Security Threat Assessments for Hazmat Drivers

CRS Report for Congress
Security Threat Assessments
for Hazmat Drivers
January 25, 2005
David Randall Peterman
Analyst in Science and Technology
Resources, Science, and Industry Division


Congressional Research Service ˜ The Library of Congress

Note: Paul Rothberg, who has retired from CRS, is the author of this report. Randy
Peterman is the CRS analyst who currently handles issues covered by this report.



Security Threat Assessments for Hazmat Drivers
Summary
The Transportation Security Administration (TSA) is gradually implementing
Section 1012 of the USA PATRIOT Act (P.L. 107-56). This provision seeks to
reduce some of the security risks associated with hazardous materials (hazmat)
transportation by requiring a security threat assessment of drivers with a hazmat
endorsement on their commercial drivers license (CDL). This process, which
includes immigration and database checks, may deter a terrorist from obtaining or
keeping such an endorsement; nevertheless, the hazmat transportation system
remains vulnerable to attack. Members of Congress are overseeing implementation
of TSA’s program, reviewing its financial impacts, and deciding whether to explicitly
require in law a comparable review of Canadian- and Mexican-domiciled drivers
transporting specified hazmats into the United States.
During 2004 TSA screened 2.7 million drivers with a hazmat endorsement by
comparing their names to those on databases. These checks generated more than 100
leads that were sent to the FBI. TSA recognizes that the reliability of this process
will be improved by incorporating a fingerprint-based criminal background check.
For each of the next five years, TSA will put roughly 1/5 of the drivers with, or
seeking, a hazmat endorsement through a more comprehensive threat assessment
process, including a fingerprint-based records review. This complex process is
underpinned by detailed federal regulations and state procedures that pose costs or
uncertainties for drivers or carriers. Federal program fees will likely cost each
affected driver roughly $100 every five years or so plus any additional state licensing
fees. For the first five years of the effort, TSA estimates that the total of its start-up
and recurring program costs will be about $72.4 million, but this figure is likely to
change. Through its adjudication process, TSA will face the difficult task of quickly
responding to many drivers appealing TSA’s initial decisions effectively denying
their hazmat endorsement or seeking waivers from program standards.
TSA and the states have faced many challenges in the development and
implementation of this initiative. The complete program was originally planned to
start in 2003, however, it has been delayed several times. Starting January 31, 2005,
TSA will not permit a state to issue a new hazmat endorsement with a CDL until a
determination has been made that an applicant does not pose a security threat.
Starting May 31, 2005, this TSA rule also applies to drivers seeking either to renew
a CDL with this endorsement, or, in some cases, to transfer his/her license from one
state to another.
Congress might consider whether to: help the states pay for their costs to
implement TSA’s program by specifying that any fee collected by TSA also must
reflect state costs and must be shared with the states, conduct additional oversight on
TSA’s hazmat threat assessment process, evaluate whether TSA should be required
to combine its hazmat security threat process with its Transportation Workers
Identification Credential (TWIC) program, or delay the fingerprint-based portion of
the check until the TWIC is deployed. Each of these options poses its own set of
unique costs and benefits that would need to be evaluated. This report will not be
updated.



Contents
TSA and Security Threat Assessments of Hazmat Drivers..................2
The First Phase................................................4
Second Phase.................................................4
Brief History of the Program.....................................7
Current Status.................................................9
State Funding, and Federal Funding and Fees for TSA................11
Policy Concerns..................................................13
Policy Options...............................................14
Selected Industry and Driver Concerns Regarding TSA’s Program .....15
Concluding Observation.......................................17
Clara Brigidini, Resources, Science, and Industry Division, provided editorial
support.



Security Threat Assessments for
Hazmat Drivers
The Transportation Security Administration (TSA), within the Department of
Homeland Security, assesses various intelligence sources and other data to identify
persons who they determine to pose a security threat. TSA has been assigned the
lead responsibility for conducting a security threat assessment on specified hazardous
materials (hazmat) drivers. When implementing this responsibility, TSA seeks to
determine whether an individual poses a security threat necessitating denial of a
hazmat endorsement as part of a commercial drivers license (CDL). The
endorsement basically authorizes a driver who has passed a knowledge test regarding
hazmat transportation and meets other requirements to transport specified amounts
or types of hazmats.1 2 Through a series of regulations and other activities, the TSA
is gradually instituting a detailed and relatively comprehensive security threat
assessment process that covers many hazmat drivers. Starting January 31, 2005, TSA
plans for the complete process to include a criminal history records check, an
immigration check, and an intelligence-related check.
This report summarizes TSA’s security threat assessment process that affects
millions of hazmat drivers and thousands of hazmat companies. Key public policy
issues associated with TSA’s program to check the background of hazmat drivers are
analyzed. The current status of this initiative and projected timetable for
implementation are discussed. Some of the past and future challenges faced by the
TSA, the states, and drivers in either establishing or complying with this initiative are
reviewed. Federal funding and fees associated with this program are detailed. Key
disagreements among components of the hazmat trucking industry and TSA
regarding this security threat assessment program are analyzed. Finally, various
policy options regarding the future of this program are considered.


1 Any driver that might be subject to safety or security regulations, including those
pertaining to hazmat transportation, chemical or biological materials or agents determined
by the Secretary of Health and Human Services or the Attorney General as being a threat to
the national security of the United States, the commercial drivers license, or the hazmat
endorsement, should not rely on this report but instead should consult and follow official
regulatory information. This report does not specify all of the relevant requirements.
2 For example, there are various training requirements for hazmat employees. The
knowledge test for the hazmat endorsement is in addition to the more general knowledge and
skills tests required for a CDL.

TSA and Security Threat Assessments of
Hazmat Drivers
Especially since 9/11, public and industry officials want to know more about the
background of drivers transporting hazmat. Partly, in response to that concern,
Congress enacted Section 1012 of the USA PATRIOT Act (P.L. 107-56), which
seeks to reduce some of the risks associated with hazmat transportation by requiring
background checks on drivers transporting certain hazmat shipments, i.e., drivers
who need a hazmat endorsement on their CDL.3 4 The complete check includes a
review of relevant intelligence and criminal history data bases. TSA’s regulations
state that the USA PATRIOT Act and the Safe Explosives Act require a check of
various data bases to determine the driver’s status under U.S. immigration laws.
TSA requires the applicant for a security threat assessment to meet certain
specifications. For example, the person must be qualified to hold a CDL and be a
U.S. citizen or a lawful permanent resident or meet other criteria.5 P.L. 107-56 also
requires, as appropriate, a check of the relevant international data bases through
Interpol-U.S. National Central Bureau or other appropriate means. TSA states that
it also will check terrorist watch lists.
According to TSA’s regulations, there are many different factors that can be
used to determine that a driver poses a security threat and thus must, in general, be
disqualified from obtaining a hazmat endorsement. For example, individuals who
have been convicted of certain felonies, who are specified fugitives, who have been
adjudicated as mentally incompetent or involuntarily committed to a mental
institution, or who are determined to pose a threat by terrorism or a threat to national
transportation security will not be allowed to hold a hazmat endorsement (HME).6
TSA’s regulations specify conditions and procedures under which a driver who TSA
deemed to pose a security threat can appeal this decision. Also, TSA’s regulations
allow drivers who could not otherwise obtain a HME, due to disqualifying felony
conviction or lack of mental capacity, to obtain a waiver under specified conditions.7


3 The limitation on the licensing action, according to P.L. 107-56, “... (a) shall apply with
respect to —
“(1) any material defined as a hazardous material by the Secretary of Transportation; and
(2) any chemical or biological material or agent determined by the Secretary of Health and
Human Services or the Attorney General as being a threat to the national security of the
United States.”
4 TSA maintains that it is also required to conduct background checks under Sections 1121-

1123 of the Safe Explosives Act.


5 For example, as specified in its November 24, 2004 interim final rule, “TSA has
determined that the security threat assessment standards should be changed to permit
nonimmigrant aliens, asylees, and refugees, who are in lawful status and possess valid and
unrestricted documentation establishing eligibility for employment to apply for an HME and
security threat assessment, if they are qualified to hold a CDL under 49 CFR parts 383 and

384.”


6 [http://www.tsa.gov/public/display?content=09000519800d3fd3].
7 The reader seeking more details on the program should consult:
(continued...)

A background check of a commercial driver is widely regarded as an important
security measure. A fingerprint-based criminal records review, coupled with an
intelligence-based review as part of a background check, is one of many components
in a “layered” system to promote security of hazmat transportation. TSA’s threat
assessment process may deter someone who may be a security risk or who may be
a terrorist from obtaining or keeping a hazmat endorsement. Would a terrorist want
to go through a criminal background check and have his/her name checked against
multiple data bases? By not being able to obtain or keep a HME, a person’s access
to some parts of the hazmat transportation system can be reduced, thus making it
more difficult to do harm. Also, TSA’s security threat process may make it more
difficult for a group of terrorists to organize a coordinated attack using hazmat.
However, TSA’s process is not intended or designed to address all the vulnerabilities
in the hazmat transportation system. In the war against terrorism, TSA’s assessment
process is viewed by some as a prudent measure, by others as a “feel good” measure;
it is recognized by all, however, that this investment is inherently limited in its
impact .8
TSA’s program has and will continue to affect the hazmat components of state
CDL programs. Federal law and regulations have the net impact of almost forcing
the states to participate in this program. More specifically, the Federal Motor Carrier
Safety Administration (FMCSA) in the Department of Transportation has issued a
requirement that the states must comply with the TSA requirements concerning
background records checks for hazmat drivers or else face the loss of a portion of
their Federal Highway aid program monies. FMCSA has issued a regulation that
prohibits states from issuing (including upgrading), transferring, or renewing a CDL
with a hazmat endorsement until TSA has determined that the applicant does not
pose a security threat warranting denial of the hazmat endorsement.9 TSA has
implemented its security threat assessment system in two major phases.


7 (...continued)
[http://www.tsa.gov/public/interapp/editorial/editorial_1730.xml]. TSA prepared the
following list of Final Rules, Interim Final Rules, amendments and exemptions regarding
its Hazmat Threat Assessment Program: May 5, 2003 Final Rule - 49 CFR Parts 1570 and

1572; November 7, 2003 Amended Interim Final Rule - 49 CFR Part 1572, Amendment No.


1572-2; April 6, 2004 Amended Interim Final Rule - 49 CFR Part 1572, Amendment No.


1572-3; July 22, 2004 Exemption Notice; November 10, 2004 Exemption Notice; and
November 24, 2004 Process Interim Final Rule.
8 There is virtually an unlimited number of ways that the hazmat transportation system is at
risk from an attack by terrorists. For example, tank trucks can be attacked, drivers can be
killed, and loads can be hijacked and released during shipment. Estimates indicate that there
are hundreds of thousands of highway hazmat shipments per day in the United States.
Simply put, there are too many points of vulnerability to ensure security during hazmat
transportation.
9 Upgrade occurs when someone with a CDL adds a hazmat endorsement to the license.

The First Phase
The initial cycle of this first phase, which was considered an interim or stop-gap
measure, has already been conducted. During 2004, TSA checked the names and
biographical data of some 2.7 million drivers with a hazmat endorsement on their
CDL against various government data bases, including those concerned with
terrorism. More specifically, TSA performed immigration and intelligence-related
checks on all drivers who hold a HME. One of the key questions TSA was
essentially asking was: Do any of these drivers present a potential terrorist threat?
One TSA official indicated that this name-based review yielded more than 100 leads
that were given to the FBI.10
TSA asserts that the terrorist-related data bases it searches are the best indication
of an individual’s predisposition to commit terrorist acts. If it were discovered
during the course of these name-based checks that an individual was suspected of
posing or poses a security threat, TSA stated that it would initiate action to have the
relevant state revoke that driver’s hazmat endorsement. The exact number of drivers
that have been disqualified and had their endorsement revoked is classified according
to TSA. TSA has stated that it repeats this name-based check periodically.
One key problem inherent in the initial cycle of the name-based checks is that
it was not underpinned with a biometric identifier that would be needed to help
confirm the identity of a driver whose background is undergoing review. Without
such an identifier, a name-based check of a particular driver against a terrorist watch
list can be subject to question. Once a fingerprint-based background record check
is conducted and coupled with a name-based check, the overall accuracy of TSA’s
threat assessment process would be enhanced considerably. TSA is instituting such
a system.
In addition to this initial name-based check, TSA also has instituted a self
reporting mechanism for drivers. As of September 2, 2003, TSA required any driver
with a HME that has committed a disqualifying offense to surrender the hazmat
endorsement. Some have questioned the effectiveness of this requirement. TSA
regulations specify that each state must immediately revoke a driver’s hazmat
endorsement if TSA informs it that the affected driver does not meet specified TSA’s
standards and issues an “Initial Determination of Threat Assessment and Immediate
Revocation.”
Second Phase
The first phase — the “name-based” check — is being followed by a second
phase planned to start, according to TSA’s regulations, no later than January 31,
2005. As of that date, no state may issue a new CDL with a hazmat endorsement to
a driver unless that state receives a “Determination of No Security Threat” notice
from the TSA for that driver. This notification, in essence, typically means that
based on the results of its security threat assessment, including a name-based (or
intelligence-based) data check and a fingerprint-based criminal record review, TSA


10 Personal communication with TSA, 2005.

has determined that the driver does not pose a security threat and should not be
denied for security reasons the hazmat endorsement on his or her license. Thus, this
second phase consists of a more comprehensive check than the first phase, including
a fingerprint-based criminal history records review conducted by the FBI.
Fingerprints help verify the claimed identity of the driver and are needed to conduct
the FBI’s criminal background check. When a name is matched with a fingerprint,
there is less chance of making a mistake regarding the identity of a particular driver
with an identical name. In sum, during the second phase, TSA determines whether
the applicant initially obtaining (including upgrading) a hazmat endorsement should
be disqualified because he or she has been convicted of one or more specified
offenses or does not meet other qualification standards detailed in Title 49 Code of
Federal Regulations Part 1572. As of May 31, 2005, this second phase check will
also apply to drivers seeking to renew, and in some cases transfer to another state,
their CDL with a hazmat endorsement.
During the last two years or so, TSA, FMCSA, FBI, the American Association
of Motor Vehicle Administrators (AAMVA — an organization of state licensing and
law enforcement officials), and various state driver licensing officials have been
working to specify the processes and institutional arrangements that will be needed
to conduct the second phase of the TSA process, i.e., to conduct a fingerprint-based
criminal background check and to obtain the other information needed by TSA to
complete its security threat assessment as specified in Part 1572. Although the
mechanisms and procedures are almost finalized (with some details still evolving),
it appears that the following generalized process will be used.
There are basically two options: states can collect the fingerprints as well as
the detailed security background information needed by TSA, or states can let a TSA
agent (contractor approved by TSA) conduct these functions. TSA requires each
state to specify whether it will obtain and submit fingerprints, applicant information,
and fees itself, or alternatively choose to have TSA’s agent complete those tasks.
TSA requires states to operate under their chosen system for several years, unless a
change is otherwise approved by TSA.
With respect to the first option, some states will collect fingerprints at their
driver licensing agency; some states will collect fingerprints at law enforcement
agencies; and still others will use a state-designated contractor to take the fingerprints
on their behalf. For those states that participate under the first option, two types of
information systems will need to be in place: a communications link or infrastructure
to submit fingerprints to the FBI, and an improved information system to transmit all
of the accompanying security-related background data to TSA. According to
AAMVA, some of the key activities that these states will undertake include
modifying their license application process for hazmat drivers to submit the needed
security-related information sought by TSA, modifying their Commercial Driver
Licensing Information System (CDLIS) program to ensure that this communications
link can transmit to TSA the background data needed for the security check, and



altering state business processes pertaining to licensing drivers with the hazmat
endorsement. 11
Other states will instruct their CDL drivers with a hazmat endorsement that need
to undergo a security threat assessment to visit the designated TSA agent. That agent
will collect fingerprints and submit these to the FBI for its criminal background
check. The TSA agent also will collect background information that will be
submitted to the TSA for input into its security threat assessment. (Some industry
managers and many drivers are concerned about how far drivers will need to travel
to have their fingerprints and background information taken at TSA agent facilities.)
All states will modify their CDLIS to receive TSA’s determination as to whether
a specific driver should be denied a hazmat endorsement based on the results of this
agency’s security assessment. Also, all states will implement training programs
regarding the new security assessment process for their licensing employees who deal
with hazmat drivers. Thus, even states choosing to use a TSA agent to collect
fingerprints and background driver information will have to make changes to their
CDL process. AAMVA, acting on behalf of the states, is to ensure that background
information transmitted through CDLIS to TSA includes the information required by
TSA. 12
TSA must also conduct many other functions during its security threat
assessment process. TSA operates its Credentialing Screening Gateway System —
an expert system that aggregates information from various sources and data bases and
performs an initial screening as to whether an applicant should be allowed to obtain
(or upgrade), renew, or transfer his/her hazmat endorsement. If no red flags are
raised as a result of checking multiple data bases, this system will notify the
appropriate state that the driver should not be refused — based on any security
concerns — issuance (including upgrade), transfer, or renewal of the CDL license
with the hazmat endorsement. This screening process also flags those drivers that
need to be reviewed more carefully by TSA. Its adjudicators have access to various
information systems and other means to further review such applications.13
TSA plans to conduct a complete security threat assessment on each HME
driver at least once every five-year period starting in 2005.14 FMCSA regulations
specify that a state may only issue a hazmat endorsement for up to five years before
it must be renewed. Thus, if a driver renews his/her license with the hazmat


11 CDLIS is the communications backbone of the CDL program and allows states to
communicate with each other electronically regarding CDL records.
12 Personal communication with AAMVA, 2004.
13 Personal communication with TSA, 2004.
14 According to TSA, see [http://www.tsa.gov/public/interapp/editorial/editorial_1730.xml],
“Generally, drivers must renew their Hazmat endorsement every five years, although States
may require more frequent reviews. The driver will be required to submit new fingerprints
at the time of renewal of the endorsement. If a driver has been convicted of a disqualifying
criminal offense or no longer meets the standards in the rule after obtaining the Hazmat
endorsement, his or her endorsement will be revoked.”

endorsement on May 30, 2005, it may not be until May 2010 before the license is
renewed and the driver is subject to a complete security threat assessment that
includes a fingerprint-based criminal background check. Thus, under its current
schedule, it will not be until sometime during mid to late 2010 before TSA completes
the first cycle of its complete security threat assessments on essentially all drivers
seeking to maintain or obtain a hazmat endorsement. It is important to point out that
most drivers will undergo a complete threat assessment before this outside date.
Also, during this five-year period, TSA plans to conduct periodic name-based checks
on all drivers holding the hazmat endorsement.
It will be a huge and complex task to fingerprint some 2.0 to 2.7 million drivers
seeking a hazmat endorsement or its renewal every five years or so, compare their
background data to that found on criminal and other data bases, and then use this
information to make decisions about who should be deemed a security threat or risk
for purposes of compliance with Section 1012 of the USA PATRIOT Act. Numerous
challenges have been faced and delays have occurred in setting up and beginning to
implement this entire process. As discussed subsequently, there are many
uncertainties. How efficiently will TSA be able to process the volume of requests it
receives? How much time will TSA take to respond to the numerous appeals and
waivers that are likely to be initiated by drivers? When will all of the states be ready
to comply with the various TSA requirements? Will additional delays occur in this
program? How will this program affect commercial drivers and hazmat carriers?
Brief History of the Program
TSA originally wanted its fingerprint-based security checks to start in 2003;
however, the agency has already delayed aspects of this program three times. On
May 5, 2003, TSA issued an Interim Final Rule (IFR) that required specified
commercial drivers to undergo a fingerprint-based, criminal history records check
(CHRC) and a name-based check of federal and international databases related to
terrorist activity. In November 2003, TSA amended its interim final rule to extend
the required start date for fingerprinting from November 3, 2003 to April 1, 2004.
The amendment also allowed the states to request a deadline extension from TSA,
up until December 1, 2004.
On April 6, 2004, TSA amended its regulations again, delayed various aspects
of program implementation, and decided to require all states to begin fingerprint-
based background checks of specified hazmat drivers by January 31, 2005.15 As
stated in the rule, TSA wanted to maximize flexibility for the states and sought to
ensure that the issuance of a CDL with a hazmat endorsement would not be impeded
by security requirements. TSA expected that the cost of the background check, to be
paid by the driver or by the employer if they so chose, will not exceed $100. TSA
stated that it intended to issue a regulation establishing fees to cover its costs, and
another regulation to codify background check processes and standards.
In setting up this program, TSA and the states have faced many challenges and
encountered delays. TSA reportedly took substantial time to delineate the technical


15 DHS. TSA. Federal Register. April 6, 2004: 17969.

design requirements for all of the communication and information systems and
protocols that will be needed for the states to interact with the TSA. In the past,
uncertainties associated with the program (including its requirements and
procedures) caused difficulties for some state officials. For example, Georgia’s
director of driver services, is quoted as saying: “We can’t go out and spec a system
when we don’t know what it’s supposed to do. ... There’s a lot of different hardware
and software devices and until they spec out the standards, we can’t get a cost
proposal.”16 For a considerable period of time, it was difficult for the states to plan
on how they were going to implement all of their responsibilities under the TSA
program and integrate TSA’s requirements with their state licensing processes
without definitive and relevant regulations and operating procedures — many of
which were not specified until late 2004.
When TSA issued key interim final regulations in November 2004, this agency
gave the states tight deadlines to make important decisions about their role in the
TSA threat assessment process. States had to decide quickly on such matters as
whether they wanted to use the TSA agent and how they might have to change their
state licensing processes to adapt to the TSA requirements.
AAMVA reported in November 2004 that TSA had almost resolved the
remaining technical issues that needed to be addressed before states could use their
CDLIS to communicate with TSA. This association of state licensing and law
enforcement officials stated that it could then begin to write the business and
technical specifications that the states will use to change their information systems
needed to participate electronically in this program. However, it should be stressed
that the process of implementing the systems needed to electronically transmit critical
data back and forth among the states and TSA is complicated and still will require
additional time.
As all of the design requirements (business and technical parameters) are
finalized, AAMVA is writing its final specifications that provide guidance to the
state licensing agencies on how to implement their responsibilities under the TSA
program. AAMVA estimates that this writing process may take two months. To
implement these final specifications, states will need time to modify their driver
licensing systems, including information and communication systems. These
changes are needed to transmit security-related information electronically to TSA,
and to receive information from TSA regarding its assessment of the security threat
posed by a particular driver. After the final specifications are issued, AAMVA
estimates that an additional six months, and maybe longer, will be needed by most
states to implement and test the changes to their CDLIS in order to transmit
information to and receive information back from TSA.17 AAMVA states that each
state CDLIS and TSA’s CDLIS will need to be tested before the association allows
each state and TSA to use CDLIS to communicate electronically with each other.
Since TSA does not have an existing CDLIS, TSA’s link to the CDLIS network, or
its node, needs to be tested and approved by AAMVA in order for TSA to send


16 Transport Topics, April 5, 2004: 29.
17 Personal communication with AAMVA, 2004 and 2005.

electronic messages to the states via CDLIS. Completion of these processes will also
take some time.18
Also, institutional challenges affected the expeditious and efficient
development and implementation of TSA’s program. There are resource (manpower)
challenges and procurement issues at some state licensing agencies that place
limitations on their ability to implement in a timely manner all of the changes
necessary to participate efficiently in this program.19 Furthermore, some states may
need to obtain legislative or administrative authority in order to collect the
background security-related information needed by TSA, or to charge additional fees
beyond the amount they now assess for a CDL/hazmat endorsement. States must
make other necessary changes in their state licensing systems to accommodate
various aspects of the TSA security threat assessment process.20 Some state motor
vehicle agencies still do not have the state-approved legislative or regulatory
authority to collect security-oriented information or assess additional fees.21 The lack
of authority will likely force some states to require the hazmat drivers licensed in
their states to use the TSA agent.
On the federal side, many administrative changes have contributed to the
challenges in implementing this initiative. First of all, the program was originally
assigned to FMCSA, and then later it was transferred to TSA — a new organization
that required time to organize and staff. Once at TSA, there were personnel and
organizational changes that affected continuity of program management.
Current Status
With respect to those states that choose not to use the TSA agent, TSA and
AAMVA recognized that not all states would be able to change their information
systems fast enough to transmit required data electronically with the TSA and the FBI
by the January 31, 2005 deadline. Consequently, TSA decided to establish, for a
short or interim period, alternative means for the states to submit information. These
alternative means may include mail, email, and faxes. Thus, different states will use
different processes to transmit data to TSA. The problem posed by this flexibility is
that the methods used by all states may not be as secure or as efficient as
electronically transmitting information over the CDLIS.
TSA plans to format or digitize the information submitted by the states into a
useable format until the states complete computer upgrades and are capable of
transmitting data across the CDLIS. More specifically, TSA states, “If a State knows


18 Ibid.
19 States have been making many changes to their CDL programs to accommodate many
other changes in federal regulations pertaining to CDL.
20 Personal communication with AAMVA and various state licensing officials, 2004.
21 Such fees, when they go back directly to the licensing agency, may be used to cover the
expenses for equipment, training, and information systems needed to obtain fingerprints and
receive and transmit security-related information to federal officials. In some states, the fees
collected are deposited in the general fund.

that it will not be able to transmit the information electronically until after July 2005,
however, the State should formally elect to have TSA capture the fingerprints and
driver information. TSA can staff the data entry for a short period of time until a
State’s computer system is upgraded, but TSA does not have the resources to perform
that task beyond July 2005.”22 TSA expects that these alternative pathways will
allow any state to process applications for issuance (including upgrading) of the CDL
with the hazmat endorsement starting January 31, 2005. Thus, the states are expected
by TSA to be compliant with TSA requirements by January 31, 2005. Most of the
states, however, will not be using their CDLIS by this date to participate in the TSA
threat assessment program. As of December, 28, 2004, TSA reports that the
following states will not use the TSA agent: Florida, Illinois, Indiana, Iowa, Kansas,
Kentucky, Maryland, Mississippi, New Mexico, New York, Pennsylvania, South
Carolina, Tennessee, Texas, Vermont, Virginia, and Wisconsin.23
On November 10, 2004, TSA issued an exemption notice from its regulations
found in 49 CFR Section 1572.5(c)(2)(i). TSA gave the states another extension in
the deadline to begin implementing two aspects of the security threat assessment
program. TSA now requires that only drivers applying for the issuance (including
upgrading) of the CDL with the hazmat endorsement, not renewals or certain
transfers, will be subject to the fingerprint-based background checks starting January
31, 2005. Complete (including fingerprint-based) security assessments for those
drivers seeking certain transfers and all renewals of their hazmat endorsement will
be required to start no later than May 31, 2005.
TSA’s gateway screening process will need to process in a timely manner
roughly 33,000 to 45,000 applications per month expected from hazmat drivers
required to undergo a security threat assessment.24 Although this screening process
has been tested, it will need to operate efficiently under actual load conditions for
sustained periods of time. Under its current plans, TSA will have a few more months
to improve the efficiency of its operations before it begins to receive thousands of
requests for security threat assessments from drivers seeking renewal, and in some
cases, transfer to another state of their CDLs with the hazmat endorsement. One
TSA official indicated that this additional assessment workload can be handled.25
Also, TSA will need to respond to the appeals of perhaps hundreds, maybe even
thousands, of drivers each year that dispute its decision to disqualify them from
obtaining, transferring, or renewing a CDL with a hazmat endorsement. TSA will
also need to make numerous decisions regarding requests for waivers from
disqualification decisions.


22 DHS. TSA. Federal Register, November 24, 2004: 68723.
23 [http://www.tsa.gov/public/display?content=09000519800d798f].
24 2.7 million hazmat drivers reviewed over a 60 month period would require processing an
average of 45,000 drivers per month. (TSA suggests that this number may be about 2.0
million drivers during this period.). The exact number of active drivers that will seek to
continue having the hazmat endorsement is unknown.
25 Personal communication with TSA, 2005.

TSA has built in some flexibility to the program. Its regulations specify that a
state may extend the expiration date of a driver’s license with a hazmat endorsement
for 90 days if TSA has not issued a “Determination of No Security Threat” or a
“Final Determination of Threat Assessment.” This provision is really a “safety
valve” in the process and is intended to deal with those cases when a timely decision
hasn’t been reached. This extension is supposed to allow a driver to keep operating
while TSA conducts its decisionmaking. However, the difficulty with this TSA
“safety valve” is that some states are prohibited by state law from simply extending
the expiration date of a driver’s license. Although states can change their licensing
laws or procedures, this process can take considerable time.
TSA plans to fund the necessary resources to implement its hazmat driver
security threat assessment program, including adjudicators to handle appeals. A
combination of additional federal personnel and contractors will be used.
Nevertheless, until this program has been functioning for at least several months
beyond May 31, 2005 (when all renewals must undergo a security background
check), it remains uncertain how fast and efficiently TSA’s adjudication process will
be able to respond if a large number of drivers dispute and appeal initial TSA
decisions or request waivers from TSA standards. TSA expects that it will be able
to address this challenge.26
State Funding, and Federal Funding and Fees for TSA
Funding has been and continues to be a challenge that some states face in
program implementation. For states, the costs of the program vary and depend in part
on whether a state uses the TSA agent. Costs are expected to be greater for those
states that do not use the TSA agent.
TSA has never requested and has never been provided with funds to directly
help states pay costs to change their information and communication systems and
other expenses associated with implementing this program.27 However, in P.L. 108-
90, Congress specified that for FY2004 and thereafter, the Secretary of Homeland
Security is to charge reasonable fees for providing credentialing and background
investigations in the field of transportation.
On November 10, 2004, TSA proposed to establish fees for drivers who apply
for or renew a CDL with a hazmat endorsement, and thus are required to undergo
TSA’s security threat assessment. This agency seeks to establish two new user fees.
The first called the “Threat Assessment Fee” is to cover TSA’s costs of performing
and adjudicating hazmat driver security threat assessments, appeals, and waivers
associated with the program. The second called the “Information Collection Fee” is
to cover the costs of collecting and transmitting fingerprints and applicant
background information. These fees would be in addition to a fee imposed by the


26 Ibid.
27 Based on discussions with TSA, 2004.

FBI for performing the criminal record background check and to any fees imposed
by a state related to its costs under this security-oriented program.28
According to TSA, these “per driver” fees are estimated to cost as follows:
Information Collection Fee — $25-$45, Threat Assessment Fee — $36, and FBI Fee
— $22 (if TSA agent collects) or $24 (if state collects). Thus, the total federal fees
per hazmat endorsement applicant would be roughly $83-$105 every five years or so.
These federal fees would be in addition to the existing (licensing/safety-oriented) fees
now charged by the states. A state collecting applicant background information and
transmitting driver fingerprints to the FBI without using the TSA agent would not
charge drivers the federal “Information Collection Fee,” instead it might charge other
additional state fees. Some states do not plan on charging any additional fee.
In its FY2005 appropriation, Congress gave TSA the authority to collect $17
million in fees to cover various credentialing programs (including its hazmat security
threat assessment program). For FY2005, TSA also received $5 million in its
appropriation to pay for its front end or start up costs for credentialing programs.29
TSA indicated it does not have legal authority to share fees collected to pay for
federal costs associated with the driver assessment program with state driver
licensing agencies or to provide grants to states to help pay the costs of participation
in the TSA process. TSA notes that while a state may not collect a fee pursuant to
TSA’s fee authority, it is not prohibited from collecting a fee determined by the state
under its own authority from an individual who applies for or renews a hazmat
endorsement. TSA’s agent (a contractor approved by TSA) does conduct many of
the functions (fingerprinting and security-oriented data collection) that the states
would otherwise have to undertake.
TSA estimates that its total start-up cost for the program will be about $4.76
million. The agency’s total annual recurring costs is projected to be roughly $14.2
million for the first year (i.e., from January 31, 2005 to January 30, 2006) and
between $13.2 million and $13.6 million per year for the second through fifth years.30
Based on the number of drivers expected to apply for security threat assessments and
various cost assumptions, TSA estimates that the sum total of its start-up and
recurring costs for the first five-years will be about $72.4 million. This agency notes
that these estimates will be modified.
How will TSA use these collected fees? The fees must be used to pay for
program costs. TSA has elaborated on the requirements of the program.
TSA must implement and maintain the appropriate systems, resources, and
personnel to ensure that fingerprints and applicant information are “linked,”and
that TSA can receive and act on the results of the security threat assessment.
TSA will be required to have the necessary resources to perform the security


28 DHS. TSA. Federal Register, November 10, 2004: 65336-65337.
29 Personal communication with TSA, 2005.
30 According to TSA, “All cost and fee estimates in recurring years are not adjusted for
inflation.”

threat assessments and process appeals, requests for waivers, and notification (to
the drivers and the appropriate State) of all results. In addition, TSA must also
be capable of archiving the results of these actions for the purpose of drivers
newly applying or renewing their HME application in future years (in the case
of drivers who successfully appealed a TSA background check or were granted31
a waiver).
AAMVA takes issue with TSA’s projected costs of this program. This
association maintains that 1) TSA’s cost analysis failed to integrate operating costs
and expenses to AAMVA and the states for their start-up and maintenance costs
associated with the HME security threat assessment process, 2) TSA also has not
included expenses for changes to the CDLIS to accept and transmit HME application
and threat determination data, and 3) TSA does not address the expenses to AAMVA
and the states for the testing required to make sure the process functions properly
between each of the states and TSA.32 This association recommended that TSA
should recalculate the total costs of the program and provide funds to the states and
AAMVA to help pay for establishing and maintaining the program.33 On the other
hand, it should be noted that it may be difficult to determine the exact state costs
specifically dedicated to this program, but estimates of appropriate costs could be
ascertained.
Policy Concerns
Some Members of Congress are concerned that implementation of Section 1012
of the USA PATRIOT Act has taken so long, and DHS officials have acknowledged
that this concern needs to be addressed.34 Some state officials also were concerned
(primarily until November 2004) that TSA took so long to detail key regulations,
specifications, and deadlines pertaining to the state role in this program. Some states
have praised TSA for the intensified effort, of late, to move forward with
implementation. One official noted that their state licensing officials “...took the
actions of Congress to heart and moved with all deliberate speed to be ready to
implement the law — it is now time to do so and we are encouraged with the present
efforts of TSA along with the efforts of the American Association of Motor Vehicles
to use the CDLIS platform to communicate adjudication responses to the state MV
jurisdictions.”35
TSA is also considering how security threat assessments might be conducted
on Canadian- and Mexican-domiciled hazmat drivers who transport specified hazmat
loads or materials into the United States. TSA has stated that all (hazmat) drivers
will eventually have to meet eligibility and threat assessment standards that are


31 DHS. TSA. Federal Register, November 10, 2004: 65337.
32 AAMVA’s comments to the docket in response to TSA’s proposed fee assessment, 2004.
33 Ibid.
34 Transport Topics. March 22, 2004:3.
35 Florida Department of Highway Safety and Motor Vehicles, 2004.

comparable to the standards that U.S. hazmat drivers must meet.36 A specific
requirement for a background check on Canadian- and Mexican-domiciled drivers
was proposed in key surface transportation reauthorization legislation (H.R. 3550, as
amended and passed by the Senate and House) considered during the 108th Congress.
This provision did not become law, but this requirement may be included in surface
transportation legislation considered by the 109th Congress.
Policy Options
Other policy options that might be considered pertaining to TSA’s hazmat
security threat assessment program include
Option #1 — help the states meet some of the costs of participating in
TSA’s program by specifying that the fee collected by TSA must be shared
with the states and that the state’s share reflect state costs;
Option #2 — conduct additional oversight on TSA’s implementation of
the program with the intent of encouraging timely progress in program
implementation;
Option #3 — evaluate whether TSA should be required to combine its
hazmat security threat assessment with its Transportation Workers
Identification Credential (discussed below) at the earliest date possible; or
Option #4 — delay the fingerprint-based portion of the TSA hazmat
security threat assessment until the TWIC is ready for national deployment.
Each of these options poses its own set of unique costs and benefits that would
need to be evaluated. For example, those supporting option #1 could assert that it
is appropriate for TSA to help finance the state’s activities which are critical to
TSA’s security threat assessment program. For many years, Congress has provided
funds to help finance other improvements in state CDL programs. On the other hand,
funds dedicated for threat assessments of hazmat drivers would drain resources away
from other security-oriented activities. Furthermore, some states are able to increase
fees to pay for their program costs. The costs of implementing this program for some
states, especially for those using the TSA agent, are so small that an official from one
state indicated that option #1 would not be of much economic value. With respect
to option #2, it remains to be seen whether additional oversight would have a
beneficial impact, but increased attention on this program might provide the impetus
for continued progress. Many in the hazmat trucking industry would likely favor
option #3 and even more so option #4; however, TSA raises several key
counterpoints to industry arguments. A discussion follows below on TSA’s view of
the importance of moving forward with the security threat assessment for hazmat
drivers as expeditiously as possible.
Industry concerns regarding implementation of the TSA security background
check are discussed in the next section.


36 [http://www.tsa.gov/public/display?content=09000519800d3fd3].

Selected Industry and Driver Concerns Regarding TSA’s
Program
The trucking industry generally supports background checks of those drivers
transporting hazmat. Many industry managers welcome reliable information that
provides background data regarding who is operating their trucks. Access to the
results of TSA’s security threat assessment would help them screen their drivers. In
its November 24, 2004 interim final rule, TSA stated that any notification the agency
makes to an employer will relay whether the driver’s endorsement has been revoked
so that the employer knows that a specific driver is not authorized to transport
hazmat.37 The desire of industry managers for background data is not surprising
given the need to protect investments of $100,000 or more per truck and loads that
can cost several hundred thousand dollars to one million dollars or more. Some in
industry have called for extension of the background check to all drivers holding the
CDL regardless of the type of endorsement.
Many trucking officials have concerns regarding TSA’s implementation of its
security threat assessment program for specified hazmat drivers. More specifically,
many in the hazmat trucking industry are against a separate security check for hazmat
drivers that is not conducted as part of the background check needed to obtain the
Transportation Workers Identification Credential (TWIC). As discussed below, those
holding this view generally want the background check required for the hazmat
endorsement to be delayed until the TWIC program is fully implemented. TSA is
against this delay. Some maintain that TSA’s deadlines for implementing the
complete security threat assessment program are unreasonable and that the
fingerprint-based program is not yet ready.
In order to understand the current conflict on this issue among many hazmat
carriers and TSA, it is important to understand what the TWIC entails. The TWIC,
when fully implemented, would be an integral part of an identification system
intended to prevent unauthorized persons from gaining access to secure areas in the
transportation system. TSA intends to require the TWIC to be issued to a broad array
of transportation workers after comprehensive screening of the applicant for ties to
terrorism. For example, the TWIC would be required for personnel working at a
secure transportation area, as well as drivers delivering a hazmat load to that area.
A biometric identifier incorporated into the TWIC would be intended to enhance its
reliability as a security measure. A major purpose of the TWIC is to eliminate the
need for transportation workers to obtain multiple credentials. TSA is currently pilot
testing this system. Those tests will take well into 2005.
Many hazmat carriers see no need for TSA to require a complete background
check including a fingerprint-based criminal records review for a driver seeking a
hazmat endorsement and another, but similar, check on the same driver seeking a
TWIC. Many ask: Why is it necessary for hazmat drivers to undergo two background
checks? Why can’t these security threat assessment processes be integrated and the
background checks combined? Won’t obtaining/renewing both documents — the
hazmat endorsement and the TWIC — take a lot of time? How many drivers will


37 TSA indicated that it plans to make such notifications.

stop accepting hazmat loads because of the costs involved in the security clearances,
thus aggravating any perceived or actual shortages in available drivers? What are the
costs required to implement these two security processes?
The American Trucking Associations, Inc. (ATA), has maintained that the
background check conducted for the TWIC, which would be required of hazmat
drivers and many other transportation workers entering a secure area, would be
sufficient for the background check required to obtain a hazmat endorsement. ATA
argues against duplicative checks and recommends holding off on fingerprint-based
checks solely for hazmat drivers until the TWIC program is fully deployed. ATA
maintains that it does not make sense to establish a fingerprint-based security check
process centered around the state department of motor vehicle administrations.38
More recently, ATA requested that TSA reconsider the need for a fingerprint-based
check on the grounds that this agency had already conducted name-based
background checks and had achieved the goal specified in the USA PATRIOT Act
of added security. This association asserted that TSA’s implementation of a state-
based fingerprint collection process unnecessarily increases the costs of performing
background checks. ATA suggested that TSA continue with the name-based
background checks and eventually combine its security threat assessment process
for specified hazmat drivers with the agency’s implementation of the TWIC.39
The National Tank Truck Carriers, Inc. (NTTC) recently petitioned the TSA
and recommended that the Secretary of DHS should either: 1) indefinitely postpone
the proposed implementation dates for the fingerprint-based security threat
assessment; or, 2) temporarily substitute a name-based background check in lieu of
the proposed fingerprint-based check. NTTC thought that TSA’s goals and latest
target dates set in the interim rule were unreasonable. This association stated: “To
suggest that all of the individual states (and/or the yet unnamed TSA Agent” who
might serve as a proxy in any given state) will have the required processes,
procedures, equipment and trained personnel “in place” by either of those dates is
folly.”40
TSA has stated that it will not delay its planned security assessment program
for hazmat drivers until the TWIC is implemented. There are several reasons why
TSA is against combining the two background reviews at this time. TSA is under
substantial pressure to respond to Section 1012 of the USA PATRIOT Act as well
as the Safe Explosives Act. This agency does not want to further delay fingerprint-
based background checks on hazmat drivers until 2006 or later when the TWIC
system is fully operational. One TSA official stated that there is a significant
security risk which compels them to move forward with the complete security
assessment process for hazmat drivers. More specifically, TSA maintains that it
would be a mistake to delay a security check as important as the background review
of hazmat drivers by one year in order to combine it with the TWIC. Although there
are differences in the two programs, it was noted that there still will be opportunities


38 Personal communication with ATA officials, 2004 and 2005.
39 [http://www.truckline.com/issues/governmentpolicy/hazmat/BackgroundCheckAppeal].
40 Statement of Clifford J. Harvison. NTTC before TSA. Dec.6, 2004.

for additional synergistic programmatic or administrative arrangements and
efficiencies, e.g., leveraging fingerprinting locations or adjudication processes in the
future as the two programs evolve.41 Given the status of the TWIC program, which
is best characterized as an evolving effort with substantial unanswered policy and
technical questions, it is not surprising that TSA wants to decouple these two
security measures, at least initially.
TSA might be able to reduce or perhaps even solve some of the concerns that
industry has posed. For example, if a common biometric identifier were used for
both the hazmat security threat assessment process and for the TWIC program, then
some efficiencies might be gained. Furthermore, if the factors that would disqualify
someone from obtaining a TWIC were identical or nearly so to those that would
disqualify a driver from obtaining or keeping a hazmat endorsement, the background
checks required for both documents could be identical or nearly so. Based on
discussions with TSA officials, specifying common disqualification factors appears
to be the direction that the TSA is moving. It does not appear that, over the long
term, the agency wants to conduct two separate background checks on the same
person. As these two programs evolve, TSA may eventually issue regulations that
merge these two background checks to the maximum extent possible. When this
will happen remains uncertain.
In addition to the fees that will be imposed, TSA’s program will affect drivers
in other ways. As a result of the decisions made under this program, some drivers
will lose their hazmat endorsement. Some drivers will not want to be subjected to
the security threat assessment process and will decide not to work for a company
requiring this endorsement. Some suggest that up to 20% of the estimated 2.7
million drivers with the hazmat endorsement may not seek renewal of their
endorsement.42 Such decisions would add to any perceived or actual shortages of
hazmat drivers.
Concluding Observation
The costs of a successful and catastrophic terrorist attack using hazmat could
include an incalculable number of lives and dollars of damages, or more. Most
would agree that individuals posing a security threat to the United States should not
be given authority to transport explosives, highly toxic gases, and other highly
dangerous goods. TSA’s security threat assessment process is viewed by some as
a prudent measure that when combined with many other “layered” security measures
may help reduce some of the risks associated with hazmat transportation. The
output of TSA’s security threat assessment process, however, will not prevent a
determined terrorist, from attempting to use specified hazmat shipments as a weapon
of mass destruction.
One of the outcomes of TSA’s process is a “yes or no”decision which then
affects a state licensing decision as to whether to allow a driver to obtain or keep


41 Personal communications with TSA, 2004 and 2005.
42 Beadle, Andrew D. “Hazmat Hassle.” Traffic World. November 22, 2004: 22.

a hazmat endorsement.43 TSA’s program also requires federal decisions about
waivers and appeals. The complexity of the entire process, underpinned by many
detailed pages of federal and state regulations and procedures, offers many
opportunities for uncertainties and additional costs to drivers and commerce.
The various uncertainties associated with this program will eventually be
addressed but some are problematic at this time. Carriers and drivers want to
experience that the TSA security threat assessment process is efficiently and
effectively implemented over the long term and is compatible with state licensing
processes and the operating logistics of the industry.


43 This “yes or no” decision can be transmitted in the form of a “Notification of No Security
Threat” from TSA to the affected state.