TSA Air Cargo Security Requirements

2 June 2006 updated

29 May 2006

-----------------------------------------------------------------------

[Federal Register: June 2, 2006 (Volume 71, Number 106)]
[Rules and Regulations]
[Page 31964-31965]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr02jn06-13]

=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Transportation Security Administration

49 CFR Parts 1544, 1546, and 1548

[Docket No. TSA-2004-19515; Amendment Nos. 1520-4, 1540-7, 1542-2,
1544-5, 1546-2, and 1548-2]
RIN 1652-AA23

Air Cargo Security Requirements; Correction

AGENCY: Transportation Security Administration (TSA), DHS.

ACTION: Final rule; correction.

-----------------------------------------------------------------------

SUMMARY: This document makes a correction to the final rule published
in the Federal Register on May 26, 2006. That rule enhances and
improves the security of air cargo transportation by requiring airport
operators, aircraft operators, foreign air carriers, and indirect air
carriers to implement security measures in the air cargo supply chain
as directed under the Aviation and Transportation Security Act. The
final rule also amends the applicability of the requirement for a
``twelve-five'' security program for aircraft with a maximum
certificated takeoff weight of 12,500 pounds or more to those aircraft
with a maximum certificated takeoff weight of more than 12,500 pounds
to conform to recent legislation. TSA listed an incorrect compliance
date in certain sections of parts 1544, 1546, and 1548 dealing with
security threat assessments and a mandatory security program
requirement for operators. This document adds the correct compliance
date to these sections.

DATES: Effective October 23, 2006.

FOR FURTHER INFORMATION CONTACT: Tamika McCree, Office of
Transportation Sector Network Management (TSA-28), Transportation
Security Administration, 601 South 12th Street, Arlington, VA 22202;
(571-227-2632); tamika.mccree@dhs.gov.

SUPPLEMENTARY INFORMATION:

Background

On May 26, 2006, TSA published a final rule in a separate Part II
of the Federal Register (71 FR 30478), revising various regulations to
enhance and improve the security of air cargo transportation. Although
TSA listed the correct compliance dates in the DATES section of the
final rule preamble, we incorrectly listed the compliance date dealing
with security threat assessments in Sec. Sec. 1544.228(d),
1546.213(d), 1548.5(a), and 1548.16(a), and a mandatory security
program requirement in Sec. 1548.15(d) for operators. This document
corrects the date in these sections from the incorrect date of November
22, 2006, to the correct date of December 1, 2006.

Correction

In rule FR Doc. 06-4800, published on May 26, 2006 (71 FR 30478),
make the following corrections:

Sec. 1544.228 [Corrected]

0
1. On page 30511, in the second column, in Sec. 1544.228 Access to
Cargo: Security threat assessments for cargo personnel in the United
States, at the end of paragraph (d), remove the date ``November 22,
2006'' and add in its place, the date ``December 1, 2006''.

Sec. 1546.213 [Corrected]

0
2. On page 30512, in the third column, in Sec. 1546.213 Access to
Cargo: Security threat assessments for cargo personnel in the United
States, at the end of paragraph (d), remove the date ``November 22,
2006'' and add in its place, the date ``December 1, 2006''.

Sec. 1548.5 [Corrected]

0
3. On page 30513, in the second column, in Sec. 1548.5 Adoption and
implementation of the security program, at the end of paragraph (a),
remove the date ``November 22, 2006'' and add in its place, the date
``December 1, 2006''.

[[Page 31965]]

Sec. 1548.15 [Corrected]

0
4. On page 30516, in the second column, in Sec. 1548.15 Access to
Cargo: Security threat assessments for individuals having unescorted
access to cargo, at the end of paragraph (d), remove the date
``November 22, 2006'' and add in its place, the date ``December 1,
2006''.

Sec. 1548.16 [Corrected]

0
5. On page 30516, in the second column, in Sec. 1548.16 Security
threat assessments for each proprietor, general partner, officer,
director, and certain owners of the entity, at the end of paragraph
(a), remove the date ``November 22, 2006'' and add in its place, the
date ``December 1, 2006''.

Issued in Arlington, Virginia, on May 26, 2006.
Mardi Ruth Thompson,
Deputy Chief Counsel for Regulations.
[FR Doc. E6-8584 Filed 6-1-06; 8:45 am]

BILLING CODE 9110-05-P

-----------------------------------------------------------------------

[Federal Register: May 26, 2006 (Volume 71, Number 102)]
[Rules and Regulations]
[Page 30477-30517]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr26my06-17]

[[Page 30477]]

-----------------------------------------------------------------------

Part II

Department of Homeland Security

-----------------------------------------------------------------------

Transportation Security Administration

-----------------------------------------------------------------------

49 CFR Parts 1520, 1540, 1542, et al.

Air Cargo Security Requirements; Final Rule

[[Page 30478]]

-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Transportation Security Administration

49 CFR Parts 1520, 1540, 1542, 1544, 1546, and 1548

[Docket No. TSA-2004-19515; Amendment Nos. 1520-4, 1540-7, 1542-2,
1544-5, 1546-2, and 1548-2]
RIN 1652-AA23

Air Cargo Security Requirements

AGENCY: Transportation Security Administration (TSA), DHS.

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: The Transportation Security Administration is amending its
regulations to enhance and improve the security of air cargo
transportation. This final rule requires airport operators, aircraft
operators, foreign air carriers, and indirect air carriers to implement
security measures in the air cargo supply chain as directed under the
Aviation and Transportation Security Act. This final rule also amends
the applicability of the requirement for a ``twelve-five'' security
program for aircraft with a maximum certificated takeoff weight of
12,500 pounds or more to those aircraft with a maximum certificated
takeoff weight of more than 12,500 pounds to conform to recent
legislation.

DATES: Effective Date: This final rule is effective October 23, 2006.
Compliance Date: By November 22, 2006, Indirect air carriers must
comply with the requirements for Indirect air carrier training under
Sec. 1548.11.
By December 1, 2006, aircraft operators, foreign air carriers, and
indirect air carriers must comply with the requirements for--
Security threat assessments under Sec. Sec. 1544.228, 1546.213,
1548.15, and 1548.16; and
Indirect air carriers that do not currently hold a security program
under part 1548, and that offer cargo to an aircraft operator operating
under a full all-cargo program or a comparable foreign air carrier
under Sec. 1546.101(e), establishment of, and operation under, a TSA
security program in part 1548.

SUPPLEMENTARY INFORMATION:

Availability of Rulemaking Documents

You can get an electronic copy using the Internet by--
(1) Searching the Department of Transportation's electronic Docket
Management System (DMS) Web page (http://dms.dot.gov/search); (2) Accessing the Government Printing Office's Web page at http://

http://www.gpoaccess.gov/fr/index.html; or

(3) Visiting TSA's Law and Policy Web page at http://www.tsa.gov

and accessing the link for ``Law and Policy'' at the top of the page.
In addition, copies are available by writing or calling the
individual in the FOR FURTHER INFORMATION CONTACT section. Make sure to
identify the docket number of this rulemaking.

Small Entity Inquiries

The Small Business Regulatory Enforcement Fairness Act (SBREFA) of
1996 requires TSA to comply with small entity requests for information
and advice about compliance with statutes and regulations within TSA's
jurisdiction. Any small entity that has a question regarding this
document may contact the person listed in FOR FURTHER INFORMATION
CONTACT. Persons can obtain further information regarding SBREFA on the
Small Business Administration's Web page at http://www.sba.gov/advo/laws/law_lib.html
.

Abbreviations and Terms Used in This Preamble

AAAE American Association of Airport Executives
AAPA Association of Asia Pacific Airlines
ACCA Air Courier Conference of America
ACISP All-Cargo International Security Procedures
ACI-NA Airports Council International-North America
AEA Association of European Airlines
AES Automated Export System
ALPA Air Line Pilots Association International
AOPA Aircraft Owners and Pilots Association
ASAC Aviation Security Advisory Committee
ATA Air Transport Association
ATSA Aviation and Transportation Security Act
CAA Cargo Airline Association
CBP U.S. Customs and Border Protection
CFR Code of Federal Regulations
CHRC Criminal History Records Check
DHS Department of Homeland Security
DSIP Domestic Security Integration Program
EA Emergency Amendment
FAA Federal Aviation Administration
HAZMAT Hazardous Materials
IAC Indirect Air Carrier
IACSSP Indirect Air Carrier Standard Security Program
IATA International Air Transport Association
MSP Model Security Program
MTOW Maximum certificated take-off weight
NACA National Armored Car Association
NATA National Air Transport Association
NCBFAA National Customs Brokers and Forwarders Association
RAA Regional Airline Association
RACCA Regional Air Cargo Carriers Association
SIDA Security Identification Display Area
SD Security Directive
SSI Sensitive Security Information
STA Security Threat Assessment
TSA Transportation Security Administration
TFSSP Twelve-Five Standard Security Program
UPS United Parcel Service

Outline of Final Rule

I. Background
II. Comment Disposition
A. Security Threat Assessments
B. Acceptance and Screening of Cargo
C. Security Identification Display Area
D. Known Shipper Program
E. Adoption and Implementation of the Security Programs
F. Cost of IAC Training and Materials
G. Cost Benefit Analysis
H. 100 Percent Inspection of Cargo
I. Unknown Shipper Cargo
J. Terms Used in This Chapter
K. Persons and Property Aboard the Aircraft
L. Other Issues and Sections
III. Section-by-Section Analysis of Changes
IV. Fee Authority for Security Threat Assessment
V. Rulemaking Analyses and Notices
A. Regulatory Evaluation Summary
B. Paperwork Reduction Act
C. International Compatibility
D. International Trade Impact Assessment
E. Unfunded Mandates Reform Act Analyses
F. Executive Order 13132, Federalism
G. Environmental Analysis
H. Energy Impact
VI. List of Subjects
VII. The Amendment

I. Background

This final rule implements air cargo security requirements under
the Aviation and Transportation Security Act (ATSA), Pub. L. 107-71.
ATSA requires TSA to implement the following requirements:
Provide for screening of all property, cargo, carry-on and
checked baggage, and other articles, that will be carried aboard a
passenger aircraft operated by a domestic or foreign air carrier;\1\
and
---------------------------------------------------------------------------

\1\ 49 U.S.C. 44901(a).
---------------------------------------------------------------------------

Establish a system to screen, inspect, or otherwise ensure
the security of freight that is to be transported in all-cargo aircraft
as soon as practicable.\2\
---------------------------------------------------------------------------

\2\ 49 U.S.C. 44901(f).
---------------------------------------------------------------------------

TSA published a notice of proposed rulemaking in the Federal
Register on

[[Page 30479]]

November 10, 2004, at 69 FR 65258, to solicit public comment on the
proposed air cargo regulations. Please see the NPRM for additional
background information on the development of these regulations. The
NPRM proposed, among other requirements, to:
Address two critical risks in the air cargo environment:
(1) The hostile takeover of an all-cargo aircraft leading to its use as
a weapon; and (2) the use of cargo to introduce an explosive device
onboard a passenger aircraft.
Create a new mandatory security regime for aircraft
operators and foreign air carriers in all-cargo operations using
aircraft with a maximum certificated take-off weight more than 45,500
kg.
Create requirements for foreign air carriers in all-cargo
operation with an aircraft having a maximum certificated take-off
weight more than 12,500 pounds but no more than 45,500 kg, and a
separate program for aircraft with a maximum certificated take-off
weight more than 45,500 kg.
Require a Security Threat Assessment for individuals with
unescorted access to air cargo.
Enhance existing requirements for indirect air carriers
(IAC).
Expand Security Identification Display Area requirements
at regulated airports to include areas where cargo is loaded and
unloaded.
The NPRM was based in part on recommendations received from the
Department of Transportation Office of Inspector General's (DOT OIG's)
September 2002 audit of the air cargo security program,\3\ the General
Accounting Office's (GAO's) December 2002 report entitled,
``Vulnerabilities and Potential Improvements for the Air Cargo
System'',\4\ and the Aviation Security Advisory Committee
recommendations of October 1, 2003. TSA was also guided by the Air
Cargo Strategic Plan, which was completed in November 2003, and
approved by the Department of Homeland Security in January 2004. The
NPRM proposed a threat-based, risk-managed program for securing the air
cargo transportation system.
---------------------------------------------------------------------------

\3\ Report Number SC-2002-113, September 19, 2002. This report
is SSI.
\4\ GAO-03-344, December 20, 2002.
---------------------------------------------------------------------------

This final rule adopts the regulations proposed in the NPRM with
minor revisions to clarify certain provisions from the proposed rule.
Specifically, the final rule clarifies both of the populations who are
subject to Security Threat Assessments (STAs), and the areas where
airports must extend Security Identification Display Area (SIDA)
measures for cargo.
During this rulemaking, another critical security enhancement has
been implemented, that is, an increase in the inspection of cargo by
aircraft operators and foreign air carriers. The NPRM proposed to
codify the requirement for the aircraft operators and foreign air
carriers to inspect cargo in accordance with their security programs.
These operators already were inspecting a portion of their cargo as
required by Security Directives issued by TSA in November 2003.
Following the publication of the NPRM, the Department of Homeland
Security Appropriations Act, 2005 was enacted.\5\ Section 513 of the
Act requires TSA to amend Security Directives and programs to triple
the percentage of cargo inspected on passenger aircraft, which TSA did.
Details of these security measures are protected by TSA as Sensitive
Security Information,\6\ and therefore are not available for release to
the general public.
---------------------------------------------------------------------------

\5\ FY `05, Pub. L. 108-334.
\6\ ``Sensitive Security Information'' or ``SSI'' is information
obtained or developed in the conduct of security activities, the
disclosure of which would constitute an unwarranted invasion of
privacy, reveal trade secrets or privileged or confidential
information, or be detrimental to the security of transportation.
The protection of SSI is governed by 49 CFR part 1520.
---------------------------------------------------------------------------

Although the details are not in the rule, the regulatory evaluation
for this final rule analyzes the cost incurred by aircraft operators
and foreign air carriers to comply with this inspection requirement.
The cost of inspection of air cargo on passenger aircraft accounts for
about $1.491 billion of the total $2 billion costs of this rule, as
discussed further in the Regulatory Evaluation Summary (Section V.A.)
of this preamble. This inspection requirement accounts for the largest
single cost of this final rule. This inspection requirement is not a
new responsibility under this final rule; rather, TSA is taking this
opportunity to provide a cost estimate for inspection of air cargo on
passenger aircraft, as currently required under existing Security
Directives. TSA provided cost estimates for these inspections in the
NPRM, and has since revised them to account for the effect of the
congressional directive and public comments. These Security Directives
were first issued in November 2003. TSA subsequently issued security
program amendments to reflect the inspection requirements of the
Security Directives and the congressional mandates. These amendments
have been implemented since July 2005. This rulemaking marks TSA's
first opportunity to account for costs associated with the issuance of
these security measures. The specific requirements for these
inspections are SSI and are not appropriate for public disclosure as
part of this rulemaking.
Accordingly, about 75 percent of the approximately $2 billion
overall 10-year cost of the requirements implemented under this rule
are associated with requirements that did not originate with this rule.
These costs originated with TSA Security Directives issued in November
2003 and security program amendments issued in March 2005. The cost of
implementing requirements that originate under this final rule is
estimated to be about $167 million over a 10-year period.
In conjunction with the publication of this final rule, TSA is
issuing to regulated parties for comment proposed amendments to their
security programs to implement this final rule as authorized under 49
CFR 1542.105, 1544.105, 1546.105, and 1548.5.

II. Comment Disposition

TSA received 134 letters commenting on the NPRM. These comments
were submitted by a broad cross-section of parties with an interest in
air cargo security; including aircraft operators, foreign air carriers,
trade associations, airports, state and local governments, and indirect
air carriers (IACs).\7\ These comments are addressed below, organized
by major issues.
---------------------------------------------------------------------------

\7\ ``Indirect air carrier'' or ``IAC'' means any person or
entity within the United States not in possession of an FAA air
carrier operating certificate, which undertakes to engage indirectly
in air transportation of property, and uses for all, or any part, of
such transportation the services of an air carrier. This does not
include the U.S. Postal Service (USPS) or its representative while
acting on the behalf of the USPS. See 49 CFR 1540.5. This definition
reflects an amendment pursuant to this final rulemaking.
---------------------------------------------------------------------------

II.A. Security Threat Assessments (STAs)

TSA received approximately 140 comments on the proposed requirement
for security threat assessments (STAs) for persons with access to air
cargo. The STA proposed by TSA would include a search by TSA of
domestic and international databases to assess any potential terrorist
threats from those individuals with access to air cargo. TSA currently
requires a variety of individuals working in aviation to submit to a
criminal history records check and an additional name-based background
check. Generally, these individuals work on airport grounds and have
access to secure areas. However, many other persons who have not been
subjected to such background checks have access to air cargo. TSA

[[Page 30480]]

proposed to require that STAs be conducted on additional categories of
persons who have unescorted access to air cargo to verify that these
individuals do not pose a security threat. Individuals who undergo
security checks required for unescorted access to a security
identification display area (SIDA), or who have successfully completed
another STA that TSA approves as comparable, would not be required to
submit to an STA.
Applicability and Definitions
Comment: The majority of comments addressing the proposed STA
requirement expressed uncertainty about which employees would be
required to have an STA, and what TSA considers to be ``unescorted
access to cargo'' for purpose of triggering the STA requirement. In
addition, the Regional Airline Association (RAA) states that the
proposed language appears much broader than the scope previously
recommended by the Aviation Security Advisory Committee (ASAC) because
the requirement conceivably could apply to individuals who work outside
of the airport environment. RAA believes that only individuals under
the direct control of all-cargo airlines working at the airport should
be subject to the STA requirement.
The National Air Transport Association (NATA) suggests that TSA
clarify specifically which persons are covered by the STA requirement--
either under this rule or by amendment to a security program--and which
persons are excluded from the STA requirement. NATA states that because
of industry confusion, a number of aircraft operators are unclear of
their status with regard to the threat assessment requirement.
The Air Transport Association (ATA) commented that they fully
support TSA's conclusion that it is not necessary to require every
employee of an entity regulated by TSA that is in the business of cargo
transportation to submit to an STA. However, ATA believes that the
proposed language in Sec. Sec. 1540.201 and 1544.228 is overly broad
and subject to various interpretations.
ATA states that, as written, the rules could apply to individuals
who work outside the airport perimeter in cargo storage facilities or
holding areas, truck drivers, and others who move cargo to airports on
behalf of shippers. ATA believes that the rule also could apply to
individuals who work at non-U.S. locations and employees of entities at
the airport who share space or have access to air cargo areas operated
by the regulated party, such as employees of fixed base operators who
provide fuel and other supplies to regulated parties. ATA states that
such broad coverage would be impractical and disruptive to timely air
cargo transport, and urges TSA to clarify the language to limit the
applicability.
In addition, ATA recommends amending this section to apply to
direct employees and authorized representatives of aircraft operators
with unescorted access to cargo accepted by such aircraft operator.
Federal Express (FedEx) recommends that TSA limit the STA requirement,
to the extent permitted by applicable law, to employees who have
unescorted access to the aircraft or cargo, or employees who they know
or have reason to know will have access to cargo that will be tendered
to a passenger carrier to be flown on a passenger aircraft.
A number of comments asked for clarification as to what other
security checks are approved by TSA, and, thus, would not require
completion of an STA for that individual.
TSA response: TSA agrees that not every employee should be subject
to the STA requirement. Instead, TSA requires an STA for employees and
agents of aircraft operators, foreign air carriers, and IACs who have
unescorted access to cargo at certain times. TSA also requires an STA
for certain IAC principals. TSA has revised the provisions of the
regulations to clarify the STA requirement. While these revisions
comport with the scope of the NPRM, we have restructured the sections
to indicate more clearly which personnel are required to meet the STA
requirements. The revisions clarify that the STA requirements apply:
Only in the United States.
To aircraft operators with a full program, or a full all-
cargo program; foreign air carriers under Sec. 1546.101(a), (b), or
(e); and indirect air carriers.
To individuals with unescorted access to cargo who are
employees or agents of-- \8\
---------------------------------------------------------------------------

\8\ The STA requirements also extend to an officer, director,
and person who holds 25 percent or more of total outstanding voting
stock of an IAC. However, TSA did not receive requests for
clarification to this requirement.
---------------------------------------------------------------------------

Aircraft operators with a full program and foreign air
carriers under Sec. 1546.101(a) or (b) where they accept cargo;
Aircraft operators with a full all-cargo program and
foreign air carriers under Sec. 1546.101(e) where they consolidate or
inspect cargo;
IACs which accept cargo for transportation on aircraft
operated by an aircraft operator with a full program, or a foreign air
carrier under Sec. 1546.101(a) or (b); or
IACs where they consolidate or hold cargo for
transportation aboard an aircraft operated by an aircraft operator with
a full or full all-cargo program, or a foreign air carrier under Sec.
1546.101(a), (b) or (e).
Unless the employee or agent has a Criminal History
Records Check (CHRC) for unescorted authority to a SIDA, or another STA
approved by TSA as comparable to an STA under subpart C.
It is helpful to note where employees and agents are not required
to have an STA. Appropriate background checks for access to airport-
restricted areas are obligatory under International Civil Aviation
Organization (ICAO) Annex 17 Standards. TSA does not require STAs for
unescorted access to cargo at foreign locations.
Individuals do not need an STA if a person with the appropriate
background check escorts them. Individuals who work near cargo, but do
not require unescorted access to cargo, do not need an STA where the
regulated entity has adopted access control measures to prevent
unescorted access to the cargo. TSA will provide guidance on specific
access control measures in their security programs and regulated
entities may work with TSA to establish additional measures for TSA
approval.
Ensuring that individuals are properly escorted, or that cargo is
in a locked, inaccessible area, are two of many possible examples of
access control measures that may be available to regulated entities.
Generally, TSA relies on the access control measures that have been in
place through FAA and TSA regulations for many years. Regulated
entities should contact their TSA principal security inspectors, or
other appropriate TSA point of contact, if they have further questions
regarding access control measures.
Where employees and agents subject to STA requirements have
successfully completed a CHRC for unescorted access authority to a
SIDA, they have met their requirement and do not need to get a separate
STA under this final rule. TSA already requires airport operators to
send to TSA certain personal information for each individual who has
undergone a CHRC for a current SIDA or sterile area ID in order to
perform an additional background check that is comparable to an STA.
TSA is providing instruction to aircraft operators with a full or
full-all-cargo program to send to TSA the same type of information for
cargo screeners who do not have current SIDA or sterile area IDs, and
will also perform the additional check on this population. Most of
these cargo screeners already

[[Page 30481]]

have SIDA IDs; and, thus, already are checked. Likewise, an employee or
agent who has undergone another STA that TSA approves as being
comparable does not need a separate STA under this rule. TSA considers
the threat assessments it conducts for a person holding a commercial
driver's license with a hazardous materials endorsement as comparable
to an STA for purposes of this rule. See 49 CFR part 1572. TSA may
determine that other threat assessments are comparable to the STA
requirement under this rule and will expressly notify regulated
entities with security program amendments from TSA upon making that
determination. An employee or agent authorized to engage in the actions
described below, who does not meet one of these means of compliance,
must obtain an STA as directed in part 1540 of this rulemaking.
For cargo accepted by an aircraft operator with a full program and
a foreign air carrier under Sec. 1546.101(a) and (b), each employee or
agent, whom the operator authorizes to have unescorted access, must
have an STA.\9\ The STA requirement for these employees and agents
applies at the point of acceptance, whether from a shipper, another
aircraft operator, foreign air carrier, or indirect air carrier.
---------------------------------------------------------------------------

\9\ Employees and agents do not need this STA if they have
successfully completed a background check for unescorted access to
SIDA, or have another threat assessment that TSA approves in this
context.
---------------------------------------------------------------------------

For cargo accepted in the United States by an aircraft operator
under a full all-cargo program, or a foreign air carrier under Sec.
1546.101(e), this provision applies to each employee or agent
authorized to have unescorted access to cargo from the time the
regulated entity consolidates or inspects cargo until it is loaded on
an aircraft. TSA has determined that security procedures for these all-
cargo operations are best focused, and more efficiently applied, at
locations where cargo is consolidated or inspected. Reasons for this
determination include the layered security approach and the focus on
interdicting stowaways.
STA requirements for IAC employees and agents parallel measures
from both passenger and all-cargo aircraft operators. Each IAC employee
or agent who has unescorted access to cargo for transportation on a
passenger aircraft must have an STA. For transportation aboard an all-
cargo aircraft, each IAC employee and agent must have an STA, if the
IAC authorizes them to have unescorted access to cargo, from the time
the cargo reaches an IAC facility where the IAC consolidates or holds
the cargo.
Comment: A few commenters note that there seems to be a conflict
between proposed Sec. 1540.201 and proposed Sec. 1544.228;
specifically, proposed part 1544 includes a provision of applicability
of STAs to operators, but part 1540 does not. The commenters request
that TSA clarify the scope of these sections, recognizing that the
exclusion of all-cargo operators from Sec. 1540.201 may have been
inadvertent.
TSA response: TSA's omission of aircraft operators under a full
all-cargo security program in Sec. 1540.201(a)(1) was an oversight. We
have provided a technical amendment to that subparagraph, adding ``or
(h)'' to the end of the provision.
Operators' Responsibility
Comment: The Air Line Pilots Association International (ALPA) does
not support the STA requirement because ALPA favors requiring persons
with unescorted access to cargo to submit to a CHRC. ALPA argues that
under the proposed rules, TSA could approve for unescorted access to
air cargo an individual convicted of any of the 28 defined crimes
because his or her name does not appear on government-maintained lists
of individuals suspected of having a link to terrorism. ALPA states
that criminal history, financial status, and many other factors can be
indicators of an individual's character, reliability, maturity, and
susceptibility to compromise.
TSA response: TSA recognizes that there are a number of background
check techniques that potentially could be applied to various persons
in the supply chain. In accordance with our risk based, threat managed
approach; TSA has determined that requiring persons with unescorted
access to cargo to submit to an STA provides a significant enhancement
while limiting costs. We note that persons with more sensitive
positions, such as cargo screeners, are subject to CHRCs and additional
background checks.
Comment: Federal Express (FedEx) states, that in many cases, it
would be unlawful for operators to conduct background checks on persons
not directly employed by them. FedEx recommends requiring an operator
to conduct such checks only on its direct employees. FedEx also
expresses concern about requirements to have STAs for agents due to
possible labor and employment law issues.
FedEx also commented that for an IAC to fulfill this requirement,
it will have to maintain employee records for all the truckers and
warehousemen used by the IAC. Further, IACs will have to ensure that
their vendors provide them timely updates of changes in employment and
monitor unescorted access to cargo. FedEx believes that for the
majority of IACs this would be an impossible task.
Another comment supports the proposed section, but asserts that
carriers should not be responsible for completing third party STAs. The
commenter asserts that each entity should be responsible for completing
its own STAs, and TSA should be responsible for funding any new
background checks.
TSA response: Aircraft operators, foreign air carriers, and IACs
are responsible for carrying out all security measures as regulated
parties. They do so using employees and agents, as they choose. They
authorize unescorted access to cargo by agents and employees. Under
these regulations, however, these regulated parties are not responsible
for conducting the required background checks; rather they must ensure
that the necessary information about their employees and agents is
transferred to TSA for TSA to conduct the STA.
TSA has carefully examined the scope of the need for an STA. TSA
has revised the language of proposed Sec. Sec. 1544.228, 1546.213, and
1548.15 to pertain to those individuals specifically authorized to have
unescorted access to cargo. This final rule provides the aircraft
operator, foreign air carrier, and IAC latitude in authorizing
unescorted access to cargo in order to limit the number of persons
requiring an STA. The requirement for an STA does not extend to
employees or agents who are only near air cargo where the aircraft
operator, foreign air carrier, or IAC has in place other security
measures to control access to the cargo.
If a regulated entity uses a third party agent to meet its security
program requirements, which regulated entity is responsible for
ensuring that the third party has an STA, just as they are responsible
for other security duties their agents carry out. TSA is aware of no
conflict with other laws with regard to collecting STA information.
Comment: National Armored Car Association (NACA) states that
requiring additional background checks on employees, who have already
been investigated and certified by State agencies charged with
licensing security personnel, is redundant and wasteful. NACA suggests
that TSA accept certifications based on State investigations which
include FBI fingerprint examinations, and issue any necessary TSA
credentials based on these background checks.

[[Page 30482]]

The American Trucking Association states that placing direct
responsibility on operators to perform STAs on their agents,
contractors, or subcontractors places a substantial financial burden on
the operator and driver, and potentially will create a confusing,
frustrating, and unworkable system.
Other concerns of the American Trucking Association include whether
STAs are transferable (i.e., would follow the employee as he or she
changes employment), and how often individuals are required to renew
their security authorization. The American Trucking Association
proposes the use of TSA's Transportation Worker Identification
Credential as an alternative solution to implementing STAs on
individuals having unescorted access to air cargo.
TSA response: In general, TSA does not anticipate accepting the
background check of a private company or a state agency as comparable
to a CHRC or STA approved by TSA. The TSA STA checks intelligence
databases that are inaccessible to the private sector and not widely
used by state agencies. As mentioned under Sec. 1540.201, STA
requirements apply to those aircraft operators, foreign air carriers,
and IAC employees and agents who are authorized and required to handle
air cargo in the performance of their duties. STA requirements do not
apply to employees and agents who have only incidental access to air
cargo, or employees and agents who are required to submit to another
TSA-approved STA, such as TSA HAZMAT driver's license requirements.\10\
TSA will consider accepting other TSA-approved STAs, such as the
Transportation Worker Identity Credential upon broader implementation
of its use.
---------------------------------------------------------------------------

\10\ See 70 FR 22268 (Apr. 29, 2005), to be codified at 49 CFR
part 383.
---------------------------------------------------------------------------

Consistent with TSA policy on transferability of a CHRC conducted
for unescorted access authority to a SIDA, an employee or agent who has
successfully completed an STA for one employer need not complete it for
another employer if the employee or agent has been continuously
employed in a position that requires an STA. Additionally, as detailed
in the response to the first comment on `Notification' below, there is
no requirement to renew an STA as long as the STA-holder qualifies as
continuously employed. TSA will provide further guidance to aircraft
operators, foreign air carriers, and indirect air carriers upon
request.
Notification
Comment: Several commenters note the potential lengthy turn-around
time for STA notifications under Sec. 1540.205 and recommend that TSA
include a time frame in which it will make the notification. Many of
these commenters propose that TSA should specify an anticipated
response time of 10 working days to provide authorization or initial
denial to submitted STAs. One commenter notes that TSA will need to
increase staffing to handle the impact of processing the STAs in a
timely manner.
The American Trucking Association commented that the proposed rule
excludes certain employers from receiving STA results on their drivers.
Without employer notification, trucking companies are unable to make
informed personnel decisions regarding their drivers. The American
Trucking Association recommends amending this section to include
notification to the individual, operator, and employer.
TSA response: TSA agrees that an anticipated response time of 10
working days in providing authorization or initial denial is
appropriate and achievable in most cases. While some individual
situations may require a longer timeframe for adjudication, TSA should
provide the vast majority of approvals well within 10 working days. TSA
further notes that once it approves an STA, by issuing a
``Determination of No Security Threat'', the STA will remain valid for
an employee or agent from one job to another in accordance with
Sec. Sec. 1544.228(b)(2), 1546.213(b)(2), and 1548.15(b)(2), and
consistent with TSA policy on continuous employment for holders of
unescorted access authority to SIDA. However, TSA notes that the
regulated party and the agent's direct employer are not prohibited from
communicating about the notification.
Appeals Procedures
Comment: The Airport Consultants Council proposes new language to
clarify the requests for materials under the appeals procedure of Sec.
1540.207(c)(1).
TSA response: Rather than adopt new language, TSA revised Sec.
1540.205(c)(4) by adding a cross-reference to Sec. 1540.207. Section
1540.207(c) allows an appeal, including a written request for
materials, within 30 days of receipt of the ``Initial Determination of
Threat Assessment'' from TSA.
STA Fee
Comment: United Parcel Service (UPS) states that they already
conduct extensive background checks, including checking all airline
employees against Federal governmental watch lists. If the TSA check
merely duplicates what the air carrier already is doing, UPS contends
there is no need for TSA to conduct the test and for the air carriers
to pay the fee under Sec. 1540.209. UPS suggests that if TSA wants
additional name checks with the proposed STA, then TSA should add the
additional checks to the current listings and let the air carriers run
them. This method does not place additional costs on TSA or the air
carrier because the programming and personnel already are in place.
Additional commenters request clarification on the procedures
involved in an STA, because they do not understand the nature of the
analysis or the basis of the $39 cost figure in the NPRM. The
commenters believe that the proposed cost for the STA is excessive,
given the cost of the comparable and more extensive CHRC checks.
The Air Courier Conference of America (ACCA) and Purolator Courier
oppose the fee, and state that TSA should carefully define the
applicable population before it requires any new screening. They
recommend that TSA conduct the screening against watch lists and the
National Crime Information Center.
FedEx states that, the new STA program will, contrary to TSA's
expectations, increase both direct and indirect costs. They state that
the direct cost of $39 for each STA is significantly more than the
average cost of a CHRC. In addition, FedEx contends that the name-based
methodology of an STA will result in indirect costs resulting from
operational delays and disruptions due to false positives. FedEx argues
that such indirect costs will exceed those that currently result from
the CHRC.
Like UPS, FedEx believes that air carriers should not have to pay
TSA or another party to do something that they are already doing. The
International Air Transport Association (IATA), Yellow Roadway, British
Airways, Delta, and other commenters oppose the fee proposed in this
section and believe that it is the Government's responsibility to
provide protection from terrorists and to absorb any costs related to
the STAs.
TSA response: Private companies do not have access to all of the
intelligence databases that TSA will use to conduct STAs. Further, TSA
must make judgments as to the information received from the databases,
which it has the expertise to apply. Accordingly, TSA has decided to
conduct the STAs. Statutory provisions \11\ require that

[[Page 30483]]

industry should reimburse the agency for direct costs associated with
accomplishing STAs. The STAs will not duplicate checks that the
carriers are already accomplishing, as TSA has access to a variety of
Government watch lists that are not appropriate for dissemination to
the private sector. The $39 fee referenced in the NPRM assumed TSA
would need to pay the FBI for access to the FBI's Automated Case System
files. Subsequent to NPRM publication, TSA decided not to include the
Automated Case System component in its STA. With increased vetting and
credentialing experience, TSA has refined the necessary threat
assessment sources to be included. As a result, the revised STA fee is
$28.
---------------------------------------------------------------------------

\11\ Department of Homeland Security Appropriations Act, 2004,
Sec. 520 (Pub. L. 108-90, Oct. 1, 2003, 117 Stat. 1137).
---------------------------------------------------------------------------

The rule provides for a phased-in implementation for compliance
with the STA requirements. Regulated entities may mitigate delay in
processing by timely submitting the STA application. Subsequent to the
compliance date, any possible delay due to a false positive would occur
prior to the applicant's authorization to have unescorted access to
cargo. These new hires would constitute a small portion of the entire
population subject to the STA. TSA expects that the percentage of false
positives among these new hires will be minimal. Further, TSA analysts
will be able to resolve most false positives quickly within the
anticipated time frame for returning results.

Section 1546.213 STAs for Cargo Personnel in the United States

Comment: Japan Airlines wants TSA to clarify whether this section
would require foreign air carrier employees to undergo STAs or other
checks when accessing off-airport facilities, despite the non-
application of SIDA-like requirements to such facilities. Nippon Cargo
Airlines asks if the rule will apply only to new employees or if it
will affect existing employees.
TSA response: Foreign air carrier employees and agents within the
United States are subject to the same requirements off-airport as
corresponding U.S. aircraft operator employees and agents.
If the foreign air carrier authorizes its employee or agent to have
unescorted access to cargo at an off-airport facility and this facility
is used to consolidate or inspect cargo until it is loaded on the
aircraft, or an employee or agent accepts cargo from a known shipper,
then the requirements of Sec. 1546.213 apply. The requirements apply
to both new and existing employees and agents who have unescorted
access authority granted by the foreign air carrier.

Section 1548.15 STAs for Individuals With Unescorted Access to Air
Cargo

TSA received 15 comments on this section. Most commenters have
doubts about the responsibilities of IACs regarding this rule. They
want to know who will need the STA and whether the requirements are
retroactive for current employees.
Comment: Atlanta-Hartsfield International Airport (ATL) asks if
this requirement includes personnel in the manufacturing and shipping
phase of preparing air cargo, and if so, whether an IAC will be
responsible for filing an STA application on each loading dock employee
and transport driver in the shipping chain. ATL also asks if these
requirements are retroactive for current IAC employees or other cargo
related businesses, and if so, for how many years into the past and how
soon will the applications need to be filed.
TSA response: The STA requirements apply to those aircraft
operator, foreign air carrier, and IAC employees and agents who are
authorized to have unescorted access to air cargo in the performance of
their duties. Manufacturing or shipping personnel would only be
required to have an STA if they are acting as an agent and have
unescorted access to cargo for an aircraft operator, foreign air
carrier, or IAC.
Current IAC employees and agents are required to complete an STA
successfully. TSA is providing 180 days from the date of publication of
this rule for aircraft operators, foreign air carriers, and IACs to
comply with the STA requirements.
Comment: Air Courier Conference of America (ACCA) asks to which
employees this section will apply, and why some employees will need to
undergo a background check against TSA's lists while others may undergo
a CHRC. They note that most ACCA members already check employee names
against the ``no fly'' and ``selectee'' watch lists as a standard
element of their Security Directives, and as an added safeguard.
TSA response: This rule requires STAs within the United States for
employees and agents authorized by aircraft operators, foreign air
carriers, and indirect air carriers to have unescorted access to cargo.
Persons who have CHRCs for unescorted access authority to a SIDA
already have undergone TSA name-based checks comparable to the STA and
therefore will not have to undergo another one.
Comment: ATA supports a reasonable extension of STAs for IACs, but
warns of significant potential for system disruptions, unless TSA
defines IAC and air carrier responsibilities with regard to STA
clearance. ATA asserts that air carriers cannot be responsible for
ensuring the clearance of each IAC handler who may have contact with
cargo before the delivery to the air carrier. ATA believes that this is
not a workable process given the inherent time sensitivities in air
cargo transport, the number of IACs providing cargo to air carriers,
and the nature of an IAC's workforce scheduling.
TSA response: TSA inspectors verify IAC compliance with STA
requirements in the normal course of regulatory compliance inspections.
Air carriers are not required to verify the IAC's compliance as part of
the air cargo acceptance process.
Comment: National Customs Brokers and Forwarders Association
(NCBFAA) questions whether longtime employees, and licensed customs
brokers, many of whom are also IACs and certified by U.S. Customs and
Border Protection (CBP) under the Customs-Trade Partnership Against
Terrorism program (C-TPAT), are subject to STA requirements. NCBFAA
believes that these employees have proven their reliability and
conscientiousness on security matters and it would be inefficient and
unnecessary to subject them to background checks. NCBFAA recommends
that TSA either exempt individuals previously approved by the CBP, or
work with CBP to harmonize their respective screening processes. NCBFAA
also proposes that TSA exempt IAC employees with a certain level of
experience. NCBFAA believes it would be redundant to require a second
DHS screening for many IAC employees. In addition, the NCBFAA
recommends that TSA limit STA screening to a five-year period for
persons who remain in good standing.
TSA response: TSA will not exempt any employee from STA
requirements based on length of service. TSA believes that performing
background checks on individuals playing critical roles in the air
cargo supply chain is a necessary step in ensuring aviation security.
TSA currently is working with other DHS components to consider
background checks performed by those components to determine if they
are comparable to checks performed by TSA. Regulated entities will be
able to refer to their security programs as provided by TSA for
information on comparable checks. Regulated entities have incentive to
determine whether an applicant has already completed a comparable check
because the employee would not have to wait for clearance for
unescorted access to cargo. Also TSA is providing in security programs
that regulated entities

[[Page 30484]]

must accept the comparable check in lieu of the STA.

II.B. Acceptance and Screening of Cargo

Comment: The majority of commenters on Sec. Sec. 1544.205,
1546.205, and 1548.9 regarding inspection and screening of cargo are
not sure how to accomplish compliance.
TSA response: Specific Sensitive Security Information (SSI)
measures will be proposed as amendments to airport, aircraft operator,
foreign air carrier, and IAC security programs. The contents of these
programs are not appropriate for public disclosure as part of this
rulemaking. TSA is providing airport operators, aircraft operators,
foreign air carriers, and IACs the opportunity to comment on the
proposed amendments to their security programs upon issuance, and
before the effective date of this final rule. It is helpful to note
that many of these measures already appear in current Security
Directives and security program requirements.
Comment: UPS, ATA, Regional Airline Association (RAA), and Cargo
Airline Association (CAA) state that Sec. 1544.205(a) and (b) are
imprecise and redundant, and propose alternative language to
consolidate the paragraphs.
TSA response: Paragraph (a) of Sec. 1544.205 provides the general
requirement and performance standard for carriage of cargo. Paragraph
(b) provides the specific requirement for screening and inspecting
cargo. Other paragraphs provide other specific requirements. The
revision also extends those requirements to all-cargo aircraft
operations with a maximum certificated take-off weight (MTOW) of more
than 45,500 kg (100,309.3 lbs.). These paragraphs do not provide
details of how these requirements must be met, because such details are
Sensitive Security Information under 49 CFR part 1520 and are contained
in security programs that are available only to persons with a need to
know.
Comment: Several commenters oppose requiring regulated entities to
refuse cargo for transport if the shipper does not consent to screening
and inspection of the cargo under Sec. Sec. 1544.205(d) and
1546.205(b). They state that high cash value cargo, such as jewelry,
currency, bullion, and other sensitive cargo, is shipped in sealed
containers that cause damage or losses to cargo when opened. They
suggest additional consideration and industry input on how to deal with
these situations and ask whether the Government will provide
indemnification if damage occurs during inspection by the Government or
Government contractor personnel.
TSA response: Regulated entities must refuse to transport cargo as
required under, and consistent with, their security programs. TSA
understands that requiring shippers, like drug companies, to consent to
inspection of cargo is problematic. TSA agrees that the screening of
certain types of cargo present unique challenges, and recognizes the
safety and security concerns related to screening such cargo. TSA
revised the wording in sections that require consent to screen cargo,
and provides specific exceptions and alternative procedures in the
proposed security program amendments for shipments whose contents would
be damaged or compromised if the aircraft operator inspected the cargo.
These procedures largely will be transferred from current Security
Directives that address these concerns for later consideration in
amendments to applicable security programs.
Comment: NACA and NATA ask if the terms ``inspect'' and ``screen''
are interchangeable.
TSA response: The terms ``inspect'' and ``screen'' are not
interchangeable. Generally, screening means the systematic evaluation
of a person or property to assess whether either poses a threat to
security. TSA interprets inspection as a subset of screening. An
inspection is a method of conducting such an evaluation, but is not the
only method. For instance, the known shipper program is an information-
based method of screening. The known shipper program involves the
screening of cargo based upon information known to an aircraft
operator, foreign air carrier, or indirect air carrier about the
shipper of the cargo. Additionally, a certain percentage of that cargo
is inspected for the presence of persons and any unauthorized
explosives, incendiaries, and other destructive substances or items.
TSA will provide specific guidance to regulated entities in their
respective security program amendments.
Comment: FedEx wants TSA to clarify that the proposed rule does not
require or authorize TSA to impose any additional screening beyond the
screening they already are doing under SDs and security program
amendments. Several all-cargo air carriers ask if TSA will bear the
costs of the screening workforce and equipment required under Sec.
1544.205, and want TSA to clarify who has the responsibility for
screening cargo.
TSA response: Aircraft operators incur the cost for the screening
of cargo transported aboard their aircraft and must comply with the
procedures for screening incorporated in their security programs.
Specific screening requirements are promulgated in amendments to such
programs and regulated parties are provided the opportunity to comment
on these amendments, as appropriate.
Regarding screening of cargo for transportation aboard passenger
aircraft, 49 U.S.C. 44901(a) provided an exception for Federal
screening for the known shipper program. The inspection of a portion of
known shipper cargo is considered a part of the known shipper program
and need not be conducted by Federal employees. This rule does not
address the amount or type of cargo screening that is required. TSA
will respond to changing conditions as needed. Additionally, TSA is
considering whether the current system for selecting cargo for
inspection will be changed with the TSA Freight Assessment System
(FAS). The FAS might be used to identify cargo posing an elevated risk
for the application of security measures in the aircraft operator's
security program.
Comment: FedEx, UPS, CAA, and ATA note that Sec. 1544.205(e)
appears to prohibit the acceptance of cargo for air transportation from
a variety of retail outlets, such as the UPS Store, FedEx, Kinko's, and
other authorized shipping outlets. The commenters note that these
outlets are neither the shipper nor an entity specifically mentioned
with a comparable security program under Sec. 1544.205(e). However,
the commenters believe that the exception under Sec. 1544.205(e) will
permit them to continue to accept cargo from these retail outlets as is
currently allowed in their security programs. The commenters want TSA
to clarify that this is, in fact, TSA's intention. Further, if this is
not the intention of TSA, they recommend excluding carriers operating
under all-cargo programs from the application of this section, and
propose using the following language for Sec. 1544.205(e): ``Each
aircraft operator operating under a full program or an all-cargo
program may accept cargo for air transportation on a passenger air
carrier only from a known shipper, or from an aircraft operator,
foreign air carrier, or IAC operating under a security program under
this chapter with a comparable cargo security program.''
TSA response: Aircraft operators under a full all-cargo security
program are not prohibited from accepting cargo from retail entities as
described in these comments. Under these rules, such retail outlets may
operate either under an IACSSP, or as an agent with security
responsibilities under the aircraft

[[Page 30485]]

operator's security program. For a further discussion of the
differences between IACs and agents of aircraft operators, please see
the Section-by-Section Analysis for Sec. 1548.5.
Comment: UPS, CAA, ATA, and others commenters express concern about
the extraterritorial applicability of Sec. 1544.205(f). CAA states
that the rule seems to apply to international air cargo movements and
notes that commercial realities and foreign government resistance make
the application of this rule unattainable. UPS wants TSA to clarify
this section to recognize that foreign law may limit the extent to
which carriers may be able to comply with security programs outside the
United States. ATA states that foreign countries may impose screening
requirements that differ and even conflict with those in the carrier's
security program and recommends that TSA permit air carriers to comply
with either the security programs imposed by the foreign country or
those contained in the TSA-approved security program.
TSA response: TSA recognizes, as indicated by the commenters, that
the imposition of regulatory requirements on a U.S. aircraft operator
operating from foreign locations may be impacted by the legal
requirements applied by the host government at such foreign locations.
The requirement for a U.S aircraft operator to screen cargo at foreign
locations is no different from any other current or proposed aviation
security requirement placed upon a U.S. aircraft operator operating
outside the United States. The specific security program mandates for
the screening of cargo outside of the United States take into
consideration cargo security restrictions, as well as requirements
mandated at some foreign locations.
Comment: Several smaller air carriers state that they cannot comply
with the proposed rule requirement to open packages before loading at
unsecured airports.
TSA response: This rule codifies requirements for screening that
already are in place through SDs and security program amendments. The
fact that an aircraft operator operates at an airport without a
security program has not been found to inhibit screening.
Comment: Several airport operators and air carriers ask how to
accomplish screening at rural airports.
TSA response: Each aircraft operator and foreign air carrier
security program must take into consideration the different locations
at which cargo must be screened. Aircraft operators and foreign air
carriers must conduct screening at rural airports in accordance with
the specific requirements of their security programs.
Acceptance and Screening of Cargo From Locations Outside the United
States
Comment: Association of Asia Pacific Airlines (AAPA), British
Airways, Association of European Airlines (AEA), and Singapore Airlines
state that Sec. 1546.205 lacks provisions regarding the acceptance and
recognition of National Aviation Security Program requirements that
many foreign airlines use. They recommend standardizing requirements
for acceptance and screening of cargo, and implementing threat-based
measures for inspection of cargo.
TSA response: TSA continues to recognize National Aviation Security
Programs of foreign countries in accepted security programs.
Comment: Several commenters, including British Airways, IATA, and
AEA want TSA to clarify the term comparable security program in Sec.
1546.205(e), and ask what this term includes. In addition, these
commenters recommend amending Sec. 1546.205(f) to clarify that it
applies only to cargo loaded outside the United States that is destined
for the United States and that foreign air carriers may accept cargo
destined for the United States from any lawful entity, subject to a
compatible National Aviation Security Program as approved by the
carrier's national government.
TSA response: A comparable security program includes cargo security
measures identical or equivalent to those required of the accepting
aircraft operator or foreign air carrier. If the transferring aircraft
operator, foreign air carrier, or IAC, has performed these cargo
security measures, there is no further need for the accepting aircraft
operator or foreign air carrier to repeat those measures. For instance,
for transfers to aircraft operators with a full program, TSA will
consider such security measures as: Whether the known shipper program
was applied, from whom the operator accepted the cargo, the type of
cargo screening or inspection that was done, and other relevant
security measures.
Overall, part 1546 applies to the operation, landing, or taking off
within the United States of a foreign air carrier. Only cargo destined
to, or transported through, the United States is subject to this final
rule when loaded at a foreign airport. Section 1546.205(f) requires
that foreign air carriers subject to this part carry out the
requirements of their security programs. Section 1546.101 applies where
a foreign air carrier lands or takes off in the United States.
Acceptance of Cargo by an Indirect Air Carrier
Comment: Most comments to Sec. 1548.9 support this section and
recommend that TSA allow IACs to screen cargo provided they demonstrate
the capability to do so. The Yellow Road Corporation expresses concerns
about the costs and redundancy associated with enforcing cargo security
requirements for IACs, and recommends the adoption of varying levels of
cargo screening with emphasis on loading cargo on the aircraft. IBM
wants clarification on the requirement to obtain the shipper's consent
to search or inspect cargo, and suggests allowing the shipper to give a
blanket authorization to the IAC as part of its contract.
TSA response: While TSA does not state in which manner the
shipper's consent to search or inspect cargo be obtained, it does
require that the consent be explicit and in writing. TSA allows
aircraft operators, foreign air carriers, and IACs to manage the
collection of consent to search in a manner consistent with individual
operational needs. The regulations allow a shipper to provide a blanket
authorization, as proposed by IBM.

II.C. Security Identification Display Area (SIDA)

Comment: American Association of Airport Executives (AAAE)
disagrees with TSA's assessment that airports easily will be able to
extend SIDAs to areas where cargo is loaded and unloaded under Sec.
1542.205. AAAE states that the rule does not adequately address the
complexities of expanding SIDAs at airports with diverse operational
configurations, property ownership, and jurisdictional control.
Aircraft Owners and Pilots Association (AOPA) states that while
this rule may not impose direct mandates for general aviation areas at
airports regulated by TSA under 49 CFR part 1542, AOPA is concerned
that the practical implementation of this requirement will result in
SIDA requirements in many general aviation areas. In addition, AOPA
notes that many airports specifically exclude general aviation areas
from the SIDA because of time and distance separation from the air
carrier areas. This layered approach to security limits access points
and the number of individuals needing the background check and
identification requirements for the SIDA, and establishes clear
distinctions of security areas.

[[Page 30486]]

AOPA recommends using the standard of the operational area of the
aircraft principle for air cargo operations at part 1542 regulated
airports, similar to that proposed for operations at non-part 1542 TSA
regulated airports. AOPA further states that the operational area of
the aircraft should include the immediate footprint of the cargo
aircraft and handling area, with a procedure to limit unauthorized
persons near the aircraft while it is being loaded and unloaded, but
not the entire ramp.
The Department of Transportation of Alaska states that this final
rule will require CHRCs for most people working at an airport, and
contends that expansion of the CHRC requirement will not effectively
increase security for air cargo.
TSA received some comments that relate to the fact that areas
designated as SIDAs primarily are subject to airport operator control
rather than aircraft operator control.
CAA states that expansion of the SIDA is not the best way to secure
the area surrounding cargo aircraft. It further asserts that the ASAC
Working Groups did not recommend such a SIDA expansion, but rather
recommended the imposition of SIDA-like requirements on air carriers
operating from these cargo areas. CAA, UPS, DHL, and FedEx comments
that the difference is significant from an operational, but not a
security, standpoint, noting that it is essential that the all-cargo
air carriers retain access control so they can carry out their
requirements and internal company procedures. CAA recommends requiring
air carriers to amend security programs to include SIDA-like measures
at non-SIDA operational areas of U.S. airports where cargo is loaded or
unloaded from aircraft.
FedEx states that this section extends SIDA requirements to areas
where operators sort loaded or unloaded cargo on airport grounds.
However, Sec. 1542.205(a)(2) does not contain this important language.
FedEx recommends adding the phrase ``on airport grounds'' after every
reference to ``each area'' in the rule to clarify that facilities such
as FedEx stations, world service centers, and non-airport sort
locations are not to be included in SIDAs. UPS also proposes extensive
revisions to this section.
Airports Council International-North America (ACI-NA), ATA, and RAA
do not support the extension of SIDA requirements. They state that the
language is very broad and could potentially extend SIDA requirements
far beyond what is necessary to ensure air cargo security. They
recommend amending the SIDA requirements only to airport areas used to
load or unload cargo from aircraft.
The Miami International Airport, Atlanta-Hartsfield International
Airport, ACI-NA, and the Airports Consultants Council agree that the
new requirement will enhance the overall level of security, but only if
designated in those areas under airport control. They argue that the
SIDA should begin at the wall of the cargo facility adjacent to the
airside ramp locations. The commenters also oppose requiring airports
to extend, or enforce the security of the SIDA into tenant-leased
facilities.
Eleven small aircraft operators, AOPA, and Regional Air Cargo
Carriers Association (RACCA) express concern about extending SIDA to
cargo operating areas. The commenters state that the SIDA extension is
impractical for aircraft operating under the TFSSP, since operations
are conducted on common public areas like the general aviation and FBO
ramps, and it would be impossible to extend SIDA requirements to these
areas. The Juneau International Airport asks to designate dual use
areas that are SIDA only during times that the cargo activity is
performed, and asks if SIDA need to be contiguous. The Anchorage
International Airport recommends allowing the local FSD to determine
which areas, if any, need to be classified as SIDAs.
TSA response: TSA has determined that measures to prevent
individuals from gaining unauthorized access to the cargo operations
area are necessary to prevent tampering with the aircraft or the cargo
and to remove a potential access point for stowaways. TSA considered
requiring aircraft operators and foreign air carriers in all-cargo
operations to implement SIDA-like requirements. However, TSA has
determined that airport operators with security programs under 49 CFR
1542.101(a) are able to implement more efficiently the requirements to
extend SIDAs.
These airports are better positioned with the necessary
infrastructure to provide security measures, as they are able to
leverage the existing resources that support SIDAs currently in place.
Airports also will be able to rely on, or more easily expand, existing
identification media and security check capabilities, law enforcement
support, and training programs.
TSA considered limiting the extension of SIDAs to areas of a ramp
where cargo is loaded or unloaded from the aircraft. However, the
inside of facilities where cargo is sorted, stored, staged,
consolidated, processed, screened or transferred, present numerous, and
perhaps more, opportunities for someone to tamper with the cargo just
before it is loaded onto an aircraft.
TSA also considered extending the SIDA requirement for similar
cargo areas off-airport. TSA determined that the complexity and cost of
applying these measures off-airport would be too great because they
lack existing resources to expand. These off-airport locations would
disproportionately incur significant start-up costs.
Accordingly, the final rule provides that SIDA security measures
must be extended to secured areas and air operations areas that are
regularly used to load cargo on, or unload cargo from, an aircraft
operator under a full or full all-cargo program as provided in Sec.
1544.101(a) or (h), or under a foreign air carrier program under Sec.
1546.101(a), (b), or (e). Adoption of a security program under these
sections applies to operation of an aircraft with an MTOW of more than
45,500 kg (100,309.3 lbs.). The requirements do not extend to areas
used by aircraft with an MTOW of more than 12,500 lbs., but not more
than 45,500 kg (100,309.3 lbs.).
Additionally, the SIDA security measures must be extended on an
airport to areas where cargo is present after an aircraft operator,
foreign air carrier, or indirect air carrier accepts cargo. In
particular, this includes inside buildings such as cargo facilities,
loading and unloading vehicle docks, and other areas where an aircraft
operator, foreign air carrier, or indirect air carrier stores, stages,
consolidates, processes, screens, or transfers cargo. As clarified in
Sec. 1542.205(a)(3), the SIDA is not required to include access routes
between the perimeter entry point of the airport and the cargo
facility, or one of these other locations, for the purpose of
transporting cargo to or from an aircraft operator, foreign air
carrier, or indirect air carrier.
There may be areas within a cargo facility that do not need to be
SIDAs. For example, some parts of cargo facilities are not restricted
to employees and agents of an aircraft operator, foreign air carrier,
or indirect air carrier. These areas may have a counter where one of
these operators accepts cargo from shippers, or the shipper's agents.
The area leading up to this counter need not be a SIDA if there is no
cargo in these areas that already has been accepted. Additionally, on a
limited basis other security measures, such as access control measures
or active and continuing surveillance or monitoring, may mitigate the
need for SIDA in areas where an operator's customer or the

[[Page 30487]]

customer's agent is present to tender cargo.
Each airport security program will specify the actual limits of the
cargo operations area to be included in a SIDA, subject to review and
approval by TSA. Amendments to security programs may address the
particular circumstances of an airport's layout and operations and
accommodate other aviation operations to the extent practical. Note
that under Sec. 1542.111, an aircraft operator or foreign air carrier
may enter into an exclusive area agreement with an airport operator to
take responsibility for the SIDA.
Additionally, under Sec. 1542.111 TSA encourages airports to grant
an aircraft operator's request to enter into an exclusive area
agreement for the inside of a building of any cargo facility on its
airport where cargo is present after the aircraft operator accepts the
cargo. For example, TSA recognizes that some aircraft operators may
have buildings that house their own operations and they have an
interest in maintaining their own security systems. In such cases, the
aircraft operator may elect to carry out the requirements for the SIDA
inside the building rather than the airport operator doing so.
Airport operations are able to use existing procedures and
resources to cover these new SIDAs and will not need to create
different procedures and resources in order to comply with the
requirements of this final rule. This approach also ensures that common
standards apply on these airports.
In contrast, airports that are not required to have security
programs under part 1542 are not required to create SIDAs. At these
airports, TSA requires aircraft operators under full all-cargo security
programs to prevent unauthorized access to the operational areas of the
aircraft, rather than requiring the airports to create SIDAs and
corresponding support structures. TSA determined that requiring these
airports to create SIDAs would necessitate that they adopt TSA-approved
security programs.
TSA declined to extend the scope of these regulatory requirements
to entities that currently do not have TSA-approved security programs.
TSA determined that requiring aircraft operators to meet the security
requirements of Sec. 1544.225 would provide the greatest operational
flexibility at airports that do not have TSA-approved security
programs.
Many commenters appear to have interpreted the proposed
requirements to extend the airport SIDA to cargo operations areas in
Sec. 1542.205(a)(2) as applying to off-airport facilities or general
aviation areas where cargo may be loaded on or unloaded from smaller
all-cargo aircraft. TSA is reiterating the intent of the proposal and
clarifying the applicability of this section by modifying the proposed
language in the final rule. As stated in the NPRM ``[t]he SIDA would
only be extended to areas on airport grounds.'' \12\ Part 1542 only
applies to airports.
---------------------------------------------------------------------------

\12\ 69 FR 65270 (Nov. 10, 2004).
---------------------------------------------------------------------------

TSA's intent in expanding the SIDA is to deny unauthorized
individuals access to the cargo operations areas in order to prevent
tampering with the aircraft and cargo and to deny a potential access
point for stowaways. TSA believes that expanding the SIDA will
minimally affect areas where general aviation aircraft operate.
However, TSA acknowledges that each airport is different and some
consideration must be given to how SIDA expansion affects general
aviation. Each Federal Security Director has authority to work with
airport operators to design the SIDA based on local airport
characteristics and security requirements.
In response to a question by Juneau International Airport, there is
no requirement that SIDAs for cargo operations be contiguous with other
SIDAs at the airport. For instance, TSA understands that some airports
have SIDAs where passenger operations are conducted that are on the
opposite side of the airport from areas where cargo operations are
conducted. The area between these locations may not need to be a SIDA.
Comment: UPS recommends that TSA require airports with electronic
fingerprint equipment to accept the aircraft operator's and IAC's
Submitting Office Number to reduce the costs to the aircraft operator
and IAC. UPS states that the Submitting Office Number allows the
aircraft operator and indirect air carrier to be billed directly for
the CHRC and to identify where the results should be routed.
Additionally, UPS states that it is impractical for aircraft operators
and indirect air carriers to have electronic fingerprint equipment at
all locations for employees that need a CHRC.
TSA response: TSA does not prohibit airport operators from
electronically submitting requests for a CHRC by an aircraft operator
using that aircraft operator's Submitting Office Number. TSA does not
regulate how airports use their equipment in this context. However,
IACs are not authorized to conduct CHRCs under this rule.

II.D. Known Shipper Program

Comment: Several IACs and the National Industrial Transportation
League request that TSA clarify issues surrounding accessibility of the
proposed known shipper database and recommend the establishment of a
central database managed by TSA. In addition, the commenters seek
clarification from TSA on how, and to what extent, air carriers'
internal systems would be able to interface with the database.
TSA response: TSA agrees, and has developed a centralized database
of known shippers.\13\ This database is available to the regulated
parties. Participating aircraft operators, foreign air carriers, and
IACs verify shippers against the database. If the shipper is known in
the system, an IAC may offer the cargo for transport to, and the
aircraft operator or foreign air carrier may transport their cargo on,
a passenger aircraft. The regulated parties may access the system
through a web-based portal or by establishing direct access through
their air cargo management system.
---------------------------------------------------------------------------

\13\ This database is covered under the Privacy Act system of
records notice. Transportation Security Threat Assessment System
(DHS/TSA 002), which was published in the Federal Register on
September 24, 2004, and amended on December 10, 2004. It can be
found at 69 FR 57348, 57349 and at 69 FR 71837.
---------------------------------------------------------------------------

Comment: A number of commenters believe that the known shipper
program should be a TSA-operated function, in order to protect
commercially sensitive information. The commenters believe that TSA
should establish specific requirements for inclusion in the known
shipper list or database, vet shippers for inclusion in the program,
populate and maintain the list or database, and make provision for
automated verification of shippers against the database.
TSA response: TSA agrees that the operation and management of the
known shipper database is a TSA function. However, TSA believes that in
order to maintain the carrier's domain awareness and client-vendor
relationship, the regulated parties, and not TSA, should perform
submissions of known shipper data for inclusion in the database. TSA
vets shippers in the database via electronic means. Regulated parties
are automatically able to verify shippers against the database through
a direct access linkage of their air cargo management system to the
known shipper database.
Comment: UPS and FedEx oppose requirements under Sec. 1544.239 to
submit known shipper information to a mandatory database. They state
that use of the database will diminish rather

[[Page 30488]]

than enhance security, and question the ability of the TSA database to
process the volume of requests and the number of shippers that will be
added to the system. In addition, they argue that their competitors
could use the database in a manner that would promote unfair
competition, and that the servers supporting the database could become
inoperable at inopportune times. FedEx states further that the web-
based known shipper database will not necessarily be technologically
compatible with existing Information Technology (IT) infrastructure and
operational demands. UPS wants TSA to treat all information in the
database as SSI, and apply stringent privacy protections.
ATA supports the concept of a centralized known shipper database,
if the database is secure, transparent to authorized users, accurate,
and efficient. ATA states that, at times, the current database is not
easily accessible through carrier computer systems and needs a
standardized query vehicle, such as a unique identifier for each
shipper. ATA states that a mandatory, centralized clearance system
raises many questions and challenges for all-cargo carriers not
discussed by the ASAC Cargo Working Groups. Therefore, ATA recommends
creating a separate task force to examine issues relating to whether
all-cargo carriers should participate in the centralized database
because of the significant ramifications for the industry. ATA
recommends also that TSA fund all carrier costs associated with
participation in the known shipper program.
TSA response: TSA believes that the known shipper database will be
able to handle the volume of queries. Regulated entities will not be
required to have each satellite location equipped with a direct
connection to TSA. Rather, these locations may work through a single
corporate point of contact.
TSA understands that some operators have expressed concerns that
the database may be used in a manner inconsistent with fair
competition. TSA notes that regulated entities with access to the
database will not be able to produce the entire list of known shippers
in a single query. Rather, regulated entities will only be able to
confirm a single known shipper at a time. Additionally, TSA notes that
it will soon be far less costly for customers to become known shippers
with the transition to TSA-vetting. At present, each regulated entity
must invest time and effort in making customers known shippers. In the
future, TSA will transition this system to allow regulated parties to
request that TSA verify that a shipper may be a known shipper.
Accordingly, there will be fewer competitiveness issues. TSA remains
sensitive to issues of connectivity and competitiveness, and will
continue to work with interested stakeholders as we develop these
systems.
Currently, the known shipper database employs a verification
process to match the information submitted to other publicly available
information and for maintaining data integrity. TSA believes that the
use of the known shipper database will expedite the process of shipper
verification, while providing the Government the necessary tools to vet
shippers adequately before the transportation of cargo on a passenger
aircraft.
Air carriers will be able to maintain their current systems and
practices, such as the manner in which they flag known shippers within
their own systems. In addition, TSA believes that the aviation industry
benefits from the reduced time it will take to convert a shipper from
unknown to known.
TSA disagrees that a centralized database weakens air cargo
security. A Government-owned and -managed database that contains all
known shippers affords TSA the opportunity to further vet known
shippers, evaluate the threat posed by those who use the air
transportation system to move goods before the goods are loaded on
passenger aircraft and improve efficiency in vetting known shippers.
The database treats information that aircraft operators, foreign air
carriers, and IACs submit as SSI. TSA will continue to work with
regulated parties who have concerns about system continuity and issues
of competitiveness as we further develop these systems.
Comment: One commenter proposes merging known shipper and the
Automated Export System (AES) databases to avoid redundancy.
TSA response: The AES is a joint venture between Federal agencies
and the export trade community. It is the central point through which
export shipment data, required by multiple agencies, is filed
electronically with CBP, using an electronic interchange.
TSA and CBP are working on the development of TSA's Freight
Assessment System. TSA is looking at ways to leverage CBP's systems in
order to avoid duplication of effort. TSA will study the feasibility of
merging the known shipper database with CBP's AES as part of this
effort.
Comment: Several commenters request that TSA clarify the criteria
to establish a shipper as a known shipper. Other commenters request
that TSA clarify whether the definition will be uniform for all types
of freight and that TSA indicate whether it will expand the known
shipper program to include small aircraft operators.
TSA response: The specific criteria that TSA uses for the known
shipper program are SSI. TSA does not disclose specifics of the
criteria in public documents. The shipper itself does not have a need
to know the criteria. Rather, aircraft operators, foreign air carriers,
and IACs contact the shipper to qualify it as a known shipper. Known
shipper program requirements only apply to the transportation of cargo
on: (1) A passenger aircraft under a full program; (2) a passenger
aircraft operated by a foreign air carrier under Sec. 1546.101(a) or
(b); or (3) cargo being transferred to a passenger aircraft operation
under these sections. The known shipper requirements do not apply to
cargo transported exclusively on all-cargo aircraft.
Comment: The Air Transport Association of Canada proposes
reciprocity between TSA and Canadian known shipper databases to avoid
duplication of data.
TSA response: TSA and Transport Canada continue to coordinate on
this issue. In general, we welcome the opportunity to collaborate with
foreign governments in the harmonization of global air-cargo security
requirements.
Known Shipper Program and Foreign Air Carriers
Comment: Several commenters, including Nippon Cargo Airlines,
question whether TSA requires foreign air carriers to comply with the
known shipper program and ask how TSA implements the program with
respect to foreign air carriers. The British Embassy asks TSA to
clarify whether foreign air carriers are able to accept only cargo from
consigners on a TSA-approved list, and requests that TSA confirm that
application of the rule is limited to cargo loaded in the United
States.
TSA response: Currently, passenger foreign air carriers operating
from U.S. airports are subject to the provisions of the Model Security
Program (MSP), which requires the adoption of the known shipper
program. All cargo loaded on a passenger aircraft at a U.S. airport is
subject to this requirement, whether under an aircraft operator or
foreign air carrier security program. These requirements are not
applicable to cargo loaded outside the United States.
Known Shipper Program and IACs
Comment: TNT USA, an IAC, contends that the regulation is
duplicative of existing anti-terrorism

[[Page 30489]]

regulations and legislation. The commenter also states that the rule is
a barrier to free trade.
TSA response: TSA disagrees. Rather than acting as a barrier to
free trade, this rule enhances the capability of aircraft operators,
foreign air carriers, and IACs to more efficiently comply with security
program requirements. These regulations are not duplicative as they
have a different purpose and address a different security threat than
those of other U.S. government agencies, like CBP. As stated in the
NPRM, CBP and TSA have distinct security missions in securing air
cargo. CBP's mission is preventing terrorist and terrorist weapons,
including weapons of mass destruction, from entering the United
States.\14\ TSA, on the other hand, is responsible for securing both
U.S. aircraft and foreign flights destined for the United States from
destruction or hijacking and, as a result, is primarily concerned with
the illicit loading of explosives, incendiaries, or stowaways on board.
---------------------------------------------------------------------------

\14\ Additionally, customs regulations allow for the movement of
cargo ``in bond'' from the initial port of arrival to an inland CBP
location where it will be released (inspections prior to release are
also conducted at these inland locations) into the commerce of the
United States. Under the in-bond process, the cargo remains in
customs control with requirements as to who may transport it, and
where it may be stored (bonded warehouses) until is released by CBP.
---------------------------------------------------------------------------

Comment: NCBFAA wants TSA to clarify how long it will take to
qualify a known shipper and if an IAC can accept cargo from the shipper
during the qualification period. NCBFAA states that the known shipper
database must be precise in order to avoid delays and confusion over
shipper names and asks if known shipper status applies to all office
branches of a qualified shipper. Further, NCBFAA asks if the database
is the only source of known shipper information, and how TSA notifies
IACs of known shipper revocations. Finally, the NCBFAA asks whether air
carriers need to consult the database if an IAC already has verified
the shipper status and if there is reciprocity for a known shipper
under a similar program in another country.
TSA response: Regulated entities must separately list each location
for a known shipper. TSA anticipates that the vetting process will take
less time than the current process specified in the security programs
and is mindful of the competitive commercial environment in which the
regulated entities operate. TSA will address other specific process
questions about the database in the security programs in order to
protect sensitive security information.
Aircraft operators may accept a certification from the IAC that the
cargo has been accepted from a known shipper. There is not presently
reciprocity to establish a known shipper in the database based upon a
determination under a program in another country.
Comment: The Airforwarders Association wants TSA to address the
consolidations of IAC operations, where IACs tender shipments to
another IAC, in order to achieve efficiency and expedite the shipment
of air cargo. They state that the rule does not consider this
consolidation as within the known shipper program allowances, even if
the shipper is known to the IAC supplying the shipment.
TSA response: TSA agrees and is addressing this issue in the IACSSP
amendments, which will be available for IACs to comment on soon after
the publication of this final rule.

II.E. Adoption and Implementation of the Security Programs

The following are comments to Sec. Sec. 1544.101, 1546.101,
1546.103 and 1548.5.
Comment: AOPA does not want TSA to apply security requirements
under these sections to on-demand cargo operations, and wants TSA to
limit the application of such requirements to scheduled operations. In
addition, a domestic air carrier states that terrorists would likely
not choose unscheduled airlines for a hostile takeover, or for
placement of an explosive device, because of the inability to plan for
the location of the planes. The air carrier also wants to limit the
regulations to scheduled air cargo transportation.
TSA response: TSA does not believe that distinguishing charter
operations as scheduled or unscheduled in this manner would provide for
the appropriate level of security. TSA notes that the flight departures
of some unscheduled charters are predictable.
Comment: FedEx, Swiss International Air Lines, Air France, and the
International Brotherhood of Teamsters recommend adopting one security
program for all aircraft operators and foreign air carriers in the
industry, without differentiating between weight and type of aircraft
or operation.
TSA response: TSA requirements do not prohibit an air carrier from
adopting a single security plan for all of its categories of aircraft
sizes provided that the plan meets or exceeds the security requirements
for each aircraft used in those operations.
TSA recognizes historical patterns of terrorist attacks and a
threat-based, risk-managed approach to security. Terrorists have
demonstrated the destructive potential of large turbine-powered
aircraft with large capacity fuel loads and speeds. Accordingly, a
security regime that differentiates between aircraft on the basis of
weight is appropriate, regardless of whether a particular aircraft
carries passengers or cargo. At the same time, TSA is mindful of the
historical link between terrorist operations and passenger aircraft.
Therefore, measures that prevent cargo and cargo operations from being
used to carry unauthorized explosives, incendiaries, and other
destructive substances or items against passenger aircraft must be
provided, regardless of aircraft weight. This rationale underscores
TSA's security regime and the particular measures that TSA has
developed across the spectrum of civil aircraft operations, whether
passenger, cargo, or mixed. Requiring the highest level of security for
all sizes of aircraft would add a burden for smaller aircraft, which is
not warranted by the current threat.
Comment: FedEx states that, in the past, TSA field agents and
foreign government officials have incorrectly assumed that the full
all-cargo security program is limited or somehow inferior to the
passenger aircraft's full program because it did not contain the term
``full program.'' FedEx states that this misunderstanding has resulted
in a loss of confidence in their security program, and in some cases,
undue scrutiny and delay. ATA CAA, FedEx, and RAA recommend either
eliminating the word ``full'' from the names of all security programs
or rename the cargo program.
TSA response: TSA notes that the all-cargo program does not require
all of the same security measures as the full program that applies to
passenger operations. TSA has changed the title to ``full all-cargo
program'' in this final rule for the security program required by Sec.
1544.101(h).
Comment: UPS agrees with the creation of this program as long as
the Domestic Security Integration Program (DSIP) remains intact and up
to date in the final rule. UPS is opposed to adopting any security
program other than the DSIP. UPS believes also that bringing the all-
cargo industry up to the standard of the DSIP is an effective way to
enhance supply chain security.
British Airways asks whether TSA will eliminate or maintain the
DSIP after the incorporation of the two programs. British Airways
argues that if the DSIP remains, along with the full all-cargo security
program, it would give rise to two standards. They oppose this outcome
and recommend treating all cargo operations equally.

[[Page 30490]]

TSA response: TSA is conforming the existing cargo aircraft
operator security programs and the cargo sections of security programs
for passenger aircraft operations to the requirements of this final
rule. The mandatory program will supersede the DSIP for all-cargo
aircraft operators. This new mandatory program will now be referred to
as the full all-cargo security program. The DSIP was a program that
all-cargo aircraft operators were authorized to adopt voluntarily in
order to engage in certain business operations. However, it is
important to note that, in addition to adopting a full all-cargo
security program, aircraft operators with an MTOW of more than 45,500
kg that transfer cargo to an aircraft operator in passenger service
with a full program under Sec. Sec. 1544.101(a) or 1546.101(a) or (b),
must also register with TSA to engage in these transfers. While each
full all-cargo program will contain an option to implement the security
procedures to transfer cargo to these passenger carrying aircraft, only
those aircraft operators that have also registered with TSA to transfer
cargo to passenger operations may do so.
TSA recognizes that some aircraft operators under a full all-cargo
program are not in the business of transferring cargo to passenger
operations. These aircraft operators do not need to register with TSA
or carry out the special security procedures, as long as they do not
transfer cargo to passenger operations. Each existing DSIP holder, and
any additional aircraft operators with an MTOW of more than 45,500 kg
in all-cargo operations, must carry out the specific security
procedures and register with TSA prior to transferring cargo to
passenger operations. Aircraft operators in passenger services under a
full program or under Sec. 1546.101(a) or (b) will be required to
verify that the aircraft operator with a full all-cargo security
program is on an approved list maintained by TSA in order to accept
cargo from it.
Comment: AAPA and Singapore Airlines oppose implementation of
extraterritorial measures and instead emphasize collaborative
discussions to mitigate the terrorist threat without affecting air
cargo operations.
TSA response: In this final rule, TSA regulates the civil
operations of U.S. aircraft operators, wherever they may operate. The
application of the final rule to part 1546 air carriers is generally
limited to operations from and within the United States, or to the
United States, effective at the last point of departure. In the latter
case, compliance with foreign government security requirements that TSA
determines are equivalent to U.S. part 1544 requirements generally
comply.
Comment: Japan Airlines asks whether Sec. Sec. 1546.101 and
1546.103 apply to cargo flights making only a technical stop in the
United States.
TSA response: Foreign air carriers operating aircraft in all-cargo
operations must apply security measures for technical stops in a
similar manner as for passenger operations. These security measures are
detailed in TSA-approved security programs, related Security
Directives, and emergency amendments. The specific security measures
are sensitive security information.
Comment: Several commenters, including Singapore Airlines and the
British Embassy, want TSA to treat foreign air carriers under part 1546
as equal to domestic aircraft operators under part 1544. In addition,
the British Embassy states that many countries' national security
program requirements exceed those proposed by TSA, and wants
confirmation that, in such cases, these national security programs will
be deemed acceptable to TSA.
TSA response: Parts 1544 and 1546 are functionally equivalent. The
United States recognizes that part 1546 air carrier operations
conducted in accordance with foreign government procedures, and with a
similar level of security to U.S. part 1544 operations, generally
suffice to meet TSA security requirements. Foreign government
procedures may include measures that are at least comparable to what is
required of part 1544 operations.
Comment: IATA and Japan Airlines recommend allowing foreign air
carriers to submit existing security programs for approval instead of
submitting a new program under these rules. In addition, Singapore
Airlines and Nippon Cargo Airlines ask if TSA will accept the current
All-Cargo International Security Procedures (ACISP).
TSA response: TSA is adjusting security programs such as the Model
Security Program (MSP) and ACISP to achieve the security requirements
of the final rule. TSA is issuing these security programs to the
regulated parties for review and comment sometime on or after
publication of the final rule. Foreign air carriers must still submit
all such programs to TSA for review and consideration before final
approval. The measures of a part 1546 security program that provide a
level of security similar to the U.S. part 1544 operations are
generally sufficient for operations departing to the United States,
satisfy the requirements of the final rule, and are acceptable to TSA.
TSA acts through its international air carrier principal security
inspector and works with the regulated party to develop measures
capable of producing a similar level of security.
Form, Content, and Availability of Security Program
Comment: Singapore Airlines supports Sec. 1546.103 and AAPA wants
TSA to provide air carriers with the information about cargo shippers
and IAC security programs. Japan Airlines asks if foreign air carriers
have flexibility and discretion with respect to fashioning security
measures for inclusion in security programs, so long as those measures
are acceptable to TSA.
TSA response: TSA considers all security programs SSI and restricts
access to applicable regulated entities. Regulated entities may request
amendments to their security program following the procedures
established in the regulations applicable to their specific operation.
Aircraft operators do not have a need to know the contents of an
IACSSP.
Comment: NCBFAA recommends creating a frequently asked questions
section on the TSA Web site to address issues regarding each new
proposed regulation.
TSA response: TSA offers regulated entities security program
updates, including information similar to frequently asked questions
sections, through secure web-boards. Questions about accessing these
web-boards should be directed to a regulated entity's principal TSA
contact.

II.F. Costs of IAC Training and Materials

Comment: Several IACs, British Airways, the Airforwarders
Association, and Singapore Airlines support Sec. 1548.11 on training
and knowledge for individuals with security-related duties. Other IACs,
NACA, RACCA, and Brinks, want TSA to clarify what the required training
includes. These commenters ask:
Who is going to pay for the training?
What training will TSA require?
Who will provide the training and training materials?
How often must IACs train the personnel?
What is the timeframe for accomplishing the training?
FedEx proposes that TSA offer training and certification directly
to any trucker or warehouseman who wishes to volunteer, and use vendor
certification as evidence of IAC training. In addition, FedEx states
that the contractors should directly pay for training, and TSA should
pay for the expense of administering the training.

[[Page 30491]]

TSA response: TSA is developing computer-based instructional
materials and a testing tool, including a minimum standard that an
employee must meet and protocols for situations where employees fail to
meet the threshold. TSA also is developing the curriculum and training
materials, and is including specific requirements for training and
testing IAC employees in the revision of the IACSSP. The rule requires
that training be completed at least annually for each authorized
employee or agent. The IAC bears the cost of training each of their
employees or agents.
Comment: FedEx objects to holding IACs responsible for training and
testing employees of contractors, subcontractors, or agents, such as
truckers or warehousemen, who may have unescorted access to cargo. They
believe the proposal is impractical, cost-prohibitive, and that it
would impose an unfair burden on IACs. FedEx argues that TSA has
underestimated the number of individuals who will require training, as
well as the cost associated with the training. FedEx states that TSA
calculated only the cost associated with training employees of an IAC,
but that it did not include the cost associated with an IAC training
the employees of any agents, contractors, or subcontractors that may
have unescorted access to air cargo. FedEx interprets this requirement
to mean that they would have to train all drivers, warehouse, and
office staff of any trucker or courier who may pick up cargo designated
for shipping via airfreight. They state further that there are several
million licensed drivers in the United States, and even if only 25
percent (approximately 500,000) drivers are involved in the delivery of
air cargo, according to TSA's estimate of $100 per individual for the
cost of training, the cost to IACs will exceed $50 million. This
estimate does not include the cost associated with training new hires,
as there is a high turnover employee rate in the trucking industry.
TSA response: TSA has clarified the applicability of IAC
requirements. The regulation requirements apply to regulated party
employees and agents. If an IAC uses others to perform functions that
have security consequences, the IAC must make sure that those persons
have proper training. TSA is not requiring air cargo operators with a
security program to comply with IAC requirements and believes FedEx has
extended its estimate beyond the requirements of this regulation.

II.G. Cost Benefit Analysis

A separate final regulatory analysis is provided on the docket. A
summary of the final regulatory analysis appears in this document under
the section ``V. Rulemaking Analyses and Notices, A. Regulatory
Evaluation Summary.'' To assist the readers of this section, TSA is
providing a table that shows, at the summary level, the changes from
the NPRM to the final rule. The details of these changes are found in
the full regulatory evaluation on the docket. Summary of changes:

----------------------------------------------------------------------------------------------------------------
10 year cost
Requirement --------------------------------------- Remarks
NPRM Final rule Delta
----------------------------------------------------------------------------------------------------------------
Costs First Associated With Requirements Under November 2003 SD & March 2005 Security Program Amendments
----------------------------------------------------------------------------------------------------------------
Passenger Flight Cargo Screening (first $493.1M $1,491.1M +$998.0M Cost driven by congressional
implemented under SD, currently done mandate to triple cargo
under security program amendment). inspections and public
comment.
All-Cargo Flight Cargo Screening 166.4M 328.0M +161.6M Public inputs on costs.
(currently done under SD).
Require All-Cargo operators to screen 33.7M 35.2M +1.5M Implementation cost change.
persons entering aircraft(currently
done under SD).
All-Cargo Security Coordinators 0.2M 0.0M -0.2M Double Counted in NPRM.
(currenlty done under SD).
---------------------------------------
Subtotal............................ 693.4M 1,854.5M 1,160.9M
----------------------------------------------------------------------------------------------------------------
Costs Associated With Requirements Originating Under This Rule
----------------------------------------------------------------------------------------------------------------
Security Threat Assessment.............. $3.7M $4.6M + $1.0M Population Increase but admin
cost greatly reduced.
Security Identification Display Area 0.9M 10.9M +10.0M Costs Identified in comments.
(SIDA).
CHRCs for individuals inspecting cargo.. 0.5M 5.7M +5.2M Increased Population.
Implementation of All-Cargo security 26.6M 0.7M -25.9M Removed LEO costs.
program for aircraft over 45,000 kg.
New aircraft inspection requirements.... 36.6M 38.2M +1.6M Implementation cost change.
TSA Managed Known Shipper Database...... 24.5M 24.5M ........... Remained the same.
Develop/implement IAC and Agent Training 15.1M 35.6M +20.5M Increase in population
requiring training and
training development cost.
IAC Security Program Requirements....... 36.0M 46.5M +10.5M Change in Population.
---------------------------------------
Subtotal............................ 143.9M 166.7M +22.9M
=======================================
Total............................... 837.3M 2,011.9M +1,183.8M
----------------------------------------------------------------------------------------------------------------

Comment: ACI-NA and the Atlanta International Airport believe that
airports and IACs should not be obligated to obtain equipment and staff
to support these regulations. They believe that TSA or DHS should
either fund the new security mandates or take responsibility for
securing cargo operations. United Airlines believes that the NPRM's
economic analysis fails to consider the impact on U.S. passenger
carriers. United Airlines believes the solution is to enact a cargo-
screening program based on Federal screening of freight as Congress
intended. United Airlines believes that TSA should review methods of
defraying costs borne by carriers before they pursue screening
initiatives that burden carriers.
TSA response: Only cargo accepted under the known shipper program
may

[[Page 30492]]

be transported on a passenger aircraft; however, Congress chose not to
require Federal Government employees to conduct screening of such
cargo. Moreover, Congress did not require that Federal employees must
conduct cargo screening for aircraft in all-cargo operations. TSA has
required aircraft operators conduct cargo screening since November
2003, and, in part to mitigate the costs cited by the commenter,
provides a degree of flexibility for the operators to fulfill these
requirements within their operational environment.
Comment: RACCA estimates that because of the high turnover rate in
the industry, actual STA cost per employee is $150. RACCA believes that
air carriers need this money for applications that have a direct
bearing on safety, like pilot training and aircraft maintenance. RACCA
states that the threat is minimal, but the cost may be crippling for an
industry that operates with narrow margins. They state further that
these costs are a burden for many small air cargo operators and may
precipitate cost-cutting measures that will have a negative impact on
overall safety.
TSA response: RACCA did not provide sufficient information to
determine how they computed actual STA costs per employee. TSA has been
able to further refine the STA systems and eliminate some costs,
lowering the cost of STA per applicant. As our vetting and
credentialing capabilities have grown, we are now able to accomplish
these checks more expeditiously and economically. TSA allows certain
comparable checks in lieu of an STA. Additionally, there is no
requirement to renew an STA as long as the STA-holder qualifies as
continuously employed. Lastly, in a post 9/11 world, industry must meet
both safety and security requirements.
Comment: IATA estimates implementation will be 2 to 4 times higher
than the TSA estimate ($3.7 million), or $7.4 to 14.8 million over 10
years. For the expansion of SIDA, IATA estimates that the cost to the
industry is 4 times the TSA estimate ($1.4 million), or $5.6 million
over 10 years. IATA estimates that the actual cost to implement full
all-cargo security programs will be 3 to 4 times the TSA estimate
($26.6 million), or $80 to $106 million over 10 years. Although TSA did
not provide any cost estimates for the implementation of the known
shipper database, IATA estimates the cost to the industry to be between
$1 and $2 million per year. For the enhancements to the IACSSP, IATA
estimates that the costs are 25 to 30 percent greater than the TSA
estimate ($36 million), or $45.0 to $47.0 million over 10 years. IATA
estimates that the training requirements for IACs will be 2 times that
TSA estimate ($15.1 million), or $30 million over 10 years. Overall,
IATA estimates that the proposed rules will cost the industry 80
percent more than the TSA estimate ($49 million), or $88 million a
year.
TSA response: Although the STA population numbers did in fact
increase in the final regulatory analysis, there was a corresponding
decrease in the unit costs of the STA as TSA was able to eliminate some
costs. The new number for the STA is $4.6 million for the 10 years. TSA
is providing a reduction in the unit cost of the STA check from $55 to
$38, which explains TSA's computed cost of $4.6 million versus IATA's
$7.4 to $14.8 million. TSA accepted recommendations from IATA and
others, and the SIDA expansion rounds to $10.9 million over 10 years.
TSA's recalculation for the IACSSP of $46.5 million is near the top of
IATA's $45-47 million. The new IAC training numbers are $35.6 million
versus IATA's $30 million. Contrary to IATA's comment that TSA did not
provide information on Known Shipper costs, TSA documented those costs
as TSA costs rather than industry costs in the NPRM evaluation. A
discussion of the Known Shipper program costs are on page 46 of the
final regulatory evaluation.
Comment: ATA and British Airways question the distribution of the
funding for the proposed rules. They state that, as currently
allocated, the costs fall disproportionately on air carriers, because
estimated air carrier allocation ($758 million) constitutes 90 percent
of the total estimated security costs ($837 million). They state
further that the annual costs to all parties will exceed the $100
million annual threshold and would make the NPRM significant under
Executive Order 12866.
TSA response: TSA has determined that this rule is significant
under Executive Order 12866 guidelines, as discussed in the Regulatory
Evaluation Summary of this preamble (Section V.A.). TSA has listened to
concerns both about cost and security. The largest portions of costs
are directly related to the actual screening conducted by the airlines.
TSA believes it has complied with legislative intent that this be a
private sector responsibility rather than a governmental function. TSA
is unaware of a mechanism for the government to redistribute private
sector costs for the required inspections.
Comment: Delta estimates that the financial impact to aircraft
operators in year one will be $56.2 million, or $493.1 million in 10
years, and states that the proposed unfunded security mandates add
significant costs to their business. Delta believes that TSA's
assumptions about aircraft operator's ability to secure operating and
capital funding for screening are not correct. Delta believes further
that TSA-based calculations from an early 2002 report are significantly
inaccurate, and expresses concern about the continued viability of
cargo in the passenger air carrier market.
TSA response: TSA computes the ten year impact to the carriers at
$1.9 billion versus approximately $760 million in the NPRM evaluation.
TSA has accepted numerous inputs from the public comments to revise the
cost estimates. The largest portion of these costs, the screening
costs, has been in place for sometime, through Security Directives and
security program amendments. TSA is codifying these measures at this
time. Also, the tripling of cargo screening as required by legislation
was the single largest source of change. TSA is not making any
assumptions about capital availability to aircraft operators. The fact
that the screening requirements have been in place would suggest that
the market has already adjusted to a requirement affirmed in
legislation. Assumptions about capital expenditures in the full
evaluation were based upon the likelihood of future cost savings using
automated equipment over manual inspections. The evaluation reiterates
that TSA has not mandated the purchase of any screening equipment in
this rule. Other than screening equipment, TSA is unaware of what other
capital costs Delta might be referencing.
Comment: FedEx states that as proposed, the rules will require STAs
for over 500,000 drivers that have potential access to cargo. According
to this estimate, STA implementation will cost the industry $27.5
million for only truck drivers ($55 per individual). NACA states that
the TSA estimate of employees that will require training is below the
actual number, and NACA estimates that in their industry alone, 20,000
people will need the proposed training.
TSA response: The public comments clearly reflected a broader
assumption about requirements than TSA intended. TSA has examined the
need for STAs in passenger and cargo operations and has reworded the
scope of the new requirements more clearly to state which employees and
agents of a carrier do require the STA in accordance with security
considerations. TSA has adjusted these costs with these new population
estimates to reflect TSA's expectation of a narrower coverage than
reflected in the public comments.

[[Page 30493]]

Comment: NCBFAA states that TSA underestimates the cost of the new
measures for air forwarders, many of which are small businesses. NCBFAA
questions the basis for TSA's estimate of 3,800 IAC entities and 26,600
IAC employees. NCBFAA questions the lack of underlying support for this
conclusion, and believes more employees will be affected by the
proposed rules. To support this, NCBFAA states that most IACs are also
surface and ocean forwarders, non-vessel operating common carriers,
customs brokers, warehousemen, and motor carrier brokers. Hence, the
number of employees directly involved in airfreight operations is only
a portion of the total employees that might have access to cargo.
Consequently, NCBFAA states that the TSA estimate for total compliance
($51 million) is an understatement of the true cost to the industry.
NCBFAA recommends TSA undertake a more comprehensive impact and
regulatory flexibility analysis of the IAC industry for more accurate
assessment of the IAC population.
TSA response: TSA maintains an operational database that reflects
approximately 3800 IACs who have identified themselves to TSA. These
businesses already interact with TSA security personnel and TSA has
identified them as currently providing services to aircraft operators.
During preparation of the final rule, the 2002 Economic Census data
became available which revealed both more firms and a higher average
employee per firm value for the general group of freight forwarders.
Public input during the comment period and discussions at TSA revealed
that there was a misunderstanding of the STA coverage. Clearer language
has been provided and consequentially this evaluation expanded the
numbers to use the 2002 Economic Census \15\ numbers, which were
unavailable at the time of the original evaluation. Please see the
separate full regulatory evaluation available on the docket. STAs and
the changes are discussed in the section labeled Cost of Compliance:
Name Based Background checks and Table 17.
---------------------------------------------------------------------------

\15\ 2002 Economic Census, Support Activities for
Transportation: 2002, Transportation and Warehousing Industry Series
at http://www. census.gov/econ/census02/guide/INDRPT48. HTM.

---------------------------------------------------------------------------

Comment: AAAE believes that the proposed rules are an unfunded
mandate for airports. They state further that the cost of expanding
SIDA involves more than just the physical expansion of the space;
airports with more remote cargo operating locations will need to
increase the number of law enforcement personnel on the cargo ramp,
while diverting law enforcement resources away from the passenger
terminal facility. In addition, AAAE states that airports may need to
expand significantly their badging offices to accommodate the
additional cargo personnel, and states that the Memphis-Shelby Airport
will have to badge 15,000 FedEx personnel.
TSA response: TSA reiterates that not every worker requires a
background check, SIDA clearance, and a new badge. The SIDA guidelines
have been adjusted to allow the airports to work with aircraft
operators to minimize the expansion of the SIDA, while still providing
the necessary security. For example, the final evaluation clarifies
that additional law enforcement officers do not need to be employed.
Rather, the requirement is to have the ability to contact existing law
enforcement officials. Also in the full regulatory evaluation, section
on ``Cost of Compliance: Airport Operators,'' TSA has shown how it used
the public comments to revise the costs and population needing badges.
Based upon the information in comments, TSA believes it reasonable to
reject the need to increase staffing for this expected one time
increase. Memphis is an example of several locations that have national
hubs for the Nation's largest parcel and express shippers. TSA invites
the airport and shippers to work with us in order to use the
flexibility and alternatives that TSA authorizes.
Comment: IATA states that TSA underestimates the number of affected
employees, and two IATA members indicate that depending on the
definition of unescorted access to cargo, they will have at least
63,000 impacted staff, mainly cargo handlers and drivers. The
Airforwarders Association states that TSA's estimate of the number of
IACs is correct, but that the number of affected IAC employees is
incorrect, and recommends revaluation. ATA states that depending on the
scope of the requirement, the number of individuals subject to either
an STA or CHRC could be ten times greater than the 63,000 estimated by
TSA.
TSA response: TSA has examined the public comments along with new
data available in the 2002 Economic Census.\16\ Census numbers do not
support a three-fold expansion of the population while keeping the
number of businesses constant. The new Census number of firms and the
average employee per business value increased only slightly.
Additionally, given that some of the public comments agree with TSA's
original numbers, TSA believes that there has been confusion on to the
extent the STA or CHRC were going to be required. The full regulatory
evaluation provides several pages of detail in the section ``Cost of
Compliance: Indirect Air Carriers'' and in the full evaluation tables
13-17. Based on extensive internal discussion of very knowledgeable
subject matter experts, TSA believes the new language provides much
clearer guidance and the Census number adjustments are an appropriate
estimate.
---------------------------------------------------------------------------

\16\ Support Activities for Transportation: 2002, Transportation
and Warehousing Industry Series at http://www.census. gov/econ/

census02/guide/INDRPT48. HTM.
---------------------------------------------------------------------------

II.H. 100 Percent Inspection of Cargo

TSA invited comments in the NPRM, but did not propose requirements,
for the physical inspection of 100 percent of air cargo.
Comment: The majority of comments TSA received on this issue,
including comments from Air France, ATA, British Airways, IATA,
Singapore Airlines, and several IACs, oppose 100 percent inspection of
air cargo. The consensus of these comments is that requiring 100
percent inspection of air cargo would be impractical in an industry
dependent on just-in-time deliveries, without advances in targeting
methodology, data, and technology. ATA states further that the 100
percent inspection of cargo is not warranted or required under ATSA,
nor is it justified under any risk-based analysis that TSA has shared
with the industry. A small minority of comments, including comments
from ALPA and the International Brotherhood of Teamsters, support 100
percent inspection of air cargo.
TSA response: TSA is not requiring 100 percent inspection of air
cargo at this time. As mentioned in the proposal at 69 FR 65266, TSA
considered requiring 100 percent inspection of air cargo, but
determined to continue with a layered approach of security measures and
to pursue a risk-based targeting strategy to identify higher risk cargo
for additional scrutiny. This conclusion is affirmed by, and derived
from, the Government Accountability Office report on Vulnerabilities
and Potential Improvements for the Air Cargo System,\17\ the Department
of Transportation's Office of the Inspector General Audit of the Cargo
Security Program,\18\ and TSA's Air Cargo

[[Page 30494]]

Security Scenario Analysis. These reports have cautioned that, in the
absence of an appropriate targeting methodology and data, requiring
inspection of 100 percent of air cargo would severely burden the just-
in-time delivery that is currently a key competitive feature of many
U.S. manufacturing and distribution industries. In addition, 100
percent inspection could have particularly severe negative impacts on
aircraft operators, IACs, and their employees and agents. TSA has
focused on deploying currently available tools, resources, and
infrastructure in a targeted manner to provide effective security in
the air cargo environment, and has laid out a path for accelerated
research and development of even more effective tools.
---------------------------------------------------------------------------

\17\ GAO-03-344, December 2002.
\18\ Report Number SC-2002-113, Sep. 19, 2002. This report is
SSI.
---------------------------------------------------------------------------

II.I. Unknown Shipper Cargo

TSA invited comments in the NPRM, but did not propose requirements,
about allowing unknown shipper cargo on passenger aircraft after proper
screening.
Comment: ATA, CAA, Delta, RAA, and other commenters request that
TSA consider allowing cargo from unknown shippers into passenger
aircraft after proper screening. These comments assert that TSA should
permit cargo on passenger carriers subject to inspection.
TSA response: While TSA appreciates these comments, at this time
TSA declines to allow the transport of unknown shipper cargo on
passenger aircraft. Currently, no technology or inspection techniques
exist with sufficient versatility to handle the vast array of cargo
configurations, and commodities to ensure security, while maintaining
acceptable throughput, or processing time. TSA continues to collaborate
with the industry in an effort to develop technology solutions to
improve the effectiveness and efficiency of the cargo screening
process.

II.J. Terms Used in This Subchapter

Comment: British Airways, AEA, IATA, and the International
Brotherhood of Teamsters support the definition of ``Indirect air
carrier'' in Sec. 1540.5. British Airways and AEA state that the
expanded coverage is consistent with proposals from the European
Commission. AAPA and IATA suggest that the definition should include
equivalent entities of IACs operating outside of the United States.
Purolator suggests that the United States Postal Service and foreign
postal services should be included in the definition.
TSA response: TSA is working closely with the European Commission
to establish the basis of mutual recognition of its regulated agent
and/or IACSSP. The U.S. Postal Service is not subject to the provisions
of this rule. The security of the U.S. Mail is covered under a Mail
Security Program that provides an appropriate level of security for
mail transported via aircraft.
Comment: The Denver International Airport wants TSA to define the
term airport grounds, and three commenters recommend adopting a
definition for the terms ``cargo'' and ``access to air cargo.''
TSA response: ``Cargo'' is defined in 49 CFR 1540.5. TSA is
revising the language of Sec. Sec. 1544.228, 1546.213, and 1548.15 to
include those individuals specifically authorized by the aircraft
operator, foreign air carrier, or IAC to have unescorted access to air
cargo. As stated in the preamble to the NPRM at 69 FR 65270, ``The SIDA
would only be extended to areas on airport grounds.'' The requirement
to extend SIDA to cargo operations is specific to the area used by an
aircraft operator under a full all-cargo program, as provided in Sec.
1544.104(h) and by a foreign air carrier under Sec. 1546.101(e).
Therefore, the proposed extension of the SIDA applies only to those
areas regularly used to load or unload cargo on larger all-cargo
aircraft under a full all-cargo security program. TSA is modifying
Sec. 1542.205(a)(2) to reflect this intention by adding the words
``air operations area'' instead of the words ``airport grounds'' and by
deleting the reference to areas used ``to sort cargo.''
Comment: Air France and Global Express Association propose that TSA
harmonize terms used in cargo operations, like ``known shipper,''
``consignor,'' ``regulated agent,'' and ``IAC.''
TSA response: TSA believes that the terms ``known consignor'' and
``known shipper'' are similar, in general. However, TSA's use of the
term ``known shipper'' is specifically dependent on meeting the
criteria and required measures in TSA-approved security programs.
Similarly, the terms ``regulated agent'' and ``indirect air carrier''
are alike, in general. However, TSA's use of the term ``indirect air
carrier'' only applies to entities within the United States, and
subject to the required measures in TSA-approved security programs,
while ``regulated agents'' are located outside of the United States and
subject to ICAO standards and a State's national requirements.

II.K. Persons and Property Aboard the Aircraft

Comment: CAA, FedEx, NACA, and UPS recommend that TSA revise
Sec. Sec. 1544.202 and 1546.202 to apply only to persons who board the
aircraft for transportation. ATA recommends distinguishing individuals
and the applicable screening requirements to require 100 percent
screening of individuals boarding the aircraft for the purpose of
transportation, and random screening of those boarding the aircraft for
a limited purpose and amount of time.
TSA response: TSA is adding the phrase ``for transportation'' in
Sec. Sec. 1544.202 and 1546.202. The intent of proposed Sec. Sec.
1544.202 and 1546.202 is to screen persons who are onboard the aircraft
in flight, for weapons, explosives, incendiaries, and other destructive
substances or items. Persons who enter the aircraft on the ground for
servicing or maintenance are subject to other security measures, which
may include some screening for prohibited items, in airport areas where
all-cargo aircraft operations are conducted.

II.L. Other Issues and Sections

Proposed Compliance Schedule
Comment: AAAE, the Savannah Airport Commission, the NCBFAA, and
others state that the compliance schedules are brief and unrealistic.
AAAE recommends providing waivers to airports that cannot comply in 90
days. Only one commenter, an insurance company, states that the 180-day
schedule to introduce new training requirements is too long.
TSA response: TSA believes this final rule allows adequate time for
airport operators, aircraft operators, foreign air carriers, and IACs
to comply. Further, TSA notes that the complexities involved in
compliance, as well as anticipated costs, have been carefully weighed
where deadlines are established. Where difficulties are encountered,
airport operators, aircraft operators, foreign air carriers, and IACs
are encouraged to contact their TSA Principal Security Inspector or
local Federal Security Director. TSA attempts to ensure a realistic
approach to compliance timeframes, but recognizes that such timeframes
are sometimes not met for good cause, and is prepared to extend
reasonable consideration on a case-by-case basis, as warranted.
Use of Loring Air Force Base
Comment: Ten commenters, including the U.S. Senate Committee on
Government Affairs, a U.S. Representative from Maine and the Governor
of Maine, recommend the use of Loring Air Force Base in Northern Maine
as an emergency site to land inbound international cargo aircraft found
to pose an imminent threat.

[[Page 30495]]

TSA response: The Intelligence Reform and Terrorism Prevention Act
of 2004 requires the Secretary of Homeland Security, in coordination
with U.S. Department of Defense and FAA, to submit a report on current
procedures to address the threat of all-cargo aircraft that are inbound
to the United States from outside the United States, and an analysis of
the benefits of establishing secure facilities along established
aviation routes for the purposes of diverting and securing aircraft
that may pose a threat. While this rule does not specifically address
this issue, TSA is considering these comments in the development of the
report to Congress on the feasibility of establishing these sites as
required by sec. 4054 of the Intelligence Reform and Terrorism
Prevention Act of 2004.
STA for Passengers of All-Cargo Aircraft
TSA invited comments in the NPRM, but did not propose requirements,
about requiring each person who boards an aircraft for transportation
under an all-cargo security program to submit to an STA. TSA also
invited comments about requiring persons who board an aircraft under an
all-cargo security program who require prohibited items during the
flight to perform their duties to submit to the assessment. There are
five comments on this issue.
Comment: Three commenters, British Airways, Air France, and ALPA,
support STAs for individuals who board all-cargo aircraft for
transportation. ALPA states that TSA must minimize access to the
aircraft and the flight deck by permitting only those persons to board
who have been properly vetted by a 10-year, fingerprint-based CHRC.
They also state that TSA should reconsider the practice of allowing
employees who have not been vetted to ride aboard all-cargo aircraft as
an employment benefit, without requiring them to meet the same security
requirements applicable to other employees who work on or around the
aircraft. In addition, ALPA notes that many foreign nationals travel as
animal attendants aboard all-cargo aircraft, and often sit unsupervised
just outside of the cockpit, in possession of items normally prohibited
on aircraft.
Two commenters, ATA and IATA, oppose this requirement. IATA states
that STAs for personnel boarding all-cargo aircraft are unnecessary
when the Government has already vetted such personnel through the
submission of master crew lists and flight manifests. Similarly, ATA
recommends permitting air carriers to use current comparable procedures
in these locations like submission of crew manifests to TSA.
TSA response: TSA appreciates the responses to this particular
issue and is further evaluating the impact and benefit of establishing
an STA requirement for individuals onboard an all-cargo aircraft. At
this time, TSA declines to extend an STA requirement to these
individuals. Screening requirements for individuals transported are
addressed in applicable security programs, Security Directives, and
Emergency Amendments. Individuals transported are currently checked
against the TSA ``No Fly'' list and their persons and accessible
property are inspected for prohibited items.
Security of Aircraft and Facilities
Comment: UPS recommends further clarification of ``operational area
of the aircraft'' in Sec. 1544.225(d) and suggests alternative
regulatory text. The Airports Consultants Council asks if this
provision transfers the responsibility for airport access control for
an Exclusive Use Area and states that, if it does, TSA should clarify.
TSA response: TSA declines to amend Sec. 1544.225(d). TSA is
providing more clarification to this section through the security
program revision. This provision does not transfer the responsibility
for airport access control for Exclusive Use Areas. Under Sec. Sec.
1542.111 and 1544.227, airports and aircraft operators may agree that
control over a SIDA at cargo operations can be transferred to an
aircraft operator.
Fingerprint-Based CHRCs: Unescorted Access Authority, Authority To
Perform Screening Functions, and Authority To Perform Checked Baggage
or Cargo Functions
Comment: Four commenters, including ATA and ALPA, support Sec.
1544.229. Swiss International Airlines notes that fingerprinting may
not be necessary for an effective background check, and suggests that
TSA harmonize these requirements with existing EU regulations.
TSA response: TSA continues to collaborate with its foreign
counterparts, where possible, in harmonizing security measures.
IAC Security Programs: Approval, Amendment, Annual Renewal, and
Withdrawal of Approval
Comment: While the majority of commenters support Sec. 1548.7,
some believe that the process requires applicants to submit information
already held by DHS under CBP's Customs-Trade Partnership Against
Terrorism program. The Airforwarders Association asks if Sec.
1548.7(a)(1)(v) requires only addresses for United States and not
foreign locations. In addition, the Airforwarders Association
recommends facilitating the requirements of Sec. 1548.7(a)(5) through
harmonization of a non-governmental organization accreditation program.
ACC opposes the duration of the Sec. 1548.7(a)(4) security program,
and proposes instead that TSA grant only one initial approval, subject
to continued inspection, to avoid processing of thousands of security
programs each year.
TSA response: TSA currently is evaluating the synergies that may
exist between TSA's IAC and CBP's Customs-Trade Partnership Against
Terrorism programs, and would consider changes to the IACSSP if
appropriate. Part 1548 does not apply to stations or locations outside
the United States. TSA believes that the yearly revalidation process
assists the IAC in reviewing its security posture and compliance with
TSA requirements. Furthermore, TSA believes that a yearly revalidation
requirement does not impose an unreasonable burden on the IAC
community.
IAC Security Coordinators
Comment: Singapore Airlines, British Airways, ACC, and others
support Sec. 1548.13. ACC, ACI-NA, and the Atlanta International
Airport ask if this requirement is similar to aircraft operator
security coordinator requirements and ask if aircraft operators must
update their security programs to include IAC security information.
TSA response: This requirement is based on the model of
requirements for aircraft operator security coordinators. TSA does not
require aircraft operators, foreign air carriers, or airport operators
to maintain records of IAC security coordinators as part of their
security programs.
Comment: Freight Forwarders International questions the purpose of
the security coordinator and what specific information TSA requires
from this person.
TSA response: The purpose of the security coordinator is to act as
the security liaison between the regulated party and TSA. The security
coordinator provides a single point of contact for communications
involving threat information or security procedures, particularly those
that are time-sensitive in nature. TSA is revising the IACSSP to
include specific requirements for security coordinators.
Comment: NCBFAA believes that the security coordinator requirement
is impractical and unworkable for many

[[Page 30496]]

IACs, and imposes a particularly unnecessary burden upon smaller
companies. As an alternative, NCBFAA recommends permitting an IAC to
contract with a third party to act as its security coordinator or to
rely on a contact person who works with the air carrier.
TSA response: TSA believes that IAC personnel must perform the
functions of the Security Coordinator. It is crucial that the security
coordinator be in a position to identify security problems, raise
issues with corporate leadership, and initiate corrective action when
needed. The security coordinator and alternates must be appointed at
the corporate level, and must serve as the IAC's primary contact for
security-related activities and communications with TSA. Furthermore,
TSA believes that having a single person responsible better assists the
IAC to meet current IAC requirements for oversight of the actions of
agents performing security functions on behalf of the IAC.
Security Directives and Information Circulars for IACs
Comment: Many commenters support Sec. 1548.19, and IBM recommends
making a sanitized Information Circular available to the shipping
public, in particular if there is need for additional screening or
inspections.
TSA response: In principle, TSA agrees that there must be wide-
ranging public access to security information, particularly as needed
for compliance with security requirements and procedures. However,
information that, singly or collectively, might indicate intelligence
sources, methods or procedures, or aviation security procedures, must
be protected. Striking the balance between these principles generally
requires that access to particular pieces of security information be
considered on a case-by-case basis.

III. Section-by-Section Analysis of Changes

PART 1520--PROTECTION OF SENSITIVE SECURITY INFORMATION

Section 1520.5 Sensitive Security Information

TSA provides the conforming amendments to Sec. 1520.5(b)
consistent with our proposals to restrict this information from public
dissemination. TSA now expressly includes as SSI Security Directives
and Information Circulars for IACs.

PART 1540--CIVIL AVIATION SECURITY: GENERAL RULES

Section 1540.5 Terms Used in This Subchapter

TSA is amending the definition of ``Indirect Air Carrier'' to
conform to other changes pursuant to this final rule. With these
changes, freight forwarders who offer cargo to operators of larger all-
cargo aircraft must have a TSA-approved security program. Accordingly,
TSA has modified the definition of ``Indirect Air Carrier'' by removing
the word ``passenger'' from ``uses for all or any part of such
transportation the services of a passenger air carrier'' in order to be
consistent with TSA's goal of extending a security regime to full all-
cargo aircraft operations.
TSA has also provided a definition for ``unescorted access to
cargo.''

Section 1540.111 Carriage of Weapons, Explosives, and Incendiaries by
Individuals

TSA has expanded the applicability of this section to include
persons on all-cargo aircraft. TSA amended paragraph (a)(1) by
qualifying the applicability of this provision to the entire subchapter
(Subchapter C--Civil Aviation Security) rather than to specific
sections. This amendment is consistent with the expansion of security
functions to persons and property onboard all-cargo aircraft under
Sec. 1544.202.

Sections 1540.201 Through 1540.209 Subpart C--Security Threat
Assessments

This subpart sets out the scope and basic requirements of a
Security Threat Assessment (STA), including related fees. The STA
includes a search by TSA of domestic and international databases to
determine the existence of indicators of potential terrorist threats
that meet the standards set in subpart C of part 1540. The section also
provides for review of a TSA determination that an individual should be
denied unescorted access to cargo.
Operators are required to ensure that employees and agents whom
they authorize to have unescorted access to cargo undergo Security
Threat Assessments or other TSA-approved checks under Sec. Sec.
1544.228, 1546.312, and 1548.15. For a further discussion of the scope
for each of these sections, see the section-by-section analysis of
Sec. 1544.228 below.
Under Sec. 1540.203 operators are required to verify the identity
of the employee or agent and submit specified information about that
individual to TSA. TSA has provided a modest amendment to the
information each individual must submit under Sec. 1540.203. This
amendment includes decreases in the information required on previous
residential addresses from seven to five years and adds a requirement
to list the gender of the individual. TSA has determined that these
changes provide sufficient information to conduct a thorough Security
Threat Assessment. After assessing this data to determine whether the
individual poses or is suspected of posing a threat to national
security, to transportation security or of terrorism, under Sec.
1540.205, TSA would notify the regulated party and the individual of
its determination. This determination can take three forms:
1. Determination of No Security Threat. This determination
indicates that TSA has not found that the individual presents a known
or suspected threat to security. Upon receipt of this notification, the
operator may authorize the individual unescorted access to air cargo.
2. Initial Determination of Threat Assessment. TSA issues this
determination if TSA knows or suspects the individual of posing a
security threat. The individual is able to appeal this determination
through adjudication. Individuals are not permitted unescorted access
to air cargo while the appeal is pending. For each proprietor, general
partner, officer, director and owner of the entity as identified in
Sec. 1548.16, issuance of an Initial Determination of Threat
Assessment may delay TSA approval of authority to operate under an
IACSSP.
3. Final Determination of Threat Assessment. If the individual was
determined to present a threat after an initial determination was
issued and the individual has an opportunity to appeal that
determination, this determination informs the operator and the
individual that he or she is barred from having unescorted access to
air cargo. For each proprietor, general partner, officer, director, and
each owner of the entity as identified in Sec. 1548.16, issuance of a
Final Determination of Threat Assessment may prevent TSA approval of
authority to operate under an IACSSP. On a case-by-case basis, TSA may
withhold authorization of an IACSSP until the IAC, or an applicant to
be an IAC, demonstrates to TSA that a proprietor, partner, officer,
director, or owner under Sec. 1548.16 who received a Final
Determination of Threat Assessment is unable to influence business
practices of the IAC.
Section 1540.207 sets out the appeals procedures to provide
appropriate due process to individuals determined to

[[Page 30497]]

pose a security threat under this subsection, including a written
request for materials, within 30 days of receipt of the Initial
Determination of Threat Assessment from TSA. TSA has included a cross
reference to Sec. 1540.207 in Sec. 1540.205(c)(4). Throughout the STA
adjudication process, TSA may consult with other Federal law
enforcement or intelligence agencies in assessing whether an individual
poses a security threat under this subsection.
Section 1540.209 establishes the fee requirements necessary to
recover associated costs for Security Threat Assessments. TSA has
modified the sum of the fee from the NPRM to reflect the most recent
calculations, as described in the regulatory evaluation.
The operator must not permit employees or agents to handle cargo,
until TSA notifies the operator and the individuals of a Determination
of No Security Threat. In cases where TSA issues a Determination of
Threat Assessment, TSA may notify Government agencies for law
enforcement or security purposes, or in the interests of national
security. TSA recognizes that the requirement for security threat
assessments under this final rule may cause affected businesses to
alter their hiring practices. However, TSA believes that the security
benefits of this requirement will be considerable and that TSA will be
able to conduct the initial assessments in an expeditious fashion,
providing timely notice to the regulated party.

PART 1542--AIRPORT SECURITY

Section 1542.1 Applicability of This Part

Part 1542 currently applies to certain airports that serve certain
passenger aircraft operations identified in parts 1544 and 1546. These
airports are required to have security programs. Some airports are not
required to have security programs even though the aircraft operators
served by the airport hold security programs under parts 1544 or 1546.
These aircraft operators include operations of a twelve-five program
under Sec. 1544.101(d) and of a full all-cargo program under Sec.
1544.101(h).
The new Sec. 1542.1(d) expands the applicability of part 1542 to
include each airport that does not have a part 1542 security program
that serves an aircraft operator with a security program under part
1544, or a foreign air carrier under part 1546. This addition makes
clear that TSA may enter an airport to inspect aircraft operators and
foreign air carriers even if they are using an airport that is not
otherwise required to operate under a TSA-approved security program. It
is critical that TSA have access to those aircraft operations to
conduct its inspection functions under Sec. 1542.5(e) to determine
whether they are in compliance with applicable security requirements.

Section 1542.5 Inspection Authority

TSA added Sec. 1542.5(e) to clarify that TSA may enter and be
present at an airport that is not otherwise required to have a TSA-
approved security program under part 1542 in order to inspect a TSA-
regulated aircraft operator or foreign air carrier.

Section 1542.101 General Requirements

TSA deletes ``under this part'' from the sentence ``No person may
operate an airport subject to this part unless it adopts and carries
out a security program'' in Sec. 1542.101(a), and adds ``subject to
Sec. 1542.103'' to further clarify that airports under Sec. 1542.1(d)
are not required to meet other requirements of this part. TSA revises
Sec. 1542.101(b) by deleting ``The airport'' and adding ``Each airport
subject to ``Sec. 1542.103'', and Sec. 1542.101(c) by adding
``subject to Sec. 1542.103'' after ``Each airport operator'' for the
same reason.

Section 1542.205 Security of the Security Identification Display Area
(SIDA)

TSA has clarified the applicability of this section in this final
rule by modifying the language that was proposed in the NPRM for Sec.
1542.205(a)(2) to now include the phrase ``the air operations area'' in
the section, and has deleted the reference to areas used ``to sort
cargo,'' and added new paragraphs (a)(3) and (a)(4). Airports are
required to create new, or expand existing, SIDAs to encompass areas on
airport grounds where cargo is regularly loaded on, or unloaded from,
an aircraft operated under a full program or a full all-cargo program,
or foreign air carriers under a security program as provided in Sec.
1546.101(a), (b), or (e). Additionally, TSA clarified the scope of this
requirement by adding that the SIDA must be extended on an airport to
areas where an aircraft operator, foreign air carrier, or indirect air
carrier accepts cargo. Acceptance in this context means taking physical
control of the cargo from persons such as a shipper, aircraft operator,
foreign air carrier, indirect air carrier, or their respective
employees or agents. In particular, this includes inside buildings such
as cargo facilities, loading and unloading vehicle docks, and other
areas where an aircraft operator, foreign air carrier, or indirect air
carrier sorts, stores, stages, consolidates, processes, screens, or
transfers cargo.
TSA also revised Sec. 1542.205(b)(2), which stated that an
individual must undergo an employment history verification under Sec.
1542.209 before gaining unescorted access to a SIDA. This section
requires individuals to complete a fingerprint-based criminal history
records check pursuant to Sec. 1542.209, rather than an employment
history verification, and is consistent with Sec. 1542.209. Finally,
TSA adds Sec. 1542.205(c) to clarify that an airport operator that is
not required to have a complete program under Sec. 1542.103(a), is not
required to establish a SIDA under Sec. 1542.205.

PART 1544--AIRCRAFT OPERATOR SECURITY: AIR CARRIERS AND COMMERCIAL
OPERATORS

Section 1544.3 Inspection Authority

This section currently refers to TSA inspection authority in secure
areas, AOAs, and SIDAs. TSA amended this section under this final rule
also to reflect authority to inspect other areas operated by an
aircraft operator where it carries out security measures. These areas
may include areas off of the airport, or operated by its agent in
furtherance of the aircraft operator's security responsibilities. The
amended Sec. 1544.3(c) clarifies that TSA may enter and be present
where an aircraft operator carries out security measures without access
media or identification media issued or approved by an airport operator
or aircraft operator, in order to inspect or test compliance, or
perform other such duties as TSA may direct.

Section 1544.101 Adoption and Implementation

Under this final rule, all-cargo aircraft operations conducted in
aircraft with a maximum certificated take-off weight of more than
45,500 kg (100,309.3 lbs.) must meet security requirements for a full
all-cargo program under Sec. 1544.101(h) and (i). TSA refers to these
security measures as the ``full all-cargo security program.''
Operations under a full all-cargo security program are no longer
authorized to operate under the current twelve-five program, as
provided in Sec. 1544.101(d)(1), or under a voluntary domestic
security integration program (DSIP).
TSA revised Sec. 1544.101(e)(1), which lists the elements of the
twelve-five program in all-cargo operations, to include: Sec. 1544.202
(Persons and property onboard the all-cargo aircraft) and Sec.
1544.205(a), (b), (d), and (f) (Acceptance and screening of cargo:

[[Page 30498]]

Preventing or deterring the carriage of any explosive or incendiary,
Screening and inspection of cargo, Refusal to transport, and Acceptance
and screening of cargo outside the United States).
This section also amends the requirements for aircraft under a
twelve-five program from a maximum certificated takeoff weight ``of
12,500 pounds or more'' to ``more than 12,500 pounds'' as authorized
under the Century of Aviation Reauthorization Act.\19\
---------------------------------------------------------------------------

\19\ Vision 100--Century of Aviation Reauthorization Act, Sec.
606 (Pub. L. 108-176, 117 Stat. 2490, 2568, Dec. 12, 2003).
---------------------------------------------------------------------------

Section 1544.202 Persons and Property Onboard the All-Cargo Aircraft

Section 1544.202 requires aircraft operators to apply security
measures to persons who board their aircraft for transportation, and to
the property of those persons. The words ``who are carried aboard the
aircraft'' are added in place of ``board the aircraft'' to provide
clarification of the scope of covered persons. This technical
correction is consistent with the language of FAA requirements
regarding carriage of persons under 14 CFR 121.583. Section 1544.202
provides the means to prevent persons, who may pose a security threat
from boarding, and to prevent or deter the carriage of unauthorized
explosives, incendiaries, and other destructive substances or items.
This section also provides for TSA to incorporate into security
programs screening for unauthorized persons, or substances or items
that could be used to pose a threat to transportation security. These
requirements apply to both the twelve-five program in all-cargo
operations and the new full all-cargo security program.

Section 1544.205 Acceptance and Screening of Cargo

TSA requires aircraft operators operating under a full, full all-
cargo, or twelve-five program to prevent or deter the carriage of, and
screen and inspect cargo for, any unauthorized persons, and any
unauthorized explosives, incendiaries, and other destructive substances
or items. This amendment is necessary to prevent and deter the
introduction of stowaway hijackers, explosive devices, or other threats
into air cargo.
Section 1544.205(c) requires aircraft operators to prevent
unauthorized access by persons other than an aircraft operator employee
or agent, and adds that persons authorized by the airport operator or
host government also may have access. For example, individuals such as
customs inspectors and airport law enforcement officers must have
access to such areas. TSA revised paragraph (c)(1) by adding ``any
unauthorized person, and any unauthorized explosive, incendiary, or
other destructive substance or item'' in place of ``unauthorized
explosive or incendiary'' to be consistent with the requirement
throughout this rulemaking and the identified critical risks.
TSA also strengthened the cargo acceptance requirements applicable
to aircraft operators operating under a full program or a full all-
cargo program. Pursuant to Sec. 1544.205(e), an aircraft operator may
accept cargo for air transportation only from entities that have
comparable security programs. TSA will provide more information on
comparable programs within the standard security programs. These
requirements parallel those currently applied to operations conducted
under a full passenger security program, in which the aircraft operator
may only accept cargo from another aircraft operator or foreign air
carrier with a comparable security program.
TSA also requires each aircraft operator to carry out the
requirements of its security program, for cargo to be loaded on its
aircraft outside the United States under Sec. 1544.205(f). TSA
recognizes that not all the requirements of part 1544 can be carried
out in other countries. Accordingly, we work with the host governments,
under international agreements, to ensure that the security measures in
place provide the appropriate level of security.

Section 1544.217 Law Enforcement Personnel

TSA is providing clarifying amendments to paragraphs (a) and (b),
to add missing cross-references. Currently, operations under twelve-
five programs and under private charter programs must comply with Sec.
1544.217, regarding arranging for law enforcement support at airports
where they operate. See Sec. 1544.101(b), (c), (d), and (e).
Requirements for law enforcement personnel are already a part of the
security programs for the twelve-five and private charter programs.
However, Sec. 1544.217 does not currently refer to those operators.
This clarification adds these cross references, as well as adding a
cross reference to the new full all-cargo program under Sec.
1544.101(h) and (i).

Section 1544.225 Security of Aircraft and Facilities

New Sec. 1544.225 is amended to add paragraph (d), which requires
operators of aircraft operating under a full program or a full all-
cargo security program to prevent unauthorized access to the
operational area of the aircraft while loading or unloading cargo. This
requirement applies to operations conducted both within and outside a
SIDA. TSA recognizes that current paragraph (b) requires all aircraft
operators operating under security programs to prevent unauthorized
access to each aircraft. The revisions to this section broaden this
requirement for aircraft operated under a full or a full all-cargo
security program, clarifying that the aircraft operator must prevent
unauthorized access to the operational area around the aircraft during
cargo loading and unloading operations.

Section 1544.228 Security Threat Assessments for Cargo Personnel in the
United States

In this final rule, TSA has provided revisions to each section
about a regulated entity's responsibilities for STAs. While these
revisions comport with the scope of the NPRM, we have restructured the
sections significantly, in order to be responsive to comments and
provide greater clarity on the scope of personnel who are required to
meet the STA requirements. The revisions clarify that the requirements
apply to employees and agents of aircraft operators operating under a
full program pursuant to Sec. 1544.101(a) or a full all-cargo program
pursuant to Sec. 1544.101(h), who are authorized to perform certain
security duties without an escort. Likewise, these requirements apply
to employees and agents of foreign air carriers under Sec. Sec.
1546.101(a), (b), or (e), and IACs.\20\ Please refer back to the
previous TSA responses regarding security threat assessments under
section II. Comment Disposition, for more information on this topic.
---------------------------------------------------------------------------

\20\ The STA requirements also extend to an officer, director,
and person who holds 25 percent or more of total outstanding voting
stock of an IAC. However, TSA did not receive requests for
clarification to this requirement.
---------------------------------------------------------------------------

This section is also satisfied by completion of a CHRC for
unescorted access to SIDA, or by another STA approved by TSA. For
instance, if the employee or agent has an STA for the issuance of a
hazardous materials endorsement on a commercial driver's license, in
accordance with Sec. 1572.5, TSA would approve that as acceptable for
compliance with Sec. 1544.228.

[[Page 30499]]

Section 1544.229 Fingerprint-Based Criminal History Records Checks
(CHRC): Unescorted Access Authority, Authority To Perform Screening
Functions, and Authority To Perform Checked Baggage or Cargo Functions

In the case of passenger aircraft operated under a full program,
TSA already requires cargo screeners and their immediate supervisors in
the United States to meet the CHRC requirements under Sec.
1544.229(a)(3)(i). This amendments requires that individuals and their
immediate supervisors in the United States who screen cargo to be
transported on an all-cargo aircraft with a full all-cargo program
under Sec. 1544.101(h) submit to a CHRC under Sec. 1544.229.
As stated earlier, TSA already requires airport operators to send
to TSA certain personal information for each individual who has
undergone a CHRC for a current SIDA or sterile area ID in order to
perform an additional background check that is comparable to an STA.
TSA is providing instruction to aircraft operators with a full or full-
all-cargo security program to send to TSA the same type of information
for cargo screeners who do not have current SIDA or sterile area IDs,
and will also perform the additional check on this population. Most of
these cargo screeners already have SIDA IDs and, thus, already are
checked.

Section 1544.239 Known Shipper Program

Section 1544.239 codifies the known shipper program in the Federal
regulations. The ``known shipper'' concept, which differentiates cargo
being shipped by recognized entities from that originating with unknown
parties, has been a fundamental element of air cargo security since
1976. The program has also been recognized as a global standard by the
International Air Transport Association (IATA) and was recognized by
the U.S. Congress as a form of screening in the ATSA.\21\ Passenger
aircraft operators operating under a full program are required to have
a known shipper program, including measures to ensure the shippers'
validity and integrity, to inspect or further screen cargo, and to
provide shipper data to TSA. Aircraft operators must meet these
requirements in accordance with the standards detailed in their
security program. The known shipper program applies to passenger
operations under full programs, and to those operations that elect to
have a comparable security program that allows interlining cargo to
operations under a full program.
---------------------------------------------------------------------------

\21\ 49 U.S.C. 44901(a).
---------------------------------------------------------------------------

PART 1546--FOREIGN AIR CARRIER SECURITY

Section 1546.3 TSA Inspection Authority

TSA is adding paragraph (c) relating to TSA authority to enter and
be present in certain areas in order to inspect or test compliance or
perform other duties. This amendment is parallel to the provisions in
Sec. 1544.3(c). This amendment reflects TSA's authority in the
specified areas.

Section 1546.101 Adoption and Implementation

Cargo operations of foreign air carriers that land or takeoff in
the United States are required to conform to essentially the same
requirements as those applicable to comparable operations by U.S.
aircraft operators. This section broadens the provisions of Sec.
1546.101 to require each foreign air carrier, landing or taking off in
the United States, to adopt and carry out an appropriate security
program for each covered all-cargo operation. This section establishes
the requirements of an appropriate security program for a covered
foreign air carrier conducting all-cargo operations in aircraft having
a maximum certificated take-off weight greater than 45,500 kg
(100,309.3 pounds) (analogous to a U.S. full all-cargo security program
under part 1544), and in aircraft having a maximum certificated take-
off weight greater than 12,500 pounds but not more than 45,500 kg
(100,309.3 pounds) (analogous to a U.S. twelve-five program in all-

cargo operations under part 1544). The requirement that a foreign air
carrier with operations in aircraft that have a maximum certificated
take-off weight greater than 12,500 pounds but not more than 45,500 kg
under Sec. 1546.101(f) will supersede the current All-Cargo
International Security Procedures requirements under Sec. 1550.7. See
69 FR 3939, Jan. 27, 2004.

Section 1546.103 Form, Content, and Availability of Security Program

In this section, TSA makes an administrative change to paragraph
(a), removing the word ``passenger'' and changing ``U.S. air carriers''
to ``U.S. aircraft operators'' to acknowledge that certain all-cargo
operations by a foreign air carrier now must be under a security
program.
In paragraph (b), TSA adds references to paragraphs (e) and (f) to
the introductory text. This change broadens this section's requirements
to encompass cargo operations.

Section 1546.202 Persons and Property Onboard the Aircraft

This section parallels the requirements of those for aircraft
operations in the United States. The words ``are carried aboard the
aircraft'' are added in this final rule in place of ``board the
aircraft,'' which was used in the NPRM, to provide clarification of the
scope of covered persons. This technical correction is consistent with
the language of FAA regulations at 14 CFR 121.583. The rationale for
this addition is described in the Section-by-Section Analysis for Sec.
1544.202.

Section 1546.205 Acceptance and Screening of Cargo

This section clarifies aviation security regulations with respect
to the duty of foreign air carriers for the security of air cargo
loaded in, or destined for, the United States. TSA amends paragraph (a)
and (b), and adds new paragraphs (c), (d), (e), and (f) to Sec.
1546.205. These paragraphs are parallel to those for U.S. aircraft
operators in Sec. 1544.205.
Paragraph (d), ``Screening and inspection of cargo in the United
States,'' provides that each foreign air carrier must ensure that, as
required in its security program, cargo is screened and inspected for
any unauthorized persons, and any unauthorized explosives,
incendiaries, and other destructive substances or items as provided in
the foreign air carrier's security program, in accordance with
Sec. Sec. 1546.207 and 1546.215, if applicable, before loading it on
its aircraft in the United States.
Paragraph (e), ``Acceptance of cargo in the United States,''
provides that each foreign air carrier may accept cargo in the United
States only from the shipper, or from an aircraft operator, foreign air
carrier, or IAC operating under a security program under this chapter,
with a comparable cargo security program as provided in its security
program.
Paragraph (f) provides that, for cargo to be loaded on its aircraft
outside the United States, each foreign air carrier must carry out the
requirements of its security program.

Section 1546.213 Security Threat Assessment for Cargo Personnel in the
United States

In response to comments, TSA has revised this section from the NPRM
to provide greater clarity to the scope of personnel who are required
to meet the STA requirements. The rationale for the changes in this
section are the same as

[[Page 30500]]

stated in the Section-by-Section Analysis for Sec. 1544.228.

Section 1546.215 Known Shipper Program

TSA is codifying the Known Shipper program for foreign air
carriers, parallel to the known shipper program applicable to domestic
air carriers in Sec. 1544.239. The rationale for adding this section
is the same as stated in the Section-by-Section Analysis for Sec.
1544.239.

Section 1546.301 Bomb or Air Piracy Threats

TSA has revised the opening paragraph of this section by deleting
the text ``in passenger operations'' and the off-setting commas around
this text. This amend provides that foreign air carriers in passenger
and all-cargo operations are required to meet parallel security
measures as aircraft operators in the same operations.

PART 1548--INDIRECT AIR CARRIER SECURITY

Section 1548.3 TSA Inspection Authority

TSA added Sec. 1548.3(c) to clarify that TSA may enter and be
present where an IAC carries out security measures in order to inspect
or test compliance, or perform other such duties as TSA may direct.

Section 1548.5 Adoption and Implementation of the Security Program

TSA has revised paragraphs (a), (b), and (c) of Sec. 1548.5
regarding the adoption and implementation of the IACSSP.
Paragraph (a) specifies that no IAC may offer cargo to an aircraft
operator operating under a full program or a full all-cargo program
specified in part 1544, or to a foreign air carrier conducting a
passenger operation under Sec. 1546.101(a) and (b), or an all-cargo
program under Sec. 1546.101(e), unless that IAC has and carries out an
approved security program under part 1548. Where this part referred to
``employees, agents, contractors, and subcontractors'' in the NPRM, it
now reads ``employees and agents.'' This change is not substantive, as
contractors and subcontractors are agents with regard to security
responsibilities. This change should provide a simplified understanding
of persons with security responsibilities.
Paragraph (b) broadens the scope of security measures that may be
required in an individual IAC's security program. Consistent with
amendments made throughout this final rule, TSA is codifying existing
requirements to prevent and deter unauthorized persons from using cargo
to access passenger aircrafts. IACs currently having cargo screening
responsibilities under current Sec. 1548.5(b)(1) and their approved
security programs must ``[p]rovide for the safety of persons and
property traveling in air transportation against acts of criminal
violence and air piracy and the introduction of any unauthorized
explosive or incendiary into cargo aboard a passenger aircraft.'' The
IAC now must ``provide for the security of persons and property
traveling in air transportation against acts of criminal violence and
air piracy and against the introduction of any unauthorized person, and
any unauthorized explosive, incendiary, and other destructive substance
or item as provided in the indirect air carrier's security program.''
This section also broadens the scope of IACs' duties to include
cargo to be carried on an aircraft operated under a full all-cargo
security program, rather than solely in passenger operations. This
change parallels the cargo security requirements in Sec. Sec. 1544.205
and 1546.205.
Under paragraph (b)(1)(i), this requirement applies from the time
the IAC accepts the cargo, to the time it transfers the cargo to an
entity that is not an employee or agent of the IAC. This provision
clarifies the existing IACSSP requirement that the IAC is responsible
for carrying out security measures under this part when its employee or
agent fulfills its function. Paragraph (b)(1)(ii) makes clear that
security program requirements apply while the cargo is stored, en
route, or otherwise being handled by an employee or agent of the IAC.
Paragraph (b)(1)(iii) makes clear that security program requirements
apply regardless of whether or not the IAC ever has physical possession
of the cargo. For example, TSA notes that some IACs conduct their
services only through telephone conversations or communications over
the computer and use agents to transport the cargo physically. In these
circumstances, the person with physical possession on behalf of the IAC
is the IAC's agent. When the agent has possession, the IAC remains
responsible for ensuring that its security program requirements are
met.
Paragraph (b) also requires the IAC to ensure that its employees
and agents carry out the requirements of the IACSSP. Thus, TSA's change
to paragraph (c) ensures that the content of each IACSSP reflects the
scope of security measures established under Sec. 1548.5(b),
references known shipper program requirements that are codified in
Sec. 1548.17, and establishes a new requirement that each IACSSP
include documentation of the procedures and curriculum used to
accomplish the training, under Sec. 1548.11, of persons who accept,
store, transport or deliver cargo on behalf of the IAC.

Section 1548.7 Approval, Amendment, Annual Renewal, and Withdrawal of
Approval of the Security Program

Paragraph (a) reflects that TSA has developed the IACSSP, rather
than having each IAC develop its own security program. Thus, consistent
with current practices, rather than submitting a security program for
TSA approval, an applicant requests approval to operate under the
IACSSP. This paragraph explains how an applicant must seek approval to
operate under the IACSSP, including a record-keeping requirement, and a
list of information that the applicant must submit to TSA for
consideration. Paragraph (a) also outlines the process for approving an
applicant's operation under a security program, that approvals are
effective for one year, and that the approved IAC must notify TSA of
changes to the initial application. TSA uses the information submitted
by IAC applicants to verify their legitimacy through a check of
publicly-available records, and cross checks that information against
data on terrorist databases.
Paragraph (b) presents the processes an IAC must follow annually to
seek renewed TSA approval to operate under the IACSSP. Annual renewal
is a continuation, and codification, of the current practice under the
IACSSP. IACs must submit the renewal request to TSA at least 30
calendar days prior to expiration of the IACSSP, as well as other
standards for the submission.
Paragraphs (c), (d), and (e) primarily parallel changes made
previously to similar requirements for airport operator security
programs and aircraft operator security programs in Sec. Sec. 1542.105
and 1544.105. This section adds a new paragraph (c)(6), allowing a
group of IACs to submit a proposed amendment together. Paragraph (d) is
the same as the current paragraph (c). Paragraph (d) is separated into
three subparagraphs for easier reading. Paragraph (d)(1) substitutes
``aviation security'' for ``safety in air transportation or in air
commerce'' to clarify the breadth of TSA's EA authority. Paragraph
(d)(2) reorganizes existing EA standards to emphasize immediate
effectiveness and that TSA will provide a brief statement regarding the
rationale for the EA. Finally, paragraph (d)(3) provides the IAC with
15 days to file a petition for reconsideration but provides that the

[[Page 30501]]

filing of the petition does not stay the effective date of the
amendment. Paragraph (e) revises the existing Emergency Amendments (EA)
standards of the existing paragraph (d).
TSA codifies procedures for TSA to withdraw an IAC's approval to
operate under the IACSSP with the addition of paragraph (f). The
standard for withdrawal is a TSA determination that the operation is
contrary to security and the public interest. Paragraph (f) provides
procedures for notice, response, and petition for reconsideration. The
affected IAC would be able to request a stay of the withdrawal. TSA
also codifies emergency withdrawal procedures. This codification
creates procedural guidelines to implement withdrawal of a security
program and affords due process to the IAC. The emergency procedures
allow the IAC to submit a petition for reconsideration, but the filing
of a petition will not stay the effective date of withdrawal.
Paragraph (g) adds provisions for the proper service of documents
in the withdrawal proceedings. Procedures for time extensions are found
at paragraph (h).

Section 1548.9 Acceptance of Cargo

Paragraph 1548.9(a) broadens the scope of the IAC's duty to prevent
or deter the carriage of any unauthorized persons and any unauthorized
destructive substances or items on board an aircraft to the existing
requirements that focus on preventing and deterring explosives and
incendiaries. This provision requires IACs to carry out these
procedures whenever offering cargo for air transportation on all-cargo
aircraft under a full all-cargo program, as well as on passenger
aircraft under a full program. This paragraph adds a requirement that
the IAC request the shipper's consent to search or inspect the cargo.
Under the former paragraph 1548.9(b), this duty extended only to
cargo that was intended for shipment aboard a passenger aircraft. By
removing the word ``passenger,'' this paragraph extends to cargo for
shipment aboard certain all-cargo aircraft operations regulated by TSA.
Paragraph 1548.9(b) deletes the requirement that the IAC must search or
inspect cargo. Such inspections are to be done by the aircraft operator
or foreign air carrier only.

Section 1548.11 Training and Knowledge for Individuals with Security-
Related Duties

Certain employees and agents of IACs are subject to security-
related training. These enhanced requirements for training cover
individuals who perform security-related duties to ensure the
appropriate security standards are met.
Paragraph 1548.11(a) specifies that an IAC must not use any
individual to perform any security-related duties to meet the
requirements of its security program unless the individual has received
training as specified in its security program. This requirement covers
employees and agents performing security-related duties for the IAC.
Under Sec. 1548.11(b), additional training requirements are
specified for individuals who accept, handle, transport, or deliver
cargo for or on behalf of the IAC. This training must include, at a
minimum, requirements contained in the applicable provisions of part
1548, applicable Security Directives and Information Circulars, the
approved airport security program applicable to their location, and the
aircraft operator's or IAC's security program to the extent that such
individuals need to know in order to perform their duties.
Paragraph 1548.11(c) requires annual recurrent training of covered
individuals in these elements of knowledge. Pursuant to Sec.
1548.7(a), initial training of the identified individuals performing
duties for the IAC must be completed before an IAC may begin operations
under its approved security program. TSA is providing a training
curriculum to the IAC in this regard.

Section 1548.13 Security Coordinators

TSA requires each IAC to designate and use an Indirect Air Carrier
Security Coordinator (IACSC). The IAC is required to appoint the IACSC
at the corporate level, and the IACSC is the IAC's primary contact for
security-related activities and communications with TSA, as set forth
in the IACSSP. Either the IACSC or an alternate IACSC must be available
on a 24-hour basis. This addition parallels existing security
coordinator positions required of airport operators in Sec. 1542.3 and
aircraft operators in Sec. 1544.215.

Section 1548.15 Security Threat Assessments for Individuals Having
Unescorted Access to Cargo

TSA has provided revisions to this section consistent with the
scope of the NPRM. This section is significantly restructured in order
to be responsive to comments and provide greater clarity to the scope
of personnel who are required to meet the STA requirements. The
rationale for the changes in this section are the same as stated in the
Section-by-Section Analysis for Sec. 1544.228.

Section 1548.16 Security Threat Assessments for Each Proprietor,
General Partner, Officer, Director, and Specified Owner of the Entity

TSA has added this section to provide reference within part 1548 to
the STA requirement at Sec. 1540.209(a). TSA has provided further
clarification to the scope of persons covered under this section such
as to cover partnerships and proprietors. In large part, TSA has
adopted the meaning of ``owner,'' ``same family,'' and ``voting
securities and other voting interests'' as are found at 31 CFR 103.175,
for regulation of foreign banks.

Section 1548.17 Known Shipper Program

Section 1548.17 codifies the Known Shipper program in regulation.
This addition is essentially the same as that for aircraft operators
under proposed Sec. 1544.239.

Section 1548.19 Security Directives and Information Circulars

This section provides a procedure for TSA to issue emergency
security measures to IACs through Security Directives (SD). This
section authorizes TSA to issue Security Directives and Information
Circulars to regulated IACs, and mandates compliance by the IAC with
each Security Directive that it receives. Section 1548.19 also requires
the IAC to acknowledge in writing receipt of the SD within the time
prescribed in the SD, and to specify the method by which the measures
in the SD have been implemented (or will be implemented, if the SD is
not yet effective) within the time prescribed in the SD. In the event
that the IAC is unable to implement the measures in a SD, Sec. 1548.19
authorizes the IAC to submit proposed alternative measures and the
basis for the alternative measures to TSA for approval. The IAC must
submit the proposed alternative measures within the time prescribed in
the SD and, if they are approved by TSA, the IAC must implement them.
Section 1548.19 also provides that each IAC that receives a SD may
comment on the SD by submitting data, views, or arguments in writing to
TSA, and that TSA may amend the SD based on comments received. Section
1548.19 also provides that submission of a comment does not delay the
effective date of the SD.
Section 1548.19 also provides that each IAC that receives a
Security Directive or Information Circular and each person who receives
information from a Security Directive or Information Circular must
restrict the availability of

[[Page 30502]]

the Security Directive or Information Circular, and information
contained in either document, to those persons with a need-to-know. The
IAC must refuse to release the Security Directive or Information
Circular, and information contained in either document, to persons
other than those with a need-to-know without the prior written consent
of TSA.

IV. Fee Authority for Security Threat Assessment

On October 1, 2003, legislation was enacted requiring TSA to
collect reasonable fees to cover the costs of providing credentialing
and background investigations in the transportation field.\22\ Fees
collected under this legislation (Section 520) may be used to pay for
the costs of conducting or obtaining a criminal history records check
(CHRC); reviewing available law enforcement databases, commercial
databases, and records of other governmental and international
agencies; reviewing and adjudicating requests for waivers and appeals
of TSA decisions; and any other costs related to performing a
background records check or providing a credential.
---------------------------------------------------------------------------

\22\ Department of Homeland Security Appropriations Act, 2004,
Sec. 520 (Pub. L. 108-90, Oct. 1, 2003, 117 Stat. 1137).
---------------------------------------------------------------------------

Section 520 mandates that any fee collected shall be available for
expenditure only to pay for the costs incurred in providing services in
connection with performing a background check or providing a
credential. The fee shall remain available until expended. TSA is
establishing this fee in accordance with the criteria set forth in 31
U.S.C. 9701 (General User Fee Statute), which requires fees to be fair
and based on (1) costs to the government, (2) the value of the service
or thing to the recipient, (3) public policy or interest served, and
(4) other relevant facts.

Summary of Security Threat Assessment Requirement

TSA currently requires a variety of individuals working in aviation
to submit to criminal history records checks to reduce the likelihood
that a terrorist would gain employment that would give them access to
the aircraft. Generally, these individuals work on airport grounds and
have unescorted access to secure areas. In the cargo environment, many
other persons have access to cargo before someone who has had such a
check handles it. TSA recognizes that the number of individuals with
unescorted access to cargo is very large and that extending
fingerprint-based records checks to all of these people would likely be
a very time-consuming and costly process that would cause a major
disruption to the domestic and international transportation of goods.
TSA focused the STA program on a review of terrorist databases to
determine whether individuals seeking unescorted access to cargo
present a terrorist threat.
Flexibility will be achieved by ensuring that each of the following
individuals are required to have either an STA or a background check
for unescorted SIDA access authority. The covered individuals include:
(1) Each proprietor, general partner, officer, director, and owner
identified under Sec. 1548.16 of an IAC, or applicant to be an IAC.
(2) Each employee and agent authorized to have unescorted access to
cargo where:
Aircraft operators with a full program and foreign air
carriers under Sec. 1546.101(a) or (b) accept cargo;
Aircraft operators with a full all-cargo program and
foreign air carriers under Sec. 1546.101(e) consolidate or inspect
cargo;
IACs accept cargo for transportation on aircraft operated
by an aircraft operator with a full program or a foreign air carrier
under Sec. 1546.101(a) or (b); or
IACs consolidate or hold cargo for transportation aboard
an aircraft operated by an aircraft operator with a full or full all-
cargo program, or a foreign air carrier under Sec. 1546.101(a), (b),
or (e).

Security Threat Assessment Population

The above-referenced personnel who are authorized to have
unescorted access to cargo on behalf of an IAC, an aircraft operator,
or a foreign air carrier would be required to undergo a name-based STA.
TSA approximates a ``de minimis'' number of persons who own 25 percent
or more of these IACs that are not also officers or directors of the
entity. Accordingly, TSA has not accounted for these individuals
separately. However, those personnel with unescorted SIDA access
already have undergone a criminal history records check. TSA would
accept the criminal history records check in lieu of the proposed STA
for these personnel.

The Indirect Air Carrier Population

TSA estimates that there are approximately 5,000 companies that are
defined as IACs under this rule. TSA further estimates that there are,
on average, approximately 13 employees per IAC, of whom an average of
10 would typically require regular unescorted access to air cargo and
thus would need an STA under this rule. Therefore, the total IAC
population requiring an STA is estimated to be 50,000 (5,000 x 10).
Further discussion of TSA's IAC population estimates can be found in
the full Regulatory Evaluation.

Cargo Personnel Not Subject to Other TSA Security Threat Assessments

TSA estimates that there are approximately 65 aircraft operators
and foreign air carriers operating all-cargo flights that have
employees who are subject to the proposed STA. As discussed in the
Regulatory Evaluation aircraft operators and foreign air carriers have
some employees who are required to submit to the fingerprint-based SIDA
check, while others will only be required to submit to an STA. Because
most of the aircraft operator employees are already covered by the SIDA
background check requirements, TSA believes that only a limited number
of employees would be required to submit to an STA. TSA estimates that
there are, on average, approximately 25 employees for each aircraft
operator and foreign air carrier operating all-cargo flights who would
be required to submit to an STA. Therefore this total population is
estimated to be 1,625 (65 x 25). Further discussion of TSA's estimates
for affected all-cargo employees can be found in the full Regulatory
Evaluation.

Total Initial Population

Given the estimated IAC population of 50,000 and 1,625 additional
employees of relevant aircraft operators and foreign air carriers
operating all-cargo flights, the total population subject to an STA is
51,625. This is the initial population TSA estimates will be required
to submit to an STA during the first year of the program.

Recurring Population

TSA estimates approximately 15 percent of the initial total
population will be required to submit to an STA each year after the
initial assessment. Further discussion of TSA's recurring population
estimate can be found in the full Regulatory Evaluation. This
percentage represents annual new employers or employees with a new
requirement for the STA. Therefore, the recurring population that would
be required to submit to an STA annually is estimated to be 7,744 (15
percent x 51,625).

Five Year Population

Given the first year estimated population of 51,625 and subsequent
annual recurring population of 7,744, TSA estimates the total
population

[[Page 30503]]

receiving an STA over the first 5 years to be 82,601 (51,625 + (4 x
7,744)). TSA employs a five-year population period for calculating the
STA fee to distribute the costs of delivering these services to the
entire population more equitably, as required under this rule.

Program Costs

This section summarizes TSA's estimated costs for establishing the
program, processes, and resources necessary to establish and perform
the STA on the population as required under this rule.

Leveraging Existing Resources

Where possible, TSA will leverage processes, infrastructure and
personnel that are currently utilized for other federal government air
cargo regulatory initiatives and threat assessment services. These
efforts will minimize the need for new government expenditures and keep
fee levels to a minimum. For example, TSA is expanding its existing IAC
database management system, currently used to manage regulatory
relationships with IACs that ship cargo on passenger aircraft, to be
able to collect and process the required applicant information from air
cargo employees and agents that require an STA. Moreover, TSA is
leveraging other existing applicant vetting processes and
infrastructure, which TSA threat assessment programs benefit from
collectively, so as not to create overlapping resource requirements.

Start-Up Costs

The startup costs are not incorporated in fee calculations. TSA has
made this determination because these expenses are largely the result
of extending information systems already built for other regulatory
activities within the air cargo/IAC industry. As such, TSA is not
including these startup costs in the fee.

Five-Year Recurring Costs

The entire population covered under this rule must submit to an STA
within 180 days of rule publication, and thereafter only a small
fraction (15 percent) of applications are expected annually. TSA must
ensure that the fixed costs of the program are not borne solely by the
smaller pool of new applicants in Year 1. Therefore, TSA averages the
estimated total five-year recurring program costs and divides this
value by the estimated five-year STA population to generate its per
applicant fee.
TSA estimates the five-year recurring costs to be $2,322,702. These
costs include $1,837,500 for all required program personnel, $320,000
for all information management and hardware/software costs, and
$165,202 for all vetting process costs. See Figure 1 below for
additional details.

Figure 1.--TSA Security Threat Assessment Program Costs Estimates
----------------------------------------------------------------------------------------------------------------
Five-year
Category and sub-category Description Year 1 Years 2-5 recurring
costs
----------------------------------------------------------------------------------------------------------------
Hardware/Software:
IAC MS Database System Modifications Modification of existing IAC/ $0 $70,000 $280,000
air cargo database to
accommodate new Security
Threat Assessment (STA)
information management
requirements. Annual recurring
system expense estimated to be
10 percent of start-up
modification costs.
Screening Gateway Interface Modification of existing 0 10,000 40,000
Development. interface to conform to
program needs. Annual
recurring system expense
estimated to be 10 percent of
start-up modification costs.
System Security Testing, Set-up and Costs related to system set-up 0 0 0
Hosting. required for application
hosting.
--------------------------------------
Hardware/Software Total......... ............................... 0 80,000 320,000
Support Functions:
Additional Program Personnel........ Two additional federal employee 210,000 210,000 1,050,000
full-time equivalents (FTEs)
will be required to perform
functions associated with the
STA. Total cost to TSA is
estimated at $105,000 per FTE
(fully loaded, including
administrative overhead costs).
Finance/Accounting Personnel........ One half of an FTE (.5) will be 52,500 52,500 262,500
required to perform accounting
and reconciliation functions
and provide financial reports
to program personnel. Total
cost to TSA is estimated at
$105,000 per FTE (fully
loaded, including
administrative overhead costs).
--------------------------------------
Support Functions Total......... ............................... 262,500 262,500 1,312,500
Security Threat Assessment:
Threat Assessment Analysis.......... A security threat analysis is 103,250 15,488 165,202
the process of querying
applicant names against
various terrorism-related
government sources. This cost
is derived by multiplying the
total estimated program
population by the TSA's
estimated cost of $2 per
applicant. Assumes 15 percent
annual employee turnover.

[[Page 30504]]

Threat Assessment Process Personnel. One additional FTE at $105,000 105,000 105,000 525,000
annually will be necessary to
provide support for background
check component. Will also
perform support functions.
Total cost to TSA is estimated
at$105,000 per FTE.
--------------------------------------
Security Threat Assessment Total ............................... 208,250 120,488 690,202
--------------------------------------
Total Costs..................... ............................... 470,750 462,988 2,322,702
----------------------------------------------------------------------------------------------------------------

Cost Adjustments

Pursuant to the Chief Financial Officers Act of 1990, DHS/TSA will
review this fee at least every two years.\23\ Upon review, if it is
found that the fee is either too high (i.e., total fees exceed the
total cost to provide the services) or too low (i.e., total fees do not
cover the total costs to provide the services), TSA may propose changes
to the fees. In addition, as DHS and TSA identify and implement
additional efficiencies across numerous threat assessment and
credentialing programs, resulting cost savings will be incorporated
into the fee levels accordingly.
---------------------------------------------------------------------------

\23\ 31 U.S.C. 902.
---------------------------------------------------------------------------

Fee Calculation

TSA is charging a fee to cover the recurring costs of the program.
TSA estimates that total recurring program costs for the first 5 years
(not including start-up costs) will be approximately $2,322,702
(($470,750 + (462,988 x 4)). These total costs, divided by the
estimated five-year total of 82,601 applicants, yields a per applicant
fee of $28 ($2,322,702/82,601), rounded down from $28.12.

Fee Remittance Process

TSA will employ a third party to establish the infrastructure for
collecting the required financial data and fees for forwarding to TSA.
This process will function in a similar manner to that of other TSA
threat assessment programs and may include the services of Pay.gov,
https://www.pay.gov/paygov/, the government-wide solution for Internet-

based online payment services.

V. Rulemaking Analyses and Notices

V.A. Regulatory Evaluation Summary

Changes to Federal regulations must undergo several economic
analyses. First, Executive Order 12866 directs each Federal agency to
propose or adopt a regulation only if the agency makes a reasoned
determination that the benefits of the intended regulation justify its
costs. Second, the Regulatory Flexibility Act of 1980 requires agencies
to analyze the economic impact of regulatory changes on small entities.
Third, the Trade Agreements Act (19 U.S.C. 2531-2533) prohibits
agencies from setting standards that create unnecessary obstacles to
the foreign commerce of the United States. In developing U.S.
standards, this Trade Act requires agencies to consider international
standards and where appropriate, as the basis of U.S. standards.
Fourth, the Unfunded Mandates Reform Act of 1995 (Pub. L. 104-4)
requires agencies to prepare a written assessment of the costs,
benefits and other effects of proposed or final rules that include a
Federal mandate likely to result in the expenditure by State, local or
tribal governments, in the aggregate, or by the private sector, of $100
million or more annually (adjusted for inflation).
In conducting these analyses, TSA has determined this rule--
(1) Is a ``significant regulatory action'' as defined in Executive
Order 12866;
(2) Will not have a significant impact on a substantial number of
small entities;
(3) Imposes no significant barriers to international trade; and
(4) Does not impose an unfunded mandate on State, local, or tribal
governments, but does on the private sector.
Because TSA has determined that this rule is a significant
regulatory action under Executive Order 12866, this rule has been
reviewed and approved by the Office of Management and Budget (OMB).
Economic Impacts
This summary highlights the costs and benefits of the final rule to
amend the transportation security regulations to further enhance and
improve the security of air cargo transportation. TSA has determined
that this is a major rule within the definition of Executive Order
12866, as annual costs or benefits to all parties do pass the $100
million threshold in any year. There are no significant economic
impacts for each of the required analyses of small business impact,
international trade, or unfunded mandates.
Details of the proposed rule and the associated analysis were
provided to the public for comment. This final regulatory analysis
covers changes to the previous analysis in response both to public
comments and changes TSA has made with the final rule. The complete
analysis and the associated references are not repeated here. The
required OMB Circular A-4 accounting statement is presented in the full
regulatory evaluation, which is available in the docket as ``Final
Regulatory Evaluation, Regulatory Flexibility Determination, Trade
Impact Assessment, and Unfunded Mandate Assessment.''
Costs
The following sections summarize the estimated costs of this
rulemaking by general category of who pays. A detailed summary table in
the full regulatory evaluation provides an overview of the cost items,
section of the regulation that creates the requirement, and a
description of cost elements. Both in this summary and the economic
evaluation, descriptive language is used to try and relate the
consequences of the regulation. Although the regulatory evaluation
attempts to mirror the terms and wording of the regulation, no attempt
is made to precisely replicate the regulatory language and readers are
cautioned that the actual regulatory text, not the text of the
evaluation, is binding. Throughout the evaluation rounding in displayed
values may result in minor differences in displayed totals.
Aircraft Operators will incur additional costs to comply with
requirements of this rulemaking over

[[Page 30505]]

the 10-year period of 2005-2014. Cargo aircraft operators are estimated
to incur costs totaling approximately $1.9 billion to comply with the
requirements to require background checks for individuals who screen
cargo for all-cargo aircraft, their supervisors, as well as for
employees with unescorted access to the cargo. The rulemaking requires
all-cargo aircraft operators to screen all persons entering the
aircraft. This requirement is estimated to impose costs of
approximately $35.2 million over the ten-year period of this analysis.
They also are required to take additional measures to secure the
aircraft and facilities at an estimated cost of $0.8 million. All-cargo
aircraft operators with a maximum certificated take-off weight greater
than 45,500 kg (100,309.3 lbs) need to ensure they have coordinated law
enforcement notification and response capability to comply with the
requirements to extend or create new secure areas to encompass air
cargo operations. This requirement is not an expansion of law
enforcement staffing. As a result, costs previously attributed to the
LEO function have been removed. Finally, the codifying of existing
Security Directive requirements and costs for random screening of air
cargo on passenger aircraft and all-cargo flights are estimated to cost
of $1.491 billion, and $328 million, respectively. Much of this
increase is related to increased screening levels as mandated by
Congress.
Airport Operators that have one or more SIDAs are required to
extend or create a new SIDA to encompass air cargo operations. This
change applies only to aircraft operations conducted with aircraft
having a maximum certificated take-off weight greater than 45,500 kg
(100,309.3 lbs) operating a full program or a full all-cargo security
program. TSA estimates the cost of this requirement to be $10.9 million
over the ten-year period of this analysis. This cost reflects the cost
of additional employee badges, additional airports, and the
administrative costs of updating the airports' security plans.
Indirect Air Carriers are impacted in several ways by this
rulemaking. They are now required to complete security threat
assessments for certain individuals. This requirement is estimated to
impose costs totaling $4.6 million over ten years. IACs are also
required to implement training and develop a testing tool for
individuals who perform security related duties to meet the
requirements of their security programs. These costs are estimated at
$35.2 million over the ten-year period 2005-2014. They include the cost
of initial training for the entire IAC labor force and annual recurrent
training for the IAC labor force. This rulemaking establishes new
requirements for IACs to obtain approval, to amend, and for annual
recertification of their security programs. The costs estimated to
comply with these requirements are $43.9 million over the period of
this analysis.
Foreign Air Carriers costs inside the United States are considered
domestic costs for the purpose of this analysis and, therefore, are not
estimated separately from domestic carrier costs; a separate discussion
for these costs is not included. This costing method reflects the way
the Department of Transportation reports data on foreign aircraft
operations in the U.S. and the way it reports the cost impact of such
aircraft operations on the U.S. economy. Security requirements of this
rulemaking apply equally to foreign air carriers just as they apply to
domestic carriers. For their overseas operations, individual foreign
carriers are expected to experience financial impacts at levels similar
to those experienced by domestic carriers and are not estimated here.
TSA will incur costs as a result of the rule. Development of
training for IAC employees will cost the agency approximately $450K.
TSA also will incur costs of approximately $24.5 million to administer
the Known Shipper program. The cost to TSA for the vetting of IACs is
estimated at $2.6 million. TSA will also be modifying its current IAC
compliance management system to accommodate the Security Threat
Assessments in this rule. The costs of utilizing this system and some
STA support costs are captured in the unit costs used to develop the
fee costs for the aircraft operators and indirect air carriers.
In summary, the cost impacts of this rulemaking are estimated to
total approximately $2.0 billion undiscounted (discounted: $1.5 billion
at 7 percent, $1.8 billion at 3 percent), over the period 2005-2014.
Aircraft operators will incur costs totaling $1.9 billion, airport
operators $10.9 million, IACs $83.6 million and TSA anticipates cost
expenditures to administer the provisions of the rulemaking at $27.6
million over the ten year analysis period. Details on how estimates
were developed, as well as the discounted value comparisons, were
presented in the original evaluation. A separate Final Regulatory
Evaluation is available on the docket and details the changes from the
Initial Regulatory Evaluation. The full evaluation also includes
detailed tables showing constant dollars; discounted costs at 7 percent
and 3 percent; and a table of changes from the NPRM.
Final Regulatory Flexibility Analysis (FRFA)
The Regulatory Flexibility Act of 1980 (RFA) establishes ``as a
principle of regulatory issuance that agencies shall endeavor,
consistent with the objective of the rule and of applicable statutes,
to fit regulatory and informational requirements to the scale of the
business, organizations, and governmental jurisdictions subject to
regulation.'' To achieve that principle, the RFA requires agencies to
solicit and consider flexible regulatory proposals and to explain the
rationale for their actions. The RFA covers a wide range of small
entities, including small businesses, not-for-profit organizations, and
small governmental jurisdictions.
Agencies must perform a review to determine whether a proposed or
final rule will have a significant economic impact on a substantial
number of small entities. If the determination is that it will, the
agency must prepare a regulatory flexibility analysis as described in
the Act.
However, if an agency determines that a proposed or final rule is
not expected to have a significant economic impact on a substantial
number of small entities, section 605(b) of the 1980 RFA provides that
the head of the agency may so certify and a regulatory flexibility
analysis is not required. The certification must include a statement
providing the factual basis for this determination, and the reasoning
should be clear.
TSA conducted the required initial review of this rule and
indicated that TSA believed it would not have a significant economic
impact on a substantial number of small entities. There are two primary
sources of change related to the RFA analysis. Although IAC costs in
total went up, the population of both workers and businesses both went
up. The cost impact per employee and business unit were calculated and
summed to get a total business cost per business. TSA examined the
smallest businesses' revenue and compared the cost as a percent of the
revenue. This calculation in the Initial Regulatory Flexibility
Analysis rounded to 0.0 percent. When recomputed in the Final
Regulatory Flexibility Analysis (FRFA) the same computation still
rounds to 0.0 percent. Therefore, TSA finds that there is not a
significant impact on a substantial number of small businesses. More
detail on the FRFA can be found in the separate Final Regulatory
Evaluation, available on the docket.

[[Page 30506]]

V.B. Paperwork Reduction Act

TSA did not receive comments that provided substantive information
for consideration regarding the Paperwork Reduction Act. Under the
Paperwork Reduction Act of 1995 (PRA) (44 U.S.C. 3501, et seq.), a
Federal agency must obtain approval from OMB for each collection of
information it conducts, sponsors, or requires through regulations.
This proposal contains information collection activities subject to the
PRA. Accordingly, the following information requirements are being
submitted to OMB for its review.
Title: Air Cargo Security Requirements.
Summary: TSA is amending the transportation security regulations to
further enhance and improve the security of air cargo transportation.
Specifically, TSA is creating a mandatory security program for all-
cargo aircraft operations over 45,500 kg (100,309.3 lbs.) and is
amending existing security regulations and programs for aircraft
operators, foreign air carriers, airport operators, and IACs. TSA is
expanding STA requirements to new populations, including certain
individuals who have unescorted access to air cargo, each proprietor,
general partner, officer, and director, and certain owners of an IAC or
applicant to be an IAC.
Use of: Security programs that are developed or amended as a result

of this final rule will be kept on file and updated so that TSA
inspectors may check for regulatory compliance and uniform application
of the rules. Evidence of appropriate employee training in security
matters will also become a part of this record. STAs conducted as a
result of this final rule will be used to determine employment
suitability for those who have unescorted access to cargo and each
proprietor, general partner, officer, and director, and certain owners
of an IAC or applicant to be an IAC. Similarly, employees and agents of
aircraft operators must successfully complete a CHRC prior to screening
cargo.
Respondents (including number of): The respondents to this
information requirement are aircraft operators, foreign air carriers,
IACs, and their employees who undergo STAs for a total of approximately
51,625 respondents the first year and approximately 7,744 respondents
each following year, for an average of 22,371 respondents for each of
the three years. Respondents also include carriers and their employees
who undergo CHRCs, for a total of approximately 50,000 respondents the
first year and approximately 7,651 each following year, for an average
of 21,742 respondents for each of the three years. The combined average
number of respondents for STAs and CHRCs is approximately 49,395 for
each of the three years. The annual number of respondents includes both
new entrants and renewals. The number consists of 65 all-cargo
operators, 5,000 IACs, and their affected employees. TSA made these
estimates after reviewing public comments.
Frequency: Upon implementation, security programs related to this
final rule, including employee training records, will need to be kept
on file and updated as necessary. STAs will be conducted for all
existing and subsequent new employees who have unescorted access to
cargo where such employees do not already have unescorted SIDA access.
CHRCs will be conducted on individuals who are employees of aircraft
operators and who have the responsibility to screen cargo.
Annual Burden Estimate: The annual burden associated with the
security program is estimated to be 43,143 hours. The annual burden
associated with the STA is estimated to average 5,593 hours over the
three years, while the annual burden associated with the CHRCs is
estimated to average 10,871 hours over the three years for a combined
average annual total of 59,607 hours.
The agency invited comments to--
(1) Evaluate whether the proposed information requirement is
necessary for the proper performance of the functions of the agency,
including whether the information will have practical utility;
(2) Evaluate the accuracy of the agency's estimate of the burden;
(3) Enhance the quality, utility, and clarity of the information to
be collected; and
(4) Minimize the burden of the collection of information on those
who are to respond, including through the use of appropriate automated,
electronic, mechanical, or other technological collection techniques or
other forms of information technology.
As protection provided by the Paperwork Reduction Act, as amended,
an agency may not conduct or sponsor, and a person is not required to
respond to, a collection of information unless it displays a currently
valid OMB control number. The OMB control number for this information
collection will be published in the Federal Register after OMB approves
it.

V.C. International Compatibility

In keeping with United States obligations under the Convention on
International Civil Aviation, it is TSA policy to comply with
International Civil Aviation Organization (ICAO) Standards and
Recommended Practices to the maximum extent practicable. TSA has
determined that these regulations are consistent with ICAO Standards
and Recommended Practices.

V.D. International Trade Impact Assessment

The Trade Agreement Act of 1979 prohibits Federal agencies from
establishing any standards or engaging in related activities that
create unnecessary obstacles to the foreign commerce of the United
States. Legitimate domestic objectives, such as safety, are not
considered unnecessary obstacles. The statute also requires
consideration of international standards and, where appropriate, that
they be the basis for U.S. standards. TSA has assessed the potential
effect of this final rule and has determined that carrier operations at
overseas locations must provide an equivalent level of security. At
most the impact of this rule creates an even competitive cost
structure.

V.E. Unfunded Mandates Reform Act Analysis

The Unfunded Mandates Reform Act of 1995 (the Act) is intended,
among other things, to curb the practice of imposing unfunded Federal
mandates on State, local, and tribal governments. Title II of the Act
requires each Federal agency to prepare a written statement assessing
the effects of any Federal mandate in a proposed or final agency rule
that may result in an expenditure of $100 million or more (adjusted
annually for inflation) in any one year by State, local, and tribal
governments, in the aggregate, or by the private sector, such a mandate
is deemed to be a ``significant regulatory action.''
This final rule does not contain such a mandate on State, local,
and tribal governments. The overall impact on the economy does exceed
the threshold in the aggregate. The full regulatory evaluation
documents costs, public comments, alternatives, and TSA accommodation
of the public comments.

V.F. Executive Order 13132, Federalism

TSA has analyzed this final rule under the principles and criteria
of Executive Order 13132, Federalism. We determined that this action
would not have a substantial direct effect on the States, on the
relationship between the national Government and the States, or on the
distribution of power and responsibilities among the various levels of
government, and therefore would not have federalism implications.

[[Page 30507]]

V.G. Environmental Analysis

TSA has reviewed this action for purposes of the National
Environmental Policy Act of 1969 (NEPA) (42 U.S.C. 4321-4347) and has
determined that this action will not have a significant effect on the
human environment. In accordance with FAA Order 1050.1D, appendix 4,
paragraph 4(j), this rulemaking action qualifies for a categorical
exclusion. The FAA order continues to apply to TSA in accordance with
the Homeland Security Act (Pub. L. 107-296), until DHS publishes its
NEPA implementing regulations.

V.H. Energy Impact

The energy impact of this document has been assessed in accordance
with the Energy Policy and Conservation Act (EPCA), Pub. L. 94-163, as
amended (42 U.S.C. 6362). We have determined that this rulemaking is
not a major regulatory action under the provisions of the EPCA.

VI. List of Subjects

49 CFR Part 1520

Air transportation, Law enforcement officers, Reporting and
recordkeeping requirements, Security measures.

49 CFR Part 1540

Air carriers, Aircraft, Airports, Civil aviation security, Law
enforcement officers, Reporting and recordkeeping requirements,
Security measures.

49 CFR Part 1542

Air carriers, Aircraft, Airport security, Aviation safety, Security
measures.

49 CFR Part 1544

Air carriers, Aircraft, Aviation safety, Freight forwarders,
Incorporation by reference, Reporting and recordkeeping requirements,
Security measures.

49 CFR Part 1546

Aircraft, Aviation safety, Foreign air carriers, Incorporation by
reference, Reporting and recordkeeping requirements, Security measures.

49 CFR Part 1548

Air transportation, Reporting and recordkeeping requirements,
Security measures.

VII. The Amendment

0
For the reasons set forth above, the Transportation Security
Administration amends title 49 of the Code of Federal Regulations parts
1520, 1540, 1542, 1544, 1546, and 1548 to read as follows:

PART 1520--PROTECTION OF SENSITIVE SECURITY INFORMATION

0
1. The authority citation for part 1520 continues to read as follows:

Authority: 49 U.S.C. 114, 5103, 40119, 44901-44907, 44913-44914,
44916-44918, 44935-44936, 44942, 46105.

0
2. Amend Sec. 1520.5 by revising paragraphs (b)(2)(i), (b)(3)(i), and
(b)(4)(i) to read as follows:

Sec. 1520.5 Sensitive security information.

* * * * *
(b) * * *
(2) * * *
(i) Issued by TSA under 49 CFR 1542.303, 1544.305, 1548.19, or
other authority;
* * * * *
(3) * * *
(i) Information circular issued by TSA under 49 CFR 1542.303,
1544.305, 1548.19, or other authority; and
* * * * *
(4) * * *
(i) Any device used by the Federal Government or any other person
pursuant to any aviation or maritime transportation security
requirements of Federal law for the detection of any person, and any
weapon, explosive, incendiary, or destructive device, item, or
substance; and
* * * * *

SUBCHAPTER C--CIVIL AVIATION SECURITY

PART 1540--CIVIL AVIATION SECURITY: GENERAL RULES

0
3. The authority citation for part 1540 continues to read as follows:

Authority: 49 U.S.C. 114, 5103, 40113, 44901-44907, 44913-44914,
44916-44918, 44935-44936, 44942, 46105.

0
4. Amend Sec. 1540.5 by revising the definition of ``indirect air
carrier'' and adding a new definition of ``unescorted access to cargo''
in alphabetical order to read as follows:

Sec. 1540.5 Terms used in this subchapter.

* * * * *
Indirect air carrier (IAC) means any person or entity within the
United States not in possession of an FAA air carrier operating
certificate, that undertakes to engage indirectly in air transportation
of property, and uses for all or any part of such transportation the
services of an air carrier. This does not include the United States
Postal Service (USPS) or its representative while acting on the behalf
of the USPS.
* * * * *
Unescorted access to cargo means the authority granted by an
aircraft operator or IAC to individuals to have access to air cargo
without an escort.

0
5. Amend Sec. 1540.111 by revising paragraph (a)(1) to read as
follows:

Sec. 1540.111 Carriage of weapons, explosives, and incendiaries by
individuals.

(a) * * *
(1) When performance has begun of the inspection of the
individual's person or accessible property before entering a sterile
area, or before boarding an aircraft for which screening is conducted
under this subchapter;
* * * * *

0
6. Add new Subpart C--Security Threat Assessments to read as follows:
Subpart C--Security Threat Assessments
Sec.
1540.201 Applicability and terms used in this subpart.
1540.203 Operator responsibilities.
1540.205 Notification.
1540.207 Appeal procedures.
1540.209 Security threat assessment fee.

Subpart C--Security Threat Assessments

Sec. 1540.201 Applicability and terms used in this subpart.

(a) This subpart includes the procedures that certain aircraft
operators, foreign air carriers, and indirect air carriers must use to
have security threat assessments done on certain individuals pursuant
to 49 CFR 1544.228, 1546.213, 1548.7, 1548.15, and 1548.16. This
subpart applies to--
(1) Each aircraft operator operating under a full program or full
all-cargo program described in 49 CFR 1544.101(a) or (h);
(2) Each foreign air carrier operating under a program described in
49 CFR 1546.101(a), (b), or (e);
(3) Each indirect air carrier operating under a security program
described in 49 CFR 1548; and
(4) Each individual with, or applying for, unescorted access to
cargo under one of the programs described in (a)(1) through (a)(3) of
this section.
(5) Each proprietor, general partner, officer, director, or owner
of an indirect air carrier as described in 49 CFR 1548.16.
(b) For purposes of this subpart--
Individuals means the individuals listed in paragraphs (a)(4) and
(a)(5) of this section.
Operator means an aircraft operator, foreign air carrier, and
indirect air carrier listed in paragraphs (a)(1) through (a)(3) of this
section.
(c) An individual poses a security threat under this subpart when
TSA determines that he or she is known to pose or suspected of posing a
threat--

[[Page 30508]]

(1) To national security;
(2) To transportation security; or
(3) Of terrorism.
(d) For purposes of this subpart:
(1) Date of service means--
(i) The date of personal delivery in the case of personal service;
(ii) The mailing date shown on the certificate of service;
(iii) The date shown on the postmark if there is no certificate of
service;
(iv) Another mailing date shown by other evidence if there is no
certificate of service or postmark; or
(v) The date in an e-mail showing when it was sent.
(2) Day means calendar day.

Sec. 1540.203 Operator responsibilities.

(a) Each operator subject to this subpart must ensure that each
individual described in Sec. 1540.201(a)(4) and (a)(5) completes the
Security Threat Assessment described in this section.
(b) Each operator must:
(1) Authenticate the identity of the individual by--
(i) Reviewing two forms of identification, one of which must be a
government-issued picture identification; or
(ii) Other means approved by TSA.
(2) Submit to TSA a Security Threat Assessment application for each
individual that is signed by the individual and that includes:
(i) Legal name, including first, middle, and last; any applicable
suffix; and any other names used previously.
(ii) Current mailing address, including residential address if it
differs from the current mailing address, and all other residential
addresses for the previous five years, and e-mail address, if the
individual has an e-mail address.
(iii) Date and place of birth.
(iv) Social security number, (submission is voluntary, although
recommended).
(v) Gender.
(vi) Country of citizenship, and if naturalized in the United
States, date of naturalization and certificate number.
(vii) Alien registration number, if applicable.
(viii) The following statement reading:

Privacy Act Notice: Authority: The authority for collecting this
information is 49 U.S.C. 114, 40113, and 49 U.S.C. 5103a. Purpose:
This information is needed to verify your identity and to conduct a
Security Threat Assessment to evaluate your suitability for
completing the functions required by this position. Failure to
furnish your SSN may result in delays in processing your
application, but will not prevent completion of your Security Threat
Assessment. Furnishing the other information is also voluntary;
however, failure to provide it may delay or prevent the completion
of your Security Threat Assessment, without which you may not be
granted authorization to have unescorted access to air cargo subject
to TSA security requirements. Routine Uses: Routine uses of this
information include disclosure to TSA contractors or other agents
who are providing services relating to the Security Threat
Assessments; to appropriate governmental agencies for law
enforcement or security purposes, or in the interests of national
security; and to foreign and international governmental authorities
in accordance with law and international agreement. For further
information, please consult DHS/TSA 002 Transportation Security
Threat Assessment System.
The information I have provided on this application is true,
complete, and correct to the best of my knowledge and belief and is
provided in good faith. I understand that a knowing and willful
false statement, or an omission of a material fact, on this
application can be punished by fine or imprisonment or both (see
section 1001 of Title 18 United States Code), and may be grounds for
denial of authorization or in the case of parties regulated under
this section, removal of authorization to operate under this
chapter, if applicable.

(3) Retain the individual's signed Security Threat Assessment
application and any communications with TSA regarding the individual's
application, for 180 days following the end of the individual's service
to the operator.
(c) Records under this section may include electronic documents
with electronic signature or other means of personal authentication,
where accepted by TSA.

Sec. 1540.205 Notification.

(a) TSA review. In conducting the Security Threat Assessment, TSA
reviews--
(1) The information required in Sec. 1540.203(b) and transmitted
to TSA; and
(2) Domestic and international databases relevant to determining
whether an individual poses a security threat or that confirm an
individual's identity.
(b) Determination of No Security Threat. TSA serves a Determination
of No Security Threat on the individual and the operator, if TSA
determines that an individual does not pose a security threat.
(c) Initial Determination of Threat Assessment. TSA serves an
Initial Determination of Threat Assessment on the individual and the
operator, if TSA determines that the individual poses a security
threat. The Initial Determination of Threat Assessment includes--
(1) A statement that TSA has determined that the individual poses a
security threat;
(2) The basis for the determination;
(3) Information about how the individual may appeal the
determination; and
(4) A statement that if the individual chooses not to appeal TSA's
determination within 30 days of receipt of the Initial Determination of
Threat Assessment in accordance with Sec. 1540.207, or does not
request an extension of time within 30 days of the Initial
Determination of Threat Assessment in order to file an appeal, the
Initial Determination of Threat Assessment becomes a Final
Determination of Threat Assessment.
(d) Final Determination of Threat Assessment. If TSA determines
that an individual poses a security threat, TSA serves a Final
Determination of Threat Assessment on the operator and the individual
who appealed the Initial Determination of Threat Assessment.
(e) Withdrawal by TSA. TSA serves a Withdrawal of the Initial
Determination of Threat Assessment on the individual and a
Determination of No Security Threat on the operator, if the appeal
results in a determination that the individual does not pose a security
threat.

Sec. 1540.207 Appeal procedures.

(a) Scope. This section applies to individuals who wish to appeal
an Initial Determination of Threat Assessment.
(b) Grounds for Appeal. An individual may appeal an Initial
Determination of Threat Assessment if the individual is asserting that
he or she does not pose a security threat.
(c) Appeal. An individual initiates an appeal by submitting a
written reply or written request for materials from TSA or by
requesting more time in accordance with Sec. 1540.205(c)(4). If the
individual fails to initiate an appeal within 30 days of receipt, the
Initial Determination of Threat Assessment becomes final, and TSA
serves a Final Determination of Threat Assessment on the operator and
the individual.
(1) Request for materials. An individual receiving an Initial
Determination of Threat Assessment may serve upon TSA a written request
for copies of the materials upon which the Initial Determination of
Threat Assessment was based.
(2) TSA response. Within 30 days of receiving the individual's
request for materials, TSA serves copies upon the individual of the
releasable materials upon which the Initial Determination of Threat
Assessment was based. TSA will exclude any classified information or
other protected information described in paragraph (f) of this section.

[[Page 30509]]

(3) Correction of records. If the Initial Determination of Threat
Assessment was based on a record that the individual believes is
erroneous, he or she may correct the record, as follows:
(i) The individual may contact the jurisdiction or entity
responsible for the information and attempt to correct or complete
information contained in his or her record.
(ii) The individual must then provide TSA with the revised record,
or a certified true copy of the information from the appropriate
entity, before TSA may determine that the individual meets the
standards for the Security Threat Assessment.
(4) Reply. (i) The individual may serve upon TSA a written reply to
the Initial Determination of Threat Assessment within 30 days of
service of the Initial Determination of Threat Assessment, or 30 days
after the date of service of TSA's response to the individual's request
for materials under paragraph (c)(1) of this section, if the individual
served such a request.
(ii) In an individual's reply, TSA will consider only material that
is relevant to verifying identification or determining that the
individual does not pose a security threat.
(5) Final determination. Within 30 days after TSA receives the
individual's reply, TSA serves a Final Determination of Threat
Assessment or a Withdrawal of the Initial Determination of Threat
Assessment.
(d) Final Determination of Threat Assessment. (1) If TSA determines
that the individual poses a security threat, TSA serves a Final
Determination of Threat Assessment upon the individual and the
operator. The Final Determination of Threat Assessment includes--
(2) A statement that TSA has reviewed the Initial Determination of
Threat Assessment, the individual's reply, if any, and any other
materials or information available to him or her and has determined
that the individual poses a security threat.
(e) Withdrawal of Initial Determination of Threat Assessment. If
TSA concludes that the individual does not pose a security threat, TSA
serves a Withdrawal of the Initial Determination of Threat Assessment
on the individual and the operator.
(f) Nondisclosure of certain information. In connection with the
procedures under this section, TSA does not disclose to the individual
or counsel classified information, as defined in sec. 1.1(d) of
Executive Order 12968, and reserves the right not to disclose any other
information or material not warranting disclosure or protected from
disclosure under law.
(g) Extension of time. TSA may grant an individual an extension of
time of the limits set forth in this section for good cause shown. An
individual's request for an extension of time must be in writing and be
received by TSA at least 2 days before the due date to be extended. TSA
may grant itself an extension of time for good cause.
(h) Judicial review. The Final Determination of Threat Assessment
constitutes a final TSA order subject to judicial review in accordance
with 49 U.S.C. 46110.

Sec. 1540.209 Security threat assessment fee.

(a) Imposition of fees. The fee of $28 is required for TSA to
conduct a security threat assessment for an individual.
(b) Remittance of fees. (1) The fee required under this subpart
must be remitted to TSA, in a form and manner acceptable to TSA, each
time the individual or an aircraft operator, foreign air carrier, or
indirect air carrier submits the information required under Sec.
1540.203 to TSA.
(2) Fees remitted to TSA under this subpart must be payable to the
``Transportation Security Administration''' in U.S. currency and drawn
on a U.S. bank.
(3) TSA will not issue any fee refunds, unless a fee was paid in
error.

PART 1542--AIRPORT SECURITY

0
7. The authority citation for part 1542 continues to read as follows:

Authority: 49 U.S.C. 114, 5103, 40113, 44901-44905, 44907,
44913-44914, 44916-44917, 44935-44936, 44942, 46105.

0
8. Amend Sec. 1542.1 by adding new paragraph (d) to read as follows:

Sec. 1542.1 Applicability of this part.

* * * * *
(d) Each airport operator that does not have a security program
under this part that serves an aircraft operator operating under a
security program under part 1544 of this chapter, or a foreign air
carrier operating under a security program under part 1546 of this
chapter. Such airport operators must comply with Sec. 1542.5(e).

0
9. Amend Sec. 1542.5 by adding paragraph (e) to read as follows:

Sec. 1542.5 Inspection authority.

* * * * *
(e) TSA may enter and be present at an airport that does not have a
security program under this part, without access media or
identification media issued or approved by an airport operator or
aircraft operator, to inspect an aircraft operator operating under a
security program under part 1544 of this chapter, or a foreign air
carrier operating under a security program under part 1546 of this
chapter.

0
10. Amend Sec. 1542.101 by revising paragraphs (a) introductory text,
(b), and (c) introductory text to read as follows:

Sec. 1542.101 General requirements.

(a) No person may operate an airport subject to Sec. 1542.103
unless it adopts and carries out a security program that--
* * * * *
(b) Each airport operator subject to Sec. 1542.103 must maintain
one current and complete copy of its security program and provide a
copy to TSA upon request.
(c) Each airport operator subject to Sec. 1542.103 must--
* * * * *

0
11. Amend Sec. 1542.205 by revising paragraphs (a) and (b)(2), and
adding new paragraph (c) to read as follows:

Sec. 1542.205 Security of the security identification display area
(SIDA).

(a) Each airport operator required to have a complete program under
Sec. 1542.103(a) must establish at least one SIDA, as follows:
(1) Each secured area must be a SIDA.
(2) Each part of the air operations area that is regularly used to
load cargo on, or unload cargo from, an aircraft that is operated under
a full program or a full all-cargo program as provided in Sec.
1544.101(a) or (h) of this chapter, or a foreign air carrier under a
security program as provided in Sec. 1546.101(a), (b), or (e), must be
a SIDA.
(3) Each area on an airport where cargo is present after an
aircraft operator operating under a full program or a full all-cargo
program under Sec. 1544.101(a) or (h) of this chapter, or a foreign
air carrier operating under a security program under Sec. 1546.101(a),
(b), or (e) of this chapter, or an indirect air carrier, accepts it
must be a SIDA. This includes areas such as: Cargo facilities; loading
and unloading vehicle docks; and areas where an aircraft operator,
foreign air carrier, or indirect air carrier sorts, stores, stages,
consolidates, processes, screens, or transfers cargo.
(4) Other areas of the airport may be SIDAs.
(b) * * *
(2) Subject each individual to a criminal history records check as
described in Sec. 1542.209 before authorizing unescorted access to the
SIDA.
* * * * *

[[Page 30510]]

(c) An airport operator that is not required to have a complete
program under Sec. 1542.103(a) is not required to establish a SIDA
under this section.

PART 1544--AIRCRAFT OPERATOR SECURITY: AIR CARRIERS AND COMMERCIAL
OPERATORS

0
12. The authority citation for part 1544 continues to read as follows:

Authority: 49 U.S.C. 114, 5103, 40113, 44901-44905, 44907,
44913-44914, 44916-44918, 44932, 44935-44936, 44942, 46105.

0
13. Amend Sec. 1544.3 by revising paragraph (c) to read as follows:

Sec. 1544.3 TSA inspection authority.

* * * * *
(c) TSA may enter and be present within secured areas, AOAs, SIDAs,
and other areas where security measures required by TSA are carried
out, without access media or identification media issued or approved by
an airport operator or aircraft operator, in order to inspect or test
compliance, or perform other such duties as TSA may direct.
* * * * *

0
14. Amend Sec. 1544.101 by revising paragraphs (d)(1), (d)(4), and
(e)(1), and adding new paragraphs (h) and (i) to read as follows:

Sec. 1544.101 Adoption and implementation.

* * * * *
(d) * * *
(1) Is an aircraft with a maximum certificated takeoff weight of
more than 12,500 pounds;
* * * * *
(4) Is not under a full program, partial program, or full all-cargo
program under paragraph (a), (b), or (h) of this section.
(e) * * *
(1) The requirements of Sec. Sec. 1544.215, 1544.217, 1544.219,
1544.223, 1544.230, 1544.235, 1544.237, 1544.301(a) and (b), 1544.303,
and 1544.305; and in addition, for all-cargo operations of Sec. Sec.
1544.202, 1544.205(a), (b), (d), and (f).
* * * * *
(h) Full all-cargo program--adoption: Each aircraft operator must
carry out the requirements of paragraph (i) of this section for each
operation that is--
(1) In an aircraft with a maximum certificated takeoff weight of
more than 45,500 kg (100,309.3 pounds); and
(2) Carrying cargo and authorized persons and no passengers.
(i) Full all-cargo program--contents: For each operation described
in paragraph (h) of this section, the aircraft operator must carry out
the following, and must adopt and carry out a security program that
meets the applicable requirements of Sec. 1544.103(c):
(1) The requirements of Sec. Sec. 1544.202, 1544.205, 1544.207,
1544.209, 1544.211, 1544.215, 1544.217, 1544.219, 1544.225, 1544.227,
1544.228, 1544.229, 1544.230, 1544.231, 1544.233, 1544.235, 1544.237,
1544.301, 1544.303, and 1544.305.
(2) Other provisions of subpart C of this part that TSA has
approved upon request.
(3) The remaining requirements of subpart C of this part when TSA
notifies the aircraft operator in writing that a security threat exists
concerning that operation.

0
15. Add a new Sec. 1544.202 to read as follows:

Sec. 1544.202 Persons and property onboard an all-cargo aircraft.

Each aircraft operator operating under a full all-cargo program, or
a twelve-five program in an all-cargo operation, must apply the
security measures in its security program for persons who board the
aircraft for transportation, and for their property, to prevent or
deter the carriage of any unauthorized persons, and any unauthorized
weapons, explosives, incendiaries, and other destructive devices,
items, or substances.

0
16. Revise Sec. 1544.205 to read as follows:

Sec. 1544.205 Acceptance and screening of cargo.

(a) Preventing or deterring the carriage of any explosive or
incendiary. Each aircraft operator operating under a full program, a
full all-cargo program, or a twelve-five program in an all-cargo
operation, must use the procedures, facilities, and equipment described
in its security program to prevent or deter the carriage of any
unauthorized persons, and any unauthorized explosives, incendiaries,
and other destructive substances or items in cargo onboard an aircraft.
(b) Screening and inspection of cargo. Each aircraft operator
operating under a full program or a full all-cargo program, or a
twelve-five program in an all-cargo operation, must ensure that cargo
is screened and inspected for any unauthorized person, and any
unauthorized explosive, incendiary, and other destructive substance or
item as provided in the aircraft operator's security program and Sec.
1544.207, and as provided in Sec. 1544.239 for operations under a full
program, before loading it on its aircraft.
(c) Control. Each aircraft operator operating under a full program
or a full all-cargo program must use the procedures in its security
program to control cargo that it accepts for transport on an aircraft
in a manner that:
(1) Prevents the carriage of any unauthorized person, and any
unauthorized explosive, incendiary, and other destructive substance or
item in cargo onboard an aircraft.
(2) Prevents unescorted access by persons other than an authorized
aircraft operator employee or agent, or persons authorized by the
airport operator or host government.
(d) Refusal to transport. Except as otherwise provided in its
program, each aircraft operator operating under a full program, a full
all-cargo program, or a twelve-five program in an all-cargo operation,
must refuse to transport any cargo if the shipper does not consent to a
search or inspection of that cargo in accordance with the system
prescribed by this part.
(e) Acceptance of cargo only from specified persons. Each aircraft
operator operating under a full program or a full all-cargo program may
accept cargo for air transportation only from the shipper, or from an
aircraft operator, foreign air carrier, or indirect air carrier
operating under a security program under this chapter with a comparable
cargo security program, as provided in its security program.
(f) Acceptance and screening of cargo outside the United States.
For cargo to be loaded on its aircraft outside the United States, each
aircraft operator must carry out the requirements of its security
program.

0
17. Amend Sec. 1544.217 by revising paragraphs (a)(2) introductory
text and (b) introductory text to read as follows:

Sec. 1544.217 Law enforcement personnel.

(a) * * *
(2) For operations under a partial program under Sec. 1544.101(b)
and (c), a twelve-five program under Sec. 1544.101(d) and (e), a
private charter program under Sec. 1544.101(f), or a full all-cargo
program under Sec. 1544.101(h) and (i), each aircraft operator must--
* * * * *
(b) The following applies to operations at airports required to
hold security programs under part 1542 of this chapter. For operations
under a partial program under Sec. 1544.101(b) and (c), a twelve-five
program under Sec. 1544.101(d) and (e), a private charter program
under Sec. 1544.101(f), or a full all-cargo program under Sec.
1544.101(h) and (i), each aircraft operator must--
* * * * *

0
18. Amend Sec. 1544.225 by adding new paragraph (d) to read as
follows:

Sec. 1544.225 Security of aircraft and facilities.

* * * * *

[[Page 30511]]

(d) When operating under a full program or a full all-cargo
program, prevent unauthorized access to the operational area of the
aircraft while loading or unloading cargo.

0
19. Add a new Sec. 1544.228 to read as follows:

Sec. 1544.228 Access to cargo: Security threat assessments for cargo
personnel in the United States.

This section applies in the United States to each aircraft operator
operating under a full program under Sec. 1544.101(a), or a full all-
cargo program under Sec. 1544.101(h) of this part.
(a) This section applies for each employee and agent the aircraft
operator authorizes to have unescorted access to cargo from the time--
(1) The cargo reaches a location where an aircraft operator with a
full all-cargo program consolidates or inspects it pursuant to security
program requirements until the cargo enters an airport Security
Identification Display Area or is transferred to another TSA-regulated
aircraft operator, foreign air carrier, or indirect air carrier; or
(2) An aircraft operator with a full program accepts the cargo
until the cargo:
(i) Enters an airport Security Identification Display Area;
(ii) Is removed from the destination airport; or
(iii) Is transferred to another TSA-regulated aircraft operator,
foreign air carrier, or indirect air carrier.
(b) Before an aircraft operator authorizes, and before an employee
or agent gains, unescorted access to cargo as described in paragraph
(a) of this section, each employee or agent must successfully complete
one of the following:
(1) A criminal history records check under Sec. Sec. 1542.209,
1544.229, or 1544.230 of this chapter, if the employee or agent is
otherwise required to undergo that check.
(2) A Security Threat Assessment under part 1540 subpart C of this
chapter. An employee or agent who has successfully completed this
Security Threat Assessment for one employer need not complete it for
another employer if the employee or agent has been continuously
employed in a position that requires a Security Threat Assessment.
(3) Another Security Threat Assessment approved by TSA as
comparable to paragraphs (b)(1) or (2) of this section.
(c) Each aircraft operator must ensure that each individual who has
access to its cargo--
(1) Has successfully completed one of the checks in paragraph (b)
of this section;
(2) Is escorted by an employee or agent who has successfully
completed one of the checks in paragraph (b) of this section; or
(3) Is authorized to serve as law enforcement personnel at that
location.
(d) Operators must comply with the requirements of this section not
later than November 22, 2006.

0
20. Amend Sec. 1544.229 by adding introductory text, and revising
paragraph (a)(1)(iii) to read as follows:

Sec. 1544.229 Fingerprint-based criminal history records checks
(CHRC): Unescorted access authority, authority to perform screening
functions, and authority to perform checked baggage or cargo functions.

This section applies to each aircraft operator operating under a
full program, a private charter program, or a full all-cargo program.
(a) * * *
(1) * * *
(iii) Each individual granted authority to perform the following
screening functions at locations within the United States (referred to
as ``authority to perform screening functions''):
(A) Screening passengers or property that will be carried in a
cabin of an aircraft of an aircraft operator required to screen
passengers under this part.
(B) Serving as an immediate supervisor (checkpoint security
supervisor (CSS)), and the next supervisory level (shift or site
supervisor), to those individuals described in paragraphs
(a)(1)(iii)(A) or (a)(1)(iii)(C) of this section.
(C) Screening cargo that will be carried on an aircraft of an
aircraft operator with a full all-cargo program.
* * * * *

0
21. Add a new Sec. 1544.239 to read as follows:

Sec. 1544.239 Known shipper program.

This section applies to each aircraft operator operating under a
full program under Sec. 1544.101(a) of this part and to each aircraft
operator with a TSA security program approved for transfer of cargo to
an aircraft operator with a full program or a foreign air carrier under
paragraphs Sec. 1546.101(a) or (b) of this chapter.
(a) For cargo to be loaded on its aircraft in the United States,
each aircraft operator must have and carry out a known shipper program
in accordance with its security program. The program must--
(1) Determine the shipper's validity and integrity as provided in
the security program;
(2) Provide that the aircraft operator will separate known shipper
cargo from unknown shipper cargo; and
(3) Provide for the aircraft operator to ensure that cargo is
screened or inspected as set forth in its security program.
(b) When required by TSA, each aircraft operator must submit in a
form and manner acceptable to TSA--
(1) Information identified in its security program regarding a
known shipper, or an applicant for that status; and
(2) Corrections and updates of this information upon learning of a
change to the information specified in paragraph (b)(1) of this
section.

PART 1546--FOREIGN AIR CARRIER SECURITY

0
22. The authority citation for part 1546 continues to read as follows:

Authority: 49 U.S.C. 114, 5103, 40113, 44901-44905, 44907,
44914, 44916-44917, 44935-44936, 44942, 46105.

0
23. Amend Sec. 1546.3 by adding new paragraph (c) to read as follows:

Sec. 1546.3 TSA inspection authority.

0
24. Amend Sec. 1546.101 by revising the introductory text and
paragraph (a), and by adding new paragraphs (e) and (f) to read as
follows:

Sec. 1546.101 Adoption and implementation.

Each foreign air carrier landing or taking off in the United States
must adopt and carry out, for each scheduled and public charter
passenger operation or all-cargo operation, a security program that
meets the requirements of--
(a) Section 1546.103(b) and subparts C, D, and E of this part for
each operation with an aircraft having a passenger seating
configuration of 61 or more seats;
* * * * *
(e) Sections 1546.103(b)(2) and (b)(4), 1546.202, 1546.205(a), (b),
(c), (d), (e), and (f), 1546.207, 1546.211, 1546.213, and 1546.301 for
each all-cargo operation with an aircraft having a maximum certificated
take-off weight more than 45,500 kg (100,309.3 lbs.); and

[[Page 30512]]

(f) Sections 1546.103(b)(2) and (b)(4), 1546.202, 1546.205(a), (b),
(d), and (f), 1546.211, and 1546.301 for each all-cargo operation with
an aircraft having a maximum certificated take-off weight more than
12,500 pounds but not more than 45,500 kg (100,309.3 lbs.).

0
25. Amend Sec. 1546.103 by revising paragraph (a)(1) and paragraph (b)
introductory text to read as follows:

Sec. 1546.103 Form, content, and availability of security program.

(a) * * *
(1) Acceptable to TSA. A foreign air carrier's security program is
acceptable only if TSA finds that the security program provides a level
of protection similar to the level of protection provided by U.S.
aircraft operators serving the same airports. Foreign air carriers must
employ procedures equivalent to those required of U.S. aircraft
operators serving the same airport, if TSA determines that such
procedures are necessary to provide a similar level of protection.
* * * * *
(b) Content of security program. Each security program required by
Sec. 1546.101(a), (b), (c), (e), or (f) must be designed to--
* * * * *

0
26. Add a new Sec. 1546.202 to read as follows:

Sec. 1546.202 Persons and property onboard the aircraft.

Each foreign air carrier operating under Sec. 1546.101(e) or (f)
must apply the security measures in its security program for persons
who board the aircraft for transportation, and for their property, to
prevent or deter the carriage of any unauthorized persons, and any
unauthorized weapons, explosives, incendiaries, and other destructive
devices, items, or substances.

0
27. Revise Sec. 1546.205 to read as follows:

Sec. 1546.205 Acceptance and screening of cargo.

(a) Preventing or deterring the carriage of any explosive or
incendiary. Each foreign air carrier operating a program under Sec.
1546.101(a), (b), (e), or (f) must use the procedures, facilities, and
equipment described in its security program to prevent or deter the
carriage of any unauthorized person, and any unauthorized explosive,
incendiary, and other destructive substance or item in cargo onboard an
aircraft.
(b) Refusal to transport. Each foreign air carrier operating a
program under Sec. 1546.101(a), (b), (e), or (f) must refuse to
transport any cargo, if the shipper does not consent to a search or
inspection of that cargo in accordance with the system prescribed by
this part.
(c) Control. Each foreign air carrier operating a program under
Sec. 1546.101(a), (b), or (e) must use the procedures in its security
program to control cargo that it accepts for transport on an aircraft
in a manner that--
(1) Prevents the carriage of any unauthorized person, and any
unauthorized explosive, incendiary, and other destructive substance or
item onboard the aircraft.
(2) Prevents access by unauthorized persons other than an
authorized foreign air carrier employee or agent, or persons authorized
by the airport operator or host government.
(d) Screening and inspection of cargo in the United States. Each
foreign air carrier operating a program under Sec. 1546.101(a), (b),
(e), or (f) must ensure that, as required in its security program,
cargo is screened and inspected for any unauthorized persons, and any
unauthorized explosives, incendiaries, and other destructive substances
or items as provided in the foreign air carrier's security program, and
Sec. 1546.207, and as provided in Sec. 1546.213 for operations under
Sec. 1546.101(a) or (b) before loading it on its aircraft in the
United States.
(e) Acceptance of cargo in the United States only from specified
persons. Each foreign air carrier operating a program under Sec.
1546.101(a), (b), or (e) of this part may accept cargo in the United
States only from the shipper, or from an aircraft operator, foreign air
carrier, or indirect air carrier operating under a security program
under this chapter with a comparable cargo security program as provided
in its security program.
(f) Acceptance of cargo to be loaded for transport to the United
States. Each foreign air carrier subject to this part that accepts
cargo to be loaded on its aircraft for transport to the United States
must carry out the requirements of its security program.

0
28. Add a new Sec. 1546.213 to read as follows:

Sec. 1546.213 Access to cargo: Security threat assessments for cargo
personnel in the United States.

This section applies in the United States to each foreign air
carrier operating under Sec. 1546.101(a), (b), or (e).
(a) This section applies to each employee or agent in the United
States whom the foreign air carrier authorizes to have unescorted
access to cargo from the time--
(1) The cargo reaches a location where a foreign air carrier
operating under Sec. 1546.101(e) consolidates or inspects it pursuant
to security program requirements, until the cargo enters an airport
Security Identification Display Area or is transferred to another TSA-
regulated aircraft operator, foreign air carrier, or indirect air
carrier, or
(2) A foreign air carrier under Sec. 1546.101(a) or (b) accepts
the cargo, until the cargo--
(i) Enters an airport Security Identification Display Area;
(ii) Is removed from the destination airport; or
(iii) Is transferred to another TSA-regulated aircraft operator,
foreign air carrier, or indirect air carrier.
(b) Before a foreign air carrier authorizes, and before an employee
or agent gains, unescorted access to cargo as described in paragraph
(a) of this section, each employee or agent must successfully complete
one of the following:
(1) A criminal history records check under Sec. Sec. 1542.209,
1544.229, or 1544.230 of this chapter, if the employee or agent is
otherwise required to undergo that check.
(2) A Security Threat Assessment under part 1540 subpart C of this
chapter. An employee or agent who has successfully completed this
Security Threat Assessment for one employer need not complete it for
another employer, if the employee or agent has been continuously
employed in a position that requires a Security Threat Assessment.
(3) Another Security Threat Assessment approved by TSA as
comparable to paragraphs (b)(1) or (2) of this section.
(c) Each foreign air carrier must ensure that each individual who
has access to its cargo--
(1) Has successfully completed one of the checks in paragraph (b)
of this section;
(2) Is escorted by an employee or agent who has successfully
completed one of the checks in paragraph (b) of this section; or
(3) Is authorized to serve as law enforcement personnel at that
location.
(d) Operators must comply with the requirements of this section not
later than November 22, 2006.

0
29. Add a new Sec. 1546.215 to read as follows:

Sec. 1546.215 Known shipper program.

This section applies to each foreign air carrier operating a
program under Sec. 1546.101(a) or (b).
(a) For cargo to be loaded on its aircraft in the United States,
each foreign air carrier must have and carry out a known shipper
program in accordance with its security program. The program must--

[[Page 30513]]

(1) Determine the shipper's validity and integrity as provided in
the foreign air carrier's security program;
(2) Provide that the foreign air carrier will separate known
shipper cargo from unknown shipper cargo; and
(3) Provide for the foreign air carrier to ensure that cargo is
screened or inspected as set forth in its security program.
(b) When required by TSA, each foreign air carrier must submit in a
form and manner acceptable to TSA--
(1) Information identified in its security program regarding an
applicant to be a known shipper or a known shipper; and
(2) Corrections and updates to the information upon learning of a
change to the information specified in paragraph (b)(1) of this
section.

0
30. Amend Sec. 1546.301 by revising the introductory text to read as
follows:

Sec. 1546.301 Bomb or air piracy threats.

No foreign air carrier may land or take off an airplane in the
United States after receiving a bomb or air piracy threat against that
airplane, unless the following actions are taken:
* * * * *

PART 1548--INDIRECT AIR CARRIER SECURITY

0
31. The authority citation for part 1548 continues to read as follows:

Authority: 49 U.S.C. 114, 5103, 40113, 44901-44905, 44913-44914,
44916-44917, 44932, 44935-44936, 46105.

0
32. Amend Sec. 1548.3 by adding new paragraph (c) to read as follows:

Sec. 1548.3 TSA inspection authority.

* * * * *
(c) TSA may enter and be present within areas where security
measures required by TSA are carried out without access media or
identification media issued or approved by the indirect air carrier, an
airport operator, or aircraft operator, in order to inspect or test
compliance, or perform other such duties as TSA may direct.

0
33. Amend Sec. 1548.5 by revising paragraphs (a), (b), and (c) to read
as follows:

Sec. 1548.5 Adoption and implementation of the security program.

(a) Security program required. No indirect air carrier may offer
cargo to an aircraft operator operating under a full program or a full
all-cargo program specified in part 1544 of this subchapter, or to a
foreign air carrier operating under a program under Sec. 1546.101(a),
(b), or (e) of this subchapter, unless that indirect air carrier has
and carries out an approved security program under this part. Each
indirect air carrier that does not currently hold a security program
under part 1548, and that offers cargo to an aircraft operator
operating under a full all-cargo program or a comparable operation by a
foreign air carrier must comply with this section not later than
November 22, 2006.
(b) General requirements. (1) The security program must provide for
the security of the aircraft, as well as that of persons and property
traveling in air transportation against acts of criminal violence and
air piracy and against the introduction into the aircraft of any
unauthorized person, and any unauthorized explosive, incendiary, and
other destructive substance or item as provided in the indirect air
carrier's security program. This requirement applies--
(i) From the time the indirect air carrier accepts the cargo to the
time it transfers the cargo to an entity that is not an employee or
agent of the indirect air carrier;
(ii) While the cargo is stored, en route, or otherwise being
handled by an employee or agent of the indirect air carrier; and
(iii) Regardless of whether the indirect air carrier has or ever
had physical possession of the cargo.
(2) The indirect air carrier must ensure that its employees and
agents carry out the requirements of this chapter and the indirect air
carrier's security program.
(c) Content. Each security program under this part must--
(1) Be designed to prevent or deter the introduction of any
unauthorized person, and any unauthorized explosive, incendiary, and
other destructive substance or item onto an aircraft.
(2) Include the procedures and description of the facilities and
equipment used to comply with the requirements of Sec. Sec. 1548.9 and
1548.17 regarding the acceptance and offering of cargo.
(3) Include the procedures and syllabi used to accomplish the
training required under Sec. 1548.11 of persons who accept, handle,
transport, or deliver cargo on behalf of the indirect air carrier.
* * * * *

0
34. Revise Sec. 1548.7 to read as follows:

Sec. 1548.7 Approval, amendment, annual renewal, and withdrawal of
approval of the security program.

(a) Original Application--(1) Application. The applicant must apply
for a security program in a form and a manner prescribed by TSA not
less than 90 calendar days before the applicant intends to begin
operations. The application must be in writing and include:
(i) The business name; other names, including doing business as;
state of incorporation, if applicable; and tax identification number.
(ii) The applicant names, addresses, and dates of birth of each
proprietor, general partner, officer, director, and owner identified
under Sec. 1548.16.
(iii) A signed statement from each person listed in paragraph
(a)(1)(ii) of this section stating whether he or she has been a
proprietor, general partner, officer, director, or owner of an IAC that
had its security program withdrawn by TSA.
(iv) Copies of government-issued identification of persons listed
in paragraph (a)(1)(ii) of this section.
(v) Addresses of all business locations in the United States.
(vi) A statement declaring whether the business is a ``'small
business''' pursuant to section 3 of the Small Business Act (15 U.S.C.
632).
(vii) A statement acknowledging and ensuring that each employee and
agent of the indirect air carrier, who is subject to training under
Sec. 1548.11, will have successfully completed the training outlined
in its security program before performing security-related duties.
(viii) Other information requested by TSA concerning Security
Threat Assessments.
(ix) A statement acknowledging and ensuring that each employee and
agent will successfully complete a Security Threat Assessment under
Sec. 1548.15 before authorizing the individual to have unescorted
access to cargo.
(2) Approval. TSA will approve the security program by providing
the indirect air carrier with the Indirect Air Carrier Standard
Security Program and any Security Directive upon determining that--
(i) The indirect air carrier has met the requirements of this part,
its security program, and any applicable Security Directive;
(ii) The approval of its security program is not contrary to the
interests of security and the public interest; and
(iii) The indirect air carrier has not held a security program that
was withdrawn within the previous year, unless otherwise authorized by
TSA.
(3) Commencement of operations. The indirect air carrier may
operate under a security program when it meets all requirements,
including but not limited to successful completion of training and
Security Threat Assessments by relevant personnel.

[[Page 30514]]

(4) Duration of security program. The security program will remain
effective until the end of the calendar month one year after the month
it was approved.
(5) Requirement to report changes in information. Each indirect air
carrier with an approved security program under this part must notify
TSA, in a form and manner approved by TSA, of any changes to the
information submitted during its initial application.
(i) This notification must be submitted to the designated official
not later than 30 days after the date the change occurred.
(ii) Changes included in the requirement of this paragraph include,
but are not limited to, changes in the indirect air carrier's contact
information, owners, business addresses and locations, and form of
business entity.
(b) Renewal Application. Upon timely submittal of an application
for renewal, and unless and until TSA denies the application, the
indirect air carrier's approved security program remains in effect.
(1) Unless otherwise authorized by TSA, each indirect air carrier
that has a security program under this part must timely submit to TSA,
at least 30 calendar days prior to the first day of the anniversary
month of initial approval of its security program, an application for
renewal of its security program in a form and a manner approved by TSA.
(2) The application for renewal must be in writing and include a
signed statement that the indirect air carrier has reviewed and ensures
the continuing accuracy of the contents of its initial application for
a security program, subsequent renewal applications, or other
submissions to TSA confirming a change of information and noting the
date such applications and submissions were sent to TSA, including the
following certification:

[Name of indirect air carrier] (hereinafter ``the IAC'') has
adopted and is currently carrying out a security program in
accordance with the Transportation Security Regulations as
originally approved on [Insert date of TSA initial approval]. In
accordance with TSA regulations, the IAC has notified TSA of any new
or changed information required for the IAC's initial security
program. If new or changed information is being submitted to TSA as
part of this application for reapproval, that information is stated
in this filing.
The IAC understands that intentional falsification of
certification to an air carrier or to TSA may be subject to both
civil and criminal penalties under 49 CFR 1540 and 1548 and 18
U.S.C. 1001. Failure to notify TSA of any new or changed information
required for initial approval of the IAC's security program in a
timely fashion and in a form acceptable to TSA may result in
withdrawal by TSA of approval of the IAC's security program.

(3) TSA will renew approval of the security program if TSA
determines that--
(i) The indirect air carrier has met the requirements of this
chapter, its security program, and any Security Directive; and
(ii) The renewal of its security program is not contrary to the
interests of security and the public interest.
(4) If TSA determines that the indirect air carrier meets the
requirements of paragraph (b)(3) of this section, it will renew the
indirect air carrier's security program. The security program will
remain effective until the end of the calendar month one year after the
month it was renewed.
(c) Amendment requested by an indirect air carrier or applicant. An
indirect air carrier or applicant may file a request for an amendment
to its security program with the TSA designated official at least 45
calendar days before the date it proposes for the amendment to become
effective, unless the designated official allows a shorter period. Any
indirect air carrier may submit a group proposal for an amendment that
is on behalf of it and other indirect air carriers that co-sign the
proposal.
(1) Within 30 calendar days after receiving a proposed amendment,
the designated official, in writing, either approves or denies the
request to amend.
(2) An amendment to an indirect air carrier security program may be
approved, if the designated official determines that safety and the
public interest will allow it, and if the proposed amendment provides
the level of security required under this part.
(3) Within 30 calendar days after receiving a denial of the
proposed amendment, the indirect air carrier may petition TSA to
reconsider the denial. A petition for reconsideration must be filed
with the designated official.
(4) Upon receipt of a petition for reconsideration, the designated
official either approves the request to amend or transmits the
petition, together with any pertinent information, to the TSA for
reconsideration. TSA will dispose of the petition within 30 calendar
days of receipt by either directing the designated official to approve
the amendment or by affirming the denial.
(d) Amendment by TSA. TSA may amend a security program in the
interest of safety and the public interest, as follows:
(1) TSA notifies the indirect air carrier, in writing, of the
proposed amendment, fixing a period of not less than 30 calendar days
within which the indirect air carrier may submit written information,
views, and arguments on the amendment.
(2) After considering all relevant material, the designated
official notifies the indirect air carrier of any amendment adopted or
rescinds the notice of amendment. If the amendment is adopted, it
becomes effective not less than 30 calendar days after the indirect air
carrier receives the notice of amendment, unless the indirect air
carrier disagrees with the proposed amendment and petitions the TSA to
reconsider, no later than 15 calendar days before the effective date of
the amendment. The indirect air carrier must send the petition for
reconsideration to the designated official. A timely petition for
reconsideration stays the effective date of the amendment.
(3) Upon receipt of a petition for reconsideration, the designated
official either amends or withdraws the notice of amendment, or
transmits the petition, together with any pertinent information, to TSA
for reconsideration. TSA disposes of the petition within 30 calendar
days of receipt, either by directing the designated official to
withdraw or amend the notice of amendment, or by affirming the notice
of amendment.
(e) Emergency Amendments. (1) If TSA finds that there is an
emergency requiring immediate action, with respect to aviation security
that makes procedures in this section contrary to the public interest,
the designated official may issue an emergency amendment, without the
prior notice and comment procedures described in paragraph (d) of this
section.
(2) The emergency amendment is effective without stay on the date
the indirect air carrier receives notification. TSA will incorporate in
the notification a brief statement of the reasons and findings for the
emergency amendment to be adopted.
(3) The indirect air carrier may file a petition for
reconsideration with the TSA no later than 15 calendar days after TSA
issued the emergency amendment. The indirect air carrier must send the
petition for reconsideration to the designated official; however, the
filing does not stay the effective date of the emergency amendment.
(f) Withdrawal of approval of a security program. TSA may withdraw
the approval of the indirect air carrier's security program, if TSA
determines

[[Page 30515]]

continued operation is contrary to safety and the public interest, as
follows:
(1) Notice of proposed withdrawal of approval. The designated
official will serve a notice of proposed withdrawal of approval, which
notifies the indirect air carrier, in writing, of the facts, charges,
and applicable law, regulation, or order that form the basis for the
determination.
(2) Indirect air carrier reply. The indirect air carrier may
respond to the notice of proposed withdrawal of approval no later than
15 calendar days after receipt of the withdrawal by providing the
designated official, in writing, with any material facts, arguments,
applicable law, and regulation.
(3) TSA review. The designated official will consider all
information available, including any relevant material or information
submitted by the indirect air carrier, before either issuing a
withdrawal of approval of the indirect air carrier's security program
or rescinding the notice of proposed withdrawal of approval. If TSA
issues a withdrawal of approval, it becomes effective upon receipt by
the indirect air carrier, or 15 calendar days after service, whichever
occurs first.
(4) Petition for reconsideration. The indirect air carrier may
petition the TSA to reconsider the withdrawal of approval by serving a
petition for consideration no later than 15 calendar days after the
indirect air carrier receives the withdrawal of approval. The indirect
air carrier must serve the petition for reconsideration on the
designated official. Submission of a petition for reconsideration will
not automatically stay the withdrawal of approval. The indirect air
carrier may request the designated official to stay the withdrawal of
approval pending consideration of the petition.
(5) Assistant Secretary's review. The designated official transmits
the petition together with all pertinent information to the Assistant
Secretary for reconsideration. The Assistant Secretary will dispose of
the petition within 15 calendar days of receipt by either directing the
designated official to rescind the withdrawal of approval or by
affirming the withdrawal of approval. The decision of the Assistant
Secretary is a final order subject to judicial review in accordance
with 49 U.S.C. 46110.
(6) Emergency withdrawal. If TSA finds that there is an emergency
requiring immediate action, with respect to aviation security that
makes procedures in this section contrary to the public interest, the
designated official may issue an emergency withdrawal of the indirect
air carrier's security program, without first issuing a notice of
proposed withdrawal, effective without stay on the date that the
indirect air carrier receives notice of the emergency withdrawal. In
such a case, the designated official will send the indirect air carrier
a brief statement of the facts, charges, and applicable law,
regulation, or order that forms the basis for the emergency withdrawal.
The indirect air carrier may submit a petition for reconsideration
under the procedures in paragraphs (f)(2) through (f)(5) of this
section; however, this petition will not stay the effective date of the
emergency withdrawal.
(g) Service of documents for withdrawal of approval of security
program proceedings. Service may be accomplished by personal delivery,
certified mail, or express courier. Documents served on an indirect air
carrier will be served at the indirect air carrier's official place of
business as designated in its application for approval or its security
program. Documents served on TSA must be served to the address noted in
the notice of withdrawal of approval or withdrawal of approval,
whichever is applicable.
(1) Certificate of service. An individual may attach a certificate
of service to a document tendered for filing. A certificate of service
must consist of a statement, dated and signed by the person filing the
document, that the document was personally delivered, served by
certified mail on a specific date, or served by express courier on a
specific date.
(2) Date of service. The date of service will be--
(i) The date of personal delivery;
(ii) If served by certified mail, the mailing date shown on the
certificate of service, the date shown on the postmark, if there is no
certificate of service, or other mailing date shown by other evidence
if there is no certificate of service or postmark; or
(iii) If served by express courier, the service date shown on the
certificate of service, or by other evidence if there is no certificate
of service.
(h) Extension of time. TSA may grant an extension of time of the
limits set forth in this section for good cause shown. An indirect air
carrier's request for an extension of time must be in writing and be
received by TSA at least 2 days before the due date to be extended. TSA
may grant itself an extension of time for good cause.

0
35. Revise Sec. 1548.9 to read as follows:

Sec. 1548.9 Acceptance of cargo.

(a) Preventing or deterring the carriage of any explosive or
incendiary. Each indirect air carrier must use the facilities,
equipment, and procedures described in its security program to prevent
or deter the carriage onboard an aircraft of any unauthorized person,
and any unauthorized explosive, incendiary, and other destructive
substance or item, as provided in the indirect air carrier's security
program.
(b) Refusal to transport. Each indirect air carrier must refuse to
offer for transport on an aircraft any cargo, if the shipper does not
consent to a search or inspection of that cargo in accordance with this
part, or parts 1544 or 1546 of this chapter.

0
36. Add a new Sec. 1548.11 to read as follows:

Sec. 1548.11 Training and knowledge for individuals with security-
related duties.

(a) No indirect air carrier may use an employee or agent to perform
any security-related duties to meet the requirements of its security
program, unless that individual has received training, as specified in
its security program, including his or her personal responsibilities in
Sec. 1540.105 of this chapter.
(b) Each indirect air carrier must ensure that each of its
authorized employees or agents who accept, handle, transport, or
deliver cargo have knowledge of the--
(1) Applicable provisions of this part;
(2) Applicable Security Directives and Information Circulars;
(3) The approved airport security program(s) applicable to their
location(s); and
(4) The aircraft operator's or indirect air carrier's security
program, to the extent necessary in order to perform their duties.
(c) Each indirect air carrier must ensure that each of its
authorized employees or agents under paragraph (b) of this section
successfully completes recurrent training at least annually on their
individual responsibilities in--
(1) Section 1540.105 of this chapter;
(2) The applicable provisions of this part;
(3) Applicable Security Directives and Information Circulars;
(4) The approved airport security program(s) applicable to their
location(s); and
(5) The aircraft operator's or indirect air carrier's security
program, to the extent that such individuals need to know in order to
perform their duties.
(d) Operators must comply with the requirements of this section by
November 22, 2006.

0
37. Add a new Sec. 1548.13 to read as follows:

[[Page 30516]]

Sec. 1548.13 Security coordinators.

Each indirect air carrier must designate and use an Indirect Air
Carrier Security Coordinator (IACSC). The IACSC and alternates must be
appointed at the corporate level and must serve as the indirect air
carrier's primary contact for security-related activities and
communications with TSA, as set forth in the security program. Either
the IACSC or an alternate IACSC must be available on a 24-hour basis.

0
38. Add a new Sec. 1548.15 to read as follows:

Sec. 1548.15 Access to Cargo: Security threat assessments for
individuals having unescorted access to cargo.

This section applies to each indirect air carrier operating under
this part.
(a) This section applies to each employee or agent the indirect air
carrier authorizes to have unescorted access to cargo from the time--
(1) Cargo to be transported on an aircraft operated by an aircraft
operator with a full all-cargo program under Sec. 1544.101(h) of this
chapter, or by a foreign air carrier under Sec. 1546.101(e) of this
chapter, reaches an indirect air carrier facility where the indirect
air carrier consolidates or holds the cargo until the indirect air
carrier transfers the cargo to an aircraft operator or foreign air
carrier, or
(2) Cargo to be transported on an aircraft operated by an aircraft
operator with a full program or by a foreign air carrier under Sec.
1546.101(a) or (b) of this chapter, is accepted by the indirect air
carrier.
(b) Before an indirect air carrier authorizes, and before an
employee or agent gains, unescorted access to cargo as described in
paragraph (a) of this section, each employee or agent must successfully
complete one of the following:
(1) A criminal history records check under Sec. Sec. 1542.209,
1544.229, or 1544.230 of this chapter, if the individual is otherwise
required to undergo that check.
(2) A Security Threat Assessment under part 1540 subpart C of this
chapter. An employee or agent who has successfully completed this
Security Threat Assessment for one employer need not complete it for
another employer if the employee or agent has been continuously
employed in a position that requires a Security Threat Assessment.
(3) Another Security Threat Assessment approved by TSA as
comparable to paragraphs (b)(1) or (b)(2) of this section.
(c) Each indirect air carrier must ensure that each individual who
has access to its cargo--
(1) Has successfully completed one of the checks in paragraph (b)
of this section;
(2) Is escorted by a person who has successfully completed one of
the checks in paragraph (b) of this section; or
(3) Is authorized to serve as law enforcement personnel at that
location.
(d) Operators must comply with the requirements of this section not
later than November 22, 2006.

0
39. Add a new Sec. 1548.16 to read as follows:

Sec. 1548.16 Security threat assessments for each proprietor, general
partner, officer, director, and certain owners of the entity.

(a) Each indirect air carrier, or applicant to be an indirect air
carrier, must ensure that each proprietor, general partner, officer,
director, and owner of the entity has successfully completed a Security
Threat Assessment under part 1540 subpart C of this chapter. Each
indirect air carrier must comply with the requirements of this section
not later than November 22, 2006.
(b) For purposes of this section, owner means--
(1) A person who directly or indirectly owns, controls, or has
power to vote 25 percent or more of any class of voting securities or
other voting interests of an IAC or applicant to be an IAC; or
(2) A person who directly or indirectly controls in any manner the
election of a majority of the directors (or individuals exercising
similar functions) of an IAC, or applicant to be an IAC.
(c) For purposes of this definition of owner--
(1) Members of the same family must be considered to be one person.
(i) Same family means parents, spouses, children, siblings, uncles,
aunts, grandparents, grandchildren, first cousins, stepchildren,
stepsiblings, and parents-in-law, and spouses of any of the foregoing.
(ii) Each member of the same family, who has an ownership interest
in an IAC, or an applicant to be an IAC, must be identified if the
family is an owner as a result of aggregating the ownership interests
of the members of the family.
(iii) In determining the ownership of interests of the same family,
any voting interest of any family member must be taken into account.
(2) Voting securities or other voting interests means securities or
other interests that entitle the holder to vote for or select directors
(or individuals exercising similar functions).

0
40. Add a new Sec. 1548.17 to read as follows:

Sec. 1548.17 Known shipper program.

This section applies to cargo that an indirect air carrier offers
to an aircraft operator operating under a full program under Sec.
1544.101(a) of this chapter, or to a foreign air carrier operating
under Sec. 1546.101(a) or (b) of this chapter.
(a) For cargo to be loaded on aircraft in the United States, each
indirect air carrier must have and carry out a known shipper program in
accordance with its security program. The program must--
(1) Determine the shipper's validity and integrity as provided in
its security program;
(2) Provide that the indirect air carrier will separate known
shipper cargo from unknown shipper cargo.
(b) When required by TSA, each indirect air carrier must submit to
TSA, in a form and manner acceptable to TSA--
(1) Information identified in its security program regarding an
applicant to be a known shipper or a known shipper; and
(2) Corrections and updates of this information upon learning of a
change to the information specified in paragraph (b)(1) of this
section.

0
41. Add a new Sec. 1548.19 to read as follows:

Sec. 1548.19 Security Directives and Information Circulars.

(a) TSA may issue an Information Circular to notify indirect air
carriers of security concerns.
(b) When TSA determines that additional security measures are
necessary to respond to a threat assessment, or to a specific threat
against civil aviation, TSA issues a Security Directive setting forth
mandatory measures.
(1) Each indirect air carrier that is required to have an approved
indirect air carrier security program must comply with each Security
Directive that TSA issues to it, within the time prescribed in the
Security Directive for compliance.
(2) Each indirect air carrier that receives a Security Directive
must comply with the following:
(i) Within the time prescribed in the Security Directive,
acknowledge in writing receipt of the Security Directive to TSA.
(ii) Within the time prescribed in the Security Directive, specify
the method by which the measures in the Security Directive have been
implemented (or will be implemented, if the Security Directive is not
yet effective).
(3) In the event that the indirect air carrier is unable to
implement the

[[Page 30517]]

measures in the Security Directive, the indirect air carrier must
submit proposed alternative measures and the basis for submitting the
alternative measures to TSA for approval.
(i) The indirect air carrier must submit the proposed alternative
measures within the time prescribed in the Security Directive.
(ii) The indirect air carrier must implement any alternative
measures approved by TSA.
(4) Each indirect air carrier that receives a Security Directive
may comment on it by submitting data, views, or arguments in writing to
TSA.
(i) TSA may amend the Security Directive based on comments
received.
(ii) Submission of a comment does not delay the effective date of
the Security Directive.
(5) Each indirect air carrier that receives a Security Directive or
Information Circular, and each person who receives information from a
Security Directive or Information Circular, must:
(i) Restrict the availability of the Security Directive or
Information Circular, and information contained in either document, to
those persons with a need-to-know.
(ii) Refuse to release the Security Directive or Information
Circular, and information contained in either document, to persons
other than those with a need-to-know without the prior written consent
of TSA.

Issued in Arlington, Virginia, on May 17, 2006.
Kip Hawley,
Assistant Secretary.
[FR Doc. 06-4800 Filed 5-25-06; 8:45 am]

BILLING CODE 9110-05-P