DEPARTMENT OF HOMELAND SECURITY

by the Federal Government. This proposed rule describes the process and criteria under which auditors and companies that perform watch-list matching would obtain TSA approval. TSA also proposes further security measures for large aircraft operators in all- cargo operations and for operators of passenger aircraft with a MTOW of over 45,500 kilograms (100,309.3 pounds), operated for compensation or hire.<br><br> TSA also proposes to require that certain airports that serve large aircraft adopt security programs and amend the security program for full program and full all-cargo operators. DATES : Submit comments by [Insert date 60 days after date of publication in the Federal Register ]. ADDRESSES : You may submit comments, identified by the TSA docket number to this rulemaking, to the Federal Docket Management System (FDMS), a government-wide, electronic docket management system, using any one of the following methods: Electronically : You may submit comments through the Federal eRulemaking portal at http://www.regulations.gov.<br><br> Follow the online instructions for submitting comments. Mail, In Person, or Fax : Address, hand-deliver, or fax your written comments to the Docket Management Facility, U.S. Department of Transportation, 1200 New Jersey Avenue SE, West Building Ground Floor, Room W12-140, Washington, DC 20590- 0001; Fax 202-493-2251.<br><br> The Department of Transportation (DOT), which maintains and processes TSA 9s official regulatory dockets, will scan the submission and post it to FDMS. 2 See SUPPLEMENTARY INFORMATION for format and other information about comment submissions. FOR FURTHER INFORMATION CONTACT : For program questions : Erik Jensen, Branch Chief-Policy, Plans & Stakeholder Affairs, Office of General Aviation, TSNM, TSA-28, Transportation Security Administration, 601 South 12th Street, Arlington, VA 22202-4220; telephone (571) 227 32401; facsimile (571) 227-2920; e-mail LASP@dhs.gov.<br><br> For questions regarding Sensitive Security Information (SSI) : Andrew Colsky, Director, SSI Office, Office of the Special Counselor (OSC), TSA-31, Transportation Security Administration, 601 South 12 th Street, Arlington, VA 22202-4220; telephone (571) 227-3513; facsimile (571) 227-2945; e-mail SSI@dhs.gov. SUPPLEMENTARY INFORMATION: Comments Invited TSA invites interested persons to participate in this rulemaking by submitting written comments, data, or views. We also invite comments relating to the economic, environmental, energy, or federalism impacts that might result from this rulemaking action.<br><br> See ADDRESSES above for information on where to submit comments. With each comment, please identify the docket number at the beginning of your comments. TSA encourages commenters to provide their names and addresses.<br><br> The most helpful comments reference a specific portion of the rulemaking, explain the reason for any recommended change, and include supporting data. You may submit comments and material electronically, in person, by mail, or fax as provided under ADDRESSES , but please submit your comments and material by only one means. If you submit 3 comments by mail or delivery, submit them in an unbound format, no larger than 8.5 by 11 inches, suitable for copying and electronic filing.<br><br> If you want TSA to acknowledge receipt of comments submitted by mail, include with your comments a self-addressed, stamped postcard on which the docket number appears. We will stamp the date on the postcard and mail it to you. TSA will file in the public docket all comments received by TSA, except for comments containing confidential information and Sensitive Security Information (SSI) 1 .<br><br> TSA will consider all comments received on or before the closing date for comments and will consider comments filed late to the extent practicable. The docket is available for public inspection before and after the comment closing date. Handling of Confidential or Proprietary Information and Sensitive Security Information (SSI) Submitted in Public Comments Do not submit comments that include trade secrets, confidential commercial, or financial information, or SSI to the public regulatory docket.<br><br> Please submit such comments separately from other comments on the rulemaking. Comments containing this type of information should be appropriately marked as containing such information and submitted by mail to the address listed in FOR FURTHER INFORMATION CONTACT section. Upon receipt of such comments, TSA will not place the comments in the public docket and will handle them in accordance with applicable safeguards and restrictions on access.<br><br> TSA will hold them in a separate file to which the public does not have access, 1 cSensitive Security Information d or cSSI d is information obtained or developed in the conduct of security activities, the disclosure of which would constitute an unwarranted invasion of privacy, reveal trade secrets or privileged or confidential information, or be detrimental to the security of transportation. The protection of SSI is governed by 49 CFR part 1520. 4 and place a note in the public docket that TSA has received such materials from the commenter.<br><br> If TSA receives a request to examine or copy this information, TSA will treat it as any other request under the Freedom of Information Act (FOIA) (5 U.S.C. 552) and the Department of Homeland Security 9s (DHS) FOIA regulation found in 6 CFR part 5. Reviewing Comments in the Docket Please be aware that anyone is able to search the electronic form of all comments received into any of our dockets by the name of the individual submitting the comment (or signing the comment, if submitted on behalf of an association, business, labor union, etc.).<br><br> You may review the applicable Privacy Act Statement published in the Federal Register on April 11, 2000 (65 FR 19477), or you may visit http://docketinfo.gov. You may review TSA 9s electronic public docket on the Internet at http://www.regulations.gov. In addition, DOT 9s Docket Management Facility provides a physical facility, staff, equipment, and assistance to the public.<br><br> To obtain assistance or to review comments in TSA 9s public docket, you may visit this facility between 9:00 a.m. to 5:00 p.m., Monday through Friday, excluding legal holidays, or call (202) 366-9826. This docket operations facility is located in the West Building Ground Floor, Room W12- 140 at 1200 New Jersey Avenue, SE, Washington, DC 20590.<br><br> Availability of Rulemaking Document You can get an electronic copy using the Internet by-- (1) Searching the electronic Federal Docket Management System (FDMS) web page at http://www.regulations.gov; 5 (2) Accessing the Government Printing Office 9s web page at http://www.gpoaccess.gov/fr/index.html; or (3) Visiting TSA 9s Security Regulations web page at http://www.tsa.gov and accessing the link for cResearch Center d at the top of the page. In addition, copies are available by writing or calling the individual in the FOR FURTHER INFORMATION CONTACT section. Make sure to identify the docket number of this rulemaking.<br><br> Abbreviations and Terms Used in This Document AICPA 3American Institute of Certified Public Accountants ALJ 3Administrative Law Judge AOSC 3Aircraft Operator Security Coordinator AOSSP 3Aircraft Operator Standard Security Program ATSA 3Aviation and Transportation Security Act CFR 3Code of Federal Regulations CHRC 3Criminal History Records Check CJIS 3Criminal Justice Information Services CBP 3U.S. Customs and Border Protection DHS 3U.S. Department of Homeland Security FAMs 3Federal Air Marshals FAA 3Federal Aviation Administration FACAOSSP 3Full All-Cargo Aircraft Operator Standard Security Program FBI 3Federal Bureau of Investigation FISMA 3Federal Information Security Management Act 6 GA 3General Aviation HME 3Hazardous Materials Endorsement IPA 3Independent Public Accounting firm IT 3Information Technology LASP 3Large Aircraft Security Program LEO 3Law Enforcement Officer MTOW 3Maximum Certificated Take-Off Weight NIST 3National Institute of Standards and Technology PPSSP 3Partial Program Standard Security Program PCSSP 3Private Charter Standard Security Program SSI 3Sensitive Security Information STA 3Security Threat Assessment TSC-Terrorist Screening Center TSA 3Transportation Security Administration TWIC 3Transportation Worker Identification Credential TFSSP 3Twelve-Five Standard Security Program Outline of the Notice of Proposed Rulemaking I.<br><br> Introduction A. Current Standard Security Programs B. Current Security Programs for Large Aircraft C.<br><br> Implementation and Compliance Schedule II. Major Proposed Elements in this NPRM A. Major Requirements in the Proposed Large Aircraft Security Program 7 B.<br><br> Proposed Requirements for Certain Airports C. Passenger Checking Against the Watch-list D. Third-Party Audits for Large Aircraft Operators E.<br><br> Proposed Amendments to the Full Program and the Full All-Cargo Program III. Section-by-Section Analysis IV. Regulatory Requirements A.<br><br> Paperwork Reduction Act B. Regulatory Impact Analyses 1. Regulatory Evaluation Summary 2.<br><br> Executive Order 12866 Assessment 3. Regulatory Flexibility Act Assessment 4. International Trade Impact Assessment 5.<br><br> Unfunded Mandates Assessment C. Executive Order 13132, Federalism D. Environmental Analysis E.<br><br> Energy Impact Analysis List of Subjects The Proposed Amendments I. Introduction The aviation industry is composed of thousands of operators that conduct different types of operations in numerous different types of aircraft. Many aircraft operators are air carriers or commercial operators that offer transportation to the public for compensation or hire.<br><br> Others are general aviation (GA) operators that do not offer 8 transportation to the public. These operators often are corporate or private owners of aircraft that operate their aircraft for their own use or provide transportation for compensation or hire only to certain customers without offering transportation to the public in general. 2 To date, the Federal Government 9s primary focus with regard to aviation security has been on air carriers and commercial operators that offer transportation for compensation or hire to the public.<br><br> TSA requires these carriers and operators to develop and operate under a particular security program depending on the precise nature of their operations. A security program is a set of security procedures that will meet the requirements of applicable TSA regulations. For example, a security program would include specific measures to screen cargo, to transport Federal Air Marshals, to use personnel identification systems, and to provide training to employees, if the operator were subject to those requirements in TSA 9s regulation.<br><br> With few exceptions, TSA does not currently require security programs for GA aircraft operators. As vulnerabilities and risks associated with air carriers and commercial operators have been reduced or mitigated, terrorists may view general aviation aircraft as more vulnerable and thus attractive targets. If hijacked and used as a missile, these aircraft would be capable of inflicting significant damage.<br><br> The Federal Aviation Administration 9s (FAA) long-standing definition of clarge aircraft d is an aircraft with a maximum certificated takeoff weight (MTOW) of over 12,500 pounds. See 14 CFR 1.1. Based on the aviation industry 9s familiarity with this definition and TSA 9s belief that aircraft of this size pose a potential risk, TSA is 2 There is no statutory or regulatory definition of cgeneral aviation. d For the purposes of this NPRM, we use the term to refer to aircraft operations that are not air carriers or commercial, governmental or military operators.<br><br> 9 proposing to require security programs for all operators of aircraft 4GA or otherwise 4 that have a MTOW of over 12,500 pounds, excluding certain governmental operations (collectively, clarge aircraft operators d). 3 Currently, TSA requires many large aircraft operators that are air carriers or commercial operators to implement security programs such as the Twelve-Five Security Program or the Private Charter Security Program. 4 TSA is proposing to expand this requirement to include previously unregulated large aircraft operators 4namely, GA with a MTOW of over 12,500 pounds.<br><br> Doing so will expand the large aircraft operator population required to have a TSA-approved security program to approximately 10,000 operators from the approximately 650 operators today. In addition, TSA is proposing to establish a single large aircraft security program (LASP) to replace the various security programs used by currently regulated large aircraft operators, such as air carriers and commercial operators. It is TSA 9s view that the proposed rule would enhance security significantly.<br><br> TSA recognizes that this would greatly increase the number and type of operators subject to a TSA-approved security program. TSA invites comments on the weight threshold of aircraft covered by this proposed rule. For instance, parties may choose to comment on whether the security goals discussed herein would be met if security programs were required for GA aircraft only over some greater weight threshold.<br><br> For example, we explain below that aircraft over 45,500 kg (100,309.3 pounds) MTOW are 3 In general, aircraft that weigh over 12,500 pounds MTOW are those aircraft equipped with twin turboprop or turbojet engines. Typically corporate and charter aircraft have a seating configuration for 6-8 passengers, while similar aircraft used in scheduled passenger service would likely have 18 or more seats. 4 Although aircraft operators that are subject to the full program under 49 CFR 1544.101(a), or the full all- cargo program under § 1544.101(h), operate large aircraft, TSA does not include them in references to operators of large aircraft and large aircraft operators for purposes of this NPRM.<br><br> Full program operators are generally known as the commercial airlines. 10 currently covered by the "private charter" security program, which includes security measures in addition to those outlined in the "twelve-five" security program. Since incidents involving heavier aircraft have the potential to lead to greater damages and loss of life under one of the scenarios studied in our regulatory impact analysis, we specifically solicit comment on whether this would be a logical alternative weight threshold to consider for the increased security requirements for general aviation.<br><br> Although TSA has concluded in this NPRM that the security benefits of the lower weight threshold of 12,500 lbs are justified by the risk and therefore justify the additional cost of the lower threshold, we welcome commenters 9 views on that topic, as well as on the cost- benefit impact of alternate weight thresholds. Below is a list of the major requirements GA aircraft operators would be required to adopt under the LASP; a more detailed discussion of the LASP and the individual requirements is in sections II and III of this preamble: " Ensure that their flight crew members have undergone a fingerprint-based criminal history records check (CHRC). " Conduct watch-list matching of their passengers through TSA-approved watch- list matching service providers.<br><br> " Undergo a biennial audit of their compliance by a TSA-approved third party auditor. " Comply with the current cargo requirements for the twelve-five all-cargo program if conducting an all-cargo operation. " For aircraft with a MTOW of over 45,500 kilograms operated for compensation or hire, screen passengers and their accessible property.<br><br> 11 " Check property on board for unauthorized persons. In addition, TSA is proposing amendments to its regulations regarding airport security programs. 5 TSA is proposing to require additional airports to adopt security programs, because these airports serve aircraft operators that either currently must carry out a security program or would be required to have a security program under the proposed rule.<br><br> TSA proposes to require the following airports to adopt a security program: " Reliever airports, which perform the function of relieving congestion at commercial service airports and provide more GA access to the overall community. " Airports that regularly serve large aircraft with scheduled or public charter service. A.<br><br> Current Aircraft Operator Security Programs TSA requires security programs for air carriers and commercial operators that require security measures for individuals, property, and cargo aboard aircraft. Currently TSA requires security programs for full program, full all-cargo, partial, private charter, and twelve-five program operators. For full program operators, 6 the standard security program 7 is called an aircraft operator standard security program (AOSSP).<br><br> For the full all-cargo program operators 8 operating all-cargo aircraft over 45,500 kg MTOW, the standard security program is the full all-cargo aircraft operator standard security program 5 The regulations are in 49 CFR 1542.101. 6 49 CFR 1544.101(a). 7 A standard security program is a security program issued by TSA that serves as the baseline for a particular type of operator.<br><br> An aircraft operator 9s security program consists of the appropriate standard security program, together with any amendments and alternative procedures to the security program, if approved by TSA. 8 49 CFR 1544.101(h). 12 (FACAOSSP).<br><br> The partial program 9 applies to scheduled passenger or public charter operations in an aircraft with 31 or more, but 60 or fewer passenger seats that does not enplane from or deplane into a sterile area. The standard security program for private charters is the private charter standard security program. 10 For other scheduled or charter flights, or all-cargo operations, in an aircraft with a MTOW of over 12,500 pounds, the standard security program is the twelve-five standard security program.<br><br> 11 The full program, the full all-cargo program, the partial program, the private charter program, and the twelve-five program aircraft operators all are covered under TSA regulations in 49 CFR part 1544. They all must hold FAA air carrier operating certificates or FAA operating certificates in accordance with the Federal Aviation Administration (FAA) regulations in 14 CFR part 119. 12 They all engage in interstate common carriage or intrastate common carriage.<br><br> 13 TSA has also required certain operators not engaged in common carriage to hold and carry out security programs. Operators of aircraft with a MTOW of over 12,500 pounds must conduct operations in accordance with the FAA rules in 14 CFR part 125 (part 125 operators). 14 By notice published in the Federal Register , TSA required these operators to carry out the twelve- five standard security program for operations in aircraft over 12,500 pounds but not over 45,500 kg, and to carry out the private charter standard security program for operations in aircraft over 45,500 kg.<br><br> 15 These part 125 operators conduct operations when common 9 49 CFR 1544.101(b). 10 49 CFR 1544.101(f). 11 49 CFR 1544.101(d).<br><br> 12 49 CFR 1544.1. 13 49 U.S.C. 40102 and 14 CFR 119.21.<br><br> 14 14 CFR 119.23. 15 69 FR 61516 (Oct. 19, 2004).<br><br> 13 carriage is not involved. They may conduct operations for compensation or hire, however, and they may also conduct operations not for compensation or hire. 16 Finally, all civil aircraft must operate under FAA regulations 14 CFR part 91, Air Traffic and General Operating Rules.<br><br> These operators, when not also subject to another FAA regulation, such as part 119 or part 125, are often referred to in the industry as part 91 operators. TSA generally has not required such operators to carry out security measures. The main objectives of the proposed rule are: (1) to merge the partial, private charter and twelve-five programs into a large aircraft security program and to expand its scope to include general aviation operators using aircraft with a MTOW of over 12,500 pounds; and (2) to enhance the security of these operations.<br><br> B. Current Security Programs for Large Aircraft Large aircraft are operated by a diverse group of air carriers, commercial operators, and GA operators. As stated above, to date, TSA has mandated security programs for the air carrier and commercial operator segments of the aviation industry including scheduled passenger operations, private charters, public charters, and all-cargo operations in large aircraft through the twelve-five program, the partial program, and the private charter program.<br><br> With limited exceptions, TSA has not required security programs for large aircraft in general aviation. Large GA aircraft are most often operated by corporate entities, though some large GA aircraft are operated by individuals. Corporate aviation, with a population of approximately 10,000 operators flying 15,000 aircraft, is largely unregulated for security 16 14 CFR 119.3 and 119.23.<br><br> After TSA adopted the full all-cargo program, it required part 125 operators in all-cargo operations using aircraft over 45,500 kg to have and carry out a full all-cargo program. See 71 FR 30478 (May 26, 2006). 14 15 purposes.<br><br> Yet many of these aircraft are of the same size and weight of the air carriers and commercial operators that TSA regulates, and they could be used effectively to commit a terrorist act. Complicating the situation is the fact that many GA operators have the authorization to function under several different FAA regulations and operating certificates, which may require different TSA security programs or no TSA security program at all. TSA considered developing a new regulatory program to be used solely on GA aircraft and their potential security risks.<br><br> This decision would have created yet another security program applicable to large aircraft operators. Instead of five separate security programs that would apply to large aircraft operators depending on the type of service they provide, TSA is proposing one security program that would apply to all large aircraft operators (except certain government operations) and would replace the current security programs for partial program operators, twelve-five program operators, and private charter operators. The LASP would establish a consistent set of regulations for air carriers and commercial operators, as well as GA operators using large aircraft.<br><br> Indeed, LASP would provide large aircraft operators not covered under the full program, or the full all-cargo security program, with one set of regulations that would form the core of their security programs distinct to their operational and security needs. Table 1 below identifies the different types of large aircraft operators that currently are required to have a security program and the major security requirements for these operators. It also identifies the types of operators that would be subject to the new proposed LASP.<br><br> Table 1-Standard Security Programs Applicable to Aircraft Operators An aircraft operator that operates this type of service, other than all-cargo In this size aircraft And Must have this program # Currently using this standard security program Would be using this standard security program under the NPRM Scheduled passenger or public charter passenger* 61 or more passenger seats Full Program § 1544.101(a)(1) AOSSP No change Scheduled passenger or public charter passenger* 60 or fewer passenger seats It enplanes from, or deplanes into, an existing sterile area Full Program § 1544.101(a)(2) AOSSP No change Scheduled passenger or public charter passenger* 31 or more but 60 or fewer passenger seats It does not enplane from, or deplane into, an existing sterile area Partial Program § 1544.101(b)(1) Partial Program Standard Security Program (PPSSP) Proposed LASSP**** with component for aircraft greater than 45,500 kg (if applicable) Scheduled, public charter, or private charter; passenger* More than 12,500 pounds MTOW It does not enplane from, or deplane into, an existing sterile area, and it is not under a Full Program or a Partial Program Twelve-Five Program § 1544.101(d) Twelve-Five Standard Security Program (TFSSP) Proposed LASSP 16 Table 1-Standard Security Programs Applicable to Aircraft Operators An aircraft operator that operates this type of service, other than all-cargo In this size aircraft And Must have this program # Currently using this standard security program Would be using this standard security program under the NPRM Private charter* Any size It enplanes from, or deplanes into, an existing sterile area Private Charter Program § 1544.101(f)(1)(i) Private Charter Standard Security Program (PCSSP) Proposed LASSP with component for aircraft greater than 45,500 kg (if applicable) and alternative procedures for enplaning from or deplaning into an existing sterile area Private charter* More than 45,500 kg, OR 61 or more passenger seats It does not enplane from, or deplane into, an existing sterile area, and it is not a government charter Private Charter Program § 1544.101(f)(1)(ii) PCSSP Proposed LASSP with component for aircraft greater than 45,500 kg Under an FAA certificate issued under 14 CFR part 125** More than 45,500 kg MTOW It is carrying passengers or property for compensation or hire and is not under another TSA security program § 1550.7; (69 FR 61516, 10/19/2004) PCSSP Proposed LASSP with component for aircraft greater than 45,500 kg or 61 or more seats 17 Table 1-Standard Security Programs Applicable to Aircraft Operators An aircraft operator that operates this type of service, other than all-cargo In this size aircraft And Must have this program # Currently using this standard security program Would be using this standard security program under the NPRM Under an FAA certificate issued under 14 CFR part 125** 61 or more passenger seats It is carrying passengers or property for compensation or hire and is not under another TSA security program § 1550.7; (69 FR 61516, 10/19/2004) PCSSP Proposed LASSP with component for aircraft greater than 45,500 kg or 61 or more seats Under an FAA certificate issued under 14 CFR part 125** More than 45,500 kg MTOW It is not carrying passengers or property for compensation or hire and not under another TSA security program § 1550.7; (69 FR 61516, 10/19/2004) PCSSP Proposed LASSP Under an FAA certificate issued under 14 CFR part 125** 61 or more passenger seats It is not carrying passengers or property for compensation or hire and not under another TSA security program § 1550.7; (69 FR 61516, 10/19/2004) PCSSP Proposed LASSP Under an FAA certificate issued under 14 CFR part 125** More than 12,500 pounds MTOW It is not under another TSA security program § 1550.7 TFSSP Proposed LASSP 18 Table 1-Standard Security Programs Applicable to Aircraft Operators An aircraft operator that operates this type of service, other than all-cargo In this size aircraft And Must have this program # Currently using this standard security program Would be using this standard security program under the NPRM Operating under 14 CFR part 91 only** More than 12,500 pounds It enplanes from, or deplanes into, an existing sterile area General Aviation Operations using a sterile area § 1550.5 No standard program Proposed LASSP with alternative procedures for enplaning from or deplaning into an existing sterile area Operating under 14 CFR part 91 only** 12,500 pounds or less It enplanes from, or deplanes into, an existing sterile area General Aviation Operations using a sterile area § 1550.5 No standard program No change Operating under 14 CFR part 91 only** More than 12,500 pounds It is not under another TSA security program, and does not enplane from or deplane to an existing sterile area Not required to have a security program Not required to have a security program Proposed LASSP Operating under 14 CFR part 91 only** 12,500 pounds or less It is not under another TSA security program, and does not enplane from or deplane to an existing sterile area Not required to have a security program Not required to have a security program No change 19 Table 1-Standard Security Programs Applicable to Aircraft Operators An aircraft operator that operates this type of service, other than all-cargo In this size aircraft And Must have this program # Currently using this standard security program Would be using this standard security program under the NPRM Passenger operations into and out of Ronald Reagan Washington National Airport (DCA)*** Any size It is not under a Full Program DCA Access Program part 1562 DCA Access Standard Security Program (DASSP) No change Other operations** Any size Is not under any other required program but aircraft operator requests a security program Limited program § 1544.101(g) No standard program No change * These aircraft operators are considered air carriers or commercial operators. ** These aircraft operators are considered general aviation. *** May be air carriers, commercial operators, or general aviation operators.<br><br> **** A fter issuing the LASP final rule, TSA would develop and issue a standard security program to implement the LASP called the Larg e Aircraft Standard Security Program (LASSP). # Cites in this column are to 49 CFR. 20 21 An all-cargo aircraft operator that operates this type of service: ## In this size aircraft And Must have this program # Currently using this standard security program Would be using this standard security program under the NPRM All-cargo Greater than 45,500 kg, OR 61 or more passenger seats Operating under a FAA certificate issued under 14 CFR part 119 or 125 Full All-Cargo Program § 1544.101(h) Full All-Cargo Aircraft Operator Standard Security Program (FACAOSSP) No change All-cargo Over 12,500 lbs but not over 45,500 kg Twelve-Five Program in all- cargo operations § 1544.101(d) TFSSP in all-cargo operations LASSP with all- cargo component All-cargo under an FAA certificate issued under 14 CFR part 125 More than 45,500 kg FACAOSSP FACAOSSP + No change # Cites in this column are to 49 CFR.<br><br> ## All-cargo operations carry cargo and authorized persons, but no passengers. In developing the proposed rule, TSA analyzed the existing security programs to determine which security measures have been effective and would be appropriate for inclusion in the proposed LASP. The LASP would combine the essential elements of some of the current security programs into one consolidated and comprehensive program.<br><br> In this rulemaking, TSA is also proposing to reorganize certain existing regulations in 49 CFR part 1544. Specifically, TSA has clarified the meaning of the rule, simplified the text, and harmonized regulations between the different industry populations. This reorganization may affect the currently regulated population in addition to the proposed newly regulated population.<br><br> TSA is also proposing to reorganize certain sections in 49 CFR part 1544 to account for the proposed addition of the LASP. The reorganization would not make any substantive changes to the regulations. C.<br><br> Implementation and Compliance Schedule Based on industry data, TSA anticipates that this proposed rule would require approximately 10,000 aircraft operators and 315 airport operators, most of whom are not currently required to do so, to implement security programs. Due to the large number of aircraft operators and airport operators that would be required to implement security programs, TSA proposes using a phased approach in the implementation of the proposed rule. The proposed compliance schedule would allow for proper and adequate support and staffing within TSA and also would allow sufficient time for compliance on the part of the newly regulated aircraft operators and airport operators.<br><br> Following issuance of a final rule, TSA would implement a communication plan commencing with a wide distribution of press releases, web-site postings, and industry association briefings and meetings. These briefings and meetings would communicate, educate, and confirm which operators would be affected by the final rule, what actions the aircraft operators and airport operators would be required to take to comply with the rule, and the time period within which the aircraft operator and airport operators would be required to submit their applications and other supporting documents. At that time, TSA would provide the process, procedures, and necessary forms to the aircraft operators and airport operators to enable the operators to apply for the large aircraft program, or the airport partial program, via a secure web-board.<br><br> TSA 9s implementation schedule would divide the country into five areas, taking into account which areas of the country contain the largest affected populations of aircraft operators and airport operators. TSA anticipates six phases of compliance, targeting approximately 20 percent of the large aircraft operator and airport operators population that currently do not hold security programs in each of the first five phases. The sixth and final phase would include aircraft operators that currently hold a security program.<br><br> 17 The following timeline for compliance would start upon the effective date of the final rule, which would be 60 days after publication of the final rule in the Federal Register : Phase 1, Mid-Atlantic region 3months 1-4 after the effective date of the final rule. Phase 2, North-East region 3months 5-8 after the effective date of the final rule. Phase 3, Southern region 3months 9-12 after the effective date of the final rule.<br><br> Phase 4, Mid-West region 3months 13-16 after the effective date of the final rule. Phase 5, Western region 3months 17-20 after the effective date of the final rule. Phase 6, Existing security program holders 3months 21-24 after the effective date of the final rule.<br><br> 17 There are no airport operators that currently hold a partial program. 23 The phase in which a large aircraft operator would fall would be determined by where the aircraft is based. For large aircraft operators that have multiple bases for their aircraft, the phase would be determined by the location of the large aircraft operator 9s headquarters.<br><br> We seek comment on this phased approach and on determining which phase would be applicable to each large aircraft operator based on the location of the aircraft or headquarters. II. Major Elements in this NPRM A.<br><br> Major Requirements in the Proposed Large Aircraft Security Program To provide greater consistency across all large aircraft operations, the proposed regulation would create the Large Aircraft Standard Security Program (LASSP) to replace the current security programs for partial program operators, twelve-five program operators, and private charter program operators. The major requirements in this proposed rule are based on the requirements in the Twelve-Five and the Private Charter Security Programs. The proposed LASP provides a core security program for all large aircraft, irrespective of the FAA regulations under which they operate, whether they are air carriers, commercial operators, or GA.<br><br> Beyond the core requirements for large aircraft with a MTOW of over 12,500 pounds, the proposed LASP would include a component for large aircraft with a MTOW of over 45,500 kilograms operated for compensation or hire. The following is a summary of the major security measures in the proposed LASP. 1.<br><br> Proposed Core Requirements of the Large Aircraft Security Program in § 1544.103(e) In TSA 9s experience, the current Twelve-Five Security Program has proven to be effective in safeguarding the operations of scheduled and charter operations in aircraft 24 with MTOW of over 12,500 pounds without unduly burdening the aircraft operators. Accordingly, TSA would base the core requirements of the LASP on the Twelve-Five Security Program. The LASP, however, would include additional requirements that would strengthen the existing security measures.<br><br> Below is a discussion of the major requirements of the LASP. Security Threat Assessment with Criminal History Records Check for Flight Crew Members Under the current security programs that apply to large aircraft operators, TSA requires aircraft operators to ensure that their flight crew members have undergone a fingerprint-based criminal history records check (CHRC). TSA views this as an important security measure that should apply to flight crew members of all large aircraft.<br><br> Pilots are in control of the aircraft and other flight crew members are in the cockpit and could obtain control of the aircraft. Consequently, TSA proposes to require that large aircraft operators ensure that all of their flight crew members undergo a security threat assessment (STA) that includes a CHRC and other analyses, including checks of appropriate terrorist watch-lists and other databases. The list of disqualifying crimes of the CHRC would be the same as for the full and full all-cargo operations.<br><br> 49 CFR 1544.229 and 1544.230. After TSA adopted the Twelve-Five Security Program requirements, it became clear that most operators of that size were not well-prepared to conduct adjudication of the CHRCs. Accordingly, while the twelve-five operators have been ensuring that their flight crew members submit their fingerprints, TSA has been adjudicating the criminal histories; that is, TSA reviews the history to determine whether the flight crew member 25 has a disqualifying criminal offense.<br><br> TSA is proposing to codify that practice and to charge a fee for the services. See the section-by-section analysis for proposed part 1544, subpart G. TSA recognizes that a flight crew member may be contracted to work for more than one large aircraft operator.<br><br> We seek comment on whether the STA should be transferable so that the flight crew member would need to undergo only one STA every five years, regardless of the number of employers the flight crew members may have within the five-year period. Potential employers would check the status of the flight crew member 9s STA through a mechanism required by TSA. TSA also is considering ways to positively identify pilots conducting both domestic and international flight operations and effectively link them to the aircraft they are operating.<br><br> We seek comment and recommended methods for positively identifying pilots and effectively linking them to the aircraft they are operating. Watch-list Matching of Passengers The Federal Government maintains a terrorist watch-list. The watch-list, which includes the No Fly List and the Selectee List components of the Terrorist Screening Database maintained by the Terrorist Screening Center (TSC), is the basis for the pre- flight passenger watch-list matching currently conducted by certain aircraft operators.<br><br> Watch-list matching of passengers on large aircraft is an important security measure, because it can prevent individuals who are believed to pose a risk from boarding a large aircraft and, potentially, gaining control of the aircraft, to use it as a weapon. TSA studies have shown that significant loss of lives and other damage could result from such an incident. Matching passenger information against the No Fly List component of the 26 terrorist watch-list would identify individuals who, if permitted to board aircraft, may pose a threat to the aircraft and/or persons on board.<br><br> Matching passenger information against the Selectee List component of the terrorist watch-list also would identify individuals who may be potential threats and would allow TSA and/or the aircraft operators to take appropriate action, if necessary. Under the current watch-list matching process, TSA provides the No Fly and Selectee List to twelve-five, partial program, and private charter aircraft operators to enable them to conduct the watch-list matching. When an aircraft operator receives passenger information that is similar to, or the same as, a name on the No Fly or Selectee List, the aircraft operator is required to notify law enforcement personnel and TSA in order to determine whether that passenger is in fact the individual listed on the No Fly or Selectee List.<br><br> The aircraft operator may not board a passenger until TSA has instructed the aircraft operator that the passenger is clear to board the aircraft. a. Removing watch-list from aircraft operators .<br><br> Per Homeland Security Presidential Directive-16/National Security Presidential Directive-47, section 4012(a) of the Intelligence Reform and Terrorism Prevention Act, 18 and in support of 9/11 commission recommendations, the U.S. government is in the process of assuming control over watch-list matching in the aviation environment. TSA is concerned that providing the watch-list to approximately 10,000 large aircraft operators as part of the LASP program would increase the risk that the watch-list would be disseminated to unauthorized persons and that the watch-list would be misused and/or compromised.<br><br> Since it is not possible to bring the watch-list matching function into the federal government in one step, TSA is considering ways to provide this list to a more limited set 18 Pub. L. 108-458, 118 Stat.<br><br> 3638, Dec. 17, 2004; 49 U.S.C. 44903 (j)(2).<br><br> 27 of holders while TSA considers the most effective method to assume the watch-list matching responsibility from all aircraft operators required to conduct watch-list matching through the Secure Flight program. TSA recognizes that the Secure Flight program has not yet achieved the operational capability to conduct watch-list matching for general aviation, nor is such capability anticipated by the time TSA would require large general aviation and charter aircraft operators to implement the LASP. Therefore, TSA is proposing a solution for watch-list matching in this NPRM for the time period in which the Secure Flight program does not have the capability to conduct watch-list matching for large aircraft passengers.<br><br> If TSA is able to develop the capability for the Secure Flight program to conduct watch- list matching for large aircraft passengers, TSA may amend the scope of the Secure Flight program to include large aircraft operators in the final rule for this NPRM. 19 b. Watch-list Service Providers Under the proposed rule, TSA would not provide the No Fly List to large aircraft operators, which means that TSA would no longer provide the watch-list to the approximately 800 aircraft operators now receiving it under the twelve-five program, partial program and private charter operators and would not begin providing it to the additional approximately 9,300 general aviation operators that would be under the LASP.<br><br> Instead, TSA would provide the watch-list to watch-list service providers approved by TSA. Large aircraft operators would transmit their passenger information to these watch- list service providers, who would conduct the automated watch-list matching function and transmit the results back to the large aircraft operators. 19 For example, proposed § 1560.1(a) may be amended to include large aircraft operators.<br><br> See Secure Flight NPRM, 72 FR at 48387. 28 TSA is proposing this approach for two reasons. First, this would greatly reduce the number of entities receiving the watch-list, thus reducing the risk that it would be disseminated to unauthorized persons or misused.<br><br> Second, having a small number of watch-list service providers conduct watch-list matching in accordance with TSA standards would result in greater consistency in the application of the watch-list matching function. These watch-list service providers will have been determined to have appropriate security, including Information Technology (IT) security and performance capabilities, to perform this important function in the interim. TSA invites comments on the role that watch-list service providers may continue to have if the responsibility for watch-list matching shifts to the U.S.<br><br> Government in the future. For example, would watch-list service providers offer their services to consolidate passenger information from large aircraft operators and to transmit the passenger information to Secure Flight? While the watch-list service providers would perform the watch-list matching function, large aircraft operators would have several responsibilities under the proposed rule.<br><br> Large aircraft operators would be responsible for all costs associated with watch-list matching, including any fee charged by the watch-list service providers. c. Compliance with CBP programs .<br><br> Large aircraft operators would not be required to transmit passenger information to their watch-list service providers for any flight for which the large aircraft operator has submitted advance passenger information to U.S. Customs and Border Protection (CBP) under 19 CFR part 122. For passengers on flights in commercial aircraft, as defined in 19 CFR 122.1, the large aircraft operator are required to submit advance passenger information under 19 CFR 122.49a and 122.75a and comply with the CBP boarding instruction regarding each passenger.<br><br> 29 TSA notes that CBP published a notice of proposed rulemaking, cAdvance Information on Private Aircraft Arriving in and Departing from the United States, d proposing to implement certain passenger manifest and advance passenger screening requirements for private aircraft departing foreign ports for U.S. destinations or departing the United States for foreign ports. Under the CBP proposed rule, a private aircraft, in contrast to a commercial aircraft, 20 is generally any aircraft engaged in a personal or business flight to or from the United States that is not carrying passengers and/or cargo for commercial purposes.<br><br> 21 See 19 CFR 122.1(h). CBP 9s Advance Passenger Information System (APIS) requirements and proposed eAPIS requirements apply to both U.S.-operated and foreign-operated aircraft. To avoid process redundancies, DHS would require operators and pilots of private large aircraft that would be subject to this TSA proposed rule and CBP 9s eAPIS private aircraft regulations to submit their passenger manifest to CBP only and not to watch-list service providers.<br><br> TSA would deem U.S. operators of private large aircraft to be in compliance with the proposed rule 9s requirements to submit passenger information for watch-list matching for international flights if the pilot submits passenger information required under the proposed eAPIS regulations. See proposed 19 CFR 122.22.<br><br> The TSA and CBP screening processes work in tandem for flights departing foreign ports destined for the United States and flights departing the United States for foreign destinations. If CBP grants the pilot landing rights under 19 CFR 122.49a, 20 19 CFR 122.1(d) defines ccommercial aircraft d as any aircraft transporting passengers and/or cargo for some payment or other consideration, including money or services rendered. 21 19 CFR 122.1(h) also defines a private aircraft as any aircraft leaving the United States carrying neither passengers nor cargo in order to lade passengers and/or cargo in a foreign area for commercial purposes; or returning to the United States carrying neither passengers nor cargo in ballast after leaving with passengers and/or cargo for commercial purposes.<br><br> 30 122.75a, or 122.22, TSA would allow the large aircraft operator to permit all passengers, for whom the aircraft operator submitted advance passenger information to CBP, to board the aircraft. If CBP identifies a passenger as a selectee under 19 CFR 122.49a, 122.75a, or 122.22, TSA would allow the large aircraft operator to permit the passenger to board the aircraft, and TSA would require the large aircraft operator to comply with the procedures in its security program pertaining to passengers that are identified as selectees, as discussed in further detail below. If CBP identifies a passenger as cnot cleared d under 19 CFR 122.49a, 122.75a, or 122.22, TSA would not allow the large aircraft operator to permit the passenger to board the aircraft.<br><br> CBP would instruct the large aircraft operator to contact TSA regarding the passenger who has been identified as cnot cleared d for further resolution. d. Passenger information .<br><br> This proposed rule would require large aircraft operators to request full name, gender, date of birth, and redress number 22 (if available) from all passengers. TSA has determined that an individual 9s full name, gender, and date of birth are critically important for effective automated watch-list matching of that individual against those individuals on the watch-list. 23 The full name is the primary attribute used to conduct watch-list matching and would be required for all passengers.<br><br> Partial names would increase the likelihood of false positive matches, because partial names are more likely to match a number of different entries on the watch-list. As a result, this proposed rule would require individuals to provide their full names and would prohibit aircraft operators from boarding a passenger who does not provide a full name. Date of birth and gender would be optional for the passenger.<br><br> This proposed requirement 22 The redress number is the number assigned by DHS to an individual processed through the redress procedures described in 49 CFR part 1560, subpart C, as proposed in the Secure Flight NPRM. 23 See Secure Flight NPRM, 72 FR at 48364. 31 on passengers to provide the full name is consistent with TSA 9s proposal in the Secure Flight NPRM.<br><br> In the Secure Flight NPRM, TSA proposes to require passengers on commercial flights operated by full program operators and foreign air carriers to provide their full name when they make a reservation for a flight. See proposed § 1540.107(b) in the Secure Flight NPRM, 72 FR at 48386. Many names do not indicate gender, because they can be used by either gender.<br><br> Additionally, names not derived from the Latin alphabet, when transliterated into English, often do not denote gender. Providing information on gender will reduce the number of false positive watch-list matches, because the information will distinguish persons who have the same or similar names but who are of a different gender. The date of birth is also helpful in distinguishing a passenger from an individual on a watch-list with the same or similar name, thereby reducing the number of false positive watch-list matches.<br><br> This proposed rule would also require aircraft operators to request an individual 9s redress number, if available. DHS will assign this unique number to individuals who use the DHS Traveler Redress Inquiry Program (DHS TRIP), because they believe they have been incorrectly delayed or denied boarding. Individuals may be less likely to be delayed by false positive matches to the watch-list if they provide their redress number, if available.<br><br> Under the proposed rule, individuals would not be compelled to provide their gender, date of birth, or redress number when requested by the aircraft operators. However, without this information, the watch-list service provider may be unable to perform effective automated watch-list matching and, as a result, the individuals may be 32 more likely to be denied boarding, or under certain circumstances, be subject to additional screening. TSA is considering whether to require all individuals to provide their gender and date of birth to assist in the watch-list matching and resolution process.<br><br> The proposed rule would require large aircraft operators to transmit to the watch- list service provider the passengers 9 full names and also transmit the passengers 9 genders, dates of birth, and redress numbers, to the extent they are available. In addition, the proposed rule would require large aircraft operators to transmit certain information from an individual 9s passport (full name, passport number, country of issuance, expiration date, gender, and date of birth), if it is available and was provided to the aircraft operator. Based on TSA 9s experience in conducting security threat assessments that include watch- list matching, TSA has determined that passport information would help resolve possible false positive matches and make the watch-list matching process more accurate.<br><br> TSA is not proposing a minimum time in advance of the flight that large aircraft operators would be required to submit passenger information to the watch-list service provider. TSA anticipates that the large aircraft operators would work with their service providers to establish a minimum time that the service provider would need to complete watch-list matching in advance of a flight. Nevertheless, TSA seeks comment on whether it should establish a minimum time for submission of passenger information to the service providers, what that minimum time should be, and the reasons supporting the suggested minimum time.<br><br> Upon submission of the passenger information by the aircraft operator to the watch-list service provider, the service provider would conduct the automated vetting of the passenger information provided against the watch-list which is 33 comprised of the No Fly and Selectee List components of the Terrorist Screening Database. The watch-list service provider would inform the aircraft operator of the results of the watch-list matching by transmitting instructions to the large aircraft operator for each passenger. The large aircraft operator would not be able to permit a passenger aboard an aircraft until the large aircraft operator receives the instructions from the watch-list service provider that would allow the aircraft operator to board the passenger.<br><br> The large aircraft operator would be required to comply with the instructions. Upon submission of the passenger information by the aircraft operator to the watch-list service provider, the service provider would conduct the automated comparison using the passenger information provided. If an automated comparison indicates that the passenger is not a match to the watch-list, the service provider would instruct the aircraft operator that the passenger is cleared to board the aircraft.<br><br> If the automated comparison using the passenger information identifies a potential match to the watch-list, the watch-list service provider would contact TSA for resolution of the potential match. TSA would coordinate with the TSC for resolution if necessary and would provide further instructions concerning the passenger to the service provider. If TSA cannot determine from the information provided by the watch-list service provider whether the individual is a match to the watch-list, it may be necessary for the passenger to provide additional information to resolve the possible match.<br><br> In these instances, TSA would inform the watch-list service provider to instruct the large aircraft operator to contact TSA directly to resolve 34 the possible match between the passenger and the watch-list record, and TSA would provide final instructions concerning the possible match and the passenger 9s status to the large aircraft operator. e. Aircraft operator procedures .<br><br> TSA believes that it is important for large aircraft operators and their pilots, as the in-flight security coordinators, to know whether a passenger is identified as a selectee so they can make appropriate security decisions. If the passenger is identified as a selectee, TSA would allow the large aircraft operator to permit the passenger to board the aircraft. However, TSA would require the aircraft operator to comply with the procedures described in its security program pertaining to passengers identified as selectees.<br><br> Although TSA would not require large aircraft operators to conduct screening of selectees and their accessible property on a normal basis, if warranted by security considerations, TSA may require some or all large aircraft operators to screen selectees and their accessible property. In this circumstance, TSA would coordinate with the large aircraft operators on the appropriate screening protocols. If the watch-list service provider instructs the large aircraft operator that a passenger must be denied boarding, the large aircraft operator would not be able to permit the passenger to board unless explicitly authorized by TSA.<br><br> Additionally, if the aircraft operator becomes aware that any data element in the passenger information has changed, the large aircraft operator would be required to transmit to the watch-list service provider updated passenger information, which includes the full name, and if available, gender, date of birth, redress number, and passport information. If the large aircraft operator sends updated passenger information to the watch-list service provider for a passenger for whom the service provider has already 35 transmitted instruction, the large aircraft operator would not be able to permit the passenger on board until the large aircraft operator receives updated instructions from the watch-list service provider. Any previous instruction regarding the passenger would be void; the large aircraft operator would be required to comply with any updated instruction from the service provider.<br><br> f. Master passenger list . TSA recognizes that many large aircraft operators carry the same passengers on most or all of their flights and that it would be burdensome for the large aircraft operators to send the required information for the same individuals on each flight.<br><br> Consequently, the proposed rule includes a provision for a master passenger list. Under this optional proposed provision, individuals on a master passenger list would be subject to continuous vetting of their names against the watch-list. 24 TSA would not require large aircraft operators to transmit information on these passengers every time they are on a flight operated by the large aircraft operator.<br><br> This master list would be applied for domestic flights only; CBP would require aircraft operators and their pilots to transmit advance passenger information to CBP for international flights departing from or arriving in the United States under CBP 9s eAPIS NPRM, and passengers would need to present their passports pursuant to CBP regulations. Prior to collecting passenger information from an individual to place that individual on a master passenger list, the large aircraft operator would be required to inform the individual that he or she would have the option of being placed on the master passenger list, to provide the individual with notice of the purpose and procedures related to a master passenger list, and to obtain from the individual a signed, written statement 24 The proposed rule would define ccontinuous vetting d as the process in which the passenger 9s information is continuously matched against the most current watch-list. 36 affirmatively requesting that he or she be placed on a master passenger list.<br><br> These requirements would ensure that individuals would be informed that their inclusion in a master passenger list would be voluntary and contingent upon their providing written consent and that a watch-list service provider would continuously maintain their passenger information and compare the information against the watch-list. In order to place an individual on the master passenger list, the large aircraft operator would be required to comply with the following: (1) request and obtain the full name, gender, date of birth, redress number, and passport information of the individual; (2) transmit the passenger information and any updated passenger information to a watch- list service provider and designate the individual for continuous vetting; (3) ensure that the watch-list service provider is responsible for continuous vetting for that individual at the time the individual boards an aircraft; (4) receive an instruction that the individual is cleared in response to the initial transmission of passenger information or transmission of updated passenger information; and (5) receive any instruction to prohibit the individual from boarding an aircraft. g.<br><br> Aircraft operators under a full program . Under 49 CFR 1544.101(a), TSA requires full program aircraft operators to conduct watch-list matching of their passengers under their security program. Some of the full program aircraft operators also operate flights under the other security programs in 49 CFR 1544.101.<br><br> Many of these aircraft operators use the same system or process to conduct watch-list matching for their flights operated under their full security program, as well as flights operated under their other security programs. Under the proposed rule, TSA would require full program aircraft operators to transmit the passenger information for passengers on their flights operated 37 under the LASP to watch-list service providers approved by TSA to conduct the watch- list matching on their behalf. TSA requests comment on whether full program aircraft operators should be permitted to conduct watch-list matching for passengers on flights operated under their LASP using the system or process that they use for flights operated under their full security program, including TSA 9s Secure Flight Program when it is available.<br><br> h. Privacy notice and data retention . TSA would only receive passenger information if the watch-list service provider 9s automated vetting system identifies an individual as a potential match to the watch-list; this is much like the current practice where aircraft operators conduct watch-list matching pursuant to their security programs.<br><br> TSA is considering requiring aircraft operators to provide a privacy notice to passengers in the LASP. Most LASP aircraft operators do not have a reservation system and are on- demand operations, such as charter, corporate, fractional, and recreational (friends and family) operations. LASP aircraft operators<br><br>

less