February 27, 2009
BY ELECTRONIC MAIL
Ms. Gale D. Rossides, Acting Administrator
Transportation Security Administration
U.S. Department of Homeland Security
601 South 12th Street – East Building
Arlington, VA 22202
Electronic Address: www.regulations.gov (Docket No. TSA-2008-0021)
Dear Acting Administrator Rossides:
The U.S. Small Business Administration's (SBA) Office of Advocacy (Advocacy) is pleased to submit the following comments on the Transportation Security Administration’s (TSA’s) Proposed Large Aircraft Security Program, Other Aircraft Operator Security Program, and Airport Operator Security Program Rule.(1) The proposed rule would expand current aviation security regulations to require operators of all aircraft with a maximum takeoff weight (MTOW) above 12,500 pounds to adopt a TSA-approved security program similar to those already in place for commercial and charter operations. The proposed rule would also require a number of small airports to adopt security programs.(2) A more detailed summary of the proposed rule is provided below.
Office of Advocacy
Advocacy was established pursuant to Pub. L. 94-305 to represent the views of small entities before federal agencies and Congress. Advocacy is an independent office within SBA, so the views expressed by Advocacy do not necessarily reflect the views of the SBA or the Administration. The Regulatory Flexibility Act (RFA),(3) as amended by the
Small Business Regulatory Enforcement Fairness Act (SBREFA),(4) gives small entities a voice in the rulemaking process. For all rules that are expected to have a significant economic impact on a substantial number of small entities, federal agencies are required by the RFA to assess the impact of the proposed rule on small entities and to consider less burdensome alternatives.(5) Moreover, Executive Order 13272(6) requires federal agencies to notify Advocacy of any proposed rules that are expected to have a significant economic impact on a substantial number of small entities and to give every appropriate consideration to any comments on a proposed or final rule submitted by Advocacy. Further, the agency must include, in any explanation or discussion accompanying publication in the Federal Register of a final rule, the agency's response to any written comments submitted by Advocacy on the proposed rule.
The proposed rule would expand current aviation security regulations to require operators of all aircraft with a MTOW above 12,500 pounds(7) to adopt a TSA-approved security program similar to those already in place for commercial and charter operations.(8) These security programs would include, among other things, biennial compliance audits by TSA-approved third-party auditors, watch-list matching of passengers through TSA-approved watch-list matching service providers, ensuring that pilots and crew members have undergone fingerprint-based criminal history records checks, designating security personnel, inspecting passenger property, and controlling onboard access to restricted items.(9) The proposed rule would also include expanded security requirements for cargo operations and would also require certain reliever airports and other airports serving designated aircraft to adopt security programs.(10)
According to TSA, some 10,000 existing aircraft operators (operating some 15,000 aircraft) and 315 existing airports would be subject to the new rule.(11) Of these, TSA estimates that up to 9,061 of the operators and 74 of the airports may be small entities. Small entities include private charter and cargo freight companies, numerous small businesses that own and operate their own aircraft, and small governmental jurisdictions that operate airports. TSA estimates that the compliance cost for the new rule would range from somewhere between $859 million and $1.9 billion (discounted) over ten years, with the majority of costs imposed on private aircraft operators. However, TSA acknowledges that there are significant data limitations and uncertainty in its analysis.(12)
Small Entities Have Expressed Serious Concerns About The Proposed Rule
Following publication of the proposed rule, a number of small entity representatives contacted Advocacy and expressed serious concerns about the proposed rule. In response, Advocacy hosted a small business roundtable on February 13, 2009 to discuss the proposed rule, obtain small business input, and consider feasible alternatives. Representatives from TSA attended the roundtable and provided a background briefing on the proposed rule, but could not remain for the ensuing discussion because the proposed rule was the subject of an open comment period. However, the following comments and recommendations are reflective of the discussion during the roundtable and in subsequent conversations with small entity representatives. It should be noted that while the attendees supported enhancing security in the general aviation sector, they uniformly questioned the cost and efficacy of the approach TSA has taken in the proposed rule.
1. Small business representatives are concerned that TSA has not adequately assessed how the proposed rule would address recognized security threats to general aviation. Because a proper security risk assessment by TSA for general aviation has either not been performed or is not publicly available (i.e., because it is security sensitive), attendees at the roundtable were concerned that TSA has not adequately assessed how the proposed rule would address recognized security threats to general aviation and achieve TSA’s security objectives. Moreover, attendees were concerned that the proposed rule seems to be based more on anecdotal evidence than demonstrated risks to general aviation, and that the threat scenarios outlined in the proposed rule(13) are unrealistic. Several attendees noted that the proposed rule states that “TSA is aware that as vulnerabilities within the air carrier and commercial operator segment of the aviation industry are reduced, [general aviation] operations may become more attractive targets.”(14) However, attendees indicated that this statement is apparently at odds with other, more recent intelligence analysis by TSA that concludes there is little evidence to indicate that terrorists are turning their attention to general aviation. Accordingly, Advocacy recommends that TSA reassess the basis for the proposed rule to ensure that it is consistent with current TSA risk analysis and properly tailored to address demonstrated security threats to general aviation.
2. Small business representatives are concerned that TSA’s economic impact analysis understates the costs and exaggerates the benefits of the proposed rule. TSA readily acknowledges that the development of the proposed rule was hindered by uncertainty and a lack of data.(15) For this reason, TSA provides a wide range of possible cost estimates for the proposed rule ranging from somewhere between $859
million and $1.9 billion (discounted) over ten years.(16) Attendees at the roundtable were concerned that TSA has understated the cost of the proposed rule, particularly by mischaracterizing the number of business (versus private) aircraft that would be subject to the rule and therefore the opportunity costs of flight delays. Attendees also stated that TSA had understated costs with respect to developing security programs, conducting background checks and passenger screening, resolving discrepancies, and training security personnel.(17) Attendees were also concerned that the benefits of the proposed rule are overstated because TSA’s threat scenarios(18) are unrealistic. TSA provides four threat scenarios involving the use of a highjacked aircraft as a missile, with resulting damage ranging from $32 million to $1 trillion dollars, respectively. Attendees were skeptical that these scenarios were realistic because the proposed rule would apply to smaller aircraft that contain less fuel and impact force than a commercial airliner. Accordingly, Advocacy recommends that TSA reassess the expected costs and benefits of the proposed rule to determine whether its threat scenarios and assumptions are appropriate.
3. TSA should consider significant alternatives to the proposed rule in its Regulatory Flexibility Act analysis before proceeding. The RFA requires that each Initial Regulatory Flexibility Analysis (IRFA) include a description of “any significant alternatives to the proposed rule which accomplish the stated objectives of applicable statutes and which minimize any significant economic impact of the proposed rule on small entities.”(19) (Emphasis added.) A “significant” alternative under the RFA is defined as one that: 1) is feasible; 2) meets the agency's underlying objectives; and 3) reduces the burden on small entities.(20) The IRFA for the proposed rule discusses several alternatives;(21) however, none of them are feasible, nor do they contemplate a regulatory framework other than the proposed rule. Each either increases the burden on small entities or increases security risks.(22) Accordingly, they are not significant alternatives under the RFA and should not be included in the IRFA. Because agency compliance with the RFA is subject to judicial review,(23) Advocacy is concerned that TSA’s failure to consider significant alternatives in the IRFA could leave the agency vulnerable to a judicial challenge to any final rule.
Moreover, during the roundtable, attendees discussed several possible significant alternatives to the proposed rule that the agency should consider before proceeding. These included the following:
· Require operators to adopt a voluntary model security program or impose a performance standard rather than the proposed rule. Attendees uniformly stated that they believed TSA was overstating the security risk of general aviation and that they would prefer that TSA require operators to adopt a voluntary model program or that TSA impose a performance standard rather than the proposed rule.(24) Such an approach could ensure a less costly baseline level of security while allowing TSA to better assess any security gaps in the system over time. Attendees also stated that TSA should develop several model security programs based on the type of operation (rather than the single model program contemplated by the proposed rule) regardless of whether the agency issues the proposed rule or some other standard because a single program cannot encompass the size and range of operations across general aviation.
· Base the rule on type of threat rather than the weight of the aircraft. Attendees stated that they believe the 12,500 pound MTOW threshold is arbitrary and that TSA should focus on the type of threat that is likely to occur rather than imposing a “one-size-fits-all” regulatory program across general aviation, regardless of risk. Attendees stated that the Federal government has not considered aircraft of this size to be a threat before and has not justified changing its policy now. Attendees also stated that the theft of privately-owned aircraft is virtually nonexistent and that private aircraft owners usually have some security procedures in place, are familiar with their passengers, and have a substantial financial interest in protecting their aircraft.
· Phase in the proposed rule over a period of time based on the size or type of the aircraft or the size of the small entity. Attendees expressed concern that TSA would be overwhelmed if the proposed rule was adopted because the agency would be forced to approve thousands of security plans over a short period of time.(25) Accordingly, attendees recommended that TSA consider phasing in the rule over a period of time based on the size of the aircraft or the size or type of the small entity. Advocacy notes that this type of burden reduction is common under RFA analysis. Other alternatives might include providing simplified compliance requirements for small entities, allowing small entities to self-certify their security programs, or exempting some small entities from the program.
Advocacy appreciates the opportunity to comment on TSA’s Proposed Large Aircraft Security Program Rule and recommends that TSA consider these and other comments carefully before proceeding. While Advocacy is mindful that there are important security implications associated with the proposed rule, there may be alternative approaches that are less costly and equally effective. Advocacy recommends that TSA work with industry to develop these alternatives and consider pilot testing any program before it is mandated on a widespread basis. Please feel free to contact me or Bruce Lundegren at (202) 205-6144 (or firstname.lastname@example.org) if you have any questions or require additional information.
Shawne C. McGibbon
Acting Chief Counsel for Advocacy
Bruce E. Lundegren
Assistant Chief Counsel for Advocacy
Copy to: Kevin Neyland, Acting Administrator
Office of Information and Regulatory Affairs
Office of Management and Budget
17. Advocacy notes that small business representatives also raised a number of civil liberties and privacy concerns about the proposed rule, particularly with respect to private right to travel and the delegation of auditing and screening responsibilities to private, third-party entities.
19. 5 U.S.C. § 603(c). This section goes on to state: the analysis shall discuss significant alternatives such as -- (1) the establishment of differing compliance or reporting requirements or timetables that take into account the resources available to small entities; (2) the clarification, consolidation, or simplification of compliance and reporting requirements under the rule for such small entities; (3) the use of performance rather than design standards; and (4) an exemption from coverage of the rule, or any part thereof, for such small entities.
20. See, A Guide to Federal Agencies, How to Comply with the Regulatory Flexibility Act, SBA Office of Advocacy, May 2003, p. 35-37, 73-75 (available at http://www.sba.gov/advo/laws/rfaguide.pdf).
22. For example, lowering the threshold weight to 10,500 pounds would increase the burden on small entities, while raising the threshold weight or requiring operators to screen their passengers would increase risks (thereby not meet the agency’s objectives). Further, utilizing Secure Flight is not feasible because it is not operational. See, 73. Fed. Reg. 64837.
24. One attendee recommended that TSA consider simply requiring pilot security training as an alternative to the proposed rule because all pilots are already subject to background checks when they obtain their pilot’s license and are continually vetted thereafter. The attendee noted that pilots already receive annual safety training which readily could be expanded to include security. Another attendee noted that several organizations have already developed security best practices that could be utilized in lieu of the proposed rule.