[House Report 117-85]
[From the U.S. Government Publishing Office]
117th Congress } { Report
HOUSE OF REPRESENTATIVES
1st Session } { 117-85
======================================================================
PIPELINE SECURITY ACT
_______
July 13, 2021.--Committed to the Committee of the Whole House on the
State of the Union and ordered to be printed
_______
Mr. Thompson of Mississippi, from the Committee on Homeland Security,
submitted the following
R E P O R T
[To accompany H.R. 3243]
The Committee on Homeland Security, to whom was referred
the bill (H.R. 3243) to codify the Transportation Security
Administration's responsibility relating to securing pipelines
against cybersecurity threats, acts of terrorism, and other
nefarious acts that jeopardize the physical security or
cybersecurity of pipelines, and for other purposes, having
considered the same, reports favorably thereon with amendments
and recommends that the bill as amended do pass.
CONTENTS
Page
Purpose and Summary.............................................. 2
Background and Need for Legislation.............................. 3
Hearings......................................................... 4
Committee Consideration.......................................... 4
Committee Votes.................................................. 4
Committee Oversight Findings..................................... 4
C.B.O. Estimate, New Budget Authority, Entitlement Authority, and
Tax Expenditures............................................... 4
Federal Mandates Statement....................................... 5
Duplicative Federal Programs..................................... 5
Statement of General Performance Goals and Objectives............ 5
Congressional Earmarks, Limited Tax Benefits, and Limited Tariff
Benefits Advisory Committee Statement.......................... 5
Applicability to Legislative Branch.............................. 5
Section-by-Section Analysis of the Legislation................... 5
Changes in Existing Law Made by the Bill, as Reported............ 8
The amendments (stated in terms of the introduced bill) are
as follows:
Strike ``pipeline security section'' each place such term
appears (including in any headings and in the amendment to the
item relating to section 1631 added to the table of sections)
and insert ``pipeline security division''.
Page 3, line 7, strike ``section'' and insert ``division''.
Page 3, line 21, strike ``section'' and insert ``division''.
Page 3, line 21, insert ``in the executive service of the
Administration'' after ``individual''.
Page 3, line 24, strike ``section''and insert ``division''.
Page 4, line 1, strike ``section'' and insert ``division''.
Page 4, line 2, strike ``section'' and insert ``division''.
Page 4, line 22, insert before the period the following: ``,
unless such guidelines are superseded by directives or
regulations''.
Page 5, beginning line 5, strike ``to provide
recommendations'' and insert ``, or mandatory security
assessments if required by superseding directives or
regulations, to provide recommendations or requirements''.
Page 5, line 18, insert before the period the following: ``or
superseding directives or regulations''.
Page 5, strike lines 19 through 21 and insert the following:
``(6) Supporting the development and implementation of a
security directive or regulation when the Administrator issues
such a directive or regulation.
Page 5, line 22, strike ``section's'' and insert
``division's''.
Page 6, line 11, insert before the period the following: ``,
except to the extent such guidelines have been superseded by
directives or regulations''.
Page 7, after line 24, insert the following (and redesignate
subsequent subsections accordingly):
(c) Cybersecurity Expertise.--The strategy shall include an
assessment of the cybersecurity expertise determined necessary
by the Administrator of the Transportation Security
Administration and a plan for developing such expertise within
the Administration.
Page 8, line 18, insert ``directives, regulations,'' after
``guidelines,''.
Purpose and Summary
H.R. 3243, the ``Pipeline Security Act,'' seeks to enhance
the cybersecurity and physical security of our Nation's
pipeline infrastructure by clarifying the Transportation
Security Administration's (TSA) responsibility related to
securing pipelines against cybersecurity threats, acts of
terrorism, and other nefarious acts. The bill also sets
requirements for a pipeline security division within TSA to
help carry out this mission. Under this bill, TSA's pipeline
security division must develop guidelines for pipeline
security, conduct inspections of pipelines and pipeline
facilities, and assist with the development and implementation
of security directives and regulations related to pipeline
security. In addition, the bill requires TSA and the
Cybersecurity and Infrastructure Security Agency (CISA) to
coordinate and develop a pipeline security personnel strategy
to ensure TSA maintains appropriate pipeline security staffing
and cybersecurity expertise. Finally, the bill requires TSA to
annually report to Congress regarding pipeline security,
instructs the Government Accountability Office (GAO) to conduct
a review of the implementation of this Act, and enhances TSA's
engagement with pipeline security stakeholders.
Background and Need for Legislation
Since its establishment in 2001, pipeline security has been
a part of TSA's mission to secure all modes of transportation,
as pipelines have long been defined in law as a mode of
transportation. To carry out this mission, TSA also has
authority to promulgate mandatory security directives and
regulations related to pipeline security, as it did on May 27,
2021, when it issued a security directive requiring pipeline
operators to report cybersecurity incidents, designate incident
response coordinators, and assess compliance with TSA security
guidance.
Recently, the vulnerability of the Nation's oil and natural
gas infrastructure was brought into sharp focus when, in May
2021, the Nation's largest fuel pipeline operator was the
victim of a ransomware attack that caused a 6-day shutdown of
the pipeline. The ransomware attack on the Colonial Pipeline
Company resulted in communities across the East Coast
experiencing extreme gasoline shortages and highlighted the
importance of enhancing the cybersecurity and physical security
of pipeline systems as well as the regulatory framework for
protecting such systems.
H.R. 3243 builds upon TSA's existing statutory authority to
secure pipelines to enhance efforts to address the evolving
threat landscape. Under this legislation, TSA's pipeline
security functions will be housed within a dedicated pipeline
security division with senior-level leadership and personnel
with cybersecurity expertise. Among its key functions, the
pipeline security division would be charged with developing and
maintaining guidelines for pipeline security and conducting
inspections and risk assessments. The division would also
assist with the development and implementation of security
directives and regulations related to pipeline security,
including forthcoming directives announced by the Secretary of
Homeland Security on May 27, 2021.
As illustrated by the May 2021 Colonial Pipeline attack,
the need for the Federal government to raise the bar on
cybersecurity among pipeline operators is particularly acute.
TSA, as a component of the Department of Homeland Security
(DHS), is ideally positioned to coordinate with CISA, which has
significant cybersecurity expertise. Further, TSA's position
within DHS also ensures it has access to key Federal resources
and intelligence related to physical threats against pipelines.
H.R. 3243 facilitates intradepartmental collaboration by
instructing TSA, in coordination with CISA, to develop a
personnel strategy for the pipeline security division. This
strategy is specifically required to include a plan for
developing and maintaining appropriate cybersecurity expertise
within TSA.
Finally, H.R. 3243 contains important oversight provisions
regarding TSA's pipeline security efforts. It requires TSA to
conduct additional stakeholder engagement, establishes annual
pipeline security report requirements for TSA, and provides GAO
with a mandate to review the legislation's implementation.
Hearings
For the purposes of clause 3(c)(6) of rule XIII, the
following hearing was used to develop H.R. 3243:
The Committee did not hold a legislative hearing on H.R.
3243 in the 117th Congress. The legislation was informed by a
hearing held in the 116th Congress. On February 22, 2019, the
Subcommittee on Transportation and Maritime Security and the
Subcommittee on Cybersecurity, Infrastructure Protection, and
Innovation held a hearing entitled ``Securing U.S. Surface
Transportation from Cyber Attacks.'' The Subcommittees received
testimony from Sonya Proctor, Director for the Surface
Division, Office of Security Policy and Industry Engagement,
TSA; Bob Kolasky, Director of National Risk Management Center,
CISA; James Lewis, Senior Vice President and Director,
Technology Policy Program, Center for Strategic & International
Studies; Rebeca Gagliostro, Director of Security, Reliability,
and Resilience, Interstate Natural Gas Association of America;
Erik Olson, Vice President, Rail Security Alliance; and John
Hultquist, Director of Intelligence Analysis, FireEye.
Committee Consideration
The Committee met on May 18, 2021, with a quorum being
present, to consider H.R. 3243 and ordered the measure to be
reported to the House with a favorable recommendation, with
amendments, by unanimous consent.
Committee Votes
Clause 3(b) of rule XIII of the Rules of the House of
Representatives requires the Committee to list the recorded
votes on the motion to report legislation and amendments
thereto.
No recorded votes were requested during consideration of
H.R. 3243.
Committee Oversight Findings
In compliance with clause 3(c)(1) of rule XIII of the Rules
of the House of Representatives, the Committee advises that the
findings and recommendations of the Committee, based on
oversight activities under clause 2(b)(1) of rule X of the
Rules of the House of Representatives, are incorporated in the
descriptive portions of this report.
Congressional Budget Office Estimate, New Budget Authority, Entitlement
Authority, and Tax Expenditures
With respect to the requirements of clause 3(c)(2) of rule
XIII of the Rules of the House of Representatives and section
308(a) of the Congressional Budget Act of 1974, and with
respect to the requirements of clause 3(c)(3) of rule XIII of
the Rules of the House of Representatives and section 402 of
the Congressional Budget Act of 1974, the Committee has
requested but not received from the Director of the
Congressional Budget Office a statement as to whether this bill
contains any new budget authority, spending authority, credit
authority, or an increase or decrease in revenues or tax
expenditures.
Federal Mandates Statement
An estimate of Federal mandates prepared by the Director of
the Congressional Budget Office pursuant to section 423 of the
Unfunded Mandates Reform Act was not made available to the
Committee in time for the filing of this report. The Chairman
of the Committee shall cause such estimate to be printed in the
Congressional Record upon its receipt by the Committee.
Duplicative Federal Programs
Pursuant to clause 3(c) of rule XIII, the Committee finds
that H.R. 3243 does not contain any provision that establishes
or reauthorizes a program known to be duplicative of another
Federal program.
Statement of General Performance Goals and Objectives
Pursuant to clause 3(c)(4) of rule XIII of the Rules of the
House of Representatives, the objectives of H.R. 3243 are to
clarify TSA's pipeline security responsibilities and bolster
its activities related to securing pipelines against
cybersecurity threats, acts of terrorism, and other nefarious
acts that jeopardize the cybersecurity or physical security of
pipelines.
Congressional Earmarks, Limited Tax Benefits, and Limited Tariff
Benefits Advisory Committee Statement
In compliance with rule XXI of the Rules of the House of
Representatives, this bill, as reported, contains no
congressional earmarks, limited tax benefits, or limited tariff
benefits as defined in clause 9(d), 9(e), or 9(f) of the rule
XXI.
Applicability to Legislative Branch
The Committee finds that H.R. 3243 does not relate to the
terms and conditions of employment or access to public services
or accommodations within the meaning of section 102(b)(3) of
the Congressional Accountability Act.
Section-by-Section Analysis of the Legislation
Section 1. Short Title.
This section provides that this bill may be cited as the
``Pipeline Security Act.''
Sec. 2. Pipeline Security Responsibilities.
This section amends subsection (f) of section 114 of title
49, United States Code, to add a new paragraph directing that
the TSA Administrator, in coordination with the CISA Director,
maintain responsibility relating to securing pipeline
transportation and pipeline facilities against cybersecurity
threats, acts of terrorism, and other nefarious acts that
jeopardize the physical security or cybersecurity of pipeline
transportation or facilities. The Committee believes that
incorporating language calling on TSA to coordinate with CISA,
an entity that was not established as a DHS component until
2018, uniquely positions TSA to carry out its pipeline security
mission in the evolving threat landscape.
Sec. 3. Pipeline Security Division.
This section amends title XVI of the Homeland Security Act
of 2002 by establishing a pipeline security division within TSA
to carry out pipeline security programs. The mission of the
pipeline security division is to oversee, in coordination with
CISA, the security of pipeline transportation and pipeline
facilities against cybersecurity threats, acts of terrorism,
and other nefarious acts that jeopardize the physical security
or cybersecurity of such transportation or facilities.
Additionally, this section requires the TSA Administrator
to appoint a division head to the pipeline security division
who has pipeline industry and security expertise. This
individual must be in the executive service of TSA. This
section further specifies that the division will be staffed by
a workforce that includes personnel with cybersecurity
expertise.
This section also articulates certain responsibilities of
the pipeline security division. These responsibilities include
developing guidelines for the physical security and
cybersecurity of pipeline transportation and pipeline
facilities, in coordination with relevant government, public,
and private sector stakeholders. These guidelines must be
updated based on intelligence and risk assessments no less than
every three years and shared, as appropriate, with key pipeline
security stakeholders, unless they are superseded by mandatory
security directives or regulations. The division is further
instructed to conduct cybersecurity and physical security
assessments of pipelines to ensure voluntary compliance with
these security guidelines and, as applicable, mandated
compliance with security directives or regulations related to
pipeline security. Other responsibilities of the division
include carrying out a program to inspect pipelines and
pipeline facilities, including inspections of pipeline
facilities determined to be critical. The division is also
tasked with supporting the development and implementation of
security directives and regulations related to pipeline
security.
Furthermore, the TSA Administrator and CISA Director are
authorized to detail personnel between their components under
this section. The pipeline security division will also be
required to publish updated security guidelines within one year
of the date of enactment, except if such guidelines have been
superseded by security directives or regulations.
The Committee believes that establishing a division within
TSA that is dedicated to pipeline security will enhance TSA's
execution of its pipeline security mission by ensuring this
mission receives senior-level leadership, personnel, and
institutional visibility commensurate with its importance.
Additionally, the Committee believes that by specifically
articulating key responsibilities and authorities of this
division, TSA will be able to more effectively engage with
pipeline security stakeholders and assist with the development
and implementation of guidance, security directives, and
regulations on such matters. The Committee also believes that
requiring a program to inspect critical pipelines and pipeline
facilities is key to ensuring pipelines and pipeline facilities
continually meet security standards. Finally, the Committee
believes that authorizing the TSA Administrator and CISA
Director to detail personnel between their components will help
drive interagency communication and collaboration and ensure
DHS leverages the expertise of its different components
effectively.
Sec. 4. Personnel Strategy.
This section requires TSA, in coordination with CISA, to
develop a personnel strategy for the staffing of the pipeline
security division within 180 days of the date of enactment.
Upon development of the strategy, the TSA Administrator must
provide the Committee on Homeland Security of the House of
Representatives and the Committee on Commerce, Science, and
Transportation of the Senate with a copy of such a strategy.
The strategy must take into consideration the most recently
published versions of key DHS and TSA strategy documents.
Additionally, it must contain an assessment of the resources
needed to carry out the pipeline security division's
responsibilities and an assessment of TSA's pipeline security
cybersecurity expertise, including a plan to further develop
such expertise.
The Committee believes the development of a personnel
strategy for the staffing of the pipeline security division
will help TSA build upon its ongoing efforts to develop a
workforce capable of ensuring the security of the pipeline
sector, and that specifically assessing the need for
cybersecurity expertise will help TSA acquire the workforce
needed to counter current threats.
Sec. 5. Oversight.
This section requires the TSA Administrator to report to
the Committee on Homeland Security of the House of
Representatives and the Committee on Commerce, Science, and
Transportation of the Senate about the activities of the
pipeline security division, including information with respect
to guidelines, security directives, regulations, security
assessments, and inspections, no less than annually. Each
report must include a determination by the Administrator
regarding whether a need exists for additional regulations or
non-regulatory initiatives and provide a justification for such
determination.
Finally, the section requires GAO to conduct a review of
the implementation of the Act, not later than two years after
the date of enactment.
The Committee believes the requirements for regular reports
to Congress and a GAO review will assist Congress in conducting
effective oversight of TSA's pipeline security efforts. Such
oversight will be key to ensuring the success of the pipeline
security division.
Sec. 6. Stakeholder Engagement.
This section requires the TSA Administrator to convene not
less than two industry days to engage with pipeline
transportation and pipeline facilities stakeholders. These
industry days shall occur not later than one year after the
date of enactment.
The Committee has heard from pipeline stakeholders
regarding the importance of information-sharing between the
government and the private sector, as well as about the value
of TSA's pipeline security capabilities in particular.
Stakeholders have also noted that, during critical incidents,
it is essential to have established lines of communication with
key regulators. The Committee believes that the combination of
a standing division dedicated to pipeline security and
requirements for meetings will enhance engagement between TSA
and pipeline operators.
Changes in Existing Law Made by the Bill, as Reported
In compliance with clause 3(e) of rule XIII of the Rules of
the House of Representatives, changes in existing law made by
the bill, as reported, are shown as follows (existing law
proposed to be omitted is enclosed in black brackets, new
matter is printed in italics, and existing law in which no
change is proposed is shown in roman):
TITLE 49, UNITED STATES CODE
* * * * * * *
SUBTITLE I--DEPARTMENT OF TRANSPORTATION
* * * * * * *
CHAPTER 1--ORGANIZATION
* * * * * * *
Sec. 114. Transportation Security Administration
(a) In General.--The Transportation Security Administration
shall be an administration of the Department of Homeland
Security.
(b) Leadership.--
(1) Head of transportation security administration.--
(A) Appointment.--The head of the
Administration shall be the Administrator of
the Transportation Security Administration
(referred to in this section as the
``Administrator''). The Administrator shall be
appointed by the President, by and with the
advice and consent of the Senate.
(B) Qualifications.--The Administrator must--
(i) be a citizen of the United
States; and
(ii) have experience in a field
directly related to transportation or
security.
(C) Term.--Effective with respect to any
individual appointment by the President, by and
with the advice and consent of the Senate,
after the date of enactment of the TSA
Modernization Act, the term of office of an
individual appointed as the Administrator shall
be 5 years. The term of office of an individual
serving as the Administrator on the date of
enactment of the TSA Modernization Act shall be
5 years beginning on the date that the
Administrator began serving.
(2) Deputy administrator.--
(A) Appointment.--There is established in the
Transportation Security Administration a Deputy
Administrator, who shall assist the
Administrator in the management of the
Transportation Security Administration. The
Deputy Administrator shall be appointed by the
President.
(B) Vacancy.--The Deputy Administrator shall
be Acting Administrator during the absence or
incapacity of the Administrator or during a
vacancy in the office of Administrator.
(C) Qualifications.--The Deputy Administrator
must--
(i) be a citizen of the United
States; and
(ii) have experience in a field
directly related to transportation or
security.
(3) Chief counsel.--
(A) Appointment.--There is established in the
Transportation Security Administration a Chief
Counsel, who shall advise the Administrator and
other senior officials on all legal matters
relating to the responsibilities, functions,
and management of the Transportation Security
Administration.
(B) Qualifications.--The Chief Counsel must
be a citizen of the United States.
(c) Limitation on Ownership of Stocks and Bonds.--The
Administrator may not own stock in or bonds of a transportation
or security enterprise or an enterprise that makes equipment
that could be used for security purposes.
(d) Functions.--The Administrator shall be responsible for
security in all modes of transportation, including--
(1) carrying out chapter 449, relating to civil
aviation security, and related research and development
activities; and
(2) security responsibilities over other modes of
transportation that are exercised by the Department of
Transportation.
(e) Screening Operations.--The Administrator shall--
(1) be responsible for day-to-day Federal security
screening operations for passenger air transportation
and intrastate air transportation under sections 44901
and 44935;
(2) develop standards for the hiring and retention of
security screening personnel;
(3) train and test security screening personnel; and
(4) be responsible for hiring and training personnel
to provide security screening at all airports in the
United States where screening is required under section
44901, in consultation with the Secretary of
Transportation and the heads of other appropriate
Federal agencies and departments.
(f) Additional Duties and Powers.--In addition to carrying
out the functions specified in subsections (d) and (e), the
Administrator shall--
(1) receive, assess, and distribute intelligence
information related to transportation security;
(2) assess threats to transportation;
(3) develop policies, strategies, and plans for
dealing with threats to transportation security;
(4) make other plans related to transportation
security, including coordinating countermeasures with
appropriate departments, agencies, and
instrumentalities of the United States Government;
(5) serve as the primary liaison for transportation
security to the intelligence and law enforcement
communities;
(6) on a day-to-day basis, manage and provide
operational guidance to the field security resources of
the Administration, including Federal Security Managers
as provided by section 44933;
(7) enforce security-related regulations and
requirements;
(8) identify and undertake research and development
activities necessary to enhance transportation
security;
(9) inspect, maintain, and test security facilities,
equipment, and systems;
(10) ensure the adequacy of security measures for the
transportation of cargo;
(11) oversee the implementation, and ensure the
adequacy, of security measures at airports and other
transportation facilities;
(12) require background checks for airport security
screening personnel, individuals with access to secure
areas of airports, and other transportation security
personnel;
(13) work in conjunction with the Administrator of
the Federal Aviation Administration with respect to any
actions or activities that may affect aviation safety
or air carrier operations;
(14) work with the International Civil Aviation
Organization and appropriate aeronautic authorities of
foreign governments under section 44907 to address
security concerns on passenger flights by foreign air
carriers in foreign air transportation;
(15) establish and maintain a National Deployment
Office as required under section 44948 of this title;
[and]
(16) maintain responsibility, in coordination with
the Director of the Cybersecurity and Infrastructure
Security Agency, as appropriate, relating to securing
pipeline transportation and pipeline facilities (as
such terms are defined in section 60101 of this title)
against cybersecurity threats (as such term is defined
in section 102 of the Cybersecurity Information Sharing
Act of 2015 (Public Law 114-113; 6 U.S.C. 1501)), an
act of terrorism (as such term is defined in section
3077 of title 18), and other nefarious acts that
jeopardize the physical security or cybersecurity of
such transportation or facilities; and
[(16)] (17) carry out such other duties, and exercise
such other powers, relating to transportation security
as the Administrator considers appropriate, to the
extent authorized by law.
(g) National Emergency Responsibilities.--
(1) In general.--Subject to the direction and control
of the Secretary of Homeland Security, the
Administrator, during a national emergency, shall have
the following responsibilities:
(A) To coordinate domestic transportation,
including aviation, rail, and other surface
transportation, and maritime transportation
(including port security).
(B) To coordinate and oversee the
transportation-related responsibilities of
other departments and agencies of the Federal
Government other than the Department of Defense
and the military departments.
(C) To coordinate and provide notice to other
departments and agencies of the Federal
Government, and appropriate agencies of State
and local governments, including departments
and agencies for transportation, law
enforcement, and border control, about threats
to transportation.
(D) To carry out such other duties, and
exercise such other powers, relating to
transportation during a national emergency as
the Secretary of Homeland Security shall
prescribe.
(2) Authority of other departments and agencies.--The
authority of the Administrator under this subsection
shall not supersede the authority of any other
department or agency of the Federal Government under
law with respect to transportation or transportation-
related matters, whether or not during a national
emergency.
(3) Circumstances.--The Secretary of Homeland
Security shall prescribe the circumstances constituting
a national emergency for purposes of this subsection.
(h) Management of Security Information.--In consultation with
the Transportation Security Oversight Board, the Administrator
shall--
(1) enter into memoranda of understanding with
Federal agencies or other entities to share or
otherwise cross-check as necessary data on individuals
identified on Federal agency databases who may pose a
risk to transportation or national security;
(2) establish procedures for notifying the
Administrator of the Federal Aviation Administration,
appropriate State and local law enforcement officials,
and airport or airline security officers of the
identity of individuals known to pose, or suspected of
posing, a risk of air piracy or terrorism or a threat
to airline or passenger safety;
(3) in consultation with other appropriate Federal
agencies and air carriers, establish policies and
procedures requiring air carriers--
(A) to use information from government
agencies to identify individuals on passenger
lists who may be a threat to civil aviation or
national security; and
(B) if such an individual is identified,
notify appropriate law enforcement agencies,
prevent the individual from boarding an
aircraft, or take other appropriate action with
respect to that individual; and
(4) consider requiring passenger air carriers to
share passenger lists with appropriate Federal agencies
for the purpose of identifying individuals who may pose
a threat to aviation safety or national security.
(i) View of NTSB.--In taking any action under this section
that could affect safety, the Administrator shall give great
weight to the timely views of the National Transportation
Safety Board.
(j) Acquisitions.--
(1) In general.--The Administrator is authorized--
(A) to acquire (by purchase, lease,
condemnation, or otherwise) such real property,
or any interest therein, within and outside the
continental United States, as the Administrator
considers necessary;
(B) to acquire (by purchase, lease,
condemnation, or otherwise) and to construct,
repair, operate, and maintain such personal
property (including office space and patents),
or any interest therein, within and outside the
continental United States, as the Administrator
considers necessary;
(C) to lease to others such real and personal
property and to provide by contract or
otherwise for necessary facilities for the
welfare of its employees and to acquire,
maintain, and operate equipment for these
facilities;
(D) to acquire services, including such
personal services as the Secretary of Homeland
Security determines necessary, and to acquire
(by purchase, lease, condemnation, or
otherwise) and to construct, repair, operate,
and maintain research and testing sites and
facilities; and
(E) in cooperation with the Administrator of
the Federal Aviation Administration, to utilize
the research and development facilities of the
Federal Aviation Administration.
(2) Title.--Title to any property or interest therein
acquired pursuant to this subsection shall be held by
the Government of the United States.
(k) Transfers of Funds.--The Administrator is authorized to
accept transfers of unobligated balances and unexpended
balances of funds appropriated to other Federal agencies (as
such term is defined in section 551(1) of title 5) to carry out
functions assigned by law to the Administrator.
(l) Regulations.--
(1) In general.--The Administrator is authorized to
issue, rescind, and revise such regulations as are
necessary to carry out the functions of the
Administration.
(2) Emergency procedures.--
(A) In general.--Notwithstanding any other
provision of law or executive order (including
an executive order requiring a cost-benefit
analysis), if the Administrator determines that
a regulation or security directive must be
issued immediately in order to protect
transportation security, the Administrator
shall issue the regulation or security
directive without providing notice or an
opportunity for comment and without prior
approval of the Secretary.
(B) Review by transportation security
oversight board.--Any regulation or security
directive issued under this paragraph shall be
subject to review by the Transportation
Security Oversight Board established under
section 115. Any regulation or security
directive issued under this paragraph shall
remain effective for a period not to exceed 90
days unless ratified or disapproved by the
Board or rescinded by the Administrator.
(3) Factors to consider.--In determining whether to
issue, rescind, or revise a regulation under this
section, the Administrator shall consider, as a factor
in the final determination, whether the costs of the
regulation are excessive in relation to the enhancement
of security the regulation will provide. The
Administrator may waive requirements for an analysis
that estimates the number of lives that will be saved
by the regulation and the monetary value of such lives
if the Administrator determines that it is not feasible
to make such an estimate.
(4) Airworthiness objections by faa.--
(A) In general.--The Administrator shall not
take an aviation security action under this
title if the Administrator of the Federal
Aviation Administration notifies the
Administrator that the action could adversely
affect the airworthiness of an aircraft.
(B) Review by secretary.--Notwithstanding
subparagraph (A), the Administrator may take
such an action, after receiving a notification
concerning the action from the Administrator of
the Federal Aviation Administration under
subparagraph (A), if the Secretary of
Transportation subsequently approves the
action.
(m) Personnel and Services; Cooperation by Administrator.--
(1) Authority of administrator.--In carrying out the
functions of the Administration, the Administrator
shall have the same authority as is provided to the
Administrator of the Federal Aviation Administration
under subsections (l) and (m) of section 106.
(2) Authority of agency heads.--The head of a Federal
agency shall have the same authority to provide
services, supplies, equipment, personnel, and
facilities to the Administrator as the head has to
provide services, supplies, equipment, personnel, and
facilities to the Administrator of the Federal Aviation
Administration under section 106(m).
(n) Personnel Management System.--
(1) In general.--The personnel management system
established by the Administrator of the Federal
Aviation Administration under section 40122 shall apply
to employees of the Transportation Security
Administration, or, subject to the requirements of such
section, the Administrator may make such modifications
to the personnel management system with respect to such
employees as the Administrator considers appropriate,
such as adopting aspects of other personnel systems of
the Department of Homeland Security.
(2) Meritorious executive or distinguished executive
rank awards.--Notwithstanding section 40122(g)(2) of
this title, the applicable sections of title 5 shall
apply to the Transportation Security Administration
personnel management system, except that--
(A) for purposes of applying such provisions
to the personnel management system--
(i) the term ``agency'' means the
Department of Homeland Security;
(ii) the term ``senior executive''
means a Transportation Security
Administration executive serving on a
Transportation Security Executive
Service appointment;
(iii) the term ``career appointee''
means a Transportation Security
Administration executive serving on a
career Transportation Security
Executive Service appointment; and
(iv) The term ``senior career
employee'' means a Transportation
Security Administration employee
covered by the Transportation Security
Administration Core Compensation System
at the L or M pay band;
(B) receipt by a career appointee or a senior
career employee of the rank of Meritorious
Executive or Meritorious Senior Professional
entitles the individual to a lump-sum payment
of an amount equal to 20 percent of annual
basic pay, which shall be in addition to the
basic pay paid under the applicable
Transportation Security Administration pay
system; and
(C) receipt by a career appointee or a senior
career employee of the rank of Distinguished
Executive or Distinguished Senior Professional
entitles the individual to a lump-sum payment
of an amount equal to 35 percent of annual
basic pay, which shall be in addition to the
basic pay paid under the applicable
Transportation Security Administration pay
system.
(3) Definition of applicable sections of title 5.--In
this subsection, the term ``applicable sections of
title 5'' means--
(A) subsections (b), (c) and (d) of section
4507 of title 5; and
(B) subsections (b) and (c) of section 4507a
of title 5.
(o) Authority of Inspector General.--The Transportation
Security Administration shall be subject to the Inspector
General Act of 1978 (5 U.S.C. App.) and other laws relating to
the authority of the Inspector General of the Department of
Homeland Security.
(p) Law Enforcement Powers.--
(1) In general.--The Administrator may designate an
employee of the Transportation Security Administration
or other Federal agency to serve as a law enforcement
officer.
(2) Powers.--While engaged in official duties of the
Administration as required to fulfill the
responsibilities under this section, a law enforcement
officer designated under paragraph (1) may--
(A) carry a firearm;
(B) make an arrest without a warrant for any
offense against the United States committed in
the presence of the officer, or for any felony
cognizable under the laws of the United States
if the officer has probable cause to believe
that the person to be arrested has committed or
is committing the felony; and
(C) seek and execute warrants for arrest or
seizure of evidence issued under the authority
of the United States upon probable cause that a
violation has been committed.
(3) Guidelines on exercise of authority.--The
authority provided by this subsection shall be
exercised in accordance with guidelines prescribed by
the Administrator, in consultation with the Attorney
General of the United States, and shall include
adherence to the Attorney General's policy on use of
deadly force.
(4) Revocation or suspension of authority.--The
powers authorized by this subsection may be rescinded
or suspended should the Attorney General determine that
the Administrator has not complied with the guidelines
prescribed in paragraph (3) and conveys the
determination in writing to the Secretary of Homeland
Security and the Administrator.
(q) Authority To Exempt.--The Administrator may grant an
exemption from a regulation prescribed in carrying out this
section if the Administrator determines that the exemption is
in the public interest.
(r) Nondisclosure of Security Activities.--
(1) In general.--Notwithstanding section 552 of title
5, the Administrator shall prescribe regulations
prohibiting the disclosure of information obtained or
developed in carrying out security under authority of
the Aviation and Transportation Security Act (Public
Law 107-71) or under chapter 449 of this title if the
Administrator decides that disclosing the information
would--
(A) be an unwarranted invasion of personal
privacy;
(B) reveal a trade secret or privileged or
confidential commercial or financial
information; or
(C) be detrimental to the security of
transportation.
(2) Availability of information to congress.--
Paragraph (1) does not authorize information to be
withheld from a committee of Congress authorized to
have the information.
(3) Limitation on transferability of duties.--Except
as otherwise provided by law, the Administrator may not
transfer a duty or power under this subsection to
another department, agency, or instrumentality of the
United States.
(4) Limitations.--Nothing in this subsection, or any
other provision of law, shall be construed to authorize
the designation of information as sensitive security
information (as defined in section 1520.5 of title 49,
Code of Federal Regulations)--
(A) to conceal a violation of law,
inefficiency, or administrative error;
(B) to prevent embarrassment to a person,
organization, or agency;
(C) to restrain competition; or
(D) to prevent or delay the release of
information that does not require protection in
the interest of transportation security,
including basic scientific research information
not clearly related to transportation security.
(s) Transportation Security Strategic Planning.--
(1) In general.--The Secretary of Homeland Security
shall develop, prepare, implement, and update, as
needed--
(A) a National Strategy for Transportation
Security; and
(B) transportation modal security plans
addressing security risks, including threats,
vulnerabilities, and consequences, for
aviation, railroad, ferry, highway, maritime,
pipeline, public transportation, over-the-road
bus, and other transportation infrastructure
assets.
(2) Role of secretary of transportation.--The
Secretary of Homeland Security shall work jointly with
the Secretary of Transportation in developing,
revising, and updating the documents required by
paragraph (1).
(3) Contents of national strategy for transportation
security.--The National Strategy for Transportation
Security shall include the following:
(A) An identification and evaluation of the
transportation assets in the United States
that, in the interests of national security and
commerce, must be protected from attack or
disruption by terrorist or other hostile
forces, including modal security plans for
aviation, bridge and tunnel, commuter rail and
ferry, highway, maritime, pipeline, rail, mass
transit, over-the-road bus, and other public
transportation infrastructure assets that could
be at risk of such an attack or disruption.
(B) The development of risk-based priorities,
based on risk assessments conducted or received
by the Secretary of Homeland Security
(including assessments conducted under the
Implementing Recommendations of the 9/11
Commission Act of 2007) across all
transportation modes and realistic deadlines
for addressing security needs associated with
those assets referred to in subparagraph (A).
(C) The most appropriate, practical, and
cost-effective means of defending those assets
against threats to their security.
(D) A forward-looking strategic plan that
sets forth the agreed upon roles and missions
of Federal, State, regional, local, and tribal
authorities and establishes mechanisms for
encouraging cooperation and participation by
private sector entities, including nonprofit
employee labor organizations, in the
implementation of such plan.
(E) A comprehensive delineation of
prevention, response, and recovery
responsibilities and issues regarding
threatened and executed acts of terrorism
within the United States and threatened and
executed acts of terrorism outside the United
States to the extent such acts affect United
States transportation systems.
(F) A prioritization of research and
development objectives that support
transportation security needs, giving a higher
priority to research and development directed
toward protecting vital transportation assets.
Transportation security research and
development projects shall be based, to the
extent practicable, on such prioritization.
Nothing in the preceding sentence shall be
construed to require the termination of any
research or development project initiated by
the Secretary of Homeland Security or the
Secretary of Transportation before the date of
enactment of the Implementing Recommendations
of the 9/11 Commission Act of 2007.
(G) A 3- and 10-year budget for Federal
transportation security programs that will
achieve the priorities of the National Strategy
for Transportation Security.
(H) Methods for linking the individual
transportation modal security plans and the
programs contained therein, and a plan for
addressing the security needs of intermodal
transportation.
(I) Transportation modal security plans
described in paragraph (1)(B), including
operational recovery plans to expedite, to the
maximum extent practicable, the return to
operation of an adversely affected
transportation system following a major
terrorist attack on that system or other
incident. These plans shall be coordinated with
the resumption of trade protocols required
under section 202 of the SAFE Port Act (6
U.S.C. 942) and the National Maritime
Transportation Security Plan required under
section 70103(a) of title 46.
(4) Submission of plans.--
(A) In general.--The Secretary of Homeland
Security shall submit the National Strategy for
Transportation Security, including the
transportation modal security plans and any
revisions to the National Strategy for
Transportation Security and the transportation
modal security plans, to appropriate
congressional committees not less frequently
than April 1 of each even-numbered year.
(B) Periodic progress report.--
(i) Requirement for report.--Each
year, in conjunction with the
submission of the budget to Congress
under section 1105(a) of title 31,
United States Code, the Secretary of
Homeland Security shall submit to the
appropriate congressional committees an
assessment of the progress made on
implementing the National Strategy for
Transportation Security, including the
transportation modal security plans.
(ii) Content.--Each progress report
submitted under this subparagraph shall
include, at a minimum, the following:
(I) Recommendations for
improving and implementing the
National Strategy for
Transportation Security and the
transportation modal and
intermodal security plans that
the Secretary of Homeland
Security, in consultation with
the Secretary of
Transportation, considers
appropriate.
(II) An accounting of all
grants for transportation
security, including grants and
contracts for research and
development, awarded by the
Secretary of Homeland Security
in the most recent fiscal year
and a description of how such
grants accomplished the goals
of the National Strategy for
Transportation Security.
(III) An accounting of all--
(aa) funds requested
in the President's
budget submitted
pursuant to section
1105 of title 31 for
the most recent fiscal
year for transportation
security, by mode;
(bb) personnel
working on
transportation security
by mode, including the
number of contractors;
and
(cc) information on
the turnover in the
previous year among
senior staff of the
Department of Homeland
Security, including
component agencies,
working on
transportation security
issues. Such
information shall
include the number of
employees who have
permanently left the
office, agency, or area
in which they worked,
and the amount of time
that they worked for
the Department of
Homeland Security.
(iii) Written explanation of
transportation security activities not
delineated in the national strategy for
transportation security.--At the end of
each fiscal year, the Secretary of
Homeland Security shall submit to the
appropriate congressional committees a
written explanation of any Federal
transportation security activity that
is inconsistent with the National
Strategy for Transportation Security,
including the amount of funds to be
expended for the activity and the
number of personnel involved.
(C) Classified material.--Any part of the
National Strategy for Transportation Security
or the transportation modal security plans that
involve information that is properly classified
under criteria established by Executive order
shall be submitted to the appropriate
congressional committees separately in a
classified format.
(D) Appropriate congressional committees
defined.--In this subsection, the term
``appropriate congressional committees'' means
the Committee on Transportation and
Infrastructure and the Committee on Homeland
Security of the House of Representatives and
the Committee on Commerce, Science, and
Transportation, the Committee on Homeland
Security and Governmental Affairs, and the
Committee on Banking, Housing, and Urban
Affairs of the Senate.
(5) Priority Status.--
(A) In general.--The National Strategy for
Transportation Security shall be the governing
document for Federal transportation security
efforts.
(B) Other plans and reports.--The National
Strategy for Transportation Security shall
include, as an integral part or as an
appendix--
(i) the current National Maritime
Transportation Security Plan under
section 70103 of title 46;
(ii) the report required by section
44938 of this title;
(iii) transportation modal security
plans required under this section;
(iv) the transportation sector
specific plan required under Homeland
Security Presidential Directive-7; and
(v) any other transportation security
plan or report that the Secretary of
Homeland Security determines
appropriate for inclusion.
(6) Coordination.--In carrying out the
responsibilities under this section, the Secretary of
Homeland Security, in coordination with the Secretary
of Transportation, shall consult, as appropriate, with
Federal, State, and local agencies, tribal governments,
private sector entities (including nonprofit employee
labor organizations), institutions of higher learning,
and other entities.
(7) Plan distribution.--The Secretary of Homeland
Security shall make available and appropriately
publicize an unclassified version of the National
Strategy for Transportation Security, including its
component transportation modal security plans, to
Federal, State, regional, local and tribal authorities,
transportation system owners or operators, private
sector stakeholders, including nonprofit employee labor
organizations representing transportation employees,
institutions of higher learning, and other appropriate
entities.
(t) Transportation Security Information Sharing Plan.--
(1) Definitions.--In this subsection:
(A) Appropriate congressional committees.--
The term ``appropriate congressional
committees'' has the meaning given that term in
subsection (s)(4)(E).
(B) Plan.--The term ``Plan'' means the
Transportation Security Information Sharing
Plan established under paragraph (2).
(C) Public and private stakeholders.--The
term ``public and private stakeholders'' means
Federal, State, and local agencies, tribal
governments, and appropriate private entities,
including nonprofit employee labor
organizations representing transportation
employees.
(D) Transportation security information.--The
term ``transportation security information''
means information relating to the risks to
transportation modes, including aviation,
public transportation, railroad, ferry,
highway, maritime, pipeline, and over-the-road
bus transportation, and may include specific
and general intelligence products, as
appropriate.
(2) Establishment of plan.--The Secretary of Homeland
Security, in consultation with the program manager of
the information sharing environment established under
section 1016 of the Intelligence Reform and Terrorism
Prevention Act of 2004 (6 U.S.C. 485), the Secretary of
Transportation, and public and private stakeholders,
shall establish a Transportation Security Information
Sharing Plan. In establishing the Plan, the Secretary
of Homeland Security shall gather input on the
development of the Plan from private and public
stakeholders and the program manager of the information
sharing environment established under section 1016 of
the Intelligence Reform and Terrorism Prevention Act of
2004 (6 U.S.C. 485).
(3) Purpose of plan.--The Plan shall promote sharing
of transportation security information between the
Department of Homeland Security and public and private
stakeholders.
(4) Content of plan.--The Plan shall include--
(A) a description of how intelligence
analysts within the Department of Homeland
Security will coordinate their activities
within the Department and with other Federal,
State, and local agencies, and tribal
governments, including coordination with
existing modal information sharing centers and
the center described in section 1410 of the
Implementing Recommendations of the 9/11
Commission Act of 2007;
(B) the establishment of a point of contact,
which may be a single point of contact within
the Department of Homeland Security, for each
mode of transportation for the sharing of
transportation security information with public
and private stakeholders, including an
explanation and justification to the
appropriate congressional committees if the
point of contact established pursuant to this
subparagraph differs from the agency within the
Department of Homeland Security that has the
primary authority, or has been delegated such
authority by the Secretary of Homeland
Security, to regulate the security of that
transportation mode;
(C) a reasonable deadline by which the Plan
will be implemented; and
(D) a description of resource needs for
fulfilling the Plan.
(5) Coordination with information sharing.--The Plan
shall be--
(A) implemented in coordination, as
appropriate, with the program manager for the
information sharing environment established
under section 1016 of the Intelligence Reform
and Terrorism Prevention Act of 2004 (6 U.S.C.
485); and
(B) consistent with the establishment of the
information sharing environment and any
policies, guidelines, procedures, instructions,
or standards established by the President or
the program manager for the implementation and
management of the information sharing
environment.
(6) Annual report on plan.--The Secretary of Homeland
Security shall annually submit to the appropriate
congressional committees a report containing the Plan.
(7) Security clearances.--The Secretary of Homeland
Security shall, to the greatest extent practicable,
take steps to expedite the security clearances needed
for designated public and private stakeholders to
receive and obtain access to classified information
distributed under this section, as appropriate.
(8) Classification of material.--The Secretary of
Homeland Security, to the greatest extent practicable,
shall provide designated public and private
stakeholders with transportation security information
in an unclassified format.
(u) Enforcement of Regulations and Orders of the Secretary of
Homeland Security.--
(1) Application of subsection.--
(A) In general.--This subsection applies to
the enforcement of regulations prescribed, and
orders issued, by the Secretary of Homeland
Security under a provision of chapter 701 of
title 46 and under a provision of this title
other than a provision of chapter 449 (in this
subsection referred to as an ``applicable
provision of this title'').
(B) Violations of chapter 449.--The penalties
for violations of regulations prescribed and
orders issued by the Secretary of Homeland
Security or the Administrator under chapter 449
of this title are provided under chapter 463 of
this title.
(C) Nonapplication to certain violations.--
(i) Paragraphs (2) through (5) do not
apply to violations of regulations
prescribed, and orders issued, by the
Secretary of Homeland Security under a
provision of this title--
(I) involving the
transportation of personnel or
shipments of materials by
contractors where the
Department of Defense has
assumed control and
responsibility;
(II) by a member of the armed
forces of the United States
when performing official
duties; or
(III) by a civilian employee
of the Department of Defense
when performing official
duties.
(ii) Violations described in
subclause (I), (II), or (III) of clause
(i) shall be subject to penalties as
determined by the Secretary of Defense
or the Secretary of Defense's designee.
(2) Civil penalty.--
(A) In general.--A person is liable to the
United States Government for a civil penalty of
not more than $10,000 for a violation of a
regulation prescribed, or order issued, by the
Secretary of Homeland Security under an
applicable provision of this title.
(B) Repeat violations.--A separate violation
occurs under this paragraph for each day the
violation continues.
(3) Administrative imposition of civil penalties.--
(A) In general.--The Secretary of Homeland
Security may impose a civil penalty for a
violation of a regulation prescribed, or order
issued, under an applicable provision of this
title. The Secretary shall give written notice
of the finding of a violation and the penalty.
(B) Scope of civil action.--In a civil action
to collect a civil penalty imposed by the
Secretary of Homeland Security under this
subsection, a court may not re-examine issues
of liability or the amount of the penalty.
(C) Jurisdiction.--The district courts of the
United States shall have exclusive jurisdiction
of civil actions to collect a civil penalty
imposed by the Secretary of Homeland Security
under this subsection if--
(i) the amount in controversy is more
than--
(I) $400,000, if the
violation was committed by a
person other than an individual
or small business concern; or
(II) $50,000 if the violation
was committed by an individual
or small business concern;
(ii) the action is in rem or another
action in rem based on the same
violation has been brought; or
(iii) another action has been brought
for an injunction based on the same
violation.
(D) Maximum penalty.--The maximum civil
penalty the Secretary of Homeland Security
administratively may impose under this
paragraph is--
(i) $400,000, if the violation was
committed by a person other than an
individual or small business concern;
or
(ii) $50,000, if the violation was
committed by an individual or small
business concern.
(E) Notice and opportunity to request
hearing.--Before imposing a penalty under this
section the Secretary of Homeland Security
shall provide to the person against whom the
penalty is to be imposed--
(i) written notice of the proposed
penalty; and
(ii) the opportunity to request a
hearing on the proposed penalty, if the
Secretary of Homeland Security receives
the request not later than 30 days
after the date on which the person
receives notice.
(4) Compromise and setoff.--
(A) The Secretary of Homeland Security may
compromise the amount of a civil penalty
imposed under this subsection.
(B) The Government may deduct the amount of a
civil penalty imposed or compromised under this
subsection from amounts it owes the person
liable for the penalty.
(5) Investigations and proceedings.--Chapter 461
shall apply to investigations and proceedings brought
under this subsection to the same extent that it
applies to investigations and proceedings brought with
respect to aviation security duties designated to be
carried out by the Secretary of Homeland Security.
(6) Definitions.--In this subsection:
(A) Person.--The term ``person'' does not
include--
(i) the United States Postal Service;
or
(ii) the Department of Defense.
(B) Small business concern.--The term ``small
business concern'' has the meaning given that
term in section 3 of the Small Business Act (15
U.S.C. 632).
(7) Enforcement transparency.--
(A) In general.--The Secretary of Homeland
Security shall--
(i) provide an annual summary to the
public of all enforcement actions taken
by the Secretary under this subsection;
and
(ii) include in each such summary the
docket number of each enforcement
action, the type of alleged violation,
the penalty or penalties proposed, and
the final assessment amount of each
penalty.
(B) Electronic availability.--Each summary
under this paragraph shall be made available to
the public by electronic means.
(C) Relationship to the freedom of
information act and the privacy act.--Nothing
in this subsection shall be construed to
require disclosure of information or records
that are exempt from disclosure under sections
552 or 552a of title 5.
(v) Authorization of Appropriations.--There are authorized to
be appropriated to the Transportation Security Administration
for salaries, operations, and maintenance of the
Administration--
(1) $7,849,247,000 for fiscal year 2019;
(2) $7,888,494,000 for fiscal year 2020; and
(3) $7,917,936,000 for fiscal year 2021.
(w) Leadership and Organization.--
(1) In general.--For each of the areas described in
paragraph (2), the Administrator of the Transportation
Security Administration shall appoint at least 1
individual who shall--
(A) report directly to the Administrator or
the Administrator's designated direct report;
and
(B) be responsible and accountable for that
area.
(2) Areas described.--The areas described in this
paragraph are as follows:
(A) Aviation security operations and
training, including risk-based, adaptive
security--
(i) focused on airport checkpoint and
baggage screening operations;
(ii) workforce training and
development programs; and
(iii) ensuring compliance with
aviation security law, including
regulations, and other specialized
programs designed to secure air
transportation.
(B) Surface transportation security
operations and training, including risk-based,
adaptive security--
(i) focused on accomplishing security
systems assessments;
(ii) reviewing and prioritizing
projects for appropriated surface
transportation security grants;
(iii) operator compliance with
surface transportation security law,
including regulations, and voluntary
industry standards; and
(iv) workforce training and
development programs, and other
specialized programs designed to secure
surface transportation.
(C) Transportation industry engagement and
planning, including the development,
interpretation, promotion, and oversight of a
unified effort regarding risk-based, risk-
reducing security policies and plans (including
strategic planning for future contingencies and
security challenges) between government and
transportation stakeholders, including
airports, domestic and international airlines,
general aviation, air cargo, mass transit and
passenger rail, freight rail, pipeline, highway
and motor carriers, and maritime.
(D) International strategy and operations,
including agency efforts to work with
international partners to secure the global
transportation network.
(E) Trusted and registered traveler programs,
including the management and marketing of the
agency's trusted traveler initiatives,
including the PreCheck Program, and
coordination with trusted traveler programs of
other Department of Homeland Security agencies
and the private sector.
(F) Technology acquisition and deployment,
including the oversight, development, testing,
evaluation, acquisition, deployment, and
maintenance of security technology and other
acquisition programs.
(G) Inspection and compliance, including the
integrity, efficiency and effectiveness of the
agency's workforce, operations, and programs
through objective audits, covert testing,
inspections, criminal investigations, and
regulatory compliance.
(H) Civil rights, liberties, and traveler
engagement, including ensuring that agency
employees and the traveling public are treated
in a fair and lawful manner consistent with
Federal laws and regulations protecting privacy
and prohibiting discrimination and reprisal.
(I) Legislative and public affairs, including
communication and engagement with internal and
external audiences in a timely, accurate, and
transparent manner, and development and
implementation of strategies within the agency
to achieve congressional approval or
authorization of agency programs and policies.
(3) Notification.--The Administrator shall submit to
the appropriate committees of Congress--
(A) not later than 180 days after the date of
enactment of the TSA Modernization Act, a list
of the names of the individuals appointed under
paragraph (1); and
(B) an update of the list not later than 5
days after any new individual is appointed
under paragraph (1).
* * * * * * *
----------
HOMELAND SECURITY ACT OF 2002
SECTION 1. SHORT TITLE; TABLE OF CONTENTS.
(a) Short Title.--This Act may be cited as the ``Homeland
Security Act of 2002''.
(b) Table of Contents.--The table of contents for this Act is
as follows:
Sec. 1. Short title; table of contents.
* * * * * * *
TITLE XVI--TRANSPORTATION SECURITY
Subtitle A--General Provisions
Sec. 1601. Definitions.
Subtitle B--Transportation Security Administration Acquisition
Improvements
Sec. 1611. 5-year technology investment plan.
Sec. 1612. Acquisition justification and reports.
Sec. 1613. Acquisition baseline establishment and reports.
Sec. 1614. Inventory utilization.
Sec. 1615. Small business contracting goals.
Sec. 1616. Consistency with the Federal acquisition regulation and
departmental policies and directives.
[1617. Diversified security technology industry marketplace.]
Sec. 1617. Diversified security technology industry marketplace.
Subtitle C--Maintenance of security-related technology
[1621. Maintenance validation and oversight.]
Sec. 1621. Maintenance validation and oversight.
Subtitle D--Pipeline Security
Sec. 1631. Pipeline security division.
* * * * * * *
TITLE XVI--TRANSPORTATION SECURITY
* * * * * * *
Subtitle D--Pipeline Security
SEC. 1631. PIPELINE SECURITY DIVISION.
(a) Establishment.--There is within the Administration a
pipeline security division to carry out pipeline security
programs in furtherance of section 114(f)(16) of title 49,
United States Code.
(b) Mission.--The mission of the division referred to in
subsection (a) is to oversee, in coordination with the
Cybersecurity and Infrastructure Security Agency of the
Department, the security of pipeline transportation and
pipeline facilities (as such terms are defined in section 60101
of title 49, United States Code) against cybersecurity threats
(as such term is defined in section 102 of the Cybersecurity
Information Sharing Act of 2015 (Public Law 114-113; 6 U.S.C.
1501)), an act of terrorism (as such term is defined in section
3077 of title 18, United States Code), and other nefarious acts
that jeopardize the physical security or cybersecurity of such
transportation or facilities.
(c) Leadership; Staffing.--The Administrator shall appoint as
the head of the division an individual in the executive service
of the Administration with knowledge of the pipeline industry
and security best practices, as determined appropriate by the
Administrator. The division shall be staffed by a workforce
that includes personnel with cybersecurity expertise.
(d) Responsibilities.--The division shall be responsible for
carrying out the duties of the division as directed by the
Administrator, acting through the head appointed pursuant to
subsection (c). Such duties shall include the following:
(1) Developing, in consultation with relevant
Federal, State, local, Tribal, and territorial entities
and public and private sector stakeholders, guidelines
for improving the security of pipeline transportation
and pipeline facilities against cybersecurity threats,
an act of terrorism, and other nefarious acts that
jeopardize the physical security or cybersecurity of
such transportation or facilities, consistent with the
National Institute of Standards and Technology
Framework for Improvement of Critical Infrastructure
Cybersecurity and any update to such guidelines
pursuant to section 2(c)(15) of the National Institute
for Standards and Technology Act (15 U.S.C.
272(c)(15)).
(2) Updating such guidelines as necessary based on
intelligence and risk assessments, but not less
frequently than every three years, unless such
guidelines are superseded by directives or regulations.
(3) Sharing of such guidelines and, as appropriate,
intelligence and information regarding such security
threats to pipeline transportation and pipeline
facilities, as appropriate, with relevant Federal,
State, local, Tribal, and territorial entities and
public and private sector stakeholders.
(4) Conducting voluntary security assessments based
on such guidelines, or mandatory security assessments
if required by superseding directives or regulations,
to provide recommendations or requirements for the
improvement of the security of pipeline transportation
and pipeline facilities against cybersecurity threats,
an act of terrorism, and other nefarious acts that
jeopardize the physical security or cybersecurity of
such transportation or facilities, including the
security policies, plans, practices, and training
programs maintained by owners and operators of pipeline
facilities.
(5) Carrying out a program through which the
Administrator identifies and ranks the relative risk of
pipelines and inspects pipeline facilities designated
by owners and operators of such facilities as critical
based on such guidelines or superseding directives or
regulations.
(6) Supporting the development and implementation of
a security directive or regulation when the
Administrator issues such a directive or regulation.
(e) Details.--In furtherance of the division's mission, as
set forth in subsection (b), the Administrator and the Director
of the Cybersecurity and Infrastructure Security Agency may
detail personnel between their components to leverage
expertise. Personnel detailed from the Cybersecurity and
Infrastructure Security Agency may be considered as fulfilling
the cybersecurity expertise requirements in referred to in
subsection (c).
* * * * * * *
[all]