The New 107/108
The new regs codify, organize FAA security initiatives, says ACI-NA
By Bonnie Wilson, Vice President, Airports Council Int’l - North America
September 2001
Federal Aviation Regulations (FAR) Parts
107 and 108 are finally here. A long time coming, if not long awaited,
these comprehensive re-writes of the baseline security regulations for
airports and aircraft operators present a few changes to the way we do
business, but mostly they clarify and standardize current operations.
Since the rewrite process began over ten
years ago, FAA has relied on policy memos, emergency amendments to security
plans, security directives etc., to institute new rules, policies, and
procedures. The main impact of these new rules is a codification and reorganization
of those efforts.
For instance, while Part 107 does not mandate
airports to develop standard Airport Security Programs (ASP), it does
require that the programs follow a specific format for ease of inspection
and compliance efforts.
Definitions have been revamped in both rules
as well, making it as clear as you can when using regulatory language
what they mean when they say it. As an add-on to the regulations themselves,
FAA is also planning on publishing a Policy Memorandum Hand-book that
will break down each section of the rule and add non-regulatory text to
put the requirements into context and assist the reader with implementation.
Keep an eye out for the guidance later this fall, because one of the major
changes in the rule is who it applies to.
Both new regulations have a broader applicability
scope than the old rules. Part 107 now applies to any airport serving
any aircraft operator required to have a security program under either
Part 108 or Part 129. The old rule included a phrase limiting this requirement
to those carriers with "scheduled passenger operations."
This aspect is further clarified in Part
108 by stating you must have a plan if you enplane or deplane passengers
into a sterile area.
A more significant change is that these
rules now apply to individuals as well as airport and aircraft operators.
Yes indeed, the FAA can now take action against an individual in a secured
area, aboard an aircraft, or applying for a position that grants them
privileges under these parts if they violate any aspect of these rules.
This includes a person who decides to test the security system at an airport
without proper authorization (even if that used to be their job).
Tenant Programs
In the spirit of having everyone participate
in keeping the aviation system secure, the FAA has also given airport
tenants an opportunity to create and maintain their own security programs.
Airport Tenant Security Programs are similar in nature to Exclusive Area
Agreements between airports and aircraft operators, but slightly more
restrictive.
An airport tenant may compile its own security
programs governing its security operations and the geography it occupies
at an airport. The Airport Tenant Security Program (ATSP) will be included
as a part of the airport’s overall ASP, and must be approved prior
to implementation by the FAA.
As the tenants are not directly regulated
parties, these agreements must be monitored and audited by the airport
as well as by the FAA. Airports which enter into these agreements must
be prepared to act on behalf of the FAA regarding non-compliance with
these plans, including development of "meaningful" measures
that include monetary and other penalties.
Defining Parameters
In recognition of the fact that airports
and aircraft operators are trying to carry out commercial aviation operations
while complying with security regulations, FAA has revisited the issue
of what needs to be secured at what level. At first read it is hard to
understand exactly what the new divisions of the airside really mean,
but after careful consideration it becomes less muddy.
Imagine the airside of the airport divided
into zones with the highest level of security compliance imposed nearest
to the aircraft themselves — this is the Secure Area. This is also
the Security Identifi-cation Display Area (SIDA), as the Secure Area must
be declared as a SIDA. But this may not be the only SIDA.
Consider the next zone in the sequence:
This is the area where the aircraft move around, traditionally referred
to as the Air Operations Area (AOA). The AOA also encompasses the Aircraft
Movement Area (AMA); general aviation areas; cargo facilities; aircraft
parking areas; loading ramps; and, safety areas.
The AOA may have exclusive areas where individuals
can operate without airport-issued identification media, and tenant security
areas where they must. The AOA may also be a SIDA, but portions of it
may not be. Theoretical--ly, if the section of the AOA is a SIDA it might
as well be a Secure Area; but if it is not a SIDA, there are fewer requirements
associated with access to the area unless it is adjacent to the Secure
Area.
Clear? If it’s not, then you can rely
on your Airport Security Coordina-tor (ASC) or your Ground Security Coordinator
(GSC) to explain it all.
Security Coordinators
You will know exactly who the Airport Security
Coordinators are at your airport, as the new Part 107 requires them to
be appointed by name, that is, once they have completed their new training
requirements. Within two years time, no person shall be appointed as the
ASC or their alternate until they have completed a training program that
includes the following elements: FAR Part 107, FAR Part 108, FAR Part
109, FAR Part 129, all elements of the security program requirements,
law enforcement responsibilities, incident management, proper coordination
and communication protocols when dealing with the FAA, and the proper
dissemination of threat information and related intelligence.
No one person means exactly that —
there is no provision in the rule to allow for grandfathering of any existing
ASCs regardless of how long they may have been serving in that capacity.
The good news is once you have passed through the training and achieved
the designation, you can be an ASC anywhere you like as long as you have
not had a two or more year break in service as an ASC.
In order to ensure that this extensive training
does not go to waste, the rule also spells out those duties that must
be undertaken by the ASC directly. These include: immediate corrective
action of non-compliance, employment history verification and criminal
history records checks, and maintenance of training records. In their
spare time the ASCs should review — with sufficient frequency —
law enforcement actions at security checkpoints; ID media display and
challenge in the SIDA; access control measures; conditions outlined in
exclusive area agreements; and, airport tenant security programs.
The rule does clarify a point of contention
under the old system: ASCs can be assigned other duties at the airport
as necessary, giving the airport operator operational latitude. While
this seems like a lot of work, keep in mind the GSCs are required to do
similar on a daily basis.
Crimes: A New List
One more significant change is the list
of disqualifying crimes and how to check on them. As the rules were being
finalized, Congress decided to change the way we conduct employment history
verification and criminal history records checks for employees seeking
unescorted access.
A new list of disqualifying crimes was promulgated
by the Airport Security Improvement Act of 2000 (Public Law 106-528).
This list of disqualifying crimes applies to anyone applying for a position
requiring unescorted access to the secure area of an airport after December
23, 2000. The trick comes in when you try to figure out if the applicant
committed the crime.
If the applicant is seeking unescorted access
at a non-category X airport, then he or she follows the same procedures
as in the past. They provide 10 years worth of employment history data;
the airport or the air carrier verifies the last five. If there is a gap
of over 12 months, or you are unable to verify other information, ask
the applicant for a set of fingerprints. The prints are sent to the FBI
and criminal history is then verified against the FBI’s records.
If there’s no record of a conviction of a disqualifying crime, grant
them unescorted access if you wish.
Now if you are at a Category X airport the
situation is different — everyone gets printed. The airport operator
may choose to grant unescorted access privileges only when a report back
from the FBI affirms that the applicant has not been convicted of a disqualifying
crime. On the other hand, the airport operator may choose to invoke the
45-day grace period granted by PL-106-528.
The 45-day grace period provision allows
for an individual to submit a complete employment history verification
indicating no gaps in time or information, along with a complete set of
fingerprints. The airport may allow this person to have unescorted access
for 45 days, based on employment history verification until their records
come back from the FBI. If the FBI record indicates no convictions, the
45-day badge must now be converted to regular old badge; if the FBI record
does indicate a conviction of a disqualifying crime, the airport must
withdraw the unescorted access privilege and retrieve the access media
issued.
It will be easy to keep track of these various
badges as the FAA has in the rule codified its policy on ID media. ID
media must: convey a full-face image, full name, employer, ID number of
the individual, the scope of access, expiration date, and make sure all
are of sufficient size and appearance "as to be readily observable
for challenge purposes." This does not apply to FAA special agents
actively conducting assessments or investigations.
Under the old rules, if you caught an FAA
agent in the SIDA without ID, you were to escort him or her to a non-secure
or public area. Now they can operate in the SIDA without a badge and continue
to test even if they have been challenged.
The real message is security is everybody’s
business. The rules are complicated and they are comprehensive. Folks
who have been on the periphery of providing for aviation security are
now part of the united front. It will take time and effort to make sure
everyone understands the new rules and procedures, but in the long run
it will be worth it.
About the Author