Security Policy Alert: Summary of TSA's Monthly Conference Call for Airport Stakeholders
July 2, 2020
This afternoon, TSA held its monthly conference call for airport stakeholders. The conference call was led by Alan Paterno, TSA's Airport Industry Engagement Manager in the office of Plans, Policy and Engagement (PPE). Following are highlights from today's call:
Update from Policy, Plans and Engagement
Policy Clarification Program: On June 8, TSA began a six-month pilot of its Policy Clarification Program (PCP). The PCP is an official and centralized process for TSA to accept and respond to requests from industry partners to provide clarifications on security program requirements. All requests for policy clarification may be submitted to: PolicyClarification@tsa.dhs.gov
Requests must include the following information, at a minimum:
A. Person and/or entity submitting the request.
B. General description of the request, to include the minimum requirements
C. Applicable security program reference/citation.
D. Complete description of issues behind the request.
F. Confirmation that the request is not related to a pending enforcement action.
Responses from TSA will be in the form of a Policy Clarification Notice (PCN) and be consistent with 49 CFR part 1520 (Protection of Sensitive Security Information). During the pilot, the PCN will be issued to the requester only. However, it is anticipated that in the near future, PCNs will be shared with all stakeholders by posting on HSIN. All PCNs issued through this program will be stored in a centralized database and TSA's internal workforce will have access to ensure consistency.
This program does not replace, or supersede, routine interaction between regulated entities and their existing TSA contact: PSI, IIR, or engagement representative. This program is not intended to be utilized for interpretation of regulations at this time; it does, however, include Security Directives and Emergency Amendments, which is a change from when the pilot program was initially announced last month. It is also not intended to facilitate requests for national program changes, revisions or amendments.
National Alternative Measure 20-03: TSA National Alternative Measure 20-03 providing relief from several Security Directive requirements in light of the COVID-19 pandemic expires on July 24. Based on feedback from AAAE and our airport members, TSA is moving forward to renew and extend the Alternative Measure.
Security Directive 1542-01-10 Cancellation: The official cancellation of the SD 01-10 series regarding no Fly and Selectee watchlists is circulating for approval within TSA HQ. Compliance with TSA-NA-18-01 Airport Access and Vetting, which revoked all commercial service airport operator access to the No Fly and Selectee watchlists, has negated the need for the SD.
Security Directive 1542-18-01 Breakdown into National ASP Amendments: As previously reported, TSA plans to break down the existing SD 1542-18-01 into several Airport Security Program (ASP) National Amendments. Each of the ASP amendments will be issued for notice and comment by industry. While COVID-19 has slowed the process, TSA has identified two areas of the SD to focus on first - measures related to law enforcement officer (LEO) checkpoint response and measures related to airport security. TSA reported today that the agency is currently looking into how the LEO reimbursable program impacts the existing LEO procedures that will be carried over into the proposed LEO related ASP amendment. AAAE asked to work closely with TSA and the Quarterly Airport Security Review on any LEO related ASP amendment prior to release for notice and comment, especially since the LEO Reimbursable Program can hold airports to a higher response standard than current SD requirements as part of a voluntary program that provides reimbursement for enhanced response standards.
Security Directive 1542-04-08 Updates: TSA is reviewing a number of clarifying changes to the SD 1542-04-08 series. The changes relate to ID Media Renewals (CHRC, Rap Back, and Identity Verification and Authorization to Work). AAAE again asked to work closely with TSA on any changes to the SD 1542-04-08 series as experience has shown that even small changes can have major impacts on airport badging office operations.
Centralized Revocation Database: Comments on proposed ASP Amendment 20-01 regarding the Centralized Revocation Database for aviation identification media that have been revoked due to aviation security violations were due on June 30. As of July 1, TSA has received approximately 200 comments from 18 parties, including airlines, airports, and their respective industry associations, including AAAE. Comment topics included the Privacy Act notice, the redress process, the definition of applicant, and a request to make the database automated and integrated with currently used systems. Please contact Colleen Chamberlain if you would like to read the comments submitted by AAAE.
Communicable Disease Response Playbook
Melissa Conley from TSA's Office of Requirements and Capabilities Analysis reported on TSA's recently released Communicable Disease Response Playbook (see AAAE Security Policy Alert). The document was provided to Federal Security Directors (FSDs) on June 20 and distributed to industry and posted on HSIN on June 25. This Playbook is an iterative document that will be continuously updated and published on a bi-weekly basis. The TSA Pandemic Planning Executive Council (PPEC) Working Group team will add, remove, or edit content based on feedback from the field as well as any additional leadership decisions or guidance. AAAE is meeting with TSA's Requirements and Capabilities Analysis team next week to provide feedback on the Playbook and future iterations.
The document is organized into four sections and includes detailed appendixes with additional information. Within each section, TSA provides an overview of applicable requirements, best practices, or recommendations for further mitigating the spread of COVID-19 and other communicable diseases. The four sections focus on:
1. Minimizing touch through adjusted procedures at the screening checkpoint. The appendix for this section is SSI and not currently available to industry.
2. Increasing social distance. This section includes examples of TSA signage related to social distancing and protective measures, information regarding plexiglass shield barriers, and an overview of TSA's Infection Control Monitor, a dedicated TSA employee responsible for enforcing social distancing and promoting effective protective measures.
3. Enhancing cleaning of the checkpoint. This section includes TSA's cleaning standards for the checkpoint and checked baggage areas and an overview of the reimbursement process for airports for enhanced cleaning in these areas. Conley noted that TSA has not yet received many reimbursement requests for enhanced cleaning and encouraged airports to submit their requests. TSA asked for any feedback on the reimbursement process as the agency would like to address any issues. AAAE will also be discussing the reimbursement process with TSA next week so please share any concerns or feedback with AAAE staff as well.
4. Personal Protective Equipment. This section will be updated to reflect the new requirement for TSA employees to wear protective eyewear if they have direct contact with passengers and are not already wearing a face shield.
Enrollment Services and Vetting Programs Update
Rap Back Update: There are 214 airports and 10 air carriers currently participating in the Rap Back program, including 93 percent of the Category X airports. As a result, approximately half of the current 1.3. million aviation workers are now enrolled in the Rap Back program.
The weekday average number of new fingerprint submissions is about one-third of the volume prior to COVID-19 but volume continues to steadily increase. The average rate of Rap Back Activity Notifications is more than one-third lower than before COVID-19. Year to date there have been over 10,000 Rap Back Activity Notifications nationwide and 67,000 since Rap Back began operations in May 2016.
TSA strongly encouraged airports to begin participating in the Rap Back program now while the program remains voluntary. Once the Rap Back program becomes mandatory, TSA will need to onboard more than 300 airports and air carriers. TSA staff have more time available now to help resolve any issues in on-boarding. If you are interested in participating in the Rap Back program, please contact your Designated Aviation Channeler (DAC) or the TSA Rap Back team at RapBack@tsa.dhs.gov.
Missing Rap Back Activity Notifications (RBNs): As AAAE recently reported (see AAAE Security Policy Alert), TSA discovered that between 800-900 Rap Back Activity Notifications failed to reach airports and aircraft operators due to a technical problem between TSA and FBI. The problem was scheduled to be fixed yesterday and should not occur in the future.
TSA will send the missing RBNs through the normal process sometime in mid-July. The RBNs will show up in FPRD as usual and the RBNs should be adjudicated as usual. TSA did note that the notices may include data that is a year or more old.
eBadge Applications with Pending SIDA Badges Are Now Accepted by TSA and CBP: As of June 9, 2020, TSA and CBP systems are accepting eBadge applications with pending SIDA badges. TSA has notified the DACs that this change is now in production and DACs may begin submitting eBadge applications to TSA with pending badges.
When eBadge became operational on April 2, 2020, it only allowed active SIDA badge holders to apply for a CBP Seal via eBadge. The TSA and CBP systems now support submissions for active SIDA badge holders, as well as new applicants applying concurrently for a SIDA badge and CBP Seal. Any applications previously rejected due to a missing active SIDA badge prior to June 9, 2020 may be re-submitted and should now process successfully. There are currently 17 out of 73 eligible airports participating in the program.
Data Management: TSA also encouraged airports to considering reconciling their records database with the TSA system of record as often as possible. TSA acknowledged that it is common for there to be data discrepancies when several information systems must communicate with each other and store copies of the same records. Specifically, TSA stated that data synchronization issues between systems can occur when there is a correction or update to employee PII that is not communicated to all parties, including the DAC. TSA suggested that it is possible for airports to reduce the number of corrections needed to applicant PII by requiring the applicant to submit ID documents at enrollment. TSA also stated that FPRD reporting features can be helpful in providing information for data clean-up
Safe Skies Update
Jessica Grizzle from Safe Skies provided an update on a number of recently completed and on-going projects.
Ted Stonley from TSA's Intelligence and Analysis provided a detailed overview of a recent TSA intelligence report regarding terrorists believing that air cargo is a viable way to attack civil aviation. The full report will be posted to HSIN.
Next TSA Conference Call
The next TSA conference call for airport stakeholders is scheduled for Thursday, August 6 at 1:00 p.m. ET.
This afternoon, TSA held its monthly conference call for airport stakeholders. The conference call was led by Alan Paterno, TSA's Airport Industry Engagement Manager in the office of Plans, Policy and Engagement (PPE). Following are highlights from today's call:
Policy Clarification Program: On June 8, TSA began a six-month pilot of its Policy Clarification Program (PCP). The PCP is an official and centralized process for TSA to accept and respond to requests from industry partners to provide clarifications on security program requirements. All requests for policy clarification may be submitted to: PolicyClarification@tsa.dhs.gov
Requests must include the following information, at a minimum:
A. Person and/or entity submitting the request.
B. General description of the request, to include the minimum requirements
C. Applicable security program reference/citation.
D. Complete description of issues behind the request.
F. Confirmation that the request is not related to a pending enforcement action.
Responses from TSA will be in the form of a Policy Clarification Notice (PCN) and be consistent with 49 CFR part 1520 (Protection of Sensitive Security Information). During the pilot, the PCN will be issued to the requester only. However, it is anticipated that in the near future, PCNs will be shared with all stakeholders by posting on HSIN. All PCNs issued through this program will be stored in a centralized database and TSA's internal workforce will have access to ensure consistency.
This program does not replace, or supersede, routine interaction between regulated entities and their existing TSA contact: PSI, IIR, or engagement representative. This program is not intended to be utilized for interpretation of regulations at this time; it does, however, include Security Directives and Emergency Amendments, which is a change from when the pilot program was initially announced last month. It is also not intended to facilitate requests for national program changes, revisions or amendments.
National Alternative Measure 20-03: TSA National Alternative Measure 20-03 providing relief from several Security Directive requirements in light of the COVID-19 pandemic expires on July 24. Based on feedback from AAAE and our airport members, TSA is moving forward to renew and extend the Alternative Measure.
Security Directive 1542-01-10 Cancellation: The official cancellation of the SD 01-10 series regarding no Fly and Selectee watchlists is circulating for approval within TSA HQ. Compliance with TSA-NA-18-01 Airport Access and Vetting, which revoked all commercial service airport operator access to the No Fly and Selectee watchlists, has negated the need for the SD.
Security Directive 1542-18-01 Breakdown into National ASP Amendments: As previously reported, TSA plans to break down the existing SD 1542-18-01 into several Airport Security Program (ASP) National Amendments. Each of the ASP amendments will be issued for notice and comment by industry. While COVID-19 has slowed the process, TSA has identified two areas of the SD to focus on first - measures related to law enforcement officer (LEO) checkpoint response and measures related to airport security. TSA reported today that the agency is currently looking into how the LEO reimbursable program impacts the existing LEO procedures that will be carried over into the proposed LEO related ASP amendment. AAAE asked to work closely with TSA and the Quarterly Airport Security Review on any LEO related ASP amendment prior to release for notice and comment, especially since the LEO Reimbursable Program can hold airports to a higher response standard than current SD requirements as part of a voluntary program that provides reimbursement for enhanced response standards.
Security Directive 1542-04-08 Updates: TSA is reviewing a number of clarifying changes to the SD 1542-04-08 series. The changes relate to ID Media Renewals (CHRC, Rap Back, and Identity Verification and Authorization to Work). AAAE again asked to work closely with TSA on any changes to the SD 1542-04-08 series as experience has shown that even small changes can have major impacts on airport badging office operations.
Centralized Revocation Database: Comments on proposed ASP Amendment 20-01 regarding the Centralized Revocation Database for aviation identification media that have been revoked due to aviation security violations were due on June 30. As of July 1, TSA has received approximately 200 comments from 18 parties, including airlines, airports, and their respective industry associations, including AAAE. Comment topics included the Privacy Act notice, the redress process, the definition of applicant, and a request to make the database automated and integrated with currently used systems. Please contact Colleen Chamberlain if you would like to read the comments submitted by AAAE.
Communicable Disease Response Playbook
Melissa Conley from TSA's Office of Requirements and Capabilities Analysis reported on TSA's recently released Communicable Disease Response Playbook (see AAAE Security Policy Alert). The document was provided to Federal Security Directors (FSDs) on June 20 and distributed to industry and posted on HSIN on June 25. This Playbook is an iterative document that will be continuously updated and published on a bi-weekly basis. The TSA Pandemic Planning Executive Council (PPEC) Working Group team will add, remove, or edit content based on feedback from the field as well as any additional leadership decisions or guidance. AAAE is meeting with TSA's Requirements and Capabilities Analysis team next week to provide feedback on the Playbook and future iterations.
The document is organized into four sections and includes detailed appendixes with additional information. Within each section, TSA provides an overview of applicable requirements, best practices, or recommendations for further mitigating the spread of COVID-19 and other communicable diseases. The four sections focus on:
1. Minimizing touch through adjusted procedures at the screening checkpoint. The appendix for this section is SSI and not currently available to industry.
2. Increasing social distance. This section includes examples of TSA signage related to social distancing and protective measures, information regarding plexiglass shield barriers, and an overview of TSA's Infection Control Monitor, a dedicated TSA employee responsible for enforcing social distancing and promoting effective protective measures.
3. Enhancing cleaning of the checkpoint. This section includes TSA's cleaning standards for the checkpoint and checked baggage areas and an overview of the reimbursement process for airports for enhanced cleaning in these areas. Conley noted that TSA has not yet received many reimbursement requests for enhanced cleaning and encouraged airports to submit their requests. TSA asked for any feedback on the reimbursement process as the agency would like to address any issues. AAAE will also be discussing the reimbursement process with TSA next week so please share any concerns or feedback with AAAE staff as well.
4. Personal Protective Equipment. This section will be updated to reflect the new requirement for TSA employees to wear protective eyewear if they have direct contact with passengers and are not already wearing a face shield.
Enrollment Services and Vetting Programs Update
Rap Back Update: There are 214 airports and 10 air carriers currently participating in the Rap Back program, including 93 percent of the Category X airports. As a result, approximately half of the current 1.3. million aviation workers are now enrolled in the Rap Back program.
The weekday average number of new fingerprint submissions is about one-third of the volume prior to COVID-19 but volume continues to steadily increase. The average rate of Rap Back Activity Notifications is more than one-third lower than before COVID-19. Year to date there have been over 10,000 Rap Back Activity Notifications nationwide and 67,000 since Rap Back began operations in May 2016.
TSA strongly encouraged airports to begin participating in the Rap Back program now while the program remains voluntary. Once the Rap Back program becomes mandatory, TSA will need to onboard more than 300 airports and air carriers. TSA staff have more time available now to help resolve any issues in on-boarding. If you are interested in participating in the Rap Back program, please contact your Designated Aviation Channeler (DAC) or the TSA Rap Back team at RapBack@tsa.dhs.gov.
Missing Rap Back Activity Notifications (RBNs): As AAAE recently reported (see AAAE Security Policy Alert), TSA discovered that between 800-900 Rap Back Activity Notifications failed to reach airports and aircraft operators due to a technical problem between TSA and FBI. The problem was scheduled to be fixed yesterday and should not occur in the future.
TSA will send the missing RBNs through the normal process sometime in mid-July. The RBNs will show up in FPRD as usual and the RBNs should be adjudicated as usual. TSA did note that the notices may include data that is a year or more old.
eBadge Applications with Pending SIDA Badges Are Now Accepted by TSA and CBP: As of June 9, 2020, TSA and CBP systems are accepting eBadge applications with pending SIDA badges. TSA has notified the DACs that this change is now in production and DACs may begin submitting eBadge applications to TSA with pending badges.
When eBadge became operational on April 2, 2020, it only allowed active SIDA badge holders to apply for a CBP Seal via eBadge. The TSA and CBP systems now support submissions for active SIDA badge holders, as well as new applicants applying concurrently for a SIDA badge and CBP Seal. Any applications previously rejected due to a missing active SIDA badge prior to June 9, 2020 may be re-submitted and should now process successfully. There are currently 17 out of 73 eligible airports participating in the program.
Data Management: TSA also encouraged airports to considering reconciling their records database with the TSA system of record as often as possible. TSA acknowledged that it is common for there to be data discrepancies when several information systems must communicate with each other and store copies of the same records. Specifically, TSA stated that data synchronization issues between systems can occur when there is a correction or update to employee PII that is not communicated to all parties, including the DAC. TSA suggested that it is possible for airports to reduce the number of corrections needed to applicant PII by requiring the applicant to submit ID documents at enrollment. TSA also stated that FPRD reporting features can be helpful in providing information for data clean-up
Safe Skies Update
Jessica Grizzle from Safe Skies provided an update on a number of recently completed and on-going projects.
- PARAS 0031 Airport Response to UAS Threats has been awarded to Woolpert with Zach Shuman as the Principal Investigator.
- PARAS 0030 Guidance for Access Control System Transitions has been awarded to LAM LHA with Andrew Goldsmith as Principal Investigator.
- PARAS 0016 Airports Security Vulnerability Assessments is available for download at https://www.sskies.org/paras/reports/ and contains detailed guidance to assist airports in conducting quantitative and qualitative SVAs and evaluating the results. An Excel tool to assist with quantitative SVAs is available upon request to Jessica.grizzle@sskies.org. Please note small, medium, or large hub in your request.
- PARAS 0018 Airport Security Training for Law Enforcement and Security Personnel will be available in July and is a comprehensive training resource to assist airports in developing training curriculum specific to their needs.
- Safe Skies currently accepting Problem Statements for FY 2021 PARAS projects. Problem Statements form the basis of all PARAS projects and are descriptions of security problems or questions for which airports needs an answer. Please contact jessica.grizzle@sskies.org for submission guidance. Submissions are due September 1.
Ted Stonley from TSA's Intelligence and Analysis provided a detailed overview of a recent TSA intelligence report regarding terrorists believing that air cargo is a viable way to attack civil aviation. The full report will be posted to HSIN.
Next TSA Conference Call
The next TSA conference call for airport stakeholders is scheduled for Thursday, August 6 at 1:00 p.m. ET.