (2) Fees. TSA is proposing an equitable fee schedule to recover the 
costs of vetting services. TSA must sustain vetting programs, like 
those proposed in this rulemaking, through user fees in accordance with 
6 U.S.C. 469, Fees for Credentialing and Background Investigations in 
Transportation.
    (3) Redress. The 9/11 Act provides that if TSA issues a regulation 
requiring operators to conduct vetting of public transportation \7\ and 
railroad employees,\8\ TSA must require the operators to provide appeal 
and waiver procedures, like the procedures TSA

[[Page 33474]]

established in the Transportation Worker Identification Credential 
(TWIC) program in accordance with 46 U.S.C. 70105 and codified at 49 
CFR parts 1515, 1572. TSA proposes appeals, waivers, review by 
Administrative Law Judges (ALJs), and review by the TSA Final Decision 
Maker for individuals who are adversely affected by the vetting.
---------------------------------------------------------------------------

    \7\ 9/11 Act sec. 1414; codified at 6 U.S.C. 1143(d).
    \8\ 9/11 Act sec. 1522; codified at 6 U.S.C. 1170(d).
---------------------------------------------------------------------------

B. Summary of Major Provisions

    In accordance with the 9/11 Act and risk-based principles, TSA 
proposes to require frontline or ``security-sensitive'' employees of 
public transportation and railroad operators to undergo a Level 2 STA, 
which includes an immigration check and a terrorism check and other 
analyses (terrorism/other analyses).\9\ Specifically, sections 1411 and 
1520 of the 9/11 Act require TSA to conduct terrorist and immigration 
status vetting of public transportation and railroad employees, similar 
to the check TSA conducted in 2006 in the maritime sector. In sections 
1143 and 1170 of the Act, Congress defines a security background check 
as vetting that includes criminal, immigration and terrorist checks, 
and provides that if TSA issues a rulemaking to require operators to 
conduct security background checks, TSA must require use of the 
criminal standards and redress required by 46 U.S.C. 70105, and 49 CFR 
part 1572.
---------------------------------------------------------------------------

    \9\ This portion of the STA is called ``terrorism check and 
other analyses.'' This portion of the STA may include searches of 
many data sources, such as the consolidated terrorist watchlist 
(TSDB), U.S. Marshal's Service wants and warrants, U.S. Department 
of State lost and stolen passports, and Interpol.
---------------------------------------------------------------------------

    Further, TSA proposes to require security coordinators of public 
transportation, railroad, and OTRB operators to complete a Level 3 STA, 
which includes an immigration check, criminal check, and terrorism/
other analyses check. Table 1 below provides a summary of these 
proposed vetting requirements. Also, TSA proposes a robust redress 
process for individuals who are deemed ineligible for a position as a 
result of the vetting, to ensure that they are not disqualified in 
error. Finally, TSA proposes user fees to cover the costs of TSA's 
vetting, as required by statute.\10\
---------------------------------------------------------------------------

    \10\ See 6 U.S.C. 469.

                            Table 1--Affected Population by Mode and STA Requirement
----------------------------------------------------------------------------------------------------------------
                                                                           Proposed rule requirements
                                                   Affected    -------------------------------------------------
            Mode                 Risk level       population     Terrorism/ other    Immigration
                                                                     analyses           check           CHRC
----------------------------------------------------------------------------------------------------------------
Freight Rail................  High Risk......  Security-                [ballot]         [ballot]   ............
                                                Sensitive
                                                Employees.
                                              ------------------------------------------------------------------
                              ...............  Security                 [ballot]         [ballot]      [ballot]
                                                Coordinators
                             -----------------------------------------------------------------------------------
                              Non-High-Risk..  Security-        .................  ...............  ............
                                                Sensitive
                                                Employees.
                                              ------------------------------------------------------------------
                              ...............  Security                 [ballot]         [ballot]      [ballot]
                                                Coordinators
----------------------------------------------------------------------------------------------------------------
PTPR........................  High-Risk......  Security-                [ballot]         [ballot]   ............
                                                Sensitive
                                                Employees.
                                              ------------------------------------------------------------------
                              ...............  Security                 [ballot]         [ballot]      [ballot]
                                                Coordinators
                             -----------------------------------------------------------------------------------
                              Non-High-Risk..  Security-        .................  ...............  ............
                                                Sensitive
                                                Employees.
                                              ------------------------------------------------------------------
                              ...............  Security                 [ballot]         [ballot]      [ballot]
                                                Coordinators
----------------------------------------------------------------------------------------------------------------
OTRB........................  High-Risk......  Security-        .................  ...............  ............
                                                Sensitive
                                                Employees.
                                              ------------------------------------------------------------------
                              ...............  Security                 [ballot]         [ballot]      [ballot]
                                                Coordinators
                             -----------------------------------------------------------------------------------
                              Non-High-Risk..  Security-        .................  ...............  ............
                                                Sensitive
                                                Employees.
                                              ------------------------------------------------------------------
                              ...............  Security         .................  ...............  ............
                                                Coordinators
----------------------------------------------------------------------------------------------------------------

C. Costs and Benefits

    Table 2 identifies estimated 10-year costs to certain freight 
railroad carriers, public transportation and passenger railroad (PTPR) 
operators, OTRB operators, and TSA; and the overall cost of this 
proposed rule.

                   Table 2--Cost of the Proposed Rule
------------------------------------------------------------------------
                                             Estimated costs (millions,
                                            over 10 years, discounted at
                                                     7 percent)
------------------------------------------------------------------------
Freight Railroad..........................                        $31.43
Public Transportation and Passenger                                52.96
 Railroads................................
(PTPR)....................................
OTRB......................................                          0.92
TSA.......................................                          1.27
                                           -----------------------------
    Total.................................                         86.58
------------------------------------------------------------------------


[[Page 33475]]

    As compared to attacks carried out by passengers, attacks carried 
out by employees pose a higher likelihood of success and/or a larger 
impact due to employees' knowledge of the systems, infrastructure, 
vulnerabilities and operations. Also, employees possess unique access 
to critical operations and areas, which permits them to move with ease 
in sensitive areas where similar actions by passengers would be more 
readily identified as suspicious activity, and increases the 
opportunity and confidence to commit an attack. Known or suspected 
terrorists (KSTs) are more likely to be responsible for a 
disproportionate number of all attacks as compared to their proportion 
of the population, and thus moving KSTs and other higher-risk 
individuals out of the `insider' positions employees hold reduces risk, 
while affecting a very small percentage of all employees. Initial 
vetting inhibits applicants or existing employees from commencing or 
continuing their employment, which deters their ability to carry out an 
act. Recurrent vetting ensures employees who become threats can be 
removed quickly, reducing the overall net risk to this industry. While 
is it not possible to quantify the net risk reduction employee vetting 
creates, TSA's comprehensive vetting of transportation workers has 
effectively identified insider threats. The effort creates a meaningful 
reduction of risk of an insider attack, which benefits transportation 
security.

II. Background

A. Statutory and Regulatory History

    Following the terrorist attacks of September 11, 2001, Congress 
created the National Commission on Terrorist Attacks Upon the United 
States (9/11 Commission).\11\ The 9/11 Commission investigated the 
facts and circumstances relating to the attacks, and, on July 22, 2004, 
issued its Report.\12\
---------------------------------------------------------------------------

    \11\ Title VI, Intelligence Authorization Act for Fiscal Year 
2003, Public Law 107-306 (116 Stat. 2383; Nov. 7, 2002).
    \12\ The 9/11 Commission Report is available at https://www.9-11commission.gov/.
---------------------------------------------------------------------------

    In the Report, the 9/11 Commission recognized that transportation 
involves more than just aviation, noting that ``[a]bout 6,000 agencies 
provide transit services through buses, subways, ferries, and light-
rail service to about 14 million Americans.'' \13\ The 9/11 Commission 
also recognized that ``[o]pportunities to do harm are as great, or 
greater, in maritime or surface transportation'' as they are in 
aviation.\14\ The Commission specifically noted the ``use of insiders'' 
as a possible terrorist tactic.\15\ The Commission included in its 
report numerous recommendations for further action by the U.S. 
Government and other actors.\16\
---------------------------------------------------------------------------

    \13\ Report, p. 390-1.
    \14\ Report, p. 391.
    \15\ Report, p. 392.
    \16\ Report, pp. 367-398.
---------------------------------------------------------------------------

    In the 9/11 Act, Congress implemented many of the 9/11 Commission's 
recommendations. Congress requires TSA to issue regulations on security 
training, vetting, vulnerability assessments, and security plans for 
surface transportation entities. TSA is complying with the statute by 
issuing separate, but related rulemakings.\17\ This rulemaking 
addresses the 9/11 Act requirements to conduct ``security background 
checks'' of certain public transportation, railroad carrier, and OTRB 
employees. For purposes of this rulemaking and consistent with common 
vetting terminology, TSA uses the term ``security threat assessment 
(STA)'' in place of ``security background checks'' and the terms have 
the same meaning.
---------------------------------------------------------------------------

    \17\ See Security Training for Surface Transportation Employees 
Final Rule, 85 FR 16456 (March 23, 2020), as amended by 85 FR 25315 
(May 1, 2020), 85 FR 67681 (Oct. 26, 2020), and 86 FR 23629 (May 4, 
2021) (Security Training Final Rule).
---------------------------------------------------------------------------

    The 9/11 Act requires TSA to evaluate an individual in the STA 
process to identify ``individuals who may pose a threat to 
transportation security or national security, or of terrorism.'' \18\ 
Individuals who may pose such threats are not eligible to perform 
security-sensitive or security coordinator functions. TSA proposes to 
use this standard set forth in the 9/11 Act for all individuals who 
apply for an STA under this rulemaking.
---------------------------------------------------------------------------

    \18\ See 6 U.S.C. 1143(a)(1), 1170(a)(1).
---------------------------------------------------------------------------

    Under the 9/11 Act, TSA must conduct an STA of frontline public 
transportation employees \19\ and railroad employees \20\ that includes 
a terrorism and immigration check. TSA calls this a Level 2 check. The 
9/11 Act does not require a Level 2 check of frontline OTRB employees. 
The 9/11 Act also states that public transportation \21\ and railroad 
\22\ employees who are subject to security vetting should have an 
adequate redress process available to them to ensure that they are not 
removed or deemed ineligible in error. Finally, the 9/11 Act requires 
security coordinators of railroads \23\ and OTRB \24\ owner/operators 
to be U.S. citizens, unless TSA waives this requirement after 
conducting an appropriate STA.
---------------------------------------------------------------------------

    \19\ See 6 U.S.C. 1140.
    \20\ 9/11 Act sec. 1520.
    \21\ See 6 U.S.C. 1143(d).
    \22\ See 6 U.S.C. 1170(d).
    \23\ See 6 U.S.C. 1162(e)(2).
    \24\ See 6 U.S.C. 1181(e)(2).
---------------------------------------------------------------------------

    TSA has extensive responsibility for and experience in vetting 
individuals who access the nation's transportation system. TSA has 
broad general authority to ``require background checks for airport 
security screening personnel, individuals with access to secure areas 
of airports, and other transportation security personnel.'' \25\ In 
addition, there are statutes that require TSA to conduct STAs of 
specific individuals, such as: (1) certain airport and airline workers; 
\26\ (2) certain merchant mariners and individuals who require 
unescorted access to secure areas of vessels and maritime facilities; 
\27\ (3) individuals seeking hazardous materials endorsements (HMEs) on 
commercial driver's licenses issued by the States; \28\ and (4) 
applicants for trusted traveler status to participate in the TSA 
PreCheck[supreg] Application Program.\29\
---------------------------------------------------------------------------

    \25\ See 49 U.S.C. 114(f)(12).
    \26\ See 49 U.S.C. 44936; 49 CFR 1542.209, 1544.229, 1544.230.
    \27\ See 46 U.S.C. 70105; 49 CFR part 1572.
    \28\ See 49 U.S.C. 5103a; 49 CFR part 1572.
    \29\ See 49 U.S.C 114 note; 78 FR 72922 (Dec. 4, 2013).
---------------------------------------------------------------------------

    An STA is an inquiry to confirm an individual's identity and 
determine whether the individual poses or may pose a security threat to 
transportation or national security, or of terrorism. Individuals who 
TSA determines do not to pose a threat may be eligible for access to 
transportation infrastructure or assets, or other privileges and 
credentials. An STA consists of one or more checks against certain data 
sources, which may include terrorist or other government or 
intelligence watchlists, Interpol, immigration records, and criminal 
history records. As explained below, the specific checks TSA performs 
vary depending on the governing statutory requirements and the security 
needs associated with the access, privilege, or credential the 
individual seeks. In this NPRM, we propose the vetting standards and 
redress required by the 9/11 Act. In addition, we propose to conduct 
recurrent vetting and renewal of the STA every 5 years. The recurrent 
vetting and STA renewal is not required by the 9/11 Act, but is 
necessary to create a useful and effective inquiry into these 
transportation workers.

B. Specific Provisions

    1. Security-Sensitive Employees. Like the 9/11 Act training 
requirements that were the subject of a separate

[[Page 33476]]

rulemaking,\30\ the 9/11 Act vetting requirements refer to 
``frontline'' employees (that is, ``public transportation frontline 
employees'' in section 1411 and ``frontline railroad employees'' in 
section 1520). The 9/11 Act provides definitions for ``frontline 
employee'' within each mode of transportation.\31\ For instance, the 
statute defines the term ``railroad frontline employees'' to mean 
security personnel, dispatchers, locomotive engineers, conductors, 
trainmen, other onboard employees, maintenance and maintenance support 
personnel, bridge tenders, and any other railroad employees that the 
Secretary of Homeland Security determines should receive security 
training. The statute provides similar definitions for OTRB and public 
transportation operations.
---------------------------------------------------------------------------

    \30\ See Security Training for Surface Transportation Employees 
Final Rule, 85 FR 16456 (March 23, 2020), as amended by 85 FR 25315 
(May 1, 2020), 85 FR 67681 (Oct. 26, 2020), and 86 FR 23629 (May 4, 
2021).
    \31\ See 6 U.S.C. 1151(6) (railroads), 6 U.S.C. 1131(4) (public 
transportation), and 6 U.S.C. 1151(5) (OTRB).
---------------------------------------------------------------------------

    As part of the Security Training rulemaking, TSA adopted the term 
``security-sensitive employees'' instead of ``frontline employees'' to 
capture the individuals who are subject to the 9/11 Act 
requirements.\32\ TSA analyzed the employees listed in the 9/11 Act's 
definitions of ``frontline employees'' and considered whether employees 
are in a position to detect suspicious activity because of where they 
work, their interaction with the public, or their access to 
information. TSA also considered which individuals may need to know how 
to report or respond to these potential threats. As a result of this 
analysis, TSA determined that employees who perform functions with a 
direct nexus to, or impact on transportation security, should be called 
``security-sensitive employees'' rather than ``frontline employees.''
---------------------------------------------------------------------------

    \32\ See 81 FR 91336, 91353-91355; 85 FR 16456, 16475.
---------------------------------------------------------------------------

    In this rulemaking, consistent with the 9/11 Act (which, as noted 
above, uses the ``frontline employee'' terminology with respect to both 
training and vetting), and the applicability and terminology of the 
Security Training rulemaking, TSA proposes to implement the requirement 
to vet ``frontline'' rail and public transportation employees by 
issuing vetting regulations that apply to the same population of 
``security-sensitive'' rail and public transportation employees covered 
by the Security Training rulemaking.\33\ The following tables, taken 
from the Security Training rulemaking, describe the security-sensitive 
functions that, under this rule, would be subject to new vetting 
requirements.\34\
---------------------------------------------------------------------------

    \33\ See 49 CFR 1580.3, 1582.3, and 1584.3 in the Security 
Training Final Rule.
    \34\ Note that we are not providing a chart of the OTRB 
employees who are considered ``security-sensitive'' because the 
statute does not require TSA to conduct STAs of OTRB security-
sensitive employees, and TSA has determined that it is unnecessary 
to impose such a requirement at this time.

                             Table 3--Security-Sensitive Functions for Freight Rail
----------------------------------------------------------------------------------------------------------------
                                                                                          Examples of job titles
           Categories               Security-sensitive job functions for freight rail      applicable to these
                                                                                               functions *
----------------------------------------------------------------------------------------------------------------
A. Operating a vehicle..........  1. Employees who operate or directly control the       Engineer, conductor.
                                   movements of locomotives or other self-powered rail
                                   vehicles.
                                  2. Train conductor, trainman, brakeman, or utility
                                   employee or performs acceptance inspections, couples
                                   and uncouples rail cars, applies handbrakes, or
                                   similar functions..
                                  3. Employees covered under the Federal hours of
                                   service laws as ``train employees.'' See 49 U.S.C.
                                   21101(5) and 21103.
B. Inspecting and maintaining     Employees who inspect or repair rail cars and          Carman, car repairman,
 vehicles.                         locomotives.                                           car inspector,
                                                                                          engineer, conductor.
C. Inspecting or maintaining      1. Employees who--                                     Signalman, signal
 building or transportation       a. Maintain, install, or inspect communications and     maintainer, trackman,
 infrastructure.                   signal equipment..                                     gang foreman, bridge
                                  b. Maintain, install, or inspect track and              and building laborer,
                                   structures, including, but not limited to, bridges,    roadmaster, bridge,
                                   trestles, and tunnels..                                and building inspector/
                                                                                          operator.
                                  2. Employees covered under the Federal hours of
                                   service laws as ``signal employees.'' See 49 U.S.C.
                                   21101(3) and 21104.
D. Controlling dispatch or        1. Employees who--                                     Yardmaster, dispatcher,
 movement of a vehicle.           a. Dispatch, direct, or control the movement of         block operator, bridge
                                   trains..                                               operator.
                                  b. Operate or supervise the operations of moveable
                                   bridges..
                                  c. Supervise the activities of train crews, car
                                   movements, and switching operations in a yard or
                                   terminal..
                                  2. Employees covered under the Federal hours of
                                   service laws as ``dispatching service employees.''
                                   See 49 U.S.C. 21101(2) and 21105.
E. Providing security of the      Employees who provide for the security of the          Police officer, special
 owner/operator's equipment and    railroad carrier's equipment and property, including   agent; patrolman;
 property.                         acting as a railroad police officer (as that term is   watchman; guard.
                                   defined in 49 CFR 207.2).
F. Loading or unloading cargo or  Includes, but is not limited to, employees that load   Service track employee.
 baggage.                          or unload hazardous materials.
G. Interacting with travelling    Employees of a freight railroad operating in           Conductor, engineer,
 public (on board a vehicle or     passenger service.                                     agent.
 within a transportation
 facility).
H. Complying with security        1. Employees who serve as security coordinators        Security coordinator,
 programs or measures, including   designated in Sec.   1570.201 of this subchapter, as   train master,
 those required by Federal law.    well as any designated alternates or secondary         assistant train
                                   security coordinators.                                 master, roadmaster,
                                  2. Employees who--...................................   division roadmaster.
                                  a. Conduct training and testing of employees when the
                                   training or testing is required by TSA's security
                                   regulations.
                                  b. Perform inspections or operations required by Sec.
                                     1580.205 of this subchapter.
                                  c. Manage or direct implementation of security plan
                                   requirements.
----------------------------------------------------------------------------------------------------------------
* These job titles are provided solely as a resource to help understand the functions described; whether an
  employee must be trained is based upon the function, not the job title.


[[Page 33477]]


   Table 4--Security-Sensitive Functions for Public Transportation and
                           Passenger Railroads
------------------------------------------------------------------------
                                  Security-sensitive job functions for
          Categories              Public Transportation and Passenger
                                            Railroads (PTPR)
------------------------------------------------------------------------
A. Operating a vehicle.......  1. Employees who--
                               a. Operate or control the movements of
                                trains, other rail vehicles, or transit
                                buses.
                               b. Act as train conductor, trainman,
                                brakeman, or utility employee or
                                performs acceptance inspections, couples
                                and uncouples rail cars, applies
                                handbrakes, or similar functions.
                               2. Employees covered under the Federal
                                hours of service laws as ``train
                                employees.'' See 49 U.S.C. 21101(5) and
                                21103.
B. Inspecting and maintaining  Employees who--
 vehicles.                     1. Perform activities related to the
                                diagnosis, inspection, maintenance,
                                adjustment, repair, or overhaul of
                                electrical or mechanical equipment
                                relating to vehicles, including
                                functions performed by mechanics and
                                automotive technicians.
                               2. Provide cleaning services to vehicles
                                owned, operated, or controlled by an
                                owner/operator regulated under this
                                subchapter.
C. Inspecting or maintaining   Employees who--
 building or transportation    1. Maintain, install, or inspect
 infrastructure.                communication systems and signal
                                equipment related to the delivery of
                                transportation services.
                               2. Maintain, install, or inspect track
                                and structures, including, but not
                                limited to, bridges, trestles, and
                                tunnels.
                               3. Provide cleaning services to stations
                                and terminals owned, operated, or
                                controlled by an owner/operator
                                regulated under this subchapter that are
                                accessible to the general public or
                                passengers.
                               4. Provide maintenance services to
                                stations, terminals, yards, tunnels,
                                bridges, and operation control centers
                                owned, operated, or controlled by an
                                owner/operator regulated under this
                                subchapter.
                               5. Employees covered under the Federal
                                hours of service laws as ``signal
                                employees.'' See 49 U.S.C. 21101(4) and
                                21104.
D. Controlling dispatch or     Employees who--
 movement of a vehicle.        1. Dispatch, report, transport, receive
                                or deliver orders pertaining to specific
                                vehicles, coordination of transportation
                                schedules, tracking of vehicles and
                                equipment.
                               2. Manage day-to-day management delivery
                                of transportation services and the
                                prevention of, response to, and redress
                                of service disruptions.
                               3. Supervise the activities of train
                                crews, car movements, and switching
                                operations in a yard or terminal.
                               4. Dispatch, direct, or control the
                                movement of trains or buses.
                               5. Operate or supervise the operations of
                                moveable bridges.
                               6. Employees covered under the Federal
                                hours of service laws as ``dispatching
                                service employees.'' See 49 U.S.C.
                                21101(2) and 21105.
E. Providing security of the   Employees who--
 owner/operator's equipment    1. Provide for the security of PTPR
 and property.                  equipment and property, including acting
                                as a police officer.
                               2. Patrol and inspect property of an
                                owner/operator regulated under this
                                subchapter to protect the property,
                                personnel, passengers and/or cargo.
F. Loading or unloading cargo  Employees who load, or oversee loading
 or baggage.                    of, property tendered by or on behalf of
                                a passenger on or off of a portion of a
                                train that will be inaccessible to the
                                passenger while the train is in
                                operation.
G. Interacting with            Employees who provide services to
 travelling public (on board    passengers on-board a train or bus,
 a vehicle or within a          including collecting tickets or cash for
 transportation facility).      fares, providing information, and other
                                similar services. Including:
                               1. On-board food or beverage employees.
                               2. Functions on behalf of an owner/
                                operator regulated under this subchapter
                                that require regular interaction with
                                travelling public within a
                                transportation facility, such as ticket
                                agents.
H. Complying with security     1. Employees who serve as security
 programs or measures,          coordinators designated in Sec.
 including those required by    1570.201 of this subchapter, as well as
 Federal law.                   any designated alternates or secondary
                                security coordinators.
                               2. Employees who--
                               a. Conduct training and testing of
                                employees when the training or testing
                                is required by TSA's security
                                regulations.
                               b. Manage or direct implementation of
                                security plan requirements.
------------------------------------------------------------------------

    The 9/11 Act uses the term `employees' when discussing the 
individuals who must undergo an STA. However, TSA understands this term 
to include any individual who performs the security-sensitive functions 
outlined in the charts above or acts as a security coordinator, 
regardless of whether they have a strict employer/employee relationship 
with the operator. If an operator enters into a contract with a company 
to provide on-board food and beverage service on public transportation, 
as described in Line G in the chart above, the individuals who perform 
those security-sensitive services are in positions to create security 
vulnerabilities regardless of whether they are `employees' or 
authorized representatives, including contract personnel, of the 
operator.
    TSA defines an authorized representative in 49 CFR 1500.3 as a 
person who is not a direct employee of the operator, but is authorized 
to act on the operator's behalf to perform required security measures. 
The term `authorized representative' includes agents, contractors, and 
subcontractors. Also, TSA defines contractor in 49 CFR 1570.3 as a 
person or organization that provides a service for an owner/operator 
regulated under this subchapter consistent with a specific 
understanding or arrangement. The understanding can be a written 
contract or an informal arrangement that reflects an ongoing 
relationship between the parties.
    For purposes of this proposed rulemaking, TSA intends that an 
employee or authorized representative (including contractor) of an 
operator who performs security-sensitive functions or acts as a 
security coordinator would be subject to the vetting requirements set 
forth in the 9/11 Act. TSA believes Congress intends TSA to apply the 
same level of scrutiny to employees or authorized representatives 
(including contractors) who perform these security functions. An 
alternate view in which an authorized representative performing 
security functions would not be subject to the STA an employee must 
undergo for performing the same functions would undermine the purpose 
of the 9/11 Act provisions and create obvious security risks. In all 
modes of transportation where TSA requires individuals who perform 
security functions or have access to secured areas to undergo an STA, 
an employer/employee relationship is not required to trigger the STA. 
For purposes of the vetting standards TSA administers, the individual's 
access or function that can impact the security of operations is the 
factor that determines whether an STA is required. If TSA adopted 
standards in which an employer could evade vetting requirements 
altogether by using

[[Page 33478]]

authorized representatives/contractors, the vetting framework would be 
a sieve permitting individuals with bad intent to move undetected in 
the transportation system.
    The 9/11 Act provides that TSA must complete a ``name-based 
security background check against the consolidated terrorist watchlist 
and an immigration status check'' \35\ that is similar to the threat 
assessment screening program that TSA conducted for maritime employees 
and longshoremen pursuant to a notice issued by the U.S. Coast Guard 
(USCG) in 2006.\36\ That Notice required port facility owner/operators 
to provide biographic information of all longshoremen and other 
individuals who enter the port regularly on spreadsheets to the USCG. 
The USCG then delivered the information to TSA, and TSA conducted a 
name-based terrorism and immigration status check using the biographic 
information provided. The Notice required facility operators and unions 
to ``provide, on a continuing basis, the above-listed information for 
all new facility employees or longshoremen in a timely manner.'' \37\ 
The use of spreadsheets was necessary because TSA had not yet 
established enrollment centers to collect the necessary information 
electronically. TSA conducted this vetting while preparing the TWIC 
rulemaking that established the enrollment and vetting process it now 
uses for maritime employees. After publication of the Notice, TSA and 
USCG issued a joint rulemaking in January 2007 that established the 
TWIC vetting program. The rule established tiers of vetting, 
disqualification standards, and the requirement to renew the STA every 
5 years. Once the TWIC rule became effective, it supplanted any vetting 
that was being done under the Notice.
---------------------------------------------------------------------------

    \35\ 9/11 Act, sec. 1411, 1520.
    \36\ 71 FR 25066 (April 28, 2006).
    \37\ Id. at 25067.
---------------------------------------------------------------------------

    While this process achieved the purpose of conducting vetting of 
the maritime workforce, it was resource-intensive and subject to errors 
due to the manual data collection and entry process. Since 2006, TSA's 
enrollment and vetting capabilities have matured substantially, and the 
new electronic processes are faster, more accurate, and more efficient. 
Also, various terrorist databases administered by other agencies have 
matured and grown. TSA is better positioned now to collect the 
necessary data and conduct recurrent \38\ (daily) vetting 
electronically. Therefore, TSA proposes to conduct the STA called for 
in the 9/11 Act using the improved procedures and capabilities we now 
possess and use regularly in other vetting programs. Also, TSA proposes 
to conduct recurrent vetting of the terrorism/other analysis check for 
this population, as TSA does for all other vetting programs. A one-time 
vet of names would be viewed as substandard and the cost reduction 
would not justify the loss of security benefits. All of the vetting 
databases change daily, and thus a snapshot of a workforce in place for 
one day in time serves minimal long-term security benefit. An 
individual who passes a terrorism check Monday, may be newly identified 
as a threat and appear on a terrorist watchlist Tuesday. TSA's 
recurrent vetting does not require the vetted individual to perform any 
additional efforts; TSA's systems simply continue to run the biographic 
data collected against the watchlists each time they are amended, 
permitting TSA to conduct an investigation if any new information is 
discovered during the course of an individual's authorized access to 
indicate that they may pose a security threat. While the 9/11 Act does 
not expressly require recurrent vetting or renewal of the STA, TSA is 
authorized \39\ to use its discretion and expertise in vetting to 
propose these procedures. Moreover, we believe Congress fully intends 
that TSA establish programs that are effective in identifying risks to 
transportation security.
---------------------------------------------------------------------------

    \38\ The term `recurrent vetting' means TSA vets a name against 
the database each time the database is amended with new or revised 
information. This typically happens on a daily basis, and often more 
than once a day. TSA continues to recurrently conduct the terrorism 
check for the duration of the STA, which is typically 5 years.
    \39\ See 49 U.S.C. 114(f).
---------------------------------------------------------------------------

    Consistent with the 9/11 Act, TSA proposes to require security-
sensitive employees of covered public transportation and railroad 
operators to undergo a Level 2 check that includes an immigration check 
and terrorism/other analyses check. For the terrorism/other analyses 
check, TSA reviews biographic information, documents, and databases to 
confirm an individual's identity, and searches government and non-
government databases, including terrorist watchlists, criminal wants 
and warrants, Interpol, and other domestic and international sources, 
relevant to determining whether an individual may pose or poses a 
threat to transportation or national security, or of terrorism. If TSA 
determines that the individual poses or may pose a threat, the 
individual is not eligible for the security-sensitive position.
    TSA conducts the terrorism/other analyses check recurrently for the 
duration of the STA, which is 5 years in most TSA vetting programs, and 
we propose the same for surface employees. Thus, if an individual 
initially ``passes'' the STA, but is later placed on a watchlist, TSA 
can quickly take appropriate action to disqualify the worker or 
otherwise minimize the threat.
    The immigration check TSA proposes for security-sensitive employees 
would verify that the individual is a U.S. citizen or national, or a 
non-citizen who is a lawful permanent resident, refugee, asylee, lawful 
nonimmigrant, paroled into the U.S., or is otherwise authorized to work 
in the U.S. TSA conducts immigration checks by using the U.S. 
Citizenship and Immigration Services' (USCIS) Systematic Alien 
Verification for Entitlements (SAVE) Program. The SAVE Program is a 
government system designed to assist Federal, State, tribal, and local 
government agencies in determining an individual's immigration category 
to ensure that authorized individuals lawfully receive benefits or 
licenses.
    As noted above, the 9/11 Act does not require TSA to conduct STAs 
of OTRB security-sensitive employees, and we are not proposing a Level 
2 check of these individuals in this NPRM. However, TSA is considering 
adding that requirement in the final rule and invites comment from 
industry stakeholders on such a requirement. TSA is concerned that new 
terrorism-related tactics have emerged since passage of the 9/11 Act, 
including the use of vehicles in crowds to injure and kill innocent 
pedestrians. Beginning with the attack in Nice, France in 2016, vehicle 
ramming attacks have escalated. In 2017, 17 vehicle ramming attacks 
throughout the world were verified as terrorist-based, resulting in 173 
fatalities and 667 injuries.
    Moreover, buses, including those used for OTRB routes, are often 
provided extraordinary access and proximity to special events, athletic 
games, concerts or shopping venues, as a convenience to event-goers and 
as a traffic congestion tool for organizers. An ``insider,'' such as an 
OTRB driver, would have greater opportunity to harm event attendees by 
using a vehicle-borne improvised explosive device or simply conducting 
a ramming attack at passenger staging areas. The opportunity for harm 
using an OTRB may be greater than with use of a public transportation 
vehicle because OTRB operations include interstate business, which 
requires the vehicles to be capable of travelling much greater 
distances with much

[[Page 33479]]

heavier loads than transit buses. As a result, the typical OTRB is 
larger, heavier, and equipped with underfloor luggage storage areas not 
found in transit buses. Based upon its design, the OTRB is capable of 
transporting large volumes of dangerous materials that could be used in 
a terrorist attack.
    TSA estimates that the addition of OTRB security-sensitive employee 
vetting would affect an additional estimated 47,423 OTRB employees, 
compared with the current public transportation/passenger rail 
population of approximately 179,337 and freight rail population 
estimated at 122,236. TSA estimates that the total annualized cost of 
compliance would increase by $2.2 million.
    TSA invites comment on requiring Level 2 vetting for OTRB security-
sensitive employees as part of this rulemaking. TSA has broad statutory 
authority to assess the need for and require vetting of transportation 
workers.\40\ Under this authority, TSA may require OTRB workers to 
undergo the same vetting that we are proposing to require for security-
sensitive public transportation and railroad workers. We invite 
stakeholders to comment on the relative security risks that are 
associated with OTRB operations, including insider threats and public 
sector vulnerabilities. Also, TSA invites comment and data on the costs 
to owner/operators and individuals as a result of new vetting 
requirements, and ways to reduce costs.
---------------------------------------------------------------------------

    \40\ See 49 U.S.C. 114(f).
---------------------------------------------------------------------------

    2. Security Coordinators. In the Security Training rulemaking, TSA 
requires covered public transportation, railroad, and OTRB owner/
operators to employ security coordinators.\41\ Security coordinators 
perform important security functions, including coordinating the owner/
operator's security procedures internally and with appropriate law 
enforcement and emergency response agencies. These individuals 
typically have access to SSI, Personally Identifiable Information and 
sensitive information from government threat briefings, all of which 
require responsible handling. For these reasons, TSA proposes to 
require a more comprehensive Level 3 STA for security coordinators. TSA 
proposes that security coordinators must successfully complete a 
fingerprint-based criminal history records check (CHRC) in addition to 
the immigration and terrorism/other analyses checks. TSA requires 
security coordinators in other modes of transportation and certain 
individuals with access to SSI to undergo this more thorough STA as 
well.
---------------------------------------------------------------------------

    \41\ See Security Training for Surface Transportation Employees 
Final Rule, 85 FR 16456 (March 23, 2020), as amended by 85 FR 25315 
(May 1, 2020), 85 FR 67681 (Oct. 26, 2020), and 86 FR 23629 (May 4, 
2021) (Security Training Final Rule).
---------------------------------------------------------------------------

    TSA is proposing the same CHRC standards that currently apply in 
the TWIC and HME programs, codified at 49 CFR part 1572, for the Level 
3 STA in this rulemaking. In the 9/11 Act, Congress provided that if 
TSA chose to require a CHRC for these surface workers, the TWIC/HME 
standards for CHRCs and redress should apply.\42\ Also, TSA proposes to 
codify the redress procedures in place for TWIC and HME applicants that 
are currently codified in 49 CFR part 1515, for security coordinators 
covered by this NPRM. Depending on the nature of the disqualification, 
individuals may appeal TSA's eligibility decision by asserting that the 
records on which TSA made its decision are incorrect; apply for a 
waiver of the criminal standards by asserting that the individual is 
rehabilitated; appeal TSA's waiver denial to an Administrative Law 
Judge; or seek review by the TSA Decision Maker.
---------------------------------------------------------------------------

    \42\ See 6 U.S.C. 1143(c)-(d) for public transportation; 6 
U.S.C. 1170(c)-(d) for railroads. Because TSA is conducting the 
vetting, rather than requiring the operator to do so, TSA would 
implement the redress standards Congress intended to apply to 
individuals who receive adverse vetting results, and not the 
operators.
---------------------------------------------------------------------------

    The 9/11 Act provides that an individual serving as a security 
coordinator for a rail carrier or an OTRB owner/operator must be a 
citizen of the United States, unless TSA conducts an STA in place of 
the citizenship requirement.\43\ TSA proposes more thorough vetting for 
security coordinators, and this level of vetting satisfies the 9/11 Act 
as a substitute for the U.S. citizenship requirement. The security 
coordinator vetting requirements would apply to all rail carrier and 
OTRB security coordinators, including individuals who are not U.S. 
citizens.
---------------------------------------------------------------------------

    \43\ See 6 U.S.C. 1162(e)(2), 1181(e)(2).
---------------------------------------------------------------------------

    3. Rap Back and IDENT. For all STAs that require a CHRC, TSA plans 
to conduct the CHRC through the Federal Bureau of Investigation (FBI), 
as is customary. Also, TSA plans to implement the FBI's Criminal 
Justice Information System (CJIS) ``Rap Back'' service for these 
individuals. Rap Back enables TSA to receive new criminal history 
information after the initial submission of fingerprints. Prior to the 
implementation of Rap Back, TSA had to submit new fingerprints and fees 
to obtain any new criminal history on an individual. The Rap Back 
service provides a ``recurrent'' criminal vetting capability that will 
enhance security significantly by providing TSA with timely criminal 
history information, rather than waiting for long periods, sometimes 
several years, to obtain the most recent criminal information. With Rap 
Back, TSA can determine that an individual who initially passed the 
CHRC and was eligible for access has become ineligible due to a recent 
disqualifying criminal offense. Rap Back has become an integral part of 
a CHRC and is now the industry standard for criminal vetting. TSA has 
implemented Rap Back for other vetting programs such as airport and 
aircraft operator employees and TWIC holders, and proposes to use it 
for the CHRCs that would be conducted under this proposed rule. The 
implementation of Rap Back will not affect the type or amount of 
information TSA must collect from each individual at enrollment.
    TSA also plans to submit the fingerprints to the Automated 
Biometrics Identification System (IDENT), which is operated by the 
DHS's Office of Biometric Identity Management. IDENT is the 
Departmental biometric repository and provides additional, important 
information for TSA to use as part of the vetting process.
    4. Identity (ID) Verification. TSA is proposing to require in-
person ID verification at a TSA enrollment center as part of the 
vetting process. Accurately verifying the identity of each individual 
whom TSA vets remains one of the most important aspects of combatting 
insider threats and fraud. In-person ID verification provides a higher 
level of confidence that individuals are who they claim to be. TSA's 
enrollment personnel are trained to examine documents for evidence of 
fraud and may use electronic software that scores the identity 
documents for fraud. Also, if the documents presented are of concern to 
the enrollment agents, the agents can flag them for further analysis 
during the adjudication process, when adjudicators can compare the 
biographic information presented with other government or public 
records.
    TSA considered proposing an entirely on-line ID verification and 
enrollment process, particularly where there is no need to collect 
fingerprints or take a photograph. However, TSA believes on-line ID 
verification creates opportunities for fraud relative to TSA's capacity 
to detect fraud at a physical enrollment center. TSA invites comments 
from stakeholders on potential ways to instill the same or greater 
level of reliability in on-line ID verification as we have for in-
person ID verification.

[[Page 33480]]

    5. Use of TSA enrollment centers. TSA proposes in this rulemaking 
to use its established enrollment process for vetting the individuals 
covered by this rule. TSA operates a network of more than 300 
enrollment centers that are widely dispersed throughout the United 
States and abroad, and currently service TSA's TWIC, HME, and TSA 
PreCheck[supreg] programs. In addition to the stationary sites, TSA's 
enrollment contractor offers opportunities for setting up mobile 
enrollment sites at specific workplaces. Each employer would be able to 
contact TSA's provider directly to discuss the number of employees who 
must enroll, potential locations, whether the provider would charge a 
fee for the service, and other details necessary to finalize an on-
site, mobile enrollment center. These mobile sites minimize work 
disruption and employee travel time to an enrollment center. Also, 
employers can ensure that the entire workforce enrolls in a finite, 
relatively short period of time.
    TSA's contractor also provides employers the capability to conduct 
their own enrollments. This enrollment method is called an ``authorized 
non-public enrollment capability.'' If an employer is interested in 
hosting their own enrollment center to service their employees, they 
work directly with the contractor to reach a mutually acceptable 
agreement regarding the requirements and any associated costs for this 
arrangement. Employers would provide the enrollment center space and 
resources (such as Trusted Agents to act as enrollment personnel) to 
operate the enrollment center. The space and personnel must meet the 
contractual requirements, which include internet connectivity, 
sufficient furniture, and privacy screens to protect an applicant's 
personal information as it is entered into the enrollment system. The 
employer's Trusted Agents would have to undergo a Level 3 STA, given 
their access to personally identifiable information, just as TSA's 
contractor Trusted Agents do. TSA's contractor would provide the 
enrollment hardware, software, and other equipment required to conduct 
enrollments. Additionally, the contractor would provide training and 
quality assurance oversight for the authorized non-public enrollment 
center. The agreement to operate an authorized non-public enrollment 
center is a contract between the interested employer and TSA's 
contractor, and not an agreement with TSA directly. Under this 
scenario, the owner/operators are not `regulated' by TSA as an 
enrollment provider, but work directly with the contractor and ensure 
that they satisfy the contractual requirements.
    TSA considered the alternative of requiring or permitting owner/
operators subject to this NPRM to act as enrollment providers, rather 
than using the TSA enrollment contractor for these services. Under this 
scenario, the owner/operators would be directly regulated by TSA to 
meet standards that are similar to the contractual requirements TSA and 
TSA's enrollment provider have developed. The owner/operators would 
provide their own trained Trusted Agents to collect information and 
fees from STA applicants and develop secure connections to TSA's 
systems that meet all Federal cyber security requirements. The 
employers would be required to ensure that the Trusted Agents adhere to 
minimum enrollment standards for verifying identity, protecting 
personal information, accurately collecting biometric and biographic 
information, and processing TSA's fees correctly. This alternative 
would eliminate the need for employees to travel to an enrollment site 
outside the workplace. However, owner/operators would be subject to 
compliance inspections and potentially civil penalties if their 
enrollment procedures were noncompliant. Also, the owner/operators 
would have to bear the significant costs associated with establishing 
and maintaining the electronic systems and staff to conduct enrollment. 
An owner/operator would have to undergo significant system testing, 
certification, and accreditation to connect to TSA's vetting systems to 
meet heightened Federal security and privacy requirements, and maintain 
a high level of security and performance to remain certified. Firewalls 
would have to be developed and used to ensure that an owner/operator 
could access only their employee data, and to prevent any damage to 
TSA's systems if the owner/operator's system malfunctioned. Given the 
nature of cyber threats and capabilities, TSA's previous experience 
with shared enrollment roles, and the extremely sensitive information 
that must be transmitted, TSA is currently unwilling to permit private 
employers to connect to its vetting systems.
    TSA invites public comment on using TSA enrollment services or 
permitting owner/operators to conduct enrollment for this population.
    6. Vetting structure. In this rulemaking, TSA proposes to add a new 
part 1530 where the vetting standards, fees, and redress procedures 
would be codified. TSA proposes to organize all facets of the vetting 
process in one part for the convenience of the parties who must undergo 
vetting, and to aid in providing consistent standards and fees. TSA 
currently operates approximately 30 different vetting programs, such as 
the aviation workers (airport and aircraft owner/operators), TWIC, HME, 
and TSA PreCheck[supreg] programs and proposes to leverage the 
experience and best practices from them in new part 1530.
    As discussed above, TSA proposes three ``levels'' of STAs, labeled 
Level 1, Level 2, and Level 3. The ``lowest'' level STA (Level 1) would 
provide the minimum vetting TSA would conduct and the ``higher'' levels 
(Level 2 and Level 3) would provide increased scrutiny, given statutory 
requirements and the risks associated with the functions that an 
individual performs.
    This modular, standardized approach would increase the ability for 
individuals to reuse all or part of an earlier STA to satisfy a later 
STA requirement. For example, an employee who successfully completes a 
Level 2 STA for a public transportation agency will be able, in most 
circumstances, to use that Level 2 STA for a position that requires a 
Level 2 STA with a railroad operator, as long as the STA has not 
expired. As described below, all STAs would expire at the end of 5 
years. Also, even if the entire STA is not comparable, one or more of 
the checks that comprise the STA may be re-usable. Consider the example 
of a security-sensitive employee for a public transportation operator 
who successfully completes a Level 2 STA, and who subsequently takes a 
job as a security coordinator, which would require a Level 3 STA under 
this rulemaking. Even though the Level 2 and Level 3 STAs are different 
and thus not comparable in their entirety, they nonetheless share 
certain checks in common. In this example, both levels of STA require 
an immigration check and terrorism/other analyses check. TSA would be 
able re-use the earlier terrorism/other analyses and immigration checks 
(assuming they are still valid) for purposes of the second STA. This 
means the individual would only have to complete the CHRC required for 
the Level 3 STA. Note that the Level 3 STA would expire when the Level 
2 STA expired.
    7. Effective dates and compliance. TSA recognizes that this 
rulemaking would affect many surface transportation owner/operators and 
many individuals who have not previously had to comply with security 
vetting requirements. There may be logistical issues involved with 
achieving initial compliance, including implementing new management

[[Page 33481]]

policies, employee education, and related administrative tasks. 
Therefore, TSA proposes to take a risk-based, phased approach to 
implementation of this rule. TSA anticipates that there are far fewer 
security coordinators than security-sensitive workers, and understands 
that security coordinators play a more critical role in the overall 
security regime contemplated by the 9/11 Act. For these reasons, TSA 
proposes an implementation period of 6 months for requirements relating 
to security coordinators, and 12 months for requirements relating to 
security-sensitive employees. These timeframes represent our initial 
judgment about how to balance security against the burden on regulated 
parties. TSA invites comment on how the rule's requirements should be 
phased in and become effective, including the appropriate timeframes.

III. Analysis of Proposed Part 1530

A. Introduction

    Proposed part 1530 would provide a complete framework for 
conducting vetting, collecting user fees, and administering appeals and 
waivers. TSA is using 49 CFR part 1515, which currently applies to 
individuals required to undergo STAs for TWIC, HME, or Indirect Air 
Carrier credentials, as a model for proposed part 1530. Proposed 1530 
includes organizational and language improvements over part 1515 to 
address issues that TSA has become aware of over time, but it is 
substantively very similar to part 1515. The proposed procedures and 
standards for conducting STAs set out in part 1530 would apply to the 
surface transportation owner/operators and employees covered by this 
rulemaking. When finalized, part 1530 will address these surface 
workers and TSA will take the appropriate regulatory action to apply 
part 1530 to the populations currently covered by 1515.
    We propose to organize part 1530 into six subparts. Subpart A would 
address topics generally applicable to the STA process, such as 
definitions. Each subsequent subpart would address a particular stage 
in the STA process. Subpart B would focus on the individual, addressing 
topics such as the information he or she must provide when applying for 
the STA, procedures for verifying the individual's identity and 
immigration category in the United States, procedures for collecting 
fingerprints, and establishing the individual's continuing 
responsibilities throughout the process. Subpart C would be reserved, 
and subpart D would address the fees necessary to recover the costs of 
conducting STAs, and how TSA must process the fees. Subpart E would set 
out the procedures that TSA proposes to use to conduct the various 
checks that comprise an STA, such as how TSA would conduct a CHRC or 
immigration check. Subpart F would establish the standards or criteria 
that TSA uses to adjudicate the results of the checks conducted during 
the STA. For example, a section of subpart F would explain the lists of 
crimes TSA would use to determine whether the individual has a 
disqualifying criminal conviction. Subpart G would establish the appeal 
and waiver procedures for individuals who receive an adverse STA 
result.

B. Proposed Subpart A--General

    1. Proposed Sec.  1530.1. This section would set out the scope of 
the proposed part. Paragraph (a) would establish that part 1530 applies 
to individuals required to apply for an STA. In this rulemaking, this 
includes individuals who perform security-sensitive functions and are 
required to receive security training under 49 CFR 1580.101 (rail) and 
49 CFR 1582.101 (public transportation, passenger rail), or act as 
security coordinators of owner/operators regulated under parts 1580, 
1582, and 1584.
    Paragraph (b) would establish that part 1530 applies to operators 
who must ensure that individuals who perform security-sensitive 
functions in rail and public transportation, or act as security 
coordinators for the owner/operators regulated under parts 1580, 1582, 
and 1584, as established in the Security Training rulemaking.
    2. Proposed Sec.  1530.3. In this section, TSA proposes definitions 
for key terms used in part 1530, and proposes that the definitions from 
parts 1500, 1503, 1540, 1570, and 1572 apply if those terms appear in 
part 1530. TSA proposes a definition for ``individual'' to accurately 
identify the person who applies for the STA, holds a valid STA, or is 
seeking redress. TSA also proposes definitions for standard redress 
terms that are consistent with 49 CFR 1515.3 and are largely self-
explanatory.
    TSA is proposing to add a definition to part 1530 for the term 
``incarceration.'' Currently, TSA has defined ``incarceration'' as well 
as ``imprisoned/imprisonment'' in 49 CFR 1570.3, but TSA believes two 
definitions for this concept are confusing and unnecessary. We propose 
to eliminate ``imprisoned/imprisonment'' and revise the definition of 
incarceration for part 1530. The new proposed definition of 
``incarceration'' means under the custody of a bureau of prisons and 
confined to a prison, jail, or institution for the criminally insane 
pursuant to a sentence imposed as the result of a criminal conviction 
or finding of not guilty by reason of insanity. Time spent under the 
custody of a bureau of prisons or confined or restricted to a half-way 
house, treatment facility, home incarceration, or similar institution, 
pursuant to a sentence imposed as the result of a criminal conviction 
or finding of not guilty by reason of insanity, constitutes 
incarceration for purposes of this rule. The primary difference between 
this proposed definition and the current definitions of incarceration 
and imprisoned in 49 CFR 1570.3 is that the definition of incarceration 
now explicitly includes a sentence to home confinement as a result of a 
criminal conviction or finding of not guilty by reason of insanity.
    3. Proposed Sec.  1530.5. This section would define the three 
``levels'' of STAs that TSA proposes to conduct. Each STA level would 
be generically defined in terms of the particular kinds of vetting 
(called ``checks'') that comprise the level.
    A ``Level 1'' STA would consist of a terrorism check and other 
analyses (referred to as `terrorism/other analyses check' throughout 
the preamble of this NPRM). TSA is not proposing use of a Level 1 STA 
in this NPRM, but may propose it for other populations in the future. A 
``Level 2'' STA would consist of the terrorism/other analyses and 
immigration checks. A ``Level 3'' STA would consist of the checks 
required for a Level 2 STA, plus a CHRC. In accordance with the 9/11 
Act, TSA proposes that the security-sensitive employees, as described 
in the Surface Training rulemaking and codified in 49 CFR parts 1580, 
1582, and 1584, would be required to undergo a Level 2 STA. TSA 
proposes to require security coordinators under 49 CFR parts 1580, 
1582, and 1584 to undergo a Level 3 STA.
    4. Proposed Sec.  1530.7. This section proposes a standard duration 
of 5 years for the STAs that TSA conducts and the associated 
determinations of eligibility (DOE) that TSA issues. This 5-year term 
begins on the date TSA completes the STA, determines the individual is 
eligible for the security-sensitive or security coordinator position, 
and issues a DOE. This timeframe aligns with similar governmental 
programs such as Top Secret and Q security clearances issued by the 
Office of Personnel Management; other TSA vetting programs such as TWIC 
and HME; and U.S. Customs and Border Protection's (CBP)'s Trusted 
Traveler programs, such as Free and Secure Trade (FAST),

[[Page 33482]]

NEXUS, Secure Electronic Network for Travelers Rapid Inspection 
(SENTRI), and Global Entry.
    TSA proposes that the general 5-year term would be subject to two 
exceptions. The exceptions would apply if: (1) an individual uses a 
comparable STA completed earlier as the basis of the new STA; or (2) an 
initially successful individual no longer meets the eligibility 
standards for the STA. As to the first exception, the duration of the 
STA would be 5 years from the date on which the initial or comparable 
check was issued. Therefore, if TSA issues a DOE based on an 
immigration check conducted 2 years earlier in connection with a 
previous STA, the duration of the new STA would be 3 years.
    The second exception, proposed in paragraph (b), would occur if TSA 
determines that an approved individual no longer meets the STA 
eligibility standards. In this case, the STA would expire on the date 
that TSA serves a Final Determination of Ineligibility (FDI) or a 
Preliminary Determination of Ineligibility with Immediate Revocation 
(PDIIR) on the individual. Issuance of an FDI means that the 
adjudication on any redress processes has run its course and TSA has 
finalized its determination that the individual does not meet the STA 
standards. In such cases, the DOE is no longer valid, and is deemed 
expired. As explained in the discussion of proposed Sec.  1530.417 
below, TSA issues a PDIIR when it determines that an imminent security 
threat may exist and the DOE must be revoked immediately.
    Paragraph (b)(3) would apply to individuals who have successfully 
completed a Level 3 STA, but who subsequently are indicted, convicted, 
or found not guilty by reason of insanity, of any of the disqualifying 
crimes under proposed Sec.  1530.503. These individuals would no longer 
meet the STA standards as of the date of indictment, conviction, or 
finding of not guilty by reason of insanity. Paragraph (b)(3), 
therefore, provides notice that the DOE of such an individual expires 
as of the date of indictment, conviction, or finding, regardless of 
whether TSA has yet issued an FDI or PDIIR.
    Paragraph (b)(4) would apply to individuals who have been issued a 
DOE, but whose immigration category subsequently changes and no longer 
meet the standards in section 1530.505. Paragraph (b)(4) provides 
notice that the DOE of such an individual expires as of the date that 
individual no longer meets the immigration standard, regardless of 
whether TSA has yet issued an FDI or PDIIR.
    5. Proposed Sec.  1530.9. Paragraph (a)(1) would forbid any person 
from making, or causing to be made, fraudulent or intentionally false 
statements in documents required by, or used to show compliance with, 
proposed part 1530. Paragraph (a)(2) would forbid any person from 
making or causing to be made, for fraudulent purposes, any reproduction 
or alteration of any report, record, security program, access medium, 
identification medium, biometric data (fingerprints or photographs), or 
credential issued under proposed part 1530. The purpose of paragraph 
(a) is to provide a regulatory basis for enforcement action against a 
person who takes these actions, which undermine transportation 
security.
    Paragraph (b) explains that anyone who violates paragraph (a) is 
ineligible for the access, privileges, or credential associated with 
the STA.
    6. Proposed Sec.  1530.11. This section would forbid the fraudulent 
use of, or representation concerning, a DOE or STA conducted under part 
1530. Paragraph (a) would forbid the use, or attempted use, of an STA 
issued or conducted for another person. Paragraph (b) would forbid a 
person from causing or attempting to cause another to violate paragraph 
(a). Collectively, these provisions are intended to protect the 
integrity and reliability of STAs. Paragraph (c) would establish that 
any person who violates this section is ineligible for the access, 
privileges, or credential associated with the STA.
    7. Proposed Sec.  1530.13. Paragraph (a) pertains to compliance, 
inspection, and enforcement activities associated with the vetting 
process. Specifically, TSA proposes that each individual who is 
required to undergo an STA, and each owner/operator whose employees or 
authorized representatives must undergo an STA, must permit DHS, at any 
time or place, to make inspections or tests, including the copying of 
records, to determine compliance with this part and part 1520, which 
pertains to sensitive security information. Paragraph (b) would provide 
that TSA may require each person with responsibilities under proposed 
part 1530 to provide evidence of compliance with parts 1530 and 1520, 
including copies of records.

C. Proposed Subpart B--Individual's Enrollment Requirements and 
Continuing Responsibilities

    1. Introduction. Proposed subpart B would focus on the information 
the individual must provide when applying for the STA. Subpart B would 
also establish the individual's continuing responsibilities throughout 
the duration of the STA, such as disclosing any new disqualifying 
information.
    TSA must collect and process information, documents, and fees from 
individuals in order to conduct the checks that make up an STA. TSA 
refers generally to this part of the STA as ``processing.'' Subpart B 
proposes the procedures TSA would use in the enrollment process. TSA 
uses this enrollment model in existing vetting programs, such as for 
TWIC and HME applicants under part 1572, and has a high level of 
confidence in this approach. TSA operates over 300 enrollment sites 
throughout the United States and abroad \44\ where individuals who are 
required to undergo certain STAs go to provide biographic, documentary, 
and if necessary, biometric information. Many of these individuals also 
have the option to provide some of this information on-line. The 
enrollment method set out in proposed subpart B has been designed to 
provide as much flexibility as possible for individuals and their 
employers, while maintaining efficient, manageable, and secure 
interaction with TSA systems.
---------------------------------------------------------------------------

    \44\ A complete list of the more than 300 enrollment centers, 
along with information about the locations, hours of service, 
contact information, etc., will be made available on the TSA 
website.
---------------------------------------------------------------------------

    TSA generally uses a contractor to provide enrollment services and, 
throughout this document, we refer to ``TSA'' to include TSA's 
contractor engaged in enrollment activities. Through the contracting 
process, TSA can provide cost-effective services to a large number of 
individuals at all sorts of locations. A TSA contractor under this 
proposed rulemaking would perform functions similar to the functions 
performed by a ``TSA Agent'' under current 49 CFR part 1572, subparts E 
and F, for the current HME and TWIC programs. TSA conducts a 
comprehensive Level 3 STA on these agents before they may work at a TSA 
enrollment center.
    The proposed rule offers optional enrollment processes through the 
TSA contractor separate from the alternative in which enrollment is 
completely performed by the regulated party. To maximize the benefits 
of TSA-run enrollment services and minimize employee time away from 
work to enroll, TSA's enrollment provider may establish ``mobile 
enrollment'' sites at particular workplaces where a large volume of 
individuals need to apply for an STA. Also, the enrollment provider may 
enter into agreements with a private employer to share some enrollment 
duties at the workplace, and

[[Page 33483]]

whether the provider would charge a fee for this service.
    As discussed in greater detail above in section II.B.5., TSA 
considered the alternative of requiring or permitting owner/operators 
subject to this NPRM to act as enrollment providers, providing their 
own trained and vetted ``trusted agents'' to collect information and 
fees from STA applicants, verify their identity, and send all 
information through secure pathways to TSA. Under this alternative, the 
employers would be required to ensure that the trusted agents adhere to 
minimum enrollment standards for verifying identity, protecting privacy 
information, accurately collecting biometric and biographic 
information, and processing TSA's fees correctly. This alternative 
would eliminate the need for employees to travel to an enrollment site 
outside the workplace. However, owner/operators would also bear the 
significant costs required to establish and maintain secure systems and 
the staff to conduct enrollment.
    TSA invites public comment on the use of TSA enrollment services, 
and the alternative to permit owner/operators to conduct enrollment for 
this population.
    2. Proposed Sec.  1530.101. Paragraph (a) would provide a road map 
to the section. Paragraph (b) would list the biographic information and 
copies of documents that each STA applicant must provide. Paragraphs 
(b)(1)-(9) would require standard items of biographic information, such 
as name, address, gender, date of birth, and country of citizenship, 
which are necessary to identify the individual conclusively and to 
accomplish the vetting process.
    Paragraph (b)(10) would require the individual's employer 
information, including address, telephone number, and facsimile number 
(if available), which are important if TSA needs to take follow-up 
action regarding the individual. For example, if an individual 
``passes'' initial vetting as a security-sensitive employee, but is 
subsequently disqualified, TSA would have to contact the relevant 
owner/operator to communicate that the individual is no longer 
authorized to work as a security-sensitive employee.
    Paragraph (b)(11) is related to the immigration check explained in 
the discussion of the standards in subpart F of part 1530. The purpose 
of this proposed requirement is to obtain documentary evidence to 
improve the reliability of the immigration check. Under paragraph 
(b)(11), each individual would be required at the time of the STA 
application, to present documentation in a form and manner specified by 
TSA, to verify the immigration category they maintain. For individuals 
claiming to be U.S. citizens or U.S. nationals by birth, examples of 
such documentation would include a passport book or passport card; a 
certified copy of a birth certificate from one of the 50 States, the 
District of Columbia, American Samoa, Swain's Island, Puerto Rico, U.S. 
Virgin Islands, Northern Mariana Islands, or Guam; an American Indian 
Tribal Card with photo indicating U.S. citizenship (Form I-872); an 
unexpired Native American Tribal Card approved by the Secretary to 
denote identity and U.S. citizenship; a U.S. Coast Guard Merchant 
Mariner Credential or Document; a U.S. Enhanced Driver's license; and a 
Trusted Traveler Program Card (FAST, NEXUS, SENTRI, or Global Entry). 
For individuals claiming U.S. citizenship who were born abroad, in 
addition to many of the documents listed above, examples would include 
a Certificate of Citizenship and Consular Report of Birth Abroad, or a 
naturalization certificate. For individuals not claiming U.S. 
citizenship, examples would include visas and proof of U.S. lawful 
permanent residence status. During the enrollment process, TSA proposes 
to scan the documentation presented by the individual into the 
electronic enrollment record.
    The information requested in proposed paragraphs (c)(1)-(5), 
including social security number, passport information, Department of 
State Consular Report of Birth Abroad, information about previous STA 
applications, and information about the individual's Federal security 
clearance, is voluntary. Failure to provide this information would not 
prevent TSA from processing the application. However, providing the 
information requested in paragraph (c), if available, may speed up the 
process for the individual.
    In addition to the biographic information and documentation 
specified in proposed paragraphs (b) and (c), TSA proposes to require 
every individual to sign certain statements as part of the application 
process. Paragraph (d) would require each individual to sign a 
statement attesting that the information provided in the application is 
true, complete, and correct to the best of the individual's knowledge, 
and that the individual acknowledges that knowing and willful false 
statements or material omissions may result in criminal prosecution and 
other consequences.
    Paragraph (e) would require all individuals to certify in writing 
that they understand that if TSA determines an individual does not meet 
the STA standards, TSA may notify the employer, and, in the case of an 
imminent threat to an owner/operator, TSA may provide the employer 
limited information necessary to reduce risk of injury or damage.
    Paragraph (f) would require all individuals to certify that there 
is a continuing obligation to report certain events to TSA. Not every 
event listed in this proposed section will necessarily apply to every 
individual. For example, one of the events that must be reported is a 
conviction, or finding of not guilty by reason of insanity, for a 
disqualifying criminal offense. This event is relevant only for 
security coordinator applicants applying for an STA that includes a 
CHRC.
    3. Proposed Sec.  1530.103. This section would require individuals 
whose STA includes a CHRC to provide fingerprints in a form and manner 
prescribed by TSA. TSA must collect and transmit fingerprints 
electronically according to procedures and standards the FBI requires 
of all agencies that submit fingerprints for a CHRC.
    In addition to using the fingerprints to obtain criminal history 
information from the FBI, TSA will use the fingerprints to conduct 
biometric vetting through IDENT. IDENT is the DHS repository for all 
biometrics collected by agencies within DHS, and some external 
agencies, such as the Department of Defense. Using IDENT biometric 
vetting capabilities enhances TSA's STA process. TSA would receive the 
results of these searches and use the information as part of the STA 
eligibility decision. We invite comment from all interested parties on 
the use of IDENT for TSA vetting purposes.
    4. Proposed Sec.  1530.105. This section proposes that each 
individual applying for an STA must pay the fee associated with the STA 
at the time of application. TSA is statutorily required to fund all 
vetting and credentialing services through user fees,\45\ and 
consequently, TSA will not process STA applications until the fees are 
paid. TSA begins incurring costs as soon as it begins processing the 
application. Also, TSA cannot refund fees, even if the individual 
decides at a later date to withdraw the application, because TSA has 
already expended resources that must be covered through fees.
---------------------------------------------------------------------------

    \45\ See 6 U.S.C. 469.
---------------------------------------------------------------------------

    5. Proposed Sec.  1530.107. Each individual who applies for an STA 
has continuing responsibilities for the life of the STA. Paragraph (a) 
would establish the requirement to report certain events to TSA within 
24 hours of occurrence.

[[Page 33484]]

Each of the events that must be reported relate directly to whether the 
individual is still eligible to serve as a security-sensitive employee 
or security coordinator.
    Paragraph (a)(1) involves individuals whose STA includes a CHRC (in 
this rulemaking, security coordinators), both those who have applied 
for an STA, and those who have already successfully completed an STA 
that included a CHRC. These individuals would be required to report an 
occurrence, indictment, conviction, or finding of not guilty by reason 
of insanity of disqualifying crimes within 24 hours. The list of 
disqualifying crimes is in proposed Sec.  1530.503, and is explained 
below. The 24-hour reporting requirement would also apply to 
individuals who are adjudicated as lacking mental capacity, or 
committed to a mental health facility.
    Paragraph (a)(2) would apply to all individuals whose STA includes 
an immigration check, which are security coordinators and security-
sensitive employees in this rulemaking. These individuals would be 
required to report any change in immigration category that results in 
no longer meeting the immigration standards.
    Paragraph (b) would require all individuals who have successfully 
completed an STA to notify TSA if certain contact information changes. 
Specifically, each individual would be required to notify TSA of any 
legal name changes (proposed Sec.  1530.101(b)(1)), address changes 
(proposed Sec.  1530.101(b)(2)), or daytime telephone number changes 
(proposed Sec.  1530.101(b)(9)). TSA needs reliable contact information 
in order to administer the STA after the DOE is issued. For example, 
TSA may have to contact an individual to provide a notice of 
ineligibility and redress procedures, if TSA discovers potentially 
adverse information about an individual. This notification requirement 
would continue until the DOE expires.
    6. Proposed Sec.  1530.109. This section proposes the procedures 
TSA would use to verify the individual's identity. Paragraph (a) would 
provide that TSA must be able to verify each individual's identity at 
the time of enrollment. This element is critical to attain a high a 
degree of certainty that the individual is who he or she claims to be.
    Paragraph (b) would require the individual to present two forms of 
identification, at least one of which must be a government-issued photo 
identification. Government-issued photo identification is relatively 
reliable and is not burdensome or costly for individuals to obtain. TSA 
uses fraud detection software as part of the enrollment process at some 
locations and continues to explore expanding and improving the use of 
technology to aid the identification verification process. As of the 
writing of this NPRM, some biometric technologies other than 
fingerprints, including facial recognition and iris scans, are being 
used by governmental entities to produce identity documents. However, 
this practice is not yet widespread or reliable enough to ensure 
identity verification in this rulemaking. As a result, TSA believes 
that requiring government-issued photo identification is the most 
practical balance between trustworthiness and burden to ensure accurate 
identify verification at this time. To the extent new technologies 
become more widespread and trustworthy, TSA will consider alternative 
means of providing identity verification. Paragraph (c) would require 
examination of the documents presented by the individual to determine 
whether they appear to be genuine, unexpired, and relate to the 
individual presenting them.

D. Subpart C Is Reserved

E. Proposed Subpart D--Fees

    1. Introduction. The fee structure proposed in this rulemaking is 
designed to cover TSA's anticipated costs of conducting and 
administering STA services over the 5-year duration of each STA. TSA 
calculated the proposed fees based on estimates for the cost of each 
respective service and the expected populations that will receive 
benefit from the services.
    2. Costs. TSA incurs costs during all phases of the vetting 
process. During the initial phase of vetting, resources are required to 
establish and operate physical locations for individuals to complete 
certain parts of the application process. As noted previously, TSA uses 
contractors to find, lease, and operate these enrollment centers. The 
resources needed to establish, equip, and staff such locations 
throughout the country have been grouped together and labeled 
``Processing.''
    Similarly, some interactions with TSA to perform a vetting function 
may be accomplished entirely by using an online platform, and resources 
are required to establish and operate such a platform for individuals 
to complete certain aspects of the vetting process. Additionally, TSA 
assumes that some online interactions would result in customer service 
expenses that would also be covered by this fee. The resources to 
design, establish, maintain, and staff such a platform and offer 
customer service are grouped together and labeled ``Reduced 
Processing.''
    Once individual information is captured and records are 
established, TSA incurs costs to administer the information through the 
various databases that comprise the STA. As explained in the discussion 
of proposed Sec.  1530.5, TSA performs different levels of STAs. The 
three levels of STAs vary depending on the specific checks included in 
the STA, such as terrorism/other analyses, immigration, or criminal 
history. Thus, the cost to conduct the STA depends on the resources TSA 
needs to complete the STA services. TSA proposes to segment the costs 
according to how individuals interact with TSA and the consumption of 
services to complete the STA. Thus, the Processing Fee or Reduced 
Processing Fee would be imposed when an individual uses processing 
services, the criminal check fee would be imposed for each individual 
required to complete a CHRC, and so on. Each individual would pay fees 
only for the services TSA provides for his or her STA.
    To complete the terrorism/other analyses check, TSA incurs costs to 
construct, maintain, and operate the information technology (IT) 
platform that enables comparing the applicant's biographic information 
to multiple terrorism and law enforcement databases, and other 
information sources. TSA incurs additional expenses to evaluate the 
information received from these sources, make decisions as to whether 
an individual poses or may pose a threat, engage in redress with the 
individual when necessary, and communicate with other entities, such as 
the individual's employer or governmental agencies. TSA must also 
recover the cost of staffing this service through fees. TSA has labeled 
this grouping of costs ``terrorism/other analyses'' fees.
    TSA incurs costs similar to those discussed above for completion of 
immigration checks and CHRCs. Those fees are segmented respectively and 
labeled accordingly.
    With respect to the CHRC fee, TSA must collect the fees the FBI 
charges to process the initial criminal check and the Rap Back 
recurrent criminal history service, in addition to TSA's costs to 
adjudicate the results of the initial criminal check and any subsequent 
Rap Back notifications, and provide redress.
    TSA's cost-estimating methodology includes both an analysis of 
actual costs TSA has incurred for existing STAs and an analysis of 
future investments that are necessary to develop, operate, and maintain 
a robust STA platform. In

[[Page 33485]]

some instances, TSA has been able to develop a unit cost for a 
particular STA-related service. In other instances, TSA developed a 
resource investment estimate that is equitably shared by all 
individuals who benefit from the investment. TSA has consulted with 
programmatic and industry experts, and acquired data from internal 
sources, other governmental agencies, and publicly available sources. 
Table 5 below is a summary of costs that TSA estimates it will incur 
over the first 5-year period of this effort.\46\ Additional details 
regarding the cost estimates used to determine the service fees can be 
found in the Fee Report in the rulemaking docket.
---------------------------------------------------------------------------

    \46\ The costs in this table reflect the total population of 
STAs in this proposed rule using services for processing and checks 
equivalent to Levels 2 and 3, for security sensitive employees and 
security coordinators, respectively. TSA does not have data on the 
newly regulated industries to estimate the number of covered 
individuals who may have a comparable STA and could pay the reduced 
processing fee, but acknowledges that costs could be less those 
reported in this table.

                        Table 5--Estimated TSA Service Costs Over First Five-Year Period
                                                  [$ Thousands]
----------------------------------------------------------------------------------------------------------------
                                                         TSA estimated costs
              Service               ------------------------------------------------------------      Total
                                       Year 1      Year 2      Year 3      Year 4      Year 5
                                              a           b           c           d           e              f =
                                                                                                 [Sigma]a,b,c,d,
                                                                                                               e
----------------------------------------------------------------------------------------------------------------
Processing.........................     $16,700      $1,422      $1,423      $1,423      $1,424          $22,393
Terrorism/Other Analyses...........       2,429         207         207         207         207            3,257
Immigration........................         911          78          78          78          78            1,221
Criminal History...................          43           4           4           4           4               59
                                    ----------------------------------------------------------------------------
    Total..........................      20,084       1,710       1,711       1,712       1,713           26,930
----------------------------------------------------------------------------------------------------------------
Note: Calculations may not be exact in the table due to rounding.

    3. Populations. TSA has consulted with programmatic and industry 
experts, and acquired data from internal sources, other governmental 
agencies, and public sources to analyze the number of transportation 
workers who would be covered under this rulemaking. Table 6 below is a 
summary of populations that TSA estimates it would impact over the 
first 5-year period of this effort. Additional details regarding the 
population estimates used to determine fees can be found in the Fee 
Report and the Preliminary Regulatory Impact Analysis in the rulemaking 
docket.

       Table 6--Number of Employees Affected by the Proposed Rule Over First Five-Year Period by Industry
                                                   [Thousands]
----------------------------------------------------------------------------------------------------------------
                                                Number of employees affected by year
              Industry              ------------------------------------------------------------      Total
                                       Year 1      Year 2      Year 3      Year 4      Year 5
                                              a           b           c           d           e              f =
                                                                                                 [Sigma]a,b,c,d,
                                                                                                               e
----------------------------------------------------------------------------------------------------------------
Freight Rail Total.................      123.13        4.93        4.88        4.83        4.77           142.55
    Security-Sensitive Employees...      122.24        4.89        4.84        4.78        4.73           141.47
    Security Coordinators..........        0.90        0.04        0.04        0.04        0.04             1.07
PTPR Total.........................      179.57       20.82       20.89       20.95       21.01           263.24
    Security-Sensitive Employees...      179.34       20.79       20.86       20.92       20.98           262.88
    Security Coordinators..........        0.23        0.03        0.03        0.03        0.03             0.36
OTRB Total.........................        0.44        0.06        0.06        0.06        0.06             0.69
                                    ----------------------------------------------------------------------------
        Total......................      303.14       25.82       25.83       25.84       25.85           406.47
----------------------------------------------------------------------------------------------------------------
Calculations may not be exact in the table due to rounding.

    4. Fees. To comply with 6 U.S.C. 469, which requires TSA to fund 
vetting and credentialing programs through user fees, TSA proposes to 
establish user fees for individuals who receive STA services under this 
proposed rule. TSA determined the proposed fees in accordance with 
Office of Management and Budget (OMB) Circular No. A-25. The proposed 
fees are set to recover a share of the service costs from all 
individuals that use a particular service, and a description of the 
processes that went into estimating the proposed fees is available in 
the Fee Report in the rulemaking docket. TSA may increase or decrease 
the fees described in this regulation for changes in cost due to, for 
instance, new efficiencies, inflation, changes in contractual services, 
changes in populations, or other factors following publication of the 
final rule. TSA will publish a notice in the Federal Register notifying 
the public of any fee changes.

[[Page 33486]]



                                        Table 7--Fees by Type of Service
----------------------------------------------------------------------------------------------------------------
                           Service fee                                  Low           Primary          High
----------------------------------------------------------------------------------------------------------------
Processing Fee..................................................          $44.00          $55.00          $66.00
Reduced Processing Fee..........................................           24.00           30.00           36.00
Terrorism/Other Analyses Fee....................................            6.00            8.00           10.00
Immigration Fee.................................................            2.00            3.00            4.00
CHRC/Initial Fee................................................           17.00           21.00           25.00
CHRC/Renewal Fee................................................            8.00           10.00           12.00
----------------------------------------------------------------------------------------------------------------

    The following table presents combinations of services that coincide 
with STA levels in the proposed rule.

                              Table 8--Fees by STA Level With In-Person Enrollment
----------------------------------------------------------------------------------------------------------------
                            STA level                                   Low           Primary          High
----------------------------------------------------------------------------------------------------------------
Level 1 (Processing, Terrorism/Other Analyses)..................          $50.00          $63.00          $76.00
Level 2 (Processing, Terrorism/Other Analyses, Immigration).....           52.00           66.00           80.00
Level 3 (Processing, Terrorism/Other Analyses, Immigration,                69.00           87.00          105.00
 Initial CHRC)..................................................
----------------------------------------------------------------------------------------------------------------


                                 Table 9--Fees by STA Level With Online Renewal
----------------------------------------------------------------------------------------------------------------
                            STA level                                   Low           Primary          High
----------------------------------------------------------------------------------------------------------------
Level 1 (Reduced Processing, Terrorism/Other Analyses)..........          $30.00          $38.00          $46.00
Level 2 (Reduced Processing, Terrorism/Other Analyses,                     32.00           41.00           50.00
 Immigration....................................................
Level 3 (Reduced Processing, Terrorism/Other Analyses,                     40.00           51.00           62.00
 Immigration, CHRC/Renewal).....................................
----------------------------------------------------------------------------------------------------------------


                               Table 10--Fees by STA Level With In-Person Renewal
----------------------------------------------------------------------------------------------------------------
                            STA level                                   Low           Primary          High
----------------------------------------------------------------------------------------------------------------
Level 1 (Processing, Terrorism/Other Analyses)..................          $50.00          $63.00          $76.00
Level 2 (Processing, Terrorism/Other Analyses, Immigration).....           52.00           66.00           80.00
Level 3 (Reduced Processing, Terrorism/Other Analyses,                     60.00           76.00           92.00
 Immigration, CHRC/Renewal).....................................
----------------------------------------------------------------------------------------------------------------

    5. Proposed Sec.  1530.301. Paragraph (a) would explain that TSA 
calculates the fees using widely accepted accounting principles and 
practices, in accordance with the provisions of 31 U.S.C. 9701, which 
direct agencies to make their services self-sustaining to the extent 
possible, and in accordance with other applicable laws. Generally, TSA 
totals all costs associated with the vetting program over the life of 
the STAs (5 years), divides the total by the number of individuals 
vetted, and sets aside a small portion of the funds collected to cover 
emergencies, such as necessary system changes, natural disasters such 
as pandemics, or other unforeseen events. At least every 2 years, TSA 
would review the costs of conducting the STAs and the associated fees 
collected, using the same method of analysis, to ensure that fees 
recover, but do not exceed, the full cost of services. TSA prepared a 
Fee Report for this proposed rule, which discusses the methodology and 
factors TSA used to arrive at the proposed fees, and placed the Report 
in the rulemaking docket. TSA would revise the fees, if necessary, 
following this evaluation, by publishing a notice in the Federal 
Register.
    Paragraph (b) explains the procedures that TSA would use to make 
inflation adjustments to the fees, as necessary.
    6. Proposed Sec.  1530.303. This proposed section describes each 
STA service for which TSA charges a fee, service-by-service, computed 
as explained above. TSA provides an estimate of the fees based on 
information concerning population numbers and the costs of the 
services. TSA will be able to finalize these fees after receiving 
information concerning the number of employees subject to proposed 
vetting requirements from affected entities as part of this rulemaking 
process, and an accounting of internal costs at the time the proposed 
rule would become final. TSA will publish the final fee amounts through 
a notice in the Federal Register.
    Paragraph (b) proposes the fees that would cover TSA's processing 
costs. Paragraph (b)(1) proposes that the Processing Fee would cover 
the costs associated with an applicant's interaction with TSA, such as 
enrollment center operations, collecting applicant information, 
verifying applicant identity, processing the vetting information, and 
program management. TSA estimates the processing fee to be $43 to $65, 
and proposes to codify that range in the rule. Paragraph (b)(2) 
proposes the Reduced Processing Fee that would apply when an 
individual's interaction with TSA can be completed entirely online and 
does not involve services at an enrollment center. TSA estimates the 
Reduced Processing Fee to be $24 to $36.
    Paragraph (c) describes the fee to cover TSA's costs of conducting 
the terrorism/other analyses check, the substance of which is explained 
in the discussion of proposed Sec.  1530.507. This service includes the 
costs of querying the relevant data sources, adjudicating the 
information TSA receives from the queries, and processing appeal 
requests. TSA estimates the Terrorism/other analyses Check Fee to be 
$6.00 to

[[Page 33487]]

$10.00, and proposes to codify that range in the rulemaking.
    Paragraph (d) describes the fee to cover TSA's costs of conducting 
the Immigration check in the United States. This service includes the 
costs of querying the relevant data sources, adjudicating the 
information TSA receives from the queries, and processing appeal 
requests. TSA estimates the Immigration Check Fee to be $2.00 to $4.00, 
and proposes to codify that range in the rulemaking.
    Paragraph (e) proposes the fee to cover the costs of conducting the 
CHRC. This service includes the cost of collecting fingerprints 
electronically; transmitting them to the FBI; adjudicating any rap 
sheets associated with the fingerprints to determine whether the 
individual has a disqualifying conviction, arrest, or indictment in 
accordance with section 1530.503; adjudicating new criminal information 
that the FBI's Rap Back service provides; and conducting an appeal or 
waiver, where applicable. TSA estimates the CHRC fee for the initial 
CHRC, which occurs in-person at a TSA enrollment center to be $17.00 to 
$25.00, which is proposed in paragraph (e)(1) of this section. Given 
the benefits of the Rap Back system, applicants would not be required 
to provide new fingerprints for a new CHRC when renewing the STA. The 
individual's fingerprints would be enrolled in Rap Back and thus, any 
criminal history associated with those prints would be transmitted to 
TSA. Therefore, the renewal of an STA would not require in-person 
enrollment at an enrollment center to provide fingerprints, and 
consequently, the fees for a renewal CHRC are lower than for the 
initial CHRC. In paragraph (e)(2), TSA proposes the renewal CHRC fee of 
$8.00 to $12.00. TSA proposes to codify these ranges in the rulemaking.
    TSA will continue to work to minimize all costs and would finalize 
fee amounts in conjunction with publication of the final rule. 
Following publication of the final rule, TSA may, by notice in the 
Federal Register, increase or decrease the fees to reflect changes in 
costs. The total TSA fee for any given STA would be the sum of the fees 
for each service that comprises that level of STA. These total fees, 
broken out by level of STA, are explained in proposed Sec.  1530.305 
discussed below.
    7. Proposed Sec.  1530.305. This section would set out the fees TSA 
must charge for each STA proposed in this rulemaking, organized by 
level of STA, with paragraphs (a)-(c) corresponding to STA Levels 1-3, 
respectively. Each paragraph lists the fees associated with the 
relevant STA.
    8. Proposed Sec.  1530.307. This section on fee comparability 
explains how TSA computes fees when TSA is able to rely on an earlier 
STA to complete a new STA. This concept of comparability is explained 
more completely in the discussion of proposed Sec.  1530.509, below. If 
TSA can rely on an earlier check, rather than conducting a new check, 
paragraph (b) provides that we would only charge the fee for the 
services that we must provide for the current STA. This results in a 
lower fee for the applicant and lower costs for TSA. Table 10 below 
provides examples of how using a comparable STA affects fees.

                                   Table 11--How a Comparable STA Affects Fees
----------------------------------------------------------------------------------------------------------------
 
----------------------------------------------------------------------------------------------------------------
If I have a . . .                 And I need a . . .  I will not have to  I may . . .         I must . . .
                                                       repeat . . .
----------------------------------------------------------------------------------------------------------------
TWIC (Level 3)..................  Level 2 for         Terrorism/other     Enroll online.....  Pay Reduced
                                   Security-           analyses or                             Processing Fee.
                                   Sensitive           Immigration.
                                   position.
----------------------------------------------------------------------------------------------------------------
If I have a . . .                 And I need a . . .  I will not have to  I must . . .        I must . . .
                                                       repeat . . .
----------------------------------------------------------------------------------------------------------------
Level 2 (security-sensitive       Level 3 for         Terrorism/other     Visit Enrollment    Pay Processing and
 position).                        Security            analyses or         Center to provide   CHRC Fees.
                                   Coordinator         Immigration.        fingerprints and
                                   position.                               complete CHRC.
----------------------------------------------------------------------------------------------------------------

    9. Proposed Sec.  1530.309. This section proposes that fees must be 
paid through a method approved by TSA. Currently, TSA accepts STA fees 
through a third-party vendor or through the www.pay.gov website during 
processing, and we may continue to use that process. TSA is exploring 
other methods of payment that may be equally cost-effective and 
resistant to fraud. Paragraph (b) would make it clear that TSA cannot 
act on an STA until the required fees have been recognized by TSA. 
Paragraph (c) provides that TSA would not issue refunds. TSA will not 
begin processing an STA until the individual pays the fee. Once TSA 
begins the STA, TSA incurs costs that must be recovered through fees.

F. Proposed Subpart E--Adjudication Procedures

    1. Introduction. Once TSA collects biographic information, 
biometrics (where needed for a CHRC), and fees from an individual, TSA 
transmits the information to the various databases associated with the 
checks. TSA then evaluates the information that is returned from the 
databases to determine if it contains data that is disqualifying 
according to the standards that apply. TSA then makes an initial 
determination on eligibility and notifies the individual. This process 
is called adjudication.
    2. Proposed Sec.  1530.401. This proposed section sets out 
procedures for conducting CHRCs, which in this rulemaking apply to 
security coordinators. Paragraphs (a) and (b) explain that TSA would 
transmit the fingerprints collected during enrollment to the FBI, and 
receive and adjudicate the results of the check.
    3. Proposed Sec.  1530.403. This section explains the procedures 
for conducting the terrorism/other analyses check, which in this 
rulemaking would apply to security coordinators and security-sensitive 
employees. TSA would check certain domestic and international databases 
that include information on terrorists, individuals with ties to 
terrorism or international criminal networks, fugitives from justice, 
and databases that assist in confirming an individual's identity. In 
paragraph (a) TSA proposes the procedures that TSA would use to conduct 
a terrorism/other analyses check.
    Paragraph (b) provides notice that TSA may send the individual's 
information to the appropriate law enforcement or immigration agency if 
the terrorism/other analyses check

[[Page 33488]]

reveals that the individual has an outstanding want or warrant, or is 
subject to a removal order. Under these circumstances, TSA would share 
the individual's information with the agency that posted the want, 
warrant, or removal order to ensure that the issue can be resolved 
lawfully.
    4. Proposed Sec.  1530.405. This section proposes the procedure TSA 
would use to conduct the immigration check. This check would verify 
that the individual is in one of the following categories: a U.S. 
citizen, U.S. National, lawful permanent resident, refugee, asylee, 
lawful nonimmigrant, granted parole, or is otherwise authorized to work 
in the U.S. TSA proposes to use relevant Federal databases, primarily 
the SAVE program administered by USCIS to verify that an individual's 
alien registration number, I-94 Arrival-Departure Form number, or other 
pertinent document number is valid and associated with the individual.
    5. Sections 1530.407, 1530.409, and 1530.411. These sections would 
be reserved.
    6. Proposed Sec.  1530.413. This section applies to all individuals 
who must undergo an STA and proposes that TSA issue a DOE if TSA 
determines that an individual meets the STA standards. TSA would notify 
the individual of the DOE and would make that information available to 
the owner/operator. TSA may notify the individual via letter in the 
U.S. postal service, an email, or another method yet to be determined. 
TSA intends to create a web portal that owner/operators would access to 
determine whether a particular worker has passed the appropriate STA 
for the position in which he or she works. TSA invites comment on this 
proposal from all interested parties, as to preferences for 
notifications. In current vetting programs, TSA asks individuals how 
they wish to be notified of the final STA determination, and then uses 
that method, if possible. Workers who are relatively stationary often 
prefer a letter, and those who are mobile may prefer email or other 
electronic notification.
    7. Proposed Sec.  1530.415. This section describes the procedures 
that would apply when an individual may not meet, or may no longer 
meet, the STA standards set out in proposed Sec.  1530.501. When this 
occurs, TSA would notify the individual or holder of the STA of the 
factors that may be disqualifying by issuing a Preliminary 
Determination of Ineligibility (PDI) to the individual.\47\
---------------------------------------------------------------------------

    \47\ In existing vetting regulations, TSA uses the term 
``Initial Determination of Threat Assessment.'' See 49 CFR 
1572.15(d). However, TSA believes ``preliminary'' better describes 
this step. TSA also proposes to use the word ``ineligibility'' 
rather than the term ``threat assessment'' to more clearly identify 
the type of determination TSA is making. The STA is used to 
determine whether an employee is eligible or ineligible for certain 
roles or functions and thus, we propose to use that terminology.
---------------------------------------------------------------------------

    As set forth in paragraph (b), TSA would also state the basis for 
the determination in the PDI.
    Under paragraphs (c)(1) and (2), the PDI would include information 
about how the individual may appeal or, if applicable, request a waiver 
of ineligibility, including the time deadlines associated with these 
requests. TSA proposes that the individual must appeal the PDI, request 
a waiver of the PDI, or request an extension of time, generally within 
60 days of service of the PDI. TSA may consider requests for extensions 
of time beyond 60 days for good cause. If the individual does not 
appeal, the PDI would automatically convert to a FDI. TSA uses these 
timelines in other vetting programs, and believes they provide 
sufficient time for an individual to seek redress.
    Paragraph (d), ``Determination of Arrest Status,'' would apply when 
the results of the CHRC show an arrest for a potentially disqualifying 
crime, but no indication of whether the arrest resulted in a 
conviction, dismissal, or acquittal. In such cases, TSA would notify 
the individual of the arrest without disposition, and provide 
instructions on how to clear the disposition under paragraph (d)(2). 
Under this paragraph, the burden would be on the individual to provide 
written proof to TSA that the arrest did not result in a conviction for 
a disqualifying criminal offense. Such written proof may include a 
record of conviction for a misdemeanor that is not disqualifying, or a 
dismissal of the charges from the prosecution. Individuals who do not 
provide the evidence that the arrest did not result in a conviction 
within 60 days of service of the PDI, or request an extension of time, 
would be disqualified.
    In paragraph (e), TSA proposes to permit an individual to take 
certain corrective action if the CHRC discloses an arrest for a 
disqualifying crime. Specifically, the individual may contact the local 
jurisdiction responsible for the criminal information and the FBI to 
complete or correct the information. Paragraph (d) would also establish 
a 60-day timeframe in which TSA must receive a certified true copy of 
the revised record.
    8. Proposed Sec.  1530.417. This section would apply if TSA 
determines that an individual who initially passed the STA may no 
longer meet the STA standards, may pose an imminent threat, and 
immediate revocation of the associated credential, access, or 
authorization is warranted. In these cases, TSA would issue a PDIIR. 
This scenario would arise where new information creates significant 
security concerns about the individual's continued eligibility and 
suggests the access should be revoked until a final determination is 
possible. If TSA determines that the information is not disqualifying, 
TSA would reinstate the DOE.
    Under paragraph (a), TSA proposes to issue the PDIIR to the 
individual and, as applicable, the owner/operator, facility, or 
employer. Paragraph (b) would provide that a PDIIR would otherwise be 
processed in accordance with proposed Sec.  1530.415, which addresses 
PDIs.
    Paragraph (c) would apply when TSA does not issue a FDI (see 
proposed Sec.  1530.419 below) after having issued a PDIIR. In such 
cases, the individual's access, privileges, and/or credentials would be 
reinstated, at no cost to the individual. TSA would also notify the 
individual, and if applicable, the employer, of the reinstatement.
    9. Proposed Sec.  1530.419. In paragraph (a) TSA proposes that if 
an individual does not appeal or a request a waiver of a PDI or PDIIR, 
the preliminary finding automatically converts to an FDI and the 
individual's eligibility is revoked.
    Paragraph (b) would apply when an individual appeals or requests a 
waiver of a PDI or PDIIR, and TSA denies the appeal or waiver request. 
In these cases, TSA would serve the FDI on the individual, and the 
employer where applicable.

G. Proposed Subpart F--Standards

    1. Introduction. Subpart F proposes the standards that TSA would 
use to make decisions about eligibility based on the information 
obtained from the checks that comprise an STA.
    2. Proposed Sec.  1530.501. This section would set out the 
standards that an individual must meet to successfully complete an STA 
and receive a DOE. Each of the standards in paragraph (a)(1)-(4) is 
related to the checks that may be included in an STA. Not every 
standard will apply in every adjudication because not every check is 
included in every STA. For example, in adjudicating the results of a 
Level 2 STA for a security-sensitive employee, which does not include a 
CHRC, the standard in paragraph (a)(4), which applies to the results of 
CHRCs, would not apply.
    Under paragraph (a)(1), TSA would not issue a DOE unless the 
individual's identity could be verified. See the discussion of proposed 
Sec.  1530.109

[[Page 33489]]

regarding identity verification procedures.
    Paragraph (a)(2) pertains to the terrorism/other analyses check. 
TSA would review the information returned from the data sources queried 
as part of this check, which are described in proposed Sec.  1530.507, 
to determine whether the individual is eligible. If TSA determines that 
information indicates the individual poses or may pose a threat to 
transportation or national security, or of terrorism, TSA would deem 
the individual ineligible to serve in a security-sensitive position.
    Paragraph (a)(3) would apply to individuals whose STAs include a 
check for immigration in the United States. If the individual is not in 
a permissible immigration category, TSA would not issue a DOE. The 
substantive requirements of the immigration check are explained in the 
discussion of proposed Sec.  1530.505, below.
    Paragraph (a)(4) would apply to the individuals whose STA includes 
a CHRC (Level 3 STA). Under this paragraph, an individual would be 
disqualified if he or she has a disqualifying criminal offense or lacks 
mental capacity, as described in proposed Sec.  1530.503.
    Based on TSA's vetting experience, the issue of mental incapacity 
comes to light in the course of the criminal check, such as when an 
individual is found not guilty by reason of insanity. TSA does not have 
access to health records of STA applicants, and therefore, the primary 
way TSA becomes aware of an individual's mental capacity is through the 
criminal check. For this reason, we propose to place the mental 
capacity standard in the same paragraph as the criminal standards.
    Paragraph (b) explains that individuals may reapply for an STA if 
the condition that originally made them ineligible no longer exists.
    3. Proposed Sec.  1530.503. Paragraph (a) proposes the criminal 
look-back periods, crimes, and other factors that would be 
disqualifying for an individual required to complete a Level 3 STA. An 
individual who has a conviction, or finding of not guilty by reason of 
insanity, for one or more of these crimes would not be eligible if a 
Level 3 STA is required. TSA proposes to use the disqualifying crimes 
and lookback period that currently apply to the HME and TWIC programs 
\48\ for the surface employees subject to this NPRM for two reasons. 
First, this population is part of surface transportation, like the HME 
drivers, and the security threats are similar for all surface modes, 
and differ from aviation. Second, the list of crimes and lookback 
period that apply to HME and TWIC workers constitute Congress' most 
recent expression as to the appropriate disqualifying criteria for 
transportation programs. Congress adopted these criminal standards in 
2007,\49\ whereas the standards for aviation were adopted prior to 9/11 
when the security climate was quite different.
---------------------------------------------------------------------------

    \48\ See 49 CFR 1572.103.
    \49\ See Section 1309 of the Implementing Recommendations of the 
9/11 Commission Act of 2007, Public Law 110-53 (121 Stat. 397-400; 
August 3, 2007).
---------------------------------------------------------------------------

    Paragraph (a)(1) lists serious crimes that would be deemed 
permanently disqualifying. Paragraph (a)(2) lists proposed look-back 
periods that would apply to interim disqualifying offenses. The 
proposed interim crimes would be disqualifying if the conviction, or 
finding of not guilty by reason of insanity, is within 7 years of the 
date of the application; or if the individual was incarcerated for that 
crime and released from incarceration within 5 years of the date of the 
application.
    Paragraph (a)(3) lists the interim disqualifying criminal offenses 
we propose to use for security coordinators in this rulemaking. This 
list of crimes is identical to the list of interim offenses codified in 
section 1572.103 for the TWIC and HME programs, except that it also 
lists manslaughter as an interim disqualifying offense. TSA has treated 
manslaughter as a disqualifying offense in the TWIC and HME programs as 
a lesser included offense of murder, but it has not been listed in 
section 1572.103.
    Paragraph (b) would be reserved.
    Paragraph (c) would be based on 49 CFR 1572.103(c), which provides 
that an individual who is under want, warrant, or indictment in any 
civilian or military jurisdiction for a disqualifying crime, is 
disqualified until the want or warrant is released, or the indictment 
is dismissed. TSA proposes to revise this provision by adding the 
issuance of a criminal complaint to the grounds for disqualification 
pending release or dismissal. The sole purpose of the proposed revision 
is to account for cases in which the jurisdiction begins a criminal 
proceeding with a complaint rather than an indictment. Under the 
Federal Rules of Criminal Procedure, a complaint is a written statement 
of the essential facts constituting the offense that is charged, and is 
under oath before a magistrate judge or, if none is reasonably 
available, before a state or local judicial officer.\50\ In other 
vetting programs, TSA has found cases in which the jurisdiction 
initiates a criminal action through a complaint, rather than a want or 
indictment, and proposes to make it clear that this would also be 
disqualifying under this proposed rule.
---------------------------------------------------------------------------

    \50\ See Rule 3, Federal Rules of Criminal Procedure, as amended 
December 1, 2019.
---------------------------------------------------------------------------

    Paragraph (d) of this section proposes that an individual who has 
been declared mentally incompetent or involuntarily committed to mental 
health facility would be disqualified. This is the same standard that 
currently applies to TWIC and HME applicants, but TSA proposes to move 
it into the criminal standards in this NPRM, because TSA becomes aware 
of mental incapacity through the criminal check.
    4. Proposed Sec.  1530.505. As explained above, applicants for a 
Level 2 or Level 3 STA must be a U.S. citizen, U.S. national, or non-
citizen who is a lawful permanent resident, a refugee, an asylee, a 
lawful nonimmigrant, is paroled into the U.S., or is otherwise 
authorized to work in the U.S. Note that individuals with Deferred 
Action for Childhood Arrivals are authorized to work in the U.S. and 
thus are eligible to apply for a security sensitive or security 
coordinator position under this rulemaking. The standard proposed in 
this section would require applicants to be in one of these listed, 
permissible categories at the time of application. TSA is not proposing 
that individuals must belong to a particular category of noncitizen to 
successfully complete the STA, because TSA does not assess a particular 
level of security risk associated with one immigration category as 
compared to another.
    Paragraph (b) explains that TSA determines whether an individual is 
in a listed, permissible category by checking relevant Federal 
databases, primarily the SAVE program administered by the USCIS. Also, 
TSA may verify an applicant's social security number, alien 
registration number, or I-94 number as part of the vetting process, to 
identify any instance of identity fraud.
    5. Proposed Sec.  1530.507. In this section, TSA proposes the 
standards for the terrorism check and other analyses. TSA would conduct 
this portion of the STA recurrently, which means each time a watchlist 
or database receives new or updated information, TSA compares the 
individual's name to the revised list. TSA would continue to 
recurrently vet the individual for the life of the STA, which TSA 
proposes to be 5 years in this NPRM. The recurrent vetting process 
allows TSA to receive notification if a vetted individual is 
subsequently added to a terrorist watchlist. If TSA determines, based 
on the information generated during this vetting, that an individual 
poses or may

[[Page 33490]]

pose a threat to transportation or national security, or of terrorism, 
TSA would deem the individual to be ineligible to work as a security 
coordinator or security-sensitive employee.
    TSA searches several databases in this portion of the STA, 
including the consolidated terrorist database (TSDB), the U.S. Marshals 
Service federal wants and warrants, Interpol, the Department of State 
lost and stolen passport file, and the U.S. Treasury Office of Foreign 
Asset Control database of individuals who are sanctioned due to 
terrorism or national security issues.\51\ If TSA matches an 
applicant's identity to an identity included in one of these lists, TSA 
conducts an investigation to determine whether, under the totality of 
the circumstances, an applicant is ineligible.
---------------------------------------------------------------------------

    \51\ Note that the complete list of data sources TSA uses in 
this portion of the STA is Sensitive Security Information and 
subject to protection in accordance with 49 CFR part 1520.
---------------------------------------------------------------------------

    Paragraph (b) proposes that TSA may determine an individual is 
ineligible if the check reveals extensive foreign or domestic criminal 
convictions, a conviction for a serious crime not otherwise covered by 
the regulation, or a period of foreign or domestic imprisonment that 
exceeds 365 consecutive days. TSA sometimes receives foreign criminal 
history records when conducting this check, such as through Interpol, 
which are not identified in the CHRC we conduct through the FBI's 
database. This paragraph would expressly provide TSA the discretion to 
disqualify an individual based on an overall view of the individual's 
record, even where some of the criminal history does not involve 
disqualifying offenses, but is indicative of an individual who may pose 
or poses a threat to national or transportation security, or of 
terrorism.
    6. Proposed Sec.  1530.509. This section proposes to permit the use 
of existing, valid STA results for satisfying requirements for a new 
STA. TSA's goal is to be able to rely, in whole or in part, on an STA 
that was already conducted on an individual when that individual 
subsequently applies for another STA. Relying on comparable STAs 
conserves time and resources for TSA and individuals by eliminating 
redundant checks.
    Paragraph (a) proposes that TSA may deem an earlier check 
comparable to a currently needed check based on certain factors listed 
in proposed paragraph (d), below, and if three conditions are met. 
First, as proposed in paragraph (a)(1), the original check cannot be 
expired. Second, as proposed in paragraph (a)(2), the original check 
must be part of a DOE that is not expired, revoked, or suspended. 
Third, as proposed in paragraph (a)(3), the earlier check must be 
adjudicated under standards that are comparable to the standards for 
the new STA.
    For example, individuals applying for a security coordinator STA 
under this NPRM who hold a current TWIC would be able to use the CHRC 
conducted for TWIC as a comparable check because both the TWIC CHRC and 
the security coordinator CHRC are adjudicated against the same look-
back period and list of disqualifying crimes.
    Paragraph (b) proposes that TSA may accept a valid, unexpired STA, 
background check, or investigation conducted by TSA or another Federal 
governmental agency to satisfy the STA requirement. Unlike proposed 
paragraph (a), which addresses the comparability of a given check 
(terrorism/other analyses, immigration, or CHRC) from one STA to 
another, proposed paragraph (b) addresses whether an entire STA, 
background check, or investigation may satisfy a subsequent STA 
requirement without the need for further checks. For example, as 
explained below, TSA may determine that a Level 3 STA is comparable to 
a Level 2 STA (because the former includes all of checks included in 
the latter). Thus, TSA may rely on the fact that an individual has 
already successfully completed a Level 3 STA to satisfy a subsequent 
requirement for a Level 2 STA under a different regulatory program for 
the same individual. Proposed paragraph (b) would refer to the factors 
in proposed paragraph (d) as the basis for the determination.
    Paragraph (c) would impose an important constraint on comparability 
based on timing. If TSA relies on a comparable check from an earlier 
STA, the duration of the new STA will be backdated to the date of the 
earliest check in the STA. This would ensure that no part of the STA is 
older than 5 years.
    Paragraph (d) sets out the criteria that TSA would use to decide 
whether STAs, background checks, or other investigations are comparable 
in whole or in part. Paragraph (d)(5) would allow TSA to consider other 
factors it deems appropriate when making a comparability determination. 
For instance, an agency may ask TSA to consider the use of different 
databases that TSA does not use as comparable sources of information. 
TSA needs this latitude because of the widely variable factual and 
policy circumstances that can surround how a given governmental agency 
may conduct the background check or investigation on which TSA may 
rely.
    Paragraph (e) is reserved.
    Paragraph (f) proposes the responsibilities of an individual who 
asserts completion of a comparable STA to satisfy a new STA 
requirement. Paragraph (f)(3) would require an individual asserting 
completion of a comparable STA to complete enrollment and pay the 
associated STA fees. A new enrollment is necessary because TSA needs 
complete, up-to-date enrollment information to accurately identify the 
individual and notify him or her of the outcome of the STA.
    Paragraphs (g)-(i) would list certain comparability determinations 
that TSA would set forth in the regulatory text. Each more thorough STA 
is comparable to the less thorough STAs. For instance, a Level 2 STA is 
comparable to a Level 1 STA, and a Level 3 STA is comparable to both a 
Level 2 and a Level 1 STA.
    TSA has already determined that an STA for the FAST program, 
administered by CBP, is comparable to the TWIC and HME STA.\52\ Since 
the requirements for the Level 3 STA proposed in this rulemaking are 
comparable to the TWIC and HME programs, the STA for a FAST card is 
comparable in whole to a Level 3 STA.
---------------------------------------------------------------------------

    \52\ See 49 CFR 1572.5(e)(6).
---------------------------------------------------------------------------

    In addition to the FAST program, CBP administers the NEXUS,\53\ 
SENTRI,\54\ and Global Entry \55\ programs. These programs include 
thorough criminal history, terrorism, and immigration checks conducted 
by CBP, and in the case of Global Entry, also include an interview 
conducted by a CBP law enforcement officer. CBP's criminal checks view 
all of the disqualifying offenses we propose in this NPRM as 
disqualifying in their programs. Similarly, the CBP terrorism and 
immigration checks include comparable data sources and standards. For 
these reasons, TSA has determined that the STAs for these programs are 
comparable to the proposed Level 3 STA. Finally, the TSA 
PreCheck[supreg] STA would be comparable to the Level 3 STA in this 
proposed rule. For TSA PreCheck[supreg], TSA uses TWIC and HME criminal 
offenses and look-back period, and terrorism standards. Also, the 
immigration standard for TSA PreCheck[supreg] is more stringent than 
the standards for TWIC

[[Page 33491]]

and HME. Consequently, individuals who have successfully passed the TSA 
PreCheck[supreg] STA have completed a comparable Level 3 STA.
---------------------------------------------------------------------------

    \53\ For information about the NEXUS program, see https://www.cbp.gov/travel/trusted-traveler-programs/nexus.
    \54\ For information about the SENTRI program, see https://www.cbp.gov/travel/trusted-traveler-programs/sentri.
    \55\ See 8 CFR parts 103 and 235.
---------------------------------------------------------------------------

    This proposed section on comparability and proposed Sec.  1530.307 
on fee comparability are closely related. As explained in the 
discussion of proposed Sec.  1530.307, the fee structure proposed in 
this rulemaking is portioned into segments based on the services TSA 
provides when conducting STAs. When processing an STA application, if 
TSA can rely on a comparable check from an earlier STA, it does not 
have to perform that service again, and it will not have to charge the 
individual the full fee for that service. This reduces the financial 
burden on individuals requiring more than one STA.

H. Proposed Subpart G--Appeal and Waiver Procedures for Security Threat 
Assessments

    1. Introduction. In subpart G, TSA proposes redress provisions for 
individuals adversely affected by the STA requirements in 49 CFR part 
1530. These proposed standards are consistent with the redress 
provisions codified in 49 CFR part 1515, Appeal and Waiver Procedures 
for Security Threat Assessments for Individuals, for individuals who 
are required to undergo STAs for the TWIC, HME, and certain air cargo 
programs.\56\ Part 1515 will continue to apply according to its terms 
(although TSA may revise the part heading in the final rule for this 
rulemaking to clarify the scope of part 1515), and subpart G of part 
1530 would apply to individuals who work for public transportation, 
railroads, and OTRB operators and undergo an STA set forth in this 
rulemaking. The standards in part 1515 were previously subject to 
notice and comment and have been in place for over 10 years. TSA 
believes the redress procedures we propose in subpart G are effective, 
efficient, and relatively easy to follow for individuals, including 
those who do not wish to hire an attorney for this process. However, 
TSA welcomes comments from covered entities that may be impacted by the 
proposed rule and the public on ways to improve the vetting process 
while still reducing security risk in the respective transportation 
modes.
---------------------------------------------------------------------------

    \56\ For a full discussion of the development of the provisions 
in 49 CFR part 1515, see the HME interim final rule (68 FR 23852, 
May 5, 2003), and the TWIC final rule (72 FR 3492, Jan. 25, 2007).
---------------------------------------------------------------------------

    Proposed subpart G describes the procedures for: (1) requesting 
waivers of the criminal standards; (2) appealing disqualifications 
based on the criminal history, immigration, or terrorism/other analyses 
checks; (3) ALJ review of TSA's waiver and appeal determinations; and 
(4) review of ALJ decisions by the TSA Final Decision Maker.
    2. Proposed Sec.  1530.601. TSA proposes the scope and general 
requirements for subpart G in this section. Paragraphs (a) and (b) 
would establish that individuals who apply for an STA under part 1530 
and who are eligible to request an appeal or waiver, fall within the 
scope of this part. Paragraph (c) explains that TSA does not disclose 
classified information or other information that is protected by law, 
or for which disclosure is not warranted. Paragraph (d) explains that 
an individual may, but is not required to, hire an attorney to 
represent them in an appeal or waiver proceeding, at the individual's 
expense. Paragraph (e) explains that the individual may request an 
extension of time for submitting appeal or waiver paperwork to TSA. 
These requests must be in writing, explain the reason for the 
extension, and be served on TSA prior to the deadline that needs to be 
extended. TSA generally grants extensions of time in the redress 
process when individuals meet these proposed standards.
    3. Proposed Sec.  1530.603. Reserved.
    4. Exhaustion of Administrative Remedies. Before explaining the 
redress procedures an individual would use to appeal a TSA final 
decision (which are set forth below), it is important to discuss the 
principle of exhausting the administrative remedies TSA provides in 
subpart G before seeking review by the courts. The doctrine of 
exhaustion of remedies is based on the need to conserve judicial 
resources and ensure that factual issues are resolved by the agency 
with the expertise and responsibility for administering the program at 
issue. The doctrine allows agencies to develop a full factual record, 
correct errors, minimize costs, and create a uniform approach to the 
issues within its jurisdiction. This process benefits individuals by 
resolving disputes more quickly and at lower cost through TSA rather 
than the Federal courts. If the individual ultimately seeks review in 
the Court of Appeals following TSA's final agency order, the court will 
have a full record on which to base its review and the issues will be 
narrowed to those that truly require judicial review. In a case where 
TSA issued a preliminary denial of a TWIC application and the 
individual sought review by a U.S. District Court rather than first 
appealing the decision to TSA, the court dismissed his claim stating 
that he must first exhaust the administrative remedies in TSA's redress 
regulations.\57\ The court stated that it needed a more developed 
factual record to effectively evaluate the case. Also, the court held 
that TSA should have the opportunity to correct any errors and narrow 
the issues, which can be achieved through exhausting administrative 
remedies, before initiating judicial review.
---------------------------------------------------------------------------

    \57\ See Mohamed Al Seraji v. Gowadia, No. 8:16-cv-01637-JLS-JCG 
(C.D. Cal. Apr. 28, 2017).
---------------------------------------------------------------------------

    For all of the foregoing reasons, TSA is proposing to require 
individuals to exhaust the administrative remedies set forth in subpart 
G before seeking judicial review.
    Under this proposal, an individual would not seek judicial review 
until TSA has issued its ``final agency order.'' Throughout proposed 
subpart G, we clearly identify the point at which a TSA decision is a 
``final agency order,'' and thus, when an individual may pursue 
judicial review. Note that for purposes of the rulemaking, ``final 
agency order'' and ``final agency action'' have the same meaning.
    5. Proposed Sec.  1530.605. In this section, TSA proposes the 
procedures that would apply to appeals to TSA concerning the criminal, 
immigration, and mental capacity standards in part 1530.
    Paragraph (a)(3) pertains to appeals based on determinations that 
an individual lacks mental capacity under proposed Sec. Sec.  1530.501 
and 1530.503. It is important to note that TSA does not have access to 
health-related databases and information concerning mental health 
issues. However, TSA may become aware of mental health issues through 
the CHRC, when an individual is found not guilty by reason of insanity 
of a disqualifying criminal conviction.
    Paragraph (b) of this section proposes the grounds for appeal that 
may be raised. Individuals may assert that they do meet the eligibility 
standards and (1) TSA's decision was based on factually incorrect 
information; or (2) TSA failed to apply the eligibility standards in 
accordance with the regulations. For instance, if a criminal rap sheet 
reveals a conviction for a disqualifying offense, but fails to include 
the fact that the conviction was later overturned, an individual may 
use this as the basis for an appeal. Also, if TSA fails to correctly 
apply the list of criminal disqualifiers that appear in part 1530, this 
failure to adhere to the standards would constitute grounds for an 
appeal.
    Paragraphs (c)-(h) of this section propose the procedures and 
timeframes for initiating an appeal, responding to a PDI or a PDIIR, 
correcting inaccurate records, and TSA's issuance of a final

[[Page 33492]]

determination. Under these procedures, an individual must request an 
appeal in writing to TSA, and it may be in the form of a request for 
the records on which TSA's PDI or PDIIR are based, or as a reply to the 
PDI or PDIIR. The individual must initiate the appeal within 60 days of 
service of the PDI or PDIIR, or request an extension of time. TSA may 
request documents from appellants that are necessary to make a final 
determination. If the data on which TSA made its preliminary decision 
of ineligibility is incomplete or inaccurate, proposed Sec.  
1530.605(f) describes how an individual can correct the information.
    Paragraph (g) of this section proposes the procedures TSA would 
follow in making a final determination on eligibility and the 
individual's appeal. If TSA determines that the PDI/PDIIR is incorrect, 
TSA would withdraw the PDI/PDIIR and notify the individual, and the 
employer or operator, where applicable. If TSA determines that the 
preliminary determination was correct, TSA would serve a FDI on the 
individual, and where applicable, the employer or operator.
    Paragraph (h) explains that TSA's FDI based on criminal, 
immigration, and mental capacity standards would constitute a final 
agency order or action under 49 U.S.C. 46110.\58\ This means that upon 
receiving the FDI, there are no additional redress procedures within 
TSA for an individual to use. At this point, the individual may seek 
review in the Court of Appeals or accept TSA's final determination. 
These appeals based on criminal, mental capacity, and immigration 
involve objective facts and documents, and thus, it would be highly 
unlikely for TSA's final decision to be in error and need further 
review by an ALJ or the TSA Final Decision Maker.
---------------------------------------------------------------------------

    \58\ This section of the code governs judicial review of TSA's 
final agency orders, and requires litigants to challenge final 
agency orders in the U.S. Court of Appeals for the District of 
Columbia Circuit within 60 days of TSA's order.
---------------------------------------------------------------------------

    6. Proposed Sec.  1530.607. In this section, TSA sets forth 
proposed standards for requesting a waiver due to criminal offense or 
mental capacity. Under this proposed rule, TSA would not consider 
waiver requests for failure to meet immigration standards or for the 
terrorism/other analysis checks. It would be inconsistent with the 9/11 
Act, the principles of security vetting, and similar waiver programs to 
entertain waiver requests for these issues. There is no reasonable 
basis on which TSA would determine that a waiver should be granted to 
an individual who does not meet the immigration standards or is deemed 
to pose a threat to national or transportation security, or of 
terrorism under 1530.507(a). As proposed in paragraph (b), however, TSA 
would consider a waiver when an individual (1) who committed a 
disqualifying offense, now asserts that he or she is rehabilitated and 
no longer poses a security risk; (2) who suffered from mental capacity 
issues, asserts that those health issues no longer exist; or (3) was 
disqualified for a criminal history under Sec.  1530.507(b).
    In paragraph (c), TSA proposes that individuals must complete the 
enrollment process, including paying all applicable fees, before he or 
she may apply for a waiver. For instance, an individual who knows he 
was convicted of a disqualifying offense within the previous 7 years 
and wishes to apply for a waiver of that offense, must complete the 
enrollment process so that TSA receives the pertinent criminal records 
from the FBI that verify the disqualifying issue. The applicant may 
submit a request for a waiver, which must be received no earlier than 
the date that the individual submitted the application and fee, and no 
later than 60 days after final disposition of an appeal undertaken 
consistent with Sec.  1530.605 of this subpart. An individual preserves 
the right submit a waiver request if he or she requests an extension of 
time in accordance with Sec.  1530.601(e) of this part and the request 
is granted.
    Paragraph (c)(2) describes the factors that TSA would consider when 
evaluating a waiver request, including the circumstances of the crime, 
restitution the individual has paid, court or other official records 
indicating that the individual no longer lacks mental capacity, the 
length of the prison term, the time that has elapsed since release from 
prison, criminal activity that has occurred following release from 
prison, and other factors relevant to the individual's waiver request. 
TSA would consider letters of reference from employers, clergy, 
probation officers, family members, and others with knowledge of the 
individual's character and rehabilitation since the crime occurred.
    TSA adjudicators and analysts would evaluate the paperwork 
submitted, and communicate with the individual, if necessary, to gain 
additional information to ensure that the waiver request package is 
complete. TSA has established a Waiver Review Board, which includes 
security analysts and senior managers, to meet regularly to consider 
each waiver request. Because waiver decisions are somewhat subjective, 
TSA established this process to ensure consistency and avoid individual 
bias in reviewing waiver requests. The Waiver Review Board makes a 
recommendation to grant or deny a waiver to the Assistant 
Administrator. The Assistant Administrator reviews the recommendation 
and waiver paperwork and makes a final decision to grant or deny the 
waiver request.
    Paragraph (d) explains that, within 60 days of TSA receiving the 
waiver request, TSA would serve a written decision granting or denying 
the waiver request on the individual. If TSA denies the waiver, the 
individual may appeal the decision to an ALJ. TSA's waiver denial is 
not a final agency action under 49 U.S.C. 46110. The individual may 
not, therefore, appeal this decision to the court system at this time, 
but must first seek review by an ALJ (as described in Sec.  1530.611) 
and then if necessary, a TSA Final Decision Maker (as described in 
Sec.  1530.613).
    7. Proposed Sec.  1530.609. In this section, TSA proposes the 
procedures an individual would use to appeal TSA's preliminary 
determination that the individual failed the terrorism/other analyses 
portion of the STA. Paragraph (b) explains that the only grounds for an 
appeal of the terrorism/other analyses PDI is an assertion that the 
individual meets the standards for the STA for which he or she is 
applying. For instance, an individual could argue that he or she has 
been misidentified as another person who poses a security threat. Also, 
the individual may assert that even if he or she has been correctly 
identified, nonetheless, the person does not pose a security threat. 
Paragraph (c) states that the procedures proposed for Sec.  
1530.605(c)-(h), described above, also apply to this section.
    In paragraph (d)(1) of this section, TSA proposes that 60 days 
after service of the individual's appeal, TSA would serve a final 
determination on the individual, and where applicable, the individual's 
employer. For instance, in this rulemaking, public transportation 
operators may not employ an individual in a security-sensitive position 
unless the individual successfully completed a Level 2 STA, which 
includes the terrorism/other analyses check. If TSA determines that an 
individual does not pass the Level 2 STA, TSA would have to notify the 
operator of this determination so that the operator does not assign the 
individual a security-sensitive position.
    As proposed in paragraph (d)(2), if TSA determines that the PDI or 
PDIIR was issued in error, TSA would withdraw it by serving 
notification on the individual, and where appropriate, the employer.

[[Page 33493]]

    Paragraph (e) addresses further review of a case in which TSA 
denies the individual's appeal. TSA's denial of the appeal under this 
section is not a final agency action under 49 U.S.C. 46110, and, 
therefore, the individual may not seek review in the courts at this 
juncture. If the individual wishes to seek additional review of TSA's 
final determination, he or she would seek review by an ALJ, and those 
procedures are set forth in proposed Sec.  1530.611, described below. 
If the individual does not seek review by an ALJ within 30 days of 
TSA's decision, the decision then becomes final.
    8. Proposed Sec.  1530.611. In this section, TSA proposes the 
procedures for an individual who wishes to seek review of a TSA 
decision by an ALJ. Paragraph (a) describes the two types of appeals 
that are eligible for ALJ review. An ALJ may review (1) an appeal of 
TSA's decision to deny a waiver as set forth in Sec.  1530.607, and (2) 
an appeal of TSA's decision to deny an appeal based on the terrorism/
other analyses check as set forth in Sec.  1530.609.
    Paragraph (b) explains how the individual must request ALJ review. 
The request must be in writing and served within 30 days of the date 
that TSA served the decision that the individual seeks to appeal to the 
ALJ. The individual must include the issues that the individual wants 
the ALJ to consider, copies of the individual's request for a waiver or 
initial appeal with all supporting documents, and copies of TSA's 
denial of the waiver request or appeal. Paragraph (b)(5) provides the 
address to use for ALJ review requests.
    Paragraph (b)(2) explains that a request for ALJ review may not 
include material, evidence, or information that was not also presented 
to TSA in the original waiver request or appeal. As stated in paragraph 
(b)(3), if the individual has new material, evidence, or information 
that was not available to TSA, the individual should file a new waiver 
request or appeal with TSA, and the ALJ review request would be 
dismissed. To preserve ALJ resources and ensure that TSA makes 
decisions that fall within its expertise, in keeping with principles of 
the exhaustion of administrative remedies, any new information should 
be used to begin a new review by TSA, not the ALJ.
    Paragraph (b)(4) explains that the individual may request an in-
person hearing before the ALJ. Paragraph (c) addresses extensions of 
time during the ALJ review process. Both parties may request extensions 
of time in writing, and they should be received by the ALJ within a 
reasonable time before the date that must be extended. Paragraph (d) 
describes the duties of the ALJ, which are the same procedures that 
currently apply to cases that ALJs review in TWIC and HME waiver 
denials, and are fairly standard for administrative process. TSA 
proposes that the ALJ must have the appropriate level of security 
clearance necessary to review any information, including classified 
information, that is relevant to reviewing the case. As proposed, the 
ALJ should consider a request for an in-person hearing, by evaluating 
whether there are genuine issues of fact about the evidence or 
information the individual submits as part of his or her waiver request 
or appeal to TSA, or whether TSA's determination on the waiver or 
appeal was completed in accordance with the regulations. If an in-
person hearing takes place, a verbatim transcript would be made, at no 
cost to the individual. If the individual fails to appear, the ALJ may 
issue a default judgment against the individual. The standard of proof 
for the hearing would be substantial evidence on the record.
    Under the ALJ procedures, we propose that TSA will not disclose 
classified information or other information protected under the law. 
TSA, however, may prepare an unclassified summary of the information 
for the appealing party, if an unclassified summary can be provided 
consistent with national security concerns. The ALJ would review the 
record of decision, including any classified information upon which the 
decision relies, on an ex parte, in camera basis, and may consider this 
information in making a final decision if the information appears to be 
material and relevant.
    Paragraph (f) describes the procedures that apply for the ALJ's 
final decision. As proposed, the ALJ would issue a final decision 
within 60 days from the close of the record, and serve the decision on 
the parties. Either party may appeal the ALJ decision to the TSA Final 
Decision Maker. If the ALJ overturns TSA's waiver or appeal decision 
and TSA does not appeal that to the Final Decision Maker, TSA would 
issue an order granting the waiver or withdraw the final determination 
on the appeal, as applicable. If the ALJ upholds TSA's decision and the 
individual does not seek review by the TSA Final Decision Maker, TSA 
would issue a final agency order denying a waiver to the individual or 
issue a Final Order of Ineligibility, as applicable.
    9. Proposed Sec.  1530.613. TSA proposes the procedures for 
appealing an ALJ decision to the TSA Final Decision Maker in this 
section. The non-prevailing party in the ALJ proceeding may request a 
review of the ALJ's decision by the TSA Final Decision Maker within 30 
days from the date of service of the ALJ's decision. Requests for 
review must be in writing, served on the opposing party, and relate 
only to whether the ALJ's decision was based on substantial evidence on 
the record. Within 60 days of receiving the request for review (or 
within 30 days of receiving a response from the other party), the TSA 
Final Decision Maker would issue the final decision. The decision of 
the TSA Final Decision Maker constitutes a final agency order in 
accordance with 49 U.S.C. 46110. If the individual wishes to appeal the 
TSA Decision Maker's final order, that appeal must be filed in the U.S. 
Court of Appeals for the District of Columbia Circuit or in the court 
of appeals of the United States for the circuit in which the person 
resides or has its principal place of business within 60 days of the 
TSA Decision Maker's final order.

IV. Analysis of Proposed Changes to Parts 1500, 1570, 1572, 1580, 1582, 
and 1584

A. Introduction

    TSA proposes to make changes to 49 CFR parts 1500, 1570, 1572, 
1580, 1582, and 1584 in this rulemaking. Each of these proposed changes 
are described below.

B. Proposed Changes to Part 1500

    ``Security threat assessment'' would mean a procedure conducted by 
TSA consisting of one or more checks of relevant databases and other 
sources of information to verify an individual's identity, and to 
determine whether the individual is eligible for certain access to the 
nation's transportation systems, or for certain privileges or 
credentials. The proposed definition would provide a concrete 
understanding of the term that encapsulates the entire process of 
vetting the individual. It would also promote consistent use of 
terminology throughout TSA's regulations, most importantly that a 
security threat assessment is the overall process, which is comprised 
of one or more checks, such as a CHRC, or a check of databases. TSA 
considers the terms ``security threat assessment,'' as proposed here, 
and ``security background check,'' as established in the Security 
Training rulemaking to be functionally synonymous. TSA intends 
generally to reserve the use of ``security background check'' to the 
specific context of proposed Sec.  1570.305.

[[Page 33494]]

C. Proposed Changes to Part 1570

    As explained previously, this proposed rule is one of three 
rulemakings TSA is presently conducting to implement the 9/11 Act. The 
Security Training NPRM proposed extensive changes to part 1570, 
including reserving subpart D for proposals related to vetting. In this 
rulemaking, we propose changes to part 1570, subpart D, that build on 
the proposals in the Security Training NPRM.
    TSA proposes to add Sec.  1570.307 to subpart D to explain that 
specific vetting requirements for maritime and land transportation 
would be set in the parts that relate to each industry. For instance, 
the proposals for the owner/operators and individuals in freight rail 
would be in part 1580, public transportation and passenger rail would 
be in part 1582, and OTRB would be in part 1584.
    As a matter of organization and clarity, we think it would be 
easier for each type of owner/operator and its employees to first look 
at the part of TSA regulations that applies to it, in order to 
determine who must be vetted and the level of vetting required. The 
requirements may vary, and we believe placing them in the specific part 
of title 49 that corresponds to that type of operator would be best.

D. Proposed Change to Part 1572

    TSA proposes to revise the title of part 1572 from ``Credentialing 
and Security Threat Assessments'' to ``Credentialing and Security 
Threat Assessments for the Hazardous Materials Endorsement and 
Transportation Worker Identification Credential Programs.'' This is an 
administrative change TSA proposes to make to clarify that part 1572 
applies only to the HME and TWIC programs. As our vetting authorities 
expand and there are new vetting standards in various parts of the CFR, 
we believe it is necessary to change the title of part 1572 so that 
individuals and owner/operators understand that it applies only to two 
programs.

E. Proposed Changes to Part 1580

    TSA proposes to add ``Subpart D--Security Threat Assessment 
Requirements for Owner/Operators and Individuals'' to part 1580, as 
promulgated in the Security Training rulemaking, to implement the 9/11 
Act vetting requirements in freight rail.\59\
---------------------------------------------------------------------------

    \59\ See 9/11 Act sections 1520 and 1522, which are codified at 
6 U.S.C. 1170(d).
---------------------------------------------------------------------------

    1. Proposed Sec.  1580.3. This section would make clear that the 
terms defined in Sec. Sec.  1500.3, 1500.5, and 1503.103, of subchapter 
A, Sec.  1530.3 of subchapter B, and Sec.  1570.3 of subchapter D of 
this chapter, also apply when used in this part.
    2. Proposed Sec.  1580.301. Paragraph (a) would set out the 
obligations of freight rail owner/operators with regard to STA 
requirements for the security coordinators who would be designated 
according to the requirements of the Security Training rulemaking. 
Section 1570.201(a), as set forth in the Security Training final rule, 
requires freight rail owner/operators to designate and use a primary 
and at least one alternate security coordinator. These requirements 
apply to the operators listed in 49 CFR 1580.101, which are:
     Class 1 freight railroad carriers;
     Rail hazardous materials shippers that transport one or 
more of the categories and quantities of rail security-sensitive 
materials (RSSM) in a high threat urban area (HTUA);
     Rail carrier that serves as a host railroad to a Class 1 
carrier, rail hazardous materials shipper that transports RSSM in an 
HTUA, or a passenger operation described in 49 CFR 1582.101.
    Proposed paragraph (a)(1) would set out the primary requirement 
that a covered freight rail owner/operator must not authorize or permit 
an individual to serve as a primary or alternate security coordinator 
unless he or she has successfully completed a Level 3 STA and holds a 
current DOE from TSA.
    As explained above in section II.B.2. of the preamble, security 
coordinators should undergo a Level 3 STA because of their access to 
sensitive-security and personally-identifiable information, as well as 
the critical security functions they perform. These responsibilities 
and functions require a high level of confidence that the individual is 
trustworthy. As explained above, a Level 3 STA consists of a criminal 
history, terrorism/other analyses, and immigration check. Successful 
completion of this Level 3 STA would increase confidence that the 
individual is sufficiently trustworthy to assume the position.
    To comply with proposed paragraph (a)(1), owner/operators would 
need a definitive source of information from TSA regarding an 
individual's STA. TSA expects to create a web-based portal for owner/
operators to access, which would include the results of the STAs of 
that owner/operator's workers. TSA has considered other methods of 
employer notification, such as mailing letters, but believes this 
method would be more cost-effective and minimizes the risk of fraud or 
missing records associated with paper documents and mail service. TSA 
invites comment from the industry as to other potential methods of 
notification, as well as the relative advantages and disadvantages of 
the options.
    Paragraph (a)(2) would require the owner/operator to retain records 
documenting compliance with paragraph (a)(1). TSA does not propose a 
specific format of documentation. TSA prefers to retain flexibility to 
permit various formats depending on owner/operator needs and 
capabilities. TSA will work with each owner/operator to assure that the 
recordkeeping process complies with TSA's inspection needs. As part of 
inspecting compliance with the STA requirements, TSA must be able to 
review these records to ensure that the STA requirements have been met 
at the appropriate time. TSA invites comment from owner/operators as to 
how most will satisfy this requirement and other ideas for meeting it.
    Paragraph (b)(1) would set out the primary requirement that a 
covered freight rail owner/operator must not authorize or permit an 
individual to serve as a security-sensitive employee, unless he or she 
has successfully completed a Level 2 STA and holds a current DOE from 
TSA. TSA proposes to require a Level 2 STA, consisting of terrorism/
other analyses and immigration check in the United States, for 
security-sensitive employees, which satisfies the requirements of 
section 1520 of the 9/11 Act.
    As explained above in the discussion of security coordinator STA 
requirements, TSA expects to create a web-based portal for owner/
operators to access, which would include the results of the STAs of 
that owner/operator's security-sensitive employees.
    Proposed paragraph (b)(2), with regard to recordkeeping, is similar 
to proposed paragraph (a)(2) explained above.
    Paragraph (c) proposes continuing responsibilities for owner/
operators after the initial vetting of security coordinators and 
security-sensitive employees. Paragraph (c)(1) would require an owner/
operator to remove an individual from a position as a security 
coordinator or a security-sensitive employee if notified by TSA that 
the individual is no longer eligible for the position. TSA would issue 
such a notification if, for example, the recurrent terrorism/other 
analyses check subsequently reveals information indicating that the 
individual poses or may pose a threat to transportation security or 
national security, or of terrorism.

[[Page 33495]]

    Paragraph (c)(2) would require an owner/operator that becomes aware 
of information that an individual is or may not be eligible to serve as 
a security coordinator or security-sensitive employee to notify TSA 
immediately. This responsibility would arise, for example, if the 
owner/operator becomes aware that a security coordinator has been 
arrested for or convicted of a potentially disqualifying crime.
    Paragraph (c)(3) would provide that an owner/operator may reassign 
an individual as a security coordinator or security-sensitive employee 
if notified by TSA that he or she regained eligibility. For example, if 
TSA notified an owner/operator under proposed paragraph (c)(1) that an 
individual is ineligible, but subsequently determines that the factor 
causing the ineligibility had been resolved, TSA would notify the 
owner/operator under paragraph (c)(3).
    2. Proposed Sec.  1580.303. This section would set out the 
obligations of individuals employed by covered freight rail owner/
operators who must undergo an STA, either as a security coordinator 
(proposed paragraph (a)) or a security-sensitive employee (proposed 
paragraph (b)).
    Paragraph (a) would provide that an individual must not work as a 
security coordinator for a freight rail owner/operator, unless he or 
she successfully completes a Level 3 STA and holds a current 
Determination of Eligibility. Paragraph (a) would also specify that the 
criminal history records check conducted as part of the Level 3 STA 
would be adjudicated against the list of disqualifying crimes in 
proposed Sec.  1530.503, which, as described above, would be the list 
of disqualifying crimes that currently apply to certain surface and 
maritime workers under Sec.  1572.103.
    Paragraph (b) would provide that an individual must not work as a 
security-sensitive employee unless he or she successfully completes a 
Level 2 STA and holds a current Determination of Eligibility. The 
rationale for requiring this level of vetting is explained above in 
section II.B.1. of the preamble.
    3. Proposed Sec.  1580.305. This section would require the use of 
TSA enrollment centers by individuals, as well as the owner/operators 
of those individuals, required to apply for an STA under these proposed 
regulations. The reasons for this proposed requirement is explained 
above in section II.B.5. of the preamble.
    4. Proposed Sec.  1580.307. As explained above in section II.B.7. 
of the preamble, TSA proposes a phased implementation of the vetting 
requirements proposed in this rule. Under paragraph (a), the vetting 
requirements for primary and alternate security coordinators would 
become effective 6 months from the publication date of the final rule. 
Under paragraph (b), the vetting requirements for security-sensitive 
employees would become effective 12 months from the publication date of 
the final rule. It is important to note that the time it takes to 
process Level 2 STA processing is typically less than 10 days, and less 
than 30 days for Level 3 STA processing. We invite comment from 
employers and workers on these proposed effective dates. Specifically, 
TSA is interested in the time employers anticipate it will take to 
prepare for the effective dates, how many employees fall into each 
category, and whether the number of employees can be vetted within the 
allotted time.

F. Changes to Part 1582

    TSA proposes to add ``Subpart C--Security Threat Assessment 
Requirements for Owner/Operators and Individuals'' to part 1582, as set 
forth in the Security Training final rule, to implement the vetting 
requirements of the 9/11 Act for public transportation and passenger 
rail.
    1. Proposed Sec.  1582.3. This section would make clear that the 
terms defined in Sec. Sec.  1500.3, 1500.5, and 1503.103, of subchapter 
A, Sec.  1530.3 of subchapter B, and Sec.  1570.3 of subchapter D of 
this chapter, also apply when used in this part.
    2. Proposed Sec.  1582.201. This section would set out the 
obligations of covered public transportation and passenger rail owner/
operators with regard to STA requirements for the security coordinators 
who would be designated according to the requirements of the Security 
Training rulemaking. Under the Training final rule, section 1570.201(a) 
requires public transportation and passenger rail owner/operators 
described in Sec.  1582.1(a) to designate and use a primary and at 
least one alternate security coordinator. These owner/operators 
include: passenger railroad carriers, public transportation agencies, 
and operators of rail transit systems that are not operating on tracks 
that are part of the general railroad system, including heavy rail 
transit, light rail transit, automated guideway, cable car, inclined 
plane, funicular, and monorail systems.
    Proposed paragraph (a)(1) would set out the primary requirement 
that a covered public transportation and passenger railroad operator 
must not authorize or permit an individual to serve as a primary or 
alternate security coordinator, unless he or she has successfully 
completed a Level 3 STA and holds a current DOE from TSA. As set forth 
in the Security Training final rule, this requirement would apply to 
all owner/operators described in Sec.  1582.1(a)(1)-(3), and to an 
owner/operator described in Sec.  1582.1(a)(4), if it is notified by 
TSA that a threat exists pursuant to 49 CFR 1570.201(b)). As explained 
above in section II.B.2. of the preamble, TSA believes that security 
coordinators should be required to undergo a Level 3 STA based on the 
access to sensitive-security and personally-identifiable information 
they have. As explained previously, a Level 3 STA consists of a 
criminal history, terrorism/other analyses, and immigration check. 
Successful completion of this Level 3 STA will increase confidence that 
the individual is sufficiently trustworthy to assume the position, and 
the proposed requirement that he or she continues to hold a current DOE 
would require his or her removal if he or she becomes ineligible in the 
future.
    To comply with proposed paragraph (a)(1), owner/operators would 
receive a notification from TSA regarding an individual's STA. TSA 
expects to create a web-based portal for owner/operators to access, 
which would include the results of the STAs of that owner/operator's 
workers. TSA has considered other methods of employer notification, 
such as mailing letters, but believes this method would be more cost-
effective and minimizes the risk of fraud or missing records associated 
with paper documents and mail service. TSA invites comment from the 
industry as to other potential methods of notification, and the 
relative advantages and disadvantages of the options.
    Paragraph (a)(2) would require the owner/operator to retain records 
documenting compliance with proposed paragraph (a)(1). TSA proposes to 
allow owner/operators flexibility as to the format, paper or digital, 
of storage, as long as the form and manner is authorized by TSA. As 
part of inspecting compliance with the STA requirements, TSA must be 
able to review these records to ensure that the STA requirements have 
been met at the appropriate time. TSA invites comment from owner/
operators as to how most will satisfy this requirement and other ideas 
for meeting it.
    In proposed Sec.  1580.203 (b) and as discussed above, TSA proposes 
to require that such security-sensitive employees successfully complete 
a Level 2 STA. Paragraph (b)(1) of this section tracks the same 
requirements as in paragraph (a)(1), but for security-sensitive 
employees instead of security coordinators. TSA proposes that a

[[Page 33496]]

covered owner/operator must not authorize or permit a person to serve a 
security-sensitive employee, unless he or she has successfully 
completed a Level 2 STA and holds a current DOE. This level of vetting 
satisfies section 1411 of the 9/11 Act.
    Proposed paragraph (b)(2) with regard to recordkeeping is similar 
to proposed paragraph (a)(2) explained above.
    Paragraph (c) proposes continuing responsibilities for owner/
operators after the initial vetting of security coordinators and 
security-sensitive employees. Paragraph (c)(1) would require an owner/
operator to remove an individual from a position as a security 
coordinator, or a security-sensitive employee, if notified by TSA that 
the individual is no longer eligible for the position. TSA would issue 
such a notification if, for example, the recurrent terrorism check 
subsequently reveals information indicating that the individual poses 
or may pose a threat to transportation security or national security, 
or of terrorism.
    Paragraph (c)(2) would require an owner/operator that becomes aware 
of information that an individual may not be eligible to serve as a 
security coordinator or security-sensitive employee to notify TSA 
immediately. This responsibility would arise, for example, if the 
owner/operator becomes aware that a security coordinator has been 
convicted for a potentially disqualifying crime.
    Paragraph (c)(3) would provide that an owner/operator may reassign 
an individual as a security coordinator or security-sensitive employee 
if notified by TSA that he or she regained eligibility. For example, if 
TSA notified an owner/operator under proposed paragraph (c)(1) that an 
individual is ineligible, but subsequently determines that the factor 
causing the ineligibility had been resolved, TSA would notify the 
owner/operator under paragraph (c)(3).
    3. Proposed Sec.  1582.203. This section would set out the 
obligations of individuals employed by covered public transportation 
and passenger rail owner/operators who must undergo an STA, either to 
serve as a security coordinator (proposed paragraph (a)) or as a 
security-sensitive employee (proposed paragraph (b)).
    Proposed paragraph (a) would provide that an individual must not 
work as a security coordinator for a public transportation or passenger 
rail owner/operator unless he or she successfully completes a Level 3 
STA and holds a current DOE. The reasons for requiring a Level 3 STA, 
and the checks that would compose this level of vetting are explained 
above in section II.B.2. of the preamble. Paragraph (a) would also 
specify that the CHRC conducted as part of the Level 3 STA would be 
adjudicated against the list of disqualifying crimes in proposed Sec.  
1530.503(a), which is the list of disqualifying crimes applicable to 
surface and maritime vetting conducted by TSA.
    Paragraph (b) would provide that an individual must not work as a 
security-sensitive employee unless he or she successfully completes a 
Level 2 STA, and holds a current DOE. The rationale for requiring this 
level of vetting is explained above in section II.B.1. of the preamble.
    4. Proposed Sec.  1582.205. This section would require the use of 
TSA enrollment centers by individuals, and their owner/operators, 
required to apply for an STA under these proposed regulations. The 
reasons for this proposed requirement is explained above in section 
II.B.5. of the preamble.
    5. Proposed Sec.  1582.207. As explained above in section II.B.7. 
of the preamble, TSA proposes a phased implementation of the vetting 
requirements proposed in this rule. Under paragraph (a), the vetting 
requirements for primary and alternate security coordinators would 
become effective 6 months from the publication date of the final rule. 
Under paragraph (b), the vetting requirements for security-sensitive 
employees would become effective 12 months from the publication date of 
the final rule.
    We invite comment from employers and workers on these proposed 
effective dates. Specifically, TSA is interested in the time employers 
anticipate it will take to prepare for the effective dates, how many 
employees fall into each category, and whether the number of employees 
can be vetted within the allotted time.

F. Proposed Changes to Part 1584

    In this rulemaking, TSA proposes to add ``Subpart C--Security 
Threat Assessment Requirements for Owner/Operators and Individuals'' to 
part 1584, in keeping with provisions established in the Security 
Training rule for the 9/11 Act vetting requirements for OTRB.
    1. Proposed Sec.  1584.3. This section would make clear that the 
terms defined in Sec. Sec.  1500.3, 1500.5, and 1503.103, of subchapter 
A, Sec.  1530.3 of subchapter B, and Sec.  1570.3 of subchapter D of 
this chapter, also apply when used in this part.
    2. Proposed Sec.  1584.201. This section would set out the 
obligations of OTRB owner/operators with regard to STA requirements for 
the security coordinators designated in accordance with the Security 
Training final rule. Section 1570.201(a) requires OTRB owner/operators 
described in Sec.  1584.101 to designate and use a primary and at least 
one alternate security coordinator. Under Sec.  1584.101 these OTRB 
owner/operators are limited to those that originate, travel through, or 
in, a geographic location identified in appendix A to 49 CFR part 1584.
    Proposed paragraph (a)(1) would set out the primary requirement 
that a covered OTRB owner/operator must not authorize or permit an 
individual to serve as a primary or alternate security coordinator, 
unless he or she has successfully completed a Level 3 STA and holds a 
current DOE. As explained above in section II.B.2. of the preamble, TSA 
believes that security coordinators should undergo a Level 3 STA based 
on their access to sensitive security and personally identifiable 
information. As explained above, a Level 3 STA consists of criminal 
history, terrorism/other analyses, and immigration checks. Successful 
completion of this Level 3 STA will increase confidence that the 
individual is sufficiently trustworthy to assume the position, and the 
proposed requirement that he or she continues to hold a current DOE 
would require his or her removal if he or she becomes ineligible in the 
future.
    To comply with proposed paragraph (a)(1), owner/operators must 
receive a definitive notification from TSA regarding an individual's 
STA. TSA expects to create a web-based portal for owner/operators to 
access, which will include the results of the STAs of that owner/
operator's workers. TSA has considered other methods of employer 
notification, such as mailing letters, but believes this method would 
be more cost-effective and minimizes the risk of fraud or missing 
records associated with paper documents and mail service. TSA invites 
comment from the industry as to other potential methods of 
notification, as well as the relative advantages and disadvantages of 
the options.
    Paragraph (a)(2) would require the owner/operator to retain records 
documenting compliance with proposed paragraph (a)(1). TSA proposes to 
allow owner/operators flexibility as to the format, paper or digital, 
of storage, as long as the form and manner is authorized by TSA. As 
part of inspecting compliance with the STA requirements, TSA must be 
able to review these records to ensure that the STA requirements have 
been met at the appropriate time. TSA invites comment from owner/
operators as to how most will satisfy this requirement and other ideas 
for meeting it.

[[Page 33497]]

    Paragraph (b) proposes continuing responsibilities for owner/
operators after the initial vetting of security coordinators. Paragraph 
(b)(1) would require an owner/operator to remove an individual from a 
position as a security coordinator, if notified by TSA that the 
individual is no longer eligible for the position. TSA would issue such 
a notification if, for example, the recurrent terrorism check 
subsequently reveals information indicating that the individual poses 
or may pose a threat to transportation security or national security, 
or of terrorism.
    Paragraph (b)(2) would require an owner/operator that becomes aware 
of information that an individual may not be eligible to serve as a 
security coordinator to notify TSA immediately. This responsibility 
would arise, for example, if the owner/operator becomes aware that a 
security coordinator has been arrested or convicted for a potentially 
disqualifying crime.
    Paragraph (b)(3) would provide that an owner/operator may reassign 
an individual as a security coordinator if notified by TSA that he or 
she regained eligibility. For example, if TSA notified an owner/
operator under proposed paragraph (b)(1) that an individual is 
ineligible, but subsequently determines that the factor causing the 
ineligibility had been resolved, TSA would notify the owner/operator 
under paragraph (b)(3).
    3. Proposed Sec.  1584.203. This section would set out the 
obligations of individuals employed by covered public OTRB owner/
operators who must undergo an STA to serve as a security coordinator.
    Paragraph (a) would provide that an individual must not work as a 
security coordinator for a covered OTRB owner/operator, unless he or 
she successfully completes a Level 3 STA and holds a current DOE. The 
reasons for requiring a Level 3 STA, and the checks that would compose 
this level of vetting are explained above in section II.B.2. of the 
preamble. Paragraph (a) would also specify that the CHRC conducted as 
part of the Level 3 STA would be adjudicated against the list of 
disqualifying crimes in proposed Sec.  1530.503.
    4. Proposed Sec.  1584.205. This section would require the use of 
TSA enrollment centers by individuals required to apply for an STA 
under these proposed regulations. The reasons for this proposed 
requirement is explained above in section II.B.5. of the preamble.
    5. Proposed Sec.  1584.207. As explained above in section II.B.7. 
of the preamble, TSA proposes a phased implementation of the vetting 
requirements proposed in this rule. Under paragraph (a), the vetting 
requirements for primary and alternate security coordinators would 
become effective 6 months from the publication date of the final rule. 
We invite comment from employers and workers on these proposed 
effective dates. Specifically, TSA is interested in the time employers 
anticipate it will take to prepare for the effective dates, how many 
employees fall into each category, and whether the number of employees 
can be vetted within the allotted time.

V. Regulatory Analyses

A. Paperwork Reduction Act

    The Paperwork Reduction Act of 1995 (PRA) (44 U.S.C. 3501. et seq.) 
requires that TSA consider the impact of paperwork and other 
information collection burdens imposed on the public and, under the 
provisions of 44 U.S.C. 3507(d), obtain approval from the OMB for each 
collection of information it conducts, sponsors, or requires through 
regulations.
    Under existing OMB Control No. 1652-0051, OMB has approved a 
related information collection request for contact information of 
freight railroad carriers, passenger railroad carriers, and rail 
transit systems primary security coordinators and alternate security 
coordinators, as well as reporting significant security concerns by 
freight railroad carriers, passenger railroad carriers, and rail 
transit systems. Under the provisions of the proposed rule, the 
affected freight rail and PTPR entities would be required to modify or 
amend how they would perform their collection of the additional 
information required to complete STAs. The additional information 
collection requirement from the proposed rule relates to information 
that affected freight rail and PTPR employees would submit during STA 
enrollments, PDI appeals, and PDI waivers. These requirements would be 
added to the existing collection with OMB control number 1652-0051.
Revisions to OMB Control Number 1652-0051
    This proposed rule contains new information collection activities 
subject to the PRA. The proposed rule would require OTRB security 
coordinators submit personal information during STA enrollments, PDI 
appeals, and PDI waivers. Accordingly, DHS and TSA invite the general 
public to comment on the impact to the proposed collection of 
information. In accordance with the PRA, the information collection 
notice is published in the Federal Register to obtain comments 
regarding the proposed edits to the information collection instrument. 
Comments are encouraged and will be accepted for 90 days from the 
publication date of the proposed rule. All submissions should include 
the OMB Control Number 1652-0051 in the body of the letter and the 
agency name. To avoid duplicate submissions, please use only one of the 
methods under the ADDRESSES and I. Public Participation section of this 
rule to submit comments. Therefore, in preparation for OMB review and 
approval of the following information collection, TSA is soliciting 
comments to:
    (1) Evaluate whether the collection of information is necessary for 
the proper performance of the functions of the agency, including 
whether the information will have practical utility;
    (2) Evaluate the accuracy of the agency's estimate of the burden of 
the collection of information, including the validity of the 
methodology and assumptions used;
    (3) Enhance the quality, utility, and clarity of the information to 
be collected; and
    (4) Minimize the burden of the collection of information on those 
who are to respond, including through the use of appropriate automated, 
electronic, mechanical, or other technological collection techniques or 
other forms of IT (e.g., permitting electronic submission of 
responses).
    Title: TSA Security Vetting of Certain Surface Transportation 
Workers.
    Summary: This proposed rule would require the following information 
collections:
    First, owner/operators identified in 49 CFR 1580.303, 1582.203, and 
1584.203 would be required to vet certain workers using security threat 
assessments (STAs) and for TSA to conduct the STAs. The proposed rule 
would establish the following three risk-based levels of STAs for 
different employee populations:
     Level 1 STA: Terrorism check and other analyses (including 
a check against the Terrorist Screening Database among other 
databases);
     Level 2 STA: Terrorism check and other analyses and 
immigration check; and
     Level 3 STA: Terrorism check and other analyses, 
immigration check, and criminal history record check (CHRC).
    For certain freight rail and public transportation and passenger 
railroad (PTPR) owner/operators, the proposed rule would require 
security-sensitive employees and security coordinators to undergo a 
Level 2 STA and Level 3

[[Page 33498]]

STA, respectively. For certain over-the-road-bus (OTRB) owner/
operators, the proposed rule would require only security coordinators 
to undergo a Level 3 STA. OTRB security-sensitive employees would not 
be required to undergo an STA under the proposed rule. The proposed 
rule would establish fees to be collected from security-sensitive 
employees and security coordinators undergoing an STA to recover TSA's 
vetting costs as required by law.\60\
---------------------------------------------------------------------------

    \60\ TSA is statutorily required to fund the STA process through 
user fees (see 6 U.S.C. 469).
---------------------------------------------------------------------------

    The proposed rule also sets out the standards for the adjudication 
of STAs and redress procedures for STA applicants. The proposed rule 
describes the standards TSA would use to make decisions about the 
eligibility of an STA applicant based on the information obtained from 
the STA check and the procedures TSA would follow when an STA applicant 
does not appear to meet, or may no longer meet, the proposed STA 
standards. When the latter occurs, TSA would notify the owner and/or 
operator that the individual is no longer eligible for the position, 
and notify the STA applicant or STA holder about the potentially 
disqualifying factors in a Preliminary Determination of Ineligibility 
(PDI) or Preliminary Determination of Ineligibility with Immediate 
Revocation (PDIIR). TSA would also issue a Final Determination of 
Ineligibility (FDI) if the applicant fails to request an appeal or 
waiver of the PDI or PDIIR within the required time frame, or TSA 
denies the appeal or waiver. For STA applicants who receive either a 
PDI, PDIIR, or FDI, the proposed rule sets out redress procedures. 
These proposed redress procedures are substantively the same as the 
current redress provisions codified in part 1515 that apply to 
individuals who are required to undergo an STA for the Transportation 
Worker Identification Credential (TWIC), Hazardous Material Endorsement 
(HME), and certain air cargo programs.\61\
---------------------------------------------------------------------------

    \61\ For a full discussion of the development of the original 
provisions in 49 CFR part 1515, see Transportation Worker 
Identification Credential (TWIC) Implementation in the Maritime 
Sector; Hazardous Materials Endorsement for a Commercial Driver's 
License final rule, 72 FR 3492 (Jan. 25, 2007).
---------------------------------------------------------------------------

    This proposed rule would also require that owner/operators not 
authorize or permit an individual to serve as a security-sensitive 
employee, in the case of freight rail and PTPR, or a security 
coordinator for all three modes, unless the owner/operator verifies 
with TSA that the individual has successfully completed a Level 2 STA 
or Level 3 STA, respectively, and holds a current determination of 
eligibility (DOE) as described in the proposed rule. The owner/
operators would also be required to retain records, in a form and 
manner authorized by TSA and for the period specified in the proposed 
rule, and make the records available to TSA when requested during 
inspection.
    Use of: This information would be used to support implementation of 
the proposed rule, which requires completing a name-based security 
background check against the consolidated terrorist watchlist and an 
immigration check in the United States for all freight rail and PTPR 
security-sensitive employees; and those same two checks in addition to 
a CHRC for all security coordinators of freight rail, PTPR, and OTRB 
owner/operators. A redress process is required by the 9/11 Act to 
address due process. The proposed rule requires owner/operators to file 
and maintain records of STAs for all affected employees.
    Respondents: The likely respondents to this information collection 
are affected employees of the owners and/or operators of covered 
surface modes, who are estimated to be approximately 355,730 over the 
next 3 years. TSA estimates the average annual number of respondents to 
be 118,457 over the same period, and the average annual number of 
responses to be 308,198.\62\
---------------------------------------------------------------------------

    \62\ The number of responses by affected individuals/entities 
include number of enrollments including comparable STAs, appeals, 
waivers, records, contact information updates, and customer 
satisfaction surveys processed.
---------------------------------------------------------------------------

    Frequency: Once the rule has been implemented, TSA estimates that 
STA enrollments and the corresponding recordkeeping would occur 
whenever vetting of an employee or security coordinator is required due 
to the hiring of new personnel, promotions into affected positions, and 
staff turnover. The initial implementation of the proposed rule would 
require all security-sensitive employees and security coordinators to 
obtain a DOE in order to continue performing in their roles, which--
along with the 5-year renewal requirement--would establish a pattern of 
enrollment/renewal spikes every 5 years. The redress process frequency 
will follow the pattern of STA enrollments with a lag of a few weeks 
due to processing times. Each stage in the redress process would occur 
whenever an appeal is filed after a negative determination has been 
issued. STA enrollment satisfaction surveys would occur annually and 
individuals' contact information would occur on a periodic basis.
    Annual Burden Estimate: The average annual time burden for STA 
Enrollments, PDI Appeals, PDI Waivers, STA Recordkeeping, and STA 
Satisfaction Survey is expected to reach an annual average of 181,345 
hours over the first 3 years. Table 12 displays the number of 
respondents for STA Enrollments, PDI Appeals, PDI Waivers, 
Recordkeeping, Contact Information Updates, and STA Customer 
Satisfaction Survey for Freight Rail, PTPR, and OTRB entities.

                                                              Table 12--PRA Burden Estimate
--------------------------------------------------------------------------------------------------------------------------------------------------------
                        Collections                                             Number of responses                                            Average
-----------------------------------------------------------   Time per  ----------------------------------  3-Year total      3-Year time    annual time
                                                              response                                        responses     burden (hours)      burden
           Industry                  STA Enrollments          (hours)      Year 1     Year 2     Year 3                                        (hours)
--------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                      a          b          c           d             e =         f = a x e    g = f / 3
                                                                                                             [Sigma]b,c,d
--------------------------------------------------------------------------------------------------------------------------------------------------------
Freight Rail.................  SSEs.......................         1.43    114,828      4,593       4,543         123,964           177,195       59,065
                               SCs........................         1.51        444         22          22             488               738          246
                               Comparable STA SSEs........         0.17      7,408        296         293           7,997             1,333          444
                               Comparable STA SCs.........         0.17        453         22          22             497                83           28
FRSR.........................  SCs........................         1.51        233         20          20             274               414          138
                               Comparable SCs.............         0.17        262         22          23             308                51           17
PTPR.........................  SSEs.......................         1.43    178,760     20,728      20,788         220,276           314,865      104,955
                               SCs........................         1.51        121         16          16             154               233           78
                               Comparable STA SSEs........         0.17        578         67          67             712               119           40
                               Comparable STA SCs.........         0.17        109         14          15             138                23            8
OTRB.........................  SCs........................         1.51        155         21          21             197               298           99

[[Page 33499]]

 
                               Comparable SCs.............         0.17        289         39          40             367                61           20
--------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                       PDI Appeals
--------------------------------------------------------------------------------------------------------------------------------------------------------
Freight Rail.................  SSEs.......................         0.63        342         14          14             369               231           77
                               SCs........................  ...........          6          0           0               7                 4            1
FRSR.........................  SCs........................  ...........          3          0           0               4                 2            1
PTPR.........................  SSEs.......................  ...........        533         62          62             656               410          137
                               SCs........................  ...........          2          0           0               2                 1            0
OTRB.........................  SCs........................  ...........          2          0           0               3                 2            1
--------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                       PDI Waivers
--------------------------------------------------------------------------------------------------------------------------------------------------------
Freight Rail.................  SCs........................         4.13        1.1        0.1         0.1               1                 5            2
FRSS.........................  SCs........................  ...........        0.6        0.0         0.0               1                 3            1
PTPR.........................  SCs........................  ...........        0.3        0.0         0.0               0                 2            1
OTRB.........................  SCs........................  ...........        0.4        0.0         0.1               0                 2            1
--------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                      Recordkeeping
--------------------------------------------------------------------------------------------------------------------------------------------------------
Freight Rail.................  SSEs.......................         0.08    122,236      4,889       4,836         131,961            10,997        3,666
                               SCs........................  ...........        897         44          44             984                82           27
FRSR.........................  SCs........................  ...........        496         42          43             581                48           16
PTPR.........................  SSEs.......................  ...........    179,337     20,795      20,856         220,987            18,416        6,139
                               SCs........................  ...........        230         30          31             292                24            8
OTRB.........................  SCs........................  ...........        444         60          61             564                47           16
--------------------------------------------------------------------------------------------------------------------------------------------------------
                                                               Contact Information Updates
--------------------------------------------------------------------------------------------------------------------------------------------------------
Freight Rail.................  SSEs.......................         0.09     12,369     12,233      12,098          36,700             3,303        1,101
                               SCs........................  ...........         91         92          92             275                25            8
FRSR.........................  SCs........................  ...........         50         51          52             153                14            5
PTPR.........................  SSEs.......................  ...........     18,147     18,200      18,254          54,600             4,914        1,638
                               SCs........................  ...........         23         24          24              71                 6            2
OTRB.........................  SCs........................  ...........         45         46          47             137                12            4
--------------------------------------------------------------------------------------------------------------------------------------------------------
                                                            STA Customer Satisfaction Survey
--------------------------------------------------------------------------------------------------------------------------------------------------------
Freight Rail.................  SSEs.......................         0.08     40,190      1,608       1,590          43,387             3,616        1,205
                               SCs........................  ...........        156          8           8             171                14            5
FRSR.........................  SCs........................  ...........         82          7           7              96                 8            3
PTPR.........................  SSEs.......................  ...........     62,566      7,255       7,276          77,097             6,425        2,142
                               SCs........................  ...........         42          6           6              54                 4            1
OTRB.........................  SCs........................  ...........         54          7           7              69                 6            2
                                                           ---------------------------------------------------------------------------------------------
    Total....................  ...........................  ...........    741,985     91,331      91,278         924,594           544,035      181,345
--------------------------------------------------------------------------------------------------------------------------------------------------------
Note: Totals may not be exact due to rounding in the table.

B. Economic Impact Analyses

1. Regulatory Impact Analysis Summary
    Changes to Federal regulations must undergo several economic 
analyses. First, Executive Order (E.O.) 12866, Regulatory Planning and 
Review,\63\ as supplemented by E.O. 13563, Improving Regulation and 
Regulatory Review,\64\ directs each Federal agency to propose or adopt 
a regulation only upon a reasoned determination that the benefits of 
the intended regulation justify its costs. Second, the Regulatory 
Flexibility Act of 1980 (RFA) \65\ requires agencies to consider the 
economic impact of regulatory changes on small entities. Third, the 
Trade Agreement Act of 1979 \66\ prohibits agencies from setting 
standards that create unnecessary obstacles to the foreign commerce of 
the United States. Fourth, the Unfunded Mandates Reform Act of 1995 
\67\ (UMRA) requires agencies to prepare a written assessment of the 
costs, benefits, and other effects of proposed or final rulemakings 
that include a Federal mandate likely to result in the expenditure by 
State, local, or tribal governments, in the aggregate, or by the 
private sector, of $100 million or more annually (adjusted for 
inflation).
---------------------------------------------------------------------------

    \63\ 58 FR 51735 (Oct. 4, 1993).
    \64\ 76 FR 3821 (Jan. 21, 2011).
    \65\ Public Law 96-354 (94 Stat. 1164; Sept. 19, 1980) (codified 
at 5 U.S.C. 601 et seq., as amended by the Small Business Regulatory 
Enforcement Fairness Act of 1996 (SBREFA)).
    \66\ Public Law 96-39 (93 Stat. 144; July 26, 1979) (codified at 
19 U.S.C. 2531-2533).
    \67\ Public Law 104-4 (109 Stat. 66; Mar. 22, 1995) (codified at 
2 U.S.C. 1181-1538).
---------------------------------------------------------------------------

2. Executive Orders 12866 and 13563 Assessments
    Under the requirements of E.O.s 12866 and 13563, agencies must 
assess the costs and benefits of available regulatory alternatives and, 
if regulation is necessary, select regulatory approaches that maximize 
net benefits (including potential economic, environmental, public 
health and safety effects, distributive impacts, and equity). These 
requirements were supplemented by E.O. 13563, which emphasizes the 
importance of quantifying both costs and benefits, of reducing costs, 
of harmonizing rules, and of promoting flexibility.
    In accordance with E.O. 12866, TSA has submitted the proposal to 
the Office of Management and Budget (OMB), which has determined that 
this

[[Page 33500]]

proposed rule is a significant regulatory action within the meaning of 
E.O. 12866, although not economically significant as the rule will not 
result in an effect on the economy of $100 million or more in any year 
of the analysis.
    In conducting these analyses:
    1. TSA prepared an Initial Regulatory Flexibility Analysis (IRFA), 
which estimates that this rulemaking would likely have a regulatory 
cost that exceeds one percent of revenue for one small entity--one 
freight rail owner/operator--of the 372 small entities that TSA found 
would be impacted by the NPRM.
    2. This rulemaking would not constitute a barrier to international 
trade.
    3. This rulemaking is not likely to result in the expenditure by 
State, local, or tribal governments, in the aggregate, or by the 
private sector, of $100 million or more annually (adjusted for 
inflation).
    TSA has prepared an analysis of its estimated costs and benefits, 
summarized in the following paragraphs, and in the OMB Circular A-4 
Accounting Statement. When estimating the cost of a rulemaking, 
agencies typically estimate future expected costs imposed by a 
regulation over a period of analysis. For this rulemaking's period of 
analysis, TSA uses a 10-year period of analysis to estimate the initial 
and recurring costs to the regulated surface mode owner/operators and 
new owner/operators that are expected due to industry growth. As 
discussed above, the 9/11 Act requires TSA to conduct the vetting we 
propose in this NPRM for security-sensitive workers of rail and public 
transportation workers. For security coordinators, the 9/11 Act 
requires TSA to ensure U.S. citizenship or conduct an appropriate STA 
in place of the citizenship requirement. For these workers, TSA is 
proposing a Level 3 STA rather than U.S. citizenship. The 9/11 Act does 
not require a Level 3 STA for these workers, but gives TSA the 
discretion to determine which STA is appropriate. TSA is using that 
discretion to propose a Level 3 STA for security coordinators due to 
the access to security and personally identifiable information security 
coordinators have.
    TSA summarizes the costs of the proposed rule to be borne by four 
types of parties: freight rail owner/operators, PTPR owner/operators, 
OTRB owner/operators, and TSA. As displayed in Table 13, TSA estimates 
the 10-year total cost of this proposed rule to be $108.99 million 
undiscounted, $98.08 million discounted at 3 percent, and $86.58 
million discounted at 7 percent. The costs to industry (all three 
surface modes) comprise approximately 98.3 percent of the total costs 
of the rule; and the remaining costs are incurred by TSA. See Table 13 
below.

                                                   Table 13--Total Cost of the Proposed Rule by Entity
                                                                      [$ Thousands]
--------------------------------------------------------------------------------------------------------------------------------------------------------
                                                 Cost by regulated industry                                            Total proposed rule cost
                                         ------------------------------------------    Total                 -------------------------------------------
                                                                                     regulated                              f = [Sigma]d,e
                  Year                                                               industries    TSA cost  -------------------------------------------
                                           Freight rail       PTPR         OTRB         cost                                   Discounted    Discounted
                                                                                                               Undiscounted       at 3%         at 7%
--------------------------------------------------------------------------------------------------------------------------------------------------------
                                                       a            b            c          d =            e
                                                                                    [Sigma]a,b,
                                                                                              c
--------------------------------------------------------------------------------------------------------------------------------------------------------
1.......................................         $22,355      $28,768         $532      $51,656         $174         $51,830       $50,320       $48,439
2.......................................           1,040        3,393           57        4,489          176           4,665         4,397         4,074
3.......................................           1,032        3,403           58        4,493          177           4,670         4,274         3,812
4.......................................           1,025        3,414           59        4,498          179           4,676         4,155         3,568
5.......................................           1,018        3,425           60        4,502          181           4,683         4,039         3,339
6.......................................           6,759        9,015          116       15,890          182          16,072        13,460        10,709
7.......................................           1,241        4,094           70        5,404          184           5,588         4,544         3,480
8.......................................           1,232        4,107           71        5,410          186           5,595         4,417         3,257
9.......................................           1,223        4,120           72        5,415          187           5,603         4,294         3,047
10......................................           1,215        4,133           74        5,421          189           5,610         4,174         2,852
                                         ---------------------------------------------------------------------------------------------------------------
    Total...............................          38,139       67,871        1,168      107,178        1,814         108,993        98,075        86,578
                                         ---------------------------------------------------------------------------------------------------------------
    Annualized..........................  ..............  ...........  ...........  ...........  ...........  ..............        11,497        12,327
--------------------------------------------------------------------------------------------------------------------------------------------------------
Note: Totals may not add due to rounding.

    TSA estimates the 10-year costs to the freight railroad (including 
freight rail shippers and receivers) industry to be $38.14 million 
undiscounted, $34.90 million discounted at 3 percent, and $31.43 
million discounted at 7 percent, as displayed by cost categories in 
Table 14.\68\
---------------------------------------------------------------------------

    \68\ Costs include STA fees, time and travel burdens, redress 
procedures for applicable individuals, employer replacement, hiring, 
and unemployment, recordkeeping, contact information updates, 
employer management policies, regulation familiarization, and 
compliance inspections.

                                                             Table 14--Total Cost of the Proposed Rule to the Freight Rail Industry
                                                                                          [$ Thousands]
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                                                                                  Mngt policies,              Total freight rail cost
                                                                           Redress       Repl. &                       Contact      familiar &   -----------------------------------------------
                          Year                              STA cost       process     unemploym.    Recordkeeping   info update    compliance                g = [Sigma]a,b,c,d,e,f
                                                                             cost         cost            cost           cost       inspection   -----------------------------------------------
                                                                                                                                       cost           Undisc.       Disc. at 3%     Disc. at 7%
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                      a            b             c                d            e               f
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
1......................................................         $19,449         $551          $419             $393          $56          $1,487         $22,355         $21,704         $20,893
2......................................................             782           22            17               16           55             148           1,040             980             908
3......................................................             774           22            17               16           55             149           1,032             945             843

[[Page 33501]]

 
4......................................................             766           22            17               15           54             151           1,025             911             782
5......................................................             757           22            17               15           53             152           1,018             878             726
6......................................................           5,442          447           345              319           53             154           6,759           5,661           4,504
7......................................................             930           39            37               27           52             156           1,241           1,009             773
8......................................................             920           38            37               27           52             157           1,232             973             717
9......................................................             911           38            38               27           51             159           1,223             937             665
10.....................................................             901           37            38               26           51             161           1,215             904             617
                                                        ----------------------------------------------------------------------------------------------------------------------------------------
    Total..............................................          31,632        1,237           983              881          532           2,874          38,139          34,900          31,427
                                                        ----------------------------------------------------------------------------------------------------------------------------------------
    Annualized.........................................  ..............  ...........  ............  ...............  ...........  ..............  ..............           4,091           4,474
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Note: Totals may not add due to rounding.

    TSA estimates the 10-year costs to the PTPR industry to be $67.87 
million undiscounted, $60.58 million discounted at 3 percent, and 
$52.96 million discounted at 7 percent, as displayed by cost categories 
in Table 15.

                                                                 Table 15--Total Cost of the Proposed Rule to the PTPR Industry
                                                                                          [$ Thousands]
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                                                                                  Mngt policies,                    Total cost
                                                                           Redress       Repl. &                       Contact      familiar &   -----------------------------------------------
                          Year                              STA cost       process     unemploym.    Recordkeeping   info update    compliance                g = [Sigma]a,b,c,d,e,f
                                                                             cost         cost            cost           cost       inspection   -----------------------------------------------
                                                                                                                                       cost           Undisc.       Disc. at 3%     Disc. at 7%
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                      a            b             c                d            e               f
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
1......................................................         $26,987         $749           $74             $583          $64            $311         $28,768         $27,930         $26,886
2......................................................           3,130           87             7               68           64              38           3,393           3,198           2,963
3......................................................           3,139           87             7               68           64              38           3,403           3,115           2,778
4......................................................           3,148           87             7               68           64              39           3,414           3,033           2,605
5......................................................           3,158           88             7               68           65              39           3,425           2,954           2,442
6......................................................           7,974          499            48              389           65              40           9,015           7,550           6,007
7......................................................           3,734          136            13              106           65              40           4,094           3,329           2,550
8......................................................           3,745          136            13              106           65              41           4,107           3,242           2,390
9......................................................           3,756          137            13              106           65              42           4,120           3,157           2,241
10.....................................................           3,767          137            14              107           66              42           4,133           3,075           2,101
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
    Total..............................................          62,538        2,144           205            1,668          647             669          67,871          60,584          52,963
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
    Annualized.........................................  ..............  ...........  ............  ...............  ...........  ..............  ..............           7,102           7,541
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Note: Totals may not add due to rounding.

    TSA estimates the 10-year costs to the OTRB industry to be $1.17 
million undiscounted, $1.05 million discounted at 3 percent, and $0.92 
million discounted at 7 percent, as displayed by cost categories in 
Table 16.

                                                                 Table 16--Total Cost of the Proposed Rule to the OTRB Industry
                                                                                          [$ Thousands]
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                                                                                  Mngt policies,                    Total cost
                                                                           Redress       Repl. &                       Contact      familiar &   -----------------------------------------------
                          Year                              STA cost       process     unemploym.    Recordkeeping   info update    compliance                g = [Sigma]a,b,c,d,e,f
                                                                             cost         cost            cost           cost       inspection   -----------------------------------------------
                                                                                                                                       cost           Undisc.       Disc. at 3%     Disc. at 7%
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                      a            b             c                d            e               f
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
1......................................................             $46           $3           $76             $1.0         $0.3            $405            $532            $517            $497
2......................................................               6            0             7              0.1          0.3              43              57              53              49
3......................................................               6            0             7              0.1          0.3              43              58              53              47
4......................................................               6            0             7              0.1          0.3              44              59              52              45
5......................................................               7            0             7              0.1          0.3              45              60              52              43
6......................................................              18            2            49              0.7          0.3              46             116              97              77
7......................................................               8            1            13              0.2          0.3              47              70              57              43
8......................................................               8            1            13              0.2          0.3              48              71              56              41

[[Page 33502]]

 
9......................................................               9            1            14              0.2          0.3              49              72              55              39
10.....................................................               9            1            14              0.2          0.3              50              74              55              37
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
    Total..............................................             124           10           208              3.2          3.1             820           1,168           1,047             920
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
    Annualized.........................................  ..............  ...........  ............  ...............  ...........  ..............  ..............             123             131
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Note: Totals may not add due to rounding.

    TSA estimates the 10-year costs to TSA to be $1.81 million 
undiscounted, $1.54 million discounted at 3 percent, and $1.27 million 
discounted at 7 percent, as displayed by cost categories in Table 17.

                                Table 17--Total Cost of the Proposed Rule to TSA
                                                  [$ Thousands]
----------------------------------------------------------------------------------------------------------------
                                              Compliance        TSA total cost (compliance inspection cost)
                    Year                      inspection -------------------------------------------------------
                                                 cost      Undiscounted    Discounted at 3%    Discounted at 7%
----------------------------------------------------------------------------------------------------------------
1..........................................         $174            $174                $169                $163
2..........................................          176             176                 166                 153
3..........................................          177             177                 162                 145
4..........................................          179             179                 159                 136
5..........................................          181             181                 156                 129
6..........................................          182             182                 153                 121
7..........................................          184             184                 150                 115
8..........................................          186             186                 147                 108
9..........................................          187             187                 144                 102
10.........................................          189             189                 141                  96
                                            --------------------------------------------------------------------
    Total..................................        1,814           1,814               1,544               1,268
                                            --------------------------------------------------------------------
    Annualized.............................  ...........  ..............                 181                 181
----------------------------------------------------------------------------------------------------------------

    The proposed rule would enhance surface transportation security by 
reducing vulnerability to attacks perpetrated by insiders. 
Specifically, the proposed rule would subject individuals that 
currently work, or that in the future will work (applicants), at 
covered entities to pass an STA, administered by TSA. The introduction 
of an STA requirement allows TSA to confirm the individual's identity 
and determine from background information whether he or she poses or 
may pose a threat to transportation security or national security, or 
of terrorism. Absent the STA requirement, individuals who may pose a 
threat would continue to work in their respective positions. This is 
particularly relevant for individuals that perform the functions of a 
security coordinator or security-sensitive employee. Once an individual 
has completed the STA process and receives a favorable STA, they are 
then required to maintain a DOE during the entire span of their tenure 
as a security-sensitive employee or a security coordinator. This will 
help ensure that only individuals that do not pose a threat will be 
eligible to continue their employment at covered entities while 
limiting those with an unfavorable STA from using their employment to 
carry out a nefarious act. Covered entities would also be required to 
maintain records on employee STAs and make them available to TSA upon 
request. This requirement increases the robustness of the program by 
encouraging covered entities to be in compliance with the requirements 
and providing a mechanism for TSA to assess that compliance. Higher 
levels of compliance increase the benefits associated with STAs by 
virtue of their increased use. While security vetting is not an 
absolute deterrent for terrorists intent on carrying out attacks on 
surface modes of transportation, TSA expects the probability of success 
for such attacks to decrease if security coordinators and security-
sensitive employees within these transportation modes are vetted under 
the proposed rule.
    TSA uses a break-even analysis to frame the relationship between 
the potential benefits of the proposed rule and the costs of 
implementing the rule. When it is not possible to quantify or monetize 
a majority of the incremental benefits of a regulation, OMB recommends 
conducting a threshold, or ``break-even'' analysis. According to OMB 
Circular No. A-4, ``Regulatory Analysis,'' such an analysis answers the 
question ``How small could the value of the non-qualified benefits be 
(or how large would the value of the non-quantified costs need to be) 
before the rule would yield zero net benefits?'' \69\ To conduct the 
break-even analysis,

[[Page 33503]]

TSA evaluates composite scenarios for each of the three modes covered 
by the proposed rule. For each mode, the composite scenario represents 
the potential monetized losses associated with the deaths, injuries, as 
well as property damage and remediation caused by a terrorist attack on 
the corresponding transportation mode. TSA estimates a total monetary 
consequence from an estimated statistical value of the human casualties 
and capital replacement resulting from the attack.\70\
---------------------------------------------------------------------------

    \69\ OMB, ``Circular A-4: Regulatory Analysis'', Section B. The 
Need for Federal Regulatory Action. September 17, 2003. pg. 2.
    \70\ See Section 4.4 of the TSA Security Vetting of Certain 
Surface Transportation Workers Preliminary Regulatory Impact 
Analysis (RIA) for a more detailed description of these 
calculations; however, many assumptions regarding specific terrorist 
attacks scenarios are Sensitive Security Information (SSI) and 
cannot be publicly released.
---------------------------------------------------------------------------

    Table 18 presents the composite or weighted average of direct 
consequences from an attack executed on each mode.
[GRAPHIC] [TIFF OMITTED] TP23MY23.021

    TSA compared the estimated direct monetary costs from an attack to 
the annualized cost (discounted at 7 percent) to industry and TSA from 
the proposed rule for each mode to estimate how often an attack of that 
nature would need to be averted for the expected benefits to equal 
estimated costs. Table 19 presents the results of the break-even 
analysis for each mode.\73\ For example, Table 19 shows that if the 
freight rail vetting requirements in this rule prevents one freight 
rail terrorist attack every 129 years,\74\ the freight rail provisions 
of this rule ``break-even'' (the benefits equal the costs). These 
breakeven frequencies are once every 129 years for freight rail, once 
every 78 years for PTPR, and once every 238 years for OTRB.
---------------------------------------------------------------------------

    \71\ As explained in the RIA in the docket, to monetize 
injuries, TSA used two approaches (depending on whether the injury 
was due to exposure to hazardous chemicals). To monetize ``non-
chemical'' injuries, TSA uses guidance from the Department of 
Transportation for valuing injuries based on the Abbreviated Injury 
Scale. To monetize chemical-related injuries, TSA obtained 
information on the cost of medical treatment for poisoning injuries.
    \72\ Total Direct Consequences = (Deaths x $11.6 million VSL) + 
(Severe injuries x $3.085 million) + (Moderate injuries x $0.545 
million) + (Severe chemical injuries x $49,769) + (Moderate chemical 
injuries x $1.715) + Public property loss + Private property loss + 
Rescue and clean-up cost.
    \73\ The total cost for each mode includes the TSA costs 
associated with it.
    \74\ TSA divided the total direct consequences of each composite 
scenario by the annualized cost for its respective mode to estimate 
the frequency of terrorist attacks the proposed rule would need to 
avert for its costs to equal its benefits.

                                          Table 19--Break-Even Results
                                                  [$ Thousands]
----------------------------------------------------------------------------------------------------------------
                                 Weighted average direct    Annualized cost of      Break-even averted  attack
             Modes                  costs of an attack       the proposed rule              frequency
                                                        a                     b  c = a / b
----------------------------------------------------------------------------------------------------------------
Freight Rail..................                   $589,298                $4,572  Once every 129 years.
PTPR..........................                    588,148                 7,587  Once every 78 years.
OTRB..........................                     39,771                   167  Once every 238 years.
----------------------------------------------------------------------------------------------------------------

    In the break-even analysis, TSA only considers the estimated direct 
costs: direct economic losses of the attack scenarios that would be 
averted as a result of the proposed rule. The break-even analysis does 
not include the difficult-to-quantify indirect costs of an attack or 
the macroeconomic impacts that could occur due to a major attack. In 
addition to the direct impacts of a terrorist attack in terms of lost 
life and property, there are other more indirect impacts that are 
difficult to measure. As noted by Cass Sunstein in Laws of Fear, ``. . 
. fear is a real social cost, and it is likely to lead to other social 
costs.'' In addition, Ackerman and Heinzerling state ``. . . terrorism 
`works' through the fear and demoralization caused by uncontrollable 
uncertainty.'' As devastating as the direct impacts of a successful 
terrorist attack can be in terms of the immediate loss of life and 
property, avoiding the impacts of the

[[Page 33504]]

more difficult to measure indirect effects are also substantial 
benefits of preventing a terrorist attack. Because the analysis only 
accounts for a portion of the full impacts of the terrorist attack 
scenarios, it is likely that the costs associated with the attack 
scenarios, and therefore the cost savings or benefits from vetting 
security-sensitive employees, are underestimated in this analysis.
3. OMB A-4 Statement
    The OMB A-4 Accounting Statement presents annualized costs and 
qualitative benefits of the proposed rule.

                                                         Table 20--OMB A-4 Accounting Statement
                                                                      [$ Millions]
--------------------------------------------------------------------------------------------------------------------------------------------------------
                                                          Estimates                             Units
                                            ------------------------------------------------------------------------
                  Category                                                                                 Period                   Notes
                                               Primary       Low        High        Year      Discount     covered
                                                                                   dollar     rate (%)     (years)
--------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                        Benefits
--------------------------------------------------------------------------------------------------------------------------------------------------------
Annualized Monetized ($ millions/year).....         N/A         N/A         N/A         N/A           7         N/A  Not Quantified.
                                                    N/A         N/A         N/A         N/A           3         N/A
Annualized Quantified......................         N/A         N/A         N/A         N/A           7         N/A  Not Quantified.
                                                    N/A         N/A         N/A         N/A           3         N/A
                                            ------------------------------------------------------------------------------------------------------------
Qualitative................................  The requirements proposed in this rule, if finalized, would produce
                                             benefits by reducing security risks through STAs of security-sensitive
                                             employees and security coordinators of affected surface transportation
                                             modes to identify and/or mitigate potential insider threats.
--------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                          Costs
--------------------------------------------------------------------------------------------------------------------------------------------------------
Annualized Monetized ($ millions/year).....      $12.33         N/A         N/A        2020           7          10  NPRM RIA.
                                                 $11.50         N/A         N/A        2020           3          10
Annualized Quantified......................         N/A         N/A         N/A         N/A           7         N/A  Not Quantified.
                                                    N/A         N/A         N/A         N/A           3         N/A
                                            ------------------------------------------------------------------------------------------------------------
Qualitative................................  Not estimated
--------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                        Transfers
--------------------------------------------------------------------------------------------------------------------------------------------------------
Annualized Monetized Transfers: Employer          $0.10         N/A         N/A        2020           7         N/A  NPRM RIA.
 compensation transfers ($ millions/year).        $0.10         N/A         N/A        2020           3         N/A
--------------------------------------------------------------------------------------------------------------------------------------------------------
From/To:                                     From:
                                             Displaced Employees
                                             To:                     Replacemen
                                                                       t Labor.
--------------------------------------------------------------------------------------------------------------------------------------------------------
Annualized Monetized Transfers:                   $0.02         N/A         N/A        2020           7         N/A  NPRM RIA.
 Unemployment transfer payment to employees       $0.01         N/A         N/A        2020           3         N/A
 ($ millions/year).
--------------------------------------------------------------------------------------------------------------------------------------------------------
From/To:                                     From:
                                             States
                                             To:                      Displaced
                                                                     Employees.
--------------------------------------------------------------------------------------------------------------------------------------------------------
Annualized Monetized Transfers: A reduction       $0.01         N/A         N/A        2020           7         N/A  NPRM RIA.
 in employment taxes transfer payments ($         $0.01         N/A         N/A        2020           3         N/A
 millions/year).
--------------------------------------------------------------------------------------------------------------------------------------------------------
From/To:                                     From:
                                             Employees and
                                             Displaced Employees
                                             To:                        Federal
                                                                     Government
                                                                              .
--------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                         Effects
--------------------------------------------------------------------------------------------------------------------------------------------------------
State, Local, and/or Tribal Government.....  None                                                                    ...................................
Small Business.............................  Prepared IRFA                                                           NPRM IRFA.
Wages......................................  None
Growth.....................................  Not measured
--------------------------------------------------------------------------------------------------------------------------------------------------------

4. Alternatives Considered
    In addition to the proposed rule, TSA also considered three 
alternative regulatory options. The first alternative (Alternative 1) 
requires OTRB security-sensitive employees to undergo a Level-2 STA. 
Compared to the proposed rule, Alternative 1 would increase the total 
number of STAs performed, but align the OTRB industry with the 
requirements placed upon freight rail and PTPR. Unlike freight rail and 
PTPR, there is no statutory requirement in the 9/11 Act to perform STAs 
on OTRB security-sensitive employees.\75\ TSA carefully considered 
making Alternative 1 the preferred alternative for this NPRM to ensure 
security-sensitive employees across all three modes undergo an STA, but 
ultimately decided to first seek public comment on the applicability 
used in Alternative 1 that would require OTRB security-sensitive 
employees to undergo a Level-2 STA, and whether that applicability 
should be the preferred alternative in the final rule.
---------------------------------------------------------------------------

    \75\ Note that TSA has broad authority to establish security 
requirements, including STAs for individuals with access to the 
transportation system, under 49 U.S.C. 114.
---------------------------------------------------------------------------

    The second alternative (Alternative 2) represents a lower-cost 
alternative that adjusts certain regulatory requirements while 
complying with the text and purpose of the 9/11 Act. Specifically, 
Alternative 2 would remove the proposed rule's vetting requirement for 
freight rail and OTRB owner/operator security coordinators with U.S. 
citizenship, as well as the vetting requirements for freight rail 
shippers and receivers (FRSR) and PTPR security coordinators. The 9/11 
Act mainly

[[Page 33505]]

requires a ``name-based security background check against the 
consolidated terrorist watchlist and an immigration check'' for 
frontline public transportation employees \76\ and frontline railroad 
employees.77 78 The 9/11 Act also requires an ``individual 
serving as the security coordinator'' for freight rail and OTRBs to be 
``a citizen of the United States,'' except if TSA waives this 
requirement after an appropriate background check of the 
individual.79 80 Therefore, under Alternative 2 security 
coordinators with U.S. citizenship would not need to undergo an 
STA.\81\ A Level 3 STA would be required only of a freight rail and 
OTRB security coordinator who is not a citizen of the United States. 
For those who are vetted under this Alternative, TSA retains the 
proposed rule requirements necessary to sustain the benefits of TSA's 
vetting program including: (1) the 5-year renewal cycle; (2) recurrent 
vetting; (3) STA recordkeeping; (4) contact information updates; and 
(5) compliance inspections. Compared to the proposed rule, the total 
number of affected entities would decrease under Alternative 2, as FRSR 
entities and non-high-risk PTPR agencies would not be impacted by this 
alternative. The number of OTRB owner/operators affected by Alternative 
2 would not change relative to the proposed rule; however, the number 
of security coordinators affected would decrease as only non-US 
citizens would be required to be vetted. By restricting the population 
of affected employees, Alternative 2 would reduce the number of STAs 
performed and would likely limit TSA's ability to identify higher-risk 
individuals seeking access to the transportation infrastructure.
---------------------------------------------------------------------------

    \76\ See sec. 1411, the 9/11 Commission Act, Public Law 110-53, 
(121 Stat. 266, Aug. 3, 2007); codified at 6 U.S.C. 1140.
    \77\ See sec. 1520 of the 9/11 Act.
    \78\ As discussed in greater detail in the preamble of this 
NPRM, TSA uses ``security-sensitive'' in place of ``frontline'' 
employee, to mirror the terminology changes made in the Surface 
Training rulemaking.
    \79\ See sec. 1512, codified at 6 U.S.C. 1162 (freight rail); 
sec. 1531, codified at 6 U.S.C. 1181 (OTRB).
    \80\ As discussed in the NPRM the 9/11 Act does not require a 
specific type of background check that would take the place of 
requiring U.S. citizenship. TSA proposes to require OTRB security 
coordinators to undergo a Level 3 STA, due to the access to security 
and privacy information security coordinators have, and consistent 
with other TSA vetting programs.
    \81\ TSA requires these additional requirements in the proposed 
rule based on its broad authority under 49 U.S.C. 114 (f)(12) with 
regard to transportation security vetting, and TSA also believes 
that a higher level of vetting for security coordinators is 
justified because security coordinators have particularly sensitive 
and important security-related functions.
---------------------------------------------------------------------------

    Under Alternative 3, TSA would offer the option for entities 
affected by the proposed rule to provide STA enrollment services by 
allowing them to train security coordinators who have successfully 
completed a Level 3 STA to serve as ``trusted agents'' and perform the 
enrollment process for security-sensitive employees. Under this 
alternative, owner/operators would train trusted agents to ensure that 
they adhere to minimum enrollment standards for protecting the privacy 
of information, accurately collecting biometric and biographic 
information, performing identity verification, collecting and 
processing TSA's fees correctly, and sending the enrollment data to 
TSA. While this alternative would have the advantage of potentially 
increasing the availability of enrollment locations for STA applicants, 
it would have the disadvantage of increasing costs for affected owner/
operators as they would have to establish and maintain appropriate on-
site enrollment capabilities and costly electronic infrastructure to 
securely connect with TSA's systems. This alternative would increase 
costs for TSA to ensure each entity met information technology and 
legal standards and requirements to conduct their own enrollments. 
Moreover, under this alternative, TSA would have less control over the 
vetting process and enforcement compliance, which may adversely affect 
the vetting process and leave the surface transportation infrastructure 
more vulnerable to an insider threat.
    Table 21 presents a comparison of the costs between the proposed 
rule and the alternatives considered.
---------------------------------------------------------------------------

    \82\ This estimate consists of 457 Class I, II, and III freight 
railroads and 174 freight shippers and receivers.
    \83\ This estimate consists of 23 bus-only PTPR agencies and 92 
rail PTPR agencies (including Amtrak).

                      Table 21--Comparison of Costs Between Proposed Rule and Alternatives
                                         [Discounted at 7%, $ thousands]
----------------------------------------------------------------------------------------------------------------
                                                                                       10-Year costs
                               Initial affected                           --------------------------------------
                                  population                                 Industry       TSA         Total
         Alternative              (number of            Requirements      --------------------------------------
                                   entities)                                                             c =
                                                                                a            b        [Sigma]a,b
----------------------------------------------------------------------------------------------------------------
Proposed Rule...............  631 Freight Rail    (1) Require high-risk        $85,310       $1,268      $86,578
                               Entities,\82\ 115   freight railroad and
                               PTPR                PTPR security-
                               Agencies,\83\ 222   sensitive employees to
                               OTRB Owner/         undergo Level 2 STA;
                               Operators.          (2) Require security
                                                   coordinators to
                                                   undergo Level 3 STA;
                                                   (3) Maintain
                                                   employees' STA
                                                   records; (4) Update
                                                   contact information;
                                                   (5) Allow TSA to
                                                   perform onsite
                                                   inspections; (6) Use
                                                   the redress provisions
                                                   if affected by the
                                                   proposed STAs.
Alternative 1...............  Affected            (1) Require security-        100,938        1,619      102,557
                               population of       sensitive employees,
                               entities is the     including OTRB, to
                               same as the         undergo Level-2 STA;
                               Proposed Rule.      (2) Require security
                                                   coordinators to
                                                   undergo Level 3 STA;
                                                   (3) Maintain
                                                   employees' STA
                                                   records; (4) Update
                                                   contact information,
                                                   (5) Allow TSA to
                                                   perform onsite
                                                   inspections; (6) Use
                                                   of redress provisions
                                                   if found ineligible.
Alternative 2...............  457 Freight Rail    (1) Require high-risk         82,951        1,187       84,138
                               Entities, 48 PTPR   freight railroad and
                               Agencies, 222       PTPR security-
                               OTRB Owner/         sensitive employees to
                               Operators.          undergo Level 2 STA;
                                                   (2) Require freight
                                                   rail and OTRB security
                                                   coordinators without
                                                   U.S. citizenship to
                                                   undergo Level 3 STA;
                                                   (3) Maintain
                                                   employees' STA
                                                   records; (4) Update
                                                   contact information,
                                                   (5) Allow TSA to
                                                   perform onsite
                                                   inspections; (6) Use
                                                   the redress provisions
                                                   if affected by the
                                                   proposed STAs..

[[Page 33506]]

 
Alternative 3...............  Affected            (1) Allow covered             72,690       45,571      118,261
                               population of       entities to train and
                               entities is the     use vetted security
                               same as the         coordinators to serve
                               Proposed Rule.      as trusted agents (2)
                                                   Require freight
                                                   railroad and PTPR
                                                   security-sensitive
                                                   employees to undergo
                                                   Level 2 STA; (3)
                                                   Require security
                                                   coordinators to
                                                   undergo Level 3 STA;
                                                   (4) Maintain
                                                   employees' STA
                                                   records; (5) Update
                                                   contact information;
                                                   (6) Allow TSA to
                                                   perform onsite
                                                   inspections; (7) Use
                                                   the redress provisions
                                                   if affected by the
                                                   proposed STAs.
----------------------------------------------------------------------------------------------------------------

    Although not the least costly option, TSA presents the proposed 
rule as its preferred option. TSA did not select Alternative 1, which 
includes STA requirements for OTRB security-sensitive employees, 
because it first wants to solicit public comment on requiring more than 
is explicitly required in the 9/11 Act for the OTRB security-sensitive 
population. The regulatory impact analysis for this proposed rule 
provides details on the cost estimates for OTRB employees impacted by 
this alternative.
    It is TSA's belief that the proposed rule would mitigate potential 
insider threats more effectively than Alternative 2 because it proposes 
a more stringent level of vetting for security coordinators, given 
their unique roles and critical responsibilities. By removing the STA 
requirements for security coordinators, Alternative 2 would leave a 
critical population that has particularly sensitive and important 
security functions without any STA, which would lead to surface 
transportation modes that are more vulnerable to insider threat. As a 
result, despite the lower cost of Alternative 2, TSA believes the 
additional security in the proposed rule outweighs its additional 
costs.
    Even though Alternative 3 may provide more flexibility, it includes 
additional entity and TSA costs to establish and maintain appropriate 
enrollment capabilities. Based on experience with another vetting 
program that allowed for non-TSA enrollment STAs, TSA estimated the 
potential costs to establish and maintain appropriate enrollment 
capabilities. The RIA includes a description of the costs of this 
alternative, including costs to the regulated entities and TSA. As 
described in the RIA, Alternative 3 would cost approximately $31.68 
million over the proposed rule costs for the 10-year analysis period. 
TSA also strongly prefers to maintain in-house, high-quality, and 
consistent identity verification and application processing, which 
would not be available if Alternative 3 was selected. In contrast, the 
proposed rule would enable the use of TSA enrollment centers where TSA 
personnel would be directly involved in the STA process from the time 
the applicant is accurately identified through the closing of the 
applicant's case.
    TSA did not consider as an alternative to the requirements in the 
proposed rule the adoption of any regulatory regimes that would not 
meaningfully realize the security benefits that Congress intended in 
the 9/11 Act and that in TSA's view are warranted. For instance, TSA is 
aware that one might arguably interpret the 9/11 Act so narrowly as to 
require only (1) a one-time, name-based security background check 
against the consolidated terrorist watchlist and an immigration check 
for freight railroad \84\ and public transportation frontline employees 
\85\ similar to the threat assessment screening program required for 
maritime facility employees and longshoreman; \86\ (2) an adequate 
redress process for covered individuals subjected to an adverse 
employment decision and have the authority to order an appropriate 
remedy; and (3) that individuals serving as a security coordinators for 
freight railroads \87\ and OTRB operator \88\ be citizens of the United 
States or undergo a background check.
---------------------------------------------------------------------------

    \84\ Implementing Recommendations of the 9/11 Commission Act of 
2007, Public Law 110-53, sec. 1520 (Aug. 3, 2007).
    \85\ Implementing Recommendations of the 9/11 Commission Act of 
2007, sec. 1411 (Aug. 3, 2007); codified at 6 U.S.C. 1140.
    \86\ Coast Guard Notice USCG-2006-24189, 71 FR 25066 (Apr. 8, 
2006).
    \87\ Implementing Recommendations of the 9/11 Commission Act of 
2007, Public Law 110-53, sec. 1512 (Aug. 3, 2007).
    \88\ Implementing Recommendations of the 9/11 Commission Act of 
2007, Public Law 110-53, sec. 1531 (Aug. 3, 2007).
---------------------------------------------------------------------------

    Such a proposal would create a security gap, not reflect current 
vetting standards and capabilities, and not provide sufficient means to 
accurately and efficiently administer the program. Therefore, TSA did 
not include this approach as a reasonable alternative. Nonetheless, TSA 
estimates the costs associated with it to freight rail, PTPR, and OTRB 
industries and TSA, over 10 years, as $86.96 million undiscounted, 
$79.62 million discounted at 3 percent, and $71.80 million discounted 
at 7 percent.\89\ The cost estimate includes: a one-time vet, 
accounting for growth and turnover, of high-risk freight rail and PTPR 
frontline employees; a one-time vet, accounting for growth and 
turnover, of freight rail and OTRB security coordinators without U.S. 
citizenship; redress process cost; disqualification, replacement, and 
lost productivity costs to owner/operators for individuals with 
unfavorable STAs; familiarization costs to familiarize owner/operators 
with the requirements of the rulemaking; and new management policies 
and other related administrative task costs associated with adopting 
the rule.
---------------------------------------------------------------------------

    \89\ The cost of such an exceedingly narrow potential 
implementation of the 9/11 Act could be further reduced for industry 
if TSA allowed covered entities to conduct vetting as trusted 
agents, similar to Alternative 3. However, while the cost to 
industry would decrease under this approach, the overall cost of 
this approach would increase because introducing trusted agents and 
private IT systems to the vetting process would result in additional 
costs for TSA to stand-up the program.
---------------------------------------------------------------------------

5. Regulatory Flexibility Assessment
    The Regulatory Flexibility Act (RFA) of 1980 requires agencies to 
consider the impacts of their rules on small entities. TSA performed an 
Initial Regulatory Flexibility Analysis (IRFA) to analyze the impact to 
small entities affected by the proposed rule. See the RIA in the docket 
for the full IRFA. A summary of the RFA is below.
    Under the RFA, the term ``small entities'' comprises small 
businesses, not-for-profit organizations that are independently owned, 
operated, and not dominant in their fields,\90\ as well as

[[Page 33507]]

small governmental jurisdictions with populations of less than 
50,000.\91\ TSA performed an IRFA of the impacts on small entities from 
this proposed rule in the first year of the analysis and found that it 
may affect an estimated 968 U.S. entities (457 corporate-level Class I, 
II, and III freight railroads, 174 corporate-level freight shippers and 
receivers, 115 PTPR agencies, and 222 OTRB owner/operators). Using a 
random sample, TSA found that 59 percent of them would be considered 
small.
---------------------------------------------------------------------------

    \90\ The definition of a small business varies from industry to 
industry to properly reflect the relative differences in size 
between industries. An agency must either use the U.S. Small 
Business Administration (SBA) definition for a small business or 
establish an alternative definition for the industry. TSA has 
adopted the SBA small business size standards for each relevant 
industry.
    \91\ Individuals and States are not considered ``small 
entities'' based on the definitions in the RFA (5 U.S.C. 601).
---------------------------------------------------------------------------

    The proposed rule would require small entities to vet their 
affected security-sensitive employees (except for OTRB owner/operators) 
and security coordinators using STAs, maintain vetting records, update 
employee contact information when applicable, and familiarize 
themselves with the proposed rule, in addition to allowing TSA 
personnel onsite for inspections. A small number of owner/operators may 
incur a cost to dismiss an employee as a result of negative DOE.
    To perform the freight rail IRFA assessment, TSA randomly sampled 
242 Class I, II, and III freight railroads and 156 freight shippers and 
receivers, that would be affected by this proposed rule. TSA uses the 
SBA size standards to identify that 167 freight rail owner/operators 
(of the 242) and 90 freight shippers and receivers (of the 156) 
affected by the final rule are considered a small business. TSA 
estimates that the proposed rule's requirements would cost small 
freight railroads an average of $168 per security-sensitive employee 
(for railroads requirements only) and $2,942 per entity for non-high-
risk freight entities and $3,888 per entity for high-risk freight 
entities.\92\ TSA estimates that the first-year cost of the proposed 
rule would have an impact of less than 1 percent of revenue for 143 of 
all 147 small freight rail entities, or 97 percent. This result is 
based on the assumption that there would be no disqualified employees 
from security vetting. Table 22 presents the likely distribution of 
impact for small freight rail owner/operators.
---------------------------------------------------------------------------

    \92\ First year costs include STA costs such as travel, wait and 
enrollment time, travel costs, and STA fees. The STA costs are not 
required to be paid specifically by the entity, and these costs 
could be incurred by the individual enrolling in the STA. To err on 
the side that makes the potential costs to small entities higher, 
TSA assumed the STA cost would be covered by the employer. Other 
first year costs include recordkeeping and contact information 
updates per STA, as well as the cost of familiarization with the 
proposed rule and inspection compliance, all of which would be paid 
by each entity. Per entity costs include costs for security 
coordinator STAs per entity.

         Table 22--Number of Affected Small Class II and III Freight Railroad Entities by Revenue Impact
----------------------------------------------------------------------------------------------------------------
                                                                   Number of affected     Percentage of affected
                     Revenue impact range                            small entities           small entities
----------------------------------------------------------------------------------------------------------------
0% < Impact <= 1%.............................................                      143                       97
1% < Impact <= 3%.............................................                        4                        3
3% < Impact <= 5%.............................................                        0                        0
5% < Impact <= 10%............................................                        0                        0
Above 10%.....................................................                        0                        0
                                                               -------------------------------------------------
    Total.....................................................                      147                      100
----------------------------------------------------------------------------------------------------------------

    If a freight rail entity had a disqualified security-sensitive 
employee or security coordinator, TSA estimates the entity would incur 
a replacement and lost productivity cost of $35,667 or $67,021, 
respectively.\93\ TSA also performed the a stress test to see if there 
would be a significant impact to small freight rail entities if TSA 
assumes one security coordinator would be disqualified at a cost of 
$67,021, which was added to each entity's first year cost. TSA found 
that under this scenario, 90 small entities, or 62 percent of all 147 
small freight rail entities in the sample, would have an impact greater 
than 1 percent of revenue.\94\
---------------------------------------------------------------------------

    \93\ Because disqualifications based on a terrorism check are 
rare, TSA does not account for them in the IRFA. In addition, as 
discussed in Section 2.6 of the RIA, TSA does not account for the 
replacement costs of employees deemed ineligible based on an 
immigration check because those are not considered costs of this 
proposed rule, but rather costs of the immigration laws. Therefore, 
TSA does not estimate replacement costs for security-sensitive 
employees who would be required to undergo the terrorism and 
immigration checks in their Level-2 STA.
    \94\ Thirty-six freight railroad small entities would have an 
impact between 1 and 3 percent of revenue, 19 small entities would 
have an impact between 3 and 5 percent of revenue, 16 small entities 
would have an impact between 5 and 10 percent of revenue, and 16 
small entities would have an impact over 10 percent of revenue.
---------------------------------------------------------------------------

    For small freight rail shippers and receivers, TSA estimated a 
first year cost of $2,472 per entity.\95\ TSA estimates that the first-
year cost of the proposed rule would have an impact of less than 1 
percent of revenue for 77 of the 80 entities in the sample. Table 23 
presents the likely distribution of impact for small freight rail 
shipper and receiver entities.
---------------------------------------------------------------------------

    \95\ First year costs include security coordinator STA costs, 
such as travel, wait and enrollment time, travel costs, and STA 
fees. TSA does not require the owner/operator to pay the STA fees 
(although some may do so) and these costs could be incurred by the 
individual enrolling in the STA. For a conservative assessment of 
potential small entity costs, TSA included the STA cost for 
entities. Other first year costs include recordkeeping and contact 
information updates per STA, as well as familiarization with the 
proposed rule and inspections per entity.

           Table 23--Number of Affected Small Freight Shipper and Receiver Entities by Revenue Impact
----------------------------------------------------------------------------------------------------------------
                                                                   Number of affected     Percentage of affected
                     Revenue impact range                            small entities           small entities
----------------------------------------------------------------------------------------------------------------
0% < Impact <= 1%.............................................                       77                       96
1% < Impact <= 3%.............................................                        3                        4
3% < Impact <= 5%.............................................                        0                        0
5% < Impact <= 10%............................................                        0                        0

[[Page 33508]]

 
Above 10%.....................................................                        0                        0
                                                               -------------------------------------------------
    Total.....................................................                       80                      100
----------------------------------------------------------------------------------------------------------------

    If a freight rail shipper and receiver entity had a disqualified 
security coordinator, TSA estimates the entity would incur a 
replacement and lost productivity cost of $55,416.\96\ TSA also 
performed a stress test to see if there would be a significant impact 
to freight rail shippers and receivers small entities if TSA assumes 
one security coordinator would be disqualified at a cost of $55,416, 
which was added to each entity's first year cost. TSA found based on a 
stress test of one security coordinator disqualification, 27 small 
entities, or 34 percent of all 80 small freight shipper and receivers 
in the sample would have an impact greater than 1 percent of 
revenue.\97\
---------------------------------------------------------------------------

    \96\ Because disqualifications based on a terrorism check are 
rare, TSA does not account for them in the IRFA. In addition, as 
discussed in Section 2.6 of the RIA, TSA does not account for the 
replacement costs of employees deemed ineligible based on an 
immigration check because those are not considered costs of this 
proposed rule, but rather costs of the immigration laws. Therefore, 
TSA does not estimate replacement costs for security-sensitive 
employees who would be required to undergo the terrorism and 
immigration checks in their Level-2 STA.
    \97\ Fourteen freight rail shipper and receiver small entities 
would have an impact between 1 and 3 percent of revenue, four small 
entities would have an impact between 3 and 5 percent of revenue, 
four small entities would have an impact between 5 and 10 percent, 
and five small entities would have an impact greater than 10 
percent. The additional 10 entities that did not have data were 
assumed to be small and TSA did not specifically assess revenue 
impacts for these entities.
---------------------------------------------------------------------------

    For the PTPR industry, TSA randomly sampled 100 agencies. Using SBA 
size standards, TSA identifies four of the 100 PTPR agencies regulated 
under the proposed rule as small entities.\98\ TSA estimates that the 
proposed rule's requirements would cost small PTPR agencies $154 per 
security-sensitive employee, and $2,827 per entity for non-high-risk-
PTPR agencies and $3,733 per entity for high-risk-PTPR agencies.\99\ 
TSA estimated that the first-year cost of the proposed rule would have 
an impact of less than 1 percent of revenue for three small PTPR owner/
operators or 100 percent of the sample of entities with information 
available. This result is based on the assumption that there would be 
no disqualified employees from security vetting. Table 24 presents the 
likely distribution of impact for small PTPR agencies.
---------------------------------------------------------------------------

    \98\ While four of these PTPR agencies are considered to be 
small entities, one is assumed to be a small entity due to the 
unavailability of data.
    \99\ First year costs include STA costs, such as travel, wait 
and enrollment time, travel costs, and STA fees. TSA does not 
require the owner/operator to pay the STA fees (although some may do 
so) and these costs could be incurred by the individual enrolling in 
the STA. To err on the side that makes the potential costs to small 
entities higher, TSA assumed the STA cost would be covered by the 
employer. Other first year costs include recordkeeping and contact 
information updates per STA, as well as the cost of familiarization 
with the rule and inspection compliance, all of which would be paid 
by each entity.

                       Table 24--Number of Affected Small PTPR Agencies by Revenue Impact
----------------------------------------------------------------------------------------------------------------
                                                                   Number of affected     Percentage of affected
                     Revenue impact range                            small entities           small entities
----------------------------------------------------------------------------------------------------------------
0% < Impact <= 1%.............................................                        3                      100
1% < Impact <= 3%.............................................                        0                        0
3% < Impact <= 5%.............................................                        0                        0
5% < Impact <= 10%............................................                        0                        0
Above 10%.....................................................                        0                        0
                                                               -------------------------------------------------
    Total.....................................................                        3                      100
----------------------------------------------------------------------------------------------------------------

    If a PTPR entity had a disqualified security-sensitive employee or 
security coordinator, TSA estimates the entity would incur a 
replacement cost of $26,628 or $60,395, respectively. TSA performed a 
stress test to see if there would be any significant impact to small 
PTPR entities if TSA assumes one security coordinator would be 
disqualified at a cost of $60,395, which was added to each entity's 
first year cost. TSA found that under this stress-test scenario, two 
small entities of all three small PTPR agencies in the sample, would 
have an impact greater than 1 percent of revenue.\100\
---------------------------------------------------------------------------

    \100\ TSA found two PTPR small entities would have an impact 
between 1 and 3 percent of revenue, and assumed the one entity that 
did not have data would also have an impact of over one percent in 
this scenario.
---------------------------------------------------------------------------

    For the OTRB industry, TSA randomly sampled 130 owners/operators. 
Likewise, TSA estimates-using SBA size standards-111 OTRB owner/
operators affected by the proposed rule to be small entities or 85 
percent. TSA estimates that the proposed rule's requirements would cost 
small OTRB entities $2,275 per entity.\101\ TSA estimated that the 
first-year cost of the proposed rule would have an impact of less than 
1 percent of revenue for 98 percent of the 93 small OTRB sample 
entities. This result is based on the assumption that there would be no 
disqualified employees from security vetting. Table 25 presents the 
likely distribution of impact for small OTRB owner/operators.
---------------------------------------------------------------------------

    \101\ First year costs include security coordinator STA costs, 
such as travel, wait and enrollment time, travel costs, and STA 
fees. TSA does not require the owner/operator to pay the STA fees 
(although some may do so) and these costs could be incurred by the 
individual enrolling in the STA. To err on the side that makes the 
potential costs to small entities higher, TSA assumed the STA cost 
would be covered by the employer. Other first year costs include 
recordkeeping and contact information updates per STA, as well as 
the cost of familiarization with the proposed rule and inspection 
compliance, all of which would be paid by each entity.

[[Page 33509]]



                    Table 25--Number of Affected Small OTRB Owner/Operators by Revenue Impact
----------------------------------------------------------------------------------------------------------------
                                                                   Number of affected     Percentage of affected
                     Revenue impact range                            small entities           small entities
----------------------------------------------------------------------------------------------------------------
0% < Impact <= 1%.............................................                       91                       98
1% < Impact <= 3%.............................................                        2                        2
3% < Impact <= 5%.............................................                        0                        0
5% < Impact <= 10%............................................                        0                        0
Above 10%.....................................................                        0                        0
                                                               -------------------------------------------------
    Total.....................................................                       93                      100
----------------------------------------------------------------------------------------------------------------

    If an OTRB entity had a security coordinator disqualified as a 
result of the STA, TSA estimates the entity would incur a replacement 
cost of $21,880. TSA performed a stress test to see if there would be a 
significant impact on small OTRB entities if TSA assumed a replacement 
cost of $21,880, which was added to each entity's first year cost. TSA 
found that under this stress-test scenario 77 small entities, or 83 
percent of all 93 small OTRB owner/operators, would have an impact 
greater than 1 percent of revenue.\102\
---------------------------------------------------------------------------

    \102\ Based on OTRB small entities with available data, 29 small 
entities would have an impact between 1 and 3 percent of revenue, 
nine small entities would have an impact between 3 and 5 percent of 
revenue, 10 small entities would have an impact between 5 and 10 
percent, and 29 small entities would have an impact greater than 10 
percent.
---------------------------------------------------------------------------

A Description of the Projected Reporting, Record Keeping, and Other 
Compliance Requirements of the Proposed Rule, Including an Estimate of 
the Classes of Small Entities That Would be Subject to the Requirements 
and the Type of Professional Skills Necessary for Preparation of the 
Report or Record
    Under the provisions of the proposed rule, the regulated 
populations would incur costs associated with maintaining a system of 
recordkeeping that verifies completion of STAs. TSA assumes the 
recordkeeping requirements of the proposed rule would be performed by 
employees with administrative and clinical skills, and bases its cost 
estimate on administrative compensation rates.
An Identification, to the Extent Practicable, of All Relevant Federal 
Rules Which May Duplicate, Overlap, or Conflict with the Proposed Rule
    TSA is aware that other federal agencies conduct regulatory vetting 
programs that may affect individuals who are covered by the vetting 
programs in this proposed rule. The design of this proposed rule is to 
achieve comparability amongst TSA vetting programs and similar vetting 
done by other federal agencies when possible, thereby avoiding 
duplication and overlap.\103\ In addition, to the extent there are 
duplicative vetting requirements of which TSA is currently unaware, the 
proposed rule indicates a procedure for requesting comparability 
determination from TSA.\104\
---------------------------------------------------------------------------

    \103\ See Sec.  1530.509.
    \104\ See Sec.  1524.515(e) and Sec.  1524.515(f).
---------------------------------------------------------------------------

A Description of Any Significant Alternatives to the Proposed Rule That 
Accomplish the Stated Objectives of Applicable Statues and May Minimize 
Any Significant Economic Impact of the Proposed Rule on Small Entities, 
Including Alternatives Considered
    TSA considered Alternative 1 of great interest as a regulatory 
alternative, as it would add the requirement for the vetting of OTRB 
security-sensitive employees and, hence, create a more standard set of 
vetting requirements across the proposed rule's three surface modes, 
which is consistent with the agency's risk-based security policies. 
Therefore, TSA asks for public comments on the IRFA for this 
alternative, given this is a preferred option, which not only increases 
the number of security-sensitive employees who would undergo a Level 2 
STA, but also increases the cost to OTRB owner/operators.
    TSA increased the cost of the proposed rule to each of the 93 
sampled small OTRB entities with complete information to include the 
Level 2 STAs on OTRB security-sensitive employees, with a cost of $186 
per security-sensitive employee. TSA estimated that the first-year cost 
of this regulatory option would have an impact of less than 1 percent 
of revenue for 56 of the 93 small OTRB entities, or 63 percent. TSA 
also performed a stress test to see if there would be any additional 
significant impact to small OTRB entities if TSA assumed one security 
coordinator would be disqualified per entity, at a cost of $50,540, 
which was added to each entity's first year cost. TSA found that 
subjecting Alternative 1 to this stress-test scenario results in 80 
small entities, or 90 percent of owner/operators, with revenue impacts 
that exceed 1 percent of revenue.\105\
---------------------------------------------------------------------------

    \105\ Of the 93 small OTRB owner/operators with available data, 
25 small entities would have an impact between 1 and 3 percent of 
revenue, eight small entities would have an impact between 3 and 5 
percent of revenue, 15 small entities would have an impact between 5 
and 10 percent, and 14 small entities would have an impact greater 
than 10 percent.
---------------------------------------------------------------------------

6. International Trade Impact Assessment
    The Trade Agreement Act of 1979 prohibits Federal agencies from 
establishing any standards or engaging in related activities that 
create unnecessary obstacles to the foreign commerce of the United 
States. The Trade Agreement Act does not consider legitimate domestic 
objectives, such as essential security, as unnecessary obstacles. The 
statute also requires that international standards be considered and, 
where appropriate, that they be the basis for U.S. standards. TSA has 
assessed the potential effect of this proposed rule and has determined 
this rulemaking would not have an adverse impact on international 
trade.
7. Unfunded Mandates Assessment
    Title II of the Unfunded Mandates Reform Act of 1995 (UMRA), Public 
Law 104-4, establishes requirements for Federal agencies to assess the 
effects of their regulatory actions on State, local, and tribal 
governments and the private sector. Under sec. 202 of the UMRA, TSA 
generally must prepare a written statement, including a cost-benefit 
analysis, for proposed and final rules with ``Federal mandates'' that 
may result in expenditures by State, local, and tribal governments in 
the aggregate or by the private sector of $100 million (adjusted for 
inflation) or more in any one year. Before TSA promulgates a rule for 
which a written statement is required, sec. 205 of the UMRA generally 
requires TSA to identify and consider a reasonable number of regulatory 
alternatives and adopt the least costly, most cost-effective, or least 
burdensome alternative that achieves

[[Page 33510]]

the objectives of the rule. The provisions of sec. 205 do not apply 
when they are inconsistent with applicable law. Moreover, sec. 205 
allows TSA to adopt an alternative other than the least costly, most 
cost-effective, or least burdensome alternative if the Administrator 
publishes with the final rule an explanation why that alternative was 
not adopted. Before TSA establishes any regulatory requirements that 
may significantly or uniquely affect small governments, including 
tribal governments, it must develop under sec. 203 of the UMRA a small 
government agency plan. The plan must provide for notifying potentially 
affected small governments, enabling officials of affected small 
governments to have meaningful and timely input in the development of 
TSA regulatory proposals with significant Federal intergovernmental 
mandates, and informing, educating, and advising small governments on 
compliance with the regulatory requirements.
    When adjusted for inflation, the threshold for expenditures becomes 
$158.1 million in 2020 dollars. TSA has determined that this proposed 
rule does not contain a Federal mandate that may result in expenditures 
that exceed that amount either for State, local, and tribal governments 
in the aggregate in any one year. TSA will publish a final analysis, 
including its response to public comments, when it publishes a final 
rule.

C. Executive Order 13132, Federalism

    A rule has implications for federalism under Executive Order 13132 
``Federalism'' (64 FR 43255, Aug. 10, 1999), if it has a substantial 
direct effect on the States, on the relationship between the national 
government and the States, or on the distribution of power and 
responsibilities among the various levels of government. TSA has 
analyzed this proposed rule under Executive Order 13132 and determined 
that it does not have implications for federalism. TSA welcomes public 
comments on Executive Order 13132 federalism implications.

D. Environmental Analysis

    TSA has reviewed this rulemaking for purposes of the National 
Environmental Policy Act of 1969 (NEPA) (42 U.S.C. 4321-4347) and has 
determined that this action will not have a significant effect on the 
human environment. This action is covered by categorical exclusion 
number A3(b) in DHS Management Directive 023-01 (formerly Management 
Directive 5100.1), Environmental Planning Program, which guides TSA 
compliance with NEPA.

E. Energy Impact Analysis

    The energy impact of this rulemaking has been assessed in 
accordance with the Energy Policy and Conservation Act (EPCA), Public 
Law 94-163, as amended (42 U.S.C. 6362). TSA has determined that this 
rulemaking would not be a major regulatory action under the provisions 
of the EPCA.

List of Subjects

49 CFR Part 1500

    Air carriers, Air transportation, Aircraft, Airports, Bus transit 
systems, Commuter bus systems, Law enforcement officer, Maritime 
carriers, Over-the-Road buses, Public transportation, Rail hazardous 
materials receivers, Rail hazardous materials shippers, Rail transit 
systems, Railroad carriers, Railroad safety, Railroads, Reporting and 
recordkeeping requirements, Security measures, Transportation facility, 
Vessels.

49 CFR Part 1530

    Administrative law judge, Appeal, Background check, Criminal 
history records check, Fees, Immigration check, Terrorism check, 
Redress, Security measures, Security threat assessment, Waiver.

49 CFR Part 1570

    Commuter bus systems, Crime, Fraud, Hazardous materials 
transportation, Motor carriers, Over-the-Road bus safety, Over-the-Road 
buses, Public transportation, Public transportation safety, Rail 
hazardous materials receivers, Rail hazardous materials shippers, Rail 
transit systems, Railroad carriers, Railroad safety, Railroads, 
Reporting and recordkeeping requirements, Security measures, 
Transportation facility, Transportation Security-Sensitive Materials.

49 CFR Part 1572

    Crime, Explosives, Hazardous materials transportation, Motor 
carriers, Railroads, Reporting and recordkeeping requirements, Security 
measures.

49 CFR Part 1580

    Hazardous materials transportation, Rail hazardous materials 
receivers, Rail hazardous materials shippers, Railroad carriers, 
Railroad safety, Railroads, Reporting and recordkeeping requirements, 
Security measures.

49 CFR Part 1582

    Public transportation, Public transportation safety, Railroad 
carriers, Railroad safety, Railroads, Rail transit systems, Reporting 
and recordkeeping requirements, Security measures.

49 CFR Part 1584

    Over-the-Road bus safety, Over-the-Road buses, Reporting and 
recordkeeping requirements, Security measures.

The Proposed Amendments

    For the reasons set forth in the preamble, the Transportation 
Security Administration proposes to amend chapter XII of title 49, Code 
of Federal Regulations, as follows:

SUBCHAPTER A--ADMINISTRATIVE AND PROCEDURAL RULES

PART 1500--APPLICABILITY, TERMS, AND ABBREVIATIONS

0
1. The authority citation for part 1500 continues to read as follows:

    Authority:  49 U.S.C. 114, 5103, 40113, 44901-44907, 44913-
44914, 44916-44918, 44935-44936, 44942, 46105; Pub. L. 110-53 (121 
Stat. 266, Aug. 3, 2007) secs. 1408 (6 U.S.C. 1137), 1501 (6 U.S.C. 
1151), 1517 (6 U.S.C. 1167), and 1534 (6 U.S.C. 1184).

0
2. In Sec.  1500.3, add the following definition for ``Security threat 
assessment'' in alphabetical order:
* * * * *
    Security threat assessment (STA) means a procedure conducted by TSA 
consisting of one or more checks of relevant databases and other 
sources of information to verify an individual's identity and determine 
whether the individual is eligible for certain access to the nation's 
transportation systems, or for certain privileges or credentials. An 
STA constitutes a security background check for purposes of Sec.  
1570.305(b) of this chapter.
* * * * *

SUBCHAPTER B--SECURITY RULES FOR ALL MODES OF TRANSPORTATION

0
3. Add part 1530 to subchapter B to read as follows:

PART 1530--SECURITY THREAT ASSESSMENT STANDARDS

Subpart A--General
Sec.
1530.1 Scope.
1530.3 Terms used in this part.
1530.5 Levels of security threat assessments.
1530.7 Duration of security threat assessment and Determination of 
Eligibility.
1530.9 Fraud and intentional falsification of records; knowing 
misrepresentation.
1530.11 Fraudulent use or manufacture; responsibilities of persons.
1530.13 Compliance, inspection, and enforcement.

[[Page 33511]]

Subpart B--Individual Enrollment Requirements and Continuing 
Responsibilities
Sec.
1530.101 Information required for security threat assessments 
(STAs).
1530.103 Collection of biometrics.
1530.105 Payment of fees.
1530.107 Individual's continuing responsibilities.
1530.109 Identity verification.
Subpart C [Reserved]
Subpart D--Fees
Sec.
1530.301 Establishing and adjusting fees.
1530.303 Fees for security threat assessment services.
1530.305 Fees for levels of security threat assessments.
1530.307 Fee computation for comparable security threat assessments.
1530.309 Processing fees for security threat assessments.
Subpart E--Adjudication Procedures
Sec.
1530.401 Procedures for fingerprint-based criminal history records 
checks.
1530.403 Procedures for terrorism check and other analyses.
1530.405 Procedures for immigration checks.
1530.407 [Reserved]
1530.409 [Reserved]
1530.411 [Reserved]
1530.413 Determination of Eligibility.
1530.415 Preliminary Determination of Ineligibility.
1530.417 Preliminary Determination of Ineligibility with immediate 
suspension.
1530.419 Final Determination of Ineligibility.
Subpart F--Standards
Sec.
1530.501 Standards.
1530.503 Disqualifying criminal offenses.
1530.505 Immigration check.
1530.507 Terrorism check and other analyses.
1530.509 Comparability of security threat assessments.
Subpart G--Appeal and Waiver Procedures for Security Threat Assessments
Sec.
1530.601 Scope and General Requirements.
1530.603 [Reserved]
1530.605 Appeal based on criminal conviction, immigration, or mental 
capacity standards.
1530.607 Requests for waiver of criminal offenses, immigration, or 
mental capacity standards.
1530.609 Appeal of security threat assessment based on terrorism 
check and other analyses.
1530.611 Review by administrative law judge.
1530.613 Review by TSA Final Decision Maker.

    Authority:  6 U.S.C. 469, 1140, 1143, 1170, and 1181; 46 U.S.C. 
70105; 49 U.S.C. 114, 5103a, 40113-40114, 41718 note, 44901-44907, 
44913-44914, 44916-44918, 44932, 44935-44936, 44939, 44942, 46105, 
and 46111.

PART 1530--SECURITY THREAT ASSESSMENT STANDARDS

Subpart A--General


Sec.  1530.1  Scope.

    (a) This part applies to the following:
    (1) Individuals applying for a security threat assessment (STA) 
conducted by TSA.
    (2) Persons regulated by TSA who employ individuals or use 
authorized representatives who work in security-sensitive positions, as 
security coordinators, or who require a credential, access, or 
authorization that requires a TSA STA.
    (b) This part does not apply to STAs governed by 49 CFR part 1572.


Sec.  1530.3  Terms used in this part.

    Terms used in parts 1500, 1503, 1540, 1570, and 1572 of this 
chapter apply in this part. In addition, the following terms are used 
in this part:
    Administrative law judge means an administrative law judge 
appointed pursuant to the provisions of 5 U.S.C. 3105.
    Assistant Administrator means the officer designated by the 
Administrator to carry out certain STA and redress functions described 
in this part. The Assistant Administrator may appoint a designee to 
assume his or her duties.
    Date of service means--
    (1) In the case of personal service, the date of personal delivery 
to the residential address listed on the application;
    (2) In the case of mailing to the address designated on the 
application as the mailing address, with a certificate of service, the 
date shown on the certificate of service;
    (3) In the case of mailing to the address designated on the 
application as the mailing address, without a certificate of service, 
10 days from the date mailed;
    (4) In the case of mailing to the address designated on the 
application as the mailing address, with no certificate of service or 
postmark, the date other evidence indicates it was sent; or
    (5) The date on which an electronic transmission to the 
individual's email or other electronic address occurs.
    Day means calendar day.
    Incarceration means under the custody of a bureau of prisons and 
confined to a prison, jail, or institution for the criminally insane 
pursuant to a sentence imposed as the result of a criminal conviction 
or finding of not guilty by reason of insanity. Time spent under the 
custody of a bureau of prisons or confined or restricted to a half-way 
house, treatment facility, home incarceration, or similar institution, 
pursuant to a sentence imposed as the result of a criminal conviction 
or finding of not guilty by reason of insanity, constitutes 
incarceration for purposes of this part.
    Individual means the individual who has applied for an STA in 
accordance with the terms of part 1530. This includes an individual who 
previously applied for and was found to meet the standards of the STA, 
but who TSA later determined does not meet the STA standards.
    Mail includes U.S. mail, or use of an express mail service.
    Party means the individual or the agency, whether acting with or 
without an attorney.
    Personal delivery includes hand-delivery or use of a contract or 
express messenger service, but does not include the use of U.S. mail 
service.
    Properly addressed means a document that shows a residential, 
business, or other address submitted by a person on any document 
provided under this subpart; or address shown by other reasonable, 
available means.
    Serve means provide a document to a party during an appeal or 
waiver process under this subpart by personal delivery, mail, or 
electronic means.
    Substantial evidence means such relevant evidence as a reasonable 
person might accept as adequate to support a conclusion.
    TSA Final Decision Maker means the Administrator, acting in the 
capacity of the decision maker on appeal, or any person to whom the 
Administrator has delegated the Administrator's decision-making 
authority.


Sec.  1530.5  Levels of security threat assessments.

    (a) A Level 1 STA consists of a terrorism check and other analyses.
    (b) A Level 2 STA consists of--
    (1) A terrorism check and other analyses; and
    (2) An immigration check to verify that the individual is a U.S. 
citizen, U.S. National, or falls within the permissible categories 
listed in section 1530.505.
    (c) A Level 3 STA consists of--
    (1) A terrorism check and other analyses;
    (2) An immigration check to verify that the individual is a U.S. 
citizen, U.S. National, or falls within the permissible categories 
listed in section 1530.505; and.
    (3) A fingerprint-based criminal history records check (CHRC).

[[Page 33512]]

Sec.  1530.7  Duration of security threat assessment and Determination 
of Eligibility.

    (a) Except as provided in paragraph (b) of this section, a 
determination of eligibility (DOE) issued to an individual, based on an 
STA under this part, remains valid for 5 years from the date on which 
TSA issued the DOE. If the DOE is based, in part, on one or more 
comparable checks from an earlier STA, the DOE remains valid for 5 
years from the date on which the earliest comparable check was 
completed.
    (b) A DOE expires on the earliest date--
    (1) TSA serves a final determination of ineligibility (FDI) on the 
individual;
    (2) TSA serves a preliminary determination of ineligibility with 
immediate revocation (PDIIR) on the individual;
    (3) An individual with a Level 3 STA is indicted for, subject of a 
criminal complaint, convicted of, or found not guilty by reason of 
insanity, of any of the disqualifying crimes applicable to that 
individual under Sec.  1530.503 of this part; or
    (4) An individual with a Level 2 or 3 STA is no longer meets the 
immigration standards as described in Sec.  1530.505 of this part.


Sec.  1530.9  Fraud and intentional falsification of records; knowing 
misrepresentation.

    (a) No person may make, or cause to be made, any of the following:
    (1) Any fraudulent or intentionally false statement in any 
application, statement, record, or report that is submitted, kept, 
made, or used in compliance with, or to show compliance with this part.
    (2) Any reproduction or alteration, for fraudulent purpose, of any 
application, statement, record, report, security program, access 
medium, identification medium, biometric data (fingerprints or 
photograph), documentation, or certification issued pursuant to 
standards in this part.
    (b) Any person who violates the requirements in paragraph (a) of 
this section is ineligible to receive the access, privilege, or 
credential associated with a DOE based on an STA conducted under this 
part.


Sec.  1530.11  Fraudulent use or manufacture; responsibilities of 
persons.

    (a) No person may use or attempt to use, or represent or attempt to 
represent that he or she holds, a DOE or STA issued or conducted under 
this part that was issued or conducted for another person.
    (b) No person may cause or attempt to cause another person to 
violate paragraph (a) of this section.
    (c) Any person who violates the requirements of this section is 
ineligible to receive a DOE based on an STA conducted under this part.


Sec.  1530.13  Compliance, inspection, and enforcement.

    (a) Each individual who is required to undergo an STA under this 
part, and their employers or entities for whom they act as authorized 
representatives are required to undergo STAs under this part, must 
allow DHS, at any time or place, to make any inspections or tests, 
including copying records, to determine the person's compliance with 
this part and part 1520 of this chapter.
    (b) At the request of TSA, each person subject to this part must 
provide evidence of compliance with this part and part 1520 of this 
chapter, including copies of records.

Subpart B--Individual's Enrollment Requirements and Continuing 
Responsibilities


Sec.  1530.101  Information required for security threat assessments 
(STAs).

    (a) Each individual applying for an STA under this part must 
provide the information and/or documents required by paragraph (b) of 
this section, and may provide the information specified in paragraph 
(c) of this section, in a form and manner authorized by TSA.
    (b) The individual must provide the following information and/or 
documents:
    (1) Legal name, including first, middle, and last; any applicable 
suffix; and any other names used previously.
    (2)(i) Current and previous mailing address, current residential 
address if it differs from the current mailing address, and email 
address if available.
    (ii) If an individual prefers to receive correspondence and 
notification via email instead of physical mail, the individual should 
so state.
    (3) Date of birth.
    (4) Gender.
    (5) Height, weight, hair color, and eye color.
    (6) City, state, and country of birth; and country of citizenship.
    (7) Immigration information, and--
    (i) If a naturalized citizen of the United States, the date of 
naturalization;
    (ii) If present in the United States based on a visa, the type of 
visa, the visa number, and the date on which it expires; and
    (iii) If a commercial driver licensed in Canada, whether the 
individual holds a Free and Secure Trade (FAST), Secure Electronic 
Network for Travelers Rapid Inspection (SENTRI), Global Entry or NEXUS 
card, or a Canadian passport number.
    (8) If not a national or citizen of the United States, the alien 
registration number and/or the number assigned to the individual on the 
U.S. Customs and Border Protection (CBP) Arrival-Departure Record, Form 
I-94, if issued.
    (9) The individual's daytime telephone number.
    (10) The individual's current employer(s), and the employer's 
address, facsimile number (if available), and telephone number. If the 
individual's current employer is the U.S. military, also list the 
branch of the service. If the individual is self-employed, provide the 
name of the company (if any), address, telephone number, and facsimile 
number.
    (11) Each individual must present documentary evidence in a form 
and manner specified by TSA that he or she meets the immigration 
standards, as described in Sec.  1530.505, such as proof of U.S. 
citizenship or nationality if the individual claims U.S. citizenship or 
nationality.
    (c) The individual may also provide the information requested in 
paragraphs (c)(1)-(c)(5) of this section:
    (1) Social Security number. Providing the Social Security number is 
voluntary; however, failure to provide it may delay or prevent 
completion of the STA.
    (2) Passport number, city of issuance, date of issuance, and date 
of expiration. This information is voluntary and may expedite the 
adjudication process for an individual who is a U.S. citizen born 
abroad.
    (3) Department of State Consular Report of Birth Abroad. This 
information is voluntary and may expedite the adjudication process for 
an individual who is a U.S. citizen born abroad.
    (4) Whether the individual has previously completed a comparable 
TSA STA, and if so, the date and program for which it was completed. 
This information must be provided if the individual wishes to use the 
comparable STA as described in Sec.  1530.509 of this part to avoid 
redundant checks and reduce the STA fee.
    (5) Whether the individual currently holds a Federal security 
clearance, and if so, the type of clearance, date, and agency for which 
the clearance was performed. If TSA determines that the security 
clearance is a comparable STA pursuant to Sec.  1530.509 of this part, 
this information must be provided if the individual wishes to use the 
security clearance to avoid redundant checks and reduce the STA fee.
    (d) The individual must certify in writing that all information 
provided is true, complete, and correct. The

[[Page 33513]]

individual must acknowledge that a false statement or material omission 
can be punished by fine or imprisonment or both, and may be grounds for 
TSA to determine that the individual is ineligible.
    (e) The individual must acknowledge in writing that TSA may notify 
his or her employer in the case of an imminent threat, and provide 
limited information to reduce the risk of injury or damage to a 
facility.
    (f) The individual must acknowledge in writing that there is a 
continuing obligation to report an event or condition that makes the 
individual ineligible.


Sec.  1530.103  Collection of biometrics.

    Each individual applying for an STA that includes a CHRC must 
submit fingerprints to TSA in a form and manner prescribed by TSA.


Sec.  1530.105  Payment of fees.

    (a) The individual must pay the STA fees as required in subpart D 
of this part when he or she submits biographic and/or biometric data. 
TSA will begin processing an STA application only upon receipt of all 
required fees.
    (b) Fees must be processed in accordance with Sec.  1530.309 of 
this subpart.
    (c) TSA will not refund fees once paid.


Sec.  1530.107  Individual's continuing responsibilities.

    (a) Reporting responsibilities. Each individual who has 
successfully completed an STA and received a DOE from TSA under this 
part, or has applied for an STA and is awaiting a DOE, must report the 
occurrence of any of the events listed below to TSA within 24 hours of 
occurrence:
    (1) Each individual who applies for, or successfully completes, an 
STA that includes a CHRC, must report--
    (i) An indictment, conviction, or finding of not guilty by reason 
of insanity, of a disqualifying crime; or
    (ii) Being adjudicated as lacking mental capacity, or being 
committed to a mental health facility.
    (2) Each individual who applies for, or successfully completes an 
STA that includes an immigration check under Sec.  1530.505 of this 
part, must report if he or she no longer meets the immigration 
standards as described in Sec.  1530.503.
    (b) Contact information. An individual who applies for an STA, or 
who receives a DOE from TSA under this part, must report to TSA any 
changes in the information provided to TSA under Sec.  1530.101(b)(1), 
(2), or (9) of this subpart. This reporting obligation continues until 
the DOE expires.


Sec.  1530.109  Identity verification.

    (a) The identity of each individual applying for an STA under this 
part must be verified by TSA.
    (b) The individual must present at least two forms of 
identification to verify identity. At least one form of identification 
must be issued by a government authority and bear a photograph of the 
individual.
    (c) TSA must examine the identification documents the individual 
presents to determine whether they appear to be genuine, unexpired, and 
relate to the individual presenting them.

Subpart C [Reserved]

Subpart D--Fees


Sec.  1530.301  Establishing and adjusting fees.

    (a) Establishing and adjusting fees. Pursuant to 6 U.S.C. 469, TSA 
must collect user fees to fund the cost of an STA. These fees apply to 
all STAs conducted under this part. TSA determines fee amounts in 
accordance with Federal guidelines including Office of Management and 
Budget (OMB) Circular Number A-25 ``User Charges''. This Federal policy 
provides information for determining full program costs, the amount of 
the fee assessed on those that benefit from a special service, and when 
the fee should be collected. The fee rate and necessary revisions will 
be calculated using the best available records of the agency, will be 
consistent with widely accepted accounting principles and practices, 
and will be calculated in accordance with the provisions of 31 U.S.C. 
9701 and other applicable Federal law. TSA will publish the initial 
fees established under this part in a notice in the Federal Register. 
Once TSA establishes a fee, it will review the amount of the fee at 
least once every 2 years to determine the current cost of providing the 
service the fee covers. If necessary, TSA will revise the fee to cover 
the costs of the STA services and publish a notice in the Federal 
Register of the revised fee.
    (b) Inflation adjustment. TSA may adjust the fees prescribed in 
this section for inflation annually on or after October 1, __. TSA will 
announce any inflation adjustments by publishing a notice in the 
Federal Register. The adjustment will be a composite of the Federal 
civilian pay raise assumption and non-pay inflation factor for that 
fiscal year issued by the OMB for agency use in implementing OMB 
Circular A-76, weighted by the pay and non-pay proportions of total 
funding for that fiscal year. If Congress enacts a different Federal 
civilian pay raise percentage than the percentage issued by OMB for 
Circular A-76, TSA may adjust the fees to reflect the enacted amount. 
The required fee will be the amount prescribed pursuant to this 
subpart, adjusted to account for the latest inflation adjustment.


Sec.  1530.303  Fees for security threat assessment services.

    (a) Mandatory fees. This section describes the fees for each 
service TSA provides in an STA. TSA must receive the appropriate fee(s) 
listed below before it can conduct the STA. If it becomes necessary to 
adjust these fees in the future, TSA may publish a notice in the 
Federal Register announcing the revised fees.
    (b) Processing fees--(1) Processing fee. This fee covers the cost 
to establish, operate, and maintain physical enrollment centers, 
equipment, personnel, and electronic systems to facilitate the 
collection of an individual's biographic and biometric information, 
verify identity, collect and process fees, and support these services. 
This fee is $43.00 to $65.00.
    (2) Reduced processing fee. This fee covers the cost to establish, 
operate, and maintain an online enrollment platform, including 
equipment, software, personnel, and electronic systems to capture an 
individual's biographic and biometric information, verify identity, 
collect and process fees, and support these services. This fee is 
$24.00 to $36.00.
    (c) Terrorism check and other analyses fee. This fee covers the 
cost to establish, operate, maintain, and access information sources 
TSA uses to conduct the terrorism check and other analyses, adjudicate 
the information received, and process appeal requests. This fee is 
$6.00 to $10.00.
    (d) Immigration check fee. This fee covers the cost to establish, 
operate, maintain, and access the appropriate immigration records, 
adjudicate the results, and process appeal requests. This fee is $2.00 
to $4.00.
    (e) Criminal history records check fee. This fee covers the 
personnel, equipment, and system costs to establish, operate, and 
maintain a system to process applicant fingerprint submissions and the 
cost to adjudicate the criminal history records associated with the 
individual to determine whether the records show a disqualifying 
criminal offense or open disposition, and to process appeal and waiver 
requests.
    (1) The CHRC fee for the initial enrollment in-person at an 
enrollment center is $17.00 to $25.00.

[[Page 33514]]

    (2) The fee for renewing a CHRC online is $8.00 to $12.00.


Sec.  1530.305  Fees by levels of security threat assessments.

    (a) Level 1 STA. An individual applying for a Level 1 STA must pay 
TSA's fees for the following components:
    (1) The processing or reduced processing fee.
    (2) The terrorism check and other analyses fee.
    (b) Level 2 STA. An individual applying for a Level 2 STA must pay 
TSA's fees for the following components:
    (1) The processing or reduced processing fee.
    (2) The terrorism check and other analyses fee.
    (3) The immigration check fee.
    (c) Level 3 STA. An individual applying for a Level 3 STA must pay 
TSA's fees for the following components:
    (1) The processing or reduced processing fee.
    (2) The terrorism check and other analyses fee.
    (3) The immigration check fee.
    (4) The initial CHRC fee for in-person enrollment at an enrollment 
center or a renewal fee for online CHRC renewal.


Sec.  1530.307  Fee computation for comparable security threat 
assessments.

    (a) An individual who successfully completed an STA at an earlier 
date may apply to rely on one or more of the previous unexpired checks 
when applying for a new STA.
    (b) If one or more of the previous unexpired checks are comparable 
to checks required in the new STA, TSA will not conduct a new check for 
that portion of the new STA. TSA computes the fee for the new STA based 
on the checks actually performed in connection with the new 
application.


Sec.  1530.309  Processing fees for security threat assessments.

    (a) All fees for an STA must be processed via a method approved by 
TSA and in accordance with U.S. Treasury guidelines.
    (b) TSA will not begin an STA until it has received the required 
fees.
    (c) TSA will not issue any fee refunds.

Subpart E--Adjudication Procedures


Sec.  1530.401  Procedures for fingerprint-based criminal history 
records checks.

    (a) TSA will transmit fingerprints to the Federal Bureau of 
Investigation's (FBI) Criminal Justice Information Services Division 
(CJIS) in accordance with the FBI CJIS fingerprint submission 
standards. TSA may also transmit fingerprints to the DHS IDENT system.
    (b) TSA will receive and adjudicate the results of the check from 
the FBI CJIS and IDENT in accordance with Sec. Sec.  1530.501 and 
1530.503 of this part, including any results TSA receives through the 
FBI CJIS' Rap Back service.


Sec.  1530.403  Procedures for terrorism checks and other analyses.

    (a) To conduct a terrorism check and other analyses, TSA completes 
the following procedures:
    (1) Reviews the individual's information required for enrollment in 
subpart B of this part.
    (2) Searches domestic and international government databases 
described in Sec.  1530.507 of this part, as applicable.
    (3) Adjudicates the results of the check, in accordance with 
Sec. Sec.  1530.501, 1530.505, and 1530.507 of this part, as 
applicable.
    (b) If the searches listed in this section indicate that an 
individual has an outstanding want or warrant, or is subject to a 
removal order under the immigration laws of the United States, TSA 
sends the individual's information to the appropriate law enforcement 
or immigration agency.


Sec.  1530.405  Procedures for immigration checks.

    To conduct the immigration check, TSA will check relevant 
government databases and may perform other checks, including whether 
the U.S. Citizenship and Immigration Services (USCIS) alien 
registration number, CBP Form I-94 Arrival/Departure Record number, or 
other pertinent identifying document number is valid and associated 
with the individual.


Sec.  1530.407  [Reserved]


Sec.  1530.409  [Reserved]


Sec.  1530.411  [Reserved]


Sec.  1530.413  Determination of Eligibility.

    TSA will issue a DOE to the individual and the TSA-regulated person 
employing or contracting with the individual, or other person, as 
appropriate, if TSA determines that the individual meets the STA 
standards in Sec.  1530.501 of this part.


Sec.  1530.415  Preliminary Determination of Ineligibility.

    TSA will serve a preliminary determination of ineligibility (PDI) 
on the individual if TSA determines he or she may not meet, or may no 
longer meet, the STA standards in Sec.  1530.501 of this part. The PDI 
will include:
    (a) Statement. A statement that TSA has determined that the 
individual may not meet, or may no longer meet, the STA standards in 
Sec.  1530.501 of this part, or may need to provide additional 
information for TSA to issue a DOE;
    (b) Basis. A statement that explains TSA's basis for the 
preliminary determination;
    (c) Appeal and waiver information. (1) Information about how the 
individual may appeal or apply for a waiver of the determination, as 
described in Sec.  1530.605, Sec.  1530.607 or Sec.  1530.609 of this 
part, as applicable, including Determination of Arrest Status and 
correction of records, as provided in paragraphs (d) and (e) of this 
section, and
    (2) A statement that if the individual does not appeal or apply for 
a waiver of TSA's determination, or request an extension of time to 
file an appeal or waiver request, within 60 days of service of the PDI, 
the PDI will automatically convert to an FDI. The statement will also 
explain the circumstances under which the individual may request an 
extension of time beyond 60 days of service of the PDI.
    (d) Determination of arrest status. (1) When a CHRC discloses an 
arrest for a disqualifying crime listed in Sec.  1530.503 of this part 
without indicating a disposition, TSA will notify the individual and 
provide instructions on how the individual must clear the disposition, 
in accordance with paragraph (d)(2) of this section. Upon request, TSA 
will provide the individual with a copy of the FBI record.
    (2) The individual must provide TSA with written proof that the 
arrest did not result in a conviction for the disqualifying criminal 
offense within 60 days after the service date of the PDI. If the 
individual does not send written proof in that time, or a request for 
an extension of time, TSA will notify the individual that he or she is 
disqualified. TSA will also so notify the individual's employer or 
entity for whom the individual is an authorized representative.
    (e) Corrective action by the individual. When a CHRC discloses an 
arrest for a disqualifying crime listed in Sec.  1530.503 of this part, 
the individual may contact the local jurisdiction responsible for the 
information and the FBI to complete or correct the information 
contained in his or her record. The individual must send a copy of the 
revised FBI record, or a certified true copy of the information from 
the appropriate court within 60 days after the service date of the PDI.

[[Page 33515]]

Sec.  1530.417  Preliminary determination of Ineligibility with 
immediate revocation.

    (a) TSA will serve a PDIIR on the individual and, as applicable, 
the TSA-regulated person who employs or contracts with the individual, 
if TSA determines that the individual may not meet, or may no longer 
meet, the STA standards in Sec.  1530.501 of this part, and that 
immediate revocation of the associated credential, access, or 
authorization is warranted.
    (b) Following the immediate revocation, TSA will process the PDIIR 
in accordance with the procedures for a PDI in Sec.  1530.415 of this 
part.
    (c) If TSA does not issue an FDI, TSA will reinstate the 
individual's credential, access, or authorization and notify the 
individual and, as applicable, the employer or person who contracts 
with the individual, of the reinstatement.


Sec.  1530.419  Final Determination of Ineligibility.

    (a) If an individual does not appeal or request a waiver of the PDI 
or PDIIR in accordance with Sec.  1530.415, or request an extension of 
time, the preliminary determination will automatically convert to an 
FDI. The individual's credential, access, or authorization will be 
denied or revoked.
    (b) If an individual appeals or requests a waiver of the PDI or 
PDIIR and TSA denies the appeal or waiver request, TSA will serve an 
FDI on the individual. The individual's credential, access, or 
authorization will be denied or revoked.

Subpart F--Standards


Sec.  1530.501  Standards.

    (a) Determination of Eligibility. TSA will issue a DOE following an 
STA under this part to an individual only if the results of the STA do 
not indicate that the individual poses or may pose a threat to 
transportation security or national security, or of terrorism. For TSA 
to reach such a conclusion, all of the following conditions in this 
paragraph (a) must be met:
    (1) TSA is able to verify the individual's identity.
    (2) The results of the terrorism check and other analyses as 
described in Sec.  1530.507 of this part do not indicate that the 
individual poses or may pose a threat to transportation security or 
national security, or of terrorism.
    (3) If the individual is applying for or renewing a Level 2 or 
Level 3 STA, he or she is a U.S. citizen, U.S. National, or is in a 
permissible category listed in Sec.  1530.505 of this part.
    (4) If the individual is applying for or renewing a Level 3 STA, he 
or she qualifies under Sec.  1530.503 of this part.
    (b) Reapplication or re-enrollment. An individual who fails to 
complete an STA successfully may reapply or re-enroll for an STA when 
the conditions that make him or her ineligible no longer exist.


Sec.  1530.503  Disqualifying criminal offenses.

    (a) Scope. This section applies to an individual applying for or 
renewing a Level 3 STA as defined in Sec.  1530.5 of this part. It does 
not apply to an individual applying for or renewing a Level 1 or Level 
2 STA as defined in Sec.  1530.5 of this part.
    (1) Permanent disqualifying criminal offenses. An individual has a 
permanent disqualifying offense if convicted, or found not guilty by 
reason of insanity, in a civilian or military, domestic or foreign 
jurisdiction of any of the following felonies:
    (A) Espionage or conspiracy to commit espionage.
    (B) Sedition, or conspiracy to commit sedition.
    (C) Treason, or conspiracy to commit treason.
    (D) A Federal crime of terrorism as defined in 18 U.S.C. 2332b(g), 
or comparable State law, or conspiracy to commit such crime.
    (E) A crime involving a transportation security incident. A 
transportation security incident is a security incident resulting in a 
significant loss of life, environmental damage, transportation system 
disruption, or economic disruption in a particular area, as defined in 
46 U.S.C. 70101. The term ``economic disruption'' does not include a 
work stoppage or other employee-related action not related to terrorism 
and resulting from an employer-employee dispute.
    (F) Improper transportation of a hazardous material under 49 U.S.C. 
5124, or a State law that is comparable.
    (G) Unlawful possession, use, sale, distribution, manufacture, 
purchase, receipt, transfer, shipping, transporting, import, export, 
storage of, or dealing in an explosive or explosive device. An 
explosive or explosive device includes, but is not limited to, an 
explosive or explosive material as defined in 18 U.S.C. 232(5), 841(c) 
through 841(f), and 844(j); and a destructive device, as defined in 18 
U.S.C. 921(a)(4) and 26 U.S.C. 5845(f).
    (H) Murder.
    (I) Making any threat, or maliciously conveying false information 
knowing the same to be false, concerning the deliverance, placement, or 
detonation of an explosive or other lethal device in or against a place 
of public use, a state or government facility, a public transportation 
system, or an infrastructure facility.
    (J) Violations of the Racketeer Influenced and Corrupt 
Organizations Act, 18 U.S.C. 1961, et seq., or a comparable State law, 
where one of the predicate acts found by a jury or admitted by the 
defendant, consists of one of the crimes listed in paragraph (a)(1) of 
this section.
    (K) Attempt to commit the crimes in paragraphs (a)(1)(A) through 
(D) of this section.
    (L) Conspiracy or attempt to commit the crimes in paragraphs 
(a)(1)(E) through (a)(1)(J) of this section.
    (2) Look-back period for interim disqualifying criminal offenses. 
The felonies listed in paragraph (a)(3) of this section are 
disqualifying, if either--
    (A) The individual was convicted, or found not guilty by reason of 
insanity, of the crime in a civilian or military U.S. domestic or 
foreign jurisdiction within 7 years of the date of the application; or
    (B) The individual was incarcerated for that crime and released 
from incarceration within 5 years of the date of the application.
    (3) Interim disqualifying offenses. The interim disqualifying 
felonies are:
    (A) Unlawful possession, use, sale, manufacture, purchase, 
distribution, receipt, transfer, shipping, transporting, delivery, 
import, export of, or dealing in a firearm or other weapon. A firearm 
or other weapon includes, but is not limited to, firearms as defined in 
18 U.S.C. 921(a)(3) or 26 U.S.C. 5845(a), or items contained on the 
U.S. Munitions Import List at 27 CFR part 447.21.
    (B) Extortion.
    (C) Dishonesty, fraud, or misrepresentation, including identity 
fraud and money laundering where the money laundering is related to a 
crime described in paragraphs (a)(1) or (a)(3) of this section. Welfare 
fraud and passing bad checks do not constitute dishonesty, fraud, or 
misrepresentation for purposes of this paragraph.
    (D) Bribery.
    (E) Smuggling.
    (F) Immigration violations.
    (G) Distribution of, possession with intent to distribute, or 
importation of a controlled substance.
    (H) Arson.
    (I) Kidnapping or hostage taking.
    (J) Rape or aggravated sexual abuse.
    (K) Assault with intent to kill.
    (L) Robbery.
    (M) Entry by false pretenses to any real property, vessel, or 
aircraft of the U.S. or secure area of any airport or seaport as 
described in 18 U.S.C. 1036 or 49 U.S.C. 46312, or a comparable State 
law.

[[Page 33516]]

    (N) Violations of the Racketeer Influenced and Corrupt 
Organizations Act, 18 U.S.C. 1961, et seq., or a comparable State law, 
other than the violations listed in paragraph (a)(1)(J) of this 
section.
    (O) Manslaughter, as described in 18 U.S.C. 1112, or a comparable 
state law.
    (P) Conspiracy or attempt to commit the crimes in this paragraph 
(a)(3).
    (b) [Reserved]
    (c) Under want, warrant, indictment, or criminal complaint. An 
individual who is wanted, the subject of a warrant, under indictment, 
or the subject of a criminal complaint, in any civilian or military 
jurisdiction, for a felony listed in paragraph (a) is disqualified 
until the want or warrant is released or the indictment or complaint is 
dismissed.
    (d) Mental incapacity. An individual who has been adjudicated as 
lacking mental capacity or involuntarily committed to a mental health 
facility, is disqualified until the adjudication is withdrawn or the 
individual is released from the mental health facility.


Sec.  1530.505  Immigration check.

    (a) An individual applying for an STA under this Part must be U.S. 
citizen, U.S. National, or who is--
    (1) Lawfully admitted for permanent residence;
    (2) A refugee admitted under 8 U.S.C. 1157;
    (3) Granted asylum under 8 U.S.C. 1158;
    (4) In lawful nonimmigrant status;
    (5) Paroled into the United States under 8 U.S.C. 1182(d)(5); or
    (6) Is otherwise authorized to be employed in the United States.
    (b) To determine whether an applicant falls within the categories 
listed in paragraph (a) of this section, TSA will check relevant 
Federal databases and may perform other checks, including the validity 
of the applicant's alien registration number, Social Security number, 
or I-94 Arrival-Departure Form number.


Sec.  1530.507  Terrorism check and other analyses.

    (a) An individual applying for or holding a Level 1, 2, or 3 STA 
must undergo a terrorism check and other analysis to determine whether 
the individual poses or may pose a threat to transportation security or 
national security, or of terrorism. TSA conducts this check based on a 
search of the following--
    (1) Interpol and other international databases, as appropriate.
    (2) Terrorist watchlists and related databases.
    (3) Any other databases or sources relevant to determining whether 
an individual poses or may pose a threat to transportation security or 
national security, or of terrorism, and that confirm an individual's 
identity.
    (b) TSA may also determine that the individual may pose a threat to 
transportation security or national security, or of terrorism, and is 
ineligible, if the check conducted under this part reveals extensive 
foreign or domestic criminal convictions, a conviction for a serious 
crime not listed in Sec.  1530.503 of this part, or a period of foreign 
or domestic incarceration that exceeds 365 consecutive days.


Sec.  1530.509  Comparability of security threat assessments.

    (a) Comparability of checks. TSA may determine that a previous 
check, such as a CHRC, or a terrorism check and other analyses, 
conducted as part of an earlier STA is comparable to the same check 
needed for a later STA, following an examination of the factors set out 
in paragraph (d) of this section, and if the following conditions are 
met:
    (1) The first check has not expired.
    (2) The first check is part of a DOE that is not expired, revoked, 
or suspended.
    (3) The first check was adjudicated under standards that are 
comparable to the standards for the check in the new STA applied for 
under this part.
    (b) Comparability of entire STA. TSA may accept a valid, unexpired 
STA, background check, or investigation conducted by TSA or another 
Federal governmental agency as satisfying an STA requirement under this 
chapter if TSA determines, based on an examination of the factors set 
out in paragraph (d) of this section, that the STA, background check, 
or other investigation satisfies all of the requirements of the level 
of STA applied for under this part.
    (c) Duration of DOE. A DOE issued on the basis of an earlier, 
comparable check, STA, background check, or investigation is computed 
from the date of the earliest check included in the STA, background 
check, or investigation. For example, if the later STA relies on an 
immigration check conducted 2 years before as part of an earlier STA, 
the validity of the second DOE will be 3 years, rather than 5 years, as 
otherwise provided in Sec.  1530.7 of this part.
    (d) Comparability determination considerations. Except as provided 
in paragraphs (g) through (i) of this section (which set forth 
comparability determinations that TSA has already made), in making a 
comparability determination under paragraph (a) or (b) of this section, 
TSA will consider--
    (1) The minimum standards used for the check, STA, background 
check, or investigation;
    (2) The frequency and duration of the check, STA, background check, 
or investigation;
    (3) The date of the most recent check, STA, background check, or 
investigation;
    (4) As applicable, whether the STA, background check, or 
investigation includes biometric identification and a biometric 
credential; and
    (5) Other factors TSA considers appropriate to determining 
comparability.
    (e) [Reserved]
    (f) Information required to use a comparable assessment. If 
asserting completion of a comparable check, STA, background check, or 
investigation under paragraph (a) or (b) of this section, an individual 
must--
    (1) Present the credential (or similar documentation) that 
corresponds to successful completion of the comparable assessment to 
TSA;
    (2) Notify TSA when the credential that corresponds to a successful 
completion of the comparable assessment expires or is suspended or 
revoked for any reason; and
    (3) Complete the enrollment and pay associated fees, as required in 
this part.
    (g) Comparable to Level 1 STA. The following successful STAs are 
comparable to a Level 1 STA:
    (1) A Level 2 or a Level 3 STA.
    (2) An STA completed under the FAST, NEXUS, Global Entry, and 
SENTRI programs administered by U.S. Customs and Border Protection 
(CBP).
    (3) An STA conducted by TSA under part 1572 of this chapter for a 
hazardous materials endorsement (HME) or transportation worker 
identification credential (TWIC).
    (4) An STA conducted by TSA under part 1540 of this chapter for 
certain individuals engaged in cargo operations.
    (5) An STA conducted by TSA for the TSA PreCheck[supreg] 
Application Program.
    (h) Comparable to Level 2 STA. The following successful STAs are 
comparable to a Level 2 STA:
    (1) A Level 3 STA.
    (2) An STA completed under the FAST, NEXUS, Global Entry, and 
SENTRI programs administered by CBP.
    (3) An STA conducted by TSA under part 1572 of this chapter for an 
HME or TWIC.
    (4) An STA conducted by TSA for the TSA PreCheck[supreg] 
Application Program.
    (i) Comparable to Level 3 STA. The following successful STAs are 
comparable to a Level 3 STA:
    (1) An STA completed under the FAST, NEXUS, Global Entry, and 
SENTRI programs administered by CBP.

[[Page 33517]]

    (2) An STA conducted by TSA under part 1572 of this chapter for an 
HME or TWIC.
    (3) An STA conducted by TSA for the TSA PreCheck[supreg] 
Application Program.

Subpart G--Appeal and Waiver Procedures for Security Threat 
Assessments


Sec.  1530.601  Scope and General Requirements.

    (a) Appeals. This subpart applies to individuals appealing a PDI or 
a PDIIR as part of an STA as described in Sec. Sec.  1530.415 and 
1530.417 of this part.
    (b) Waivers. This subpart applies to individuals who are authorized 
to apply for a waiver of certain STA standards by the statute, 
regulation, security program, or other authority that requires him or 
her to undergo an STA.
    (c) Nondisclosure of certain information. In connection with the 
procedures in this subpart, TSA does not disclose to the individual 
and/or respondent classified information, as defined in section 1(a) of 
the Classified Information Procedures Act (18 U.S.C. App.), as amended, 
and will not disclose any other information or material not warranting 
disclosure or protected from disclosure under law.
    (d) Representation by counsel. For any proceedings under this 
subpart, an individual or respondent may choose to be represented by 
counsel at his or her expense.
    (e) Extension of time. TSA may grant an individual an extension of 
the time limits described in this subpart for good cause shown. An 
individual's request for an extension of time must be in writing and 
received by TSA within a reasonable time prior to the date to be 
extended. If the request for an extension of time is not received by 
TSA before the due date to be extended, an individual may request an 
extension after the expiration of a due date by sending a written 
request describing why the failure to file within the time limits may 
be excusable.
    (f) Exhaustion of administrative remedies. An individual must 
exhaust the administrative remedies set forth in this subpart before 
seeking judicial review.


Sec.  1530.603  [Reserved]


Sec.  1530.605  Appeal based on criminal, immigration, or mental 
capacity standards.

    (a) Scope. This section applies to individuals appealing a PDI or a 
PDIIR based on one or more of the following:
    (1) TSA's determination that an individual is ineligible because he 
or she has a disqualifying criminal offense described in Sec.  1530.503 
or criminal history in Sec.  1530.507(b) of this part.
    (2) TSA's determination that an individual is ineligible because he 
or she does not meet the immigration standards, as described in Sec.  
1530.505 of this part.
    (3) TSA's determination that an individual is ineligible because he 
or she has been adjudicated as lacking mental capacity or committed to 
a mental health facility.
    (b) Grounds for appeal. An individual may appeal a PDI or a PDIIR 
if the individual is asserting that he or she meets the standards for 
the STA for which he or she is applying, and
    (1) The basis for the denial is factually incorrect; or
    (2) TSA has not applied the standards described in this part 1530 
correctly.
    (c) Initiating an appeal. (1) An individual who has received a PDI 
or PDIIR may initiate an appeal by submitting a written request for 
material from TSA in accordance with paragraph (d) of this section, or 
a written reply to TSA in accordance with paragraph (e) of this 
section, within 60 days of the date of service of the PDI. An 
individual preserves the right to appeal a PDI or PDIIR, if he or she 
requests an extension of time in accordance with Sec.  1530.601(e) of 
this part and the request is granted.
    (2) If the individual does not initiate an appeal, submit a written 
request for material, or request an extension of time within 60 days of 
the date of service of the PDI or PDIIR, the PDI or PDIIR becomes an 
FDI.
    (d) Request for material. (1) Within 60 days of the date of service 
of the PDI or PDIIR, the individual may serve TSA with a written 
request for copies of the material upon which the PDI or PDIIR was 
based.
    (2) Within 60 days of the date of service of the request for 
material, TSA will serve the individual with copies of the releasable 
material on which the PDI or PDIIR was based.
    (3) Within 60 days of the date of service of the individual's 
request for material, TSA may request additional information or 
documents from the individual that TSA believes are necessary to make a 
final determination.
    (e) Reply. (1) Within 60 days of the date of service of the PDI or 
PDIIR, the individual may serve on TSA a written reply to the PDI or 
PDIIR.
    (i) If the individual requested material under paragraph (d) of 
this section, the individual may serve on TSA a written reply to the 
PDI or PDIIR within 60 days of the date of service of TSA's response to 
the individual's request for material.
    (ii) The reply must include the rationale and information upon 
which the individual disputes TSA's PDI or PDIIR.
    (2) Within 60 days of the date of service of the individual's 
written reply, TSA may request from the individual additional 
information or documents that TSA believes are necessary to make a 
final determination on the individual's appeal.
    (3) TSA will consider only material that is relevant to whether the 
individual meets the applicable standards for the STA for which the 
individual is applying.
    (f) Correction of records. If the PDI or PDIIR was based on a 
record that the individual believes is erroneous, the individual may 
correct the record by--
    (1) Contacting the jurisdiction or entity responsible for the 
information and attempting to correct or complete information contained 
in his or her record; and
    (2) Providing TSA the revised record, or a certified true copy of 
the information from the appropriate entity, before TSA determines 
whether the individual meets the standards for the STA.
    (g) Final determination. Within 60 days of the date of service of 
the individual's reply to the PDI of PDIIR, or a longer period of time 
for good cause, TSA will serve either an FDI or a withdrawal of the 
PDI/PDIIR, as provided in paragraph (g)(1) or (g)(2) of this section.
    (1) Final Determination of Ineligibility. If the Assistant 
Administrator concludes that an individual does not meet the standards 
described in Sec.  1530.501 of this part, TSA will serve an FDI upon 
the individual. Where applicable, TSA will serve the FDI on the 
individual's employer or entity for whom the individual is an 
authorized representative. The FDI will include a statement that the 
Assistant Administrator has reviewed the PDI or PDIIR, the individual's 
reply and accompanying information, and any other available material or 
information, and has determined that the individual does not meet the 
STA standards for which she or he has applied.
    (2) Withdrawal of PDI/PDIIR. If the Assistant Administrator 
concludes that the individual meets the STA standards, TSA will serve a 
withdrawal of the PDI/PDIIR upon the individual, and where applicable, 
the individual's employer, operator, or other person with security 
responsibilities for the individual under this chapter.
    (h) Further review. For purposes of judicial review, the FDI issued 
under this section constitutes a final agency order that the individual 
does not meet

[[Page 33518]]

the STA standards, in accordance with 49 U.S.C. 46110.


Sec.  1530.607  Requests for waiver of criminal offense or mental 
capacity standards.

    (a) Scope. This section applies to individuals who are authorized 
to apply for a waiver of STA standards by the statute, regulation, 
security program, or other authority that requires him or her to 
undergo an STA, and--
    (1) Who have a disqualifying criminal offense described in Sec.  
1530.503 of this part;
    (2) Who have been determined to be ineligible due to a prior 
adjudication of lacking mental capacity or prior commitment to a mental 
health facility; or
    (3) Who have been determined to be ineligible under Sec.  
1530.507(b) of this part.
    (b) Grounds for waiver. TSA may issue a waiver of the standards 
described in paragraph (a) of this section if, based on a review of 
information described in paragraph (c) of this section, TSA determines 
that, despite a disqualifying criminal offense or mental capacity 
issue, the evidence does not indicate that the individual poses or may 
pose a threat to transportation security or national security, or of 
terrorism, and the individual is otherwise eligible.
    (c) Initiating waiver. (1) To initiate a waiver, the individual 
must:
    (i) Have already submitted a complete application for the required 
STA, and paid all applicable fees.
    (ii) Submit a written waiver to TSA. To be considered timely 
submitted, such written waiver request--
    (A) May be received as early as the same date that the individual 
submitted the application and fee, and
    (B) May be received no later than 60 days after final disposition 
of an appeal undertaken consistent with in Sec.  1530.605 of this 
subpart.
    (C) An individual preserves the right submit a waiver request, if 
he or she requests an extension of time in accordance with Sec.  
1530.601(e) of this part and the request is granted.
    (2) In determining whether to grant a waiver, TSA will consider the 
following factors:
    (i) The circumstances of the disqualifying offense.
    (ii) Restitution made by the individual.
    (iii) Any Federal or State mitigation remedies.
    (iv) Court records or official medical release documents indicating 
that the individual no longer lacks mental capacity.
    (v) Term of incarceration, time elapsed since release from 
incarceration/jail, and information concerning any criminal activity or 
evidence of rehabilitation that occurred since release from 
incarceration/jail.
    (vi) Other factors that indicate the individual should or should 
not be granted a waiver.
    (d) Grant or Denial of Waiver. (1) Within 60 days of the date of 
service of the individual's request for a waiver, the Assistant 
Administrator will serve on the individual a written decision granting 
or denying the waiver.
    (2) If the Assistant Administrator denies the waiver, the 
individual may seek review by an administrative law judge (ALJ) in 
accordance with Sec.  1530.611 of this part. A denial of a waiver under 
this section does not constitute a final agency order as provided in 49 
U.S.C. 46110.


Sec.  1530.609  Appeal of security threat assessment based on terrorism 
check and other analyses.

    (a) Scope. This section applies to an individual appealing a PDI or 
PDIIR based on a failure to meet the standards in Sec.  1530.507(a) of 
this part.
    (b) Grounds for appeal. An individual may appeal a PDI or PDIIR if 
the individual is asserting that he or she meets the standards for the 
STA for which he or she is applying.
    (c) Procedures for Appeal. The appeal procedures set forth in 
Sec. Sec.  1530.605(c) through (f) of this subpart apply to this 
section.
    (d) Final determination. Within 60 days of the date of service of 
the individual's reply to the PDI/PDIIR, or a longer period of time for 
good cause, TSA will serve either an FDI or a withdrawal of the PDI/
PDIIR as provided in paragraph (d)(1) or (d)(2) of this section.
    (1) Final Determination of Ineligibility. If the Assistant 
Administrator concludes that an individual does not meet the standards 
described in Sec.  1530.501 of this part, TSA will serve an FDI upon 
the individual. Where applicable, TSA will serve the FDI on the 
individual's employer or entity for whom the individual is an 
authorized representative. The FDI will include a statement that the 
Assistant Administrator has reviewed the PDI/PDIIR, the individual's 
reply and accompanying information, and any other available material or 
information, and has determined that the individual does not meet the 
STA standards for which she or he has applied.
    (2) Withdrawal of PDI/PDIIR. If the Assistant Administrator 
concludes that the individual meets the STA standards, TSA will serve a 
withdrawal of the PDI/PDIIR upon the individual, and where applicable, 
the individual's employer, operator, or other person with security 
responsibilities for the individual under this chapter.
    (e) Further review. If the Assistant Administrator denies the 
appeal, the individual may seek review by an ALJ in accordance with 
Sec.  1530.611 of this subpart. A final determination issued under this 
section does not constitute a final agency order as provided in 49 
U.S.C. 46110.


Sec.  1530.611  Review by administrative law judge.

    (a) Scope. This section applies to the following:
    (1) An individual who seeks review of a decision by TSA denying a 
waiver request under Sec.  1530.607 of this part.
    (2) An individual who seeks review of a decision by TSA denying an 
appeal under Sec.  1530.609 of this part.
    (b) Request for review by administrative law judge. An individual 
must request review by an ALJ of TSA's decision to deny a waiver under 
Sec.  1530.607 or an appeal under Sec.  1530.609 of this part, by 
serving the request no later than 30 days from the date of service 
TSA's final determination. If the individual fails to seek review 
within 30 days of the date of service, the application is closed and 
the individual is not eligible.
    (1) The request for review must clearly state the issue(s) to be 
considered by the ALJ, and include the following documents in support 
of the request:
    (i) A copy of the individual's request for waiver or appeal, 
including all material the individual provided to TSA as part of the 
request for waiver under Sec.  1530.607 of this part or appeal under 
Sec.  1530.609 of this part; and
    (ii) A copy of TSA's denial of the waiver request or appeal.
    (2) The request for review may not include material, evidence, or 
information that was not presented to TSA in the original waiver 
request or appeal. The ALJ may consider only material, evidence, or 
information that was presented to TSA in the waiver request or appeal.
    (3) If the individual has new or additional material, evidence or 
information that was not presented to TSA as part of the original 
waiver request or appeal, the individual must file a new waiver request 
under Sec.  1530.607 of this part or appeal under Sec.  1530.609 of 
this part and the pending request for ALJ review will be dismissed.

[[Page 33519]]

    (4) The individual may include in the request for review a request 
for an in-person hearing before the ALJ.
    (5) The individual must file the request for ALJ review with the 
ALJ Docketing Center, U.S. Coast Guard, 40 S. Gay Street, Room 412, 
Baltimore, MD 21202-4022, ATTENTION: Hearing Docket Clerk.
    (c) Extension of time. (1) The ALJ may grant an extension of the 
time limits described in this section for good cause shown.
    (2) Requests for an extension of time must be in writing and 
received by the ALJ within a reasonable time before the date to be 
extended.
    (3) An individual may request an extension of time after the 
expiration of a due date by sending a written request describing why 
the failure to file within the time limits should be excused.
    (4) This paragraph (c) does not apply to time limits set by the ALJ 
during the ALJ's review of the case.
    (d) Duties of the administrative law judge. The ALJ who conducts 
the review described in this section must possess the appropriate 
security clearance necessary to review classified or otherwise 
protected information and evidence. The ALJ may--
    (1) Receive information and evidence presented to TSA in the 
request for waiver under Sec.  1530.607 of this part or appeal under 
Sec.  1530.609 of this part;
    (2) Determine whether to grant a request for an in-person hearing, 
by considering if there are genuine issues of fact regarding--
    (i) The credibility of evidence or information submitted in the 
individual's request for a waiver or appeal; and
    (ii) Whether TSA's determination on a request for a waiver or 
appeal under this subpart was made in accordance with this chapter.
    (3) Give notice of and hold conferences and hearings;
    (4) Administer oaths and affirmations;
    (5) Examine witnesses;
    (6) Regulate the course of the hearing including granting 
extensions of time limits; and
    (7) Dispose of procedural motions and requests, and issue a 
decision that applies the substantial evidence on the record standard 
of proof for conclusions of law.
    (e) Hearing. If the ALJ grants a request for a hearing, except for 
good cause shown, it will begin within 60 days of the date of receipt 
of the request for hearing. The hearing is a limited discovery 
proceeding and is conducted as follows:
    (1) If applicable and upon request, TSA will provide to the 
individual requesting a review an unclassified summary of classified 
evidence upon which TSA's denial of the waiver or appeal was based, to 
the extent possible given national security concerns. Preparation of an 
unclassified summary constitutes good cause for the purposes of 
extending the time limits described in this section.
    (i) TSA will not disclose to the individual, or the individual's 
counsel, classified information, as defined in E.O. 12968, section 
1.1(d), as amended.
    (ii) TSA will not disclose any other information or material that 
does not warrant disclosure or is otherwise protected from disclosure 
by law or regulation.
    (2) The individual may present the case by oral testimony; 
documentary, demonstrative, or rebuttal evidence; and conduct cross-
examination, as permitted by the ALJ. Oral testimony, and documentary, 
demonstrative, and rebuttal evidence is limited to the evidence or 
information that the individual presented to TSA in the request for a 
waiver or during the appeal. The Federal Rules of Evidence may serve as 
guidance, but are not binding and shall not preclude presentation of 
evidence considered by TSA in making its decision to deny a waiver or 
appeal, or evidence offered by the individual to TSA in support of 
their waiver or appeal.
    (3) The ALJ will review any classified information on an ex parte, 
in camera basis, and may consider such information in rendering a 
decision if the information appears to be material and relevant.
    (4) The ALJ will assess whether TSA's determination is supported by 
substantial evidence on the record.
    (5) The parties may submit proposed findings of fact and 
conclusions of law.
    (6) If the individual fails to appear, the ALJ may issue a default 
judgment.
    (7) A verbatim transcript will be made of the hearing, including 
any witnesses testifying ex parte, in camera, and will be provided upon 
request at the expense of the requesting party. In cases in which 
classified or otherwise protected evidence is received, the transcript 
will be redacted for classified or otherwise protected information.
    (8) The hearing will be held at TSA's Headquarters building or, on 
request of a party, at an alternate location selected by the ALJ for 
good cause shown. The ALJ may hold a hearing via teleconference or 
video, as appropriate.
    (f) Decision of the administrative law judge. (1) The record is 
closed when the certified transcript and all documents and material 
have been submitted for the record.
    (2) The ALJ issues an unclassified written decision to the 
individual no later than 60 days from the close of the record, and may 
extend the time needed to issue the decision where appropriate. The ALJ 
serves the decision on the parties. The ALJ may issue a classified 
decision to TSA.
    (3) The ALJ's decision may be appealed by either party to the TSA 
Final Decision Maker in accordance with Sec.  1530.613 of this subpart. 
In no event does an ALJ decision constitute a final agency order as 
provided in 49 U.S.C. 46110.
    (i) Concerning a review of a waiver denial, if the ALJ upholds 
TSA's denial of the waiver request and the individual does not appeal 
that to the TSA Final Decision Maker, TSA will issue a final agency 
order denying a waiver to the individual.
    (ii) Concerning a review of a waiver denial, if the ALJ reverses 
TSA's denial of the waiver request and TSA does not appeal that to the 
TSA Final Decision Maker, TSA will issue a final agency order granting 
a waiver to the individual and if applicable, send a DOE to the 
individual's employer, operator, or other person with security 
responsibilities for the individual under this chapter.
    (iii) Concerning a review of an appeal denial, if the ALJ upholds 
TSA's denial of the appeal and the individual does not appeal that to 
the TSA Final Decision Maker, TSA will issue a final order of 
ineligibility to the individual.
    (iv) Concerning a review of an appeal denial, if the ALJ reverses 
TSA's denial of the appeal and TSA does not appeal that to the TSA 
Final Decision Maker, TSA will re-adjudicate the STA consistent with 
the ALJ's decision, issue a withdrawal of the final determination to 
the individual, and if applicable, to the individual's employer, 
operator, or other person with security responsibilities for the 
individual under this chapter.


Sec.  1530.613  Review by TSA Final Decision Maker.

    (a) Request for review. Either party may request that the TSA Final 
Decision Maker review the ALJ's decision by serving a written request 
no later than 30 days after the date of service of the ALJ's decision. 
Requests for review served after 30 days of the date of service of the 
ALJ's decision will be denied, except where good cause is shown. The 
request must be--
    (1) In writing;
    (2) Served on the other party; and
    (3) Address only whether the ALJ decision is supported by 
substantial evidence on the record.

[[Page 33520]]

    (b) Response to request for review. The other party may file a 
response to the request for review no later than 30 days after receipt 
of the request.
    (c) Record for review. The ALJ will provide the TSA Final Decision 
Maker with a certified transcript of the hearing and all unclassified 
documents and material submitted for the record. TSA will provide any 
classified material previously submitted.
    (d) Decision of the TSA Final Decision Maker. No later than 60 days 
after receipt of the request, or if the other party files a response, 
30 days after receipt of the response, or such longer period as may be 
appropriate, the TSA Final Decision Maker issues an unclassified 
decision and serves the decision on the parties. The TSA Final Decision 
Maker may issue a classified opinion to TSA, if applicable. The 
decision of the TSA Final Decision Maker is a final agency order in 
accordance with 49 U.S.C. 46110.
    (1) In the case of a review of a waiver denial under Sec.  1530.607 
of this part, if the TSA Final Decision Maker upholds the denial of the 
individual's request for waiver, TSA issues a final agency order 
denying a waiver request to the individual.
    (2) In the case of a review of a waiver denial under Sec.  1530.607 
of this part, if the TSA Final Decision Maker reverses the denial of 
the individual's request for waiver, TSA will issue a final agency 
order granting a waiver to the individual, and if applicable, send a 
DOE to the TSA-regulated person employing or contracting with the 
individual, or other person, as appropriate.
    (3) In the case of a review of an appeal under Sec.  1530.609 of 
this part, if the TSA Final Decision Maker determines that the 
individual does not meet the STA standards in this part, TSA will issue 
an FDI to the individual.
    (4) In the case of a review of an appeal under Sec.  1530.609 of 
this part, if the TSA Final Decision Maker determines that the 
individual meets the STA standards, TSA will issue a withdrawal of the 
FDI to the individual, and if applicable, to the individual's employer 
or entity for whom the individual is an authorized representative.
    (e) Judicial review. The individual may seek judicial review of a 
final decision of the TSA Final Decision Maker in the U.S. Court of 
Appeals of the District of Columbia Circuit, in accordance with 49 
U.S.C. 46110.

SUBCHAPTER D--MARITIME AND LAND TRANSPORTATION SECURITY

PART 1570--GENERAL RULES

0
4. The authority citation for part 1570 is revised to read as follows:

    Authority:  46 U.S.C. 70105; 49 U.S.C. 114, 5103a, 40113, and 
46105; Pub. L. 108-90 (117 Stat. 1156; Oct. 1, 2003), sec. 520 (6 
U.S.C. 469), as amended by Pub. L. 110-329 (122 Stat. 3689; Sept. 
30, 2008) sec. 543 (6 U.S.C. 469); Pub. L. 110-53 (121 Stat. 266; 
Aug. 3, 2007) secs. 1402 (6 U.S.C. 1131), 1405 (6 U.S.C. 1134), 1408 
(6 U.S.C. 1137), 1411 (6 U.S.C. 1140); 1413 (6 U.S.C. 1142), 1414 (6 
U.S.C. 1143), 1501 (6 U.S.C. 1151), 1512 (6 U.S.C. 1162), 1517 (6 
U.S.C. 1167), 1520, 1522 (6 U.S.C. 1170), 1531 (6 U.S.C. 1181), and 
1534 (6 U.S.C. 1184).

0
5. Add Sec.  1570.307 to part 1570 to read as follows:
* * * * *


Sec.  1570.307  Owner/operators and individuals subject to security 
threat assessment requirements.

    (a) Owner/operators. The specific STA requirements for owner/
operators in maritime and land transportation are set forth in parts 
1530 (Security Threat Assessments), 1572 (Credentialing and Security 
Threat Assessments for TWIC and HME), 1580 (Freight Rail Transportation 
Security), 1582 (Public Transportation and Passenger Rail 
Transportation Security), and 1584 (Highway and Motor Carriers) of this 
chapter.
    (b) Individuals. The specific STA requirements concerning 
individuals in maritime and land transportation, including security 
coordinators and security-sensitive employees, are set forth in parts 
1530 (Security Threat Assessments), 1572 (Transportation Worker 
Identification Credential and Hazardous Materials Endorsement 
Programs), 1580 (Freight Rail), 1582 (Public Transportation and 
Passenger Rail), and 1584 (Highway and Motor Carriers) of this chapter.
0
6. Revise the heading of part 1572 to read as follows:

PART 1572--CREDENTIALING AND SECURITY THREAT ASSESSMENTS FOR THE 
HAZARDOUS MATERIALS ENDORSEMENT AND TRANSPORTATION WORKER 
IDENTIFICATION CREDENTIAL PROGRAMS

PART 1580--RAIL TRANSPORTATION SECURITY

0
7. The authority citation for part 1580 is revised to read as follows:

    Authority:  49 U.S.C. 114; Pub. L. 110-53 (121 Stat. 266, Aug. 
3, 2007) secs. 1501 (6 U.S.C. 1151), 1512 (6 U.S.C. 1162), 1517 (6 
U.S.C. 1167), 1520, and 1522 (6 U.S.C. 1170).

0
8. Revise Sec.  1580.3 introductory text to read as follows:


Sec.  1580.3  Terms used in this part.

    In addition to the terms in Sec. Sec.  1500.3, 1500.5, and 1503.103 
of subchapter A, Sec.  1530.3 of subchapter B, and Sec.  1570.3 of 
subchapter D of this chapter, the following terms apply to this part:
* * * * *
0
9. Add subpart D to part 1580 to read as follows:

Subpart D--Security Threat Assessment Requirements for Owner/
Operators and Individuals

Sec.
1580.301 Owner/operator requirements.
1580.303 Requirements for individuals.
1580.305 TSA enrollment required.
1580.307 Effective dates.


Sec.  1580.301  Owner/operator requirements.

    (a) Security coordinator security threat assessment. (1) An owner/
operator required to designate and use a primary and at least one 
alternate security coordinator under Sec.  1570.201 of this chapter 
must not designate or permit an individual to serve as a primary or 
alternate security coordinator without confirmation from TSA that the 
individual has successfully completed a Level 3 STA and holds a current 
Determination of Eligibility (DOE) as described in part 1530 of this 
chapter.
    (2) The owner/operator must retain records, in a form and manner 
authorized by TSA, that documents compliance with the requirement in 
paragraph (a)(1) of this section from the date that the owner/operator 
designates an individual as a primary or alternative security 
coordinator and until 180 days after the owner/operated has terminated 
such designation, and make those records available to TSA upon request.
    (b) Security-sensitive employee STA. (1) An owner/operator 
described in Sec.  1580.101 of this part must not authorize or permit 
an individual to serve as a security-sensitive employee without 
confirmation from TSA that the individual has successfully completed a 
Level 2 STA and holds a current DOE as described in part 1530 of this 
chapter.
    (2) The owner/operator must retain records, in a form and manner 
authorized by TSA, that documents compliance with the requirement in 
paragraph (b)(1) of this section for 180 days after the individual has 
left employment, and make those records available to TSA upon request.
    (c) Continuing responsibilities. (1) An owner/operator must remove 
an

[[Page 33521]]

individual from a position as a primary or alternate security 
coordinator, or as a security-sensitive employee, if notified by TSA 
that the individual no longer meets the standards described in Sec.  
1530.501 of this chapter for such position.
    (2) If an owner/operator becomes aware of information indicating 
that an individual serving as a primary or alternate security 
coordinator or security-sensitive employee is or may not be eligible 
for the position, the owner/operator must immediately notify TSA.
    (3) An owner/operator may reassign an individual to be a security 
coordinator or security-sensitive employee if notified by TSA that the 
individual is eligible.


Sec.  1580.303  Requirements for individuals.

    (a) Security coordinator. An individual must not perform the 
function of a primary or alternate security coordinator, unless he or 
she successfully completes a Level 3 STA and holds a current DOE, as 
described in part 1530 of this chapter. The criminal history records 
check (CHRC) conducted as part of the STA must be adjudicated against 
the standards and list of disqualifying criminal offenses in Sec.  
1530.503 of this chapter.
    (b) Security-sensitive employee. An individual must not serve as a 
security-sensitive employee, unless he or she successfully completes a 
Level 2 STA and holds a current DOE as described in part 1530 of this 
chapter.


Sec.  1580.305  TSA enrollment required.

    (a) Each individual required to undergo an STA under this subpart 
must use the TSA enrollment system and procedures as described in part 
1530 of this chapter, unless otherwise authorized by TSA.
    (b) An owner/operator must use the TSA enrollment system and 
procedures under part 1530 of this chapter for its employees who are 
required to undergo an STA, unless otherwise authorized by TSA.


Sec.  1580.307  Effective dates.

    (a) The effective date for Sec. Sec.  1580.301(a) and 1580.303(a) 
of this part is [INSERT DATE 6 MONTHS AFTER DATE OF FINAL RULE 
PUBLICATION IN THE Federal Register].
    (b) The effective date for Sec. Sec.  1580.301(b) and 1580.303(b) 
of this part is [INSERT DATE 12 MONTHS AFTER DATE OF FINAL RULE 
PUBLICATION IN THE Federal Register].
    (c) The effective date for Sec.  1580.305 of this part is [INSERT 
DATE 30 DAYS AFTER DATE OF FINAL RULE PUBLICATION IN THE Federal 
Register].

PART 1582--PUBLIC TRANSPORTATION AND PASSENGER RAILROAD SECURITY

0
10. The authority citation for part 1582 continues to read as follows:

    Authority:  49 U.S.C. 114; Pub. L. 110-53 (121 Stat. 266, Aug. 
3, 2007) secs. 1402 (6 U.S.C. 1131), 1405 (6 U.S.C. 1134), and 1408 
(6 U.S.C. 1137).

Subpart A--General

0
11. Revise Sec.  1582.3 introductory text to read as follows:


Sec.  1582.3  Terms used in this part.

    In addition to the terms in Sec. Sec.  1500.3, 1500.5, and 
1503.103, of subchapter A, Sec.  1530.3 of subchapter B, and Sec.  
1570.3 of subchapter D of this chapter, the following terms apply to 
this part:
* * * * *
0
12. Add subpart C to part 1582 to read as follows:

Subpart C--Security Threat Assessment Requirements for Owner/
Operators and Individuals

Sec.
1582.201 Owner/operator requirements.
1582.203 Requirements for individuals.
1582.205 TSA enrollment required.
1582.207 Effective dates.


Sec.  1582.201  Owner/operator requirements.

    (a) Security coordinator STA. (1) An owner/operator required to 
designate and use a primary and alternate security coordinator under 
Sec.  1570.201 of this chapter, must not designate or permit an 
individual to serve as a primary or alternate security coordinator 
without confirmation from TSA that the individual has successfully 
completed a Level 3 security threat assessment (STA) and holds a 
current determination of eligibility (DOE) as described in part 1530 of 
this chapter.
    (2) The owner/operator must retain records, in a form and manner 
authorized by TSA, that documents compliance with the requirement in 
paragraph (a)(1) of this section from the date that the owner/operator 
designates an individual as a primary or alternative security 
coordinator and until 180 days after the owner/operated has terminated 
such designation, and make those records available to TSA upon request.
    (b) Security-sensitive employee security threat assessment. (1) An 
owner/operator, described in (a) of this section, must not permit an 
individual to serve as a security-sensitive employee without 
confirmation from TSA that the individual has successfully completed a 
Level 2 STA and holds a current DOE as described in part 1530 of this 
chapter.
    (2) The owner/operator must retain records, in a form and manner 
authorized by TSA, that documents compliance with the requirement in 
paragraph (b)(1) of this section for 180 days after the individual has 
left employment, and make those records available to TSA upon request.
    (c) Continuing responsibilities. (1) An owner/operator must remove 
an employee from a position as a primary or alternate security 
coordinator or as a security-sensitive employee, if notified by TSA 
that the individual no longer meets the standards described in Sec.  
1530.501 of this chapter for those positions.
    (2) If an owner/operator becomes aware of information indicating 
that an individual serving as a primary or alternate security 
coordinator or security-sensitive employee is or may not be eligible 
for the position, the owner/operator must immediately notify TSA.
    (3) An owner/operator may reassign an individual to be a security 
coordinator or security-sensitive employee if notified by TSA that the 
individual is eligible.


Sec.  1582.203  Requirements for individuals.

    (a) Security Coordinator. An individual must not perform the 
function of a primary or alternate security coordinator, unless he or 
she successfully completes a Level 3 STA and holds a current DOE as 
described in part 1530 of this chapter. The criminal history records 
check (CHRC) conducted as part of the STA must be adjudicated against 
the standards and list of disqualifying criminal offenses in Sec.  
1530.503 of this part.
    (b) Security-sensitive employee. An individual must not serve as a 
security-sensitive employee, unless he or she successfully completes a 
Level 2 STA and holds a current DOE as described in part 1530 of this 
chapter.


Sec.  1582.205  TSA enrollment required.

    (a) Each individual required to undergo an STA under this subpart, 
must use the TSA enrollment system and procedures as described in part 
1530 of this chapter, unless otherwise authorized by TSA.
    (b) An owner/operator must use the TSA enrollment system and 
procedures under part 1530 of this chapter for its employees who are 
required to undergo an STA, unless otherwise authorized by TSA.

[[Page 33522]]

Sec.  1582.207  Effective dates.

    (a) The effective date for Sec. Sec.  1582.201(a) and 1582.203(a) 
of this part is [INSERT DATE 6 MONTHS AFTER DATE OF FINAL RULE 
PUBLICATION IN THE Federal Register].
    (b) The effective date for Sec. Sec.  1582.201(b) and 1582.203(b) 
of this part is [INSERT DATE 12 MONTHS AFTER DATE OF FINAL RULE 
PUBLICATION IN THE Federal Register].
    (c) The effective date for Sec.  1582.205 of this part is [INSERT 
DATE 30 DAYS AFTER DATE OF FINAL RULE PUBLICATION IN THE Federal 
Register].

PART 1584--HIGHWAY AND MOTOR CARRIERS

0
13. The authority citation for part 1584 is revised to read as follows:

    Authority:  49 U.S.C. 114; Pub. L. 110-53 (121 Stat. 266, Aug. 
3, 2007) secs. 1501 (6 U.S.C. 1151), 1531 (6 U.S.C. 1181), and 1534 
(6 U.S.C. 1184).

Subpart A--General

0
14. Revise Sec.  1584.3 introductory text to read as follows:


Sec.  1584.3  Terms used in this part.

    In addition to the terms in Sec. Sec.  1500.3, 1500.5, and 1503.3 
of subchapter A, Sec.  1530.3 of subchapter B, and Sec.  1570.3 of 
subchapter D of this chapter, the following terms apply to this part:
* * * * *
0
15. Add subpart C to part 1584 to read as follows:

Subpart C--Security Threat Assessment Requirements for Owner/
Operators and Individuals

Sec.
1584.201 Owner/operator requirements.
1584.203 Requirements for individuals.
1584.205 TSA enrollment required.
1584.207 Effective date.


Sec.  1584.201  Owner/operator requirements.

    (a) Security coordinator security threat assessment. (1) An owner/
operator, required to designate and use a primary and at least one 
alternate security coordinator under Sec.  1570.201 of this chapter, 
must not designate or permit an individual to serve as a primary or 
alternate security coordinator without confirmation from TSA that the 
individual has successfully completed a Level 3 security threat 
assessment (STA) and holds a current Determination of Eligibility (DOE) 
as described in part 1530 of this chapter.
    (2) The owner/operator must retain records, in a form and manner 
authorized by TSA, that documents compliance with the requirement in 
paragraph (a)(1) of this part from the date that the owner/operator 
designates an individual as a primary or alternative security 
coordinator and until 180 days after the owner/operated has terminated 
such designation, and make those records available to TSA upon request.
    (b) Continuing responsibilities. (1) An owner/operator must remove 
an employee from a position as a primary or alternate security 
coordinator, if notified by TSA that he or she no longer meets the 
standards described in Sec.  1530.501 of this chapter for those 
positions.
    (2) If an owner/operator becomes aware of information indicating 
that an individual serving as a primary or alternate security 
coordinator is, or may not, be eligible for position, the owner/
operator must immediately notify TSA.
    (3) An owner/operator may reassign an individual to be a security 
coordinator, if notified by TSA that the individual is eligible.


Sec.  1584.203  Requirements for individuals.

    An individual must not perform the function of a primary or 
alternate security coordinator unless he or she successfully completes 
a Level 3 STA and holds a current DOE as described in part 1530 of this 
chapter. The criminal history records check (CHRC) conducted as part of 
the STA must be adjudicated against the standards and list of 
disqualifying criminal offenses in Sec.  1530.503 of this chapter.


Sec.  1584.205  TSA enrollment required.

    (a) Each individual required to undergo an STA under this subpart 
must use the TSA enrollment system and procedures as described in part 
1530 of this chapter, unless otherwise authorized by TSA.
    (b) An owner/operator must use the TSA enrollment system and 
procedures, as described in part 1530 of this chapter, for its 
employees who are required to undergo an STA, unless otherwise 
authorized by TSA.


Sec.  1584.207  Effective date.

    (a) The effective date for Sec.  1584.201 and Sec.  1584.203 of 
this part is [INSERT DATE 6 MONTHS AFTER DATE OF FINAL RULE PUBLICATION 
IN THE Federal Register].
    (b) The effective date for Sec.  1584.205 of this part is [INSERT 
DATE 30 DAYS AFTER DATE OF FINAL RULE PUBLICATION IN THE Federal 
Register].

    Dated: May 4, 2023.
David P. Pekoske,
Administrator.
[FR Doc. 2023-10131 Filed 5-22-23; 8:45 am]
BILLING CODE 9110-05-P