View Rule

Statement of Need: The Maritime Transportation Security Act (MTSA) of 2002 explicitly required the issuance of a biometric transportation security card to all U.S. merchant mariners and to workers requiring unescorted access to secure areas of facilities and vessels. On May 22, 2006, the Transportation Security Administration (TSA) and the Coast Guard published a Notice of Proposed Rule Making (NPRM) to carry out this statute, proposing a Transportation Worker Identification Credential (TWIC) Program where TSA conducts security threat assessments and issues identification credentials, while the Coast Guard requires integration of the TWIC into the access control systems of vessels, facilities and OCS facilities. This would have included the use of biometric TWIC readers by vessels, facilities and OCS facilities. Based upon comments received during the public comment period, TSA and the Coast Guard bifurcated the TWIC rule. The final rule, published in January, addressed the issuance of the TWIC and use of the TWIC as a “flash pass” at access control points. The requirement for integration of the TWIC into access control systems via TWIC card readers was deliberately excluded from the first TWIC Final Rule due to technology, operational and economic feasibility concerns. While the private sector has employed biometrics for a number of years in controlled, office-like environments, very few studies have examined how biometric card readers will withstand the comparatively harsh environments of vessels and facilities. The standard for the design and issuance of the TWIC did not provide for the card to be read without inserting it into an open slot reader, which commenters felt was operationally insufficient for the rigors of application in the maritime environment. Also, several commenters stated that the cost of biometric card readers would be extremely detrimental for small entities. With this in mind, Congress enacted several statutory requirements within the Security and Accountability For Every (SAFE) Port Act of 2006 to guide regulations pertaining to TWIC card readers. This rulemaking is necessary to comply with the SAFE Port Act and to complete the implementation of the TWIC Program in our ports. By requiring electronic card readers at vessels and facilities, the Coast Guard will further enhance port security and improve access control measures.

Summary of the Legal Basis: The statutory authorities for the Coast Guard to prescribe, change, revise or amend these regulations are provided under 33 U.S.C. 1226, 1231; 46 U.S.C. Chapter 701; 50 U.S.C. 191, 192; Executive Order 12656, 3 CFR 1988 Comp., p. 585; 33 CFR 1.05-1, 6.04-11, 6.14, 6.16, and 6.19; Department of Homeland Security Delegation No. 0170.1. The SAFE Port Act requires a final rule within two years of “commencement” of the TWIC pilot program. The SAFE Port Act also requires that the pilot program begin within 180 days from signature of the Act (October 13, 2006). This means our final rule must be promulgated by April of 2009.

Alternatives: Alternative 1: Use several, if not all, of the concepts introduced in the first TWIC rule NPRM to address card reader requirements. This would mean that every facility and vessel regulated by 33 CFR Subchapter H would need to purchase or have access to at least one reader. Alternative 2: Don’t implement a reader requirement, and instead have the Coast Guard do spot checks on regulated facilities and vessels using hand-held biometric card readers, while TWICs are used as flash passes. Alternative 3: Require the use of card readers at regulated facilities and vessels based upon the risk of an access control related Transportation Security Incident taking place. No non-regulatory alternatives are available at this time.

Anticipated Costs and Benefits: The Coast Guard and TSA are in the process of revising earlier reader technology and compliance cost analysis from the Regulatory Evaluation used in support of the 2006 NPRM. Based on the 2006 Regulatory Evaluation, the average initial costs for affected owners and operators of vessels and facilities to acquire and install reader technology was approximately $225.5 million in the first year (non- discounted) with technology replacement occurring every five years. Based on public comments and mandates from the SAFE Port Act, we plan to revise the 2006 cost estimates associated with reader technology by incorporating data and findings from the pilot program. The pilot program discussed in the SAFE Port Act focuses on business processes, measurements of available technology, and operational impacts of readers. As of the publication date of this Regulatory Plan, data has not been collected from the pilot program. The Coast Guard and TSA anticipate reader technology deployed at vessels and facilities will further enhance port security and improve access control measures.

Risks: During the rulemaking process, we will take into account the various conditions in which TWIC card readers may be employed. For example, we will consider the types of vessels and facilities that will use TWIC readers, locations of secure and restricted areas, operational constraints, and need for accessibility. As part of this consideration, we are using the analytical hierarchy approach to incorporate Maritime Security Risk Analysis Model maximum consequence data, criticality, and TWIC utility factors to determine the level of TWIC authentication necessary at each type of facility and vessel. This will tie TWIC reader use requirements with facility and vessel risk, criticality, and TWIC utility. Recordkeeping requirements, amendments to security plans, and the requirement for data exchanges (i.e. TWIC hotlist) between TSA and vessel and facility owners/operators will also be addressed in this rulemaking. The MTSA of 2002 further required the TWIC to be applicable to vessel pilots (46 U.S.C. 70105(b)(2)(C)). Most vessel pilots are already included in the first TWIC Final Rule as many hold federally issued merchant mariner credentials. In this proposed rulemaking, we will propose extending the TWIC applicability to vessel pilots holding only state commissions or credentials. Similarly, MTSA required the TWIC to be applicable to “an individual engaged on a towing vessel that pushes, pulls, or hauls alongside a tank vessel” (46 U.S.C. 70105(b)(2)(D)). While we have included individuals working on towing vessels subject to 33 CFR Part 104 in the first TWIC Final Rule, we will propose extending TWIC applicability to those individuals who work on towing vessels that push, pull, or haul alongside a tank vessel. Another vital part of this rulemaking will be the vessel crew size limitations described in the SAFE Port Act. We are currently evaluating minimum crew size options as a component of proposed electronic reader requirements aboard vessels. Finally, we will also revisit the concept of recurring unescorted access which was introduced in the first TWIC rule. As stated in the NPRM, published on May 22, 2006, “As a result of this desire to provide flexibility, we propose the concept of ‘recurring unescorted access,’ which is intended to allow an individual to enter on a continual basis, without repeating the personal identity verification piece.” We will examine the risks and benefits of this provision and propose an appropriate solution for vessels and facilities with small contingents of regular employees.