Security Policy Alert: Summary of TSA's Monthly Conference Call for Airport Stakeholders
January 7, 2021
This afternoon, TSA held its monthly conference call for airport stakeholders. The conference call was led by Alan Paterno, TSA's Airport Industry Engagement Manager in the office of Policy, Plans and Engagement (PPE). Following are highlights from today'™s call:
Airport Security Policy Update:
Centralized Revocation Database: The final Airport Security Program (ASP) amendment to implement the Centralized Revocation Database for airport SIDA badges revoked due to security violations is pending signature by TSA Executive Assistant Administrator for Operations Support Stacey Fitzmaurice. TSA anticipates that the final amendment will be signed and issued on January 22, 2021. Although subject to change, the final amendment will have a 90-day implementation timeframe. In response to a question on the call by AAAE, TSA reported that aircraft operator security program changes will be issued at the same time
The Centralized Revocation Database will be hosted by TSA on the Fingerprints Results Distribution (FPRD) system. TSA'™s Enrollment Services and Vetting Programs will conduct two demonstrations of the database and its functionality; one on January 19, 2021 at 3:30 p.m. ET before the issuance of the final amendment and the second on February 3 at 3:00 p.m. ET after the issuance of the amendment. Airports are invited to participate in one or both of the sessions. Additional information on the FPRD database demonstrations will be provided shortly.
National Alternative Measure (AM) 1542-20-04: TSA issued national Alternative Measure 1542-20-04 on December 31, 2020 with an effective date of January 1, 2021. The AM is intended to temporarily relieve airport operators from certain airport identification (ID) media issuance and renewal security requirements found in the Security Directive (SD) 1542-04-08 series, specifically related to Criminal History Records Checks (CHRC) and Security Threat Assessments (STA). The AM applies to aviation workers and concessionaires who previously held an airport-issued ID media, have been placed in a non-work status due to COVID-19, and are being recalled to an active employment status. The AM is not mandatory.
ASP Amendment Template for Temporary Relief from ID Media Reissuance: Earlier this week, TSA Executive Assistant Administrator for Operations Support Stacey Fitzmaurice approved the ASP amendment template for temporary relief from ID media reissuance, otherwise known as ID media revalidation. The ASP amendment template has been posted on HSIN.
TSA explained today that the ASP amendment template is the same concept as the Registered Traveler ASP amendment template. It contains the only acceptable regulatory language TSA will approve when it is submitted as a local ASP amendment under 1542.105(b). Airports who seek this relief should use this template when they submit a local ASP amendment to their FSD.
In addition, the ASP amendment template only applies to airports who conduct annual ID media audits as part of TSA-NA-19-02. Airports that are exempted from the annual audit because they reissue ID media on a yearly renewal cycle cannot request this ASP amendment template. Also, the 2020 calendar year annual ID media audit still must take place. This ASP amendment only comes into play if the airport operator is required to reissue ID media after the permitted reconciliation period and the airport operator is still over the maximum allowable percentage of unaccounted for ID media, which is generally 5 percent.
TSA provided a quick overview of the policy included in the ASP amendment template. In general, the airport operator will place a revalidation sticker on each ID media in a 30-day window. Once the 30-day window is over, the airport operator must disable all non-validated ID media and provide a list of the disabled ID media to the FSD. Once this is complete, no further revalidation is permitted. In addition, the airport operator must modify the ASP to include details on the revalidation stickers and perform measures related to the security of the stickers. The airport operator must also update its challenge procedures to incorporate the stickers. TSA also noted that nothing in the ASP amendment template extends the expiration date of any ID media.
Enrollment Services and Vetting Programs Update:
eBadge Program with CBP: TSA reported that 22 airports currently participate in the eBadge program, with over 25,000 eBadge submissions successfully processed. TSA noted that airports with IDMS providers may need to conduct additional development work in order to accommodate the eBadge submission process. In addition, TSA has noticed that some airport submission procedures vary according to the working relationship with CBP. As of today, the submission pathway is one-way, from airport to Designated Airport Channeler (DAC) to TSA to CBP. TSA and CBP are in the early stages of creating a two-way pathway to return vetting results to airports after submission.
Centralized Revocation Database: The Centralized Revocation Database will maintain a record of individuals with revoked airport or aircraft operator-issued identification media that require a CHRC. As noted earlier, the database will be hosted by TSA and entries will be submitted by airport and aircraft operators. TSA built the database functionality on the Fingerprint Results Distribution (FPRD) platform and some key features include: the names of employees whose airport or aircraft operator-issued ID media is revoked for violating security requirements or due to a determination that the individual poses a threat to aviation security; provides reporting procedures for submitting the names of employees whose ID media has been revoked; provides regulated entities the names of individuals who have had ID media revoked for violating aviation security requirements to inform decisions about issuing ID media; and, provides the revised Privacy Act Statement that includes notice of the Centralized Revocation Database and must be provided to badge applicants. In response to a question on the call, TSA reported that the agency is still working on a master Privacy Act statement that can cover the multiple requirements in various Security Directives and ASP amendments and promised to provide an update on its status in the near future. Again, TSA will be hosting informational briefings on the database and its functionality on January 19 and February 3.
Rap Back Program: In advance of the Rap Back program becoming mandatory, TSA once again took the opportunity to remind airports about the steps needed to enroll in the program. Interested airports must complete a Privacy Informational Briefing, sign a Statement of Responsibilities, and complete DAC training. Please reach out to rapback@tsa.dhs.gov with any questions about enrolling in the Rap Back program.
TSA also again reminded airports that Rap Back subscriptions should not expire. TSA explained that airports enrolled in Rap Back will receive a Rap Back Renewal Notification (RBRN) 10 days prior to the Rap Back Subscription Expiration Date (RBXD). If the employee is going to continue to possess a credential, the subscription needs to be extended (up to two years) as soon as possible. If the employee is not going to continue to possess a credential, the subscription needs to be cancelled as soon as possible. At 12:01am EST on the RBXD, the case enters a pending expired status and limits the maintenance actions that can be performed on it.
Alternative Measure 1542-20-04: TSA plans to issue a bulletin providing guidance on what actions airports will need to take if they are requesting relief under the national AM and if they participate in Rap Back. TSA outlined the specific scenarios on the call today and AAAE will share the bulletin as soon as it is available.
TSA Travel with Ease PreCheck Campaign
In December, TSA launched a TSA PreCheck enrollment campaign across TSA channels. The new Travel With Ease marketing campaign for TSA PreCheck will appear in TSA social media feeds and digital channels and will also be incorporated into TSA media relations teams engagement efforts. TSA also plans new signs and banners at airport checkpoints as new signs and banners.
The goal of the campaign is to encourage travelers who are planning to travel, or beginning to think about traveling again, to enroll in TSA PreCheck in advance of a return to travel in 2021. On the call, TSA referenced the increase passenger volume at the end of December and early January, with 1.3 million passengers being screened on January 3, the highest number since the start of the COVID-19 pandemic. TSA believes that PreCheck may be more relevant today than ever because it allows travelers to ease back to traveling with greater comfort, convenience and the least amount of physical contact.
TSA asked for airport help to amplify the messaging and to consider incorporating the Travel With Ease message across available airport marketing and communications channels. TSA has put together a toolkit of assets for airports to use if interested, which includes social media posts, website copy, and website banners. TSA has shared the toolkit with AAAE, which will soon be updated with a 30 second video that can be used across digital channels. If interested, please contact us or TSA'™s Jerry Koehler at jerry.koehler@tsa.dhs.gov.
LEO Reimbursement Program
TSA'™s Aimee Jackson reported that TSA is in the process of awarding Other Transactional Agreements (OTA) for the Law Enforcement Officer Reimbursement Agreement program. The OTAs are effective as of January 1, 2021 for a three-year period. Awards will be provided to airports that have submitted completed applications, including final Statements of Joint Objectives (SOJO). If you have submitted an application and have not heard from TSA about your OTA award by January 22, you should contact TSA at LEO.reimbursement@tsa.dhs.gov.
For FY2021, TSA has $45 million for the LEO reimbursement agreement program and 292 airports participating. Reimbursement is not to exceed costs or a maximum of $20 per hour. TSA asked airports to notify TSA of changes that would impact funding, such as increase or decrease of eligible LEO activity. TSA also stated that the agency will accept applications to the program on a rolling basis if you are interested but have not yet applied for the program. Approval of additional applications will depend on available funding.
Screening Partnership Program
Don Ross, TSA'™s new Program Director for the Screening Partnership Program (SPP), provided a comprehensive briefing on the status of the SPP program. The briefing includes a list of the 22 airports currently participating in the SPP program.
City and Airport Threat Assessment (CATA)
Jamie Clarkson from TSA'™s Requirement and Capabilities Analysis provided a briefing on the City and Airport Threat Assessment (CATA), which has a domestic focus and is updated on a quarterly basis. The data sources, modeling and weighting used to compile the CATA have recently been updated to comply with the TSA Modernization Act of 2018 and recommendations from the Aviation Security Advisory Committee (ASAC).
The CATA ranks airports based on relative threat of how attractive an airport may be to threat actors. The top 20 airports are ranked on overall attractiveness, terrorist variables and non-terrorist variables. The report also included relevant incidents from the quarter and a full ranking of all federalized airports. The document is SSI and distributed by e-mail and posted to HSIN. It is also briefed on a quarterly basis to the ADIAC. If you are interested in receiving the CATA directly, you can contact TSA'™s Alan Paterno at alan.paterno@tsa.dhs.gov.
CATA is compiled using approximately 35 data sources from the FBI, CBP, TSA Secure Flight and elsewhere. Factors include plots and attacks in the proximity of airports (weighted by time and distance), DHS TripWire, TSA encounters including No Fly and selectees, international scores based on in-bound flights from at-risk last point of departure airports, drug and weapon/firearms seizures from both TSA and CBP, prohibited item list violations, perimeter breaches beyond the checkpoint, joint military use, and DEA designated drug areas, among others. Factors are weighted based on input from subject matter experts.
The CATA is used for situational awareness, TSA resource planning, TSA categorization of airports (although categorization is still largely dependent on enplanements), Joint Vulnerability Assessments, and intelligence benchmarks.
TSA Response to January 6 Violence at the U.S. Capitol
TSA was not able to address this on the call due to time constraints, but TSA'™s Intelligence and Analysis did prepare the following statement for stakeholders specific to yesterday'™s events:
'œTSA is coordinating with appropriate law enforcement authorities to ascertain if identified subjects of interest related to yesterday'™s violence in DC have upcoming travel and to take appropriate mitigating actions. These actions will follow protocols that are approved and currently in place, such as TSA'™s established procedures for notifications to appropriate aviation authorities. Please keep in mind there are ongoing sensitive law enforcement investigations and TSA will share relevant releasable information as it becomes available.'
Yesterday, DHS authorized the mobilization of all DHS affiliated LEOs as necessary, and FAMS activated VIPR teams for deployment. Airports and air carriers have also implemented heightened security measures in the Washington, D.C. area. Acting DHS Secretary Wolf issued a statement today condemning yesterday'™s violence.
Next TSA Conference Call
The next TSA monthly conference call for airport stakeholders is scheduled for Thursday, February 4, 2021 at 1:00 p.m. ET. TSA welcomed suggestions for how to make the calls more interactive and invited interested airports to share success stories or lessons learned (with or without your Federal Security Director). If you are interested in participating on a TSA monthly conference call or have suggestions for dedicated topics for the call, you can contact us or TSA'™s Alan Paterno at alan.paterno@tsa.dhs.gov.
