[DOCID: f:sr332.109] From the Senate Reports Online via GPO Access [wais.access.gpo.gov] 109th Congress Report SENATE 2d Session 109-332 _______________________________________________________________________ Calendar No. 495 SENATE 109-332 <greek-l>TITLE deg.CHEMICAL FACILITY ANTI-TERRORISM ACT OF 2006 __________ R E P O R T OF THE COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS UNITED STATES SENATE<greek-l> CONFERENCE REPORT deg. To accompany S. 2145 together with ADDITIONAL VIEWS TO ENHANCE SECURITY AND PROTECT AGAINST TERRORIST ATTACKS AT CHEMICAL FACILITIES <GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT> <greek-l>DATE deg.September 11, 2006.--Ordered to be printed For Sale by the Superintendent of Documents, U.S. Government Printing Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; (202) 512ÿ091800 Fax: (202) 512ÿ092250 Mail: Stop SSOP, Washington, DC 20402ÿ090001 COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS SUSAN M. COLLINS, Maine, Chairman TED STEVENS, Alaska JOSEPH I. LIEBERMAN, Connecticut GEORGE V. VOINOVICH, Ohio CARL LEVIN, Michigan NORM COLEMAN, Minnesota DANIEL K. AKAKA, Hawaii TOM COBURN, Oklahoma THOMAS R. CARPER, Delaware LINCOLN D. CHAFEE, Rhode Island MARK DAYTON, Minnesota ROBERT F. BENNETT, Utah FRANK LAUTENBERG, New Jersey PETE V. DOMENICI, New Mexico MARK PRYOR, Arkansas JOHN W. WARNER, Virginia Michael D. Bopp, Staff Director and Chief Counsel Allison J. Boyd, Counsel Michael L. Alexander, Minority Staff Director Holly A. Idelson, Minority Counsel Trina Driessnack Tyrer, Chief Clerk Calendar No. 495 109th Congress Report SENATE 2d Session 109-332 ====================================================================== CHEMICAL FACILITY ANTI-TERRORISM ACT OF 2006 _______ September 11, 2006.--Ordered to be printed _______ Ms. Collins, from the Committee on Homeland Security and Government Affairs, submitted the following R E P O R T together with ADDITIONAL VIEWS [To accompany S. 2145] The Committee on Homeland Security and Governmental Affairs, to which was referred the bill (S. 2145) to enhance security and protect against terrorist attacks at chemical facilities, having considered the same, reports favorably thereon as amended and recommends that the bill do pass. CONTENTS Page I. Purpose and Summary.............................................1 II. Background and Need for Legislation.............................2 III. Discussion of Legislation......................................17 IV. Legislative History............................................29 V. Section-by-Section Analysis....................................34 VI. Congressional Budget Office Cost Estimate......................47 VII. Changes in Existing Law........................................54 VIII. Additional Views...............................................55 I. PURPOSE AND SUMMARY The purpose of S. 2145 is to enhance security and protect against terrorist attacks at chemical facilities. Among other things, S. 2145 gives the Department of Homeland Security (DHS) new authority to regulate the security of chemical facilities across the United States. The bill takes an integrated approach to security, comprehensively addressing vulnerabilities, threats, and consequences of a terrorist attack on a chemical facility. The bill gives DHS discretion to regulate the Nation's at- risk chemical facilities. Under the bill, DHS would designate a facility for regulation only after a consideration of risk- based factors such as the perceived threat to the facility; the potential extent and likelihood of death or injury, environmental harm, and economic loss that could result from a terrorist attack on the facility; the proximity of the facility to population centers; the nature and quantity of the chemical substance of concern at the facility; and the threat to economic and national security and critical infrastructure. The bill also requires DHS to place the designated facilities into risk-based tiers, so that the facilities of greatest concern from a security standpoint are required to put forward the greatest effort to reduce the risk of an attack on those facilities. All covered facilities must complete or update vulnerability assessments, security plans, and emergency response plans, and must submit these assessments and plans to DHS for approval. The Secretary must approve or disapprove all assessments and plans. The bill requires that vulnerability assessments and security plans be both risk-based and performance-based. The bill's risk-based approach requires security measures at a given facility to be proportional to the threat, vulnerabilities, and consequences of a potential terrorist attack at that facility. Therefore, the greater the risk of a potential terrorist attack on a particular facility, the greater the security measures required at that facility to protect against such an attack or to mitigate its consequences. Requiring performance-based standards means a facility governed by the bill can choose the most economical and effective means of addressing the vulnerabilities to, and the threat and consequence of, a terrorist attack on that particular facility. The Department is required to set performance standards for each risk-based tier. If DHS determines that a covered facility has not complied with the regulations or with an order issued under the bill, DHS may enforce those regulations and orders through a variety of mechanisms, including civil and criminal penalties, and issuing an order to a facility to cease operations. The Department is directed to create an office for chemical security and a regional and area structure for implementing the bill. The bill exempts protected information from disclosure under the Federal Freedom of Information Act (FOIA), and any State or local law providing for public access to information. The Secretary of Homeland Security is specifically authorized to regulate the handling and purchase of ammonium nitrate. The bill sets a uniform Federal standard for chemical security regulation, while preserving the right of State and local governments to adopt chemical security requirements more stringent than the Federal standard, provided that the state or local standard does not actually conflict with the Federal standard. II. BACKGROUND AND NEED FOR LEGISLATION Background When al Qaeda terrorists hijacked commercial airplanes to attack American office buildings, it became clear that the United States' new enemy would target our infrastructure as well as seeking to inflict mass casualties. Indeed, few scenarios loom more ominously than terrorists leveraging a facility storing deadly chemicals against us. The potential devastation from a terrorist attack on a chemical facility was demonstrated on December 3, 1984, when poisonous cyanide gas was accidentally released from a pesticides plant in Bhopal, India, killing thousands within a few hours. A terror attack on such a facility would presumably be designed to take an even greater human toll. International and domestic terrorists have had U.S. chemical facilities in their cross-hairs for at least a decade.\1\ Terrorists have aimed not only to target facilities directly, but also to steal chemicals from facilities for nefarious purposes. One of the 1993 World Trade Center bombers, Nidal Ayyad, was employed as a chemical engineer and used company stationery to order the chemical ingredients to make the bomb. Testimony at the bombers' trial indicated that they had also stolen cyanide from a chemical facility and were planning to introduce it into the ventilation system of office buildings.\2\ --------------------------------------------------------------------------- \1\ Congressional Research Service, ``Chemical Facility Security,'' August 2, 2006, at 4. \2\ Id. --------------------------------------------------------------------------- For years, the Federal government's law enforcement and intelligence community has been sounding the alarm regarding the terrorist threat to the chemical sector. The Department of Justice ``has been warning of the terrorist threat to such facilities for a number of years,'' and the Justice Department's ``risk assessment in 2000, conducted at the direction of the President and pursuant to the Clean Air Act, concluded in no uncertain terms that chemical facilities present attractive targets for terrorists.'' \3\ Justice ``concluded that the risk of terrorists attempting in the foreseeable future to cause an industrial chemical release is both real and credible.'' \4\ In 2003, the Justice Department informed GAO about two attempts to attack chemical facilities in the late 1990s, including a 1998-99 episode where ``domestic terrorists plotted to use a destructive device against a facility outside of Sacramento which housed millions of gallons of propane.'' \5\ Moreover, in testimony from the Director of the Central Intelligence Agency on February 6, 2002, George Tenet warned of the potential for a terrorist attack on a chemical facility by al Qaeda.\6\ --------------------------------------------------------------------------- \3\ Letter from Paul Corts, Assistant Attorney General for Administration, U.S. Department of Justice, to John Stephenson, Director, Natural Resources and Environment, GAO, Feb. 28, 2003, at 2. \4\ Id. \5\ Letter from Paul Corts, Assistant Attorney General for Administration, U.S. Department of Justice, to John Stephenson, Director, Natural Resources and Environment, GAO, Feb. 28, 2003, at 2. \6\ Id.; GAO, Homeland Security: Voluntary Initiatives Are Under Way at Chemical Facilities, But the Extent of Security Preparedness Is Unknown, Mar. 2003, GAO-03-439, at 9. --------------------------------------------------------------------------- Many security experts, including Richard Falkenrath, at a January 2005 Committee hearing, have identified chemical facilities as an especially vulnerable target. Falkenrath described terrorists' ability to exploit inadequately secured systems within the United States, as exemplified by the use of passenger aircraft on 9/11. Chemical facilities, Falkenrath said, were acutely vulnerable and uniquely dangerous--surpassed in danger only by threats such as nuclear devices and bioterrorism.\7\ --------------------------------------------------------------------------- \7\ The Department of Homeland Security: The Road Ahead: Hearing Before the Senate Comm. on Homeland Security and Governmental Affairs, 109th Cong. 29, 114-15 (2005) (testimony of Richard Falkenrath). --------------------------------------------------------------------------- Despite the abundance of evidence and warnings, the government has taken little action. In 2003, GAO reported that ``Chemical facilities may be attractive targets for terrorists intent on causing massive damage.'' \8\ The EPA has cataloged some 15,000 facilities in the United States that manufacture, use or store hazardous chemicals under its Clean Air Act Risk Management Program (RMP). Using the EPA's RMP data, GAO noted that 123 chemical facilities in the United States have worst- case scenarios in which a toxic release could potentially threaten at least 1,000,000 people if attacked.\9\ The Department of Homeland Security uses a different methodology, but still has identified 3,400 facilities that could affect more than 1,000 people if attacked.\10\ In creating its list of high risk chemical facilities, DHS started with the EPA's RMP list, and reduced it by eliminating facilities that were redundant, ``were no longer in business or were no longer RMP facilities * * * were the responsibility of another critical infrastructure sector,'' and agricultural facilities.\11\ According to DHS, of the 3,400 facilities on its list, 272 facilities could potentially affect more than 50,000 people.\12\ GAO reported that no Federal law explicitly required chemical facilities to ``assess vulnerabilities or take security actions to safeguard their facilities against terrorist attack,'' and that the Federal government ``has not comprehensively assessed the chemical industry's vulnerabilities to terrorist attacks.'' \13\ --------------------------------------------------------------------------- \8\ GAO, Homeland Security: Voluntary Initiatives Are Under Way at Chemical Facilities, But the Extent of Security Preparedness is Unknown, Mar. 2003, GAO-03-439, at 3. \9\ Id. At 9-10 (citing EPA, Chemical Accident Risks in U.S. Industry--A Preliminary Analysis of Accident Risk Data from U.S. Hazardous Chemical Facilities, Sept. 25, 2000). \10\ GAO, Homeland Security: DHS Is Taking Steps to Enhance Security at Chemical Facilities, but Additional Authority Is Needed, Jan. 2006, GAO-06-150, at 22. \11\ Id. at 21. \12\ Id. at 22; Is the Federal Government Doing Enough to Secure Chemical Facilities and Is More Authority Needed: Hearing Before the Senate Comm. on Homeland Security and Governmental Affairs, 109th Cong. (2005) (testimony of Robert Stephan). \13\ Id. at 4. --------------------------------------------------------------------------- Also in 2003, GAO acknowledged the voluntary work of the chemical industry to enhance security at its facilities, particularly that of the American Chemistry Council (ACC), which requires members to conduct security vulnerability assessments and implement security improvements.\14\ Yet ACC members represent only a fraction of the chemical sector. GAO stated: ``Despite the voluntary industry initiatives to date, the extent of security preparedness across the chemical industry is unknown,'' and ``both the Secretary of Homeland Security and the Administrator of the EPA have stated that voluntary efforts alone are not sufficient to assure the public of the industry's preparedness.'' \15\ GAO therefore recommended in 2003 that DHS and EPA develop a comprehensive national chemical security strategy.\16\ --------------------------------------------------------------------------- \14\ Id. at 5. \15\ Id. at 5, 23. \16\ Id. at 5. --------------------------------------------------------------------------- GAO repeated these conclusions the next year in testimony before a House subcommittee, stating, ``Experts agree that the Nation's chemical facilities may be attractive targets for terrorists intent on causing massive damage, but the extent of security preparedness since the events of September 11, 2001, is unknown.'' \17\ A year later, there was still no legal provision for Federal regulation of chemical sector security, and still no comprehensive Federal assessment of chemical facility security.\18\ --------------------------------------------------------------------------- \17\ GAO, Homeland Security: Federal Action Needed to Address Security Challenges at Chemical Facilities, Feb. 23, 2004, GAO-04-482T, at 2 (testimony of John B. Stephenson, Director, Natural Resources and Environment, GAO, before the Subcommittee on National Security, Emerging Threats, and International Relations, Committee on Government Reform, U.S. House of Representatives). \18\ Id. at 3, 8-11. --------------------------------------------------------------------------- Also in 2004, the CBS News television magazine ``60 Minutes'' focused on chemical security. The news show spoke with an investigative reporter at the Pittsburgh Tribune- Review, who examined 60 plants in Chicago, Pittsburgh, Baltimore and Houston, and walked into them without difficulty. ``We found gates unlocked or wide open, dilapidated fences, and unprotected tanks filled with deadly chemicals,'' the ``60 Minutes'' reporter said of the facilities he examined in Chicago and California. Former Senator Warren Rudman, co-author of the blue ribbon task force on homeland security, told ``60 Minutes'' that chemical security is an ``extraordinarily serious problem,'' and recommended that Congress authorize DHS to set and enforce chemical security standards.\19\ --------------------------------------------------------------------------- \19\ Steve Kroft, ``Chemical Plant Insecurity; Concern Over Terrorist Access to U.S. Chemical Plants,'' 60 Minutes, Jun. 13, 2004 (transcript). --------------------------------------------------------------------------- In January 2005, Richard Falkenrath of the Brookings Institution urged Congress to give DHS the authority to regulate the security of the Nation's at-risk chemical facilities, when he testified before the Committee's hearing, ``The Department of Homeland Security: The Road Ahead.'' He cited that one acute and ``almost uniquely dangerous'' threat, ``toxic-by-inhalation industrial chemicals.'' \20\ The impact of destroying certain chemical facilities, he said, could only be rivaled by an improvised nuclear device.\21\ He criticized the Federal government for having made ``no material reduction in the inherent vulnerability of hazardous chemical targets inside the United States,'' and recommended that ``doing so should be the highest critical infrastructure protection priority for the Department of Homeland Security in the next two years.'' \22\ --------------------------------------------------------------------------- \20\ The Department of Homeland Security: The Road Ahead: Hearing Before the Senate Comm. on Homeland Security and Governmental Affairs, 109th Cong. 29, 114-15 (2005) (testimony of Richard Falkenrath). \21\ Id. \22\ Id. --------------------------------------------------------------------------- The Department's ``National Strategy for Security of the Chemical Sector'' report, issued in May 2006, noted, ``Chemical facilities in the U.S. are ubiquitous and represent potentially attractive targets for a terrorist adversary. Because the potential for inflicting casualties and economic damage by attacking a chemical facility is relatively high, the U.S. will continually be concerned with Chemical Sector security.'' \23\ --------------------------------------------------------------------------- \23\ National Strategy for Securing the Chemical Sector: A Report to the Committees on Appropriations of the United States Senate and House of Representatives, The U.S. Department of Homeland Security, April 2006, at 3. Although the cover of the report notes date of issuance as ``April 2006,'' the report was actually delivered to the Committees on Appropriations in May 2006. --------------------------------------------------------------------------- Statutory authority Five years after the attacks of September 11, 2001, the Federal government lacks the statutory authority to comprehensively regulate the security of chemical facilities in the United States. Instead, the Federal government is authorized to regulate only segments of the chemical sector, creating a patchwork of regulation that has left far too many facilities completely unregulated. For example, DHS and the Department of Transportation have broad statutory authority to regulate the transportation of hazardous materials, but lack the authority to regulate their security when stored at most stationary facilities. Further, a small portion of chemical facilities are subject to two post-9/11 Federal statutes that specifically address the security concerns: the Maritime Transportation Security Act (MTSA), P.L. 107-295, and the Public Health Security and Bioterrorism Preparedness and Response Act of 2002 (Bioterrorism Act), P.L. 107-188. Under MTSA, the U.S. Coast Guard--a component of DHS-- regulates chemical facilities that are located along navigable waterways and receive shipments via vessels. Under MTSA, the Coast Guard has reviewed 3,000 facility security plans and has jurisdiction over approximately 300 chemical and petrochemical facilities.\24\ Under the Bioterrorism Act, the EPA regulates security at community water systems. The Bioterrorism Act covers 8,400 of the largest water facilities in the United States. Both statutes require vulnerability assessments and the creation of or updating of emergency response plans. However, only MTSA requires facilities to submit security plans and install security measures; the Bioterrorism Act does not require a specific security plan or security measures. Further, MTSA provides for an ongoing security regime; the Bioterrorism Act requires that the assessments and plans be maintained for five years, but gives no clear guidance after that. --------------------------------------------------------------------------- \24\ Chemical Facility Security: What is the Appropriate Federal Role?: Hearing Before the Senate Comm. On Homeland Security and Governmental Affairs, 109th Cong. 16, 53 (2005) (testimony of Rear Admiral Craig E. Bone, Director of Port Security, Marine Safety, Security, and Environmental Protection Directorate, U.S. Coast Guard, and Bob Slaughter, President, National Petrochemical and Refiners Association). --------------------------------------------------------------------------- The Homeland Security Act of 2002 (HSA), P.L. 107-296, also provides some authority with respect to the Department's critical infrastructure protection mission, but the HSA does not specifically address chemical facility security. While it authorizes DHS to analyze vulnerabilities and to recommend measures to protect the critical infrastructure of the United States, of which the chemical sector is a part, it does not authorize DHS to mandate the submission of plans or the installation of any security measures. At the moment, DHS has no power to require these facilities to implement security enhancements. While the chemical industry has made some notable voluntary efforts to enhance security at chemical facilities, there is no comprehensive architecture of security across the chemical sector. As noted above, the Department itself, in testimony before the Committee given by Assistant Secretary Bob Stephan, noted that 20 percent of the 3,400 facilities deemed by the Department to be high risk are not participating in any kind of measurable voluntary code.\25\ --------------------------------------------------------------------------- \25\ Is the Federal Government Doing Enough to Secure Chemical Facilities and Is More Authority Needed: Hearing Before the Senate Comm. On Homeland Security and Governmental Affairs, 109th Cong. (2005)(statement of Robert Stephan). --------------------------------------------------------------------------- As early as 2002, the Administration called for legislation to regulate the chemical sector.\26\ In 2003 and again in 2004, the President publicly stated his support for chemical security legislation, stating ``we're working with Congress on new legislation that establishes uniform standards for securing chemical sites, and gives DHS the power to enforce those standards.'' \27\ Robert Stephan, then Acting Under Secretary for Information Analysis and Infrastructure Protection, testified before the Committee in June 2005, saying Secretary Chertoff had concluded new regulatory authority was needed to secure the Nation's chemical facilities.\28\ On March 21, 2006, Secretary Chertoff gave a speech on chemical security at a George Washington University-American Chemistry Council- sponsored event, asking for legislation that would grant DHS the authority to require security at chemical facilities to be enacted this year. Furthermore, the Department issued a ``National Strategy for Security of the Chemical Sector'' in May, noting, ``legislation that would provide the Department of Homeland Security with overarching regulatory authority for Chemical Sector security should be enacted.'' \29\ The Department stated in the National Strategy that ``the lack of regulatory authority regarding chemical facility security is a serious impediment to the achievement of its vision and goals for the sector. Without regulatory authority, the Federal government will largely be forced to rely on voluntary performance by sector security partners, and will be extremely limited in its ability to ensure that facilities are meeting minimum performance standards commensurate with their level or risk.'' \30\ The President's FY07 budget proposal for the Department included a $10 million request for the creation of a chemical security office which would establish standards and ensure strong safeguards are in place to reduce the vulnerability of the chemical industry critical infrastructure from acts of terrorism. --------------------------------------------------------------------------- \26\ Thomas J. Ridge & Christine Todd Whitman, A Security Requirement, The Washington Post, October 6, 2002, at B6. \27\ ``President Marks Homeland Security's Accomplishments at Year One,'' Washington, DC, March 2, 2004. The President's expression of support for legislation was worded virtually the same and occurred during an address at the FBI Academy in Quantico, Virginia, on September 10, 2003. \28\ Is the Federal Government Doing Enough to Secure Chemical Facilities and Is More Authority Needed: Hearing Before the Senate Comm. On Homeland Security and Governmental Affairs, 109th Cong. (2005) (statement of Robert Stephan). \29\ National Strategy for Securing the Chemical Sector: A Report to the Committees on Appropriations of the United States Senate and House of Representatives, The U.S. Department of Homeland Security, April 2006, at 8. \30\ National Strategy for Securing the Chemical Sector: A Report to the Committees on Appropriations of the United States Senate and House of Representatives, The U.S. Department of Homeland Security, April 2006, at 8-9. --------------------------------------------------------------------------- Hearings Four hearings held by this Committee showcased not only the threat to the chemical sector, but also the need for Federal legislation granting DHS the authority to regulate the security of the nation's at-risk chemical facilities. On April 27, 2005, Chairman Collins convened the first of the four hearings. At that time, there had been no national strategy for chemical facilities. This hearing, ``Chemical Attack on America: How Vulnerable Are We?,'' highlighted the vulnerability of thousands of largely unprotected chemical facilities nationwide. The series of hearings would examine the complex issue of chemical facility security, and determine whether the risk of a terrorist attack warrants a legislative solution.\31\ The Committee noted that chemical security has not received the attention it deserves, given the vulnerabilities involved and called on the Administration to work with it on a bipartisan basis in order to help pass effective legislation this session of Congress.\32\ --------------------------------------------------------------------------- \31\ Chemical Attack on America: How Vulnerable Are We?: Hearing Before the Senate Comm. on Homeland Security and Governmental Affairs, 109th Cong. 1 (2005) (statement of Sen. Susan M. Collins). \32\ Id. at 4 (statement of Sen. Joseph I. Lieberman). --------------------------------------------------------------------------- Witnesses at the hearing were then-Senator Jon Corzine, Carolyn Merritt of the U.S. Chemical Safety and Hazard Investigation Board (CSB), John Stephenson of the U.S. Government Accountability Office, Richard Falkenrath of the Brookings Institution and Stephen Flynn of the Council on Foreign Relations. The consensus among the witnesses was that the chemical sector was vulnerable to a deadly attack. Security experts Flynn and Falkenrath, detailed the potential consequences of an attack on a chemical facility located in or near a high-density population center and storing massive quantities of extremely hazardous chemicals. Flynn described these facilities as the military equivalent of a poorly guarded weapon of mass destruction.\33\ Falkenrath noted in his written testimony, ``Of all the various remaining civilian vulnerabilities in America today, one stands alone as uniquely deadly, pervasive and susceptible to terrorist attack: toxic-inhalation-hazard industrial chemicals.'' \34\ The GAO's John Stephenson echoed the remarks of Flynn and Falkenrath, stating that experts agree chemical facilities are an attractive target for terrorists.\35\ --------------------------------------------------------------------------- \33\ Id. at. 22 (testimony of Stephen E. Flynn). \34\ Id. at 83 (written testimony of Richard Falkenrath). \35\ Id. at 62 (written testimony of John Stephenson). --------------------------------------------------------------------------- Despite the clear danger presented by certain chemical facilities, the CSB's Carolyn Merritt testified that too many high-risk facilities continue to repeat the mistakes of Bhopal, leaving their plants vulnerable. She testified about her investigations of accidental chemical releases across the Nation revealed serious gaps in the preparations for major chemical releases by companies, emergency responders, government authorities and the public. She testified that the CSB regularly finds deficiencies similar to those at Bhopal at major accidental incidents in this country, including failure to prepare the public for chemical emergencies. It was the lack of preparation that made the Bhopal accident particularly devastating, adding to the casualties--something she said can be mitigated with better preparedness and response efforts.\36\ --------------------------------------------------------------------------- \36\ Id. at 14-16, 25-26 (testimony of Carolyn Merritt). --------------------------------------------------------------------------- The witnesses also found that neither the chemical industry nor the Federal government had done enough to secure the potentially most deadly facilities. Stephenson stated that despite efforts by DHS to assess facility vulnerabilities, no comprehensive security assessment has been conducted nationwide, and that there are no Federal requirements that comprehensively address security at the Nation's chemical facilities.\37\ Testimony indicated the Federal government had not done enough to reduce the vulnerability of chemical facilities, nor did it have the authority to do so.\38\ --------------------------------------------------------------------------- \37\ Id. at 63-64 (written testimony of John Stephenson). \38\ Id. at 48 (written testimony of Sen. Jon Corzine). --------------------------------------------------------------------------- The witnesses agreed that Congress should authorize the Federal government to regulate the security of the Nation's at- risk chemical facilities.\39\ Falkenrath stated that a voluntary regime will not succeed: ``It is a fallacy to think that profit-maximizing corporations engaged in a trade as inherently dangerous as the manufacture and shipment of * * * chemicals will ever voluntarily provide a level of security that is appropriate given the larger external risk to society as a whole.'' \40\ Stephenson recommended that, even in the absence of legislation, the Federal government should develop a national strategy for chemical security.\41\ --------------------------------------------------------------------------- \39\ Id. at 26-29 (testimony of Falkenrath, Flynn, Merritt, Stephenson). \40\ Id. At 87 (written testimony of Falkenrath). \41\ Id. at 64 (written testimony of John Stephenson). --------------------------------------------------------------------------- Flynn stated that decisions about adequate security require threat information, which is typically controlled by the government. Without intelligence about threats, chemical companies are only making their best guess as to how much security to invest in. But the government, he added, has yet to develop the underlying intelligence necessary for facilities to assess their security on the basis of threat information alone, forcing decisionmakers to assess and enhance security on the basis of potential consequences of an attack on a facility.\42\ --------------------------------------------------------------------------- \42\ Id. at 35 (testimony of Flynn). --------------------------------------------------------------------------- Falkenrath testified that toxic-by-inhalation chemicals, such as chlorine and ammonia, are uniquely deadly, pervasive and susceptible to terrorist attack. He felt that there has been little progress made since 9/11 to secure chemical facilities. He outlined a regulatory approach that includes six parts: (1) a comprehensive inventory of all facilities; (2) mandatory, graduated Federal standards for security; (3) a certification procedure; (4) a verification procedure; (5) a compliance procedure; and (6) an appeals procedure.\43\ Falkenrath recommended that legislation include strong enforcement mechanisms, such as civil and criminal penalties, including the possibility of putting a facility out of business.\44\ He also stressed the importance of placing the facilities into different risk-based tiers, placing greater requirements on the facilities assigned to the tiers of greatest risk.\45\ Falkenrath explained that the tier-system would provide an incentive for facilities to enhance their security, so that they could fall to a lower risk tier and therefore be subject to fewer Federal mandates.\46\ --------------------------------------------------------------------------- \43\ Id. at 20-21 (testimony of Falkenrath). \44\ Id. at 33 (testimony of Falkenrath). \45\ Id. at 34 (testimony of Falkenrath). \46\ Id. at 34 (testimony of Falkenrath). --------------------------------------------------------------------------- Finally, witnesses discussed the viability of whether the government should require or encourage facilities to use inherently safer technologies to help enhance security. Falkenrath and Flynn said the government should provide facilities with incentives to adopt security measures, including the substitution of a safer chemical for a deadly chemical.\47\ But Falkenrath counseled against authorizing the government to order facilities to switch to a safer chemical.\48\ Stephenson noted that using inherently safer technologies (IST) would require ``extreme investments'' for certain facilities,\49\ and Flynn said ``there is certainly legitimately a call on some Federal resources to help with this problem.'' \50\ --------------------------------------------------------------------------- \47\ Id. at 30-31 (testimony of Falkenrath and Flynn). \48\ Id. at 30 (testimony of Falkenrath). \49\ Id. at 31 (testimony of Stephenson). \50\ Id. at 32 (testimony of Flynn). --------------------------------------------------------------------------- On June 15, 2005, the Committee held the second of four hearings on chemical security. This hearing was entitled, ``Is the Federal Government Doing Enough to Secure Chemical Facilities and Is More Authority Needed?'' This hearing looked directly at the actions and views of the Federal government, specifically DHS and EPA. The Committee heard from two witnesses: Robert B. Stephan, then-Acting Under Secretary for Information Analysis and Infrastructure Protection, U.S. Department of Homeland Security, and Thomas P. Dunne, Deputy Assistant Administrator, Office of Solid Waste and Emergency Response, U.S. Environmental Protection Agency. In December 2003, DHS replaced the EPA as the Federal government's lead agency for chemical security. The Administration's ``National Strategy for Homeland Security'' (July 2002) designated EPA as the lead agency responsible for the security of the chemical sector. Later that year, Congress created the Department of Homeland Security (DHS) and a subsequent White House directive--Homeland Security Presidential Directive 7 (HSPD-7)--designated DHS as the Federal government's lead agency for chemical sector security, in December 2003. In his written testimony, then-Acting Under Secretary Stephan said that ``Secretary Chertoff has concluded that from the regulatory perspective, the existing patchwork of authorities does not permit us to regulate industry effectively,'' and told the Committee that DHS will ``look forward to working with you in the coming weeks on the particulars of proposed legislation.'' \51\ Stephan testified before the Committee that ``it has become clear that the entirely voluntary efforts of these companies alone will not sufficiently address security for the entire chemical sector.'' \52\ In a response to a written question, Dunne wrote, ``EPA has no evidence to support the conclusion that market forces alone are sufficient to ensure adequate safety or security at hazardous chemical facilities * * * Therefore, the Agency believes that Federal safety and security requirements are necessary to ensure high-risk chemical facilities implement appropriate safety and security measures.'' \53\ --------------------------------------------------------------------------- \51\ Id. at 36 (written statement of Robert Stephan). \52\ Id. at 7 (statement of Stephan). \53\ Id. at 63 (response of Dunne to questions for the record). --------------------------------------------------------------------------- Although Stephan and Dunne did not indicate that the Administration would send the Committee a proposal,\54\ Stephan advised that the legislation should adhere to three core principles. First, any Federal regulatory system should recognize that not all facilities present the same level of risk, and that most scrutiny should be focused on those facilities, which if attacked, ``could endanger the greatest number of American lives, have the greatest impact on the American economy, or present other significant risks.'' \55\ Second, chemical security regulations should be based on enforceable performance standards.\56\ Third, there should be a recognition of the progress many responsible companies have made to date in the area of chemical security.\57\ Stephan was unable to offer specifics about the Administration's desired legislative framework, but said that MTSA is a framework worth consideration because ``that particular way of doing business has achieved a certain level of success,'' while noting that ``we have to * * * see if there are any deltas between the MTSA approach and whatever the overall more encompassing approach would be.'' \58\ --------------------------------------------------------------------------- \54\ Id. at 15 (testimony of Stephan and Dunne). \55\ Id. at 5 (testimony of Stephan). \56\ Id. \57\ Id. at 6 (testimony of Stephan). \58\ Id. at 29 (testimony of Stephan). --------------------------------------------------------------------------- Stephan and Dunne agreed that DHS would be the appropriate lead agency for chemical security, consistent with HSPD-7.\59\ In support, Stephan reported on the Department's $13.6 million allocation to state and local governments for Buffer Zone Protection Plans, some of which would be dedicated to helping identify and recommend security measures, and coordinate local law enforcement for the area surrounding a chemical facility.\60\ He also described the 38 Site Assistant Visits that DHS has undertaken at some of the ``highest-consequence'' facilities, and the work of the Coast Guard regulating the security of the approximately 300 chemical sites governed by the MTSA regulations.\61\ He cited the Department's work with the private sector through the Chemical Sector Coordinating Council and the security guidance documents the Department has shared with the private sector.\62\ Finally, Stephan discussed the Department's tool for analyzing risk in the chemical sector and at individual facilities--the Risk Analysis and Management for Critical Asset Protection (RAMCAP).\63\ ``RAMCAP (and other risk methodologies) enables the Office of Infrastructure Protection to compare the risk of critical infrastructure assets within the chemical sector, thereby enabling DHS to prioritize * * * protective efforts and effective use of available resources,'' \64\ Stephan testified. --------------------------------------------------------------------------- \59\ Id. at 37, 58 (testimony of Stephan and Dunne). \60\ Id. at 38 (testimony of Stephan). \61\ Id. at 38-39 (testimony of Stephan). \62\ Id. at 40-41 (testimony of Stephan). \63\ Id. at 42 (testimony of Stephan). \64\ Id. at 51 (testimony of Stephan). --------------------------------------------------------------------------- The Committee also explored what role the EPA should play in chemical security. Dunne testified that the EPA supports DHS by providing information and analytical support as needed, and that the EPA would continue in a supporting role. Dunne added that only one department or agency should be in charge and Stephan agreed. Stephan and Dunne also provided data on the number of chemical facilities deemed to pose the greatest risk to the country. According to Stephan, DHS considers 3,400 facilities to be ``high-risk,'' with 272 facilities in the top tiers.\65\ Stephan said DHS arrived at 3,400 facilities by starting with the EPA's Risk Management Program (RMP) program list of approximately 15,000 facilities and then removing facilities that appeared more than once on the list, facilities that were no longer RMP-applicable, and facilities that DHS believed are under somebody else's regulatory framework.\66\ Responding to a written question, Stephan said that the 3,400 facilities would, if befallen to a catastrophic scenario, ``adversely affect'' at least 1,000 people.\67\ --------------------------------------------------------------------------- \65\ Id. at 10 (testimony of Stephan). \66\ Id. at 26 (testimony of Stephan). \67\ Id. at 50, 52 (testimony of Stephan). --------------------------------------------------------------------------- Notably, Stephan testified that 20 percent of the 3,400 facilities deemed by DHS to be high-risk because they would adversely affect at least 1,000 people are not participating in any kind of measurable voluntary code.\68\ Dunne testified that out of the 15,000 RMP facilities, only about seven to eight percent of them adhere to voluntary codes, amounting to about 2,000 facilities.\69\ Dunne did not say whether those 2,000 facilities represented some part of the high-risk portion of the 15,000 RMP facilities. --------------------------------------------------------------------------- \68\ Id. at 13-14, 53 (testimony of Stephan). \69\ Id. at 27 (testimony of Dunne). --------------------------------------------------------------------------- At the same hearing, the issue of whether local communities were prepared for terrorist attacks on nearby chemical facilities was explored, as a follow up to the April 27, 2005 testimony from Carolyn Merritt of the CSB. Dunne explained that there are 3,900 Local Emergency Planning Committees (LEPCs) established by the Emergency Planning and Community Right-to- Know Act, and that according to a 1999 survey, about 59 to 60 percent of them are active.\70\ ``I am sure we are not well prepared across the board all the time,'' Dunne said.\71\ --------------------------------------------------------------------------- \70\ Id. at 28 (testimony of Dunne). \71\ Id. at 28 (testimony of Dunne). --------------------------------------------------------------------------- On July 13, 2005, the Committee held the third of four hearings on chemical security. The hearing was entitled, ``Chemical Facility Security: What Is the Appropriate Federal Role?'' The first panel featured witnesses from the chemical industry, including Martin J. Durbin, Managing Director, Security and Operations, American Chemistry Council (ACC); Matthew Barmasse, Environmental Health Safety and Quality Director, ISOCHEM, Inc., Synthetic Organic Chemical Manufacturers Association (SOCMA); and Bob Slaughter, President, National Petrochemical and Refiners Association (NPRA). Testifying on the second panel were the Honorable Gerald V. Poje, Former Board Member, U.S. Chemical Safety and Hazard Investigation Board; Glenn Erwin, Project Director, Triangle of Prevention Program, United Steelworkers International Union; and Carol L. Andress, Economic Development Specialist, Environmental Defense. The testimony included views from stakeholders in the chemical sector, including industry, environmental groups, labor, and public advocacy groups. These witnesses discussed the need for mandatory measures to complement industry's voluntary efforts.\72\ --------------------------------------------------------------------------- \72\ Chemical Facility Security: What Is the Appropriate Federal Role?: Hearing Before the Senate Comm. on Homeland Security and Governmental Affairs, 109th Cong. 2 (2005) (statement of Senator Susan M. Collins). --------------------------------------------------------------------------- In his testimony, Marty Durbin, representing the ACC, advocated for chemical security legislation \73\ and the other industry witnesses representing SOCMA and NPRA did not oppose legislation.\74\ Like Stephan, these industry witnesses advocated a risk-based, performance-based approach to chemical security regulation.\75\ Durbin also testified that DHS should have ``the legal authority to police compliance with its standards and to take enforcement action if necessary,'' and to protect information about the security assessments and plans from public disclosure.\76\ Finally, each of the industry witnesses asked that the legislation include Federal preemption authority; Durbin said, ``a national program, not an incomplete patchwork of potentially conflicting State efforts, is necessary.'' \77\ --------------------------------------------------------------------------- \73\ Id. at 8 (testimony of Durbin). \74\ Id. at 15 (testimony of Barmasse); Id. at 17-18 (testimony of Slaughter). \75\ Id. at 10, 15, 17-18 (testimony of Durbin, Barmasse, and Slaughter) \76\ Id. at 11 (testimony of Durbin). \77\ Id. at 11, 15, 18, 25 ((testimony of Durbin, Barmasse, and Slaughter). --------------------------------------------------------------------------- The industry witnesses added to the testimony from Stephan, Stephenson, and Falkenrath at the two previous hearings, saying that Federal legislation should give credit to the investments that certain facilities have already made in the enhancement of their security, similar to the credit given to facilities under MTSA.\78\ Durbin, for example, detailed the ACC's Responsible Care Security Code, which all ACC members must follow. Under the Responsible Care Security Code, facilities must develop vulnerability assessments, using methodologies developed by the Sandia National Laboratories and the Center for Chemical Process Safety; implement security measures to address the vulnerabilities identified in the assessments; and submit to a third-party for an audit.\79\ --------------------------------------------------------------------------- \78\ Id. at 11, 15, 18 (testimony of Durbin, Barmasse, and Slaughter). \79\ Id. at 9 (testimony of Durbin). --------------------------------------------------------------------------- Industry witnesses supported the private sector's development of inherently safer technologies (IST), but expressed concerns about a regulatory framework that would authorize the government to review, approve, or disapprove a facility's decision of whether or not to use IST.\80\ First, industry witnesses pointed out that some facilities are using IST on their own (while acknowledging that many are not).\81\ Second, industry witnesses argue that, in some instances, using IST trades one risk against the potential of another--for example, reducing hazardous chemicals at a facility could mean their transfer to another location, thereby shifting the risk to that other location.\82\ Third, industry witnesses warned about the complexity of chemical industry processes and the absence of a ``standard process,'' thereby precluding the possibility of a one-size-fits-all prescription for IST.\83\ Fourth, some said DHS lacks the expertise to understand how to regulate chemical processes.\84\ Fifth, industry witnesses echoed Stephan's testimony at the June 15, 2005 hearing that the adoption of IST could require massive capital expenditures for certain facilities, particularly manufacturing facilities. --------------------------------------------------------------------------- \80\ Id. at 11-12, 14-15, 23-24 (testimony of Durbin, Slaughter, and Barmasse). \81\ Id. at 11 (testimony of Durbin, Barmasse, and Slaughter). \82\ Id. at 11, 14 (testimony of Durbin, Barmasse). \83\ Id. at 12 (testimony of Durbin). \84\ Id. at 27 (testimony of Barmasse). --------------------------------------------------------------------------- The industry witnesses on the first panel praised MTSA as a successful model on which chemical security regulation could be based. One industry witness, Slaughter of NPRA, asked that the legislation be modeled on MTSA because of its performance-based standards, its emphasis on self-assessments, its enforcement mechanisms, and the NPRA membership's praise of their relationship with the Coast Guard.\85\ When asked if he would support giving the Department similar shut-down authority already granted to the Coast Guard under MTSA, Mr. Slaughter responded that ``obviously, any regulatory entity * * * has got to have ultimate authority to enforce its requirements.'' \86\ --------------------------------------------------------------------------- \85\ Id. at 17-19 (testimony of Slaughter). \86\ Id. at 24 (testimony of Slaughter). --------------------------------------------------------------------------- Witnesses on the second panel stressed the need for examining safer processes and chemicals as an integral part of chemical site security, as well as the importance of strong emergency response capabilities. Poje testified that chemical facilities in the United States have many safety and security deficiencies that could jeopardize large populations living nearby. Poje stressed the interconnection between safety and security, saying ``I urge the Committee to see the development and maintenance of competent management systems for safety as essential underpinnings to enhanced security.'' \87\ Poje said that an effective security program at DHS must: include coordination with other agencies that regulate aspects of the chemical sector; require sound ``management systems'' for security; and include strong planning and training for emergency response.\88\ --------------------------------------------------------------------------- \87\ Id. at 32 (testimony of Poje). \88\ Id. at 32-33 (testimony of Poje). --------------------------------------------------------------------------- Andress testified that numerous water and wastewater facilities and refineries have already dramatically reduced their risk of a catastrophic accident or terrorist attack by switching to safer chemicals and processes.\89\ Andress said that because other similarly situated facilities have failed to make such changes, effective chemical security legislation should require these options where feasible.\90\ Erwin also advocated substituting less toxic materials where possible to reduce the potential risk to human life or storing smaller volumes of these chemicals, and said a mandatory review of such options should be part of a chemical security program. Erwin called for Federal funding to research and promote such inherently safer systems, as well as for training employees and first responders about safety and security issues.\91\ --------------------------------------------------------------------------- \89\ Id. at 37-38 (testimony of Andress). \90\ Id. at 38 (testimony of Andress). \91\ Id. at 149 (written statement of Erwin) --------------------------------------------------------------------------- Erwin warned that chemical and petrochemical facilities pose a likely target because it is ``too easy'' to gain access to the facilities, and the potential economic disruption of an attack is so great.\92\ Erwin's testimony drew on his experience working in the industry, and on the results of a 2004 employee survey at 125 facilities using hazardous chemicals. The survey found that security and safety measures at the facilities were dangerously lacking.\93\ Erwin called for greater perimeter security for chemical facilities as well as more careful access to hazardous areas within the plant. --------------------------------------------------------------------------- \92\ Id. at 33 (testimony of Erwin). \93\ ``PACE International Union Survey: Workplace Incident Prevention and Response Since 9/11'', October 2004, by Paper, Allied- Industrial, Chemical and Energy Workers International Union (PACE). --------------------------------------------------------------------------- Andress also called for requirements that facilities involve workers and first responders in security planning and bolster emergency planning efforts.\94\ She testified that Congress should direct DHS to develop rules to prohibit the siting of new high risk chemical facilities in densely populated areas.\95\ --------------------------------------------------------------------------- \94\ Chemical Facility Security: What Is the Appropriate Federal Role?: Hearing Before the Senate Comm. on Homeland Security and Governmental Affairs, 109th Cong. 2 (2005) (written testimony of Andress). \95\ Id. --------------------------------------------------------------------------- On July 27, 2005, the Committee held the fourth in its series of hearings. The hearing, ``Chemical Facility Security: What is the Appropriate Federal Role? (Part II)'' included a two-fold theme. First, the hearing was a continuation of the July 13 hearing, which focused on the views of various stakeholders in the chemical sector and their opinions on the need for Federal legislation and what that legislation should look like. Second, this hearing explored in more detail some of the issues that have been raised at the previous three hearings. This hearing included testimony from the Coast Guard on its implementation of MTSA as well as testimony from three company security chiefs, representing three different segments of the chemical sector. The first panel consisted of Rear Admiral Craig Bone, the Director of Port Security in the Maritime Safety, Security and Environment Protection Directorate at the U.S. Coast Guard Headquarters. The second panel consisted of Beth Turner, Director of Global Operations Security at DuPont; Jim Schellhorn, Director of Environmental, Health and Safety at Terra Industries, Inc., who also represented The Fertilizer Institute; John Chamberlain, Corporate Security Manager, Asset Protection for Shell, who also represented the American Petroleum Institute, and; Chief Robert Full, Fire Marshall and EMA Coordinator for the Allegheny County Department of Emergency Services in Pennsylvania. Previous hearing testimony from stakeholders and representatives of the Department of Homeland Security indicated that the framework under MTSA would be a good model in drafting a chemical security bill. During this hearing, Beth Turner of DuPont testified that the MTSA has proven ``to be a very effective security regulation'' and recommended it as a ``model for regulating the highest priority facilities.'' \96\ Admiral Bone's testimony focused on the Coast Guard's role in securing chemical facilities on the waterways of the United States under the Maritime Transportation Security Act (MTSA). Adm. Bone testified that approximately 300 chemical facilities had facility security plans reviewed and approved under MTSA.\97\ The Coast Guard also approved an alternative security program for the American Chemistry Council, and approximately 50 chemical facility operators had chosen to use the American Chemistry Council's alternative security program.\98\ --------------------------------------------------------------------------- \96\ Id. at 66 (testimony of Turner). \97\ Id. at 53 (testimony of Bone). \98\ Id. at 53 (testimony of Bone). --------------------------------------------------------------------------- Admiral Bone testified that since July 1, 2004, the Coast Guard had taken ``control actions,'' which included restrictions and suspension of operations against 45 facilities.\99\ The Coast Guard exercised its shut-down authority in 32 of those cases, and of these facilities, 3 were chemical facilities.\100\ Adm. Bone believed that it is important to give DHS shut-down authority because if one has a significant violation of security, such as access--illegal access or breach of the facility--then the security is compromised, as is the well-being of the public.\101\ He described the area maritime security committees, led by the local Coast Guard captain of the port, which have identified their port's specific vulnerabilities and created a plan to address those vulnerabilities (area security plan). These area plans focus on critical port operations and infrastructure, including the chemical facilities regulated under MTSA, as well as other facilities located in close proximity to navigable waterways. --------------------------------------------------------------------------- \99\ Id. at 53 (testimony of Bone). \100\ Id. at 56 (testimony of Bone). \101\ Id. at 56 (testimony of Bone). --------------------------------------------------------------------------- In discussing lessons learned from implementing MTSA that would be helpful in crafting a chemical security regime, Adm. Bone emphasized that in creating regulations, the regulator must engage with the industry component that will be regulated, and this relationship must continue as the process moves forward, because the industry has expertise that the regulator could utilize.\102\ Bone also testified that there has to be compliance and a mandated set of requirements. He also emphasized that the plans must be exercised and include not just the people in the facilities, but the emergency response component as well. In fact, Adm. Bone testified that it would be a ``big mistake'' if the emergency responders were not included in the drills and exercises.\103\ --------------------------------------------------------------------------- \102\ Id. at 57-58 (testimony of Bone). \103\ Id. at 58 (testimony of Bone). --------------------------------------------------------------------------- Turner and Schellhorn testified that DuPont and the Fertilizer Institute respectively support chemical security legislation that incorporates several elements, including giving DHS the regulatory authority that is risk-based, flexible, focused on security and uses MTSA as a model.\104\ Turner and Schellhorn agreed that legislation should recognize the voluntary security efforts and investments already made to date by industry.\105\ They also favored a tiered approach to security regulations.\106\ In determining what facilities should be covered by Federal regulation, Turner noted that the ability to create an off-site consequence is a ``very important discriminator.'' Schellhorn also urged that Federal legislation preempt any State or local government's laws on the subject.\107\ --------------------------------------------------------------------------- \104\ Id. at 66, 69 (testimony of Turner and Schellhorn). \105\ Id. at 66, 69-70 (testimony of Turner and Schellhorn). \106\ Id. at 66, 69-70 (testimony of Turner and Schellhorn). \107\ Id. at 70 (testimony of Schellhorn). --------------------------------------------------------------------------- Turner testified that inherently safer technology (IST) ``has an important role to play in security,'' but she said it is a safety matter, not a security issue, and therefore should not be mandated in a chemical security context.\108\ Schellhorn testified that ``IST is not a security measure,'' but rather a safety concept that he feared ``could lead to the ban or restricted use of basic nitrogen fertilizers.'' \109\ Chamberlain testified that he is ``strongly oppose[d] to any environmental mandates for inherently safer technology pursued under the guise of security.'' \110\ --------------------------------------------------------------------------- \108\ Id. at 66 (testimony of Turner). \109\ Id. at 69 (testimony of Schellhorn). \110\ Id. at 72 (testimony of Chamberlain). --------------------------------------------------------------------------- John Chamberlain of Shell Oil Company testified that a large number of security personnel in the oil and gas industry have the security clearances necessary for classified briefings with the Federal intelligence community.\111\ Chamberlain also emphasized the importance of information protection in any security legislation; in addition to a FOIA exemption, he would want any security information required under a Federal chemical security law to be exempt from civil discovery.\112\ Moreover, he would like MTSA-covered facilities to be exempt from any Federal chemical security law.\113\ --------------------------------------------------------------------------- \111\ Id. at 71 (testimony of Chamberlain). \112\ Id. at 73 (testimony of Chamberlain). \113\ Id. at 73 (testimony of Chamberlain). --------------------------------------------------------------------------- Chief Full testified that he supports Federal chemical security legislation. As a critical component of this legislation, he emphasized the need for strong emergency planning and relationships between the chemical facilities and their local first responders. Good emergency planning can help to minimize the consequences of any terrorist event or natural disaster. He noted that ``it's not the time or place to exchange business cards during the time of an emergency.'' \114\ He also discussed the need to improve intelligence sharing between the Federal government with State and locals, though he noted information sharing has improved since 9/11, but it still has ``a long way to go.'' \115\ --------------------------------------------------------------------------- \114\ Id. at 75 (testimony of Full). \115\ Id. at 76 (testimony of Full). --------------------------------------------------------------------------- These hearings culminated in Chairman Collins' and Ranking Member Lieberman's December 19, 2005 introduction of the Chemical Facility Anti-Terrorism Act of 2005. III. DISCUSSION OF LEGISLATION Department of Homeland Security authority/responsibility The Chemical Facility Anti-Terrorism Act of 2006 authorizes the Department of Homeland Security (DHS) to create a comprehensive chemical facility security program. The President, through Homeland Security Presidential Directive 7, has designated DHS as the lead agency for security of the chemical sector, and this legislation recognizes that vital role by directing and empowering the Department to create meaningful security requirements for facilities that use or store significant amounts of dangerous chemicals. This security program will replace an existing patchwork of voluntary and regulatory efforts with a national program that will establish meaningful security requirements for all chemical facilities that pose a significant homeland security risk. At the same time, the legislation seeks to recognize existing security efforts at some facilities by establishing flexible requirements that will allow facilities to build on security planning and measures already in place. The bill stresses a flexible and risk-based approach to chemical site security, focusing on those facilities that present the greatest risk and allowing those facilities to determine the most efficient and effective way to achieve the security performance standards established by the Department. DHS is empowered to require that facilities achieve the security performance standards that it sets. Risk-based The Committee designed this bill to account for the diversity of the chemical sector, rather than imposing a one- size-fits-all solution. The Committee recognizes the incredible diversity of the chemical sector, which includes chemical manufacturers, distributors, oil and petrochemical and agricultural companies, and both large and small businesses. There are tens of thousands of chemical facilities nationwide, but not all pose a high risk to a terrorist attack. Facilities located in a rural area with small quantities of non-toxic chemicals are unlikely to pose the same risk as a major toxic- by-inhalation chemical manufacturer, for example, located inside a major metropolitan area, or a chemical facility that is a critical supplier to the regional or national economy or national security. The Committee believes that a risk-based approach to security is the most effective means to regulate the security of chemical facilities across the Nation. The Committee heard testimony during all four of its chemical security hearings that established a strong record of support for a risk-based approach, from security experts, the Administration, and stakeholders. Therefore, not all facilities that use or store chemicals will be subject to security requirements under this bill. Rather, under Section 3, the Department must establish criteria to determine which facilities pose a significant risk from a terrorist attack to warrant being included in the program. The bill directs the Secretary to ``consider'' those facilities that are required to complete a Risk Management Plan (RMP) under section 112(r)(2) of the Clean Air Act. The bill uses the list of RMP facilities as the best available initial starting point for possible chemical sources. The Committee does not anticipate that the Secretary will designate as chemical sources every RMP facility. The Secretary is directed to apply risk factors outlined in Section 3(b) to produce a list of regulated facilities. Those risk factors include: the perceived threat to a facility; the extent and likelihood of potential deaths or harm to humans or the environment; and the potential impact on national security, critical infrastructure or the economy. Further, those facilities that will face regulation under this bill will be grouped into tiers based on the severity of risk they present (Section 3(e)). The Secretary is expected to focus the regulatory program under this bill on high priority sites; in example, those that would be most attractive to potential terrorists due to the potentially high consequences of a successful terrorist attack. The bill requires security measures at a given facility to be proportional to the threat and consequence of a potential terrorist attack at that facility. The greater the threat or consequence of a potential terrorist attack, the greater the security measures required to protect against such an attack or mitigate the consequences if there is an attack. Performance-based The bill also recognizes the diversity of chemical facilities by requiring DHS to develop performance-based standards for chemical site security (Section 3(f)). Facilities can choose the most economical and effective means of addressing the threat and consequence of a terrorist attack on their particular facility. Different means of mitigating the risk of a terrorist attack or the consequences of a terrorist attack are placed on a level playing field as long as they achieve the standards established by DHS. If DHS determines that a chemical facility has not met the performance standard, DHS can order compliance or, ultimately, order the closure of the facility until it is in compliance. By requiring performance standards, the Committee seeks to recognize that chemical facilities have the most information about their operations and should have the first opportunity to design appropriate, efficient and effective security measures. According to the National Strategy for Homeland Security (July 2002), ``[i]n many cases private firms, not the government, possess the technical expertise and means to protect the infrastructure they control.'' \116\ --------------------------------------------------------------------------- \116\ National Strategy for Homeland Security, The Office of Homeland Security, July 2002, at 33. --------------------------------------------------------------------------- Vulnerability assessments and site security plans Section 4 lays out the core requirements of the chemical security program, specifically the requirement for facilities to conduct vulnerability assessments and to develop and implement security and emergency response plans that respond to those assessments. The Secretary would have one year from enactment of the bill to develop regulations requiring chemical facilities to conduct vulnerability assessments; prepare and implement a site security plan that addresses the risk identified in the vulnerability assessment; and prepare or update and implement an emergency response plan to reflect planning for a terrorist attack. The Secretary must develop or endorse a rigorous methodology for vulnerability assessments, to ensure that facilities consider the proper issues as they analyze their security needs. The bill specifies that vulnerability assessments must address the relevant performance standards and the sufficiency of security measures relative to the threat and consequences of a possible terrorist incident (Section 4(a)(5)). Section 4(a)(6) details the requirements for security plans under the chemical security program. The plans would need to include security measures that address the vulnerabilities identified in the facility's vulnerability assessment, and meet the appropriate performance standards for that facility as determined by the tier to which the facility has been assigned pursuant to Section 3(e). As specified in Section 2(11), a ``security measure'' can be any of an array of possible means to improve the security of a chemical facility, including increased control of the facility perimeter, personnel-related measures such as training and background checks, or enhanced cybersecurity. A security measure might also include ``the modification, processing, substitution, or reduction of substances of concern'' as indicated in Section 2(11)(B)(vii)(III). These terms, which are considered to be elements of the concept of inherently safer technology (IST), are not included in the bill to provide the Secretary with the power to require a facility to implement IST. The list of possible security measures under Section 2(11) is permissive, not mandatory, and is not meant to exclude any other measures that would help enable an owner or operator to meet the designated security performance standards for that facility. Section 4(a)(6) simply directs that the security plan include security measures that ``in combination'' satisfy the appropriate performance standards and other required elements. During Committee markup, the Committee adopted an amendment clarifying this principle; Section 4(c)(2) specifies that the Secretary may not disapprove a site security plan due to the presence or absence of any particular security measure so long as the plan satisfies the applicable security performance standards. Moreover, during markup, the Committee also rejected an amendment that would have given the Secretary the power to require high risk facilities to implement IST. The Committee does not believe that this provision or the bill in general gives DHS the authority to require IST. Emergency response plans The Committee believes that it is imperative to incorporate the concept of emergency response planning in any chemical security regime. During the Committee's four chemical security hearings, witnesses highlighted the importance of emergency preparedness in dealing with a chemical release as well as weaknesses in the current state of preparedness of many facilities and communities. In particular, Carolyn Merritt, Chairman of the U.S. Chemical Safety and Hazard Investigation Board (CSB), and Gerald Poje, a former member of the CSB, were critical of chemical plant preparedness across the country. Both Merritt and Poje emphasized in their testimony that effective emergency response planning and capabilities can mitigate the consequences of a terrorist attack on a chemical facility. In addition, the events of Hurricane Katrina demonstrated that the lack of effective emergency planning further exacerbates the consequences of a catastrophic event. The Committee acknowledges that many chemical facilities nationwide already have created emergency response plans pursuant to other Federal, State or local requirements, and it is not interested in duplicating efforts. Rather, the Committee intends this provision to build on and bolster existing emergency response plans such that they address the consequences of an intentional attack, such as a terrorism event, in addition to accidental releases. The Committee intends this provision to contribute to the chemical sector's all hazards preparedness planning, as opposed to planning purely for an accidental release or for a terrorist attack scenario. Where a chemical facility already has an existing emergency response plan, the bill requires it to update the existing plan by adding a security addendum which addresses a terrorist attack scenario. The bill further requires that emergency response plans specifically address the consequences of a terrorist attack identified in the vulnerability assessment and consistent with the facility's site security plan. The bill also requires that the emergency response plan identify the roles and responsibilities of employees at the chemical source. There is precedent for the revision and update of existing emergency response plans in post-9/11 security statutes. For example, the Bioterrorism Act included a provision that requires community water systems to ``prepare or revise, where necessary, an emergency response plan.'' A security regime should encourage both preparedness and response, and the emergency response provision in this bill will encourage chemical facilities to work with their local communities to ensure that if a terrorist attack occurs, the community will be prepared. Sharing of threat information The Secretary is required to provide State and local government officials and owners or operators of chemical sources with threat information that is relevant to the chemical sector in general, and to provide threat information relevant to a particular chemical source to relevant State and local government officials and the owner or operator of that particular source. The Secretary must share relevant information to the maximum extent permitted under other applicable laws and in the interests of national security. The Committee recognizes that information sharing in an appropriate manner, as noted in the legislation, is an important aspect of effective homeland security preparedness. MTSA-regulated chemical facilities Currently the MTSA regulates approximately 300 chemical facilities in the Nation. The Committee did not exempt MTSA- regulated chemical facilities from this bill because it believes that some of the highest risk chemical facilities nationwide are located in ports and should meet the security performance standards for their applicable tier, should they, in fact, be covered by this bill. In constructing a comprehensive and cohesive Federal chemical security regime, the Committee believes that MTSA-regulated chemical facilities should be subject to the security performance standards and other requirements of this bill. At the same time, the Committee also recognizes that MTSA-regulated chemical facilities have invested in security and are currently complying with a Federal statute, while many other high risk chemical facilities that are not complying with any Federal security law. The Committee does not want to duplicate efforts. The Committee included a provision directing that the Secretary must implement this bill in as consistent and integrated a manner as possible with MTSA. The Secretary must also ensure coordination between the Undersecretaryfor Preparedness and the Coast Guard Commandant in carrying out this bill for chemical sources that are also MTSA-regulated facilities. Under the bill, if a chemical facility owner or operator reviews the security performance standards and determines that he is already in compliance, based on his MTSA facility security plan, then the owner or operator is not required to implement additional security. The owners and operators of these facilities must review their own vulnerability assessment, security plan and emergency response plan prepared pursuant to MTSA and make any modifications necessary to comply with the security performance standards established for the tier in which it was placed under this Act. Depending on the tier an MTSA-regulated chemical facility is in, it may already have sufficient security to address the security performance standards set by DHS. The assessment and plans, with any appropriate modifications, must be submitted to the appropriate Federal Maritime Security Coordinator and the Secretary for approval within 6 months after issuance of the regulations. Owners and operators of these facilities must also certify in writing to the Federal Maritime Security Coordinator for their area that the assessment and plans are in compliance with the security performance standards for their tier. Voluntary activities and investments in security by chemical facilities The Committee recognizes the efforts and investments in security that some companies have made voluntarily over the last few years. This was one of the issues raised in testimony at the July 13 and July 27, 2005 hearings from companies and industry associations representing different aspects of the chemical sector, including chemical manufacturing, small chemical manufacturers, agriculture, and oil and petrochemical. The Committee included an alternative security programs provision (Section 4(f)) specifically to take account of the voluntary efforts already taken by chemical companies. The Committee did not want chemical companies to duplicate work already done and investments in security already made in creating vulnerability assessments, site security plans, and emergency response plans, for example. Under Section 4(f), the Secretary may consider petitions to approve alternative security programs. A person may submit a petition to the Secretary to have him consider alternative standards established by Federal, State, or local government authorities, or industry for determination whether assessments and plans prepared for the alternative program meet the requirements of this bill. If an alternate program meets the requirements, the assessments and plans may be submitted by a covered facility without further revision. If the Secretary determines that the assessments and plans under the alternate program do not meet the requirements of this legislation, he may specify necessary modifications. If an alternative security program is approved by the Secretary, each facility covered by that program must submit its assessments and plans to the Secretary, for review in accordance with the security performance standards for the pertinent tier. Each facility submission must be individually approved or disapproved. This provision reflects the Committee's desire that chemical facilities not be forced to duplicate significant work already done and security investments already made in creating vulnerability assessments, site security plans, and emergency response plans. However, the Committee feels strongly that the purpose of this bill is to create a strong, uniform Federalstandard for regulating the security of chemical facilities, so that all existing assessments and plans must meet its requirements to be approved by the Secretary. DHS review In Section 4(c), the Secretary is required to review the assessment and plans to determine whether the submitted assessments and plans, and the implementation of such plans comply with the bill. If compliance is determined, then the Secretary would issue an approval notice; if non-compliance is determined, the Secretary would issue a disapproval notice. During Committee markup, an amendment was accepted that directs that the Secretary may not disapprove a site security plan because it either includes or excludes a specific security measure (Section 4(c)(2)). The amendment was intended to reiterate the performance-based, flexible construct of the bill and exclude prescriptive requirements. The Secretary must provide written notice to the owner or operator of the chemical source regarding the determination of approval or disapproval. For disapprovals, the Secretary must provide the owner or operator, in writing, a clear explanation of deficiencies and consult with them to identify appropriate steps to achieve compliance and provide additional time for the facility to come into compliance. If the owner or operator does not achieve compliance, the Secretary must issue an order requiring the owner or operator to correct the specified deficiencies. If the owner or operator continues to be in noncompliance, the Secretary may issue an order for the chemical source to cease operation. Hearing testimony from industry witnesses as well as Coast Guard Adm. Bone indicated that the Coast Guard possesses similar shut-down authority under MTSA. The Committee provided the Secretary with greater authority in dealing with higher risk tier facilities. For these facilities, the Secretary may issue an order to cease operation to a chemical source owner or operator as soon as the determination is made that the vulnerability assessment, site security plan, or emergency response plan is disapproved or determines that implementation does not comply with this Section. The Secretary is not required to provide additional time for compliance as noted for all other tiers. The Secretary is required to make the approval or disapproval determination within 5 years after the date of submission of the assessment and plans. For higher risk tier facilities, the Secretary must make the approval or disapproval determination within 1 year after the date of submission of the assessment and plans. The Secretary may conduct subsequent reviews and determinations of compliance on a schedule that he determines. Higher risk tier facilities must be given priority for review. Inspections and audits The Committee believes that requiring vulnerability assessments, site security plans and emergency response plans, and the implementation of such plans is not enough to ensure adequate security for the Nation's high risk chemical facilities. The Committee included a section in the bill (Section 5) requiring the Department to conduct audits and inspections of covered chemical facilities to ensure compliance with the bill. Each chemical source must maintain a current copy of the vulnerability assessment, site security plan and emergency response plan onsite for 5 years after date of the approval determination. The Secretary is given the authority for a right of entry to chemical sources and any premises on which any record required to be maintained is located. The Secretary is directed to conduct, or require the conduct of, audits and inspections. The Secretary is given the discretion of determining the times and places of the audits and inspections, and he may establish the requirements of this section of the bill by rule, regulation, or order. The audits and inspections under this section are intended to determine whether a chemical source is in compliance with the bill. The Committee believes that higher risk facilities should be given priority for inspection and audits, and therefore the requirements for these facilities under this section are more stringent. The Secretary is directed to inspect or audit higher risk tier facilities at least once per year. The Committee also felt strongly that higher risk tier chemical sources that are also MTSA-regulated facilities should have a seamless audit and inspection regime. Therefore, the bill includes a provision that allows an MTSA audit or inspection to qualify as an audit or inspection under the bill's annual requirement. While the Committee wants the Department to focus its efforts and resources on the highest risk facilities, it did not want to unduly tie the hands of the Secretary in establishing an effective audit and inspection regime. Therefore, pursuant to an amendment adopted at Committee markup, if a higher risk tier facility has been found in compliance with this Act based upon 5 consecutive years of audits or inspections, the Secretary may exempt a chemical source from this annual requirement. The bill gives the Secretary the discretion to exempt a facility from the annual requirement, but the Secretary is not required to issue such exemption. If the Secretary exempts a higher risk tier facility from this annual requirement, such facility must be audited or an unannounced inspection must occur at least once per every 5 years after the exemption determination. The Secretary may require the submission of or access to and copy any records or information, including the assessment and plans and any other documentation necessary for the review and analysis of such assessment and plans and the implementation of a security plan. If the Secretary determines that an owner or operator is not maintaining, producing, or permitting access to records or to the premises of the chemical source as required by this section, the Secretary may issue an order requiring compliance. Infrastructure and implementation The Committee felt strongly that an effective chemical security regulatory regime, which would both help prevent future attacks and provide effective response capabilities should an attack occur, needed a robust infrastructure and implementation structure. The bill included such an architecture in Section 6, entitled ``Infrastructure and Implementation.'' The intent of Section 6 was to address effectively both the prevention and response capabilities simultaneously. As noted in the ``Emergency Response Plan'' subsection of this report, the Committee believes that a chemical security regime must contain both the prevention and the response capabilities. An effective response to a terrorist attack can mitigate the consequences and save lives. The Committee modeled Section 6 of this bill on MTSA to include its regulatory implementation structure for prevention and response. In turn, Committee discussions with the Coast Guard and others regarding MTSA described a regulatory implementation regime based directly upon the successful implementation of the Oil Pollution Act of 1990 (OPA-90) (PL 101-380). It is the intent of the Committee that the Department should align its efforts with those of MTSA and the implementation efforts previously proven successful by the Coast Guard. The Committee intends for the Department to use MTSA as a model for this section and avoid developing an inconsistent security regime with one already covering some chemical facilities. The bill directs the Department to establish a national office to provide strategic and consistent doctrine for a unified and effective Federal effort for security and response. This national level office will work collaboratively to coordinate with other Federal, State and local government agencies and departments, law enforcement agencies and first responders, and chemical sources to provide the leadership, guidance, oversight, and adequate resources to protect the Nation's chemical facilities. The national office will have the responsibility of directly supervising Infrastructure Protection Regional Security Offices, designating areas within the regions, supporting the Area Security Committees when requested or needed, and assigning adequate and well-qualified staff to include the Federal Area Security Coordinator. The national office will also be responsible for approving both individual chemical source assessments and plans and area security plans, planning and conducting national-level exercises, issuing any reports required by this bill, and ensuring the prevention, preparedness, response, and recovery capabilities for the chemical sources. The national office will further delineate and assign functions and responsibilities to the regional and area offices as appropriate to achieve the intent of this bill. In order to implement an effective chemical critical infrastructure protection and response regime, the Committee believes that the Department needs to design and implement a regional operational structure. It is important for the Department to establish relationships with regional and local government agencies, first responders, and the chemical source owners and operators in order to provide for effective critical infrastructure protection and implement this bill effectively. Moreover, this regional structure for the chemical sector could ultimately provide the architecture for overseeing preparedness and protection for other critical infrastructure sectors. The bill directs the Department to establish Infrastructure Protection Regional Security Offices in each region of the Federal Emergency Management Agency (FEMA) Region, or the regional office of any successor agency with responsibility for emergency management, preparedness, and response. The purpose of these regional offices is to carry out this bill and coordinate regional chemical site security, as described by this section of the bill. Regional Offices will have the responsibility of reviewing and approving each Area Security Plan developed by each Area Security Committee within its region, ensuring consistent implementation of this bill across the region, providing direct supervision and support to each Federal Area Security Coordinator in the region, providing regional coordination between states and Areas (including Areas designated under MTSA), and planning and conducting regional level exercises. In addition, the regional offices of this bill shall coordinate and integrate their activities to the maximum extent possible with all other activities assigned to the FEMAregional offices in an effort to provide the maximum level of prevention, preparedness, response, and recovery capabilities possible for the region. The bill directs the Department to designate ``Areas,'' which will be overseen by an Area Security Committee, which will be comprised of security and response personnel from State and local government agencies, chemical sources, local emergency planning and response entities, other critical infrastructure sectors and other appropriate organizations. The Committee intends the Area Security Committee to coordinate with Federal, State and local officials and chemical sources to enhance security and emergency response planning. The Area Security Committee will be led by a designated Federal Area Security Coordinator (FASC). The Areas designated by the Secretary through the national office will cover all of the territory of the United States except for the Areas already designated by MTSA. The FASC will lead an Area Security Committee made up of members appointed by the Secretary through the national office of relevant Federal, State, local, and other stakeholders. The FASC and Area Security Committee will be responsible for preparing an Area Security Plan with the relevant stakeholders in each area based upon an area vulnerability assessment and review of each individual chemical source's security and response plan, planning and conducting area level and individual chemical source exercises, and coordinating with Federal, State, and local enforcement and response agencies to provide the maximum level of prevention, preparedness, response, and recovery capabilities possible for the area. The FASC is also responsible for conducting individual regulatory inspections and audits of chemical sources in compliance with the regulations promulgated by the Secretary. The Area Security Plans developed by the FASC and Area Committee will be aligned the National Response Plan, the National Infrastructure Protection Plan, and any other appropriate national security and response plans. The Area Security Plan will also address the responsibilities and resources available to prevent, prepare for, respond to, and recover from a terrorist release from a chemical source within the geographically defined Area. Heightened threat authorities of the Secretary The Committee believes that the Secretary should have the authority to require greater security at chemical sources during times of heightened threat of terrorist attack. Section 7 of the bill, ``Heightened Security Measures,'' is intended to address these situations, such as when the Federal government has intelligence about threats to the chemical sector or a threat assessment. In the event of such a situation, the Secretary may issue an order to the owner or operator of a chemical source to implement increased security measures, as pre-identified in the facility's site security plan. The bill requires a chemical source to include a provision in its site security plan detailing what additional security measures it would implement in situations of heightened threat (Section 4(a)(6)(C)(iii)). If the Secretary issues an order pursuant to this section of the bill, the chemical source must implement the security measures pursuant to its site security plan. The Secretary does not have the authority to prescribe specific security measures pursuant to this section, nor does the Secretary have the authority to require that these heightened security measures remain in place indefinitely. This section limits the effect of an order for heightened security measures to 90 days, unless the Secretary files an action in Federal district court to extend the order. Enforcement authority and penalties Section 8 provides for administrative, civil and criminal penalties for owners or operators of a chemical source who do not comply with orders or directives issued by the Secretary pursuant to this bill. This section provides for administrative penalties of not more than $25,000 per day and not more than a maximum of $1,000,000 for each year for failure to comply with an order or directive issued by the Secretary. This section also provides for a notice and hearing on the proposed penalty. This section also provides for civil penalties against the owner or operator of a chemical source that violates or fails to comply with an order or directive issued by the Secretary under this bill or a site security plan approved by the Secretary under this bill. These cases may be brought in a United States district court. A court may issue an order for injunctive relief or may award a civil penalty of not more than $50,000 for each day on which a violation occurs or a failure to comply continues. This section also permits criminal penalties to be brought against an owner or operator who knowingly and willfully violates any order issued by the Secretary under this bill or knowingly and willfully fails to comply with a site security plan approved by the Secretary under this bill. A court may fine an owner or operator not more than $50,000 for each day of such violation or imprison him for not more than 2 years or both. Protection of information The new regulatory scheme proposed under the bill requires the Secretary to keep information defined as ``protected information'' secure and exempts such information from the public-disclosure requirements of the Freedom of Information Act (FOIA) or any State or local law providing for public access to information. The specific legislative language employed is that the Department and State and local agencies shall not be required under FOIA and State and local sunshine laws to make available to the public protected information. (The Maritime Transportation Security Act (MTSA), enacted in 2002, employs similar language regarding Sensitive Security Information (SSI) obtained by the Department for purposes of MTSA, stating that, ``[n]otwithstanding any other provision of law, information developed under this chapter is not required to be disclosed to the public.'') Under the bill, protected information includes vulnerability assessments, site security plans, area security plans, and security addenda to emergency response plans, as well as certain other materials derived from them that would be harmful to security if disclosed. Also, the Secretary is required to establish confidentiality protocols that ensure records are maintained securely and that access is appropriately limited. These provisions together mandate that the Department and other agencies will maintain the secrecy and integrity of protected information. The bill provides guidance with respect to the handling of certifications of compliance and orders, directing that, generally, certifications and orders are not made available to the public, except where the Secretary makes a specific finding that releasing certifications of compliance from a chemical source to the Department or compliance certifications from the Department to a chemical source will not increase risk to a chemical source. The bill, while fostering an atmosphere of appropriate information sharing between the Department and State and local law enforcement, first responders and other officials, still contemplates protocols based on a need to know standard. The bill also provides that nothing in the bill will limit legally established whistleblower rights. The bill mandates that the protocols must provide guidance to Federal employees as to how to make protected disclosures without compromising security. This reflects that the integrity of protected information must be maintained without infringing upon whistleblower protections afforded for proper public interest disclosures nor a Federal employee's right to petition Congress. The bill also requires the Department to establish a process by which a person may submit a report to the Secretary regarding problems or vulnerabilities at a chemical source. To encourage such reporting, the bill requires the Secretary to keep the identity of any person submitting such a report confidential and forbids an employer from discharging or otherwise discriminating against an employee for making a report. The bill also provides for penalties with respect to any government employee who, in a manner not permitted by law, ``knowingly discloses'' any record containing protected information. Preemption of State and other laws Section 10(a) states that nothing in this bill precludes States or localities from adopting or enforcing chemical security requirements that are more stringent than the standard under this bill, unless there is an ``actual conflict'' between a provision of this bill and the law of a State or locality. Section 10(b) preserves the authority of states to regulate chemical facilities for purposes of environment, health, safety, or any other permissible purpose other than the security of chemical sources from acts of terrorism. National strategy for chemical security Section 11 requires the Department to issue an updated national strategy for chemical security. This section requires the Department to submit to the Senate Homeland Security and Governmental Affairs Committee and the Homeland Security Committee and the Energy and Commerce Committee of the House of Representatives an update of its ``National Strategy for Securing the Chemical Sector.'' This document was originally required to be submitted to the House and Senate Committees on Appropriations, pursuant to a requirement in the Conference Committee Report on the Fiscal Year 2006 Homeland Security Appropriations Bill (Report 109-241). The conferees directed the Department to complete a national security strategy for the chemical sector by February 10, 2006. The report was submitted to the House and Senate Appropriations Committees in May 2006. As the terrorist threat continues to evolve, the Committee feels strongly that the Department must continue to plan for an implement a holistic, coordinated approach to chemical security and should update its National Strategy accordingly. Judicial review This provision establishes the process of judicial review of regulations and orders under the bill and was added to the bill by amendment during Committee markup. The regulations under this Act may be challenged by any person in the U.S. Court of Appeals for the District of Columbia within 60 days after the date of promulgation. Further, an owner or operator of a chemical source may seek judicial review of a final agency action or order that affects the chemical source in a U.S. district court within 60 days of the final agency action. For example, an owner or operator may seek review of an order disapproving a vulnerability assessment or a site security plan. Such cases may be brought in the U.S. district court for which the chemical source is located or the owner or operator has its principal place of business. The parties in such civil actions are limited to the owner or operator filing the petition and the Secretary of DHS. The Administrative Procedure Act (chapter 7 of title 5, United States Code) standard of review would apply to the initial 60-day challenges for new regulations and to challenges brought by an owner or operator regarding final agency actions or orders issued with respect to an owner or operator of a chemical source. This section also provides that nothing in the Act creates a private right of action against an owner operator of a chemical source to enforce a provision of the Act. Ammonium nitrate Ammonium nitrate is an important fertilizer critical to agriculture in the United States and around the world. It is also a serious security concern that should be addressed. Ammonium nitrate can be combined with fuel oil or other explosives to produce a powerful explosive. Since the 1990s, ammonium nitrate bombs have been used in some of the world's most infamous terrorist attacks. Ammonium nitrate was combined with fuel oil to create a truck bomb in Oklahoma City that destroyed the Alfred P. Murrah Federal Building in April 1995. The bombing, considered the deadliest incident of domestic terrorism in U.S. history, killed 168 people and injured hundreds more. There is evidence that terrorists continue to plot attacks using ammonium nitrate. In June 2006, police uncovered a terrorist plot in Toronto, Canada involving 3 tons of ammonium nitrate that was intended to be used for an attack in Toronto. Based on these and other terrorist attacks and attempted attacks involving ammonium nitrate, and the threat of additional attacks using this product, the Committee believes that ammonium nitrate should be regulated for security. During Committee markup, this section (Section 14) requiring registration of ammonium nitrate buyers and sellers was added to the bill. This section is a step in making it more difficult for terrorists to commit acts of destruction using this product. IV. LEGISLATIVE HISTORY S. 2145 was introduced on December 19, 2005 by Chairman Collins and Senator Lieberman. Senators Coleman, Carper and Levin were original cosponsors. S. 2145 was referred to the Committee on Homeland Security and Governmental Affairs. As described earlier in the report, the Committee held four hearings regarding chemical security. On June 14-15, 2006, the Committee took up S. 2145. A managers' amendment in the nature of a substitute, was offered by Chairman Collins and Ranking Member Lieberman, was adopted by voice vote. The managers' amendment included technical edits primarily. For example, it clarified that the Department has to put in writing the approval or disapproval decisions for site security plans. The more substantive modifications included: (1) adding cyber security as a requirement of a site security plan (section 4(a)(6)(C)(iii)) and modifying the existing cyber security requirements in the contents of a vulnerability assessment to mirror the site security plan language (section 4(a)(5)(D)(iii)); (2) adding a provision requiring DHS to notify facility owners and operators in writing as to whether their plans and assessments were approved or disapproved (Section 4(c)(1)(B)); segregating the determination as to whether a higher risk tier facility is implementing its security plan from the approval/disapproval determination for compliance with the assessment and plans submitted to DHS. This is a 2-step process now, as opposed to rolled into one (Section 4(c)(3)(B)(iv)); adding a requirement that higher risk tier facilities must be audited or inspected for compliance at least once per year (Section 5(b)(2)(c)). The managers' amendment also included a new guidance and consultation provision in two separate places in the bill that apply to higher risk tier facilities. Under the bill, DHS must provide guidance to all covered chemical facilities to help them meet the security performance standards specifically, as well as provide technical assistance on compliance with the overall bill. The managers' amendment provided that for higher risk tier facilities, the owner or operator of a facility in this tier may request that the Department provide consultation, in addition to the guidance already provided for, in coming into compliance with the bill, and in meeting the security performance standards. Because higher risk tier facilities must meet a stricter standard of security, the Committee wanted to ensure that the Department consulted and worked with these facilities so that they could achieve compliance with the Act. Senators present were Collins, Stevens, Voinovich, Coleman, Coburn, Chafee, Bennett, Warner, Lieberman, Akaka, Carper, Dayton, Lautenberg and Pryor. By a vote of 8-8, the Committee did not accept an amendment by Senator Voinovich to amend the regulatory regime created by S. 2145 with respect to chemical facilities already covered by the Maritime Transportation Security Act (MTSA) and to modify the standard of review for alternative security programs under S. 2145. The amendment requires the Secretary to consult with the Coast Guard Commandant to determine whether additional security measures are necessary at any MTSA-regulated facility in order to comply with the security performance standards established under S. 2145. The Secretary must review the assessment and plans for MTSA-regulated chemical sources within 6 months of enactment of S. 2145. If additional security measures are determined to be required, the owner or operator of such chemical source must implement additional security measures to comply with the security performance standards within 6 months after receiving the request to comply from DHS. The amendment also modifies the standard in the Alternative Security Programs provision (Section 4(f)) such that assessment and plans prepared under an alternative security program must be ``substantially equivalent'' to the assessment and plans submitted under S. 2145, as opposed to the ``meets each required element'' standard of S. 2145. Yeas: Stevens, Voinovich, Coleman, Bennett and Pryor. Yeas by proxy: Coburn, Domenici and Warner. Nays: Collins, Chafee, Lieberman, Akaka, Carper, Dayton and Lautenberg. Nays by proxy: Levin. The Committee adopted by voice vote an amendment offered by Senator Akaka to clarify that whistleblower protection rights under any other Federal or State whistleblower protection law would not be limited by the bill. The bill already provided that it would not limit Federal employees' rights to make protected disclosures under applicable whistleblower protection statutes, 5 U.S.C. Sec. Sec. 2302(b)(8) and 7211. Senators present were Collins, Voinovich, Coleman, Chafee, Bennett, Lieberman, Akaka, Carper, Dayton, Lautenberg and Pryor. By a vote of 7-9, an amendment offered by Senator Voinovich was not agreed to that would have struck the State and local law provision in Section 10 and replaced it with a provision establishing Federal preemption of State and local laws in the regulation of chemical security. The amendment provides that a State or local law is preempted by the bill if complying with the State or local law and S. 2145 is not possible, or if the State or local law, as applied or enforced, is an obstacle to accomplishing and carrying out this bill or frustrates an overwhelming Federal need for consistency and uniformity for rules, and regulations resulting from this bill. Yeas: Voinovich, Coburn, Bennett and Pryor. Yeas by proxy: Stevens, Domenici and Warner. Nays: Collins, Coleman, Chafee, Lieberman, Akaka, Carper, Dayton and Lautenberg. Nays by proxy: Levin. By a vote of 5-11, the Committee did not agree to an amendment offered by Senators Lieberman and Lautenberg that would require mandatory consideration and implementation of inherently safer technology measures for higher risk tier chemical sources. The amendment requires each higher risk tier chemical source to implement inherently safer technology solutions, unless the owner or operator of the chemical source demonstrates to the Secretary one of the following three exceptions: (1) implementing such measures would not reduce the risk of the facility to an attack; (2) implementing such measures would be cost-prohibitive, and; (3) implementing such measures would be otherwise unfeasible. Any higher risk tier facility that demonstrates one of these 3 must reevaluate whether it should implement inherently safer technology measures at least once every five years that the facility remains assigned to a higher risk tier. The amendment also requires the Secretary to consult with other governmental agencies at the Federal, State, and local level (including the Chemical Safety and Hazard Investigation Board and the U.S. Environmental Protection Agency) to determine whether higher risk facilities have adequately evaluated such risk-reducing measures. The amendment also requires that the Secretary assign at least 360 facilities to its higher risk tier. Yeas: Lieberman, Akaka and Dayton. Yeas by proxy: Chafee and Lautenberg. Nays: Collins, Voinovich, Coleman, Coburn, Bennett, Carper and Pryor. Nays by proxy: Stevens, Domenici, Warner and Levin. When the Committee reconvened its business meeting on Thursday, June 15, Senator Voinovich offered an amendment which further clarifies the performance-based intent of S. 2145, and it was accepted by voice vote. The amendment provides that the Secretary may not disapprove a site security plan based on the presence or absence of a particular security measure, if the site security plan satisfies the security performance standards. The purpose of this amendment is to clarify the performance-based intent of the bill, that the Secretary cannot disapprove a site security plan because such plan does not embrace specific security measures. Senators present were Collins, Voinovich, Coleman, Coburn, Chafee, Bennett, Lieberman, Carper, Dayton and Pryor. The Committee adopted by voice vote an amendment by Senator Pryor that would provide the Department with the regulatory authority to track the handling and purchase of ammonium nitrate to prevent and deter terrorists from acquiring and utilizing ammonium nitrate to create explosives for use in acts of terrorism. The amendment would require that handlers and sellers of ammonium nitrate must register facilities and only sell or distribute ammonium nitrate to handlers and purchasers that are registered. Purchasers of ammonium nitrate are also required to be registered. Handlers must maintain records of sale or transfer of ownership of ammonium nitrate. The Secretary is required to consult with the Secretary of Agriculture in issuing regulations to avoid placing an undue burden on agricultural producers' access to ammonium nitrate. The Committee adopted by voice vote a second degree amendment by Senator Lieberman. The second degree amendment strikes the preemption provision in the ammonium nitrate amendment, with the effect that there is no preemption provision attached to the Pryor amendment. The second degree amendment also strikes the protection of information provision in the Pryor amendment and directs that registration information under the Pryor amendment be treated as a record as described in the protection of information (Section 9) of S. 2145. Senators present were Collins, Voinovich, Coleman, Coburn, Chafee, Bennett, Lieberman, Carper, Dayton and Pryor. Senators present for the vote on Senator Pryor's first degree amendment were Collins, Voinovich, Coleman, Coburn, Chafee, Bennett, Lieberman, Carper, Dayton, and Pryor. Senator Voinovich offered a second degree amendment to modify his amendment and it was adopted by a vote of 9 to 5. The second degree amendment includes several provisions that would amend S. 2145 in different places. The second degree amendment includes: (1) adding an exemption for any facility owned or operated by a licensee or certificate holder of the Nuclear Regulatory Commission; (2) adding an interim notice provision for higher risk tier facilities; (3) modifying the heightened security measures provision in Section 7; (4) modifying the criminal penalties provision in Section 8; (5) adding a judicial review provision; (6) modifying the submission and certification of changes provision, and; (7) modifying the protection of information provision in Section 9. Yeas: Collins, Voinovich, Coleman and Carper. Yeas by proxy: Stevens, Coburn, Bennett, Domenici and Warner. Nays: Lieberman and Dayton. Nays by proxy: Levin, Akaka and Lautenberg. No instruction: Chafee. The amendment directs the Secretary to conduct a preliminary review and assessment of the vulnerability assessment, site security plan, and emergency response plan of chemical sources in a higher risk tier. This preliminary review must be conducted at least 3 months before the 1-year deadline by which chemical sources must have their assessments and plans approved. Following the review and assessment, if a chemical source in a higher risk tier appears to not be on track for compliance, the Secretary must provide notice and assistance to the source in complying with the Act. The amendment modifies Section 7 of S. 2145 by (1) adding a provision to the requirements of site security plans to require that such plans describe the security measures that would be implemented under an order issued by the Secretary pursuant to his Section 7 authority, and (2) clarifying the Secretary's authority to issue an order to an owner or operator of a chemical source to implement heightened security measures described in the chemical source's site security plan approved by the Secretary. The amendment (1) adds a heightened standard of knowingly and willfully for assigning criminal liability to an owner or operator, and (2) removes criminal liability for the violation of a site security plan. The amendment adds a new Section 13 to S. 2145 to provide a judicial review provision. This provision (1) allows any person to seek judicial review of a regulation within 60 days of its promulgation; (2) allows the owner or operator of a chemical source to seek judicial review of a final agency action under the Act within 60 days of the final agency action; (3) provides that no other judicial review will be permitted under the Administrative Procedures Act; and (4) provides that nothing in the bill creates a private right of action against an owner or operator of a chemical source to enforce a provision of the bill. The amendment provides that if a chemical source makes a change that would have a materially detrimental effect on the security of the chemical source, the owner or operator must (1) certify to the Secretary that the source has completed the review and implemented any necessary modifications to the assessment or plans and (2) provide the Secretary a description of any changes to the assessment or plans. The amendment included provisions on the protection of sensitive information that were incorporated into the bill in lieu of the provisions on information protection that were in the bill as introduced. The information protection provisions of the amendment grants exemptions from the Freedom of Information Act (FOIA) (5 U.S.C. Sec. 522) and from State and local sunshine laws for vulnerability assessments, site security plans, area security plans, and security addenda to emergency response plans. The amendment also provides these exemptions for materials obtained by DHS developed exclusively in preparation of the information listed immediately above (e.g., vulnerability assessments). The amendment also provides FOIA and sunshine law exemptions for (1) documents or other information obtained by DHS or a State or local government from a chemical source and (2) documents prepared by or provided to a Federal agency or State and local government, but only to the extent that the documents or information (noted in both (1) and (2)) describes a chemical source or its vulnerabilities, was taken from a vulnerability assessment or the other plans noted above, and, if disclosed, would be detrimental to the security of a chemical source. The amendment also forbids making any orders or disapprovals available to the public under FOIA, and provides a specific mechanism through which certain information (other than that described above) can be made available to the public (via the discretion of the Secretary). The amendment specifically notes that certain information--(a) certifications of compliance from a chemical source to DHS, (b) failure-to- comply orders from DHS to a chemical source, (c) compliance certifications from DHS to a chemical source, and (d) other disapprovals and orders issued under the bill--shall not be made available to the public under FOIA, except that if the Secretary makes a specific finding that releasing a certification referenced in clause (a) or (c) will not increase the risk to a chemical source, the Secretary may release the certification. The amendment also contains a provision which works in favor of effective information sharing principles between the Federal, State and local governments. The amendment provides instruction with respect to the establishment of protocols under the bill which allow for permitted access to protected information to include not just State or local law enforcement officials, first responders, or other State or local government officials granted access to protected information for purposes of carrying out the bill, but also to provide such officials and first responders with information on the extent to which security of chemical sources in the State or local area is being achieved. The Committee adopted by voice vote a modified second degree amendment by Senator Carper to add language back into the criminal penalties provision (Section 8(c) of S. 2145) which was removed by Senator Voinovich's first degree amendment. The second degree amendment would make a chemical source owner or operator criminally liable for failing to comply with a site security plan approved by the Secretary under this bill. After some discussion during the mark-up, Senator Carper asked for and received unanimous consent to modify his second degree amendment to add the words ``knowingly and willfully'' to the failure to comply with a site security plan approved by the Secretary under this bill. Senators present were: Collins, Voinovich, Coleman, Chafee, Lieberman, Carper, Dayton, Pryor. The Committee adopted by voice vote a second degree amendment by Senator Coburn which would modify the audits and inspections requirements for higher risk tier facilities. The amendment would permit the Secretary to exempt a higher risk tier facility from the annual inspection if a facility is inspected or audited for 5 years in a row, and is found in compliance with the bill. The amendment then provides that for each 5-year period after an exemption, the Secretary must conduct at least one audit or unannounced inspection of the chemical source. This exemption is not mandatory; the Secretary has the discretion to exempt facilities or he could continue to require annual inspections. Senators present were: Collins, Voinovich, Coleman, Chafee, Lieberman, Carper, Dayton, Pryor. By a vote of 15-0, the Committee voted unanimously to report the bill to the full Senate. Yeas: Collins, Lieberman, Stevens (by proxy), Voinovich, Coleman, Coburn, Chafee, Bennett, Domenici (by proxy), Warner (by proxy), Levin (by proxy), Carper, Dayton, Lautenberg (by proxy), Pryor. Nays: none. Senator Akaka was not present and provided no instructions. V. SECTION-BY-SECTION ANALYSIS Section 1--Short Title; table of contents Section 2--Defines key terms Section 3--Designation of chemical sources and tiering Designate covered facilities. DHS is directed to designate the chemical facilities that are covered under this bill within one year of the date of enactment of this bill. DHS is directed to issue regulations that establish criteria for evaluating the types of facilities that should be covered. The regulations establishing the criteria for designations should (1) take account of the risk factors described in Section 3(b), and (2) evaluate the types of facilities described in Section 3(c). Section 3(b) lays out risk factors that the Secretary should consider in designating chemical sources: (1) the perceived threat to a facility, (2) the potential extent and likelihood of death, injury, or serious adverse effects to human health and safety or to the environment caused by a terrorist attack at a facility, (3) threats to or potential impact on national security or critical infrastructure, (4) potential threats or harm to the economy, (5) proximity of a facility to population centers, (6) the nature and quantity of substances of concern, and (7) other security-related factors necessary to protect public health and safety, critical infrastructure, and national and economic security. Section 3(c) directs DHS to (1) consider any facility that is a ``stationary source'' under the Clean Air Act (CAA), section 112(r)(2) and for which the owner or operator is required to complete a risk management plan in accordance with CAA section 112(r)(7)(B)(ii), (2) consider any other facility that uses, produces, or stores a ``substance of concern,'' and (3) determine whether additional facilities, outside of the first two categories, should be included on its list. The bill explicitly exempts chemical facilities owned or operated by the Departments of Defense and Energy, as well as any facility owned or operated by a licensee or certificate holder of the Nuclear Regulatory Commission. Subsection (e)--Establish a Tiered System. Within 1 year of the date of enactment of this bill, the Secretary must issue rules establishing a risk-based tiered system of ``chemical sources.'' The system must consist of several tiers and be based on risk criteria identified above. Within the first year, DHS must place each covered chemical facility in a tier. DHS must designate 1 or more of these tiers ``higher risk tier(s).'' Higher risk tiers have stricter requirements and standards, as indicated in Section 4. The rules must also provide guidance to owners and operators regarding steps that would enable a chemical source to move to a lower risk tier. Subsection (f)--Establish Security Performance Standards. DHS must create security performance standards for each tier. As the tiers increase in risk, the security performance standards should become correspondingly stricter, thereby requiring facilities to implement greater security measures to meet these standards. DHS must issue guidance as to the types of security measures that, if applied, could meet the security performance standards. Chemical facilities would have the flexibility to employ different security measures that those described in the guidance if such measures satisfy the security performance standards. For higher risk tier facilities, at the request of the owner or operator, the Secretary must provide consultation on the types of security measures, that, if applied, could satisfy the security performance standards. The standards must also include consideration of the criteria for designating chemical sources (under Section 3(a)), cost, technical feasibility, and scale of operations. Subsection (g)--Notice to Facilities. The Secretary must notify potentially regulated facilities within 6 months of enactment of the bill about the process and timeline for review and designation of chemical sources. Subsection (h)--Subsequent Determinations. The Secretary is required to review and revise as necessary the list of designated sources every 3 years. In addition to this periodic review, the Secretary at any time may determine whether to designate additional facilities or remove the designation of particular facilities. Identification of Additional Chemical Sources--The owner or operator of any chemical facility where a threshold quantity of a substance of concern is present to petition the Secretary for a determination on whether that facility should be designated a chemical source, if that facility has not been required to complete a risk management plan (under the CAA section 112(r)(7)(B)(ii)). The owner or operator of any newly operation facility that handles at least the threshold quantity of a substance of concern to file a petition with the Secretary for a determination on whether that facility should be designated a chemical source. The Secretary is directed to consult with the EPA Administrator to establish a mechanism for the Department to receive timely notice when a facility is required to complete a risk management plan in accordance with CAA section 112(r)(7)(B)(ii). Subsection (i)--Designating Substances of Concern. The Secretary may create a list of chemical substances of concern with corresponding threshold quantities. In doing so, the Secretary may, by regulation, designate or exempt a chemical substance as a substance of concern or establish or revise a threshold quantity. In designating or exempting substances of concern, the Secretary must consider the potential extent of death, injury, or serious adverse effects to human health and safety or the environment and the potential impact on national security, the economy or critical infrastructure that would result from a terrorist attack involving the chemical substance. Section 4--Vulnerability assessments, security plans, and emergency response plans Subsection (a)--Requirements for Assessments and Plans. DHS must issue regulations with requirements for conducting vulnerability assessments, creating and implementing site security plans that addresses the risks identified in the vulnerability assessment, and creating an emergency response plan or updating an existing plan to reflect planning for a terrorist attack scenario. The regulations must be risk-based, performance-based, and flexible, and must include consideration of the criteria for designating chemical sources (Section 3(a)(1)). These regulations must allow for the cooperation among chemical sources operating at contiguous locations. Subsection (a)(4)--Sharing of Threat Information. The Secretary is directed to share relevant threat information with State and local government officials and with an owner or operator of a chemical source. The Secretary must take into account the interests of national security and applicable authority before sharing relevant threat information. Subsection (a)(5)--Contents of Vulnerability Assessments. Vulnerability assessments must (1) be based on a methodology developed or endorsed by the Secretary, (2) incorporate any threat information shared by DHS under subsection (a)(4), and (3) address the appropriate security performance standards for the facility's tier. In addition, vulnerability assessments must include an analysis of physical security, communications systems, cyber security, and the sufficiency of existing security measures relative to the threats and consequences of a terrorist attack, including vulnerabilities from hazardous chemicals. Subsection (a)(6)--Contents of Site Security Plans. Each site security plan must indicate the tier applicable to the facility, address risks identified in the vulnerability assessment and address the appropriate security performance standards. Site security plans must also include security measures (1) sufficient to deter, to the maximum extent practicable, a terrorist attack, (2) to mitigate the consequences of a terrorist incident, and (3) to increase cyber security. Further, these plans must describe contingency plans for the facility; identify roles and responsibilities of employees; identify steps taken to coordinate with government officials; describe training, drills, exercises, and security actions; and describe security measures that would be implemented in respond to an order under Section 7 in the event that heightened security measures became necessary for a particular facility. Subsection (a)(7)--Contents of Emergency Response Plans. Emergency response plans must address the consequences of a terrorist attack identified in the vulnerability assessment; is consistent with the site security plan; and identifies the roles and responsibilities of employees. Existing plans must be modified (to reflect the requirements noted in the previous sentence) versions of plans that have been Federally approved or certified and that are in effect on the date of enactment, if consistent with guidance provided by the National Response Team (NRT) established under the National Contingency Plan. If an owner or operator does not already have an emergency response plan, one must be created following the guidance of section 105 of the Comprehensive Environmental Response, Compensation, and Liability Act of 1980 (42 U.S.C.9605). Owners and operators are required to place security information in an addendum to the plan, if necessary, to protect it from public disclosure. Subsection (a)(8)--Guidance and Consultation. The Secretary must provide guidance to assist owners and operators of chemical sources in complying with this bill, including advice on aspects of compliance that may be unique to small businesses. An owner or operator of a higher risk tier facility may request, in addition to the guidance provided to all covered facilities that DHS consult with them on achieving compliance under this bill. Higher risk tier facilities may request that DHS consult with them on achieving compliance with the bill, in addition to the guidance provided for above. Subsection (b)--Certification and Submission of Assessments and Plans. Within 6 months after the regulations are issued under this section, all covered facilities must certify to DHS that they have complied with this section (completed a vulnerability assessment, developed and is implementing a site security plan and an emergency response plan) and submit to the Secretary for review and approval copies of the assessment and plans. Subsection (c)--Review by the Secretary. The Secretary is required to review the assessment and plans to determine whether such assessment and plans, and the implementation of such plans comply with this section. If compliance is determined, then the Secretary would issue an approval notice; if non-compliance is determined, the Secretary would issue a disapproval notice. The Secretary may not disapprove a site security plan based on the presence or absence of a particular security measure if the site security plan satisfies the security performance standards. The Secretary must provide written notice to the owner or operator of the chemical source regarding the determination of approval or disapproval. For disapprovals, the Secretary must provide the owner or operator, in writing, a clear explanation of deficiencies and consult with them to identify appropriate steps to achieve compliance and provide additional time for the facility to come into compliance. If the owner or operator does not achieve compliance, the Secretary must issue an order requiring the owner or operator to correct the specified deficiencies. If the owner or operator continues to be in noncompliance, the Secretary may issue an order for the chemical source to cease operation. The Secretary has greater authority in dealing with higher risk tier facilities. For these facilities, the Secretary may issue an order to a chemical source as soon as determining that the vulnerability assessment, site security plan, or emergency response plan or determines that implementation does not comply with this Section. The Secretary is not required to provide additional time for compliance as noted for all other tiers. The Secretary is required to make the approval or disapproval determination within 5 years after the date of submission of the assessment and plans. For higher risk tier facilities, the Secretary must make the approval or disapproval determination within 1 year after the date of submission of the assessment and plans. The Secretary may conduct subsequent reviews and determinations of compliance on a schedule that he determines, so long as such reviews occur not less than once every five years after the initial approval of a facility's assessments and plans. Higher risk tier facilities must be given priority for review, and these facilities must be reviewed not less than once every three years after the initial approval determination of its assessment and plans. Subsection (c)(3)(B)(i)--Interim Notice. For higher risk tier facilities, DHS must conduct a preliminary review of the vulnerability assessment, site security plan, and emergency response plan not later than 9 months after date of issuance of the regulations under this Section. If the preliminary review indicates that a disapproval determination is likely, DHS must provide to the chemical source assistance in achieving compliance with this bill. Subsection (d)--Submission and Certification of Changes. If an owner or operator makes a change to a chemical source that would have a materially detrimental effect on the security of the chemical source, the owner or operator must notify DHS in writing of such changes and provide a description of such changes. The owner or operator must also certify to DHS that it has reviewed and made any necessary changes to its assessment and plans and provided a description of any such modifications to DHS. If the Secretary determines that additional modifications, beyond what the owner or operator has made, are required, the Secretary must provide written notice to the owner or operator regarding the deficiencies and permit an additional 60 days for compliance. During the time before any revised security measures are implemented, the owner or operator must ensure temporary security measures are implemented to address the vulnerabilities previously identified. Subsection (e)--MTSA-regulated Facilities. A chemical facility that is regulated under the Maritime Transportation Security Act (MTSA) and designated as a chemical source under this Act must comply with this Act. The owners and operators of these facilities must review the vulnerability assessment, security plans and emergency response plans that they submitted to the Coast Guard pursuant to the MTSA and make any modifications necessary to comply with the security performance standards established for the tier in which it was placed under this Act. The assessment and plans, with any appropriate modifications, must be submitted to the appropriate Federal Maritime Security Coordinator and the Secretary for approval within 6 months after issuance of the regulations. Owners and operators of these facilities must also certify in writing to the Federal Maritime Security Coordinator for their area that the assessment and plans are in compliance with the security performance standards for their tier. The Secretary must consult with the Federal Maritime Security Coordinator to determine whether the security plan meets the security performance standards for the pertinent tier. Chemical sources that are regulated under the MTSA are exempt from the Section 6 requirements of this Act. The Secretary must implement this Act in as consistent and integrated a manner as possible with the MTSA. The Secretary must also ensure coordination between the Undersecretary for Preparedness and the Coast Guard Commandant in carrying out this Act for chemical sources that are also MTSA-regulated facilities. Subsection (f)--Alternative Security Programs. The Secretary may also consider petitions to approve documents prepared for alternative security programs. A person may submit a petition to the Secretary to have him consider alternate standards established by Federal, State or local government authorities, or industry for a determination of whether documents prepared for that program meet each required element for assessments and plans under this bill. If so, the assessments and plans prepared under that program may be submitted without further revision. If the Secretary determines that the documents prepared under the alternate program do not meet all the required elements, he may specify modifications that would be necessary for the alternate program to comply with this bill. If an alternative security program is approved by the Secretary, each facility covered by that program must submit its assessments and plans to the Secretary for review in accordance with the security performance standards for the pertinent tier. Each facility submission must be approved or disapproved on an individual basis. Section 5--Recordkeeping; site inspections; production of information Each chemical source must maintain a current copy of the vulnerability assessment, site security plan and emergency response plan onsite for 5 years after date of the approval determination. The Secretary may require the submission of or access to and may copy any records or information, including the assessment and plans and any other documentation necessary for the review and analysis of such assessment and plans and the implementation of a security plan. If the Secretary determines that an owner or operator is not maintaining, producing, or permitting access to records or to the premises of the chemical source as required by this section, the Secretary may issue an order requiring compliance. The Secretary has a right of entry to chemical sources and any premises on which any record required to be maintained is located. The Secretary has the authority to conduct security audits and inspections of chemical sources to determine compliance with the bill. The Secretary may also set requirements for these inspections and audits by rule, regulation or order. Subsection (b)(2(C)--Higher Risk Tiers. The Secretary must inspect or audit higher risk tier facilities at least once per year. If a higher risk tier facility has been found in compliance with this bill based upon 5 consecutive years of audits or inspections, then the Secretary may exempt a chemical source from this annual requirement. If the Secretary makes an exemption, such facility must be audited or and unannounced inspection must occur at least once per every 5 years after the exemption determination. For higher risk tier chemical sources that are also MTSA-regulated facilities, an audit or inspection conducted by the Coast Guard pursuant to the MTSA shall qualify as an audit or inspection under this section. Section 6--Infrastructure protection and implementation The Secretary is directed to model the implementation of this section on MTSA. Moreover, the Department is directed to coordinate with the MTSA Federal area security and response committees already in place in order to provide a unified and effective Federal security effort. DHS is directed to establish an office within the Infrastructure Protection (IP) directorate that will be responsible for implementing and enforcing this bill. The Department is directed to create regional IP offices, aligned with the FEMA regions, or the regional office of any successor agency of FEMA, to implement this bill and coordinate regional security. These regional offices will oversee chemical facility compliance, conduct security inspections, audits and drills. Further, DHS is directed to create ``areas'' and assign a Federal security coordinator to oversee an area committee comprised of qualified and affected security and response personnel, including State and local government officials, chemical facilities and local emergency planning and response entities. Area committees would provide enhanced coordination for security and emergency response planning. Each area must create an area security plan and submit it to DHS for approval. An area plan must coordinate the resources of the area to deter or respond to a terrorist attack in the area, including coordinating with the appropriate Federal, State and local government agencies or local emergency planning entities. DHS must also conduct periodic drills and exercises of security and response capabilities for these areas. The Secretary must publish an annual report on the drills under this provision, including an assessment of the effectiveness of the area plans, lessons learned, and recommendations, if any, to improve programs, plans and procedures. Section 7--Heightened security measures The Secretary is authorized to issue an order to the owner or operator of a chemical source mandating that the source implement the ``heightened security measures'' provision described in its site security plan pursuant to Section 4(a)(6)(H), if the Secretary determines that additional security measures are necessary to respond to a threat. An order issued pursuant to this authority shall not remain in effect for a more than 90 days, unless the Secretary files an action in Federal district court and the court authorizes an extension. Section 8--Penalties Administrative penalties for failure to comply with an order or directive issued under this bill are authorized for not more than $25,000 per day and not more than $1 million per year, but only after the Secretary has provided written notice of the proposed penalty and 30 days, during which the owner or operator may request a hearing. The Secretary must issue regulations establishing procedures for administrative hearings and reviews. The Secretary is authorized to pursue civil penalties by bringing an action in U.S. district court against an owner or operator who violates or fails to comply with an order or directive under this bill or his approved site security plan. The court may issue an order for injunctive relief and award a civil penalty of not more than $50,000 per day. Criminal penalties are authorized for of up to $50,000 per day and/or imprisonment for up to 2 years for an owner or operator of a chemical source who knowingly and willfully violates any order issued by the Secretary or knowingly and willfully fails to comply with an approved site security plan. Section 9--Protection of Information As noted above, the bill defines ``protected information'' to include: vulnerability assessments, site security plans, area security plans, and security addenda to emergency response plans, materials obtained by DHS and developed or produced by a chemical source exclusively in preparation of the information listed immediately above (e.g., vulnerability assessments, etc.; and (1) documents or other information obtained by DHS or a State or local government, but only to the extent that the documents or information (noted in both (1) and (2)) contain an item of information that describes a chemical source or its vulnerabilities, was taken from a vulnerability assessment or the other plans noted above, and, if disclosed, would be detrimental to the security of the chemical source. Subsection (a)--Disclosure Exemptions. The new regulatory scheme proposed under the bill requires the Secretary to keep information defined as ``protected information'' secure and exempts such information from the public disclosure requirements of the Freedom of Information Act (FOIA) or any State or local law providing for public access to information. The specific legislative language employed is that the Department ``shall not be required under[FOIA] to make available to the public protected information''; other Federal agencies that receive a FOIA request for protected information ``shall not disclose the record'' and shall refer the request to the Department; and ``[a] State or local government agency shall not be required under any State or local law providing for public access to information to make available to the public protected information''; and, in Section 9(c), that the Secretary shall establish confidentiality protocols that ensure records are maintained securely and that access is appropriately limited. These provisions together mandate that DHS and other agencies will maintain the secrecy and integrity of protected information, while not precluding the Secretary from disclosing specific information if he or she decides to grant public access to specific information pursuant to a proper FOIA request if the Secretary determines circumstances so warrant. The Maritime Transportation Security Act (MTSA), enacted in 2002, employs similar language regarding Sensitive Security Information (SSI) obtained by the Department for purposes of MTSA. The relevant MTSA provision states that, ``[n]otwithstanding any other provision of law, information developed under this chapter is not required to be disclosed to the public.'' \117\ --------------------------------------------------------------------------- \117\ See 46 U.S.C. Sec. 70103(d) (emphasis added). --------------------------------------------------------------------------- Subsection (b)--Certifications and Orders. The bill provides guidance with respect to the handling of certifications and orders. The bill, under Section 9(b)(1)(A), directs that, generally, certifications of compliance from a chemical source to DHS (under Section 4(b)(1)); failure to comply orders from DHS to a chemical source (under Section 4(b)(3)); compliance certifications from DHS to a chemical source (under Section 9(b)(2)); and other disapprovals and orders issued under the bill shall not be made available to the public under FOIA. However, Section 9(b)(1)(B)(i) provides for an exception to this rule where the Secretary makes a specific finding that releasing certifications of compliance from a chemical source to DHS or compliance certifications from DHS to a chemical source will not increase risk to a chemical source, the Secretary may make the record available to the public under FOIA. Under Section 9(b)(2), when the Secretary makes a determination that a chemical source is in compliance with the requirements of the bill, he or she must provide a certificate of approval to the chemical facility noting that the facility ``is in compliance with the Chemical Facility Anti-Terrorism Act of 2006.'' As a means of measuring the overall success of chemical facilities in implementing the requirements of the bill, Section 9(b)(3) requires that the Secretary, at least once a year, ``submit to Congress a public report on the performance of chemical sources under the bill, in the aggregate, including a description of common problems, solutions, and industry best practices.'' This clause is intended to have the Secretary inform Congress regarding both the advancements made, and the problems encountered, by chemical facilities pursuant to the requirements under the bill. Subsection (c)--Development of Protocols. Under Section 9(c)(1) of the bill, the Secretary, in consultation with the Director of the Office of Management and Budget and the appropriate Federal law enforcement and intelligence officials, ``and in a manner consistent with existing protections for sensitive or classified information,'' shall, by regulation, establish confidentiality protocols for the maintenance and use of records containing protected information. This clause explicitly acknowledges other regulatory schemes relating to sensitive or classified and states that the regulations promulgated under this bill should be consistent with such regulatory schemes. In drafting this legislation, the drafters were well aware of the sensitive and classified information protection protocols in effect, and specifically noted that the regulations promulgated under this bill must be consistent with such information protection regulatory schemes. Section 9(c)(2) articulates the requirements for the regulatory protocols promulgated under the bill and contemplated under Section 9(c)(1). The clause states that the protocols ``shall ensure, to the maximum extent practicable, that'' the records shall be securely maintained, and access to such records shall be limited as may be necessary to: ``enable enforcement of th[e] Act,'' or ``address an imminent and substantial threat to security, health, safety, or the environment;'' State or local law enforcement officials, first responders, or other officials granted access to such records for the purpose of carrying out the bill; and ``other persons granted access for the purpose of carrying out this Act.'' This bill, while fostering an atmosphere of appropriate information sharing between DHS and State and local law enforcement, first responders and other officials, still contemplates protocols based on a ``need to know'' standard. Section 9(c)(3) requires the establishment of other procedures in the regulatory protocols. Under Section 9(c)(3)(A), the regulations are to provide for the labeling of any record containing protected information to enable the information contained therein ``to be traced back to the specific document from which the information was derived.'' Section 9(c)(3)(A) of this bill requires that the labeling of a record containing protected information be sufficient to enable a determination of ``the specific document from which the information was derived.'' This requirement is based on the fact that it is necessary to properly account for the genesis of protected information given that the definition of protected information not only specifically includes vulnerability assessments, site security plans, area security plans, and security addenda to emergency response plans, but also information and materials ``developed or produced exclusively in preparation of'' such documents, and information ``taken from'' such documents.\118\ --------------------------------------------------------------------------- \118\ See Section 2(8)(B), (C), and (D) of the bill. --------------------------------------------------------------------------- Section 9(c)(3)(B) states that the protocols shall ``accommodate'' the making of disclosures under 5 U.S.C. Sec. 2302(b)(8) and an employee's right to petition Congress under 5 U.S.C. Sec. 7211. Moreover, this section mandates that the protocols must also provide guidance to employees as to how to make these types of disclosures without compromising security. This section reflects that the integrity of protected information must be maintained without infringing upon the protections afforded to Federal employees for proper public interest disclosures and their right to petition Congress. Section 9(c)(3)(C) states that the protocols shall include procedures applicable to a FOIA request, ``requiring that any portion of a record that reasonably may be separated shall be provided to a person requesting the record after redaction of any portion that is exempt from disclosure.'' This mandate is intended to ensure that information that is not designated as protected information under the bill is not shielded from the public under a proper FOIA request merely because the non- protected information exists in a document along with some protected information. Section 9(c)(3)(D) ensures that information designated as protected information shall not be shielded from the public under a proper FOIA request in perpetuity if, ``because of changed circumstances or the passage of time, disclosure of the record would not be detrimental to the security of a chemical source.'' There are circumstances where information once designated as protected information under the bill no longer needs the sort of heightened protection provided for under the bill. This section of the bill therefore requires the DHS Secretary to establish procedures by which a record containing protected information may lose its protected status under the bill and become subject to the requirements of public disclosure under FOIA if--because of the passage of time or changed circumstances--disclosure of the record would not be detrimental to the security of a chemical source. Subsection (d)--Process for Reporting Problems. Under Section 9(d)(1), the Secretary is required to establish and provide information to the public regarding a process by which a person may submit a report to the Secretary regarding ``problems, deficiencies, or vulnerabilities at a chemical source.'' In an effort to encourage such reporting, Section 9(d)(2) states that the Secretary shall keep the identity of any person submitting such a report confidential and that the report itself will be treated as protected information under the bill to the extent it does not contain information readily available to the public. If a report under Section 9(d)(1) identified the individual making the report, Section 9(d)(3) requires that the Secretary ``promptly respond to such person and acknowledge receipt of the report.'' Section 9(d)(4) ensures that the issues noted in a report submitted under Section 9(d)(1) are properly reviewed, by requiring that the Secretary ``review and consider the information provided'' and ``take appropriate steps'' under the bill to fully address the issues, problems, or deficiencies identified in the report. Section 9(d)(5) forbids an employer from discharging or otherwise discriminating against an employee (or a person acting pursuant to the request of the employee) for making a report under Section 9(d)(1). Section 9(d)(6) requires the Comptroller General of the United States to describe the number and type of problems, deficiencies and vulnerabilities identified in reports provided to the Secretary under Section 9(d)(1). Moreover, Section 9(d)(6) also requires that the Comptroller General's report evaluate the Secretary's efforts to address the problems, deficiencies and vulnerabilities identified in the Section 9(d)(1) reports. The Comptroller General's reports under Section 9(d)(6) are to be included in the annual reviews by the Governmental Accountability Office required under Section 12 of the bill. Subsection (e)--Protected Disclosures. The spirit of Section 9(e) is similar to that of Sections 9(c)(3)(B) and 9(d)(5) as described above. Section 9(e)(1) states that nothing in the bill shall limit the right of a person to make disclosures under 5 U.S.C. Sec. 2302(b)(8) or a person's right to petition Congress under 5 U.S.C. Sec. 7211. Moreover, Section 9(e)(2) preserves a person's right to make a disclosure under any other Federal or State law that protects the disclosing individual against retaliation or discrimination for having made a disclosure in the public interest. Lastly, Section 9(e)(3) preserves a person's right to make a disclosure to the Special Counsel, the inspector general of an agency, or any other employee designated by the head of an agency to receive such disclosures. Subsection (f)--Materials Not Held by Agencies. Section 9(f) notes that nothing under the bill shall be interpreted to limit the rights or obligations of a chemical source or any other entity that is not a Federal, State or local government entity in possession of a record containing protected information with respect to the withholding or disclosure of any information or record held by the chemical source or the entity ``regardless of whether or not the Department has received or possesses similar or identical information or a similar or identical record.'' Consistent with other sections of the bill, this section reflects the drafters' intention that the information protection clauses of the bill do not affect any rights and obligations of a private-sector entity with respect to a document or information in its possession, and generally do not interfere with disclosure rights and obligations in effect, other than those specifically noted in the bill. Subsection (g)--Disclosure of Independently Furnished Information. Section 9(g)(1) establishes that the provisions of the bill do not affect the handling or disclosure of a record or information obtained from a chemical source under any other law. Moreover, Section 9(g)(2) states that the bill does not affect any authority or obligation of an agency to disclose any record that the agency has received independently of a record exempt from FOIA requests under Section 9, ``regardless of whether or not the Department has an identical or similar record that is so exempt.'' These two provisions make it clear that if a record is produced to or obtained by an agency independently of this bill, even if the record contains protected information, the Chemical Facility Anti-Terrorism Act of 2006 does not affect or control the handling, treatment, or public disclosure of the record. The same principle for independently furnished information can be found at 6 CFR Sec. 29.3(d) with respect to Protected Critical Infrastructure Information (PCII) governed by the Homeland Security Act of 2002. Subsection (h)--Other Obligations Unaffected. Under Section 9(h)(1), the bill does not change any existing obligation of an owner or operator of a chemical facility to provide information to a Federal, State, or local government agency under any other law. Section 9(h) ensures that the bill is not intended to affect disclosure or submittal obligations under any other law not specifically mentioned in the bill. Moreover, under Section 9(h)(2), the owner or operator of a chemical facility may not use a record containing protected information to meet a legal requirement other than a requirement under the bill; nor may such a record be used to obtain a grant, permit, contract, benefit, or other governmental approval. Subsection (i)--Availability of Information to Congress. Section 9(i) ensures that the bill may not be used in any way to authorize the withholding of information from Congress. Subsection (j)--Penalties for Unauthorized Disclosure. Section 9(j) states that any Federal, State, or local government officer or employee who, in a manner not permitted by law, ``knowingly discloses'' any record containing protected information will be imprisoned for not more than one year, fined (under Chapter 227 of title 18, United States Code), or both. Moreover, if the person who knowingly makes the non- lawful disclosure is an officer or employee of the Federal government, then he or she shall be removed from his or her position. Subsection (k)--Public Availability of Information in Reports. Section 9(k) establishes that the Government Accountability Office may not disclose any protected information to the public in any report required of it under Section 12. Section 10--State and other laws Nothing in this bill denies States or localities from adopting or enforcing chemical security requirements that are more stringent than the standard under this bill, unless there is an actual conflict between a provision of this bill and the law of a State or locality. In addition, nothing in this bill would preclude or deny the right of any State or locality to adopt or enforce any requirement, including air or water pollution requirements that are directed at problems other than reducing damage from terrorist attacks. Section 11--National strategy for chemical security The Secretary is directed, within 6 months following enactment of this bill, to submit to the Senate Homeland Security and Governmental Affairs Committee, and the Homeland Security Committee and the Energy and Commerce Committees of the House of Representatives, an update of its national strategy for securing the chemical sector. Section 12--Government accountability office review The Department is directed to provide the U.S. Government Accountability Office (GAO) with access to any document or information required to be submitted to, generated by, or otherwise in the possession of the Department under this Act. GAO is required to submit a report annually to the Senate Homeland Security and Governmental Affairs Committee and Committee on Homeland Security of the House of Representatives and the Energy and Commerce Committee of the House of Representatives, a review of vulnerability assessments, site security plans and emergency response plans under this bill, and a determination of whether such plans and assessments are in compliance with this bill. Section 13--Judicial actions Any person is permitted to file a petition with the U.S. Court of Appeals for the District of Columbia for judicial review of a rule within 60 days of promulgation. The court is directed to review rules in accordance with the Administrative Procedure Act (5 U.S.C. Sec. 701 et seq.). The bill allows only an owner or operator whose facility is affected by a final agency action to file a petition in U.S. district court within 60 days of its issuance. Only the owner or operator and the Secretary may participate in such civil actions. The bill precludes judicial review of final agency actions except as specified in this section and Section 7(b). The bill prohibits private civil actions against an owner or operator to enforce provisions of this bill. Section 14--Ammonium nitrate The Secretary, in consultation with the Secretary of Agriculture, is directed to regulate the handling and sale of ammonium nitrate to prevent misappropriation or use in violation of law. The bill requires the registration of facilities and purchasers. The bill restricts sales to registered producers, sellers, and purchasers, and further requires that records of sales or distribution must be maintained. The registration information shall be treated as protected information under this bill. The Secretary of Homeland Security is authorized to establish a process for auditing handler records to determine compliance. Penalties for violations and compliance failures are authorized. Section 15--Authorization of appropriations The bill authorizes such sums as are necessary to carry out this Act. VI. CONGRESSIONAL BUDGET OFFICE COST ESTIMATE July 25, 2006. Hon. Susan M. Collins, Chairman, Committee on Homeland Security and Governmental Affairs, U.S. Senate, Washington, DC. Dear Madam Chairman: The Congressional Budget Office has prepared the enclosed cost estimate for S. 2145, the Chemical Facilities Anti-Terrorism Act of 2006. If you wish further details on this estimate, we will be pleased to provide them. The CBO staff contacts are Susanne S. Mehlman (for federal costs), who can be reached at 226-2860, Melissa Merrell (for the state and local impact) and Paige Piper/Bach (for the private-sector impact). Sincerely, Donald B. Marron, Acting Director. Enclosure. S. 2145--Chemical Facilities Anti-Terrorism Act of 2006 Summary: S. 2145 would authorize the Department of Homeland Security (DHS) to regulate the security of chemical facilities across the United States. Under the bill, DHS would identify such facilities and estimate the level of risk they pose to the nation's security. DHS would develop regulations to require the owners and operators of those facilities to perform vulnerability assessments and to establish site security plans and emergency response plans. The legislation would establish a chemical security office at DHS headquarters and offices at the regional level that would be responsible for auditing and inspecting the security of the nation's chemical facilities. In addition, DHS would be responsible for maintaining the information it receives on chemical facilities in a secure location. Finally, S. 2145 would require DHS to regulate the handling and purchase of ammonium nitrate. CBO estimates that implementing S. 2145 would cost $255 million over the next five years, assuming appropriation of the necessary amounts. Of that amount, $210 million would be used to regulate and oversee an estimated 15,000 to 18,000 chemical facilities. The remaining $45 million would be used by DHS to regulate the handling and purchase of ammonium nitrate. Enacting S. 2145 could affect direct spending and receipts because the bill would establish new civil and criminal penalties against owners and operators of chemical facilities, handlers of ammonium nitrate, and officers or employees of federal, state, or local government agencies who fail to comply with the bill's requirements. However, CBO estimates that any collections from such civil and criminal penalties would not be significant. S. 2145 contains intergovernmental mandates, as defined in the Unfunded Mandates Reform Act (UMRA), because it would require the owners and operators of certain facilities, including those that provide public drinking water and wastewater treatment, to undertake measures to protect against the unauthorized release of chemical substances. It also would exempt certain security plans and documents from state and local laws that provide public access to information and preempt the authority of states to regulate the sale of ammonium nitrate in a manner that is less stringent that the requirements of the bill. Because some of the mandates are dependent upon future actions of the Department of Homeland Security, CBO cannot determine their exact costs. However, based on information from DHS and representatives of public water facilities, CBO estimates that, because it is likely those public facilities would be assigned to the lowest tier of risk and that DHS likely would consider activities that the facilities are currently doing to be sufficient to meet the requirements of this bill, additional costs for those public facilities would not exceed the annual threshold established in UMRA ($64 million for intergovernmental mandates in 2006, adjusted annually for inflation). S. 2145 also would impose private-sector mandates, as defined in UMRA on owners and operators of certain chemical facilities and handlers and purchasers of ammonium nitrate. Based on information from industry and government sources, CBO expects that the aggregate direct cost of complying with those mandates would exceed the annual threshold established by UMRA for private-sector mandates ($128 million in 2006, adjusted annually for inflation) in at least one of the first five years the mandates are in effect. Estimated cost to the Federal Government: The estimated budgetary impact of S. 2145 is shown in the following table. For this estimate, CBO assumes that the bill will be enacted near the end of fiscal year 2006, that the necessary amounts will be appropriated for each year, and that outlays will follow historical spending patterns for similar activities. The costs of this legislation fall within budget function 750 (administration of justice). ---------------------------------------------------------------------------------------------------------------- By fiscal year, in millions of dollars-- ----------------------------------------------- 2006 2007 2008 2009 201O 2011 ---------------------------------------------------------------------------------------------------------------- SPENDING SUBJECT TO APPROPRIATION DHS Spending on Security of Chemical Sites Under Current Law: Budget Authority \1\........................................ 15 0 0 0 0 0 Estimated Outlays........................................... 10 5 0 0 0 0 Proposed Changes: Regulation Development, Review of Vulnerability Assessments, Site Security Plans, and Emergency Response Plans: Estimated Authorization Level........................... 0 13 1 1 1 1 Estimated Outlays....................................... 0 11 3 1 1 1 Establish Chemical Security Office and Regional Offices for Site Audits and Inspections: Estimated Authorization Level........................... 0 (*) 30 45 45 45 Estimated Outlays....................................... 0 (*) 30 45 45 45 Maintain Chemical Site Information: Estimated Authorization Level........................... 0 20 2 2 2 2 Estimated Outlays....................................... 0 18 4 2 2 2 Regulate Handlers and Purchasers of Ammonium Nitrate: Estimated Authorization Level........................... 0 6 10 10 10 11 Estimated Outlays....................................... 0 5 9 10 10 11 Total Proposed Changes: Estimated Authorization Level....................... 0 39 43 58 58 59 Estimated Outlays................................... 0 34 46 58 58 59 DHS Spending. on Security of Chemical Sites Under S. 2145: Estimated Authorization Level \1\........................... 15 39 43 58 58 59 Estimated Outlays........................................... 10 39 46 58 58 59 ---------------------------------------------------------------------------------------------------------------- \1\ The 2006 level is the amount appropriated for DHS to address security issues at chemical facilities in that year. Note: * = less than $500,000. Basis of estimate: CBO estimates that implementing this legislation would cost $34 million in 2007 and $255 million over the 2007-2011 period, subject to appropriation of the necessary amounts. In addition, CBO estimates that enacting S. 2145 could have an insignificant effect on direct spending and receipts by creating new criminal and civil penalties related to compliance with the bill's provisions. Regulation development and risk assessment S. 2145 would require DHS to develop various regulations identifying facilities as chemical sources, determining the risk to the nation's security associated with those facilities, setting security performance standards for chemical facilities, and detailing the requirements for vulnerability assessments, security plans, and emergency response plans for chemical facilities. CBO estimates that implementing these provisions of the legislation would cost $17 million over the next five years, subject to appropriation of the necessary amounts. Based on information from DHS, CBO estimates that over the 2007-2008 period, efforts to develop necessary regulations would require about 15 staff-years at a cost of about $2 million, and $8 million for related contractor support for information technology, meeting and conference planning, and assistance in conducting various studies. In addition, under the bill, facilities that involve higher security risks would have to undergo a more detailed facility assessment. Currently, DHS is in the process of developing a risk assessment framework known as Risk Analysis and Management for Critical Asset Protection (RAMCAP). According to DHS, additional funding would be required to refine and manage the RAMCAP process to meet the bill's requirements for assessing risk. Based on information from DHS, CBO estimates that $3 million in 2007 and $1 million a year in subsequent years would be needed for additional training and technical modifications to RAMCAP to comply with requirements of S. 2145. Chemical security office and regional offices The bill would direct DHS to create a chemical security office. The new office would be responsible for planning, management, assignment of facilities to risk tiers, review and maintenance of site vulnerability assessments and plans, and enforcement. Regional employees of the chemical security office would oversee facility compliance, conduct large-scale emergency response exercises, and work with local law enforcement and first responders on security and emergency planning. In addition, DHS expects that the regional offices would have primary responsibility for conducting audits and inspections of thefacilities to verify whether they are meeting applicable requirements. Under the bill, most of the nation's 15,000 to 18,000 chemical facilities would be audited or inspected over the next 10 years. In total, CBO estimates these efforts would cost $165 million over the 2007-2010 period, subject to appropriation of the necessary amounts. Based on information from DHS, CBO expects that the chemical security office would be operational by 2008 and fully staffed by 2009. We estimate that the office would require a staff of 20 with a first-year cost of about $2 million, and would need about $13 million for contractor support and information technology in 2008. In subsequent years, CBO estimates that $20 million would be required, including $5 million for a staff of 50 and $15 million for contractor costs, travel expenses, and information technology. According to DHS, the agency would spend less than $500,000 in 2007 to study how the field offices should be structured to meet the requirements of this legislation. DHS would need additional resources to audit and inspect chemical facilities and to oversee large-scale emergency response exercises and to coordinate efforts with local first responders. CBO estimates that DHS would spend about $15 million in 2008 to begin these effects, using a staff of 35 at a cost of about $4 million, and $11 million for contractor support, travel expenses, and information technology. After these initial efforts, we estimate that DHS would spend about $12 million on a staff of 120 plus $13 million for related costs each year over the 2009- 2011 period. Maintain chemical site information Based on information from DHS, CBO estimates that DHS would need about $20 million in 2007 to construct facilities to store the site chemical information it collects in a secure environment and to provide funding for information technology and support services for tracking such information. In subsequent years, CBO estimates that DHS would require $2 million to provide ongoing support to maintain the site information. Regulate handlers and purchasers of ammonium nitrate S. 2145 would require DHS to regulate the handling and purchase of ammonium nitrate. To meet this requirement, DHS would develop regulations requiring handlers of ammonium nitrate to register facilities, to sell or distribute ammonium nitrate only to registered handlers and purchasers, and to maintain records of sale. S. 2145 also would direct DHS to periodically inspect and audit these records. Based on information from industry associations, CBO estimates that there are about 2,000 handlers of ammonium nitrate in the United States. Based on the number of personnel employed by the Bureau of Alcohol, Tobacco, Firearms, and Explosives to inspect handlers of firearms and explosives, CBO expects that DHS would need to hire about 60 people to carry out field inspections and audits of ammonium nitrate handlers. Once fully phased in, CBO estimates that the costs of these additional employees would reach $8 million annually, including salaries, benefits, training, and support costs. For this estimate, we assume that the new positions would be fully staffed by fiscal year 2008. In addition, we estimate that DHS would need to hire about 20 people to register and communicate with handlers of ammonium nitrate, write regulations, and administer this new program. We estimate that costs for these personnel would total $2 million annually. S. 2145 would permit DHS to enter into agreements with states to register and inspect handlers of ammonium nitrate. Under the bill, DHS would reimburse states for their costs to carry out those responsibilities if states chose to enter into such agreements with DHS. CBO expects that the cost to carry out those registrations and inspections would be similar whether conducted by states or DHS. Government Accountability Office (GAO) studies The legislation also would require GAO to prepare annual reports that would review the vulnerability assessments, site security plans, and emergency response plans submitted by the facilities no later than January 1 of the first year following the calendar year in which the regulations are developed and annually thereafter. CBO estimates that GAO would require less than $500,000 annually beginning in 2008 for such reports. Estimated impact on State, local, and tribal governments: S. 2145 contains several intergovernmental mandates as defined in UMRA. First it would require owners and operators of certain chemical facilities to undertake specific measures to protect against terrorist attacks, criminal acts, or other categories of chemical releases, based on regulations to be developed by DHS. Because the sites would be selected from public and private entities (including public drinking water and wastewater treatment facilities), the bill would impose intergovernmental mandates as defined in UMRA. The bill also includes two preemptions of state and local authority. It would exempt certain security plans and documents from state and local laws that provide public access toinformation and preempt the authority of states to regulate the sale of ammonium nitrate in a manner that is less stringent than the requirements of the bill. CBO estimates that the cost for state and local governments to comply with those mandates would be small and therefore would not exceed the annual threshold established in UMRA ($64 million for intergovernmental mandates in 2006, adjusted annually for inflation). Requirement for vulnerability assessments and security plans S. 2145 would require that owners and operators of affected facilities conduct an assessment of the vulnerability of their facility, identify the hazards that may result from a substance's release, and develop and implement a security plan to prevent or respond to those releases. S. 2145 would further require that owners and operators certify completion of both the assessment and plan, submit copies to DHS, maintain records at the facility, and complete a periodic review of the assessment and plan. According to government and industry representatives, many of the facilities potentially affected by the bill's provisions are currently engaged in activities similar to those that would be required under S. 2145. Such facilities are acting either in response to the terrorist attacks of September 11, 2001, as a condition of membership with chemical industry associations, or to comply with the Public Health Security and Bioterrorism Preparedness and Response Act of 2002, the Maritime Transportation Security Act, or other federal regulations. Information from DHS indicates that public water facilities likely would be assigned to the lowest tier of risk and that the department likely would consider activities that the facilities are currently doing to be sufficient. Assuming public facilities would not be required to undertake significant new activities, CBO expects that these mandates would impose little additional costs on those facilities. Preemption of State authority to regulate ammonium nitrate S. 2145 would preempt the authority of states to regulate the sale of ammonium nitrate in a manner that is less stringent than the requirements of this bill. Currently nine states regulate the sale of ammonium nitrate, though none of those regulations are the same as the provisions of this bill, and all would be preempted. This bill would not require states to upgrade those regulations; rather the states could choose to stop regulating such sales and allow the federal government to do so. CBO estimates the states would incur little, if any, direct costs as a result of that preemption. The bill would allow states to enter into cooperative agreements with the federal government to implement the requirements of the bill and the Secretary of DHS would be authorized to provide those states with sufficientfunds to carry out such duties. CBO cannot estimate how many states may opt to implement those regulations, but assuming appropriation of funds, any costs incurred by those states would be paid for by the federal government. Estimated impact on the private sector: S. 2145 would impose private-sector mandates, as defined in UMRA, on owners and operators of certain chemical facilities and handlers and purchasers of ammonium nitrate. Based on information from industry and government sources, CBO expects that the aggregate direct cost of complying with those mandates would exceed the annual threshold established by UMRA for private-sector mandates ($128 million in 2006, adjusted annually for inflation) in at least one of the first five years the mandates are in effect. Chemical facilities S. 2145 would require the Secretary of Homeland Security to issue regulations regarding the security of the chemical industry. The bill would require that not later than one year after the date of enactment, the Secretary would be required to establish security performance standards for chemical sources based on a risk-based tier system. Each chemical facility would be required to file a petition with DHS for a determination on whether the facility should be designated as a chemical source. In addition, not later than one year after the date of enactment of the bill, the Secretary of DHS would be required to promulgate regulations that would require the owner or operator of each chemical source to conduct a vulnerability assessment, to prepare and implement a site security plan, and to prepare and implement an emergency response plan. The owner or operator of a chemical source also would be required to retain a copy of the assessment, the site security plan and the emergency response plan for not less than five years after the assessment and plans are approved by the Secretary. According to industry and government sources, a large number of facilities are currently engaged in activities similar to the types of assessments and planning that would be required under this bill. According to those sources, approximately 15,000 to 18,000 chemical facilities would be affected by the security regulations. While the direct cost of complying with those mandates would depend on the regulations to be issued by DHS, based on information from industry and government sources, CBO expects that the incremental cost to comply with the security standards outlined in the bill would be substantial and would exceed the annual threshold established in UMRA in at least one of the first five years those requirements are in effect. Whistleblower protection The bill also would prohibit owners or operators of chemical facilities from discharging any employee, or otherwise discriminating against such employees in the terms, conditions, or privileges of their employment because the employee submitted a report to the Secretary regarding problems or vulnerabilities at a chemical facility. Based on information from government sources, CBO estimates that those chemical sources would incur minimal, if any, direct cost to comply with such protection requirements for their employees. Ammonium nitrate The bill also would impose mandates on producers, sellers, and purchasers of ammonium nitrate by requiring the Secretary of Homeland Security to regulate the handling and purchasing of the fertilizer. The Secretary would be required to promulgate regulations that would require producers and sellers of ammonium nitrate: <bullet> To register facilities where ammonium nitrate is produced or sold; <bullet> To sell or distribute ammonium nitrate only to registered handlers and purchasers; and <bullet> To maintain records of sale or distribution that include the name, address, telephone number, and registration number of certain purchasers. In addition, the regulations would require purchasers of ammonium nitrate to be registered. Under current law, some producers and sellers of ammonium nitrate are required to submit information to the Attorney General. According to government and industry sources, the regulations would result in a modest increase in administrative costs to ammonium nitrate handlers and purchasers. Based on that information, CBO estimates that the direct cost to comply with those mandates would be small relative to the annual threshold. Previous CBO Estimate: On June 11, 2006, CBO transmitted a cost estimate for H.R. 3197, the Secure Handling of Ammonium Nitrate Act of 2006, as ordered reported by the House Committee on Homeland Security on June 14, 2006. Section 14 of S. 2145 is similar to that bill and CBO's estimates of the costs for H.R. 3197 and section 14 of S. 2145 are identical. Estimate prepared by: Federal Costs: Susanne S. Mehlman. Impact on State, Local, and Tribal Governments: Melissa Merrell. Impact on the Private Sector: Paige Piper/Bach. Estimate approved by: Peter H. Fontaine, Deputy Assistant Director for Budget Analysis. VII. CHANGES IN EXISTING LAW In compliance with paragraph 12 of the Standing Rules of the Senate, changes in existing law made by S. 2145, as reported, are shown as follows: there is no change to existing law. VIII. ADDITIONAL VIEWS ---------- ADDITIONAL VIEWS OF SENATOR VOINOVICH I commend the Committee Chairman and Ranking Member for their leadership on S. 2145, the Chemical Facility Anti- Terrorism Act of 2005. The U.S. chemical sector is a major part of our nation's economic infrastructure and vitality. It includes chemical manufacturing, agriculture, healthcare, oil and natural gas, forest and paper, mining, dairy, and energy. Accordingly, chemical security legislation is of critical importance to our homeland security. I am pleased that legislation has been advanced that would provide comprehensive, risk-based standards that will protect chemical facilities and surrounding communities from terrorist attack. I am also pleased that agreement was reached on several of the amendments brought before the Homeland Security and Governmental Affairs Committee. However, I must express my serious concerns with certain provisions of S. 2145 as passed by the Committee on June 15, 2006. The bill reported out of Committee could make communities more vulnerable by: <bullet> Promoting an unnecessary, redundant, complex and confusing patchwork of local, state and federal security regulations that would provide for inconsistent levels of security across the country; <bullet> Allowing the release of sensitive security information to potential terrorists; <bullet> Disrupting ongoing security operations; <bullet> Creating the opportunity to define private sector process change as a security measure; and <bullet> Placing regulated industries at a competitive disadvantage with the potential to lead to facility closures and the loss of jobs to overseas competitors, hurting the surrounding communities that ironically, this bill intends to protect. While I wholeheartedly support the goal of ensuring the security of our nation's critical infrastructure, these issues must be addressed before S. 2145 becomes law. Federal preemption Throughout Section II of the Committee Report, the need for ``a comprehensive national chemical security strategy'' is emphasized. The report concludes that nearly five years after the attacks of September 11, 2001, ``the Federal government is authorized to regulate only segments of the chemical sector, creating a patchwork of regulation.'' Additionally, numerous witnesses testified regarding the importance of Federal preemption and the need to eliminate the patchwork of regulatory authority. In the Discussion of Legislation, Section III of the Committee Report states that S. 2145 ``will replace an existing patchwork of voluntary and regulatory'' measures. I strongly agree with the need to have a strong federal regulatory authority, but S. 2145 does not accomplish this goal. Rather the bill encourages states to further regulate facilities by declaring that none of its provisions affect any ``right'' of states to impose ``more stringent'' requirements. The bill's only limit on state regulation is if they ``actual[ly] conflict'' with a provision of the bill. Without strict federal preemption, the States will have incentive to further regulate facilities, regardless of this language. Article I Section 8 of the Constitution clearly states that Congress is delegated the power to provide for the common defense. We, in the Congress, have the duty to provide for the security of our states and our people. The absence of strong preemption language is an abdication of the Federal Government's Constitutional responsibility to national defense. Without Federal preemption, we also run the risk of disparate regulatory standards as states establish their own regulatory regimes in addition to the federal standard. Federal preemption of state regulation is necessary to establish a single set of national standards to avoid a confusing, costly, and inconsistent patchwork of security regulations with which the chemical industry has to comply. Strong protection of information S. 2145 as introduced limited the degree of protection it provided for sensitive security information that DHS obtains from a chemical facility under the bill. Though I am pleased that many of these shortcomings were addressed during the Committee's consideration of the bill, S. 2145 still does not adequately protect sensitive security information. It contains no provision for protecting ``protected information'' submitted by DHS to a court or administrative law judge in the course of an enforcement action. It does not protect ``protected information'' in the hands of facility owners and operators from civil discovery. Further, it does not forbid the release of ``protected'' information by anyone at the Federal, State or local level. When the Federal government compels the disclosure of sensitive security and business related information from the private sector for the purpose of national security, this information should be comprehensively protected from public disclosure. Inadequate protection of information could provide terrorists and other criminals with a blue-print of the vulnerabilities of this nation's chemical sector. Congress must adequately protect sensitive security information by ensuring that the information shall not be subject to release or discovery in judicial or administrative proceedings, and that sensitive security information shall not be disclosed under any State or local law providing for public access to information. Current security operations The U.S. Coast Guard enforces the performance-based standards of the Maritime Transportation Security Act (MTSA) for many of the nation's largest chemical plants. This bill would require those facilities that are already complying with MTSA to also comply with this act. The report states that ``the Committee does not want to duplicate efforts;'' however, the language in S. 2145 would do exactly that. S. 2145 subjects those facilities already regulated under MTSA to unnecessary additional regulation. This requirement would be unduly burdensome for companies that have already gone to great lengths to secure their facilities. On July 17, 2005, Coast Guard Admiral Craig E. Bone testified before the Committee that under MTSA, the Coast Guard reviews and approves federal security plans for over 300 chemical facilities. In addition to that, the Coast Guard has completed inspections of all facilities that currently have Facility Security Plans or Alternative Security Plans to verify that they are in compliance. Admiral Bone described the compliance by the industry as ``commendable.'' We should not only allow, but encourage the Coast Guard to maintain the working relationship that it has established with those chemical facilities it regulates. S. 2145 should not disrupt this effective regulatory regime. We must harmonize the regulatory regime that this bill would establish withexisting Federal law and private sector efforts to provide for the security of chemical facilities. With seamless integration, we will both enhance security and preserve the working relationship between the Coast Guard and those facilities regulated under MTSA. Environmental provisions The report notes that the bill's definition of a security measure might include ``the modification, processing, substitution, or reduction of substances of concern'' as indicated in Section 2(11)(B)(vii)(III).'' It further states that, although the terms are recognized as elements of the concept of inherently safer technology (IST), they ``are not included in the bill to provide the Secretary with the power to require a facility to implement IST.'' First, there is no precedent for including the concept of process change in a security bill. The concept is not consistent with security precedent set by the BioTerrorism Act, the Maritime Transportation Security Act, the Atomic Energy Act, or the Homeland Security Act. These laws focus on hardening facilities, not mandating ``private sector'' process change. Second, IST is a safety and environmental issue to be addressed before the Environment and Public Works Committee. Within the executive branch, safety and environmental concerns are addressed and regulated by the Occupational Safety and Health Administration and by the Environmental Protection Agency (EPA), respectively through their Process Safety Management and Risk Management Program rules, not the Department of Homeland Security. Though the EPA encourages consideration of IST, during the Clinton Administration, EPA consciously chose not to mandate either analyses or implementation of IST, in their Risk Management Program. The preamble to the RMP rulemaking states the following: <bullet> EPA has decided not to mandate inherently safer technology analyses; <bullet> As many commenters, including those that support such analyses, pointed out, an assessment of inherently safer design alternatives has the most benefit in the development of new processes; <bullet> Although some existing processes may be superficially judged to be inherently less safer than other processes, EPA believes these processes can be safely operated through management and control of the hazards without spending resources searching for unavailable or unaffordable new process technologies''; <bullet> ``Inherently safer processes'' is a developing concept and is not ready for general application; and <bullet> The implementation of IST frequently displaces risk rather than reducing it. Given this conclusion, it would be premature at best to include this concept in a security bill. The IST language should be removed from S. 2145. Conclusion Despite these concerns, I wholeheartedly support the goal of ensuring the security of our nation's critical infrastructure. I look forward to continuing to work with all interested Senators to improve this important homeland security legislation. George V. Voinovich. ADDITIONAL VIEWS OF SENATORS LIEBERMAN, AKAKA AND LAUTENBERG This bill is the product of extensive work in the Homeland Security and Governmental Affairs Committee to explore the risks of a possible terrorist attack on our chemical facilities, as well as the best means to guard against those risks. The report well summarizes the background and need for this legislation, as well as the provisions of the bill. It reflects the strong bipartisan consensus behind most of the provisions of this legislation. We write separately, however, to express our distinct views on a few key areas of the legislation--the role of safer technologies to promote security, protection of information, and judicial review--and to underscore the importance of the bill's language on preemption. Inherently Safer Technology (IST) This legislation recognizes that sometimes the best security will come not from adding guards and gates, but from reexamining the way chemical operations are carried out in order to reduce the amount of hazardous substances on site, improve the way they are stored or processed, or find safer substitutes for the chemicals themselves. These changes limit the loss of life or other damage in the event of an attack, and therefore make a facility a less inviting target for terrorists to begin with. They also have the added benefit of limiting the harm from an accidental release. This bill clearly requires facilities to look at the risks and consequences related to the dangerous chemicals on site and address those specific vulnerabilities in their security plan. And it includes these process changes among the menu of security measures that chemical facilities should examine when designing their security plans. Indeed, the central mission of this bill is to help these facilities reduce their risk. One of the most effective ways to reduce risk is to reduce the consequence of an attack, and the most effective way to eliminate consequence for certain facilities may be the reduction of deadly chemicals on site, the modification of the way they are made, or the substitution of safer chemicals. It is common sense that if a facility owner can replace a deadly chemical with a safer chemical that would not kill thousands of people, if released, then at the very least DHS should be able discuss such a consequence-reducing measure with an owner of a chemical facility. As repositories of extremely dangerous chemicals, too many of these facilities are--in the words of homeland security expert Steve Flynn--sitting ``weapons of mass destruction.'' But as soon as they switch to safer chemicals or processes, the weapon is disarmed. During our hearings, we heard from several experts about the importance and viability of this approach for enhancing security as well as safety. The Honorable Gerald V. Poje, former Board Member, U.S. Chemical Safety and Hazard Investigation Board, testified on July 13, 2005 before the Committee, stressing the connection between safety and security, saying ``I urge the Committee to see the development and maintenance of competent management systems for safety as essential underpinnings to enhanced security.'' Also testifying before the Committee on the same day, Glenn Erwin, Project Director, Triangle of Prevention Program, United Steelworkers International Union, advocated substituting less toxic materials where possible toreduce the potential risk to human life or storing smaller volumes of these chemicals, and said a mandatory review of such options should be part of a chemical security program. Also on July 13, 2005, Carol L. Andress, Economic Development Specialist, Environmental Defense, testified that numerous water and wastewater facilities and refineries have already dramatically reduced their risk of a catastrophic accident or terrorist attack by switching to safer chemicals and processes. We had a powerful example of such an adjustment close by: after 9/11 focused our attention on potential targets in our midst, Washington D.C.'s water treatment facility ended the use of its potentially deadly liquid chlorine. Indeed, according to an April 2006 study by the Center for American Progress, almost 300 facilities that used acutely dangerous chemicals have dramatically reduced the risk to workers and surrounding communities by switching to less dangerous chemicals or processes. These include an array of facilities in fields ranging from electric power production to glass manufacturing to hazardous waste processing. We know that many facilities, and many security experts, already look to these less dangerous technologies as a potent and cost-effective way to improve security against a possible terror attack. But we also know that, for some facilities, there can be reluctance or structural impediments to looking at these technological solutions. That is why we feel this bill should go further and include more explicit requirements for chemical facilities to consider less dangerous technologies when they make the security enhancements required under this bill. In particular, the riskier facilities--some of which could endanger tens or hundreds of thousands of lives if attacked--should have to demonstrate that they have looked closely at options that would reduce the catastrophic consequences of a possible terrorist attack. During markup, Senator Lieberman and Senator Lautenberg offered an amendment that would have required that at least 360 of the most high risk chemical facilities examine safer technologies as a means to improve security, and implement them where feasible. This is not a question of forcing industry to conduct its operations off a government-issued play book. Companies would analyze for themselves whether there are less dangerous ways to conduct their business and would not be required to implement any changes that were not feasible or merely shifted risk elsewhere. But given the extraordinary risks involved, it makes little sense not to require companies to at least take a long hard look at some of the common-sense solutions that have been advocated or already adopted by others within the industry. We regret that our colleagues did not adopt the Lieberman- Lautenberg amendment, and we will continue to work to try to have such a provision adopted as part of final chemical security legislation. Protection of information Of course, none of us would want to release sensitive information about a chemical plant that would be useful to a terrorist. However, excessive secrecy in a government security program can actually makes us less, not more safe. This is because some degree of transparency is necessary to help us make government programs more accountable and effective. Also, local communities and their elected officials deserve to know whether local facilities are being kept safe against a terrorist attack, and the community's vigilance can help make us all safer. We believe that the S. 2145 bill that the Chairman and Senator Lieberman introduced achieved the right combination of protecting real security information, while allowing enough disclosure to create accountability. We regret, however, that the Committee agreed to an amendment offered by Senator Voinovich that would tilt that balance in the direction of undue secrecy. Under the original bill, orders and certifications would be released to enable the community to know whether they are being kept safe and to keep the program accountable. But the Secretary could postpone the release of any order or certification as long as necessary, whether to give the source time to fix a problem, or for any other reason if the Secretary thinks that release would risk security. Senator Voinovich's amendment changed that and now the bill would require all orders to be kept secret, and would even make certifications and certificates of compliance secret unless the Secretary makes a specific finding that release would not create a security risk. Some have expressed concern that if DHS tells the public whether certain chemical plants are in compliance or not, terrorists will know where to devote their attention. However, we believe that concern is just not realistic. While the orders or certificates made public would identify the facility, they would not provide any detail about the facility or the kind of vulnerability involved. Moreover, if there ever actually were a potential risk from disclosing an order or certification, the original bill authorized the Secretary to protect this information, and keep it from being released to the public as long as necessary. Judicial review We deeply regret that during markup our colleagues adopted language that would restrict judicial review under the regulatory program that would be established by the bill. These restrictions were added in an amendment offered by Senator Voinovich and received almost no discussion at the markup. They create a one-sided regime in which chemical facilities can challenge a regulatory determination regarding their facility, but no other parties can bring such a challenge or even participate in a proceeding initiated by industry. It also appears to preclude an array of possible challenges regarding overall administration of the chemical security program, including a lawsuit challenging lax administration or ``failure to act'' by the Department. We are unaware of any comparable restrictions for a similar program and proponents have not offered any clear justification for them. The Administrative Procedures Act, which governs these questions in the absence of overriding statutory language such as Senator Voinovich's amendment, already contains a series of checks and balances that have been carefully developed over time. Courts have well established procedures for handling sensitive or classified information. No one has explained to us why this system is not adequate to handle the chemical security program proposed by this legislation. In the absence of a compelling need, we do not think we should tamper with the rights of concerned parties to seek judicial review under this critical program. We are dealing with an issue that has enormous consequences for the lives and safety of hundreds of thousands of people living within range of a chemical plant; we should not restrict the right to seek judicial review under the chemical security program unless we have identified an overriding need to do so. Anti-preemption Finally, we wish to emphasize the importance of this bill's provision regarding preemption. This bill recognizes that Congress is not the only body that can and should help ensure the safety and security of the nation's chemical facilities. States and localities have long regulated such facilities for various safety and environmental concerns. Since 9/11, some states have also moved to require security improvements at these facilities. These state and local protections are critical companions to our effort at the federal level, and we are pleased that this bill states clearly that it does not preempt state and local laws or regulations regarding the safety and security of chemical facilities. States and localities are free to enact more stringent chemical security legislation. Only if there is an absolute conflict, such that it is impossible for a facility to comply with both the federal law and a state or local law or regulation on chemical security, would the federal provision take precedence. The bill would not disrupt state and local safety and environmental law regarding chemical facilities, nor does it seek to dislodge or alter the operation of state common law with respect to such facilities. We are pleased that during markup the Committee voted to reject an amendment that would have weakened this non- preemption mandate in the bill. Frank R. Lautenberg. Daniel K. Akaka. Joe Lieberman. ADDITIONAL VIEWS OF SENATOR LAUTENBERG Securing our chemical facilities from terrorist or other criminal attacks is one of the most important steps that Congress can take to protect the public from grievous harm, and our infrastructure and economy from severe disruption. I am frustrated and disturbed at how difficult it has proven, in the wake of 9/11, for Congress and the President to ignore the clamor of special interests and pass a strong, meaningful chemical security bill. I introduced the first chemical security bill in Congress in 1999. Since then, I have worked with my fellow New Jersey Senators, John Corzine and Robert Menendez, to advance federal chemical security legislation and protect the right of New Jersey and other states to adopt strong chemical security protections. This year, I introduced a new chemical security bill, S. 2486, the Chemical Security and Safety Act of 2006, with Senators Obama, Menendez, Kerry, Durbin and Biden. I did this in part because there are several important elements that I believe should be part of any chemical security bill Congress passes, that are not yet part of S. 2145. Some of these elements are briefly summarized below. Inherently safer technology We should not mislead people to believe that simply adding gates, guards, and guns at our chemical facilities will be sufficient to protect workers and nearby residents from a terrorist attack. The legislation that I introduced in 1999 required the nation's highest risk chemical facilities to adopt ``inherently safer technology'' (IST) to the maximum extent possible. That approach made sense two years before 9/11, and it makes even greater sense now. The bill I introduced this year contains a similar approach, requiring the adoption of IST where possible. Whether substituting safer chemicals, adopting different manufacturing processes, reducing the amount of chemicals stored on site, or making other changes at these high-risk facilities, it is appropriate to improve the safety and security of the public from attacks or accidents where it is possible to do so. The Bush administration, the chemical industry, and others continue to suggest that IST is simply an environmental issue, unrelated to the issue of national security. But a recent report by the National Research Council of the National Academy of Sciences found ``the most desirable solution to preventing chemical releases is to reduce or eliminate the hazard where possible, not to control it.'' (Emphasis added) This study was requested by the Department of Homeland Security (DHS), and was written by a panel of chemical industry members, consultants, and academics. Their conclusion was about the benefits of IST for our security, not our environment. The presumed distinction between strong security measures and environmental protection is simply false. Our dependency on oil is a national security issue; while many of the ways to reduce that dependency would make us safer and would also benefit the environment. Similarly, requiring facilities to adopt IST where possible makes sense for security, productivity, profitability, and the environment. Hundreds of facilities have already adopted some form of IST. The citizens living near these facilities are now safer. We should ensure that the highest risk facilities in the nation make such changes where it is practical to do so. We don't have the resources to protect every chemical facility that is a potential target. So we need to eliminate as many potential targets as possible. Adopting safer technologies will allow us to focus on those facilities where the risk of attack can't be eliminated. At the mark-up of S. 2145, Senator Lieberman and I offered an IST amendment. Unfortunately, that amendment was defeated. I have joined Senator Lieberman's additional views, which contain additional discussion of the IST issue, and our amendment in particular. I appreciate Senator Lieberman's leadership and commitment to this important aspect of a meaningful chemical security policy, and I will continue to work with him to improve any chemical security legislation by ensuring that IST provisions are included. A role for workers in ensuring chemical security My legislation contains several provisions that give workers at chemical facilities a role in developing vulnerability assessments, site security and response plans, participating in inspections, and ensuring the security and safety of their facilities generally. It is just common sense that workers at chemical plants should help develop assessments and plans, participate in inspections, and consult regularly with management. Workers have hands-on experience and up-close insights on how to improve safety and security where they work. They have the most to lose--their jobs and possibly their lives--if security falls short. We will have a weaker national chemical security policy if we don't involve those who are working in the plants that are at risk of attack. There is no good argument against including workers in the development of chemical plant security plans, and I hope that provisions to that effect will be included in whatever legislation is ultimately adopted. General duty to protect the public from terrorist or other criminal attacks Under Section 112(r) of the Clean Air Act, chemical facilities have a ``general duty'' to operate in a manner to protect public health and safety and the environment from chemical releases. Facilities are required to develop Risk Management Plans (RMPs) which include detailed safety and emergency response plans in the event of an accidental chemical release. The legislation I introduced in 1999, as well as the legislation I introduced this year with Senators Obama, Menendez, and others would amend the current ``general duty'' provision in the Clean Air Act to include a responsibility to protectworkers and the surrounding public from the threat posed by a terrorist or other criminal attack on these high-risk facilities. The facilities covered under Section 112(r) are the highest risk facilities in the country because they store a sufficient amount of dangerous chemicals to be a significant threat to the surrounding community if they are not operated in a safe manner. It is hard to understand why we would want these facilities to have a general duty to protect the public from an accidental chemical release, but not a release that could result from a terrorist or other criminal attacks. I recognize that in implementing whatever chemical security legislation is ultimately enacted, DHS and its partners at the federal, state, and local levels will need to prioritize their focus on those facilities that pose the greatest risk. S. 2486 and S. 2145 both contain provisions to allow for such prioritization. DHS and others have advocated for legislation with a scope narrower than the facilities currently covered under section 112(r). I continue to believe that a general duty to operate in a manner that ensures the security and safety of workers and surrounding communities is appropriate for all of the facilities that are currently required to have Risk Management Plans. Role of the environmental protection agency My legislation would ensure that, in establishing requirements for chemical facilities, and otherwise implementing a chemical security program, the Secretary of DHS consults with the Administrator of the Environmental Protection Agency (EPA). EPA has an enormous amount of institutional knowledge concerning chemical plants that can benefit DHS as it takes the lead role in implementing a national chemical security program. EPA has administered the nation's chemical safety program pursuant to the Clean Air Act since 1990. Chemical security legislation adopted by Congress should require DHS to consult with EPA, to ensure that DHS has the best possible information and analysis at its disposal in implementing our national chemical security policy. One of the lessons of Hurricane Katrina is that we don't want information to be ``stove-piped'' at different agencies. We need to ensure collaboration and cooperation across many departments and agencies to get the best results. That principle seems particularly important when the issue is preventing a terrorist attack on a chemical facility. I was very disturbed to hear that when the Government Accountability Office (GAO) recently recommended that DHS collaborate with EPA on studying the potential benefits of IST for improving chemical security, DHS rejected GAO's recommendation, in part out of concern that doing so would upset the chemical industry. That should not be the basis for developing any part of our national security policy. I recognize that the chemical industry would like to exclude EPA from any role in our chemical security policy, but we should not cater to the industry on this point. As chemical security legislation continues to be debated by the Congress, Members should ask themselves: If EPA's knowledge of chemical facilities is irrelevant to security concerns, why have we ceded responsibility for security at our wastewater and drinking water treatment facilities to EPA? Under S. 2486 and S. 2145, the Secretary of DHS will be in charge of our chemical security policy, but we should ensure that the Secretary and all other DHS personnel take advantage of the valuable institutional experience and knowledge residing at EPA. Anti-preemption Perhaps the most important issue for New Jersey with regard to federal chemical security legislation is whether our State will retain the authority to adopt more stringent protections than whatever Congress may enact. Some 700 people from New Jersey were killed on 9/11. New Jersey is one of the states most vulnerable to a terrorist attack: It is home to what counter-terrorism experts at the Federal Bureau of Investigation have called ``the most dangerous two miles in America,'' the stretch between Newark Airport and Port Elizabeth, in great part due to the presence of chemical facilities. Elsewhere in the State, twelve million people could be endangered if the Kuehne chemical plant in Kearny were to be attacked. New Jersey has a long and proud history of adopting strong legislation to protect the health and safety of its citizens, and the environment, without waiting for the Federal Government to act. In the wake of the catastrophic chemical leak in Bhopal, India, in 1984, which killed thousands of innocent people, the New Jersey legislature passed the Toxic Catastrophe Prevention Act (TCPA). This law requires facilities that handle extraordinarily hazardous substances above certain inventory thresholds to prepare and implement risk management plans. The plans must include detailed procedures for safety reviews of design and operation, operating procedures, maintenance procedures, training activities, emergency response, process hazard analysis with risk assessment, and self-auditing procedures. The TCPA became the model for Section 112(r) of the Clean Air Act, which established a similar requirement to develop risk management plans for the highest risk chemical facilities in the country, of which there are approximately 15,000. Since 9/11, New Jersey has taken several steps to strengthen the TCPA, and to adopt additional measures to enhance the security of New Jersey citizens from terrorist or other criminal attacks on chemical plants. I find it unbelievable that five years after 9/11, with no meaningful action by Congress, the administration, or the chemical industry to adopt strong chemical security legislation; there is now a push to prevent states and local communities from taking the necessary steps to protect their citizens. The safety of the citizens of New Jersey or any other state or local community which wishes to protect itself should not be subject to the delaying tactics of industries that seek to avoid regulation and oversight. Nor should state or local governments be forced to settle for whatever compromises are ultimately reached at the federal level if, in their view, greater protections are needed for their citizens. An amendment was offered at the Homeland Security and Government Affairs Committee mark-up of S. 2145 to preempt states and local communities from adopting stronger chemical legislation. Fortunately, the amendment was defeated. I thank those Senators who voted against that amendment, and particularly want to express my appreciation to the Chair and Ranking Member for their steadfast opposition to adding preemption language to any chemical security legislation. Although I believe that my legislation is superior to S. 2145, I voted to report S. 2145 to the floor because I think it is imperative that we make progress in this critical area of our nation's security. S. 2145--as long as it retains explicit anti-preemption language--would be an improvement over the status quo. I appreciate the tremendous amount of work the Chair and Ranking Member and their staff put into developing this legislation, and I look forward to the opportunity to work with them to make a good bill better when the full Senate considers it. Frank R. Lautenberg. <all>