For other versions of this document, see http://wikileaks.org/wiki/CRS-RL32541 ------------------------------------------------------------------------------ Order Code RL32541 CRS Report for Congress Received through the CRS Web Aviation Security-Related Findings and Recommendations of the 9/11 Commission Updated March 30, 2005 Bart Elias Specialist in Aviation Safety, Security, and Technology Resources, Science, and Industry Division Congressional Research Service ~ The Library of Congress Aviation Security-Related Findings and Recommendations of the 9/11 Commission Summary The 9/11 Commission found that al Qaeda operatives exploited known weaknesses in U.S. aviation security to carry out the terrorist attacks of September 11, 2001. While legislation and administration actions after September 11, 2001 were implemented to strengthen aviation security, the 9/11 Commission concluded that several weaknesses continue to exist. These include perceived vulnerabilities in cargo and general aviation security as well as inadequate screening and access controls at airports. The 9/11 Commission issued several recommendations designed to strengthen aviation security by: enhancing passenger pre-screening; improving measures to detect explosives on passengers; addressing human factors issues at screening checkpoints; expediting deployment of in-line baggage screening systems; intensifying efforts to identify, track, and screen potentially dangerous cargo; and deploying hardened cargo containers on passenger aircraft. In addition to these specific recommendations, an overarching recommendation for transportation security policy asserts that priorities should be set based on risk, and the most practical and cost effective deterrents should be implemented assigning appropriate roles and missions to federal, state, and local authorities, as well as private stakeholders. In response to the 9/11 Commission's recommendations, the National Intelligence Reform Act of 2004 (P.L. 108-458; 118 Stat. 3638) was enacted on December 17, 2004. The act contains numerous aviation security provisions, many of which address 9/11 Commission recommendations related to aviation safety. These provisions build upon prior aviation security-related provisions, contained in Vision 100 - the Century of Aviation Reathorization Act (P.L. 108-176; 117 Stat. 2490) that was enacted a year earlier on December 12, 2003, addressing many of the concerns expressed by the 9/11 Commission. This report will not be updated. Contents Exploited Weaknesses in Aviation Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Legislative Actions Following the 9/11 Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Recommendations of the 9/11 Commission . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Enhancing Passenger Pre-Screening . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Improving Measures to Detect Explosives on Passengers . . . . . . . . . . . . . . 5 Addressing Human Factors Issues at Screening Checkpoints . . . . . . . . . . . 6 Expediting Deployment of In-Line Baggage Screening Systems . . . . . . . . 7 Intensifying Efforts to Identify, Screen, and Track Cargo . . . . . . . . . . . . . . . 8 Deploying Hardened Cargo Containers . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Risk-Based Prioritization as the Basis for Transportation Security Policy . 10 Strategic Plan for Aviation Security . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Cooperation and Integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Congressional Actions in Response to the 9/11 Commission Recommendations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Vision 100 -- Century of Aviation Reauthorization Act . . . . . . . . . . . . . . 11 The National Intelligence Reform Act of 2004 . . . . . . . . . . . . . . . . . . . . . . 13 Possible Continuing Policy Concerns for Congress . . . . . . . . . . . . . . . . . . 16 Aviation Security-Related Findings and Recommendations of the 9/11 Commission The Intelligence Authorization Act for FY2003 (P.L. 107-306; 116 Stat. 2383) established the National Commission on Terrorists Attacks Upon the United States (the 9/11 Commission). The bipartisan 9/11 Commission was charged with the responsibilities of examining and reporting on the facts and causes of the September 11, 2001 terrorist attacks and presenting its findings, conclusions, and recommendations for corrective measures to prevent future acts of terrorism to the President and the Congress. The 9/11 Commission concluded its investigation and released its final report on July 22, 2004. This CRS report discusses the 9/11 Commission's findings and recommendations pertaining to aviation security. Exploited Weaknesses in Aviation Security The National Commission on Terrorists Attacks Upon the United States (the 9/11 Commission) found that al Qaeda terrorists exploited weaknesses in the aviation security system to carry out the attacks of September 11, 2001. Weaknesses in aviation security exploited by the 9/11 terrorists included ! A pre-screening process that focused on detecting potential aircraft bombers and not potential hijackers; ! Lax checkpoint screening and permissive rules regarding small knives; ! A lack of in-flight security measures such as air marshals and reinforced cockpit doors; ! An industry-wide strategy of complying with hijackers in a non- confrontational manner; and ! A lack of protocols and capabilities for executing a coordinated Federal Aviation Administration (FAA) and military response to multiple hijackings and suicidal hijackers. The 9/11 Commission found that underlying these specific weaknesses and vulnerabilities in the aviation system was what they termed a failure of imagination among senior policymakers and agencies responsible for intelligence, national defense, and aviation security. The 9/11 Commission concluded that while suicide hijackings were by no means a far-fetched possibility given al Qaeda's past methods and motives, "... these scenarios were slow to work their way into the thinking of aviation security experts."1 While some agencies were concerned about hijackings 1 National Commission on Terrorist Attacks Upon the United States. The 9/11 Commission (continued...) CRS-2 and had speculated about various hijack scenarios, there were no specific constructive actions taken to defend against these possible threats prior to September 11, 2001. Furthermore, the likelihood of a suicide hijacking scenario was greatly underestimated. The 9/11 Commission also concluded that, before September 11, 2001, congressional oversight of aviation security was lacking while Congress focused its aviation oversight activities on airport congestion and passenger service. Regarding Congress's aviation related activities prior to September 11, 2001, The 9/11 Commission wrote: "Heeding calls for improved air service, Congress concentrated its efforts on a `passenger bill of rights' to improve capacity, efficiency, and customer satisfaction in the aviation system. There was no focus on terrorism."2 Legislative Actions Following the 9/11 Attacks In the aftermath of September 11, 2001, Congress moved quickly to pass the Aviation and Transportation Security Act (ATSA, P.L. 107-71; 115 Stat. 597). Designed to correct weaknesses in aviation security exploited by the 9/11 hijackers as well as other potential vulnerabilities in transportation systems, ATSA established the Transportation Security Administration (TSA) as a new organization within the Department of Transportation responsible for security matters in all modes of transportation. Highlights of ATSA included ! Establishing a federal security screener workforce under TSA at airports; ! Requiring explosive detection screening of all checked bags; ! Deploying air marshals on all high risk flights; and ! Hardening cockpit doors. ATSA also gave the TSA broad authority to assess threats to security in all transportation modes, primarily focusing on aviation, and implement appropriate security measures. In this regard, ATSA was seen as a comprehensive legislative vehicle for addressing transportation security with a specific emphasis on aviation security. The following year, the Homeland Security Act of 2002 (P.L. 107-296; 116 Stat. 2135) established the Department of Homeland Security (DHS) and placed the TSA within this new department. The act also authorized the arming of airline pilots as an additional measure to protect aircraft against terrorist hijackers. Additional aviation security measures were included in the most recent FAA reauthorization act, Vision 100 - Century of Aviation Reauthorization Act (P.L. 108-176; 117 Stat. 2490). Most notably, Vision 100 established an aviation security capital fund to help pay for placing explosive detection systems (EDS) "in-line" with baggage conveyers and sorting facilities in an effort to improve the efficiency and effectiveness of 1 (...continued) Report (New York, NY: W. W. Norton & Co., 2004), p. 344. 2 The 9/11 Commission Report, pp. 85-86. CRS-3 checked baggage screening and expanded the program to arm pilots to include pilots of all-cargo aircraft. Despite these actions, congressional and administration oversight of aviation security has identified several areas of vulnerability that persist. These include air cargo operations; general aviation; access controls for airport employees; screener performance; and possible terrorist attacks using shoulder-fired missiles. Recommendations of the 9/11 Commission The 9/11 Commission also recognized many of these vulnerabilities. The 9/11 Commission concluded that "[m]ajor vulnerabilities still exist in cargo and general aviation security. These, together with inadequate screening and access controls, continue to present aviation security challenges."3 Based on these findings, the 9/11 Commission made specific recommendations regarding improvements to airport passenger and baggage screening, and air cargo security. While the commission identified potential threats posed by inadequate access controls to secured areas of airports and general aviation operations, it did not issue any recommendations pertaining to these risks. Also, while the 9/11 Commission acknowledged concerns raised by previous and current administrations over possible shoulder-fired missiles attacks against commercial airliners, it did not make any specific recommendations regarding this threat. The 9/11 Commission delineated its recommendations regarding aviation security in a section titled "A Layered Security System." As suggested by this title, the 9/11 Commission concluded that the TSA must implement a multi-layered security system that takes into consideration the full array of possible terrorist tactics. The 9/11 Commission noted that these various layers of security must each be effective in their own right and must be coordinated with other layers in a manner that creates redundancies to catch possible lapses in any one layer. This conclusion is consistent with aviation security mandates under ATSA and TSA's concept of "concentric rings of security."4 Since many facets of aviation security have been addressed through legislation and administration actions since the 9/11 attacks, the 9/11 Commission focused its aviation security recommendations on persisting vulnerabilities in commercial aviation. While not all recommendations offered in the 9/11 Commission's final report were formally labeled as such, CRS has identified six aviation-specific recommendations.5 These are: 1) enhancing passenger pre-screening; 2) improving measures to detect explosives on passengers; 3) addressing human factors issues at screening checkpoints; 4) expediting deployment of in-line baggage screening systems; 5) intensifying efforts to identify, track, and screen potentially dangerous 3 Ibid., p. 391. 4 Transportation Security Administration. Budget Estimates: Fiscal Year 2004, March 2003. 5 For clarity, multi-part 9/11 Commission recommendations have been separately identified in this report. CRS-4 cargo; and 6) deploying hardened cargo containers on passenger aircraft. In addition to these six aviation-specific recommendations, the 9/11 Commission also issued an overarching recommendation for transportation security policy to set priorities based on risk and implement the most practical and cost effective deterrents assigning appropriate roles and missions to federal, state, and local authorities, as well as private stakeholders. Enhancing Passenger Pre-Screening On September 11, 2001, passenger pre-screening consisted of three measures: the Computer Assisted Passenger Prescreening System (CAPPS), answers to two security-related questions asked by airline ticketing and gate agents, and the presentation of photo identification to airline personnel. More than half of the September 11, 2001 hijackers were identified as "selectees" based on one or more of these pre-screening techniques. However, there was little consequence to their selection because, at the time, pre-screening was used solely as a tool to screen for individuals that might try to bomb a passenger jet using methods similar to those employed in the bombing of Pan Am flight 103. While the CAPPS system is still in use, its purpose has since been expanded to screen for possible hijackers as well. CAPPS is maintained directly by the airlines as part of their security program and uses computer algorithms to identify "selectees" based on matching passengers' behaviors (e.g., method of ticket purchase) to hijacker and bomber profiles. The follow-on to CAPPS, dubbed CAPPS II, has been embroiled in controversy for the past two years over concerns regarding protection of personal data and civil liberties. As proposed, CAPPS II would implement a two step process to: 1) authenticate a passenger's identity using commercial databases; and 2) check that name against terrorist watch lists maintained by the federal government. If flagged by the system, passengers could be either denied boarding or selected for secondary screening. The 9/11 Commission recommended that improved passenger pre- screening capabilities should not be delayed while the argument about a successor to CAPPS continues. The 9/11 Commission further recommended that the prescreening system should utilize the larger set of watchlists maintained by the federal government. Both the Homeland Security Appropriations Act for FY2004 (P.L. 108- 90; 117 Stat. 1137) and Vision 100 directed the Department of Homeland Security to address these concerns and limited implementation of CAPPS II to system testing until the Government Accountability Office (GAO) verifies that adequate steps have been taken to address these concerns. However, in February 2004, the GAO found that the TSA had adequately addressed only one of the eight concerns regarding CAPPS II implementation.6 Continued reluctance by the airlines to provide data for testing CAPPS II due to liability concerns has also stymied progress. The 9/11 Commission recommended that airlines should be required to supply the information needed to test and implement passenger pre-screening. 6 U.S. General Accounting Office. Aviation Security: Computer-Assisted Passenger Prescreening System Faces Significant Implementation Challenges. GAO-04-385, February 2004. CRS-5 Recent media reports indicate that the CAPPS II program has essentially been scrapped over privacy concerns, however Secretary of Homeland Security Tom Ridge has suggested that a new program with a different name might eventually take its place.7 In light of the 9/11 Commission recommendation to forge forward with implementing a passenger pre-screening system and the current lack of progress toward developing such a system, Congress may intensify its oversight of the Secure Flight program, the successor to CAPPS, and engage in debate over the best way to proceed. H.R. 10 contains a provision that would require the TSA to take over responsibility for prescreening from the airlines withing 180 days on enactment and begin testing of the system by November 1, 2004. This measure is in line with administration plans for the testing and roll-out of the Secure Flight program. Improving Measures to Detect Explosives on Passengers Evidence highlighted by the 9/11 Commission indicated that al Qaeda has had a keen interest in bombing airliners for some time. The 9/11 Commission's report describes Ramzi Yousef's 1994 bombing of a Phillippines Airlines flight bound for Tokyo as a precursor to a larger operation -- the so-called "Bojinka" plot -- to bomb multiple U.S.-bound airliners over the Pacific ocean. In the Philippines Airlines bombing, Yousef reportedly assembled an improvised explosive device (IED) in the airplane's lavatory and hid it under a seat during the previous flight affixing a digital watch timer he had invented. Concerns over IEDs were brought to public attention in December 2001, when Richard Reid attempted to down a transatlantic flight using explosives concealed in a shoe. Concerns over IEDs were again raised by the media in October 2003 when a college student, Nathaniel Heatwole, snuck banned items and materials resembling plastic explosives aboard passenger jets. While neither of these high profile incidents was cited in the 9/11 Commission report, the 9/11 Commission acknowledged persisting weaknesses in the ability to detect explosives on passengers by formally recommending that the TSA and Congress give priority to improving detection of explosives on passengers. The 9/11 Commission further recommended that, as a start, all individuals selected for secondary screening undergo explosives screening. Current screening technologies and procedures offer limited capabilities to detect explosives carried on passengers. While carry-on items and sometimes shoes are x-rayed and may be subjected to secondary chemical trace detection screening methods, passengers are typically only screened by metal detectors. New technology offers the capability to detect bomb-making chemicals on individuals using trace detection methods. These systems are being operationally tested in various transportation settings including ongoing field tests at five airport sites: T.F. Green State Airport, Providence, RI; Greater Rochester International Airport, NY; San Diego International Airport, CA; Tampa International Airport, FL; and Gulfport-Biloxi International Airport, MS . Other possible methods for detecting explosives on passengers involve body scan imaging using low dose x-ray backscatter or other techniques. Body scan technology is considered somewhat more 7 Mimi Hall and Barbara DeLollis. "Plan to collect flier data canceled," USA Today, July 14, 2004. CRS-6 controversial because it renders a nude image of the scanned individual which is regarded by some as overly intrusive. Alternative methods to these technologies include the use of bomb-sniffing dogs and physical searches of individuals. In light of the 9/11 Commission recommendation, Congress may debate whether and how to implement and fund an initiative for screening passengers using the most effective means available. (See CRS Report RS21920, Detection of Explosives on Airline Passengers: Recommendation of the 9/11 Commission and Related Issues.) Addressing Human Factors Issues at Screening Checkpoints The 9/11 Commission also recommended that the TSA conduct a human factors study to understand problems in screener performance and set attainable objectives for improving performance at screening checkpoints. Screener performance deficiencies were highlighted by a recent DHS Inspector General's audit that found poor screener performance among both federal and contract screeners during covert testing at screening checkpoints.8 The TSA has launched several initiatives to address these concerns. For example, the TSA has greatly expanded the use of threat image projection (TIP), a system that tests screener on-the-job performance by projecting images of threat objects on x-ray monitors. Using data from TIP, researchers can assess certain human performance needs in aviation security. The TSA is also examining ways to improve the recurrent training of screeners. Key human factors issues are likely to include screener selection and training, fitness for duty, and human interaction with screening technologies. While the TSA maintains a small cadre of human factors researchers and some ongoing research in this area is being conducted by universities and contractors, research on aviation security human factors and funding for these activities pales in comparison to human factors research programs in the Department of Defense and FAA's safety-related human factors activities. Also, there presently is a lack of a comprehensive strategic plan for addressing human factors in aviation security. In light of this recommendation and persisting concerns over screener performance, Congress may conduct oversight to identify areas where TSA's human factors research efforts may not be adequately addressing concerns over passenger and baggage screening performance. Congress may also consider whether to task the National Academy of Sciences or some other independent body with examining human factors needs in aviation security. While the National Academy of Sciences did address human factors in its 1999 assessment of aviation security technologies, it has not conducted a focused study of human factors needs in the aviation security system and has not examined this issue since the terrorist attacks of September 11, 2001.9 H.R. 10 contains a provision that would require the TSA to conduct human 8 Statement of Clark Kent Ervin, Inspector General, U.S. Department of Homeland Security. Before the Committee on Transportation and Infrastructure, Subcommittee on Aviation, U.S. House of Representatives, April 22, 2004 9 National Research Council. Assessment of Technologies Deployed to Improve Aviation Security: First Report. Publication NMAB-482-5. Washington, DC: National Academy Press, 1999. CRS-7 factors studies to improve screener performance as part of a pilot program to examine next-generation checkpoint screening technologies. Expediting Deployment of In-Line Baggage Screening Systems The 9/11 Commission recommended that the TSA expedite installation of in- line baggage screening systems. Therefore, Congress may debate the adequacy of current funding for this activity. While Vision 100 authorizes up to $500 million annually to be deposited into the aviation security capital fund, only $250 million was appropriated in FY2004 and requested in FY2005 for this activity. Since the total cost of integrating EDS equipment at all passenger airports is estimated to exceed $4 billion, it may take several years to complete integration of baggage screening systems given current funding levels. Letters of intent (LOIs) issued to airports by the TSA were established as a vehicle to leverage limited federal funding by stretching obligations over several years. LOIs were created in appropriations legislation as a means for TSA to convey to airports its intent to obligate future funds for the purpose of EDS integration. However, the TSA has, thus far, implemented LOIs by reimbursing airports for expenses as they are incurred. This approach could further slow the progress of integrating EDS systems at airports. The 9/11 Commission also recommended that "[b]ecause the aviation industry will derive substantial benefits from [in-line EDS] deployment, it should pay a fair share of the costs."10 However, defining that fair share has been a significant point of contention. Airlines already indirectly pay the federal share of EDS integration because the first $250 million annually, all that was budgeted in FY2004 for this activity, must come directly from aviation security fees paid by the airlines and their passengers. Airports pay a portion of the costs too, albeit a much smaller one. Under the scheme adopted by Vision 100, large and medium-sized airports contribute 10% of the cost while small airports contribute 5%. However, the TSA has proposed to reduce the federal obligations for these programs and increase the local share to 25% at large and medium-sized airports and 10% at small airports, a proposal that airports obviously oppose. The 9/11 Commission did not specifically say what they would consider to be a more equitable contribution from industry, however their recommendation implies that they believe industry is not paying its fair share under the current scheme. Congress may continue debate over the equity of cost-sharing for EDS integration in light of this recommendation. The House homeland security appropriations bill (H.R. 4567) as reported included language to limit the federal share for airport security projects to 75% at large and medium hubs and 90% at all other airports, however, this language was stricken by a point of order during floor debate. Legislation introduced in the House (H.R. 5121) seeks to double the amount collected in aviation security fees that must be designated for aviation security capital fund from $250 million annually to $500 million annually for FY2005 through 10 The 9/11 Commission Report, p. 393. CRS-8 FY2007. H.R. 5121 also seeks to increase the TSA's flexibility to meet checked baggage security screening requirements by allowing it to enter into multi-year contracts, not to exceed 10-years, with airports or third party vendors to provide EDS imaging capabilities. While most of the aviation security-related provisions of H.R. 5121 were incorporated into H.R. 10, neither of these measures were included in H.R. 10. Intensifying Efforts to Identify, Screen, and Track Cargo The 9/11 Commission recommended that the TSA needs to intensify its efforts to identify suspicious cargo, and appropriately screen and track potentially dangerous cargo in aviation as well as in maritime operations. Stemming from recommendations of the Aviation Security Advisory Committee (ASAC), a standing committee of aviation stakeholders, the TSA unveiled a strategic plan for cargo security in November 2003. That plan consists a multi-layered risk-based approach with four key strategic objectives: 1) enhancing shipper and supply chain security; 2) identifying elevated risk cargo through pre-screening; 3) identifying technology for performing targeted air cargo inspections; and, 4) securing all-cargo aircraft through appropriate facility security measures.11 Goals of the plan include pre- screening all cargo shipments in order to determine their level of relative risk; working with industry and federal partners to ensure that 100% of items considered to pose an elevated risk are inspected; developing and ensuring that new information and technology solutions are deployed; and, implementing operational and regulatory programs that support enhanced security measures.12 The 9/11 Commission recommendations seem to imply that it concurs with TSA's overall approach as outlined in this strategic plan but feels that progress toward achieving these objectives must be accelerated, and perhaps, augmented. Since the 9/11 Commission recommendation provides no specific guidance on how to intensify the identification, tracking, and screening of cargo, Congress may further scrutinize TSA's efforts on cargo security and further debate approaches to air cargo security. Recent debate in Congress over air cargo security has focused on the level of physical screening or inspection of cargo needed to adequately mitigate the risks posed by cargo placed on passenger aircraft. While proposals have been offered to require 100% physical screening or inspection of all cargo placed on passenger aircraft, Congress has thus far supported TSA's plan to, instead, implement a risk- based approach that relies heavily on the known-shipper program and database to assess shipments placed aboard passenger aircraft. Both H.R. 10 and S. 2845 contain 11 Transportation Security Administration. Air Cargo Strategic Plan. November, 2003. 12 There has been considerable confusion regarding the terms screening and inspection as they pertain to air cargo, and presently no statutory or regulatory definitions of these terms exist. In general, the TSA refers to screening as a vetting process, such as the use of a known-shipper database, to assess the level of risk associated with a cargo shipment. TSA uses the term inspections, on the other hand, to refer to physical scrutiny of cargo though any of several available means such as canine teams, hand searches, or the use of x-ray equipment or explosives detection systems. In this report, the term pre-screening has been used in place of what TSA commonly calls screening to avoid confusion since this does not refer to a physical screening process. CRS-9 measures to improve the screening and tracking of cargo. S. 2845 would specifically require the TSA to double the amount of air cargo screened within one year. (see CRS Report RL32022, Air Cargo Security). Deploying Hardened Cargo Containers In addition to these measures to improve cargo security, the 9/11 Commission specifically recommended the deployment of at least one hardened cargo container on every passenger aircraft that also hauls cargo to carry suspicious cargo. The National Research Council examined this very concept in 1999 and concluded it would cost $125 million to acquire a sufficient number of hardened containers.13 They also estimated that the annual industry-wide cost of lost revenue due to reduced aircraft revenue payload and increased fuel burn would total $11 million. Thus, even if a proposal were made to federally fund this initiative, passenger airlines may oppose it because it would increase operational costs. It is likely that opponents of deploying hardened cargo containers would also argue that, if recommended initiatives are implemented to improve the identification, tracking, and screening of cargo, then hardened cargo containers are not needed. On the other hand, proponents of deploying hardened cargo containers may argue that doing so creates a redundant layer of defense, analogous to a hardened cockpit door, that is consistent with the overarching goal of establishing a multi-layered security system with built-in redundancies. However, using just one hardened cargo container per passenger aircraft still leaves the system open to potential vulnerabilities that are directly tied to the effectiveness of measures to conduct risk-based assessments of cargo and flag suspicious cargo. For this reason, the TSA currently requires that all cargo from shippers that have not been properly vetted and verified through the known-shipper program be carried in all-cargo airplanes and not aboard passenger airplanes. While TSA is working on expanding its capabilities to detect high risk cargo, it is unclear how this system could be adapted to assign risk levels that would permit certain suspect cargo to travel in hardened cargo containers on board passenger airplanes. Also, from a policy standpoint, it is unclear what criteria could be used to permit shipment of suspicious cargo on passenger aircraft in hardened cargo containers instead of offloading that shipment from passenger aircraft altogether. Congress may debate whether deployment of hardened cargo containers could provide an effective layer of security to protect against potential cargo bombings. A key policy issue in this debate is likely to be the possible implications of allowing suspicious cargo to travel on passenger aircraft even if they are secured in hardened cargo containers. H.R. 10 contains a provision that would require TSA to carry out a pilot program to evaluate the use of blast-resistant containers for carrying baggage and cargo on passenger airliners. While S. 2845 does not contain a similar provision, legislation passed by the Senate on May 9, 2003 (S. 165), would require the DHS in 13 National Research Council. Assessment of Technologies Deployed to Improve Aviation Security: First Report. CRS-10 coordination with the FAA to submit a report evaluating blast-resistant cargo container technology. Risk-Based Prioritization as the Basis for Transportation Security Policy In addition to the aviation specific recommendations discussed above, the 9/11 Commission also issued an overarching recommendation that risk-based priorities for protecting all transportation assets be established. Based on this assessment of risks, the 9/11 Commission recommended that TSA select the most practical and cost effective approaches for implementing defenses of transportation assets and develop a plan, budget, and funding to implement this effort. The plan, according to the 9/11 Commission, should assign roles and missions to federal, state, and local authorities, as well as to private stakeholders. Strategic Plan for Aviation Security. The risk-based approach to aviation security is nothing new and has been viewed for some time as the principal policy tool for allocating limited resources. What is lacking, however, is a unified strategic plan for aviation security. To some extent, ATSA has set the strategy for aviation security following the terrorist attacks of September 11, 2001. The TSA's initial focus was on meeting the mandates of ATSA, particularly deploying air marshals and federal screeners. Now that TSA has achieved some level of normal operations, it should be better poised to focus on developing a more formal strategy for national aviation security policy. Based on TSA's strategic approaches to date, particularly in addressing air cargo security needs, it is likely that a risk-based multi-layered approach to aviation security will form the core of future aviation security policy. This appears to be largely in step with what the 9/11 Commission is recommending. In light of the 9/11 Commission recommendation, Congress may consider whether to formally task the TSA with developing a national strategy for aviation security that addresses funding needs, budgetary implications, and the appropriate roles of federal, local, and state authorities, and industry stakeholders. While some may argue that such a plan already exists in various TSA program plans and budget documents, others may argue that a more formal strategic planning document for aviation security needs to be developed. Cooperation and Integration. While aviation security relies extensively on cooperation and the integration of shared responsibilities, challenges persist in defining roles and allocating resources for state and local participation and industry involvement. At airports, the local role is defined in the airport security program which is tailored for each airport location. Physical security of the airport site is ultimately the role of local jurisdictions carried out by airport operators, while TSA maintains the overall role of security oversight and enforcement as well as direct responsibility for passenger screening. The role of local governments, and in some cases state authorities, in aviation security often involves both law enforcement support for airport site security and law enforcement presence at screening checkpoints. Passenger air carriers must also participate in security through procedures and training for controlling access to aircraft and secured areas of airports, carrying out security inspections of aircraft, and so on. In air cargo and general aviation, security measures rely heavily on the direct participation of aircraft CRS-11 owners and operators, while the federal role is one of oversight and enforcement of aviation security requirements. While implementing aviation security already involves federal, state, local, and industry participation, what appears to be lacking is a unified plan or strategy for: assigning roles and missions to each stakeholder based on careful consideration of logistics and costs; and adopting a systems approach to define how each element contributes to the overall security strategy. In light of the 9/11 Commission recommendation, Congress and the TSA may consider ways to improve the strategic planning, resource allocation, and integration of federal, state, local, and private-sector resources for aviation security. Congress and the TSA may also consider how the specific strategies and approaches to aviation security may be integrated with an overarching transportation security strategy that encompasses rail, maritime, and highway security as well and addresses logistics, funding, and resource allocation to meet security needs in all modes of transportation. H.R. 10 requires the Department of Homeland Security (DHS) to prepare and update a transportation security plan and modal security plans including a modal plan for aviation to: set risk-based priorities; select the most practical and cost-effective methods for protecting aviation assets; and assign roles and missions to Federal, State, regional, and local authorities, and aviation stakeholders. Congressional Actions in Response to the 9/11 Commission Recommendations Since the release of the 9/11 Commission report, Congress has given considerable attention to the recommendations contained in the report. The Senate Committee on Commerce, Science and Transportation held a hearing on the 9/11 Commission recommendations regarding transportation security on August 16, 2004, and the House Subcommittee on Aviation held a hearing reviewing the aviation security recommendations of the 9/11 Commission. The 108th Congress passed two major pieces of legislation containing numerous provisions pertaining to aviation security: Vision 100 -- Century of Aviation Reauthorization Act (P.L. 108-176), which was enacted prior to the 9/11 Commission's final report, and the National Intelligence Reform Act (P.L. 108-458; 118 Stat. 3638) which was enacted, in large part, in response to the 9/11 Commission's recommendations.. Vision 100 -- Century of Aviation Reauthorization Act Before the 9/11 Commission had completed its report, several aviation security- related provisions were included in Vision 100 - Century of Aviation Reauthorization Act (P.L. 108-176) which was enacted on December 12, 2003. Vision 100 established a redress process for pilots, mechanics or other licensed aviation professionals whose certification is denied, suspended, or revoked on the grounds that they pose a risk to aviation security. Vision 100 also requires the CRS-12 Federal Aviation Administration to provide a justification to Congress when establishing an Air Defense Identification Zone (ADIZ) around cities where pilots are required to use special communications and operating procedures to enable air traffic controllers to identify potential security threats. Vision 100 also modified existing requirements for security training of airline flight and cabin crew members. Under these provisions, the airlines are responsible for providing mandatory basic training in security for crews, while the TSA was to develop and provide a voluntary advanced self-defense training program for crew members. Vision 100 also required the Department of Homeland Security to study and report to Congress on the effectiveness of the aviation security system, including the air marshal program, hardening of cockpit doors, and security screening of passengers, checked baggage, and cargo. The report was to include recommendations, including legislative recommendations, for improving the effectiveness of aviation security. Vision 100 also created the Aviation Security Capital Fund. The act authorizes up to $500 million per year through FY2007 to be appropriated to this fund and requires that the first $250 million in aviation security fee collections be deposited in this fund each year through FY2007. The act also provided the Undersecretary for Border and Transportation Security with the authority to issue grants to airports for projects to integrate baggage explosive detection systems with baggage conveyer systems; reconfigure terminal baggage areas as needed to install explosive detection systems; deploy explosive detection systems behind the ticket counter, in baggage sorting areas, or in line with baggage handling systems; and for other aviation security-related capital improvement projects. Vision 100 set the federal share of costs for such projects at 90% for large and medium hub airports, and at 95% for all other airports and set guidelines for the allocation of Aviation Security Capital Fund monies for these projects. Vision 100 also required the implementation of security programs for air charter operators who use aircraft weighing more than 12,500 pounds maximum takeoff weight. Vision 100 also required the Government Accountability Office (GAO) to review the proposed CAPPS II passenger prescreening system and prevented the TSA from fully implementing this program until the Undersecretary for Border and Transportation Security certified that a variety of enumerated issues pertaining to civil liberties, privacy, data protection, system security, system performance, and system oversight had been adequately addressed. The TSA has since scrapped the CAPPS II program and is developing an alterative prescreening system called "Secure Flight." Vison 100 also authorized flight crew members of all-cargo airlines to voluntarily participate in the Federal Flight Deck Officer Program that trains and deputizes armed pilots to guard aircraft cockpits against hostile attacks. Vision 100 also expanded the program to include other flight crew members, such as flight engineers, in addition to pilots. CRS-13 Vision 100 also requires the promulgation of regulations to ensure the security of foreign and domestic aircraft repair stations. The act also requires the TSA, in coordination with the FAA, to complete a security review and audit of foreign repair stations that work on air carrier aircraft and components. Vision 100 also modified the background check requirements for foreign pilots seeking flight training in the United States. The act transferred the duties of conducting these background checks from the Department of Justice to the DHS. The provisions require flight schools or instructors to provide notification and identification information for individuals seeking training in smaller aircraft, weighing less than 12,500 pounds, and require background checks be completed before training can be initiated in larger aircraft. The legislation authorizes fee collections to offset the costs of conducting these background checks. For further discussion see CRS Report RL32498, Vision 100: An Overview of the Century of Aviation Reauthorization Act (P.L. 108-176). The National Intelligence Reform Act of 2004 The National Intelligence Reform Act (P.L. 108-458) contains numerous provisions related to aviation security, many directly addressing the concerns and recommendations of the 9/11 Commission. The act requires the Department of Homeland Security to develop, prepare, implement, and update as needed, a National Strategy for Transportation Security as well as modal-specific security plans including a plan for aviation security. The modal security plan for aviation is to include a threat matrix outlining each threat to the United States civil aviation system and the corresponding layers of security in place to address these threats and a plan for mitigation and reconstitution of the aviation system in the event of a terrorist attack. The act requires the TSA to issue guidance for the use of biometrics in airport access control systems and establish a biometric credential and authentication procedures to identify law enforcement officers authorized to carry firearms aboard passenger aircraft. The act authorizes $20 million, in addition to any other authorized amounts, for research and development of biometric technologies for aviation security. The act also authorizes $1 million to establish a center of excellence in biometric technologies. The act required the TSA to begin system testing of an advanced passenger prescreening system by January 1, 2005. Although the act does not provide a deadline for the completion of testing the prescreening system, it requires the TSA to begin to assume the role of passenger prescreening and checking passenger names against watch lists no later than 180 days after completing that testing. The act requires the TSA to establish redress and remedy procedures for passengers who are delayed or denied boarding because of being falsely identified or targeted by the system, and requires the TSA to ensure that the number of such false positives is minimized. The act also requires the TSA to establish an oversight board and implement safeguards to ensure the security and integrity of the system and address CRS-14 and resolve any privacy concerns. The act also requires that the DHS prescreening of international flights to or from the United States be conducted prior to departure. The act further requires that individuals seeking FAA certificates, such as pilots and mechanics, as well as individuals requesting unescorted access to airport secure areas and air operations areas be screened against the consolidated and integrated terrorist watch list. The act also requires the TSA to establish a process where air charter and leasing companies can voluntarily submit information regarding prospective customers seeking to use aircraft weighing more than 12,500 pounds for prescreening. The act requires the Security Privacy Officer of the Department of Homeland Security to report on the impact of the automatic selectee and no fly lists on privacy and civil liberties and the Director of National Intelligence, in consultation with the Secretary of Homeland Security, the Secretary of State, and the Attorney General, to report on the criteria and standards applied in placing the names of individuals on the consolidated screening watch list. The act also directs the DHS to give high priority to developing, testing, improving, and deploying airport checkpoint screening technologies to detect nonmetallic, chemical, biological, and radiological weapons, and explosives on passenger and carry-on items and requires the DHS to create a strategic plan for the deployment and use of explosive detection equipment at airport screening checkpoints. The act requires the TSA to initiate a pilot program to test advanced airport checkpoint screening systems at five or more airports by March 31, 2005 and authorizes $150 million per year in FY2005 and FY2006 to carry out this pilot. The act also requires the TSA to carry out and report on a human factors study to better understand problems with screener performance and take such action as may be necessary to improve the job performance of airport screening personnel. The act requires the Federal Air Marshal Service to continue operational initiatives to protect the anonymity of Federal air marshals. The act also provides for training law enforcement officers authorized to carry firearms on passenger aircraft in inflight counterterrorism and weapons handling procedures and in the identification of fraudulent identification documents such as passports and visas. The act also encourages the President to pursue international agreements to enable the maximum deployment of Federal air marshals on international flights, and authorizes the DHS to provide air marshal training to foreign law enforcement personnel. The act authorizes the TSA to take necessary action to expedite the installation and use of in-line baggage screening equipment at airports. The act further requires the TSA to establish a schedule to expedite this activity and study cost-sharing options among federal, state, and local governments, and the private sector for integrating in-line baggage screening systems. The act increases the authorization for the aviation security capital fund by authorizing up to $400 million per year through FY2007, in addition to the initial $250 million deposited from aviation security fee collections set forth in Vision 100. CRS-15 The act directs the TSA to study the application of readily available wireless communication technologies to enable cabin crew members to discreetly notify the pilot in the case of a security breach or safety issue occurring in the cabin. The act requires the FAA to begin issuing tamper resistant pilot licences with a photograph of the bearer. The licence is to be capable of accommodating a digital photograph, a biometric, or any other unique identifier considered necessary for identification purposes. The act requires the TSA to develop and report to Congress on standards for determining appropriate screener staffing levels at airports that provide necessary levels of security and keep passenger wait times to a minimum. The DHS is also to study the feasibility of integrating operations of the screening workforce and other aviation security-related DHS functions to coordinate these activities and increase their efficiency and effectiveness. The act also authorizes the expenditure of $100 million for research and development of improved explosive detection systems and directs the TSA to develop a plan and guidelines for implementing these systems. The act also requires the TSA to prohibit airline passengers from carrying butane lighters and any other objects considered by the TSA to be inappropriate carry-on items. The act also directs the President to urgently pursue international treaties to limit the availability, transfer, and proliferation of Man-portable Air Defense Systems (MANPADSs), such as shoulder-fired missiles, worldwide. The act further directs the President to continue to pursue international arrangements for the destruction of excess, obsolete, and illicit MANPADS stockpiles worldwide. The act requires the President to report on diplomatic efforts to address MANPADS non-proliferation and requires the Secretary of State to provide the Congress with annual briefings on the status of these efforts. The act also requires the FAA to establish a process for expedited certification of airworthiness and safety for missile defense systems that can be mounted on commercial aircraft. The act also requires the DHS to provide a report within one year assessing the vulnerability of aircraft to MANPADS attacks and plans for securing airports and aircraft from this threat. The act requires that a pilot program be established to evaluate the use of blast-resistant cargo containers. The act authorizes $2 million to carry out this pilot program. The act also authorizes $200 million each year through FY2007 for improved air cargo and airport security related to the transportation of cargo on both passenger aircraft and all-cargo aircraft, and $100 million per year through FY2007 for the research, development, and deployment of technologies to better identify, track, and screen air cargo. The act establishes a grant program to encourage the development of advanced air cargo security technology. The act also requires the TSA to issue a final rule regarding its proposed regulations for the security of cargo operations for both passenger and all-cargo aircraft. Finally, the act requires the DHS, in coordination with the Department of Defense and the FAA, to report on the threats posed by international cargo shipments bound for the United States and provide an analysis of the potential for establishing secure facilities along established international aviation routes for the purposes of diverting and securing aircraft believed to pose a security threat. CRS-16 In addition to the air-cargo security provisions in the National Intelligence Reform Act of 2004, the Department of Homeland Security Appropriations Act, 2005 (P.L 108-334, Sec. 513) directs the DHS to research, develop, and procure certified systems to inspect and screen air cargo on passenger aircraft at the earliest date possible and amend security directives and procedures to, at a minimum, triple the percentage of cargo inspected on passenger aircraft Possible Continuing Policy Concerns for Congress Since the 108th Congress enacted several major provisions pertaining to aviation security, many directly reflecting the concerns and recommendations of the 9/11 Commission, there are few policy concerns that were not addressed at all during the 108th Congress. However, two areas where some may consider that policy concerns were not adequately addressed through legislation in the 108th Congress include general aviation security and air cargo security procedures and oversight. The 9/11 Commission made brief reference to concerns over the security of general aviation operations, however it did not make any formal recommendations to address this concern. During the 108th Congress, legislation on the security of general aviation operations focused on airport and airspace restrictions and examining ways to alleviate what some believed to be unnecessary constraints on certain operations. For example, a provision in Vision 100 required the DHS to develop and implement a security plan allowing general aviation flights to resume at Ronald Reagan Washington National Airport but set no timetable for carrying out this provision. In appropriations language, on the other hand, temporary flight restrictions over stadiums and other venues during major outdoor sports events were kept in full force and made permanent. Arguably, the legislation pertaining to general aviation security enacted during the 108th Congress was viewed by many as not being as cohesive and comprehensive as legislation addressing other aviation security concerns. Some have expressed renewed concerns over the risk posed by general aviation corporate jets, private planes, and helicopters in response to a recent assessment prepared jointly by the Federal Bureau of Investigation (FBI) and the DHS and widely reported in the press.14 Some may also argue that comprehensive legislation pertaining to air cargo security operations and oversight and expansion of the known-shipper program were not adequately addressed during the 108th Congress. Specifically, comprehensive measures that had been passed by the Senate in S. 165 (108th Congress) were stripped from the final version of the National Intelligence Reform Bill of 2004 and replaced by language directing the TSA to make final proposed rulemaking addressing these issues. This was presumably done because the TSA's regulatory proposals largely reflected the intent of the proposed legislation. However, because Congress did not formally enact several of these specific provisions pertaining to air cargo security operations and oversight, the 109th Congress may be particularly interested in oversight of the TSA's implementation of its air cargo security rules and its air cargo strategic plan to ensure that they meet desired objectives. 14 Eric Lichtblau. "Security Report on U.S. Aviation Warns of Holes," The New York Times, March 14, 2005. ------------------------------------------------------------------------------ For other versions of this document, see http://wikileaks.org/wiki/CRS-RL32541