In the Maritime Transportation Security Act (MTSA), signed into law on November 25, 2002, Congress directed the U.S. Coast Guard to, among other things, establish a vessel security plan requirement for appropriate vessels operating in United States waters. Congress broadly defined the vessels that should have security plans as those that the Secretary (of the Department in which the Coast Guard is operating) believes may be involved in a transportation security incident. A 'transportation security incident' is defined as a security incident resulting in a significant loss of life, environmental damage, transportation system disruption, or economic disruption in a particular area. Because of the short deadlines imposed by the legislation, the Coast Guard will promulgate vessel security plan regulations following a series of public meetings, eschewing the usual process of proposing a rule and inviting comment thereon.
In its recent notice of public meetings, the Coast Guard included commentary on certain aspects of the process, giving the regulated community some clues as to what the regulations may eventually entail.
Regulated Community
It appears that the Coast Guard will impose the vessel security plan requirement on almost all commercial vessels operating in U.S. waters, including the following categories:
• All foreign ships required to comply with the International Convention on the Safety of Life at Sea (SOLAS Convention);
• All foreign ships of countries not signatory to the SOLAS Convention.
• All U.S. vessels subject to 46 CFR, subchapters I (cargo and miscellaneous vessels), L (offshore supply vessels), H & K (passenger vessels), T (small passenger vessels, but only when engaged on an international voyage), D (tank vessels), O (vessels carrying bulk dangerous cargo); and I-A (mobile offshore drilling units).
• All U.S. towing vessels greater than 20 ft. (6 m) in registered length.
This listing includes virtually every non-U.S. commercial vessel coming to the United States and every U.S. self-propelled commercial vessel with the exception of a few such as commercial fishing industry vessels, small passenger vessels not engaged on international voyages, nautical school vessels, and small towing vessels (of 6 m or less in registered length). Also exempted are most barges, other than tank barges.
U.S. Standards
Ideally, the U.S. Coast Guard would deem compliance with the international standard for a ship security plan to be full compliance with any U.S. standard for a vessel security plan, but certain realities intrude. First, the international ship security plans only have to be submitted to — and approved by — the flag administration. The MTSA mandates that vessel security plans be submitted to — and approved by — the U.S. Coast Guard. International ship security plans are to be written in the working language of the crew (and in English, French, or Spanish, if the working language is none of these specified languages). As a practical matter, the U.S. Coast Guard will only accept for review plans written in English.
The Vessel Security Plan must be consistent with the National Maritime Transportation Security Plan, which will be prepared by the Secretary for deterring and responding to a transportation security incident. Further, it must be consistent with the Area Maritime Transportation Security Plan for each area within which it operates. The Areas, for this purpose, are expected to align with the Captain of the Port (COTP) zones. The Coast Guard has disseminated neither the National nor the Area Maritime Transportation Security Plan, although it has issued a Navigation and Vessel Inspection Circular (NVIC) providing guidance to field units related to preparation of port security plans. It is unclear how owners and operators will be expected to comply with the consistency requirement if the various national and area plans are not promulgated soon.
Qualified Individual
The plan must identify the qualified individual (QI) having full authority to implement security actions, and require immediate communications between that individual and the appropriate Federal official (presumably the COTP) and the persons providing additional security. It is unclear what qualifications will be expected of a QI. If it is similar to the standards utilized under the Oil Pollution Act of 1990 (OPA 90) for oil spill vessel response plans (VRPs), the individual will have to be based in the United States and be available 24-hours a day.
Availability of Security Measures
The plan must also identify, and ensure by contract or other means approved by the Secretary, the availability of security measures necessary to deter to the maximum extent practicable a transportation security incident, or a substantial threat of such a security incident. As with the QI, this clearly derives from OPA 90, but it is uncertain what security measures the Coast Guard envisions. It could be anything from a guard service posted at points of ingress and egress from the ship to divers searching the hull for limpet mines.
Security Incident Response Plan
Either as part of the vessel security plan or as a stand-alone document, the Secretary must require each vessel to prepare and submit a security incident response plan. The plan is to provide a comprehensive response to an emergency, including notifying and coordinating with local, State, and Federal authorities, including the Director of the Federal Emergency Management Agency (FEMA), securing the vessel, and evacuating vessel personnel. The limited legislative history of this provision indicates that Congress was concerned about response to such things as an oil spill from the vessel that might arise from a terrorist attack or other security incident. The Notice issued by the Coast Guard provides no indication of how the agency will interpret and implement this provision.
Deadlines and Implementation
The MTSA provides that the vessel security plan must be submitted to the Coast Guard within six months after promulgation of the interim regulations. The vessel for which a vessel security plan is required may not operate in U.S. waters one year after promulgation of the interim regulations unless it has an approved plan and is operating in compliance therewith. Notwithstanding the 1-year restriction, the Secretary may authorize a vessel to operate without an approved security plan (for up to 1 year after submission of a security plan), if the owner or operator has certified that it has ensured by contract or other approved means the availability of security measures necessary to deter to the maximum extent practicable a transportation security incident, or a substantial threat of such a security incident. Rulemakings under the MTSA are exempted from the usual provisions of the Administrative Procedures Act, including the requirement for notice and public comment. The interim regulations are to be issued as soon as practicable, except that regulations establishing the security incident response plan are to be promulgated before April 1, 2003. Interim regulations are to be superseded by final regulations (presumably developed in accordance with the Administrative Procedures Act) no later than November 25, 2003.
Cost of Compliance
The Coast Guard estimates that it will cost the average SOLAS freight ship $25,900 in the first year to comply with the vessel security requirements, with subsequent years costing $11,949 each. The average SOLAS tanker would incur costs of $17,700 the first year and $11,539 annually in subsequent years. For the average SOLAS towboat, the costs would be $4,900 and $199 the first and subsequent years respectively. For a SOLAS cruise vessel, the added costs are estimated at $11,800 the first year and $13,204 in subsequent years.
The Coast Guard has estimated the cost for compliance by the U.S. fleet to be approximately $188 million in the first year and $144 million for each subsequent year. The ten-year cost of the vessel security program is estimated to cost the U.S. fleet $1.1 billion (present value). For some reason, known only to the agency, the Coast Guard did not publish an estimate for the cost of compliance by foreign vessels (either individually or in the aggregate). We should assume that, for the most part, the cost of compliance by a U.S. vessel operating under SOLAS is similar to that which would be experienced by a foreign vessel operating under SOLAS. The Coast Guard estimates (in other contexts) that 75 percent of the cargo vessels calling in U.S. ports are registered in nations other than the United States. Thus, fairly simple mathematics reveal that the total first year cost of compliance with the U.S. vessel security plan requirement will be approximately $752 million, with annual costs of $576 million in subsequent years. The total ten-year cost of the program would then be approximately $4.4 billion (present value). For comparison purposes, it should be remembered that the Coast Guard estimated the cost of compliance with its double hull rule to be $3.5 billion (present value) in 1991.
Summary
The U.S. Coast Guard has a daunting task ahead as it works to develop vessel security plan requirements in the context mandated by the MTSA. It will need assistance from the regulated community if it is to establish standards that are both consistent with the statute and workable. Due to severe time constraints, industry must make its views known now.
The goal is to deter, to the maximum extent practicable, a transportation security incident - in other words, to harden the target. Success consists in instituting the appropriate mix of security measures to deter the terrorists without either bringing commerce to a halt or bankrupting the players. This is a delicate balance indeed.