[Senate Report 108-149] [From the U.S. Government Publishing Office] Calendar No. 281 108th Congress Report SENATE 1st Session 108-149 ====================================================================== WASTEWATER TREATMENT SECURITY ACT OF 2003 _______ September 17, 2003.--Ordered to be printed _______ Mr. Inhofe, from the Committee on Environment and Public Works, submitted the following R E P O R T together with ADDITIONAL AND MINORITY VIEWS [To accompany S. 1039] [Including cost estimate of the Congressional Budget Office] The Committee on Environment and Public Works, to which was referred a bill (S. 1039) to amend the Federal Water Pollution Control Act to enhance the security of wastewater treatment works, having considered the same reports favorably thereon with an amendment and recommends that the bill, as amended, do pass. General Statement and Background As with many sectors of society, publicly owned wastewater treatment works began the process of reexamining the security of their facilities in light of the tragic events of September 11, 2001. The nation's 16,000 publicly owned treatment works comprise not only treatment plants but also 100,000 major pumping stations, 600,000 miles of sanitary sewers and 200,000 miles of storm sewers. The sewers create an underground network that connects the population and financial centers of every major U.S. city. Further, the sewers often run alongside or beneath major roadways. The potential to use them for a terrorist attack is significant. Further, damage to a wastewater treatment plant could result in significant loss of life, environmental damage and the contamination of surface and groundwater/drinking water supplies. In 1998, with Presidential Decision Directive 63, the Federal Government began an assessment of the vulnerabilities of the nation's critical infrastructures, including the nation's water supply. The EPA was designated the lead agency in charge of overseeing security of the nation's water systems and has worked with Sandia National Labs to develop an assessment tool for drinking water utilities. The EPA worked with the Association of Metropolitan Water Agencies to develop and operate the Information Sharing and Analysis Center (ISAC) which was developed to distribute secure, critical information to drinking water utilities throughout the Nation. It wasn't until after September 11th, 2001 that the ISAC was expanded to include wastewater utilities. In the fiscal year 2002 Departments of Veterans Affairs and Housing and Urban Development and Independent Agencies Appropriations Act (P.L. 107-73), Congress appropriated $500,000 for EPA to develop an assessment tool for wastewater treatment works. The EPA contracted with the Association of Metropolitan Sewerage Agencies (AMSA) to develop the tool which has now been distributed to more than 2,600 public systems to aid them in determining what vulnerabilities exist at their facilities. In the fiscal year 2002 Supplemental Appropriations bill, Congress provided EPA with $90 million to address security at drinking water facilities. EPA earmarked $3 million of those funds for wastewater utilities. EPA has also worked to protect wastewater treatment works in accordance with the EPA Strategic Plan for Homeland Security, issued in September 2002. Objectives of the Legislation While many treatment works have completed the task of identifying their security needs, others need some assistance. Therefore, S. 1039 provides treatment works of all sizes resources to determine, and address, their security needs. S. 1039 will help secure these systems by providing treatment works with an incentive to complete their assessments. The legislation carries with it the full force of law to ensure that those who receive Federal money have completed their assessments. It authorizes EPA to continue working with nonprofit organizations to improve and distribute vulnerability assessment tools and provide technical assistance to small utilities as they seek to identify and meet their security needs. The bill also authorizes research into water security threats and new technologies so that treatment works have the most up-to-date information about their options when determining how best to secure their individual facilities. Section-by-Section Analysis Section 1. Short title The Wastewater Treatment Works Security Act of 2003. Sec. 2. Wastewater treatment works security (A) DEFINITION OF VULNERABILITY ASSESSMENT Summary Creates a new section 222 of the Federal Water Pollution Control Act and defines a vulnerability assessment. Discussion An assessment is an examination of the treatment works' vulnerability to an unlawful action intended to substantially disrupt the ability of the treatment works to operate or to have an adverse impact on the critical infrastructure, the environment or public health or safety. The assessment includes a review of the facilities, systems and devices used for storing, treating, recycling or reclaiming municipal sewage or industrial wastes; the sewer system; the electronic and computer system; the pumping and power equipment; the use, storage and handling of chemicals and the operation and maintenance of the system. It will also include the identification of procedures, countermeasures and equipment that a treatment works may implement or use to reduce the vulnerabilities identified in the assessment. (B) GRANTS FOR VULNERABILITY ASSESSMENTS AND SECURITY ENHANCEMENTS Summary Authorizes the Administrator to provide grants to a State, municipality or inter-municipal or interstate agency to conduct a vulnerability assessment of a publicly owned treatment works and address a security need identified in the assessment. Discussion Authorizes grants to conduct vulnerability assessments and address a need identified in the assessment. (C) GRANTS FOR SECURITY ENHANCEMENTS Summary Paragraph (1) requires an applicant to certify to the EPA that it has conducted a vulnerability assessment and that the need for which it is seeking funding was identified in the assessment. Upon receiving this certification, the EPA may provide grants to the applicant for specific purposes listed in paragraph (2). Paragraph (2) establishes a list of security needs for which an applicant may receive funding. Paragraph (3) authorizes the Administrator to provide grants to an applicant who certifies it has conducted a vulnerability assessment and identified a need not included on the list in Paragraph (2). Paragraph (4) prohibits funds from being used for personnel costs and the operation and maintenance of facilities, equipment or systems. The Administrator may not require an applicant to provide the Administrator with a copy of a vulnerability assessment as a condition of applying for or receiving a grant under this section. Discussion A treatment works must certify to EPA that it has conducted an assessment and that one of the enhancements listed in Paragraph (2) is included in the assessment. Falsely certifying information to the Federal Government is a crime (18 U.S.C. 1001) punishable by fine or imprisonment. Further, EPA through its grant making procedures has the authority to ensure that grant money is used for its intended purposes. If the agency finds that it was not, the grant can be revoked and a charge of false certification made. The applicant may seek funding for a need not in Paragraph (2) but identified in a vulnerability assessment by submitting an application to the Administrator. Funds cannot be used for personnel costs or operation and maintenance of facilities, equipment or systems. EPA cannot require the applicant submit its assessment to the agency as a condition of applying for or receiving funds. (D) GRANT AMOUNTS Summary Paragraph (1) establishes a Federal-local cost share of 75 percent-25 percent. Paragraph (2) limits the size of any one applicant to $150,000. Discussion Because securing our nation's infrastructure against terrorism is a partnership between Federal, State and local government, this section authorizes a Federal-local cost share. In order to ensure that funds are widely distributed and not absorbed by a few large systems, grants are limited to $150,000. (E) TECHNICAL ASSISTANCE FOR SMALL PUBLICLY OWNED TREATMENT WORKS Summary Paragraph (1) defines a small publicly owned treatment works as a population of fewer than 20,000 individuals. Paragraph (2) authorizes the Administrator to, in coordination with the States, provide technical assistance to small treatment works in assessing and addressing their security needs. Discussion It is critical that small systems, which often have fewer resources at their disposal, have the same level of protection as large systems. Subsection (e) authorizes a technical assistance program for treatment works serving less than 20,000 people. Technical guidance may include training, technical assistance programs and preliminary engineering evaluations. The Administrator may provide grants to nonprofit organizations with expertise in assisting small systems. (F) REFINEMENT OF VULNERABILITY ASSESSMENT METHODOLOGY FOR PUBLICLY OWNED TREATMENT WORKS Summary Authorizes grants to nonprofit organizations to improve vulnerability assessment methodologies and tools for publicly owned treatment works at no cost to the treatment works. Discussion Authorizes the Administrator to provide grants to nonprofit organizations to improve vulnerability assessment methodologies and tools for publicly owned treatment works, including those that are part of a combined public wastewater treatment and water supply system. The grants may be used to develop and distribute assessment software upgrades, improve and enhance critical technical and user support functions, expand libraries of information addressing threats and countermeasures and implementing user training initiatives. These services are to be provided at no cost to the participants/recipients. (G) AUTHORIZATION OF APPROPRIATIONS Summary and discussion Authorizes $200 million for use in making grants to conduct vulnerability assessments and implement security enhancements under subsection (b); $15 million for technical assistance for small systems; $5 million over 5 years for refinement of vulnerability assessment methodology. Sec. 3. Research and review Creates a new section 223 of the Federal Water Pollution Control Act (FWPCA). (A) DEFINITIONS Summary Defines ``covered treatment works'' and ``harmful intentional act.'' Discussion A covered treatments works has the same definition as it does in section 212 of FWPCA (33 U.S.C. 1292); a harmful intentional act means a terrorist attack or other intentional act carried out with respect to a covered treatment works that is intended to substantially disrupt the ability of the treatment works to provide safe and reliable conveyance and treatment of wastewater, disposal of effluent or storage of potentially harmful chemical used to treat wastewater. The harmful intentional act is one that may also inflict damage to critical infrastructures and have an adverse effect on the environment or otherwise pose a significant threat to public health or safety. (B) REVIEW BY ADMINISTRATOR Summary and discussion Requires the Administrator to research and review means by which terrorists, including domestic or foreign terrorists, or other individuals or groups can carry out a harmful intentional act against a treatment works and the identification of alternative processes for treating, conveying and disposing of wastewater. (C) MEANS OF CARRYING OUT HARMFUL INTENTIONAL ACT Summary The Administrator shall review the various means by which a treatment works could be affected through a harmful intentional act. Discussion The Administrator shall review the means by which the treatment works, pipes and constructed conveyances could be destroyed or otherwise prevented from providing adequate conveyance, pretreatment, treatment and disposal of wastewater; means by which the pipes, constructed conveyances, pretreatment, treatment, storage and disposal systems could be altered or affected so as to pose a threat to public health and safety or the environment; means by which pipes, constructed conveyances, pretreatment, treatment, storage and disposal systems could be reasonably protected from harmful intentional acts and reasonably secured from use as a means of transportation by terrorists, including domestic or foreign terrorists, or other individuals or groups; and the means by which information systems at treatment works could be disrupted by terrorists, including domestic or foreign terrorists, or other individuals or groups. (D) CONSIDERATIONS Summary and discussion The Administrator shall ensure that EPA's research encompasses treatment works of all sizes and from various geographic regions and may consider the vulnerability of, or potential for forced interruption of service for, a region or service area, including the National Capital Area. (E) INFORMATION SHARING Summary The Administrator, as soon as practicable, shall share the information found in the review with covered treatment works through the Information Sharing and Analysis Center (ISAC) or other appropriate means. Discussion The Administrator will distribute the findings of EPA's research to treatment works through the ISAC or other appropriate means. Any new approaches identified by EPA will be provided to treatment works for information only as they consider what new approaches may be suitable for their facility. Because each system may have different needs, the committee intends that the determination of how to use this information will be left to each individual treatment works, on a voluntary basis. (F) FUNDING Summary and discussion Authorizes $15 million for carrying out this section for the period of fiscal years 2004 through 2008. Legislative History During the 107th Congress, Representatives Don Young, James L. Oberstar, John J. Duncan Jr., and Peter DeFazio introduced H.R. 5169, ``The Wastewater Treatment Works Security Act.'' On July 24, 2002, the bill was reported out of committee by voice vote. It passed the House of Representatives by voice vote on October 7, 2002. During the 108th Congress, Representatives Don Young, James L. Oberstar, John J. Duncan Jr., and Jerry F. Costello introduced legislation nearly identical to H.R. 5169, H.R. 866 which passed the committee on March 11, 2003 by voice vote. It passed the House of Representatives on May 7, 2003 by a vote of 413-2. On May 12, Senators James Inhofe and Mike Crapo introduced the Senate companion to H.R. 866, S. 1039. On May 15, the Committee on Environment and Public Works agreed to S. 1039, as amended, by a vote of 13 to 6 and ordered the bill reported to the Senate. Rollcall Votes The Committee on Environment and Public Works met to consider S. 1039 on May 15, 2003. The committee adopted by unanimous consent an amendment by Senator Jeffords to establish a $15 million research program on potential threats, best practices and new technologies to help wastewater treatment works better secure their facilities and processes from terrorist attacks. The amendment was modified by unanimous consent of the committee before adoption to clarify the definition of a treatment works. The committee then defeated an amendment offered by Senator Jeffords to require treatment works to conduct vulnerability assessments and develop emergency response plans and submit both to the Department of Homeland Security. The amendment was defeated by a rollcall vote of 9 ayes, 10 nays. Voting in favor were Jeffords, Baucus, Reid, Graham, Lieberman, Boxer, Wyden, Carper and Clinton. Voting against were Inhofe, Warner, Bond, Voinovich, Crapo, Chafee, Cornyn, Murkowski, Thomas and Allard. The committee then defeated by voice vote an amendment by Senator Jeffords to eliminate the cost share and the limit on grant amounts. The committee then favorably reported the bill by a vote of 13 to 6. Voting in favor were Senators Inhofe, Warner, Bond, Voinovich, Crapo, Chafee, Cornyn, Murkowski, Thomas, Allard, Reid, Graham, and Carper. Voting against were Senators Jeffords, Baucus, Lieberman, Boxer, Wyden and Clinton. Regulatory Impact Statement In compliance with section 11(b) of rule XXVI of the Standing Rules of the Senate, the committee makes evaluation of the regulatory impact of the reported bill. The bill does not create any additional regulatory burdens, nor will it cause any adverse impact on the personal privacy of individuals. Mandates Assessment In compliance with the Unfunded Mandates Reform Act of 1995 (Public Law 104-4), the committee finds that S. 1039 would not impose Federal intergovernmental unfunded mandates on State, local, or tribal governments. Cost of Legislation Section 403 of the Congressional Budget and Impoundment Control Act requires that a statement of the cost of the reported bill, prepared by the Congressional Budget Office, be included in the report. That statement follows: U.S. Congress, Congressional Budget Office, Washington, DC, May 20, 2003. Hon. James M. Inhofe, Chairman, Committee on Environment and Public Works, U.S. Senate, Washington, DC. Dear Mr. Chairman: The Congressional Budget Office has prepared the enclosed cost estimate for S. 1039, the Wastewater Treatment Works Security Act of 2003. If you wish further details on this estimate, we will be pleased to provide them. The CBO staff contact is Susanne S. Mehlman. Sincerely, Douglas Holtz-Eakin. S. 1039--Wastewater Treatment Works Security Act of 2003, as ordered reported by the Senate Committee on Environment and Public Works on May 15, 2003 Summary: CBO estimates that implementing this legislation would cost $234 million over the next 5 years, assuming appropriation of the authorized amounts. The funds would be used by the Environmental Protection Agency (EPA) to make grants to States, municipalities, or intermunicipal or interstate agencies to conduct vulnerability assessments of publicly owned wastewater treatment facilities and to undertake security enhancements at such facilities. In addition, the funds would be used by EPA to provide technical assistance to small publicly owned treatment facilities, such as training and engineering evaluations of security measures, and to make grants to treatment facilities operated by nonprofit organizations to conduct self-assessments of security vulnerabilities. S. 1039 also would authorize funding for EPA to research and review ways that wastewater treatment facilities could be intentionally harmed and how wastewater could be treated and disposed of in the event a facility is damaged. Enacting S. 1039 would not affect direct spending or revenues. S. 1039 contains no intergovernmental or private- sector mandates as defined in the Unfunded Mandates Reform Act (UMRA) and would impose no costs on State, local, or tribal governments. Estimated cost to the Federal Government: For this estimate, CBO assumes that the bill will be enacted by the end of fiscal year 2003. CBO estimates that implementing the bill would cost $234 million over the 2004-2008 period, assuming appropriation of the amounts authorized for each year. Those estimated outlays are based on historical patterns for similar activities. The estimated budgetary impact of S. 1039 is shown in the following table. The costs of this legislation fall within budget function 300 (natural resources and environment). ---------------------------------------------------------------------------------------------------------------- By fiscal year, in millions of dollars-- -------------------------------------------- 2004 2005 2006 2007 2008 ---------------------------------------------------------------------------------------------------------------- CHANGES IN SPENDING SUBJECT TO APPROPRIATION Grants for Wastewater Treatment Security: Authorization Level............................................ 200 0 0 0 0 Estimated Outlays.............................................. 100 60 30 10 0 Grants for Small Publicly Owned Treatment Facilities: Authorization Level............................................ 16 1 1 1 0 Estimated Outlays.............................................. 8 5 3 3 0 EPA Research and Review: Authorization Level............................................ 15 0 0 0 0 Estimated Outlays.............................................. 10 4 1 0 0 Total Proposed Changes: Authorization Level............................................ 231 1 1 1 0 Estimated Outlays.............................................. 118 69 34 13 0 ---------------------------------------------------------------------------------------------------------------- Intergovernmental and private-sector impact: S. 1039 contains no intergovernmental or private-sector mandates as defined in UMRA and would impose no costs on State, local, or tribal governments. This bill would benefit State and local governments by authorizing $216 million in 2003 for grants to conduct vulnerability assessments, implement security enhancements, provide technical assistance, and to improve self-assessment methodologies and tools. The recipients of grants for vulnerability assessments and security enhancements would be required to match Federal funds, but such costs would be incurred voluntarily. Previous cost estimate: On February 28, 2003, CBO transmitted a cost estimate for H.R. 866, the Wastewater Treatment Security Act of 2003, as ordered by the House Committee on Transportation and Infrastructure. CBO estimated that implementing H.R. 866 would cost about $220 million over a 5-year period. The two bills are similar, but S. 1039 would authorize additional funding for EPA to research and review the impact that intentional damages would have on wastewater treatment facilities. Estimate prepared by: Federal Costs: Susanne S. Mehlman; Impact on State, Local, and Tribal Governments: Greg Waring; Impact on the Private Sector: Jean Talarico. Estimate approved by: Peter H. Fontaine, Deputy Assistant Director for Budget Analysis. MINORITY VIEWS OF SENATORS JEFFORDS, BAUCUS, LIEBERMAN, BOXER, AND CLINTON General statement In the wake of September 11, 2001, it is imperative that the Nation takes every reasonable action we can to prevent terrorism, create effective response and recovery mechanisms, and find ways to minimize any impacts should an event occur. The Congress has a key role in facilitating these actions by establishing authorities for government agencies, establishing the legal framework in which homeland security improvements will occur, and appropriating adequate funding for the homeland security mission. Protecting our nation's critical infrastructure is a major piece of our homeland security strategy. The water sector has been identified as an element in our nation's critical infrastructure since the issuance of Presidential Decision Directive 63 (PDD-63), issued in by President Clinton in May 1998, which was the first major governmental action focused on reducing the vulnerability of our nation's critical infrastructure. At that time, and in each document outlining homeland security responsibilities since that time, the Environmental Protection Agency (EPA) was designated as the lead for water infrastructure protection. The security needs are significant in the water and wastewater sectors. There are over 16,000 publicly owned treatment works in the United States, serving almost 190 million people. These industrial facilities use large quantities of toxic chemicals in their treatment and disinfection processes. They are located near population centers and other critical infrastructure. A chemical accident would pose a serious threat. In addition, collection systems run beneath every city and town in America, creating potential corridors for travel or opportunities for access. There are also serious public health risks associated with a disruption or service failure at a wastewater treatment plant. Treatment works clean wastewater that comes from our toilets, showers, and sewers and send it back into our rivers, streams, lakes, and oceans. Those same bodies of water are our drinking water sources. Without proper treatment, we would see the public health effects of the same type of water-borne disease outbreaks such as cholera that we saw in Iraq earlier this year due to the failure of wastewater treatment plants. After the recent events during the 2003 blackout, we have seen firsthand the impact that a cessation of operations at a drinking water or wastewater plant can have. In Cleveland, Ohio, after the August 2003 blackout, several sewage treatment plants discharged at least 60 million gallons of sewage into the Cuyahoga River, Lake Erie, and their tributaries after the power outage caused the plants pumps and blowers to cease operations. Raw sewage bypassed the treatment process and entered receiving waters untreated. The plants have no back-up power systems. Five Cleveland beaches were closed to swimming to protect against water-borne disease. Cleveland's water system also suffered a hit when 1.5 million customers lost water or water pressure due to power failures at four water plants. The city was under a boil water notice for 4 days. In Detroit, Michigan, after the blackout in August 2003 caused the city's water treatment plants to cease operations, the city was under a boil-water advisory for almost a week. We believe that the Congress should take the risk to wastewater treatment plants on seriously. Unfortunately, we believe that S. 1039, the Wastewater Treatment Works Security and Safety Act, as reported out of committee, provides security for our nation's wastewater infrastructure in name, only. Background Almost immediately after September 11, 2001, the Committee on Environment and Public Works began working with the water and wastewater industries and the EPA to ensure that the nation's water infrastructure was adequately protected. The committee met with key members of the EPA's security team to review the status of our nation's water infrastructure. Several short-term actions had already been taken. Based on the recommendations of PDD 63, the EPA and its industry partner, the Association of Metropolitan Water Agencies (AMWA), had already established a communication system, the water infrastructure Information Sharing and Analysis Center (ISAC), designed to provide real-time threat assessment data to water utilities throughout the Nation. Through this partnership, the EPA and AMWA, in cooperation with Sandia National Laboratory, developed an assessment tool that individual water utilities can use to assess their facilities for potential physical and cyber threats. The committee endorsed the concept of vulnerability assessments with bi-partisan action early in the debate on homeland security. On October 11, 2001, Senators Jeffords (I-VT), Smith (R-NH), Graham (D-FL), and Crapo (R-ID) sent a letter to the President with Representatives Tauzin (R-LA), Dingell (D-MI), Gillmor (R-OH), and Pallone (D-NJ) requesting that the President use a portion of discretionary funds to provide assistance for these assessments to water utilities. No response was received. Legislative action quickly followed. During the 107th Congress, Senator Jeffords (I-VT) and Senator Smith (R-NH), at that time the chair and ranking member of the committee introduced S. 1593, the Water Infrastructure Security and Research Development Act, which authorized the U.S. EPA to provide funding to support research projects on critical infrastructure protection for water supply systems. The two leaders of the committee also introduced S. 1608, which sought to provide grants to drinking water and wastewater facilities to meet immediate security needs. S. 1593, the Water Infrastructure Security and Research Development Act, sought to complement the ongoing work at EPA and in the water industry by focusing on mid- to long-term actions designed to enhance our current water security capabilities. The bill authorized $12 million over 5 years to continue ongoing work called for by Presidential Decision Directive 63, conduct research to assess potential threats to our water supply system, and develop solutions to safeguard our water systems against those threats. Projects were intended to address both water and wastewater security needs. S. 1608 focused on short term security needs such as re-keying of doors and locks or installation and maintenance of fencing, gating, or lighting. The committee reported both bills on December 10, 2001. The provisions of S. 1593 and S. 1608 were modified and incorporated into H.R. 3448, the Public Health and Bioterrorism Preparedness Response Act of 2002 (P.L. 107-188), which was signed into law on June 12, 2002. This Act requires that all community water systems serving a population greater than 3,300 people conduct a vulnerability assessment and an emergency response plan that incorporates the results of the vulnerability assessment. The Act establishes specific deadlines and requires that the vulnerability assessments be submitted to the EPA. It includes extensive information protection requirements at the Agency. The Act authorizes $160 million for fiscal year 2002 and such sums as necessary for fiscal years 2003 through 2005 for these purposes and to address basic security enhancements. Finally, the Act requires the Administrator to review and disseminate information to the drinking water industry on current and future methods of prevention of, detection of, and response to contaminant and supply disruption. Despite the fact that the original Senate bills addressed both water and wastewater needs, the provisions of H.R. 3448 were modified to address drinking water facilities only due to jurisdictional concerns raised by a House committee. Under the authorities provided by P.L. 107-188, EPA continued its work with AMWA to refine and operate the ISAC. EPA provided $51 million in funding to water utilities in fiscal year 2002, and the Agency partnered with numerous industry associations to develop vulnerability assessment and emergency response plan tools and training tailored for specific applications. EPA has also worked to protect wastewater treatment works in accordance with the EPA Strategic Plan for Homeland Security, issued in September 2002. Since September 11, 2001, EPA has provided $1.1M to the Association of Metropolitan Sewerage Agencies (AMSA) to develop a wastewater security vulnerability assessment tool. That tool is now available to individual treatment works. After the Public Health and Bioterrorism Preparedness Response Act of 2002 was enacted without addressing wastewater security, Senator Jeffords introduced S. 3037, the Wastewater Treatment Works Security and Safety Act, on October 3, 2002. S. 3037 mirrors the original provisions of S. 1593 and S. 1608 as well as the modified provisions for drinking water in H.R. 3448. The legislation requires all wastewater utilities to conduct vulnerability assessments and to develop or modify emergency response plans to incorporate the results of the vulnerability assessments. It requires that these documents be presented to the EPA for review, and it includes significant security measures designed to protect this information from unauthorized disclosure. It authorizes $185 million for assistance in completing vulnerability assessments, for immediate security improvements, and for assistance to small treatment works. It authorizes $15 million for research to identify threats, detection methods, and response actions. AMSA endorsed S. 3037 on October 1, 2002. During the 107th Congress, the House passed a wastewater security bill, H.R. 3169, the Wastewater Treatment Works Security and Safety Act. Due to significant differences over the treatment of vulnerability assessments in each bill, the House and the Senate were unable to reach agreement on this issue during the 107th Congress. In the 108th Congress, on April 3, 2002, Senators Jeffords (I-VT), Graham (D-FL), Lieberman (D-CT), and Lautenberg (D-NJ) introduced the Wastewater Treatment Works Security and Safety Act, S. 779. On May 12, 2002, Senators James Inhofe (R-OK) and Mike Crapo (R-ID) introduced S. 1039, also entitled the Wastewater Treatment Works Security and Safety Act. The committee considered and passed S. 1039 on May, 15, 2003. We were very pleased that the committee granted our requests to take action on wastewater security. However, we believe that S. 1039, as it passed the committee, does not fulfill our responsibility to provide the American people with the level of security that is required for our wastewater treatment works. Discussion During the committee's consideration of S. 1039, Senator Jeffords offered an amendment that would have required publicly owned treatment works serving more than 25,000 people conduct a vulnerability assessment and an emergency response plan and submit those documents to the Department of Homeland Security. The Jeffords amendment failed on party lines with 9 Democrats voting yes, 1 Independent voting yes, and 9 Republicans voting no. Without the modifications that were included in the Jeffords amendment, we believe that S. 1039 as passed by the committee provides security to wastewater treatment works in name only. First, S. 1039 does not require the completion of a vulnerability assessment or the incorporation of the results into a treatment works' emergency response plan. The Jeffords amendment would have required these actions to increase security at treatment works serving more than 25,000 people. We believe that conducting a vulnerability assessment, addressing the security needs it identifies, and incorporating the results into a facility's emergency response plan are most basic actions that must be taken in each sector of our nation's critical infrastructure. In the General Statement section of this report, we detail the potential impacts of an interruption of water and wastewater systems. One of the examples cited is the Cleveland water system which suffered a disruption during the August 2003 blackout. The Plain Dealer reported on August 16, 2003 that the Mayor of Cleveland called FirstEnergy executives to request that the water plants be placed on a ``protected'' list of addresses that would not be affected by the rolling blackouts. This is an example of exactly the type of action that could be identified in a vulnerability assessment and taken in advance of a power outage, significantly reducing the impact of an event on the citizens of the city. S. 1039 fails to increase the level of security of our nation's publicly owned treatment works. We do not know if individual publicly owned treatment works will choose to complete a vulnerability assessment, because there is no requirement to do so. In addition, we do not know if they will incorporate their findings into emergency response plans that are designed to protect communities surrounding those plants, because there is no requirement to do so. We believe that these most basic actions are not too heavy a burden for the wastewater treatment industry, which is no different than other critical infrastructure sectors. We believe that the wastewater industry should not be exempt from taking basic precautions to evaluate and address its security needs. Therefore, we believe that S. 1039 as reported from committee fails to ensure that even the most basic steps toward a higher level of security in the nation's critical infrastructure sectors are taken. Second, S. 1039 as reported does not require, and may actually preclude, the submission of vulnerability assessments that are conducted to the Federal Government--a serious obstacle in the DHS's ability to perform its mission. We believe that providing the results of a facility's vulnerability assessment and its emergency response plan to the Federal Government is a vital step both to ensure that vulnerability assessments are completed in critical infrastructure sectors and to ensure that the Federal Government has all of the information it requires to secure the Nation against a potential terrorist attack. In addition, elected officials in Congress have a Constitutional oversight role over Federal agencies and the laws they implement. Under S. 1039, Congress will not be accountable to the public for the purpose or implementation of this law--Congress will not be able to request or access information from the Federal agencies because the agencies will not have such information. In the President's National Strategy for Homeland Security, issued in July 2002, ``Protecting Critical Infrastructures and Key Assets'' is identified as a ``Critical Mission Area'' for the DHS. One of the ``Major Initiatives'' of DHS in this area is identified as, ``Build and maintain a complete and accurate assessment of America's critical infrastructure and key assets.'' The Strategy states: * * * the Department would build and maintain a complete, current, and accurate assessment of vulnerabilities and preparedness of critical targets across critical infrastructure sectors. The Department would thus have a crucial capability that does not exist in our government today: the ability to continuously evaluate threat information against our current vulnerabilities, inform the President, issue warnings, and effect action accordingly. It is clear that the Department believes that the ability to produce a map of the nation's critical infrastructure and cross-reference it to threat information is one of the most basic tasks that must be completed to increase the security of the Nation. In addition, the President's Strategy states, ``A complete and thorough assessment of America's vulnerabilities will not only enable decisive near-term action, but guide the rational long-term investment of effort and resources.'' Not only does DHS plan to use vulnerability assessments to evaluate threat information and provide warnings, but also to allocate resources. We agree with DHS that identifying where we are vulnerable, where we are threatened, and targeting resources to the cross-section of those two areas is the most efficient way to spend limited resources. Under S. 1039 as reported, it is unclear where DHS will get the information they require to complete its national vulnerability assessment and make resource allocation decisions that will increase the level of security in our Nation. It is clear that DHS is likely to receive partial information covering only the subset of the wastewater treatment industry that voluntarily chooses to complete a vulnerability assessment and that voluntarily chooses to share the information they collect with DHS. In fact, subsection (c)(4)(B) of S. 1039, which precludes EPA from asking for a vulnerability assessment as a condition of receiving assistance under this Act, is likely to make it extremely difficult for the Federal Government, including DHS, to seek this information for any purpose. Without the best, most up-to-date, accurate information available, DHS will be unable to fully perform its mission. Senator Jeffords' amendment sought to correct this situation by requiring that vulnerability assessments and emergency response plans be sent to DHS. Despite the fact that the President designated the EPA as the lead for water security and the fact that the drinking water vulnerability assessments are already housed there, the Jeffords amendment would have sent the wastewater documents to DHS in response to preference for DHS raised by some members. However, this amendment was defeated along party lines. We believe that the Federal Government has a responsibility to protect the American people. Without the provisions in the Jeffords amendment, we believe that S. 1039 does not fulfill this responsibility. If S. 1039 is implemented as it passed the committee, the Federal Government will not know if publicly owned treatment works will voluntarily conduct a vulnerability assessment, if they will voluntarily implement the security needs identified, or if they will incorporate the results into their emergency response plans, and there will be no way of finding out. The DHS's mission to increase the security of the country will be hindered. We believe that S. 1039 fails to take responsible, basic steps to protect our wastewater infrastructure security from terrorist attack, putting Americans at risk. Hillary Rodham Clinton. Barbara Boxer. Max Baucus. Jim Jeffords. Joe Lieberman. ADDITIONAL VIEWS OF SENATORS REID, GRAHAM, AND CARPER We voted to support S. 1039 with the hope of moving forward on this issue which is so critical to our nation's security in a timely manner while working to resolve the concerns we have with the legislation. Because that has not occurred, we are joining our colleagues in expressing our opposition to S. 1039 as it passed the committee. We concur with the minority views. Harry Reid. Tom Carper. Bob Graham. Changes in Existing Law In compliance with section 12 of rule XXVI of the Standing Rules of the Senate, changes in existing law made by the bill as reported are shown as follows: Existing law proposed to be omitted is enclosed in black brackets, new matter is printed in italic, existing law in which no change is proposed is shown in roman: FEDERAL WATER POLLUTION CONTROL ACT [As Amended Through P.L. 107-303, November 27, 2002] (33 U.S.C. 1251 et seq.) AN ACT To provide for water pollution control activities in the Public Health Service of the Federal Security Agency and in the Federal Works Agency, and for other purposes. * * * * * * * TITLE II--GRANTS FOR CONSTRUCTION OF TREATMENT WORKS * * * * * * * SEC. 221. SEWER OVERFLOW CONTROL GRANTS. (a) In General.--In any fiscal year in which the Administrator has available for obligation at least $1,350,000,000 for the purposes of section 601-- * * * * * * * SEC. 222. WASTEWATER TREATMENT WORKS SECURITY. (a) Definition of Vulnerability Assessment.-- (1) In general.--In this section, the term ``vulnerability assessment'' means an assessment of the vulnerability of a treatment works to an unlawful action intended-- (A) to substantially disrupt the ability of the treatment works to safely and reliably operate; or (B) to have a substantial adverse effect on critical in- frastructure, public health or safety, or the environment. (2) Inclusions.--The term ``vulnerability assessment'' includes-- (A) a review of the vulnerabilities of the treatment works that identifies, with respect to the treatment works-- (i) facilities, systems, and devices used in the stor- age, treatment, recycling, or reclamation of municipal sewage or industrial wastes; (ii) intercepting sewers, outfall sewers, sewage col- lection systems, and other constructed conveyances; (iii) electronic, computer, and other automated sys- tems; (iv) pumping, power, and other equipment; (v) use, storage, and handling of various chemicals; and (vi) operation and maintenance procedures; and (B) the identification of procedures, countermeasures, and equipment that a treatment works may implement or use to reduce the vulnerabilities of the treatment works identified in a review described in subparagraph (A). (b) Grants for Vulnerability Assessments and Security Enhancements.--The Administrator may provide grants to a State, municipality, or intermunicipal or interstate agency-- (1) to conduct a vulnerability assessment of a publicly owned treatment works; and (2) to implement security enhancements described in subsection (c)(1) and other security enhancements to reduce vulnerabilities identified in a vulnerability assessment. (c) Grants for Security Enhancements.-- (1) Preapproved security enhancements.--Except as provided in paragraph (3), on certification by an applicant that a vulnerability assessment has been completed for a treatment works, and that the security enhancement for which assistance is sought is for the purpose of reducing vulnerabilities of the treatment works identified in the vulnerability assessment, the Administrator may provide grants to the applicant under subsection (b)(2) for 1 or more of the uses described in paragraph (2). (2) Uses of grant funds.--The uses referred to in paragraph (1) are-- (A) the purchase and installation of equipment for materials and activities relating to access control, intrusion prevention and delay, and detection of intruders and hazardous or dangerous substances, including-- (i) barriers, fencing, and gates; (ii) security lighting and cameras; (iii) metal grates, wire mesh, and outfall entry barriers; (iv) securing of manhole covers and fill and vent pipes; (v) installation and rekeying of doors and locks; and (vi) smoke, chemical, and explosive mixture detection systems; (B) the conduct of an activity to improve the security for electronic, computer, or other automated systems and remote security systems, including-- (i) controlling access to those systems; (ii) intrusion detection and prevention; and (iii) system backup; (C) participation in a training program, and the purchase of training manuals and guidance material, relating to security; and (D) the conduct of security screening of employees or contractor support services. (3) Additional security enhancements.-- (A) Grants.--The Administrator may provide a grant under subsection (b) to an applicant for additional security enhancements not specified in paragraph (2). (B) Eligibility.--To be eligible for a grant under this subsection, an applicant shall-- (i) submit to the Administrator an application containing a description of the security enhancement; and (ii) obtain approval of the application by the Administrator. (4) Limitations.-- (A) Use of funds.--A grant provided under subsection (b) shall not be used for-- (i) payment of personnel costs; or (ii) operation or maintenance of facilities, equipment, or, systems. (B) Disclosure of vulnerability assessment.-- As a condition of applying for or receiving a grant under this subsection, the Administrator may not require an applicant to provide the Administrator with a copy of a vulnerability assessment. (d) Grant Amounts.-- (1) Federal share.--The Federal share of the cost of an activity funded by a grant under subsection (b) shall not exceed 75 percent, as determined by the Administrator. (2) Maximum amount.--The total amount of grants made under subsection (b) for any publicly owned treatment works shall not exceed $150,000, as determined by the Administrator. (e) Technical Assistance for Small Publicly Owned Treatment Works.-- (1) Definition of small publicly owned treatment works.--In this subsection, the term ``small publicly owned treatment works'' means a publicly owned treatment works that services a population of fewer than 20,000 individuals. (2) Security assessment and planning assistance.-- (A) In general.--The Administrator, in coordination with the States, may provide technical guidance and assistance to small publicly owned treatment works for-- (i) the conduct of a vulnerability assessment; and (ii) the implementation of security enhancements to reduce vulnerabilities identified in a vulnerability assessment. (B) Inclusions.--Technical guidance and assistance provided under subparagraph (A) may include technical assistance programs, training, and preliminary engineering evaluations. (3) Participation by nonprofit organizations.--The Administrator may provide grants to nonprofit organizations to assist in accomplishing the purposes of this subsection. (f) Refinement of Vulnerability Assessment Methodology for Publicly Owned Treatment Works.-- (1) Grants.--The Administrator may provide to nonprofit organizations 1 or more grants to be used in improving vulnerability assessment methodologies and tools for publicly owned treatment works, including publicly owned treatment works that are part of a combined public wastewater treatment and water supply system. (2) Eligible activities.--A grant provided under this subsection may be used-- (A) to develop and distribute vulnerability self-assessment methodology software upgrades; (B) to improve and enhance critical technical and user support functions; (C) to expand libraries of information addressing threats and countermeasures; and (D) to implement user training initiatives. (3) Cost.--A service described in paragraph (2) that is funded by a grant under this subsection shall be provided at no cost to the recipients of the service. (g) Authorization of Appropriations.--There is authorized to be appropriated, to remain available until expended-- (1) $200,000,000 for use in making grants under subsection (b); (2) $15,000,000 for use in providing assistance under subsection (e); and (3) to carry out subsection (f), $1,000,000 for each of fiscal years 2003 through 2007. SEC. 223. RESEARCH AND REVIEW. (a) Definitions.--In this section: (1) Covered treatment works.--The term ``covered treatment works'' has the meaning given the term ``treatment works'' in section 212. (2) Harmful intentional act.--The term ``harmful intentional act'' means a terrorist attack or other intentional act carried out with respect to a covered treatment works that is intended-- (A) to substantially disrupt the ability of the covered treatment works to provide safe and reliable-- (i) conveyance and treatment of wastewater; (ii) disposal of effluent; or (iii) storage of a potentially hazardous chemical used to treat wastewater; (B) to damage critical infrastructure; (C) to have an adverse effect on the environment; or (D) to otherwise pose a significant threat to public health or safety. (b) Review by Administrator.--Not later than 2 years after the date of enactment of this section, the Administrator, in coordination with appropriate Federal agencies, shall research and review (or enter into a contract or cooperative agreement to provide for research and review of)-- (1) means by which terrorists or other individuals or groups could carry out harmful intentional acts; and (2) means by which alternative processes of conveying, treating, and disposing of wastewater could be provided in the event of the destruction, impairment, or disruption of covered treatment works as the result of harmful intentional acts. (c) Means of Carrying Out Harmful Intentional Acts.--Means referred to in subsection (b)(1) include-- (1) means by which pipes and other constructed conveyances used in covered treatment works could be destroyed or otherwise prevented from providing adequate conveyance, pretreatment, treatment, and disposal of wastewater meeting applicable public health standards; (2) means by which conveyance, pretreatment, treatment, storage, and disposal facilities used by, or in connection with, covered treatment works could be destroyed or otherwise prevented from providing adequate treatment of wastewater meeting applicable public health standards; (3) means by which pipes, constructed conveyances, pretreatment, treatment, storage, and disposal systems that are used in connection with treatment works could be altered or affected so as to pose a threat to public health, public safety, or the environment; (4) means by which pipes, constructed conveyances, pretreatment, treatment, storage, and disposal systems that are used in connection with covered treatment works could be reasonably protected from harmful intentional acts; (5) means by which pipes, constructed conveyances, pretreatment, treatment, storage, and disposal systems could be reasonably secured from use as a means of transportation by terrorists or other individuals or groups who intend to threaten public health or safety; and (6) means by which information systems, including process controls and supervisory control, data acquisition, and cyber systems, at covered treatment works could be disrupted by terrorists or other individuals or groups. (d) Considerations.--In carrying out the review under this section, the Administrator-- (1) shall ensure that the review reflects the needs of covered treatment works of various sizes and various geographic areas of the United States; and (2) may consider the vulnerability of, or potential for forced interruption of service for, a region or service area, including the National Capital Area. (e) Information Sharing.--As soon as practicable after the review carried out under this section has been evaluated by the Administrator, the Administrator shall disseminate to covered treatment works information on the results of the review through the Information Sharing and Analysis Center or other appropriate means. (f) Funding.--There is authorized to be appropriated to carry out this section $15,000,000 for the period of fiscal years 2004 through 2008.