Part II

[Federal Register: January 25, 2007 (Volume 72, Number 16)]

[Rules and Regulations]

[Page 3491-3604]

From the Federal Register Online via GPO Access [wais.access.gpo.gov]

[DOCID:fr25ja07-13]

[[Page 3491]]

Part II

Department of Homeland Security

Coast Guard

33 CFR Parts 1, 20 et al. and 46 CFR Parts 1, 4 et al.

Transportation Security Administration

49 CFR Parts 10, 12, and 15

Transportation Worker Identification Credential (TWIC) Implementation in the Maritime Sector; Final Rule

Consolidation of Merchant Mariner Qualification Credentials; Proposed Rule

[[Page 3492]]

DEPARTMENT OF HOMELAND SECURITY

Coast Guard

33 CFR Parts 101, 103, 104, 105, 106, 125 and 46 CFR Parts 10, 12, 15 Transportation Security Administration 49 CFR Parts 1515, 1540, 1570, 1572 [Docket Nos. TSA-2006-24191; Coast Guard-2006-24196; TSA Amendment Nos. 1515-(New), 1540-8, 1570-2, 1572-7]

RIN 1652-AA41

Transportation Worker Identification Credential (TWIC) Implementation in the Maritime Sector; Hazardous Materials Endorsement for a Commercial Driver's License

AGENCY: Transportation Security Administration; United States Coast Guard, DHS.

ACTION: Final rule; request for comments.

SUMMARY: The Department of Homeland Security (DHS), through the Transportation Security Administration (TSA) and the United States Coast Guard (Coast Guard), issues this final rule to further secure our Nation's ports and modes of transportation. This rule implements the Maritime Transportation Security Act of 2002 and the Security and Accountability for Every Port Act of 2006. Those statutes establish requirements regarding the promulgation of regulations that require credentialed merchant mariners and workers with unescorted access to secure areas of vessels and facilities to undergo a security threat assessment and receive a biometric credential, known as a Transportation Worker Identification Credential (TWIC). After DHS publishes a notice announcing the compliance date for each Captain of the Port (COTP) zone, persons without TWICs will not be granted unescorted access to secure areas at affected maritime facilities. Those seeking unescorted access to secure areas aboard affected vessels, and all Coast Guard credentialed merchant mariners must possess a TWIC by September 25, 2008. This final rule will enhance the security of ports by requiring such security threat assessments of persons in secure areas and by improving access control measures to prevent those who may pose a security threat from gaining unescorted access to secure areas of ports.

With this final rule, the Coast Guard amends its regulations on vessel and facility security to require the use of the TWIC as an access control measure. The Coast Guard also amends its merchant mariner regulations to incorporate the requirement to obtain a TWIC. This final rule does not include the card reader requirements for owners and operators set forth in the Notice of Proposed Rulemaking (NPRM) issued in this matter on May 22, 2006. Such requirements will be addressed in a future rulemaking. Although the card reader requirements are not being implemented at this time, the Coast Guard will institute periodic unannounced checks to confirm the identity of the holder of the TWIC.

With this final rule, TSA applies its security threat assessment standards that currently apply to commercial drivers authorized to transport hazardous materials in commerce to merchant mariners and workers who require unescorted access to secure areas on vessels and at maritime facilities. This final rule amends TSA regulations in a number of ways. To minimize redundant background checks of workers, TSA amends the threat assessment standards to include a process by which TSA determines if a security threat assessment conducted by another governmental agency or by TSA for another program is comparable to the standards in this rule. TSA amends the qualification standards by changing the list of crimes that disqualify an individual from holding a TWIC or a hazardous materials endorsement.

TSA expands the appeal and waiver provisions to apply to TWIC applicants and air cargo employees who undergo a security threat assessment. These modifications include a process for the review of adverse waiver decisions and certain disqualification cases by an administrative law judge (ALJ). TSA also extends the time period in which applicants may apply for an appeal or waiver.

Finally, this rule establishes the user fee for the TWIC and invites comment on one component of the fee, the card replacement fee.

Under this rule, TSA will begin issuing first generation TWIC cards at initial port deployment locations. These TWIC cards will not initially support contactless biometric operations, but the TWIC cards will be functional with certain existing access control systems in use at ports today.

TSA and the Coast Guard have established a working group, comprised of members of the maritime and technology industries, through the National Maritime Security Advisory Committee (NMSAC), a federal advisory committee to the Coast Guard. This working group, in consultation with the National Institute for Standards and Technology (NIST), is tasked with recommending the contactless biometric software specification for TWIC cards.

TSA will publish a notice detailing the draft contactless biometric software specification for TWIC cards no later than the date by which it publishes the final TWIC fee as required by this Rule. Currently those notices are expected to be published in February 2007. TSA will subsequently publish a final specification for TWIC contactless biometric software functionality and the associated specifications for TWIC card readers. TSA plans also to write electronically the contactless biometric software application to all issued TWIC cards after publication of this specification. After initial field testing, this additional contactless biometric function will be included with all TWIC cards produced after publication of the contactless biometric software specification.

Although this rule goes into effect on March 26, 2007, the requirements to hold a TWIC, and to restrict access to secure areas of a facility or OCS facility, will be effective only after the regulated party is notified by DHS. These notifications will be published in the Federal Register and will require compliance on a COTP by COTP basis. Those seeking unescorted access to secure areas aboard affected vessels, and all Coast Guard credentialed merchant mariners must possess a TWIC by September 25, 2008.

DATES: Effective Date: This rule is effective March 26, 2007.

Comment Date: Comments with respect to the Card Replacement Fee must be submitted by February 26, 2007.

ADDRESSES: Comments and material received from the public, as well as documents mentioned in this preamble as being available in the docket, are part of dockets TSA-2006-24191 and Coast Guard-2006-24196 and are available for inspection or copying at the Docket Management Facility, U.S. Department of Transportation, room PL-401, 400 Seventh Street SW., Washington, DC, between 9 a.m. and 5 p.m., Monday through Friday, except Federal holidays. You may also find this docket on the Internet at http://dms.dot.gov.

You may submit comments identified by docket number TSA-2006-24191 to the Docket Management Facility at the U.S. Department of Transportation. To avoid duplication, please use only one of the following methods:

(1) Web Site: http://dms.dot.gov.

(2) Mail: Docket Management Facility, U.S. Department of Transportation, 400

[[Page 3493]]

Seventh Street SW., Room PL-401, Washington, DC 20590-0001.

(3) Fax: 202-493-2251.

(4) Delivery: Room PL-401 on the Plaza level of the Nassif Building, 400 Seventh Street SW., Washington, DC, between 9 a.m. and 5 p.m., Monday through Friday, except Federal holidays. The telephone number is 202-366-9329.

(5) Federal eRulemaking Portal: http://www.regulations.gov.

See SUPPLEMENTARY INFORMATION for format and other information about comment submissions.

FOR FURTHER INFORMATION CONTACT: For questions related to TSA's standards: Greg Fisher, Transportation Security Administration, TSA-19, 601 South 12th Street, Arlington, VA 22202-4220, TWIC Program, (571) 227-4545; e-mail: credentialing@dhs.gov.

For legal questions: Christine Beyer, TSA-2, Transportation Security Administration, 601 South 12th Street, Arlington, VA 22202- 4220; telephone (571) 227-2657; facsimile (571) 227-1380; e-mail Christine.Beyer@dhs.gov.

For questions concerning the Coast Guard provisions of the TWIC rule: LCDR Jonathan Maiorine, Commandant (G-PCP-2), United States Coast Guard, 2100 Second Street, SW., Washington, DC 20593; telephone 1-877- 687-2243.

For questions concerning viewing or submitting material to the docket: Renee V. Wright, Program Manager, Docket Management System, U.S. Department of Transportation, Room Plaza 401, 400 Seventh Street, SW., Washington, DC 20590-0001; telephone (202) 493-0402.

SUPPLEMENTARY INFORMATION:

Comments Invited

TSA invites comment on one provision of the rule, the Card Replacement Fee, as discussed in section I under Fees and section VI of this preamble. See ADDRESSES above for information on where to submit comments. With each comment, please include your name and address, identify the docket number at the beginning of your comments, and give the reason for each comment. Please explain the reason for any recommended change and include supporting data. You may submit comments and material electronically, in person, by mail, or fax as provided under ADDRESSES, but please submit your comments and material by only one means. If you submit comments by mail or delivery, submit them in an unbound format, no larger than 8.5 by 11 inches, suitable for copying and electronic filing.

If you want TSA to acknowledge receipt of comments submitted by mail, include with your comments a self-addressed, stamped postcard on which the docket number appears. We will stamp the date on the postcard and mail it to you.

TSA will file in the public docket all comments received by TSA, except for comments containing confidential information and sensitive security information (SSI)\1\, TSA will consider all comments received on or before the closing date for comments and will consider comments filed late to the extent practicable. The docket is available for public inspection before and after the comment closing date.

\1\ ``Sensitive Security Information'' or ``SSI'' is information obtained or developed in the conduct of security activities, the disclsoure of which would constitute an unwarranted invasion of privacy, reveal trade secrets or privileged or confidential information, or be detrimental to the security of transportation. The protection of SSI is governed by 49 CFR part 1520.

Handling of Confidential or Proprietary Information and Sensitive Security Information (SSI) Submitted in Public Comments

Do not submit comments that include trade secrets, confidential commercial or financial information, or SSI to the public regulatory docket. Please submit such comments separately from other comments on the rulemaking. Comments containing this type of information should be appropriately marked as containing such information and submitted by mail to the address listed in the FOR FURTHER INFORMATION CONTACT section. Upon receipt of such comments, TSA will not place the comments in the public docket and will handle them in accordance with applicable safeguards and restrictions on access. TSA will hold them in a separate file to which the public does not have access, and place a note in the public docket that TSA has received such materials from the commenter. If TSA receives a request to examine or copy this information, TSA will treat it as any other request under the Freedom of Information Act (FOIA) (5 U.S.C. 552) and the Department of Homeland Security's (DHS's) FOIA regulation found in 6 CFR part 5.

Reviewing Comments in the Docket

Please be aware that anyone is able to search the electronic form of all comments received into any of our dockets by the name of the individual submitting the comment (or signing the comment, if submitted on behalf of an association, business, labor union, etc.). You may review the applicable Privacy Act Statement published in the Federal Register on April 11, 2000 (65 FR 19477), or you may visit http://dms.dot.gov .

You may review the comments in the public docket by visiting the Dockets Office between 9 a.m. and 5 p.m., Monday through Friday, except Federal holidays. The Dockets Office is located on the plaza level of the Nassif Building at the Department of Transportation address, previously provided under ADDRESSES. Also, you may review public dockets on the Internet at http://dms.dot.gov.

Availability of Rulemaking Document

You can get an electronic copy of this document as well as other documents associated with this rulemaking on the Internet by--

(1) Searching the Department of Transportation's electronic Docket Management System (DMS) web page (http://dms.dot.gov/search); (2) Accessing the Government Printing Office's web page at http://

http://www.gpoaccess.gov/fr/index.html; or

(3) Visiting TSA's Security Regulations web page at http://www.tsa.gov and accessing the link for ``Research Center'' at the top

of the page.

Abbreviations and Terms Used in This Document

ALJ--Administrative Law Judge AMS--Area Maritime Security ASP--Alternative Security Program CBP--Bureau of Customs and Border Protection CDC--Certain Dangerous Cargo CDL--Commercial drivers license CDLIS--Commercial drivers license information system CHRC--Criminal history records check CJIS--Criminal Justice Information Services Division COR--Certificate of Registry COTP--Captain of the Port DHS--Department of Homeland Security DOJ--Department of Justice DOT--Department of Transportation FBI--Federal Bureau of Investigation FMCSA--Federal Motor Carrier Safety Administration FMSC--Federal Maritime Security Coordinator FSP--Facility Security Plan HME--Hazardous materials endorsement HSA--Homeland Security Act HSPD 12--Homeland Security Presidential Directive 12 MARSEC--Maritime Security MMD--Merchant Mariner's Document MSC--Marine Safety Center MTSA--Maritime Transportation Security Act NIST--National Institute of Standards and Technology

[[Page 3494]]

NPRM--Notice of Proposed Rulemaking NVIC--Navigation and Vessel Inspection Circular OCS--Outer Continental Shelf REC--Regional Examination Center SAFETEA-LU--Safe, Accountable, Flexible, Efficient Transportation Equity Act--A Legacy for Users STCW--International Convention on Standards of Training, Certification, and Watchkeeping for Seafarers, 1978, as amended TSA--Transportation Security Administration TPS--Temporary Protected Status TWIC--Transportation Worker Identification Credential VSP--Vessel Security Plan

Table of Contents

I. Background II. Final Rule

1. Coast Guard Provisions

2. TSA Provisions

3. Changes From NPRM

4. Anticipated Future Notices and Rulemaking

5. Summary of TWIC Process under the Final Rule

6. SAFE Port Act of 2006 III. Discussion of Comments

1. Requests for Extension of Comment Period and Additional Public Meetings

2. Coast Guard Provisions

   1. Definitions

   2. General Comments on Applicability

   3. Coast Guard Roles

   4. Owner/operator Requirements

   5. Requirements for Security Officers and Personnel

   6. Recordkeeping/Tracking Persons on Vessels/Security Incident Procedures

   7. Reader Requirements/Biometric Verification/TWIC Validation Procedures

   8. Access Control Issues

   9. TWIC Addendum

   10. Compliance Dates

   11. General Compliance Issues

   12. Additional Requirements--Cruise Ships

   13. Additional Requirements--Cruise Ship Terminals

   14. Additional Requirements--CDC Facilities

   15. Additional Requirements--Barge Fleeting Facilities

   16. Miscellaneous

3. TSA Provisions

   1. Technology Concerns

   2. Enrollment Issues

   3. Appeal and Waiver Issues

   4. TSA Inspection

   5. Security Threat Assessment

   6. Immigration Status

   7. Mental Incapacity

   8. TWIC Expiration and Renewal Periods

   9. Fees for TWIC

   10. Implementing TWIC in Other Modes

4. Comments Relating to Economic Issues

5. Comments Beyond the Scope of the Rule IV. Advisory Committee Recommendations and Responses V. Rulemaking Analyses and Notices

1. Regulatory Planning and Review (Executive Order 12866)

2. Small Entities

3. Assistance for Small Entities

4. Collection of Information

5. Federalism (Executive Order 13132)

6. Unfunded Mandates Reform Act

7. Taking of Private Property

8. Civil Justice Reform

   I. Protection of Children

10. Indian Tribal Governments

11. Energy Effects

    L. Technical Standards

13. Environment VI. Solicitation of Comments

    I. Background

    The Department of Homeland Security (DHS), through the United States Coast Guard (Coast Guard) and the Transportation Security Administration (TSA), issues this final rule pursuant to the Maritime Transportation Security Act (MTSA), Pub. L. 107-295, 116 Stat. 2064 (November 25, 2002), and the Security and Accountability for Every Port Act of 2006 (SAFE Port Act), Pub. L. 109-347 (October 13, 2006). Section 102 of MTSA (46 U.S.C. 70105) requires DHS to issue regulations to prevent individuals from entering secure areas of vessels or MTSA- regulated port facilities unless such individuals hold transportation security cards issued under section 102 and are authorized to be in the secure areas. An individual who does not hold the required transportation security card, but who is otherwise authorized to be in the secure area in accordance with the facility's security plan, must be accompanied by another individual who holds a transportation security card. MTSA also requires all credentialed merchant mariners to hold these transportation security cards, and requires DHS to establish a waiver and appeals process for persons found to be ineligible for the required transportation security card. The SAFE Port Act contained amendments to the basic MTSA requirements for credentialing (concurrent processing, fees, card readers, program roll out, testing and timelines) as well as added new requirements (disqualifying crimes, new hire provisions and discretion as to who may obtain a TWIC). The substance of the SAFE Port Act is discussed in greater detail later in this document.

    On May 22, 2006, TSA and the Coast Guard issued a joint notice of proposed rulemaking (71 FR 29396), setting forth the proposed requirements and processes required under sec. 102 of MTSA (TWIC NPRM) for implementation of the TWIC program in the maritime sector. The NPRM proposed changes to three titles of TSA and Coast Guard regulations (33 CFR, 46 CFR, and 49 CFR). The Department intends for these combined changes to increase port security by requiring all credentialed mariners and all persons who require unescorted access to a regulated facility or vessel to have undergone a security threat assessment by TSA and obtain a TWIC.\2\ The proposed security threat assessment included a review of criminal, immigration, and pertinent intelligence records. TSA also proposed a process for individuals denied TWICs to appeal adverse determinations or apply for waivers of the standards.

    \2\ Additional information on the statutory and regulatory history of this rule can be found in the NPRM at 71 FR 29396 (May 22, 2006).

    Prior to the publication of the TWIC NPRM, the Coast Guard published a Notice in the Federal Register informing the public that the Commandant of the Coast Guard, pursuant to his authority under 50 U.S.C. 191 and 33 CFR part 125, was exercising his authority to require identification credentials for persons seeking access to waterfront facilities and to port and harbor areas, including vessels and harbor craft in such areas. 71 FR 25066 (April 28, 2006). This action has served as an interim measure to improve security at our nation's ports by verifying maritime workers' identities, validating their background information, and accounting for access for authorized personnel to transportation facilities, vessels and activities. Id.

    The May 22, 2006 TWIC NPRM provided the draft regulatory text for review and solicited public comments for 45 days. TSA and the Coast Guard also held four public meetings throughout the country to solicit public comments. Those meetings were held on May 31, 2006 in Newark, New Jersey; on June 1, 2006 in Tampa, Florida; on June 6, 2006 in St. Louis, Missouri; and on June 7, 2006 in Long Beach, California. Approximately 1200 people attended these meetings. The public can view transcripts of the four public meetings on the public docket for this rulemaking action at http://www.regulations.gov. DHS also received

    approximately 1770 written comments on the TWIC NPRM. Those comments also can be accessed through the public docket for this action. TSA and the Coast Guard respond to the comments received in the ``Discussion of Comments'' section, below.

    Many commenters requested an extension of the comment period and additional public meetings. As explained more fully in the ``Discussion of Comments'' section below, DHS has decided not to delay implementation of the TWIC program by extending the

    [[Page 3495]]

    comment period or providing additional public meetings because it is imperative to begin implementation of the TWIC requirements, and accompanying security threat assessments, as soon as possible to improve the security of our Nation's vessels and port facilities. TSA and Coast Guard, however, have not promulgated in this final rule the proposed requirements on owners and operators relating to biometric readers. The Department will address those proposed requirements, which generated the majority of the comments received on the NPRM, in a separate rulemaking action. Interested parties will have the opportunity to comment on those provisions during that rulemaking action. Although the card reader requirements are not being implemented under this final rule, Coast Guard personnel will periodically, and without advance notice, use handheld readers to check the biometric information contained in the card to confirm the identity of the holder of the TWIC.

    On May 22, 2006, the Coast Guard also published a related proposed rule, ``Consolidation of Merchant Mariner Qualification Credentials,'' at 71 FR 29462 (MMC NPRM), proposing the consolidation of Coast Guard- issued merchant mariner's document (MMD), merchant mariner's license (license), certificate of registry (COR) and International Convention on Standards of Training, Certification, and Watchkeeping for Seafarers (STCW) certificate into a single credential called the merchant mariner credential (MMC). The MMC NPRM proposed to streamline the application process, and reduce the administrative burden for the public and the Federal Government. The public meetings held on the TWIC NPRM also included time for the Coast Guard to receive comments on the MMC NPRM. In a separate rulemaking action published elsewhere in this edition of the Federal Register, the Coast Guard has provided a Supplemental Notice of Proposed Rulemaking (SNPRM) also entitled ``Consolidation of Merchant Mariner Qualification Credentials.'' The purpose of the SNPRM is to address comments received from the public on the MMC NPRM, revise the proposed rule based on those comments, and provide the public with an additional opportunity to comment on the revised rulemaking. If it becomes final, the MMC rulemaking is not expected to go into effect until the initial TWIC roll out is complete. This time lapse will not cause a detrimental effect on security, as all credentialed mariners will still need to comply with the TWIC requirements and compliance deadlines set forth in this final rule.

    II. Final Rule

    Under this final rule, DHS, through the Coast Guard and TSA, requires all credentialed merchant mariners and individuals with unescorted access to secure areas of a regulated facility or vessel to obtain a Transportation Worker Identification Credential (TWIC).

1. Coast Guard Provisions

   Owners/operators of MTSA-regulated vessels, facilities, and Outer Continental Shelf (OCS) facilities will need to change their existing access control procedures to ensure that merchant mariners and any other individual seeking unescorted access to a secure area of their vessel or facility has a TWIC.

2. TSA Provisions

   Workers must provide biographic and biometric information to apply for a TWIC and pay a fee of $107-$159 to cover all costs associated with the TWIC program. A TWIC applicant must complete a TSA security threat assessment and will be disqualified from obtaining a TWIC if he or she has been convicted or incarcerated for certain crimes within prescribed time periods, lacks legal presence and/or authorization to work in the United States, has a connection to terrorist activity, or has been determined to lack mental capacity.

   All applicants have the opportunity to appeal a disqualification, and may apply to TSA for a waiver if disqualified for certain crimes or mental incapacity, or are aliens in Temporary Protected Status (TPS). Applicants who seek a waiver and are denied may seek review by an administrative law judge (ALJ). In addition, applicants who are disqualified under Sec. 1572.107 may seek ALJ review of the disqualification.

   A security threat assessment is valid for five years. Therefore, in most cases, a TWIC is valid for five years unless a disqualifying event occurs. If an applicant obtains a TWIC based on a comparable threat assessment under Sec. 1572.5(e), the TWIC will expire five years from the date on the credential associated with the comparable threat assessment. To renew a TWIC, the renewal applicant must provide new biographic and biometric information, complete a new threat assessment, and pay the fee to renew the credential.

3. Changes From NPRM

   Each of the changes made from the NPRM to the final rule is summarized in Table 1 and discussed in detail following the table.

   Table 1.--Summary of Significant Changes Between May 22, 2006 NPRM and This Final rule

   Topic

   NPRM

   Final rule

   Access control............... Visual identity Visual identity badge; badge and

   Coast Guard will reader (with conduct periodic checks biometric

   of biometric and verification validity (second rule and validity for reader check at

   requirements). facility/ vessel based on MARSEC level). Escorted access.............. Definition only Definition modified to clarify that in restricted areas (33 CFR 101.105), ``escort'' means a side- by-side escort; outside restricted areas, ``escort'' may consist of monitoring. New hires.................... Not granted Permitted to have unescorted limited access for 30 access to

   consecutive days if secure areas accompanied by TWIC- until

   holder and additional successful requirements are met. completion of security threat assessment and card issuance. Passenger access area........ Defined only Passenger access area for certain remains and employee vessels

   access area for certain (passenger, vessels added (employee ferries,

   access areas do not cruise ships). apply to cruise ships). TWIC Addendum and

   Included....... Excluded. recordkeeping requirements. Secure area.................. Definition only Clarified definition's meaning in preamble, and revised part 105 to allow part 105 facilities to submit FSP amendment to change access control area.

   [[Page 3496]]

   Lost/Stolen/Damaged cards.... Access

   Specific requirements procedures included in regulation. defined in TWIC Addendum. AMS Committee members........ Need TWIC...... Need name-based check or a TWIC. Vessels in foreign waters.... No special Changed secure area provisions. definition to state that at certain specified times, U.S. vessels may not have any secure areas. Emergency responders......... Not

   Not required to obtain a specifically TWIC for emergency addressed. response. Voluntary compliance......... Offered........ Not offered. Compliance dates............. 12-18 months Phased for facilities by after final each COTP zone. All rule.

   mariners and vessels 20 months after the publication date of this final rule. Disqualifying crimes......... Same as those Amended; new list will used for HME. apply for both TWIC and HME. Administrative law judge Not included... May be used for waiver (ALJ) review.

   denials and disqualifications under Sec. 1572.107. Immigration standards........ Limited ability Expanded to cover for non-U.S. foreign maritime citizens to students, and certain obtain TWICs. professionals and specialists on restricted visas; permitting aliens in TPS to apply for a waiver. Mental incapacity............ Could only be Waiver broadened to waived by

   allow for ``case-by- showing court case'' determinations. order or letter from institution. Fee.......................... $95-$149; card $107-$159; card replacement replacement fee $36, fee $36.

   but requesting comment on increasing this fee to $60.

   1. Changes From Coast Guard's Proposed Rule

   Coast Guard is changing several sections of the proposed rule as a result of comments received and additional analysis. These changes include: (1) Changing the access control procedures to be used with TWICs by removing the reader requirements; (2) revising and clarifying the definition of the term ``escorting;'' (3) adding provisions allowing for access for individuals who are new hires and who have applied for, but not yet received, a TWIC; (4) adding a provision to allow for limited, continued unescorted access for those individuals who report their TWIC as lost, damaged, or stolen; (5) adding a provision to create ``employee access areas'' aboard passenger vessels and ferries; (6) removing the proposed requirement to submit a TWIC Addendum and keep additional records regarding who has been granted access privileges; (7) adding a provision to allow certain facilities to designate smaller portions of their property as their secure area via an amendment to their facility security plan; (8) removing the proposed requirement for all AMS Committee members to hold a TWIC; (9) changing the definition of secure area to state that, at certain times, U.S. vessels may not have any secure areas; (10) adding a provision to allow emergency responders to have unescorted access without a TWIC during emergency situations; (11) removing the provision allowing for voluntary compliance for those vessels and facilities not otherwise required to implement the TWIC requirements; and (12) revising the compliance dates for owners/operators of vessels and facilities. (a). Reader Requirements

   After reviewing the comments (which are summarized below), we determined that implementing the reader requirements as envisioned in the NPRM would not be prudent at this time. As such, we have removed the reader requirements from the final rule, and will be issuing a subsequent NPRM to address these requirements. That NPRM will address many of the comments and concerns regarding technology that were raised in the below-summarized comments. We will, however, continue to require the use of the TWIC. As stated in the NPRM, there are considerable security benefits to be gained from a TWIC, even in the absence of reader usage. The TWIC provides greater reliability than existing visual identity badge systems because it presents a uniform appearance with embedded features on the face of the credential that make it difficult to forge or alter. When presented with a TWIC, security personnel familiar with its security features are immediately able to notice any absence or destruction of these features, making it less likely that an individual will be able to gain unescorted access to secure areas using a forged or altered TWIC. Additionally, the Coast Guard will conduct unannounced checks of the cards while visiting facilities and vessels. The Coast Guard will use handheld readers to check the biometrics on the card against the person presenting the card. These unannounced checks are an important component of the security efforts at the ports. (b). ``Escorting''/''Unescorted Access''

   We have amended the definition of escorted access to clarify our intent. Namely, that the distinction between escort and unescorted access are to serve as performance standards, rather than strict definitions. We expect that, when in an area defined as a restricted area in a vessel or facility security plan, escorting will mean a live, physical side-by-side escort. Whether it must be a one-to-one escort, or whether there can be one escort for multiple persons, will depend on the specifics of each vessel and/or facility. We will provide additional guidance on what these specifics might be in a Navigation and Vessel Inspection Circular (NVIC). Outside of restricted areas, however, side-by-side escorting is not required, so long as the method of surveillance or monitoring is sufficient to allow for a quick response should an individual ``under escort'' be found in an area where he or she has not been authorized to go or is engaging in activities other than those for which escorted access was granted. Again, we will provide additional guidance with more specifics in a NVIC. (c). New Hires

   We have added a new section within parts 104, 105, and 106 to provide owners/operators with the ability to put new hires to work once new hires have applied for their TWIC and an initial name-based check is completed. In order to ensure adequate security for the vessel and facility during this period, these provisions allow new hires to have access to secure areas for up to 30 consecutive days, so long as they pass a TSA name based check and are

   [[Page 3497]]

   accompanied by another employee with a TWIC. If TSA does not act upon a TWIC application within 30 days, the Coast Guard may further extend access to secure areas for another 30 days. Additional guidance on the manner in which new hires may be accompanied will be issued by the Coast Guard. The guidance will be in the form of a NVIC that considers vessel or facility size, crew or staff size, vessel or facility configuration, the number of TWIC holders, and other appropriate factors, or by making a determination on a case-by-case basis. For example, in some instances, where the operating environment of the vessel is such that there is a small crew, and there is a 24-hour live watchstand while underway, we expect to view the new hires as accompanied when the vessel owner/operator ensures that the security measures for monitoring and access control included within their Coast Guard-approved security plans are implemented. As the operating environment increases or becomes more complex, such as might be the case when Certain Dangerous Cargoes (CDCs) are present, we expect to require additional security measures to ensure that the new hires are, in fact, accompanied by an individual with a TWIC. Similar guidance will also be in place for larger vessels, as well as for facilities and OCS facilities. The NVIC will be released in the near future.

   In order to take advantage of this new hire provision, the following procedures must be followed:

   (1) The new hire will need to have applied for a TWIC in accordance with 49 CFR part 1572 by completing the full enrollment process and paying the user fee. He or she cannot be engaged in a waiver or appeal process. The owner or operator must have the new hire sign a statement affirming this.

   (2) The owner or operator or the security officer must enter the following information on the new hire into the Coast Guard's Homeport Web site (http://homeport.uscg.mil):

   (i) Full legal name, including middle name if one exists;

   (ii) Date of birth;

   (iii) Social security number (optional);

   (iv) Employer name and 24 hour contact information; and

   (v) Date of TWIC enrollment;

   (3) The new hire must present an identification credential that meets the requirements of Sec. 101.515 of this subchapter; and

   (4) There must be no other circumstances that would cause reasonable suspicion regarding the new hire's ability to obtain a TWIC, and the owner or operator or Facility Security Officer (FSO) must not have been informed by the cognizant COTP that the individual poses a security threat.

   This provision only applies to direct hires of the owner/operator; it cannot be used to allow temporary unescorted access to contractors, vendors, longshoremen, truck drivers (unless they are direct employees of the owner/operator), or any other visitor. This provision does not apply if the new hire is a Company, Vessel, or Facility Security Officer, or is otherwise tasked with security duties as a primary assignment.

   In order for the Coast Guard and TSA to verify that a new hire who is awaiting TWIC issuance passes an initial security review, this provision includes a requirement for the owner, operator, Vessel Security Officer (VSO) or FSO to enter new hire identifying information into the Coast Guard's Homeport web page. The Homeport web page is a secure location capable of communicating sensitive security information such as Vessel Security Plans (VSP) and Facility Security Plans (FSP) between industry and the Coast Guard. The Homeport web page address is http://homeport.uscg.mil. Homeport will then interface with the TSA

   system, and if a match to an enrollment record can be made, the TSA system will pass back to Homeport the result of the initial name-based check. If the result is that the new hire has been cleared, the owner/ operator/security officer can put the new hire to work under the provisions of this section and any guidance provided by the Coast Guard in a forthcoming NVIC.

   TSA will begin the security threat assessment process as soon as the enrollment record is complete. Generally, TSA can complete an initial security review within 48-72 hours based on all of the information provided during enrollment. Thus, in some cases (where the new hire information is entered into Homeport three or more days following enrollment), the owner/operator/security officer will not have to wait long before finding out if an individual has cleared the initial name check. We expect that Homeport will be able to notify owners/operators/security officers, via e-mail, when it has received an update on any of the new hires entered by that owner/operator/security officer, which will alleviate any need for them to continuously check in with Homeport.

   The new hire must have applied for a TWIC in accordance with 49 CFR part 1572 by completing the full enrollment process and paying the user fee. The owner/operator must have the new hire sign a statement affirming the enrollment, payment, and that the new hire is not involved in an appeal or waiver application. The owner/operator must retain this statement until the new hire receives a TWIC. The statement must be produced if the Coast Guard requests it during an inspection or investigation. The new hire must also present to the owner or operator a form of identification that meets the standard set in 33 CFR 101.515.

   It is also important to note here that a new hire may be initially cleared to work in the secure area under the provisions of this section, but be disqualified from receiving a TWIC when the full threat assessment is complete. The results of the criminal history records check (CHRC) generally will not be fully adjudicated within three days, and if the adjudication reveals a disqualifying criminal history, the new hire will not be cleared to receive a TWIC.

   The owner/operator of regulated vessels or facilities is required to accompany new hires in secure areas, which includes monitoring new hires while they are in restricted areas of the vessel or facility. Monitoring has the same meaning here as found in Sec. Sec. 104.285, 105.275, and 106.275 of 33 CFR chapter I, subchapter H.

   We are also requiring owners/operators of regulated vessels and facilities to determine that their new hires need access to secure areas immediately in order to prevent adverse impact to the operation of the vessel or facility. Owners and operators must identify that a hardship exists to their operations if their new hires are not allowed access. This adverse impact is not the impact of simply providing escorts for new hires, but must be adverse impacts to the business itself from not being able to employ new hires immediately in secure areas without escort.

   Owners and operators of regulated vessels and facilities must be assured that there are no other circumstances that would cause reasonable suspicion regarding the new hire's ability to obtain a TWIC. This information can come through the normal hiring process, reference checks, or interviews. Also, if the Coast Guard, through its Captain of the Port (COTP), has informed the owner/operator that the new hire poses a security threat, the new hire may not have unescorted access to secure areas of the vessel or facility. Only individuals who pass a threat assessment and are issued a TWIC may have unescorted access to secure areas of the vessel or facility.

   [[Page 3498]]

   (d). Access for Individuals With Lost/Stolen TWICs

   Under the NPRM, we proposed requiring owners/operators to include alternative security procedures in the TWIC Addenda. These alternative procedures were to be used in various situations, such as when individuals needed unescorted access to secure areas but had lost their TWIC, had it stolen, or simply forgotten it that day. As discussed below, we removed the TWIC Addendum requirement from the final rule, but we wanted to include a provision to allow TWIC holders to continue, for a short period, to have unescorted access to secure areas after reporting their TWICs as lost, damaged, or stolen. As a result, this final rule includes specific procedures for owners/operators to use in the case of lost, damaged, or stolen TWICs. This procedure includes having the individual report his/her card as lost, damaged, or stolen to the TWIC Call Center and checking another form of identification that meets 33 CFR 101.515, provided there are no other suspicious circumstances that would cause an owner/operator to question the veracity of the individual. In order to prevent this procedure from becoming a significant loophole in the TWIC regulation, we require that the individual be known to have had a valid TWIC and to have previously been granted unescorted access, and have limited the use of the procedure to seven (7) consecutive calendar days. This should provide enough time for the replacement card to be produced and shipped to the nearest enrollment enter, and for the individual to travel to that center to pick up the replacement card. (e). ``Employee Access Areas''

   We intended for the term ``passenger access area'' to capture those employees whose jobs are necessary solely for the entertainment of the passengers of the vessel, such as musicians, wait staff, or casino employees on a passenger vessel. Upon reviewing comments, however, we realized that there are a variety of employees who may need to enter non-passenger spaces, such as the galley, who would be included under TWIC's applicability merely because of their need to enter these areas. As such, we are adding a definition for ``employee access areas,'' for use only by passenger vessels and ferries. An employee access area is a defined space within the access control area of a ferry or passenger vessel that is open to employees but not passengers. It is not a secure area and does not require a TWIC for unescorted access. It may not include any areas defined as restricted areas in the vessel security plan (VSP). Note, however, that any employee that needs to have unescorted access to areas of the vessel outside of the passenger or employee access areas will need to obtain a TWIC. (f) TWIC Addendum and Recordkeeping Requirements

   We removed the TWIC Addendum requirement from the final rule when we determined that the reader requirements would be delayed until a subsequent rulemaking. The purpose of the TWIC Addendum was to allow the owner/operator to explain how the readers would be incorporated into their overall access control structure, within the standards provided in the NPRM. With the removal of the reader requirements from this final rule, we feel it is appropriate to also remove the TWIC Addendum requirement. Additionally, because we envision the TWIC Addendum to be a part of the subsequent rulemaking on reader requirements, we felt it would be overly burdensome to also require a TWIC Addendum at this point in time.

   The recordkeeping requirements related to TWIC implementation have also been removed from the final rule. We had proposed the requirements because we believed they could be satisfied by using the TWIC readers, which were also proposed. Due to our decision to remove the reader requirements from this final rule, it makes sense to also remove the recordkeeping requirements that were intrinsically tied to those readers. (g). Secure Area

   We did not intend for the terms ``secure area'' and ``restricted area'' to be read as meaning the same thing. Restricted areas are defined already in the MTSA regulations as ``the infrastructure or locations identified in an area, vessel, or facility security assessment or by the operator that require limited access and a higher degree of security protection.'' (33 CFR 101.105) Additionally, those regulations spell out certain areas within vessels and facilities that must be included as restricted areas (see 33 CFR 104.270, 105.260, and 106.265). This final rule defines ``secure area'' as meaning the area over which an owner/operator has implemented security measures for access control. In other words, the secure area would be anything inside the outer-most access control point of a facility, and it would encompass the entirety of a vessel or OCS facility.

   We adopted this definition after much consideration, including consideration of making only restricted areas secure areas. We ultimately abandoned this option, however, when we realized that equating the restricted area to the secure area would have required that the readers and biometric verification be used at the entry points of each restricted area. Because some facilities and vessels have multiple restricted areas that are not always contiguous, this would have likely meant that many owners/operators would have needed more than one reader, increasing their compliance costs. Additionally, the process of repeated biometric identification could have interfered with the operations of facilities and vessels. Finally, we determined that there are areas within some facilities that are not required to be restricted areas that should be deemed secure areas, such as truck staging areas, empty container storage areas, and roads leading between the facility gates and the pier. Allowing persons who have not been through the security threat assessment or are not escorted to have access to these areas could provide them with the opportunity to access the non-restricted areas of the facility to perpetrate a transportation security incident (TSI). Pushing the secure area out beyond the restricted area makes the event of an intentional TSI less likely. As a result, we decided to define the secure area as the ``access control area,'' thus limiting the number of readers required, as well as the number of times biometric verification would need to take place, and providing for the necessary level of security outside of restricted areas. We note, however, that facility owners/operators have the discretion to designate their entire facility as a restricted area. In this situation, the restricted area and secure area would be one and the same.

   We recognize that many facilities may have areas within their access control area that are not related to maritime transportation, such as areas devoted to manufacturing or refining operations, and were only included within the FSP because the owner/operator did not want to have to install additional access control measures to separate the non- maritime transportation related portions of their facility from the maritime transportation related portions. Given the new obligations of this TWIC final rule, however, these owners/operators may wish to revisit this decision. As such, we are giving facility owners/operators the option of amending their FSP to redefine their secure area, to include only those portions of their facility that are directly connected to maritime transportation or are at risk of being involved in a transportation

   [[Page 3499]]

   security incident. These amendments must be submitted to the cognizant COTP by July 25, 2007.

   We realize that there may be some owners and operators of vessels that would like the same option. However, vessels present a unique security threat over facilities in that they may not only be targets in and of themselves, but may also be used as a weapon. Due to this fact, we will continue to define the entire vessel as a ``secure area,'' making exception only for those special passenger and employee access areas which are discussed above. Vessel owners/operators need not submit an amendment to the VSP in order to implement these special areas, however they may do so, following the procedures described in part 104. (h). U.S. Vessels in Foreign Waters

   Due in part to the unique operating requirements imposed on U.S. Offshore Supply Vessels (OSVs) and Mobile Offshore Drilling Units (MODUs) when operating in support of OCS facilities in foreign waters, we determined that we must change some language from the proposed rule. As such, we are adding a provision to the definition of secure area in Sec. 101.105 that states that U.S. vessels operating under the waiver provision in 46 U.S.C. 8103(b)(3)(A) or (B) have no secure areas. These waiver provisions allow U.S. vessels to employ foreigners as crew in certain circumstances. The effect of this change is to exempt these vessels from the TWIC requirement while they are operating under the referenced waivers. As soon as the vessel ceases operating under these waiver provisions, it will be deemed to have secure areas as otherwise defined, and TWIC provisions will apply. (i). Area Maritime Security (AMS) Committee Members

   The NPRM proposed requiring all members of AMS Committees to have a TWIC. We recognize that large numbers of the members will either (1) already have a TWIC, due to their role within the security organization of a facility, or (2) already have undergone some type of comparable background screening due to their position as a Federal, State, or local law enforcement official. After further consideration, we believe that anyone not falling into one of these categories could be discouraged from volunteering to sit on an AMS Committee, due to the cost of obtaining a TWIC. This could have a detrimental effect on the AMS Committee, as there may be individuals who are experts in security who would be (and in some cases already are) valuable parts of AMS Committees, who would opt out of sitting on the Committee rather than assume the cost of obtaining a TWIC. Therefore, we have changed the final rule to allow AMSC members to serve on the AMSC after the completion of a name-based terrorist check from TSA. If an AMSC member requires unescorted access to secure areas of vessels or facilities they will be required to obtain a TWIC. If, however, they do not require unescorted access, but do need access to SSI, they must first pass a TSA name based check at no cost to the AMSC member. The Federal Maritime Security Coordinator for the member's particular AMSC (i.e. COTPs) will forward the names of these individuals to TSA or Coast Guard Headquarters for clearance prior to sharing SSI with these members. (j). Emergency Responders

   We added a provision within 33 CFR 101.514 to allow State and local emergency responders to gain access to secure areas without a TWIC during an emergency situation. Not all emergency responders will fall into the category of State or local officials. We feel it is imperative that these individuals be allowed unescorted access to secure areas in an emergency situation. Emergency responders who are not State or local officials are encouraged to apply for a TWIC. Under the existing access control requirements of 33 CFR 105.255, the owner or operator has documented procedures for checking credentials prior to allowing access and will maintain responsibility for all those granted access to a vessel or facility, even in an emergency situation. (k). Voluntary Compliance

   The provisions that would have allowed vessel and facility owners/ operators to implement voluntary TWIC programs have been removed. These provisions have been eliminated due to the fact that neither TSA nor the Coast Guard can, at this time, envision being in a position to approve voluntary compliance before the full TWIC program, (i.e., reader requirements) is in place. We will keep it in mind, however, as we develop our NPRM to repropose reader requirements. (l). Compliance Dates

   We have also revised the compliance dates slightly. Vessels will now have 20 months from the publication date of this final rule to implement the new TWIC access control provisions. Facilities will still have their compliance date tied to the completion of initial enrollment in the COTP zone where the facility is located. This date will vary, and will be announced for each COTP zone at least 90 days in advance by a Notice published in the Federal Register. The latest date by which facilities can expect to be required to comply will be September 25, 2008. Additionally, mariners will not need to hold a TWIC until September 25, 2008. Mariners may rely upon their Coast Guard-issued credential and a photo ID to gain unescorted access to secure areas to any facility that has a compliance date earlier than September 25, 2008. 2. Changes From TSA's Proposed Rule

   TSA is changing several sections of the proposed rule as a result of comments received, new legislation, and additional analysis. The changes include: (1) Establishing procedures for review of waiver denials by an ALJ; (2) applying the hazmat and TWIC appeal procedures to air cargo personnel; (3) amending the list of disqualifying criminal offenses; (4) expanding the group of aliens who meet the immigration standards; (5) amending the waiver standards for applicants disqualified due to mental incapacity; (6) amending the fees for TWIC; (7) revising the standard for drivers licensed in Mexico and Canada who transport hazardous materials into and within the United States; and (8) modifying the prohibitions on fraudulent use or manufacture of TWIC or access control procedures. (a). Review by Administrative Law Judge

   We noted in the NPRM that if legislation was enacted after publication of the final rule to require review by an Administrative Law Judge of the denial of waiver requests by TSA, we would include such a statutory mandate in the final rule. See 71 FR at 29421. The Coast Guard and Maritime Transportation Act of 2006, Pub. L. 109-241, was enacted on July 11, 2006. Section 309 of this Act requires the Secretary of Homeland Security to establish an ALJ review process for individuals denied a waiver by TSA. Accordingly, we are including the ALJ review procedures in new Sec. 1515.11.

   The ALJ review process set forth under Sec. 1515.11 does not alter the substantive criteria under which TSA will grant or deny a waiver. Therefore, this provision constitutes a rule of agency procedure and may be implemented without prior notice and comment under the Administrative Procedure Act, 5 U.S.C. 553(b)(A). See Hurson Assoc. Inc., v. Glickman, 229 F.3d 277 (D.C. Cir. 2000) (rule eliminating face-to-face process in agency review of requests for approval

   [[Page 3500]]

   was procedural and not subject to notice-and-comment rulemaking).

   The new legislation requires ALJ review to be available for denials of waivers. Under the rules waivers are not available for determinations under Sec. 1572.107 that an applicant poses a security threat, which usually is based on an intelligence-related check involving classified information. However, we have considered that there appears to be an intent that we provide for an ALJ review of such determinations, considering, for example, that the statute provides for ALJ review of classified information, which rarely is relevant to waivers under the current rules. We have also considered that the decision to determine whether an applicant poses a threat under Sec. 1572.107 is largely a subjective judgment based on many facts and circumstances. The same is true for the decision to grant or deny a waiver of the standards in Sec. Sec. 1572.103 (criminal offenses), aliens who are in TPS under 1572.105, or 1572.109 (mental capacity). Accordingly, we are providing for ALJ review of both a determination that the applicant does not meet the standards in Sec. 1572.107, and a denial of a waiver of certain standards in Sec. Sec. 1572.103, 1572.105, and 1572.109.

   An applicant who has received an Initial Determination of Threat Assessment based on Sec. 1572.107 may first appeal that determination using the procedures in new Sec. 1515.9. If after that appeal TSA continues its determination that the applicant is not qualified, the applicant may seek ALJ review under Sec. 1515.11.

   On the other hand, the determination that an applicant does or does not have a disqualifying criminal offense listed in Sec. 1572.103, immigration status in Sec. 1572.105, or mental capacity described in Sec. 1572.109, largely involves an analysis of the legal events that have occurred. Such analyses depend mainly on review of legal documents. We have retained in Sec. 1515.5 the paper hearing process for the appeal of an Initial Determination that an applicant is not qualified under those sections. At the end of that appeal, if TSA issues a Final Determination that the applicant is not qualified under one of those sections, the applicant may seek review in the Court of Appeals. At any time, however, the applicant may seek a waiver of certain standards in those sections on the basis that, notwithstanding a lack of qualification, the applicant asserts that he or she does not pose a security threat and thus seeks to waive the subject standards. The applicant initiates the request for a waiver using the procedures in Sec. 1515.7. If a waiver is not granted, the applicant may seek review by an ALJ under Sec. 1515.11.

   For consistency, we are providing the same review processes for hazardous materials endorsement (HME) applicants that we are providing for TWIC applicants.

   Paragraph 1515.11(a) of this new section specifies that the new process applies to applicants who are seeking review of an initial decision by TSA denying a request for a waiver under Sec. 1515.7 or who are seeking review of a Final Determination of Threat Assessment issued under Sec. 1515.9.

   Section 1515.11(b) allows the applicant 30 calendar days from the date of service of the determination to request a review. The review will be conducted by an ALJ who possesses the appropriate security clearances to review classified information. The rule sets forth the information that the applicant must submit. This section clarifies that the ALJ may only consider evidence that was presented to TSA at the time of application in the request for a waiver or the appeal. If the applicant has new evidence or information to support a request for waiver, the applicant must file a new request for a waiver under Sec. 1515.7 or a new appeal under Sec. 1515.9 and the pending request for review will be dismissed. Section 1515.11 provides detailed requirements for the conduct of the review, such as requests for extension of time and duties of the ALJ.

   In accordance with the Coast Guard and Maritime Transportation Act, this section provides for ALJ review of classified information on an ex parte, in camera basis and consideration of such information in rendering a decision if the information appears to be material and relevant.

   Paragraph 1515.11(f) provides that within 30 calendar days after the conclusion of the hearing, the ALJ will issue an unclassified decision to the parties. The ALJ may issue a classified decision to TSA. The ALJ may decide that the decision was supported by substantial evidence on the record or that the decision was not supported by substantial evidence on the record. If neither party requests a review of the ALJ's decision, TSA will issue a final order either granting or denying the waiver or the appeal.

   Paragraph 1515.11(g) describes the process by which a party may petition for review of the ALJ's decision to the TSA Final Decision Maker. The TSA Final Decision Maker will issue a written decision within 30 calendar days after receipt of the petition or receipt of the other party's response. The TSA Final Decision Maker may issue an unclassified opinion to the parties and a classified opinion to TSA. The decision of the TSA Final Decision Maker is a final agency order.

   Paragraph 1515.11(h) states that an applicant may seek judicial review of a final order of the TSA Final Decision Maker in accordance with 49 U.S.C. 46110, which provides for review in the United States Court of Appeals. Under sec. 46110 a party has 60 days after the date of service of the final order to petition for review. (b). Appeal Procedures for Air Cargo Personnel

   In the final rule we are adding the appeal procedures that currently apply to air cargo workers codified at 49 CFR parts 1540 to 1515. In the NPRM TSA stated that it may use the procedures in part 1515 for other security threat assessments, such as for air cargo personnel. See 71 FR at 29418. At that time the air cargo proposed rule had been published but was not yet final, and it proposed to use appeal procedures that were essentially the same as for HME applicants. The air cargo rule has now been made final. See 71 FR 30478 (May 26, 2006). Because part 1515 was not yet final in the air cargo rule, we placed the appeal procedures for the air cargo security threat assessment into part 1540 subpart C, along with other procedures that apply to air cargo threat assessments. In a further effort to harmonize security threat assessments, we are now moving the appeal procedures for air cargo personnel to part 1515. For consistency with the TWIC and HME processes we are providing for review by an ALJ as described above.

   We are also revising part 1540 subpart C to harmonize more with part 1572. Thus, we are replacing ``individual'' with ``applicant'' to refer to the person who is applying for a security threat assessment. We are also revising Sec. 1540.205 to read essentially the same as Sec. 1572.21 for TWIC, because it serves the same function. Note that while the procedures for TWIC refer to CHRCs and other checks, the procedures for air cargo personnel refer only to intelligence-related checks, because they are not subject to the other checks conducted on TWIC applicants. (c). Disqualifying Criminal Offenses.

   In this final rule, the list of criminal acts that disqualify an applicant from holding an HME under 49 CFR 1572.103 now applies to TWIC applicants. We believe equal treatment for transportation workers is appropriate and consistent with the pertinent

   [[Page 3501]]

   statutory requirements. The standards for the HME rule were mandated by the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act (USA Patriot Act) Pub. L. 107-56, 115 Stat.272 (October 25, 2001). It provides that TSA conduct a security threat assessment on applicants to determine if they pose a ``security risk.'' The USA Patriot Act was enacted shortly after and in response to the terrorist attacks on the United States on September 11. As a result, we interpreted the language ``security risk'' to mean a risk of terrorism or terrorist activity. Nothing in the statute or the legislative history of the USA Patriot Act contradicts this reading of the language. MTSA, enacted a year later, requires a security threat assessment to determine whether an applicant poses a ``terrorism security threat.'' We believe the security threat assessment required under MTSA is the same threat assessment required under the USA Patriot Act, even though the actual language differs slightly.

   In addition, TSA is making administrative and substantive changes to this section. In the NPRM, TSA indicated that it was considering changing the list of disqualifying crimes and asked for comment on the list. TSA received significant comments from Congress and others suggesting that the list of disqualifying crimes is overly broad, and that some crimes had more of a nexus to terrorism than others. 152 Cong. Rec. 2120 (2006). See also Comments of House Committee on Homeland Security on TSA and Coast Guard's Rule to Implement TWIC, July 6, 2006. TSA has evaluated the list of disqualifying crimes and decided to fine tune the list to better reflect crimes that are more likely to result in a terrorism security risk or a transportation security incident, and thus should disqualify an applicant from receiving a TWIC.

   TSA is making a substantive change to this section concerning the crimes of treason, sedition, espionage, and terrorism listed in Sec. 1572.103(a), which are permanently disqualifying. Applicants convicted of these crimes are not eligible for a waiver. As we proposed to do in the NPRM, TSA is adding conspiracy to commit these crimes to the list of crimes that are not subject to a waiver request. TSA has determined that a conviction of conspiracy to commit espionage, treason, sedition, or terrorism is indicative of a serious, ongoing, unacceptable risk to security and should not be waived under any circumstances.

   TSA is changing the language in (a)(4) from ``a crime listed in 18 U.S.C. Chapter 113B--Terrorism'' to ``a federal crime of terrorism as defined in 18 U.S.C. 2332b(g)'' or conspiracy to commit such crime, or comparable State law. Section 2332b(g) is a definitional list that is broader and more explicit than the crimes punished directly in Chapter 113B. We are making this change to more accurately capture all pertinent terrorism-related crimes. Although we intended to be as inclusive as possible with the previous language, experts at the Department of Justice advise that the new language more accurately captures the relevant criminal acts. TSA is adding felony bomb threat in paragraph (a)(9) as a permanent disqualifier including maliciously conveying false information concerning the deliverance, placement, or detonation of an explosive or other lethal device against a state or government facility, public transportation system or an infrastructure facility. TSA is including this crime because it is, in essence, a threat to commit an act of terrorism. We note that we have disqualified an applicant with such crime under the authority of current paragraph (b)(6) dishonesty, misrepresentation, or fraud. To be clear that this crime is a permanent disqualifier, we are adding it as an independent offense in Sec. 1572.103(a)(9). This offense includes making any threat, or maliciously conveying false information knowing the same to be false, concerning the deliverance, placement, or detonation of an explosive or other lethal device in or against a place of public use, a state or government facility, a public transportation system, or an infrastructure facility.

   Paragraph 1572.103(a)(9) is based in part on conduct prohibited by several federal crimes. The first is 18 U.S.C. 844(e), which is found in chapter 40 (Explosive Materials) of the federal criminal code. Section 844(e) criminalizes the use of the mail, telephone, or other instrument of interstate or foreign commerce to willfully make any threat or maliciously convey false information knowing the same to be false, concerning an attempt to kill, injure, or intimidate any individual or unlawfully damage or destroy any building, vehicle, or other real or personal property by means of an explosive. This crime is already disqualifying under paragraph (a)(7). For inclusion in the list of disqualifying crimes, TSA modified this description to broaden it beyond a threat made through an instrument of interstate or foreign commerce. This change provides a disqualification for purely intrastate conduct that results in a felony conviction under State law. TSA also modified the wording found in section 844(e) to include threats of use of lethal weapons in addition to fire and explosives, such as biological, chemical, or radiological weapons. Threats to use these weapons are prohibited by other sections of the federal criminal code. See, e.g., 18 U.S.C 175 (Biological weapons); 18 U.S.C. 229 (Chemical Weapons); and 18 U.S.C. 2332h.

   TSA has revised the language of paragraph (b) to clarify that the crimes listed are disqualifying if either of the following are true: (1) The applicant's date of conviction is within seven years of the date of application; or (2) the applicant was incarcerated for that crime and was released from incarceration within five years of the date of application.

   TSA is adding the offense of fraudulent entry into seaport secure areas to the list of interim disqualifiers. This is a new provision in 18 U.S.C. 1036 that we believe is particularly relevant to this rulemaking and any TWIC applicant.

   TSA is also clarifying in paragraph (b)(2)(iii) that money laundering is an interim disqualifier because it is encompassed under the crimes of dishonesty and fraud and can be a means of funding terrorism. It is known that criminals obtain money from the illegal sale of drugs, firearms and other contraband, launder the money to hide its origin and then funnel this money to terrorist groups. The money laundering disqualifier is limited to convictions where the laundering was for proceeds of other disqualifying criminal activities such as drugs or weapon sales.

   TSA is also clarifying that welfare fraud and passing bad checks will not be considered crimes of dishonesty, fraud, or misrepresentation for purposes of paragraph (b)(2)(iii). In some states, conviction for passing a bad check of $100 is a felony and so would be disqualifying for an HME or TWIC applicant. Similarly, a conviction for welfare fraud can be a felony under state law, depending on the circumstances of the case. TSA believes that these crimes generally do not have a nexus to terrorism and therefore should not be disqualifying under MTSA.

   TSA is moving the definitions of ``explosive,'' ``firearm,'' and ``transportation security incident'' from Sec. 1572.3 to Sec. 1572.103, where the terms are used. This should help to eliminate uncertainty about the crimes that are disqualifying. In addition, TSA is adopting clarifying language concerning the kind of activity that constitutes a ``transportation security incident.'' As required in Sec. 7105 of SAFETEA-LU,

   [[Page 3502]]

   codified at 47 U.S.C. 5103a(g)(3), the definition now makes clear that nonviolent labor-management activity is not considered a disqualifying offense.

   The list of disqualifying crimes in Sec. 1572.103 applies equally to TWIC and HME applicants, thus the amendments apply to both. (d). Immigration standards

   The NPRM was drafted to permit non-resident aliens in the U.S. with unrestricted authorization to work here to apply for and obtain a TWIC. As a result of comments and the relatively common employment of foreign specialists in certain maritime job categories who do not have ``unrestricted'' work authorization, we are expanding the group of aliens who can apply to include certain restricted work authorization categories.

   For purposes of this discussion, it is helpful to explain that there are two categories of U.S. visas: immigrant and nonimmigrant. As provided in the immigration laws, an immigrant is a foreign national who has been approved for lawful permanent residence in the United States. Immigrants enjoy unrestricted eligibility for employment authorization. Nonimmigrants, on the other hand, are foreign nationals who have permanent residence outside the United States and who are admitted to the United States on a temporary basis. Thus, immigrant visas are issued to qualified persons who intend to live permanently in the United States. Nonimmigrant visas are issued to qualified persons with permanent residence outside the United States, but who are authorized to be in the United States on a temporary basis, usually for tourism, business, study, or short-or long-term work. Certain categories of lawful nonimmigrant visas or status allow for restricted employment authorization during the validity period of the visa or status.

   TSA has carefully reconsidered the immigration standards we proposed in the NPRM in light of the comments we received relating to immigration status and our own ongoing analysis. As a result, we are amending the immigration standards for TWIC and HME applicants. The critical issues we examined and on which we rely to determine whether an alien should be permitted to apply for a TWIC or HME are: (1) The statutory language regarding immigration status; (2) the degree to which TSA can complete a thorough threat assessment both initially and perpetually on the applicant; (3) the duration of the applicant's legal status as of the date he or she enrolls and the degree to which we can control possession of a TWIC once legal status ends; (4) the restrictions, if any, that apply to the applicant's immigration status; (5) particular maritime professions that commenters stated often involve aliens; and (6) the checks done by the U.S. Department of State (State Department) or other federal agency relevant to granting alien status.

   With respect to non-U.S. citizens, MTSA provides that an individual may not be denied a TWIC unless he or she may be denied admission to or removed from the United States under the Immigration and Nationality Act (8 U.S.C. 1101, et seq.), or ``otherwise poses a terrorism security risk to the United States\3\.'' 46 U.S.C. 70105(c). Under this final rule, all applicants for TWICs must be lawfully present in the country. Each of the permissible classes listed in Sec. 1572.105 has, as a basis, lawful presence in the United States. Additionally, if the duration of an applicant's legal status as of the date of enrollment does not meet or exceed the period of validity of the credential, five years, we have concerns about permitting the applicant to receive a TWIC\4\. Given the statutory language--that we may deny a TWIC to an applicant who ``may be denied admission to the United States or removed from the United States under the Immigration and Nationality Act''--we believe it is not advisable and may be inconsistent with MTSA to issue a five-year credential to an individual whose known lawful status as of the date of enrollment is a much shorter time period. The statutory language reflects the evolving nature of immigration status and we believe it is a significant distinction that warrants particular treatment.

   \3\ The governing statute for immigration standards for an HME (49 U.S.C. 5103a) requires TSA to ``review relevant databases to determine the status of an alien under U.S. immigration law,'' which provides TSA more discretion to determine whether an alien in a particular immigration class should hold an HME. In order to maintain consistent standards among transportation workers where possible, the immigration standards we are establishing in this final rule for TWIC applicants will also apply to HME applicants. However, as a threshold matter, HME applicants must first meet the standards to hold a commercial driver's license promulgated by the U.S. Department of Transportation, which may include immigration status.

   \4\ The TSA system is not currently programmed to issue credentials with varying expiration dates; all TWICs will expire five years from the date on which they were issued. We plan to explore modifying aspects of the TSA system as the program matures.

   Changes to alien status occur frequently and are difficult to track accurately in real time and perpetually, both of which are necessary to ensure that a TWIC holder remains in legal status. Where we can achieve a level of certainty that the applicant will not possess a TWIC longer than his or her lawful presence and commenters have indicated there is a need for certain short-term aliens to hold a TWIC, we will consider issuing them a credential.

   Many aliens in lawful nonimmigrant status are not eligible to work in the United States or their employment authorization is restricted in some way, usually to the particular sponsoring employer or entity. With the exception of students in valid M-1 nonimmigrant status who are enrolled in the U.S. Merchant Marine Academy or a comparable State school and must complete vocational training, we do not believe it would be consistent with MTSA to permit lawful nonimmigrants that are ineligible to work or conduct business in the United States to apply for a TWIC. Also, if the employment restriction placed on the nonimmigrant generally prevents the individual from working in a maritime facility or vessel, we do not believe a TWIC should be granted. The final rule now lists the nonimmigrant classifications with restricted employment authorization that have a nexus to the maritime industry. Aliens in these nonimmigrant categories with restricted employment authorization may apply for a TWIC notwithstanding the fact that their immigration status may expire in less than five years, because we are requiring additional measures to ensure that the TWIC expires after the employment that requires unescorted access to secure areas ends.

   The final rule now requires employers of TWIC holders who are lawful nonimmigrants with restricted authorization to work to retrieve the applicant's TWIC when the job for which the nonimmigrant status was granted is complete. The employer in this situation should be well aware that the employment status has ended because the visa was issued to facilitate a specific job or employment with the employer. However, if an employer terminates the employment relationship with the alien working on a restricted visa, or that alien quits working for the employer, the employer is required to notify TSA within 5 days and provide the TWIC to TSA if possible. Additionally, all applicants must return their TWIC to TSA when they are no longer qualified for it, and a visa applicant's TWIC expires when either the employment ends or the visa expires. These requirements should minimize the likelihood that an alien will continue to possess a TWIC and have unescorted access to secure areas

   [[Page 3503]]

   of the maritime industry after his or her legal status to do so expires.

   The requirement to return a TWIC to TSA when the pertinent employment ends does not apply to employers of lawful nonimmigrants with unrestricted authorization to work or employers of unrestricted lawful nonimmigrants. Under the immigration laws, the status assigned to an alien carries with it the determination that the individual may work in the United States with or without restriction. Where the alien status includes employer sponsorship as a condition of legal presence, we believe it is appropriate to require the employer to return the credential to TSA once that relationship ends. However, in the cases of alien status that do not carry employment restrictions, we do not believe it is advisable at this time to require any employer action. The lawful nonimmigrant who is not under employment restriction may cease working for an employer and maintain legal status. Retrieving the TWIC at this point would not be appropriate. If the applicant loses lawful status, under the rule, he or she must report any disqualifying offense to TSA and surrender the TWIC. In addition, the enrollment record for each applicant contains contact information for employers, and if TSA determines that an applicant has lost legal status, we would generally have the information necessary to contact the employer and the TWIC holder.

   To satisfy the second prong of MTSA's immigration status requirement, that a TWIC holder does not pose a terrorism security threat to the United States, TSA considers a variety of factors. TSA must be able to conduct a comprehensive threat assessment of the applicant. As in all of TSA's security threat assessment programs, we will conduct a comprehensive threat assessment of each applicant upon enrollment, and then will vet the applicants perpetually using appropriate databases throughout the five-year term of the TWIC. We consider the initial and perpetual vetting to be equally important in maintaining a high level of confidence in the TWIC population. To the extent that a full threat assessment cannot be completed on an applicant initially or perpetually, TSA has concerns about granting that applicant unescorted access to secure areas of maritime facilities and vessels.

   Many immigration statuses change over time, and TSA generally is not in a position to perpetually vet the immigration status of an applicant. We are reluctant to provide a five-year TWIC under these circumstances unless we achieve some level of control over the actual credential through the applicant's employer to minimize the likelihood that an alien who has lost lawful status keeps the credential.

   A significant component of a comprehensive security threat assessment is a fingerprint-based criminal history records check for arrests, indictments, wants, warrants, and serious felony convictions. If we are unable to complete such a check because we cannot access the criminal records of the country in which an applicant has lived for many years, we have concerns that we cannot make an accurate assessment of the individual. Many U.S. workers commented on this fact, in some cases asserting that U.S. citizens are held to a higher standard than workers born abroad because of the inability to do a complete criminal records check on foreign-born applicants. We do not believe that this situation alone constitutes justification to deny non-citizens a TWIC, particularly since U.S. citizens may be born abroad, or spend substantial time abroad. However, it does give rise to a legitimate security concern. Consequently, we must make every effort to minimize the likelihood that someone with malicious intent can enter the United States legally or illegally, hide significant prior criminal or terrorist activity, and obtain unescorted access to secure areas of the maritime industry.

   To reduce the likelihood that TWICs will be issued to someone with malicious intent, we are changing the immigration standards in a variety of ways to reduce those eligible for TWICs to only those individuals on whom the Department of State and/or DHS can perform an adequate security review. First, we are not permitting certain aliens in lawful nonimmigrant status with unrestricted employment authorization to apply for a TWIC. We are not permitting aliens in valid S-5 or S-6 lawful nonimmigrant status with unrestricted authorization to work in the United States to apply for a TWIC. Individuals who are in S-5 and S-6 lawful nonimmigrant status are informants providing information relating to criminal or terrorist organizations. Typically, individuals who are able to provide this kind of information to law enforcement personnel in the United States have been engaged in criminal or terrorist activity themselves. For this reason, we believe they pose a security risk and should not be granted a TWIC. Additionally, this status is granted to no more than 250 individuals per year, and so the likelihood that preventing these individuals from applying for a TWIC would adversely impact a significant number of applicants or the maritime industry is virtually nonexistent. Finally, the S-5 and S-6 status requires frequent contact with U.S. law enforcement personnel for approximately three years, after which time the applicant may be recommended for lawful permanent resident status. After these individuals satisfy the conditions of their status and become lawful permanent residents, the risk they initially present would effectively be mitigated and they would be permitted to apply for a TWIC.

   We do not believe it is advisable to permit lawful nonimmigrants in K-1 or K-2 status to apply for a TWIC. These individuals include the fianc[eacute]s and minor children of fianc[eacute]s of U.S. citizens. Their lawful status expires in just four months. We believe these individuals can be escorted under the final rule until they obtain permanent or other lawful status.

   Aside from holders of the S-5 and S-6 and K-1 and K-2 statuses all lawful nonimmigrants with unrestricted authorization to work in the United States may apply for a TWIC.

   Second, we are revising the rule to treat U.S. nationals, that is, principally American Samoans, as we treat U.S. citizens.\5\ We accomplished this change by adding a definition to the rule for ``National of the United States,'' which means a citizen of the United States or an individual who owes permanent allegiance to the United States. This change is consistent with longstanding principles of immigration law and we believe would not introduce a security threat. Similarly, the final rule permits citizens of the Federated States of Micronesia, the Republic of the Marshall Islands, and Palau who have been admitted as nonimmigrants under the Compacts of Free Association between the United States and those countries to apply for a TWIC. The United States has entered into treaties with these countries that afford their citizens preferred treatment. For instance, citizens of these countries may reside indefinitely and work in the United States without restriction. Therefore, we believe it is appropriate to permit these individuals to apply for a TWIC.

   \5\ Note that Swains Island has been incorporated into American Samoa and thus does not need a separate reference. (48 USC 1662) In addition, this includes nationals of the Commonwealth of the Northern Mariana Islands.

   Third, in response to many comments about the use of foreign professionals in the maritime industry for specialty work, we are permitting certain lawful

   [[Page 3504]]

   nonimmigrants with restricted authorization to work in the United States to apply for a TWIC. There is a longstanding practice of employing non-U.S. citizens to complete specialized maritime tasks, such as maintaining vessel engines and motors. In addition, many international maritime companies transfer staff from abroad into the United States for short or long-term periods, and many of these individuals must work at maritime facilities or on vessels. Denying this segment of the industry the opportunity to apply for a TWIC could adversely impact maritime operations and economic vitality. However, to mitigate our concerns about the inability to complete a thorough initial and perpetual threat assessment on individuals who have not lived in the United States for any significant period of time and who are authorized to remain in the United States for less than five years, we are adding requirements for employers and affected workers to return the TWIC to TSA when the job is completed or the worker otherwise ceases employment with the company.

   We received a comment concerning aliens who are religious personnel in valid R-1 lawful nonimmigrant status with restricted employment authorization. The commenter noted that vessel crew members may request spiritual guidance or religious services when their vessel docks at a port in the United States, and religious workers in valid R-1 status should be permitted to apply for a TWIC to board the vessel. Seafarer Welfare Advocates are eligible for TWICs as long as they meet the TWIC rulemaking eligibility requirements; however, there are no exemptions for aliens holding R-1 visas. We believe that individuals with R-1 visas can be escorted because any individual providing religious services to crew members on a vessel would be on board the vessel for relatively short periods of time and would most likely be in the company of TWIC holders during that time. While we do not believe that these individuals need to hold a TWIC to carry out their religious or spiritual functions, they may apply and will be issued TWICs if they meet the eligibility requirements.

   Fourth, we are permitting students of the United States Maritime Academy and comparable State maritime colleges in valid M-1 lawful nonimmigrant status to apply for a TWIC. These individuals clearly have a need for unescorted access to maritime facilities and vessels as they complete their vocational training in the United States.

   Fifth, we are adding individuals who are in TPS to the group of applicants who may apply for a waiver. Temporary Protected Status is a temporary immigration status granted to eligible nationals of designated countries. The Secretary may designate a country for TPS when it is determined that (1) there is an ongoing armed conflict in the state and, due to that conflict, return of nationals to that state would pose a serious threat to their personal safety; (2) the state has suffered an environmental disaster resulting in a substantial, temporary disruption of living conditions, the state is temporarily unable to handle adequately the return of its nationals, and the state has requested TPS designation; or (3) there exist other extraordinary and temporary conditions in the state that prevent nationals from returning in safety.

   TPS beneficiaries are not required to leave the United States and may obtain work authorization for the initial TPS period and for any extensions of the designation. TPS does not automatically lead to permanent resident status. A TPS designation may be effective for a minimum of 6 months and a maximum of 18 months. Before the end of the TPS designation period, the conditions that gave rise to the TPS designation are reviewed. Unless a determination is made that those conditions are no longer met, the TPS designation will be extended for 6, 12, or 18 months. If the conditions that led to the TPS designation are no longer met, the TPS designation is terminated. Designations, extensions, terminations and other documents regarding TPS are published in the Federal Register. Currently, nationals of Somalia, Sudan, Burundi, Honduras, Nicaragua, and El Salvador have TPS status in the United States.

   In many cases, TPS status for a particular country will remain in place for several years. Thus, nationals of these countries may be in the United States for a decade or more and establish a record that TSA can effectively review for a security threat assessment. Based on this and the unrestricted work authorization, we have determined that under certain circumstances, TPS recipients should be permitted to hold a TWIC. Our ability to complete a thorough threat assessment and the record that is disclosed during the threat assessment will be critical factors in determining if a waiver should be granted to a TPS recipient. In addition, letters of reference from employers, teachers, and religious or spiritual personnel are also important to reach a determination on a waiver. Part 1515 lists the information TSA reviews in making waiver determinations, which now also apply to TPS recipients.

   Finally, on October 17, 2006 Congress passed the John Warner National Defense Authorization Act for Fiscal Year 2007 (P.L. 109-364). In that Act, Congress amended 46 U.S.C. 8103 to permit an alien allowed to be employed in the U.S. under the Immigration and Nationality Act who meets additional requirements for service as a steward aboard large passenger vessels to obtain an MMD. Since all MMD holders must obtain a TWIC, we have extended this statutory requirement to TWIC as well. Individuals who would satisfy the statutory requirements would most likely, if not always, possess a C-1/D Crewman Visa. The C-1/D visa has been added to the list of acceptable restricted nonimmigrant visas.

   Table 2 indicates the types of visas that a lawful nonimmigrant with a restricted visa must hold in order to demonstrate eligibility to apply for a TWIC.

   Table 2.--Types of Visas That a Nonimmigrant With a Restricted Visa Must Hold

   Nonimmigrant Visa

   classifications

   Description/information

   C-1/D............ Combined Transit For alien crewmen serving in good and Crewman Visa. faith in a capacity required for 8 CFR 214.2(c)(D). normal operation and service on board a vessel who intends to land temporarily and solely in pursuit of his calling as a vessel crewman. E-1.............. Treaty Trader (see For nationals of a country with 8 CFR

   which the United States 214.2(e)(1)). maintains a treaty of commerce and navigation who is coming to the United States to carry on substantial trade, including trade in services or technology, principally between the United States and the treaty country, or to develop and direct the operations of an enterprise in which the national has invested. The employee must intend to depart the United States upon the expiration or termination of E-1 status.

   [[Page 3505]]

   E-2.............. Treaty Investor An alien employee of a treaty (see 8 CFR

   investor, if otherwise 214.2(e)(2)). admissible, may be classified as E-2 if the employee is in or is coming to the United States to engage in duties of an executive or supervisory character, or, if employed in a lesser capacity, the employee has special qualifications that make the alien's services essential to the efficient operation of the enterprise. The employee must have the same nationality as the principal alien employer. In addition, the employee must intend to depart the United States upon the expiration or termination of E-2 status. E-3.............. Australian in The E-3 is a new visa category Specialty

   only for Australians coming to Occupation.

   the U.S. to work temporarily in a specialty occupation. H-1B............. Specialty

   Persons who will perform services Occupations (see in a specialty occupation which 8 CFR

   requires theoretical and 214.2(h)(4)). practical application of a body of highly specialized knowledge and attainment of a baccalaureate or higher degree or its equivalent (in the specialty) as a minimum requirement for entry into the occupation in the US. H-1B1............ Free Trade

   Foreign nationals of countries Agreement (FTA) which have Free Trade Agreements Professional Visa with the United States and are (H-1B1).

   engaged in a specialty occupation are eligible for the H-1B1 FTA Professional Visa [Free Trade Agreement (FTA) Professional Visa]. A U.S. employer must furnish a job letter specifying the details of the temporary position (including job responsibilities, salary and benefits, duration, description of the employing company, qualifications of the applicant) and confirming the employment offer. L-1.............. Executive,

   An alien who within the preceding managerial.

   three years has been employed abroad for one continuous year by a qualifying organization may be admitted temporarily to the United States to be employed by a parent, branch, affiliate, or subsidiary of that employer in a managerial or executive capacity, or in a position requiring specialized knowledge. O-1.............. Extraordinary An alien who has extraordinary Ability or

   ability in the sciences, arts, Achievement.

   education, or athletics, which has been demonstrated by sustained national or international achievement. TN............... North American The nonimmigrant NAFTA Free Trade

   Professional (TN) visa allows Agreement (NAFTA) citizens of Canada and Mexico, visas for

   as NAFTA professionals, to work Canadians and in the United States. Mexicans. M-1.............. Vocational student This visa category is for a fixed time needed to complete the course of study and training. For purposes of the final rule, only students who are attending the U.S. Merchant Marine Academy or comparable State maritime school and hold this visa are permitted to apply for a TWIC.

   We are making an additional change to the application information required of TWIC applicants who are not U.S. nationals. In 49 CFR 1572.17, we are requiring all aliens to bring to enrollment the documents that verify the immigration status they are in as of the date of enrollment. We will examine the documents to ensure that the applicant is eligible to apply for a TWIC under the immigration standards and then scan the documents into the TSA system so that they become part of the enrollment record.

   In addition, we are requiring drivers with commercial licenses from Canada to provide a Canadian passport at enrollment, if they do not hold a Free and Secure Trade (FAST) card \6\. We know that Canadian TWIC applicants who hold a FAST card have completed a thorough background check by the Canadian government. However, Canadian provinces do not always require Canadian citizenship or in some cases, lawful presence, when issuing a drivers license. Therefore, we do not believe it is advisable to issue a TWIC based solely on a Canadian driver's license. We are not requiring this of Mexican-licensed drivers who apply for a TWIC because they must obtain border crossing documents to enter the United States, which are issued after the Mexican government has completed a review of the individual and determined they are Mexican citizens or are lawfully present in Mexico.

   \6\ The FAST program is a cooperative effort between the Bureau of Customs and Border Patrol (CBP) and the governments of Canada and Mexico to coordinate processes for the clearance of commercial shipments at the U.S.-Canada and U.S.-Mexico borders. Participants in the FAST program, which requires successful completion of a background records check, may receive expedited entrance privileges at the northern and southern borders.

   (e). Mental Incapacity

   TSA is changing the waiver process to permit applicants who in the past have been involuntarily committed to a mental health facility or declared mentally incapable of handling their affairs to apply for a waiver without always having to provide documentation showing that the disqualifying condition is no longer present, as we have previously. For example, there may be cases in which an individual has an addiction to drugs or alcohol and is involuntarily committed to a mental health facility to complete rehabilitation. If the individual wishes to apply for a waiver, documents showing that applicant completed rehabilitation successfully would be critical to TSA's determination on the waiver request. The individual may no longer use illegal drugs or drink alcohol, but technically they may still have an addiction. Therefore, we believe TSA should decide these waiver requests on a case-by-case basis. The documentation submitted to TSA in support of the waiver request will be very important in making the waiver determination. Applicants and/or their representatives should carefully consider and include all available information TSA can use to determine if the applicant poses a security threat. (f). Fees

   Section 520 of the 2004 DHS Appropriations Act, Pub. L. 108-90, requires TSA to collect reasonable fees for providing credentialing and background investigations in the field of transportation. Fees may be collected to pay for the costs of: (1) Conducting or obtaining a CHRC; (2) reviewing available law enforcement databases, commercial databases, and records of other governmental and international agencies; (3) reviewing and adjudicating requests for waivers and appeals of TSA decisions; and (4) other costs related to

   [[Page 3506]]

   performing the security threat assessment or the background records check, or providing the credential. Section 520 requires that any fee collected must be available only to pay for the costs incurred in providing services in connection with performing the security threat assessment, or the background records check, or providing the credential. The funds generated by the fee do not have a limited period of time in which they must be used. They can be used until they are fully spent. TSA has also established the fees in this final rule pursuant to the requirements of the General User Fee Statute (31 U.S.C. 9701), which requires fees to be fair and based on: (1) Costs to the government; (2) the value of the service or thing to the recipient; (3) public policy or interest served; and (4) other relevant facts.

   In this final rule, TSA uses slightly different terminology to describe the three types of fees and their segments than was used in the NPRM. The Standard TWIC Fee is the fee that an applicant would pay to obtain or renew a TWIC. The Standard TWIC Fee contains the following segments:

   Enrollment Segment (referred to as the ``Information Collection/Credential Issuance Fee'' in the NPRM),

   Full Card Production/Security Threat Assessment (STA) Segment (referred to as the ``Threat Assessment/Credential Production Fee'' in the NPRM), and

   FBI Segment (referred to as the ``FBI Fee'' in the NPRM).

   The Reduced TWIC Fee is the fee an applicant would pay to obtain a TWIC when the applicant has undergone a comparable threat assessment in connection with an HME, a FAST card, or other threat assessment, as provided in Sec. 1572.5(e), or holds an MMD or License as provided in Sec. 1572.19(b). The Reduced TWIC fee is made up of the following segments:

   Enrollment Segment, and

   Reduced Card Production/STA Segment (referred to as the ``reduced fee for the Security Threat Assessment/Credential Production Fee'' in the NPRM).

   The Card Replacement Fee is the fee that an applicant would pay to replace a credential that has been lost, stolen, or damaged and is made up of the Card Replacement Segment.

   In the TWIC NPRM, TSA proposed to set the Standard TWIC Fee at $129-149, including the Enrollment Segment of $45-65, the Full Card Production/Security Threat Assessment (STA) Segment of $62, and the FBI Segment of $22. TSA proposed that the Reduced TWIC Fee be set at $95- 115, including the Enrollment Segment of $45-65 and the Reduced Card Production/STA Segment of $50.\7\ TSA proposed that the Card Replacement Fee, composed of the Card Replacement Segment, be set at $36. See 71 FR at 29405, 29428-29431.

   \7\ While the proposed rule text at Sec. 1572.503(2) indicated that the Reduced TWIC Fee included both the Enrollment Segment and the Reduced Card Production/STA Segment, it erroneously listed the fee at $50. The total for this fee was correctly stated in the preamble as $95. See 98 FR at 29045.

   In this final rule, TSA establishes the Standard TWIC Fee at $139- 159, including the Enrollment Segment of $45-65, the Full Card Production/STA Segment of $72, and the FBI Segment of $22.\8\ The total Reduced TWIC Fee is set at $107-127, including the Enrollment Segment of $45-53 and the Reduced Card Production/STA Segment of $62.

   \8\ If the FBI changes its fee in the future, TSA will collect the amended fee.

   In this final rule, TSA establishes the Replacement Card Fee of $36, as was in the NPRM. TSA's analysis shows that this fee is costed out at $60, but is not including that amount in the final rule due to the large difference in amount from the NPRM. TSA proposes in this final rule to change the Replacement Card Fee to $60 based on the reevaluation of costs elements discussed below, and requests comments only on this fee. See Request for Comments in Section VI.

   Table 3 compares the NPRM per person fee and segments amounts to the final rule per person fee and segments amounts:

   \9\ While this rule sets a Card Replacement Fee of $36, TSA is proposing that the Card Replacement Fee be increased to $60 and is seeking comment only on the Card Replacement Fee. See Request for Comments Section VI.

   Table 3.--TWIC Per Person Fee Segments--NPRM vs. Final Rule

   NPRM

   Final rule $ Increase % Increase

   Standard TWIC Fee Enrollment Segment..............................

   $45-$65

   $45-$65 Full Card Production/STA Segment (for

   62

   72

   $10 Individuals requiring a full STA).............. FBI Segment:....................................

   22

   22

   Total.......................................

   129-149

   139-159

   10

   7.86-6.7 Reduced TWIC Fee Enrollment Segment..............................

   45-65

   45-65 Reduced Card Production/STA Segment (for

   50

   62

   12 Individuals not requiring a full STA):.........

   Total.......................................

   95-115

   107-127

   12 12.6-10.4 Card Replacement Fee Card Replacement Segment........................

   36

   60 \9\

   24

   66.7

   No applicant will be required to pay a fee until after TSA publishes this notice in the Federal Register. Cost Components

   The NPRM identified the cost components from which the proposed fees were calculated. These are the same components that were used to calculate the final fees. However, the fees themselves have changed for the reasons described in this section. Since publication of the NPRM, the TWIC program has reevaluated the cost estimates that drive the TWIC fees. Table 4 lists the cost components of the TWIC Program as estimated for the NPRM and compares them to the costs estimated for the final rule. These cost components are used to derive the TWIC fees that must be collected to fully recover program costs.

   [[Page 3507]]

   Table 4.--5-Year Total TWIC Cost Components--NPRM vs. Final Rule

   Standard TWIC Reduced TWIC

   Card Cost components

   NPRM

   Final rule Percent change

   fee

   fee

   replacement fee

   Enrollment/Issuance................................ $65,212,285 $65,980,199

   1

   X

   X

   X\10\ Threat Assessments \11\............................ 42,463,118 32,120,927

   -24

   X

   X \12\ ............... IDMS............................................... 18,783,000 44,190,882

   135

   X

   X

   X Card Production.................................... 20,427,000 28,346,657

   39

   X

   X

   X Program Support.................................... 22,641,000 18,810,786

   -17

   X

   X

   X

   Total.......................................... 169,526,403 189,449,451

   12

   As shown by Table 4, some of the cost components decreased from the NPRM costs estimates, while some increased. The Enrollment/Issuance cost component increased by approximately 1 percent due to further analysis that indicated a need to account for the contractor fee associated with replacing a lost, stolen, or damaged card. This contractor fee is estimated at $5. This card re-issuance cost within the Card Replacement Fee was not included as part of the NPRM estimate.

   \10\ While the majority of the Enrollment/Issuance requirements have already been satisfied by the applicant through initial enrollment, there are still some enrollment/issuance functions associated with these card replacements, such as overhead. Therefore, these applicants will not be burdened with the normal enrollment/issuance cost component.

   \11\ The Threat Assessments, IDMS, Card Production and Program Support Components makeup the Card Production/STA and the FBI Segments.

   \12\ While the majority of the Threat Assessment requirements have already been satisfied by the applicant through participation in a previous security fee, there are still some threat assessment functions associated with these applicants, such as CSOC activities. Therefore, these applicants will pay the Reduced Card Productions/ STA Segment.

   The Threat Assessments cost component decreased overall by approximately 24 percent. While the costs associated with adjudication by ALJs have been added, cost reductions for perpetual vetting and threat assessment gateway account for the overall reduction.

   The IDMS cost component increased based on a re-evaluation of the overall IDMS costs. The program office identified: (1) The need to increase the hardware and software required to obtain a Security Certification & Accreditation, and to support the full volume of TWIC applicants; (2) system changes required to address security vulnerabilities; and (3) increases in contractor support necessary for systems operations and maintenance. The total increase is estimated at $19 per credential produced.

   The Card Production cost increased by approximately 39 percent based on two factors. First, in order to produce cards more rapidly during the initial enrollment, additional shifts were required at the card production facility. This decision was made in order to address comments to the NPRM that cards needed to be produced as quickly as possible. Second, TSA and Coast Guard received comments to the NPRM on the need to support contactless biometric authentication based on the harsh conditions of the maritime environment and operational efficiencies. In order to address these comments TSA and the Coast Guard have established a NMSAC working group to recommend a contactless TWIC technology specification. Second, we have added a fee to cover future technology-related product improvements to the TWIC system and credential. Technology improvements occur rapidly and in order to take advantage of the efficiency these improvements provide, we must plan for that cost. Building in the cost of technology and system improvements is a common practice for programs that rely so heavily on software and hardware to collect and transmit large amounts of information.

   The Program Support cost decreased by approximately 17 percent because the program office reevaluated and decreased program staffing levels required to support the maritime population after the initial maritime enrollment period. Additionally, Program Support costs related to interagency communication requirements also decreased. These cost reductions resulted in approximately a $2 per card decrease.

   The discussion below describes the cost components associated with each type of fee, Standard, Reduced and Card Replacement. Although the overall program costs increased by approximately 12 percent, the three types of TWIC fees did not increase by 12 percent as each fee is composed of different cost components.

   The per person cost segments for the Standard TWIC Fee are derived from all five of the cost components in the Total TWIC Cost Components table above--Enrollment/Issuance, Threat Assessments,\13\ IDMS, Card Production, and Program Support. Note that the IDMS, Card Production, Program Support cost components makeup the Card Production/STA and FBI segments of the Standard and Reduced TWIC Fees. The net increase in the total for the Standard TWIC Fee is based primarily on the increase of the IDMS and Card Production cost components, as described above in the analysis of the TWIC cost components.

   \13\ The Threat Assessment cost component includes the FBI Segment of the Standard TWIC Fee.

   The per person cost segments for the Reduced TWIC Fee are also derived from five of the cost components in the Total TWIC Cost Components Table 4--Enrollment/Issuance, Threat Assessments,\14\ IDMS, Card Production, and Program Support. The net increase in the Reduced TWIC Fee is based on the reevaluation of the cost components, as described in the analysis of the TWIC cost components above. It should be noted that the reduced fee does not include the entire Threat Assessments cost component. Because the Reduced TWIC Fee does not include this entire cost component, this fee does not entirely benefit from the reduction in the Threat Assessments cost component, and therefore, increased at a greater percentage than the Standard TWIC Fee.

   \14\ As stated in footnote 11, although the majority of the Threat Assessment requirements have already been satisfied by the applicant through participation in a previous security fee, there are still some threat assessement functions associated with these applicants.

   The per person cost for the Card Replacement Fee is derived from four of the cost components in the Total TWIC Cost Components Table 4-- Enrollment/Issuance,\15\ IDMS, Card Production, and Program Support. The net increase in the Card Replacement Fee of $24 is based on the reevaluation of the cost components, as described in the analysis of TWIC cost components

   [[Page 3508]]

   above. It should be noted that this fee does not include the entire Enrollment/Issuance cost component or any of the Threat Assessments cost component. Because this fee does not include the Threat Assessments cost component, this fee does not benefit from the reduction in the Threat Assessments cost component. Thus, the Card Replacement Fee has increased at a greater percentage than the Standard and Reduced TWIC Fees. Because this fee is substantially higher than that in the NPRM, TSA is establishing $36 as the fee in this rule but is proposing to increase the fee to $60 and is providing the public an opportunity to submit additional comments on the card replacement fee. See Request for Comments in Section VI.

   \15\ As stated in footnote 10, although the majority of the Enrollment/Issuance requirements have alread been satisfied by the applicant through initial enrollment, there are still some enrollment/issuance functions associated with these card replacements, such as overhead.

   An Additional Notice on Fees

   As Table 3 indicates, the Enrollment Segment is a range of $45-$65 for both the NPRM and the final rule. TSA is unable to finalize the fee because we do not yet have a final contract with an enrollment provider. When a final contract is executed, TSA will publish a Notice in the Federal Register that will specify the amount for that segment and all of the fees. Therefore, the rule text does not contain TSA's exact fee numbers, but it does include the FBI fee. No applicant will be required to pay a fee until after TSA publishes this notice in the Federal Register. (g). Drivers Licensed in Mexico and Canada Transporting Hazardous Materials

   In accordance with sec. 7105 of SAFETEA-LU, commercial motor vehicle drivers licensed in Canada or Mexico may not transport hazardous materials into or within the United States unless they undergo a background check that is similar to that undergone by U.S.- licensed drivers.\16\ TSA has determined that a card issued by the Bureau of Customs and Border Protection (CBP) under the FAST program provides a similar background check. See 71 FR 44874 (August 7, 2006). The security threat assessment that is required under this final rule for issuance of a TWIC is the same background check currently required for U.S.-licensed drivers with HMEs. Therefore, we are amending 49 CFR 1572.201 to allow possession of a TWIC card by a driver licensed in Mexico or Canada to satisfy the SAFETEA-LU requirement. Thus, drivers licensed in Canada or Mexico may obtain either a FAST card or a TWIC to meet the requirement that they have a background check that is similar to that of a U.S. hazmat driver.

   \16\ 49 U.S.C. 5103a(h).

   In this final rule, for administrative purposes, we are reprinting the entire part 1572. We are making only a couple of changes to Sec. 1572.203, however. We are changing its title to more clearly reflect its scope, to ``Transportation of explosives from Canada to the United States via railroad carrier.'' In Sec. 1572.203(b) we are changing the definition of ``Customs Service'' to ``Customs and Border Protection (CBP)'' to reflect the reorganization of the U.S. Customs Service under the Homeland Security Act of 2002. (h). Compliance and Enforcement Matters

   We are adding a new section. (49 CFR 1570.7) to make it clear that it is a violation of this rule, and other applicable federal laws, to circumvent or tamper with the access control procedures. This section also clarifies that it is a violation for any person to use or attempt to use a credential that was issued to, or a security threat assessment conducted for, another person. In addition, no person may make, cause to be made, use, or cause to use, a false or fraudulently-created TWIC or security threat assessment issued or conducted under this subchapter. Finally, it is a violation of this rule, and other applicable federal laws, for any person to cause or attempt to cause another person to violate these procedures. Violations of any provision of this rule may be subject to such civil, criminal or administrative actions as are authorized under federal law.

   Note that the acts identified in Sec. 1570.7 may also be violations of Federal criminal law, such as 18 U.S.C. 701 (Official badges, identification cards, other insignia), 18 U.S.C. 1001 (Statements or entries generally), 18 U.S.C. 1028 (Fraud and related activity in connection with identification documents and information), 18 U.S.C. 1029 (Fraud and related activity in connection with access devices). In appropriate cases, TSA will refer to the Department of Justice (DOJ) matters for criminal investigation and, if appropriate, criminal prosecution.

   Section 1570.9 is being added to make clear that a person must allow his or her TWIC to be inspected upon request of an appropriate official. For clarification purposes, Coast Guard has provided a similar requirement in 33 CFR 101.515(d) adopting the same language as Sec. 1570.9.

   As discussed in section C.4. of this preamble, Sec. 1570.11, Compliance, inspection, and enforcement, was proposed in the NPRM as Sec. 1572.41.

4. Anticipated Future Notices and Rulemaking

   1. Notices

   We will publish several notices in the Federal Register to facilitate implementation of the TWIC program. Specifically, a notice will be published:

   (a) establishing the fees for the TWIC, as stated above in C.2(f);

   (b) for each COTP zone, prior to beginning the enrollment period; and

   (c) for each COTP zone, 90-days prior to requiring compliance with these regulations. 2. Rulemaking

   In the future we will issue another NPRM to propose card reader requirements for MTSA-regulated vessels and facilities. It will be issued with a comment period that is long enough for all interested persons to reasonably be able to provide comment, and it will announce public meetings in a variety of places. We cannot, at this time, make any definitive statement on where those places will be, but we will consider the locations suggested by commenters and inform the public of upcoming meeting information in advance in the Federal Register.

5. Summary of TWIC Process Under the Final Rule

   The TWIC program was developed to improve identity management and credentialing shortcomings that exist in segments of the transportation industry. TSA evaluated a variety of technologies, used field testing, and to the extent possible, incorporated the basic tenets of Homeland Security Presidential Directive 12 (HSPD-12) \17\ to arrive at the credential and enrollment process implemented in this program. The standards for the program are to ensure that the credentialing processes: (1) Are administered by accredited providers; (2) are based on sound criteria for verifying an individual's identity; (3) include a credential that is resistant to fraud, tampering, counterfeiting and terrorist exploitation; and (4) ensure that the credential can be quickly and electronically authenticated.

   \17\ HSPD-12 requires Federal agencies and their contractors to adopt an identity management and credentialing system that uses biometrics.

   The purpose of the TWIC program is to ensure that only authorized personnel who have successfully completed a security threat assessment have unescorted access to secure areas of maritime facilities and vessels. The credential will include a reference biometric that securely links the credential holder to the issued

   [[Page 3509]]

   credential. At any time, TWIC holders may be asked to confirm that they are the rightful owner of the credential by matching their biometric to the one stored on the credential. An individual's credential is revoked by TSA if disqualifying information is discovered or the credential is lost, damaged or stolen. When a credential is revoked, TSA lists it on the list of revoked cards, or `hotlist' by the unique serial number assigned to the credential. Therefore, a revoked credential that is compared against the hotlist will be flagged and access would not be granted.

   TSA has designed the TWIC process to maintain strict privacy controls so that a holder's biographic and biometric information cannot be compromised. The TWIC process implemented in this rule is described below from the perspective of an applicant. 1. Pre-Enrollment and Enrollment

   TWIC enrollment will be conducted by TSA or TSA's agent operating under TSA's direction. These personnel are known as Trusted Agents. All Trusted Agents must successfully complete a TSA security threat assessment and receive extensive training before they are authorized to access documents, systems, or secure areas.

   DHS will publish a notice in the Federal Register indicating when enrollment at a specific location will begin and when it is expected to terminate. Once DHS has published that notice, facility and vessel owners/operators (owners/operators) must notify workers of their responsibility to enroll into the TWIC program during the enrollment period. Regarding the compliance date for facilities, DHS will also publish this information in the Federal Register for each COTP zone at least 90-days in advance. Owners and operators are required to inform their employees of this date as well. (The implementation plan for enrollment is discussed in greater detail below.) TSA and the Coast Guard will work with owners/operators to ensure that they can provide applicants sufficient time to enroll, complete the security threat assessment and any necessary appeal or waiver process, and obtain the credential before the applicant is required to present the credential for access to a facility or vessel. As TWIC is implemented, owners/ operators must give individuals at least 60 days notice to begin the enrollment process. Generally, TSA completes a threat assessment in approximately 10 days when there is no indication that the applicant may not meet the TWIC enrollment criteria. If criminal activity or other potentially disqualifying information is revealed, however, TSA cannot guarantee that such information will be favorably resolved and a threat assessment completed in less than 30 days.

   Applicants are encouraged to ``pre-enroll'' online to reduce the time needed to complete the entire enrollment process at an enrollment center. The convenience of pre-enrollment is a significant benefit for applicants and reduces strain on the enrollment centers. The pre- enrollment process allows applicants to provide much of the biographic information required for enrollment and to select an enrollment center where they wish to complete enrollment. While pre-enrolling, applicants may schedule an appointment to complete enrollment at an enrollment center, although appointments are not required at enrollment centers. For pre-enrollment, applicants may use a personal computer with access to the internet or they may use TWIC kiosks. The TWIC kiosks will be set up by the TSA agent when enrollment begins at locations convenient to the affected population, including enrollment centers, and are similar to an ATM machine.

   The Web address for pre-enrollment and all additional information relating to the TWIC program is http://www.tsa.gov/twic. The TWIC Web site

   also will list the documents the applicant must bring to the enrollment center to verify identity so that all applicants can be properly prepared. Mariners who must prove U.S. citizenship or immigration status to obtain an MMD, license, COR, STCW endorsement or MMC must provide the documents required by the Coast Guard at 46 CFR chapter I, subchapter B at the time of enrollment.\18\ TSA will scan these documents into the enrollment record, which will be forwarded to the Coast Guard. In addition, applicants who are not U.S. citizens or nationals must bring their immigration documents, including visas and naturalization paperwork, to enrollment so that the documents which prove legal presence in the United States can be scanned into the enrollment record.

   \18\ In order to allow the Coast Guard to remove the requirement that all mariners apply for their credentials in person at a Regional Examination Center (REC), it is necessary for TSA to document proof of citizenship, as the citizenship requirements for certain Coast Guard-issued mariner credentials are stricter than the overall TWIC citizenship requirements. For more information on mariner credentials and the Coast Guard's plan to remove the physical appearance at an REC requirement, see the Coast Guard SNPRM titled ``Consolidation of Merchant Mariner Qualification Credentials'' published elsewhere in today's Federal Register.

   At the enrollment center, applicants who pre-enroll must provide documents to verify their identity, confirm that the information provided during pre-enrollment is correct, submit biometrics identifiers, and sign the enrollment documents. At the enrollment center, all applicants will receive a privacy notice and consent form, by which they agree to provide personal information for the security threat assessment and credential. (For applicants who pre-enroll, the privacy notice is provided with the application on-line, but the applicant must acknowledge receipt of the notice in writing at the enrollment center.) If an applicant fails to sign the consent form or does not have the required documents to authenticate identity, enrollment will not proceed.

   All information collected at the enrollment center or during the pre-enrollment process, including the signed privacy consent form and identity documents, is scanned into the TSA system for storage. All information is encrypted or stored using methods that protect the information from unauthorized retrieval or use. If an enrollment center temporarily loses its internet connection, the enrollment data is encrypted and stored on the enrollment workstation, but only until an internet connection is restored.

   Applicants will provide fingerprints from each hand and sit for a digital photograph. We will collect a print from all 10 fingers unless the applicant has lost or seriously injured his or her fingers. TSA will provide alternative procedures for enrollment centers to use if an applicant cannot provide any fingerprints. The fingerprints and photograph will be electronically captured at the enrollment center and made part of the applicant's TWIC enrollment record. The fingerprint images collected from each applicant will be submitted to the FBI for the CHRC.

   The TWIC fee, which covers the cost of enrollment, threat assessment, and credential production and delivery, will be collected from the applicant at the enrollment center. Payment can be made by cashier's check, money order, or credit card. The TWIC enrollment fee is non-refundable, even if the threat assessment results in denying a TWIC to the applicant.

   The entire enrollment record (including all fingerprints collected) will be transmitted to the TSA system, encrypted, and segmented to prevent unauthorized use. The TSA system acknowledges receipt of the enrollment record, at which time all enrollment data is automatically deleted from the enrollment workstation. At this point,

   [[Page 3510]]

   enrollment data is stored only in the TSA system, and is stored there as encrypted data. The TSA system contains many feedback mechanisms to validate the transmission and receipt of data at key points in the process. The status of each transmission is recorded within the system.

   As discussed in the TWIC NPRM (71 FR 29402), during TSA's Prototype testing phase of the program, the average time needed for an applicant who pre-enrolled to complete enrollment was 10 minutes, 21 seconds. TSA expects that it will take approximately fifteen minutes to complete enrollment of applicants who do not pre-enroll.

   TSA and Coast Guard plan to use a phased enrollment approach based on risk assessment and cost/benefit analysis to implement the program nationwide. Locations that are considered critical and provide the greatest number of individual applicants will be among the earliest enrollment sites. As stated above, TSA will publish a notice in the Federal Register indicating when enrollment at a specific location will begin and when it is expected to terminate. In addition, DHS will publish a notice in the Federal Register indicating the compliance date for each COTP zone. This notice will be published at least 90 days prior to the compliance date. There are approximately 130 locations where TSA plans to enroll applicants. TSA and Coast Guard will work closely with the maritime industry to ensure that owners/operators and workers are given as much notice as possible of the commencement of enrollment at their location. (See the discussion of Sec. 1572.19 below for additional information on the timing of enrollment.) TSA will use a combination of fixed and mobile enrollment stations to make the enrollment process as efficient as possible for applicants and owners/ operators. 2. Adjudication of Security Threat Assessment

   Following enrollment, the TSA system sends pertinent parts of the record to various sources so that appropriate terrorist threat, criminal history, and immigration checks can be performed. When the checks are completed, TSA makes a determination whether to issue a TWIC to the applicant and notifies the applicant of that decision. If the applicant is deemed to be qualified, the TSA system notifies the credential production portion of the system to create a credential. TSA sends the applicant a Determination of No Security Threat via U.S. mail, and the TSA system notifies the applicant when the credential is ready to be retrieved from the enrollment center. Notifications from the TSA system that a credential is ready for pick-up will be through e-mail or voice mail, depending on the preference the applicant expresses on the application.

   If TSA determines that the applicant is not qualified, TSA sends an Initial Determination of Threat Assessment to the applicant via U.S. mail, with information concerning the nature of the disqualification, and how the applicant may appeal the determination or apply for a waiver of the standards. If the applicant proceeds with an appeal or application for waiver that is successful, TSA will notify the applicant accordingly and the credential production process begins. (The appeal and waiver processes are discussed in greater detail below in the discussion of 49 CFR part 1515.) 3. Credential Production and Delivery

   If the applicant is deemed by TSA to be qualified to receive a TWIC, the TSA system generates an order to produce a credential. The TWIC is produced at a government credential production facility. The face of the TWIC credential contains the applicant's photograph, name, TWIC expiration date, and a unique credential number. In addition, the credential will store a reference biometric, a personal identification number (PIN) selected by the applicant, a digital facial image, an expiration date, and a Federal Agency Smart Credential number. The PIN can subsequently be used as an additional security factor in authenticating identity and authorizing use of the credential; or it can be used as the primary verification tool if the biometric is inoperative for some reason. 4. Receiving the Credential

   The TSA system will notify the applicant when the credential is ready, and what if any additional steps the applicant must take to receive the credential. Once the enrollment and issuance process is completed, the credential is activated and is ready to be presented at a facility or vessel for use as an access control tool. The TWIC security threat assessment and credential are valid for five years, unless information is discovered that causes TSA to revoke the credential. 5. Lost, Damaged, or Stolen TWICs

   Replacement TWICs are available if a credential is lost, stolen, or damaged. As soon as a TWIC holder becomes aware that his credential is missing or damaged, he must report this fact by calling the TWIC Call Center which will be open 24 hours per day, 7 days a week. TSA will post the Call Center number on the TWIC web site as soon as it is available, and it will be posted at all enrollment centers and kiosks. The Center follows a standard process to revoke the credential, and order printing and transmission of a replacement. TSA adds the lost, damaged or stolen credential to the `hotlist,' which includes the Smart Card number of all credentials that TSA has revoked. Applicants must pay a fee of $36\19\ to cover the cost of invalidating the previous credential, production of a replacement credential, shipping, and other appropriate program costs. The reissued TWIC will have the same expiration date as the lost/damaged/stolen TWIC.

   \19\ We request comments on changes to the card replacement fee in Section VI below.

   6. Renewal

      TWICs issued under this rule remain valid for a period of five years, unless renewed before the five-year term ends. Upon renewal, an applicant receives a new credential and the old credential is invalidated in the TSA System. TSA does not plan to notify TWIC holders when their credential is about to expire because the expiration date will be displayed on the face of the credential. To renew a TWIC, the holder must appear at any enrollment center, at least 30 days before expiration, to initiate the renewal process. This will provide sufficient time for TSA to conduct the security threat assessment and the Coast Guard to complete any review necessary to renew any required mariner documents. During renewal, applicants must provide the same biographic and biometric information and identity verification documents required in the initial enrollment and pay the associated fees. Note that the TWIC web site will maintain a list of documents that may be used to verify identity, which may change over time. A new credential is issued upon renewal using the same issuance process as used in the initial TWIC issuance and the expired credential will be invalidated. The newly issued credential will have an expiration date five years from the date of issuance of the new credential. Although renewal only occurs every five years, TSA conducts recurring checks on individuals throughout the five year period, so that newly-discovered information informs the access rights of individuals.

      [[Page 3511]]

   7. Call Center

      Toll-free TWIC Call Center (Help Desk) support will provide around- the-clock service for transportation workers, facility operators, and others who require assistance. Assistance includes help for pre- enrollment; enrollment; and lost, stolen, or damaged card reporting and replacement. Help will also be available for scheduling enrollment appointments, locating the closest enrollment facility to an applicant, guiding applicants through the Web-based pre-enrollment process, and for checking on the status of a TWIC application.

6. SAFE Port Act of 2006

   On October 13, 2006, the Security and Accountability for Every Port Act of 2006 (SAFE Port Act) (Pub. L. 109-347) was enacted. The portions of the Act which relate to the TWIC program are discussed below.

   Section 104(a) of the SAFE Port Act contains a number of amendments to the basic requirement in MTSA for credentialing codified in 46 U.S.C. 70105. New sec. 70105(g) mandates concurrent processing by TSA and the Coast Guard of an individual's application for an MMD \20\ and a TWIC. This final rule is in compliance with this requirement. TSA will share with the Coast Guard the individual's CHRC, fingerprints, photograph and proofs of citizenship and identity, which will allow the Coast Guard to begin evaluating whether the individual is qualified to obtain an MMD while TSA completes its security threat assessment. TSA will also share the results of their security threat assessment with the Coast Guard to ensure that MMDs are only issued to individuals who pass the security threat assessment and are issued a TWIC. Thus, such applicants will only submit one set of fingerprints and other information relating to citizenship, alien status, and criminal history, which will be used by both TSA and the Coast Guard.

   \20\ Although the SAFE Port Act only created this requirement for MMDs, TSA and the Coast Guard have also applied concurrent processing, a longer time period to apply for an initial TWIC, and reduced fees to licenses, CORs, STCW endorsements, and the MMC.

   New sec. 70105(h) requires that applicants who have passed a security threat assessment for an HME or MMD pay only for the costs associated with the issuance, production, and management of the TWIC and are not charged for the cost of another threat assessment. This final rule is in compliance with this requirement in that TSA will not charge those who already hold an HME or MMD for an additional threat assessment under TWIC. Rather, TSA will charge a reduced fee.

   New sec. 70105(i) provides requirements for implementing TWIC across the nation by prioritizing the ports based on risk, and requires that the TWIC program is to be implemented according to the following schedule: (1) top ten priority ports by July 1, 2007; (2) the next forty priority ports by January 1, 2008; and (3) all other ports by January 1, 2009. Under new sec. 70105(j) each application for a TWIC made by someone holding an MMD as of the date of enactment of this bill must be processed by January 1, 2009. We are now planning how to meet these requirements and will establish the implementation schedule accordingly.

   New sec. 70105(k) requires DHS to conduct a pilot program on card readers as set out in that section. DHS is currently analyzing how best to meet these requirements, and will begin the pilot program as soon as practicable.

   Under new sec. 70105(m) DHS may not require card readers to be placed aboard a ship unless the crew's number is in excess of the number determined to require a reader or if the Secretary determines that the vessel is at risk of a severe transportation security incident. When DHS drafts the rule that will require use of card readers by vessel owners and operators, it will do so in compliance with this requirement.

   SAFE Port Act sec. 104(b) has additional amendments to MTSA. It revises 46 U.S.C. 70105(b) by adding a paragraph making clear the Secretary has the discretion to add to the list of those individuals who otherwise may be required to obtain a TWIC. The Secretary may apply TWIC requirements to individuals including those ``not otherwise covered by this subsection''. TSA has exercised this discretion by allowing Canadian and Mexican commercial drivers who transport hazardous materials to obtain TWICs, which will allow them to transport hazardous materials in the United States. Further, SAFE Port Act sec. 104(b) clarifies in sec. 70105(c) that DHS must establish a waiver and appeal process for applicants denied a TWIC under sec. 70105(c)(1)(A) or (B) (criminal history) or (D) (otherwise poses a security threat). TSA's new process in 49 CFR part 1515 complies with this requirement.

   Under SAFE Port Act sec. 104(c), the deadline for final TWIC regulations remains January 1, 2007. Further, the regulation must include a provision for an interim check against terrorist watchlist databases so as to enable new workers to start working immediately. This final rule is in compliance with this requirement. As explained in detail elsewhere in this preamble, owners or operators wishing to put their newly hired direct employees to work immediately, prior to issuance of the new hire's TWIC, may do so provided that the new hire is successfully checked against various terrorist databases. The procedure for running the new hire's information through these checks can be found in 33 CFR 104.267, 105.257, and 106.262.

   SAFE Port Act sec. 106 states that applicants convicted of treason, espionage, sedition, and crimes listed in chapter 113B of title 18, U.S.C., or comparable State laws must be disqualified from holding a TWIC. The list of disqualifying crimes in 49 CFR 1572.103 complies with this requirement by including these crimes as disqualifying.

   III. Discussion of Comments

   TSA and the Coast Guard received approximately 1770 comments on the TWIC NPRM during the 45-day comment period. In addition, an estimated 1200 people attended the four public meetings that were held between May 31 and June 7, 2006. Copies of the written comments received, as well as transcripts of the public meetings, are available to the public on http://www.regulations.gov at the public docket for this rulemaking action.

   Numerous commenters supported the concept and purpose of the TWIC program as a method of protecting national maritime security. Some expressed their support unequivocally. One commenter requested that its port be selected for the first phase of the enrollment and implementation process. Several commenters who generally agreed with the idea of the TWIC, also criticized certain details of the proposal, expressed qualifications of various kinds, or said the proposal needed to be more efficient, workable, and fair. Some terminal operators and marine engineers who supported TWIC said that although it would achieve greater maritime security, they were concerned about its burden on industry or noted that security needed to be balanced against fairness for maritime workers. One commenter who generally supported the implementation of TWIC was concerned about the impact of the proposed rules on the efficiency of port facility operations, and suggested a more phased and flexible approach. Another commenter asked for more of a risk-management approach with a performance-based set of guidelines and a reevaluated technology. An

   [[Page 3512]]

   association of maritime operators supported security and background checks and digital fingerprint and photographs, but was concerned about the short timeline for implementation, the absence of facilities to provide the necessary services, and the social and economic burden imposed on individuals. Another commenter who supported TWIC thought that the requirements for who must possess a TWIC was over inclusive and that waivers or exemption processes should be added to lower the overall number of people who would require a TWIC. A commenter noted that although employers were responsible for notifying employees of the TWIC requirement, employer sponsorship of the TWIC program was not desirable.

   In contrast, many commenters expressed strong general opposition to TWIC without providing explicit reasons. Some said it was unnecessary and unjustified, and would not improve maritime security. Some argued that the rule would be harmful. These commenters cited concerns that TWIC was not the most effective and economic approach, it would adversely affect staffing of vessels and port facilities, and it would cause economic hardship on the industry and individuals. Commenters also stated that TWIC was inappropriate for the inland marine industry, it would harm stevedore/terminal operators, and it was an unnecessary cost and duplication of effort where seaport access credentials are currently in use. One commenter stated that although the current system of licensing and documenting maritime personnel is failing or broken, the addition of TWIC will only add additional delays and burden. One commenter argued that the largest threat existed from foreign vessels, and they should not be excluded. Another commenter found the rule ``large-port-centric'' and disapproved of this ``one-size-fits-all'' approach.

   TSA's and Coast Guard's responses to the comments are discussed below.

1. Requests for Extension of Comment Period and Additional Public Meetings

   We received numerous requests to extend the comment period past the 45 days provided in the NPRM. We also received a significant number of comments requesting that we hold additional public meetings. These requests included a large number of supporting reasons.

   Several commenters said that TSA and the Coast Guard had not done enough to obtain information about the concerns of affected maritime workers and industries before going forward with the TWIC rule, and the rule schedule should be extended to allow time for the collection of more information, with public meetings in more sections of the country, such as the Gulf Coast and Great Lakes ports. One commenter said the rule was skewed toward the issues involving large ports. A U.S. Senator argued that more information should have been collected on the impact of the rule on both the inland barge industry and the for-hire passenger excursion boat industry, and an association argued that there was little appreciation of the operational realities of the tugboat, towboat, and barge industry. Another commenter saw little reference to the domestic passenger fleet. Commenters listed the following organizations that they thought should have been consulted: the Passenger Vessel Association, American Waterways Operators Association, the Towing Safety Advisory Committee, the Merchant Personnel Advisory Committee, American Petroleum Institute (API), Offshore Mariner Safety Association (OMSA), and other maritime organizations.

   We have carefully considered the comments submitted and nonetheless determined that it is not advisable to extend the comment period, nor did we hold additional public meetings. We considered delaying implementation of this entire project but determined that the security risk associated with such a delay is not acceptable. While the ``name checks'' being completed by TSA under the Notice published by the Coast Guard on April 28, 2006 (71 FR 25066) do provide some security to the ports, we need the added layer of security that issuing TWICs provides. First, the current name check regime established through the Coast Guard Notice checks names against the terrorist watch lists and immigration databases. With TWIC, we will also check an individual's criminal history and conduct an enhanced immigration check. Second, the interim vetting regime only applies to permanent employees and long- term contractors of facilities and longshoremen, whereas the TWIC program provides the benefit of performing checks on all individuals with unescorted access to both facilities and vessels. Finally, the TWIC program will provide the owners/operators with the piece that the interim vetting regime is missing--namely, a universal credential to verify whether an individual requesting access to a vessel or facility has been screened and determined not to be a security threat. With the Coast Guard spot checks, we can also verify, on a random basis, the validity of the TWICs being used to gain entry to vessels and facilities.

   As we began reviewing the comments we received at the public meetings and on the docket, we realized that there were some portions of the NPRM that were not ready to be implemented. Most important among these pieces were the card reader and biometric verification requirements. As a result, we have removed those requirements from the final rule. What remains is the requirement to apply for and hold a TWIC, the threat assessment standards to be used when processing TWIC applications, and the reduced access control requirements, where the TWIC is used as a visual identity badge at MTSA-regulated vessels and facilities. The Coast Guard intends to integrate the TWIC requirements into its already existing facility and vessel annual MTSA compliance exams, as well as through unannounced security spot checks to confirm the identity of the TWIC holder using hand-held card readers.

   We will initiate a new rulemaking action after pilot testing TWIC readers in the maritime environment. Through that rulemaking action we will propose, seek comment on, and finalize the requirements for card readers. We will also hold public meetings during that rulemaking action, and will consider holding these meetings in any location suggested by commenters. Thus, while we determined that it was not in the public interest to delay implementation of the TWIC program to allow for an extended comment period or additional public meetings, we will be providing an additional opportunity for public participation before owners/operators of vessels and facilities will have to implement the card reader requirements.

2. Coast Guard Provisions

   1. Definitions (a) Requests To Add Additional Definitions

   One commenter felt that using the word ``ensure'' in the regulations establishes an unreasonable standard of care that would require facilities to guarantee safety, and expose facilities to strict liability in the case of a terrorist incident. The commenter recommended that the final rule amend all uses of the word ``ensure'' in 33 CFR, chapter I, subchapter H.

   We disagree. The word ensure, as used in current regulations as well as the TWIC NPRM, was used throughout subchapter H purposely, to designate where the ultimate responsibility for

   [[Page 3513]]

   various security functions would be found for enforcement purposes. We did not propose changing it in the TWIC NPRM and we have not changed it in the final rule.

   One commenter recommended that the final rule better define the term ``Federal Official'' in 33 CFR 101.514, so that active duty and reserve military personnel, all Federal Civil Service employees, and people who hold Department of Defense (DOD) Common Access Card (CAC) cards are not required to obtain or possess a TWIC. We disagree with the suggested change, as the term Federal official is clear enough on its face, meaning individuals who are working for the Federal government. Section 101.514 allows these individuals to gain unescorted access to a vessel or facility using their agency-issued, HSPD-12 compliant identification card. Until an HSPD-12 card is available, these officials may use their agency's official credential--when representing that agency on offical duty--if that is the DOD CAC card, then the CAC card may be used.

   One commenter noted that a definition for the term ``official'' is not provided in the proposed rule, and recommended that Federal, State, and local ``officials'' not requiring a TWIC for unescorted access should be limited to law enforcement, fire, rescue, and government employees that have been subjected to a background screening equivalent to the one conducted for issuance of a TWIC. We believe that the term ``official'' is clear enough in context, and as such we have not added a definition as suggested by the commenter. We recognize, however, that emergency responders may not fit into the ``officials'' category, and so we have added a new paragraph to Sec. 101.514 to cover emergency responders during emergency situations.

   One commenter recommended that the rule be amended to exclude persons working on vessels whose sole purpose is entertainment, such as musicians on passenger vessels. If this exclusion was not made, the commenter recommended that where a vessel engaged solely in entertainment has been inadvertently grouped with vessels of other classes, that the designation of various spaces aboard the vessels, and within those vessels' facilities, be more clearly defined in the final rule, including: (1) For passenger vessels, exclude the employees, whose workstation is limited to areas accessible by passengers, based on the fact that they are occupying the same areas as the passengers who are not subject to the requirement; and (2) apply the TWIC ruling only to the crew areas or persons with access to crew areas. This would allow operators to maintain the security of control stations, equipment rooms and voids, without disruption of access to other employee only areas of the vessel or a facility, which do not need to be restricted areas.

   We agree with this comment. As discussed above in the section discussing changes to the Coast Guard provisions, we are adding a definition for ``employee access areas,'' for use only by passenger vessels and ferries. An employee access area is a defined space within the access control area of a ferry or passenger vessel that is open to employees but not passengers. It is not a secure area and does not require a TWIC for unescorted access. It may not include any areas defined as restricted areas in the VSP. Note, however, that any employee that needs to have unescorted access to areas of the vessel outside of the passenger or employee access areas will need to obtain a TWIC. (b). TWIC

   Two commenters recommended that all references to a ``valid TWIC'' be changed to ``TWIC'' since the definition of TWIC requires that it be valid and non-revoked. We agree and have made the suggested changes within 33 CFR parts 101 through 106. We have left the language in 46 CFR parts 10, 12, and 15, however, because in those places, the term TWIC is not tied to the definition in Sec. 101.105. (c). Public Access Area/Passenger Access Area

   One commenter recommended that the definition of ``public access area'' for cargo vessels be the same as that for passenger vessels to allow similar flexibility. Alternatively, the commenter provided a separate definition of ``public access area'' that allows facilities to designate any area as such, provided the area is specified in the FSP.

   One association noted that vessels other than ``passenger vessels'' are permitted to carry passengers, industrial personnel, or persons in addition to the crew. The association recommended that the final rule provide flexibility similar to passenger vessels for other types of vessels by providing the following definition of public access areas in 33 CFR part 101: ``Public access areas means those defined spaces within a vessel, facility or OCS facility that do not require a TWIC for unescorted access. Any vessel, facility or OCS facility may designate areas as public access areas provided they are specified in the security plan.''

   They further recommended that facilities owners and operators be provided flexibility similar to that of passengers in designating public access areas, and recommended that the following definition be added to part 105:

   ``Sec. 105.xxx Public access area.

   (a) Any facility may designate areas within the facility as public access areas. Any such areas must be specified in the FSP.

   (b) Public access areas are those defined spaces within a facility that do not require escorted access for persons not in possession of a TWIC.''

   They also recommended that OCS facilities owners and operators be provided flexibility similar to that of passenger vessels in designating public access areas, and recommended that the following definition be added to part 106:

   ``Sec. 106.xxx Public access area.

   (a) Any OCS facility may designate areas within the facility as public access areas. Any such areas must be specified in the FSP.

   (b) Public access areas are those defined spaces within an OCS facility that do not require escorted access for persons not in possession of a TWIC.''

   We disagree with these comments. The concept of a ``passenger access area'' has been included in the final rule to cover passenger vessels, ferries, and cruise ships, i.e., those vessels that routinely, as part of their normal operating procedures, carry passengers. While we recognize that some cargo vessels may also, at times, carry passengers, we do not feel it is appropriate to expand this provision to other categories of vessels at this time. We feel that appropriate flexibility is given in the interpretation of ``escort'' to address these situations, while maintaining security. Additionally, facilities are already able to designate certain portions of their facility as ``public access areas,'' therefore we do not feel it necessary to expand the ``passenger access area'' concept to facilities at this time.

   Several commenters recommended that the definition of ``passenger access areas'' be clarified in the final rule to state that no person, including employees, workers, and vendors, would need a TWIC to have unescorted access to a passenger access area on a vessel.

   We have not amended the language as suggested, but agree with the commenters' concept. The proposed, and now final, definition of ``passenger access area'' states that these areas are not part of the secure area of the vessel. Thus, anyone requiring unescorted access to the passenger access area ONLY does not need to have a TWIC,

   [[Page 3514]]

   as he or she does not need unescorted access to a secure area. This covers passengers, employees, other workers, and vendors. (d). Monitoring

   One commenter felt that the definition of ``monitoring'' as used in current regulations and the TWIC NPRM, was ambiguous, confusing, and should be deleted. We disagree. The NPRM did not propose to change the definition of monitoring, and as such we are not making any changes in the final rule. For an explanation of what was meant by that term, see the final rule titled ``Implementation of National Maritime Security Initiatives,'' issued on October 22, 2003 (68 FR 60448). (e). Breach of Security

   One trade association recommended that the definition for ``breach of security'' as used in current regulations and the TWIC NPRM be clarified to allow certain individuals without a TWIC in secure areas, such as escorted persons and foreign seafarers conducting authorized ship's business. The commenter also recommended that the guidance in parts 104 through 106 be amended to clarify this.

   Neither the NPRM nor the final rule amend the definition for ``breach of security.'' As stated in the NPRM, ``[c]ircumstances that trigger the reporting requirement[s] in Sec. 101.305 are highly fact- specific and difficult to define comprehensively.'' (71 FR 29417). Generally speaking, finding properly escorted persons within a secure area would not, in and of itself, constitute a breach of security. One situation that would, with certainty, however, is finding someone unescorted within a secure area without a TWIC. This would constitute a breach of security. We will be issuing new guidance for parts 104 through 106, in the form of a NVIC, and will be sure to include provisions on what could constitute breaches of security or suspicious activity in the context of TWIC. (f). Escorted/Unescorted Access

   Several comments requested clarification and additional guidance on the definition of ``escorting.'' Several commenters requested additional clarification about the level of surveillance for personnel without a TWIC, and supported the use of surveillance and monitoring technology instead of physical escorting, or the use of one escort to monitor multiple individuals. The commenters said that constant, one- on-one supervision would be unduly burdensome.

   Commenters also stated that the escorting and recordkeeping requirement would be too burdensome in terms of manpower, cost, and recordkeeping. Many of these commenters interpreted the definition to require the physical presence of one escort for each individual without a TWIC at all times while in a restricted area. Some of these commenters provided examples of situations where the requirement would be too burdensome. One port authority stated that it typically has over 100 temporary workers on site that would require escorts. Another commenter was concerned that the rule may prevent shore leave for European Union workers not holding a TWIC, particularly where an escort was unavailable or the regulations were interpreted inconsistently at different ports. One trade association felt that the requirement for escorting would be too burdensome for facilities without the manpower to escort individuals without TWIC, particularly in emergency situations when the workforce has been displaced. One commenter felt that the escort provisions should be unnecessary for foreign maritime facilities complying with the International Ship and Port Facilities Security Code (ISPS Code).

   Several commenters were concerned about the need to escort repairmen, maintenance crews, truck drivers, delivery men, crews doing dockside checks of their vessel, musicians, caterers, and other workers, and the need for escorting during weekends and non-business hours when escorts might not be available. One commenter stated that it would have to provide escorts for technical representatives of foreign equipment manufacturers to work on its foreign-built (but U.S.-flagged) vessels. The company also said the rule would be ``problematic'' because it would require a constant escort for foreign owners of U.S.- flagged vessels who visit the vessels. They also stated the rule might disadvantage U.S. ship management companies that operate U.S.-flagged vessels for foreign owners.

   As noted above in the section discussing changes to the Coast Guard provisions, we have amended the definition of escorted access to clarify that when in an area defined as a restricted area in a vessel or facility security plan, escorting will mean a live, side-by-side escort. Whether it must be a one-to-one escort, or whether there can be one escort for multiple persons, will depend on the specifics of each vessel and/or facility. We will provide additional guidance on what these specifics might be in a NVIC. Outside of restricted areas, however, such physical escorting is not required, so long as the method of surveillance or monitoring is sufficient to allow for a quick response should an individual ``under escort'' be found in an area where he or she has not been authorized to go or is engaging in activities other than those for which escorted access was granted. Again, we will provide additional guidance with more specifics in a NVIC.

   Additionally, as discussed above, the reporting and recordkeeping requirements proposed in the NPRM have been removed from this final rule. We will take the comments on these requirements into consideration when we begin a new rulemaking on reader requirements.

   One commenter felt that the definitions of ``escorting'' and ``unescorted access'' are in conflict, and recommended that the definition of ``unescorted access'' be broadened to include either an escort or monitoring sufficient to identify whether the escorted individual is engaged in activities other than those for which escorted access was granted.

   One commenter felt that the definition of escorting was in conflict with the requirement in Sec. 105.290(d) to provide additional security to monitor holding, waiting, or embarkation areas, because passengers that do not hold TWICs may be in those areas. The commenter expressed concern that this conflict could result in inconsistent requirements, with some government officials requiring each passenger to be accompanied one-on-one by security personnel.

   ``Escorting'' means ``ensuring that the escorted individual is continuously accompanied while within a secure area in a manner sufficient to identify whether the escorted individual is engaged in activities other than those for which escorted access was granted.'' As stated above, we did not intend for the term escorting to always mean a one-to-one side-by-side escort, and we have added to the definition to clarify that outside of restricted areas, monitoring will meet the definition of escorting. We believe that the requirements in Sec. 105.290(d) are sufficient to meet the definition of ``escorting'' when passengers are in holding, waiting, or embarkation areas so long as the monitoring provisions of the facility's approved security plan are in place.

   One commenter recommended that the definition be clarified to state that the escort must hold a TWIC. This would prevent two individuals without TWICs from escorting each other.

   We have included the requirement that all escorts be TWIC-holders in the actual access control provisions of parts

   [[Page 3515]]

   104, 105, and 106. We have added language to the definition to specifically state that individuals without TWICs may not enter restricted areas without being escorted by an individual who holds a TWIC, with certain exceptions for new hires.

   One port authority recommended that the escorts be limited to a subset of TWIC holders, as is done in the aviation sector, and that a limit on the number of individuals a single person can escort be established. We have no limits on who can serve as an escort, other than the requirement that all escorts hold a TWIC. Owners/operators are free to establish more stringent requirements for their escorts if they so desire. As stated above, we will be issuing a NVIC that will provide more detail on how many individuals each escort can accompany at one time.

   One commenter requested clarification on who was qualified to be an escort and was concerned that they would need to use an outside security service to serve as escorts. It is not our intention to require outside security services in order for an owner/operator to be able to provide escorts. We will provide more guidance on what is expected of escorts in our NVIC, but generally we expect that any escort be able to respond quickly should any of the individuals that he or she is escorting enter (or attempt to enter) an area they are not authorized to be in or engage in activities other than those for which escorted access was granted.

   One commenter felt that the definitions of ``escorting'' and ``unescorted access'' are in conflict, and recommended that the definition of ``Unescorted Access'' be broadened to include either an escort or monitoring sufficient to identify whether the escorted individual is engaged in activities other than those for which escorted access was granted.

   The definition of ``unescorted access'' in the final rule provides flexibility, allowing owners/operators to designate which individuals need unescorted access, which need to be escorted, and which need to be banned from all access based on their individual circumstances. The Federal government will take appropriate action against known or suspected terrorists or illegal aliens, preventing them from gaining even escorted access to secure areas. However those persons who represent ``security threats'' due to past criminal activity may not constitute a risk when escorted.

   As we noted above, we did not intend for the term escorting to always mean a one-to-one side-by-side escort. In fact, outside of restricted areas, such side-by-side escorting is not necessary, so long as the method of surveillance or monitoring is sufficient to allow for a quick response should an individual ``under escort'' be found in an area where he or she has not been authorized to go. As stated above, we will provide additional guidance with more specifics in a NVIC. (g). Recurring Unescorted Access

   Many commenters supported the provision allowing the holder of a TWIC who regularly enters and departs a secure area on a vessel on a continual basis to do so without verifying the TWIC for each such event. The commenters felt that screening employees that access secure areas frequently would be burdensome. One commenter stated that this provision is needed by operations with few employees. Some of these commenters supported expanding this provision to include facilities. One commenter recommended that facilities allow recurring unescorted access without TWIC verification, when the validity of an individual's TWIC has been confirmed within the prior thirty days during Maritime Security (MARSEC) Level 1, but that at MARSEC Level 2 TWIC verification be conducted each time the individual accesses the area.

   One commenter recommended the definition be revised to ``* * * authorization to enter a vessel or facility on a continual basis after an initial personal identity and credential verification, as outlined in the vessel or facility security plan.'' The commenter stated that this modification will provide significant relief for facilities during MARSEC Level 1.

   We reviewed these comments and recognize that recurring unescorted access might be a valuable and sensible tool for both vessels and facilities. However, because the requirements for readers and owner/ operator TWIC verification have been removed from the access control provisions of this final rule, the term is no longer used within the access control provisions of subchapter H. Despite this fact, we have retained the definition, and expect that it will be used in a future rulemaking to impose reader requirements. Any NPRM on that issue will include consideration of expanding the concept to any vessel or facility with a small enough contingent of regular employees that allowing such access would not present a significant security risk. (h). Secure Area

   There were numerous comments on the proposed definition of secure area. One commenter requested clarification on where card readers need to be located for secured and restricted areas. When the NPRM on reader requirements is published, we will include clarification on this subject, where appropriate.

   Many commenters felt that the use of the terms ``secure area'' and ``restricted area'' was confusing, and that additional clarification or changes to the definitions or use of these terms be made. Several commenters believed that these terms meant the same thing, and recommended using either ``secure area'' or ``restricted area'', but not both. Several commenters felt that ``secure area'' should not be defined as ``restricted area'' at low consequence facilities. One commenter recommended that any facility be given the flexibility to designate its existing restricted areas as its secure areas in its TWIC Addendum. The commenter recommended that specific provisions in the proposed regulations that could be interpreted as preventing this, such as the requirement that ``appropriate personnel know who is on the facility at all times'' (33 CFR 105.200(b)(18)) and the record keeping requirements (33 CFR 105.225(b)(9)) should be revised to make it clear that they only apply within the secure areas designated in the TWIC Addendum. One commenter recommended that only the term ``secure area'' be used, while other commenters recommended that only the term ``restricted area'' should be used. Many commenters recommended that the definition of ``secure area'' should be aligned with, or made the same as, the existing definition of ``restricted area'' used in existing security plans. The commenters felt that this would be more consistent with existing regulations and security plans and would allow flexibility without reducing security. These commenters argued that having different definitions would result in unnecessarily increasing access restrictions in areas that are restricted to employees only but are not essential for security, such as galleys and storage areas. Some commenters recommended that the final rule include a definition of ``employee only area'' or ``owner-controlled area'' for such areas, and that TWIC not be required for them.

   Two commenters recommended that the term ``secure area'' be defined more narrowly than ``restricted area.'' One of these commenters was concerned that defining the terms ``secure area'' and ``restricted area'' to be the same would be costly for facilities and vessels that have designated in their security plan their entire facilities and vessels as a ``restricted area.''

   [[Page 3516]]

   Several commenters recommended that if ``secure area'' and ``restricted area'' are defined as coextensive, facilities should have flexibility in determining which ``secure areas'' require TWIC. Another commenter recommended that if ``secure area'' and ``restricted area'' be defined as coextensive, the agency create a definition for ``security sensitive areas'' requiring TWIC that would be a subset of ``secure areas.'' Multiple commenters requested that if these terms do have different meanings, the final rule should explain the difference, and identify the difference in access restrictions required for them.

   One commenter was concerned that the Coast Guard would not accept the ``restricted areas'' established in existing security plans as ``secure areas.'' This commenter felt that vessels and facilities should have the flexibility to define existing areas designated as ``restricted areas'' as ``secure areas'' to avoid expending resources on areas that are not important to security.

   Multiple commenters were concerned that the definitions of ``secure area'' or ``restricted area'' would result in inconsistent application by regulators at different facilities. One commenter was concerned that their entire facility has been determined to be a secure area, and thus all of their employees would require a TWIC. Some commenters recommended that small facilities be allowed to define areas as being ``secure areas'' only when a vessel is present.

   Several commenters were concerned that the definition of ``secure area'' was too broad, and would require TWIC for any area with any access restriction, such as a fence. Commenters were concerned that this would result in their entire vessel or facility being designated as a ``secure area.'' Many of these commenters felt that they could not meet such a requirement, or that such a requirement would be unnecessary for security. One commenter expressed concern that this might result in numerous Transportation Security Incidents.

   One commenter recommended that the first sentence of the proposed rule be rewritten to read, ``Secure area means the area on board a vessel or at a facility or outer continental shelf facility which the owner/operator has designated as requiring a transportation worker identification credential (TWIC) for a person obtaining unescorted access, as defined by a Coast Guard approved security plan.''

   Multiple commenters recommended that the final rule clarify that facility owners and operators have broad flexibility in designating ``secure areas,'' and that the Coast Guard readily approve such designations. These commenters felt that this was necessary to minimize the costs and disruptions from the rule.

   One commenter recommended that the proposed rule be amended to include a process for limiting the portions of sites to be covered by the rule based on security vulnerability criteria, which would certainly include barge unloading facilities and possibly other areas designated as ``restricted'' in the site's FSP developed under MTSA.

   As noted above in the discussion of changes to the Coast Guard provision of this rule, we did not intend for the terms ``secure area'' and ``restricted area'' to be read as meaning the same thing.

   As also noted above, we recognize that many facilities may have areas within their access control area that are not related to maritime transportation, such as areas devoted to manufacturing or refining operations. The individuals working in these non-maritime transportation areas may rarely, if ever, have a need to access the maritime transportation portions of the facility. As such, we are giving facility owners or operators the option of amending their FSP to redefine their secure area to include only those portions of their facility that are directly related to maritime transportation or are at risk of being involved in a transportation security incident. Redefining the secure area does not necessarily reduce the original facility footprint covered by the FSP where security measures are already in place. That can only be achieved by a reevaluation of the facility as a whole. Instead, the amendment will only effect where TWIC program requirements will be implemented. Additionally, any secure areas must have an access control perimeter which ensures only authorized individuals with valid TWICs have unescorted access. These amendments must be submitted to the cognizant COTP by July 25, 2007.

   One commenter expressed a desire for Coast Guard to support allowing a facility owner/operator to modify their FSPs by maintaining a significant level of security for the entire facility, while enhancing security for narrower area of the site. This commenter proposed the following language for the final rule preamble: ``Facility owner/operators are encouraged to review, and revise as necessary, their Facility Security Plans to apply TWIC requirements to those portions of the site that (i) trigger MTSA regulation, (ii) can be reasonably separated through access controls from other parts of the facility; and (iii) require a higher degree of security protection. Coast Guard will review and approve these changes to the FSP so long as the facility demonstrates that (i) it can maintain existing security at the balance of the facility, and (ii) restricted access controls (including TWIC access controls) have been provided for the area that will have heightened security.''

   We agree with the substance of this comment. While the exact recommended verbiage has not been incorporated into the final rule, we believe the intent and proposed flexibility has. Facility owners and operators will continue to be responsible for drafting and submitting their unique security plans for Coast Guard approval. As noted above, greater flexibility has been afforded to facility plan submitters, allowing them to redefine their secure area to include only those portions of their facility that are directly connected to maritime transportation or are at risk of being involved in a transportation security incident.

   We realize that there may be some owners and operators of vessels that would like the same option. However, vessels present a unique security threat over facilities in that they may not only be targets in and of themselves, but may also be used as a weapon. Due to this fact, we will continue to define the entire vessel as a ``secure area,'' making exception only for those special passenger and employee access areas which are discussed below. Vessel owners/operators need not submit an amendment to the VSP in order to implement these special areas, however they may do so, following the procedures described in part 104.

   Commenters also requested clarification on whether the term ``secure area'' is intended to include passenger access areas as defined under 33 CFR 105.106. These commenters recommended that the passenger access areas not be defined as ``secure areas.''

   ``Passenger access areas'' are, by their definition, not secure areas. They will, however, exist solely within the secure area of the vessels on which they are implemented. As such, they will operate as ``pockets'' within the secure area.

   One commenter stated that small passenger vessels and facilities where they moor would be at a small risk of a terrorist attack. The commenter recommended that the final rule state that such vessels and facilities do not have any ``secure areas.''

   We do not agree with this comment. During the MTSA rulemaking process, the Coast Guard evaluated all vessels and facilities to determine which of those are at a high enough risk of a

   [[Page 3517]]

   Transportation Security Incident (TSI) to warrant imposing the security plan requirement. Small passenger vessels and the facilities that they use were determined to pose a high enough risk to warrant imposition of the security plan requirement. We do not believe that circumstances have changed to warrant a change to those requirements. We have, however, provided some relief to small passenger vessels in this rulemaking by allowing them to carve out passenger and employee access areas (explained elsewhere in this final rule), which will help minimize the ``secure area'' on board.

   One commenter was concerned that since secure areas are defined in the owner or operator's threat assessment (which is approved by the Coast Guard, but is not publicly available), a business operating at the port, vessel, or facility for the first time would not know what areas are designated as ``secure'' and whether they need a maritime TWIC.

   The threat assessment approved by the Coast Guard addressed restricted areas, not secure areas. We have defined secure areas as the access control areas of vessels and facilities, which should provide enough guidance to new businesses, as the area over which a vessel or facility exerts access control should be readily visible to anyone approaching that vessel or facility for access.

   One commenter also requested clarification on whether ``secure areas'' corresponds to existing security classification existing under the ISPS Code.

   The comment is unclear. The ISPS Code uses the term restricted area, and as discussed above, we do not intend for the secure area to mean the same thing as restricted area. In that regard, this final rule does not correspond with the ISPS Code. However, we note that the definition we have provided will not interfere with a vessel or facility meeting the requirements of the ISPS Code.

   One commenter noted that safety issues surrounding needed access to ``secure areas'' in an emergency are not addressed. Another commenter stated that access to secure areas cannot be restricted in an emergency. We recognize this issue and have added a paragraph to Sec. 101.514 that clarifies emergency personnel need not have TWICs to obtain unescorted access to secure areas during emergencies.

   Two commenters recommended that the term ``secure area'' be revised to read ``Secure area is used as defined in 33 CFR 101.''

   We disagree. The definitions found in 33 CFR part 101 apply to all of subchapter H, therefore it is not necessary to constantly refer back to part 101 when, in parts 103 through 106, we use a term defined in part 101. 2. General Comments on Applicability

   Many commenters had questions and/or concerns for TSA and Coast Guard related to the applicability of the proposed rule. One asked what the TWIC requirements would be for a CDC facility that is in a separate location on port property, since it is not a secure maritime facility and thus does not fall under the security regulations of 33 CFR part 105.

   Another commenter posed several questions for TSA and Coast Guard: Will the unlicensed crew members on small passenger vessels certificated for less than 150 passengers under ``Subchapter K'' need to hold a TWIC? Will unlicensed crew members on passenger vessels carrying more than 12 passengers, including at least one passenger-for- hire, on an international voyage, which can include large charter yachts of up to 500 Gross Register Tonnage (GRT), be required to carry a TWIC? Will deckhands on barges subject to ``Subchapters D or O'' be required to obtain a TWIC? Will deckhands on towing vessels greater than 26 feet in length be required to obtain a TWIC?

   One commenter noted that every terminal under MTSA is unique, which is why they are required to have FSPs and suggested that 33 CFR part 105 be used as a baseline and to allow terminals to write their specific plans to ensure security and ease of commerce thus allowing the terminal operators to determine if individuals without the TWIC may have unescorted access to the terminal. One commenter shared their experience implementing legislation similar to the TWIC via Florida Statute 311.12. The commenter suggested adding a grandfather component to the proposed rule to allow current personnel working in the maritime industry certain considerations. The commenter went on to note that if they had not implemented a grandfather component to Florida Statute 311.12, the smooth operation of commerce would have come to a halt.

   Many commenters, including individuals, marine services companies, barge lines, cruise lines, towing companies, and marine maintenance companies, argued that they already had adequate security plans, restrictions, testing procedures, personnel procedures, and other safeguards in place, some of which were approved by the Coast Guard. One local government commenter said that TSA should exempt any facility from the TWIC requirements that had a FSP already in place. Another commenter noted that in the absence of security incidents at any scrap yards relating to maritime transportation and small port facilities that receive bulk aggregate materials, the FSP should be sufficient for addressing risks at such facilities.

   MTSA was clear and unambiguous, leaving little if any room for agency interpretation. Essentially, all individuals must hold a TWIC in order to be eligible for unescorted access to secure areas of MTSA regulated facilities or vessels. In addition, the statute was very clear that all credentialed Merchant Mariners will be issued a biometric identification card, which will be the TWIC. Where needed and allowable under the statute, certain arrangements or exemptions were proposed and modified as the result of the public comments to identify special cases where individuals without a TWIC or who are unable to obtain a TWIC can continue to work aboard MTSA regulated facilities or vessels, subject to additional security provisions.

   As a result of the public comments and concern regarding the potential negative impact on industry resulting from the requirements to implement a TWIC system, greater flexibility has been afforded to facility owners/operators by allowing them the option, in revised Sec. 105.115, to redefine their ``secure area'' as only that portion of their access control area that is directly related to maritime transportation. Other definitions, such as ``passenger access area'' and ``employee access area,'' will also provide greater flexibility in assisting regulated entities with enhancing security while meeting the new regulations. Additionally, provisions have been included, as discussed more specifically below, to allow limited access to new hires under specific conditions, and to persons who have reported their TWIC as lost, damaged or stolen and are awaiting replacement cards.

   One commenter recommended utility fuel-handling facilities be the only facilities subject to the TWIC program. The commenter also recommended that the TWIC be required for such facilities only when the facility is being used for off-loading.

   As stated earlier, the MTSA of 2002 clearly and unambiguously ruled out blanket waivers for specific industry segments or specific job descriptions. With very limited exceptions, all individuals must hold a TWIC in order to be eligible for unescorted access to secure areas of MTSA regulated facilities or vessels.

   [[Page 3518]]

   (a). Applicability--Requests for Exemptions

   Numerous commenters requested exemptions from the TWIC requirements for the following industries, vessels, and facilities:

   U.S.-flagged passenger vessels;

   U.S.-flagged mobile offshore drilling units (MODUs) and offshore supply vessels (OSVs) operating outside the geographic boundaries of U.S. jurisdiction, employing non-citizen workers;

   Other U.S. flagged vessels employing non-citizen crewmembers under the provisions of 46 U.S.C. 8103(b)(3) or (e);

   Inland tugboat, towboat, and barge industry;

   Small and/or isolated low consequence ports, facilities, or vessels;

   Facilities with security requirements that are equivalent or more stringent than the TWIC (e.g., shipyards that currently meet existing DOD credentialing and security plan requirements);

   Facilities and vessels participating in aggregate stockpile and loadout activities;

   Tall ships operating under the U.S. flag and educational sailing programs for school children;

   Bunkering and gas support facilities; and

   U.S. vessels undergoing repairs at a foreign port or facility.

   The commenters presented various arguments to support their requests for exemption. Some commenters noted that exemption criteria should be added to the proposed rule indicating that vessels and facilities that were deemed low risk during a risk assessment should not fall under the TWIC requirement, because TWIC places an unwarranted burden on these vessels and facilities with little added security benefit. For example, one commenter requested that oil and gas support facilities and bunkering facilities be exempted from the TWIC requirements. Another commenter asked for an exemption since their activities and their location are low risk, predominately carrying bulk and break bulk products within the Great Lakes.

   Similarly, other commenters argued that small vessels (e.g., inland towing vessels, small passenger vessels) or small ports should be exempt from the TWIC requirements because the workers know each other and unknown visitors are infrequent. These commenters argued that the intent of the TWIC system, to identify those people who pose a threat, would not be served by installing card readers on small vessels or in small ports. They stated that identifying someone who does not belong is not difficult on these small vessels and in these small ports, and can be accomplished visually. They claimed that the proposed rule would only add cost to these industries with little to no benefit to maritime security. For example, many commenters noted that the crews on inland towing vessels are predominantly U.S. nationals who already comply with the security regulations in 33 CFR parts 104 and 105, so requiring TWICs for this industry would be costly and would result in few improvements in maritime security. In addition, several commenters from the small passenger vessel industry requested that subchapter K and T vessels operating in restricted waters and routes be exempt from the proposed rule.

   More specifically, some commenters noted that vessels under a specific tonnage should be exempt from the TWIC requirements. One commenter asked that vessels of less than 500 regulatory tons GRT and 6,000 International Tonnage Convention (ITC) tons be exempt from the requirements. Another commenter asked that vessels less than 100 gross tons with undocumented workers be exempt from the proposed rule.

   Many commenters argued that U.S.-flagged MODUs and offshore supply vessels (OSVs) operating outside the geographic boundaries of U.S. jurisdiction, employing non-citizen workers should not be required to obtain a TWIC. One commenter argued that in some countries the law requires these vessels operating on the continental shelf to hire local crewmembers, so requiring escorts for all of these crewmembers would place a large burden on these vessels and cause them to be unable to work overseas. In addition, the commenters argued that there is little threat posed by these vessels that are located thousands of miles from the U.S. coast. More than one commenter stated that the ISPS Code and its implementing regulations in SOLAS recognize the need for MODUs and OSVs to employ non-U.S. citizens in their crew and apply shelf-State standards instead of flag-state standards. The TWIC program should recognize the need for these vessels to employ non-U.S. citizens as well.

   One commenter stated that it is their understanding that foreign- flagged MODUs (OCS facilities) that are on location on the OCS would be excluded from the requirements, since foreign vessels with valid ISPS Code certificates are in compliance with 33 CFR part 104 (except 104.240, 104.255, 104.292, and 104.295) and all foreign vessels are exempt from TWIC requirements under 33 CFR 104.105(d). The commenter asked for confirmation that this understanding of the proposed rule is correct. In addition, they requested confirmation that a MODU that is not regulated under part 104, and therefore not required to implement TWIC provisions, but is working next to or over an OCS facility that is regulated by part 106, and therefore is required to implement TWIC provisions, would be exempt from the TWIC requirements.

   In addition to requests for exemptions for industries, vessels, and facilities, many commenters requested exemptions for the following types of workers:

   Employees who work at small ports, facilities, or vessels;

   Merchant seamen who are U.S. citizens and hold current U.S. Coast Guard licenses, Merchant Mariner Documents (MMD), certificates of registry, and STCW documents;

   Employees on vessels under 100 gross tons;

   Contract security guards who have already undergone a DOJ background investigation;

   Crewmembers, service technicians, or repair persons performing vessel maintenance and repairs;

   Hotel staff and passenger vessel staff;

   Seasonal or short term workers which access needs of less than 90 days;

   Cadets from U.S. maritime academies;

   Emergency response personnel;

   15.702(b) crew and other authorized foreign nationals boarding U.S. vessels overseas;

   Employees who must continuously enter and exit secure areas (e.g., baggage handlers at a cruise ship terminal);

   Port chaplains or other religious personnel;

   Workers who are not involved in the transportation industry; and

   Vessel agents.

   The reasons presented by the commenters for granting the workers' an exemption were varied. Some commenters argued that passenger vessel staff who work within the same areas as the passengers who are not subject to the requirement should not be required to obtain a TWIC.

   Commenters argued that crewmembers, service technicians, or repair persons performing vessel maintenance and repairs should not be required to obtain a TWIC because they do not present a security risk and additionally because there are not enough vessel and facility staff to escort these workers.

   [[Page 3519]]

   One commenter asked that the proposed provision exempting foreign vessels be expanded to also exempt ``foreign nationals employed on U.S. vessels under the provisions of 46 CFR 15.720(b) or who are authorized visitors aboard a U.S.-flagged vessel operating from or in foreign ports.''

   Many commenters requested exemptions for emergency response personnel and law enforcement officers.

   More generally, commenters suggested that workers should be exempt from the TWIC requirements until they go to work for a company that needs to conduct business in a secure area. In addition, commenters requested that workers without access to restricted areas of vessels or terminals not be required to obtain a TWIC.

   MTSA was clear and unambiguous and ruled out blanket waivers for the requested industry segments or specific job descriptions. Essentially, all individuals must hold a TWIC in order to be eligible for unescorted access to secure areas of MTSA-regulated facilities or vessels. Where needed and allowed by statute, certain arrangements or exemptions were proposed and modified as the result of the public comments to identify special cases where individuals without a TWIC or who are unable to obtain a TWIC can continue to work aboard MTSA- regulated facilities or vessels subject to additional security provisions.

   These special cases include the foreign vessel exemption, a new provision within the definition of secure area stating that in certain circumstances, U.S. vessels operating in foreign waters do not have secure areas, the passenger and employee access areas, and the provision allowing part 105 facilities to amend their security plans to limit their secure area to only those portions of their facility that are related to maritime transportation.

   When issuing the regulations found in 33 CFR chapter I, subchapter H (known as the Coast Guard MTSA regulations), which establish who must submit a security plan, the Coast Guard utilized a risk based approach to identify and separate those particular facilities and vessels which pose a higher risk from those which pose a lower risk. While we agree with the argument that one MTSA-regulated facility or vessel can pose a lower risk than another MTSA regulated facility or vessel, the fact remains that all have already been determined to present a high enough risk of a TSI to warrant their inclusion in the MTSA regulations. The statute requires all MTSA regulated vessels and facilities to comply with the access control requirements by requiring TWICs for unescorted access to secure areas.

   As a result of numerous comments and concerns regarding reader usage and installation aboard facilities and vessels in addition to emerging technology, this final rule addresses use of the TWIC as a visual identity badge and does not require use of readers. We will consider those comments requesting that the risk among all MTSA regulated vessels and facilities be reevaluated when we propose reader standards in a subsequent rulemaking.

   Understanding the unique situations where successful commerce and support of the maritime industry is dependent upon legal employment or boarding of foreign mariners or crew while operating outside of U.S. waters, we determined that we must change some language from the proposed rule. As such, we are adding a provision to the definition of secure area in Sec. 101.105 that states that U.S. vessels operating under the waiver provisions found in 46 U.S.C. 8103 (b)(3)(A) or (B) have no secure areas. These waiver provisions allow U.S. vessels to employ foreigners as crew in certain circumstances. As soon as the vessel ceases operating under these waiver provisions, it will be deemed to have secure areas as otherwise defined, and TWIC provisions will apply.

   Additionally, facility owners/operators can affect the population of those who will need to obtain a TWIC by taking advantage of the option given to them in revised Sec. 105.115 and redefining their ``secure area'' as only that portion of their access control area that is directly related to maritime transportation. The Coast Guard must approve such modifications. (b). Applicability--Foreign Vessels

   One commenter supported the proposed exemption for foreign flag vessels calling on U.S. ports. The commenter stated that this would include not requiring a valid TWIC to access vessel-designated restricted areas and the need for TWIC readers aboard foreign flag vessels. However, many commenters disagreed with this provision for various reasons. Some commenters stated that there is a need for application of international standards to all ships, U.S. and foreign, to maintain a level playing field and prevent economic discrimination against U.S. ships. For example, one commenter stated that security within the Gulf of Mexico will not be ensured until the foreign vessels that routinely operate in support of the offshore oil and gas industry, and call on Gulf ports such as Fourchon, Galveston, Mobile, etc., are held to and comply with equivalent standards.

   Another commenter urged that an accurate cost-benefit analysis must factor in the cost of vessel operating companies that are forced out of business because they cannot compete with foreign competitors in the Gulf of Mexico who have been exempted from these requirements.

   Other commenters argued that the proposed regulations overlook the area of greatest interest to national security, namely the traffic of foreign vessels and foreign seafarers at U.S. ports and maritime facilities, while imposing additional regulation on American mariners who already undergo thorough vetting, and U.S. vessels that already operate under a vessel security plan compliant with the MTSA. One commenter claimed that a security threat posed by individuals on a foreign-flagged vessel moored at a U.S. port is no less of a security threat than persons aboard a U.S. vessel, and objected that TSA has decided to forgo security requirements for foreign-flagged vessels. One commenter expressed that DHS has not conducted any analysis as to whether foreign mariners who do not participate in SOLAS or ISPS pose homeland security threats. One commenter stated that the Coast Guard has not fully considered the impact of its requirement to grant access to foreign nationals who have not been vetted by TSA.

   One comment stated that because foreign mariners are not required to hold a TWIC under the proposed rule, if the entire terminal is classified as a ``secure area,'' crewmen that have docked at berth and have been cleared by CBP must be escorted every time they leave the ``restricted area'' of the pier. The commenter notes that if they are already in the restricted area they do not have to be escorted, but if they enter that part of the secure area that is not restricted, they must have an escort. The commenter asked that, since CBP has already made a determination whether these mariners pose a risk to our country, why then does a low consequence terminal have to make sure they are escorted if they pose no risk?

   One comment said the proposed rule does not clearly indicate whether a foreign vessel must obtain, deploy, and operate TWIC readers at its access points on the vessel. However, the commenter said that the proposed rule appears to exempt foreign vessels from using TWIC readers.

   Foreign vessels carrying valid ISPS Certificates do not fall within the TWIC applicability of the MTSA, as they are not carrying security plans approved by

   [[Page 3520]]

   the Secretary under 33 U.S.C. 70103. MTSA requires compliance with TWIC requirements for vessels or facilities whose plans include an area designated as a secure area by the Secretary for purposes of a security plan approved under sec. 70103. The vast majority of foreign vessels do not submit their plans to the Secretary, and therefore are not ``secure areas'' even when the foreign vessel is docked at a U.S. port. However, when docked at a U.S. port, individuals on the foreign vessels are subject to the facility's security plan--including TWIC and escorted access requirements--if they wish to leave the foreign vessel.

   We do not agree that sec. 102 of the MTSA applies to foreign seafarers arriving on foreign vessels. The TWIC process cannot practically or meaningfully be applied to foreign mariners, who would not likely have the means to get to enrollment centers or to return to claim and activate their credentials, nor would any be able to present the appropriate identity documents, or meet the requirement for lawful presence. Requiring foreign seafarers to present a TWIC would mean that before being allowed off of a foreign vessel, each foreign seafarer would need to come to the United States to enroll in the TWIC program, and then again to pick up their TWIC. It is also not clear that such a provision would provide any security benefit, as the criminal background checks that are done as part of the TWIC security threat assessment would have very little meaning, since it is unlikely that a foreign seafarer will have a criminal record in the United States, and the additional background checks are done during the visa application and CBP screening processes (see below). Finally, placing such requirements on foreign seafarers would certainly affect the treatment U.S. mariners receive in other countries.

   We also disagree that the TWIC subjects U.S. maritime workers and mariners to stricter processes than foreign seafarers. Currently, foreign seafarers arriving on foreign vessels are required to have a U.S. visa, issued by the Department of State subsequent to at least one face-to-face interview and a vetting process that is similar to TWIC vetting. Upon arrival in the U.S., foreign mariners are not allowed to leave the vessel until and unless they are allowed entry after inspection by a CBP Officer. Those seafarers that arrive without a visa or a CBP issued waiver are restricted to the vessel. Seafarers that are allowed to leave the vessel are subject to the security provisions of the facilities where their vessel is moored, including the conditions by which they are allowed to traverse the facility, and will be required to have escorted access through secure areas of the facility.

   One commenter urged that a further provision be added at new Sec. 104.105(e) to read as follows: ``(e) Foreign nationals employed on U.S. vessels in accordance with the provisions of 46 CFR 15.720 or who are authorized visitors aboard U.S. flag vessels operating from or in foreign ports are not subject to the TWIC requirements found in this part.''

   As noted above, we are adding a provision to the definition of secure area in Sec. 101.105 that states that U.S. vessels operating under the waiver provisions found in 46 U.S.C. 8103 (b)(3)(A) or (B) have no secure areas. These waiver provisions allow U.S. vessels to employ foreigners as crew in certain circumstances. The effect of this change is to exempt these vessels from the TWIC requirement while they are operating under the referenced waivers. As soon as the vessel ceases operating under these waiver provisions, it will be deemed to have secure areas as otherwise defined, and TWIC provisions will apply.

   Many commenters stated that not requiring foreign vessels and foreign crews to obtain a TWIC would be detrimental to U.S. maritime security. One commenter noted that this policy would put U.S. offshore oil and gas supplies at risk. One commenter pointed out that currently a large portion of the ships transporting oil and hazardous materials are foreign vessels with foreign crews.

   Another commenter noted that 95 percent of the vessels sailing from international waters into U.S. ports are crewed by foreign mariners, so although vetting these foreign mariners would be very difficult it is necessary to enhance U.S. port security. The commenter pointed out that U.S. mariners are already subject to background checks during the licensing procedure, so including U.S. mariners, while exempting foreign mariners from the TWIC program will not enhance U.S. port security.

   Numerous commenters expressed concern about uncredentialed foreign mariners. One argued that if licensed and documented American mariners must hold a TWIC, foreign workers on American flag vessels should also be required to hold proper security credentials. Many commenters argued the necessity of covering foreign nationals working as drivers in domestic facilities such as ports and foreign crewmen on foreign vessels, such as Liquified Natural Gas (LNG) tankers. Comments came from a wide variety of maritime and trucking industry associations, and individuals.

   Some commenters also stated that ensuring the security of freight moving in from foreign ports was a more important issue than TWIC.

   One commenter noted that under the proposed rule many commercial fishing vessels will not be required to obtain a TWIC. The commenter argued that the TWIC program should include all commercial vessels, since commercial fishing vessels could easily be used as a terrorist target.

   We do not agree with these comments. As discussed above, the vast majority of foreign vessels are not required to have a security plan under MTSA and thus do not constitute secure areas for purpose of the TWIC program. In regard to the security concerns cited by the commenters, however, individuals from foreign vessels who wish to leave the vessel while docked at a U.S. port are required to be escorted through secure areas on MTSA-regulated facilities. Further, each and every foreign mariner wishing to step off of a vessel onto U.S. soil must be issued a visa from the Department of State, and be admitted by CBP into the United States.

   In addition, the Federal government has a variety of programs in place to identify potential security risks from foreign vessels and crew members entering U.S. ports. For example, the Coast Guard's Notice of Arrival requirements (33 CFR part 160, subpart C), U.S. Coast Guard Port State Control Examinations, vessel escorts, and crew list, cargo and last port of call screening, foreign port inspections and similar programs have been in place for several years to reduce the risk posed by certain foreign-flagged vessels transiting or calling U.S. ports.

   Additionally, under CBP's Advance Passenger Information System (APIS) (19 CFR 4.7), vessels (both foreign and U.S.-flagged), must provide manifest information on all passengers and crew no later than 24 hours and up to 96 hours prior to the vessel's entry at a U.S. port. The data that must be provided by the vessel to CBP includes: the country that issued the passport or alien registration number; the passenger's or crew member's full name, date of birth, passport or alien registration number, country of residence, visa number, originating foreign port and final port of destination. Id. The manifest information is compared against terrorist watchlist information by CBP.

   Commercial fishing vessels are not subject to 33 CFR subchapter H and therefore are not included in the congressional mandate for TWIC. As noted in the interim final rule published on July 1, 2003, titled ``Implementation

   [[Page 3521]]

   of National Maritime Security Initiatives,'' commercial fishing vessels were determined to be at a low risk of a TSI during the initial risk assessment and therefore were not included in the applicability for 33 CFR subchapter H (see 68 FR 39246-7).

   One commenter stated that there are many reasons for foreign seafarers to be allowed to traverse the facility (i.e., reading draft marks, completing a Declaration of Security (DoS), required training, making phone calls, medical and humanitarian needs). The commenter argued that to only mention crew changes and shore leave does not advise facility operators and Federal officials that there are other legitimate reasons for seafarers to be granted access to portions of a facility.

   We agree that there are legitimate reasons for foreign seafarers to require limited access to facilities. Recognizing, in particular, that seafarers, whether foreign or U.S., will require access to facility areas to conduct vessel operations, such as reading drafts, adjusting mooring lines, securing shore ties, completing a declaration of security (DoS), and loading stores, we have included a provision to allow mariners limited access immediately adjacent to their vessels to conduct these operations. Limiting the access in this manner takes operational realities into account without adversely impacting security. Also recognizing this need applies to U.S. vessels not covered by 33 CFR part 104 when moored at a part 105-regulated facility, this provision is also granted to U.S. mariners on vessels not covered by part 104 who would not otherwise be required to possess a TWIC. (c). Applicability--Mariners

   One commenter requested clarification about whether every uncredentialed mariner (e.g., crewmember) requiring unescorted access to secure areas of vessels and facilities will require a TWIC. Many crewmembers who have unescorted access to secure areas of vessels and facilities are not required to have credentials (e.g., up to 17,000 crewmembers on inland and river towing vessels up to 1,600 GRT; crewmembers on small passenger vessels up to 100 GRT; and offshore towing vessels up to 100 GRT), noted one commenter. Therefore, the commenter argued that the proposed rule needs to make it clear that every uncredentialed mariner requiring unescorted access to secure areas of the vessels (especially small passenger vessels, offshore supply vessels or facilities) will need a TWIC.

   Under this rule, every mariner, whether holding a credential from the Coast Guard or not, who requires unescorted access to a secure area of a MTSA-regulated vessel or facility will need to have a TWIC.

   Another commenter, an owner of vessels and facilities, noted that they currently are not required to have VSPs or FSPs, however, the proposed rule indicates that their licensed employees will now need to obtain a TWIC. The commenter stated that making a licensed employee obtain a TWIC when the workplace is non-secure does not make sense. In addition, the commenter noted that only requiring licensed crewmembers to obtain a TWIC, but exempting unlicensed crewmembers, does not make sense. One commenter suggested that this could become very burdensome for the vessels and facilities, since individuals may choose not to obtain a TWIC and thus will have to be escorted while in secure areas. The commenter recommended that TSA and Coast Guard make the TWIC mandatory.

   Many individual commenters and commenters from mariners' associations argued that domestic merchant seamen are already required to obtain documentation, and that an additional burden should not be placed on them. Several said that domestic professional mariners should be considered partners in security, because they have a vested interest in a secure workplace. Commenters stressed that the rule should recognize the difference between ``bluewater'' international operations and ``brownwater'' domestic operations on inland waterways, because the latter do not pose the same threat to national security. Several commenters also argued that the economic effect of the proposed rule would be to place domestic maritime workers, such as those in the offshore oil and gas industry, at a disadvantage vis-[agrave]-vis foreign competitors.

   The final rule applies to all licensed mariners, regardless of where they work, and workers needing unescorted access to secure areas of vessels, facilities, and OCS facilities currently regulated by parts 104, 105, and 106. Licensed mariners, regardless of their employer or working location, must obtain TWICs due to sec. 102 of MTSA (46 U.S.C. 70105(b)(2)(B)), which states that the TWIC requirement applies to ``an individual issued a license, certificate of registry, or merchant mariners document under part E of subtitle II of this title.'' Additionally, the statute requires that any individual requiring unescorted access to secure areas of a vessel or facility regulated by 33 CFR part 104, 105, or 106 obtain a TWIC, regardless of whether they are licensed or unlicensed. (See 46 U.S.C. 70105(b)(2)(A)). We disagree with the commenters who felt that the TWIC requirement was ``not mandatory.'' Mariners will not be able to renew their credentials without a TWIC, and vessel and facility owners/operators have an enforceable responsibility to ensure that only persons holding TWICs be granted unescorted access to secure areas. If an individual shows up for work without a TWIC, and his or her employment would call for unescorted access within a secure area, it is the duty of the owner/ operator to either turn that individual away or provide an escort, but there is nothing stating that the owner/operator must allow the individual access of any kind. We have provided for limited exceptions to this, to cover newly-hired individuals who have applied for their TWIC but have not yet received it, and to cover those individuals who have reported their card as lost, damaged, or stolen. These provisions can be found in the access control sections of parts 104, 105, and 106. (d). TWIC Eligibility--Foreign Workers

   Many commenters argued that foreign workers who have already obtained work visas and have been cleared by CBP should be allowed to obtain a TWIC, even though they are not resident aliens. For example, some commenters pointed out that trained foreign experts with work visas are often used on U.S.-flagged industrial vessels to assist with specialized work. The commenters argued that requiring an escort for these workers who have already been cleared by the CBP and obtained the appropriate work visas, would be burdensome and unnecessary. These commenters pointed out that just as the NPRM states that Mexican and Canadian truckers need to have access to facilities, offshore vessels need to allow specialized foreign workers on their vessels. Other commenters stated that the proposed rule is more stringent than what is required by law.

   Several commenters noted that as a multinational corporation they have foreign employees and foreign business partners at their U.S. facilities, so if these employees and business partners cannot obtain a TWIC it will create a large burden for their corporations. The multinational corporations will face a burden not only from having to provide escorts for their foreign employees and foreign business partners, but also from lost business due to foreign business partners choosing not to work with U.S. multinational corporations due to the extra hassles.

   [[Page 3522]]

   We recognize that this population of workers is essential to the maritime transportation industry and that there would be significant impacts to facilities if they were not able to obtain unescorted access to carry out their work. As a result, we have amended the final rule to allow additional foreigners, holding certain work visas, to apply for a TWIC. These provisions are discussed in more detail in the TSA section below.

   We do not believe, however, that TWICs should be issued to anyone who has been granted a work visa and cleared by CBP. While foreign workers--either immigrant or nonimmigrant--may be subject to certain screening to obtain a visa or to enter the country. However, these individuals do not undergo the comprehensive security threat assessment necessary to allow a person unescorted access to a secure facility. (e). Applicability--Area Maritime Security (AMS) Committee Members

   The NPRM proposed requiring that all AMS Committee members obtain a TWIC. Several commenters stated that they agreed with this provision of the proposed rule. For example, one commenter noted that if the rule is not applied equally to all parties it will have little value. Other commenters stated that they did not agree with this provision and felt that AMS Committee members should not have to obtain a TWIC. Some of these commenters argued that the TWIC is not a tool to clear individuals for access to SSI \21\, but is a tool to assist facility and vessel owners in implementing access control. The commenters argued that since some of the AMS Committee members do not need access to secure maritime areas and all of the AMS Committee members have already undergone the screening for access to SSI, the AMS Committee members should not have to obtain a TWIC. In addition, commenters noted that requiring the AMS Committee members to obtain a TWIC would increase the costs associated with membership and thus discourage membership.

   \21\ ``SSI'' is unclassified information that is subject to disclosure limitations under statute and TSA regulations. See 49 U.S.C. 114(s); 49 CFR part 1520. Under 49 U.S.C. 114(s), the Assistant Secretary of TSA may designate categories of information as SSI if release of the information would be detrimental to the security of transportation. SSI may only be disclosed to persons with a need to know, such as those required to carry out regulatory security duties.

   After reviewing these comments, we have decided to refine the TWIC requirement in regard to AMS Committee members, as explained above in the discussion of changes to the Coast Guard provisions of the final rule. The final rule allows individuals to serve on an AMS Committee after the completion of a name-based terrorist check from TSA. FMSCs (i.e. COTPs) will forward the names of these individuals to TSA or Coast Guard Headquarters for clearance prior to sharing SSI with these members. (f). Applicability--Owners/Operators

   The proposed rule requested comment on whether owners/operators of vessels, facilities, and OCS facilities should be required to obtain a TWIC, based on their access to SSI. Some commenters argued that requiring those who have already been screened for their access to SSI to obtain a TWIC based solely on their access to SSI would be an unnecessary waste of money and resources. These commenters noted that not all SSI is sensitive enough to require the kind of background check that will be a part of TWIC. A few commenters noted that the owner/ operator should determine who in their corporation needs to obtain a TWIC and who needs access to SSI. One commenter noted that this question pertains to 49 CFR part 1520, which was not defined as being within the scope of this rulemaking, although it defines SSI and provides standards for access to and control of SSI. Therefore, although 46 U.S.C. 70105(b)(2)(E) permits the Secretary to determine that individuals with access to SSI must have a TWIC, this issue should be the subject of a separate rulemaking addressing the provisions of 49 CFR part 1520. One commenter argued that owners and operators should be subject to the TWIC requirements, since they have access to SSI. Another commenter argued that owners and operators should be required to obtain a TWIC. They argued that owners' and operators' open access to secure areas and SSI by virtue of their position, warrants their need for the TWIC. This commenter went on to argue that not requiring owners and operators to obtain the TWIC would amount to rank discrimination. They sited the Dubai Ports World controversy as further evidence of the need for owners/operators to obtain a TWIC.

   The final rule does not include a requirement that all owners/ operators obtain a TWIC. We reviewed all of the comments received and agree with the idea that an owner/operator, due to access to SSI access and ability to control the company, should probably go through a background check. However, our difficulty comes in determining who exactly the owner/operator to be checked is. For small or closely-held companies, this is an easy answer, and we expect that in the majority of these cases, the owner/operator will get a TWIC due to his/her need to have unescorted access to the vessel or facility. However, larger, multi-national, publicly traded companies pose a much bigger problem. It would be impractical for TSA to run background checks and issue TWICs to anyone holding stock in a company that may own a facility or vessel regulated under MTSA. Additionally, these companies may be structured in such a manner that a bank or several large holding companies are actually the owners, but they have little to no input on the day to day operations at the facility or vessel. We reiterate, however, that any individual, including owners and operators, who wishes to have unescorted access to secure areas must have a TWIC.

   As such, we have not included the TWIC requirement for owners/ operators in this rule. We will, however, continue to examine the issue, and may propose adding this requirement in the future. (g). Applicability--Federal/State/Local Officials

   The proposed rule states that Federal officials are not required to obtain a TWIC, but must have an HSPD-12 compliant identification. Several commenters agreed with this provision because to obtain the HSPD-12 compliant identification cards, the applicant is subject to the same or more rigorous level of threat assessment that will be required for the TWIC (e.g., background investigations, fingerprints). Other commenters noted technological issues that will need to be resolved if Federal officials are allowed to use HSPD-12 compliant credentials in place of the TWIC. Several commenters emphasized that it is necessary for the TWIC equipment to be able to read the HSPD-12 compliant credentials or validate the cards' continued validity. Another commenter requested that Sec. 101.514(b) be clarified, so it is clear that Federal officials are still subject to the facility's access control requirements and presenting their credentials does not grant them unescorted access to the facility. In addition, several commenters noted that the proposed rule must include a requirement that Federal officials obtain an HSPD-12 compliant ID on the same schedule as the merchant mariners will be required to obtain TWICs and MMCs.

   The final rule will require Federal, State and local officials, in the course of their official duties, to present their current agency credentials for visual inspection to gain unescorted access to secure areas. We recognize the

   [[Page 3523]]

   technological difficulties presently facing the evolution of the biometric readers. However, in the future, we anticipate a separate rulemaking to require an HSPD-12 compliant credential to be read by a biometric reader for gaining unescorted access. We must stress that Federal, State and local officials will only use their authority to gain unescorted access in the course of their official duties. Such officials must abide by a facility's or vessel's access control requirements unless extenuating circumstances require otherwise.

   Under the proposed rule, compliance would be voluntary for State and local officials because the majority of these individuals undergo a security threat assessment prior to beginning their job. However, several commenters argued that this could be detrimental to maritime security and is problematic for several reasons. First, not all State and local officials undergo a security threat assessment. Second, it would be hard for crew members to determine if the State or local official's credential meets TWIC standards. Third, under this provision State and local officials would not be subject to the background check every five years like other holders of the TWIC. Another commenter noted that there have been instances in the past where local and State agencies have conducted their background checks independently of their employee application process. In addition, another commenter noted that the threat of terrorists posing as armed local or State enforcement officers is great, so there needs to be a more thorough evaluation of these individuals' identity then just showing their ID. Several commenters noted that those with the main responsibility for port security (e.g., port authority police who fall under the State and local system) should be required to get a TWIC, rather than make it optional. One commenter specified that all armed law enforcement officials should be required to obtain a TWIC.

   One commenter noted that under Sec. 101.514(c) State and local law enforcement officials would not have to possess a TWIC to gain unescorted access to secure areas. At the same time, Sec. 105.210 would require facility personnel responsible for security duties to maintain a valid TWIC. The commenter said that some ports have a police force comprised of certified police officers who are required to obtain the exact training as State and local law enforcement personnel. The commenter recommended that either Sec. 101.514(c) or Sec. 105.210 be rewritten to recognize these port police and remove the requirement for them to obtain a TWIC.

   Federal agencies are already required to implement HSPD-12, therefore there is no need for either the Coast Guard or TSA to do more than require that those credentials be used. We believe State and local agencies may issue similar cards as the Federal government completes implementing HSPD-12. Therefore, we are not requiring State and local officials to obtain TWICs at this time. We may revisit this decision in the future. While all State and local officials may not be required to undergo a security threat assessment comparable to the TWIC, they will continue to utilize their existing authority to board regulated vessels and enter regulated facilities as needed for official business and should continue to be afforded access in accordance with existing approved security plans. However, we encourage local and State officials to obtain TWICs to facilitate access to facilities and vessels when such access is a regular part of their duties.

   Regarding the status of ``port police'' who receive the same training and certification as local or State law enforcement officers being exempt from the requirement to obtain a TWIC, we disagree with the commenter. These individuals can be exempt only if they are actual State or local officials due to their employment status and statutory law enforcement authority.

   Other commenters requested clarification of the applicability of the requirements of this final rule to emergency first responders other than law enforcement, such as firefighters and emergency paramedics. We recognize that emergency responders are an important part of any port. We have extended the option to obtain a TWIC to them, but the final rule has also been changed to state that emergency responders will not be required to show a TWIC to gain unescorted access to secure areas during emergency situations, such as natural disasters or transportation security incidents. We do recommend that they obtain a TWIC if they require unescorted access during non-emergency situations. (h). Applicability--Voluntary compliance

   Two commenters wanted Sec. 101.514(d) clarified regarding voluntary implementation of a TWIC program. They stated that the definition of a TWIC program is confusing, and asked ``[c]an a voluntary TWIC program be used for badging purposes only, but the vessel or facility owner must still obtain approval of a security plan in order to use the card?'' One commenter wants the agencies to explain the opt-in reference from the NPRM, asking why anyone would opt-in when it carries a mandatory follow-up.

   One commenter wants the Coast Guard to insert language into the rule regarding voluntary application of the security plan as opposed to voluntary application of the TWIC program.

   As noted above in the discussion to changes to the Coast Guard provisions, this final rule no longer contains provisions allowing for voluntary TWIC programs, therefore it is not necessary to respond to these comments at this time. These provisions have been eliminated due to the fact that neither TSA nor the Coast Guard can, at this time, envision being in a position to approve voluntary compliance before the full TWIC program (i.e., reader requirements) is in place. We will keep it in mind, however, as we develop our NPRM to re-propose reader requirements. 3. Coast Guard Roles

   Several commenters expressed concern that the challenge to operators who service multiple ports increases as each COTP is given broad authority to establish and enforce different standards.

   We agree that consistency among different COTP zones is important and that different COTP interpretations of a final rule, such as TWIC, can create a challenge especially for those operators who service multiple ports. We also agree that some degree of discretion and flexibility is critical to the successful implementation and enforcement of all Coast Guard regulations throughout a COTP Area of Responsibility. To enhance nationwide consistency of the TWIC regulations, the Coast Guard will continue to create and distribute robust field guidance for use by all COTPs. In most cases, Coast Guard field guidance is available to the public and industry for their own use in preparing for inspections and examinations. Should an operator feel that different interpretations of a particular regulation by two or more COTP are negatively impacting their operation, they are welcomed and encouraged to contact the appropriate Coast Guard District Commander for resolution.

   A commenter asked who would enforce the escort requirement and the other TWIC requirements. The Coast Guard will continue to be the primary enforcement authority for all MTSA regulations.

   One commenter expressed concern that the Coast Guard has been unable to ascertain and report on the number and types of valid merchant mariner licenses or merchant mariner documents in existence at any time, and that this suggests a limitation in its ability to call

   [[Page 3524]]

   on merchant mariners in response to a national emergency. This comment is addressing the Coast Guard Merchant Mariner Credential (MMC) rulemaking, and so we have not addressed it there.

   One commenter requested that the Coast Guard articulate its intentions with regard to production of an identification document complying with the International Labour Organization (ILO) standards for U.S. seafarers.

   As the United States is not signatory to the International Labour Organization Seafarers' Identity Document Convention (Revised), 2003 (ILO-185), no plans have been made at this time to produce an identification document complying with that particular standard.

   Several commenters suggested that the background checks for TWIC be combined with those required for MMC. Two commenters suggested that TSA perform the security threat assessments for Merchant Mariner Documents (MMDs) as well as TWICs and that the Coast Guard use the results of such assessments in its processing of MMD applications. Others suggested that the consolidated review process should be carried out by Coast Guard.

   At this time, the option of having TSA or Coast Guard conduct all the required background checks for individuals who require both the MMCs and the TWIC is not feasible. TSA has established a system and process for ensuring individuals applying for the TWIC undergo a consistent security threat assessment and the Coast Guard already has the authority and process in place for conducting the required safety and suitability checks for mariners prior to issuance of credentials. To create a unique system of background checks for approximately one fifth of the expected initial TWIC population would create the need for additional infrastructure within one agency and raise costs for the government and the entire TWIC population. In addition, the Coast Guard has more expertise and authority over the merchant marine than TSA and is in a much better position to determine whether an applicant is safe and suitable to serve in the merchant marine at the rate or rating sought. At this time, the most efficient and cost effective method available for issuing TWICs to credentialed mariners is to have TSA conduct the security threat assessment and issue the identity document (TWIC) while the Coast Guard continues to issue the mariner's qualification document (MMD/License/MMC).

   In addition, requiring only one criminal record review for both security and safety-related crimes by one agency would negatively impact mariner flexibility. If only one background check were to occur, mariners would be required to apply for their MMC only at the time they applied for their TWIC. As currently proposed, the MMC and TWIC expiration dates need not align. This allows an individual who works at a port to decide later that he or she wants to become a merchant mariner. In addition, for those mariners who already hold a MMD, License or Certificate of Registry (COR), they need not renew their credential upon the initial issuance of their TWIC, because the effective period of their current credential is not affected by this proposed regulation. If we were to require only one background check by TSA for all mariners, the mariner credential would have to come into line with the expiration date of the TWIC. Requiring mariners who already hold credentials to renew so that their credential's expiration date matches their TWIC expiration date is currently impossible from a legal standpoint due to the statutory requirement that Licenses and MMDs must have a 5 year validity period under 46 U.S.C. 7106 and 46 U.S.C. 7302. Such a requirement would inherently shorten that 5 year duration. Finally, requiring only one security/safety/suitability criminal record review by TSA at the time of application would affect individuals who would like to seek raises in grade or new endorsements on their MMC during the 5 year validity period.

   One commenter expressed concern about unanticipated impediments to international transportation resulting from TWIC, particularly regarding rail transportation. This commenter urged Coast Guard and TSA to be prepared to respond quickly to interpret the new regulations and address other unanticipated issues.

   We agree that both TSA and Coast Guard should be prepared to make modifications to the TWIC program if needed; any amendments will follow existing requirements for changes to published regulations.

   One commenter expressed a desire for standardization of the application process for TWIC or MMD across all regions of the country.

   We agree that a standard application process for TWIC and MMD (to be replaced by the MMC) is desirable and a reasonable goal. It is our expectation that all forms, instructions and data collection and processing procedures will be standardized, but not combined, for the TWIC and MMC. As stated earlier, some degree of flexibility will be necessary for local TSA and Coast Guard authorities to best serve the local operators and customers. For example, TWIC enrollment center locations, hours and days of operation are planned to incorporate local industry input. 4. Owner/Operator Requirements

   The proposed rule would have required owners/operators of vessels, facilities, and OCS facilities to ensure that security systems and equipment were installed and maintained, including at least one TWIC reader that would meet the standard incorporated by TSA in 49 CFR 1572.23. The proposed rule would have also required that owners and operators ensure that computer and access control systems and hardware are secure.

   Several commenters argued that MTSA only mandates TWICs themselves and does not require TWIC readers and their associated equipment. Other commenters were confused as to whether the proposed rule would allow one TWIC reader for an entire vessel and facility or would require a TWIC reader at all access points to secure areas.

   Many commenters said that the requirement to place at least one TWIC reader on every vessel would be costly and would not improve security, particularly on small vessels such as towboats. Some commenters argued that their vessel crews are small and that the presence of any unauthorized individuals would be readily apparent. Several of these commenters requested that the final rule waive the requirement for TWIC readers for passenger vessels.

   One commenter stated that TWIC readers should not be required in a ship's interior unless required by the vessel's security plan, because existing vessel security plans already adequately address such security concerns. The commenter argued that the locations of TWIC readers should be dictated by the risk assessment performed for the vessel's security plan.

   One commenter requested that the final rule allow one TWIC reader for a facility and the vessels that operate from that facility, as long as the facility's security plan incorporates the vessel operations or the facility and vessels have separate approved security plans. Another commenter said that the use of card readers should be optional for facilities and vessels until experience is gained and best practices are developed within the industry.

   One commenter requested that the final rule require that facility operators ensure that all readers deployed are fully functional and operational to ensure that all gates are accessible for truck drivers and other affected personnel to use.

   Because the use of readers is not required by this final rule, concerns

   [[Page 3525]]

   related to the value or drawbacks related to requiring readers have been deferred. A more complete discussion of why recordkeeping requirements are no longer included may be found below in the section discussing recordkeeping requirements.

   One commenter said that Sec. 105.200(b)(8) requirements for adequate coordination of security issues between the facility and vessels that call on it are problematic for both passenger facilities and vessels. The commenter asked that the subparagraph be modified to reference only those that access secure or restricted areas, not the entire facility.

   The referenced paragraph, while redesignated, was unmodified by the NPRM or this final rule and, therefore, no changes to the provision were considered.

   One commenter said that the proposed rule does not adequately address a facility's responsibility to log seafarers off the ship and onto the facility for routine ship operations. The association asserted that the ship and its crew, by virtue of its clearance by Federal officials to enter port and begin cargo or passenger operations, should be considered a part of the facility and logging off the ship should not be necessary for either normal ship operations or access for shore leave.

   Because the recordkeeping requirements have been removed from this rule, there are no specific TWIC logging off requirements. Removal of the TWIC recordkeeping requirements is discussed below.

   One commenter stated that the rule must clarify that the owner/ operator cannot be held responsible for events rendering employees ineligible for a TWIC of which the owner/operator has no direct knowledge.

   Section 105.200(b)(14) establishes a responsibility on the part of the owner/operator to inform TSA of any information that he/she becomes aware of in the normal course of its operations or simply by chance. Whether the information is known ``directly'' or ``indirectly,'' the intent is to ensure that facts, which would affect an individual's eligibility to possess a TWIC, are made available to TSA. The section does not impose a responsibility for an owner/operator to actively seek information on employees or other workers; merely to provide it to TSA should the owner/operator become aware of such information.

   One commenter asserted that there is no discussion in the NPRM regarding how owners/operators should deal with a failure in the TWIC system other than to state that they must incorporate backup processes into their plans. The commenter said that TSA and Coast Guard should provide some recommended alternatives. Another commenter expressed an interest in having consistency in the backup processes used by ports and urged TSA and Coast Guard to be more prescriptive on this matter.

   One commenter noted the NPRM stated that if the TWIC reader breaks, security personnel should know how to compare the picture on the TWIC with the person's face or have someone vouch for that individual. The commenter then asked if matching a person's face to his or her picture is an acceptable approach to screening, why that method of screening is not an acceptable alternative to the readers more generally. Two commenters said that they supported the inclusion of language that allows operators to include protocols for responding to TWIC holders who cannot electronically verify a match between themselves and the information stored in the cards.

   Because the reader requirement has been removed from this final rule, we believe that further discussion of what would constitute acceptable alternate security procedures should the TWIC system fail would be better addressed during a subsequent rulemaking that implements a reader requirement. 5. Requirements for Security Officers and Personnel

   One commenter said that he would not have the time to attend any required training to become familiar with the TWIC program.

   It is the responsibility of each individual to ensure that he or she receives all the training necessary to successfully perform his or her assigned duties. However, we will work closely with industry and other appropriate stakeholders to ensure that the knowledge requirements can be satisfied by all affected personnel.

   One commenter stated that changes to Sec. Sec. 105.205, 105.210, and 105.215 seem unnecessary because the proposed rule requires possession of a TWIC for unescorted access to a secure area.

   We disagree; the provisions provide clarity and avoid any question as to the responsibility of Company Security Officers (CSOs) and other security personnel to have and maintain a valid TWIC.

   One commenter asked whether the citizenship of a CSO would affect his or her ability to receive a TWIC. The commenter also asked whether the CSO and other security personnel of a foreign-flagged vessel would need to obtain a TWIC.

   Foreign-flagged vessels, including cruise ships, and their crews are exempt from the TWIC provisions, as set forth in 33 CFR part 104. If the CSO is not a U.S. national or legally authorized to work in the United States, he/she may be eligible for a TWIC depending on whether he/she has applied for and received certain types of U.S. visas. We have expanded the eligibility for persons working under valid work visas to open TWIC eligibility to as many of these individuals as possible.

   One commenter said that the proposed rule should be amended to provide the CSO with the authority to implement acceptable alternative screening measures for unescorted access to a vessel when the use of TWICs is impractical, unreasonable, and vessel security is not compromised. In particular, the commenter requested that the CSO be empowered with the discretionary authority to modify or exempt TWIC- controlled unescorted access and use the currently accepted procedure of a positive photo-identification along with verification from the worker's company.

   Alternative Security Programs (ASPs), proposed and implemented pursuant to the existing regulations, will be available to owners/ operators. The ASP must be approved pursuant to 33 CFR 101.120. We do not agree, however, with the proposal to allow CSOs the authority to accept alternative measures to TWIC without first obtaining approval for such an alternative from the Coast Guard. Provisions for seeking waivers or equivalents remain unchanged, and are listed in Sec. Sec. 104.130 and 104.135, respectively.

   One commenter noted that page 29403 of the NPRM refers to the ``access control administrator of the vessel or facility.'' The commenter said that it already has a CSO, FSOs, and VSOs. It asked whether the NPRM would require companies to create a new position or assign a new set of duties to a company employee.

   The term ``access control administrator'' was not intended to, nor does it, create a new position. It was used to describe a position that may or may not already exist at a vessel or facility. Additional duties to CSO, FSO and VSO are expressly set out in the Rule, and are not intended to overburden any of those positions.

   One commenter asked how much knowledge of and training on the relevant aspects of the TWIC Program VSOs and other personnel of foreign-flagged vessels would be required to have.

   Foreign-flagged vessels and their crews are exempt from the TWIC

   [[Page 3526]]

   provisions, as set forth in 33 CFR part 104. VSOs on U.S.-flagged vessels will need to know of those aspects of the vessel's TWIC Program that are relevant to his/her job. For example, if the VSO will be responsible for visually inspecting TWICs, he/she must be familiar with the security features of the TWIC, the alternative procedures to be followed when an individual tries to enter after reporting a TWIC as lost, damaged, or stolen, the procedures to be followed when a fraudulent (altered) TWIC is discovered, and the procedures to be followed when an individual without a TWIC tries to enter a secure area without escort.

   One commenter noted that the NPRM proposed requiring that all individuals with security duties and those who may be examining TWICs at access control points have some familiarity with the security features of the TWIC. The company said that TSA or Coast Guard should provide an online course about the security features of the TWIC that can be completed prior to going to the enrollment center, at a kiosk, or at the enrollment center. Successful completion of that course would be required prior to the TWIC application being accepted. Another commenter suggested that the Federal government should provide more extensive outreach and direction to operators and Security Officers prior to finalizing the rule. The purpose of the outreach would be to receive input and to more fully discuss expectations of those who will be given new responsibilities by the rule.

   We agree that further guidance on how to fulfill the training requirements contained in this final rule is necessary. The use of online courses may be implemented at a future date. In the interim, further guidance will be forthcoming through publication of an NVIC.

   One commenter suggested that the CSO be provided with the option of activating TWICs on behalf of the enrollment centers. We are not considering this option currently, because it may introduce privacy and security issues with the security goals of the TWIC program. However, as the program develops, we will continue to consider ways to allow for greater flexibility in all levels of the program whenever appropriate. 6. Recordkeeping/Tracking Persons on Vessels/Security Incident Procedures

   Sections 104.235, 105.225, and 106.230 of the NPRM proposed requiring Security Officers to maintain records for two years of all individuals who are granted access to the secure areas of a vessel, facility, or OCS facility. Numerous commenters, including the SBA Office of Advocacy stated that, in general, the requirement is overly burdensome and would have no resulting security benefit. Several commenters requested a clear understanding of what this information will be used for and justification for the creation and maintenance of each of these records. A few commenters stated that this requirement is overly burdensome on cruise operators because of the volume of people coming and going. One commenter said that this requirement is especially burdensome on operators of small passenger vessels like water taxis but did not state why. Some commenters specifically asked that the requirement be deleted from the rule. Many commenters stated that two years is too long to maintain such records. In contrast, one commenter supported the two-year timeframe.

   Many commenters noted that businesses that maintain security videotapes typically keep them for only a brief period. These commenters said that if no security incident has occurred relating to a particular entry to a secure area, there is no need to keep a record of the person involved. Should the Federal government need to ``track'' the presence of employees on vessels, it can obtain and rely on payroll records and other employee files typically kept in the course of business rather than imposing a mammoth new recordkeeping requirement?

   Two commenters said that the recordkeeping requirement would further delay the processing of individuals in and out of port facilities, which would affect the flow of freight through the facilities. Five commenters said that the need to keep and access records would greatly increase operating costs.

   One association noted that the requirement would force facilities and vessels to install both an entrance and an exit system and said that there have been technological problems with exit systems. It said that exit system technology should be tested before a requirement to use them is promulgated.

   Two commenters said it is not clear by whom and where the access records would need to be kept for two years. One commenter suggested that the recordkeeping requirement would make more sense if it applied only to individuals picking up hazardous materials from their facility. A few commenters suggested that the rule be amended to allow video recording to meet the recordkeeping requirement. Additional commenters wanted crewmembers to be exempted from these general provisions to save on paperwork, suggesting instead that crewmembers be logged into the system upon entry to the vessel and logged off upon final exit from the vessel without registering every entry and exit in-between.

   Two commenters wanted vendor/contractor personnel to be entered into the database upon initial boarding and then entered again after his final departure. The commenters also stated that there is no need to record every trip made to and from delivery vehicles or shoreside offices/workshops.

   Several commenters complained about the lack of personnel to maintain these records. They asserted that facilities will be required to manually enter information on visitors who are exempt from the TWIC requirement. Some commenters felt this was not practical. Two commenters wanted provisions added to the regulation to allow modified procedures for large work gangs, such as longshore gangs vetted by the port, to board the vessel to work cargo without each individual longshoreman being screened by the vessel prior to and at the conclusion of the workday.

   Commenters balked at the amount of records that will need to be kept. Two commenters suggested that, to alleviate burden, the records should be automated through the TWIC system, which could keep track of all persons granted access to secure areas. This could be done through an additional access card. One commenter complained that the cost of readers is an unnecessary expense and does not need to be incurred for one-vessel or two-vessel operations, but that without the reader, the paperwork requirements become even more daunting. One commenter wanted the rule to specify exactly what information should be maintained and suggested: Name, ID number, and home address.

   As noted above in the discussion of changes to the Coast Guard provisions, the recordkeeping requirements related to TWIC implementation have been removed from the final rule. We had proposed the requirements because we believed they could be satisfied by using the TWIC readers, which were also proposed. Due to our decision to remove the reader requirements from this final rule, it makes sense to also remove the recordkeeping requirements that were intrinsically tied to those readers. We will keep these comments in mind as we consider whether to re-propose new recordkeeping requirements.

   Several commenters wrote in opposition to the requirement that vessel or facility owners ensure that

   [[Page 3527]]

   appropriate personnel know who is on the facility at all times.

   One commenter said that the requirement would place a tremendous strain on many ports and would provide little value if individuals are properly screened during the entry process. According to the commenter, even if card readers are installed at each entry and exit point and all TWIC holders were to utilize them, provisions would still have to be made to capture data from visitors, vessel crew members, and passengers in freight trucks. The commenter noted that current Coast Guard regulations require ports to grant access to crew members of vessels, including foreign nationals. Because foreign nationals would not be eligible to obtain a TWIC, the port authority said it would have to hire additional security guards to escort crew members while they transit port property. The commenter added that the NPRM had not explained or justified the benefits of knowing precisely who is on a vessel or at a facility at all times or in requiring individuals to use a TWIC to exit.

   Another commenter said the requirement would require readers at both entrance and exit gates and argued that exit control is costly and provides little additional protection. The commenter added that other industries have reported technological problems with exit systems. It noted that exit control is not required in the ``higher risk'' aviation sector.

   One commenter said that it is not critically important to national security that facilities know exactly who is on a facility at any given time. It is only important to know that everyone on the facility has been cleared to enter. Another commenter said that this requirement would require every facility to construct a security building at every entrance and deploy security guards around the clock. The commenter said that the resulting compliance costs would be prohibitively expensive but would not improve the security of ports because facility operators are already guarding areas determined to be at risk.

   Some commenters opposed the application of this requirement to passenger vessels. Two commenters said that because large cruise ships have hundreds of properly authorized visitors onboard at any given time, it would be unreasonable to require a single crew member to know who is onboard. They suggested that the ship's visitor and crew logs be utilized for this purpose because all cruise ships record the arrival and departure of each person while in port. A third commenter noted that passenger vessels can carry thousands of passengers and requested that this requirement be drafted or explained in a way that could ``reasonably'' be applied to passenger vessel operations.

   Another commenter recommended that owners or operators be required to know the whereabouts of contractors and visitors, but not facility employees. The commenter stated that it would be extraordinarily difficult to know who is present at a large facility with thousands of employees, because many people ``badge in,'' but not out. The commenter said that the requirement as proposed could require new equipment at multiple access points with little enhancement of security.

   Because the use of readers is not required by this final rule, these record keeping requirements and the requirement to know who is on a vessel or facility at all times have also been removed. Comments and concerns on these issues, however, will be considered in any subsequent rule which imposes a reader requirement.

   One commenter requested that Sec. 104.290(a)(1) and 105.280(f) be modified to conform to Sec. 104.235 and 105.225, respectively, by requiring the availability of a list of persons who have been allowed access to secure areas, not to the entire vessel or facility.

   Because the proposed record keeping requirements have also been removed, we have also removed the requirement that these records be made available after a security incident. Comments and concerns on these issues, however, will be considered in any subsequent rule which imposes a reader requirement. 7. Reader Requirements/Biometric Verification/TWIC Validation Procedures

   We received a substantial number of comments on technology issues, almost all of which expressed concern about the feasibility and appropriateness of the proposed TWIC system. Commenters noted that the prototype did not test many parts of the proposed system including the readers and communications with a central database. Some questioned whether the central database is available. They questioned whether the systems will be compatible with existing systems; if they are not the cost of replacement will be high. Commenters stated that TSA must test the proposed system before requiring its use and ensure that it will work in the marine environment and that backup systems will function as well. They stated that if comprehensive testing is not done the result could be higher costs throughout the entire supply chain. In terms of interconnectivity, they stated that the system has to be shown capable of processing 700,000 TWICs instantaneously. Commenters also noted that the system does not appear to have been tested with passenger vessels.

   Many commenters stated that cards that had to be inserted into a reader would not work in the marine environment. These commenters stated that TSA had failed to demonstrate the contact readers would work reliably in the marine environment and had not accounted for the cost of frequent maintenance and replacement or the costs imposed by failures that delayed workers and cargo. One commenter noted that when it tested readers outdoors the device did not last five days. Many commenters recommended a contactless reader system as an alternative. They noted that this type of card was used in prototype. Commenters suggested that readers and cards should have mean time between failure of 10,000 hours and at least 6 months between maintenance.

   Commenters stated that they needed to know what types of readers would be required before they could be reasonably asked to comment on the rule.

   Many commenters questioned whether cost-effective fingerprint readers would work in the marine environment. They noted that the readers require clean screens and clean hands; the latter may be difficult in the marine and port environment. One commenter stated that one member using a biometric reader had a 300 percent annual repair rate, which meant that multiple backup systems will be needed.

   Commenters stated that failure rates of 10 percent would have a serious effect on the ability to move cargo into and out of ports. One commenter noted that a failure rate of 10 percent would mean that 3,500 individuals a day would be delayed at LA/Long Beach. If 10 percent of trucks were delayed, the delay would ripple through the entire line of trucks waiting and through the supply chain. They recommended that an error rate must be less than one percent before the system is adopted. Commenters who had implemented biometric readers indicated that they had failed to perform satisfactorily.

   After reviewing these comments, we have determined that implementing reader requirements as envisioned in the NPRM would not be prudent at this time. As such, we have removed the reader requirements from the final rule, and will be issuing a subsequent NPRM to address these requirements, instead requiring that the TWIC be used as a visual identity badge at MTSA-regulated

   [[Page 3528]]

   vessels and facilities. That NPRM will address many of the comments and concerns regarding technology that were raised in the above-summarized comments.

   Many commenters opposed the requirement to install a TWIC reader on each vessel. One reason for this opposition was that crews on some vessels are small and very familiar with one another, making it difficult for an unauthorized individual to go unrecognized. Other commenters cited the high cost of installing readers on each vessel. Some commenters said that the readers would be difficult to mount on small vessels or would break down in the marine environment. Commenters also said that there is no legislative mandate to require TWIC readers on vessels. Some commenters suggested that the TWICs of vessel crew members could be scanned at the entry point to a facility prior to boarding a vessel.

   One commenter said that alternative methods should be allowed for using the TWIC to vet personnel for access on board vessels without the use of readers. One alternative suggested by the company would be to allow all personnel to check in at a central location such as a company office, have their biometrics confirmed, and then be transported to the vessel via trusted agent. At the same time as personnel are being transported, a confirmed list of vetted personnel could be electronically transmitted to the vessel for confirmation purposes. Another commenter opposed a requirement for a TWIC reader on vessels carrying fewer than 150 passengers. A third commenter said that requiring all terminals, regardless of size and technological expertise, to have electronic readers and supporting IT systems in place and operating properly might further compromise efficient terminal throughput. If the readers and related IT systems don't function properly, they will exacerbate congestion and delays. The commenter said it is therefore essential that all technical and process-related issues are thoroughly ironed out before rules are finalized and the program is implemented.

   As stated above, the reader requirements have been removed from this rule; therefore, it is not necessary to respond to these comments at this time. Concerns that remain relevant will be considered during the subsequent rulemaking.

   One company said that each TWIC would include data on an individual's employer, which would mean getting a new TWIC after every job change. Because of the high turnover rate of vessel personnel, the number of invalid TWICs would grow quickly.

   Workers' eligibility to maintain a TWIC is not tied to his or her employer, and employer information is not included on the TWIC itself. Therefore, when a worker changes employment, TSA need not be notified, and neither the TWIC itself nor the individual's eligibility to hold and maintain a TWIC will be affected.

   Some commenters pointed out the possibility that truck back-ups could occur or be made worse in the likely event that a truck driver arrives at a reader and finds that he or she does not have their TWIC or their TWIC is inoperable due to being damaged or some breakdown of the system. Another commenter expressed a similar concern about operational delays that could result from lost or damaged cards or system malfunctions during the typical rush of longshoremen arriving for work at or near the same time.

   The removal of the reader requirements from this final rule should eliminate the concerns expressed above. Additionally, we have added specific provisions to accommodate persons who have reported their TWICs as lost, damaged, or stolen, to provide continued access for a limited time, until they are able to pick up their replacement TWIC.

   Several commenters said that the requirement to check TWICs against an updated list from TSA would be overly burdensome, especially if the list of invalid TWICs becomes large. One company preferred that TSA establish a toll-free number and a website for checking the validity of a TWIC instead of requiring company to maintain a potentially large database. Another commenter said that TSA and Coast Guard should reduce the frequency of TWIC verification at MARSEC Levels 1 and 2. Alternatively, the commenter suggested that a company could maintain possession of a person's TWIC and verify them as frequently as necessary.

   One commenter said that TSA and Coast Guard should be responsible to develop a system with which owners/operators can contact TSA to verify the validity of TWICs. The association said that one possible solution is to establish a web portal where facility operators, through a password protected system, are able to match a name and picture with the TWIC ID number.

   Many commenters said that most vessels do not have Internet access and therefore would have trouble regularly updating their list of valid TWICs by downloading data from TSA. One commenter said it would theoretically be possible to employ an agent at each port of call to physically deliver downloads to a vessel, but this would significantly increase the cost of the program. Another commenter noted that not all marine employers have computers, so there must be a way (e.g., telephone-based system) for those without computers to check the validity of a TWIC.

   One commenter noted that there are a number of areas on western rivers that are wireless dead zones. The company also noted that few existing vessels have satellite Internet connection capability and any such expectation should be included in the economic analysis. The commenter also added that if TSA and Coast Guard expect vessels to use landline connectivity, the cost to stop a vessel periodically (weekly or daily) to download the latest information to vessel card readers would be significant and should be included in the economic analysis.

   Two commenters questioned whether satellite communications would remain available for civilian use at elevated security levels. One commenter said that at MARSEC 3, the Federal government takes control over communications satellites, thus making it impossible to download any data from TSA via satellite.

   Several commenters said the proposed frequency for updating the TSA information used for TWIC screening is excessive. Several suggested alternative update frequencies for each MARSEC Level. Two commenters said the proposed update frequencies should be the same as for validation of HMEs (annually). A company involved in responses to marine spills said that the requirement to update its list of valid TWICs would be cumbersome and an extra burden during responses.

   One commenter suggested that information about individuals who are determined to be a security risk should be communicated to the local Coast Guard for immediate dissemination to FSOs. The company argued that it would be ``ridiculous'' to require a time-sensitive industry to employ computers to search through millions of names in a national database to identify a name not on the list. The company said that national security would be better served by providing the much shorter list of ``non-authorized'' persons. One commenter requested that the rule clarify that a private regional entity under contract to a terminal operator would be allowed to maintain the database of valid TWICs for the operator.

   [[Page 3529]]

   Although a reader is not strictly necessary for checking the validity of a TWIC, in most cases, we believe that requiring facilities to manually check the validity of TWICs without including reader requirements is impracticable. Therefore, because the reader requirement has been removed from this rulemaking; the requirement that the credential's validity be checked against the TSA list of revoked credentials also has been removed. The Coast Guard, when conducting spot checks, will verify a TWIC's validity while confirming the identity of the TWIC holder. We will continue to consider ways to provide flexibility to owners/operators in satisfying this requirement in subsequent rulemakings.

   One company asserted that TSA and Coast Guard had not provided any information to the regulated community regarding the size or format of the data files likely to be associated with the list of invalid TWICs. Without this information, the company said it could not provide detailed comments regarding the cost or difficulty in providing this information to its vessels or whether it is even possible with the systems currently in place.

   We agree that this type of information is necessary for industry to effectively implement these requirements, and will keep this comment in mind as we draft our NPRM re-proposing reader and TWIC validation requirements.

   One commenter said that U.S. vessels face connectivity issues when transiting foreign ports and would therefore not be able to comply with the proposed requirement.

   We will keep this comment in mind as we draft our NPRM re-proposing reader and TWIC validation requirements.

   Another commenter suggested that facial recognition should be allowed at MARSEC Level 1 instead of biometric verification. Another commenter asked what facilities would be required to do if there are delays in updating its database. The commenter said that this is a critical point, because many other high-priority actions would be taking place at MARSEC Levels 2 and 3.

   These requirements have been removed from this rule and therefore, concerns related to the use of the credential at different MARSEC levels will be revisited in a subsequent rulemaking.

   A commenter said that rather than placing the burden on employers to repeatedly check the validity of each worker's TWIC, the vessel or facility operator should have the option of registering its employees and others who access its vessels or facilities using a TWIC with the Coast Guard. The Coast Guard would be responsible for notifying the operator if a TWIC it has registered has been invalidated.

   As set forth in the NPRM, owner/operators could register its employee and others who access its vessel or facility using a TWIC with TSA, and TSA would notify the owner/operator if a TWIC is subsequently invalidated. TSA describes the process as ``privilege granting.'' This process will still be available, even though we are not requiring owners/operators to routinely validate TWICs in this final rule.

   One commenter questioned whether the Federal government would be able to update the list of invalid TWICs on a daily basis at elevated MARSEC Levels. Another commenter conjectured that if there is a terrorist incident that leads to elevated security measures, Internet and other communications systems would likely be taxed to the point of failure. This would make frequent updates of the TWIC database difficult if not impossible.

   While it is impossible to predict with certainty how essential infrastructure will be impacted by a terrorist incident, we believe that the layered security approach imposed by the MTSA provides the best approach to ensuring the greatest protection to our maritime facilities. However, because the reader requirement has been removed from this rulemaking, so has the requirement that owners and operators check the credential's validity against the TSA hotlist. We will keep these comments in mind as we draft our NPRM re-proposing reader and TWIC validation requirements.

   Several commenters said that the required scrutiny of TWICs should not change with the MARSEC Level. Commenters said that the card is designed to be secure and linked to the cardholder by biometric verification, so the security benefits of additional scrutiny would not be worth the effort. One association opposed the requirement that vessels download daily updates on the status of TWICs at MARSEC Levels 2 and 3. The association said that the proposed rule's discussion of MARSEC Levels was not based on reasonable risk analysis. One commenter said that the requirement for use of a PIN and daily check of TWICs at MARSEC Levels 2 and 3 would provide only a marginal increase in security that is not worth the time, effort, and potential problems these measures would create. Another commenter opposed the proposed requirement that all TWIC-enabled gates be manned at MARSEC Level 2, saying it would divert security resources when they are most needed. One commenter said there is no history of legislative intent during the development of MTSA for a requirement that industry download latest TSA information during increased MARSEC Levels.

   These requirements have been removed from the final rule and therefore, we defer any response to these comments. We will keep these comments in mind as we draft our NPRM re-proposing reader and TWIC validation requirements.

   One commenter maintained that weekly/daily verification for maritime workers was unjustified based on the fact that hazardous materials truck drivers, who pose a greater security threat (due to operation by a single individual and close proximity to population centers and potential terrorist targets), are checked annually.

   We believe that this commenter misunderstood what the NPRM meant by the weekly/daily verification, but note that the final rule does not include this verification procedure, and therefore we need not respond to it further at this time.

   Some commenters stated that their facilities are not transportation facilities, and as such the cards will be used only to clear employees into the facility. They stated that their existing systems are sufficient and that shifting to the proposed TWIC would double the time required to process each employee, which could cause operational delays during shift changes. The TWIC system should be designed to be easily integrated into legacy systems or TSA should allow facilities to use their existing systems after an employee obtains a TWIC.

   The NPRM was drafted to allow owners/operators to continue to use their existing access control systems so long as they were able to integrate the TWIC into those systems. The elimination of the reader, biometric validation, and card verification pieces from this final rule does not change this. In order to integrate the two systems, owners/ operators will need to ensure that their own access control systems are updated to show whether the employee has a TWIC even when he/she presents only the facility-specific badge. In other words, an individual must still have a TWIC before he/she can be granted unescorted access to a secure area, even if the badge being used to gain entry on a day-to-day basis is not the TWIC.

   The Navy stated that Department of Defense Common Access Cards (DOD CACs) should fulfill the TWIC requirements. As long as the DOD CAC is the official credential for the Navy, it

   [[Page 3530]]

   will meet the identification requirement in Sec. 101.514(b) when required for official duties authorized by the Navy. If it is replaced with another credential in order to gain compliance with HSPD-12, however, that new credential will need to be used by Naval personnel seeking to gain unescorted access to a MTSA-regulated vessel or facility. 8. Access Control Issues (a). New Hires/Persons Needing Access Before TWIC Is Granted

   Many commenters remarked that seasonal workers are employed for 90 days or less, and those commenters believed that the rule would severely impede seasonal hiring if the workers had to wait 60 days for a TWIC. Some commenters pointed out that seasonal businesses often must find new or replacement staff quickly. An association noted that seasonal workers are generally students, who may not know where they are going to work 60 days before classes end. Another association described how a business might not have enough TWIC holders at the beginning of the season to escort the rest of the workforce.

   We believe that the inclusion of the ``employee access area,'' discussed above, should operate to exclude the vast majority of seasonal employees from even needing a TWIC.

   Some commenters mentioned similar problems with short-term workers and casual labor hired with little advance notice, and those commenters described instances where workers are needed immediately. For example, in some businesses, deckhands come and go at a greater frequency than 30 days. One commenter remarked that it is not uncommon for a new hire to get onboard only to find out that they are not suited for work on vessels, leaving them scrambling to fill a position when a crewmember leaves. A State port authority noted that in addition to new hires, other individuals might need occasional unescorted access without having to wait for a TWIC card.

   Several commenters objected to the fact that new hires would not be able to work until they obtained a TWIC card. Many other commenters agreed that the requirement would hurt the ability of companies to hire new workers and mentioned the high turnover rate in the industry, especially among entry-level positions. As one commenter described the situation, ``When a worker needs a job, he or she needs a job now, not 30-60 days from now. If we cannot readily put people to work, there are any number of non-maritime employers who will be happy to hire them and put them to work immediately.'' Commenters added that vessels and facilities would have to add security personnel to escort new hires and that TSA should develop some mechanism, such as temporary access, to address the period before the new hires or existing employees receive their TWIC cards.

   One commenter had a suggestion for temporary access for visitors requiring unescorted movement for special cargo deliveries from a transportation mode not usually found in the maritime sector (e.g., oversized loads of equipment being shipped outside of the United States). A temporary TWIC should be established which can be granted by the facility after verifying two forms of identification and a check of databases. Various private companies already offer this service and DOD uses it for contractors and vendors to enter U.S. Army facilities.

   Many commenters encouraged TSA and Coast Guard approval of a probationary period during which a new hire could begin work or training while the TWIC application is pending. Such a period could begin after the vessel, facility, or port has conducted its own background checks. Other commenters also favored a simplified or expedited background check (similar to those for firearms purchases) and interim, site-specific authorization for access. Some commenters specifically mentioned a temporary credential, similar to a temporary security clearance, or a pass authorized by the vessel or FSO. One commenter generally favored a shorter duration card.

   A few commenters had suggestions about a different security system for short-term workers. One of them emphasized that casual laborers in the maritime industry may work for only one day, but casual laborers often outnumber permanent employees, so the requirement for escorts is impractical. One commenter added that the process required by the regulations must be flexible enough to allow small operators to respond to time sensitive demands for service, and cost-effective enough to allow these same small entities to continue to remain in business. Another commenter wanted to continue with its current photo ID system. A third commenter favored having annual renewal of the TWIC.

   After reviewing these comments, we recognized the need to provide owners/operators with the ability to put new hires to work immediately if an urgent staffing requirement exists, once new hires have applied for their TWIC. We have included, above, a detailed discussion of the new provisions that have been added to this final rule to allow new hires to have access to secure areas for up to 30 consecutive days, provided the security threat assessment process has begun, the new employee passes an initial TSA security review, and the individual remains accompanied while in the secure area. In addition, if TSA does not act upon a TWIC application within 30 days, the cognizant Coast Guard COTP may further extend a new hire's access to secure areas for another 30 days. Additional guidance on this provision will be forthcoming in a NVIC. (b). Persons With Lost/Stolen/Damaged TWICs

   Several commenters expressed concern that key personnel will lose their TWIC and not be able to enter a marine terminal or a vessel until they receive a new one. Several questioned TSA's estimation that replacement cards could be printed and shipped within 24 hours. One noted anecdotal evidence from participants in the Delaware River pilot that nearly two weeks elapsed before a replacement card was ready for activation. Another noted that the 24-hour estimation provided in the NPRM did not account for shipping time or the time required for an applicant to get to a TWIC enrollment center and that 3-4 days may be required for the entire replacement process. Many commenters indicated that it was important to ensure that individuals continue to access appropriate facilities while they await replacement cards or when they simply forget to bring their TWIC with them to work. Failing such access, operators will face burdensome work interruptions and employees might seek a different job or request unemployment compensation.

   Commenters offered several suggestions regarding measures to mitigate delays that could result from lost, malfunctioning, or forgotten TWICs: (1) Temporary cards issued while an applicant awaits a replacement card; (2) some type of receipt indicating that the replacement card had been ordered; (3) providing a mechanism for a vessel/facility operator to capture the biometric from the card or from the TSA database for storage in the local database and validate an individual's identity by matching his fingerprint with the biometric stored in the local database in the event the individual leaves his card home on a given day; or (4) alternative identification verification provisions (e.g., visual identification, confirmation call to vendor's employer) included in vessel security plans for situations where mariners and shoreside personnel seeking unescorted access to the vessel have lost or forgotten their TWIC.

   [[Page 3531]]

   As noted above in the discussion to the changes to the Coast Guard provisions of this rule, we have added specific procedures for owners/ operators to use to allow individuals to continue to gain unescorted access to secure areas for seven (7) consecutive days in the case of lost, damaged, or stolen TWICs. This procedure should alleviate the concerns over work slow downs or stoppages that were expressed by the commenters above.

   One commenter noted a related issue that mariners whose TWIC is lost, stolen, or inoperable may have to be replaced on very short notice and that finding replacement workers could result in operational delays and other problems.

   It is likely that the provisions added into the final rule, to allow for individuals with lost, damaged, or stolen TWICs to continue to work for up to seven (7) days, will alleviate this problem. (c). Use of PIN

   Several commenters objected to the requirement for TWICs to have an accompanying PIN number. Many of these commenters said the other security protections in the card would obviate the need for a PIN. In general, comments on this issue reflected two different interpretations of the proposed rule's requirement regarding PIN numbers. Some commenters assumed that the PINs would only be required at elevated security levels, while others assumed that TWIC holders would have to enter the PIN each time to unlock the biometric features of the card. One commenter opined on the treatment of PIN numbers in the FIPS-201-1 standard. According to the commenter, FIPS-201-1 states that the PIN must be validated before the two fingerprints stored on the card can be accessible. In addition, section 6.2.3 of FIPS-201-1 outlines the authentication steps, which indicate PIN validation occurs before biometric reading/validation. If this is correct, then the PIN will always be used since the NPRM proposes biometric validation when entering the secure area of a vessel or facility. Another commenter echoed these comments on the FIPS-201-1 standard and added that the requirement for use of a PIN regardless of threat level is inconsistent with ``the MTSA philosophy.''

   Several commenters opposed the use of a PIN only at MARSEC Level 3. They said that because Level 3 occurs so infrequently, TWIC holders would probably forget their PINs. One commenter requested the use of facial comparison instead of a PIN for an alternative means of identification. This commenter said that use of a PIN would compromise the security of the credential. Two commenters said that if PINs are required, there must be a way to check or reset a forgotten PIN within a very short period of time. Other commenters said that the use of a PIN would lead to long delays in access to port facilities and could disrupt the flow of commerce. Two of these commenters requested that the access system not lock out an individual after several unsuccessful attempts to enter his or her PIN, citing the potential resulting disruptions to the flow of commerce. One commenter said that a PIN entry pad will require additional maintenance (due to exposure to the elements) or additional infrastructure to make it immune to the elements (i.e., enclosed boxes, protective barriers to prevent vehicles from contacting the box, etc.).

   Because the reader requirement has been removed from this rule, the PIN requirement will not be an issue for routine access controls. We note, however, that the Coast Guard will be conducting spot checks for TWICs, using hand-held readers, and that if an individual is stopped during one of these spot checks, he or she will need to know the PIN in order to unlock the biometric stored on the card and allow for biometric verification. We are sensitive to those commenters who noted that, without daily use of the PIN, individuals will be likely to forget, however, as noted by some of the commenters above, having a card that is compliant with the current technology standard and provides the appropriate level of security and privacy requires the use of a PIN. (d). Requirement That All Non-TWIC Holders Be Escorted

   One commenter expressed concern about the impact of the escort requirement on visitors who do business at ports. The commenter noted that many port facilities may have normal deliveries (e.g., mail, overnight delivery services) or businessmen and women visiting the port, and that ports should be given flexibility on how to handle these visitors. The organization suggested reviewing how the State of Florida handles visitors if it decides not to grant additional flexibility to facilities in the final rule, and said that the final rule should consider different escort requirements at different MARSEC levels.

   Another commenter said that the escort provisions would be especially troublesome for small ports because of their limited security personnel. A third commenter expressed concern about the resources that would be required to escort ``one-time-only'' drivers. A fourth commenter recommended that the type of escorting or monitoring required at Certain Dangerous Cargo (CDC) Facilities be based on a vulnerability assessment instead of dictated by standard, noting that additional information on risk could be incorporated from the Maritime Security Risk Assessment Model (MSRAM) or other assessment tools.

   As explained elsewhere in this final rule, the term ``escorting'' has been broadly defined to allow flexibility to owner/operators, based on their individual operations, in satisfying the requirement. Further guidance as to how individual owner/operators can satisfy this requirement will be provided in a NVIC. We expect guidance will describe that when in an area defined as a restricted area in a vessel or facility security plan, escorting will mean a live, side-by-side escort. However, outside of restricted areas, such side-by-side escorting is not necessary, so long as the method of surveillance or monitoring is sufficient to allow for a quick response should an individual ``under escort'' be found in an area where he or she has not been authorized to go or is engaging in activities other than those for which escorted access was granted.

   Two commenters noted that many technicians who work on shipboard equipment are not U.S. citizens. They typically work in areas of the ship that would not be considered public access areas and often work at night or when the regular crew is off-duty. The commenters maintained that vessel crews do not have the extra personnel to escort these technicians. One of these commenters requested that the final rule contain a provision for a foreign citizen to have access to vessels if they are approved by the ship's Master or Chief Engineer and recognized as a trusted worker.

   We acknowledge that technicians who are non-U.S. citizens or immigrants are an integral part of the maritime industry. Lawful nonimmigrants with unrestricted authorization to work in the United States may apply for a TWIC. In addition, we are amending the immigration standards to permit foreign nationals who are students of a State Maritime Academy or the U.S. Merchant Marine Academy to apply for a TWIC. Also, we are permitting certain aliens in the United States on a restricted work visa to apply for a TWIC. Applicants sponsored by a U.S. company authorized to work on a temporary basis in the United States under an H visa, individuals employed in the United

   [[Page 3532]]

   States on an intra-company transfer under an L visa, NAFTA professionals in the United States under a TN visa, nationals of a country that maintains a treaty of commerce and navigation with the United States and is engaging in substantial trade under an E-1 visa, is in or is coming to the United States to engage in duties of an executive or supervisory character under an E-2 visa, applicants with extraordinary skill in science, business, or art entering the country on an O visa, and Australians in a specialty occupation under an E-3 visa are now authorized to apply for a TWIC. The companies that hire these individuals are required to notify TSA when the workers are no longer employed at their U.S. operations, recover the TWIC, and return it to TSA. In addition, the rule requires the workers to surrender the TWIC to the employer when leaving that place of employment in the United States. We are requiring the surrender and retrieval of the TWIC to prevent instances in which a worker would hold a 5 year TWIC, but be authorized to work in the United States for a much shorter period of time.

   One commenter said that the escort requirement, when combined with other requirements in the proposed rule, could have the side effect of completely dismantling what remains of the U.S. Merchant Marine. The commenter said that companies will only flag their ships in the United States as long as there is an economic incentive for them to do so. The commenter maintained that the cost of providing TWIC-carrying escorts for all foreign citizens, purchasing the necessary equipment, and paying for more training could motivate companies to flag their ships under another country's flag.

   We share concerns about unintentional negative impacts TWIC implementation could have on the maritime industry. Where the governing statutory provisions provide the Department with discretion, we continue to weigh the security benefits of implementing TWIC against the burden it imposes upon industry. We believe that the provisions set forth in this final rule reflect a reasonable implementation that will not overly burden industry and we will continue to evaluate the impact on industry as we proceed with future rulemakings.

   One commenter expressed concern about how maritime ministry activities would be affected by the implementation of the rule.

   The Coast Guard supports the activities of those organizations providing services to seafarers of all nationalities. Chaplains and other humanitarian workers are encouraged to obtain TWICs and to work with owner/operators in preserving continued unescorted access to vessels and seafarers. (e). Vessel-Specific Issues

   Coast Guard proposed adding Sec. 104.106 to provide for passenger access areas on board passenger vessels, ferries, and cruise ships, which would allow vessel owners/operators to carve out areas within the secure areas aboard their vessels where passengers are free to move about unescorted. Many commenters supported this provision and stated that these concepts are absolutely essential to a workable rule. The commenters argued that without this provision, the passenger vessel industry, which depends on attracting the public as customers, would not be able to function. Several of the same commenters stated that the clarification that a vessel employee whose duties require unescorted access to a passenger access area, but not to secure areas of the vessel, would not need a TWIC needs to be explicitly stated in the language of the final rule.

   Some commenters wanted clarification of the different types of areas on a vessel. One commenter was unable to determine whether all areas not designated passenger access areas are to be considered ``secure areas.'' The commenter noted that, using the definition of passenger access area as found in proposed Sec. 104.106, a passenger area would not necessarily be within the access control area or ``secure area'' of a vessel or facility, which seems to be a contradiction as it is written in the proposed rule.

   As defined in Sec. 104.106, passenger access areas are located within the access control areas of the vessel (and are thus within the ``secure area''), but by definition they are not part of the secure area. They can be thought of as pockets within the secure area--all areas around the passenger access areas are secure and require TWICs for unescorted access, but the passenger access area does not. As such, any employees whose duties keep them entirely within the passenger access area do not need a TWIC, the same way that passengers would not.

   Some commenters also noted that certain vessel spaces are absolutely essential to security (i.e., the bridge and the engine room), adding that the current MTSA regulations use a definition of ``restricted area'' that implies that only certain portions of a vessel will be so designated.

   We agree that only certain portions of the vessel need be designated as restricted areas. As noted above in the discussion of the definition for secure area, we considered requiring TWICs only in these areas, but determined that doing so might actually be more harmful to owners/operators. The NPRM included reader requirements, including the use of the TWIC and readers for biometric verification. Using the restricted area as the secure area would have required that these readers and the verification be used at the entry points of each restricted area. This would have likely meant that many vessel owners/ operators would have needed more than one reader, increasing their compliance costs. Additionally, the process of biometric identification could have interfered with the operation of the vessel. As a result, we decided to define the secure area as the access control area, thus limiting the number of readers required, as well as the number of times biometric verification would need to take place.

   This final rule does not include the reader and biometric verification requirements, but we do expect to issue a second rulemaking in the future that will re-propose these requirements (although they may have some differences from what was included in the NPRM of May 22, 2006). Because we expect to require readers and biometric verification in the future, we do not think it is a good idea to confuse the maritime industry by adopting a definition of secure area in this final rule that would not be workable when reader requirements go into effect. As such, we did not revise the definition of secure area to coincide with the restricted areas.

   One commenter requested clarification that for foreign-flagged cruise ships, the Flag State-approved and ISPS Code compliant Ship Security Plan (SSP) is where passenger access issues would be discussed. The commenter wanted confirmation that no additional plan, such as the TWIC Addendum described in proposed Sec. 104.115, or revision to existing plans is necessary for foreign flag cruise ships under either of these regulations.

   For reasons discussed above, Sec. 104.105 exempts all foreign- flagged vessels, including foreign cruise vessels, from TWIC requirements.

   Another commenter noted that the creation of Sec. 101.514 does not address the existence of a ``passenger access area'' as an exception, and the language of Sec. 104.100 needs to be referenced here with other exceptions to having a TWIC. Therefore, the commenter suggested that a new subparagraph should be added to read: ``No passenger, employee, or other individual needs to possess a TWIC to

   [[Page 3533]]

   obtain unescorted access to a passenger access area as defined in Sec. 101.106 or a public access area as defined in Sec. 105.106.''

   We do not agree with the suggested change. Because the definition of passenger access area clearly states that these areas are not secure areas, it is clear that TWIC requirements do not apply within the passenger access area.

   One commenter stated that contractor personnel working for oil and gas operators on vessels would be required to carry a TWIC or be escorted on the vessel. The commenter concluded that, with up to 36 oil field workers on a vessel, this would put a strain on the crew to escort the individuals without a TWIC.

   This is technically correct, however we hope that the clarification of what was meant by ``escorting'' will alleviate these concerns and any additional strain on vessel crews. In our clarification, we expect that when in an area defined as a restricted area in a vessel security plan, escorting will mean a live, side-by-side escort. However, outside of restricted areas, such side-by-side escorting is not necessary, so long as the method of surveillance or monitoring is sufficient to allow for a quick response should an individual ``under escort'' be found in an area where he or she has not been authorized to go or is engaging in activities other than those for which escorted access was granted.

   One commenter noted that the proposed rule does not address how to handle access control and identification on vessels under repair in shipyards or in drydock. The commenter suggested that the rules should specifically address this issue and state that the owner of a vessel that is withdrawn from navigation, whether permanently or temporarily, is not required to implement or maintain access control and identification requirements while the vessel is not in navigation.

   The MTSA regulations already state that vessels that are laid up or out of service are not subject to part 104. This applies to vessels no longer anticipating MTSA operations. For vessels that are undergoing repairs of a temporary nature, they must be in compliance with their approved VSP including access control measures. However, the approved VSP may contain security measures for intermittent operations, such as drydocking and shipyard repair work. These intermittent security measures may include relaxing access control measures during repair periods, but will include specific measures to reestablish access control and monitoring of the vessel and conducting a sweep of the entire vessel to ensure no unauthorized objects have been left aboard.

   Referring to proposed Sec. 104.265(c)(4), one commenter stated that this requirement implies that a MODU vessel with several restricted (secured) areas, would be required to have a card reader at the entrance to each of these areas. The commenter argued that the vessel should only be required to have a card reader at the point(s) of embarkation to the vessel. Additionally, the commenter stated that the vessel would incur undue burden to ensure that a person trained in the TWIC to be assigned/posted at the entrance to each secure area and verify the TWIC for these people.

   This comment displays a confusion regarding the meaning of secure area. It is not to be read as meaning the same as restricted area, but rather to coincide with the access control area of the vessel or facility. In the case of a MODU, this would be the entirety of the vessel. Additionally, the MTSA regulations allow for the checking of identification at the point of embarkation to the MODU, and the TWIC provisions do not change this.

   One commenter supported proposed Sec. 104.265(c)(8), which permits coordination, where practicable, with identification and TWIC systems in place at facilities used by vessels. The commenter recommended further broadening these provisions to clarify that when a vessel is berthed at a facility which is required under part 105 of these regulations to have a TWIC system in place, the vessel may suspend its TWIC operations while berthed at that facility. The commenter argued that there is simply no need to require duplicate TWIC validation especially when considering that facilities and vessels already have other non-TWIC security and access procedures in place.

   We do not agree with this comment; the vessel owner/operator must maintain the ultimate responsibility for the security of his or her vessel. Amending the regulations as the commenter suggests would shift that ultimate responsibility to the facility owner/operator without requiring a contractual relationship with the vessel, which is inappropriate. (f). Facility-Specific Issues

   A law firm representing six companies suggested the following technical change to Sec. 105.255(a)(4): ``change the word ``Prevent'' to ``Deter'' to be consistent with the rest of the maritime security regulations.''

   We disagree with this recommendation. Owners/operators must ensure the implementation of security measures to prevent an unescorted individual from entering an area of the facility that is designated a secure area unless the individual holds a duly issued TWIC and is authorized to be in the area.

   The same law firm requested a clarification of Sec. 105.255(d), asking ``what is the meaning of the phrase `complies and is coordinated with TWIC provisions.'''

   This provision allows the facility owner or operator to use a separate identification system, but it must be in addition to the TWIC. Requiring coordination means that the separate ID system cannot be used if it would allow someone without a TWIC to get unescorted access to secure areas.

   We received one comment on the requirement proposed in Sec. 105.255(c) (3) for facility operators to ensure that the facility operator's TWIC program ``uses disciplinary measures to prevent fraud and abuse.'' The commenter stated that this would not be the correct assignment of responsibility, because the relevant evidence is only in the possession of government. The commenter also stated that the TWIC is a federally-issued credential obtained by an individual without the involvement of a facility operator or employer. If a TWIC is fraudulently obtained and used or abused in some manner, that would be a serious matter to be addressed by Federal law enforcement and not a subject for employer-imposed discipline. The commenter contended that the employer would not have the necessary evidence to impose discipline under the regulations.

   The existing regulations already required owners and operators to have disciplinary systems in place to enhance the legitimacy of their identification system, whether it was a facility issued badge or a State-issued identification credential. There is a difference as to what the disciplinary system would be in each case, but we do not think it is inappropriate to place this responsibility on the owner/operator. For example, the facility owner or operator could fire and possibly take legal action against someone for tampering with the company's badging system, but if they found someone presenting a suspected fake ID, an appropriate disciplinary measure could be to deny access, and could even go as high as firing the individual. Similar disciplinary measures can be put in place in regards to TWIC.

   One commenter noted that Sec. 105.255(f)(4) implies that vessel crew and others seeking access to a vessel via a facility, who do not have a TWIC, fall under the definition of ``any person''

   [[Page 3534]]

   when visiting a facility. The current version of this section, Sec. 105.255 (e)(3), reads ``vessel passengers and crew,'' while the above- proposed wording eliminates the word ``crew'' from the section.

   The phrase ``vessel personnel and crew'' was removed and replaced with ``any person'' to clarify that the world of persons without a TWIC who might need access through a facility to a vessel is bigger than just vessel personnel and crew. If, however, the vessel personnel and crew do have a TWIC, they would no longer fall into this category of ``any persons,'' but rather into the separate category of persons with TWICs.

   Some commenters argued that the proposed regulations are unclear about whether the currently accepted forms of seafarer identification are considered ``government identification.'' One commenter noted that the Coast Guard's section-by-section analysis to Sec. 105.255 reads that persons presenting for entry who do not hold a TWIC would still be required to show an acceptable form of identification, as set forth in Sec. Sec. 101.515 and 104.265(e)(3). Current Coast Guard guidance states that passports, seaman's books, STCW endorsements, and driver's licenses are acceptable forms of identification that a foreign mariner could use to access a facility. The commenters proposed that the Coast Guard either add the existing approved documents contained in current Coast Guard guidance to the list of acceptable items in proposed Sec. 105.255(f)(4), or clarify in the comments to the final rule that existing approved documents are still acceptable as ``government identification'' so long as they comply with proposed Sec. 101.515. The commenters also suggest the Coast Guard add ``crew'' or ``crew of a foreign vessel'' into the list of non-TWIC holding personnel referenced in proposed Sec. 105.255(f)(4).

   The list of documents found in Sec. 105.255(f)(4) are intended to be used to verify an individual's reason for accessing a facility. The inspection of these documents should be read in conjunction with the general requirement to check an individual's identification by examining an ID meeting the requirements set out in Sec. 101.515. We have not amended either Sec. Sec. 105.255 or 101.515 to specify that the items listed in the Policy Advisory are adequate, but we have no intention, at this time, of changing that guidance.

   One commenter also recommended the revision of 33 CFR 105.255(b)(1) to read ``Each location allowing means of access to designated secure areas on the facility must be addressed.'' The commenter stated that as currently worded, this subparagraph contradicts 33 CFR 101.105, 33 CFR 105.225(b)(9) and 33 CFR 105.255(a)(4), subparagraph (c)(1), and could be misinterpreted as requiring that a facility's access control program cover a much more extensive area than is the intent of the proposed regulations.

   This final rule will no longer be adding language to this paragraph, therefore the suggested change is no longer necessary.

   One commenter noted that at small ports, it is the terminal operator's responsibility to ensure compliance with the security plan and that many small ports face a tremendous difficulty in doing the ``people'' side of security. Another commenter stated that port facilities should be given more flexibility regarding escorting of visitors.

   We appreciate the concerns raised by the commenters, and have provided clarification elsewhere in this final rule as to what is meant by ``escorting,'' which we hope will alleviate these concerns.

   One commenter raised the question of whether family members traveling with truck drivers in the summer would be required to have an escort in secure areas of marine facilities. They pointed out that many truck drivers travel with family members in the summer months.

   In accordance with the access control provisions of both the NPRM and the final rule, owners and operators of facilities are required to check identification of all persons prior to granting access and to require a TWIC prior to granting unescorted access to secure areas. In the case of family members traveling with authorized personnel who require unescorted access to secure areas of a facility and also hold a TWIC, it remains the responsibility of the owner or operator to continue to either allow the authorized personnel to serve as the escort for their family member, or to follow the same procedure used for any other visitor that does not hold a TWIC.

   Some comments proposed that current security programs or credentialing programs should be evaluated as an alternative to the proposed rule.

   The MTSA regulations in 33 CFR parts 101, 104, 105 and 106 provide for acceptance of ASPs, waivers, or equivalents. These provisions still apply, even with the addition of the TWIC requirements. Note, however, that they would only apply to the facility owner/operator's access control responsibilities; they would not alleviate an individual's burden to apply for and obtain a TWIC if they require unescorted access to a secure area.

   One commenter said that a universal identification credential such as TWIC, should allow mariners unescorted access to the terminal when there is a valid need for such access, i.e., to reach the job site aboard a ship berthed within the port facility. Indeed, the mandatory provisions of the ISPS Code (ISPS Code--Part A Requirement 16 Port Facility Security Plan) require such facilitation of access by mariners. The commenter stated that owner/operators, in complying with the proposed rule and with approved security plans, should be sufficiently reassured (for liability purposes) to allow unescorted access to the TWIC holders with a legitimate need for admittance, and that the proposed rule should make clear that owners/operators of secure areas who follow their approved security plan and who adhere to the TWIC access control procedures will not be deemed liable for some type of breach unforeseeable within the federal port security regulations.

   We agree that possession of a TWIC should serve as evidence that a mariner does not pose a security risk to a facility owner, and that facility owners should be able to rely upon this fact in allowing mariners unescorted access through their facilities in order to facilitate crew changes, take shore leave, or complete a variety of other duties that may require the mariner to step off of the vessel onto the facility. Issues of liability are beyond the scope of this rule.

   A commenter expressed concern about how it would implement the proposed rule at its fenced port facilities, where access control is handled by security officers who check the identification of everyone who drives in. The commenter said it did not seem practical to have employees use a card reader just to drive in past the security officers. The company also said that the restricted areas of its facilities are not enclosed spaces that can be locked off, so card readers would not work to control access to them.

   While card readers are not required by this rule, owner/operators remain responsible for controlling access to restricted areas in accordance with existing regulations. Additionally, it is noted that the definition of secure area is not the same as restricted area, as explained elsewhere in this final rule. This final rule imposes a responsibility on owner/operators to ensure that only TWIC holders are allowed unescorted access to secure areas. While satisfying the escorting requirement for individuals without a TWIC may be accomplished by other means than

   [[Page 3535]]

   requiring a side-by-side escort in some secure areas, this final rule requires that owner/operators ensure that access to restricted areas by individuals without a TWIC is only allowed while in the presence of at least one TWIC holder.

   One commenter said that it is necessary that the rule put the eventual TWIC holding population on notice that they will require a specific, discrete authorization or a ``business purpose'' when seeking access. The company requested that the final rule restore language that is currently in 33 CFR 105.255(e)(3). That language clearly requires that the reason for access be checked as a routine part of access control. The company said that this requirement is an important and essential layer of access security and affirms the requirement in 33 CFR 105.255(a)(4). The company added that this requirement has been muddled and diminished as the requirement for asserting business purpose when seeking access found at 33 CFR 105.255(f)(4) now only applies to persons not holding a TWIC and seeking entry.

   Section 105.255(a)(4) clearly establishes the requirement that individuals may only be allowed unescorted access if they: (1) Have a valid TWIC and (2) are authorized to be in the area pursuant to the facility security plan. (g). Outer Continental Shelf (OCS) Facility-Specific Issues

   Some commenters referenced proposed Sec. 101.514, the general requirement that ``all persons requiring unescorted access to secure areas of vessels, facilities and OCS facilities, regulated by parts 104, 105 or 106 of this subchapter must possess a TWIC. . . .'' One commenter stated that this requirement should either be removed from this section and placed individually in parts 104, 105 and 106, or a specific and limited exemption provided for certain vessels regulated under part 104. One commenter said strict adherence to the TWIC requirements is not feasible for off-shore foreign vessels routinely operating on the U.S. OCS. One commenter said Sec. 101.514 is a particularly onerous requirement for newly hired personnel to work on a U.S. flagged mobile offshore drilling units (MODUs) and do not possess a TWIC. Another commenter stated that these limited exemptions should include U.S. flag MODUs and offshore supply vessels (OSVs) because the vessel manning statutes specifically recognize the necessity of permitting these vessels which are operating outside the geographic boundaries of U.S. jurisdiction to employ non-U.S. citizens and immigrants in their crews. The commenter noted that MODUs in particular are often required to employ indigenous labor as a condition of operations on the continental shelf of another nation, and it is difficult to envision a scenario under which these non-citizens could present a security threat to the United States. Similarly, the commenter notes that the manning statutes recognize that non-citizens should be permitted to fill the vacancies created when a vessel sailing foreign is deprived of members of its required complement. The commenter concluded that it is simply unreasonable to expect that an escort with a TWIC can be provided for either a watchstanding member of the crew of an OSV for the duration of a voyage, or to an industrial worker on a MODU for the duration of a foreign drilling contract.

   One commenter stated that strict adherence to the TWIC requirements of this part is simply not feasible for vessels routinely operating outside the United States. The commenter argued that application of the requirements, as proposed, would render it impossible to operate a U.S. flag MODU or OSV in foreign waters, would make it impossible to affect repairs in a foreign shipyard, and would negate specific provision of the manning statutes that permit the employment of non-citizens in specific circumstances. Therefore the commenter recommended that the proposed Sec. 104.105(d) be revised to read as follows:

   (d) the TWIC requirements, including those related to unescorted access, found in this chapter do not apply to:

   (1) foreign vessels;

   (2) U.S. vessels employing non-citizen crewmembers under the provisions of 46 U.S.C. 8103(b)(3) or (e), with respect to those crewmembers;

   (3) U.S. MODUs, offshore supply vessels or other vessels engaged in support of exploration, exploitation, or production of offshore mineral energy resources operating beyond the water above the Outer Continental Shelf (as that term is defined in section 2(a) of the Outer Continental Shelf Lands Act (43 U.S.C. 1331 (a)).

   As noted above in the discussion of the changes to the Coast Guard provisions of this rule, we are adding a provision to the definition of secure area in Sec. 101.105 that states that U.S. vessels operating under the waiver provision in 46 U.S.C. 8103 (b)(3)(A) or (B) have no secure areas.

   We are sympathetic to the concerns of OSV owner/operators, whose vessels are required to comply with part 104 but are transporting crew members to MODUs that are not subject to part 106, and therefore will not have TWICs. We believe that the clarification of the term ``escorting'' should provide some relief to these owner/operators.

   One commenter noted that the proposed rule states that foreign vessels entering U.S. ports that carry a valid ISPS Code certificate are deemed to be in compliance with part 104, except Sec. Sec. 104.240, 104.255, 104.292, and 104.295. And, under Sec. 104.105(d), the proposed rule exempts all foreign vessels from the TWIC requirements. Several commenters requested confirmation that the combination of the exemption of foreign vessels from the TWIC requirement and the existing acceptance of ISPS certification for foreign vessels excludes an OCS facility which is a foreign-flag MODU ``on location'' from the TWIC requirements. The commenters also requested confirmation that there would be no TWIC requirements for a non-covered MODU working next to or over a covered OCS facility. Another commenter, seeking clarification of the proposed rule, asked: If you have a voluntary compliance for a MODU and it obtains a flag- issued International Ship and Port Facilities Security Code certificate, is that sufficient for exemption from TWIC requirements?

   A foreign-flag MODU ``on location'' in U.S. waters and holding valid ISPS certification would be exempted from the TWIC requirements of parts 104 and 106.

   One commenter believed the escort rules were unreasonable for the oil and gas industry and anticipated that these rules would lead to company and service personnel needing to obtain a TWIC.

   The clarification to the escort provisions, provided elsewhere in this final rule, should alleviate the concerns of this commenter by limiting the need for live accompaniment to those instances where the company/service personnel are in restricted areas. At all other times, monitoring would be acceptable. (h). Other Issues

   Many commenters said that the rule should give owners/operators of vessels and facilities the ability to use the TWIC as a ``visual identity badge.'' Some commenters specifically advocated visual checks of TWICs at MARSEC Level 1. Another said that TWICs could be used as a visual identity badge in the early stages of implementing the rule and could be used with readers after more experience is gained with the reader technology. One association

   [[Page 3536]]

   asked that passenger vessels and facilities be allowed to employ TWICs as visual identity badges and not be required to install readers.

   Several commenters found fault with the statement in the NPRM that ``allowing owners/operators to rely solely on the visual identity badge system is unreasonable in light of the additional cost of the credential, and the available security enhancements that the increased cost represents.'' These commenters did not think the requirement to use TWICS with biometric readers should be justified by the cost of the TWICs themselves. One commenter noted that TSA officials have endorsed the use of a visual identity badge system for airport employees and said that if such a system if sufficient for the aviation sector, it should also be used in the maritime sector. A shipbuilding and ship repair company argued that a visual identity badge system is needed to prevent delays as hundreds of employees arrive for work.

   As already noted, this final does not address reader requirements. However, owners and operators may choose to use the TWIC with an existing physical access control system. The hotlist will be available to owners and operators who could use the magnetic strip or the cardholder unique identifier (CHUID) embedded in the credential to tie it into a legacy system that checks those entering against the hotlist. Although this option is available for owners and operators, the use of reader technology is not required at this time. We will revisit concerns related to other uses of the TWIC in the subsequent rulemaking.

   Commenters found access control regulations for train workers within the current TWIC proposal unclear. One commenter recommended that rail facilities be allowed to check workers before boarding a port-facility bound train; another was unsure if train operators would require a TWIC and how other rail worker access control issues should be handled by the industry. Similarly, another commenter noted that train crews pose a unique problem because they enter maritime facilities on trains proceeding down the track. Trains do not typically stop at the property line of maritime facilities, and there is no guard house at which the train crews can scan their credentials. The commenter recommended that railroads be permitted to check crews before they get on the train.

   Rail workers will require TWICs if their job requires them to have unescorted access to secure areas of maritime facilities. How and when those TWICs are checked is a process for the train operator to work out with the facility owner/operator, in accordance with the latter's FSP, but the baseline requirement is that unescorted access not be granted to secure areas without a TWIC.

   Commenters complained that the proposed rule reflects a ``one size fits all'' approach and did not take into account the different levels of risk and vulnerability across the maritime industry. Several commenters said that the proposed rule should be reviewed to assure that is both risk-based and incorporates performance-based standards as much as possible. One commenter noted that most programs implemented under MTSA have thus far relied upon risk-based standards, but that the proposed TWIC rule is based on a ``one size fits all'' formula that applies the same security rules and the same costs to all operators. The association said that the broad application of this approach could prove to be an undue hardship for smaller and less threatened terminals and facilities that do not have access to the same resources as larger facilities. The commenter suggested that TSA and Coast Guard consider whether a risk assessment could be incorporated into the TWIC program, where practical, to minimize any disadvantage or undue adverse impact on smaller marine facilities.

   Some commenters noted that the ``Low Consequence Facility'' designation allows the COTP some flexibility in determining how to logically secure the port without burdening industry with unnecessary requirements that produce no viable improvement in terrorism-related security. The commenters asked TSA and Coast Guard to incorporate the ``low consequence facility'' designation into the regulations.

   Another commenter similarly requested alternative facility-specific identification systems for ``low-risk operations.'' Another commenter said that a risk/vulnerability assessment would result in more vessels and facilities being exempted from the TWIC requirement. As an example, he suggested that the cut-off for vessels would be between 500 and 5,000 gross tons. Two commenters said that they did not consider the proposed rule to be tailored to specific and realistic security threats facing the inland marine transportation industry. Another commenter said that requiring card readers for low-risk business operations would be unreasonable and unproductive. The company also said that tow operations would be susceptible to armed takeover attempts even with a TWIC requirement in place, so the rule would not provide any security benefits to these operations.

   The MTSA regulations are inherently risk-based, as only those facilities and vessels determined to be at risk of a TSI were included in the applicability of subchapter H. The TWIC regulations intended to provide flexibility to owner/operators through the submission and approval process of their individual TWIC Addenda and security plans. Because many of the ``one size fits all'' requirements have been removed from the final rule, we defer a more specific response until our subsequent rulemaking on reader requirements. We will keep these comments in mind as we draft our NPRM re-proposing reader and TWIC validation requirements.

   Many commenters said that the proposed rule would cause unreasonable delays for people attempting to enter facilities. Commenters often said that the resulting delays would disrupt or slow the flow of freight through U.S. ports. One commenter referred specifically to employees who move in and out of facilities several times a day. They expressed concern about these employees having to do a biometric verification each time they re-enter the facility. Several commenters said that the delays caused by the proposed rule would result in increased air pollution, because trucks would idle longer while waiting to enter port facilities.

   Commenters said that the proposed rule would drive up the cost of goods that are shipped through ports, which would drive business away. One commenter stated that the proposed rule would pose a potentially significant barrier to international trade. Another remarked on the importance of the Port Authority of New York-New Jersey to the regional economy and the need to minimize disruptions to its operations. A commenter predicted that the rule's impacts on port operations would have secondary effects on industries that rely on imports. One commenter said that the cost of complying with the proposed rule would increase the cost of U.S. exports, reducing the competitiveness of American companies in the global marketplace. Another commenter said that the cost of complying with the proposed rule would hurt the competitiveness of U.S.-flagged ships.

   The Department understands that this rulemaking imposes costs on businesses. The Department believes that those costs are a product of statutory mandates and the Nation's security needs. We refer readers to the accompanying Final Assessment for further details on our assessments of the costs and benefits of this rule. This

   [[Page 3537]]

   should assuage concerns arising from the use of the TWIC as set forth in the NPRM. We will revisit concerns related to other uses of the TWIC in a subsequent rulemaking.

   One commenter requested that the final rule specify that no port facility or vessel may require the visitor or worker to give up possession of their TWIC as a basis for entry. Any handling of the card by anyone other than the cardholder should be limited strictly to the immediate task of processing the card in a reader, and the card must be promptly returned to the holder unless it has expired or been flagged for revocation.

   We agree with this comment as it relates to the final rule issued today. We are aware of several facilities that use their own badging system, and as part of that system they require visitors to leave a form of personal identification with a security officer before they are able to receive a facility specific badge. These systems have largely been approved by the Coast Guard. However, we do not think it is appropriate for these visitors to be required to leave their TWIC behind if they have another form of identification they can leave (e.g., drivers license) after the TWIC has been visually inspected.

   One commenter said that the original intended purpose of the TWIC was to facilitate access to secure vessels and facilities for those with the right to obtain such access. The commenter said that the original intent did not include denying access to those without a TWIC.

   We partially agree. While facilitating access was one intended result, it also had the purpose of increasing security at our nation's ports by identifying those individuals who would receive unescorted access to secure areas. While the regulations do not prevent an owner/ operator from granting access to individuals without a TWIC, they are now required to ensure that an individual without a TWIC is either escorted or is not allowed to enter secure areas.

   Some commenters said that the rule was written for ``blue water'' ports and oceangoing vessels but would not work well for the off-shore energy sector or the inland towing industry. Other commenters said that the proposed rules appear to have been developed with little appreciation for the operational realities of the American tugboat, towboat and barge industry.

   Many of the concerns expressed regarding the TWIC implementation as proposed by the NPRM should be assuaged by deferring TWIC reader requirements to a subsequent rulemaking. We believe that if further flexibility is required in implementation by a particular industry or operation, the waiver and ASP provisions that currently exist in the regulations can provide it.

   One commenter recommended that the rule allow facilities to store biometric information from the TWIC in a facility database with the individual's permission. This option, exercised at the discretion of the facility, would allow the facility operator to validate an individual's identity by matching the fingerprint with the biometric information stored in the facility database in the event the individual leaves his or her card at home on a given day. Local controls could be written in the FSP, and approved by the Coast Guard, to prevent abuse of this option.

   One commenter wants DHS to grandfather facilities that have installed new access control systems within the last three years so they will recover their costs in implementing them.

   Many expressed concerns that the TWIC would displace sophisticated access control systems already in place at regulated facilities. Many suggested that facilities that had invested significant amounts of capital into access control systems be allowed to continue using those systems in conjunction with TWIC. Others suggested that facilities be allowed to use alternate systems in place of TWIC.

   TWIC technology can be adapted to existing access control systems, and it was not our intent to force owner/operators with sophisticated systems to abandon those systems to accommodate TWIC. We believe that TWIC enhancements can be fully integrated to most existing physical access control systems, and hope that the language of the final rule clarifies that owner/operators need not replace existing systems so long as TWIC capabilities are appropriately incorporated into the facilities' existing system. A NVIC providing further guidance on applying the access control requirements in this final rule is forthcoming. 9. TWIC Addendum

   One commenter said that the time allowed for completion of a TWIC Addendum should be at least one year. The company based this request on the complexity of the proposed program, especially for shipyards that must coordinate TWIC requirements with screening programs required by other federal agencies. Another commenter requested that companies be allowed to submit amendments to their VSPs that incorporate their TWIC provisions rather than a separate addendum. The company said this would mean less work for some companies and for the Marine Safety Center (MSC) that must do the reviews and approvals. Another commenter asked whether the TWIC Addendum would be considered SSI and whether a vessel operator could show the Addendum to people when they come on board the vessel.

   One commenter recommended that the Coast Guard be required to notify an entity submitting a TWIC Addendum once the Coast Guard makes a determination of completeness. The commenter said that a confirmation letter from the Coast Guard that a complete submission has been received and is undergoing review would prevent potential delays to vessels that have not yet received an approval letter from the Coast Guard. This commenter also recommended that entities submitting a TWIC Addendum should include a contact point and method by which the Coast Guard could easily accomplish this requirement (e.g., e-mail, fax, or hard copy via surface mail).

   One commenter requested that the TWIC Addendum be reviewed by the Coast Guard itself and not by outside consultants.

   One commenter said that the requirement that the TWIC Addendum be kept ``on site'' or onboard the vessel should be revised. Specifically, the commenter said that the rule should require the TWIC Addendum to be maintained at the same location as the VSP or ASP. The commenter noted that under one approved ASP, the ASP must be maintained by the Company Security Officer at a secure location, but need not be carried on board the towing vessel. The commenter requested that the same approach be followed with the TWIC Addendum.

   One commenter posed several questions regarding how this requirement would apply to OCS facilities (Sec. 106.115). The company asked if the requirement would apply to a foreign-flag MODU ``on location'' if the vessel has an approved ship security plan (SSP) as required under the ISPS Code. The company also asked how the requirement would apply to a non-self-propelled foreign flag MODU ``on location'' working next to or over an OCS facility that is required to comply with TWIC requirements.

   Several commenters stated that Coast Guard should provide clarification on why companies and vessels need to integrate the TWIC Addendum into the ship's security plan. They said that if set up properly, the TWIC Addendum could be a stand-alone document as easy reference for persons with security

   [[Page 3538]]

   duties that are authorized to view this information.

   One commenter notes that, as proposed, Sec. Sec. 105.500 to 105.510 would allow an owner/operator to resubmit an entire security plan with a list of sections amended as the TWIC Addendum, but once approved, it would carry the same expiration date as it had prior to the amendment. He recommended that if the revised plan were submitted to the COPT with a revised facility security assessment, that a new time line should start and the plan should be approved for five years from the date of approval.

   One commenter recommended that the TWIC Addendum requirements (33 CFR 105.120, 33 CFR 105.200 and 33 CFR 105.500-510) should be revised to explicitly require facilities to designate the secure area within which access control is required. The commenter stated that once the Coast Guard has approved the TWIC Addendum, the facility would be protected from inspectors voicing their personal opinion that the secure area does not comply with their interpretation of the definition.

   We removed the TWIC Addendum requirement from the final rule when we determined that the reader requirements would be delayed until a subsequent rulemaking. The purpose of the TWIC Addendum was to allow the owner/operator to explain how the readers would be incorporated into their overall access control structure, within the standards provided in the NPRM. With the removal of the reader requirements from this final rule, we feel it is appropriate to also remove the TWIC Addendum requirement. In order to ensure that security is not compromised, we have added to the access control provisions in each part (33 CFR parts 104, 105, and 106) to provide specific security measures (as opposed to performance standards) to be implemented by owners/operators in the area of access control. Additionally, because we envision the TWIC Addendum to be a part of the subsequent rulemaking on reader requirements, we felt it would be overly burdensome to also require a TWIC Addendum at this point in time.

   As the TWIC Addendum requirement is no longer included in this final rule, we will address these concerns in a subsequent rulemaking.

   One commenter said that Coast Guard-approved VSPs should dictate security provisions once an individual is onboard the vessel and that the proposed rule should not establish duplicative security requirements. The commenter said that the VSPs limit access to vessels generally and in particular prohibit access of unauthorized individuals to restricted areas of vessels. The commenter went on to state that TWICs should be used only as a basic identification device and proposed 49 CFR 1572.23 and 33 CFR 104.265 should be amended so that mariners are only subject to the existing VSPs when onboard a vessel.

   We disagree that the TWIC establishes duplicative security requirements. The TWIC will enhance existing security requirements by improving the ability of owner/operators to prevent access by unauthorized individuals to restricted areas of the vessel and the vessel in general. Therefore, we decline to adopt the recommendation.

   One commenter encouraged the Coast Guard to provide for some flexibility in the drafting of security plans to accommodate port workers who frequently move between secure and non-secure areas during the course of a single operation. The association said that continuous application of the limitation to gain re-entry access would be impractical and could potentially drive up costs unnecessarily. As an example, the association said that they need the ability to service cruise ship vessels without access procedures that require multiple interfacing with biometric readers.

   We believe that the use of the TWIC as a visual identity badge, as required in this final rule, will alleviate some of the burden noted in this comment.

   One commenter opined on the application of the TWIC requirements to shipyards involved in building and repairing U.S. military and Coast Guard vessels. The commenter stated that these shipyards must already comply with DOD security requirements, and claimed that the security afforded by the MTSA regulations is less comprehensive than the security provided by DOD security measures. The commenter said that complying with both sets of security requirements would be costly and could potentially reduce security by causing confusion and increasing administrative burdens. The commenter noted that the increased costs and administrative delays would be borne ultimately by the U.S. Navy and Coast Guard, and for these reasons requested that the shipyards be exempted from complying with the TWIC rule.

   We disagree with this comment as it pertains to ``all shipyards.'' If a shipyard falls within the applicability of the MTSA regulations and is required to submit a FSP under 46 U.S.C. 70105, then any individual requiring unescorted access to a secure area is required to have a TWIC. We note here that shipyards are specifically exempt from 33 CFR part 105 applicability (see 33 CFR 105.110(c)), and would only come under the facility security regulations if the shipyard is subject to a separate applicability requirement, such as being regulated under 33 CFR part 154, requirements for facilities transferring oil or hazardous material in bulk.

   Both the NPRM and the final rule provide for a means through which security threat assessments done by other governmental agencies may be deemed comparable. If there are background checks in place under the DOD programs, and if those background checks include security threat assessments that are deemed comparable to the one done by TSA, then individuals may receive their TWIC at a reduced cost, but they will still need to apply at a TSA TWIC enrollment center.

   Commenters stated that the rule assumes that people with TWICs will be facility employees, but that many are not (particularly truckers).

   We disagree with these comments. As we stated in the NPRM, the TWIC requirements applies U.S.-credentialed mariners and to anyone seeking unescorted access to secure areas within MTSA-regulated vessels or facilities. It is not limited to facility employees, nor did we assume it would be.

   One commenter noted that FSPs differ based on the threat assessment conducted for each facility. He said that the NPRM might encourage a misunderstanding among the public that every facility is ``doing business'' strictly according to the Code of Federal Regulations (CFR). He said, ``It is very difficult sometime for people to understand that

   [a facility security plan] may not specifically reflect what the CFR says.''

   We do not agree with this comment. If a facility is operating under its approved FSP, then it is in compliance with the regulations. The MTSA regulations are performance standards, and as such there are a variety of ways in which a facility might meet the standards contained therein. Unless a facility has been granted a waiver from portions of the regulations, we fail to see how a FSP would not reflect what is stated in the CFR. 10. Compliance Dates

   The NPRM proposed requiring owners/operators to develop and submit TWIC Addendums within six months of publication of the final rule. One commenter pointed out that the Coast Guard allows itself five years to fulfill

   [[Page 3539]]

   its responsibilities, but owners/operators only get 6 months. One commenter wanted the text regarding TWIC Addendum submission to be revised to read ``six months after such date that the Secretary deems the program has been fully implemented within the maritime work force ashore.'' One commenter wanted six months to be extended to at least one year or one year from the time the Coast Guard approves the TWIC Addendum. This would allow time for adjusting capital budgets and integrating the TWIC readers/system with existing access control systems. One commenter wanted to know what happens with regards to this timeframe if TWIC readers are not available when the implementation period begins or are not readily able to be integrated into existing systems.

   These sections of the NPRM also would have required vessel, facility, and OCS facility owners/operators be operating according to their approved TWIC Addendum between 12 and 18 months after publication of the final rule, depending on whether enrollment has been completed in the port in which the vessel is operating. One commenter expressed concern that the 750,000 cards needed for initial enrollment cannot be produced within 18 months. Eight commenters believed the timeline is totally unrealistic. One commenter recommended that the ``effective dates'' section be reserved until it is demonstrated that the documents can be issued and equipment is both available and functional, and stated that a subsequent notice could be published in the Federal Register establishing effective dates of the access control and credentialing provisions when they are ready. Five commenters requested the deadline be extended. Three commenters wanted to extend the deadline specifically to afford time to budget for TWIC compliance (which typically requires a three-year lead time) and/or request/ receive Federal grant funding.

   The TWIC Addendum requirements have been removed from this final rule, and as such it is not necessary to respond to them at this time. We will keep them in mind as we draft our NPRM on reader requirements. As noted above, we have also revised the compliance dates slightly. Vessels will now have 20 months from the publication date of this final rule to implement the new TWIC access control provisions. Facilities will still have their compliance date tied to the completion of initial enrollment in the COTP zone where the facility is located. This date will vary, and will be announced for each COTP zone at least 90 days in advance by a Notice published in the Federal Register. The latest date by which facilities can expect to be required to comply will be September 25, 2008. Additionally, mariners will not need to hold a TWIC until September 25, 2008. They may rely upon their Coast Guard-issued credential and a photo ID to gain unescorted access to secure areas to any facility that has a compliance date earlier than September 25, 2008.

   One commenter stated that the final rule should clearly state the dates for compliance, and found Sec. 104.115(d)(2) to be confusing as written. Two commenters argue that the TWIC enrollment process will never be ``complete'' since employers will always be submitting new applicants for enrollment, and asked who determines that enrollment is complete.

   We are sensitive to these comments, however until the contract for the entity that will be operating enrollment centers is complete, we will not know exactly what date will apply to each COTP zone. We will communicate more specific dates as they become available, but can state that we expect that initial enrollment (i.e., the enrollment rollout) will be complete nationally within 18 months of the first TWIC enrollment.

   One commenter believed that the schedule for the applicant to provide information is confusing. The implementation schedule in Sec. 1572.19 appears to contradict the schedule in Sec. 104.115.

   In order to reduce or eliminate any confusion, we point out that Sec. 1572.19 applies to the individual TWIC holder and Sec. 104.115 applies to vessel owners and operators of regulated vessels.

   One commenter said the rule needs to clarify and focus on the Access Control System pilot timeline. Operational tests in selected pilot ports and terminals should be concluded and the TSA data interfaces checked and proven before the Access Control System is designed and the TWIC Addendum created. It is not clear if the timeframes apply to just the TWIC rollout or to both the TWIC and the Access Control System. Three commenters felt that the timeframe could potentially cause significant additional costs to the industry (i.e., obtaining equipment and systems, hiring personnel to run the programs, etc.). Two commenters said the deadline for compliance listed in 49 CFR 1572.19 is unreasonable. It should be extended to a minimum of 18 months from the implementation of the final rule. Six commenters expressed the need for proper field testing of the biometric readers prior to usage. Two commenters were concerned about the logistics of processing applications and issuing TWIC cards to hundreds of thousands of workers. One commenter believed TWIC is being implemented due to political issues and pressures. One commenter thought the timeline should be changed to start compliance after the technology for the cards and the readers has been proven to work instead of the date the final rule is published. Three commenters stated the rule needs clarification between page 29407, where it discusses a phased enrollment process, and page 24909, where it lists timeframes for plans and compliance. They stated that the timeframes do not allow for a phased process. All commenters recommend adopting the phased process, and one added it should be based on risk and employee access to critical infrastructure.

   One commenter wanted compliance dates to begin after the Coast Guard has approved the revised plans. Another asked the Coast Guard to review their implementation timeline and ensure that industry has adequate time to successfully implement all of the requirements.

   With the removal of many of the more technologically complex portions of the NPRM from this final rule, we have attempted to clarify compliance deadlines for this final rule within the regulation text. The initial enrollment period will be a phased enrollment period, which we estimate will take 18 months to complete. Owners/operators of vessels will be required to comply with the TWIC provisions of this final rule on September 25, 2008. This means that by this date, vessel owners/operators will need to begin visually inspecting TWICs before they grant individuals unescorted access to secure areas. However, many workers on vessels will be required to use a TWIC to access facilities en route to their vessel. Additionally, enrollment center scheduling has been set up to address initial enrollments of merchant mariner and non-merchant mariner workers concurrently at each port. Mariners may apply at any TWIC enrollment center, at any time during the enrollment period. Although mariners are not required to have a TWIC until the end of the enrollment period, they are encouraged to apply early. Vessel owners/operators will be better served ensuring their crews are enrolled during initial enrollment periods because they may need to access many different facilities throughout the country, and facility owner/operators must be in compliance with the access control provisions as the initial roll out enrollment in their COTP zone is completed. As noted above,

   [[Page 3540]]

   these exact dates will be announced in Federal Register Notices.

   Two commenters requested implementation of TWIC cards be delayed for vessel personnel until the Coast Guard has redesigned its MMC to incorporate TWIC security features or at least 18 months after TWIC reader systems are ready.

   With the removal of the TWIC reader requirements from this final rule, this comment is no longer relevant. However, we note that the compliance date of this final rule, for vessel owners/operators, has been changed. Vessel owners/operators need not begin checking for TWICs until 20 months after the publication date of the final rule. Workers on vessels will still be subject to the security procedures at 105 and 106 facilities. Additionally, enrollment center scheduling has been set-up to address initial enrollments concurrently with MMD and non-MMD workers at each port. Vessel personnel will be better served enrolling during initial enrollment periods at each port. 11. General Compliance Issues

   One commenter wanted to know how the Coast Guard is going to ensure compliance with the TWIC program. Another cited a need for a means to verify the status of a TWIC in the field and suggested that at a minimum a call center phone number and electronic means are needed. They also suggested an investigation into the costs and benefits of equipping law enforcement personnel with the means to validate driver fingerprints against a TWIC.

   At least until we are able to finalize a second rulemaking to impose reader requirements on the maritime community (as appropriate), the cards will be used for access control as visual identity badges instead of being required to be read by an owner or operator's reader at access control points. Additionally, the Coast Guard will be confirming the identity of TWIC holders using hand-held readers, uploaded with the most recent hotlist, during its already existing annual facility and vessel MTSA compliance exams, unannounced facility and vessel spot checks, and for cause as needed. Finally, although the installation of readers is not currently required, the hotlist will be made available to vessel and facility owners and operators should they voluntarily decide to use the credentials within their existing physical access control systems. As an example, an owner or operator could write to the magnetic strip on the card or read the CHUID stored on the chip embedded in the card to tie it into a legacy system that checks the TWIC against the hotlist.

   Another commenter wanted to know what protection there is if the facility that you are going to does not comply with the TWIC program.

   If the facility does not comply because the MTSA regulations do not apply to it, there is no issue. If however, a MTSA-regulated facility does not visually inspect TWICs as required by this final rule, they are subject to the civil penalty provisions found in 33 CFR 101.415. Anyone who knows of such non-compliance should make a report to the National Response Center (NRC), using the contact information found in 33 CFR 101.305, as such non-compliance is a breach of security.

   Two commenters are concerned that TSA and the Coast Guard want to publish a final rule before the end of the year and will not adequately address the numerous uncertainties and questions on this proposed rule that were raised by the commenters.

   We disagree with this comment. We have considered each and every comment submitted to the docket during the 45-day comment period, as well as all of the comments received at the four public meetings that were held in late May and early June. We have made several changes to the proposed rule as a result of the issues and concerns raised, the biggest being the delay of the card reader and associated requirements. Additionally, in this ``Discussion of comments and changes,'' we have responded to all of the comments we received.

   Four commenters requested that the agencies issue a TWIC NVIC to assure consistent interpretation and application of the program. They also advised that TSA should develop simplified integration plans to assist companies with the implementation.

   One commenter suggested that TSA and Coast Guard offer ``best practices'' for industry to use. As an example, the company cited the need for suggestions on handling contractor personnel during major construction projects and plant turnarounds.

   We agree that a NVIC will be necessary to assist customers with compliance as well as assure consistency nation-wide; this will be forthcoming to help interpret the provisions of this rule. We are also issuing robust field guidance to all of our COTPs, to ensure uniform application of the requirements.

   One commenter expressed concern that union involvement may slow the enrollment process. The commenter wanted to make sure that labor agreements and arrangements are addressed in TWIC.

   We do not feel that this final rule is the place to address labor concerns between facilities and unions. 12. Additional Requirements--Cruise Ships

   Section 104.295(a)(1) proposed higher burdens on U.S. cruise ships, such as requiring that an individual's identity be checked against their TWIC at each entry to the vessel, and that the validity of the TWIC be verified with TSA at a higher rate than for other vessels. Commenters said that these additional requirements are cost-prohibitive and unfair to owners and operators of U.S.-flagged cruise ships and should be applicable to foreign cruise ships. One commenter opposed this provision, stating that this requirement is excessive, burdensome and does not respond to a demonstrated risk, and under lower MARSEC level requirements, it is not necessary to verify the identity of someone who is a known employee.

   While the reader requirements have been removed from this final rule, we do not agree with the comments. Cruise ships do carry a higher risk than other passenger vessels, as the higher number of passengers on-board creates a more attractive target to terrorists. Additionally, the higher number of employees, including licensed crew, entertainers, wait staff, and other unlicensed crew, make it less likely that all employees will be ``known'' to the security personnel checking credentials. However, we will keep these comments in mind as we draft the NPRM to re-propose reader requirements.

   Other commenters stated that most procedures for access can be covered under a vessel's security plan. One commenter said the crew was at the heart of the security plan and will ensure vessel security. One commenter suggested that instead of requiring card readers at every vessel entry point, employees should scan their cards at the facility entry point prior to boarding their assigned vessel. Another commenter stated that the proposed rule should be edited to allow for spot- checking of passengers and employee-displayed badges as mandated by a Coast Guard approved VSP at MARSEC Level 1, as current security plan specify.

   These comments are no longer applicable, as the final rule does not include the requirements for readers and biometric verification. We will keep them in mind as we draft the NPRM to re-propose reader requirements.

   Under proposed Sec. 104.295(a)(2), at MARSEC Level 2, the owner or operator

   [[Continued on page 3541]]

   From the Federal Register Online via GPO Access [wais.access.gpo.gov] ]

   [[pp. 3541-3590]] Transportation Worker Identification Credential (TWIC) Implementation in the Maritime Sector; Hazardous Materials Endorsement for a Commercial Driver's License

   [[Continued from page 3540]]

   [[Page 3541]]

   of a U.S.-flagged cruise ship must ensure that each crewmember or employee seeking to board the vessel is required to enter his or her correct PIN prior to being allowed to board. Several commenters opposed this proposed provision. Another commenter stated that an effective and reliable biometric check is sufficient to verify identity at all MARSEC levels and did not agree that the additional measures of using PIN numbers is necessary. The commenter also noted that most individuals will not remember their PIN number, thus causing unforeseen problems and necessary back-up measures.

   Many of these comments are no longer applicable, as the final rule does not include the requirements for readers and biometric verification. We will keep them in mind as we draft the NPRM to re- propose reader requirements.

   The comment on the PIN number, however, is still relevant. The cards that will be issued initially and used as a visual identity badge will hold the biometric template on a dual interface chip. The Coast Guard intends to integrate the TWIC requirements into its existing facility and vessel annual MTSA compliance exams, as well as through unannounced security spot checks using hand-held readers. We will monitor issues with PINs during the Coast Guard checks, and if problems are identified, we will address them in the NPRM re-proposing the access control and reader requirements. 13. Additional Requirements--Cruise Ship Terminals

   Proposed Sec. 105.290 identified which activities must be done within the facility's secure area, to clarify the identifications to be checked before granting individuals entry to the facility, and to clarify that passengers must be escorted within secure and restricted areas of the facility. One commenter stated that this would require changes difficult to incorporate using an addendum and would require the full FSP to be rewritten. Also, the commenter noted that it is unclear in the proposed rule if ``passenger access areas'' are considered ``secure areas,'' since they would be inside the terminals access control area. The commenter recommended that the regulations be written to allow unescorted passenger access once passengers have passed through the passenger screening locations. One port authority recommended that cruise ship terminal operators be allowed to establish passenger access areas within the terminal, similar to cruise ships. The port authority recommended that this be a defined space within the access control area of the terminal that is open to passengers but does not require a TWIC for unescorted access.

   Passenger access areas are not an option for facilities, therefore many of these comments are not applicable. The escorting requirements (as clarified elsewhere in this final rule) for those areas open to passengers within cruise ship facilities should be identical to what these facility owners/operators are already doing under the existing requirements found in Sec. Sec. 105.275 and 105.290.

   Another commenter argued that the regulations should allow cruise ship terminal operators to establish ``passenger access areas'' within the terminal, which would be a defined space within the access control area of the terminal that is open to passengers but does not require a TWIC for unescorted access.

   We disagree with this comment. The passenger access area was designed for use by vessels only. Cruise ship terminals should be able to use the security measures implemented to meet the requirements in Sec. 105.290 to meet the definition of ``escorting,'' therefore, we do not think it is necessary to extend the concept of passenger access areas to cruise ship terminals. 14. Additional Requirements--Certain Dangerous Cargo (CDC) Facilities

   Section 105.295 proposed making a change to clarify that persons not holding TWICs must be escorted within CDC facilities. All of the commenters on this section stated that this change will be very burdensome for CDC facilities. Several commenters said that any additional necessary measures can be dealt with through the existing regulatory regime. One commenter said any changes should be made on the basis of a vulnerability assessment. Some commenters argued that each FSO should decide whether more stringent TWIC program requirements should be implemented. Another commenter said that any additional security measures should be left to the discretion of the owner, subject to oversight by the Coast Guard through the security plan review and approval process.

   We disagree with these comments. Leaving the TWIC requirements in the hands of individual owners/operators, without first providing standards, would create serious security flaws in the TWIC system. However, we are sympathetic to the concerns raised over escorting. As explained elsewhere in this final rule, we did not intend to require a side-by-side escort at all times in all places. So long as the places to be accessed are not parts of any restricted area, the provisions used by the facility to satisfy their monitoring requirements will likely suffice to meet our escorting performance standard.

   One commenter stated that since the HME credentialing requirements are equal to TWIC, and HME holders are allowed to transport CDCs, a TWIC holder would not pose a greater security risk than an HME holder. Therefore, the commenter argued that no additional restrictions need to be placed on CDC facilities regarding unescorted access by TWIC holders. The commenter also asked: ``In the case that a CDC facility is a separate location on port real estate (e.g., truck yard close to marine terminals), and it does not fall under the security regulations of Part 105 because it is not a secure maritime facility, what will be the TWIC verification requirements at that CDC facility, if any?''

   We agree; under the final rule, all HME holders will be required to obtain a TWIC if they need unescorted access to a MTSA regulated facility. Thus, since all HME holders on a CDC facility would also likely be TWIC holders, they would necessarily be treated the same as other TWIC holders. In answer to the commenter's question, TWIC requirements only apply to facilities regulated under 33 CFR part 105. Thus, if a facility is not regulated by part 105, either because it is not a maritime transportation facility or any other reason, then the TWIC provisions would not apply. 15. Additional Requirements--Barge Fleeting Facilities

   Under proposed Sec. 105.296, owners/operators of barge fleeting facilities would take responsibility for ensuring that anyone seeking unescorted access to barges within the fleeting facility hold a TWIC. All of the commenters stated that the additional regulations for conducting access control checks are not practical for this industry. Most of the commenters claimed that these requirements are unnecessary for small facilities and crews, such as those at barge fleeting facilities. One commenter requested that owners/operators of barge fleeting facilities take responsibility for ensuring that anyone seeking access has a TWIC. One commenter requested that the proposed rule accommodate facilities that have plans that allow for use of the card readers at the facility and not on every one of the vessels. One commenter said that the change in the rulemaking to require a TWIC for anybody to access a fleeted barge will effectively raise the competitive pricing for certain services, including

   [[Page 3542]]

   carpenters, electricians, contracted painters, fencing companies, etc.

   Because this final rule does not include reader requirements, we will not, at this time, be responding to the comments that addressed reader usage and/or requirements. We will, however, keep them in mind for our future rulemaking to implement reader requirements.

   This final rule does still require that barge fleeting facilities ``control access to the barges once tied to the fleeting area by implementing TWIC as described in Sec. 105.255 of this part.'' Section 105.255 requires that TWIC be used a visual identity badge. We do not believe that this should impose an impracticable burden on the fleeting facilities, as they were already required to check identification of persons under the pre-existing MTSA regulations. 16. Miscellaneous (a). Compliance of TWIC With International Labour Organization (ILO) 185

   Five commenters request that TWIC also comply with ILO 185. Two of these also want TWIC to be accepted as an international seafarer identification document. Three of them remarked that the TWIC must be compatible with the ILO 185 in order for the document to be accepted in foreign ports of call. One commenter encouraged the Coast Guard and Transport Canada to enter into a bi-national agreement or MOU to recognize each nation's secured credentials for their respective seafarers (the TWIC for U.S. seafarers and the proposed Seafarer's Identity Document (SID) for Canadian seafarers). The commenter stated that mutual recognition of these documents as equivalent would streamline vessel and marine facility access control procedures and promote easier access to shore leave for seafarers as per the ISPS Code.

   As the United States is not signatory to the ILO Seafarers' Identity Document Convention (Revised), 2003 (ILO-185), no plans have been made at this time to recognize the SID as a TWIC equivalent or produce an identification document complying with that particular standard. (b). Notification of Employer Upon Employee Disqualification

   Section 1572.9 (e) states that the applicant must certify the following statement in writing: ``I acknowledge that if the Transportation Security Administration determines that I pose a security threat, my employer, as listed on this application, may be notified.'' TSA specifically invited comments on this specific requirement. One commenter points out the contradictory requirements between Sec. 1572.9 (e) and the preamble text. The preamble implies that TSA will notify the employer only of the employee's disqualification without releasing the reason for that disqualification. The commenter suggests that TSA include this wording in Sec. 1572.9 (e) in order to protect the privacy of the employee. Another commenter wrote in to support the implementation of this provision.

   Consistent with the requirements of the statute, TSA has no intention of providing information to an employer as to why an applicant is disqualified. However, if TSA has reliable information concerning an imminent threat posed by an applicant and providing limited threat information to an employer, facility or vessel operator, or COTP would minimize the risk to the facility, vessel, port, or individuals, TSA would provide such information. We have amended paragraph (e) to clarify this. (c). Requirement of 46 U.S.C. 70105(b)(2)(D)

   One commenter wants to know whether the provisions in 46 U.S.C. 70105(b)(2)(D) were inadvertently left out of the proposed rule or whether they are no longer necessary.

   At this time, the Coast Guard has implemented the requirements in 46 U.S.C. 70105(b)(2)(C) and (D) as follows. In this rulemaking, the requirement for all Coast Guard credentialed merchant mariners to hold a TWIC includes all vessel pilots holding a Coast Guard-issued license. We have not extended this requirement to address the issue of non- Federal pilots (those few pilots holding only state commissions or credentials, who do not also hold a federally-issued merchant mariner credential). Also in this rulemaking, we included a requirement that all individuals seeking unescorted access to secure areas of 33 CFR subchapter H regulated vessels must have a TWIC. This population includes all individuals working aboard Subchapter H regulated towing vessels that push, pull or haul alongside tank vessels. We have not, however, extended this requirement to address the issue of all individuals working aboard non-Subchapter H regulated towing vessels that push, pull or haul alongside tank vessels (towing vessels less than or equal to eight meters in registered length and some larger towing vessels that meet the exemptions listed in 33 CFR 104.105). The requirements of 46 U.S.C. 70105(b)(2)(C) and (D) will be further addressed in a future notice and comment rulemaking. (d). Location of the Current 46 CFR 10.113 in the Proposed Rule

   One commenter is confused over where the current 46 CFR 10.113 will be published in the new regulation.

   Section 10.113 is part of the TWIC regulation, and will publish at that cite. It did not exist prior to this final rule, and is a new addition to part 10 along with a similar addition to part 12 at Sec. 12.02-11. When the Coast Guard's ``Consolidation of Merchant Mariner Qualification Credentials'' rulemaking is finalized, it will be removed due to redundancy. (e). Lack of Contingency Plan in Case of Disasters

   One commenter demanded that there be a contingency plan created for those times when a natural disaster or emergency arise. When this happens, there may be a need to hire new maritime workers in a very short period of time to avoid disruption to the shipping industry and what it provides to the community.

   We appreciate the concern shown by the commenter, but are not prepared, at this time, to write such provisions into the regulation. We do note, however, that 33 subchapter H includes procedures for obtaining approval for both waivers and equivalent security measures (see Sec. Sec. 101.130, 104.130, 105.130, 106.125). In the absence of any specific contingency plan provisions, we believe that the waiver and equivalent provisions may be used to hire new personnel and allow them to work in a short time span. Additionally, Coast Guard is able to respond quickly in these situations and suspend any provisions that might disrupt the shipping industry in the wake of a natural disaster. (f). Duplication of Applications and Background Checks for Merchant Mariners

   One commenter supports the MTSA and the need for transportation workers to have an identification credential. This commenter also said these requirements should not be applied to American merchant mariners because of the extensive application process that merchant mariners currently undergo to obtain a MMD. American merchant mariners should be exempt from obtaining a TWIC if they possess a valid MMD and, in the future, a valid MMC. The MMD or MMC should serve as a federal identification credential.

   We sympathize with the commenter, however 46 U.S.C 70105(b)(2)(B) clearly requires that U.S. mariners issued an MMD (as well as any other Coast Guard-

   [[Page 3543]]

   issued credential) obtain a TWIC. We recognized the duplication of effort that this might impose upon mariners, and as a result the Coast Guard has proposed consolidating its various credentials, and is working with TSA to ensure that as much information as possible will be shared between the two agencies, allowing mariners to apply for all of their required credentials after one visit to a TWIC enrollment center. Additionally, the Coast Guard will not be duplicating the security threat assessment; rather we will accept the TWIC as proof that the individual has been vetted for identification and security purposes. The Coast Guard inquiry will be limited to determining questions of safety and suitability. For more information on this effort, please see the Coast Guard's SNPRM entitled ``Consolidation of Merchant Mariner Qualification Credentials'' published elsewhere in today's Federal Register. (g). Comments on Merchant Mariners

   One commenter stated the large uncredentialed portion of the workforce (e.g., towing vessels) needs to be identified and stabilized with immediate, adequate, and recorded safety and vocational training.

   We agree with the concept that all mariners, both credentialed and non-credentialed, benefit from safety and vocational training. Although this comment is outside the scope of the TWIC regulations, which focus on identification and security, we note that existing regulations found in Title 46 of the CFR are in place to address these important issues.

   One commenter expressed the view that Congress should reorganize the government to remove the superintendence of the U.S. Merchant Marine from the Coast Guard and return it to the U.S. Department of Transportation as a new agency.

   Congressional reorganization of the U.S. Government is outside the scope of this regulation.

   Another commenter would like to know why the TWIC card cannot be ``smart'' enough to be used as the qualification and identification credential.

   We sympathize with this comment, and examined the possibility of combining the qualifications onto the TWIC. Unfortunately, it is not feasible at this time to have all of the qualifications listed on the face of the TWIC. STCW requires foreign port state control officers to be able to read a mariner's qualification credentials, and not all countries have the ability to read smart cards. It is impractical, and for some may be impossible, to print all of the information that will appear on an MMC on the face of the TWIC. We will, however, continue to explore options to allow for further consolidation between the two programs. (h). Union Involvement

   One commenter supported the program but urged that the rights of workers be preserved. The commenter was concerned that the program would restrict the civil rights of an employee to engage in collective and union activities and stated that wording should be incorporated into the rule to afford these liberties to all workers.

   Nothing in either the NPRM or this final rule should be construed as having an effect on an employee's rights to collectively form or join a union. It is unnecessary to add anything to the regulation stating this explicitly. (i). Written Request of Releasable Material Upon Initial Determination of Disqualification

   The NPRM states that if an applicant wishes to receive copies of the releasable material upon which the Initial Determination was based, he must serve TSA with a written request within 60 days after the date of service of the Initial Determination. One commenter wanted TSA to automatically provide this information to the employee at the time of the determination for several reasons: (1) Employees may be denied employment during this process and writing a request and processing that request will delay possible employment; (2) requiring employees to request this information unduly burdens them (paperwork burden issue); (3) many employees will not have legal counsel and may not realize that they must make a special request for the information; and (4) by law, all appellants would be entitled to review the releasable material, and furthermore, this information is directly relevant to their appeal.

   TSA provides applicants who receive an Initial Determination of Threat Assessment with the reason they do not meet the security threat assessment standards in the initial determination itself. The package that is mailed to the applicant includes the reason for the initial determination and information on how the applicant can appeal the determination. Therefore, in most cases the applicant will not need to request additional releasable information from TSA. TSA has prepared the information explaining the appeal and waiver process with applicants who are not represented by counsel in mind. The documents clearly and simply state the steps an applicant must take if an appeal or waiver is warranted. (j). Interpretation of TWIC Requirements

   One commenter urged interpretations to be centralized at Coast Guard Headquarters and disseminated to Coast Guard field offices. The commenter argued that COTPs should not be able to make individual interpretations and determinations of the rules, and added that this problem arose during MTSA implementation and led to inconsistent and inaccurate interpretations.

   As stated elsewhere in this final rule, the Coast Guard intends to implement a robust guidance document to its field offices, in order to avoid inconsistent application of the regulatory requirements. (k). Reporting of Incidents That May Result in a Transportation Security Incident

   33 CFR 101.305(a) states that activities that may result in a transportation security incident are required to be reported by the owner/operator to the National Response Center (NRC). One commenter wanted this language to be amended to require reports to NRC for incidents that may ``reasonably'' be expected to result in a TSI. The commenter wants some clarification here to alleviate unnecessary and nonproductive reporting requirements.

   We disagree with the suggested amendment. The NPRM did not include a proposed revision to Sec. 101.305(a), and no change has been included in the final rule. Experience over the past three years indicates that the language of this section is not leading to any ``unnecessary and nonproductive'' reports to the NRC. (l). Suggested Corrections To 33 CFR 101.515

   One commenter requested three corrections/clarifications to Sec. 101.515. First, to conform the personal identification requirements in Sec. 101.515(a) with those in Sec. 125.09, as set forth in the Coast Guard Notice, ``Maritime Identification Credentials'' that was published on April 28, 2006 (71 FR 25066), to be consistent as to what identification is required to access a part 105 facility. Second, in Sec. 101.515(b), the reference to Sec. (b)(4) should be to (a)(4). Third, clarify in Sec. 101.515(c) that the facility has the right to escort law enforcement personnel for safety reasons and that such access does not imply unescorted access.

   We have looked at the three suggestions, but have determined that

   [[Page 3544]]

   none of them are appropriate for action at this time. The second suggestion is not necessary, as the correct cross-reference is already listed. The first suggestion is not appropriate as the referenced Notice was intended as an interim security measure until TWIC could be implemented. We expect that, with implementation of this final rule, the Coast Guard will be able to announce that it will no longer be enforcing the provisions of 33 CFR part 125, as described in the referenced Notice. Finally, the third suggestion is not appropriate, as there may be times when requiring an escort would delay law enforcement officials, which is explicitly not allowed in Sec. 101.515. (m). Accredited Providers

   One commenter wants DHS to explain the qualifying process a contractor must pass in order to be accredited. Since this was not in the NPRM, the commenter would like the opportunity to comment on this information once it is published.

   The enrollment provider must adhere to all applicable laws, such as the Privacy Act of 1974 (5 U.S.C. 552a) and the Federal Information Security Management Act (44 U.S.C. 3541 et seq., Title III of the E- Government Act of 2002, Pub. L. 107-347) to protect the personal information that is collected and stored in the TSA System. In addition, all TWIC contractor employees who will have access to DHS sensitive information must have favorably adjudicated background investigations commensurate with the sensitivity level of the position held. The contractor must also maintain an IT Security Program where DHS data is stored or processed on contractor-owned information systems. (n). Preamble Items Not Inserted Into the Rule

   Three commenters complained that there were many requirements/ issues mentioned in the preamble that were not incorporated in the rule. However, no specific examples were given. In light of this fact, we are unable to respond to this comment. (o). Additional Uses of the TWIC

   Two commenters would like to know if the TWIC card can be used for other commercial purposes not related to security. Specifically, one commenter would like to know if the TWIC card could be used as a payroll spreadsheet.

   TWIC is designed to be used a tool for securing access control; however it is possible that it might be used for other purposes as well. The rule does not prevent alternate uses of the credential, as long as they do not interfere with the applications and information related to the standards in this rule. (p). Accepted Cargo in Light of TWIC

   One commenter assessed their business practices as a result of the implementation of TWIC and decided they would no longer move CDCs. They also said they would be forced to abandon their VSPs. The commenter is worried that other companies may do the same and not move these types of commodities. This would greatly hinder our economy and is not the intended effect of TWIC.

   TSA and the Coast Guard have removed the card reader requirements from this final rule to reduce the potential burden on small businesses until such time as we can review additional technology and complete additional evaluation of the costs and benefits of reader requirements. Further details of the economic impacts of this final rule, including the costs imposed and the benefits gained, are identified in the accompanying Final Assessment. (q). Interim Rules vs. Final Rules

   One commenter wants the Coast Guard to address whether or not this rule will be published as a final rule as it incorporates, modifies, or updates regulations from the past that have never been published as a final rule.

   This comment relates to interim final rules that the Coast Guard previously issued affecting STCW, licensing, and MMD regulations. The TWIC and MMC projects are not intended to serve as the final rules for those projects. At the completion of both TWIC and MMC, the Coast Guard intends to publish additional final rules addressing the comments received on the aforementioned interim rules, and make any necessary changes. (r). NVIC

   One commenter extended an offer to work with the Coast Guard in the development of an NVIC.

   We appreciate the offer. We anticipate issuing a NVIC very soon. We also anticipate contacting many of our industry partners and engaging in as much industry consultation as possible prior to issuing a second NPRM proposing reader requirements.

3. TSA Provisions

   1. Technology Concerns

      TSA received a substantial number of comments on technology issues, almost all of which expressed concern about the feasibility and appropriateness of the proposal for reading the TWIC cards and verifying information. Commenters asserted that the TSA Prototype did not test many parts of the proposed system, including the readers and communications with a central database. Some raised questions about a central database. They questioned whether the systems will be compatible with existing systems and stated that if not, the costs of replacement will be high. Commenters stated that TSA must test the proposed system before requiring its use to ensure that it will work in the marine environment and that backup systems will function as well. They assert that TSA does not appear to have addressed issues related to system failures and power outages. In terms of interconnectivity, they stated that the system has to be shown capable of processing 700,000 TWIC instantaneously. Commenters also noted that the system does not appear to have been tested with passenger vessels.

      As stated in the previous discussion on Coast Guard's provisions, the final rule will not require the owner/operator implementation of access control infrastructure, including readers. A notice of proposed rulemaking will follow this final rule that will address the use of access control readers for the TWIC program. Also, we must note that the TWIC program will not require continual interface with a `central database' as implied in the comments.

      The implementation of the TWIC program is different from Prototype in that TSA will not be involved with the port facility infrastructures and other ``systems'' referenced in these comments. Prototype created a testing environment for the credential that included Physical Access Control System (PACS) readers. The testing environment for Prototype included various environments and transportation modes, including marine locations.

      Commenters also questioned TSA's assumption that the cards have a 5-year life cycle; the South Carolina State Port Authority said its experience indicated that cards do not last more than a year, which if true, would increase costs.

      TSA believes the 5-year longevity of the TWIC is reasonable. There is very little data to permit a comparison of the credential referenced by the South Carolina State Port Authority to the durability of the TWIC. TSA will monitor card failures as the program is implemented and make changes to the credentialing system as needed.

      Many commenters questioned the appropriateness of the FIPS 201-1 standard referenced in the NPRM and contact technology. They noted that it was developed for granting access to federal facilities and computer systems, not for granting access to ports and

      [[Page 3545]]

      marine facilities. They stated that it is slower, prone to errors, less reliable, and more susceptible to sabotage than contactless readers and cards. They noted that it has not been implemented at federal facilities yet. One commenter noted that smart cards can be copied.

      DHS agrees that there are a number of challenges including biometric authentication, privacy controls, and security features. Therefore, we have established the NMSAC working group to recommend a contactless biometric specification for the TWIC program. In addition, when developing the card reader requirements, we will consider all of these concerns and implement a system that effectively serves a commercial environment.

      A number of commenters noted that communications between vessels and a central database were uncertain and that some vessels do not have computers. They also noted that for some port facilities, locating the reader to handle arriving vessels can be problematic. Vessel operators stated that it is not feasible to install readers on many vessels.

      Neither the NPRM nor this final rule discusses communications with a ``central database.'' The final rule does not require owner/operator implementation of access control infrastructure, including readers. A subsequent notice of proposed rulemaking will follow that will address the use of access control readers for the TWIC program.

      Commenters questioned whether the reader technology required is ``intrinsically safe,'' as is required for facilities handling some hazmat.

      All of the reader requirements have been removed from this final rule, therefore we do not need to address this comment at this time. We will, however, keep it in mind for our subsequent rulemaking on reader requirements, and the Coast Guard and TSA will work to ensure that new equipment will satisfy the applicable safety requirements. Furthermore, there should be no material impact on logistics or productivity based on the change from the NPRM. Vessels, facilities, and OCS facilities subject to this final rule already check individuals' identification credentials. This rule, therefore, should not introduce new requirements that would impact logistics or productivity. 2. Enrollment Issues (a). Documents To Verify Identity

      Commenters have asked what information an applicant must provide in order to verify identity when applying for a TWIC. Some commenters recommended that TSA adopt the documents listed as acceptable for identification purposes on U.S. Citizenship and Immigration Services (USCIS) Form I-9 ``Employment Eligibility Verification'' as acceptable documents to verify identity for TWIC purposes. Other commenters asserted that the documents listed on the current Form I-9 are subject to fraud.

      TSA notes that the Form I-9 and its associated requirements are to verify that an individual is authorized under applicable immigration laws to work in the United States. The types of documents acceptable for a person to demonstrate his or her authorization to work may not in all instances be acceptable for TSA to verify identity for purposes of granting a credential that will allow the person access to a secure facility. If TSA believes that there is a significant risk that a type of document offered to verify a person's identity may be susceptible to fraud, we will not include that type of document in our list of identity verification documents for TWIC. As discussed above, the list of documents for identity verification for TWIC will be posted on the TWIC Web site and will initially include the documents accepted by TSA for persons applying for HMEs. DHS and other agencies within the federal government, however, continue to review identity documents to ascertain that those which are most susceptible to forgery, fraud, or duplication are not used, among other things, to obtain government security credentials. TSA may change the list of acceptable documents in the future consistent with that review.

      In addition, the REAL ID Act of 2005, Pub. L. 109-13, 119 Stat. 312 (May 11, 2005), requires implementation of minimum document requirements and issuance standards for State-issued driver's licenses intended for use for official federal purposes. The REAL ID Act requires that, effective May 11, 2008, a State that participates in REAL ID will adopt certain minimum standards to: (1) Authenticate documents produced by applicants to prove identity and lawful status in the U.S., (2) ensure the integrity of the information that appears on driver's licenses and identification cards, and (3) prevent tampering, counterfeiting or duplication of such cards for a fraudulent purpose. Under the REAL ID Act, DHS is authorized to promulgate regulations to determine whether States driver's license standards are in compliance with the REAL ID Act.

      The standards for documents accepted for identity verification for TWIC purposes would necessarily be affected by any regulations issued to implement the REAL ID requirements and will likely result in a change in the accepted document list for TWIC once the REAL ID regulations are implemented.

      For all mariners, the enrollment section now provides that merchant mariners must bring the documents that the Coast Guard requires in 46 CFR chapter I, subchapter B to verify citizenship and alien status. The proof of citizenship requirements are currently contained in 46 CFR 10.201 for licenses and CORs, and 12.02.13 for MMDs. The Coast Guard has proposed changing these citizenship requirements as discussed in the MMC SNPRM published elsewhere in today's Federal Register. We are requiring that mariners bring these documents to the TWIC enrollment center because they must be scanned into the enrollment record so that the Coast Guard has them available to review when reviewing the merchant mariner's record to renew or obtain an MMC. (b). Where Enrollment Should Begin

      A few commenters opposed implementation at the largest ports until the TWIC program has been tested in other areas first, to minimize adverse impacts on the national economy.

      To mitigate security threats at the ports, TSA and the Coast Guard have developed a phased deployment for the TWIC program over an 18- month period. The deployment of TWIC enrollment centers will start with a small number of ports, and ports will be added over time across the TWIC population centers. The scheduling of the deployment by TSA and the Coast Guard is based on the Coast Guard's list of ports, ranked by size and criticality. The deployment schedule will be closely coordinated with the COTP in the various regions. (c). Other Timing Issues

      Some commenters thought that the schedule for implementing the program within 18 months is unrealistic. Others urged TSA to extend the implementation period to allow testing of biometric readers or to allow the Coast Guard to redesign its MMC to incorporate TWIC security features.

      We believe the 18-month timetable for conducting the initial enrollment is realistic. If unforeseen events delay completion of the initial enrollment, we will adjust the schedule accordingly and notify all affected workers and owners/operators.

      One commenter believed that the 5-year TWIC renewals should be staggered. Another commenter suggested that the TWIC should be

      [[Page 3546]]

      considered good, even if expired, based on receipt by TSA of a valid application or renewal. Others supported the 180-day window for renewals for mariners, but asked whether the same window would apply to non-mariners employed on covered vessels. The phased deployment of enrollment centers will result in staggered TWIC enrollment. The deployment approach will spread out the enrollment population to different geographic locations as the deployment progresses across the maritime sector. All affected workers should plan for renewals based on their respective schedules and locations. The NPRM specifically mentioned a 6-month period for mariners because they must complete the check for the mariner's license, which is time-consuming, following the threat assessment for TWIC.

      Some officials from the State of Florida suggested that the Florida identification cards currently in use could be replaced with the TWICs as the Florida cards expire. State-issued identification cards will not be considered comparable to or interchangeable with TWIC, and therefore, the commenter's suggestion cannot be accepted.

      Others asked how the scheduling system would interact with ports and port enrollment personnel, and urged TSA to give consideration to current workers to minimize disruption to commerce.

      TSA and the Coast Guard will work closely with the COTPs and industry to ensure that all affected employers and workers know when enrollment will begin at the nearest location. Much of the enrollment information for TWIC, including some scheduling items, will be available on-line. We will publish Notices in the Federal Register as the enrollment schedule unfolds, so that all affected workers, including individuals who do not work regularly on a vessel or maritime facility, can determine when he or she should enroll and where to complete enrollment. All applicants are encouraged to pre-enroll on- line and schedule an appointment at the enrollment center to complete enrollment. In addition, owners/operators must give 60 days notice to employees to provide employees with adequate notice to schedule TWIC enrollment during the initial enrollment roll out. (d). Additional Enrollment Centers

      Many commenters believed there should be more enrollment centers at convenient locations to minimize travel and missed work. Some commenters were concerned that the number of centers in highly industrialized areas would not be adequate, and some named specific locations, such as Oakland, California and Paducah, Kentucky that need centers. Others thought there was a need for centers at ports in Alaska, such as Juneau; at out-of-the-way places such as Kodiak and Dutch Harbor, Alaska and the U.S. Territory of Guam; and at locations outside the United States for mariners on job assignments overseas. A commenter asked about renewals for individuals who are residing overseas and do not have ready access to an enrollment center.

      We agree and, where applicable, we may use mobile enrollment centers for the phased enrollment approach. Based on commenters' input, Juneau and Guam have been added as ports that will be covered. The Port of Oakland is on the list. The area of Paducah is a 3-5 hour drive from centers located in St. Louis, Chattanooga, Nashville, Louisville and Memphis. These areas, as well as others mentioned in Alaska, will be reviewed during the implementation. The number and location of enrollment centers will balance the need for convenience with the cost of additional enrollment centers to avoid increasing the financial burden on applicants.

      A few commenters noted that centers should be readily accessible to trucks and that centers should be kept open around-the-clock if that is where workers would go to reset their PIN. One commenter recommended that the procedures for changing a PIN be clarified. Several commenters suggested making use of existing facilities, such as offices of CBP, motor vehicle offices, law enforcement offices, post offices, Coast Guard RECs, sector command centers, and enrollment centers used for the Florida identification card. Commenters also encouraged the use of mobile centers that could visit ports and major facilities and could return more than once so that applicants could use the mobile center again.

      We agree and, as stated above, will use mobile enrollment centers where appropriate for the phased-in enrollment approach. TSA also agrees that alternate hours of operation at enrollment centers will reduce the burden placed on TWIC users. Enrollment center hours of operation will balance the need for convenience with the cost of additional personnel for extended enrollment center hours, to avoid increasing the amount of the fee for the applicants. The contractor selected for enrollment may use existing facilities as it deems appropriate. (e). Picking Up Credentials at an Alternate Center

      Several commenters supported the idea of allowing applicants to pick up their credential at an alternate location. Some noted that mariners aboard a vessel may not be able to return readily to the same enrollment center.

      TSA appreciates the commenter's suggestion, but under the current implementation plan, the system cannot be altered to accommodate retrieving credentials from an alternate location. TSA is working to include this kind of option in the future. For now, aside from the software design issue, TSA believes that without further analysis or testing, this process may unreasonably complicate the accountability and shipment of the cards from the production facility. If an applicant cannot retrieve the credential shortly after being notified that it is ready, the enrollment center will hold the card until the applicant returns to pick up the credential. (f). Other Ways To Ease the Process

      A few commenters believed that facilities and employers should be allowed to capture all applicant information, including the biometrics, and activate the credentials. Some suggested that the CSO could activate TWICs on behalf of the enrollment centers. One commenter suggested using a passport, which includes a specific check for identity by the issuing office, in place of the TWIC. Two commenters asked how enrollment will be accomplished for mariners abroad and whether U.S. consulates could play a role.

      Based on industry comments received during Prototype, we do not require individual companies to act as sponsors and assist in the enrollment process. In addition, given the economies of scale, the cost of enrollment is lower by using one contractor. It is also important to maintain consistency in procedures across the country and ensure that only Trusted Agents who are adequately trained conduct enrollment and card activation.

      We do not agree that a passport is a good alternative to TWIC. TWIC is a biometric credential with multiple security, identification, and authentication features; a passport does not contain many of these features, such as a biometric, which are required by MTSA.

      The Coast Guard and TSA are examining methods to ensure that mariners stationed overseas will have adequate opportunities to enroll for TWIC. This process may involve

      [[Page 3547]]

      sending TWIC enrollment personnel overseas for a short time. (g). Other Enrollment Center Issues

      Commenters raised a number of miscellaneous suggestions and questions regarding enrollment. Commenters asked how TSA would address post-enrollment maintenance of the enrollment centers.

      After the initial 18-month deployment of enrollment centers, TSA will determine the needs for post-enrollment maintenance of enrollment centers based on population, turnover, and other factors related to enrollment.

      Commenters suggested that the criminal history portion of the threat assessment should be conducted in the applicant's State of residence because criminal codes vary from State to State.

      TSA will leverage existing tools and personnel to conduct security threat assessments. All of the CHRCs will go through the FBI's Criminal Justice Information Service (CJIS), which is the national repository for criminal records. It is true that criminal codes may vary from State to State, but the adjudication staff and attorneys with criminal law expertise who support the adjudication process are experienced in examining State conviction records to determine if a disqualifying offense in Sec. 1572.103 of the rule has occurred.

      Commenters asked if there would be accommodations for individuals who cannot produce 10 fingerprints due to injury. For purposes of the CHRC, TSA will consult with the FBI and utilize the procedure it has in place for individuals who cannot produce 10 fingerprints.

      Commenters asked if making an appointment for completing enrollment provides a defined time slot for service.

      As planned, the appointment process will allow the applicants to schedule a time for enrollment in 15- to 30-minute increments at a specific enrollment center. The center will also accommodate walk-in enrollees, but will provide preference to those with appointments.

      Commenters asked what method of payment would be acceptable for the TWIC fee. TSA will accept payment by credit card, cashier's check, or money order.

      Commenters asked if enrollment centers will be located at ports, and if port personnel will be used to enroll applicants. Also, commenters asked if the enrollment staff will be trained.

      TWIC enrollment centers will be staffed by TSA contractor personnel--Trusted Agents, not port personnel. All Trusted Agents will undergo a TSA security threat assessment and complete specialized training before conducting enrollment. TSA and the Coast Guard are currently considering that the enrollment centers will be within a five-mile radius of the center of the port population, where possible. (h). Use of E-Mail for Notifications and Correspondence

      A commenter asked if e-mail could be used in place of paper notifications and correspondence, and supported it as a means for cost savings. A commenter suggested allowing at least one alternate method for transmitting notifications and correspondence to applicants.

      TWIC enrollees will be notified via e-mail or voice mail that their card is ready. TWIC applicants are asked to express a preference for one of these methods, and should select the one they are most likely to receive when sent. However, the notifications that TSA must provide following completion of the security threat assessment must be through the U.S. mail at this time. The infrastructure TSA currently uses for HME applicants involves the electronic production of letters that have been created to fit all potential threat assessment outcomes and transmission by U.S. mail. For the TWIC initial enrollment and the HME process, TSA cannot change this existing system, but will expand the system to accommodate e-mail notifications in the future. (i). Lost, Damaged, or Stolen TWICs

      Several commenters made reference to the need to report a lost or stolen TWIC immediately.

      We agree with this comment. Lost, damaged, or stolen TWICs must be reported to TSA in accordance with Sec. 1572.19(f). They should be reported to the TWIC Call Center, which will have a readily available number, as soon as the card is determined to be missing or damaged. After the applicant submits payment for the replacement TWIC card, the TWIC system will then automatically send a signal to the card production facility to trigger production of a replacement TWIC. TSA will add the lost/damaged/stolen credential to the list of revoked cards for which access to secure areas cannot be granted, to guard against the credential being used by someone other than the rightful holder. Additionally, reporting the card is a necessary step if the individual continues to require unescorted access.

      One commenter stated that if an employee can demonstrate proof that the TWIC was stolen, the fee for a replacement TWIC should be waived.

      We do not agree with the comment. It would be very difficult to establish with certainty that a TWIC was stolen before a replacement card is ordered, and developing standards for determining this to apply consistently at all enrollment centers would be equally difficult. In addition, for security reasons applicants must handle their credentials carefully so that they do not fall into the hands of others.

      Several commenters expressed concern about the burden of requiring an applicant to appear at an enrollment center to report a lost or stolen card (as required in the Prototype). According to these commenters, the inconvenience of traveling to an enrollment center is exacerbated for mariners serving on vessels engaged in international voyages or on domestic voyages where the lack of proximity to an enrollment center would make it very difficult to mandate a personal appearance in a timely manner, especially considering the 24 by 7 watch schedules on commercial vessels. Several commenters requested that individuals be able to order a replacement TWIC via the Internet and then validate his or her biometrics and activate their TWIC during a single trip to an enrollment center.

      We agree with these comments, and applicants should report lost, damaged or stolen credentials through the TWIC Call Center. TWIC holders will have to visit an enrollment center once to pick up and activate their replacement TWIC. (j). Employer Responsibility To Notify Employees

      A commenter remarked that such a requirement should not be for individual notice, but should be fulfilled by a posting. The commenter expressed concern that if an individual is not notified and subsequently is determined to pose a threat of terrorism or engaged in terrorist activity, the owner/operator might be liable for any damages that result.

      We recognize that an owner/operator may have a variety of means at his or her disposal to communicate with employees. The requirement does not specify that the notice be given to each employee individually, but whatever mean is chosen (and there may be more than one) it should be aimed at reaching as many employees as possible.

      One commenter requested confirmation that TSA had stored the fingerprints and biographical information of HME driver-applicants.

      TSA stores the fingerprints and biographic information of HME applicants who are licensed in States that use TSA's agent to conduct enrollment.

      [[Page 3548]]

   3. Appeal and Waiver Issues (a). Independent Review by Neutral Party

      Several commenters urged TSA to modify the appeal and waiver processes to include an independent review by a neutral party, such as an ALJ. TSA issues an Initial Determination of Threat Assessment if the results of the threat assessment reveal a disqualifying standard. In the proposed rule, TSA stated that if legislation were enacted after publication of the proposed rule that requires TSA to adopt a program in which ALJs may be used to review cases in which TSA has denied a waiver request, TSA would amend the final rule to address such statutory mandates. 71 FR at 29421. On July 11, 2006, the Coast Guard and Maritime Transportation Act of 2006 was signed into law. H.R. 889, sec. 309, amending 46 U.S.C. 70105(c). The Act mandates the creation of a review process before an ALJ for individuals denied a waiver under the TWIC program. As a result, we have added procedures for the review by an ALJ for requests for waivers that are denied by TSA. These procedures are discussed in detail above in ``TSA Changes to the Proposed Rule.'' (b). Deadlines for Appeal and Waiver Processing

      Several commenters argued that it would be difficult for individuals who travel for extended periods of time to comply with the 60-day deadline for appealing an adverse determination or requesting a waiver. Some of these commenters also noted that TSA's definition of ``date of service'' provides for constructive notice but does not ensure actual notice.

      While the proposed rule allowed applicants to apply for an extension of the deadline, the request for extension had to be in writing and received by TSA within a reasonable time before the due date to be extended. TSA understands that if individuals have difficulty complying with the 60-day deadline for appealing an adverse decision or requesting a waiver, individuals may have equal difficulty requesting an extension within the timeframe allowed. For these reasons, TSA is amending its appeal and waiver procedures to allow requests for an extension even after the deadline for response has passed. Individuals will now be allowed to request an extension of the deadline after the deadline has passed by filing a motion describing the reasons why they were unable to comply with the timeline. We believe this amendment makes the appeal and waiver processes more reasonable for the group of workers affected. (c). Facility Owner's Role in TWIC Appeal Process

      One commenter said that the adjudication process for information developed during the security threat assessment is flawed and undermines the facility owner's responsibility because it does not involve the owner/operator of a facility. The commenter said that a facility owner might have information that could allow the appeal to be decided quickly. The commenter said that the proposed appeal process conflicts with the facility owner's ultimate responsibility for the security of his facilities and that it could create significant liability issues for facility owners. The commenter stated that the ultimate responsibility for determining an individual's eligibility for unescorted access to critical facilities must remain with the owner of that facility.

      We disagree. The statutory language of 46 U.S.C. 70105 specifically prohibits sharing of information with an applicant's employer: ``Information obtained by the Attorney General or the Secretary under

      [sec. 105 of the MTSA] may not be made available to the public, including the individual's employer.'' It further provides that ``An individual's employer may only be informed of whether or not the individual has been issued the card under [sec. 70105 of the MTSA].'' An applicant may offer any information during an appeal or waiver process that he or she feels is relevant to the appeal or waiver process, including information from the employer on his or her behalf that the applicant feels will assist the adjudicators in making a decision.

      The TWIC process does not create a liability issue for facility or vessel owner/operators. The ultimate responsibility for decisions as to who should be allowed entry, and under what conditions, remains with the owner/operator, so long as only TWIC holders are given unescorted access to secure areas. The TWIC system enhances his or her ability to make that decision by providing a highly reliable source of information regarding the known risks presented by an individual requiring access. The owner/operator can therefore make informed, confident choices in deciding whether or not to grant access and under what conditions. Furthermore, since the owner/operator is removed from the adjudication process, he or she is further protected from increased liability, since all challenges to the adjudication process will necessarily be directed at the federal government, not the owner/operator. 4. TSA Inspection

      In proposed Sec. 1572.41, TSA proposed to require owners/operators to permit TSA personnel to enter the secure areas of maritime facilities to evaluate, inspect, and test for compliance with the standards in part 1572. Many commenters recommended that the Coast Guard serve as the primary inspection authority. Several commenters expressed uncertainty regarding whether or the degree to which TSA's envisioned responsibility for auditing TWIC readers implies a role for TSA in compliance checking. Some commenters suggested that the Coast Guard be responsible for all vessel and facility inspections, particularly those that entail boarding vessels. One commenter recommended an MOA between the Coast Guard and TSA and one suggested that TSA access TWIC readers under the Coast Guard oversight. Another commenter recommended that TSA delete 49 CFR 1572.41, not implement a TSA inspection program, and revise 33 CFR 101.400 and 33 CFR 101.410 to add TWIC compliance to existing Coast Guard vessel and facility security inspection programs.

      In accordance with our statutes, TSA and the Coast Guard have joint responsibility for development and oversight of the TWIC program. In addition, both agencies have statutory authority to inspect for compliance with their regulations and to conduct security assessments. The intent of adding specific language to the regulation regarding TSA's inspection authority is not to add additional burdens to the maritime industry but to clarify the existing authority and inform the public of their statutory obligations. To address the concerns expressed by the maritime industry and promote consistency, Coast Guard and TSA field guidance will be developed and include the need for coordination of TSA inspections or tests with the local Coast Guard COTP or his/her representative.

      The inspection rule language has been moved to 49 CFR 1570.11, where it fits organizationally among the other general requirements. This section is similar to those in other modes of transportation and is necessary for TSA to exercise its oversight and enforcement responsibilities over trusted agents, the enrollment process, and the performance of the credential in a variety of circumstances.

      [[Page 3549]]

   5. Security Threat Assessment (a). Comparability of Other Background Checks

      We received many comments on proposed Sec. 1572.5(d), in which TSA described a process to determine if security threat assessments or background checks completed by other governmental agencies can be deemed comparable to TSA's threat assessment for TWIC and HME, to minimize redundant assessments. Generally, commenters supported the concept of recognizing the background checks of other government agencies as comparable. Many argued that maritime workers may have a government ``Secret'' or ``Top Secret'' clearance and should not be required to undergo a TWIC threat assessment. Commenters from marine services companies, shipping and cruise lines, towing companies, and maritime organizations stated that background checks performed by employers should alleviate, in whole or part, security concerns and make TWIC unnecessary. Some said that company ID badge programs adequately address the security issues. Some commenters said the name checks currently being conducted on port workers created adequate safeguards. Two commenters said that they should have an opportunity to demonstrate to TSA that their credential program qualified as an alternate to TWIC and could be designated as ``TWIC equivalent.'' One commenter noted that TWIC would need to cover persons who are not normal seaport employees, such as Federal postal service employees. One commenter pointed out that background checks for unescorted access to the Secure Identification Display Areas of an airport are equivalent to or more stringent than the background checks under the proposed rule. One commenter noted that certain utility workers are already subject to more stringent security measures such as Nuclear Regulatory Commission requirements. One commenter requested that the final rule recognize the equivalency of the DOD National Industrial Security Program (DOD NIST) and the U.S. Office of Personnel Management's Trustworthy Determination review and clearance programs. Several commenters supported the fact that the proposed rules will accept a background check done for a hazardous materials endorsement or under CBP's FAST program.

      TSA is pleased that this section is generally favored by the industry and we are not making any changes to the language proposed in the NPRM. TSA looks forward to working with other governmental agencies, many of which were cited in the comments, to issue comparability determinations where appropriate and eliminate duplicative checks. When a comparability decision is made, TSA will announce the decision through a Notice in the Federal Register. Fees will be reduced in the same manner described in this rulemaking for holders of HMEs.

      We do not believe it would be advisable to offer comparability determinations to private companies for the checks they perform on the workforce. A check conducted by a private employer would not include the in-depth review of information related to terrorist activity and organizations to which TSA has access. These checks are critical to making the security determination that MTSA requires. (b). Adjudication Time

      The proposed rule preamble states that facility and vessel owners/ operators must notify workers of their responsibility to enroll and that generally, owners/operators should give individuals 60-days notice to begin the process. Many commenters objected to this timeframe, referring to it as a ``60-day waiting period.'' One commenter urged TSA to dedicate additional resources to ensure the system has the capacity to handle the processing load. Other commenters believed that completing the threat assessment in less than 30 days is optimistic.

      Many commenters urged that the time needed to complete an applicant's adjudication should be shortened. Several pointed out that during TWIC Prototype testing, the goal was 96 hours from enrollment to receipt of the card, and commenters favored this time period. A few commenters asked why the period could not be shortened to 24 or 48 hours, and others suggested 5 days, which is the standard in Florida. Some asked why we could not adopt the check completed for purchasing a firearm. A commenter noted that the in legislative history of MTSA, members of Congress expected that DHS would be able to issue a TWIC within 72 hours of receipt of an application. Others, including local port authorities and associations, did not give a specific timeframe but thought the processing time could and should be reduced. One commenter asked TSA to provide expedited or prioritized application service for merchant mariners who are often absent for many months at a time. One commenter recommended that TSA should consider issuing a temporary credential for those individuals who are attempting to rectify a problem that surfaced in the adjudication process, which might stem from a case of mistaken identity or inaccurate court records.

      First, it is important to state that the TWIC program does not have a mandatory ``waiting period.'' Rather, TSA must adjudicate the security threat assessment of each applicant following enrollment and each case necessarily entails processing time. During the initial enrollment roll out, owners/operators must give ample notice to workers so that the threat assessment can be completed before the workers are required to present a TWIC to gain access to secure areas. As a general rule, security threat assessments and issuance of a TWIC should take no longer than 30 days. In fact, in our experience completing the threat assessments for hazmat drivers, threat assessments are typically completed in less than 10 days and we will strive to keep the threat assessment time period to 10 days for most applicants. However, processing time increases for an applicant with a criminal history or other disqualifying information, and is further lengthened if the applicant initiates an appeal or waiver.

      Criminal records are not standard and are often incomplete or out- of-date. When a rap sheet is revealed following submission of an applicant's fingerprints, an adjudicator must review it carefully and often must make additional inquiries in other public court data sources or telephonically to determine if a disqualifying offense has occurred, and if it occurred within the prescribed time period. In addition, often the adjudicator must contact another agency that may be engaged in an investigation of the applicant, to determine the nature of the investigation, if it involves security-related issues, and whether going forward with an Initial Determination of Threat Assessment would inappropriately signal to the applicant that an investigation is ongoing. This process can be very lengthy, and one over which TSA generally has no control.

      The time period needed to complete security threat assessments during the TWIC prototype is not a good model from which to make comparisons. TSA was not able to complete a CHRC during Prototype, because there was not a regulation in place requiring a fingerprint- based check. Therefore, the time needed to complete the threat assessment was much shorter than is typical. However, the Prototype provided data on enrollment and card production processing times. We will

      [[Page 3550]]

      process applications as they are received. After applications are received and sent for security threat assessment, individual processing times will vary based on the complexity of the adjudication.

      The check done when an individual wishes to purchase a firearm differs from this check in many respects. The firearms check was created before the terrorist attack on September 11, and has a different purpose. The government reviews different records for that check, which do not require fingerprints to search. No credential is issued and no biometric is used to verify identity, so the system needed to support the program is less complex. The volume of applicants is lower than in TSA's security threat assessment programs and there is a different funding mechanism for the firearms search.

      In response to the many comments on adjudication time, TSA is amending the information required or requested for enrollment to help expedite the adjudication process. Most of the new information is voluntary; however, providing it should help TSA complete adjudications more quickly. All of the amendments apply to HME and TWIC applicants. First, applicants who are U.S. citizens born abroad may provide their passport number and Department of State Consular Report of Birth Abroad. These documents expedite the adjudication process for applicants who are U.S. citizens born abroad. In addition, applicants who have previously completed a TSA threat assessment should provide the date of completion and the program for which it was completed. Also, applicants are asked to provide information if they hold a Federal security clearance, and include the date the clearance was granted and the agency for which the clearance was performed.

      We considered issuing a temporary credential to individuals while their threat assessment is underway, but determined it would create more problems than it would solve. First, the fee to each applicant would increase dramatically. Second, an entirely new software system would have to be developed to implement a temporary credential. For a simple system, the temporary card would probably not contain a biometric or photograph, and so the opportunities for misuse would be great.

      The Coast Guard has had experience with issuing temporary credentials. In the late 1970s, the Coast Guard issued temporary MMDs, in the form of a letter, to allow an applicant to sail for six months during which time the applicant could decide if he or she wanted to remain a seafarer. No commitment of employment was required. This soon became an administrative burden with the applicant obtaining a temporary MMD, sailing for awhile, and then finding better employment ashore. In addition, the Coast Guard had many records of issuance with no closure because the applicant never returned to apply for a final MMD.

      A general review of background checks and security threat assessments across government and in the private sector will show that the TSA processing time for a TWIC or HME is far below the average time to complete an assessment. Many threat assessments take six months or longer. In any event, as described above in the discussion of the Coast Guard's provisions, we have included a provision in the final rule to provide relief to the owner/operator who absolutely must provide a new direct hire with access to secure areas before the individual's TWIC has been issued. (c). Disqualifying Criminal Offenses

      We received a variety of comments concerning disqualifying criminal offenses. We changed this section in response to comments, and the changes are discussed in detail above in the ``TSA Changes from the Proposed Rule.'' We received some very specific comments that we will address here.

      Several commenters including port authorities recommended that cargo theft be added to the list of disqualifying crimes. Depending on the circumstances of the conviction, TSA believes that, in most cases, cargo theft will be covered by Sec. 1572.103(b)(2)(iii) dishonesty, misrepresentation, or fraud.

      Some commenters suggested that improper transportation of hazardous materials could encompass neglecting to placard a vehicle or to replace a placard that fell off. Also, commenters are concerned that a transportation security incident could include an environmental spill caused by negligence. TSA does not agree. Improper transportation of a hazardous material under 49 U.S.C. 5124 requires that the violation be knowingly, willfully, or recklessly committed. To be disqualified under the rule, the applicant must have received a felony conviction for improper transportation of hazardous materials or a transportation security incident. A felony conviction for these crimes reflects evidence of serious criminal culpability for conduct directly related to proper transportation procedures and port security. Both of these offenses are waiver eligible, and TSA may evaluate the applicant's conduct, intent, and other circumstances of the conviction as part of the waiver process.

      Other commenters suggested that ``improper transportation of a hazardous material'' and ``unlawful possession of an explosive or explosive device'' should not permanently disqualify someone from obtaining a TWIC. TSA disagrees. These offenses have always been permanent disqualifiers. Because of the dangerous nature of explosives, a felony offense involving hazardous or explosive materials is highly relevant to a person's qualifications to transport hazardous material or to have unescorted access to secure areas. As TSA stated in the NPRM, after reviewing all of the individual circumstances, TSA has granted waivers for prior nonviolent felony convictions for illegal possession of an explosive.

      Commenters noted that States define crimes differently and that these inconsistent standards may lead to unequal standards for denying individuals employment. Where necessary, TSA evaluates an applicant's State conviction by comparison to the State crime to the elements of the applicable federal crime. TSA may review the individual circumstances of a conviction, including the elements of the crime as defined by a particular State, if the crime is identified as one for which the applicant may be eligible for a waiver and the applicant seeks a waiver from disqualification.

      TSA also received several comments suggesting that the language was unclear explaining how prior convictions and incarceration count to disqualify an applicant. TSA has revised the language to clarify that the crimes listed are disqualifying if either of the following is true: (1) The applicant's date of conviction is within seven years of the date of application; or (2) the applicant was incarcerated for that crime and was released from incarceration within five years of the date of application.

      Requests for ``grandfathering,'' that is, waiving all or certain disqualifying crimes for individuals who have been working on a MTSA- regulated facility or vessel prior to the implementation date for TWIC, were carefully considered and evaluated at length during the public comment period and drafting of the final rule. We have decided not to include a grandfathering provision in order to ensure that all individuals who are issued a TWIC have successfully completed a published and consistent threat assessment process. Part of the purpose in implementing TWIC is finding out who is in our ports; we do not think it is appropriate to allow unescorted access to an individual who may pose a terrorism risk merely

      [[Page 3551]]

      because he or she has worked in the maritime environment for a period of time without incident. Doing so presents an unacceptable security risk. However, in order to address the industry comments and concerns over losing a significant population of the work force due to an inability to apply for and receive a TWIC due to the disqualifying crimes requirement, the list has been modified, and the waiver appeal process has been enhanced to include independent third party evaluation.

      Several commenters opposed Sec. 1572.107 which grants TSA the ability to disqualify individuals for crimes that are not included on its list, as this would be too subjective or applied inconsistently. Others commented that Sec. 1572.107(b) violates due process as it allows TSA to disqualify an individual merely ``suspected'' of posing a security threat.

      TSA believes that this is a necessary provision, as it is impossible to list every crime that may be indicative of a threat to security. Further, Sec. 1572.107 is not often used to disqualify persons for criminal convictions, and part 1515 requires a different level of review than a determination based on the list of disqualifying crimes.

      Paragraph 1572.103(d) describes how an arrest with no indication of a conviction, plea, sentence or other information indicative of a final disposition must be handled. TSA is changing the time allowed for an applicant to provide correct records from 30 days to 60 days. The individual must provide TSA, within 60 days after the date TSA notifies the individual, with written proof that the arrest did not result in a conviction of a disqualifying criminal offense. If TSA does not receive such proof within 60 days, TSA will notify the applicant that the he or she is disqualified from holding an HME or a TWIC.

      One commenter stated that preventing individuals who are wanted or under indictment for listed felonies from obtaining a TWIC is inappropriate since only those that have been ``convicted'' can be denied a security card.

      An individual under want or warrant is a fugitive from justice and therefore is not a suitable candidate for a TWIC. In addition, the return of an indictment for a disqualifying crime reflects a preliminary finding that there is, at a minimum, reasonable cause to believe that the individual committed the disqualifying crime. Therefore, TSA has determined that persons who are the subject of a pending indictment for one of the crimes on the list should be disqualified from obtaining TWICs. If the indictment is subsequently dismissed or, after trial, results in a finding of not guilty, the applicant is no longer disqualified and may reapply for a TWIC.

      A commenter asked TSA to reconsider the practice of considering a guilty plea a conviction for purposes of this section. TSA applies federal law to determine whether the disposition of a criminal case constitutes a ``conviction.'' In Dickerson v. New Banner Institute, Inc., 460 U.S. 103 (1983), the United States Supreme Court held that the defendant had been convicted for the purpose of a federal gun control statute even though under state law, the defendant's sentence had been deferred. The fact that the defendant pled guilty to the state offense was sufficient to constitute a conviction for the purposes of federal law. This case supports a broad interpretation of the term ``convicted,'' for purpose of this final rule. (d). Waivers

      It is important to highlight here that applicants who are disqualified due to a criminal conviction should make every effort to apply for a waiver, assuming the crime is waiver-eligible. TSA has developed the waiver program to ensure that individuals who have a criminal history but no longer pose a threat are not denied an HME or a TWIC. The process is informal, designed for applicants who are not represented by counsel and are not conversant with legal terms and process. We accept hand-written waiver applications, so the applicant does not need to have a computer.

      In determining whether to grant a waiver request, we are most interested in the circumstances surrounding the conviction, the applicant's history since the conviction, the length of time the applicant has been out of prison if sentenced to incarceration, and references from employers, probation officers, parole officers, clergy and others who know the applicant and can attest to his or her responsibility and good character. TSA grants the majority of waiver applications received. 6. Immigration Status

      Commenters asked the TSA to extend TWIC eligibility to non-resident aliens who are lawfully admitted into the U.S. under visas that permit them to work. Another commenter noted that maritime owners/operators bring in specialists from around the world to complete specialized tasks on vessels, and these workers should be able to apply for and obtain a TWIC. One commenter suggested that applicants should have to show U.S. residence for three years to apply for a TWIC. Several commenters noted that multinational corporations involved in the maritime industry have foreign employees and foreign business partners at U.S. facilities, and these individuals should not have to be escorted through secured facilities or vessels.

      The NPRM was drafted to permit non-resident aliens in the U.S. with authorization to work here to apply for and obtain a TWIC, so the first two commenters' concerns are not warranted. TSA and the Coast Guard considered the relatively common employment of foreign specialists in certain maritime job categories when developing the immigration standards. This final rule allows holders of certain categories of nonimmigrant visas, with work authorization, to apply for a TWIC.

      For purposes of this discussion, it is helpful to explain that there are two categories of U.S. visas: immigrant and nonimmigrant. As provided in the immigration laws, an immigrant is a foreign national who has been approved for lawful permanent residence in the United States. Immigrants enjoy unrestricted eligibility for employment authorization. Nonimmigrants, on the other hand, are foreign nationals who have permanent residence outside the United States and who are admitted to the United States on a temporary basis. Thus, immigrant visas are issued to qualified persons who intend to live permanently in the United States. Nonimmigrant visas are issued to qualified persons with permanent residence outside the United States, but who are authorized to be in the United States on a temporary basis, usually for tourism, business, study, or short or long-term work. Certain categories of lawful nonimmigrant visas or status allow for restricted employment authorization during the validity period of the visa or status.

      An alien holding one of the following visa categories is eligible to apply for a TWIC: (1) H-1B Special Occupations; (2) H-1B1 Free Trade Agreement; (3) E-1 Treaty Trader; (4) E-2 Treaty Investor; (5) E-3 Australian in Specialty Occupation; (6) L-1 Intra Company Executive Transfer; (7) O-1 Extraordinary Ability; or (8) TN North American Free Trade Agreement. In selecting these visa categories, we focused on the professionals and specialized workers who are frequently employed in the maritime industry to work on vessels or other equipment unique to the maritime industry. In addition, we understand that many Canadian and Mexican citizens conduct business at ports in the United States,

      [[Page 3552]]

      and barring them from obtaining a TWIC would create an undue burden on commerce. Also, we are adding foreign nationals who are attending the U. S. Merchant Marine Academy to the group of aliens who may apply for a TWIC, if they are in proper visa status. Finally, we are including applicants from the Marshall Islands, Micronesia, and Palau as eligible to apply for a TWIC. The United States has entered into treaties with these countries and shares close ties with each of them. Citizens of the Marshall Islands, Micronesia, and Palau may reside in the United States indefinitely and have unrestricted authorization to work here.

      In order to minimize the likelihood that an applicant with a short- term visa retains a 5-year TWIC, we are requiring the employer of any individual holding an eligible nonimmigrant visa to retrieve the TWIC from the employee when the visa expires, the employer terminates the employment, or the employee otherwise ceases to work for the employer. In addition, we require the employee to surrender the TWIC to the employer. If the employer terminates the employee, or the employee ceases working for the employer, the employer must notify TSA within five business days and provide the TWIC to TSA if possible. 7. Mental Incapacity

      One commenter believes that the NPRM inaccurately treats illnesses like drug addiction as indicators of mental incapacity if commitment to an institution results. Another commenter representing port employers stated that some port workers have very low IQs and consequently have been assigned legal guardians, but work successfully in port facilities.

      TSA agrees that such applicants can be determined to be qualified to hold a TWIC or HME. As discussed above in the ``TSA Changes to the Proposed Rule,'' TSA has no interest in limiting the ability of mentally-challenged or ill workers to obtain a TWIC. Therefore, TSA is changing the waiver process to permit applicants who have been committed to a mental health facility or declared mentally incapable of handling their affairs to apply for a waiver. TSA will decide these waiver requests on a case-by-case basis. TSA will not necessarily require documentation showing that the disqualifying malady or condition is no longer present. The documentation submitted to TSA in support of the waiver request will be very important in making the waiver determination, however, applicants and/or their representatives should carefully consider and include all available information TSA can use to determine if the applicant poses a security threat. 8. TWIC Expiration and Renewal Periods

      Several commenters stated that the TWIC should remain valid for more than five years. Most noted the cost of renewal as the basis for supporting a longer period. Commenters who supported a longer period also commonly argued that the biometric information, fingerprints, generally do not change over long periods of time. One commenter suggested requiring new fingerprints and digital photos only when something occurs to alter them significantly.

      The NPRM proposed that a TWIC expire five years after it was issued, at the end of the month in which it was issued. See Sec. 1572.21(e). In a new section, Sec. 1572.23, the final rule retains this provision, except that the expiration occurs on the day, rather than end of the month, five years from when it was issued. Therefore, if a TWIC is issued March 20, 2007, it expires at the end of the day March 19, 2012.

      As the technology and program mature, we plan to date the expiration of a renewal TWIC five years from the date the previous TWIC expired, so that applicants who begin the renewal process early are not penalized by having the initial 5-year term end early. We would like to provide a 6-month time period for renewal to give full opportunity to individuals to reapply in time to get a new TWIC before the old one expires, even if they are mariners that are away for long periods of time. A six-month time period would also encourage TWIC holders to apply early for renewal so that TSA has sufficient time for vetting of the applicant and to adjudicate an appeal or waiver, if appropriate, before the TWIC expires. However, the TWIC system programming cannot develop that capability by the time enrollment begins. 9. Fees for TWIC

      Some commenters stated that the federal government should pay for some or the entire program. The law states that TSA must collect user fees in order to fund all program operations. The federal government has a statutory obligation, therefore, to collect fees in order to pay for program expenses.

      Section 520 of the 2004 DHS Appropriations Act requires TSA to collect reasonable fees for providing credentialing and background investigations in the field of transportation. Fees may be collected to pay for the costs of the following: (1) conducting or obtaining a CHRC; (2) reviewing available law enforcement databases, commercial databases, and records of other governmental and international agencies; (3) reviewing and adjudicating requests for waivers and appeals of TSA decisions; and (4) other costs related to performing the security threat assessment or the background records check, or providing the credential. 46 U.S.C. 469. Section 520 requires that any fee collected must be available only to pay for the costs incurred in providing services in connection with performing the security threat assessment or the background records check, or providing the credential. Id.

      Some commenters said the fee was too high for dock, seasonal, and entry-level workers to pay because their income is low. TSA's fee authority, found in 6 U.S.C. 469, does not authorize TSA to adjust a fee based on the income of the applicant. Rather, Congress requires TSA to set a fee in amounts that are reasonably related to the costs of providing services.

      Many commenters were concerned about an applicant having to pay multiple fees for background checks under other programs, such as HMEs. Another commenter stated that industry had already paid for modification and sustaining TSA's Screening Gateway in the HME program, and is essentially paying twice for the Screening Gateway under TWIC. TSA has addressed these concerns in the final rule by reducing the Card Production/Security Threat Assessment Segment for applicants who have already received a comparable threat assessment from DHS, including those for credentialed merchant mariners, HMEs, and FAST card holders.

      Other commenters stated that the cost of card production and issuance fees should be separated from the information collection and threat assessment expenses. These commenters recommended that the applicant should only be required to pay for the services used: information collection and threat assessment. According to these commenters, TSA, not applicants, should fund the TSA infrastructure costs of card production, issuance and program management. Similarly, some commenters stated that only the persons who request an appeal or waiver should pay for the cost of adjudicating the security threat assessments and administering the appeal and waiver processes.

      TSA agrees that costs should be segregated when possible, and has

      [[Page 3553]]

      worked to segregate costs depending on the service provided. For example, the TSA agent will collect a fee for the services provided by its trusted agents to enroll applicants, and the services to issue replacement cards. TSA will collect a fee for the background investigations only to the extent that it conducts new investigations. TSA will collect the FBI fee only from applicants that will be subject to a fingerprint-based CHRC, not from applicants who already have undergone a comparable CHRC. Congress granted TSA broad fee authority to collect a fee for ``providing the credential,'' and ``any other costs related to providing the credential or performing the background record checks.'' This includes the costs of card production, issuance, and program management. 6 U.S.C. 469(1), (3). Moreover, sec. 469(3) specifically requires TSA to collect a fee for reviewing and adjudicating requests for appeals and waivers.

      Commenters were also concerned that fees collected would exceed the cost of implementing the system. However, under OMB guidance on user charges, TSA may charge fees only as sufficient to recover the full cost of providing the product and operating the program, and TSA has worked hard to estimate the costs of the TWIC program as accurately as possible. TSA's analyses of the appropriate costs that make up the fees in this rule include only the costs allowable by law and OMB guidance. OMB Circular A-25.

      TWIC credentials will contain numerous complex technologies to make them secure and tamper-proof. The process for obtaining a TWIC is designed to ensure that the identity of each TWIC holder has been verified; that a threat assessment has been completed on that identity; and that each credential issued is positively linked to the rightful holder through the use of biometric technology. There are also significant operational costs associated with the TSA system and program support costs.

      Pursuant to the Chief Financial Officers Act of 1990, TSA is required to review these fees no less than every two years. 31 U.S.C. 902(a)(8). Upon review, if it is found that the fees are either too high (i.e., total fees exceed the total cost to provide the services) or too low (i.e., total fees do not cover the total costs to provide the services), the fee will be adjusted. In addition, TSA may increase or decrease the fees described in this regulation for inflation following publication of the final rule. If TSA increases or decreases the fees for this reason, TSA will publish a Notice in the Federal Register notifying the public of the change.

      Some commenters stated that the fee structure would require companies to pay for a TWIC card for a high volume of seasonal workers who may be gone before their cards are issued. Other commenters were concerned that a diverse range of ``casual'' laborers, such as plumbers, office cleaning crews, vehicle mechanics, utility repairmen, entertainers, and caterers, were omitted from the TWIC population used to calculate fees. These commenters stated that having to escort so many casual laborers into secure areas was impractical and a ``hidden cost.''

      TSA derived its population estimate by determining which port workers would be most likely to need unescorted access to secure areas on a regular basis, and therefore, most likely to need a TWIC. TSA estimates that during initial rollout of the program, it will issue TWICs to approximately 770,000 workers who require unescorted access to secure areas of MTSA-regulated facilities. This approach is the product of survey and analysis work by TSA and Coast Guard personnel, using information provided by individual ports, public and private-sector data sources, interviews with sector subject-matter experts, and extrapolation from survey responses. An electrician who comes to the facility two times a year and other ``casual'' laborers may reasonably be escorted in the secure areas and thus may not need obtain a TWIC. Such workers were, therefore, not included in the population estimates.

      The final rule requires vessels, facilities, and OCS facilities to escort individuals who do not hold TWICs and enter secure areas. The preamble now provides affected entities with more guidance on how to comply with this provision and the Coast Guard plans to issue a NVIC after publication of the final rule to provide even more clarity on acceptable escort standards. The language in the preamble states that within non-restricted secure areas, operators may simply monitor individuals without TWICs, while they must accompany individuals without TWICs in restricted areas. We anticipate that this guidance will provide operators with more understanding of the requirement, and perhaps more flexibility in implementing it.

      Furthermore, we have included two new provisions that may reduce the economic burden of the requirement to provide escorts to individuals without TWICs. First, the final rule will allow facilities to submit to the Coast Guard amendments to their security plans in order to redefine secure areas. If facilities are able to redefine their secure areas in such a way as to focus on highly sensitive areas, and thereby limit the number of individuals who must enter them, then that may limit the costs associated with this requirement.

      Second, the final rule allows passenger vessels and ferries to establish employee access areas that are neither public access areas nor secure areas. In these areas employees will be able to work unescorted without a TWIC. We believe that the final rule provides vessels, facilities, and OCS facilities with enough flexibility to accommodate the many of the temporary workers that are prevalent in the maritime industry.

      Commenters inquired as to whether lifecycle costs such as yearly maintenance, card management systems, enrollment equipment and PKI certifications were included in the fee assessment. TSA's cost model does include the 5-year life cycle of the TWIC card and the associated costs of that life cycle.

      One commenter stated that some applicants will not have credit cards or bank accounts, and that TSA should accept cash. TSA is concerned that the acceptance of cash would introduce problems concerning an audit trail and the potential for fraud. Therefore, the rule requires payment by cashier's check, credit card, or money order. If an applicant does not have a credit card or bank account, he or she can obtain a money order to pay the fee. 10. Implementing TWIC in Other Modes

      The NPRM stated that TSA was considering requiring a TWIC in other modes of transportation, and invited comments. Several commenters supported this expansion. Such requests included coordination with other agencies to avoid negatively affecting mariners in later rule making processes, completion of a cost/benefit analysis to other transportation sectors, and insurance of the accurate, efficient, and reliable function of the TWIC in the maritime sector before extension to other transportation sectors. Several commenters urged that TWIC be used as a single biometric card and a single background check for the entire transportation sector. Commenters stated that duplicative credentials and clearances will still be needed because the proposed TWIC is limited to the maritime sector. A commenter noted that access control procedures may or may not differ across port facilities, airport, rail yards, and other facilities and suggested TSA invite comment on this matter.

      [[Page 3554]]

      Other commenters opposed expansion of the use of TWIC, citing burdens to industry, difficulty in translating to other transportation industries, and potential undermining of effective programs already in place. One commenter specifically opposed expansion of the TWIC program, noting that implementation problems and redundant regulatory requirements would significantly impact the propane industry. Some commenters noted that the TWIC program would create a competitive disadvantage for companies that chose to ship products via vessel versus companies with the same products that ship via air or ground. One commenter noted that current law requires a longer look-back frame for airport workers than the TWIC mandates, which would require a change in the law should TWIC be expanded to airport workers.

      While TWIC will not supplant all other credentialing or background check requirements, we are working toward reducing the redundancy in background checks to the extent practicable. For instance, the threat assessment requirements for commercial drivers who hold an HME under 49 CFR part 1572 were originally designed to comply with MTSA and to be identical to the requirements for a TWIC. Under this rule, drivers who have completed TSA's security threat assessment for an HME are not be required to undergo a new threat assessment for TWIC until their HME threat assessment expires. These drivers will be required to provide a biometric for use on the TWIC and pay for enrollment services, credential costs, and appropriate program support costs. Similarly, individuals who have a FAST card issued by CBP will not be required to undergo another security threat assessment. See 49 CFR 1572.5(e). In addition, Canadian and Mexican drivers who haul hazardous materials and who are required to have a background check similar to that required for U.S. drivers may obtain a TWIC in order to meet that requirement. See 49 CFR 1572.201.

      In the future TSA may conduct additional rulemaking to incorporate TWIC requirements into other modes of transportation.

4. Comments Related to Economic Issues

   In order to evaluate the impact of the proposed rule, TSA and the Coast Guard published a Regulatory Impact Assessment (RIA) in May 2006 in support of the TWIC NPRM. The RIA was posted to the public docket and we received public comments that addressed many aspects of the assessment.

   The majority of commenters discussed what they believe to be deficiencies or inaccuracies in our assessment. Several commenters, including individuals, businesses, government entities, and maritime trade associations, questioned some of the analytical assumptions we used to generate the cost estimates for the NPRM. In some instances, we agreed with comments, and used the information contained in them to refine the estimates for the RIA for the final rule. In other cases, we did not concur with comments on the RIA, and therefore did not use the assertions or claims in these comments to modify the assessment completed for the final rule. All comments on the original RIA were considered as part of this rulemaking effort, and have been summarized and responded to below. 1. Whether the Benefits of the Rule Justify the Costs

   Although we received many comments to the public docket that supported the security goals of the rule, many individuals and businesses cited the potentially large economic impact of the rule and stated that the costs of the rulemaking action far outweigh the benefits. Individuals and firms from various segments of the maritime transportation industry, including the passenger vessel industry, the offshore marine service industry, the inland towing industry, and others, echoed this sentiment.

   Many affected entities, especially operators on the inland waterways and small businesses, advanced a similar line of reasoning, arguing that there is not enough of a security risk to their operations to justify the measures we proposed.

   We understand that the compliance costs of the rule represent a significant investment in security for many individuals and businesses. We do not dispute that the final rule may in fact impose considerable costs on many affected entities, including small businesses. As part of the economic analysis required by E.O. 12866, we have made every attempt to include all known costs in the RIA.

   We also firmly believe, however, that the benefit of increased security to the U.S. maritime sector warrants the costs of the rule. The vessels, facilities, and OCS facilities affected by this rule represent some of the most important maritime and transportation infrastructure in the United States. Any vessel, facility or OCS facility that is regulated under 33 CFR subchapter H presents a risk of being a target of a transportation security incident, regardless of size and location, as determined by the interim final rule published by the Coast Guard in 2003 (July 1, 2003, 68 FR 39243).

   In addition to claiming that the costs of the rule do not justify the benefits, some commenters stated that it is difficult to identify any solid benefits of the proposed rule. Some commenters alleged that the benefits outlined in the NPRM and the RIA were too vague. In particular, many, including the Office of Advocacy of the U.S. Small Business Administration (SBA Office of Advocacy or Advocacy) felt that the claim made by TSA and Coast Guard that the rule would streamline commerce was not well supported in the RIA, especially in light of the potentially high cost of the rule.

   The primary benefit of the final rule is increased security to vessels, facilities, and OCS facilities covered under 33 CFR subchapter H. Under the final rule, individuals with unescorted access to secure areas of affected maritime establishments must undergo a security threat assessment and obtain a TWIC--a secure, biometric identification credential--that vessel and facility owners/operators will use to make access control decisions. The Coast Guard will conduct random spot checks of individuals' credentials.

   The security threat assessments included in the rule will increase security at vessels and facilities by identifying individuals with dangerous criminal histories and potential ties to terrorism. And the secure, biometric credentials that will be issued under the final rule will allow owners/operators and the Coast Guard to verify that individuals with unescorted access to secure areas have in fact obtained a security threat assessment. Furthermore, even without card readers, TWIC provides greater reliability than existing systems because it presents a uniform appearance with embedded features on the face of the credential that make it difficult to forge or alter. We believe these benefits, in addition to the other security benefits described elsewhere, more than justify the costs of this rule.

   In response to many comments received, we have revised the benefits section of the RIA for the final rule. Originally, the RIA for the NPRM stated that the proposal would enhance the flow of commerce by streamlining the number of credentials and access control procedures at U.S. seaports, eliminating the need for several port credentialing offices and systems, and creating an interoperable credential recognizable across the maritime

   [[Page 3555]]

   transportation environment. In their comments, many firms and individuals questioned the validity of these claims and provided specific examples that contradicted our assertions that the rule would facilitate certain business transactions.

   We found these arguments compelling enough to remove the benefits to commerce that we originally included in the RIA that we published with the NPRM. After additional analysis, we agree with individuals and firms who questioned the benefits to commerce afforded by the rule. We firmly believe that the rule still has significant security benefits, a description of which still remains in the RIA.

   A number of commenters, including Advocacy, referring to MTSA, stated that the law requires transportation security cards, not smart card readers, and that the benefits associated with these requirements do not justify the costs. Individuals and firms representing many sectors of the maritime transportation industry suggested that the requirements in the May 2006 proposal, including the card reader requirements, exceeded the statutory authority of TSA and the Coast Guard.

   MTSA provides that DHS must issue biometric transportation security cards and ``prescribe regulations to prevent an individual from entering'' a secure area of a vessel or facility ``unless the individual holds a transportation security card'' or ``is accompanied by another individual who holds a transportation security card.'' 46 U.S.C. 70105(a). It is difficult to conceive of a cost-effective method to satisfy this section of MTSA that does not require an access control device to read the biometric credential. Even assuming an argument can be made successfully that MTSA does not authorize or require the use of biometric smart card readers, TSA and the Coast Guard have broad statutory authority to assess and regulate security in the national transportation system. We believe that the provisions originally proposed in the NPRM, including the card reader requirements, fall well within the statutory authority vested in both agencies by Congress.

   As noted elsewhere, however, card reader requirements will be deferred until the readers have been piloted at 5 locations, and the public has had another opportunity to comment, as per the SAFE Port Act. As explained in other parts of this document, TSA and the Coast Guard will address technology requirements in a subsequent notice in the Federal Register. 2. Underestimated Compliance Costs

   A number of commenters felt that several of the compliance costs estimated in the RIA for the NPRM were understated. Many firms, individuals, and trade associations that commented on compliance cost estimates expressed similar concerns. These concerns are summarized and responded to below. (a). Biometric Smart Card Reader and Internet Connectivity Costs

   Several commenters stated that the cost estimates in the RIA underestimated the expense of purchasing, installing, and maintaining biometric smart card readers. Industry commenters, including facility owners/operators who participated in the TWIC Phase III Prototype, asserted that the hourly wage rates used to develop installation costs were significantly understated, as were costs for maintaining and replacing sensitive electronic equipment that tends to degrade quickly in the marine environment. Other commenters, including the SBA Office of Advocacy, expressed concerns over the availability and reliability of card reader technology. Furthermore, many commenters declared that the cost of internet connectivity necessary to comply with the rule as proposed in the NPRM was excluded from the RIA.

   Although we appreciate all comments on our analytical assumptions and cost estimates, these particular comments are no longer germane to this rulemaking because we have removed card reader requirements from the final rule. Therefore, we have also removed all card reader cost estimates from the RIA. (b). Integration With Legacy Systems

   One commenter asserted that the technical requirements included in the NPRM presented serious challenges for other affected government entities, which may have existing access control systems. This commenter claimed that TSA and the Coast Guard did not consider the integration of TWIC with other requirements, such as port authorities that operate mass transit systems or airports, in the cost estimates in the RIA. The commenter went on to state that these agencies may potentially be required to replace large legacy systems to incorporate the TWIC, and to maintain internal consistency and eliminate the expensive redundancy associated with credentialing their workers.

   We realize that some affected establishments, both publicly and privately owned, have legacy systems that may need to be replaced or modified to incorporate the TWIC process. However, most of the costs would be associated with biometric readers. Since the requirement for biometric smart card readers has been removed from this final rule, these comments no longer pertain to this rulemaking. As stated earlier, TSA and the Coast Guard will address these issues at a later time. At that time, we will reevaluate estimates, including the cost for vessel and facility owners/operators to integrate new requirements with legacy systems. (c). Administrative and Recordkeeping Costs

   Several commenters stated that we greatly underestimated the administrative and recordkeeping burdens associated with the rule as proposed in the May 2006 NPRM. Citing what they perceived to be an onerous requirement to keep ongoing records of individuals accessing secure areas, many firms and individuals felt the estimates for the recordkeeping provision to be too low.

   Moreover, many comments received from industry viewed the cost associated with developing the TWIC addenda to vessel and facility security plans as understated. In discussing the requirement that vessel and facility owners/operators must submit TWIC addenda to their security plans, many in industry opined that this task would involve several days of analysis that was not accounted for in the RIA for the NPRM.

   The final rule will not require the recordkeeping measures or TWIC addenda as proposed in the NPRM. As a result, we have removed the estimated cost of these requirements from the RIA for the final rule. If we include these requirements in a future rulemaking, we will reevaluate the cost estimates included in the RIA for the NPRM. (d). Opportunity Costs of Travel to Enrollment Centers

   Many individuals and firms stated that the travel time estimate included in the RIA was too low, thereby underestimating the opportunity cost of traveling to and from TWIC enrollment centers. In their comments, individuals and firms provided time estimates for employees to travel to enrollment centers that ranged anywhere from three hours to several days.

   Commenters who live in remote locations, such as Southeast Alaska, were particularly concerned that the estimate in the RIA did not accurately represent the cost to industry. In fact, some individuals and firms provided cost estimates for employee travel that

   [[Page 3556]]

   included estimated air fares, hotel expenses, and per diem allowances.

   We partially agree with these comments. Given the uncertainty about the specific locations of enrollment centers and where affected individuals work and live, it was extremely difficult to estimate the amount of time it would take affected individuals to travel to and from TWIC enrollment centers. Furthermore, without information of this nature, we could not determine many costs associated with air or land travel (i.e., air fares, cost of driving a privately owned vehicle, per diem allowances, etc.). For this reason, we excluded these costs from the RIA published with the NPRM, and conducted a different analysis to estimate costs.

   To calculate the opportunity cost estimate included in the RIA for the NPRM, we assumed it would take an individual, on average, one and one half hours to complete enrollment. In attempting to calculate this time estimate, we divided the total time necessary to enroll into three components: (1) Travel time; (2) enrollment time; and (3) wait time.

   To forecast total travel time, we used an estimate from the Department of Transportation on the average commute time for individuals traveling to work in privately owned vehicles, the primary means of transportation for commuters in the United States. Although clearly not a perfect measure of travel time to a TWIC enrollment center (due to lack of information outlined above), this estimate was 22.49 minutes for a one-way trip. In our total time estimate, we multiplied this number by a factor of two in order to account for travel both to and from an enrollment center.

   In order to account for the time needed for workers to enroll at the TWIC enrollment centers, we used data collected by TSA during the TWIC Phase III Prototype on the average amount of time per enrollment. This time estimate was 10.35 minutes.

   Finally, we added 30 minutes to the time estimates described above to provide for possible wait time at the enrollment center and other incidental events. These estimates, collectively, gave us an approximate total time estimate of 90 minutes, which we in turn used to calculate the opportunity costs of this requirement. We used this time estimate to calculate the opportunity cost of credential issuance, too.

   We acknowledge that this time estimate may have led us to understate the opportunity costs of this provision. For example, individuals living in remote areas may have to travel long distances in order to enroll in the program. (TSA and the Coast Guard note, however, that there may be other individuals who live and work near enrollment centers and may complete the process in less than 90 minutes.)

   Although we acknowledge that our calculation of opportunity costs in the NPRM may have underestimated the burden to some employees and employers, we have found it difficult to generate a more credible point estimate for this cost element. Some individual commenters provided us with anecdotal data on the amount of time it would take them to travel to TWIC enrollment centers, with estimates ranging from several hours to multiple days.

   However, given the fact that the final enrollment center locations were not published before the end of the comment period, we do not know how these individuals calculated their estimates. Furthermore, we believe that many of the comments submitted on this matter came from individuals who reside the furthest from major seaports and cities. Most enrollment centers are likely to be located in major seaport areas, where the majority of the affected population is likely to reside. In fact, TSA and the Coast Guard revised the original list of seaport communities slated to have an enrollment center after receiving helpful comments from various segments of the maritime industry.

   In response to these comments and all of the uncertainty surrounding this time estimate, we decided to develop a range for our cost estimate for the final rule. After reading the many comments on this matter and reviewing our previous assumptions, we concluded that this methodology provided the best way for us to address industry concerns without severely over-or understating the cost of the provision.

   To develop the range for this cost estimate, we used the time estimate of one and a half hours included in the NPRM as the lower bound and a time estimate of eight hours as our upper bound. We based the upper bound time estimate on comments received from individuals in the maritime sector. As a primary estimate, we used four hours, or half a work day. We believe this time estimate allowed us to calculate a more accurate estimate of the opportunity costs to individuals and industry. More discussion of this range can be found in the RIA accompanying this final rule. (e). Cost of Lost Labor Due to Wait Time

   Many commenters expressed concern that the amount of time to process a TWIC application would impede their ability to hire new employees. The NPRM preamble stated that facility and vessel owners/ operators must notify workers of their responsibility to enroll and that generally, owners/operators should give individuals 60-days notice to begin the process. Many commenters objected to this timeframe, referring to it as a ``60-day waiting period.'' One commenter urged TSA to dedicate additional resources to ensure the system has the capacity to handle the processing load. Other commenters believed that completing the threat assessment in less than 30 days is optimistic.

   These commenters also asserted that their operations would suffer as a result of this ``60-day waiting period,'' and that this cost was excluded from RIA. Still others asserted that the ``waiting period'' would encourage vessel owners/operators to operate in violation of the rule or force them to operate with insufficient crew, putting both employers and employees in danger.

   Moreover, several commenters, including the SBA Office of Advocacy, discussed how the ``60-day waiting period'' for a new employee to receive a TWIC puts them at a particular disadvantage for attracting seasonal labor. Enterprises operating passenger vessels were particularly concerned about this ``waiting period,'' as they asserted it would make it difficult to hire employees during the summer months, which tend to be the busiest for them.

   TSA and the Coast Guard recognize that having employees wait to obtain a TWIC before they can start work is burdensome for some businesses. We understand that businesses in the maritime sector, including large seaport terminal operators, depend heavily on temporary or ``casual'' workforces that are hired with little notice. Furthermore, TSA and the Coast Guard are sensitive to the needs of employers who primarily utilize seasonal labor to staff their facilities and vessels.

   It is important to note, however, that TSA and the TWIC program do not have a ``waiting period,'' mandatory or otherwise. Rather, TSA must adjudicate the security threat assessment of each applicant following enrollment and each case necessarily entails processing time. As a general rule, security threat assessments and issuance of a TWIC should take no longer than 30 days. In fact, in TSA's experience completing threat assessments for commercial drivers with hazardous materials endorsements, threat assessments are typically completed in less than 10 days. However, processing time increases for an applicant with a criminal history or other disqualifying

   [[Page 3557]]

   information, and is further lengthened if the applicant initiates an appeal or waiver.

   Nevertheless, to address this concern we have included in the final rule a provision that should allow employees to begin work before they receive a TWIC. First, newly hired individuals employed by affected firms can work in secure areas, including restricted areas, as long as they are escorted by an individual with a TWIC. The escort policy was proposed in the NPRM and remains in the final rule. This provision should allow many firms to make minimal adjustments to their current hiring practices, and allow many new hires to start work immediately.

   The final rule also creates ``employee access areas,'' allowing passenger vessel and ferry owners/operators more flexibility in implementing the requirements of the rule. An employee access area is a defined space within the access control area of a ferry or passenger vessel that is open to employees but not to passengers. It is not a secure area and does not require a TWIC for unescorted access. It may not include any areas defined as restricted areas in the vessel security plan. We believe that this new provision should reduce the regulatory burden on many small passenger vessels, especially those that primarily utilize and rely on seasonal labor. In fact, we believe this new policy will exclude the vast majority of seasonal employees from even needing a TWIC.

   The final rule also includes a new provision that will allow a direct hire new employee to receive limited access for 30 consecutive days to secure areas, including restricted areas, of a vessel or facility provided that the new employee passes a TSA name-based check. If TSA does not act upon a TWIC application within those 30 days, the cognizant Coast Guard COTP may further extend a new hire's access to secure areas for another 30 days. This new policy, which TSA and the Coast Guard developed as a result of comments on the NPRM, is intended to give owners/operators the flexibility to quickly grant new employees who do not yet hold a TWIC access to secure areas. In order to ensure ample security for vessels and facilities, though, there are certain requirements that owners/operators and TWIC applicants must meet under the new provision. These requirements are described elsewhere in this document and in the regulatory text.

   By clarifying commenters' misconceptions regarding the ``waiting period,'' and including the new policies described above, we believe the final rule allays several concerns expressed by firms and individuals in the maritime sector. For this reason, we did not include additional cost estimates to account for lost labor attributable to the ``waiting period'' for a TWIC. (f). Appeals and Waivers

   One industry association expressed concern about the cost estimate TSA and Coast Guard included in the RIA for the NPRM to account for applicants to file appeals or waivers with TSA. In arguing that the cost estimate was understated, this association stated that the proposed rule only includes the time preparing correspondence, but a more accurate assessment would include lost wages while the application is being reconsidered.

   Although an individual may not receive unescorted access to secure areas while awaiting the determination of an appeal or waiver request, there is nothing in the final rule that would prohibit such an individual from working in a secure area while under the supervision of a credentialed escort. For this reason, we did not include a cost estimate for lost wages while considering this requirement. TSA and the Coast Guard did, however, include cost estimates for employers to provide employees and visitors with escorted access in the RIA. (g). Cost To Provide Real Estate to Enrollment Providers

   A commenter stated that TSA and Coast Guard assume that port facilities will provide space and utilities for enrollment centers, but that the RIA does not account for the direct and opportunity costs for these facilities.

   The NPRM did not propose, and the final rule does not require, maritime facilities to supply enrollment providers with space to conduct operations. We therefore did not include this cost in the RIA. (h). Escorting Costs

   Several commenters stated that TSA and the Coast Guard underestimated the cost of complying with the escorting requirements that were proposed in the NRPM. Commenters felt that the escorting requirement would be too burdensome in terms of manpower--several stated that they would need to hire additional personnel--and additional operating costs. Many commenters stated that TSA and the Coast Guard did not take into consideration temporary workforces utilized by many maritime facilities and vessels, which would require escorts when developing this provision. Furthermore, many of these commenters interpreted the definition to require the physical presence of one escort for each individual without a TWIC at all times while in a secure area. Some of these commenters provided examples of situations where the requirement would be too burdensome. For example, one port authority stated that it typically has over 100 temporary workers on site that would require escorts.

   We agree with these comments, in part, in regard to the statement that the cost estimates for affected entities to comply with this provision of the rule may have been understated in the RIA. However, we also believe that many affected firms and individuals have misconceptions about what the provision requires of vessels, facilities, and OCS facilities.

   As proposed in the NPRM, the escorting requirement is a performance standard rather than a strict definition. After analyzing many comments, we believe some affected individuals and firms may have misinterpreted our intent with respect to this requirement. Therefore, we recognize that some guidance is needed. As discussed elsewhere in this final rule, we expect that, when in an area defined as a restricted area in a vessel or facility security plan, escorting will mean a live, physical escort. Whether it must be a one-to-one escort, or whether there can be one escort for multiple persons, will depend on the specifics of each vessel and/or facility. The Coast Guard will provide additional guidance on what these specifics might be in a NVIC. Within non-restricted secure areas, however, such physical escorting is not required, as long as the method of surveillance or monitoring is sufficient to allow for a quick response should an individual ``under escort'' be observed in an area where he or she has not been authorized to go or is engaging in activities other than those for which escorted access was granted.

   With this understanding of the requirement in mind, we estimated in the NPRM that maritime facilities would need 240 additional labor hours on an annual basis in order to comply with this requirement. We did not report compliance costs for this requirement for vessels or OCS facilities and in retrospect, we believe this was an oversight.

   In attempting to estimate compliance costs for the NPRM and the final rule, we found that the uncertainty surrounding how affected entities would implement this requirement made it difficult for us to develop accurate compliance cost estimates. Further, the final rule contains several provisions aimed at providing affected entities with regulatory flexibility,

   [[Page 3558]]

   which increases the level of uncertainty in our analysis.

   For example, facilities may now submit amendments to their security plans in order to redefine their secure areas to those portions of their facility involved in maritime transportation or at risk of a transportation security incident. By decreasing the size of their secure areas, firms could limit the number of individuals who need a TWIC, and also decrease their escorting compliance costs.

   Also, the final rule creates ``employee access areas'' that, as described above, are defined spaces within the access control areas of ferries or passenger vessels that are open to employees but not to passengers. These areas are, by definition, not secure areas and do not require a TWIC for unescorted access. The areas may not include any areas defined as restricted areas in the vessel security plan. This provision, we believe, could provide flexibility to vessels that would otherwise incur high costs to provide employees with escorts.

   The final rule also allows owners/operators to provide new employees with limited access to secure areas for 30 consecutive calendar days (and may be extended an additional 30 days at the discretion of the cognizant Coast Guard COTP). Although this provision, in an effort to balance security with commerce, contains certain restrictions, we believe it also may help to limit escorting costs associated with physical accompaniment within restricted areas.

   Finally, the provision for passenger access areas, which we originally proposed in the NPRM for passenger vessels, remains in the final rule and provides flexibility for owners/operators offering marine services to passengers. MTSA requires that no one be given unescorted access to secure areas unless they carry a TWIC. To ensure that passenger vessels do not have to require passengers to obtain TWICs or escort passengers at all times while on the vessel, the rule creates the ``passenger access area,'' allowing vessel owners/operators to carve out areas within the secure areas aboard their vessels where passengers are free to move about unescorted. This should also reduce escorting costs.

   We believe that the provisions listed above should give owners/ operators flexibility to follow the requirements of the rule, including the escorting requirements, without causing undue economic harm. In particular, we believe the rule now allows for regulatory flexibility when it comes to ensuring that facilities and vessels can continue to utilize temporary workforces without incurring high compliance costs.

   Even though the rule now provides flexibility for owners/operators with respect to the escorting requirement, we have decided to increase our initial compliance cost estimates for this provision. We concluded that our initial estimates, in light of the helpful comments we received during the public comment period for the NPRM, most likely understated the cost of complying with this provision. The new estimate for the final rule will include compliance costs for vessels and OCS facilities, which we excluded in the NPRM. We have also concluded that a range of compliance cost estimates for this requirement would be more appropriate than a single point estimate, given the several ways in which owners/operators can now minimize their risk of incurring high escorting costs. The adjusted cost estimates are described in more detail in the RIA. (i). Costs for Redundant Credentials

   One employer stated that it already paid fees for employees to obtain port identification credentials. In addition to the fees, the employer commented that it incurred costs while employees took time off from work to obtain the credentials. This commenter asserted that employees will continue to be issued their respective port identification credentials. For example, employees will have to register with all the ports they frequent and pay local administrative costs to be placed on additional port or terminal rosters. This commenter implied that the cost of this redundant process was not accounted for in the RIA.

   We realize that the cost of compliance from port to port will vary and that there may be local requirements for personnel to obtain identification credentials other than the TWIC. Private firms are free to create their own credentialing systems and it is beyond the authority of TSA or the Coast Guard to preclude a private company from issuing its own identification card.

   However, the TWIC is a unique credential in so far that it provides owners/operators with a means to confidently assess the risk posed by an individual seeking unescorted access to a secure area of a vessel or facility. The distinctive security threat assessment completed by TSA on each TWIC applicant is not replicated by other public sector (e.g., port authorities) or private sector credential providers. Accordingly, we do not believe that the TWIC is a redundant credential. In the RIA for the final rule we have accounted for all costs associated with producing and issuing the TWIC. Additionally, we do not agree that all currently existing port credentials will continue to be required once TWICs are issued and being utilized. We believe that some port authorities and other providers of identifications will eliminate separate credentialing requirements and rely instead upon the TWIC and the security threat assessment done by TSA. (j). Costs to Shipbuilders

   An association of shipbuilders asserted that the NPRM represents a redundant regulatory burden for shipyards. The association noted that many shipyards already comply with DOD security plan regulations, and that these standards, in many instances, provide greater security than the provisions proposed in the NPRM. In its comment to the public docket, the association suggested that such shipyards should be exempt from the requirements of the rule.

   Along with other individual shipbuilding companies, the association also expressed concern with several of the assumptions used in the cost estimates for the NPRM. In particular, the association articulated its concern about the population estimate--it stated that a conservative estimate for the number of affected individuals employed at the six shipyards that are members of this particular organization, which include vendors, shipyard employees, and contractors, would exceed 200,000.

   In addition, this organization averred that the estimates for most direct and indirect costs of the rule were severely understated. Many of these costs would be pushed onto U.S. taxpayers in the form of higher costs for ships purchased by the U.S. government, including the Coast Guard.

   TSA and the Coast Guard are aware that many shipyards must comply with Department of Defense security regulations that govern identification credentials, facility security plans, and other provisions intended to augment U.S. maritime security. However, we do not believe that this rule will affect all shipyards; therefore, we disagree that we have significantly underestimated the shipyard population.

   If a shipyard falls within the applicability of the MTSA regulations and is required to submit a facility security plan under 46 U.S.C. 70105, then any individual requiring unescorted access to a secure area is required to have a TWIC. We note, however, that shipyards are specifically exempt from 33 CFR part 105 applicability (see 33 CFR 105.110(c)), and would only fall under the facility

   [[Page 3559]]

   security regulations if the shipyard is subject to a separate applicability requirement, such as being regulated under 33 CFR part 154, the oil/hazmat in bulk requirements.

   For the reasons stated above, we do not believe that all shipyards will fall under the requirements of the final rule, and therefore disagree that the number of shipyard employees that would need to obtain a TWIC would exceed 200,000. In our population estimate, we calculated that 55,000 individuals working in this industry would initially be affected by the rule, and we continue to believe this is an accurate estimate. Moreover, outside of our shipyard population estimate, we included estimates for contractors/others and site management/administration, two population segments that most likely have some presence in U.S. shipyards.

   With respect to understated or omitted cost estimates, TSA and the Coast Guard have made a number of changes to the final rule that should allay some of the concerns expressed by the shipbuilding industry and other shipbuilders. In the RIA for the final rule, we have also adjusted some assumptions and cost estimates to reflect comments received from various sectors of the maritime industry. We have discussed these changes elsewhere in this section and in the RIA. As for increased costs to the U.S. government, we did not have enough information to make a judgment on this assertion. (k). Rule Will Exacerbate Industry Labor Shortages

   Many commenters mentioned that the labor force in the maritime industry is strained, and that the requirements of the final rule, including the security threat assessment standards and user fees, will only intensify the problems associated with a tight labor market. Many firms, concerned about the fee requirements and the security threat assessment standards, believed the rule will give many prospective employees a disincentive to work in the maritime industry. Several commenters also noted that existing employees may not apply for a TWIC due to the security threat assessment.

   TSA and the Coast Guard understand that many segments of the maritime transportation sector are experiencing labor shortages. We also believe, however, that the lack of capable employees in many areas of the maritime industry is a function of factors outside the control of TSA or the Coast Guard.

   Nevertheless, the final rule may have an impact on some labor markets. TSA and the Coast Guard concur that some individuals--due to the user fees, security threat assessment standards, or other factors-- may no longer seek employment at businesses regulated by 33 CFR subchapter H. Short of speculating on this effect, however, we have no way of quantifying the impact to labor markets. In our research, we found no data or information that would have allowed us to measure the potential effects on the labor market of the rule, and commenters did not provide specific data with respect to this issue.

   To the extent possible, though, we have drafted the final rule so that it would not adversely affect the supply of labor in the maritime transportation sector. We needed to balance this effort, of course, with the primary security objectives of the rule. The following amendments to the final rule, we believe, will help ease the effect of the regulation on the labor supply:

   Expanding the group of non-U.S. citizens who meet the immigration standards to include foreign nationals who are students at the U.S. Merchant Marine Academy or comparable State school; commercial drivers licensed in Canada or Mexico transporting hazardous materials into and within the U.S.; citizens of Canada or Mexico who are in the United States to conduct business under a NAFTA visa; and a variety of professionals and specialists who work in the U.S. maritime industry on restricted visas;

   Enlarging the response time for applicants to appeal an adverse determination, correct an open criminal disposition, or apply for a waiver from 30 or 45 days to 60 days;

   Expanding the group of applicants eligible to apply for a waiver after being disqualified because of mental incapacity;

   Including a provision for passenger access areas, as proposed in the NPRM;

   Adding a provision for employee access areas on passenger vessels and ferries;

   Allowing facilities to submit amendments to their security plans in order to redefine their secure areas; and

   Allowing new employees who have applied for a TWIC to receive limited access to secure areas for 30 consecutive calendar days (which may be extended an additional 30 days by the cognizant Coast Guard COTP if TSA has not acted upon the TWIC application in the initial 30-day period).

   TSA and the Coast Guard have concluded that these provisions both achieve greater security in the maritime sector and mitigate potential adverse impacts to affected labor markets. (l). Rule Will Increase Congestion and Delays at Maritime Facilities

   Some commenters stated that the rule would increase delays and congestion at port terminal access points across the country, thereby increasing logistics and shipping costs. One association representing large domestic and international carriers, as well as stevedores on the West Coast, stated that it was concerned about cargo backups, congestion fines, and late starts that may result from faulty access control system hardware or software that may not withstand the rigors of the marine environment. These costs, the association noted, were excluded from the RIA for the NPRM.

   We agree with these commenters that costs associated with congestion, delay, and late starts were not included in the RIA for the NPRM. TSA and the Coast Guard understand that anything that impedes the efficient delivery of waterborne cargo may impose a cost on affected entities and the U.S. economy. At the time of publication of the NPRM, we did not have any data that would have allowed us to estimate the proposed rule's impact on the logistics of waterborne and inland cargo movement.

   As stated above, the final rule will not require vessels, facilities, and OCS facilities to use the TWIC in concert with biometric smart card readers at access points. The rule instead mandates that all persons seeking unescorted access to secure areas must present their TWIC for inspection before being granted unescorted access.

   Individuals seeking unescorted access to vessels, facilities, and OCS facilities are currently required to show a form of identification as stipulated by 33 CFR subchapter H. Since the final rule requirement simply replaces the current acceptable identification with a TWIC, the rule should not cause any significant delays at facilities or other locations in the maritime transportation sector. Random checks of credentials conducted by the Coast Guard are not expected to cause delays. Furthermore, this change to the proposed rule should not require facilities to establish covered pull-over lanes for trucks seeking to enter their secure areas, as suggested by some commenters. For these reasons, we have excluded these costs from the RIA for the final rule. (m). Decreased Competitiveness of Regulated Firms

   Some firms that deal in international markets stated that they would be at a unique disadvantage under the rule while attempting to compete with

   [[Page 3560]]

   foreign businesses. This theme was presented by international ferries in the Pacific Northwest and repeated by offshore supply vessels operating in the Gulf of Mexico.

   Firms that deal solely domestically also commented that the rule would hamper their efforts to compete in markets occupied by businesses not regulated by 33 CFR Subchapter H. Both groups of commenters asserted that TSA and the Coast Guard failed to account for this decrease in competitiveness and corresponding costs in the RIA.

   In some markets, the cost of compliance with the final rule may raise some firms' operating expenses and therefore impede their ability to successfully compete with foreign or domestic competitors not subject to the rule. We believe, as previously stated, that the costs are justified by the increased level of security provided by rule. Without data or other information about this potential effect, we could not quantitatively measure it.

   However, we also believe that the final rule includes provisions, especially for passenger vessels and ferries, which should allay commenters' concerns about compliance costs and competitiveness. As stated above, new provisions for passenger access areas, employee access areas, and new employees may decrease compliance costs. Also, for certain facilities, the ability to redefine secure areas may decrease the costs of complying with the rule.

   International ferries stated that they are suffering from regulatory exhaustion and cannot pass regulatory compliance costs onto their customers.

   As stated above, we understand that this rule may impose significant impacts on ferry operators. We have attempted to estimate these impacts to the best of our ability. The final rule contains new provisions that should provide passenger vessels, including ferries, with some flexibility in complying with the rule. This regulatory flexibility may also decrease compliance costs for affected firms.

   The provisions for employee and passenger access areas, as described above, were designed to help passenger vessels, including ferries. Also, the provision that allows new employees to receive limited access to secure areas for 30 consecutive days should also decrease concerns about adverse impacts on firms that use seasonal employees.

   Commenters from the passenger vessel industry stated that costs would decrease their competitiveness because they are competing against non-marine companies that would not incur regulatory costs. This industry also noted its reliance on seasonal hires may put it at a unique disadvantage when trying to attract labor.

   TSA and the Coast Guard recognize that firms in the passenger vessel industry will incur costs under the final rule that some of their competitors may not incur, and that this may decrease their competitiveness. To the best of our ability, we have attempted to accurately estimate compliance costs to all affected entities. However, lack of data on unique markets and firms has made it impossible for us to predict any effects on competitiveness.

   We also realize that this final rule presents unique challenges for industries that rely predominately on seasonal workers. As discussed in this section, TSA and Coast Guard have included provisions in the final rule to give these industries flexibility in complying with the rule. For example, the final rule allows ferries and passenger vessels to designate employee and passenger access areas. An employee access area is a defined space within the access control area of a ferry or passenger vessel that is open only to employees whose employment is solely related to passenger service and/or entertainment. It is not a secure area and does not require a TWIC for unescorted access. Passenger access areas were created to ensure that passenger vessels do not have to require passengers to obtain TWICs or escort passengers at all times while on the vessel.

   Furthermore, affected entities will now be allowed to give new employees limited access to secure areas for 30 consecutive days, provided the employees have applied for a TWIC and meet the provision outlined in more detail in the regulatory text. This may be extended an additional 30 days by the cognizant Coast Guard COTP if TSA does not act upon the individual's TWIC application within the original 30 days. We believe these provisions will help employers that utilize seasonal employees. (n). Increased Prices for Consumer and Producer Goods and Service

   Some commenters asserted that the rule would increase the price of goods moved by firms in the maritime transportation sector, and that this cost was excluded from the RIA.

   Although we think this effect is highly unlikely given the amount of competition in the transportation marketplace, we agree that it could happen in some markets because transportation costs can affect wholesale and retail prices. However, many other factors, such as consumer demand, also affect prices. Commenters did not provide detailed data on specific goods and markets. Due to lack of data on individual markets, we did not attempt to quantify this effect in the RIA for the final rule.

   Another commenter stated that the costs of the rule will extend to security personnel and other contractors, who will pass this cost on to their customers, and that this cost was excluded from the RIA.

   As stated above, we realize that the cost of compliance may be passed on to customers in some markets. However, prices for goods and services are determined by myriad factors, including factors other than firms' operating costs.

   Regulated vessels, facilities and OCS facilities operate in a number of markets and we could not determine which firms would be able to pass compliance costs on to customers. We therefore did not attempt to quantify this potential effect in the RIA. (o). Additional Recruiting Costs

   Many employers commented that the rule would increase their hiring costs and that this burden was excluded from the RIA. For example, some firms noted that they would need to pay application fees for prospective employees and that they might have to offer more incentives to attract new staff members.

   TSA and Coast Guard agree that employers in markets where the supply of labor is very tight may incur some additional hiring costs. For example, some employers may find that they will have to pay the TWIC user fees for new employees. In other industries, however, this may not be true. Due to this uncertainty, we did not quantify this potential burden to employers in the RIA. (p). Decreased Productivity

   Some commenters asserted that the rule would decrease employee and employer productivity and that this cost was not included in the cost estimates in the RIA. Specifically, one commenter stated that the rule would impose a negative, one time productivity shock on the maritime industry while firms and individuals adjust to new access control procedures and other requirements.

   Although we concur that some firms could suffer decreased productivity under the rule, we encountered difficulty when trying to gauge this potential effect of the rule on affected vessels, facilities and OCS facilities. Even though some commenters claimed productivity would suffer as a result of the rule, we did not receive any quantitative estimates of this effect;

   [[Page 3561]]

   therefore, we did not attempt to quantify this impact in the RIA for the final rule.

   Moreover, we believe that industry commenters were most concerned about the effect on productivity that would result from profound changes to many current physical access control systems (i.e., smart card readers) that would have been necessary under the requirements of the NPRM. Because this final rule does not require smart card readers, this concern should be mitigated to some extent. 2. Economic Impact of Secure Area Definition

   The SBA Office of Advocacy, as well as several other commenters noted that TWIC may be a costly rule for the maritime industry to absorb. In particular, many facilities noted that the costs of the rule are largely driven by the secure area definition. Some facilities were confused about this definition and requested more guidance.

   As stated above, we understand that there is some confusion about the definition of a secure area. A secure area is now defined in the final rule as the area onboard a vessel or at a facility or OCS facility over which the owner/operator has implemented security measures for access control in accordance with a Coast Guard approved security plan. It does not include passenger access areas, employee access areas, or public access areas, as those terms are defined in Sec. Sec. 104.106, 104.107, and 105.106, respectively, of 33 CFR subchapter H. Facilities subject to part 105 of this subchapter may, with approval of the Coast Guard, designate only those portions of their facility that are directly connected to maritime transportation or are at risk of being involved in a transportation security incident. We believe the final rule now provides a clear definition of secure area and that it affords facilities with some flexibility that may ultimately decrease compliance costs. 3. Economic Impact of TWIC User Fees (a). Fees Are Too High and Will Adversely Impact Employees in the Maritime Industry

   Many commenters asserted that the user fees proposed in the NPRM would negatively impact already financially strapped individuals in the maritime workforce. Employers in particular were concerned about individuals' ability to pay the fees, and the effect this could have on the labor force.

   We understand that the fees associated with the credential represent a significant investment in security for many individuals and/or businesses. Furthermore, the opportunity cost for individuals to travel to and from enrollment centers also represents a cost to industry and individuals.

   The fees associated with obtaining a TWIC represent the cost to TSA of providing all services--including enrollment, security threat assessments, issuance, and the TSA system--related to the credential. TSA cannot meet its statutory mandate without delivering these services, and it cannot deliver these services without collecting user fees. By law, TSA is responsible for collecting user fees to cover the costs of all TWIC program operations. Section 520 of the 2004 DHS Appropriations Act requires TSA to collect reasonable fees for providing credentialing and background investigations in the field of transportation.

   During the course of the rulemaking, we contemplated giving a discount on certain fees to employees working at small businesses and other subsets of the population. After careful analysis, we determined that this would not be feasible. First, TSA's fee authority found in 6 U.S.C. 469 does not authorize TSA to adjust a fee based on the income of the applicant. Second, it would be difficult for TSA and the Coast Guard to credibly distinguish individuals working in different segments of the industry.

   Where possible, we have made provisions in the rule to ensure that individuals do not pay for redundant criminal history records checks. Furthermore, TSA and the Coast Guard have made every effort to ensure that the fees only cover the cost to TSA of delivering program services. In an effort to make certain that the level of user fees collected by TSA does not exceed the total costs of the program, TSA and the Coast Guard, pursuant to the Chief Financial Officers Act of 1990 (31 U.S.C. 902(a)(8)) will review fees at least every two years.

   In addition to taking these steps, the Coast Guard is proposing to combine the number of credentials that mariners are required to carry under Title 46 of the CFR, and to remove the requirement for mariners to travel to a Regional Examination Center (REC). This would reduce the financial burden to mariners as they would only be required to pay one application fee of $45. Mariners would no longer be required to travel to one of 17 RECs unless they need to actually sit for an exam. This would bring significant savings to this population, as many mariners currently have to travel long distances to attain their seafaring credentials. (b). Responsibility for Credential User Fees and Compliance Costs of the Rule

   A number of commenters stated that the Federal government should pay for some portion of the program. In their comments, many firms and individuals noted that the goal of increased security in the United States is a common one, shared broadly by individuals in all parts of the country, and that the cost of providing such security should be borne by all U.S. taxpayers.

   As stated above, the law states that TSA must collect user fees in order to fund all program operations. The Federal government has a statutory obligation, therefore, to recover program expenses through fees.

   Commenters stated that employers, not applicants, would bear the cost of TWIC user fees. Many industry trade associations and individuals businesses asserted that many employees, especially those with lower incomes, would rather work in other industries than pay the user fees. The burden of covering such fees, therefore, would fall on employers.

   TSA and the Coast Guard agree that some employers may pay the TWIC user fees for their employees, although this is not a requirement of the rule. Unfortunately, we have no way of knowing which companies will have to bear the cost of obtaining a TWIC and which companies will require their employees to absorb the cost. Commenters did not provide specific data to substantiate the claim that employees would seek work in other industries rather than pay the fee to obtain a TWIC. Therefore, we did not attempt to estimate this distributional impact in the RIA for the final rule, although we did account for the total cost of this provision. 4. Comments on Estimated Population (a). Analysis Omitted Populations

   Several commenters stated that TSA and the Coast Guard omitted several maritime populations in the RIA for the NPRM. Specifically, a trade association representing U.S. port authorities stated that many port operations rely on temporary workforces, and that many casual laborers are given visitor or temporary passes to allow access. This commenter claimed the size of this casual labor force can be significant. It is concerned about their omission in the rule and questions how much consideration TSA and the Coast Guard gave to these workers. The trade association also noted that while these workers are usually supervised to a certain degree, the proposed rule would

   [[Page 3562]]

   likely still require them to obtain a TWIC or a credentialed escort.

   As previously stated in this section, TSA and the Coast Guard believe that the final rule provides enough flexibility to allow business owners to accommodate temporary workers without incurring high costs. Certain facilities operating in the maritime environment will be allowed to submit amendments to their security plans in order to redefine their secure areas. We also believe, as the trade association alluded to in its comment, that many of the individuals in the casual workforce usually receive some sort of oversight during their time of employment in the maritime industry. Although circumstances are unique to each facility and vessel, TSA and Coast Guard believe that many operations, while employing ``casuals'' may already meet the escort requirement of the final rule while employing casuals. This would preclude these individuals from having to obtain a TWIC. For this reason, we did not adjust the population estimate included in the RIA to account for additional temporary workers.

   The Edison Electric Institute, the American Public Power Association, and the National Rural Electric Cooperation Association commented that TSA does not appear to have included the 30,000 utility employees who could be subject to the rule. Furthermore, they stated that utilities generally are not in the business of transportation and therefore should not be subject to the rule.

   TSA and the Coast Guard recognize that certain facilities regulated by 33 CFR part 105 may have only a small nexus to transportation. For this reason, we have included in the final rule a provision to allow facilities to submit amendments to their security plans that would allow them to adjust the definitions of their secure areas. This would ensure robust security within sensitive transportation areas. For this reason, we did not adjust our population estimate to include employees in the utilities industry.

   The requirement that all individuals needing unescorted access to secure areas of 33 CFR subchapter H-regulated facilities would bring into the nexus of transportation workers a plethora of individuals that some commenters believe TSA has not properly accounted for in its estimate of 750,000 affected individuals.

   One particular trade association representing the fertilizer industry anticipates delivery personnel, such as Federal Express, United Parcel Service, and the United States Postal Service employees; general contractors, such as plumbers, vehicle mechanics, builders; chemical distributors; college interns; office cleaning crews; food service personnel; utility repairmen and utility/pipeline personnel with right-of-way on facility property to require intermittent access to secure areas of regulated facilities. Because the amount of personnel needing access to a facility is well beyond the nexus of transportation that TSA and the Coast Guard account for in the NPRM, this trade association believes the population estimate needs to be re- examined and proposed again for review as an NPRM.

   We fully understand that a number of individuals working in a wide array of occupations would be affected by the final rule. While conducting research to formulate the estimated population, TSA and the Coast Guard examined a number of industries that provide services to affected vessels, facilities, and OCS facilities, such as general contractors, delivery personnel and the like.

   In the population estimate included in the RIA for the NPRM, TSA and the Coast Guard estimated that the rule would impact 70,000 contractors and other personnel in the maritime industry. We believe that the occupations listed above by the commenter are included in this estimate; therefore, we did not change the population for the final rule in response to this comment.

   One commenter asserted that the rule has an overly expansive scope that is unrelated to the actual risk posed by certain personnel, such as grain elevator personnel, truck drivers and rail carriers delivering inbound grain.

   TSA and the Coast Guard firmly believe that all vessels, facilities, and OCS facilities covered by 33 CFR subchapter H are critical maritime assets that are at some risk of being involved in a transportation security incident. Therefore, we believe all personnel with unescorted access to secure areas of these regulated entities should receive a security threat assessment and a TWIC.

   An association representing passenger vessels stated that there are probably tens of thousands of vessel wait staff, entertainers, supporters, suppliers, caterers and other persons, who are not identified in the population estimate in the RIA.

   We agree with this particular association that some of the entertainers, caterers, and wait staff employed in the passenger vessel industry were most likely not captured in our population estimate in the RIA for the NPRM. This is because we intended for the ``passenger access area'' provision, included in the NPRM, to cover these individuals. Upon reviewing the comments, we determined that many of these individuals would need access to additional areas of the vessel that are not open to passengers and therefore not covered by the ``passenger access provision.'' However, rather than add them in to the population estimate, we added the ``employee access area'' provision, which should preclude entertainers and wait staff, as well as other personnel with only a tangential connection to transportation, from having to obtain a TWIC.

   The categories of personnel as ``contractor/other'' and ``vessel operation/port support,'' which are included in the population estimate, likely include the other personnel mentioned by this association, namely the supporters and suppliers. We believe the total population excluded from our initial estimate is far less than the tens of thousands asserted by the passenger vessel industry association.

   One commenter stated that the 204,835 mariners that TSA and the Coast Guard estimated would be impacted by the rule in the RIA accounts for credentialed mariners, but omits non-credentialed mariners.

   We agree that the approximately 205,000 mariners estimated in the RIA only accounts for credentialed mariners. However, we believe the other mariners that are not required to carry a mariner credential under the existing Coast Guard regulations were included in other areas of our population estimate. For example, in our research on the affected population, we accounted for workers in such categories as vessel operations and port support; barge operators; and offshore liquid bulk. Although we did not specifically calculate the number of mariners without existing credentials, we nevertheless believe they were captured in our population estimate. The comments that we received from industry contained no specific information on this matter, and therefore, we did not adjust our population estimate in response to this comment.

   The Owner Operator Independent Drivers Association (OOIDA) asserted that between 500,000 and 1,000,000 truckers access the ports, regularly or occasionally. The association asserted that this population was underestimated in the RIA.

   TSA and the Coast Guard value the concern expressed by the trucking trade association about our estimate for the number of commercial truck drivers accessing facilities regulated by 33 CFR subchapter H. While estimating the number of port truckers in the NPRM,

   [[Page 3563]]

   TSA and Coast Guard contacted many subject matter experts and analyzed numerous sources of public data. We found no consensus on the number of truckers regularly accessing facilities affected by this rule. We have, however, adjusted our initial NPRM estimate of affected commercial truck drivers.

   After publication of the NPRM, it came to our attention that we may have excluded some foreign commercial truck drivers who operate out of Canada and Mexico. In order to correct this oversight, we have increased our total population estimate by 20,000--to 770,000 from 750,000 to account for this segment of the trucking industry.

   Although this upward adjustment to our population estimate may address some of the concerns raised above, TSA and the Coast Guard can find no data to support the claim made by OOIDA that there are between 500,000 and 1,000,000 commercial truck drivers accessing regulated facilities on a regular basis. We note that the facilities covered by this rule represent a fraction of the total maritime facilities operating in the United States, and that the organization provided no specific information about the source of its data used to support its assertion. For these reasons, we have not modified our population estimate beyond the final estimate of 770,000. (b). Estimates of Employee Turnover for Population Are Too Low

   Several commenters stated that the assumed employee turnover rate of 12 percent in the RIA for the NPRM was too low. The extreme employee turnover rates in various segments of the maritime industry, they noted, would make total compliance costs significantly higher than those estimated by TSA and the Coast Guard. Table 5 displays estimates of turnover rates provided by various commenters.

   Table 5.--Turnover Rate Estimates by Commenters

   Turnover Industry

   estimate (percent)

   Passenger Vessel...........................................

   70 100 200 50-150 60 100 50-75 70-100 >150 100 200 Inland Waterways...........................................

   >50 30-40 20-135

   Casino.................................................

   20-40 28

   Trucking...............................................

   130

   TSA and the Coast Guard understand that many firms operating in the maritime industry experience a high level of employee turnover on an annual basis. We concur with many commenters that this is especially true for trucking firms and enterprises that rely heavily on seasonal labor (particularly passenger vessel operators conducting business on the inland waterways).

   In attempting to estimate the number of enrollments over the 10- year period of analysis, we focused on utilizing an industry-level estimate for employee turnover, not a firm-level estimate. Namely, we were interested in the rate at which individuals enter and exit the affected industry or industries--not the rate at which they enter and exit unique firms or establishments. This is because an individual who moves from one covered employer in the maritime industry to another covered employer would not need a new TWIC, although such a labor shift would be counted in firm-level turnover estimates. Had we used a firm- level estimate, such as those provided above, we would have overestimated the number of enrollments; we would have, in essence, double counted. We did not receive any comments on industry-level employee turnover rates and, therefore, have not adjusted our estimate of 12 percent in the RIA. 5. Other Economic Comments

   One commenter stated that there is a concern about TSA's ability to process applications under the TWIC rulemaking. The commenter was concerned that the number of applications may be far more than TSA and Coast Guard estimates, that system overloads may cause long delays before tight deadlines, and that the possibility for administrative mistakes is enormous.

   TSA and the Coast Guard will do everything within their authority to ensure that there are sufficient resources to process all applications submitted to TSA under this rule. Furthermore, procedural safeguards, including new redress processes, will minimize the number of administrative oversights.

   Comments submitted by the SBA Office of Advocacy stated that the rule may deter community residents from participating in local security committees, such as the AMS Committees maintained under 33 CFR subchapter H. In many instances, the SBA Office of Advocacy noted, local community residents often provide the greatest protection against security threats because they are most familiar with operations on the ground, and can easily detect anomalies that would indicate a security threat. By deterring these individuals from participating on AMS Committees, the SBA Office of Advocacy questioned whether the rule would do more harm to security than good.

   The purpose of this final rule is certainly not to deter individuals from participating in the AMS Committees (other local security organizations would not be subject to the final rule). We recognize the value of these organizations in securing critical U.S. maritime assets, and we agree that, in many instances, local residents are often best qualified to identify suspicious activities and threats. Nevertheless, we also firmly believe that individuals who are members of such organizations should be vetted using security threat assessments in order to ensure that they do not pose a security threat to vital areas of the U.S. maritime transportation sector.

   In order to counteract this potential deterrent effect, we changed the requirements in the final rule to ease the burden on AMS Committee members and participants of other local security organizations. The final rule states that AMS Committee members must do one of the following: Receive a name-based threat assessment from TSA, obtain a TWIC, or have passed a comparable security threat assessment, as determined by the FMSC (who is also the Captain of the Port). 6. Impacts to International Trade

   Some commenters stated that the rule would have a negative impact on international trade, and that this cost was not accounted for in the RIA.

   TSA and the Coast Guard understand that some isolated international markets may be impacted by the final rule. In light of comments received on the public docket, TSA and the Coast Guard acknowledge that the rule could have an impact on international trade. By raising the operating expenses of some firms that engage in international business, the rule could potentially increase the price of goods and services, thereby affecting the flow of commercial transactions across international

   [[Page 3564]]

   borders. However, we think this is unlikely given the amount of competition in many international markets. Furthermore, the prices of goods and services are determined by many factors other than firms' operating costs. We have no information or data that would allow us to estimate this potential effect, and commenters did not provide any specific information with respect to this impact. 7. Comments on the Initial Regulatory Flexibility Analysis

   In order to evaluate potential impacts to small entities, as defined by the Regulatory Flexibility Act (RFA) and the SBA Office of Advocacy, TSA and the Coast Guard published an Initial Regulatory Flexibility Analysis (IRFA) in May 2006 in support of the TWIC in the Maritime Sector NPRM. We received several public comments that addressed many facets of the IRFA. As part of this final rulemaking effort, we have summarized and responded to all substantive comments. (a). The Rule Imposes a Significant Burden on Small Entities and Does Not Meet the Requirements of the Regulatory Flexibility Act

   Many commenters, including Advocacy, claimed that the rule imposes a significant burden on small entities as defined by the RFA and that the agencies did not complete an accurate analysis of the impacts of the rule on small entities. Other commenters said that small entities, especially vessels, do not need the level of equipment proposed in the rule for security.

   In the IRFA published with the NPRM, TSA and the Coast Guard did not make a determination about whether the NPRM would have a significant economic impact on a substantial number of small entities, and asked for comments on the issue. As demonstrated above, many commenters believe the rule would have a significant economic effect on many small businesses. In making a determination for this final rule, we agree with these comments, and have concluded that the rule will have a significant economic impact on a substantial number of small entities.

   However, in drafting the final rule we have made significant changes that we believe will decrease adverse impacts on small businesses. TSA and the Coast Guard do not believe the rule will force small entities to leave the various markets in which they conduct business. In fact, TSA and the Coast Guard made a number of material changes to the original proposal in order to specifically address concerns about its impact on small entities.

   First, and perhaps most importantly, small vessels and facilities will no longer need to purchase biometric smart card readers or other equipment in order to comply with the rule. Instead, the Coast Guard will conduct spot checks of credentials with handheld smart card readers. We believe this change will significantly reduce the economic burden on small entities. (As stated elsewhere in this document, however, TSA and the Coast Guard will initiate a future rulemaking that would require the use of such equipment. When this happens, we will reevaluate all costs estimates and impacts to small entities.)

   Second, TSA and the Coast Guard have eliminated the recordkeeping provisions from the final rule. This modification should also reduce the burden on small entities.

   Third, we have added to the final rule provisions to accommodate newly hired employees at businesses affected by the rule. These employees, after having applied for a TWIC, will be allowed limited access to secure areas for 30 consecutive days, subject to certain restrictions. This 30 day period may be extended an additional 30 days by the cognizant Coast Guard COTP if TSA does not act upon the individual's TWIC application within the original 30 days.

   Fourth, we have added to the final rule provisions for employee access areas on passenger vessels and ferries. These areas are defined as spaces within the area over which an owner or operator has implemented security measures for access control. Employee access areas are open only to employees and not passengers; they are not secure areas and therefore do not require a TWIC for unescorted access. As stated above, this should further reduce the burden on some small businesses, especially passenger vessels reliant upon seasonal employment.

   Finally, TSA and the Coast Guard will allow certain facilities to submit amendments to their security plans in order to redefine their secure areas. We included this provision in the final rule to give these facilities the opportunity to more closely align and perhaps narrowly focus their secure areas on those areas that are directly related to maritime transportation or most at risk of a transportation security incident. The provision may result in a smaller secure area, which would reduce the number of employees and visitors who may need a TWIC for unescorted access.

   Many of these new provisions are designed to help small entities comply with the rule in a cost efficient manner, without sacrificing the security goals of the rule.

   The International Association of Drilling Contractors (IADC) asserted that there are many unfounded assumptions regarding the economic impact of the NPRM involving the number of persons that need a TWIC, the rate of personnel turnover, the costs associated with procurement and installation of required equipment, and the recurring costs of maintaining the TWIC and associated equipment. The IADC went on to state that many qualifying small entities provide valuable services. Other commenters voiced similar concerns.

   TSA and the Coast Guard acknowledge that there are a number of assumptions in the RIA that we published with the NPRM. Where appropriate, we have modified some of the assumptions in the RIA for the final rule based on input from industry.

   Many of the cost estimates and assumptions that generated the most comments (e.g., costs associated with technology requirements and recordkeeping costs) are no longer germane to this rulemaking because of modifications to the final rule. For example, TSA and the Coast Guard will no longer require affected entities to purchase biometric smart card readers or keep records of individuals who access secure areas. While these provisions may be required in a future rulemaking, we will revisit the associated cost estimates at that time. As for the assumed turnover rate, we have addressed that above.

   TSA and the Coast Guard disagree with IADC's suggestion that this rulemaking fails to meet the requirements of the RFA. To the best of our ability, we identified the firms affected by the rule, the economic impact to those firms, and the regulatory alternatives contemplated during the rulemaking process. Furthermore, we believe that the final rule includes significant alternatives to the original proposal that should decrease the impact to small entities. We therefore believe that this final rule meets both the letter and the spirit of the RFA.

   The SBA Office of Advocacy, expressing concerns raised by several small businesses, asserted that the IRFA for the NPRM failed to include many small businesses in the maritime towing (e.g., tugboats, towboats, and barges) and passenger vessel industries (e.g., ferries; sightseeing, excursion, and dinner boats; gaming vessels; whale watching boats; and eco-tour vessels). The SBA Office of Advocacy also stated that the economic analysis and IRFA failed to include other affected sectors. In its comment, the SBA Office of

   [[Page 3565]]

   Advocacy noted that a charter bus operator picking up cruise ship passengers at a port terminal would need a TWIC (or a credentialed escort) if he or she accessed a secure area. Advocacy recommended that TSA and the Coast Guard re-assess whether the economic analysis and IRFA encompass all regulated sectors.

   In light of the comments above, we reviewed the industries identified in the IRFA as being affected by the rule. Many of the small businesses in the maritime towing and passenger vessel industries fall under the North American Industrial Classification System (NAICS) codes 488330 Navigational Services to Shipping; 336611 Ship Building & Repairing; 532411 Commercial Air, Rail, & Water Transportation Equipment Rental and Leasing; 483114 Coastal and Great Lakes Passenger Transportation; and, 48721 Scenic and Sightseeing Transportation, Water. These industries were included in the IRFA that we published along with the NPRM. However, we did not include Gaming Vessels in the IRFA and they will most likely be affected by the final rule.

   Based on the comments above, we have included two additional NAICS codes in the FRFA--gaming vessels fall under 713290 Other Gambling Industries and 713210 Casinos (except Casino Hotels).

   With respect to the charter bus example cited by Advocacy, TSA and the Coast Guard recognize that some small businesses outside the maritime transportation sector that were not identified in the IRFA may be affected by the final rule. The example given by Advocacy in its comment is plausible--TSA and the Coast Guard do not dispute that charter bus operators may access cruise ship terminals.

   For the most part, however, we do not believe that cruise ship terminals and other large facility owners/operators currently allow charter bus operators and other independent firms or visitors to freely move about secure areas without supervision or monitoring. Many of these large facilities where cruise ships dock have reams of valuable cargo on their property and consequently have an economic incentive to monitor visitors, including bus operators. Therefore, we believe that many facilities will choose to use a credentialed escort in many of these instances. For these reasons, we believe the FRFA now identifies the industries that will be affected by this rulemaking.

   The American Sail Training Association (ASTA) asserted that the IRFA and NPRM do not appear to take into account vessels such as the tall ships owned by ASTA members because the regulatory analysis focuses on the small businesses included within the subchapter H vessels, facilities and outer continental shelf facilities. ASTA members are not within that category.

   Only vessels, facilities and OCS facilities regulated by 33 CFR subchapter H will be required to comply with the requirements of the final rule and incur associated costs. For this reason, we did not consider impacts to vessels not regulated by 33 CFR subchapter H. (b). The Rule Fails To Meet the Maritime Transportation Security Act

   In support of concerns raised by small business representatives, the SBA Office of Advocacy commented that the limited maritime TWIC being proposed exceeds TSA and Coast Guard's statutory mandate. Specifically, Advocacy asserted that MTSA did not require the complex and costly design or the potentially expensive smart card readers that TSA and the Coast Guard proposed in the NRPM. Advocacy also noted that many small businesses felt that there should be a single credential and security threat assessment for the entire transportation sector.

   Section 102 of MTSA requires the Secretary of DHS to issue a biometric transportation security card to individuals with unescorted access to secure areas of vessels, facilities, and OCS facilities. MTSA did not specify what type of biometric card the Secretary should issue. We believe the TWIC, which can accommodate many kinds of biometrics, privacy protections, and security mechanisms, meets the letter and spirit of the law.

   Also, as previously stated, this final rule will not require vessels, facilities, or OCS facilities to purchase biometric smart card readers. TSA and the Coast Guard will address the technology and card reader issues in the future. We will address comments relating to these issues in the future. (c). Whether the Rule Meets Previously Stated Goals

   Commenters, including the SBA Office of Advocacy, stated that the NPRM fails to meet the objectives of the TWIC concept as originally envisioned, that is, a single biometric card and a single background check for the entire transportation sector. Commenters argued that duplicative credentials and clearances that may include separate state and local requirements may continue to be required because TWIC is limited to the maritime sector. Also, the commenters stated that the original intent of the TWIC was to help ease access to secure areas, not to require a TWIC to enter them.

   TWIC is a biometric transportation security card, mandated by sec. 102 of MTSA, which TSA and the Coast Guard are introducing for use in secure areas of the maritime transportation sector. As stated in the preamble to the NPRM, DHS is currently exploring introducing the TWIC into other modes of the transportation sector. In the NPRM, we solicited and received comments on this issue.

   With respect to this final rule, the purpose of TWIC is not to facilitate access to secure areas of the national transportation sector, as some individuals asserted in their comments. While attempting to preserve owner/operator's ability to exert control over their secure areas, this final rule adds an additional level of security to these critical areas of the nation's maritime assets through the use of TWIC. The primary objective of TWIC has been, and will be, to increase security without unnecessarily compromising the flow of goods and services in the economy.

   Comprehensive security threat assessments are a vital part of this objective. Some commenters expressed concern that the rule would create duplicative threat assessments and credentials. TSA and the Coast Guard have made every effort in this final rule to avoid creating requirements that would cause individuals to obtain redundant security threat assessments. For example, individuals who have recently completed a security threat assessment for an HME, the FAST Program, or one of the Coast Guard's mariner credentialing programs, will not undergo a new TSA security threat assessment as a result of the TWIC rule. TSA will also review other government background checks in order to determine if they are comparable to those being conducted under the authority of this rule. Furthermore, if DHS decides to require TWIC in other modes of the transportation sector, we will make every effort to avoid duplicative or inconsistent security threat assessment standards.

   As stated above, several commenters asserted that the rule would require duplicative credentials for some individuals. For example, one commenter suggested that a commercial truck driver who picks up a package at an airport and delivers it to a port terminal may have to hold two credentials under the provisions of the rule. TSA and Coast Guard agree that this scenario is plausible. Some individuals, due to different circumstances, may have to carry multiple credentials. Unfortunately, we

   [[Page 3566]]

   cannot guarantee that individuals affected by the rule will have to carry only one credential. Neither TSA nor the Coast Guard has the legal authority to prevent private companies from issuing their own, proprietary identification credentials. However, TSA and the Coast Guard believe that many private firms currently issuing their own identification credentials may cease to do so after TWIC is introduced, because it may result in a cost-effective solution to existing credentialing systems. (d). The Rule's Effect on Current Labor Shortage Affecting Small Entities

   Several commenters made general remarks about how the TWIC rule will make labor shortage issues worse for small entities. Industry associations, small firms, Advocacy, and individuals all opined that the user fees proposed in the NPRM; the ``wait time'' to obtain a security threat assessment and a credential; and the inconvenience associated with traveling to an enrollment center would all negatively impact the work force utilized by small entities.

   TSA and the Coast Guard understand that some areas of the maritime transportation sector are experiencing labor shortages. As noted previously, however, we believe that the shortage of labor in many areas of the maritime industry is a function of factors outside the control of either TSA or the Coast Guard.

   Nevertheless, the final rule may have an impact on some labor markets. TSA and Coast Guard concur that some individuals--due to the user fees, security threat assessment policies, or other factors--may no longer seek employment at businesses regulated by 33 CFR subchapter H as a result of this rule. To the extent possible, though, we have drafted the final rule so that it would not adversely affect the already limited supply of labor in certain segments of the maritime transportation sector. We needed to balance this effort, of course, with the primary security objectives of the rule. We believe the following amendments to the final rule will help ease the potential adverse impacts of the rule on the labor supply while achieving the security goals of the rule:

   Provisions to accommodate new hires and persons who have reported their TWIC as lost, damaged, or stolen.

   An allowance for certain facilities to amend their Facility Security Plans (FSPs) to redefine their secure areas, and new definitions for passenger access areas and employee access areas.

   Expanded response time for applicants to appeal an adverse determination, correct an open criminal disposition, or apply for a waiver from 30 or 45 days to 60 days.

   Expanded group of applicants eligible to apply for a waiver after being disqualified because of mental incapacity.

   Expanded the group of non-U.S. nationals who meet the immigration standards to include foreign nationals who are students at the U.S. Merchant Marine Academy or comparable State college; commercial drivers licensed in Canada or Mexico transporting hazardous materials into and within the U.S.; citizens of Canada or Mexico who conduct business in the United States under a NAFTA visa; and a variety of professionals and specialists who work in the U.S. maritime industry on restricted visas.

   Provisions for employee access areas on passenger vessels and ferries.

   Some commenters specifically mentioned that being forced to pay the enrollment costs for their employees will be harmful to them. Laying out the same argument as other, larger firms, many small business owners who submitted comments to the docket pointed out that they would not be able to pass application costs onto college students, low wage earners, or other employees that typically work for small businesses.

   We note that this is not a requirement of the rule, but we agree that in some markets, owners/operators may pay the TWIC user fees for their employees. This may be especially true for employers that operate in sectors with tight labor markets. In other industries, however, this will probably not be true. For instance, in highly unionized workforces where wages are high and benefits are generous, employers will most likely not be forced to pay TWIC user fees. Due to this high level of uncertainty, we did not quantify this potential burden to employers in the RIA.

   Others said that seasonal employees are not able to afford the application fees or the cost of traveling to an enrollment center.

   TSA is required by law to recover fees for the costs it incurs to provide all program services. Therefore, the agency cannot make any concessions with respect to the user fee, even for seasonal employees. TSA and the Coast Guard have included some provisions in the final rule that may reduce the burden on seasonal employees. These provisions, such as employee access areas, are detailed above.

   Another commenter said that the ``waiting period'' for a TWIC is a hardship for small entities because they will have additional costs involved with interviewing new employees.

   As stated earlier, the final rule contains a provision that will allow new employees to have limited access to secure areas for 30 consecutive days, subject to other restrictions detailed in the regulatory text. In addition, this may be extended an additional 30 days by the cognizant Coast Guard COTP if TSA does not act upon the individual's TWIC application within the original 30 days. This provision should ease the burden on small entities.

   Some commenters discussed how the burdens employees face in obtaining TWICs are harmful to small entities. Some, for example, said that small companies are competing with larger companies for workers, and larger companies are more competitive because they are more capable of absorbing TWIC enrollment costs. Some commenters said that they will not be able to fill seasonal and short-term positions due to the TWIC requirements. One commenter said that small entities subject to TWIC will not be able to compete with other small service entities that are not subject to TWIC requirements. Another said that they will not be able to compete for labor with other service industries.

   One commenter said that the burdens of TWIC on employees will result in further wage increases to retain employees in their industry. Others said that the costs and burdens of TWIC will force employers to go to other industries, which is a hardship for small entities.

   TSA and the Coast Guard realize that small businesses face unique challenges in complying with the final rule. We recognize that the rule may impact employees as well as other facets of small entities' businesses. During the rulemaking process, we analyzed several alternatives that would have lessened the impact to small entities.

   For example, we examined the possibility of exempting the employees working for small businesses from the requirements of the final rule. Furthermore, we also analyzed the possibility of exempting industries with a high proportion of small businesses (e.g., passenger vessel industry) from the provisions of the rule. Both alternatives were deemed incompatible with the security objective of the rulemaking since 33 CFR subchapter H specifically applies to vessels, facilities, and OCS facilities that have been identified by the Coast Guard as presenting a risk for a transportation security incident.

   [[Page 3567]]

   Moreover, statutory constraints also prohibited us from further considering this option.

   TSA and Coast Guard did, however, include a number of new provisions to help small businesses comply with the rule. These provisions, such as the new hire provision, passenger and employee access areas and allowances to certain facilities to redefine secure areas, are detailed elsewhere in this section.

   Many commenters, including the SBA Office of Advocacy, expressed concern that businesses utilizing seasonal or temporary workers could be significantly impacted by the rule. For example, small tour boats and sightseeing vessels frequently hire high school and college students to work on the boats during the summer. However, because these employees could be required to obtain a maritime TWIC before they could begin work, the proposed rule could impose significant costs and time burdens on these small businesses.

   We realize that seasonal and temporary workers are a vital supply of labor for many passenger vessels and other small businesses regulated by this final rule. We also understand that the requirement to obtain a TWIC may represent a financial burden for some seasonal employees, especially high school and college students who may only work during the summer months. In writing this rule, we looked at several alternatives that would minimize this burden without compromising security.

   First, we considered exempting small passenger vessels and other regulated entities utilizing seasonal laborers from the requirements of the rule. This would clearly eliminate any concerns about labor shortages or financial burdens that many small businesses expressed during the comment period for the NPRM. We determined after careful analysis, however, that this alternative would not meet the security objectives that are the rationale for the rule, as passenger vessels subject to the security assessment and plan requirements in 33 CFR part 104 are at high risk for a transportation security incident due to the number of people they transport, which makes them an attractive target for terrorists. TSA's and the Coast Guard's statutory obligations also prevented us from adopting this option.

   Second, we investigated the possibility of allowing owners/ operators to grant individuals who have applied for a TWIC limited access to secure areas for 30 days. As stated elsewhere, we have included this provision in the final rule, which we hope will reduce the regulatory burden for small entities.

   Finally, in another effort to minimize the burden on small vessels, we created employee access areas in this final rule. An employee access area is a defined space within the access control area of a ferry or passenger vessel that is open to employees but not passengers. It is not a secure area and does not require a TWIC for unescorted access. It may not include any areas defined as restricted areas in the vessel security plan. We believe that this new provision should reduce the regulatory burden on many small passenger vessels, especially those that primarily utilize and rely on seasonal labor. (e). Costs of the Escorting Requirement

   Another commenter mentioned that the escorting burden is particularly difficult for small entities since they usually do not have excess crews or manpower to meet these requirements.

   We agree that for some small entities the requirement to provide escorts for visitors and others may prove to be a substantial burden. TSA and Coast Guard also do not dispute commenters' claims that many small entities may not have excess employees to handle this provision. We feel, however, that many commenters interpreted the definition of escort to require the physical presence of one escort for each individual without a TWIC at all times while in a secure area. TSA and Coast Guard did not intend this provision to be interpreted in this manner.

   Instead, we expect that when in an area defined as a restricted area in a vessel or facility security plan, escorting will mean a live, physical escort. The specifics of each vessel or facility will determine the scope of the escort required. Outside of restricted areas, however, such physical escorting is not necessary, so long as the method of surveillance or monitoring used is adequate to allow for a rapid response should an individual ``under escort'' be observed in an area where he or she has not been authorized to go or is engaging in activities other than those for which access was granted. We believe that this interpretation may significantly decrease the burden of this provision for small entities.

   Moreover, in the final rule, TSA and the Coast Guard have taken steps that may further reduce this burden for small businesses. For example, the final rule contains a provision for passenger vessels and ferries to establish employee access areas, which may decrease the need for certain small entities to supply some employee with escorted access to secure areas.

   The final rule also contains a provision that allows certain facilities to redefine their secure areas by submitting an amendment to their security plans to the Coast Guard. TSA and the Coast Guard believe that this new allowance may help some small entities limit the burden of providing escorted access to some employees and visitors.

   Although TSA and Coast Guard contemplated easing this requirement of the rule for small entities, we ultimately determined that we could not do this without comprising security.

   The SBA Office of Advocacy and other commenters noted that it is likely that many businesses will seek to avoid the maritime TWIC requirements by providing (or requiring) the use of dedicated, credentialed escorts as an alternative. Some commenters recommended that TSA and the Coast Guard consider the likelihood that this will occur and whether it changes the cost projections for the proposed rule.

   Although we realize that affected entities may comply with the rule in this manner, TSA and the Coast Guard have no information that would allow us to calculate the probability of this occurrence, making it difficult for us to adjust our cost projections. Credentialed escorts are specifically recognized as an acceptable means of complying with the final rule. Each business will evaluate the most cost effective way to comply with the rule, given its operational situation. TSA and the Coast Guard included the escort provision in the rule to potentially reduce the economic burden of the rule, provide flexibility, and maintain security. (f). Required Equipment Is Too Expensive for Small Companies

   Many small entities expressed concern about the cost of equipment. Several small vessels were concerned about how well equipment would work on vessels.

   The final rule will not require vessels, facilities, and OCS facilities to purchase and maintain new equipment. TSA and the Coast Guard will address this issue in the future and will revisit all cost estimates and equipments requirements at that time.

5. Comments Beyond the Scope of the Rule

   We received many comments concerning issues that are outside the scope of the NPRM. Many suggested port security grants be used to pay for TWICs and TWIC implementation, while others suggested that funding for implementation be made available in the federal budget. One commenter specifically requested a 90/10 matching of federal grant monies be appropriated to offset logistics costs. While these

   [[Page 3568]]

   comments are outside of the scope of the rule, we would like to note that the DHS port security grant program has already been revised to include applications for costs associated with implementing TWIC.

   IV. Advisory Committee Recommendations and Responses

   We received recommendations from three DHS advisory committees: The National Maritime Security Advisory Committee (NMSAC), the Merchant Personnel Advisory Committee (MERPAC), and the Towing Safety Advisory Committee (TSAC). Each committee reiterated some of the comments that have already been addressed, above, in the ``Discussion of comments and changes'' section. We have not repeated those concerns or comments in this section. Rather, we limit this discussion to those comments or recommendations that are not reflected elsewhere in this final rule.

1. National Maritime Security Advisory Committee (NMSAC)

   NMSAC recommended that the final TWIC regulations indicate that if an individual who regularly works in a secure area has not obtained a TWIC, has been denied a TWIC, or has had his or her TWIC revoked, that person cannot have access to secured areas.

   We do not agree with this recommendation, as the TWIC requirement only applies to individuals seeking unescorted access to secure areas. An individual who does not have his TWIC, either because he has not obtained one, been denied one, or had it revoked, could still be provided escorted access. Nothing in the final rule, however, requires that the owner or operator of a facility or vessel provide escorted access.

2. Merchant Personnel Advisory Committee (MERPAC)

   MERPAC recommended that the Coast Guard delay the implementation of the MMC, separating the implementation of the MMC from the TWIC implementation, until the TWIC program is deemed successful.

   This recommendation is more properly addressed in the Coast Guard's Supplemental Notice of Proposed Rulemaking (SNPRM) titled ``Consolidation of Merchant Mariner Qualification Credentials,'' found elsewhere in today's issue of the Federal Register. We note, however, that instead of issuing a final rule to implement the MMC, the Coast Guard has instead published an SNPRM, thus accepting at least part of the recommendation to delay MMC implementation.

   The committee recommended that Coast Guard and TSA find other funding sources for the TWIC. They further asked that, if this recommendation be rejected, TWIC applicants be required to only pay the actual production costs of the cards, not the administrative costs of TSA.

   Congress mandated that TSA fund the TWIC program out of user fees (see sec. 520 of the 2004 DHS Appropriations Act), thus, we are unable to consider this recommendation at this time.

   MERPAC recommended that the next round of Port Security Grants be made available to every mariner, transportation worker and owner/ operator to pay for this unfunded mandate. We appreciate this comment; however, the Port Security Grant Program is not part of this rulemaking.

   MERPAC asked, ``Who will determine how much is the correct amount of profit for this contractor to make off of the American Citizens that will require this identification?'' They added that this program, from information collection to card activation, must be conducted by the U.S. government, not contractor. They requested that ``If there is a stated percentage of profit that is appropriate, that percentage should be included in the rulemaking for comment. When the bi-annual review is published, the percentage of profit should again be broken out, particularly before any increase in fees is approved.''

   Nothing in MTSA or the other laws and regulations authorizing the TWIC program prohibits the United States Government from contracting for appropriate commercial services in support of the program. In fact, it is the policy of the United States Government to rely on the private sector for needed commercial services, where appropriate. TSA is, however, committed to reducing the cost of this program to individuals required to obtain the card to the extent possible. To that end, TSA is developing a competitive solicitation for the services. There has been a significant amount of interest on the part of the private sector in this solicitation. Among the evaluation criteria is the reasonableness of the cost as compared to the government's independent cost estimate. In addition, the contracting officer is responsible for ensuring that all contractor costs are fair and reasonable. There is no stated percentage of profit that is appropriate, and therefore we cannot include that percentage in the rulemaking for comment. Instead, we are looking at the overall cost to the public and will use private innovation and competitive process to obtain the best possible overall cost for the public.

   MERPAC recommended that TSA facilitate the payment of any fees via the pre-enrollment web site, and that TSA begin the vetting process with information submitted at this Web site. They went on to request that mariners be able to pay the fees required by credit card or cash, and not just money order, check, or wire transfer.

   During the initial rollout of the TWIC program, applicants must pay the fee for the credential at the enrollment center, rather than on- line. We may develop processes in the future to accommodate payment during pre-enrollment, but we cannot do so at this point. We will accept credit cards, cashiers checks, or money orders. Accepting cash or personal checks create opportunities for fraud that we wish to avoid.

   The committee questioned some language from the NPRM, asking ``[o]n pg 29403, section (e): This section states `After the individual has been granted access to the facility, the owner/operator may opt to notify the TSA system that access privileges have been granted to this worker at that facility.' MERPAC would like an explanation of this section, as it seems unnecessary.''

   The cited language refers to the process known as privilege granting. Under that process, as proposed in the NPRM, one way for a facility or vessel to meet their requirement to validate TWICs (i.e., ensure that they have not been invalidated by TSA) was to tell TSA those individuals to whom they were granting access. This information would be stored in the TSA TWIC database. Then, as cards were invalidated for any reason, the database would ``push'' that information to those facilities or vessels listed as having granted access privileges to that card. The process necessarily involves a centralized access control system at the facility or vessel, and as such would not work as a solution for everyone.

   MERPAC asked TSA to explain the two year redesign, mentioned on page 29429 of the NPRM, by explaining what is involved, and explaining why the card holders should pay for said redesign.

   The technology for the credential will be improved to add the contactless application and other security features as they become available. These improvements are standard items in complex programs, and as spread across the affected population over time, have a minimal impact on cost.

   MERPAC recommended that the rule require TSA to complete each security threat assessment and issue a TWIC within 96 hours from enrollment. They

   [[Page 3569]]

   also recommended that TSA outline the procedures for notification to the applicant when a timely processing cannot be accomplished.

   As discussed above, in the section entitled ``Adjudication Time,'' it is not feasible to complete a full threat assessment, including the collection of all of the information required to do so and issue a biometric credential within 96 hours. First, it is important to state that the TWIC program does not have a mandatory ``waiting period.'' Rather, we must adjudicate the security threat assessment of each applicant following enrollment and each case naturally entails processing time. During the initial enrollment rollout, owners/ operators must give ample notice to workers so that the threat assessment can be completed before the workers are required to present a TWIC to gain access to secure areas. Our goal is to process security threat assessments and manufacture TWICs within 30 days, and our experience with other programs indicates that this is quite possible. However, processing time may increase for an applicant with a criminal history or other disqualifying information, and when an appeal and/or waiver is required.

   The time period needed to complete security threat assessments during the TWIC prototype is not a good model from which to make comparisons. TSA was not able to complete a CHRC during Prototype, because there was not a regulation in place requiring a fingerprint- based check. Therefore, the time needed to complete the threat assessment was much shorter than is typical. However, the Prototype provided data on enrollment and card production processing times. We will process applications as they are received. After applications are received and sent for security threat assessment, individual processing times will vary based on the complexity of the adjudication.

   In response to the many comments on adjudication time, TSA is amending the information required for enrollment to help expedite the adjudication process. Most of the new information is voluntary; however, providing it should help TSA complete adjudications more quickly. All of the amendments apply to HME and TWIC applicants. First, applicants who are U.S. citizens born abroad may provide their passport number and CRBA. These documents expedite the adjudication process for applicants who are U.S. citizens born abroad. In addition, applicants who have previously completed a TSA threat assessment should provide the date and program for which it was completed. Applicants should state if they hold a federal security clearance, and if so, the date and agency for which the clearance was performed.

   A general review of background checks and security threat assessments across government and in the private sector will show that the processing time for a TWIC or HME is far below the average time to complete an assessment. In any event, as described above in the discussion of the Coast Guard's provisions, we have included provisions in the final rule to provide relief to the owner/operator who needs to provide a new hire with unescorted access to secure areas before the individual's TWIC has been issued.

   MERPAC recommended that those persons that need access to vessels subject to MTSA that provide counsel and religious guidance to seafarers should be required to obtain a TWIC, but be exempted from the fees.

   We disagree with this recommendation. As already stated, Congress has mandated that all costs of the TWIC program be funded through user fees. Thus, eliminating the fees for one portion of the affected population automatically increases the fee for the remaining population. We do, however, recognize the importance of allowing these individuals access to the mariners they serve. These individuals may be escorted into secure areas if they choose not to obtain TWICs.

   MERPAC requested that TSA describe the process for card renewal.

   Renewal applications will go through the same process as initial applications: applicants will need to enroll, provide fingerprints, have a new security threat assessment completed, and return to the enrollment center to activate their TWIC.

   MERPAC recommended that an additional section be included in the rulemaking, addressing the obligations and training requirements that should be necessary for the employees and managers of the enrollment centers, those employees activating and issuing TWIC cards, and any other employees associated with this program.

   We do not agree with this comment. Procedures and standards for the contractor providing enrollment services will be part of the contract between TSA and the contractor. They do not impose obligations on the general public, and as such are not appropriate for inclusion in the regulations. We can assure the committee, however, that these topics will be covered.

   MERPAC recommended the TWIC application itself be revised stating, ``Item 10 of [proposed 49 CFR] 1572.17 requires a job description and listing of a primary facility where the card holder anticipates using the card. This information should be removed from the application, so that mariners are not accused again of submitting incomplete applications. The purpose of the collection of this information could be accomplished by changing the attestation on page 29456, which should state that the applicant attests that they have a legitimate need for the card, that they understand its uses and obligations. They should not be asked to attest that the card `as part of my employment duties' as for an applicant, that may not yet be true.''

   The purpose of having the applicant list the job description and primary facility, if known, is to ensure that employers whose employees do not need TWICs do not send their employees to enrollment centers just to get a full background check on them. This information, however, is not required if the applicant does not yet have a job description or primary facility. As such, a blank entry on the application will not prevent it from being processed.

   MERPAC noted that we address the need to have employers and their employees notify TSA of a security violation by a person attempting to access a facility with a fraudulent or tampered card, and asked that we also define what the procedures and penalties are for a violation.

   It is unclear whether the committee is asking about the penalties for a failure to notify, or if they are asking about the penalties for someone found with a fraudulent or tampered card. In the case of the former, the penalty is found in the general penalty provision of 33 CFR part 101. In the latter case, the penalties are found in 49 CFR part 1572.

   MERPAC recommended that foreign riding gangs should be subject to the same requirements as U.S. mariners, and that they be subject to all the same requirements of U.S. mariners: background checks, drug testing, etc.

   If foreign riding gangs are currently required to obtain a U.S. MMD, license, COR, or STCW endorsement, they would also be required to obtain an MMC. This regulation does not propose to change the population of people who must obtain a mariner credential. Foreign riding gangs must meet the same requirements for lawful status as any other TWIC applicant. Vessels operating in waters outside of the United States will not need to have TWIC implemented on board, therefore the TWIC provisions will not be applicable to riding gangs if the vessel they are working on is operating in non-U.S. waters.

   [[Page 3570]]

   MERPAC recommended that foreign truck drivers and foreign technicians be specifically addressed in the final rule, providing detailed procedures to accommodate their presence in facilities and on vessels.

   We disagree. We have made changes to the final rule that, we believe, will allow foreign workers who are lawfully present in the United States and legitimately working at facilities or on vessels to get a TWIC if their work requires them to have unescorted access to secure areas. Those foreigners who still cannot get a TWIC will need to be escorted, as that term has been clarified elsewhere in this final rule.

   MERPAC recommended that all TWIC holders be automatically enrolled in the Trusted Travelers Program, and that facial recognition software should be considered as a means of providing access with a TWIC.

   To date, there is no domestic ``Trusted Travelers'' program, and implementing such a program is outside the scope of this rulemaking. The criteria for participants in TSA's ``Registered Traveler'' program are still being developed. We will keep this recommendation in mind for future consideration. Additionally, neither the NPRM nor this final rule prohibit the use of facial recognition software by facilities or vessels, so long as the software is able to integrate with all of the TWIC requirements found in this final rule.

4. Towing Safety Advisory Committee (TSAC)

   TSAC requested an investigation on the impact TWIC will have on new/existing marine employees. The committee expressed concern about the costs to commerce, and noted that they believe the costs were undervalued and logic was not applied. They requested an economic analysis about the impact on commerce.

   All of the issues raised in this request are addressed, in some form, in the Final Regulatory Assessment for this rule. This document is summarized below, but is also available on the docket at the locations listed in the ADDRESSES section above.

   They also requested a formal ``task statement'' so they can work with Coast Guard and TSA in the next stage of the rulemaking. We appreciate this offer, and will keep it in mind as we begin developing our second rulemaking (regarding reader requirements).

   V. Rulemaking Analyses and Notices

1. Executive Order 12866 (Regulatory Planning and Review)

   This rule is a ``significant regulatory action'' under section 3(f) of Executive Order (E.O.) 12866, Regulatory Planning and Review and therefore has been reviewed by the Office of Management and Budget. E.O. 12866 requires an assessment of potential costs and benefits under section 6(a)(3) of that Order. A Final Assessment is available in both the TSA and Coast Guard dockets where indicated under the ``Public Participation and Request for Comments'' section of this preamble. A summary of the Assessment follows. Regulatory Impact Assessment Summary

   Changes to Federal regulations must undergo several economic analyses. First, Executive Order 12866 (E.O. 12866) directs each Federal agency to propose or adopt a regulation only if the agency makes a reasoned determination that the benefits of the intended regulation justify its costs. Second, the Regulatory Flexibility Act of 1980 requires agencies to analyze the economic impact of regulatory changes on small entities. Third, the Trade Agreements Act (19 U.S.C. Sec. 2531-2533) prohibits agencies from setting standards that create unnecessary obstacles to the foreign commerce of the United States. Fourth, the Unfunded Mandates Reform Act of 1995 (Public Law 104-4) requires agencies to prepare a written assessment of the costs, benefits and other effects of proposed or final rules that include a Federal mandate likely to result in the expenditure by State, local, or tribal governments, in the aggregate, or by the private sector, of $100 million or more annually (adjusted for inflation).

   In conducting these analyses, TSA and the Coast Guard have determined that this rule:

   1. Is a ``significant regulatory action'' as defined in E.O. 12866.

   2. Has a significant economic impact on a substantial number of small entities. We have provided a Final Regulatory Flexibility Analysis, which is available in the Regulatory Impact Assessment that is located on both public dockets.

   3. Will not impose significant barriers to international trade.

   4. Does not impose an unfunded mandate on State, local, or tribal governments, but does on the private sector as costs exceed the inflation adjusted $100 million threshold in at least one year.

   The regulatory impact assessment (RIA) is a joint effort of TSA and the Coast Guard. The reader is cautioned that we did not attempt to replicate precisely the regulatory language in this summary of the RIA; the regulatory text, not the text of the RIA or this summary, is legally binding. A copy of the comprehensive RIA can be found on both public dockets. Impact Summary

   Section 102 of MTSA requires the Secretary of the Department of Homeland Security to issue a biometric transportation security card to individuals with unescorted access to secure areas of vessels and facilities. Under this authority, DHS has developed this final rule, and this summary provides a synopsis of the costs and benefits of the final rule. Benefits of the Final Rule

   The final rule will increase security at vessels, facilities, and OCS facilities regulated by 33 CFR chapter I, subchapter H. It will accomplish this by: (1) Reducing the number of high-risk individuals with unescorted access to secure areas of vessels, facilities, and OCS facilities through the use of robust security threat assessments, and (2) improving access control measures in the maritime transportation sector by permitting only those with biometric credentials to have unescorted access to secure areas of vessels and facilities. Costs of the Final Rule

   In estimating the economic cost of the final rule, we have made a number of adjustments to our original forecast published in the NPRM. First, as the final rule includes significant changes to the NPRM, we have accounted for those modifications in our estimates. For example, the final rule will not require vessel, facility, and OCS facility owners/operators to install and maintain smart card readers for access control purposes, keep access control records, or submit TWIC addenda to security plans. Compliance costs associated with these requirements therefore no longer appear in our estimates for the final rule; however, some of these costs are still reflected in the regulatory alternatives analyzed in the RIA.

   Second, we have modified many of our cost estimates in response to comments received from individuals and firms in the maritime industry. Several commenters argued that we understated or failed to identify several costs associated with complying with the rule. In response to these comments, we have adjusted some of our estimates and assumptions. For instance, many

   [[Page 3571]]

   commenters asserted that we underestimated the opportunity cost to travel to TWIC enrollment centers. Based on several comments of this nature, we adjusted our estimate upward.

   Third, we have better information with respect to many costs related to TSA's ability to deliver program services. This improved information is reflected in our new estimates.

   After making these types of adjustments to our original estimate, we concluded that the 10-year cost of the rule, discounted at 7 percent, would range from $694.3 million to $3.2 billion. Much of the variance in our estimate is attributable to the uncertainty surrounding opportunity cost estimates and escorting cost estimates.

   Table 6 displays the 10-year cost estimates for the NPRM and the final rule, discounted at 7 percent. The differences between the two estimates are also shown, with negative numbers appearing in parentheses. Figures showing 10-year cost estimates discounted at 3 percent and 0 percent are displayed in the comprehensive RIA, which is available on the public docket.

   Table 6.--Cost Change, NPRM to Final Rule [$ millions, 7 percent discount rate]

   NPRM

   Final Rule Component

   ------------------------------------------------------------------ Difference (Low-

   Remarks Low Primary High Low Primary High

   High)

   Enrollment Opportunity Costs.......... ......... $71.8 ......... $73.8 $196.7 $393.5

   $2-$321.7 Public comments on original time estimate and increased population. Enrollment Service Costs.............. ......... 91.9 ......... ......... 94.9 .........

   3.0 Increased population. Security Threat Assessment Costs...... ......... 57.9 ......... ......... 57.9 .........

   0.0 Increased population but reduced technology costs. TSA System Costs...................... ......... 27.4 ......... ......... 44.3 .........

   16.9 Improved internal cost estimates. Appeals and Waivers Opportunity Costs. .........

   5.7 ......... .........

   5.9 .........

   0.2 Increased population. Card Production Cost.................. ......... 29.5 ......... ......... 31.9 .........

   2.4 Improved internal cost estimates and increased functionality. Issuance Opportunity Costs............ ......... 89.0 ......... 123.4 329.2 658.4

   34.4-569.4 Public comments on original time estimate and increased population. Program Office Support Costs.......... ......... 41.0 ......... ......... 19.9 .........

   (-21.1) Improved internal cost estimates. Compliance Costs, Facilities.......... $299.0 312.1 $325.1 82.2 326.5 644.3

   (-216.8)-319.2 Public comments on original estimates and changes to proposed requirements. Compliance Costs, Vessels............. 63.1 75.8 88.4 157.7 638.8 1,264.4

   94.6-1,176 ........................ Compliance Costs, OCS Facilities......

   0.6

   0.7

   0.8

   2.4 10.1 20.1

   1.8-19.3 ........................

   Total............................. $777.0 $802.8 $828.6 $694.3 $1,756.3 $3,235.4 ($-82.7)-$2,406.8

   As stated above, the primary cost estimates for the final rule differ from those estimated for the NPRM. While certain cost components, such as the card reader costs, were eliminated from the final rule, other adjustments, mainly to the enrollment opportunity cost and escorting cost estimates, caused a net increase in the total primary estimate. Table 7 displays the differences on an annual basis.

   [[Page 3572]]

   [GRAPHIC] [TIFF OMITTED] TR25JA07.000

2. Small Entities

   Under the Regulatory Flexibility Act (RFA) (5 U.S.C. 601-612), we have considered whether this rule would have a significant economic impact on a substantial number of small entities. The term ``small entities'' includes small businesses, not-for-profit organizations that are independently owned and operated and are not dominant in their fields, and governmental jurisdictions with populations of less than 50,000. Individuals are not considered small entities for the purposes of the RFA.

   In support of the NPRM, we conducted an Initial Regulatory Flexibility Analysis (IRFA) that did not conclude whether the proposed rule would have a significant economic impact on a substantial number of small entities. We solicited comments on the matter in order to become better informed on how the proposed rule would impact affected small entities.

   After reviewing the public comments on the IRFA and the modifications to the final rule, we conducted a Final Regulatory Flexibility Analysis (FRFA), which is now available in the RIA on both public dockets. The public comments we received on the IRFA, which we summarized and responded to in the preamble to the final rule, addressed a broad array of issues specific to small entities, including the high cost of biometric smart card readers and other security infrastructure; the potential negative impact to businesses that predominantly utilize seasonal workforces; and the potential adverse effect on firms that must provide escorts for employees seeking access to secure and restricted areas, but do not possess unescorted access authority.

   In completing the FRFA, we revised many of our initial cost estimates in response to both comments from industry and the changes to the rule that those comments produced. We have determined that the final rule will have a significant economic impact on a substantial number of small entities. In this summary, we provide a brief description of why our cost estimates have changed, and examples of how we have provided regulatory flexibility for small entities in an attempt to mitigate any adverse economic effects of the rule.

   The primary reason for the determination that the rule will have a significant economic impact on small entities is that we have considerably revised our cost estimates for vessels and facilities to provide escorted access to employees and visitors in secure areas. During the public comment period, several individuals and firms expressed concern that we understated our original estimate for this requirement. In response to these comments, we increased our cost estimate for vessels and facilities to comply with this provision of the rule.

   The final rule also contains several changes from the NPRM. For example, as stated elsewhere in this preamble, the rule no longer requires vessels, facilities, or OCS facilities to purchase, install, and maintain biometric smart card readers; it does not include the recordkeeping requirements proposed in the NPRM; and affected firms do not have to submit a TWIC addendum to the Coast Guard. These changes also caused us to adjust our cost estimates.

   Table 8 displays how our low, primary, and high initial compliance cost estimates, as reported in the IRFA for the NPRM, have changed for small vessels. As previously described, these increased costs to small vessels are primarily a function of our increased cost estimate for small vessels to provide escorts to employees and visitors seeking access to secure and restricted areas.

   [[Page 3573]]

   [GRAPHIC] [TIFF OMITTED] TR25JA07.001

   Table 9 shows how we adjusted our low, primary, and high initial compliance cost estimates for small facilities from the NPRM estimates included in the IRFA. Again, the change in cost estimates is principally the result of modifications to our estimates for facilities to provide escorted access to employees and visitors who do not have unescorted access authority. (As there are no small entities that operate facilities on the OCS, we did not estimate compliance costs for these firms under the FRFA.)

   [GRAPHIC] [TIFF OMITTED] TR25JA07.002

   Even though we have determined that this rule will have a significant economic impact on a substantial number of small entities, we also believe that the rule provides small entities with a significant amount of flexibility to achieve the requirements of the regulation.

   First, and perhaps most importantly, the final rule no longer requires the use of biometric smart card readers by vessels, facilities, and OCS facilities. This should substantial decrease the burden on small entities, as there is no new capital investment required under this rulemaking. Additionally, the Coast Guard will conduct spot checks with hand held readers to ensure that individuals and regulated entities are utilizing the TWIC in a fashion consistent with the requirements of the rule. By completing these checks, the Coast Guard will be able verify the identity of TWIC holders, as well as confirm the validity of their credentials. This should also serve to lower the regulatory burden on small entities by transitioning some of the cost of TWIC verifications to the Federal government.

   The recordkeeping requirement proposed in the NPRM has also been dropped from the final rule, as has the requirement for firms to submit TWIC addenda. These alterations should also decrease the cost of compliance to small entities.

   The provision for passenger access areas, which we originally proposed in the NPRM for passenger vessels, remains in the final rule and provides flexibility for small entities offering services to passengers. MTSA provides that no one may have unescorted access to secure areas unless they carry a

   [[Page 3574]]

   TWIC. To ensure that passenger vessels do not have to require passengers to obtain TWICs or ensure that passengers are ``escorted'' at all times while on the vessel, the rule creates the ``passenger access area,'' allowing vessel owners/operators to carve out areas within the secure areas aboard their vessels where passengers are free to move about unescorted.

   In addition to the passenger access areas, the final rule creates ``employee access areas,'' allowing passenger vessel and ferry owners/ operators more flexibility. An employee access area is a defined space within the access control area of a ferry or passenger vessel that is open to employees but not passengers. It is not a secure area and does not require a TWIC for unescorted access. It may not include any areas defined as restricted areas in the vessel security plan. We believe that this new provision should reduce the regulatory burden on many small passenger vessels, especially those that primarily utilize and rely on seasonal labor.

   The final rule also includes a new provision that will allow a direct hire new employee to receive limited access to secure areas of a vessel or facility, provided that both the new employee and the owner/ operator meet certain stipulations, which are detailed in the regulatory text. This new policy, which TSA and the Coast Guard did not propose in the NPRM, is intended to give owners/operators the flexibility to quickly give new employees who do not yet hold a TWIC access to secure areas.

   In addition to making accommodations for new hires, the final rule also includes a provision for individuals who have reported their credential as either lost, damaged, or stolen. Although the provision contains certain caveats that are specified in the regulatory text, this new policy allows an employee missing or unable to use his or her credential to receive limited unescorted access to secure areas, including restricted areas, for seven calendar days.

   Further, the final rule also allows certain facilities to submit amendments to their security plans in order to redefine their access control areas, which in turn may reduce their secure areas. By allowing small facilities to more closely focus their access control areas on a portion of their facility directly related to maritime transportation, this may reduce the rule's economic impact on small entities.

   Finally, in an effort to maintain security but ensure applicants' rights, the rule now also allows for review by an ALJ in cases where TSA denies a waiver request. Moreover, the final rule extends the response time for applicants to appeal an adverse determination, correct an open criminal disposition, or apply for a waiver to 60 days. In addition, individuals, such as mariners who are at sea for extended periods of time, who legitimately miss the 60-day response time period may petition TSA to reconsider an Initial Determination.

   TSA and the Coast Guard believe the policies outlined above provide small entities with flexibility in complying with the rule. We believe the final rule minimizes the adverse economic effects to small business while fulfilling all statutory requirements, as well as TSA's and the Coast Guard's primary objective of increased security.

3. Assistance for Small Entities

   Under section 213(a) of the Small Business Regulatory Enforcement Fairness Act of 1996 (Pub. L. 104-121), we want to assist small entities in understanding this proposed rule so that they can better evaluate its effects on them and participate in the rulemaking. If the rule would affect your small business, organization, or governmental jurisdiction and you have questions concerning its provisions or options for compliance, please consult LCDR Jonathan Maiorine, Commandant (G-PCP-2), United States Coast Guard, 2100 Second Street, SW., Washington, DC 20593; telephone 1 (877) 687-2243. DHS will not retaliate against small entities that question or complain about this rule or any policy or action of DHS.

   Small businesses may send comments on the actions of Federal employees who enforce, or otherwise determine compliance with, Federal regulations to the Small Business and Agriculture Regulatory Enforcement Ombudsman and the Regional Small Business Regulatory Fairness Boards. The Ombudsman evaluates these actions annually and rates each agency's responsiveness to small business. If you wish to comment on actions by employees of TSA or of the Coast Guard, call 1- 888-REG-FAIR (1-888-734-3247).

4. Collection of Information

   This rule would call for a collection of information under the Paperwork Reduction Act of 1995 (44 U.S.C. 3501-3520). As defined in 5 CFR 1320.3(a), ``collection of information'' includes reporting, recordkeeping, monitoring, posting, labeling, and other, similar actions. The title and description of the information collections, a description of those who must collect the information, and an estimate of the total annual burden follow. The estimate covers the time for reviewing instructions, searching existing sources of data, gathering and maintaining the data needed, and completing and reviewing the collection.

   Title: Transportation Worker Identification Credential (TWIC) Program.

   Summary of the Collection of Information:

   Need for Information: TSA has developed the Transportation Worker Identification Credential (TWIC) as an identification tool that encompasses the authorities of the Aviation and Transportation Security Act of 2001 (ATSA) (Pub. L. 107-71, Sec. 106), and the Maritime Transportation Security Act of 2002 (MTSA) (Pub. L. 107-295, Sec. 102) to perform background checks and issue credentials to workers within the national transportation system. The data to be collected is that biographic and biometric information necessary for TSA to complete the required security threat assessment on individuals who will seek unescorted access to secure areas of vessels and maritime facilities through the use of a TWIC. TWIC cards, when issued, will contain biographic and biometric data necessary to prove identity of the cardholder and to interoperate with access control systems on vessels and at facilities nationwide.

   Proposed Use of Information: TSA will use the information to verify the identity of the individual applying for a TWIC and to verify that the person poses no security threat that would preclude issuance of a TWIC.

   Description of the Respondents: The respondents to this collection of information will be workers within the national transportation system, specifically individuals who require unescorted access to secure areas of vessels or maritime facilities.

   Number of Respondents: Although the number of respondents will vary over three years, TSA estimates that the annualized number of total respondents will be approximately 317,400. Based on research conducted by TSA and the Coast Guard, the total estimated base population that will be affected by TWIC is 750,000. However, TSA estimates that more than seventy percent of the base maritime worker population will enroll in the program in the first year, and the remainder will enroll in year two. Turnover and growth within the affected population is expected to result in another 202,257 respondents.

   Frequency of Response: Because renewals for the TWIC will be on a five year basis, for purposes of the Paperwork Reduction Act, to apply for a TWIC, each respondent will be

   [[Page 3575]]

   required to respond once to the enrollment collection. TSA estimates an additional response from the estimated two percent of respondents who will appeal decisions made by the agency with respect to security threat assessments or ask for a waiver from disqualifying offenses. Thus, TSA estimates the number of total annual responses to be approximately 323,800.

   Burden of Response: TSA estimates the annual hour burden for enrollment to be 476,129, or one and one half hour per respondent. TSA estimates the annual hour burden for appeals and waiver to be approximately 38,100.

   TSA has determined that the information collection and card issuance portion of the TWIC fee will be between $45 and $65 per respondent. This portion of the fee accounts for more than the actual cost of the information collection as it includes cost of the enrollment process, system operations and maintenance, and TWIC distribution.

   Estimate of Total Annual Burden: TSA estimates the total annual hour burden as a result of this collection of information to be approximately 514,200. Because the TWIC fee may change over time as actual costs are determined and annualized, TSA estimates total annual fee for respondents to be between $14,283,855 and $20,632,235.

   As required by the Paperwork Reduction Act of 1995 (PRA) (44 U.S.C. 3507(d)), we have submitted a copy of this proposed rule to the Office of Management and Budget (OMB) for its review of the collection of information.

   The provisions contained in the amendments to Title 33 do not call for a new collection of information under the PRA (44 U.S.C. 3501- 3520). While they include potential amendments of vessel or facility security plans, these amendments are covered by an approved collection of information. The approval number from OMB is OMB Control Number(s) 1625-0077 ``Security Plan for Ports, Vessels, Facilities, Outer Continental Shelf Facilities and Other Security-Related Requirements,'' which expires on July 31, 2008.

   The new hire provision requirements affecting Homeport will be added to collection 1625-0110 ``Maritime Identification Credentials-- Title 33 CFR Part 125'', which expired on November 30, 2006. The three year renewal for 1625-0110 was submitted to OMB on October 6, 2006 and an amendment to that renewal reflecting the proposed changes due to the new hire provisions was submitted to OMB on December 29, 2006. The revision would change the collection, once the TWIC program goes into effect, to make the submission of new hire information voluntary and require owners and operators to receive a positive verification from Homeport prior to granting access to the new hire. The government's need for the information, the type of information to be submitted, the method of submission, and the frequency of submission should not change from the current collection.

   You need not respond to a collection of information unless it displays a currently valid control number from OMB. Before the requirements for this collection of information become effective, we will publish a Notice in the Federal Register of OMB's decision to approve, modify, or disapprove the collection.

5. Executive Order 13132 (Federalism)

   A rule has implications for federalism under E.O. 13132, if it has a substantial direct effect on State or local governments and would either preempt State law or impose a substantial direct cost of compliance on them. TSA and Coast Guard have analyzed this final rule under that Order and have determined that it has implications for federalism, for the same reasons that we found federalism impacts for the Coast Guard's previously published MTSA regulations. 68 FR at 60468-9. A summary of the impacts on federalism in this rule follows.

   This rule would have a substantial direct effect on States, local governments, or political subdivisions under section 1(a) of the Order when those states owning vessels/facilities are required to implement a TWIC program. It would also preempt State law under section 6(c) of the Order by: Continuing to prevent States from regulating mariners; and continuing to prevent the States from requiring security plans.

   Regulations already issued by the Coast Guard under other sections of the MTSA of 2002 cited the need for national standards of security, claimed preemption, and received comments in support of such a scheme. See, 68 FR 60448, 60468-60469. (October 23, 2003).

   The law is well-settled that States may not regulate in categories expressly reserved for regulation by the Coast Guard. The law also is well-settled that all of the categories covered in 46 U.S.C. 3306, 3703, 7101, and 8101 (design, construction, alteration, repair, maintenance, operation, equipping, personnel qualification, and manning of vessels), as well as the reporting of casualties and any other category in which Congress intended the Coast Guard to be the sole source of a vessel's obligations, are within the field foreclosed from regulation by the States. See United States v. Locke and Intertanko v. Locke, 529 U.S. 89 (2000). Since portions of this proposed rule involve the manning of U.S. vessels and the licensing of merchant mariners, it relates to personnel qualifications. Because the states may not regulate within this category, these portions of this rule do not present new preemption issues under E.O. 13132.

   We are only asserting field preemption in those areas where federal regulations have historically dominated the field, such as merchant mariner regulations, or where we are amending regulations that we have previously preempted state regulation, such as the MTSA regulations found in 33 CFR chapter I, subchapter H. States would not be preempted from instituting their own background checks or badging systems in addition to the TWIC.

   Some commenters objected to allowing State or local governments to impose credentialing or background check requirements, noting that it results in multiple background checks for workers. We have carefully considered whether State and local governments should be preempted from doing so, and have determined that we are not preempting such State and local activities.

   Under this rulemaking, States will not be preempted from instituting their own background checks or badging systems in addition to the TWIC. We note that a State may be the proprietor of ports or port facilities, and as the proprietor is free to set standards for who may enter onto their facilities, as does any other proprietor. In addition, States may have set standards for reasons other than guarding against the threat of terrorism, such as to combat drug smuggling or organized crime. As such they are not regulating in the areas that DHS is regulating.

   The Department has also considered an additional federalism matter with respect to the TWIC credential. Section 102 of MTSA, 46 U.S.C. 70105, contains no express exceptions for State and local officials. As noted earlier in this preamble, however, the Department will not with this final rule require State and local officials to obtain a TWIC credential prior to their unescorted access to the ports. The Department's decision reflects the concern that denying port access to State and local officials, including law enforcement officials, may have serious federalism implications, particularly where there is not sufficient evidence of Congress's intent to do so. State law enforcement officials, for example, have authority and emergency aid responsibilities in

   [[Page 3576]]

   and around ports pursuant to laws properly promulgated by State legislatures and consistent with historic State police powers. The incidental application to these State officials of the MTSA's generally applicable requirements--for example, by barring them from secure areas of ports unless they obtain a federal credential--may excessively interfere with the functioning of State governments. Cf. Printz v. United States, 521 U.S. 898, 932 (1997); see also Gregory v. Ashcroft, 501 U.S. 452, 460 (1991) (emphasizing importance of State power to prescribe qualifications of its own officials. ``Through the structure of its government and the character of those who exercise government authority, a State defines itself as a sovereign''). We are hesitant to impose such a requirement on State and local governments when Congress has not made its intention in this respect clear and manifest. See Rice v. Santa Fe Elevator Corp., 331 U.S. 218, 230 (1947). The decision to exempt State and local officials from the TWIC requirements thus maintains the role of State and local officials in areas traditionally under their jurisdiction.

6. Unfunded Mandates Reform Act

   The Unfunded Mandates Reform Act of 1995 (2 U.S.C. 1531-1538) requires Federal agencies to assess the effects of their discretionary regulatory actions. In particular, the Act addresses actions that may result in the expenditure by a State, local, or tribal government, in the aggregate, or by the private sector of $100,000,000 or more in any one year. This rule would result in such an expenditure for the private sector, and we discuss the effects of this rule in the Final Regulatory Assessment, which is summarized in the E.O. 12866 section above.

7. Taking of Private Property

   This rule would not affect a taking of private property or otherwise have taking implications under E.O. 12630, Governmental Actions and Interference with Constitutionally Protected Property Rights.

8. Civil Justice Reform

   This rule meets applicable standards in sections 3(a) and 3(b)(2) of E.O. 12988, Civil Justice Reform, to minimize litigation, eliminate ambiguity, and reduce burden.

   I. Protection of Children

   We have analyzed this rule under E.O. 13045, Protection of Children from Environmental Health Risks and Safety Risks. While this rule is an economically significant rule, it would not create an environmental risk to health or safety that might disproportionately affect children.

10. Indian Tribal Governments

    This rule does not have tribal implications under E.O. 13175, Consultation and Coordination with Indian Tribal Governments, because it would not have a substantial direct effect on one or more Indian tribes, on the relationship between the Federal Government and Indian tribes, or on the distribution of power and responsibilities between the Federal Government and Indian tribes.

11. Energy Effects

    We have analyzed this rule under E.O. 13211, Actions Concerning Regulations That Significantly Affect Energy Supply, Distribution, or Use. We have determined that it is not a ``significant energy action'' under that order. While it is a ``significant regulatory action'' under E.O. 12866, it is not likely to have a significant adverse effect on the supply, distribution, or use of energy. The Administrator of the Office of Information and Regulatory Affairs has not designated it as a significant energy action. Therefore, a Statement of Energy Effects is not required for this rule under E.O. 13211.

    One commenter disagreed with this statement, stating that any significant new regulation of the transportation system will significantly affect the distribution system, particularly in the short term. The commenter requested a delay in the effective date of the rule along with a longer time period to ensure full compliance with the program. The commenter expressed doubt that there will be an adequate supply of TWIC readers available, adding that the regulations must allow companies to operate until the TWIC system is installed and usable.

    We disagree with the commenter. The original MTSA regulations were also a significant new regulation of the maritime transportation system, and we did not see a significant effect on the energy distribution system during the implementation of those regulations. However, we note that the intent of this commenter is being satisfied, as the reader requirements have not been included in the final rule.

    L. Technical Standards

    The National Technology Transfer and Advancement Act (NTTAA) (15 U.S.C. 272 note) directs agencies to use voluntary consensus standards in their regulatory activities unless the agency provides Congress, through the OMB, with an explanation of why using these standards would be inconsistent with applicable law or otherwise impractical. Voluntary consensus standards are technical standards (e.g., specifications of materials, performance, design, or operation; test methods; sampling procedures; and related management systems practices) that are developed or adopted by voluntary consensus standards bodies.

    While the NPRM proposed incorporating a standard, this rule does not. Therefore, we did not consider the use of voluntary consensus standards for this final rule.

13. Environment

    The Transportation Worker Identification Credential (TWIC) rule contains a program of activities to improve the safety and security of vessels, facilities, OCS facilities, and U.S. ports. It establishes requirements for secure identification cards, developing application forms, collecting and processing forms, application evaluation criteria, issuing determinations on applications, and use of the identification cards to enhance security at MTSA-regulated facilities and vessels. It will contribute to a higher level of marine safety and security for vessels, facilities, OCS facilities, and U.S. ports.

    Initially, implementation of this rule will involve establishing ``enrollment stations'' to collect TWIC applications. The enrollment stations will include a small office, using existing utilities where possible, located in space made available in existing port facilities or other available space within a 25 mile radius of the port facility. If a location does not have a port facility, or enough space, a temporary unit will be provided until either sufficient permanent space is available or the need for the enrollment station no longer exists. To meet the initial surge of enrollments expected, approximately 130 stations (permanent and mobile/temporary) are expected to be operating nationwide. The ongoing/maintenance phase will involve approximately 134 stations.

    Once the initial enrollment period is complete and TWICs have been issued to maritime personnel, implementation will involve an inspection of the TWIC by the vessel or facility owner/operator for a worker to gain unescorted access to secure areas of vessels and facilities. The inspection of the TWIC must include:

    (i) A match of the photo on the TWIC to the individual presenting the TWIC;

    (ii) Verification that the TWIC has not expired; and

    [[Page 3577]]

    (iii) A visual check of the various security features present on the card to ensure that the TWIC has not been forged or tampered.

    There are preexisting requirements in 46 U.S.C. 70103(c)(3)(C) and in 33 CFR part 125 that require waterfront facilities and vessels to maintain security plans that implement access control measures including the use of appropriate identification credentials. In addition, current regulations at 33 CFR part 101 establish federal identification standards. At some seaports, States and port operators have also established identification requirements. States and port operators have the option to either replace their existing identification requirements with the TWIC or to maintain their existing identification requirements in addition to the TWIC. In either case, inspection of the TWIC is not expected to add significant time to the entry procedures at any seaport.

    The provisions of this rule have been analyzed under the Department of Homeland Security (DHS) Management Directive (MD) 5100.1, Environmental Planning Program, which is the DHS policy and procedures for implementing the National Environmental Policy Act (NEPA), and related E.O.s and requirements. Based on a review of current practices and expected changes that would result from this rule, there would be no significant environmental impact in requiring those entering the port facility to display the TWIC card in addition to or as a substitute for their regular identification as a flash pass. There are no extraordinary circumstances presented by this rule that would limit the use of a CATEX under MD 5100.1, Appendix A, paragraph 3.2. The implementation of this rule is categorically excluded under the following categorical exclusions (CATEX) listed in MD 5100.1, Appendix A, Table 1: CATEX A1 (personnel, fiscal, management and administrative activities); CATEX A3 (promulgation of rules, issuance of rulings or interpretations); and CATEX A4 (information gathering, data analysis and processing, information dissemination, review, interpretation and development of documents). CATEX B3 (proposed activities and operations to be conducted in an existing structure that would be compatible with and similar in scope to ongoing functional uses) and CATEX B 11 (routine monitoring and surveillance activities that support law enforcement or homeland security and defense operations) would also be applicable.

    VI. Solicitation of Comments

    TSA is soliciting public comments on the card replacement fee. The NPRM estimated that the card replacement fee would be $36. Since issuance of the NPRM, TSA has learned that the costs associated with replacing the card will be higher than anticipated. In this preamble, an explanation of the differences appears in section I, Background, under Fees. TSA now estimates that it will cost TSA $60 per card to issue replacements. Because this cost is significantly higher than proposed, TSA invites public comment on this issue. This Final Rule establishes the card replacement fee at $36. TSA will issue cards at the $36.00 fee but proposes to increase this fee to $60. TSA invites comment on the proposed increase of the Card Replacement Fee.

    List of Subjects

    33 CFR Part 101

    Harbors, Maritime security, Reporting and recordkeeping requirements, Security measures, Vessels, Waterways.

    33 CFR Part 103

    Facilities, Harbors, Maritime security, Ports, Reporting and recordkeeping requirements, Security measures, Vessels, Waterways.

    33 CFR Part 104

    Incorporation by reference, Maritime security, Reporting and recordkeeping requirements, Security measures, Vessels.

    33 CFR Part 105

    Facilities, Maritime security, Reporting and recordkeeping requirements, Security measures.

    33 CFR Part 106

    Facilities, Maritime security, Outer Continental Shelf, Reporting and recordkeeping requirements, Security measures.

    33 CFR Part 125

    Administrative practice and procedure, Harbors, Reporting and recordkeeping requirements, Security measures, Vessels.

    46 CFR Part 10

    Penalties, Reporting and recordkeeping requirements, Schools, Seamen.

    46 CFR Part 12

    Penalties, Reporting and recordkeeping requirements, Seamen.

    46 CFR Part 15

    Reporting and recordkeeping requirements, Seamen, Vessels.

    49 CFR Part 1515

    Appeals, Commercial drivers license, Criminal history background checks, Explosives, Facilities, Hazardous materials, Incorporation by reference, Maritime security, Motor carriers, Motor vehicle carriers, Ports, Seamen, Security measures, Security threat assessment, Vessels, Waivers.

    49 CFR Part 1540

    Air carriers, Airports, Aviation safety, Law enforcement officers, Reporting and recordkeeping requirements, Security measures.

    49 CFR Part 1570

    Appeals, Commercial drivers license, Criminal history background checks, Explosives, Facilities, Hazardous materials, Incorporation by reference, Maritime security, Motor carriers, Motor vehicle carriers, Ports, Seamen, Security measures, Security threat assessment, Vessels, Waivers.

    49 CFR Part 1572

    Appeals, Commercial drivers license, Criminal history background checks, Explosives, Facilities, Hazardous materials, Incorporation by reference, Maritime security, Motor carriers, Motor vehicle carriers, Ports, Seamen, Security measures, Security threat assessment, Vessels, Waivers.

    The Amendments

    0 For the reasons listed in the preamble, the Coast Guard amends 33 CFR parts 101, 103, 104, 105, 106, 125; and 46 CFR parts 10, 12, and 15 and the Transportation Security Administration adds or amends 49 CFR parts 1515, 1570, and 1572 as follows:

    Title 33--Navigation and Navigable Waters

    CHAPTER I--COAST GUARD

    PART 101--MARITIME SECURITY: GENERAL

    0 1. The authority citation for part 101 continues to read as follows:

    Authority: 33 U.S.C. 1226, 1231; 46 U.S.C. Chapter 701; 50 U.S.C. 191, 192; Executive Order 12656, 3 CFR 1988 Comp., p. 585; 33 CFR 1.05-1, 6.04-11, 6.14, 6.16, and 6.19; Department of Homeland Security Delegation No. 0170.1.

    0 2. In Sec. 101.105 add, in alphabetical order, definitions for the terms escorting, personal identification number (PIN), recurring unescorted access, secure area, TWIC, TWIC

    [[Page 3578]]

    program, and unescorted access, to read as follows:

    Sec. 101.105 Definitions.

    * * * * *

    Escorting means ensuring that the escorted individual is continuously accompanied while within a secure area in a manner sufficient to observe whether the escorted individual is engaged in activities other than those for which escorted access was granted. This may be accomplished via having a side-by-side companion or monitoring, depending upon where the escorted individual will be granted access. Individuals without TWICs may not enter restricted areas without having an individual who holds a TWIC as a side-by-side companion, except as provided in Sec. Sec. 104.267, 105.257, and 106.262 of this subchapter. * * * * *

    Personal Identification Number (PIN) means a personally selected number stored electronically on the individual's TWIC. * * * * *

    Recurring unescorted access means authorization to enter a vessel on a continual basis after an initial personal identity and credential verification. * * * * *

    Secure Area means the area on board a vessel or at a facility or outer continental shelf facility over which the owner/operator has implemented security measures for access control in accordance with a Coast Guard approved security plan. It does not include passenger access areas, employee access areas, or public access areas, as those terms are defined in Sec. Sec. 104.106, 104.107, and 105.106, respectively, of this subchapter. Vessels operating under the waivers provided for at 46 U.S.C. 8103(b)(3)(A) or (B) have no secure areas. Facilities subject to part 105 of this subchapter may, with approval of the Coast Guard, designate only those portions of their facility that are directly connected to maritime transportation or are at risk of being involved in a transportation security incident as their secure areas. * * * * *

    TWIC means a valid, non-revoked transportation worker identification credential, as defined and explained in 49 CFR part 1572.

    TWIC Program means those procedures and systems that a vessel, facility, or outer continental shelf facility (OCS) must implement in order to assess and validate TWICs when maintaining access control. * * * * *

    Unescorted access means having the authority to enter and move about a secure area without escort. * * * * *

    0 3. Add Sec. 101.514 to read as follows:

    Sec. 101.514 TWIC Requirement.

    (a) All persons requiring unescorted access to secure areas of vessels, facilities, and OCS facilities regulated by parts 104, 105 or 106 of this subchapter must possess a TWIC before such access is granted, except as otherwise noted in this section. A TWIC must be obtained via the procedures established by TSA in 49 CFR part 1572.

    (b) Federal officials are not required to obtain or possess a TWIC. Except in cases of emergencies or other exigent circumstances, in order to gain unescorted access to a secure area of a vessel, facility, or OCS facility regulated by parts 104, 105 or 106 of this subchapter, a federal official must present his/her agency issued, HSPD 12 compliant credential. Until each agency issues its HSPD 12 compliant cards, Federal officials may gain unescorted access by using their agency's official credential. The COTP will advise facilities and vessels within his or her area of responsibility as agencies come into compliance with HSPD 12.

    (c) Law enforcement officials at the State or local level are not required to obtain or possess a TWIC to gain unescorted access to secure areas. They may, however, voluntarily obtain a TWIC where their offices fall within or where they require frequent unescorted access to a secure area of a vessel, facility or OCS facility.

    (d) Emergency responders at the State, or local level are not required to obtain or possess a TWIC to gain unescorted access to secure areas during an emergency situation. They may, however, voluntarily obtain a TWIC where their offices fall within or where they desire frequent unescorted access to a secure area of a vessel, facility or OCS facility in non-emergency situations.

    (e) Before September 25, 2008, mariners do not need to obtain or possess a TWIC but may be provided unescorted access to secure areas of vessels, facilities, and OCS facilities regulated by parts 104, 105 or 106 of this subchapter if they are able to show one of the following:

    (1) A valid Merchant Mariner Document (MMD);

    (2) A valid Merchant Mariner License and a valid photo identification; or

    (3) A valid Certificate of Registry and a valid photo identification.

    0 4. Revise Sec. 101.515 to read as follows:

    Sec. 101.515 TWIC/Personal Identification.

    (a) Persons not described in Sec. 101.514 of this part shall be required to present personal identification in order to gain entry to a vessel, facility, and OCS facility regulated by parts 104, 105 or 106 of this subchapter. These individuals must be under escort, as that term is defined in Sec. 101.105 of this part, while inside a secure area. This personal identification must, at a minimum, meet the following requirements:

    (1) Be laminated or otherwise secure against tampering;

    (2) Contain the individual's full name (full first and last names, middle initial is acceptable);

    (3) Contain a photo that accurately depicts that individual's current facial appearance; and

    (4) Bear the name of the issuing authority.

    (b) The issuing authority in paragraph (a)(4) of this section must be:

    (1) A government authority, or an organization authorized to act of behalf of a government authority; or

    (2) The individual's employer, union, or trade association.

    (c) Vessel, facility, and OCS facility owners and operators must permit law enforcement officials, in the performance of their official duties, who present proper identification in accordance with this section and Sec. 101.514 of this part to enter or board that vessel, facility, or OCS facility at any time, without delay or obstruction. Law enforcement officials, upon entering or boarding a vessel, facility, or OCS facility, will, as soon as practicable, explain their mission to the Master, owner, or operator, or their designated agent.

    (d) Inspection of credential. (1) Each person who has been issued or possesses a TWIC must present the TWIC for inspection upon a request from TSA, the Coast Guard, or other authorized DHS representative; an authorized representative of the National Transportation Safety Board; or a Federal, State, or local law enforcement officer.

    (2) Each person who has been issued or who possesses a TWIC must allow his or her TWIC to be read by a reader and must submit his or her reference biometric, such as a fingerprint, and any other required information, such as a PIN, to the reader, upon a request from TSA, the Coast Guard, other authorized DHS representative; or a Federal, State, or local law enforcement officer.

    [[Page 3579]]

    PART 103--MARITIME SECURITY: AREA MARITIME SECURITY

    0 5. The authority citation for part 103 continues to read as follows:

    Authority: 33 U.S.C. 1226, 1231; 46 U.S.C. 70102, 70103, 70104, 70112; 50 U.S.C. 191; 33 CFR 1.05-1, 6.04-11, 6.14, 6.16, and 6.19; Department of Homeland Security Delegation No, 0170.1.

    0 6. Revise Sec. 103.305(c) to read as follows:

    Sec. 103.305 Composition of an Area Maritime Security (AMS) Committee.

    * * * * *

    (c) Members appointed under this section serve for a term of not more than five years. In appointing members, the FMSC should consider the skills required by Sec. 103.410 of this part. With the exception of credentialed Federal, state and local officials, all AMS Committee members shall have a name-based terrorist check from TSA, hold a TWIC, or have passed a comparable security threat assessment, if they need access to SSI as determined by the FMSC.

    0 7. Revise Sec. 103.505(f) to read as follows:

    Sec. 103.505 Elements of the Area Maritime Security (AMS) plan.

    * * * * *

    (f) Measures to prevent unauthorized access to designated restricted areas within the port (e.g., TWIC); * * * * *

    PART 104--MARITIME SECURITY: VESSELS

    0 8. The authority citation for part 104 continues to read as follows:

    Authority: 33 U.S.C. 1226, 1231; 46 U.S.C. Chapter 701; 50 U.S.C. 191; 33 CFR 1.05-1, 6.04-11, 6.14, 6.16, and 6.19; Department of Homeland Security Delegation No. 0170.1.

    0 9. Amend Sec. 104.105 by redesignating paragraph (d) as paragraph (f) and adding new paragraphs (d) and (e) to read as follows:

    Sec. 104.105 Applicability.

    * * * * *

    (d) The TWIC requirements found in this part do not apply to foreign vessels.

    (e) The TWIC requirements found in this part do not apply to mariners employed aboard vessels moored at U.S. facilities only when they are working immediately adjacent to their vessels in the conduct of vessel activities. * * * * *

    0 10. Add Sec. 104.106 to read as follows:

    Sec. 104.106 Passenger access area.

    (a) A ferry, passenger vessel, or cruise ship may designate areas within the vessel as passenger access areas.

    (b) A passenger access area is a defined space, within the area over which the owner or operator has implemented security measures for access control, of a ferry, passenger vessel, or cruise ship that is open to passengers. It is not a secure area and does not require a TWIC for unescorted access.

    0 11. Add Sec. 104.107 to read as follows:

    Sec. 104.107 Employee access area.

    (a) A ferry or passenger vessel, excluding cruise ships, may designate areas within the vessel as employee access areas.

    (b) An employee access area is a defined space, within the area over which the owner or operator has implemented security measures for access control, of a ferry or passenger vessel that is open only to employees and not to passengers. It is not a secure area and does not require a TWIC for unescorted access.

    (c) Employee access areas may not include any areas defined as restricted areas in the VSP.

    0 12. Amend Sec. 104.115 by adding paragraphs ( c) and (d) to read as follows:

    Sec. 104.115 Compliance dates.

    * * * * *

    (c) Persons required to obtain a TWIC under this part may enroll beginning after the date set by the Coast Guard in a Notice to be published in the Federal Register. This notice will be directed to all facilities and vessels within a specific COTP zone.

    (d) By September 25, 2008, vessel owners or operators subject to paragraph (b) of this section and not excluded by Sec. 104.105(d) of this part must be operating in accordance with the TWIC provisions found within this part.

    0 13. Amend Sec. 104.120 by adding paragraph (c) to read as follows:

    Sec. 104.120 Compliance documentation.

    * * * * *

    (c) Each vessel owner or operator who designates a passenger or employee access area (as those terms are defined in Sec. Sec. 104.106 and 104.107 of this part) on their vessel must keep on board the vessel with their approved VSP a clear, visual representation (such as a vessel schematic) of where those designated areas fall. This need not be submitted to the Coast Guard for approval until incorporated into the VSP at the next VSP submittal (either renewal or amendment), but must be made available to the Coast Guard upon request.

    Subpart B--Vessel Security Requirements

    0 14. Revise Sec. 104.200(b) to read as follows:

    Sec. 104.200 Owner or operator.

    * * * * *

    (b) For each vessel, the vessel owner or operator must:

    (1) Define the security organizational structure for each vessel and provide all personnel exercising security duties or responsibilities within that structure with the support needed to fulfill security obligations;

    (2) Designate, in writing, by name or title, a Company Security Officer (CSO), a Vessel Security Officer (VSO) for each vessel, and identify how those officers can be contacted at any time;

    (3) Ensure personnel receive training, drills, and exercises enabling them to perform their assigned security duties;

    (4) Inform vessel personnel of their responsibility to apply for and maintain a TWIC, including the deadlines and methods for such applications, and of their obligation to inform TSA of any event that would render them ineligible for a TWIC, or which would invalidate their existing TWIC;

    (5) Ensure vessel security records are kept;

    (6) Ensure that adequate coordination of security issues takes place between vessels and facilities; this includes the execution of a Declaration of Security (DoS);

    (7) Ensure coordination of shore leave, transit, or crew change-out for vessel personnel, as well as access through the facility of visitors to the vessel (including representatives of seafarers' welfare and labor organizations), with facility operators in advance of a vessel's arrival. Vessel owners or operators may refer to treaties of friendship, commerce, and navigation between the U.S. and other nations in coordinating such leave. The text of these treaties can be found at http://www.marad.dot.gov/Programs/treaties.html;

    (8) Ensure security communication is readily available;

    (9) Ensure coordination with and implementation of changes in Maritime Security (MARSEC) Level;

    (10) Ensure that security systems and equipment are installed and maintained;

    (11) Ensure that vessel access, including the embarkation of persons and their effects, is controlled;

    (12) Ensure that TWIC procedures are implemented as set forth in this part, including;

    [[Page 3580]]

    (i) Ensuring that only individuals who hold a TWIC and are authorized to be in secure areas are permitted to escort;

    (ii) Identifying what action is to be taken by an escort, or other authorized individual, should individuals under escort engage in activities other than those for which escorted access was granted; and

    (iii) Notifying vessel employees, and passengers if applicable, of what parts of the vessel are secure areas, employee access areas, and passenger access areas, as applicable, and ensuring such areas are clearly marked.

    (13) Ensure that restricted areas are controlled and TWIC provisions are coordinated, if applied to such restricted areas;

    (14) Ensure that protocols consistent with Sec. 104.265(c) of this part, for dealing with individuals requiring access who report a lost, damaged, or stolen TWIC, or who have applied for and not yet received a TWIC, are in place;

    (15) Ensure that cargo and vessel stores and bunkers are handled in compliance with this part;

    (16) Ensure restricted areas, deck areas, and areas surrounding the vessel are monitored;

    (17) Provide the Master, or for vessels on domestic routes only, the CSO, with the following information:

    (i) Parties responsible for appointing vessel personnel, such as vessel management companies, manning agents, contractors, concessionaires (for example, retail sales outlets, casinos, etc.);

    (ii) Parties responsible for deciding the employment of the vessel, including time or bareboat charters or any other entity acting in such capacity; and

    (iii) In cases when the vessel is employed under the terms of a charter party, the contract details of those documents, including time or voyage charters; and

    (18) Give particular consideration to the convenience, comfort, and personal privacy of vessel personnel and their ability to maintain their effectiveness over long periods; and

    (19) If applicable, ensure that protocols consistent with Sec. 104.267 of this part, for dealing with newly hired employees who have applied for and not yet received a TWIC, are in place.

    0 15. Amend Sec. 104.210 by adding paragraphs (a)(5), (b)(2)(xv) and (c)(15) to read as follows:

    Sec. 104.210 Company Security Officer (CSO).

    (a) * * *

    (5) The CSO must maintain a TWIC.

    (b) * * *

    (2) * * *

    (xv) Knowledge of TWIC requirements

    (c) * * *

    (15) Ensure the TWIC program is being properly implemented.

    0 16. Amend Sec. 104.215 by adding paragraphs (a)(6), (b)(7) and (c)(12) to read as follows:

    Sec. 104.215 Vessel Security Officer (VSO).

    (a) * * *

    (6) The VSO must maintain a TWIC.

    (b) * * *

    (7) TWIC

    (c) * * *

    (12) Ensure TWIC programs are in place and implemented appropriately.

    0 17. Amend Sec. 104.220 by revising the introductory paragraph and adding paragraph (n) to read as follows:

    Sec. 104.220 Company or vessel personnel with security duties.

    Company and vessel personnel responsible for security duties must maintain a TWIC, and must have knowledge, through training or equivalent job experience, in the following, as appropriate: * * * * *

    (n) Relevant aspects of the TWIC program and how to carry them out.

    0 18. Amend Sec. 104.225 by adding paragraph (f) to read as follows:

    Sec. 104.225 Security training for all other personnel.

    * * * * *

    (f) Relevant aspects of the TWIC program and how to carry them out.

    0 19. Revise Sec. 104.265 to read as follows:

    Sec. 104.265 Security measures for access control.

    (a) General. The vessel owner or operator must ensure the implementation of security measures to:

    (1) Deter the unauthorized introduction of dangerous substances and devices, including any device intended to damage or destroy persons, vessels, facilities, or ports;

    (2) Secure dangerous substances and devices that are authorized by the owner or operator to be on board;

    (3) Control access to the vessel; and

    (4) Prevent an unescorted individual from entering an area of the vessel that is designated as a secure area unless the individual holds a duly issued TWIC and is authorized to be in the area.

    (b) The vessel owner or operator must ensure that the following are specified:

    (1) The locations providing means of access to the vessel where access restrictions or prohibitions are applied for each Maritime Security (MARSEC) Level, including those points where TWIC access control provisions will be applied. ``Means of access'' include, but are not limited, to all:

    (i) Access ladders;

    (ii) Access gangways;

    (iii) Access ramps;

    (iv) Access doors, side scuttles, windows, and ports;

    (v) Mooring lines and anchor chains; and

    (vi) Cranes and hoisting gear;

    (2) The identification of the types of restriction or prohibition to be applied and the means of enforcing them;

    (3) The means used to establish the identity of individuals not in possession of a TWIC and procedures for escorting, in accordance with Sec. 101.515 of this subchapter; and

    (4) Procedures for identifying authorized and unauthorized persons at any MARSEC level.

    (c) The vessel owner or operator must ensure that a TWIC program is implemented as follows:

    (1) All persons seeking unescorted access to secure areas must present their TWIC for inspection before being allowed unescorted access, in accordance with Sec. 101.514 of this subchapter. Inspection must include:

    (i) A match of the photo on the TWIC to the individual presenting the TWIC;

    (ii) Verification that the TWIC has not expired; and

    (iii) A visual check of the various security features present on the card to determine whether the TWIC has been tampered with or forged.

    (2) If an individual cannot present a TWIC because it has been lost, damaged or stolen, and he or she has previously been granted unescorted access to the vessel and is known to have had a valid TWIC, the individual may be given unescorted access to secure areas for a period of no longer than seven consecutive calendar days provided that:

    (i) The individual has reported the TWIC as lost, damaged, or stolen to TSA as required in 49 CFR 1572.19(f);

    (ii) The individual can present another identification credential that meets the requirements of Sec. 101.515 of this subchapter; and

    (iii) There are no other suspicious circumstances associated with the individual's claim of loss or theft.

    (3) If an individual cannot present his or her TWIC for any other reason than outlined in paragraph (2) of this section, he or she may not be granted unescorted access to the secure area. The individual must be under escort, as that term is defined in part 101 of this subchapter, at all times when inside a secure area.

    (4) With the exception of persons granted access according to paragraph (2) of this section, all persons granted unescorted access to secure areas of the vessel must be able to produce his or her TWIC upon request.

    [[Page 3581]]

    (5) There must be disciplinary measures in place to prevent fraud and abuse.

    (6) The vessel's TWIC program should be coordinated, when practicable, with identification and TWIC access control measures of facilities or other transportation conveyances that interface with the vessel.

    (d) If the vessel owner or operator uses a separate identification system, ensure that it complies and is coordinated with TWIC provisions in this part.

    (e) The vessel owner or operator must establish in the approved VSP the frequency of application of any security measures for access control, particularly if these security measures are applied on a random or occasional basis.

    (f) MARSEC Level 1. The vessel owner or operator must ensure security measures in this paragraph are implemented to:

    (1) Employ TWIC as set out in paragraph (c) of this section.

    (2) Screen persons, baggage (including carry-on items), personal effects, and vehicles for dangerous substances and devices at the rate specified in the approved VSP, except for government-owned vehicles on official business when government personnel present identification credentials for entry;

    (3) Conspicuously post signs that describe security measures currently in effect and clearly state that:

    (i) Boarding the vessel is deemed valid consent to screening or inspection; and

    (ii) Failure to consent or submit to screening or inspection will result in denial or revocation of authorization to board;

    (4) Check the identification of any person not holding a TWIC and seeking to board the vessel, including vessel passengers, vendors, personnel duly authorized by the cognizant government authorities, and visitors. This check includes confirming the reason for boarding by examining at least one of the following:

    (i) Joining instructions;

    (ii) Passenger tickets;

    (iii) Boarding passes;

    (iv) Work orders, pilot orders, or surveyor orders;

    (v) Government identification; or

    (vi) Visitor badges issued in accordance with an identification system implemented under paragraph (d) of this section.

    (5) Deny or revoke a person's authorization to be on board if the person is unable or unwilling, upon the request of vessel personnel or a law enforcement officer, to establish his or her identity in accordance with this part or to account for his or her presence on board. Any such incident must be reported in compliance with this part;

    (6) Deter unauthorized access to the vessel;

    (7) Identify access points that must be secured or attended to deter unauthorized access;

    (8) Lock or otherwise prevent access to unattended spaces that adjoin areas to which passengers and visitors have access;

    (9) Provide a designated area on board, within the secure area, or in liaison with a facility, for conducting inspections and screening of people, baggage (including carry-on items), personal effects, vehicles and the vehicle's contents;

    (10) Ensure vessel personnel are not subjected to screening, of the person or of personal effects, by other vessel personnel, unless security clearly requires it;

    (11) Conduct screening in a way that takes into full account individual human rights and preserves the individual's basic human dignity;

    (12) Ensure the screening of all unaccompanied baggage;

    (13) Ensure checked persons and their personal effects are segregated from unchecked persons and their personal effects;

    (14) Ensure embarking passengers are segregated from disembarking passengers;

    (15) Ensure, in liaison with the facility, a defined percentage of vehicles to be loaded aboard passenger vessels are screened prior to loading at the rate specified in the approved VSP;

    (16) Ensure, in liaison with the facility, all unaccompanied vehicles to be loaded on passenger vessels are screened prior to loading; and

    (17) Respond to the presence of unauthorized persons on board, including repelling unauthorized boarders.

    (g) MARSEC Level 2. In addition to the security measures required for MARSEC Level 1 in this section, at MARSEC Level 2, the vessel owner or operator must ensure the implementation of additional security measures, as specified for MARSEC Level 2 in the approved VSP. These additional security measures may include:

    (1) Increasing the frequency and detail of screening of people, personal effects, and vehicles being embarked or loaded onto the vessel as specified for MARSEC Level 2 in the approved VSP, except for government-owned vehicles on official business when government personnel present identification credentials for entry;

    (2) X-ray screening of all unaccompanied baggage;

    (3) Assigning additional personnel to patrol deck areas during periods of reduced vessel operations to deter unauthorized access;

    (4) Limiting the number of access points to the vessel by closing and securing some access points;

    (5) Denying access to visitors who do not have a verified destination;

    (6) Deterring waterside access to the vessel, which may include, in liaison with the facility, providing boat patrols; and

    (7) Establishing a restricted area on the shore side of the vessel, in close cooperation with the facility.

    (h) MARSEC Level 3. In addition to the security measures required for MARSEC Level 1 and MARSEC Level 2, the vessel owner or operator must ensure the implementation of additional security measures, as specified for MARSEC Level 3 in the approved VSP. The additional security measures may include:

    (1) Screening all persons, baggage, and personal effects for dangerous substances and devices;

    (2) Performing one or more of the following on unaccompanied baggage:

    (i) Screen unaccompanied baggage more extensively, for example, x- raying from two or more angles;

    (ii) Prepare to restrict or suspend handling unaccompanied baggage; or

    (iii) Refuse to accept unaccompanied baggage on board;

    (3) Being prepared to cooperate with responders and facilities;

    (4) Limiting access to the vessel to a single, controlled access point;

    (5) Granting access to only those responding to the security incident or threat thereof;

    (6) Suspending embarkation and/or disembarkation of personnel;

    (7) Suspending cargo operations;

    (8) Evacuating the vessel;

    (9) Moving the vessel; or

    (10) Preparing for a full or partial search of the vessel.

    0 20. Add Sec. 104.267 to read as follows:

    Sec. 104.267 Security measures for newly hired employees.

    (a) Newly-hired vessel employees may be granted entry to secure areas of the vessel for up to 30 consecutive calendar days prior to receiving their TWIC provided all of the requirements in paragraph (b) of this section are met, and provided that the new hire is accompanied by an individual with a TWIC while within the secure areas of the vessel. If TSA does not act upon a TWIC application within 30 days, the cognizant Coast Guard COTP may

    [[Page 3582]]

    further extend access to secure areas for another 30 days. The Coast Guard will determine whether, in particular circumstances, certain practices meet the condition of a new hire being accompanied by another individual with a TWIC. The Coast Guard will issue guidance for use in making these determinations.

    (b) Newly-hired vessel employees may be granted the access provided for in paragraph (a) of this section only if:

    (1) The new hire has applied for a TWIC in accordance with 49 CFR part 1572 by completing the full enrollment process, paying the user fee, and is not currently engaged in a waiver or appeal process. The vessel owner or operator or Vessel Security Officer (VSO) must have the new hire sign a statement affirming this, and must retain the signed statement until the new hire receives a TWIC;

    (2) The vessel owner or operator or the VSO enters the following information on the new hire into the Coast Guard's Homeport website (http://homeport.uscg.mil):

    (i) Full legal name, including middle name if one exists;

    (ii) Date of birth;

    (iii) Social security number (optional);

    (iv) Employer name and 24 hour contact information; and

    (v) Date of TWIC enrollment;

    (3) The new hire presents an identification credential that meets the requirements of Sec. 101.515 of this subchapter;

    (4) There are no other circumstances that would cause reasonable suspicion regarding the new hire's ability to obtain a TWIC, and the vessel owner or operator or VSO have not been informed by the cognizant COTP that the new hire poses a security threat; and

    (5) There would be an adverse impact to vessel operations if the new hire is not allowed access.

    (c) This section does not apply to any individual being hired as a Company Security Officer (CSO) or VSO, or any individual being hired to perform vessel security duties.

    (d) The new hire may not begin working on board the vessel under the provisions of this section until the owner, operator, or VSO receives notification, via Homeport or some other means, the new hire has passed an initial name check.

    Subpart D--Vessel Security Plan (VSP)

    0 21. Revise Sec. 104.405(a)(10) and (b) to read as follows:

    Sec. 104.405 Format of the Vessel Security Plan (VSP).

    (a) * * *

    (10) Security measures for access control, including designated passenger access areas and employee access areas; * * * * *

    (b) The VSP must describe in detail how the requirements of subpart B of this part will be met. VSPs that have been approved by the Coast Guard prior to March 26, 2007, do not need to be amended to describe their TWIC procedures until the next regularly scheduled resubmission of the VSP.

    PART 105--MARITIME SECURITY: FACILITIES

    0 22. The authority citation for part 105 continues to read as follows:

    Authority: 33 U.S.C. 1226, 1231; 46 U.S.C. 70103; 50 U.S.C. 191; 33 CFR 1.05-1, 6.04-11, 6.14, 6.16, and 6.19; Department of Homeland Security Delegation No, 0170.1.

    0 23. Amend Sec. 105.115 by adding paragraphs (c), (d), and (e) to read as follows:

    Sec. 105.115 Compliance dates.

    * * * * *

    (c) Facility owners or operators wishing to designate only those portions of their facility that are directly connected to maritime transportation or are at risk of being involved in a transportation security incident as their secure area(s) must do so by submitting an amendment to their Facility Security Plan to their cognizant COTP, in accordance with Sec. 105.415 of this part, by July 25, 2007.

    (d) Persons required to obtain a TWIC under this part may enroll beginning after the date set by the Coast Guard in a Notice to be published in the Federal Register. This notice will be directed to all facilities and vessels within a specific COTP zone.

    (e) Facility owners or operators must be operating in accordance with the TWIC provisions in this part by the date set by the Coast Guard in a Notice to be published in the Federal Register. This Notice will be published at least 90 days before compliance must begin, and will be directed to all facilities within a specific Captain of the Port zone, based on whether enrollment has been completed in that zone. Unless an earlier compliance date is specified in this manner, all facility owner or operators will need to implement their TWIC provisions no later than September 25, 2008.

    Subpart B--Facility Security Requirements

    0 24. Revise Sec. 105.200(b) to read as follows:

    Sec. 105.200 Owner or operator.

    * * * * *

    (b) For each facility, the facility owner or operator must:

    (1) Define the security organizational structure and provide each person exercising security duties and responsibilities within that structure the support needed to fulfill those obligations;

    (2) Designate, in writing, by name or by title, a Facility Security Officer (FSO) and identify how the officer can be contacted at any time;

    (3) Ensure that a Facility Security Assessment (FSA) is conducted;

    (4) Ensure the development and submission for approval of an FSP;

    (5) Ensure that the facility operates in compliance with the approved FSP;

    (6) Ensure that the TWIC program is properly implemented as set forth in this part, including:

    (i) Ensuring that only individuals who hold a TWIC and are authorized to be in the secure area in accordance with the FSP are permitted to escort;

    (ii) Identifying what action is to be taken by an escort, or other authorized individual, should individuals under escort engage in activities other than those for which escorted access was granted; and

    (iii) Notifying facility employees, and passengers if applicable, of what parts of the facility are secure areas and public access areas, as applicable, and ensuring such areas are clearly marked.

    (7) Ensure that restricted areas are controlled and TWIC provisions are coordinated, if applied to such restricted areas;

    (8) Ensure that adequate coordination of security issues takes place between the facility and vessels that call on it, including the execution of a Declaration of Security (DoS) as required by this part;

    (9) Ensure coordination of shore leave for vessel personnel or crew change-out, as well as access through the facility for visitors to the vessel (including representatives of seafarers' welfare and labor organizations), with vessel operators in advance of a vessel's arrival. In coordinating such leave, facility owners or operators may refer to treaties of friendship, commerce, and navigation between the U.S. and other nations. The text of these treaties can be found at http://www.marad.dot.gov/Programs/treaties.html ;

    (10) Ensure, within 12 hours of notification of an increase in MARSEC Level, implementation of the additional security measures required for the new MARSEC Level;

    (11) Ensure security for unattended vessels moored at the facility;

    [[Page 3583]]

    (12) Ensure the report of all breaches of security and transportation security incidents to the National Response Center in accordance with part 101 of this chapter;

    (13) Ensure consistency between security requirements and safety requirements;

    (14) Inform facility personnel of their responsibility to apply for and maintain a TWIC, including the deadlines and methods for such applications, and of their obligation to inform TSA of any event that would render them ineligible for a TWIC, or which would invalidate their existing TWIC;

    (15) Ensure that protocols consistent with section 105.255(c) of this part, for dealing with individuals requiring access who report a lost, damaged, or stolen TWIC, or who have applied for and not yet received a TWIC, are in place; and

    (16) If applicable, ensure that protocols consistent with Sec. 105.257 of this part, for dealing with newly hired employees who have applied for and not yet received a TWIC, are in place.

    0 25. Amend Sec. 105.205 by adding paragraphs (a)(4), (b)(2)(xv) and (c)(19) to read as follows:

    Sec. 105.205 Facility Security Officer (FSO).

    (a) * * *

    (4) The FSO must maintain a TWIC.

    (b) * * *

    (2) * * *

    (xv) Knowledge of TWIC requirements.

    (c) * * *

    (19) Ensure the TWIC program is being properly implemented.

    0 26. Amend Sec. 105.210 by revising the introductory paragraph and adding paragraph (n) to read as follows:

    Sec. 105.210 Facility personnel with security duties.

    Facility personnel responsible for security duties must maintain a TWIC, and must have knowledge, through training or equivalent job experience, in the following, as appropriate: * * * * *

    (n) Familiar with all relevant aspects of the TWIC program and how to carry them out.

    0 27. Amend Sec. 105.215 by adding paragraph (f) to read as follows:

    Sec. 105.215 Security training for all other facility personnel.

    * * * * *

    (f) Familiar with all relevant aspects of the TWIC program and how to carry them out.

    0 28. Revise Sec. 105.255 to read as follows:

    Sec. 105.255 Security measures for access control.

    (a) General. The facility owner or operator must ensure the implementation of security measures to:

    (1) Deter the unauthorized introduction of dangerous substances and devices, including any device intended to damage or destroy persons, vessels, facilities, or ports;

    (2) Secure dangerous substances and devices that are authorized by the owner or operator to be on the facility;

    (3) Control access to the facility; and

    (4) Prevent an unescorted individual from entering an area of the facility that is designated as a secure area unless the individual holds a duly issued TWIC and is authorized to be in the area.

    (b) The facility owner or operator must ensure that the following are specified:

    (1) The locations where restrictions or prohibitions that prevent unauthorized access are applied for each MARSEC Level, including those points where TWIC access control provisions will be applied. Each location allowing means of access to the facility must be addressed;

    (2) The types of restrictions or prohibitions to be applied and the means of enforcing them;

    (3) The means used to establish the identity of individuals not in possession of a TWIC, in accordance with Sec. 101.515 of this subchapter, and procedures for escorting them;

    (4) Procedures for identifying authorized and unauthorized persons at any MARSEC level; and

    (5) The locations where persons, personal effects and vehicle screenings are to be conducted. The designated screening areas should be covered to provide for continuous operations regardless of the weather conditions.

    (c) The facility owner or operator must ensure that a TWIC program is implemented as follows:

    (1) All persons seeking unescorted access to secure areas must present their TWIC for inspection before being allowed unescorted access, in accordance with Sec. 101.514 of this subchapter. Inspection must include:

    (i) A match of the photo on the TWIC to the individual presenting the TWIC;

    (ii) Verification that the TWIC has not expired; and

    (iii) A visual check of the various security features present on the card to determine whether the TWIC has been tampered with or forged.

    (2) If an individual cannot present a TWIC because it has been lost, damaged or stolen, and he or she has previously been granted unescorted access to the facility and is known to have had a valid TWIC, the individual may be given unescorted access to secure areas for a period of no longer than 7 consecutive calendar days if:

    (i) The individual has reported the TWIC as lost, damaged, or stolen to TSA as required in 49 CFR 1572.19(f);

    (ii) The individual can present another identification credential that meets the requirements of Sec. 101.515 of this subchapter; and

    (iii) There are no other suspicious circumstances associated with the individual's claim of loss or theft.

    (3) If an individual cannot present his or her TWIC for any other reason than outlined in paragraph (c)(2) of this section, he or she may not be granted unescorted access to the secure area. The individual must be under escort, as that term is defined in part 101 of this subchapter, at all times when inside of a secure area.

    (4) With the exception of persons granted access according to paragraph (c)(2) of this section, all persons granted unescorted access to secure areas of the facility must be able to produce his or her TWIC upon request.

    (5) There must be disciplinary measures in place to prevent fraud and abuse.

    (6) The facility's TWIC program should be coordinated, when practicable, with identification and TWIC access control measures of vessels or other transportation conveyances that use the facility.

    (d) If the facility owner or operator uses a separate identification system, ensure that it complies and is coordinated with TWIC provisions in this part.

    (e) The facility owner or operator must establish in the approved Facility Security Plan (FSP) the frequency of application of any access controls, particularly if they are to be applied on a random or occasional basis.

    (f) MARSEC Level 1. The facility owner or operator must ensure the following security measures are implemented at the facility:

    (1) Implement TWIC as set out in paragraph (c) of this section.

    (2) Screen persons, baggage (including carry-on items), personal effects, and vehicles, for dangerous substances and devices at the rate specified in the approved FSP, excluding government-owned vehicles on official business when government personnel present identification credentials for entry;

    (3) Conspicuously post signs that describe security measures currently in effect and clearly state that:

    (i) Entering the facility is deemed valid consent to screening or inspection; and

    [[Page 3584]]

    (ii) Failure to consent or submit to screening or inspection will result in denial or revocation of authorization to enter.

    (4) Check the identification of any person not holding a TWIC and seeking entry to the facility, including vessel passengers, vendors, personnel duly authorized by the cognizant government authorities, and visitors. This check shall include confirming the reason for boarding by examining at least one of the following:

    (i) Joining instructions;

    (ii) Passenger tickets;

    (iii) Boarding passes;

    (iv) Work orders, pilot orders, or surveyor orders;

    (v) Government identification; or

    (vi) Visitor badges issued in accordance with an identification system implemented under paragraph (d) of this section.

    (5) Deny or revoke a person's authorization to be on the facility if the person is unable or unwilling, upon the request of facility personnel or a law enforcement officer, to establish his or her identity in accordance with this part or to account for his or her presence. Any such incident must be reported in compliance with this part;

    (6) Designate restricted areas and provide appropriate access controls for these areas;

    (7) Identify access points that must be secured or attended to deter unauthorized access;

    (8) Deter unauthorized access to the facility and to designated restricted areas within the facility;

    (9) Screen by hand or device, such as x-ray, all unaccompanied baggage prior to loading onto a vessel; and

    (10) Secure unaccompanied baggage after screening in a designated restricted area and maintain security control during transfers between the facility and a vessel.

    (g) MARSEC Level 2. In addition to the security measures required for MARSEC Level 1 in this section, at MARSEC Level 2, the facility owner or operator must ensure the implementation of additional security measures, as specified for MARSEC Level 2 in their approved FSP. These additional security measures may include:

    (1) Increasing the frequency and detail of the screening of persons, baggage, and personal effects for dangerous substances and devices entering the facility;

    (2) X-ray screening of all unaccompanied baggage;

    (3) Assigning additional personnel to guard access points and patrol the perimeter of the facility to deter unauthorized access;

    (4) Limiting the number of access points to the facility by closing and securing some access points and providing physical barriers to impede movement through the remaining access points;

    (5) Denying access to visitors who do not have a verified destination;

    (6) Deterring waterside access to the facility, which may include, using waterborne patrols to enhance security around the facility; or

    (7) Except for government-owned vehicles on official business when government personnel present identification credentials for entry, screening vehicles and their contents for dangerous substances and devices at the rate specified for MARSEC Level 2 in the approved FSP.

    (h) MARSEC Level 3. In addition to the security measures required for MARSEC Level 1 and MARSEC Level 2, at MARSEC level 3, the facility owner or operator must ensure the implementation of additional security measures, as specified for MARSEC Level 3 in their approved FSP. These additional security measures may include:

    (1) Screening all persons, baggage, and personal effects for dangerous substances and devices;

    (2) Performing one or more of the following on unaccompanied baggage:

    (i) Screen unaccompanied baggage more extensively; for example, x- raying from two or more angles;

    (ii) Prepare to restrict or suspend handling of unaccompanied baggage; or

    (iii) Refuse to accept unaccompanied baggage.

    (3) Being prepared to cooperate with responders and facilities;

    (4) Granting access to only those responding to the security incident or threat thereof;

    (5) Suspending access to the facility;

    (6) Suspending cargo operations;

    (7) Evacuating the facility;

    (8) Restricting pedestrian or vehicular movement on the grounds of the facility; or

    (9) Increasing security patrols within the facility.

    0 28. Add Sec. 105.257 to read as follows:

    Sec. 105.257 Security measures for newly-hired employees.

    (a) Newly-hired facility employees may be granted entry to secure areas of the facility for up to 30 consecutive calendar days prior to receiving their TWIC provided all of the requirements in paragraph (b) of this section are met, and provided that the new hire is accompanied by an individual with a TWIC while within the secure areas of the facility. If TSA does not act upon a TWIC application within 30 days, the cognizant Coast Guard COTP may further extend access to secure areas for another 30 days. The Coast Guard will determine whether, in particular circumstances, certain practices meet the condition of a new hire being accompanied by another individual with a TWIC. The Coast Guard will issue guidance for use in making these determinations.

    (b) Newly-hired facility employees may be granted the access provided for in paragraph (a) of this section if:

    (1) The new hire has applied for a TWIC in accordance with 49 CFR part 1572 by completing the full enrollment process, paying the user fee, and is not currently engaged in a waiver or appeal process. The facility owner or operator or the Facility Security Officer (FSO) must have the new hire sign a statement affirming this, and must retain the signed statement until the new hire receives a TWIC;

    (2) The facility owner or operator or the FSO enters the following information on the new hire into the Coast Guard's Homeport website (http://homeport.uscg.mil):

    (i) Full legal name, including middle name if one exists;

    (ii) Date of birth;

    (iii) Social security number (optional);

    (iv) Employer name and 24 hour contact information; and

    (v) Date of TWIC enrollment.

    (3) The new hire presents an identification credential that meets the requirements of Sec. 101.515 of this subchapter;

    (4) There are no other circumstances that would cause reasonable suspicion regarding the new hire's ability to obtain a TWIC, and the facility owner or operator or FSO have not been informed by the cognizant COTP that the new hire poses a security threat; and

    (5) There would be an adverse impact to facility operations if the new hire is not allowed access.

    (c) This section does not apply to any individual being hired as a FSO, or any individual being hired to perform facility security duties.

    (d) The new hire may not begin working at the facility under the provisions of this section until the owner, operator, or FSO receives notification, via Homeport or some other means, the new hire has passed an initial name check.

    0 29. Amend Sec. 105.285 by revising paragraph (a)(4) to read as follows:

    Sec. 105.285 Additional requirements--passenger and ferry facilities.

    (a) * * *

    (4) Deny passenger access to secure and restricted areas unless escorted by

    [[Page 3585]]

    authorized facility security personnel; and * * * * *

    0 30. Revise Sec. 105.290 to read as follows:

    Sec. 105.290 Additional requirements--cruise ship terminals.

    At all MARSEC Levels, in coordination with a vessel moored at the facility, the facility owner or operator must ensure the following security measures:

    (a) Screen all persons, baggage, and personal effects for dangerous substances and devices;

    (b) Check the identification of all persons seeking to enter the facility. Persons holding a TWIC shall be checked as set forth in this part. For persons not holding a TWIC, this check includes confirming the reason for boarding by examining passenger tickets, boarding passes, government identification or visitor badges, or work orders;

    (c) Designate holding, waiting, or embarkation areas within the facility's secure area to segregate screened persons and their personal effects awaiting embarkation from unscreened persons and their personal effects;

    (d) Provide additional security personnel to designated holding, waiting, or embarkation areas within the facility's secure area; and

    (e) Deny individuals not holding a TWIC access to secure and restricted areas unless escorted.

    0 31. Amend Sec. 105.296 by adding paragraph (a)(4) to read as follows:

    Sec. 105.296 Additional requirements--barge fleeting facilities.

    (a) * * *

    (4) Control access to the barges once tied to the fleeting area by implementing TWIC as described in Sec. 105.255 of this part. * * * * *

    Subpart D--Facility Security Plan (FSP)

    0 32. Revise Sec. 105.405(a)(10) and (b) to read as follows:

    Sec. 105.405 Format and content of the Facility Security Plan (FSP).

    (a) * * *

    (10) Security measures for access control, including designated public access areas; * * * * *

    (b) The FSP must describe in detail how the requirements of subpart B of this part will be met. FSPs that have been approved by the Coast Guard prior to March 26, 2007, do not need to be amended to describe their TWIC procedures until the next regularly scheduled resubmission of the FSP.

    PART 106--MARITIME SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES

    0 33. The authority citation for part 106 continues to read as follows:

    Authority: 33 U.S.C. 1226, 1231; 46 U.S.C. Chapter 701; 50 U.S.C. 191; 33 CFR 1.05-1, 6.04-11, 6.14, 6.16, and 6.19; Department of Homeland Security Delegation No. 0170.1.

    0 34. Amend Sec. 106.110 by adding paragraphs (d) and (e) to read as follows:

    Sec. 106.110 Compliance dates.

    * * * * *

    (d) Persons required to obtain a TWIC under this part may enroll beginning after the date set by the Coast Guard in a Notice to be published in the Federal Register. This notice will be directed to all facilities and vessels within a specific COTP zone.

    (e) Facility owners or operators must be operating in accordance with the TWIC provisions in this part by the date set by the Coast Guard in a Notice to be published in the Federal Register. This Notice will be published at least 90 days before compliance must begin, and will be directed to all facilities within a specific Captain of the Port zone, based on whether enrollment has been completed in that zone. Unless an earlier compliance date is specified in this manner, all facility owner or operators will need to implement their TWIC provisions no later than September 25, 2008.

    0 35. Revise Sec. 106.200(b) to read as follows:

    Sec. 106.200 Owner or operator.

    * * * * *

    (b) For each OCS facility, the OCS facility owner or operator must:

    (1) Define the security organizational structure for each OCS facility and provide each person exercising security duties or responsibilities within that structure the support needed to fulfill those obligations;

    (2) Designate in writing, by name or title, a Company Security Officer (CSO) and a Facility Security Officer (FSO) for each OCS facility and identify how those officers can be contacted at any time;

    (3) Ensure that a Facility Security Assessment (FSA) is conducted;

    (4) Ensure the development and submission for approval of a Facility Security Plan (FSP);

    (5) Ensure that the OCS facility operates in compliance with the approved FSP;

    (6) Ensure that the TWIC program is properly implemented as set forth in this part, including:

    (i) Ensuring that only individuals who hold a TWIC and are authorized to be in the secure area are permitted to escort; and

    (ii) Identifying what action is to be taken by an escort, or other authorized individual, should individuals under escort engage in activities other than those for which escorted access was granted.

    (7) Ensure that adequate coordination of security issues takes place between OCS facilities and vessels, including the execution of a Declaration of Security (DoS) as required by this part;

    (8) Ensure, within 12 hours of notification of an increase in MARSEC Level, implementation of the additional security measures required by the FSP for the new MARSEC Level;

    (9) Ensure all breaches of security and security incidents are reported in accordance with part 101 of this subchapter;

    (10) Ensure consistency between security requirements and safety requirements;

    (11) Inform OCS facility personnel of their responsibility to apply for and maintain a TWIC, including the deadlines and methods for such applications, and of their obligation to inform TSA of any event that would render them ineligible for a TWIC, or which would invalidate their existing TWIC;

    (12) Ensure that protocols consistent with Sec. 106.260(c) of this part, for dealing with individuals requiring access who report a lost, damaged, or stolen TWIC, or who have applied for and not yet received a TWIC, are in place; and

    (13) If applicable, ensure that protocols consistent with Sec. 106.262 of this part, for dealing with newly hired employees who have applied for and not yet received a TWIC, are in place.

    0 36. Amend Sec. 106.205 by adding paragraphs (a)(4), (c)(13) and (d)(13) to read as follows:

    Sec. 106.205 Company Security Officer (CSO).

    (a) * * *

    (4) The CSO must maintain a TWIC. * * * * *

    (c) * * *

    (13) Knowledge of TWIC requirements.

    (d) * * *

    (13) Ensure the TWIC program is being properly implemented.

    0 37. Amend Sec. 106.210 by adding paragraphs (a)(4) and (c)(15) to read as follows:

    [[Page 3586]]

    Sec. 106.210 OCS Facility Security Officer (FSO).

    (a) * * *

    (4) The FSO must maintain a TWIC. * * * * *

    (c) * * *

    (15) Ensure the TWIC program is properly implemented.

    0 38. Amend Sec. 106.215 by revising the introductory paragraph and redesignating paragraphs (k) and (l) as (l) and (m), respectively, and adding new paragraph (k) to read as follows:

    Sec. 106.215 Company of OCS facility personnel with security duties.

    Company and OCS facility personnel responsible for security duties must maintain a TWIC, and must have knowledge, through training or equivalent job experience, in the following, as appropriate: * * * * *

    (k) Familiarity with all relevant aspects of the TWIC program and how to carry them out; * * * * *

    0 39. Amend Sec. 106.220 by adding paragraph (f) to read as follows:

    Sec. 106.220 Security training for all other OCS personnel.

    * * * * *

    (f) Familiarity with all relevant aspects of the TWIC program and how to carry them out. 0 40. Revise Sec. 106.260 to read as follows:

    Sec. 106.260 Security measures for access control.

    (a) General. The OCS facility owner or operator must ensure the implementation of security measures to:

    (1) Deter the unauthorized introduction of dangerous substances and devices, including any device intended to damage or destroy persons, vessels, or the OCS facility;

    (2) Secure dangerous substances and devices that are authorized by the OCS facility owner or operator to be on board;

    (3) Control access to the OCS facility; and

    (4) Prevent an unescorted individual from entering the OCS facility unless the individual holds a duly issued TWIC and is authorized to be on the OCS facility.

    (b) The OCS facility owner or operator must ensure that the following are specified:

    (1) All locations providing means of access to the OCS facility where access restrictions or prohibitions are applied for each security level to prevent unauthorized access, including those points where TWIC access control procedures will be applied;

    (2) The identification of the types of restriction or prohibition to be applied and the means of enforcing them;

    (3) The means used to establish the identity of individuals not in possession of a TWIC and the means by which they will be allowed access to the OCS facility; and

    (4) Procedures for identifying authorized and unauthorized persons at any MARSEC level.

    (c) The OCS facility owner or operator must ensure that a TWIC program is implemented as follows:

    (1) All persons seeking unescorted access to secure areas must present their TWIC for inspection before being allowed unescorted access, in accordance with Sec. 101.514 of this subchapter. Inspection must include:

    (i) A match of the photo on the TWIC to the individual presenting the TWIC;

    (ii) Verification that the TWIC has not expired; and

    (iii) A visual check of the various security features present on the card to determine whether the TWIC has been tampered with or forged.

    (2) If an individual cannot present a TWIC because it has been lost, damaged or stolen, and he or she has previously been granted unescorted access to the facility and is known to have had a valid TWIC, the individual may be given unescorted access to secure areas for a period of no longer than seven consecutive calendar days if:

    (i) The individual has reported the TWIC as lost, damaged or stolen to TSA as required in 49 CFR 1572.19(f);

    (ii) The individual can present another identification credential that meets the requirements of Sec. 101.515 of this subchapter; and

    (iii) There are no other suspicious circumstances associated with the individual's claim of loss or theft.

    (3) If an individual cannot present his or her TWIC for any other reason than outlined in paragraph (c)(2) of this section, he or she may not be granted unescorted access to the secure area. The individual must be under escort, as that term is defined in part 101 of this subchapter, at all times when inside of a secure area.

    (4) With the exception of persons granted access according to paragraph (c)(2) of this section, all persons granted unescorted access to secure areas of the facility must be able to produce his or her TWIC upon request.

    (5) There must be disciplinary measures in place to prevent fraud and abuse.

    (6) The facility's TWIC program should be coordinated, when practicable, with identification and TWIC access control measures of vessels or other transportation conveyances that use the facility.

    (d) If the OCS facility owner or operator uses a separate identification system, ensure that it is coordinated with identification and TWIC systems in place on vessels conducting operations with the OCS facility.

    (e) The OCS facility owner or operator must establish in the approved Facility Security Plan (FSP) the frequency of application of any access controls, particularly if they are to be applied on a random or occasional basis.

    (f) MARSEC Level 1. The OCS facility owner or operator must ensure the following security measures are implemented at the facility:

    (1) Implement TWIC as set out in paragraph (c) of this section.

    (2) Screen persons and personal effects going aboard the OCS facility for dangerous substances and devices at the rate specified in the approved FSP;

    (3) Conspicuously post signs that describe security measures currently in effect and clearly stating that:

    (i) Boarding an OCS facility is deemed valid consent to screening or inspection; and

    (ii) Failure to consent or submit to screening or inspection will result in denial or revocation of authorization to be on board;

    (4) Check the identification of any person seeking to board the OCS facility, including OCS facility employees, passengers and crews of vessels interfacing with the OCS facility, vendors, and visitors and ensure that non-TWIC holders are denied unescorted access to the OCS facility;

    (5) Deny or revoke a person's authorization to be on board if the person is unable or unwilling, upon the request of OCS facility personnel or a law enforcement officer, to establish his or her identity in accordance with this part or to account for his or her presence on board. Any such incident must be reported in compliance with this part;

    (6) Deter unauthorized access to the OCS facility;

    (7) Identify access points that must be secured or attended to deter unauthorized access;

    (8) Lock or otherwise prevent access to unattended spaces that adjoin areas to which OCS facility personnel and visitors have access;

    (9) Ensure OCS facility personnel are not required to engage in or be subjected to screening, of the person or of personal effects, by other OCS facility personnel, unless security clearly requires it;

    (10) Provide a designated secure area on board, or in liaison with a vessel interfacing with the OCS facility, for

    [[Page 3587]]

    conducting inspections and screening of people and their personal effects; and

    (11) Respond to the presence of unauthorized persons on board.

    (g) MARSEC Level 2. In addition to the security measures required for MARSEC Level 1 in this section, at MARSEC Level 2, the OCS facility owner or operator must ensure the implementation of additional security measures, as specified for MARSEC Level 2 in the approved FSP. These additional security measures may include:

    (1) Increasing the frequency and detail of screening of people and personal effects embarking onto the OCS facility as specified for MARSEC Level 2 in the approved FSP;

    (2) Assigning additional personnel to patrol deck areas during periods of reduced OCS facility operations to deter unauthorized access;

    (3) Limiting the number of access points to the OCS facility by closing and securing some access points; or

    (4) Deterring waterside access to the OCS facility, which may include, providing boat patrols.

    (h) MARSEC Level 3. In addition to the security measures required for MARSEC Level 1 and MARSEC Level 2, at MARSEC level 3, the facility owner or operator must ensure the implementation of additional security measures, as specified for MARSEC Level 3 in their approved FSP. The additional security measures may include:

    (1) Screening all persons and personal effects for dangerous substances and devices;

    (2) Being prepared to cooperate with responders;

    (3) Limiting access to the OCS facility to a single, controlled access point;

    (4) Granting access to only those responding to the security incident or threat thereof;

    (5) Suspending embarkation and/or disembarkation of personnel;

    (6) Suspending the loading of stores or industrial supplies;

    (7) Evacuating the OCS facility; or

    (8) Preparing for a full or partial search of the OCS facility.

    0 41. Add Sec. 106.262 to read as follows:

    Sec. 106.262 Security measures for newly-hired employees.

    (a) Newly-hired OCS facility employees may be granted entry to secure areas of the OCS facility for up to 30 consecutive calendar days prior to receiving their TWIC provided all of the requirements in paragraph (b) of this section are met, and provided that the new hire is accompanied by an individual with a TWIC while within the secure areas of the OCS facility. If TSA does not act upon a TWIC application within 30 days, the cognizant Coast Guard COTP may further extend access to secure areas for another 30 days. The Coast Guard will determine whether, in particular circumstances, certain practices meet the condition of a new hire being accompanied by another individual with a TWIC. The Coast Guard will issue guidance for use in making these determinations.

    (b) Newly-hired OCS facility employees may be granted the access provided for in paragraph (a) of this section if:

    (1) The new hire has applied for a TWIC in accordance with 49 CFR part 1572 by completing the full enrollment process, paying the user fee, and is not currently engaged in a waiver or appeal process. The OCS facility owner or operator or Facility Security Officer (FSO) must have th enew hire sign a statement affirming this, and must retain the signed statement until the new hire receives a TWIC;

    (2) The OCS facility owner or operator or the FSO enters the following information on the new hire into the Coast Guard's Homeport Web site (http://homeport.uscg.mil):

    (i) Full legal name, including middle name if one exists;

    (ii) Date of birth;

    (iii) Social security number (optional);

    (iv) Employer name and 24 hour contact information; and

    (v) Date of TWIC enrollment.

    (3) The new hire presents an identification credential that meets the requirements of Sec. 101.515 of this subchapter;

    (4) There are no other circumstances that would cause reasonable suspicion regarding the new hire's ability to obtain a TWIC, and the OCS facility owner or operator or FSO have not been informed by the cognizant COTP that the individual poses a security threat; and

    (5) There would be an adverse impact to OCS facility operations if the new hire is not allowed access.

    (c) This section does not apply to any individual being hired as a Company Security Officer or FSO, or any individual being hired to perform OCS facility security duties.

    (d) The new hire may not begin working at the OCS facility under the provisions of this section until the owner, operator, or FSO receives notification, via Homeport or some other means, the new hire has passed an initial name check.

    0 42. Revise Sec. 106.405(b) to read as follows:

    Sec. 106.405 Format and content of the Facility Security Plan (FSP).

    * * * * *

    (b) The FSP must describe in detail how the requirements of Subpart B of this part will be met. FSPs that have been approved by the Coast Guard prior to March 26, 2007 do not need to be amended to describe their TWIC procedures until the next regularly scheduled resubmission of the FSP.

    PART 125--IDENTIFICATION CREDENTIALS FOR PERSONS REQUIRING ACCESS TO WATERFRONT FACILITIES OR VESSELS

    0 43. The authority citation for part 125 is revised to read as follows:

    Authority: R.S. 4517, 4518, secs. 19, 2, 23 Stat. 58, 118, sec. 7, 49 Stat. 1936, sec. 1, 40 Stat. 220; 46 U.S.C. 570-572, 2, 689, and 70105; 50 U.S.C. 191, E.O. 10173, E.O. 10277, E.O. 10352, 3 CFR, 1949-1953 Comp. pp. 356, 778, 873.

    0 44. In Sec. 125.09, revise paragraph (f) and add paragraph (g) to read as follows:

    Sec. 125.09 Identification credentials.

    * * * * *

    (f) Transportation Worker Identification Credential.

    (g) Such other identification as may be approved by the Commandant from time to time.

    Title 46--Shipping

    Chapter I--Coast Guard

    PART 10--LICENSING OF MARITIME PERSONNEL

    0 45. The authority citation for part 10 continues to read as follows:

    Authority: 14 U.S.C. 633; 31 U.S.C. 9701; 46 U.S.C. 2101, 2103, and 2110; 46 U.S.C. chapter 71; 46 U.S.C. 7502, 7505, 7701, and 8906; E.O. 10173; Department of Homeland Security Delegation No. 0170.1. sec. 11.107 is also issued under the authority of 44 U.S.C. 3507.

    0 46. Add new Sec. 10.113 to read as follows:

    Sec. 10.113 Transportation Worker Identification Credential.

    By September 25, 2008 all mariners holding an active License, Certificate of Registry or STCW endorsement issued under this part must hold a valid Transportation Worker Identification Credential (TWIC) issued by the Transportation Security Administration under 49 CFR part 1572. Failure to obtain or hold a valid TWIC may serve as a basis for suspension or revocation of a mariner's license, COR or STCW endorsement under 46 U.S.C. 7702 and 7703.

    [[Page 3588]]

    PART 12--CERTIFICATION OF SEAMEN

    0 47. The authority citation for part 12 is revised to read as follows:

    Authority: 31 U.S.C. 9701; 46 U.S.C. 2101, 2103, 2110, 7301, 7302, 7503, 7505, 7701, and 70105; Department of Homeland Security Delegation No. 0170.1.

    0 48. Add new Sec. 12.01-11 to read as follows:

    Sec. 12.01-11 Transportation Worker Identification Credential.

    By September 25, 2008 all mariners holding a Merchant Mariner's Document or STCW endorsement issued under this part must hold a valid Transportation Worker Identification Credential (TWIC) issued by the Transportation Security Administration under 49 CFR part 1572. Failure to obtain or hold a valid TWIC may serve as a basis for suspension or revocation of a mariner's license, COR or STCW endorsement under 46 U.S.C. 7702 and 7703.

    PART 15--MANNING REQUIREMENTS

    0 49. The authority citation for part 15 is revised to read as follows:

    Authority: 46 U.S.C. 2101, 2103, 3306, 3703, 8101, 8102, 8104, 8105, 8301, 8304, 8502, 8503, 8701, 8702, 8901, 8902, 8903, 8904, 8905(b), 8906, 9102, and 70105; and Department of Homeland Security Delegation No. 0170.1.

    0 50. Add new Sec. 15.415 to read as follows:

    Sec. 15.415 Transportation Worker Identification Credential.

    By September 25, 2008 a person may not employ or engage an individual, and an individual may not serve in a position in which an individual is required by law or regulation to hold an active License, Merchant Mariner Document (MMD), Certificate of Registry (COR), or STCW endorsement, unless the individual holds a valid Transportation Worker Identification Credential (TWIC). All mariners holding an active License, MMD, COR or STCW endorsement issued by the Coast Guard must hold a valid TWIC issued by the Transportation Security Administration under 49 CFR part 1572.

    Title 49--Transportation

    Chapter XII--Transportation Security Administration

    Subchapter A--Administrative and Procedural Rules

    0 51. Add a new part 1515 to subchapter A to read as follows:

    PART 1515--APPEAL AND WAIVER PROCEDURES FOR SECURITY THREAT ASSESSMENTS FOR INDIVIDUALS

    Sec. 1515.1 Scope. 1515.3 Terms used in this part. 1515.5 Appeal of Initial Determination of Threat Assessment based on criminal conviction, immigration status, or mental capacity. 1515.7 Procedures for waiver of criminal offenses, immigration status, or mental capacity standards. 1515. 9 Appeal of security threat assessment based on other analyses. 1515.11 Review by administrative law judge and TSA Final Decision Maker.

    Authority: 46 U.S.C. 70105; 49 U.S.C. 114, 5103a, 40113, and 46105; 18 U.S.C. 842, 845; 6 U.S.C. 469.

    Sec. 1515.1 Scope.

    (a) Appeal. This part applies to applicants who are appealing an Initial Determination of Threat Assessment or an Initial Determination of Threat Assessment and Immediate Revocation in a security threat assessment as described in:

    (1) 49 CFR part 1572 for a hazardous materials endorsement (HME) or a Transportation Worker Identification Credential (TWIC); or

    (2) 49 CFR part 1540, Subpart C, for air cargo workers.

    (b) Waivers. This part applies to applicants for an HME or TWIC who undergo a security threat assessment described in 49 CFR part 1572 and are eligible to request a waiver of certain standards.

    Sec. 1515.3 Terms used in this part.

    The terms used in 49 CFR parts 1500, 1540, 1570, and 1572 also apply in this part. In addition, the following terms are used in this part:

    Administrative law judge means an administrative law judge appointed pursuant to the provisions of 5 U.S.C. 3105.

    Applicant means an individual who has applied for one of the security threat assessments identified in 49 CFR 1515.1. This includes an individual who previously applied for and was found to meet the standards for the security threat assessment but TSA later determined that the individual poses a security threat.

    Date of service means--

    (1) In the case of personal service, the date of personal delivery to the residential address listed on the application;

    (2) In the case of mailing with a certificate of service, the date shown on the certificate of service;

    (3) In the case of mailing and there is no certificate of service, 10 days from the date mailed to the address designated on the application as the mailing address;

    (4) In the case of mailing with no certificate of service or postmark, the date mailed to the address designated on the application as the mailing address shown by other evidence; or

    (5) The date on which an electronic transmission occurs.

    Day means calendar day.

    Final Agency Order means an order issued by the TSA Final Decision Maker.

    Decision denying a review of a waiver means a document issued by an administrative law judge denying a waiver requested under 49 CFR 1515.7.

    Mail includes U.S. mail, or use of an express courier service.

    Party means the applicant or the agency attorney.

    Personal delivery includes hand-delivery or use of a contract or express messenger service, but does not include the use of Government interoffice mail service.

    Properly addressed means a document that shows an address contained in agency records, a residential, business, or other address submitted by a person on any document provided under this subpart, or any other address shown by other reasonable and available means.

    Substantial Evidence means such relevant evidence as a reasonable person might accept as adequate to support a conclusion.

    Security threat assessment means the threat assessment for which the applicant has applied, as described in 49 CFR 1515.1.

    TSA Final Decision Maker means the Administrator, acting in the capacity of the decision maker on appeal, or any person to whom the Administrator has delegated the Administrator's decision-making authority. As used in this subpart, the TSA Final Decision Maker is the official authorized to issue a final decision and order of the Administrator.

    Sec. 1515.5 Appeal of Initial Determination of Threat Assessment based on criminal conviction, immigration status, or mental capacity.

    (a) Scope. This section applies to applicants appealing from an Initial Determination of Threat Assessment that was based on one or more of the following:

    (1) TSA has determined that an applicant for an HME or a TWIC has a disqualifying criminal offense described in 49 CFR 1572.103.

    (2) TSA has determined that an applicant for an HME or a TWIC does

    [[Page 3589]]

    not meet the immigration status requirements as described in 49 CFR 1572.105.

    (3) TSA has determined that an applicant for an HME or a TWIC is lacking mental capacity as described in 49 CFR 1572.109.

    (b) Grounds for appeal. An applicant may appeal an Initial Determination of Threat Assessment if the applicant is asserting that he or she meets the standards for the security threat assessment for which he or she is applying.

    (1) Initiating an appeal. An applicant initiates an appeal by submitting a written reply to TSA, a written request for materials from TSA, or by requesting an extension of time in accordance with Sec. 1515.5(f). If the applicant does not initiate an appeal within 60 days of receipt, the Initial Determination of Threat Assessment becomes a Final Determination of Threat Assessment.

    (i) In the case of an HME, TSA also serves a Final Determination of Threat Assessment on the licensing State.

    (ii) In the case of a mariner applying for TWIC, TSA also serves a Final Determination of Threat Assessment on the Coast Guard.

    (iii) In the case of a TWIC, TSA serves a Final Determination of Threat Assessment on the appropriate Federal Maritime Security Coordinator (FMSC).

    (2) Request for materials. Within 60 days of the date of service of the Initial Determination of Threat Assessment, the applicant may serve upon TSA a written request for copies of the materials upon which the Initial Determination was based.

    (3) TSA response. (i) Within 60 days of receiving the applicant's request for materials, TSA serves the applicant with copies of the releasable materials upon the applicant on which the Initial Determination was based. TSA will not include any classified information or other protected information described in paragraph (f) of this section.

    (ii) Within 60 days of receiving the applicant's request for materials or written reply, TSA may request additional information or documents from the applicant that TSA believes are necessary to make a Final Determination.

    (4) Correction of records. If the Initial Determination of Threat Assessment was based on a record that the applicant believes is erroneous, the applicant may correct the record, as follows:

    (i) The applicant contacts the jurisdiction or entity responsible for the information and attempts to correct or complete information contained in his or her record.

    (ii) The applicant provides TSA with the revised record, or a certified true copy of the information from the appropriate entity, before TSA determines that the applicant meets the standards for the security threat assessment.

    (5) Reply. (i) The applicant may serve upon TSA a written reply to the Initial Determination of Threat Assessment within 60 days of service of the Initial Determination, or 60 days after the date of service of TSA's response to the applicant's request for materials under paragraph (b)(1) of this section, if the applicant served such request. The reply must include the rationale and information on which the applicant disputes TSA's Initial Determination.

    (ii) In an applicant's reply, TSA will consider only material that is relevant to whether the applicant meets the standards applicable for the security threat assessment for which the applicant is applying.

    (6) Final determination. Within 60 days after TSA receives the applicant's reply, TSA serves a Final Determination of Threat Assessment or a Withdrawal of the Initial Determination as provided in paragraphs (c) or (d) of this section.

    (c) Final Determination of Threat Assessment. (1) If the Assistant Administrator concludes that an HME or TWIC applicant does not meet the standards described in 49 CFR 1572.103, 1572.105, or 1572.109, TSA serves a Final Determination of Threat Assessment upon the applicant. In addition--

    (i) In the case of an HME, TSA serves a Final Determination of Threat Assessment on the licensing State.

    (ii) In the case of a TWIC, TSA serves a Final Determination of Threat Assessment on the Coast Guard.

    (2) The Final Determination includes a statement that the Assistant Administrator has reviewed the Initial Determination, the applicant's reply and any accompanying information, and any other materials or information available to him or her, and has determined that the applicant poses a security threat warranting denial of the security threat assessment for which the applicant has applied.

    (d) Withdrawal of Initial Determination. If the Assistant Administrator or Assistant Secretary concludes that the applicant does not pose a security threat, TSA serves a Withdrawal of the Initial Determination upon the applicant, and the applicant's employer where applicable.

    (e) Nondisclosure of certain information. In connection with the procedures under this section, TSA does not disclose classified information to the applicant, as defined in E.O. 12968 sec. 1.1(d), and reserves the right not to disclose any other information or material not warranting disclosure or protected from disclosure under law.

    (f) Extension of time. TSA may grant an applicant an extension of time of the limits for good cause shown. An applicant's request for an extension of time must be in writing and be received by TSA within a reasonable time before the due date to be extended; or an applicant may request an extension after the expiration of a due date by sending a written request describing why the failure to file within the time limits was excusable. TSA may grant itself an extension of time for good cause.

    (h) Judicial review. For purposes of judicial review, the Final Determination of Threat Assessment constitutes a final TSA order of the determination that the applicant does not meet the standards for a security threat assessment, in accordance with 49 U.S.C. 46110. The Final Determination is not a final TSA order to grant or deny a waiver, the procedures for which are in 49 CFR 1515.7 and 1515.11.

    (i) Appeal of immediate revocation. If TSA directs an immediate revocation, the applicant may appeal this determination by following the appeal procedures described in paragraph (b) of this section. This applies--

    (1) If TSA directs a State to revoke an HME pursuant to 49 CFR 1572.13(a).

    (2) If TSA invalidates a TWIC by issuing an Initial Determination of Threat Assessment and Immediate Revocation pursuant to 49 CFR 1572.21(d)(3).

    Sec. 1515.7 Procedures for waiver of criminal offenses, immigration status, or mental capacity standards.

    (a) Scope. This section applies to the following applicants:

    (i) An applicant for an HME or TWIC who has a disqualifying criminal offense described in 49 CFR 1572.103(a)(5) through (a)(12) or 1572.103(b) and who requests a waiver.

    (ii) An applicant for an HME or TWIC who is an alien under temporary protected status as described in 49 CFR 1572.105 and who requests a waiver.

    (iii) An applicant applying for an HME or TWIC who lacks mental capacity as described in 49 CFR 1572.109 and who requests a waiver.

    (b) Grounds for waiver. TSA may issue a waiver of the standards described in paragraph (a) and grant an HME or TWIC if TSA determines that an applicant does not pose a security threat based on a review of information described in paragraph (c) of this section.

    [[Page 3590]]

    (c) Initiating waiver. (1) An applicant initiates a waiver as follows:

    (i) Providing to TSA the information required in 49 CFR 1572.9 for an HME or 49 CFR 1572.17 for a TWIC.

    (ii) Paying the fees required in 49 CFR 1572.405 for an HME or in 49 CFR 1572.501 for a TWIC.

    (iii) Sending a written request to TSA for a waiver at any time, but not later than 60 days after the date of service of the Final Determination of Threat Assessment. The applicant may request a waiver during the application process, or may first pursue some or all of the appeal procedures in 49 CFR 1515.5 to assert that he or she does not have a disqualifying condition.

    (2) In determining whether to grant a waiver, TSA will consider the following factors, as applicable to the disqualifying condition:

    (i) The circumstances of the disqualifying act or offense.

    (ii) Restitution made by the applicant.

    (iii) Any Federal or State mitigation remedies.

    (iv) Court records or official medical release documents indicating that the applicant no longer lacks mental capacity.

    (v) Other factors that indicate the applicant does not pose a security threat warranting denial of the HME or TWIC.

    (d) Grant or denial of waivers. (1) The Assistant Administrator will send a written decision granting or denying the waiver to the applicant within 60 days of service of the applicant's request for a waiver, or longer period as TSA may determine for good cause.

    (2) In the case of an HME, if the Assistant Administrator grants the waiver, the Assistant Administrator will send a Determination of No Security Threat to the licensing State within 60 days of service of the applicant's request for a waiver, or longer period as TSA may determine for good cause.

    (3) In the case of a mariner applying for a TWIC, if the Assistant Administrator grants the waiver, the Assistant Administrator will send a Determination of No Security Threat to the Coast Guard within 60 days of service of the applicant's request for a waiver, or longer period as TSA may determine for good cause.

    (4) If the Assistant Administrator denies the waiver the applicant may seek review in accordance with 49 CFR 1515.11. A denial of a waiver under this section does not constitute a final order of TSA as provided in 49 U.S.C. 46110.

    (e) Extension of time. TSA may grant an applicant an extension of the time limits for good cause shown. An applicant's request for an extension of time must be in writing and be received by TSA within a reasonable time before the due date to be extended; or an applicant may request an extension after the expiration of a due date by sending a written request describing why the failure to file within the time limits was excusable. TSA may grant itself an extension of time for good cause.

    Sec. 1515.9 Appeal of security threat assessment based on other analyses.

    (a) Scope. This section applies to an applicant appealing an Initial Determination of Threat Assessment as follows:

    (1) TSA has determined that the applicant for an HME or TWIC poses a security threat as provided in 49 CFR 1572.107.

    (2) TSA had determined that an air cargo worker poses a security threat as provided in 49 CFR 1540.205.

    (b) Grounds for appeal. An applicant may appeal an Initial Determination of Threat Assessment if the applicant is asserting that he or she does not pose a security threat. The appeal will be conducted in accordance with the procedures set forth in 49 CFR 1515.5(b), (e), and (f) and this section.

    (c) Final Determination of Threat Assessment. (1) If the Assistant Administrator concludes that the applicant poses a security threat, following an appeal, TSA serves a Final Determination of Threat Assessment upon the applicant. In addition--

    (i) In the case of an HME, TSA serves a Final Determination of Threat Assessment on the licensing State.

    (ii) In the case of a TWIC, TSA serves a Final Determination of Threat Assessment on the Coast Guard.

    (iii) In the case of an air cargo worker, TSA serves a Final Determination of Threat Assessment on the operator.

    (2) The Final Determination includes a statement that the Assistant Administrator has reviewed the Initial Determination, the applicant's reply and any accompanying information, and any other materials or information available to him or her, and has determined that the applicant poses a security threat warranting denial of the security threat assessment for which the applicant has applied.

    (d) Withdrawal of Initial Determination. If the Assistant Administrator concludes that the applicant does not pose a security threat, TSA serves a Withdrawal of the Initial Determination upon the applicant, and the applicant's employer where applicable.

    (e) Further review. If the Assistant Administrator denies the appeal, the applicant may seek review in accordance with Sec. 1515.11 of this part. A Final Determination issued under this section does not constitute a final order of TSA as provided in 49 U.S.C. 46110.

    (f) Appeal of immediate revocation. If TSA directs an immediate revocation, the applicant may appeal this determination by following the appeal procedures described in paragraph (b) of this section. This applies--

    (1) If TSA directs a State to revoke an HME pursuant to 49 CFR 1572.13(a).

    (2) If TSA invalidates a TWIC by issuing an Initial Determination of Threat Assessment and Immediate Revocation pursuant to 49 CFR 1572.21(d)(3).

    (3) If TSA withdraws a Determination of No Threat issued for an air cargo worker.

    Sec. 1515.11 Review by administrative law judge and TSA Final Decision Maker.

    (a) Scope. This section applies to the following applicants:

    (1) An applicant who seeks review of a decision by TSA denying a request for a waiver under 49 CFR 1515.7.

    (2) An applicant for an HME or a TWIC who has been issued a Final Determination of Threat Assessment on the grounds that he or she poses a security threat after an appeal as described in 49 CFR 1515.9.

    (3) An air cargo worker who has been issued a Final Determination of Threat Assessment after an appeal as described in 49 CFR 1515.9.

    (b) Request for review. No later than 30 calendar days from the date of service of the decision by TSA denying a waiver or of the Final Determination of Threat Assessment, the applicant may request a review. The review will be conducted by an administrative law judge who possesses the appropriate security clearance necessary to review classified or otherwise protected information and evidence. If the applicant fails to seek review within 30 calendar days, the Final Determination of Threat Assessment will be final with respect to the parties.

    (1) The request for review must clearly state the issue(s) to be considered by the administrative law judge (ALJ), and include the following documents in support of the request:

    (i) In the case of a review of a denial of waiver, a copy of the applicant's request for a waiver under 49 CFR 1515.7, including all materials provided by the applicant to TSA in support of the waiver request; and a copy of the decision issued by TSA denying the waiver request. The request for review may not include evidence or information that was not presented to TSA in the appeal under Sec. 1515.9. The ALJ may consider only evidence or

    [[Continued on page 3591]]

    From the Federal Register Online via GPO Access [wais.access.gpo.gov] ]

    [[pp. 3591-3604]] Transportation Worker Identification Credential (TWIC) Implementation in the Maritime Sector; Hazardous Materials Endorsement for a Commercial Driver's License

    [[Continued from page 3590]]

    [[Page 3591]]

    information that was presented to TSA in the appeal. If the applicant has new evidence or information, the applicant must file a new appeal under Sec. 1515.9 and the pending request for review of the Final Determination will be dismissed.

    (ii) In the case of a review of a Final Determination of Threat Assessment, a copy of the Initial Notification of Threat Assessment and Final Notification of Threat Assessment; and a copy of the applicant's appeal under 49 CFR 1515.9, including all materials provided by the applicant to TSA in support of the appeal. The request for review may not include evidence or information that was not presented to TSA in the appeal under Sec. 1515.9. The ALJ may consider only evidence or information that was presented to TSA in the appeal. If the applicant has new evidence or information, the applicant must file a new appeal under Sec. 1515.9 and the pending request for review of the Final Determination will be dismissed.

    (2) The applicant may include in the request for review a request for an in-person hearing before the ALJ.

    (3) The applicant must file the request for review with the ALJ Docketing Center, U.S. Coast Guard, 40 S. Gay Street, Room 412, Baltimore, Maryland 21202-4022, ATTN: Hearing Docket Clerk.

    (c) Extension of Time. The ALJ may grant an extension of the time limits described in this section for good cause shown. A request for an extension of time must be in writing and be received by the ALJ within a reasonable time before the due date to be extended; or an applicant may request an extension after the expiration of a due date by sending a written request describing why the failure to file within the time limits was excusable. This paragraph does not apply to time limits set by the administrative law judge during the hearing.

    (d) Duties of the Administrative Law Judge. The ALJ may:

    (1) Receive information and evidence presented to TSA in the request for a waiver under 49 CFR 1515.7 or an appeal under 49 CFR 1515.9.

    (2) Consider the following criteria to determine whether a request for an in-person hearing is warranted:

    (i) The credibility of evidence or information submitted in the applicant's request for a waiver; and

    (ii) Whether TSA's waiver denial was made in accordance with the governing regulations codified at 49 CFR part 1515 and 49 CFR part 1572.

    (3) Give notice of and hold conferences and hearings;

    (4) Administer oaths and affirmations;

    (5) Examine witnesses;

    (6) Regulate the course of the hearing including granting extensions of time limits; and

    (7) Dispose of procedural motions and requests, and issue a decision.

    (e) Hearing. If the ALJ grants a request for a hearing, except for good cause shown, it will begin within 60 calendar days of the date of receipt of the request for hearing. The hearing is a limited discovery proceeding and is conducted as follows:

    (1) If applicable and upon request, TSA will provide to the applicant requesting a review an unclassified summary of classified evidence upon which the denial of the waiver or Final Determination was based.

    (i) TSA will not disclose to the applicant, or the applicant's counsel, classified information, as defined in E.O. 12968 section 1.1(d).

    (ii) TSA reserves the right not to disclose any other information or material not warranting disclosure or protected from disclosure by law or regulation.

    (2) The applicant may present the case by oral testimony, documentary, or demonstrative evidence, submit rebuttal evidence, and conduct cross-examination, as permitted by the ALJ. Oral testimony is limited to the evidence or information that was presented to TSA in the request for a waiver or during the appeal. The Federal Rules of Evidence may serve as guidance, but are not binding.

    (3) The ALJ will review any classified information on an ex parte, in camera basis, and may consider such information in rendering a decision if the information appears to be material and relevant.

    (4) The standard of proof is substantial evidence on the record.

    (5) The parties may submit proposed findings of fact and conclusions of law.

    (6) If the applicant fails to appear, the ALJ may issue a default judgment.

    (7) A verbatim transcript will be made of the hearing and will be provided upon request at the expense of the requesting party. In cases in which classified or otherwise protected evidence is received, the transcript may require redaction of the classified or otherwise protected information.

    (8) The hearing will be held at TSA's Headquarters building or, on request of a party, at an alternate location selected by the administrative law judge for good cause shown.

    (f) Decision of the Administrative Law Judge. (1) The record is closed once the certified transcript and all documents and materials have been submitted for the record.

    (2) The ALJ issues an unclassified written decision to the applicant no later than 30 calendar days from the close of the record and serves the decision on the parties. The ALJ may issue a classified decision to TSA.

    (3) The ALJ's decision may be appealed by either party to the TSA Final Decision Maker in accordance with paragraph (g).

    (i) In the case of review of a waiver denial, unless appealed to the TSA Final Decision Maker, if the ALJ upholds the denial of the applicant's request for waiver, TSA will issue a Final Order Denying a Waiver to the applicant.

    (ii) In the case of review of a waiver denial, unless appealed to the TSA Final Decision Maker, if the ALJ reverses the denial of the applicant's request for waiver, TSA will issue a Final Order granting a waiver to the applicant; and

    (A) In the case of an HME, send a Determination of No Security Threat to the licensing State.

    (B) In the case applicant for a TWIC, send a Determination of No Security Threat to the Coast Guard.

    (C) In the case of an air cargo worker, send a Determination of No Security Threat to the operator.

    (iii) In the case of review of an appeal under 49 CFR 1515.9, unless appealed to the TSA Final Decision Maker, if the ALJ determines that the applicant poses a security threat, TSA will issue a Final Order of Threat Assessment to the applicant.

    (iv) In the case of review of an appeal under 49 CFR 1515.9, unless appealed to the TSA Final Decision Maker, if the ALJ determines that the applicant does not pose a security threat, TSA will issue a Withdrawal of the Final Determination to the applicant, and to the applicant's employer where applicable.

    (g) Review by the TSA Final Decision Maker. (1) Either party may request that the TSA Final Decision Maker review the ALJ's decision by serving the request no later than 30 calendar days after the date of service of the decision of the ALJ.

    (i) The request must be in writing, served on the other party, and may only address whether the decision is supported by substantial evidence on the record.

    (ii) No later than 30 calendar days after receipt of the request, the other party may file a response.

    (2) The ALJ will provide the TSA Final Decision Maker with a certified transcript of the hearing and all unclassified documents and material submitted for the record. TSA will

    [[Page 3592]]

    provide any classified materials previously submitted.

    (3) No later than 60 calendar days after receipt of the request, or if the other party files a response, 30 calendar days after receipt of the response, or such longer period as may be required, the TSA Final Decision Maker issues an unclassified decision and serves the decision on the parties. The TSA Final Decision Maker may issue a classified opinion to TSA, if applicable. The decision of the TSA Final Decision Maker is a final agency order.

    (i) In the case of review of a waiver denial, if the TSA Final Decision Maker upholds the denial of the applicant's request for waiver, TSA issues a Final Order Denying a Waiver to the applicant.

    (ii) In the case of review of a waiver denial, if the TSA Final Decision Maker reverses the denial of the applicant's request for waiver, TSA will grant the waiver; and

    (A) In the case of an HME, send a Determination of No Security Threat to the applicant and to the licensing State.

    (B) In the case of a TWIC, send a Determination of No Security Threat to the applicant and to the Coast Guard.

    (C) In the case of an air cargo worker, send a Determination of No Security Threat to the applicant and the operator.

    (iii) In the case of review of an appeal under 49 CFR 1515.9, if the TSA Final Decision Maker determines that the applicant poses a security threat, TSA will issue a Final Order of Threat Assessment to the applicant.

    (iv) In the case of review of an appeal under 49 CFR 1515.9, if the TSA Final Decision Maker determines that the applicant does not pose a security threat, TSA will issue a Withdrawal of the Final Determination to the applicant, and to the applicant's employer where applicable.

    (h) Judicial Review of a Final Order Denying a Waiver. A person may seek judicial review of a final order of the TSA Final Decision Maker as provided in 49 U.S.C. 46110.

    0 52. Revise subpart C, part 1540 to read as follows: Subpart C--Security Threat Assessments Sec. 1540.201 Applicability and terms used in this subpart. 1540.203 Operator responsibilities. 1540.205 Procedures for security threat assessment. 1540.207 [Reserved] 1540.209 Security threat assessment fee.

    Subpart C--Security Threat Assessments

    Sec. 1540.201 Applicability and terms used in this subpart.

    (a) This subpart includes the procedures that certain aircraft operators, foreign air carriers, and indirect air carriers must use to have security threat assessments done on certain individuals pursuant to 49 CFR 1544.228, 1546.213, 1548.7, 1548.15, and 1548.16. This subpart applies to the following:

    (1) Each aircraft operator operating under a full program or full all-cargo program described in 49 CFR 1544.101(a) or (h).

    (2) Each foreign air carrier operating under a program described in 49 CFR 1546.101(a), (b), or (e).

    (3) Each indirect air carrier operating under a security program described in 49 CFR part 1548.

    (4) Each individual with, or applying for, unescorted access to cargo under one of the programs described in (a)(1) through (a)(3) of this section.

    (5) Each proprietor, general partner, officer, director, or owner of an indirect air carrier as described in 49 CFR 1548.16.

    (b) For purposes of this subpart--

    Applicant means the individuals listed in paragraph (a)(4) and (a)(5) of this section.

    Operator means an aircraft operator, foreign air carrier, and indirect air carrier listed in paragraphs (a)(1) through (a)(3) of this section.

    (c) An applicant poses a security threat under this subpart when TSA determines that he or she is known to pose or suspected of posing a threat--

    (1) To national security;

    (2) To transportation security; or

    (3) Of terrorism.

    Sec. 1540.203 Operator responsibilities.

    (a) Each operator subject to this subpart must ensure that each applicant described in Sec. 1540.201(a)(4) and (a)(5) completes the Security Threat Assessment described in this section.

    (b) Each operator must:

    (1) Authenticate the identity of the applicant by--

    (i) Reviewing two forms of identification, one of which must be a government-issued picture identification; or

    (ii) Other means approved by TSA.

    (2) Submit to TSA a Security Threat Assessment application for each applicant that is signed by the applicant and that includes:

    (i) Legal name, including first, middle, and last; any applicable suffix; and any other names used previously.

    (ii) Current mailing address, including residential address if it differs from the current mailing address, and all other residential addresses for the previous five years, and e-mail address, if the individual has an e-mail address.

    (iii) Date and place of birth.

    (iv) Social security number (submission is voluntary, although failure to provide it may delay or prevent completion of the threat assessment).

    (v) Gender.

    (vi) Country of citizenship, and if naturalized in the United States, date of naturalization and certificate number.

    (vii) Alien registration number, if applicable.

    (viii) The following statement reading:

    Privacy Act Notice: Authority: The authority for collecting this information is 49 U.S.C. 114, 40113, and 49 U.S.C. 5103a. Purpose: This information is needed to verify your identity and to conduct a Security Threat Assessment to evaluate your suitability for completing the functions required by this position. Failure to furnish your SSN may result in delays in processing your application, but will not prevent completion of your Security Threat Assessment. Furnishing the other information is also voluntary; however, failure to provide it may delay or prevent the completion of your Security Threat Assessment, without which you may not be granted authorization to have unescorted access to air cargo subject to TSA security requirements. Routine Uses: Routine uses of this information include disclosure to TSA contractors or other agents who are providing services relating to the Security Threat Assessments; to appropriate governmental agencies for law enforcement or security purposes, or in the interests of national security; and to foreign and international governmental authorities in accordance with law and international agreement. For further information, please consult DHS/TSA 002 Transportation Security Threat Assessment System.

    The information I have provided on this application is true, complete, and correct to the best of my knowledge and belief and is provided in good faith. I understand that a knowing and willful false statement, or an omission of a material fact, on this application can be punished by fine or imprisonment or both (see section 1001 of Title 18 United States Code), and may be grounds for denial of authorization or in the case of parties regulated under this section, removal of authorization to operate under this chapter, if applicable.

    (3) Retain the applicant's signed Security Threat Assessment application, and any communications with TSA regarding the applicant's application, for 180 days following the end of the applicant's service to the operator.

    (c) Records under this section may include electronic documents with electronic signature or other means of

    [[Page 3593]]

    personal authentication, where accepted by TSA.

    Sec. 1540.205 Procedures for security threat assessment.

    (a) Contents of security threat assessment. The security threat assessment TSA conducts includes an intelligence-related check and a final disposition.

    (b) Intelligence-related check. To conduct an intelligence-related check, TSA completes the following procedures:

    (1) Reviews the applicant information required in 49 CFR 1540.203(b);

    (2) Searches domestic and international Government databases to determine if an applicant meets the requirements of 49 CFR 1540.201(c) or to confirm an applicant's identity; and

    (3) Adjudicates the results in accordance with 49 CFR 1540.201(c).

    (c) Final disposition. Following completion of the procedures described in paragraph (b), the following procedures apply, as appropriate:

    (1) TSA serves a Determination of No Security Threat on the applicant and the operator, if TSA determines that the applicant meets the security threat assessment standards in 49 CFR 1540.201(c).

    (2) TSA serves an Initial Determination of Threat Assessment on the applicant and the operator, if TSA determines that the applicant does not meet the security threat assessment standards in 49 CFR 1540.201(c). The Initial Determination of Threat Assessment includes--

    (i) A statement that TSA has determined that the applicant poses a security threat;

    (ii) The basis for the determination;

    (iii) Information about how the applicant may appeal the determination, as described in 49 CFR 1515.9; and

    (iv) A statement that if the applicant chooses not to appeal TSA's determination within 60 days of receipt of the Initial Determination, or does not request an extension of time within 60 days of the Initial Determination of Threat Assessment in order to file an appeal, the Initial Determination becomes a Final Determination of Security Threat Assessment.

    (3) If the applicant does not appeal the Initial Determination of Threat Assessment, TSA serves a Final Determination of Threat Assessment on the operator and the applicant.

    (e) Withdrawal by TSA. TSA serves a Withdrawal of the Initial Determination of Threat Assessment on the individual and a Determination of No Security Threat on the operator, if the appeal results in a determination that the individual does not pose a security threat.

    Sec. 1540.207 [Reserved].

    Sec. 1540.209 Security threat assessment fee.

    (a) Imposition of fees. The fee of $28 is required for TSA to conduct a security threat assessment for an applicant.

    (b) Remittance of fees. (1) The fee required under this subpart must be remitted to TSA, in a form and manner acceptable to TSA, each time the applicant or an aircraft operator, foreign air carrier, or indirect air carrier submits the information required under Sec. 1540.203 to TSA.

    (2) Fees remitted to TSA under this subpart must be payable to the ''Transportation Security Administration'' in U.S. currency and drawn on a U.S. bank.

    (3) TSA will not issue any fee refunds, unless a fee was paid in error.

    Subchapter D--Maritime and Land Transportation Security

    0 53. Revise part 1570 to read as follows:

    PART 1570--GENERAL RULES

    Sec. 1570.1 Scope. 1570.3 Terms used in this subchapter. 1570.5 Fraud and intentional falsification of records. 1570.7 Fraudulent use or manufacture; responsibilities of persons. 1570.9 Inspection of credential. 1570.11 Compliance, inspection, and enforcement.

    Authority: 46 U.S.C. 70105; 49 U.S.C. 114, 5103a, 40113, and 46105; 18 U.S.C. 842, 845; 6 U.S.C. 469.

    Sec. 1570.1 Scope.

    This part applies to any person involved in land or maritime transportation as specified in this subchapter.

    Sec. 1570.3 Terms used in this subchapter.

    For purposes of this subchapter:

    Adjudicate means to make an administrative determination of whether an applicant meets the standards in this subchapter, based on the merits of the issues raised.

    Alien means any person not a citizen or national of the United States.

    Alien registration number means the number issued by the U.S. Department of Homeland Security to an individual when he or she becomes a lawful permanent resident of the United States or attains other lawful, non-citizen status.

    Applicant means a person who has applied for one of the security threat assessments identified in this subchapter.

    Assistant Administrator for Threat Assessment and Credentialing (Assistant Administrator) means the officer designated by the Assistant Secretary to administer the appeal and waiver programs described in this part, except where the Assistant Secretary is specifically designated in this part to administer the appeal or waiver program. The Assistant Administrator may appoint a designee to assume his or her duties.

    Assistant Secretary means Assistant Secretary for Homeland Security, Transportation Security Administration (Assistant Secretary), the highest ranking TSA official, or his or her designee, and who is responsible for making the final determination on the appeal of an intelligence-related check under this part.

    Commercial drivers license (CDL) is used as defined in 49 CFR 383.5.

    Convicted means any plea of guilty or nolo contendere, or any finding of guilt, except when the finding of guilt is subsequently overturned on appeal, pardoned, or expunged. For purposes of this subchapter, a conviction is expunged when the conviction is removed from the individual's criminal history record and there are no legal disabilities or restrictions associated with the expunged conviction, other than the fact that the conviction may be used for sentencing purposes for subsequent convictions. In addition, where an individual is allowed to withdraw an original plea of guilty or nolo contendere and enter a plea of not guilty and the case is subsequently dismissed, the individual is no longer considered to have a conviction for purposes of this subchapter.

    Determination of No Security Threat means an administrative determination by TSA that an individual does not pose a security threat warranting denial of an HME or a TWIC.

    Federal Maritime Security Coordinator (FMSC) has the same meaning as defined in 46 U.S.C. 70103(a)(2)(G); is the Captain of the Port (COTP) exercising authority for the COTP zones described in 33 CFR part 3, and is the Port Facility Security Officer as described in the International Ship and Port Facility Security (ISPS) Code, part A.

    Final Determination of Threat Assessment means a final administrative determination by TSA, including the resolution of related appeals, that an individual poses a security threat warranting denial of an HME or a TWIC.

    [[Page 3594]]

    Hazardous materials endorsement (HME) means the authorization for an individual to transport hazardous materials in commerce, an indication of which must be on the individual's commercial driver's license, as provided in the Federal Motor Carrier Safety Administration (FMCSA) regulations in 49 CFR part 383.

    Imprisoned or imprisonment means confined to a prison, jail, or institution for the criminally insane, on a full-time basis, pursuant to a sentence imposed as the result of a criminal conviction or finding of not guilty by reason of insanity. Time spent confined or restricted to a half-way house, treatment facility, or similar institution, pursuant to a sentence imposed as the result of a criminal conviction or finding of not guilty by reason of insanity, does not constitute imprisonment for purposes of this rule.

    Incarceration means confined or otherwise restricted to a jail-type institution, half-way house, treatment facility, or another institution, on a full or part-time basis, pursuant to a sentence imposed as the result of a criminal conviction or finding of not guilty by reason of insanity.

    Initial Determination of Threat Assessment means an initial administrative determination by TSA that an individual poses pose a security threat warranting denial of an HME or a TWIC.

    Initial Determination of Threat Assessment and Immediate Revocation means an initial administrative determination that an individual poses a security threat that warrants immediate revocation of an HME or invalidation of a TWIC. In the case of an HME, the State must immediately revoke the HME if TSA issues an Initial Determination of Threat Assessment and Immediate Revocation. In the case of a TWIC, TSA invalidates the TWIC when TSA issues an Initial Determination of Threat Assessment and Immediate Revocation.

    Invalidate means the action TSA takes to make a credential inoperative when it is reported as lost, stolen, damaged, no longer needed, or when TSA determines an applicant does not meet the security threat assessment standards of 49 CFR part 1572.

    Lawful permanent resident means an alien lawfully admitted for permanent residence, as defined in 8 U.S.C. 1101(a)(20).

    Maritime facility has the same meaning as ``facility'' together with ``OCS facility'' (Outer Continental Shelf facility), as defined in 33 CFR 101.105.

    Mental health facility means a mental institution, mental hospital, sanitarium, psychiatric facility, and any other facility that provides diagnoses by licensed professionals of mental retardation or mental illness, including a psychiatric ward in a general hospital.

    National of the United States means a citizen of the United States, or a person who, though not a citizen, owes permanent allegiance to the United States, as defined in 8 U.S.C. 1101(a)(22), and includes American Samoa and Swains Island.

    Owner/operator with respect to a maritime facility or a vessel has the same meaning as defined in 33 CFR 101.105.

    Revocation means the termination, deactivation, rescission, invalidation, cancellation, or withdrawal of the privileges and duties conferred by an HME or TWIC, when TSA determines an applicant does not meet the security threat assessment standards of 49 CFR part 1572.

    Secure area means the area on board a vessel or at a facility or outer continental shelf facility, over which the owner/operator has implemented security measures for access control, as defined by a Coast Guard approved security plan. It does not include passenger access areas or public access areas, as those terms are defined in 33 CFR 104.106 and 105.106 respectively. Vessels operating under the waivers provided for at 46 U.S.C. 8103(b)(3)(A) or (B) have no secure areas. Facilities subject to 33 CFR chapter I, subchapter H, part 105 may, with approval of the Coast Guard, designate only those portions of their facility that are directly connected to maritime transportation or are at risk of being involved in a transportation security incident as their secure areas.

    Security threat means an individual whom TSA determines or suspects of posing a threat to national security; to transportation security; or of terrorism.

    Sensitive security information (SSI) means information that is described in, and must be managed in accordance with, 49 CFR part 1520.

    State means a State of the United States and the District of Columbia.

    Transportation Worker Identification Credential (TWIC) means a Federal biometric credential, issued to an individual, when TSA determines that the individual does not pose a security threat.

    Withdrawal of Initial Determination of Threat Assessment is the document that TSA issues after issuing an Initial Determination of Security Threat, when TSA determines that an individual does not pose a security threat that warrants denial of an HME or TWIC.

    Sec. 1570.5 Fraud and intentional falsification of records.

    No person may make, cause to be made, attempt, or cause to attempt any of the following:

    (a) Any fraudulent or intentionally false statement in any record or report that is kept, made, or used to show compliance with the subchapter, or exercise any privileges under this subchapter.

    (b) Any reproduction or alteration, for fraudulent purpose, of any record, report, security program, access medium, or identification medium issued under this subchapter or pursuant to standards in this subchapter.

    Sec. 1570.7 Fraudulent use or manufacture; responsibilities of persons.

    (a) No person may use or attempt to use a credential, security threat assessment, access control medium, or identification medium issued or conducted under this subchapter that was issued or conducted for another person.

    (b) No person may make, produce, use or attempt to use a false or fraudulently created access control medium, identification medium or security threat assessment issued or conducted under this subchapter.

    (c) No person may tamper or interfere with, compromise, modify, attempt to circumvent, or circumvent TWIC access control procedures.

    (d) No person may cause or attempt to cause another person to violate paragraphs (a)-(c) of this section.

    Sec. 1570.9 Inspection of credential.

    (a) Each person who has been issued or possesses a TWIC must present the TWIC for inspection upon a request from TSA, the Coast Guard, or other authorized DHS representative; an authorized representative of the National Transportation Safety Board; or a Federal, State, or local law enforcement officer.

    (b) Each person who has been issued or who possesses a TWIC must allow his or her TWIC to be read by a reader and must submit his or her reference biometric, such as a fingerprint, and any other required information, such as a PIN, to the reader, upon a request from TSA, the Coast Guard, other authorized DHS representative; or a Federal, State, or local law enforcement officer.

    Sec. 1570.11 Compliance, inspection, and enforcement.

    (a) Each owner/operator must allow TSA, at any time or place, to make any inspections or tests, including copying records, to determine compliance of an owner/operator with--

    [[Page 3595]]

    (1) This subchapter and part 1520 of this chapter; and

    (2) 46 U.S.C. 70105 and 49 U.S.C. 114.

    (b) At the request of TSA, each owner/operator must provide evidence of compliance with this subchapter and part 1520 of this chapter, including copies of records.

    0 54. Revise part 1572 to read as follows:

    PART 1572--CREDENTIALING AND SECURITY THREAT ASSESSMENTS

    Subpart A--Procedures and General Standards Sec. 1572.1 Applicability. 1572.3 Scope. 1572.5 Standards for security threat assessments. 1572.7 [Reserved] 1572.9 Applicant information required for HME security threat assessment. 1572.11 Applicant responsibilities for HME security threat assessment. 1572.13 State responsibilities for issuance of hazardous materials endorsement. 1572.15 Procedures for HME security threat assessment. 1572.17 Applicant information required for TWIC security threat assessment. 1572.19 Applicant responsibilities for a TWIC security threat assessment. 1572.21 Procedures for TWIC security threat assessment. 1572.23 TWIC expiration. 1572.24-1572.40 [Reserved] Subpart B--Qualification Standards for Security Threat Assessments 1572.101 Scope. 1572.103 Disqualifying criminal offenses. 1572.105 Immigration status. 1572.107 Other analyses. 1572.109 Mental capacity. 1572.111-1572.139 [Reserved] Subpart C--Transportation of Hazardous Materials From Canada or Mexico To and Within the United States by Land Modes 1572.201 Transportation of hazardous materials via commercial motor vehicle from Canada or Mexico to and within the United States. 1572.203 Transportation of explosives from Canada to the United States via railroad carrier. Subpart D--[Reserved] Subpart E--Fees for Security Threat Assessments for Hazmat Drivers 1572.400 Scope and definitions. 1572.401 Fee collection options. 1572.403 Procedures for collection by States. 1572.405 Procedures for collection by TSA. Subpart F--Fees for Security Threat Assessments for Transportation Worker Identification Credential (TWIC) 1572.500 Scope. 1572.501 Fee collection.

    Authority: 46 U.S.C. 70105; 49 U.S.C. 114, 5103a, 40113, and 46105; 18 U.S.C. 842, 845; 6 U.S.C. 469.

    Subpart A--Procedures and General Standards

    Sec. 1572.1 Applicability.

    This part establishes regulations for credentialing and security threat assessments for certain maritime and land transportation workers.

    Sec. 1572.3 Scope.

    This part applies to--

    (a) State agencies responsible for issuing a hazardous materials endorsement (HME); and

    (b) An applicant who--

    (1) Is qualified to hold a commercial driver's license under 49 CFR parts 383 and 384, and is applying to obtain, renew, or transfer an HME; or

    (2) Is applying to obtain or renew a TWIC in accordance with 33 CFR parts 104 through 106 or 46 CFR part 10.

    Sec. 1572.5 Standards for security threat assessments.

    (a) Standards. TSA determines that an applicant poses a security threat warranting denial of an HME or TWIC, if--

    (1) The applicant has a disqualifying criminal offense described in 49 CFR 1572.103;

    (2) The applicant does not meet the immigration status requirements described in 49 CFR 1572.105;

    (3) TSA conducts the analyses described in 49 CFR 1572.107 and determines that the applicant poses a security threat; or

    (4) The applicant has been adjudicated as lacking mental capacity or committed to a mental health facility, as described in 49 CFR 1572.109.

    (b) Immediate Revocation/Invalidation. TSA may invalidate a TWIC or direct a State to revoke an HME immediately, if TSA determines during the security threat assessment that an applicant poses an immediate threat to transportation security, national security, or of terrorism.

    (c) Violation of FMCSA Standards. The regulations of the Federal Motor Carrier Safety Administration (FMCSA) provide that an applicant is disqualified from operating a commercial motor vehicle for specified periods, if he or she has an offense that is listed in the FMCSA rules at 49 CFR 383.51. If records indicate that an applicant has committed an offense that would disqualify the applicant from operating a commercial motor vehicle under 49 CFR 383.51, TSA will not issue a Determination of No Security Threat until the State or the FMCSA determine that the applicant is not disqualified under that section.

    (d) Waiver. In accordance with the requirements of Sec. 1515.7, applicants may apply for a waiver of certain security threat assessment standards.

    (e) Comparability of Other Security Threat Assessment Standards. TSA may determine that security threat assessments conducted by other governmental agencies are comparable to the threat assessment described in this part, which TSA conducts for HME and TWIC applicants.

    (1) In making a comparability determination, TSA will consider--

    (i) The minimum standards used for the security threat assessment;

    (ii) The frequency of the threat assessment;

    (iii) The date of the most recent threat assessment; and

    (iv) Whether the threat assessment includes biometric identification and a biometric credential.

    (2) To apply for a comparability determination, the agency seeking the determination must contact the Assistant Program Manager, Attn: Federal Agency Comparability Check, Hazmat Threat Assessment Program, Transportation Security Administration, 601 South 12th Street, Arlington, VA 22202-4220.

    (3) TSA will notify the public when a comparability determination is made.

    (4) An applicant, who has completed a security threat assessment that is determined to be comparable under this section to the threat assessment described in this part, must complete the enrollment process and provide biometric information to obtain a TWIC, if the applicant seeks unescorted access to a secure area of a vessel or facility. The applicant must pay the fee listed in 49 CFR 1572.503 for information collection/credential issuance.

    (5) TSA has determined that the security threat assessment for an HME under this part is comparable to the security threat assessment for TWIC.

    (6) TSA has determined that the security threat assessment for a FAST card, under the Free and Secure Trade program administered by U.S. Customs and Border Protection, is comparable to the security threat assessment described in this part.

    Sec. 1572.7 [Reserved].

    Sec. 1572.9 Applicant information required for HME security threat assessment.

    An applicant must supply the information required in this section, in a form acceptable to TSA, when applying to obtain or renew an HME. When applying to transfer an HME from

    [[Page 3596]]

    one State to another, 49 CFR 1572.13(e) applies.

    (a) Except as provided in (a)(12) through (16), the applicant must provide the following identifying information:

    (1) Legal name, including first, middle, and last; any applicable suffix; and any other name used previously.

    (2) Current and previous mailing address, current residential address if it differs from the current mailing address, and e-mail address if available. If the applicant prefers to receive correspondence and notification via e-mail, the applicant should so state.

    (3) Date of birth.

    (4) Gender.

    (5) Height, weight, hair color, and eye color.

    (6) City, state, and country of birth.

    (7) Immigration status and, if the applicant is a naturalized citizen of the United States, the date of naturalization.

    (8) Alien registration number, if applicable.

    (9) The State of application, CDL number, and type of HME(s) held.

    (10) Name, telephone number, facsimile number, and address of the applicant's current employer(s), if the applicant's work for the employer(s) requires an HME. If the applicant's current employer is the U.S. military service, include branch of the service.

    (11) Whether the applicant is applying to obtain, renew, or transfer an HME or for a waiver.

    (12) Social security number. Providing the social security number is voluntary; however, failure to provide it will delay and may prevent completion of the threat assessment.

    (13) Passport number. This information is voluntary and may expedite the adjudication process for applicants who are U.S. citizens born abroad.

    (14) Department of State Consular Report of Birth Abroad. This information is voluntary and may expedite the adjudication process for applicants who are U.S. citizens born abroad.

    (15) Whether the applicant has previously completed a TSA threat assessment, and if so the date and program for which it was completed. This information is voluntary and may expedite the adjudication process for applicants who have completed a TSA security threat assessment.

    (16) Whether the applicant currently holds a federal security clearance, and if so, the date of and agency for which the clearance was performed. This information is voluntary and may expedite the adjudication process for applicants who have completed a federal security threat assessment.

    (b) The applicant must provide a statement, signature, and date of signature that he or she--

    (1) Was not convicted, or found not guilty by reason of insanity, of a disqualifying crime listed in 49 CFR 1572.103(b), in a civilian or military jurisdiction, during the seven years before the date of the application, or is applying for a waiver;

    (2) Was not released from incarceration, in a civilian or military jurisdiction, for committing a disqualifying crime listed in 49 CFR 1572.103(b), during the five years before the date of the application, or is applying for a waiver;

    (3) Is not wanted, or under indictment, in a civilian or military jurisdiction, for a disqualifying criminal offense identified in 49 CFR 1572.103, or is applying for a waiver;

    (4) Was not convicted, or found not guilty by reason of insanity, of a disqualifying criminal offense identified in 49 CFR 1572.103(a), in a civilian or military jurisdiction, or is applying for a waiver;

    (5) Has not been adjudicated as lacking mental capacity or committed to a mental health facility involuntarily or is applying for a waiver;

    (6) Meets the immigration status requirements described in 49 CFR 1572.105;

    (7) Has or has not served in the military, and if so, the branch in which he or she served, the date of discharge, and the type of discharge; and

    (8) Has been informed that Federal regulations, under 49 CFR 1572.11, impose a continuing obligation on the HME holder to disclose to the State if he or she is convicted, or found not guilty by reason of insanity, of a disqualifying crime, adjudicated as lacking mental capacity, or committed to a mental health facility.

    (c) The applicant must certify and date receipt the following statement:

    Privacy Act Notice: Authority: The authority for collecting this information is 49 U.S.C. 114, 40113, and 5103a. Purpose: This information is needed to verify your identity and to conduct a security threat assessment to evaluate your suitability for a hazardous materials endorsement for a commercial driver's license. Furnishing this information, including your SSN or alien registration number, is voluntary; however, failure to provide it will delay and may prevent completion of your security threat assessment. Routine Uses: Routine uses of this information include disclosure to the FBI to retrieve your criminal history record; to TSA contractors or other agents who are providing services relating to the security threat assessments; to appropriate governmental agencies for licensing, law enforcement, or security purposes, or in the interests of national security; and to foreign and international governmental authorities in accordance with law and international agreement.

    (d) The applicant must certify and date receipt the following statement, immediately before the signature line:

    The information I have provided on this application is true, complete, and correct, to the best of my knowledge and belief, and is provided in good faith. I understand that a knowing and willful false statement, or an omission of a material fact on this application can be punished by fine or imprisonment or both (See section 1001 of Title 18 United States Code), and may be grounds for denial of a hazardous materials endorsement.

    (e) The applicant must certify the following statement in writing:

    I acknowledge that if the Transportation Security Administration determines that I pose a security threat, my employer, as listed on this application, may be notified. If TSA or other law enforcement agency becomes aware of an imminent threat to a maritime facility or vessel, TSA may provide limited information necessary to reduce the risk of injury or damage to the facility or vessel.

    Sec. 1572.11 Applicant responsibilities for HME security threat assessment.

    (a) Surrender of HME. If an individual is disqualified from holding an HME under 49 CFR 1572.5(c), he or she must surrender the HME to the licensing State. Failure to surrender the HME to the State may result in immediate revocation under 49 CFR 1572.13(a) and/or civil penalties.

    (b) Continuing responsibilities. An individual who holds an HME must surrender the HME as required in paragraph (a) of this section within 24 hours, if the individual--

    (1) Is convicted of, wanted, under indictment or complaint, or found not guilty by reason of insanity, in a civilian or military jurisdiction, for a disqualifying criminal offense identified in 49 CFR 1572.103; or

    (2) Is adjudicated as lacking mental capacity, or committed to a mental health facility, as described in 49 CFR 1572.109; or

    (3) Renounces or loses U.S. citizenship or status as a lawful permanent resident; or

    (4) Violates his or her immigration status, and/or is ordered removed from the United States.

    (c) Submission of fingerprints and information. (1) An HME applicant must submit fingerprints and the information required in 49 CFR 1572.9, in a form acceptable to TSA, when so notified by the State, or when the applicant applies to obtain or renew an HME. The procedures outlined in 49 CFR 1572.13(e) apply to HME transfers.

    [[Page 3597]]

    (2) When submitting fingerprints and the information required in 49 CFR 1572.9, the fee described in 49 CFR 1572.503 must be remitted to TSA.

    Sec. 1572.13 State responsibilities for issuance of hazardous materials endorsement.

    Each State must revoke an individual's HME immediately, if TSA informs the State that the individual does not meet the standards for security threat assessment in 49 CFR 1572.5 and issues an Initial Determination of Threat Assessment and Immediate Revocation.

    (a) No State may issue or renew an HME for a CDL, unless the State receives a Determination of No Security Threat from TSA.

    (b) Each State must notify each individual holding an HME issued by that State that he or she will be subject to the security threat assessment described in this part as part of an application for renewal of the HME, at least 60 days prior to the expiration date of the individual's HME. The notice must inform the individual that he or she may initiate the security threat assessment required by this section at any time after receiving the notice, but no later than 60 days before the expiration date of the individual's HME.

    (c) The State that issued an HME may extend the expiration date of the HME for 90 days, if TSA has not provided a Determination of No Security Threat or a Final Determination of Threat Assessment before the expiration date. Any additional extension must be approved in advance by TSA.

    (d) Within 15 days of receipt of a Determination of No Security Threat or Final Determination of Threat Assessment from TSA, the State must--

    (1) Update the applicant's permanent record to reflect:

    (i) The results of the security threat assessment;

    (ii) The issuance or denial of an HME; and

    (iii) The new expiration date of the HME.

    (2) Notify the Commercial Drivers License Information System (CDLIS) operator of the results of the security threat assessment.

    (3) Revoke or deny the applicant's HME if TSA serves the State with a Final Determination of Threat Assessment.

    (e) For applicants who apply to transfer an existing HME from one State to another, the second State will not require the applicant to undergo a new security threat assessment until the security threat assessment renewal period established in the preceding issuing State, not to exceed five years, expires.

    (f) A State that is not using TSA's agent to conduct enrollment for the security threat assessment must retain the application and information required in 49 CFR 1572.9, for at least one year, in paper or electronic form.

    Sec. 1572.15 Procedures for HME security threat assessment.

    (a) Contents of security threat assessment. The security threat assessment TSA completes includes a fingerprint-based criminal history records check (CHRC), an intelligence-related background check, and a final disposition.

    (b) Fingerprint-based check. In order to conduct a fingerprint- based CHRC, the following procedures must be completed:

    (1) The State notifies the applicant that he or she will be subject to the security threat assessment at least 60 days prior to the expiration of the applicant's HME, and that the applicant must begin the security threat assessment no later than 30 days before the date of the expiration of the HME.

    (2) Where the State elects to collect fingerprints and applicant information, the State--

    (i) Collects fingerprints and applicant information required in 49 CFR 1572.9;

    (ii) Provides the applicant information to TSA electronically, unless otherwise authorized by TSA;

    (iii) Transmits the fingerprints to the FBI/Criminal Justice Information Services (CJIS), in accordance with the FBI/CJIS fingerprint submission standards; and

    (iv) Retains the signed application, in paper or electronic form, for one year and provides it to TSA, if requested.

    (3) Where the State elects to have a TSA agent collect fingerprints and applicant information--

    (i) TSA provides a copy of the signed application to the State;

    (ii) The State retains the signed application, in paper or electronic form, for one year and provides it to TSA, if requested; and

    (iii) TSA transmits the fingerprints to the FBI/CJIS, in accordance with the FBI/CJIS fingerprint submission standards.

    (4) TSA receives the results from the FBI/CJIS and adjudicates the results of the check, in accordance with 49 CFR 1572.103 and, if applicable, 49 CFR 1572.107.

    (c) Intelligence-related check. To conduct an intelligence-related check, TSA completes the following procedures:

    (1) Reviews the applicant information required in 49 CFR 1572.9.

    (2) Searches domestic and international Government databases described in 49 CFR 1572.105, 1572.107, and 1572.109.

    (3) Adjudicates the results of the check in accordance with 49 CFR 1572.103, 1572.105, 1572.107, and 1572.109.

    (d) Final disposition. Following completion of the procedures described in paragraphs (b) and/or (c) of this section, the following procedures apply, as appropriate:

    (1) TSA serves a Determination of No Security Threat on the State in which the applicant is authorized to hold an HME, if TSA determines that an applicant meets the security threat assessment standards described in 49 CFR 1572.5.

    (2) TSA serves an Initial Determination of Threat Assessment on the applicant, if TSA determines that the applicant does not meet the security threat assessment standards described in 49 CFR 1572.5. The Initial Determination of Threat Assessment includes--

    (i) A statement that TSA has determined that the applicant poses a security threat warranting denial of the HME;

    (ii) The basis for the determination;

    (iii) Information about how the applicant may appeal the determination, as described in 49 CFR 1515.5 or 1515.9, as applicable; and

    (iv) A statement that if the applicant chooses not to appeal TSA's determination within 60 days of receipt of the Initial Determination, or does not request an extension of time within 60 days of receipt of the Initial Determination in order to file an appeal, the Initial Determination becomes a Final Determination of Security Threat Assessment.

    (3) TSA serves an Initial Determination of Threat Assessment and Immediate Revocation on the applicant, the applicant's employer where appropriate, and the State, if TSA determines that the applicant does not meet the security threat assessment standards described in 49 CFR 1572.5 and may pose an imminent threat to transportation or national security, or of terrorism. The Initial Determination of Threat Assessment and Immediate Revocation includes--

    (i) A statement that TSA has determined that the applicant poses a security threat warranting immediate revocation of an HME;

    (ii) The basis for the determination;

    (iii) Information about how the applicant may appeal the determination, as described in 49 CFR 1515.5(h) or 1515.9(f), as applicable; and

    (iv) A statement that if the applicant chooses not to appeal TSA's

    [[Page 3598]]

    determination within 60 days of receipt of the Initial Determination and Immediate Revocation, the Initial Determination and Immediate Revocation becomes a Final Determination of Threat Assessment.

    (4) If the applicant does not appeal the Initial Determination of Threat Assessment or Initial Determination of Threat Assessment and Immediate Revocation, TSA serves a Final Determination of Threat Assessment on the State in which the applicant applied for the HME, the applicant's employer where appropriate, and on the applicant, if the appeal of the Initial Determination results in a finding that the applicant poses a security threat.

    (5) If the applicant appeals the Initial Determination of Threat Assessment or the Initial Determination of Threat Assessment and Immediate Revocation, the procedures in 49 CFR 1515.5 or 1515.9 apply.

    (6) Applicants who do not meet certain standards in 49 CFR 1572.103, 1572.105, or 1572.109 may seek a waiver in accordance with 49 CFR 1515.7.

    Sec. 1572.17 Applicant information required for TWIC security threat assessment.

    An applicant must supply the information required in this section, in a form acceptable to TSA, when applying to obtain or renew a TWIC.

    (a) Except as provided in (a)(12) through (16), the applicant must provide the following identifying information:

    (1) Legal name, including first, middle, and last; any applicable suffix; and any other name used previously.

    (2) Current and previous mailing address, current residential address if it differs from the current mailing address, and e-mail address if available. If the applicant wishes to receive notification that the TWIC is ready to be retrieved from the enrollment center via telephone rather than e-mail address, the applicant should state this and provide the correct telephone number.

    (3) Date of birth.

    (4) Gender.

    (5) Height, weight, hair color, and eye color.

    (6) City, state, and country of birth.

    (7) Immigration status, and

    (i) If the applicant is a naturalized citizen of the United States, the date of naturalization;

    (ii) If the applicant is present in the United States based on a Visa, the type of Visa, the Visa number, and the date on which it expires; and

    (iii) If the applicant is a commercial driver licensed in Canada and does not hold a FAST card, a Canadian passport.

    (8) If not a national or citizen of the United States, the alien registration number and/or the number assigned to the applicant on the U.S. Customs and Border Protection Arrival-Departure Record, Form I-94.

    (9) Except as described in paragraph (a)(9)(i) of this section, the reason that the applicant requires a TWIC, including, as applicable, the applicant's job description and the primary facility, vessel, or maritime port location(s) where the applicant will most likely require unescorted access, if known. This statement does not limit access to other facilities, vessels, or ports, but establishes eligibility for a TWIC.

    (i) Applicants who are commercial drivers licensed in Canada or Mexico who are applying for a TWIC in order to transport hazardous materials in accordance with 49 CFR 1572.201 and not to access secure areas of a facility or vessel, must explain this in response to the information requested in paragraph (a)(9) of this section.

    (10) The name, telephone number, and address of the applicant's current employer(s), if working for the employer requires a TWIC. If the applicant's current employer is the U.S. military service, include the branch of the service. An applicant whose current employer does not require possession of a TWIC, does not have a single employer, or is self-employed, must provide the primary vessel or port location(s) where the applicant requires unescorted access, if known. This statement does not limit access to other facilities, vessels, or ports, but establishes eligibility for a TWIC.

    (11) If a credentialed mariner or applying to become a credentialed mariner, proof of citizenship as required in 46 CFR chapter I, subchapter B.

    (12) Social security number. Providing the social security number is voluntary; however, failure to provide it will delay and may prevent completion of the threat assessment.

    (13) Passport number, city of issuance, date of issuance, and date of expiration. This information is voluntary and may expedite the adjudication process for applicants who are U.S. citizens born abroad.

    (14) Department of State Consular Report of Birth Abroad. This information is voluntary and may expedite the adjudication process for applicants who are U.S. citizens born abroad.

    (15) Whether the applicant has previously completed a TSA threat assessment, and if so the date and program for which it was completed. This information is voluntary and may expedite the adjudication process for applicants who have completed a TSA security threat assessment.

    (16) Whether the applicant currently holds a federal security clearance, and if so, the date of and agency for which the clearance was performed. This information is voluntary and may expedite the adjudication process for applicants who have completed a federal security threat assessment.

    (b) The applicant must provide a statement, signature, and date of signature that he or she--

    (1) Was not convicted, or found not guilty by reason of insanity, of a disqualifying crime listed in 49 CFR 1572.103(b), in a civilian or military jurisdiction, during the seven years before the date of the application, or is applying for a waiver;

    (2) Was not released from incarceration, in a civilian or military jurisdiction, for committing a disqualifying crime listed in 49 CFR 1572.103(b), during the five years before the date of the application, or is applying for a waiver;

    (3) Is not wanted, or under indictment, in a civilian or military jurisdiction, for a disqualifying criminal offense identified in 49 CFR 1572.103, or is applying for a waiver;

    (4) Was not convicted, or found not guilty by reason of insanity, of a disqualifying criminal offense identified in 49 CFR 1572.103(a), in a civilian or military jurisdiction, or is applying for a waiver;

    (5) Has not been adjudicated as lacking mental capacity, or committed to a mental health facility involuntarily, or is applying for a waiver;

    (6) Meets the immigration status requirements described in 49 CFR 1572.105;

    (7) Has, or has not, served in the military, and if so, the branch in which he or she served, the date of discharge, and the type of discharge; and

    (8) Has been informed that Federal regulations under 49 CFR 1572.19 impose a continuing obligation on the TWIC holder to disclose to TSA if he or she is convicted, or found not guilty by reason of insanity, of a disqualifying crime, adjudicated as lacking mental capacity, or committed to a mental health facility.

    (c) Applicants, applying to obtain or renew a TWIC, must submit biometric information to be used for identity verification purposes. If an individual cannot provide the selected biometric, TSA will collect an alternative biometric identifier.

    (d) The applicant must certify and date receipt the following statement:

    Privacy Act Notice: Authority: The authority for collecting this information is 49 U.S.C. 114, 40113, and 5103a. Purpose: This information is needed to verify your identity

    [[Page 3599]]

    and to conduct a security threat assessment to evaluate your suitability for a Transportation Worker Identification Credential. Furnishing this information, including your SSN or alien registration number, is voluntary; however, failure to provide it will delay and may prevent completion of your security threat assessment. Routine Uses: Routine uses of this information include disclosure to the FBI to retrieve your criminal history record; to TSA contractors or other agents who are providing services relating to the security threat assessments; to appropriate governmental agencies for licensing, law enforcement, or security purposes, or in the interests of national security; and to foreign and international governmental authorities in accordance with law and international agreement.

    (e) The applicant must certify the following statement in writing:

    As part of my employment duties, I am required to have unescorted access to secure areas of maritime facilities or vessels in which a Transportation Worker Identification Credential is required; I am now, or I am applying to be, a credentialed merchant mariner; or I am a commercial driver licensed in Canada or Mexico transporting hazardous materials in accordance with 49 CFR 1572.201.

    (f) The applicant must certify and date receipt the following statement, immediately before the signature line:

    The information I have provided on this application is true, complete, and correct, to the best of my knowledge and belief, and is provided in good faith. I understand that a knowing and willful false statement, or an omission of a material fact on this application, can be punished by fine or imprisonment or both (see section 1001 of Title 18 United States Code), and may be grounds for denial of a Transportation Worker Identification Credential.

    (g) The applicant must certify the following statement in writing:

    I acknowledge that if the Transportation Security Administration determines that I pose a security threat, my employer, as listed on this application, may be notified. If TSA or other law enforcement agency becomes aware of an imminent threat to a maritime facility or vessel, TSA may provide limited information necessary to reduce the risk of injury or damage to the facility or vessel.

    Sec. 1572.19 Applicant responsibilities for a TWIC security threat assessment.

    (a) Implementation schedule. Except as provided in paragraph (b) of this section, applicants must provide the information required in 49 CFR 1572.17, when so directed by the owner/operator.

    (b) Implementation schedule for certain mariners. An applicant, who holds a Merchant Mariner Document (MMD) issued after February 3, 2003, and before the March 26, 2007, or a Merchant Marine License (License) issued after January 13, 2006, and before March 26, 2007, must submit the information required in this section, but is not required to undergo the security threat assessment described in this part.

    (c) Surrender of TWIC. The TWIC is property of the Transportation Security Administration. If an individual is disqualified from holding a TWIC under 49 CFR 1572.5, he or she must surrender the TWIC to TSA. Failure to surrender the TWIC to TSA may result in immediate revocation under 49 CFR 1572.5(b) and/or civil penalties.

    (d) Continuing responsibilities. An individual who holds a TWIC must surrender the TWIC, as required in paragraph (a) of this section, within 24 hours if the individual--

    (1) Is convicted of, wanted, under indictment or complaint, or found not guilty by reason of insanity, in a civilian or military jurisdiction, for a disqualifying criminal offense identified in 49 CFR 1572.103; or

    (2) Is adjudicated as lacking mental capacity or committed to a mental health facility, as described in 49 CFR 1572.109; or

    (3) Renounces or loses U.S. citizenship or status as a lawful permanent resident; or

    (4) Violates his or her immigration status and/or is ordered removed from the United States.

    (e) Submission of fingerprints and information. (1) TWIC applicants must submit fingerprints and the information required in 49 CFR 1572.17, in a form acceptable to TSA, to obtain or renew a TWIC.

    (2) When submitting fingerprints and the information required in 49 CFR 1572.17, the fee required in 49 CFR 1572.503 must be remitted to TSA.

    (f) Lost, damaged, or stolen credentials. If an individual's TWIC is damaged, or if a TWIC holder loses possession of his or her credential, he or she must notify TSA immediately.

    Sec. 1572.21 Procedures for TWIC security threat assessment.

    (a) Contents of security threat assessment. The security threat assessment TSA conducts includes a fingerprint-based criminal history records check (CHRC), an intelligence-related check, and a final disposition.

    (b) Fingerprint-based check. The following procedures must be completed to conduct a fingerprint-based CHRC:

    (1) Consistent with the implementation schedule described in 49 CFR 1572.19(a) and (b), and as required in 33 CFR 104.200, 105.200, or 106.200, applicants are notified.

    (2) During enrollment, TSA--

    (i) Collects fingerprints, applicant information, and the fee required in 49 CFR 1572.17;

    (ii) Transmits the fingerprints to the FBI/CJIS in accordance with the FBI/CJIS fingerprint submission standards.

    (iii) Receives and adjudicates the results of the check from FBI/ CJIS, in accordance with 49 CFR 1572.103 and, if applicable, 49 CFR 1572.107.

    (c) Intelligence-related check. To conduct an intelligence-related check, TSA completes the following procedures:

    (1) Reviews the applicant information required in 49 CFR 1572.17;

    (2) Searches domestic and international Government databases required to determine if the applicant meets the requirements of 49 CFR 1572.105, 1572.107, and 1572.109;

    (3) Adjudicates the results of the check in accordance with 49 CFR 1572.103, 1572.105, 1572.107, and 1572.109.

    (d) Final disposition. Following completion of the procedures described in paragraphs (b) and/or (c) of this section, the following procedures apply, as appropriate:

    (1) TSA serves a Determination of No Security Threat on the applicant if TSA determines that the applicant meets the security threat assessment standards described in 49 CFR 1572.5. In the case of a mariner, TSA also serves a Determination of No Security Threat on the Coast Guard.

    (2) TSA serves an Initial Determination of Threat Assessment on the applicant if TSA determines that the applicant does not meet the security threat assessment standards described in 49 CFR 1572.5. The Initial Determination of Threat Assessment includes--

    (i) A statement that TSA has determined that the applicant poses a security threat warranting denial of the TWIC;

    (ii) The basis for the determination;

    (iii) Information about how the applicant may appeal the determination, as described in 49 CFR 1515.5 or 1515.9, as applicable; and

    (iv) A statement that if the applicant chooses not to appeal TSA's determination within 60 days of receipt of the Initial Determination, or does not request an extension of time within 60 days of receipt of the Initial Determination in order to file an appeal, the Initial Determination becomes a Final Determination of Security Threat Assessment.

    (3) TSA serves an Initial Determination of Threat Assessment and Immediate Revocation on the applicant, the applicant's employer

    [[Page 3600]]

    where appropriate, the FMSC, and in the case of a mariner applying for a TWIC, on the Coast Guard, if TSA determines that the applicant does not meet the security threat assessment standards described in 49 CFR 1572.5 and may pose an imminent security threat. The Initial Determination of Threat Assessment and Immediate Revocation includes--

    (i) A statement that TSA has determined that the applicant poses a security threat warranting immediate revocation of a TWIC and unescorted access to secure areas;

    (ii) The basis for the determination;

    (iii) Information about how the applicant may appeal the determination, as described in 49 CFR 1515.5(h) or 1515.9(f), as applicable; and

    (iv) A statement that if the applicant chooses not to appeal TSA's determination within 60 days of receipt of the Initial Determination and Immediate Revocation, the Initial Determination and Immediate Revocation becomes a Final Determination of Threat Assessment.

    (4) If the applicant does not appeal the Initial Determination of Threat Assessment or Initial Determination of Threat Assessment and Immediate Revocation, TSA serves a Final Determination of Threat Assessment on the FMSC and in the case of a mariner, on the Coast Guard, and the applicant's employer where appropriate.

    (5) If the applicant appeals the Initial Determination of Threat Assessment or the Initial Determination of Threat Assessment and Immediate Revocation, the procedures in 49 CFR 1515.5 or 1515.9 apply.

    (6) Applicants who do not meet certain standards in 49 CFR 1572.103, 1572.105, or 1572.109 may seek a waiver in accordance with 49 CFR 1515.7.

    Sec. 1572.23 TWIC expiration.

    (a) A TWIC expires five years after the date it was issued at the end of the calendar day, except as follows:

    (1) The TWIC was issued based on a determination that the applicant completed a comparable threat assessment. If issued pursuant to a comparable threat assessment, the TWIC expires five years from the date on the credential associated with the comparable threat assessment.

    (2) The applicant is in a lawful nonimmigrant status category listed in 1572.105(a)(7), and the status expires, the employer terminates the employment relationship with the applicant, or the applicant otherwise ceases working for the employer. Under any of these circumstances, TSA deems the TWIC to have expired regardless of the expiration date on the face of the TWIC.

    (b) TSA may issue a TWIC for a term less than five years to match the expiration of a visa.

    Sec. Sec. 1572.24--1572.40 [Reserved]

    Subpart B--Standards for Security Threat Assessments

    Sec. 1572.101 Scope.

    This subpart applies to applicants who hold or are applying to obtain or renew an HME or TWIC, or transfer an HME. Applicants for an HME also are subject to safety requirements issued by the Federal Motor Carrier Safety Administration under 49 CFR part 383 and by the State issuing the HME, including additional immigration status and criminal history standards.

    Sec. 1572.103 Disqualifying criminal offenses.

    (a) Permanent disqualifying criminal offenses. An applicant has a permanent disqualifying offense if convicted, or found not guilty by reason of insanity, in a civilian or military jurisdiction of any of the following felonies:

    (1) Espionage or conspiracy to commit espionage.

    (2) Sedition, or conspiracy to commit sedition.

    (3) Treason, or conspiracy to commit treason.

    (4) A federal crime of terrorism as defined in 18 U.S.C. 2332b(g), or comparable State law, or conspiracy to commit such crime.

    (5) A crime involving a transportation security incident. A transportation security incident is a security incident resulting in a significant loss of life, environmental damage, transportation system disruption, or economic disruption in a particular area, as defined in 46 U.S.C. 70101. A work stoppage, or other nonviolent employee-related action, resulting from an employer-employee dispute is not a transportation security incident.

    (6) Improper transportation of a hazardous material under 49 U.S.C. 5124, or a State law that is comparable.

    (7) Unlawful possession, use, sale, distribution, manufacture, purchase, receipt, transfer, shipping, transporting, import, export, storage of, or dealing in an explosive or explosive device. An explosive or explosive device includes, but is not limited to, an explosive or explosive material as defined in 18 U.S.C. 232(5), 841(c) through 841(f), and 844(j); and a destructive device, as defined in 18 U.S.C. 921(a)(4) and 26 U.S.C. 5845(f).

    (8) Murder.

    (9) Making any threat, or maliciously conveying false information knowing the same to be false, concerning the deliverance, placement, or detonation of an explosive or other lethal device in or against a place of public use, a state or government facility, a public transportations system, or an infrastructure facility.

    (10) Violations of the Racketeer Influenced and Corrupt Organizations Act, 18 U.S.C. 1961, et seq, or a State law that is comparable, where one of the predicate acts found by a jury or admitted by the defendant, consists of one of the crimes listed in paragraph (a) of this section.

    (11) Attempt to commit the crimes in paragraphs (a)(1) through (a)(4).

    (12) Conspiracy or attempt to commit the crimes in paragraphs (a)(5) through (a)(10).

    (b) Interim disqualifying criminal offenses. (1) The felonies listed in paragraphs (b)(2) of this section are disqualifying, if either:

    (i) the applicant was convicted, or found not guilty by reason of insanity, of the crime in a civilian or military jurisdiction, within seven years of the date of the application; or

    (ii) the applicant was incarcerated for that crime and released from incarceration within five years of the date of the TWIC application.

    (2) The interim disqualifying felonies are:

    (i) Unlawful possession, use, sale, manufacture, purchase, distribution, receipt, transfer, shipping, transporting, delivery, import, export of, or dealing in a firearm or other weapon. A firearm or other weapon includes, but is not limited to, firearms as defined in 18 U.S.C. 921(a)(3) or 26 U.S.C. 5 845(a), or items contained on the U.S. Munitions Import List at 27 CFR 447.21.

    (ii) Extortion.

    (iii) Dishonesty, fraud, or misrepresentation, including identity fraud and money laundering where the money laundering is related to a crime described in paragraphs (a) or (b) of this section. Welfare fraud and passing bad checks do not constitute dishonesty, fraud, or misrepresentation for purposes of this paragraph.

    (iv) Bribery.

    (v) Smuggling.

    (vi) Immigration violations.

    (vii) Distribution of, possession with intent to distribute, or importation of a controlled substance.

    (viii) Arson.

    (ix) Kidnapping or hostage taking.

    (x) Rape or aggravated sexual abuse.

    (xi) Assault with intent to kill.

    (xi) Robbery.

    (xii) Conspiracy or attempt to commit the crimes in this paragraph (b).

    [[Page 3601]]

    (xiii) Violations of the Racketeer Influenced and Corrupt Organizations Act, 18 U.S.C. 1961, et seq., or a1036, or comparable State law that is comparable, other than the violations listed in paragraph (a)(10) of this section., for fraudulent entry into secure seaport areas.

    (xiv) Conspiracy or attempt to commit the crimes in this paragraph (b).

    (c) Under want, warrant, or indictment. An applicant who is wanted, or under indictment in any civilian or military jurisdiction for a felony listed in this section, is disqualified until the want or warrant is released or the indictment is dismissed.

    (d) Determination of arrest status. (1) When a fingerprint-based check discloses an arrest for a disqualifying crime listed in this section without indicating a disposition, TSA will so notify the applicant and provide instructions on how the applicant must clear the disposition, in accordance with paragraph (d)(2) of this section.

    (2) The applicant must provide TSA with written proof that the arrest did not result in conviction for the disqualifying criminal offense, within 60 days after the service date of the notification in paragraph (d)(1) of this section. If TSA does not receive proof in that time, TSA will notify the applicant that he or she is disqualified. In the case of an HME, TSA will notify the State that the applicant is disqualified, and in the case of a mariner applying for TWIC, TSA will notify the Coast Guard that the applicant is disqualified.

    Sec. 1572.105 Immigration status.

    (a) An individual applying for a security threat assessment for a TWIC or HME must be a national of the United States or--

    (1) A lawful permanent resident of the United States;

    (2) A refugee admitted under 8 U.S.C. 1157;

    (3) An alien granted asylum under 8 U.S.C. 1158;

    (4) An alien in valid M-1 nonimmigrant status who is enrolled in the United States Merchant Marine Academy or a comparable State maritime academy. Such individuals may serve as unlicensed mariners on a documented vessel, regardless of their nationality, under 46 U.S.C. 8103.

    (5) A nonimmigrant alien admitted under the Compact of Free Association between the United States and the Federated States of Micronesia, the United States and the Republic of the Marshall Islands, or the United States and Palau.

    (6) An alien in lawful nonimmigrant status who has unrestricted authorization to work in the United States, except--

    (i) An alien in valid S-5 (informant of criminal organization information) lawful nonimmigrant status;

    (ii) An alien in valid S-6 (informant of terrorism information) lawful nonimmigrant status;

    (iii) An alien in valid K-1 (Fianco(e)) lawful nonimmigrant status; or

    (iv) An alien in valid K-2 (Minor child of Fianco(e)) lawful nonimmigrant status.

    (7) An alien in the following lawful nonimmigrant status who has restricted authorization to work in the United States--

    (i) C-1/D Crewman Visa

    (ii) H-1B Special Occupations;

    (ii) H-1B1 Free Trade Agreement;

    (iv) E-1 Treaty Trader;

    (v) E-3 Australian in Specialty Occupation;

    (vi) L-1 Intracompany Executive Transfer;

    (vii) O-1 Extraordinary Ability; or

    (viii) TN North American Free Trade Agreement.

    (8) A commercial driver licensed in Canada or Mexico who is admitted to the United States under 8 CFR 214.2(b)(4)(i)(E) to conduct business in the United States.

    (b) Upon expiration of a nonimmigrant status listed in paragraph (a)(7) of this section, an employer must retrieve the TWIC from the applicant and provide it to TSA.

    (c) Upon expiration of a nonimmigrant status listed in paragraph (a)(7) of this section, an employee must surrender his or her TWIC to the employer.

    (d) If an employer terminates an applicant working under a nonimmigrant status listed in paragraph (a)(7) of this section, or the applicant otherwise ceases working for the employer, the employer must notify TSA within 5 business days and provide the TWIC to TSA if possible.

    (e) Any individual in removal proceedings or subject to an order of removal under the immigration laws of the United States is not eligible to apply for a TWIC.

    (f) To determine an applicant's immigration status, TSA will check relevant Federal databases and may perform other checks, including the validity of the applicant's alien registration number, social security number, or I-94 Arrival-Departure Form number.

    Sec. 1572.107 Other analyses.

    (a) TSA may determine that an applicant poses a security threat based on a search of the following databases:

    (1) Interpol and other international databases, as appropriate.

    (2) Terrorist watchlists and related databases.

    (3) Any other databases relevant to determining whether an applicant poses, or is suspected of posing, a security threat, or that confirm an applicant's identity.

    (b) TSA may also determine that an applicant poses a security threat, if the search conducted under this part reveals extensive foreign or domestic criminal convictions, a conviction for a serious crime not listed in 49 CFR 1572.103, or a period of foreign or domestic imprisonment that exceeds 365 consecutive days.

    Sec. 1572.109 Mental capacity.

    (a) An applicant has mental incapacity, if he or she has been--

    (1) Adjudicated as lacking mental capacity; or

    (2) Committed to a mental health facility.

    (b) An applicant is adjudicated as lacking mental capacity if--

    (1) A court, board, commission, or other lawful authority has determined that the applicant, as a result of marked subnormal intelligence, mental illness, incompetence, condition, or disease, is a danger to himself or herself or to others, or lacks the mental capacity to conduct or manage his or her own affairs.

    (2) This includes a finding of insanity by a court in a criminal case and a finding of incompetence to stand trial; or a finding of not guilty by reason of lack of mental responsibility, by any court, or pursuant to articles 50a and 76b of the Uniform Code of Military Justice (10 U.S.C. 850a and 876b).

    (c) An applicant is committed to a mental health facility if he or she is formally committed to a mental health facility by a court, board, commission, or other lawful authority, including involuntary commitment and commitment for lacking mental capacity, mental illness, and drug use. This does not include commitment to a mental health facility for observation or voluntary admission to a mental health facility.

    [[Page 3602]]

    Sec. Sec. 1572.111 through 1572.139 [Reserved]

    Subpart C--Transportation of Hazardous Materials From Canada or Mexico To and Within the United States by Land Modes

    Sec. 1572.201 Transportation of hazardous materials via commercial motor vehicle from Canada or Mexico to and within the United States.

    (a) Applicability. This section applies to commercial motor vehicle drivers licensed by Canada and Mexico.

    (b) Terms used in this section. The terms used in 49 CFR parts 1500, 1570, and 1572 also apply in this subpart. In addition, the following terms are used in this subpart for purposes of this section:

    FAST means Free and Secure Trade program of the Bureau of Customs and Border Protection (CBP), a cooperative effort between CBP and the governments of Canada and Mexico to coordinate processes for the clearance of commercial shipments at the border.

    Hazardous materials means material that has been designated as hazardous under 49 U.S.C. 5103 and is required to be placarded under subpart F of 49 CFR part 172 or any quantity of material that listed as a select agent or toxin in 42 CFR part 73.

    (c) Background check required. A commercial motor vehicle driver who is licensed by Canada or Mexico may not transport hazardous materials into or within the United States unless the driver has undergone a background check similar to the one required of U.S.- licensed operators with a hazardous materials endorsement (HME) on a commercial driver's license, as prescribed in 49 CFR 1572.5.

    (d) FAST card. A commercial motor vehicle driver who holds a current Free and Secure Trade (FAST) program card satisfies the requirements of this section. Commercial motor vehicle drivers who wish to apply for a FAST program card must contact the FAST Commercial Driver Program, Bureau of Customs and Border Protection (CBP), Department of Homeland Security.

    (e) TWIC. A commercial motor vehicle driver who holds a TWIC satisfies the requirements of this section. Commercial vehicle drivers who wish to apply for a TWIC must comply with the rules in 49 CFR part 1572.

    Sec. 1572.203 Transportation of explosives from Canada to the United States via railroad carrier.

    (a) Applicability. This section applies to railroad carriers that carry explosives from Canada to the United States, using a train crew member who is not a U.S. citizen or lawful permanent resident alien of the United States.

    (b) Terms under this section. For purposes of this section:

    Customs and Border Protection (CBP) means the Bureau of Customs and Border Protection, an agency within the U.S. Department of Homeland Security.

    Explosive means a material that has been examined by the Associate Administrator for Hazardous Materials Safety, Research and Special Programs Administration, in accordance with 49 CFR 173.56, and determined to meet the definition for a Class 1 material in 49 CFR 173.50.

    Known railroad carrier means a person that has been determined by the Governments of Canada and the United States to be a legitimate business, operating in accordance with all applicable laws and regulations governing the transportation of explosives.

    Known offeror means an offeror that has been determined by the Governments of Canada and the United States to be a legitimate business, operating in accordance with all applicable laws and regulations governing the transportation of explosives.

    Known train crew member means an individual used to transport explosives from Canada to the United States, who has been determined by the Governments of Canada and the United States to present no known security concern.

    Lawful permanent resident alien means an alien lawfully admitted for permanent residence, as defined by 8 U.S.C. 1101(a)(20).

    Offeror means the person offering a shipment to the railroad carrier for transportation from Canada to the United States, and may also be known as the ``consignor'' in Canada.

    Railroad carrier means ``railroad carrier'' as defined in 49 U.S.C. 20102.

    (c) Prior approval of railroad carrier, offeror, and train crew member. (1) No railroad carrier may transport in commerce any explosive into the United States from Canada, via a train operated by a crew member who is not a U.S. national or lawful permanent resident alien, unless the railroad carrier, offeror, and train crew member are identified on a TSA list as a known railroad carrier, known offeror, and known train crew member, respectively.

    (2) The railroad carrier must ensure that it, its offeror, and each of its crew members have been determined to be a known railroad carrier, known offeror, and known train crew member, respectively. If any has not been so determined, the railroad carrier must submit the following information to Transport Canada:

    (i) The railroad carrier's identification, including--

    (A) Official name;

    (B) Business number;

    (C) Any trade names; and

    (D) Address.

    (ii) The following information about any offeror of explosives whose shipments it will carry:

    (A) Official name.

    (B) Business number.

    (C) Address.

    (iii) The following information about any train crew member the railroad carrier may use to transport explosives into the United States from Canada, who is neither a U.S. national nor lawful permanent resident alien:

    (A) Full name.

    (B) Both current and most recent prior residential addresses.

    (3) Transport Canada will determine whether the railroad carrier and offeror are legitimately doing business in Canada and will also determine whether the train crew members present no known problems for purposes of this section. Transport Canada will notify TSA of these determinations by forwarding to TSA lists of known railroad carriers, offerors, and train crew members and their identifying information.

    (4) TSA will update and maintain the list of known railroad carriers, offerors, and train crew members and forward the list to CBP.

    (5) Once included on the list, the railroad carriers, offerors, and train crew members need not obtain prior approval for future transport of explosives under this section.

    (d) TSA checks. TSA may periodically check the data on the railroad carriers, offerors, and train crew members to confirm their continued eligibility, and may remove from the list any that TSA determines is not known or is a threat to security.

    (e) At the border. (1) Train crew members who are not U.S. nationals or lawful permanent resident aliens. Upon arrival at a point designated by CBP for inspection of trains crossing into the United States, the train crew members of a train transporting explosives must provide sufficient identification to CBP to enable that agency to determine if each crew member is on the list of known train crew members maintained by TSA.

    (2) Train crew members who are U.S. nationals or lawful permanent resident aliens. If CBP cannot verify that the crew member is on the list and the crew member is a U.S. national or lawful permanent resident alien, the crew

    [[Page 3603]]

    member may be cleared by CBP upon providing--

    (i) A valid U.S. passport; or

    (ii) One or more other document(s), including a form of U.S. Federal or state Government-issued identification with photograph, acceptable to CBP.

    (3) Compliance. If a carrier attempts to enter the U.S. without having complied with this section, CBP will deny entry of the explosives and may take other appropriate action.

    Subpart D--[Reserved]

    Subpart E--Fees for Security Threat Assessments for Hazmat Drivers

    Sec. 1572.400 Scope and definitions.

    (a) Scope. This part applies to--

    (1) States that issue an HME for a commercial driver's license;

    (2) Individuals who apply to obtain or renew an HME for a commercial driver's license and must undergo a security threat assessment under 49 CFR part 1572; and

    (3) Entities who collect fees from such individuals on behalf of TSA.

    (b) Terms. As used in this part:

    Commercial driver's license (CDL) is used as defined in 49 CFR 383.5.

    Day means calendar day.

    FBI Fee means the fee required for the cost of the Federal Bureau of Investigation (FBI) to process fingerprint records.

    Information Collection Fee means the fee required, in this part, for the cost of collecting and transmitting fingerprints and other applicant information under 49 CFR part 1572.

    Threat Assessment Fee means the fee required, in this part, for the cost of TSA adjudicating security threat assessments, appeals, and waivers under 49 CFR part 1572.

    TSA agent means an entity approved by TSA to collect and transmit fingerprints and applicant information, in accordance with 49 CFR part 1572, and fees in accordance with this part.

    Sec. 1572.401 Fee collection options.

    (a) State collection and transmission. If a State collects fingerprints and applicant information under 49 CFR part 1572, the State must collect and transmit to TSA the Threat Assessment Fee, in accordance with the requirements of 49 CFR 1572.403. The State also must collect and remit the FBI, in accordance with established procedures.

    (b) TSA agent collection and transmission. If a TSA agent collects fingerprints and applicant information under 49 CFR part 1572, the agent must--

    (1) Collect the Information Collection Fee, Threat Assessment Fee, and FBI Fee, in accordance with procedures approved by TSA;

    (2) Transmit to TSA the Threat Assessment Fee, in accordance with procedures approved by TSA; and

    (3) Transmit to TSA the FBI Fee, in accordance with procedures approved by TSA and the FBI.

    Sec. 1572.403 Procedures for collection by States.

    This section describes the procedures that a State, which collects fingerprints and applicant information under 49 CFR part 1572; and the procedures an individual who applies to obtain or renew an HME, for a CDL in that State, must follow for collection and transmission of the Threat Assessment Fee and the FBI Fee.

    (a) Imposition of fees. (1) The following Threat Assessment Fee is required for TSA to conduct a security threat assessment, under 49 CFR part 1572, for an individual who applies to obtain or renew an HME: $34.

    (2) The following FBI Fee is required for the FBI to process fingerprint identification records and name checks required under 49 CFR part 1572: the fee collected by the FBI under Pub. L. 101-515.

    (3) An individual who applies to obtain or renew an HME, or the individual's employer, must remit to the State the Threat Assessment Fee and the FBI Fee, in a form and manner approved by TSA and the State, when the individual submits the application for the HME to the State.

    (b) Collection of fees. (1) A State must collect the Threat Assessment Fee and FBI Fee, when an individual submits an application to the State to obtain or renew an HME.

    (2) Once TSA receives an application from a State for a security threat assessment under 49 CFR part 1572, the State is liable for the Threat Assessment Fee.

    (3) Nothing in this subpart prevents a State from collecting any other fees that a State may impose on an individual who applies to obtain or renew an HME.

    (c) Handling of fees. (1) A State must safeguard all Threat Assessment Fees, from the time of collection until remittance to TSA.

    (2) All Threat Assessment Fees are held in trust by a State for the beneficial interest of the United States in paying for the costs of conducting the security threat assessment, required by 49 U.S.C. 5103a and 49 CFR part 1572. A State holds neither legal nor equitable interest in the Threat Assessment Fees, except for the right to retain any accrued interest on the principal amounts collected pursuant to this section.

    (3) A State must account for Threat Assessment Fees separately, but may commingle such fees with other sources of revenue.

    (d) Remittance of fees. (1) TSA will generate and provide an invoice to a State on a monthly basis. The invoice will indicate the total fee dollars (number of applicants times the Threat Assessment Fee) that are due for the month.

    (2) A State must remit to TSA full payment for the invoice, within 30 days after TSA sends the invoice.

    (3) TSA accepts Threat Assessment Fees only from a State, not from an individual applicant for an HME.

    (4) A State may retain any interest that accrues on the principal amounts collected between the date of collection and the date the Threat Assessment Fee is remitted to TSA, in accordance with paragraph (d)(2) of this section.

    (5) A State may not retain any portion of the Threat Assessment Fee to offset the costs of collecting, handling, or remitting Threat Assessment Fees.

    (6) Threat Assessment Fees, remitted to TSA by a State, must be in U.S. currency, drawn on a U.S. bank, and made payable to the ``Transportation Security Administration.''

    (7) Threat Assessment Fees must be remitted by check, money order, wire, or any other payment method acceptable to TSA.

    (8) TSA will not issue any refunds of Threat Assessment Fees.

    (9) If a State does not remit the Threat Assessment Fees for any month, TSA may decline to process any HME applications from that State.

    Sec. 1572.405 Procedures for collection by TSA.

    This section describes the procedures that an individual, who applies to obtain or renew an HME for a CDL, must follow if a TSA agent collects and transmits the Information Collection Fee, Threat Assessment Fee, and FBI Fee.

    (a) Imposition of fees. (1) The following Information Collection Fee is required for a TSA agent to collect and transmit fingerprints and applicant information, in accordance with 49 CFR part 1572: $38.

    (2) The following Threat Assessment Fee is required for TSA to conduct a security threat assessment, under 49 CFR part 1572, for an individual who applies to obtain or renew an HME: $34.

    (3) The following FBI Fee is required for the FBI to process fingerprint identification records required under 49 CFR part 1572: The fee collected by the FBI under Pub. L. 101-515.

    [[Page 3604]]

    (4) An individual who applies to obtain or renew an HME, or the individual's employer, must remit to the TSA agent the Information Collection Fee, Threat Assessment Fee, and FBI Fee, in a form and manner approved by TSA, when the individual submits the application required under 49 CFR part 1572.

    (b) Collection of fees. A TSA agent will collect the fees required under this section, when an individual submits an application to the TSA agent, in accordance with 49 CFR part 1572.

    (c) Remittance of fees. (1) Fees required under this section, which are remitted to a TSA agent, must be made in U.S. currency, drawn on a U.S. bank, and made payable to the ``Transportation Security Administration.''

    (2) Fees required under this section must be remitted by check, money order, wire, or any other payment method acceptable to TSA.

    (3) TSA will not issue any refunds of fees required under this section.

    (4) Applications, submitted in accordance with 49 CFR part 1572, will be processed only upon receipt of all applicable fees under this section.

    Subpart F--Fees for Security Threat Assessments for Transportation Worker Identification Credential (TWIC)

    Sec. 1572.500 Scope.

    (a) Scope. This part applies to--

    (1) Individuals who apply to obtain or renew a Transportation Worker Identification Credential and must undergo a security threat assessment under 49 CFR part 1572; and

    (2) Entities that collect fees from such individuals on behalf of TSA.

    (b) Terms. As used in this part:

    TSA agent means the entity approved by TSA to collect and transmit fingerprints and applicant information, and collect fees in accordance with this part.

    Sec. 1572.501 Fee collection.

    (a) When fee must be paid. When an applicant submits the information and fingerprints required under 49 CFR part 1572 to obtain or renew a TWIC, the fee must be remitted to TSA or its agent in accordance with the requirements of this section. Applications submitted in accordance with 49 CFR part 1572 will be processed only upon receipt of all required fees under this section.

    (b) Standard TWIC Fee. The fee to obtain or renew a TWIC, other than for those identified in paragraph (a)(2) of this section, will be announced in the Federal Register after January 25, 2007. This fee is made up of the total of the following segments:

    (1) The Enrollment Segment covers the cost for TSA or its agent to enroll applicants.

    (2) The Full Card Production/Security Threat Assessment Segment covers the cost for TSA to conduct a security threat assessment.

    (3) The FBI Segment covers the cost for the FBI to process fingerprint identification records under Pub. L. 101-515 and is $22. If the FBI amends this fee, TSA or its agent will collect the amended fee.

    (c) Reduced TWIC Fee. The fee to obtain a TWIC when the applicant has undergone a comparable threat assessment in connection with an HME, a FAST card, other threat assessment deemed to be comparable under 49 CFR 1572.5(d), or holds an Merchant Mariner Document or Merchant Mariner License, will be announced in the Federal Register after January 25, 2007. This fee is made up of the following segments:

    (1) The Enrollment Segment; and

    (2) The Reduced Card Production/Security Threat Assessment Segment.

    (d) Card Replacement Fee. The fee to replace a TWIC that has been lost, stolen, or damaged will be announced in the Federal Register after January 25, 2007.

    (e) Form of fee. The TSA vendor will collect the fee required to obtain or renew a TWIC and will determine the method of acceptable payment, subject to approval by TSA.

    (f) Refunds. TSA will not issue any refunds of fees required under this section.

    (g) Inflation adjustment. The fees prescribed in this section, except the FBI fee, may be adjusted annually on or after October 1, 2007, by publication of an inflation adjustment. A final rule in the Federal Register will announce the inflation adjustment. The adjustment shall be a composite of the Federal civilian pay raise assumption and non-pay inflation factor for that fiscal year issued by the Office of Management and Budget for agency use in implementing OMB Circular A-76, weighted by the pay and non-pay proportions of total funding for that fiscal year. If Congress enacts a different Federal civilian pay raise percentage than the percentage issued by OMB for Circular A-76, the Department of Homeland Security may adjust the fees to reflect the enacted level. The required fee shall be the amount prescribed in paragraphs (a)(1)(i) and (a)(1)(ii), plus the latest inflation adjustment.

    Dated: December 26, 2006. Thad W. Allen, Commandant, United States Coast Guard.

    Dated: December 30, 2006. Kip Hawley, Assistant Secretary, Transportation Security Administration.

    [FR Doc. 07-19 Filed 1-24-07; 8:45 am]

    BILLING CODE 9110-05-P