Lieutenant Commander Loan T. O’Brien
Docket Management Facility (M-30)
U.S. Department of Transportation
West Building Ground Floor
Room W12-140
1200 New Jersey Avenue SE
Washington, D.C. 20590
RE: Docket No. USCG – 2007 – 28915
RIN 1625 – AB21
Transportation Worker Identification Credential (TWIC) – Reader Requirements, Notice of Proposed Rulemaking
Coast Guard, DHS
Dear Lieutenant Commander O’Brien:
On behalf of the Transportation Trades Department, AFL-CIO (TTD), I write to comment on the Coast Guard’s Notice of Proposed Rulemaking (NPRM) on Transportation Worker Identification Credential (TWIC) Reader Requirements. By way of background, TTD consists of 33 affiliated unions, including those that represent tens of thousands of longshore, maritime, rail and other workers who work in and around seaport facilities and on vessels that would be directly impacted by this rulemaking.[1]
For reasons explained below, we support the Coast Guard’s proposal to require TWIC Readers only at certain high-risk facilities. But before the Coast Guard moves forward with even a limited implementation of TWIC Readers, we believe the Administration and Congress should reconsider the requirement that the TWIC program include any reader mandate in the first place. TTD has long insisted that any transportation worker credentialing program must actually enhance security while not imposing undue burdens or jeopardizing the basic rights of front-line workers who must enroll in the program. In our view, the TWIC program, with a biometric credential and reader requirement, does not meet this most basic test. As the GAO noted in its report released last month, after 11 years, with 2.3 million cards issued, and hundreds of millions of dollars spent, the security benefits of the TWIC program have still not been demonstrated. Given this latest analysis, confirmed by earlier studies and our own members’ experiences and observations, TTD believes the TWIC program needs a change of course.
If the Coast Guard does proceed with a rulemaking on TWIC Readers, we offer our support for limiting the requirement to install readers to only the facilities and vessels where the risk of harm is expected to be the greatest. We agree with the Coast Guard’s efforts to implement any TWIC reader program in a manner that does not impose “undue burdens”[2] on the MTSA regulated community and that “not all vessels and facilities face security risks that justify the costs and other burdens that would result from a universal TWIC reader requirement ….”[3]
To accomplish this objective, the Coast Guard has used a risk-based analysis to classify MTSA regulated vessels and facilities into three “Risk-Group” categories with only Risk Group A currently required to install readers. We support the risk-based analysis, and believe that the recognition by the Coast Guard that TWIC readers are not needed universally is to be commended. We do note that no such analysis exists or is being proposed for workers who actually have to pay for, apply and be subject to a threat assessment to receive a TWIC in the first place. While most MTSA regulated vessels and facilities will not be required to install readers under this NPRM, every single worker who needs unescorted access will still be required to hold a TWIC that has a biometric component that can be received by a reader. This inconsistency would at least be partially addressed if the requirement that TWICs operate with readers was repealed. More broadly, a risk-based approach should be considered for whether all front-line workers need to be subject to the burdens and costs of a TWIC credential.
Where readers are required to be installed, it’s crucial that worker privacy and confidentiality is maintained. TTD has consistently stated that information generated or collected about workers by the TWIC process must be protected. Towards this end and at our request, 46 USC section 70105(e) includes language stating that the “[i]nformation obtained by the Attorney General or the Secretary under this section may not be made available to the public, including the individual’s employer.” Consistent with this language, information gathered by a TWIC reader from a worker’s card must not be shared with an employer or otherwise publicly released.
We appreciate the Coast Guard’s recognition of the privacy concerns associated with the collection of information, and we support its proposal to classify a cardholder’s name (when recorded), FASC-N, and the date and time access was granted, as Sensitive Security Information (SSI) and protected in accordance with 49 CFR Part 1520. The unauthorized disclosure of this information would be grounds for civil penalties or other enforcement actions by the Department of Homeland Security.
While we support this classification, TTD urges the Coast Guard to make clear that such protective measures must apply to all reader records, whether identifying a single individual or taken collectively to represent an aggregate workforce. In addition, it should be clear that reader records may be used for security purposes only and may not be used in labor-management issues.
We’re concerned that this NPRM would require owners and operators to maintain reader records for a minimum of two years. We understand that the Coast Guard proposed two years in order to be consistent with other vessel and facility recordkeeping requirements and that it believes records could be useful to law enforcement should a security breach occur. However, TTD submits that such a long timeframe presents opportunities for the information to be mishandled or misused, and that a shorter window would still provide law enforcement sufficient data to assist in security investigations as needed.
Under the proposed rule, the Coast Guard may grant TWIC holders unescorted access to secure areas for no more than seven consecutive days when a TWIC reader or a TWIC malfunctions. We support this provision but feel that seven days may not be enough time for a worker to replace a TWIC. We also submit that when a TWIC is found to be defective through no fault of the worker, the employee should be relieved of all costs associated with replacing it. TTD has consistently expressed our vehement opposition to the logistical and financial burden the TWIC program places on workers. Since they are already saddled with the responsibility of obtaining a TWIC, workers should not be responsible for the replacement costs when their card is defective for reasons beyond their control.
We support Coast Guard’s risk-based approach in determining where to mandate the installation of TWIC readers. We appreciate the opportunity to comment on this rulemaking and hope that the Coast Guard will make the changes we have suggested, as they are needed to enhance worker privacy and to create a better functioning system.
Sincerely,
Edward Wytkind
President
[1] Attached is a list of TTD’s affiliated unions.
[2] 78 Fed. Reg. 56 (March 22, 2013) at 17785.
[3] 78 Fed. Reg. 56 (March 22, 2013) at 17784.