INFORMATION COLLECTION SUPPORTING STATEMENT
Rail Transportation Security
Final Rule
Explain the circumstances that make the collection of information necessary. Identify any legal or administrative requirements that necessitate the collection. Attach a copy of the appropriate section of each statute and regulation mandating or authorizing the collection of information. (Annotate the CFR parts/sections affected).
Section 114 of the Aviation and Transportation Security Act of 2001 (ATSA) and delegated authority from the Secretary of Homeland Security grants the Transportation Security Administration (TSA) broad authority to secure all modes of transportation, including rail. This information collection will enhance the security of the Nation’s freight and passenger rail systems. The final regulations accompanying this supporting statement (“statement”) necessitate the information collection described below.
49 CFR 1580.101 requires freight railroad carriers, rail hazardous materials shippers (“shippers”), and rail hazardous materials receivers (“receivers”) located in a DHS-designated high threat urban area (HTUA) to appoint a Rail Security Coordinator (RSC) and an alternate at the corporate level and submit the RSC’s contact information to TSA. RSC information includes name, title, phone number(s), and email address(es). This provision requires regulated parties to designate a primary contact, i.e. the RSC, for intelligence information and security-related activities and communications with TSA and assists TSA in carrying out it statutory authority to secure the rail mode of transportation.
49 CFR 1580.201 requires passenger railroad carriers and rail transit systems to appoint an RSC and alternate at the corporate level and submit the same RSC contact information to TSA as required under 49 CFR 1580.101.
49 CFR 1580.103 requires freight railroad carriers, shippers, and receivers in an HTUA that handle certain categories and quantities of rail security-sensitive materials (“hazardous materials”) set forth in 49 CFR 1580.100(b) to provide location and shipping information on rail cars under their physical custody and control to TSA upon request. Information concerning the location of these rail cars would be critical to decisions concerning possible rerouting, stopping, or otherwise protecting shipments and populations to address specific security threats or incidents.
49 CFR 1580.105 requires freight railroad carriers, shippers, and receivers in an HTUA that handle certain categories and quantities of materials set forth in 49 CFR 1580.100(b) to report significant security concerns, which includes security incidents, suspicious activities, and threat information. Detecting terrorist activities entails piecing together seemingly unrelated or minor observations, encounters, and incidents and analyzing information from other sources to identify indications of planning and preparation for an attack.
49 CFR 1580.203 requires passenger railroad carriers and rail transit systems to report significant security concerns, which includes security incidents, suspicious activities, and threat information.
49 CFR 1580.107 requires the documentation of the secure exchange of custody of rail cars carrying the categories and quantities of hazardous materials outlined in 49 CFR 1580.100(b) between shippers and railroad carriers, railroad carriers and other railroad carriers within an HTUA or of cars that may enter an HTUA, and between railroad carriers and receivers in an HTUA. TSA requires the exchanging parties to document the exchange, which constitutes a recordkeeping requirement under the Paperwork Reduction Act (PRA). This section addresses the risk that rail cars left unattended in a non-secure area may be vulnerable to tampering. These situations create opportunities for individuals to compromise the security of rail cars transporting poisonous inhalation hazardous, explosive, or radioactive material, such as through the introduction of an IED.
Indicate how, by whom, and for what purpose the information is to be used. Except for a new collection, indicate the actual use the agency has made of the information received from the current collection.
All information from all covered entities will be collected and used by TSA and the Department of Homeland Security (DHS) to enhance the security of the Nation’s rail systems.
RSC Information
TSA will collect RSC information via the telephone, email, and regular mail. RSC information provides TSA with a point of contact for covered entities, and TSA will use this contact information to provide entities with timely notification of vital security information.
This information can be found at http://tsa.gov/assets/pdf/rail_security_rule_faq.pdf
Location and Shipping Information
TSA will collect location and shipping information pursuant to 49 CFR 1580.103(e) via electronic data transmission, by facsimile transmission, and via email. Location and shipping information will primarily be used in times of heightened threat or attack to locate a particular rail car or train or determine how close cars or trains may be to a target city or other potential target.
Significant Security Concerns Information
TSA will collect significant security concerns information telephonically from freight railroad carriers, shippers, and receivers in an HTUA that handle certain categories and quantities of materials set forth in 49 CFR 1580.100(b), and will use it for intelligence analysis, threat assessment, and the allocation of security resources with the overall goal to prevent or detect a terrorist attack.
Chain of Custody and Control Documentation (recordkeeping requirement)
TSA will inspect for covered parties’ compliance with the documentation requirements for the secure exchange of custody of rail cars carrying specific categories and quantities of hazardous materials. This is required to ensure that certain rail cars are not left unattended in non-secure areas. Covered parties may document the exchange of custody electronically or in writing.
Describe whether, and to what extent, the collection of information involves the use of automated, electronic, mechanical, or other technological collection techniques or other forms of information technology, e.g., permitting electronic submission of responses, and the basis for the decision for adopting this means of collection. Also describe any consideration of using information technology to reduce burden. [Effective 03/22/01, your response must SPECIFICALLY reference the Government Paperwork Elimination Act (GPEA), which addresses electronic filing and recordkeeping, and what you are doing to adhere to it. You must explain how you will provide a fully electronic reporting option by October 2003, or an explanation of why this is not practicable.]
In compliance with the GPEA, TSA encourages electronic submissions for this information collection to decrease submission and collection burdens on the covered parties and on the government. The final rule permits some of the information to be provided in whatever format the regulated party chooses, including email and telephone. Automated submissions will not be allowed for certain aspects of the collection, as TSA requires the human point of contact for providing the specifics of its request for car location and shipping information, the discussion of reported significant security concerns, and to ensure that the documented chain of custody and control was attended or in a secure area when the covered rail cars were exchanged. TSA has not developed any forms for this collection of information.
Describe efforts to identify duplication. Show specifically why any similar information already available cannot be used or modified for use for the purpose(s) described in Item 2 above.
In order to avoid duplication of other reporting requirements, TSA worked with the Coast Guard; the relevant modal administrations of the Department of Transportation (DOT), including the Pipeline and Hazardous Materials Safety Administration (PHMSA) and the Federal Railroad Administration (FRA); and the Nuclear Regulatory Commission. To solicit public comment, TSA also published a notice of proposed rulemaking (NPRM) with a 60-day comment period and held one public meeting in Arlington, Virginia on February 2, 2007.
RSC Information
There may be apparent duplication in the designation and reporting to the government the information of a responsible security official. Coast Guard requires the reporting of a Facility Security Officer (FSO) under 33 CFR part 105 and maintains a list of FSOs. However, TSA believes that its collection of RSC information is not duplicative, because the TSA requirement is tailored to the railroad security nexus of a port facility and not the general security of an entire port facility operation.
Significant Security Concerns Information
There may be apparent duplication and overlap of requirements to report significant security concerns to TSA with: the Coast Guard regulations under 33 CFR part 105; DHS Chemical Facility Anti-Terrorism Standards at 6 CFR part 27; PHMSA Hazardous Materials Regulations at 49 CFR part 171; FRA regulations at 49 CFR 225; and, Federal Transit Administration (FTA) regulations at 49 CFR part 659. However, TSA believes these reporting requirements are not duplicative because each supports a particular agency mission and programmatic purpose. TSA is the lead agency for surface transportation security and needs information immediately on potential threats, suspicious activities, and security incidents for the purposes of comprehensive intelligence analysis, threat assessment, and allocation of security resources for, in this instance, the security of freight rail, passenger rail, and rail transit systems. Information provided to Coast Guard and DHS, although security related, is targeted at port facilities and chemical facilities, respectively, not specifically transportation facilities or conveyances. Therefore, it will not meet TSA’s information collection needs. Information provided to the DOT modal administrations is most often safety related. These collections are generally geared toward analyzing information to determine and correct the circumstances that caused an accident after the fact, whereas the TSA collection is targeted at analysis to identify terrorist planning and prevent an attack.
If the collection of information has a significant impact on a substantial number of small businesses or other small entities (Item 5 of the Paperwork Reduction Act submission form), describe the methods used to minimize burden.
The information collection outlined in this supporting statement will impact small businesses; however TSA has determined that the collection will not have a significant impact on a substantial number of small businesses. In order to minimize any burden this information collection creates, TSA is allowing submission of information electronically for most of the requirements.
Location and Shipping Information
For the location and shipping information collection required under 49 CFR 1580.103, TSA will allow shippers, receivers, and Class II and III railroads, which include small businesses, to respond to TSA’s request within 30 minutes of a TSA notification. TSA may approve a longer period of time if the threat allows and if warranted by the covered party’s circumstances. TSA will also allow covered parties the choice to respond to its request in five specific formats. TSA can approve another format, most likely telephonic reporting, if the threat allows and if warranted by the circumstances of the covered party.
Describe the consequence to Federal program or policy activities if the collection is not conducted or is conducted less frequently, as well as any technical or legal obstacles to reducing burden.
If the information collection were not conducted, TSA’s ability to enhance the security of the Nation’s rail systems would be hindered. TSA has carefully tailored its information collection activities to only those collections that are necessary to support its security programs. Because the collection as described in this statement are regulatory requirements under 49 CFR part 1580, the following obstacles exist to reduce the reporting burden or information collection:
RSC Information
RSCs are required to perform two main functions: to serve as a point of contact with TSA on security matters and communications and to coordinate security practices and procedures with appropriate law enforcement and emergency response agencies. Without the collection of RSC information (and an alternate), TSA would have to rely on the various trade associations to voluntarily disseminate vital security information to their members. This would frustrate TSA’s goal of two-way information sharing with the owner/operator in three ways. First, not all covered parties are members of a trade association. Therefore, timely threat information, security guidance, information circulars and other TSA/DHS security products would not reach the entire necessary audience. Second, TSA is unable to create a one-on-one relationship with covered parties that would facilitate information flow from the covered party to TSA. Third, a main function of the RSC, to serve as TSA’s primary contact for security information and communications and to coordinate security practices with other entities, is impossible if TSA and other entities were not aware of the RSC’s identity. Because covered parties are required to report RSC information only once initially, with follow-up reporting required within seven days only if the RSC information changes, it is not practical for TSA to reduce the reporting burden.
Location and Shipping Information
During heightened threat or an incident, the location and shipping information collection requirement will allow TSA to locate cars that could be used as weapons of mass effect and assess the threat to a target city or icon. Without this information collection, TSA cannot know the location of cars carrying materials poisonous by inhalation, explosives, or radioactives in relation to high population areas or potential targets. TSA intends to limit its collection of location and shipping information to only those times of heightened security threat, natural disasters, and a sufficient number of inspections to ensure the covered parties’ ability and willingness to comply with 49 CFR 1580.103.
Significant Security Concerns Information
ATSA tasks TSA with “[assessing] threats to transportation.” 49 U.S.C. 114 (f)(2). TSA currently depends on voluntary reporting and intelligence to assess threats to rail transportation. This does not provide a sufficient overall picture of the threat and vulnerability of rail sector. Therefore, TSA will require covered entities to report significant security concerns, which will encompass incidents, suspicious activities, and threat information. This collection will aid TSA in detecting terrorist activities. DHS will piece together these seemingly unrelated or minor observations, encounters, and incidents and analyze information from various sources to identify indications of planning and preparations of attack. Without this collection, TSA/DHS will lack sufficient information for analysis to assist in detecting threats to rail transportation.
Chain of Custody and Control Documentation
TSA will require carriers to document the exchange of custody and control of rail cars carrying specific categories and quantities of hazardous materials to ensure that covered entities comply with all other requirements of that section. Without this collection, TSA will be unable ensure that rail cars containing covered materials are attended during the exchange of custody and therefore, not left unattended in a non-secure area and vulnerable to sabotage while awaiting transfer. This collection cannot be accomplished less frequently because it is immediate verification of compliance with a regulatory requirement.
Explain any special circumstances that require the collection to be conducted in a manner inconsistent with the general information collection guidelines in 5 CFR 1320.5(d)(2).
5 CFR 1320.5(d)(2)(i) (requiring respondents to report information to the agency more often than quarterly): In the interest of transportation security and to aid in detecting terrorist activities, TSA will require covered parties to report significant security concerns as they occur, which will encompass incidents, suspicious activities, and threat information. For the same reasons, TSA will require covered parties to provide location and shipping information on rail cars in their physical custody and control to TSA upon request.
Describe efforts to consult persons outside the agency to obtain their views on the availability of data, frequency of collection, the clarity of instructions and recordkeeping, disclosure, or reporting format (if any), and on the data elements to be recorded, disclosed, or reported. If applicable, provide a copy and identify the date and page number of publication in the Federal Register of the agency's notice, required by 5 CFR 1320.8(d) soliciting comments on the information collection prior to submission to OMB. Summarize public comments received in response to that notice and describe actions taken by the agency in response to these comments. Specifically address comments received on cost and hour burden.
Explain any decision to provide any payment or gift to respondents, other than remuneration of contractors or grantees.
TSA will not provide any payment or gift to respondents.
Describe any assurance of confidentiality provided to respondents and the basis for the assurance in statute, regulation, or agency policy.
In many cases of this information collection TSA has provided covered parties with the assurance that information submitted to TSA or collected by TSA representatives will be treated as sensitive security information (SSI) under 49 CFR part 1520.
RSC Information
The personal information of RSCs provided to TSA under this collection will not normally be shared with organizations external to DHS. However, if needed for official business purposes, the information may be shared with other Federal, State, local, or tribal government agencies, including DOT. Federal agencies are subject to the safeguarding requirements of the Federal Information Security Management Act, Title III of the E-Government Act, Pub. L. 107-347 (FISMA) and the Privacy Act of 1974. To the extent that information is shared with non-Federal entities, such as State, local, or tribal agencies, TSA expects that information will be safeguarded in accordance with procedures designed to protect such information.
Location and Shipping Information
Location and shipping information required by this final rule, maintained and submitted by the regulated party, would not be considered SSI. Once DHS or DOT has received the location and shipping information provided by the regulated party, it will be included as part of a broader analysis of the location of rail cars subject to the location reporting requirement. This compilation, not the raw data, will constitute SSI under revised 49 CFR 1520.5(b)(12). Such compilations require greater protection than the information maintained by the regulated party for its business purposes because the release of a compilation of location and shipping information to the public would increase the risk that the compiled information could be used to identify vulnerabilities or to plan an attack on critical assets. In the NPRM, TSA proposed to revise 49 CFR 1520.5(b)(12), relating to information concerning infrastructure assets, to include rail transportation systems. Under this provision, which TSA has included in the final rule, lists of critical infrastructure assets, including rail cars containing covered materials, prepared by DHS or DOT, are considered SSI.
Significant Security Concerns Information
Reports of significant security concerns would be considered SSI once TSA receives them, under § 1520.5(b)(7).
Provide additional justification for any questions of sensitive nature, such as sexual behavior and attitudes, religious beliefs, and other matters that are commonly considered private.
TSA will not ask any questions of a sensitive or private nature.
Provide estimates of hour burden of the collection of information.
Annual Reporting Burden
RSC Annual Reporting Burden
a. Number of Respondents 945
b. Number of Responses per request 1
c. Number of Requests 0.33
d. Hours per response 1
e. Total Reporting Burden 311.85 (rounded to 312)
RSC annual reporting burden is approximately 312 annual hours. This figure was derived by multiplying the number of respondents (945) x responses per request (1) x number of requests, once every three years (0.33) x one hour (1) = 311.85 (rounded to 312).
Annual Location and Shipping Information Reporting Burden
Number of Responses per request 15
Number of Requests 10
Total Annual Responses 150
Hours per response 1
Total Reporting Burden 150
This information collection burden is a function of the estimated number of TSA requests (15 x 10 = 150), not the total population covered by the regulation that TSA could query. For the purpose of this analysis, TSA assumed, as a primary estimate that the agency will make 10 annual requests for car locations. This estimate is based on an assumption that the agency will conduct one location request per quarter to ensure that affected entities could meet the requirement; that five location requests will result from natural disasters (such as hurricanes); and that there may be one national security incident where a car location will need to be known. TSA anticipates that it will target these requests geographically and will not make requests of all affected entities. In estimating the cost of this requirement, TSA therefore assumed it will contact 15 firms or regulated parties during a request for car location information. Although the agency assumed the regulated parties will be able to comply with all requests within the time constraints stipulated by the rule, TSA estimated that communications between the regulated entity and the government could take as much as one hour (although in many cases it may take much less time). Of the 150 responses, TSA will request the information of many entities annually, while for other smaller entities TSA will only request the information once every 2-3 years.
Total Location and Shipping annual reporting burden is 150 hours. This figure was derived by multiplying the number of responses per request (15) x number of requests (10) x 1 hour (1) = 150.
Annual Significant Security Concerns Reporting
Affected Group |
Estimate # of carriers |
Frequency of Reports |
Reports / Year |
||||
Low1 |
Primary |
High |
Low |
Primary |
High |
||
Class I Railroads |
7 |
1 / Month |
2 / Month |
3 / Month |
84 |
168 |
252 |
Commuter Rail Systems |
21 |
2 / Day |
3 / Day |
4 / Day |
15,330 |
22,995 |
30,660 |
Regional Railroads |
31 |
1 / Year |
2 / Year |
3 / Year |
31 |
62 |
93 |
Rail Transit Systems |
41 |
2 / Day |
3 / Day |
4 / Day |
29,930 |
44,895 |
59,860 |
Other Rail Transit Systems |
86 |
0 / Year |
1 / Year |
2 / Year |
0 |
86 |
172 |
Local Railroads |
518 |
1 / Year |
2 / Year |
3 / Year |
518 |
1,036 |
1,554 |
Total Rail Hazardous Materials Facilities |
241 |
0 / Year |
1 / Year |
2 / Year |
0 |
241 |
482 |
Total |
|
45,893 |
69,483 |
93,073 |
|||
Sources: BTS, TSA Calculations |
|
|
|
|
|
|
|
Total primary annual reporting burden is 69,483 hours. This figure was derived by multiplying the estimated number of annual responses (69,483) x 1 hour (1) = 69,483.
TSA assumes each railroad carrier, rail transit system, and rail hazardous materials facility will be required to file reports on significant security concerns. The Coast Guard has estimated that reports of hazardous substance and oil releases and of suspicious activities take 5 minutes.2 The requirement that an incident be reported immediately usually results in partial information being available at the time of the initial call. TSA assumed that the carrier, transit system or facility will spend an additional 55 minutes to collect more complete information to submit in a follow-up call. This results in an estimate of 1 hour (5 minutes + 55 minutes).
Annual Chain of Custody Documentation
Total chain of custody annual reporting burden is 219,000 hours. Due to uncertainty surrounding how affected firms will comply with this provision, TSA adopted some simplifying assumptions, described below, to estimate this annual reporting burden to affected entities.
First, TSA believes and AAR data suggest that approximately 75,000 of the approximately 111,000 shipments of the materials covered by the rule are interchanged in any given year. These interchanges, as described in the final rule Regulatory Impact Assessment, take place on rail sidings or in rail yards, and TSA believes that 20,000 of these interchanges occur unattended, either in an unmanned yard or siding. Interchanges that take place in a manned rail yard will most likely meet the requirements of the final rule and will therefore not impact carrier operations.
Second, evidence gathered by TSA suggests that the 20,000 unattended interchanges that occur take place at a limited number of locations around the United States. TSA, through communications with various industry subject matter experts and its field work in the rail transportation sector, believes that all 20,000 unattended interchanges that do not occur in manned rail yards take place at approximately 50 locations around the country. If the 20,000 unattended interchanges are distributed equally among the 50 locations, and if the distribution of interchanges over time is fairly uniform, then that means that there is approximately one interchange per day per location (20,000 / 365 / 50 = 1.09). TSA acknowledges that this may not be true. Different factors, such as geography and seasonal business patterns, undoubtedly influence the distribution of these interchanges. However, the agency made this simplifying assumption to generate a cost estimate for this provision of the rule.
Because this requirement is a performance standard, there are a number of ways in which carriers could comply with this provision. For the purposes of this analysis, however, TSA assumed that affected railroad carriers will utilize security guards to police the 50 locations of interchanges to ensure that there is a positive chain of custody. To estimate compliance cost for carriers, the agency assumed that each of the 50 unattended interchange locations likely to be affected will be staffed with a guard for 12 hours per day, 365 days per year, meaning the annual reporting burden will be 219,000 hours (12 hours per day x 365 days per year x 50 locations = 219,000 hours per year).
Total Annual Burden is 288,945 hours. This figure was derived by adding the annual burdens for RSC reporting (312) + location and shipping reporting (150) + primary significant security concerns reporting (69,483) + chain of custody reporting (219,000) = 288,945.
Provide an estimate of the total annual cost burden to respondents or recordkeepers resulting from the collection of information.
RSC Start-up Cost Reporting Burden
a. Number of Respondents 945
b. Number of Responses per request 1
c. Total Annual Responses 945
d. Hours per Response 1
e. Total Reporting Burden 945
RSC Start-up Reporting Burden is 945. This figure was derived by multiplying the number of respondents (945) x start-up (1) x one hour (1) = 945.
TSA estimates it will take respondents an hour to draft and submit necessary RSC contact information to TSA. In creating this estimate, TSA assumed that affected entities would need to complete this requirement every three years due to job turnover and changing responsibilities among executives.
Annual Reporting Costs
RSC total annual cost is $28,378. This figure was derived by multiplying the number of respondents (945) x responses per request (1) x number of requests, once every three years or (0.33) x one hour (1) x wage rate ($91) = $28,378.
TSA estimates it will take respondents an hour to draft and submit necessary RSC contact information to TSA. In creating this estimate, TSA assumed that affected entities would need to complete this requirement every three years due to job turnover and changing responsibilities among executives.
Location and Shipping total annual cost is $ 13,650. This figure was derived by multiplying the number of responses per request (15) x number of requests (10) x 1 hour (1) x the hourly wage rate ($91) = $ 13,650.
Significant Security Concern Reporting total annual cost is $ 4,377,429. This figure was derived by multiplying the estimated number of annual responses (69,483) x 1 hour (1) x wage rate ($63.00) = $ 4,377,429.
TSA assumes each railroad carrier, rail transit system, and rail hazardous materials facility will be required to file reports on significant security concerns. The Coast Guard has estimated that reports of hazardous substance and oil releases and of suspicious activities take 5 minutes.3 The requirement that an incident be reported immediately usually results in partial information being available at the time of the initial call. TSA assumed that the carrier, transit system, or facility will spend an additional 55 minutes to collect more complete information to submit in a follow-up call. The average cost of reporting a suspicious activity, collecting additional information, and making a follow-up call will be approximately $63 using the standard wage rate of a yard master.
Chain of Custody total annual cost is $4,969,110. This figure was derived by multiplying the total annual hourly burden (219,000) x the wage rate ($22.69/hr) = $4,969,110.
Overall Total Annual Cost is $9,388,567. This figure was derived by adding the annual costs for RSC reporting ($28,378) + location and shipping reporting ($13,650) + primary significant security concerns reporting ($4,377,429) + chain of custody reporting ($4,969,110) = $9,388,567.
Provide estimates of annualized cost to the Federal Government. Also, provide a description of the method used to estimate cost, and other expenses that would not have been incurred without this collection of information.
There are no new costs to the government with this collection.
Explain the reasons for any program changes or adjustments reported in Items 13 or 14 of the OMB Form 83-I.
This is a new program.
For collections of information whose results will be published, outline plans for tabulation and publication. Address any complex analytical techniques that will be used. Provide the time schedule for the entire project, including beginning and ending dates of the collection of information, completion of report, publication dates, and other actions.
None of this information will be published.
If seeking approval to not display the expiration date for OMB approval of the information collection, explain the reasons that display would be inappropriate.
TSA is not seeking approval to not display the expiration date for OMB approval of the information collection.
Explain each exception to the certification statement identified in Item 19, “Certification for Paperwork Reduction Act Submissions,” of OMB Form 83-I.
There are no exceptions.
1 Low, primary and high refer to the different types of estimates found in the final rule Regulatory Impact Assessment. Frequently, when conducting an analysis and do not have accurate data, TSA calculates a range of estimates – low primary and high in this case.
2 United States Coast Guard Information Collection Request for hazardous spill reporting under the Comprehensive Environmental Response, Compensation, and Liability Act.
3 United States Coast Guard Information Collection Request for hazardous spill reporting under the Comprehensive Environmental Response, Compensation, and Liability Act.
| File Type | application/msword |
| File Title | INFORMATION COLLECTION SUPPORTING STATEMENT |
| Author | Joanna.Johnson |
| Last Modified By | Joanna.Johnson |
| File Modified | 2009-04-02 |
| File Created | 2009-04-02 |