[House Hearing, 109 Congress]
[From the U.S. Government Publishing Office]
HELPING BUSINESS PROTECT THE HOMELAND:
IS THE DEPARTMENT OF HOMELAND SECURITY
EFFECTIVELY IMPLEMENTING THE SAFETY ACT?
=======================================================================
JOINT HEARING
before the
SUBCOMMITTEE ON MANAGEMENT,
INTEGRATION, AND OVERSIGHT
joint with the
SUBCOMMITTEE ON EMERGENCY
PREPAREDNESS, SCIENCE
AND TECHNOLOGY
of the
COMMITTEE ON HOMELAND SECURITY
HOUSE OF REPRESENTATIVES
ONE HUNDRED NINTH CONGRESS
SECOND SESSION
__________
SEPTEMBER 13, 2006
__________
Serial No. 109-100
__________
Printed for the use of the Committee on Homeland Security
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Available via the World Wide Web: http://www.gpoaccess.gov/congress/
index.html
__________
U.S. GOVERNMENT PRINTING OFFICE
35-622 PDF WASHINGTON DC: 2007
---------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing
Office Internet: bookstore.gpo.gov Phone: toll free (866)512-1800
DC area (202)512-1800 Fax: (202) 512-2250 Mail Stop SSOP,
Washington, DC 20402-0001
COMMITTEE ON HOMELAND SECURITY
Peter T. King, New York, Chairman
Don Young, Alaska Bennie G. Thompson, Mississippi
Lamar S. Smith, Texas Loretta Sanchez, California
Curt Weldon, Pennsylvania Edward J. Markey, Massachusetts
Christopher Shays, Connecticut Norman D. Dicks, Washington
John Linder, Georgia Jane Harman, California
Mark E. Souder, Indiana Peter A. DeFazio, Oregon
Tom Davis, Virginia Nita M. Lowey, New York
Daniel E. Lungren, California Eleanor Holmes Norton, District of
Jim Gibbons, Nevada Columbia
Rob Simmons, Connecticut Zoe Lofgren, California
Mike Rogers, Alabama Sheila Jackson-Lee, Texas
Stevan Pearce, New Mexico Bill Pascrell, Jr., New Jersey
Katherine Harris, Florida Donna M. Christensen, U.S. Virgin
Bobby Jindal, Louisiana Islands
Dave G. Reichert, Washington Bob Etheridge, North Carolina
Michael T. McCaul, Texas James R. Langevin, Rhode Island
Charlie Dent, Pennsylvania Kendrick B. Meek, Florida
Ginny Brown-Waite, Florida
______
SUBCOMMITTE ON EMERGENCY PREPAREDNESS, SCIENCE, AND TECHNOLOGY
Dave G. Reichert, Washington, Chairman
Lamar S. Smith, Texas Bill Pascrell, Jr., New Jersey
Curt Weldon, Pennsylvania Loretta Sanchez, California
Rob Simmons, Connecticut Norman D. Dicks, Washington
Mike Rogers, Alabama Jane Harman, California
Stevan Pearce, New Mexico Nita M. Lowey, New York
Katherine Harris, Florida Eleanor Holmes Norton, District of
Michael McCaul, Texas Columbia
Charlie Dent, Pennsylvania Donna M. Christensen, U.S. Virgin
Ginny Brown-Waite, Florida Islands
Peter T. King, New York (Ex Bob Etheridge, North Carolina
Officio) Bennie G. Thompson, Mississippi
(Ex Officio)
______
Subcommittee on Management, Integration, and Oversight
Mike Rogers, Alabama, Chairman
John Linder, Georgia Kendrick B. Meek, Florida
Tom Davis, Virginia Edward J. Markey, Massachusetts
Katherine Harris, Florida Zoe Lofgren, California
Dave G. Reichert, Washington Sheila Jackson-Lee, Texas
Michael McCaul, Texas Bill Pascrell, Jr., New Jersey
Charlie Dent, Pennsylvania Bennie G. Thompson, Mississippi
Peter T. King, New York (Ex (Ex Officio)
Officio)
(II)
C O N T E N T S
----------
Page
STATEMENTS
The Honorable Dave Reichert, a Representative in Congress From
the State of Washington, and Chairman, Subcommittee on
Emergency Preparedness, Science, and Technology:
Oral Statement................................................. 25
Prepared Statement............................................. 26
The Honorable Bill Pascrell, Jr., a Representative in Congress
From the State of New Jersey, and Ranking Member, Subcommittee
on Emergency Preparedness, Science, and Technology............. 4
The Honorable Mike Rogers, a Representative in Congress From the
State of Alabama, and Chairman, Subcommittee on Management,
Integration, and Oversight:
Oral Statement................................................. 1
Prepared Statement............................................. 2
The Honorable Kendrick Meek, a Representative in Congress From
the State of Florida, and Ranking Member, Subcommittee on
Management, Integration, and Oversight......................... 2
The Honorable Bennie G. Thompson, a Representative in Congress
From the State of Mississippi, and Ranking Member, Committee on
Homeland Security:
Oral Statement................................................. 21
Prepared Statement............................................. 22
The Honorable Donna M. Christensen, a Delegate in Congress From
the U.S. Virgin Islands........................................ 33
The Honorable Charlie Dent, a Representative in Congress From the
State of Pennsylvania.......................................... 20
The Honorable Norman D. Dicks, a Representative in Congress From
the State of Washington........................................ 28
The Honorable Sheila Jackson-Lee, a Representative in Congress
From the State of Texas........................................ 29
Witnesses
Panel I
The Honorable Jay Cohen, Undersecretary for Science and
Technology, U.S. Department of Homeland Security:
Oral Statement................................................. 6
Prepared Statement............................................. 9
Accompanied by:
Ms. Linda Vasta, Acting Director, Office of SAFETY ACT
Implementation............................................... 29
Ms. Elaine C. Duke, Chief Procurement Officer, U.S. Department of
Homeland Security:
Oral Statement................................................. 12
Prepared Statement............................................. 14
Panel II
David Z. Bodenheimer, Esq., Crowell & Moring LLP:
Oral Statement................................................. 59
Prepared Statement............................................. 60
Mr Brian E. Finch, Esq., Dickstein Shapiro LLP:
Oral Statement................................................. 52
Prepared Statement............................................. 54
Mr. Andrew Howell, Vice President, Homeland Security Policy
Division, U.S. Chamber of Commerce:
Oral Statement................................................. 34
Prepared Statement............................................. 35
Mr. Michael M. Meldon, Executive Director, Homeland Security and
Defense Business Council:
Oral Statement................................................. 39
Prepared Statement............................................. 42
Mr. Stan Z. Soloway, President, Professional Services Council:
Oral Statement................................................. 45
Prepared Statement............................................. 48
Appendix
Questions and Responses
Ms. Elaine Duke Responses........................................ 75
HELPING BUSINESS PROTECT THE
HOMELAND: IS THE DEPARTMENT OF
HOMELAND SECURITYEFFECTIVELY
IMPLEMENTING THE SAFETY ACT?
----------
Wednesday, September 13, 2006
U.S. House of Representatives,
Committee on Homeland Security,
Subcommittee on Management,
Integration and Oversight,
joint with the
Subcommittee on Emergency Preparedness,
Science and Technology,
Washington, DC.
The subcommittees met, pursuant to call, at 10:10 a.m., in
Room 2175, Rayburn House Office Building, Hon. Mike Rogers
[chairman of the Subcommittee on Management, Integration and
Oversight] presiding.
Present: Representatives Rogers, Reichert, Linder, Dent,
Thompson, Pascrell, Meek, Dicks, Jackson-Lee, and Christensen.
Mr. Rogers. [Presiding.] This joint hearing of the Homeland
Security Subcommittee on Management, Integration and Oversight
and the Subcommittee on Energy Preparedness, Science and
Technology will come to order.
I am pleased to join our colleagues on the other
subcommittee in this joint subcommittee hearing on the
implementation of the SAFETY Act.
Let me first begin by welcoming our panelists of
distinguished witnesses and thank them for taking time out of
their busy schedules to be with us today.
The SAFETY Act was enacted in November 2002 as a part of
the Homeland Security Act. At that time, it was the intent of
Congress to spur the development and deployment of innovative
antiterrorism technologies.
The bill does this in part by limiting the liability
exposure of the companies that provide these technologies in
the event of a terrorist attack. Since the law was enacted,
however, the number of applications to DHS for SAFETY Act
protection has fallen well below expectations.
Critics have charged that this disappointing performance is
due to a number of factors, including the department's slow
evaluation and approval process, understaffing in key offices,
and lingering questions about the act's ability to shield
technology providers from liability.
This summer DHS issued a final rule to implement the SAFETY
Act as well as a revised application kit with a goal of
addressing many of these private-sector concerns.
The feedback we have received from industry about the
revised process has been mostly positive. I look forward to
hearing from our witnesses more about these recent changes and
whether they address the key questions.
First, is the application and review process swift,
efficient and effective? Second, how can DHS more closely
integrate the application and review process with the
department's procurement of antiterrorism technologies and
services? And third, is there sufficient awareness of and
confidence in the protection provided by the SAFETY Act in the
public and private sectors?
I want to again thank the witnesses for joining us today,
and I look forward to their testimony on this important
subject.
Prepared Opening Statement of the Honorable Mike Rogers
I am pleased to join Chairman Reichert in holding this joint
subcommittee hearing on the implementation of the SAFETY Act.
Let me first begin by welcoming our two panels of distinguished
witnesses, and thank them for taking time out of their busy schedules
to be with us today.
The SAFETY Act was enacted in November 2002 as part of the Homeland
Security Act.
At that time, it was the intent of Congress to spur the development
and deployment of innovative anti-terrorism technologies.
The bill does this, in part, by limiting the liability exposure of
companies that provide those technologies in the event of a terrorist
attack.
Since the law was enacted, however, the number of applications to
D-H-S for SAFETY Act protections has fallen well below expectations.
Critics have charged that this disappointing performance is due a
number of factors, including:
the Department's slow evaluation and approval process;
under-staffing in key offices;
and lingering questions about the Act's ability to
shield technology providers from liability.
This summer, D-H-S issued its final rule to implement the SAFETY
Act, as well as a revised Application Kit, with the goal of addressing
many of the private sector's concerns.
The feedback we've received from industry about the revised process
has been mostly positive.
I look forward to hearing from our witnesses more about these
recent changes, and whether they address three key questions.
First, is the application and review process swift, efficient, and
effective?
Second, how can D-H-S more closely integrate the application and
review process with the Department's procurement of anti-terrorism
technologies and services?
And, third, is there sufficient awareness of--and confidence in--
the protections provided by the SAFETY Act in the public and private
sectors?
I want to again thank the witnesses for joining us today, and look
forward to their testimony on this important subject.
I now yield to the Ranking Member, Mr. Meek, for any statement he
may have.
I now yield to the ranking member, Mr. Meek, for any
statement that he may have.
Mr. Meek. Thank you, Mr. Chairman.
I would like to welcome Secretary Cohen and also Chief
Procurement Officer Duke back to the committee, along with the
representative from the SAFETY Act office.
And also, to the second panel, we want to also welcome you
to the committee and look forward to your testimony.
The idea behind the SAFETY Act was to encourage development
and the deployment of cutting-edge homeland security
technologies that would not otherwise have been procured. For
the past 3 years, Homeland Security has not really had a system
in place to administer the program.
It has been frustrating to watch the lack of activity in
the SAFETY Act office. That is why I was pleased to hear that
the department has issued a new rule and application kit.
Initial feedback on the new kit seems to be positive. I am
told that the application kit looks easier to fill out, and the
overall process appears to be less burdensome.
At the same time, we don't want to come to the podium and
go too far away from the original intent of the SAFETY Act. And
I think that the application--the application states for the
technology that has been inquired or utilized in the past on
ongoing procurement would be significantly expended.
I think also it is important that the testimony that we
have here today would hopefully push us in the direction that
we want the SAFETY Act to move in.
Also, Mr. Cohen, I am looking forward to your testimony as
it relates to the future of the SAFETY Act and the integrity of
the SAFETY Act and making sure that it sets out to move in the
direction that we need to move in of how the original act
called for to be moved in.
I want to say, because we have these committees, and
sometimes it is very frustrating to come and spend time in
these subcommittees, and we don't hear exactly what you need
for us to know.
I know that we have public-and private-sector members on
the second panel. I would ask that panel to share with us what
we need to know, not what you may think we want to hear, but
what we need to know.
Both of these subcommittees have been pulled together today
to be able to make sure that the process move forward. As you
know, Ranking Member Thompson and a number of other members of
the subcommittee and the overall committee asked for some
forward progress as it relates to the SAFETY Act
implementation.
So you can see the chart that is behind you that we really
didn't have any action until this year, and many members of the
private sector who want to assist us in our technology field
also wanted to be covered by what the SAFETY Act provides, the
blanket of not--of the whole liability issue.
They had some level of frustration, but from what I am
hearing now they feel that it is a new day. We want to make
sure that the sun continues to shine.
So, Mr. Chairman, I look forward to the testimony. And I
know the chairman and I have two committees going on at the
same time--two of us have a committee going at the same time,
Armed Services, where they are going to be having some votes a
little later on, and so we will be going in and out as those
votes are called.
But our staff will be here to be able to hear the kind of
input that we need to hear to be able to allow us to continue
to assist not only the department but the private sector in the
technology field to help us protect Americans.
Mr. Chairman, with that I yield back.
Mr. Rogers. I thank the gentleman.
The chair now recognizes the ranking member of the
Subcommittee on Emergency Preparedness, Mr. Pascrell, for any
statement he may have.
Mr. Pascrell. Thank you, Mr. Chairman.
I want to thank Mr. Reichert--he will be here with us
shortly--as well as yourself and Ranking Member Meek for
helping to convene this meeting.
I want to welcome our witnesses. We have met several times,
talked about things that are at hand. I believe that all of you
appearing before us today are exemplary public officials. And I
really appreciate the fact that you have been pretty
straightforward. Please don't change.
I think that this hearing is pretty critical. The Support
for Antiterrorism by Fostering Effective Technologies Act of
2002 provides critical incentives for the development and
deployment of antiterrorism technologies for homeland security.
The success of this act, the SAFETY Act, is a vital
component to our nation's homeland security efforts. The SAFETY
Act limits the liability of providers of qualified
antiterrorism technologies for claims arising out of, relating
to or resulting from an act of terrorism.
It was Congress's intent that the SAFETY Act would address
businesses' liability concerns and pave the way for innovative
development. We want to encourage that and foster it so that we
could develop key antiterrorism technologies.
Industry remains skeptical about the burdens imposed by
this act--I can understand that--and the durability of the
legal protection that the act provides. We have to be, I think,
very definitive about this.
Today's hearing will give us a good perspective as to what
has been done and what further needs to be accomplished in
order to make this act as effective as possible. To be sure,
some recent success has indeed been instituted.
I want to join many of us here by commending the department
and the general counsel's office for putting out the final
rule--it has only been 4 years--and the new application kit for
the SAFETY Act certification.
My understanding--correct me if I am wrong--is that the
initial reaction from applicants is that this is a much-
improved kit, it will be easier to fill out, to apply, to do
what we want to do, to have innovation, to think, to use our
imaginations, easier to understand--I mean, the last was a
disaster--and require fewer burdens than the previous kit that
we saw.
The final rule also does a very good job of clarifying an
array of key problems that arose from the earlier rules.
However, as is often the case, there is still unfinished
business. The SAFETY Act is intended to influence the
production of technologies that otherwise would not have been
produced.
But the department states in the application kit that, ``It
may be very important and could significantly expedite your
application if your technology has been acquired or utilized or
is subject to an ongoing procurement.''
This brings forward the concern of many of us here today,
that the department may view the act as a blanket liability
waiver for every technology.
Additionally, the language as it is written makes me worry
that the department wishes to encourage companies to invest
their research dollars in antiterrorism technology ready to be
fielded now rather than in breakthrough technologies that may
offer a needed transformation in the way we combat the war
against terror.
Industry still seems to harbor some serious reservations
and doubts about the ability of the department to keep and
safeguard sensitive business concerns and confidentiality. I am
puzzled about that area of confidentiality, to be very truthful
with you.
Many have expressed deep dissatisfaction with the
department's stated policy with regard to safeguarding
proprietary information submitted as part of the SAFETY Act
application. And I want to hear, hopefully, how the department
intends to assure applicants that their proprietary information
will be, in fact, kept confidential.
We have also heard that while there are dozens of
contractors from the general counsel's office helping to move
the SAFETY Act forward, there is only one full-time employee
actually working at the SAFETY Act office. Am I correct in
stating that?
If true, that is unacceptable, as we intended the
legislation. Either the Congress or the department needs to
address the problem immediately.
Lastly, it does appear that the link between the SAFETY Act
office and the procurement office in DHS must be improved. If a
product meets a test for procurement officials, there is no
reason why the SAFETY Act office should have to run through an
entirely new and an entirely superfluous process to test the
effectiveness of the product. If I am wrong, teach me. I am
educable, believe it or not.
In the fight against terror, we must be quick and nimble.
We can never forget that. If we can get the SAFETY Act to an
optimal operating level, our nation will be well served. It is
the austere responsibility of this committee and the witnesses
before us to ensure that this happens.
I want to thank the chairman. In this critical oversight
hearing I look forward to a robust discussion.
Thank you, Mr. Chairman.
Mr. Rogers. I thank the gentlemen.
The other members are reminded that opening statements may
be submitted for the record.
We are pleased to have with us two distinguished panels.
And let me remind the panelists, all panelists, that your full
opening statement will be submitted for the record, so if you
would like to abbreviate it in your opening oral remarks, that
would allow more time for questioning.
Also, I would like to, before we empanel the first panel,
ask for unanimous consent that the acting director of the
Office of SAFETY Act Implementation, Ms. Linda Vasta, be
empaneled along with Mr. Cohen to assist in answering
questions.
Without objection, welcome, Ms. Vasta.
The chair now calls the first panel and recognizes the
Honorable Jay Cohen, undersecretary for science and technology
for the U.S. Department of Homeland Security.
Welcome, Mr. Cohen. We look forward to your statement.
STATEMENT OF HON. JAY COHEN, UNDERSECRETARY FOR SCIENCE AND
TECHNOLOGY, DEPARTMENT OF HOMELAND SECURITY
Mr. Cohen. Well, good morning, Chairman Rogers, Chairman
Reichert, Congressman Meek and Congressman Pascrell and the
other distinguished members of the subcommittees.
It is a distinct pleasure for me to be here today to
discuss the Department of Homeland Security Science and
Technology Directorate and, in particular, our implementation
of the SAFETY Act.
Mr. Chairman, you have already indicated very kindly that
my written testimony will be mad a part of the record. And
thank you so much for accommodating having Ms. Linda Vasta at
the table with me. As you know, I have been in the saddle now
for about 1 month. I am not lawyer, and I am not an expert.
And as Congressman Pascrell has already indicated, I try
and use straight talk, and I am learning very quickly about the
SAFETY Act, but I have much more to learn.
And so with that, I will abbreviate my comments so that we
provide more time for your very important questions in the time
that is allotted.
I always like to start off by reminding the people who are
listening, because I know the members are very well aware of
this, of why we are here, who we enable, what we are all about.
And we just recognized--I don't want to say celebrated--the
fifth anniversary of the tragic events of that terrible day,
the 11th of September, 2001.
We would not have the Department of Homeland Security if it
were not for that event. As I testified previously, I thank the
Congress and the administration so much for establishing that
department. And now we need to make it more effective as each
day goes on.
I have already talked about Linda Vasta. I am also pleased
to have sitting to my left Ms. Elaine Duke. She is our chief
procurement officer at the Department of Homeland Security. We
work very closely together. I must tell you, I feel a little
bit like a thorn amongst the roses here. But I am honored to be
sitting at the same table as them.
I am pleased to discuss the progress that we have made on
the implementation of the SAFETY Act. Congressman Meek has
already addressed the histogram that I have to my right.
Because I am the new kid on the block, I will not take
credit for that, but I will give credit to Secretary Chertoff
and Deputy Secretary Michael Jackson who have given this the
attention that it has required and deserves.
And sitting behind me is Mark Rosen, who is my general
counsel, who likewise has been fully engaged in this. I will
tell you, ladies and gentlemen, that barely a day goes by at
the end of the day that Mark Rosen doesn't come in with a new
SAFETY Act for my review and approval, and that is how we get
this kind of progress.
It was interesting and it was serendipitous that on the
11th of September, on Monday, we approved the 100th SAFETY Act
technology since initiation of the SAFETY office. There are
currently 40 cases undergoing technical review.
So in the short time I have been on board with the pending
case load--we have a responsibility, as you have indicated, to
earn the trust of industry and the American people. We must
ensure that the SAFETY Act is a credible program and that we
are in this for the long haul.
The new rule and the new application kit have already been
addressed. Although I am not from Oklahoma, I do believe in
``show me,'' and so I went to Google, and I just typed in
``SAFETY Act'' to see what I would find. And lo and behold,
number one on the list--and we don't pay Google; we are not one
of the paid advertisers--is www.safetyact.gov.
And then I went to that Web site, which is the new,
improved Web site that you have already talked about. In the
Navy, we always talk about the Major Smith test. I am not
trying to be derogatory to the Army or the Air Force, but the
Major Smith test is when we think we have a good idea, we give
it to an uninitiated person to see does it really pass the
common sense check.
And that is what I was attempting to do. And so then I went
to download the application. It is 93 pages on Adobe. I am not
trying to give an ad here to them, but it came up very quickly,
and I printed out the table of contents and then worked my way
through as if I were an offerer. And I appreciate very much
your comments.
I would also like to say good morning to Congressman
Thompson, and I apologize. We have not had the chance to meet
personally before this, but I look forward to that very much,
sir.
So I have done the Major Smith test, and I am comfortable
with the feedback that we have been receiving on that new
application.
One of the major provisions of the final rule is moving the
time line from 150 days to 120 days. I see that as an outer
limit. I believe that we can do better.
And we will, I am sure, as part of answering questions,
address the issue of staffing, manning, process and metrics.
But all of the trends, all of the vectors, I believe, are in
the right direction.
I had a chance to testify before Chairman Reichert and
Congressman Pascrell's committee last week on the realignment
of the S&T Directorate, which was approved last Wednesday, by
Secretary Chertoff, and I briefed all of my people yesterday,
all hands, on that. It is now in place.
We will be updating the Web site so people will know who to
come to independent of the SAFETY Act with their technologies,
et cetera. But as part of that brief, I indicated we would have
six departments and three cross-cutting--three matrix
directors, one for transition, one for innovation--that is
HSARPA--and one for research. Those are the laboratories and
the universities.
Because my director of transition in an integrated process
team will sit as a team member first with the customer, whether
that is TSA, Customs and Border Protection or the directorates
in Homeland Security, and sit across the table from Ms. Duke's
acquisition professionals, I believe that the best alignment
for the SAFETY Act Implementation Office is under my director
of transition.
That is a senior executive service person. He is very
familiar not only with Homeland Security but also the entire
output portfolio of my directorate. And so that is the
direction in which I am proceeding.
There has been discussion here of being nimble. I prefer to
use the word agile. Our enemy is agile. Our enemy is devious.
They stop at nothing to achieve their goals. And I believe we
have to be as motivated, and I hope to bring that intensity and
enthusiasm to my directorate.
I will tell you that I am extremely honored to be here
today representing those good men and women, government
service, interagency personnel act, detailees from our
laboratories, industry and our contract staff who make the S&T
Directorate the organization it is today.
I will work to make it a world-class S&T management
organization that is both effective and agile and meets and
exceeds the desires of the Congress and the administration and
the implementation of the law.
Having said that, as good as we think the final rule may
be, and as good as we think the improvements in the new
application kit are, we still have to listen, and we should
listen, and I look forward to listening to our customer, and
our customer, of course, are industry. They are the R&D and the
S&T component of this incredible country.
And so I look forward to staying and listening to the
comments and the recommendations of the second panel. One of
the things that I think you will hear from that panel, and I
will conclude my remarks, are on the 10th of August, the day
that I was sworn in by Secretary Chertoff, the liquid
explosives plot against airlines flying from England to the
United States broke.
That sort of became the focus of my life around
reorganizing, realigning the department and all the other
things that we have accomplished in the last month.
But it was clear to me that when you looked at the threat,
you looked at the inconvenience to the traveling public, the
economic impact, that we had to address, as I call it, the wolf
that is closest to the door.
Now, in the area of terrorism and technologies, there are
many wolves on the porch. But our public expects us to respond,
and so the very next day, on the 11th of August, I established
the rapid response team for liquid explosives.
We assigned a program manager. We assigned a scientist who
understood the chemistry, had worked with the Israelis, with
the Brits, and with our laboratories. And also, we brought the
Transportation Security Laboratory of Atlantic City to the
table.
We had communications immediately with all of our
Department of Energy laboratories, which you have so graciously
given me access to, for their technology and their science and
their innovation.
And we brought in some of the representatives who will be
on this second panel today, but we invited industry
representatives. And we went out with a request for
information. We have over 40 responses today. It closed
yesterday.
We are move forward very quickly, within 30 days, to test
these technologies to detect the liquid explosives of concern.
But in a proactive way, for the first time--and this was
leadership direction at Homeland Security; it was not my idea,
but I am very pleased to have implemented it--we used the
SAFETY Act in a proactive way where we informed all the
applicants that they would get SAFETY Act protection for their
technologies.
So with that, I will conclude my comments. Again, it is an
honor to be here. I look forward to your questions. And I think
that Ms. Duke may have a short statement also.
[The statement of Mr. Cohen follows:]
For the Record
Prepared Statement of the Honorable Jay M. Cohen
SAFETY Act Testimony
Good Morning Chairman Rogers, Chairman Reichert, Ranking Members
Meek and Pascrell, and distinguished Members of the Subcommittees, it
is a pleasure to be with you today to discuss the Department of
Homeland Security (DHS) Science and Technology Directorate (S&T
Directorate) and in particular our implementation of the SAFETY Act
program. I appreciate your invitation to discuss our programmatic
accomplishments and my vision of how the Directorate can improve the
use of the SAFETY Act to meet the mission needs of our customers--the
DHS Components--and the technology providers that will make use of the
SAFETY Act to enable them to field technologies that will make the
Nation safer. I similarly appreciate the important role that the SAFETY
will continue to make in eliminating barriers to full participation by
the private sector in developing and fielding new types of anti-
terrorism technologies.
I am honored to have this opportunity and privilege to serve with
the dedicated men and women, scientists, engineers, and professionals
who are working to secure our homeland and defend our freedoms. While
the SAFETY Act program is still a work in progress, I am very proud of
what has been accomplished in a relatively short time. I have with me
today Linda Vasta who is the Acting Director of the Office of SAFETY
Act Implementation. I will look to Linda to help respond to any
questions of the Committee that call for specific facts and figures
about how the program is performing.
The S&T Directorate has a significant role in bringing to bear
solutions to the Department's homeland security challenges. During my
tenure at the Office of Naval Research, especially after 9-11, I
learned first hand the incredible value that a sustained, customer
focused basic and applied research program adds to America's ability to
bring advanced technology to our (and our allies) asymmetric advantage
against the enemies of freedom. It can mean the difference between life
and death, victory and defeat. DHS's enabling legislation, the Homeland
Security Act of 2002, established a separate Science and Technology
Directorate with a well-defined mission in recognition of the
importance of robust science and technology programs in the War on
Terrorism. I intend to move the S&T Directorate forward by instilling
efficient processes, ensuring accountability and empowering people to
conduct the important work of the Directorate. The SAFETY Act plays a
key role in enabling the fullest possible participation of industry in
this effort.
The SAFETY Act (Support Anti-terrorism by Fostering Effective
Technologies Act) was enacted as part of the Homeland Security Act of
2002. The mission of the SAFETY Act is to facilitate the development
and deployment of qualified anti-terrorism technologies by creating a
system of risk and litigation management. These protections apply to a
company when the worst happens--an act of terrorism. The SAFETY Act is
intended to ensure that the threat of liability does not deter
potential manufacturers or sellers of anti-terrorism technologies from
creating or providing products and services that could save lives.
The last year has been a time of significant growth and improvement
for the SAFETY Act program, building on the S&T Directorate's proactive
efforts to develop the program since the Department was created in
2003. The increase in the number and types of technologies extended
SAFETY Act protection has been impressive. Since September of 2005, DHS
has issued 60 award decisions. As you can see from the chart, over last
three years, the growth is strong and continues to climb. We currently
have issued SAFETY Act Designations or Designation/Certifications to
over 100 companies that are developing Qualified Anti-Terrorism
Technologies. While I am encouraged with the trend indicated by these
numbers, I believe we can more fully utilize what is an important
homeland security tool. However, I wish to report several developments
that (i) reveal the Department's commitment to improving upon efforts
to date, (ii) indicate that progress is being made, and (iii) should
with time greatly increase the number of companies applying for and
receiving SAFETY Act protection.
The first improvement is the promulgation and implementation of the
SAFETY Act Final Rule, which became effective on July 10, 2006. The
terms of the final rule reflect lessons learned and experience gained
from our operational experience and provide for a more efficient and
user-friendly application process. They also reflect the many comments
and suggestions that were made by the private sector and industry
experts while the program operated under the Interim Rule.
Perhaps the most dramatic change in the Final Rule is the reduction
of the evaluation cycle from 150 days to a maximum of 120 days, while
maintaining the same quality level of analysis. Expediting this process
is vital for the companies who cannot wait months for decisions to be
made when their capital and intellectual property is on the line. Our
hope is that our elimination of 30 days from the review cycle sends an
important signal to the private sector that we are committed to their
success and improves their overall experience with the application
process. Moreover, I expect that decisions on certain applications will
be made in time frames far shorter than 120 days, and assure you that,
in any event, the 120 day regulatory cycle will be strictly adhered to.
Since coming on board, I have learned that the Department's track
record in processing applications within the SAFETY Act's regulatory
deadlines is troubling. I have learned that, through the practice of
issuing numerous ``requests for information,'' in some cases the
Department might have caused unnecessary delay and imposed undue
burdens on applicants. This is not consistent with my goals for a full
service, efficient, and customer oriented organization. Going forward,
the Department will strictly adhere to regulatory deadlines and will
ensure that only information necessary to reach a decision on an
application will be required. Time is of the essence. Furthermore, I
will, while preserving the integrity of the technical review process,
continue to look for ways to improve the program's level of efficiency
and further reduce the SAFETY Act application evaluation cycle.
Already, the Office of Safety Act Implementation (OSAI) and the
Office of the Chief Procurement Officer are working together to align
the SAFETY Act application review process more closely and effectively
with the procurement processes within DHS and throughout the Federal
Government. We have briefed members of the DHS acquisition community to
facilitate the integration of these two processes. We are also
streamlining our review processes and are working to eliminate
duplicative technical reviews of candidate technologies that are the
subject of government procurements. We take very seriously our
responsibility to ensure that technologies receiving SAFETY Act
protections are effective in helping to protect America; however, if a
thorough evaluation of a technology has already been conducted as part
of the government's RDT&E or acquisition process and particular
technologies found to be effective, we are comfortable eliminating
duplicate technical reviews and ``fast tracking'' applications for
SAFETY Act protections to coincide with government acquisition
schedules. We are doing this now with our current initiative to seek
technologies to detect liquid explosives. The Department did this
effectively last November with regard to the procurement by the
Domestic Nuclear Detection Office (DNDO) of Advanced Spectroscopic
Portal technology. Other examples include coordinating with the
Transportation and Security Administration (TSA) on private airport
screening services. We recently worked with procurement and other
officials to integrate SAFETY Act into planning and acquisition
activities associated with the Secure Border Initiative, US-VISIT, and
the Registered Traveler program.
The Final Rule also establishes that some of the protections of the
SAFETY Act can be afforded to qualified anti-terrorism technologies
that are undergoing developmental testing and evaluation. By creating
``Developmental Testing and Evaluation Designations,'' the Final Rule
encourages investment in promising technologies that could serve as an
important homeland security resource.
Another major enhancement to the SAFETY Act program is the new
Application Kit which was released on August 14, 2006. The SAFETY Act
program is in its third year, and experience in administering the
program has demonstrated that procedural processes built to administer
the Act could be improved. The Department recognized that the initial
SAFETY Act Application Kit was overly burdensome and the application
process could be streamlined and made less bureaucratic. The Department
has refined the SAFETY Act Application Kit and the application process
more generally to reduce burdens and to focus more precisely on
collecting the information necessary for the review of a particular
anti-terrorism technology.
The Department recognizes that each SAFETY Act application is
different. Our aim is to have an interactive and flexible application
process and to focus the SAFETY Act Application Kit on soliciting
essential information that may be supplemented as necessary on a case
by case basis. And as part of the new Application Kit, the Office of
SAFETY Act Implementation will be proactively engaging applicants much
earlier in the process. The new Application Kit is designed to be more
``user-friendly,'' and the Department, through a Notice in the Federal
Register dated August 17, 2006, is inviting comments and suggestions
for how we may further refine the kit to make the SAFETY Act
application process even more effective.
With the Final Rule and new Application Kit in place, the SAFETY
Act Office will be redoubling their efforts to encourage an increasing
number of SAFETY Act applications. To this end, continuing the
proactive outreach that began with the S&T Directorate's first SAFETY
Act presentations in five cities in the Fall of 2003, we are
participating in or presenting at a number of homeland security-related
conferences to spread the word to individual companies. We are also
beginning a comprehensive system of outreach to high-tech trade
associations, technology incubators, relevant members of the legal
community, and leading business associations. Our outreach will involve
one-on-one meetings, participation in industry events, articles in
industry publications and greater information dissemination via the
SAFETY Act website, www.safetyact.gov.
For example, there are dozens of high tech trade associations in
the DC area representing thousands of technology companies. By working
with them to spread the word about the SAFETY Act, we can dramatically
increase our number of applicants and thereby find valuable anti-
terrorism technologies for use by DHS. Personal briefings with members,
newsletter articles and targeted events as well us field visits and
``town hall'' meetings allow us to inform more companies about the
protections available to them as we continue to fight the war on
terror. This opportunity also exists across the country with state,
county and city technology associations. Building a relationship with
them will help facilitate our grassroots outreach. Successful
utilization of the SAFETY Act program truly depends on effective
public-private partnerships and we will work to make the most of this
opportunity.
I believe the best way to judge the progress we are making is by
the statements of the companies that have received SAFETY Act awards.
We have worked diligently to listen to the feedback from private
industry and their comments speak volumes about the quality of the work
we are doing. In the June 19th issue of Government Security News
magazine, a number of companies issued statements about the benefits of
the Act and how it has impacted their business.
Wackenhut Chairman and CEO Gary Sanders stated, ``By
granting these much sought-after awards, the DHS has validated
these important processes and declared that Wackenhut's
services are designed to envision and defend against possible
terrorist scenarios; deny terrorists access to secure
facilities; and, to respond to terrorist related security
breaches.''
Mitigation Technologies Managing Member Craig Schwartz
stated, ``Mitigation Technologies continues to develop and
deploy innovative life-saving products while seeking added
benefits like DHS' SAFETY Act coverage to provide safety,
comfort and peace of mind for citizens worldwide.''
Smith Detection Americas President Cherif Rizkalla
stated, ``SAFETY Act certification provides our customers with
real assurance the Hi-SCAN 7555i and the Sentinel II are
effective, reliable and safe anti-terrorism technologies. . .
We plan to obtain SAFETY Act approval for additional Smiths
products in the near future.''
Boeing's Vice President of Advanced Homeland Security,
John Stammreich stated ``to us, the SAFETY Act is vital. . .
.we're really encouraged how far the government has come in the
last 18 months to two years. . . .Boeing is feeling very
bullish about the SAFETY Act environment.''
In conclusion, the SAFETY Act is a vital tool for our government to
remove barriers to full industry participation in finding new and
unique technologies to combat an evolving enemy. Technological and
scientific innovation continues to be a major factor in our Nation's
success, and the SAFETY Act is one means by which we can help leverage
that strength in our War on Terrorism. The SAFETY Act can, when used to
its full potential, create market incentives for industry to
increasingly invest in measures to enhance our homeland security
capacity. While more needs to be done, I am pleased to report there are
over 100 SAFETY Act protected technologies that we have enabled to be
deployed around the country, and over 40 additional technologies under
review. The fact that we have a growing number of applications in the
pipeline is testament to the fact that this program is becoming
increasingly credible and important to the business and government
acquisition community. This fiscal year alone OSAI has processed and
issued twice as many Designations and Certifications for Qualified
Anti-terrorism Technologies as in previous years. Moreover, DHS has set
the stage for even greater progress and accomplishment for
implementation of the SAFETY Act. The SAFETY Act will continue to
provide needed protection to the most dynamic creators of anti-
terrorism technologies, while also safeguarding the American public.
Thank you for your time and I look forward to your questions.
Mr. Rogers. Thank you, Mr. Cohen.
And the chair now recognizes Ms. Elaine Duke, chief
procurement officer for the Department of Homeland Security.
And we welcome you back and look forward to your statement.
STATEMENT OF ELAINE DUKE, CHIEF PROCUREMENT OFFICE, U.S.
DEPARTMENT OF HOMELAND SECURITY
Ms. Duke. Thank you. Good to be back. Good morning.
Chairman Rogers, Chairman Reichert, Ranking Member Meek,
Ranking Member Pascrell and members of the committees, I am
Elaine Duke, and I am the chief procurement officer for the
Department of Homeland Security.
Thank you for the opportunity to appear before you to
discuss the Department of Homeland Security SAFETY Act
implementation.
The SAFETY Act of 2002 serves as a critical tool in
expanding the creation, proliferation and use of antiterrorism
technologies.
While the Undersecretary for Science and Technology is
responsible for executing the functions of the act, including
the designation of technologies as qualified antiterrorism
technologies, I am responsible for integrating the SAFETY Act
into the DHS acquisition program.
Because the SAFETY Act will apply to all federal agencies
procuring antiterrorism technologies, federal-wide policy and
guidance is needed to ensure the SAFETY Act protections are
appropriately considered during the procurement process.
Therefore, the SAFETY Act procurement regulations, like
other federal-wide acquisition regulations, will be implemented
through a change to the Federal Acquisition Regulation, or FAR.
Since the issuance of procurement regulations was
contingent upon publication of the program final rule, DHS
initiated this change to the FAR in June 2006, just after the
SAFETY Act final rule was published.
In July, DHS Office of Chief Procurement Officer submitted
a concept paper to the FAR law team case manager. And on August
16th, 2006, DHS presented a draft case to the FAR council,
which is composed of representatives from the General Services
Administration, NASA, Department of Defense and Office of
Federal Procurement Policy.
Since proper acquisition planning is critical to the
success of the SAFETY Act implementation within the federal
procurement system, DHS's proposed FAR language emphasizes the
need for federal agencies to initiate early planning and
coordination with the DHS Office of SAFETY Act Implementation
for acquisitions involving potential antiterrorism
technologies.
The FAR council has accepted DHS's request to initiate the
rulemaking case for the proposed rule to establish uniform
federal procurement policy implementing the SAFETY Act.
We are pleased that this is occurring, since the SAFETY Act
has broad application to acquisitions throughout the federal
government, and the FAR case is the bet method for increasing
awareness of this important program.
While S&T is responsible for the SAFETY Act program,
including the approval of SAFETY Act application, evaluation
and determination, the Office of the Chief Procurement Officer
is responsible for ensuring DHS solicitations and contracts
appropriately convey requirements and address all aspects of
the process, including those associated with the application of
SAFETY Act protections.
DHS program officials and contracting officers will play a
key role in facilitating the SAFETY Act process, and S&T will
retain the responsibility for reviewing and approving the
SAFETY Act applications.
Therefore, to effectively integrate SAFETY Act into the
procurement process, we have partnered with the Office of
SAFETY Act Implementation in Science and Technology to
facilitate open communication and align processes.
Since release of the final rule, our office, in
collaboration with Science and Technology, has issued a
memorandum to the heads of all the DHS contracting activities,
the component Office of General Counsel and the DHS Program
Management Council discussing the implementation of SAFETY Act
in DHS.
We have trained our chief acquisition officers of each
component in DHS so that they can implement SAFETY Act
provisions in their procurements. We have briefed the DHS
Procurement Management Council and initiated dialogue with
industry to discuss our path forward.
As the procurement rulemaking process continues to the FAR
council, DHS remains dedicated to ensuring that consideration
for SAFETY Act coverage is addressed in all applicable
procurements.
For example, in the advanced spectroscopic portal program,
or the ASP program, the Undersecretary for Science and
Technology predetermined that the products and services being
acquired from successful offerers under ASP would be designated
as qualified antiterrorism technologies.
This effort allowed DHS to significantly fast-track the
SAFETY Act process in the procurement of the ASP program last
November.
For the SBInet secure border initiatives acquisition, in
addition to incorporating SAFETY Act language into the
solicitation, DHS, in response to industry inquiries, sent a
letter to all offerers clarifying the application of SAFETY Act
under this procurement and offering to meet with each offerer
one-on-one to address any additional guidance concerns they may
have.
Finally, recently in liquid explosives, as Undersecretary
Cohen already discussed, we have addressed SAFETY Act in the
requests for information. We continue to look for more
opportunities to proactively use the SAFETY Act within the
Department of Homeland Security.
In closing, successfully implementing the SAFETY Act
requires collaboration and strong working relationships, and we
have built those and will continue to build those. I am
committed to fostering those relationships.
And I thank you for the opportunity for testifying before
this committee about DHS contracting procedures, and I am glad
to answer any questions that you may have.
[The statement of Ms. Duke follows:]
Prepared Statement of Elaine C. Duke
Chairman Rogers, Chairman Reichert, Congressman Meek, Congressman
Pascrell, and Members of the Committees, I am Elaine Duke and I am the
Chief Procurement Officer for the Department of Homeland Security. I
appreciate the opportunity to discuss the Department of Homeland
Security's final rule on implementing the SAFETY Act. As the Chief
Procurement Officer, my top four priorities are:
First, to build the DHS acquisition workforce to
enhance the Department's acquisition program.
Second, to establish an acquisition system whereby
each requirement has a well defined mission and a management
team that includes professionals with the requisite skills to
achieve mission results.
Third, to ensure more effective buying across the
eight contracting offices through the use of strategic sourcing
and supplier management.
Fourth, to strengthen contract administration to
ensure that products and services purchased meet contract
requirements and mission need.
Effective implementation of the Safety Act is critical to the
fourth priority.
SAFETY Act Implementation
The Support Anti-terrorism by Fostering Effective Technologies
(SAFETY) Act of 2002 (Subtitle G of Title Vlll of the Homeland Security
Act of 2002, Pub. L. No. 107-296, 116 Stat. 2135, 2238-2242 (6 U.S.C.
Sec. Sec. 441-444)) creates incentives for companies to bring new anti-
terrorism technology to the market place by limiting the seller's and
other parties' potential liability if the technology is deployed in
defense against, response to, or recovery from an act of terrorism. The
SAFETY Act serves as a critical tool in expanding the creation,
proliferation and use of anti-terrorism technologies (or services). The
provisions of the SAFETY Act provide explicitly that the SAFETY Act's
liability limitations apply whether approved technologies are sold to
the government or by and between private parties. The Under Secretary
for Science and Technology (S&T) is responsible for executing the
functions of the Act including the designation of technologies as
``Qualified Anti Terrorism Technologies'' (``QATTS''). I am responsible
for integrating the SAFETY Act into the DHS acquisition program.
Federal Acquisition Regulation (FAR) Council Rulemaking
On June 8, 2006 the Department published the SAFETY Act Program
final rule, which went into effect July 10, 2006. Because the SAFETY
Act will apply to any federal agency procuring anti terrorism
technologies, federal wide policy and guidance is needed to ensure
SAFETY Act protections are appropriately considered during the
procurement process. However, the initiation of procurement regulations
was contingent upon the publication of the final Program rule. On
August 16, 2006, DHS requested that the FAR Council, composed of
representatives from the General Services Administration (GSA),
National Aeronautics and Space Administration (NASA), Department of
Defense (DOD) and the Office of Federal Procurement Policy (OFPP),
initiate a proposed FAR case to establish uniform federal procurement
policy implementing the SAFETY Act. The FAR Council has accepted the
DHS request to initiate the rulemaking case for the proposed rule. We
are pleased that this is occurring since the SAFETY Act has broad
application to acquisitions throughout the federal government and the
FAR case is the best method of increasing awareness of this important
program.
Key to the success of SAFETY Act implementation within the federal
procurement system is proper acquisition planning. Therefore, the
proposed FAR language emphasizes the need for federal agencies to
initiate early planning and coordination with the DHS Office of SAFETY
Act Implementation (OSAI) for acquisitions involving anti terrorism
technologies.
In a parallel action, my staff is preparing a revision to our own
Homeland Security Acquisition Regulation/Manual (HSARIHSAM), to
complement and supplement the FAR change. Similarly, other agencies
including the Department of Defense will determine whether to publish
FAR supplementing language in their respective supplements.
Implementing SAFETY Act Provisions in DHS Procurements
While S&T is responsible for the SAFETY Act program, including the
approval of SAFETY Act application evaluations or determinations, the
Office of the Chief Procurement Officer (OCPO) is responsible for
ensuring DHS solicitations and contracts appropriately convey
requirements and address all aspects of the process, including those
associated with application of SAFETY Act protections. DHS program
officials and contracting officers will play a key role in facilitating
the SAFETY Act process; however, S&T retains the responsibility for
reviewing and approving SAFETY Act applications.
Therefore, to effectively integrate SAFETY Act considerations into
the procurement process, the Office of the Chief Procurement Officer
(OCPO) has partnered with the OSAl and S&T to facilitate open
communication and align processes. Since the release of the final rule,
OCPO, in collaboration with S&T, has:
Issued a memorandum on August 7, 2006 to the heads of
the DHS contracting activities (HCA), the component Offices of
General Counsel (OGC), and the DHS Program Management Council
(PMC) discussing the implementation of the SAFETY Act in
acquisition planning.
Briefed the Chief Acquisition Officers (CAOs) of each
Component at the monthly CAO Council meeting so that the CAOs
can disseminate information concerning the SAFETY Act and its
procedures to the acquisition workforce personnel within the
Department of Homeland Security.
Briefed the DHS Program Management Council on the
SAFETY Act and related processes and procedures. The Program
Management Council is a component of the Program Management
Center of Excellence, which works to develop the policies,
procedures and other tool sets needed for DHS Program Managers
to succeed.
Initiated dialog with industry to discuss the path
forward with SAFETY Act implementation for affected DHS
procurements, and will continue to engage industry during the
Procurement rule making process by soliciting input and
feedback through a public meeting.
Although the Procurement rule making process continues, DHS remains
dedicated to ensuring that consideration for SAFETY Act coverage is
addressed in all appropriate procurements. For example, in the Advanced
Spectroscopic Portal (ASP) program, the Under-Secretary for Science and
Technology pre-determined that the products and services being acquired
from successful offerors under ASP would be designated as QATT, as that
term is defined by the SAFETY Act. This effort allowed DHS to
significantly "fast track the SAFETY Act review process in the
procurement of the ASP Program last November. For the SBlnet
acquisition, for example, in addition to incorporating SAFETY Act
language into the solicitation, DHS, in response to industry concerns,
sent a letter to offerors clarifying the application of the SAFETY Act
to the acquisition and offering to meet with companies one on one to
provide any additional guidance. Finally, in the recently issued
Request for Information (RFI) concerning Liquid Based Explosive
Detection Technologies we announced, in coordination with the S&T
Directorate, that technologies which were effective in detecting
liquid-based explosives and capable of deployment would receive SAFETY
Act protections.
We will continue to look for more opportunities to proactively use
the SAFETY Act to facilitate the widest possible industry participation
in our procurements. The fact that the SAFETY Act limits the downstream
liability of suppliers and subcontractors of the technology is an
especially powerful tool in streamlining procurements in the public and
private sector. To that end, OCPO will develop SAFETY Act training for
contracting professionals so that application of the Act within DHS
procurements will be effectively facilitated and coordinated from the
procurement perspective. Furthermore, OCPO is currently working to
modify the Department's current acquisition planning guide, which is
contained in the Homeland Security Acquisition Manual (HSAM), and
describes DHS internal policies and procedures.
Conclusion
In closing, successfully implementing the SAFETY Act requires
collaboration and strong working relationships with all DHS
stakeholders, to include private industry, other federal agencies, and
members of Congress, to ensure DHS meets its mission as effectively as
possible. I am committed to continuing with fostering those
relationships. Thank you for the opportunity to testify before the
Committees about DHS contracting procedures and I am glad to answer any
questions you or the Members of the Committee may have.
Mr. Rogers. I thank you.
And I would like to start off with a couple of questions
for Ms. Duke specifically.
You heard Secretary Cohen make reference to how optimistic
he was that you all had turned the corner in this application
process, and it is going to be a much more rapid and simplified
process. Do you share that perspective?
Ms. Duke. I do. I think that from both the process and how
it is integrating into procurement and the application itself--
the biggest step we have taken forward is that we have a
prequalification designation, so early in the planning process
of major acquisitions, we can go to science and technology from
the acquisition world and ask them to predesignate the
technology that would be proposed under this procurement. So
that really gives us a parallel process.
The second thing that the department has done is simplified
the actual application process and shortened the review time.
So in both aspects I do agree with that.
Mr. Rogers. Was the 93-page form the simplified form?
Ms. Duke. It is the simplified form, but there are many
different types of applications. It is not 93 pages for one
form.
Mr. Rogers. Because 93 pages doesn't sound real simple to
me. But a second question: As I understand it, the SBI
procurement specifically states that proposals in which pricing
or any other term or condition is contingent upon SAFETY Act
protections of the proposed product or service--or it will not
be considered for award.
And how or when are you going to police this? Could you
describe that?
Ms. Duke. If an offer was contingent on SAFETY Act
coverage, an offerer would have to have completed and have his
designation and certification be for award.
The way we are policing it is when we first got the offers
we reviewed each offer to ensure that that contingency was not
in the proposal.
The reason we stated that affirmatively up front is we felt
that it was important for industry to know that we would not
accept offers that said they were contingent so that the
offerers could appropriately price and submit their proposals.
The other reason for doing that is because offerers do not
have to wait until they are selected for a contract to apply
for SAFETY Act coverage.
And so that was an indicator to industry that because we
are not going to accept contingent offers, they are not going
to be able to say we won't accept a contract unless we have
coverage, it allows them to--it indicates to them that if they
want to apply for SAFETY Act coverage they should do that
before waiting to be notified that they are a potential
awardee.
Mr. Rogers. Secretary, I wanted to ask you--I understand
from your comments and Ms. Duke's comments that you all have
established a good working relationship and have much better
communication.
Do you have similar channels of communication and
relationships established with your customers, those folks in
the private sector that you are going to be interacting with?
If so, what are they, and how long have they been in place, and
what do you see their prospects for enhancing the speed of this
process, this application process?
Mr. Cohen. Well, the short answer, Mr. Chairman, is that
that is a work in progress. As I indicated on the 11th of
August, not knowing what those processes were, thanks to some
of the gentlemen sitting behind me, the Chamber of Commerce and
other representatives, we do have a business office.
There is an outreach at the department level as well as my
directorate level. We went ahead and engaged directly with
them. But we are in the process--and some of this has already
occurred, but having--my words now--a road show, an outreach
where we not only go to various conventions, various symposia,
but just like I have done previously in Navy with the SBIR, the
small business innovative research, where we go out to
districts, to small groups of businesses.
It is easier to touch, of course, the big businesses?
Mr. Rogers. Right.
Mr. Cohen. --than it is the small because they are so
diverse. But we live in a Web-enabled world, and it is hearings
like this that get covered in the press, that get out to the
public to let them know that we have this program.
But the short answer is this is a work in progress to
ensure that we cover both geographically and economically large
and small and technological risk from low to high how we do
that.
But that is more my responsibility than the SAFETY office's
responsibility, because I see our outreach hand in glove with
looking for the cutting-edge technologies that we need, and the
SAFETY office merely provides the protections that the Congress
intended.
Mr. Rogers. Great. Thank you very much. That is all the
questions I have.
The chair now recognizes the ranking member, Mr. Meek.
Mr. Meek. Thank you, Mr. Chairman.
Secretary Cohen, I want to ask you--you said in your
testimony that there is not a day that goes by that you don't
get an application. Is there a waiting list or a logjam as it
relates to the processing of the applications?
And since you have one person on the SAFETY Act office--I
know that it is supported by the legal office. Can you just
enlighten us a little bit about the process? Are there any
areas where we need improvement?
Mr. Cohen. Well, the short answer is there have been
logjams, and there continue to be smaller logjams. Right now I
have a handful of applications. These are fairly detailed and
difficult issues that have exceeded the 120-day window that I
feel is very important for us to meet.
And as I have indicated in my verbal comments earlier,
while I may not want to change the rule, I do want to get the
performance down, and we do that by metrics and feedback and
resourcing. I have a total of about 16 people in the office.
Ms. Vasta, of course, is the government service. This is
inherently government service. This is not something that I
want to contract out. But I have a very lean organization. And
the Congress and the administration intentionally made the
Department of Homeland Security lean.
Mr. Meek. Mr. Secretary, if I can?
Mr. Cohen. Yes, sir.
Mr. Meek. --when you say a handful of applications, what
are you talking about? When you say a handful, is that 16, 20?
Mr. Cohen. Six or less.
Mr. Meek. Six or less.
Mr. Cohen. Six or less.
Mr. Meek. Okay.
Mr. Cohen. And I will take that for the record, so that I
get you the exact number.
Mr. Meek. Okay. I am going to tell you what my concern is,
and I told you this subcommittee meeting was very frustrating
for me because I was here when we had the select committee, and
we had all of these technology companies come and sit at the
table where you are sitting and saying, oh, we have
technologies, we would like to share them, we would like to be
a part of protecting America, but we are not going to stick our
necks out there, only to find out, you know, 6 months ago that
we are, you know, with under 30 applications approved, and we
have technology companies and other companies that are saying
we want to be a part of the solution?
Mr. Cohen. Yes, sir.
Mr. Meek. --but the department won't allow us to be a part
of the solution.
So that means those of us that are sitting up here and
individuals over at the Department of Homeland Security, that
now we are standing in the schoolhouse door not allowing safety
and protection of Americans to happen.
So if I sounded a little frustrated in my opening comments,
I was. But I just want to say that I am glad that we are moving
down the line, and I don't want us to go and start, you know,
saying okay, let's start an assembly line here and let's start
approving everything, because when you look at the SAFETY Act,
it is written in a vague way to allow not only technology but
support services.
Well, support service, what is that? You know, is that a
security guard at the door of the Department of Homeland
Security? You know, so we have to really look at these things.
We are not asking for an assembly line effect.
We are asking for a process that would be user-friendly for
those companies that are willing and support services that are
willing to come forth to help protect Americans.
But we do not want to hear--we just passed 9/11--oh, all of
this is in place, here is a company that had the technology,
they wanted to come, and their application has been stuck over
at Department of Homeland Security because someone said we want
to be lean and mean.
I am going to tell you right now, when it comes down to
protecting Americans, when we have technology that is out
there, I don't want us to be the problem. That is what I am
saying.
So that is the reason why I am saying in a very blunt way,
in very plain English, if there is something that we need to
know, something that you need, then somebody needs to say it.
If not this panel, the next panel. If not the next panel,
somebody needs to send an e-mail, drop a letter off without a
name on it, or whatever the case may be, and say this is where
the logjam is taking place.
We don't want folks to get frustrated. I don't want to pick
up U.S. News & World Report and hear about how some other
country is beating the United States, or some U.S. company has
gone over there because they give them the coverage that they
need under a similar act, you know, as the SAFETY Act.
So I will leave it at that, Mr. Chairman. I just hope that
this will bubble up through the process before we leave this
room today. If not, the members and staff will be able to get
that information.
Ms. Duke, do you have anything that you want to add?
Ms. Duke. No. I agree with you totally. This is important
for businesses to be able to work effectively, both large and
small, and we are jointly committed to continuing to improve
that.
Mr. Meek. Okay. Thank you.
Mr. Cohen. Mr. Meek, I know you have other commitments, but
I want to make sure that I clarify what I said. First of all,
you are right to be frustrated. The department, as you can see,
long before I got here has taken that aboard, has taken action,
but that is not a production line.
This is a due diligence process with all the reviews that--
again, I am not a lawyer--that I believe the Congress intended
us to do. But you are also right to remain skeptical. And what
is the right balance?
While I believe in a lean organization, I also understand
my statutory responsibility, and it is my signature that goes
on each of those certificates and each of those approvals. And
my father, may he rest in peace, said son, the only thing you
have in this life is your good name, don't give it away.
And so I believe you and I are very much aligned on this
and that Congress has never denied me, in the years that I have
dealt with them, those tools that I have needed to do the right
thing. And I thank you so much.
Mr. Meek. Well, Mr. Cohen--Mr. Chairman, if I can--you
know, it wasn't meant as an individual holding the horse or
holding the cart, you know, up from making it to the market. I
just want to make sure that, like you are saying, you are
clear. I want to make sure that you know that we are clear.
Mr. Cohen. Yes, sir.
Mr. Meek. The frustrating part on the oversight, again,
especially for the subcommittee that I am the ranking member
of, is the Monday morning quarterback theory. The game is on
Sunday. We want to play it on Sunday. We want to win it on
Sunday.
We don't want to on Monday talk about well, you know, when
we came before you last time, we really needed this but, you
know, it didn't quite come out in that meeting, because at the
Department of Homeland Security--revolving door of
undersecretaries and executive directors. And so you really are
dealing with a new person every time you sit down. Hopefully
that will stop. I want you to stay in the position that you are
in.
But I just want to make sure that if we have companies that
are out there--and I heard from some of them that are saying we
have this technology, but we can't participate in the SAFETY
Act program.
So when people come to me and say that, what am I supposed
to do?
Article I, section 1 of the U.S. Constitution, as a member
of Congress and a representative of the people of the United
States of America, is to make sure the department, A, has what
it needs to carry out the mission; B, make sure that they have
the will and the desire even if they don't want to carry it
out.
So I am Mr. Johnson and Ms. Johnson who went to vote one
day at 7 a.m. in the morning for representation. I am the body
and the flesh of those individuals. So I just want to make sure
that neither you nor the department takes my comments out of
context to say that maybe I just didn't have my coffee yet.
That is not the case.
I just want to make sure that we break it down to the point
that everyone understands what we need and how we need it and
when we need it. And if you need it, you need to say it.
Thank you, Mr. Chairman.
Mr. Reichert. [Presiding.] Thank you, Mr. Meek.
The chair recognizes Mr. Dent.
Mr. Dent. Thank you, Mr. Chairman.
Good morning. My question is this--I have a few questions,
but we will start with this one. Why did the RFP for the SBI,
the secure border initiative, specifically exempt contractors
from the SAFETY Act liability protections? Either one of you.
Ms. Duke. It actually told offerers that we would be
providing SAFETY Act protection. It did have a statement that
we would not accept offers that were contingent on SAFETY Act
protection prior to award.
And the reason for not accepting contingent offers is that
the way that the SBInet procurement is worded, each offer is
going to come in with a unique technology. We cannot accept--I
am sorry.
It was to put offerers on notice that they would have to
seek SAFETY Act protection before award, which they always can
do and should do, or they would have to accept the contract and
continue to go through SAFETY Act coverage.
So it is not really excluding them, but it is to put them
on notice that if they say we will not accept a contract
without SAFETY Act protection, and they don't get that SAFETY
Act protection, that we would not award.
Mr. Cohen. If I may follow up, I have received a full brief
on the SBInet program, although I specifically asked not to
know who the bidders or offerers were, and I am very
comfortable in telling you that whoever the winning offerer may
be that they will receive SAFETY Act protection. I think they
understand that as the process has gone along.
And that protection will be for the activities that they
would perform under that contract. And I am very comfortable in
doing that. We are spring-loaded to go forward on this. This is
so important.
But I am comfortable in having my office, to the maximum
extent possible, endorse the work of Ms. Duke's source
selection panel and their detailed technical review of those
proposals so that we don't have to unnecessarily revisit that.
And again, I think this is all part of the process
improvement. But, Congressman, this is a big one, and we want
to get this right.
Mr. Dent. Thank you.
And also, I just wanted to publicly thank Ms. Duke for your
participation in the homeland security procurement center that
we held up in my district at Lehigh University. It was well
received, and I want to thank you for that publicly.
Ms. Duke. Thank you.
Mr. Dent. Your staff did a wonderful job.
My next question deals with this: What specific steps can
DHS undertake to reach out to small businesses which might have
products of interest to the DHS and which might not know about
the liability protections that you just went over that were
offered by the SAFETY Act?
Ms. Duke. Well, one of the best programs for small business
is the small business innovative research program, and we do
have many initial evolving technologies awarded under that
program. In fact, we used it recently on liquid explosives
through TSA.
Another way is we are, as a standard, including SAFETY Act
in our small business briefings. We do many events like the one
held in your district, and we have gotten many inquiries, so
that is now a standard part of our presentation.
The other thing we are doing in the procurements coming
forward, once the Federal Acquisition Regulation, FAR, case is
done, we will be having standardized language, and we will
clearly tell the businesses if they would have a predesignation
notice or not.
So we are going to continue the training. We are going to
continue the outreach. And that is the biggest way that we can
reach out to the small businesses.
Mr. Dent. And finally, if you could do anything in DHS to
streamline the application process in order to make the whole
process more user-friendly, particularly for those smaller
companies, that would be greatly appreciated, because, as you
know, a lot of them don't have the manpower or the capacity to
deal with all the bureaucratic issues that are required.
Ms. Duke. S&T does offer a preapplication meeting, and I
would encourage all small and large businesses to have those to
help them before they actually get started in the application
process.
Mr. Dent. Thank you. I have no further questions.
Mr. Reichert. Thank you, Mr. Dent.
Mr. Thompson is recognized for 5 minutes.
Mr. Thompson. Thank you very much, Mr. Chairman. I have
testimony I would like to submit for the record that I was not
here earlier to give personally.
Welcome, Mr. Secretary. I am happy to get a chance to see
you, although we will have our meeting in the future.
Ms. Duke, always good to see you.
And I guess I have a question I would like to give both of
you. It speaks in reference to the application for services
process for the SAFETY Act as proposed. I am sure you are
familiar with the Wackenhut situation and the notion that they
were one of the first contract service providers for security.
And we know what happened at the situation at headquarters.
But they also had received designation, basically, that we
would defend them against terrorist scenarios, deny terrorists
access to secured facilities and to respond to terrorist-
related security breaches.
And I guess I have two questions as it relates to that.
When we give these kind of waivers to people, what happens when
they provide less-than-adequate service in this procurement?
I know sometimes you go out and rebid the contract, but
what happens when they haven't trained the people for the
service that they said they would? Do we then take that shield
away, or just what?
[Information follows:]
For the Record
BGT Talking Points
SAFETY Act Hearing
September 13, 2006
Congratulations to the Department and the General
Counsel's office for putting out the final rule and the application
kit.
Though I am happy to see Under Secretary Cohen here, I
would have liked to see a representative from the General Counsel's
office who could testify to some of the changes to the rule and the
application kit.
I'm going to be meeting with Phil Perry, the General
Counsel, in the upcoming days--I'd like him to explain why the
Department did not want him--as its top lawyer--to be testifying here
today.
In the meantime, that means Mr.Cohen you are going to be
on the hot seat today as we have a lot of questions about the
Department's performance and decisions to date.
As background, I first requested a hearing on this issue
back in April.
Since then, my staff and I have received a significant
number of comments from applicants and other folks in the private
sector who have had experience with the SAFETY Act.
Not all of the comments were negative, but a significant
number of people expressed some dismay in the Department's efforts in
dealing with the SAFETY Act.
One group told me that the SAFETY Act office was acting
like a ``Mini-FDA'' in granting certifications and designations. I can
assure you that this was not the intent of Congress.
But after the Department issued its final rule, and after
the Department issued its final kit, those complaints have become less
frequent.
And that's why I cautiously congratulate the Department's
efforts here--it's not a perfect product, but you listened to folks
here on the Hill and the applicants in the private sector and you put a
better product forward.
But not everything is perfect.
Shortly, we'll be getting into some of unfinished
business, particularly:
The administration issues within the SAFETY Act
Office;
The confidentiality of the information that the
Department retains;
The certification of ``services'';
The burden of the application kit;
The duration of a SAFETY Act designation;
The possibility of creating an appeals process; and
The necessary linking of the procurement office with
the SAFETY Act Office, and the efforts of the Department to
promote the application of the SAFETY Act across different
levels of government, particularly in the state and local
procurement process.
I look forward to working with the Under Secretary and the
Department in resolving some of these issues.
Above all, we have to remember what the SAFETY Act is
supposed to be doing: putting technologies out in the field
that otherwise may not have been developed. Clearly, this Act
was not intended to be a blanket liability waiver for every
anti-terrorism technology out there.
But it is clear that the way the Department had been
implementing the Act in the past has left something to be
desired. I am confident that with the new kit, the new rule,
and continued feedback from folks here and in the private
sector, we can all work together to achieve the optimal result.
Ms. Duke. Well, I can address the contract performance. A
contractor getting SAFETY Act coverage does not relieve them of
the responsibility for performing satisfactorily and performing
well.
So the SAFETY Act coverage looks at it in the plan. Is it
antiterrorist technology? Does it show that they are going to
perform as intended by that technology or that services?
Once the contract is awarded, then we get into the
performance issue. And in the case of Wackenhut, as you know,
they are no longer performing services.
So I would address that by taking contract action and
either not renewing or terminating the contract as appropriate
for not performing the service, whether or not they had SAFETY
Act coverage.
And I think that in the case of--so as planned, they might
have met the requirements of the SAFETY Act to get coverage,
but the execution has to be there, and that is a contracting
issue.
Mr. Thompson. So if the execution is not there, do they
continue SAFETY Act coverage?
Ms. Duke. That is probably a question better for you to
answer.
Mr. Cohen. Well, Congressman, I am not a lawyer, and I
don't presume to be. We are very appreciative of the SAFETY Act
and the intent to get technologies to protect the homeland. But
this is an area of new law.
And at some point, there will be a lawsuit or there will be
an event--the very kinds of questions you are talking about in
this case, performance. I have been a senior acquisition
official in my time in naval research in the Navy, and I think
the overriding fact here is the one of performance.
And so if a provider or performer is not meeting the
performance criteria to satisfy the contract, then as Ms. Duke
indicated we have a variety of remedies from warnings, to
termination, et cetera, all of which have been used in other
instances.
And I think this is an area that you have identified where
Ms. Duke and I need to sit down along with the general counsel
and in consultation with the Congress to find out at what level
of action by the contract office do we say your performance is
no longer adequate to meet the protection of the SAFETY Act
certification that has been granted.
Mr. Thompson. Well, before my time runs out, Mr. Chairman,
I would like to get some explanation from the department to the
committees here as to why the general counsel is not present
for this hearing.
This is clearly something in his bailiwick that he should
have been here to respond to. It is a legal question, and he is
the department's lawyer. And I think we would be better served
if Mr. Perry was here to interpret that piece of legislation.
Mr. Reichert. And we will certainly get the answer to that
question. Thank you, Mr. Thompson.
I think I will go to Mr. Pascrell.
Mr. Pascrell. Mr. Chairman.
I want to ask my first question to Ms. Duke. And in linking
procurement with the SAFETY Act, the link between the act
office and the procurement office, you know and I know, must be
improved, and I think you are working toward that end, and both
of you are.
In preparing for this hearing, some in the private sector
have characterized the SAFETY Act approval process as a mini-
FDA, and we know that is not a very complimentary thing that we
are saying there.
The purpose of the SAFETY Act, as I understand it, is to
get this country producing antiterrorism technologies, not to
create an enormous bureaucratic regime.
If a product meets a test for procurement officials, there
is no reason why the SAFETY Act office should have to run
through a new process to test the effectiveness of the product.
How will the SAFETY Act office work with the office of
procurement to achieve these results? And do you agree with my
conclusion?
Ms. Duke. This is something we have talked about very
recently, and we are looking at ways where we can have the
SAFETY Act office be in the proposal evaluation process so that
we can run a parallel process.
Whether they would need additional work would depend on the
actual procurement on a case-by-case basis. But we do think
that that is an area where we can reduce duplication by having
the SAFETY Act application process integrated more completely
with the proposal review process, yes.
Mr. Pascrell. Would you add anything to that, Secretary
Cohen?
Mr. Cohen. I think as an example, you will see when SBInet,
you know, goes to contract that we are taking the lead on this
so that as part of the acquisition process, the due diligence
and the complete review that has been done there, if that is
adequate and satisfactory, then very quickly--very quickly;
days, if not weeks--the SAFETY Act certification will follow.
Mr. Pascrell. And that leads me to my second question to
you, Mr. Secretary. You know, I don't want to get into the
minutiae here. You folks know your jobs, and I think you are
doing them very well.
But you know, George Kennan a great architect of
international affairs, said that democracy is like a huge
dinosaur, and it needs its tail whacked many times. I don't, up
until very recently--maybe I changed my mind a little bit. I
have never sensed a sense of urgency in the Department of
Homeland Security.
And we are talking about American lives here. I think there
is a lack of urgency. And you look at your chart to prove it in
one way, and that is only just one slice since September 11th.
And we talk a lot about this. We talk how important it is
to protect America, and we are going to do this, and we are
going to do that. But in the very nature, the very center, the
very essence of attempting to do that, and something very
specific of developing the science and then the technology to
protect Americans, we have done a lousy job.
I mean, you are going to have your hands full. You know it.
We talk academically here, but you take the issue that you
brought up here, the issue of liquid explosives. I mean, we
talked about that right after 9/11. And here we are looking
like we are reinventing the wheel 5 years later.
And, you know, we are causing all kinds of havoc about
what, for instance, women can carry on an airplane 5 years
after 9/11. Now, we can have camaraderie here and congeniality,
and we should, and be civic and civil to each other.
But that is unacceptable. So when people say, you know, the
question, is America safer now than it was 5 years ago, you
know, I don't really have an answer for that. Maybe you do. And
we can make it up politically. If you are a Democrat, you will
say one thing. You are Republican, you say another thing.
I can't answer that question, but I could tell you one
thing. It is 5 years later and we do not have the technology to
deal with liquid explosives. That is unacceptable. And I know
it is unacceptable to you. So now what are you going to do
about it?
Let me ask you this question. On information sharing, the
final regulations information state that DHS may use
information that has been submitted to the department under the
SAFETY Act.
Who is the department planning on sharing this information
with? What regulations have been established to guard this
confidential information? Okay? I mean, we know that patents in
certain industries are protected. This is more important, now.
We are talking about life and death.
And what efforts are under way to safeguard the interest of
the applicants? Would you please address those three questions,
sir?
Mr. Cohen. I would like to take that for the record so I
can give you a thorough answer, if I may.
Mr. Pascrell. Yes.
Mr. Cohen. Thank you.
Mr. Pascrell. Thank you, Mr. Chairman.
Mr. Reichert. Thank you, Mr. Pascrell.
The chair will take a moment to ask a few questions.
Good to see you again, Mr. Cohen.
Mr. Cohen. Mr. Chairman.
Mr. Reichert. We just held a hearing not too long ago, a
couple of weeks ago, where you are the star witness at that
hearing also.
Welcome, Ms. Duke. Thank you for being here.
I would like to ask unanimous consent to my opening
statement also be entered into the record.
I have just been listening to some of the comments and I
want to cover some statements made by some of the other members
of the committee and just have a brief question or two.
Sometimes we look at the things that we haven't done. We
have done a lot, I think. And I think most people in the
country would agree that one of those indicators is that this
country has not been attacked in the last 5 years, and that is
a great accomplishment, I think, by the American people and its
government and those who work hard to protect our country.
One of the things that we often forget is that we are in a
different world. We have to think about things like every
container crossing the ocean headed for this country, every
container on every ship, every day, and how we secure this
nation and protect this country.
We have to think about every airport, every airplane that
lands at every airport coming from any part of this country or
any part of this world. Railroads, light rail, bridges,
critical infrastructure, viaducts, ferry systems, all of those
things, now border patrol, and UAVs, and surveillance cameras
and all of those things now.
As I said in our last hearing, Mr. Cohen, you are on the
hot seat and have been there for 1 month on the hot seat and
understand fully what your job is. You laid out a well-thought-
out organized plan to address the issues of science and
technology and where we might be headed as a nation.
But we can talk about method and level of communications
and procurement officials and the office of SAFETY, the
communication, whether it takes place or doesn't, is it formal,
is it informal, is there a prequalification, is it simplified,
expedited, and all those things.
The bottom line is what Mr. Meek had to say. Where is the
logjam? And specifically, if we can just take a look at it, if
you could just go through one piece of this. We talked about
interoperability, emergency communications in our last hearing.
But the whole question of liquid-based explosive detection
technology.
Can you explain the process of that one piece of technology
and where it is, and what has taken place, and kind of what the
logjam has been, if there has been a logjam there?
Prepared Opening Statement of the Honorable Dave Reichert
I would like to thank our witnesses for joining us this morning. We
greatly appreciate your appearance before us today for this joint
hearing. Mr. Under Secretary--welcome--it is a pleasure to see you
again. I know my staff will agree with me when I say we are grateful
for all your time, outreach and diligence in only a month on the job.
Although there's no doubt that you have your work cut out for you, I
honestly think that the Science and Technology Directorate is in good
hands moving forward.
Looking back five years and two days to September 11, 2001, the
world as we knew it changed forever that day. We began to realize then
what we know to be true today, that victory over such single-minded
killers requires every ounce of American might, commitment and know-
how. As citizens and businesses alike come forward to help protect
their neighbors, their children, and their grandchildren, nothing
should stand in their way.
In the years since 9/11, Congress has worked to remove barriers and
give first responders the tools they need to be better prepared. For
example, in the year following those tragic events, Congress passed the
Homeland Security Act and the Maritime Transportation Security Act.
During the last Congress, Congress passed the Intelligence Reform and
Terrorism Prevention Act of 2004, which implemented many of the 9/11
Commission's recommendations. I am proud this Subcommittee continued
this work by recently passing the 21st Century Emergency Communication
Act of 2006, which will help our first responders have the
communications equipment they need to effectively respond to a future
terrorist attack.
When it comes to emergency response, effective partnerships are of
paramount importance. The federal government needs the private sector
to serve as our partner in developing new technologies so that American
citizens may benefit from them in the event of a disaster. Under
Secretary Cohen, just last week you testified before my Subcommittee
that government is not the innovator, but that you work with the
private sector to ensure they are developing the next generation
technologies that we need.
This hearing focuses on keeping legal liability reasonably in check
when a business sells a product to the government to protect our
homeland--the Supporting Antiterrorism by Fostering Effective
Technologies Act of 2002 or, ``the SAFETY Act.''
Congress enacted the SAFETY Act in 2002 as part of the Homeland
Security Act for good reason--it is a necessary dimension of the
homeland security mission. The SAFETY Act paves the way for businesses
to quickly develop and deploy anti-terrorism technologies for homeland
security. It accomplishes this by keeping a business' liability ``on a
leash'' when it sells critical anti-terrorism technologies to the
Federal government.
To me it is common sense: when people or businesses want to help
defend America, they should not have to worry about frivolous lawsuits.
Almost four years after the Homeland Security Act of 2002, industry
remains skeptical about the burdens imposed by the SAFETY Act
application process and the durability of the legal protection the Act
provides.
Just last month, Prepared Response Incorporated, a company near my
district in Seattle, Washington, earned SAFETY Act certification for
its ``Rapid Responder'' crisis management system. The Rapid Responder
system gives first responders a bird's-eye view of critical
infrastructure with an on-the-ground accounting of key features and
assets. This ``Rapid Responder'' system gives first responders instant
access to a digital map and inventory of critical infrastructure
including: tactical response plans, evacuation routes, satellite and
geospatial imagery, exterior and interior photos, floor plans, and
hazardous chemical inventories. I'm proud to say that the Rapid
Responder system developed by Prepared Response now protects more than
1,500 sites nationwide, including 7,000 individual facilities. This
company is proof positive that companies stand side by side with our
first responders in defending our homeland.
We are here today almost four years after it was enacted into law
to ensure that Congress' vision for the SAFETY Act is being realized.
We are here to ensure that companies like Prepared Response in Seattle
can help protect their neighbors and their fellow Americans across the
country, without fear of unrestricted lawsuits. I look forward to
hearing from our witnesses about what we are doing to make certain that
nothing keeps us from doing our utmost, day in and day out, to keep our
families and our Nation, safe and secure.
Mr. Cohen. Well, first of all, you know, after our last
hearing I asked my people, I said, what do you think the
headline will be, and they said, you are on the hot seat. So I
want to assure you that I am not putting any of our resources
into asbestos underwear research, sir.
But on liquid explosives, there have been technologies in
use for some period of time. Some of them are nascent. Some of
them are mature. And some of them are direct and some of them
are a spinoff of the other screening devices that we have.
But the enemy is agile. The enemy is devious. The enemy is
nefarious. And technology doesn't stand still just for us. It
moves forward for those that would attack us. And whereas we
may use technology for the good, there are people and groups
that would use it for bad.
And this will always be a measure, countermeasure, counter-
countermeasure. That is how life goes. And so your question was
where are we on the liquid explosives. Over a year ago, the
Transportation Security Lab took onboard 10 COTS, commercial
off-the-shelf, detectors.
These are the kinds of things you see on headline news,
where good people come forward and show on the T.V. what these
devices can do. But we know that those don't always work as
advertised, or may need product improvement, et cetera. And so
those were undergoing evaluation over the last year at the
Transportation Security Lab.
Additionally, last April, an additional three under the
SBIR program were brought on board for further evaluation. As
it turns out, almost all of those were scheduled for testing at
Socorro, New Mexico in August, September of this year.
But then we had the events of 10 August, and I was not
satisfied with the extent of the net that we had put out to
find solutions for TSA, Kip Hawley, the throughput issues, the
validity of the testing issues.
Were there improvements we could make to screening devices
by new algorithms, so that the existing sensors might have
higher fidelity to see the liquids of interest without having
to hold them up to handheld detectors and the time that takes?
And so that is why I went forward with the request for
information. I went forward immediately at the same time with
the SAFETY Act proposal. And that RFI closed yesterday. We now
have over 40 proposals. I am not going to tell the offerers
what looks good, what looks bad.
But there are a lot of very intriguing technology proposals
and solutions that we are going to take within 30 days of
receipt to Socorro or Tyndall Air Force Base, two different
setups, and test them against full-scale, meaning 500
milliliter Gatorade-sized bottles, of the actual liquid
explosives that we know are being used or proposed by the
terrorists. And we will see which works.
And that work we will put on a fast track into an
acquisition program to enhance our screeners and our security
in TSA. But as I said at my hearing previously, Mr. Chairman, I
like the BSAF analogy. I don't make the device, S&T makes the
device better.
And so I am fast-tracking to make those devices better, to
raise the level of confidence, to reduce the lines and improve
the security. And I would tell you there are a lot of wolves on
the porch, but this is the wolf closest to my door.
Mr. Reichert. Well, just another quick follow up. Since you
are on the hot seat and you are now on the fast track of this
issue, in your short tenure did you identify and have you
identified any logjam that may have existed prior to your
taking the office in this specific area of detection
technology?
Mr. Cohen. I will tell you that in the dual-use world, it
is the unintended use or the unintended consequences of
technology that tends to give us the breakthrough. So there are
many examples in drugs, and I won't, you know, detail those.
But what we are finding is our DOE labs, industry and small
laboratories who are working on technologies for other
purposes, and when we went out and identified the need for
liquid explosive detection, they had the eureka effect. They
said wow, I didn't think about this, but this might be used for
this purpose.
And that is what we are seeing right now with these
respondents. And I am excited about several of them. I think I
would like to leave it at that.
Mr. Reichert. Thank you.
The chair recognizes Mr. Dicks.
Mr. Dicks. Thank you, Mr. Chairman. And I want to thank
Secretary Cohen for his great service at the Office of Navy
Research over many years, and I enjoyed working with him. And I
told him this morning, Mr. Chairman, that I thought it was
great to have somebody at S&T who would be a leader.
I mean, I think that is what the Congress basically is
saying, is help us figure out a way to implement the SAFETY Act
and do it expeditiously. Ninety-three pages, by the way, sounds
a little bit long to me.
You know, and I just have a couple questions I want to ask
you. One is, some of the statements mentioned concerns about
situations where we are going to use a technology, and it is
going to be used overseas. I think of the container security
initiative, for example.
And how do you work out the liability issues there when,
you know, the company that has the technology might be sued in
a foreign court? What do we do about that problem? That is one
that was mentioned in the panel, two people. What ideas do you
have on that?
Mr. Cohen. Congressman, you know it is not my style, but I
will have to take that one for the record, because--
Mr. Dicks. Right. That is okay. I think we need an answer
to that, though.
Mr. Cohen. Yes, sir.
Mr. Dicks. And we need to work with the industry on how we
are going to deal with that situation.
The other thing is I understand that this isn't just for
federal procurements, SAFETY Act, that it is also for a
situation where a company wants to, you know, protect itself
and limit liability on something that he might be selling to
the state and local governments or to the private sector for
safety purposes. Is that correct?
Mr. Cohen. That is absolutely correct, and--
Mr. Dicks. But I understand that we haven't had one single
application approved for that purpose. Is there some reason
that people aren't applying for that protection?
Mr. Cohen. Linda?
Mr. Dicks. What I am told by our learned staff back here is
that all the applications so far have been for people who were
trying to compete for federal procurements, that nobody has
come in to try to get liability protection under the SAFETY Act
for selling something either to the private sector or state and
local governments.
And I was just curious as to why that is. I mean, has there
been adequate outreach to these companies? Why haven't they
applied?
Ms. Vasta. Sir, I will have to take that one for the
record, but I will indicate that in the 7.5 months that I have
been the acting director, I don't believe I have seen any
applications that have come in under that.
I can assure you that we have an aggressive outreach
program planned for the SAFETY Act program which not?
Mr. Dicks. Well, why don't you tell us about that?
Ms. Vasta. Well, to further what Ms. Duke indicated, the
outreach program will certainly reach out to the entire
procurement community to educate more.
We want to look at obviously not only the larger companies
but also the smaller companies and those which not just the
companies themselves serve but also to the government, state
and local governments, and educate them on the protections that
are afforded under the SAFETY Act.
Mr. Reichert. Could I interrupt just for a second and ask
you to state your name and title, please, for the record?
Ms. Vasta. Pardon me, sir. My name is Linda Vasta. I am the
acting director of the Office of SAFETY Act Implementation. I
have been the acting director since mid February of this year.
Mr. Reichert. Thank you.
Mr. Dicks. Thank you, Mr. Chairman. I have no further
questions.
Mr. Reichert. Ms. Jackson-Lee?
Ms. Jackson-Lee. Thank you very much to the chairman and
the ranking member and ranking member of the full committee.
And thank you to Mr. Cohen and to Ms. Duke and to the other
presenter.
I guess I want to start out with my frustration as well in
terms of this whole process that has taken place and, as well,
the lack of fulfillment of a commitment to you now leading the
department in terms of being fully staffed.
So I just want to go through a line of questioning to know
whether we are real, whether the doors are open and lights are
on, because it is interesting that as we approach the election,
which those of you who serve us try to stay as far away as
possible, I would assume, but it is, of course, in the backdrop
of 9/11, a rising highlight.
What are we doing about homeland security? And the SAFETY
Act's good intentions were we are at the cutting edge of
technology. That was in 2002. And we are now facing a situation
where, one, the pipeline has been slow, and the staffing that
would help streamline the pipeline along with the new changes
is slow as well.
So take me through your department right now. Tell me what
kind of team do you have in existence and do you intend to put
together to make this work.
The other concern that I have is to the private sector. And
there are no entities more creative than those who already have
money. And that, of course, is the business sector who
successfully are on the cutting edge and hopefully have a big
sign and therefore they are being rewarded in the capitalistic
system.
My thought of this legislation was to ensure that we are
seeking the cutting edge small guys and gals in the
hinterlands, don't have access, but really have brainpower and
have something that is really going to turn the corner of
homeland security technology.
So I want to know what you are doing to ensure that the
large giants--and I have no angst with them--already getting
ready to put Product A on the market 2 weeks from now, and they
have got an application at your door, versus the Colorado
mountain person who is in the mountains with their single lab,
or the university labs, and they are on the verge of discovery
and yet may not even be aware of the SAFETY Act, and certainly
don't have the wherewithal in the midst of their research to
get your attention. What kind of outreach will you have on
that?
And then I would be interested, as well, in--and I have
looked through the bill, and I thought, well, this must be what
I missed, but I am going to read it again in the minority and
small business outreach.
I know there is a general procurement element here, but I
think, Secretary Cohen, we want to know what your mission and
message is with respect to minority-serving institutions who
have been the second-class citizens as relates to research and
anyone knocking on their door to find out--either to encourage
them to engage in this or to find out what they are doing, and
specifically, of course, Hispanic-serving institutions and
historically black colleges.
With that, I will yield to you for a moment and hope maybe
I will have a moment more to ask a question.
Secretary Cohen, thank you for your service.
Mr. Cohen. Thank you very much, Congresswoman Jackson-Lee.
And, you know, this weekend I was down in Galveston, Texas, for
the first time.
Ms. Jackson-Lee. Excellent. You are in the right place,
then.
Mr. Cohen. And went down with my wife on my own nickel. We
went down for the commissioning of the USS Texas--
Ms. Jackson-Lee. Yes.
Mr. Cohen. --and it was a wonderful event. About 7,000
people showed up, and it didn't rain until 15 minutes after--
Ms. Jackson-Lee. It was outstanding.
Mr. Cohen. --the event. And, you know, when people heard I
was in Homeland Security, first they thanked me for my service,
and then they came up to me with ideas. And this is what I find
all around the country.
And serendipitously, I sat next to the port director, and
we have an experiment going on right now, one of three ports in
Galveston, on container security, safety, et cetera, and we had
a wonderful interchange. And I look forward to re-engaging with
him.
But your questions are right on the mark, and so let me
take them one at a time. I think if we can go ahead and put up
the existing organization, I think this goes to meet Mr. Meek's
comments, because I think he and I are actually in violent
agreement.
It is not about process. It is about product. It is about
the end result. It is about the security. It is about bringing,
as Congressman Pascrell said, the cutting-edge technologies to
the fight. And we have a long history in this country of doing
that. It is not a pretty process. Science and technology,
discovery, invention are not a pretty process.
But where we are going, and we are going there very
quickly, and it is part of my confirmation process. And also at
Chairman Reichert's hearing last week I was asked about the
morale of my directorate. I was asked about the turnover. I was
asked about the understaffing, et cetera.
And in the end, I believe in success-oriented
organizations. I only served with volunteers. I expect them to
work hard, to be rewarded and to achieve success, and that is
mission success.
And I had an all-hands yesterday with over 500 of my
people, laid out the new organization, which Secretary Chertoff
kindly approved last Wednesday, which was briefed to the Hill
and all the staffers.
I am so pleased with the bipartisan, non-partisan reception
that I have received by the staff and the members. It is what I
am used to from defense. And I think that is totally
appropriate and heartwarming in the area of homeland security,
as you have indicated.
Ms. Jackson-Lee. So how many do you have on staff now?
Mr. Cohen. Right now, we have 16. I have one government
service employee. She has three assistants. And then we are
using IDA, the Institute for Defense Analysis, on a contract
basis to do the technical evaluation.
Of course, those individuals must recuse themselves. They
must not have holdings, all of the appropriate safeguards
relative to the technologies and the companies that they are
evaluating.
Ms. Jackson-Lee. And how many more do you need?
Mr. Cohen. We do need more, absolutely, we do need more.
Ms. Jackson-Lee. How many?
Mr. Cohen. This is the organization. I would like Ms. Vasta
just to quickly walk through that, so that you see the rational
approach that we are trying to take. I know time is short. She
will make it very quick.
Ms. Vasta. As the undersecretary alluded to, we currently
have one federal employee. That, of course, is me. I have been
acting in that position since mid-November of this year.
The proposal is that we have a director for the office,
which would be a federal employee; a deputy director, a program
manager, and I am pleased to report that that acquisition is in
process.
Of course, that individual would be continuing to be
supported by the contract support staff. In addition to the
other federal employees that are proposed, we are looking at an
economic director, as well as a technical director, as well as
an outreach coordinator. These are all full-time federal
employee positions.
And at some point, we hope to seek funding for an on-site
attorney in that office.
Ms. Jackson-Lee. Right now those are all vacant? What you
just listed are vacant?
Mr. Cohen. I would like to say, again, this is the
organization that I am going to--in 3 weeks, since coming on
board the 10th of August, the secretary has approved a total
reorganization which is now in place.
This is a subset of that. I am used to, being a submariner,
having very small groups of officers and crews, and we dual-
hat. We have collateral duties.
So as we put this new organization in effect over the next
several weeks, and that is the time frame for this
organization. I will not hesitate to reach down into the talent
that I enjoy--my scientists, engineers and program managers--
and dual-hat them as necessary to ensure that we get this off
to the right start, because you saw from the chart, the
histogram, SAFETY Act is a growth industry, which is what we
wanted all along.
Ms. Jackson-Lee. Mr. Chairman, I ask unanimous consent for
an additional 1 minute, because he did not finish the last two
answers.
And if you could quickly do that on the choice between big
companies and small. I would only just answer my own question.
I hear you, but right now these are vacant positions. And I
will just--
Mr. Cohen. Yes, ma'am.
Ms. Jackson-Lee. All right. But can you just answer the
last two--
Mr. Reichert. The gentlelady's time has expired.
Mr. Cohen, please answer the question that the chair--
Ms. Jackson-Lee. Thank you. An additional 1 minute--
Mr. Reichert. --because the chair has a reputation for
being generous with his time, but we have a second panel with
five witnesses, so if you could--
Ms. Jackson-Lee. Thank you. If you could quickly answer, I
would appreciate it. Thank you.
Mr. Cohen. My record at Naval Research is strong in
outreach and with historically black and minority institutions.
To me, the outreach should be an integrated outreach, as Ms.
Duke has indicated.
Everywhere we go, we need to talk about the SAFETY Act. We
need to talk about the authorities that you have given me of
the transaction, et cetera. That will kick-start people coming
in.
I am not going to share with you my own prejudices of big
companies versus small companies of cutting-edge technology,
but I think you had it exactly right.
And Thomas Friedman, in ``The Earth is Flat''--and we
addressed this last week--he had to revise his book because he
was giving credit to Bangalore and China, and he was
badmouthing American innovation, and he had it wrong.
And he has admitted that now publicly, because it is about
the innovation that we enjoy and the system of government that
we have that allows protection of intellectual property and
allows people to be the best that they can be.
And we have not yet begun to tap all of those sources, and
I commit to you the things that I did in Navy I will do in
Homeland Security. That is what I have been asked to do. And we
will have a very wide blanket.
Ms. Jackson-Lee. Thank you.
Mr. Reichert. The chair recognizes Ms. Christensen.
Ms. Jackson-Lee. Thank you very much.
Mrs. Christensen. Thank you, Mr. Chairman.
I am going to just ask one question in the interest of time
about the appeals process for the SAFETY Act application,
because the rules do not allow any opportunity for an
administrative or any kind of appeal.
And I guess it is you that has the final word, and no
question. No question can be asked. So that seems to send the
wrong message, and I know that it comes up in at least one of
the next panelists' testimony, and I wonder if you would
respond to that.
Why is it that there is no appeals process?
Mr. Cohen. Well, Ms. Christensen, I am not omniscient. I
have been known to make mistakes. people who work for me may
make mistakes.
And to the extent that we can do process improvement, I
look forward to the thoughts of the next panel and working with
industry, working with our customers, because you are right, I
don't want to send any message that in any way limits
participation.
We live in a democracy, and I believe that should pervade
all of our processes.
Mr. Reichert. Thank you. I would like to thank the
witnesses for your valuable testimony. This panel is excused.
And I would ask that the second panel take their seats,
please.
Welcome. Thank you for being here today. We appreciate your
taking time to be with us.
We all have very busy schedules. And if I could just remind
the witnesses to abbreviate your testimony and allow us time to
ask questions. I know some of the other members have to move on
to other appointments.
First, I would like to recognize Mr. Howell, the vice
president of the homeland security policy division for the U.S.
Chamber of Commerce to testify.
Mr. Howell?
STATEMENT OF ANDREW HOWELL, VICE PRESIDENT, HOMELAND SECURITY
POLICY DIVISION, U.S. CHAMBER OF COMMERCE
Mr. Howell. Thank you. I would like to thank Chairman
Rogers, Chairman Reichert, Representative Meek and
Representative Pascrell and all members of the two
subcommittees for the opportunity to testify here today.
My name is Andrew Howell, and I am vice president of
homeland security policy at the U.S. Chamber of Commerce.
The chamber represents more than 3 million businesses
through our federation, which includes direct corporate members
of all types and sizes, trade and professional associations,
state and local chambers of commerce and 104 American chambers
of commerce around the world.
I would like to express our appreciation to the
subcommittees for holding this hearing on the SAFETY Act. The
program is one of the few incentives to spur the development
and deployment of cutting-edge technologies, services and
systems to protect our homeland.
Ensuring the security of our citizens should be America's
top priority. The SAFETY Act is an important tool to realize
that objective.
The chamber applauds the Department of Homeland Security's
efforts to ensure that the SAFETY Act provides the protections
intended by Congress.
The final regulations issued in June provide needed
certainty in several areas: The definition of an act of
terrorism, coordination of the timing of SAFETY Act awards with
antiterrorism procurements, explanation of the relationship
between the SAFETY Act and indemnification, and a process for
SAFETY Act protections en masse through block designations and
block certifications.
Additionally, we were pleased to see a process for SAFETY
Act awards when products are in the developmental test and
evaluation phase. Let me now expand on each of these areas.
Terrorism is a global issue that demands a global policy
response. However, U.S. regulation does not easily reach
foreign shores. Given this reality, how can we protect firms
providing antiterrorism technologies abroad?
In the final SAFETY Act regulation, DHS notes, ``The
department does not interpret the language of the SAFETY Act to
impose a geographical restriction for purposes of determining
whether an act may be deemed an act of terrorism.''
Additionally, the regulation says that an act on foreign
soil may indeed be deemed an act of terrorism for purposes of
the SAFETY Act, provided that it causes harm in the United
States. The department interprets harm in this context to
include harm to financial interests.
We agree with this approach, which protects vendors
advancing U.S. homeland security policy interests by deploying
technology abroad. At the same time, there may be areas where
this definition is not sufficient. Therefore, in some cases, it
will be necessary to combine SAFETY Act protections with
indemnification offered by Public Law 85-804.
We are pleased that DHS in the final regulation
acknowledges this approach ``might appropriately be made
available.'' We look forward to further guidance in this area.
Regardless, however, of the location of antiterrorism
technology deployments, DHS has struggled to coordinate
acquisition and procurement with the SAFETY Act award
determinations. We have heard a little bit about that.
Recent DHS practice as well as the text of this final
SAFETY Act rule demonstrate its progress. The advanced
spectroscopic portal monitor and SBInet procurements which were
mentioned earlier are steps in the right direction.
However, consideration of SAFETY Act has consistently been
left until after the release of DHS procurements. Acquisition
professionals, in our view, should systematically consider the
SAFETY Act early in the acquisition process, not at the end.
Another area where DHS has made progress is in the block
designations and block certifications, which would award SAFETY
Act to vendors whose solutions or products meet a predetermined
specification. We would like to see details on how this good
idea will work.
At the same time, the block designation section of the new
SAFETY Act application is the only reference to a streamlined
process, which is essential. We are eager to see specifics in
this area.
One more area I would like to cover is developmental test
and evaluation designations. By providing coverage in this
area, the new regulation embraces the spirit of the SAFETY Act,
which was to spur the development of new technologies.
We are keen to see how this process will function and will
work with DHS to ensure that it works smoothly and effectively.
Clearly, in our view, DHS has made great strides in this
new regulation and new application kit. At the same time, DHS
must implement several new and updated business processes for
the SAFETY Act to reach its potential.
The first is the new application kit now open for comment.
This kit asks applicants for the information that DHS is
actually now using to make decisions. Of course, there is still
room for refinement. We also hope that DHS will soon publish a
streamlined SAFETY Act kit.
Last year, the chamber joined with the Professional
Services Council and others to provide recommendations in this
area. We are eager to see how DHS utilizes our suggestions.
In conclusion, we congratulate DHS for all the work done to
implement the SAFETY Act more effectively and efficiently. At
the same time, government and industry must continue working in
partnership for this program to realize its potential to
protect the American public.
Thank you for this opportunity to testify today, and I look
forward to any questions or comments you might have.
[The statement of Mr. Howell follows:]
Prepared Statement of Andrew Howell
Introduction
I would like to thank Chairman Rogers, Chairman Reichert,
Representative Meek and Representative Pascrell, and all Members of the
Subcommittee on Management, Integration and Oversight, as well as the
Subcommittee on Emergency Preparedness, Science and Technology, for
giving me the opportunity to testify before you today.
My name is Andrew Howell, and I am the Vice President for Homeland
Security Policy at the U.S. Chamber of Commerce. The U.S. Chamber of
Commerce (``the Chamber'') is the world's largest business federation,
representing more than 3 million businesses through our federation,
which includes direct corporate members of all types and sizes; trade
and professional associations; state and local chambers through the
United States; and 104 American Chambers of Commerce abroad (AmChams)
in 91 countries.
On behalf of the Chamber, I would like to express our appreciation
to the two subcommittees for providing this opportunity to comment on
the implementation of the ``Support Anti-Terrorism by Fostering
Effective Technologies Act (SAFETY Act)''. We applaud your efforts to
bring attention to this important program, which is one of the few
incentives offered to spur the development and deployment of cutting-
edge technologies, services and systems to protect our homeland. The
Chamber believes that ensuring the security of our citizens should be
America's top priority. The SAFETY Act is an important tool necessary
to realize that objective, and one that helps to harness the creativity
and innovation of the private sector. We look forward to working with
members of this committee, and the appropriate subcommittees, as you
conduct important oversight of this key DHS program.
The Final SAFETY Act Implementing Regulation
The Chamber applauds the Department of Homeland Security in its
efforts to ensure that the SAFETY Act provides the full protections
intended by Congress. The final regulations issued on June 8, 2006
provide much-needed certainty on this critical program in several key
areas:
The definition of an act of terrorism;
Coordination of the timing of SAFETY Act awards with
important federal anti-terrorism procurements;
Explanation of the relationship between the SAFETY Act
and indemnification under Public Law 85-804; and
A concrete process for the use of SAFETY Act
protections en masse through ``block designations and ``block
certifications.''
Additionally, we were pleased to see an explicit process for SAFETY
Act awards when products are in the developmental test and evaluation
phase, which can either test a promising anti-terrorism technology or
identify something that may form the basis for future anti-terrorism
technologies.
Let me now expand on each of these areas, which we consider to be
among the most important parts of the new regulation.
Definition of an act of terrorism
As you know, terrorism is a global issue that demands a global
policy response. For example, Homeland Security Presidential Decision
Directive 13 notes that:
The security of the Maritime Domain is a global issue. The
United States, in cooperation with our allies and friends
around the world and our state, local and private sector
partners, will work to ensure that lawful private and public
activities in the Maritime Domain are protected against attack
and criminal and otherwise unlawful or hostile exploitation.
Additionally, the Container Security Initiative, announced several
years ago by former Customs and Border Protection Commissioner Robert
Bonner, is based on the principal of ``pushing our border out'' by
stationing U.S. Customs and Border Protection officers at foreign ports
shipping goods to the United States.
However, as we all know, U.S. regulation does not easily reach
foreign shores. Given this reality, in the context of the SAFETY Act
and the global nature of our homeland security policy, how can the
government effectively protect firms providing anti-terrorism
technologies abroad, where U.S. regulations have limited impact?
Recognizing the need to think differently on the liability threat
facing firms selling anti-terrorism technologies that would carry out
U.S. policy objectives, our comments in August of 2003 on the proposed
SAFETY Act regulation, pointed out the need to clarify the definition
of an ``Act of Terrorism'' to provide clarity for vendors selling anti-
terrorism technologies for deployment abroad.
In the final SAFETY Act implementing regulation, DHS offers
thoughtful language in this regard, noting that ``The Department does
not interpret the language of the [SAFETY] Act to impose a geographical
restriction for purposes of determining whether an act may be deemed an
`Act of Terrorism' ''. Additionally, the regulation notes that ``an act
on foreign soil may indeed be deemed an `Act of Terrorism' for purposes
of the SAFETY Act provided that it causes harm in the United States.
The Department interprets `harm' in this context to include harm to
financial interests.''
In our view, this appropriately protects vendors with financial
interests--including equity stakes, shareholders, plants, assets and
the like--from an Act of Terrorism abroad if it affects the value of
those financial interests in the United States.
Relationship between the SAFETY Act and indemnification under Public
Law 85-804
At the same time, there may be areas where this definition does not
sufficiently protect a firm with an overseas deployment of technology--
particularly if a product liability lawsuit is brought in a court
outside of the United States.
Therefore, we believe it is necessary, in some cases, to combine
SAFETY Act protections with the benefits of Public Law 85-804, which
allows the Government to indemnify private parties acting on the
Government's behalf. In our view, those deploying anti-terrorism
technology abroad in support of U.S policy to push our borders out,
are, in effect, acting on the government's behalf. Therefore, these
technologies would be obvious candidates for a dual track SAFETY Act/
P.L. 85-804 approach.
This is something we have been calling for since our comments of
August 2003 on the Proposed Implementing Regulations for the SAFETY
Act. We are pleased that the department, in this final regulation,
acknowledges that a combined SAFETY Act/P.L. 85-804 approach ``might
appropriately be made available.'' At the same time, we look forward to
seeing further guidance from DHS in this area so that important
programs with both domestic and international deployments--like perhaps
SBINet--can benefit from a strong pool of bidders, undeterred by
potential liability concerns.
Coordination with anti-terrorism procurements
Regardless of the location of the anti-terrorism technology
deployment, however, one very basic element of a comprehensive SAFETY
Act program implementation has been lacking--coordination between
acquisition and procurement and SAFETY Act determinations.
The Chamber, in collaboration with our members and several other
trade associations, has been working hard with procurement officials
and DHS leadership to build SAFETY Act provisions into important
procurements. However, this approach has been haphazard and has too
often been in reaction to a procurement that has already been issued.
Recently, as well as in this final SAFETY Act rule, DHS has
appropriately recognized the need to coordinate SAFETY Act benefit
determinations with acquisition and procurement operating procedures.
The establishment of a ``Pre-Qualification Designation Notice,'' is a
good tool for federal buyers to use during the early stages of
acquisition and would be accompanied by an ``expedited review of a
streamlined application for SAFETY Act coverage. . .and, in most
instances, establish the presumption that the technology under
consideration constitutes a QATT'' (i.e. qualified anti-terrorism
technology), according to the new regulation.
We are also pleased to see this rule states that the Office of
SAFETY Act Implementation (OSAI) may also expedite applications for
vendors responding to an ongoing solicitation and that the Department
may unilaterally decide that a procurement is eligible under the SAFETY
Act. While there are still details to be worked out--for example, the
timeline for an application being expedited--these are all steps in the
right direction.
However, all the process improvements in the world will not help
unless DHS simultaneously strengthens its procurement and acquisition
corps. We need to find a way to help DHS procurement officials better
research markets; plan their procurements; develop meaningful
performance metrics; and buy goods and services cost effectively.
Incorporating the SAFETY Act into the process of planning an
acquisition is essential, and because it is a new program, training
will be absolutely essential. By taking the time to carefully consider
performance metrics, liability concerns and the role of the SAFETY Act
prior to developing and issuing a request for proposals (RFP), our
government, our citizenry and the anti-terrorism technology vendor
community can do a better job managing risk and protecting our
homeland.
Block designations and block certifications
Another area where DHS has made significant progress in this final
regulation is the strong statement made for block designations and
block certifications. The department decides that all solutions or
products that meet a certain specification can be deemed to have
streamlined SAFETY Act reviews.
From our perspective, there are several programs where this
mechanism should be used in the near term. One that comes to mind is
the Registered Traveler (RT) program. Vendors of RT solutions, as you
may know, will all have to meet a certain specification set by the
Transportation Security Administration. Therefore, it would make sense
to designate or certify this group of services, which will be more
widely deployed later this year.
At the same time, it is worth noting that the block designations
section of the new SAFETY Act kit is the only place in the entire
document that makes mention of a ``streamlined'' process. We believe
that there are many areas where DHS can and should streamline the
technology evaluation process, and we are eager to understand how the
Department intends to carry this out.
Developmental test and evaluation efforts
One final area in the final regulation that merits attention is the
section on developmental testing and evaluation designations. The
SAFETY Act is designed to spur the development of new technologies;
this specific category of SAFETY Act application provides further
details on exactly how DHS plans to work with industry partners to
protect them from liability in the risky, early stages of a program. We
all know that liability can, indeed, extend all the way back to the
development phases of a technology. Therefore, awarding SAFETY Act
benefits is entirely appropriate.
Of course, once the benefits of the developmental test and
evaluation segment of a SAFETY Act certification's benefits have
expired--presumed to be 36 months in the regulation and kit--some
applicants will, we hope, want to extend their coverage. How DHS
handles the continuation of benefits--whether a firm has to fill out an
entirely new kit, simply file a modification application, or exercise
some other alternative--will need to be worked out. We are eager to see
exactly how that process will work, and we will work with DHS to ensure
that it functions smoothly and effectively for both the government and
the applicant.
Beyond the Implementing Regulations_Making the SAFETY Act Reach its
Potential as an Anti-Terrorism Tool
In order to make the SAFETY Act reach its true potential, DHS must
implement several new and updated business processes.
The first such process is a new application kit. Now open for
public comment, we believe this new kit effectively asks applicants for
the information the Department is now actually using to make evaluation
decisions. At the same time, while the questions asked are more precise
and better guide applicants to provide the right data, we believe the
overall burden on the applicants does not, at this point, seem to be
reduced.
Therefore, we hope that DHS will continue to work with us and
others to limit the amount of information that application evaluators
seek, while also making the SAFETY Act process as effective as
possible.
We also hope that DHS will soon develop and publish a streamlined
SAFETY Act kit. In September, the Chamber joined with a host of other
organizations--including the Professional Services Council, the
National Defense Industrial Association; the Information Technology
Association of America and the Aerospace Industries Association--to
develop our version of an effective, streamlined kit for use in
specific circumstances. Attached for the record is a letter
transmitting our vision of an effective streamlined kit, complete with
instructions for DHS.
In this document, we focused on gaining efficiencies and reducing
redundancies across the Department. In our view, there is significant
overlap between the SAFETY Act office's evaluation process and the
review a procurement officer leads when assessing the efficacy of a
product, service or integrated solution. As a result, we believe that
for purposes of the SAFETY Act, deference can and should be given to
the procurement evaluation--whether for an ongoing solicitation or for
a prior procurement.
Of course, with regard to procurement, we must congratulate DHS
officials for the many strides they have made to more effectively link
SAFETY Act determinations and procurement awards. DHS thoughtfully
issued a revised Request for Proposal (RFP) for its Advanced
Spectroscopic Portal monitor procurement that included SAFETY Act
protection for the winning bidder after realizing the liability
challenges vendors would face from deploying this bleeding-edge
technology. On its SBINet procurement, DHS included language in the
original document, and then supplemented it with subsequent
modifications.
However, in both of these cases, the SAFETY Act was omitted in the
initial procurement process, leaving thoughtful DHS officials to
address the liability issue once bidders began asking how their
liability concerns would be addressed. As we all know, issuing a
procurement is the end of a process which begins with market research
and continues through the establishment of program requirements and
metrics. To date, federal government acquisition professionals have not
systematically included consideration of liability issues--and
utilization of the SAFETY Act to mitigate those issues--early in the
overall acquisition process. As a result, those of us working on this
program from the outside are left at the very last moment--preparation
of a request for proposals--to try and have the SAFETY Act integrated
into the procurement.
In order to achieve this, changes must be made to both the
Department's acquisition regulations as well as the Federal Acquisition
Regulation (FAR). We understand both are underway, and that is to be
applauded. As soon as the Department and the FAR Council (which
recommends changes to the federal purchasing rules) finish their work,
the SAFETY Act can systematically be integrated into anti-terrorism
procurements across the government
Once these steps have been taken, of course we anticipate there
would be aggressive training of acquisition and procurement staff
across the government. DHS and other federal acquisition and
procurement officials need to better understand the SAFETY Act and
appreciate how it provides benefits to buyers and vendors.
At the same time, guidance for state and local buyers--especially
those receiving federal money to buy anti-terrorism equipment,
services, technology and the like--is essential. Because federal tax
dollars are being spent to secure our homeland at the local level, and
because the SAFETY Act is not just for federal anti-terrorism
procurements, DHS officials should find ways to educate the state and
local homeland security community. By taking this step, state and local
officials could either incorporate the Act into their acquisition
process or buy technology that has already been certified or designated
as a qualified anti-terrorism technology by DHS.
Of course, since 85% of our critical infrastructure is in private
sector hands, this is also an important community that needs to
appreciate the SAFTEY Act's benefit. Important steps have been taken in
this regard, most recently through the release of the National
Infrastructure Protection Plan, which includes a section on the SAFETY
Act and outlines its benefits for critical infrastructure owners and
operators.
Conclusion
In conclusion, we congratulate DHS for drafting and issuing a final
rule that sets the appropriate legal framework for the deployment of
anti-terrorism technologies, services and systems by federal, state,
local and commercial buyers. This regulation will help make us safer by
providing needed protection for vendors and buyers.
We also would note the excellent work that has been done drafting a
new application kit that effectively implements this regulation.
At the same time, more needs to be done to have this program
realize its true potential. As I have just outlined, issuing a new
application kit with streamlined review processes; building the SAFETY
Act into the acquisition process early on; training procurement and
acquisition officials at all levels of federal, state and local
government; modifying internal DHS acquisition rules; and concluding
the FAR Council's work to provide needed guidance for federal
government buyers are all essential steps.
Collectively, these steps will create a more robust homeland
security environment where sellers of anti-terrorism technology
innovate and deploy tools that most effectively protect the American
public.
We thank you for this opportunity to testify today, and hope that
this Committee will continue to exercise appropriate oversight to
ensure that this program works to enhance the security of our homeland.
We stand ready to assist you as you move forward in this effort.
Mr. Reichert. Thank you, Mr. Howell.
The chair now recognizes Mr. Meldon.
STATEMENT OF MICHAEL MELDON, EXECUTIVE DIRECTOR, HOMELAND
SECURITY AND DEFENSE BUSINESS COUNCIL
Mr. Meldon. Thank you, Mr. Chairman. Just before I start my
remarks, may I say that I was one of the people that
participated in the call that Undersecretary Cohen had with
industry about liquid explosive detection.
There was a sense of urgency in that call. He took action.
When the call to action went out, industry responded, and that
is evinced by the actions and the responses that he go back. So
we applaud that action, and we want to commend him for that.
Good afternoon, Chairman Rogers, and Chairman Reichert and
distinguished members of the subcommittee. My name is Michael
Meldon, and I am the executive director of the Homeland
Security and Defense Business Council.
I am testifying on behalf of our member companies. The
Homeland Security and Defense Business Council is a non-profit,
non-partisan organization that represents good governance and
successful program outcomes.
The council offers straight talk and honest assessments of
programs, technology and processes that are integral to the
mission of the Department of Homeland Security.
The council's goal is to be a world-class private-sector
component and partner to the public sector in all significant
areas of homeland security, to include risk mitigation, mission
effectiveness and management efficiency.
The council appreciates the opportunity to present our
industry perspective on the SAFETY Act final rule recently
released by the department.
There are a number of very positive changes that have
occurred in the business processes and guidelines surrounding
the SAFETY Act. To highlight some of these, the final rule
makes these changes to the SAFETY Act.
A, it provides that technology includes services as well as
equipment and software.
B, it removes the need for antiterrorism technology sellers
to offer insurance coverage to third persons for acts of
suppliers, vendors and subcontractors used to supply that
technology.
C, lets a seller of qualified antiterrorism technology make
changes to the product that modify its capabilities without
approval by or even notice to DHS, and without the loss of the
liability protections provided by the SAFETY Act.
D,, grants DHS the right to create so-called block
designations and certifications for certain categories of
antiterrorism technology.
And finally, addresses DHS's policy on safeguarding
proprietary information regarding applications for
antiterrorism designation and certification.
The new rule also addresses the application evaluation
timeliness issues. We have seen from an industry perspective
the information provided in the department's announcement of
the final rule states that in the first 16 months following the
passage of the SAFETY Act, six QATs, qualified antiterrorism
technologies, were approved, and an additional 68 technologies
were approved by March of 2005.
What this does not address is the number of applications
that have been received by the department for which no action
has been taken, and we are hopeful that as a result of the
changes these applications will be expeditiously adjudicated.
Several issues remain in the SAFETY Act and its intended
implementation, and I will focus the remainder of my time on
those issues.
Number one, anticipated changes in the insurance industry.
Insurance companies and the federal government paid more than
90 percent of the $38.1 billion awarded to victims of the 9/11
terrorist attacks, according to a 2004 study by the RAND
Corporation.
Secondly, because of concerns about an avalanche of claims,
Congress capped liability for airlines, airports, ports and
cities and established the 9/11 Victim Compensation Fund of
2001.
To use it, recipients had to waive the right to sue. Still,
about 70 families eventually filed wrongful death suits against
the airlines.
Third, the potential liability exposure continues to be
closely examined by the insurance industry as well as others,
and the business considerations that resulted from that review
are being implemented through new policy terms and conditions.
And finally, thankfully the United States has not suffered
a terrorist attack or resulting lawsuit since the fall of 2001,
so the protections of the SAFETY Act haven't come into play.
But industry's concern about liability is no less real.
The government contractor defense. One, implementation and
guidance regarding the government contractor defense is noted
in the final rule as an area where DHS still owes industry
specific direction and policies and procedures.
Two, the presumption of the government contractor defense
applies to all approved qualified antiterrorism technologies
for all claims brought in any kind of lawsuit arising out of,
relating to, resulting from an act of terrorism when qualified
antiterrorism technologies have been deployed in defense
against or response or recovery from such act, and such claims
may result or may result in loss to the seller.
While the government contractor defense is a judicially
created doctrine requiring the contractor provider to provide
essential elements in order to qualify for the defense, the
SAFETY Act supplants the case law so that once the secretary
approves the application for this additional protection, the
government contractor defense applies.
Three, the statutory government contractor defense
available under the SAFETY Act provides immunity not only
against all claims that might be brought by third parties
relating to sales to the government, it also applies to purely
private transactions.
Fourth, under existing case law the government contractor
defense is available only if the contractor manufactured the
product in question in accordance with reasonably precise
federal government specifications. And this is important.
Under the SAFETY Act, this is not the case. In reviewing an
application, the secretary will perform a comprehensive review
of the designation of such technology and determine whether it
will perform as intended, conforms to the seller's
specifications and is safe for use as intended.
The act also provides that the seller will conduct safety
and hazard analysis and supply such information to the
secretary.
Next, this suggests that unlike the existing judicially
crated government--
Mr. Reichert. Mr. Meldon, excuse me. Could I ask you
shorten and be brief in your closing comments? I am going to
lose two members here in the next few minutes, and we want to
give them some time to ask a question or two.
Mr. Meldon. Absolutely.
Mr. Reichert. Sorry.
Mr. Meldon. Not at all. Let me summarize, then.
The proposed rule clearly adopts broad protections provided
by the case law to the SAFETY Act version of the government
contractor defense.
Next is the secretary may designate a technology as
qualified antiterrorism technology, and he must examine the
amount of liability insurance that the seller intends to
maintain for coverage of the technology and certify that that
level is appropriate, so that the secretary predetermines the
amount of secondary coverage that industry needs for qualified
antiterrorism technology.
Under accuracy and completeness, we note that that is also
determined by the secretary in his review and is not against
any particular federal standard that we are aware of at this
time.
Modifications to qualified antiterrorism technology may
occur on an ongoing basis. This raises the issue, however, that
deals with QAT that has undergone in-place upgrades and
enhancements without specific DHS review.
And finally, we want to reiterate the council's view that a
number of very positive changes have occurred in the business
processes and guidelines surrounding the SAFETY Act and that,
in general, we are pleased with the modifications.
And we want to congratulate and commend the secretary of
the Department of Homeland Security for his personal
involvement in the final rule and the new regulations. Thank
you very much.
[The statement of Mr. Meldon follows:]
Prepared Statement of Michael M. Meldon
Good afternoon, Chairman Rogers, Chairman Reichert, and
distinguished members of the subcommittee. My name is Michael Meldon
and I am the Executive Director of the Homeland Security and Business
Council. I am testifying on behalf of our member companies. The
Homeland Security & Defense Business Council is a non-profit, non-
partisan organization that represents good governance and successful
program outcomes. The Council offers ``straight talk'' and honest
assessments of programs, technology, and processes that are integral to
the mission of the Department of Homeland Security. The Council's goal
is to be a world class private sector component and partner to the
public sector in all significant areas of homeland security to include
risk mitigation, mission effectiveness, and management efficiency.
The Council appreciates the opportunity to present our industry
perspective on the SAFETY Act Final Rule recently released by the
Department of Homeland Security.
There are a number of very positive changes that have occurred in
the business processes and guidelines surrounding the SAFETY Act. To
highlight some of these, the final rule makes these changes to the
Safety Act:
Provides that a technology includes services as well
as equipment and software. This means maintenance contractors
may be entitled to liability protection if they service
equipment used for anti-terrorism purposes, or if they provide
design, consulting, analysis or other professional services.
Removes the need for anti-terrorism technology sellers
to offer insurance coverage to third persons for acts of
suppliers, vendors and subcontractors used to supply the
technology. This expands the bargain struck in the Safety Act,
which exchanged limitations on the seller's legal liability to
the public for a requirement that the seller get liability
insurance coverage.
Lets a seller of a qualified anti-terrorism technology
make changes to the product that modify its capabilities
without approval by, or even notice to, DHS, and without loss
of the liability projections provided by the Safety Act. Under
the interim rule, a seller that made significant modifications
to the technology that reduced its capabilities could lose its
liability protection as of the time the change was made. Under
the final rule, however, if the product modification is so
significant that the product would no longer qualify for
liability protection, and then the seller is required to give
notice to DHS. The product retains the liability protections
until DHS takes affirmative steps to terminate its
qualification.
Grants DHS the right to create so-called block
designations and certifications for certain categories of anti-
terrorism technologies. Sellers whose technologies fall within
these will not have to demonstrate their technology's technical
merits. They will be entitled to receive the liability
protections simply by submitting an abbreviated application
showing that the technology is covered by the pre-approved
block determination.
Addresses DHS' policy on safeguarding proprietary
information regarding applications for anti-terrorism
designation and certification.
The new rule also addresses the application evaluation timeliness
issues we have seen from an industry perspective. The information
provided in the Department's announcement of the Final Rule (6 CFR Part
25, [USCG-2003-15425]/RIN 1601-AA15) states that in the first 16 months
following the passage of the SAFETY Act, 6 QATT's were approved and an
additional 68 technologies were approved by March 2005. What this does
not address is the number of applications (thought to be in the
hundreds) that have been received by the Department for which no action
has been taken.
Several issues remain in the SAFETY Act and its intended
implementation and I will focus the remainder of my time on these
issues.
Anticipated changes in the insurance industry
The SAFETY Act was designed to encourage firms to bring homeland
security products to market by eliminating the ``bet-your-company''
risk that might turn some of them away. Insurance companies and the
federal government paid more than 90 percent of the $38.1 billion
awarded to victims of the Sept. 11 terrorist attacks, according to a
2004 study by the nonprofit RAND Corp. Because of concerns about an
avalanche of claims, Congress capped liability for airlines, airports,
ports and cities and established the Sept. 11 Victim Compensation Fund
of 2001. To use it, recipients had to waive their right to sue. Still,
about 70 families eventually filed wrongful death suits against
airlines. Plaintiffs also sued the former Riggs Bank--alleging that lax
oversight facilitated the financing of two hijackers--and 12 families
of firefighters sued Motorola Inc. and New York City over faulty hand-
held radios. That suit later was thrown out of court. The nature of
these suits and the potential liability exposure was closely examined
by the insurance industry as well as others and the business
considerations that resulted from their review are being implemented
through new policy terms and conditions.
Thankfully, the United States has not suffered a terrorist attack,
or resulting lawsuits, since the fall of 2001, so the protections of
the SAFETY Act haven't come into play. But industry's concern about
liability is no less real. Large contractors bolstering the blast-
resistance of bridges, ports and other hard targets; system integrators
designing buildings and technological systems; manufacturers of
infrared cameras and motion detectors on the border; and biotech firms
supplying vaccines all could face lawsuits after a terrorist attack.
Government Contractor Defense
Implementation and guidance regarding the Government Contractor
Defense is noted in the Final Rule as an area that DHS still owes
industry specific direction and policies/procedures.
The presumption of the government contractor defense applies to all
``approved'' qualified anti-terrorism technologies for all claims
brought in any kind of lawsuit ``arising out of, relating to, or
resulting from an act of terrorism when qualified anti-terrorism
technologies . . . have been deployed in defense against or response or
recovery from such act and such claims result or may result in loss to
the Seller.'' While the government contractor defense is a judicially
created doctrine requiring the Contractor/Provider to prove essential
elements in order to qualify for the defense, the SAFETY Act supplants
the case law so that once the Secretary ``approves'' the application
for this additional protection, the government contractor defense
applies.
Significantly, the statutory government contractor defense
available under the SAFETY Act provides immunity not only against all
claims that might be brought by third parties relating to sales to the
government, it also applies to purely private transactions. Thus, once
the Secretary ``approves'' a qualified anti-terrorism technology for
this additional protection, the Contractor/Provider is immune from
liability relating to sales of that technology in the commercial
sector.
Moreover, under the case law, the government contractor defense is
available only if the contractor manufactured the product in question
in accordance with reasonably precise federal government
specifications. Under the SAFETY Act, that is not the case. In
reviewing an application, the Secretary will perform a ``comprehensive
review of the design of such technology and determine whether it will
perform as intended, conforms to the Seller's specifications, and is
safe for use as intended.'' The Act also provides that the Seller will
``conduct safety and hazard analyses'' and supply such information to
the Secretary.
Thus, unlike the existing judicially created government contractor
defense, the DHS statutory government contractor defense will protect
Contractor/Providers of technology in the commercial marketplace and
will allow qualified anti-terrorism technologies to be approved for
such treatment even if a federal specification is not involved.
The proposed rule clearly adopts the broad protections provided by
the case law to the SAFETY Act's version of the government contractor
defense. The proposed rule recognizes that the scope of the defense is
very broad, and expressly states that Sellers of ``approved'' qualified
anti-terrorism technologies cannot be held liable under the SAFETY Act
for design defects or failure to warn claims (unless the presumption is
established through evidence that the Seller acted fraudulently or with
willful misconduct in submitting information to the Secretary in
connection with its application). As noted above, applications to gain
this protection may be submitted simultaneously with the application
for ``designation'' as a qualified anti-terrorism technology. The
immunity provided by the statutory government contractor defense is a
remarkable protection afforded to sellers of anti-terrorism
technologies, and we expect most sellers of such technologies to submit
applications.
The court and case law test of DHS' interpretation will
unfortunately be played out against another tragedy (hopefully averted)
and the use of the DHS statutory rule which may come under pressure
since it departs from the current PL 85-804.
Exclusive Federal Jurisdiction and Scope of Insurance Coverage
The Final Rule establishes that before the Secretary may designate
a technology as a qualified anti-terrorism technology, he must examine
the amount of liability insurance the Seller intends to maintain for
coverage of the technology and certify that the coverage level is
appropriate to satisfy otherwise compensable third-party claims that
may be caused by an act of terrorism when qualified anti-terrorism
technologies have been implemented. The SAFETY Act also provides that
Contractor/Providers are not required to obtain insurance in excess of
the maximum amount reasonably available that would not unreasonably
distort the sales price of the anti-terrorism technology.
The rule states that the Secretary does not intend to set a
numerical ``one-size-fits-all'' level of insurance requirement for all
technologies. Instead, the required level of insurance will be
determined on an application-by-application basis and will be based
upon the examination of several factors, including: ``the amount of
insurance the Contractor/Provider has previously maintained; the amount
of insurance maintained for other technologies or for the business as a
whole; the amount of insurance typically maintained by sellers of
comparable technologies; data and history regarding mass casualty
losses; and the particular technology at issue.'' The rule also
suggests that the Secretary might confer with the Contractor/Providers,
and insurance carriers, to determine the appropriate level of insurance
to require for a particular application. The proposed rule recognizes
that over time the appropriate level of insurance may change based on
the market for insurance, the predominance of a particular threat, and
other factors. Accordingly, the Contractor/Provider is allowed to seek
reconsideration of the insurance required.
The impact for not maintaining the required level of insurance are
also addressed in the rule. If a Contractor/Provider allows its
insurance to fall below the required level of insurance, the
protections of the SAFETY Act will still apply. However, the maximum
liability of the Contractor/Provider remains at the required level of
insurance so they may be subjecting itself to an uninsured liability.
In addition, allowing the insurance to fall below the required level
will be regarded as a negative factor by the Secretary for any future
application for renewal of the SAFETY Act protections and might be
considered as a negative factor for any other SAFETY Act applications
submitted by the same Contractor/Provider.
Confidentiality of Information
Under the Freedom of Information Act, Trade Secrets Act and other
federal statutes, trade secrets and other proprietary information
submitted to DHS by an applicant remain confidential. In the final
rule, however, DHS has taken the position that all information
submitted by an applicant, whether or not proprietary or a trade secret
and including the applicant's identity, will be withheld from
disclosure.
The breadth of the information that DHS may withhold is subject to
debate, and DHS has staked out an aggressive position. Parties
submitting applications for anti-terrorism technology designation or
certification still should be careful because courts frequently have
taken a more nuanced view of the proper balance between protecting
commercially valuable information and the public's right to examine the
decisions of its government agencies.
Certifying ``accuracy and completeness''
The standard for performance of this final rule clause is almost
impossible to determine--yet the industry case will rest heavily on the
process that led them to seek the QATT in the first place. The
parameters used for ``accuracy and completeness'' are also likely to be
used in determining negligence or fraud. Since DHS is not dealing with
a detailed federal government specification for defined products,
services and support the method for certifying ``accuracy and
completeness'' remains subjective.
Significant Modification to a Qualified Anti-Terrorism Technology
The final rule discusses the provisions of ongoing modification to
QATT in service. The issue that this raises, however, deals with QATT
that has undergone in place upgrades and enhancements without specific
DHS review. The worst case scenario suggests that DHS could develop a
finding that determines that a product thought to be on the QATT and
covered with appropriate liability insurance, is not and a fraud has
occurred. Third parties in this scenario then have additional options
to recover from claims. However horrific it seems, the potential test
of this rule could be in the aftermath of a significant terrorist
attack on the US and the availability of 'clear and convincing
evidence' to support claims against a Seller may not be possible.
Scope of Insurance Coverage
The final rule creates a single cause of action with exclusive
jurisdiction in a federal district court. As a result, we might expect
to see plaintiffs suing in foreign countries whenever possible to avoid
the liability limitations of the Act. Industry will be carefully
considering appropriate corporate structures necessary to ameliorate
this possibility and to keep federal causes of action in the United
States.
Reconsideration of Designations
The final rule also suggests that a designation as a qualified
anti-terrorism technology will last for five to eight years and may be
renewed, but seeks comment on this proposed duration. The SAFETY Act
does not contain any time limit on the length of the ``designation.''
There appears to be no logical reason why there should be any time-
based limitation on the designation as a QATT--a technology that meets
the criteria today and is afforded the protections of the statute,
should be eligible for the same protection so long as the technology is
available and in service.
Mr. Reichert. Thank you, Mr. Meldon.
The chair recognizes Mr. Soloway, president of the
Professional Services Council.
STATEMENT OF STAN SOLOWAY, PRESIDENT, PROFESSIONAL SERVICES
COUNCIL
Mr. Soloway. Thank you, Chairman Reichert, distinguished
members of the subcommittee. I appreciate the invitation to
testify this morning.
My name is Stan Soloway. I am president of the Professional
Services Council, which is the leading national trade
association of the government professional and technical
services industry.
Many of our member companies are currently actively
supporting DHS's critical mission. Many have applied for
coverage under the act or are planning to do so. Despite a slow
start, significant progress on implementation of the SAFETY Act
has been made in the last few months.
And we certainly compliment and join the chorus of
compliments to the Department of Homeland Security staff and
particularly the leadership from the Office of the Chief
Procurement Officer and the general counsel's office, Admiral
Cohen and others for bringing us to this point.
More work does remain to be done, however. And in the
interest of time and not to be redundant with my colleagues,
let me just focus on a few key issues.
The department has been consistently clear and reasserted
in this final rule that services are fully eligible for SAFETY
Act coverage. The department in the final rule has restated its
intent to assert appropriate exemptions to protect proprietary
information submitted by companies during the application
process.
They have clarified the scope of SAFETY Act coverage by
allowing for block designations and block certifications for
groups of technologies and, as Mr. Howell and others have
mentioned, creating a new category of coverage, developmental
test and evaluation.
All of these are excellent signs of progress, and we are
fully supportive of this approach. But as the program continues
to be a work in progress, so, too, are these final regulations.
There are additional steps the department should take, such
as issuing a streamlined application kit so that companies can
take full advantage of the new flexibilities, provide more
clarity in addressing the relationship to federal and other
procurement opportunities, and more clarity as well to address
the relationship between the SAFETY Act and the extraordinary
contractual relief available for federal procurement
opportunities under Public Law 85-804.
Following the release of the final rule, the department
issued in August an updated application kit, and by and large
we are supportive of the new kit. It is consistent with the
final rule and does include relevant application forms for the
new block designation, block certification and DT&E
designation.
The kit addresses the concerns PSC and others raised at the
department and the Office of Management and Budget's Office of
Information and Regulatory Affairs in February of 2005,
particularly with respect to the quantity of highly proprietary
financial information required of applicants.
Yet here, too, there are still some lingering concerns. The
forms are indeed clearer and more logically arranged, and the
amount of financial information that is required appears to be
minimized.
However, we do not believe that the total amount of
information requested will be significantly less than
previously required.
In fact, new to this version of the application for
designation is an instruction with regard to certain
applications that instructs an applicant to, quote, attach a
copy of any request for proposal or broad agency announcement
that led to the award and a copy of your final proposal and
statement of work.
The workload to meet this requirement, even though it only
applies in certain circumstances, could be extraordinary. In
addition, while more information is given on how to properly
and fully complete the application forms, the new kit actually
establishes some tougher standards for the department to find
an applicant complete.
Furthermore, despite a reference to it in the rule, the
streamlined application process does not yet exist. PSC and our
partners such as the Chamber of Commerce and the SAFETY Act
Coalition have provided DHS with a recommended streamlined
application kit, and we are hopeful the department will move
quickly to fill this significant gap.
As Ms. Duke and others have also made clear, the final rule
clearly recognizes the importance of aligning the SAFETY Act
process with planned and ongoing federal procurement and the
procurement processes of others.
For example, the final rules establish a flexible approach
for coordinating consideration of a SAFETY Act application with
the procurement process by allowing a government agency to seek
a preliminary prequalification designation notice with respect
to a technology to be procured.
That notice would state that the technology to be procured
either affirmatively or presumptively satisfies the technical
criteria necessary to qualify under the act.
The regulations provide that vendors chosen to provide the
technology will receive expedited review of their application
for designation, be deemed to have satisfied the technical
criteria for SAFETY Act designation with respect to that
technology, and be authorized to submit a streamlined
application as set forth in the prequalification designation
notice.
We strongly support this approach, but we must also
recognize the great challenges inherent in the cross-agency and
cross-governmental coordination needed to make this process
work as intended. And we urge DHS to move quickly to clarify
that vital element of the process.
We have also long asserted that companion regulatory
coverage must be included in the Federal Acquisition Regulation
and, if necessary, the department's own regulations. To its
credit, and as Ms. Duke mentioned, the Office of Procurement
has initiated this rulemaking with the FAR council and
developed an initial outline for the rule.
With the final SAFETY Act rule now in place, it is
essential that the acquisition rulemaking process move very
quickly.
Once the final acquisition regulations are in place, the
next critical step is to provide the necessary training to the
federal acquisition workforce and others involved in the
process. The DHS staff recognizes the importance of such
training and has indicated a commitment to initiate that
training at the earliest opportunity.
PSC and my colleagues at other associations would be more
than happy to offer our assistance wherever appropriate.
Mr. Chairman, it has been almost 4 years since Congress
took the significant step to enact the SAFETY Act. The law is
intended to be a gas pedal to accelerate the deployment of
antiterrorism technologies. The procedural issues relating to
the act should not be a break on the applicants.
DHS has significantly moved the process forward and, to the
department's credit, it has not waited for the final rule or
for the acquisition regulations to apply the SAFETY Act
protections to its own significant procurements.
As Mr. Howell mentioned, the advanced spectroscopic program
award the department made earlier this year includes SAFETY Act
coverage. The SBInet procurement now under review by the
department includes specific provisions to address the act.
And finally, to address the emerging challenges of liquid-
based explosives, the department issued an RFI for recommended
technology approaches with SAFETY Act coverage addressed as
part of that RFI.
We expect the next few months will yield even more progress
on the acquisition regulations, process clarity, aligning the
SAFETY Act needs with other agency procurements, training, and
this important streamlined application kit.
We look forward to continuing to work with the DHS and the
Congress in achieving these important objectives. Thank you for
your time and attention today. And of course, I would be happy
to answer any question you might have.
[The statement of Mr. Soloway follows:]
Prepared Statement of Stan Soloway
Chairman Rogers and Chairman Reichert, members of the
Subcommittees, thank you for the invitation to testify on the
implementation of the ``Support Antiterrorism by Fostering Effective
Technologies (SAFETY) Act, part of Title VIII of the Homeland Security
Act of 2002 (P.L. 107-296). My name is Stan Soloway, president of the
Professional Services Council (PSC). PSC is the leading national trade
association of the government professional and technical services
industry. PSC's more than 200 member companies represent small, medium,
and large businesses that provide the full range of services to all
federal agencies, including information technology, engineering,
logistics, operations and maintenance, consulting, international
development, scientific, environmental services, and more. Many of our
member companies have applied for coverage under the Act or are
planning to do so.
As you know, the SAFETY Act provides incentives for the development
and deployment of anti-terrorism technologies by creating a system of
risk management and litigation management. PSC and our member companies
were involved in the congressional action leading to the enactment of
the SAFETY Act and we have been actively working on the implementation
since then. Significant progress has been made in the last few months
to bring the SAFETY Act forward and we compliment the Department of
Homeland Security staff, in particular the leadership from the General
Counsels' Office and the Office of the Chief Procurement Officer,
particularly for bringing us to this point. More work remains to be
done, however, and PSC plans to offer our expertise and support to
build on the progress that has been made.
I have divided my testimony into four parts: the regulatory
foundation, the application kit, DHS staff support for the SAFETY Act,
and addressing the procurement process.
The Regulatory Foundation
On June 8, 2006, the Department published the final rule
implementing the Act,\1\ replacing an interim rule issued in October
2003.\2\ While PSC recognized the challenges facing the new Department
in implementing the SAFETY Act, we were critical of many elements of
the interim regulations. We commented extensively on those interim
regulations,\3\ and urged the Department to address numerous issues as
it developed their final regulations. We are very pleased that, in the
final regulations, the Department addressed most of the concerns we
raised. As the background statement accompanying the final regulation
noted:
---------------------------------------------------------------------------
\1\ 71 F.R. 33147, et seq. (June 8, 2006).
\2\ 68 F.R. 59684, et. seq. (October 16, 2003).
\3\ See PSC comments on the interim rule, available at: http://
www.pscouncil.org/pdfs/ITAA-PSC%20IFR%20Comments.pdf .
---------------------------------------------------------------------------
The SAFETY Act program is now in its third year, and the
Department has a substantial record of program performance to
evaluate. While the Department concludes that the Department's
core legal interpretation of the Act's provisions are
fundamentally sound, experience in administering the program
has demonstrated that certain of the procedural processes built
to administer the Act can be improved.\4\
---------------------------------------------------------------------------
\4\ 71 F.R. 33148 (June 8, 2006), column 1.
---------------------------------------------------------------------------
When the final regulations were issued, we said then and reiterate
today that they were a critical step forward and give clear guidance to
Department of Homeland Security officials, other government agencies
and the companies that are encouraged to promote the development and
deployment of anti-terrorism technologies.
There are several provisions of the final rule that bear mention
and we particularly support. The Department has been consistently
clear, and reasserted in this final rule, that services are fully
covered by the Act and are eligible for SAFETY Act coverage.'' \5\ The
Department has restated its intent to assert ``appropriate exemptions''
to protect proprietary information submitted by companies during the
application process,\6\ although we hope that the Department would be
forthcoming with broad statistical information about the program, such
as how many applications have been received and how many rejected,
without disclosing applicant names or even technologies being
addressed. The Department has clarified the scope of its SAFETY Act
coverage by allowing for ``Block Designations'' and ``Block
Certifications'' for groups of technologies,\7\ and creating a new
category of coverage--Developmental Testing and Evaluation (DT&E)--with
limited SAFETY Act coverage, that should facilitate the deployment of
promising anti-terrorism technologies in the field either for test and
evaluation purposes or in response to exigent circumstances.\8\
---------------------------------------------------------------------------
\5\ See 71 F.R. 33154 (June 8, 2006) column 2.
\6\ See 71 F.R. 33151 (June 8, 2006) column 2 and Section 25.10 of
the final regulations.
\7\ See 71 F.R. 33156 (June 8, 2006) column 3 and Section 25.9(j)
of the final regulations.
\8\See 71 F.R. 33156 (June 8, 2006) column 2 and Section 25.4(f) of
the final regulations.
---------------------------------------------------------------------------
But as the program continues to be a work in progress, so too are
these final regulations. In fact, as part of this final rule, the
Department has specifically asked for comments on how the Department
can and should address changes in insurance availability\9\ and on the
operation of the new DT&E designations.\10\ PSC is developing comments
on these two elements of the final regulations and anticipates
submitting them to the Department in the near future.
---------------------------------------------------------------------------
\9\ See 71 F.R. 33149 (June 8, 2006) column 2.
\10\ See 71 F.R. 33156 (June 8, 2006) column 3.
---------------------------------------------------------------------------
At the same time, there are additional steps for the Department to
take, such as issuing the streamlined application kit, so that
companies can take full advantage of the new flexibilities and address
the relationship to federal and other procurement opportunities.
Another issue that needs further discussion about implementation, but
probably not more SAFETY Act regulations, is the relationship between
the SAFETY Act and the extraordinary contractual relief available for
federal procurement opportunities under P.L. 85-804.\11\
---------------------------------------------------------------------------
\11\ See 71 F.R. 33154 (June 8, 2006) column 3.
The Application Kit
On August 16, 2006, the Department issued the revised application
kit to implement the final rule.\12\ Even though the Department has not
yet received the necessary information collection approval from OMB for
the new kit, the Department is directing new applicants to exclusively
use the new application kit; applicants who registered with the
Department prior to August 16 may continue to use the earlier version
of the application kit.
---------------------------------------------------------------------------
\12\ Available at: https://www.safetyact.gov/DHS/SActHome.nsf/
23158AD7D420AEDB852571C70056BE33/$FILE/
Application%20Kit%20Version%202.pdf .
---------------------------------------------------------------------------
We have reviewed this new application kit and intend to submit
comments to both the Office of Management and Budget and the Department
on the updated application kit by the October 16 deadline for the
submission of comments. By and large, we support the new kit. In our
view, it is consistent with the June 2006 final rule and includes
relevant application forms for the new Block Designation, Block
Certification, and DT&E designation. This kit is more user-friendly
than the December 2004 version; \13\ it addresses further the concerns
PSC raised to the Department and OMB's Office of Information and
Regulatory Affairs on February 10, 2005 about that earlier version of
the kit, particularly with respect to the quantity of highly
proprietary financial information required of applicants.\14\
---------------------------------------------------------------------------
\13\ See 69 F.R. 72207 (December 13, 2004).
\14\ See PSC February 10, 2005 letter to DHS and OIRA, available
at: http://www.pscouncil.org/pdfs/SAFETYActApplication2-10-05.pdf .
---------------------------------------------------------------------------
Yet there are still some lingering concerns even with this kit. To
be sure the application forms are clearer and more logically arranged
and this will be a benefit to applicants. The amount of financial
information that is required with the initial application appears to be
minimized. But we do not believe that the request for information under
this kit will be significantly less than the amount of information
previously required. In fact, new to this version of the application
for Designation under Chapter 4 of the kit, is the instruction relating
to past sales and ongoing procurements; it requires that an applicant
``attach a copy of any request for proposal or broad agency
announcement that led to the award and a copy of the applicant's final
proposal and statement of work.'' \15\ In addition, while there is more
information on how to properly and fully complete the application
forms, we believe that the new kit places tougher standards for the
Department to find an applicant complete.
---------------------------------------------------------------------------
\15\ See the Instructions for Designation D6.2 at page 34-35.
---------------------------------------------------------------------------
Furthermore, we requested and expected a significantly streamlined
application kit, particularly when seeking to match the application
process with an on-going federal procurement. On September 6, 2005, PSC
and four other associations jointly developed and submitted to DHS
former Under Secretary McQueary, a proposed streamlined application kit
and instructions.\16\ In this 2006 version of the application kit, the
Department makes a reference to a streamlined application process in
connection with Block Designations,\17\ but we do not view that single
reference in one section as meeting our expectation.
---------------------------------------------------------------------------
\16\ See September 6, 2005 Joint letter from PSC, Aerospace
Industries Association, Information Technology Association of America,
National Defense Industrial Association and U.S. Chamber, available at:
http://www.pscouncil.org/pdfs/McQuearySAFETYActKitLetter.pdf .
\17\ See the Chapter 7 Block Designation Application at page 67.
---------------------------------------------------------------------------
We look forward to further discussions with the Department on our
comments on this kit and moving toward a true streamlined application
process.
DHS staff support for the SAFETY Act
On a related matter, we strongly recommend that the Department
continue to provide the necessary infrastructure support for the Office
of SAFETY Act Implementation (OSAI) and its activities. Our members
have appreciated the responsiveness of the OSAI, Science and Technology
(S&T) and General Counsels' offices to requests for information and to
processing applications. We would hope that, in the near future, the
OSAI would have a permanent director and be staffed with a sufficient
number of federal employees to handle the expected increase in requests
for information, growth in applications, and demands for being a
resource to other federal agencies who need information on the Act and
its processes, particularly in relationship to planned or on-going
procurements.
Addressing the Procurement Processes
The SAFETY Act protections are relevant only when applied to a
specific anti-terrorism technology. Thus, the relationship between the
SAFETY Act and the procurement of those technologies is critical.
Certain aspects of that relationship vest in the SAFETY Act
regulations; other aspects must be addressed in the federal procurement
regulations. Still other provisions must be covered in the procurement
processes of other purchasers--state, local, or commercial.
Through September 6, 2006, the Department has already issued 62
Certifications and 22 Designations.\18\
---------------------------------------------------------------------------
\18\ See SAFETY Act website: https://www.safetyact.gov/, last
visited on September 6, 2006.
---------------------------------------------------------------------------
To its credit, the June 2006 final SAFETY Act regulations recognize
the importance of aligning the SAFETY Act process with planned and on-
going federal procurement and the procurement processes of others.\19\
For example, these final rules establish a flexible approach for
coordinating consideration of a SAFETY Act application with the
procurement process by allowing a government agency to seek a
preliminary ``Pre-Qualification Designation Notice'' with respect to a
technology to be procured, stating that the technology to be procured
either affirmatively or presumptively satisfies the technical criteria
necessary to qualify under the Act.\20\ The regulations provide that
selected vendors chosen to provide the technology will receive
expedited review of their application for designation, be deemed to
have satisfied the technical criteria for SAFETY Act Designation with
respect to that technology, and be authorized to submit a streamlined
application as set forth in the pre-qualification designation
notice.\21\ We strongly support this approach. Even though the
information required to be submitted would vary on a case-by-case
basis, we strongly recommend that this Pre-Qualification Designation
Notice be incorporated into the application kit instead of being
totally outside it.
---------------------------------------------------------------------------
\19\ See 71 F.R. 33156 (June 8, 2006) column 1.
\20\ See 71 F.R. 33163 (June 8, 2006) column 3 and Section 25.6(g)
of the final regulations.
\21\ See the ``Pre-Qualification Designation Notice on
www.safetyact.gov. Section 25.6(g)(4)(iii) of the regulations provides
that the Pre-Qualification Designation Notice will provide a list of
the portions of the application information in Section 25.6(a) that the
selected vendor(s) must complete and submit in order to obtain
Designation.
---------------------------------------------------------------------------
In addition, the final regulations addressed the deference due to
other federal or state regulatory or procurement officials.\22\ As the
background information and the regulations provide, the level of
deference due to other government officials will depend on the nature
of such officials' review.
---------------------------------------------------------------------------
\22\ See 71 F.R. 33157 (June 8, 2006) column 2 and Section
25.4(viii) of the final regulations.
---------------------------------------------------------------------------
Beyond the SAFETY Act regulations, we have long asserted that
companion regulatory coverage must be included in the Federal
Acquisition Regulation and, if necessary, in the Department's own
Homeland Security Acquisition Regulations. For example, when the
Department published its interim acquisition regulation on December 4,
2003, PSC's written comments on that rule specifically noted the
absence of any SAFETY Act coverage applicable to the Department's own
procurement.\23\ In the Department's May 2, 2006 final acquisition
regulations, the Department acknowledged that SAFETY Act coverage is
appropriate and will be considered when the Federal Acquisition
Regulation is issued.\24\
---------------------------------------------------------------------------
\23\ See PSC comment on the DHS interim procurement regulations,
available at: http://www.pscouncil.org/pdfs/ITAA-
PSC%20IFR%20Comments.pdf .
\24\ See 71 F.R. 25759;65 (May 2, 2006)..
---------------------------------------------------------------------------
We do not yet know the status or content of the Federal Acquisition
Regulations (FAR). In 2003, PSC and other organizations wrote to the
Office of Federal Procurement Policy urging the FAR Council to develop
and publish for comment the necessary government-wide acquisition
policy regulations. The FAR Council established a case number but took
no action on the rule, awaiting the final SAFETY Act regulations. The
FAR Council closed the prior case without action, but on August 23,
2006 opened a new case number (2006-023) based on the strawman draft
submitted by the Department's Chief Procurement Officer.\25\ This is an
important next step to fully effectuate the SAFETY Act. Once the FAR
rule is in place (or even pending that final rule), it may be necessary
or appropriate to supplement the FAR with coverage in the Department's
own acquisition regulation.
---------------------------------------------------------------------------
\25\ See FAR Council Status of Cases, available at http://
www.acq.osd.mil/dpap/dars/opencases/farcasenum/far.pdf, as of September
1, 2006.
---------------------------------------------------------------------------
Once the final acquisition regulations are in place, the next
critical step is to provide necessary training to the federal
acquisition workforce and others. We believe both the DHS acquisition
staff and the OSAI staff recognize the importance of such training and
have indicated a willingness to initiate that training at the earliest
opportunity. PSC, and I am sure my colleagues at the other associations
that we have worked in partnership with over the years on the SAFETY
Act, will offer our assistance wherever appropriate.
Fortunately, the Department has not waited for the final rule or
for the acquisition regulations to begin applying the SAFETY Act
protections to its own significant procurements. For example, the three
DNDO Advanced Spectroscopic Program (ASP) awards that the Department
made earlier this year include SAFETY Act coverage. The significant
SBI.net procurement now under review by the Department includes
specific provisions to address SAFETY Act coverage. Finally, to address
the emerging challenges of liquid-based explosives, the Department
issued a Request for Information for recommended technology approaches,
with SAFETY Act coverage addressed as part of it.\26\
---------------------------------------------------------------------------
\26\ See liquid explosive RFI available at: http://www.fbo.gov/spg/
DHS/OCPO/DHS-OCPO/HSHQDC%2DBAA%2D06%2D00063/SynopsisP.html, last
visited September 7, 2006.
---------------------------------------------------------------------------
Regrettably, we do not have any visibility into the application of
SAFETY Act coverage in other federal agency procurements. Even less
visibility exists on the extent to which the SAFETY Act has been used
in state, local or commercial applications. However, since the
Department makes significant grants to first responders and state and
local governments for a wide range of homeland security matters, we can
well envision that many of the products and services acquired with
these grant funds would be interested in and eligible for SAFETY Act
coverage. We encourage the Department to share with the Congress and
the public the extent to which the SAFETY Act is being used in these
circumstances.
Conclusion
Mr. Chairmen, it has been almost four years since the Congress took
the significant step in the Homeland Security Act to enact the SAFETY
Act. In our view, the law is intended to be a ``gas pedal'' that is
designed to accelerate the deployment of anti-terrorism technologies;
the procedural issues relating to the SAFETY Act should not be a
``brake'' on the applicant. Over the past three years, we have seen
interim regulations, and now a final rule, preliminary and then an
interim and now a final application kit, and other related
implementation actions. Those early SAFETY Act applicants helped test
the process and the information required to be submitted to assist the
Department in deciding appropriate coverage. We have significantly
advanced that process in the last few weeks with the final regulation
and application kit. Hopefully, over the next few months, we will see
the final Federal Acquisition Regulation and any related DHS
acquisition regulation coverage. Simultaneously, critical procurements
are taking place where the SAFETY Act coverage could be the difference
in a successful procurement.
PSC has been involved in the SAFETY Act process from the beginning
and we intend to remain active in the future to make the process clear
and its utilization as robust as possible. We particularly appreciate
this Committee's bipartisan attention to the Act and to the
Department's administration of the Act. Unquestionably your interest
has helped to move this process forward.
Thank you again for opportunity to testify. I would be pleased to
respond to any questions you have.
STATEMENT REQUIRED BY HOUSE RULES
In compliance with House Rules and the request of the Subcommittee,
in the current fiscal year or in the two previous fiscal years, neither
I nor the professional Services Council, a non-profit 501(c)(6)
corporation,has received any federal grant, sub-grant, contract or
subcontract from any federal agency.
Mr. Reichert. Thank you, Mr. Soloway.
The chair recognizes Mr. Finch, who heads the homeland
security practice for the law firm of Dickstein Shapiro LLP to
testify.
STATEMENT OF BRIAN FINCH, ESQ., DICKSTEIN SHAPIRO LLP
Mr. Finch. Thank you, Mr. Chairman. Chairman Rogers,
Chairman Reichert, Ranking Member Meek, Ranking Member Pascrell
and other distinguished members of the subcommittees, it is an
honor to appear before you today to discuss my experiences with
the SAFETY Act.
My name is Brian Finch, and I am the head of the homeland
security practice group at the D.C. law firm Dickstein Shapiro.
While I am here in my personal capacity, I am delighted to
share with you my experiences over the past 3 years with the
SAFETY Act.
I have helped prepare dozens of applications, including
many of those that were the first approved. I have seen pretty
much every type of application submitted to DHS, and I have
helped companies of all sizes file applications.
While it has not always been an easy process, it is my firm
belief that DHS has made great strides to make the SAFETY Act
process easier and more efficient.
Some of my SAFETY Act application experiences: As a
starting point, this committee must understand that applicants
must give DHS the sufficient information needed to make a
determination that the technology at issue is, in fact, safe,
effective and useful.
In my experience, however, what constitutes sufficient
information has varied significantly. For some, a few dozen
pages of documentation is sufficient, while for others a
blizzard of information is not enough.
Also, there have been at times unnecessary additional
requests for information that have often led to applications
being held up for several months beyond the 150-day initial
decision time frame.
For example, in one application we stated to DHS that guard
dogs could detect thousands of different smells. In response,
DHS asked us to provide a list of those thousands of smells.
That seems excessive.
Applicant distress over the process has come about in part
because at times there seems to be a significant disconnect
between the senior management of DHS and the implementation
staff. This disconnect can result in unnecessary delays and
frustrations.
While it does not represent the majority, my experiences--
and I do, in fact, applaud the work of the SAFETY Act office--I
would be remiss if I did not mention these experiences.
The final rule and revised application kit. Although it has
been fairly well covered, I believe there are a few elements of
the final rule and the new application kit that are especially
noteworthy.
Prequalification. The final rule spells out a
prequalification designation process that should be warmly
welcomed. Under the final rule, federal, state and local
government customers are now armed with a way to ensure that
potential vendors will, in fact, receive SAFETY Act coverage.
Other changes to the application kit. The new kit is
greatly simplified and adds useful new sections that recognize
the importance of antiterror deployments to all governments as
well as commercial entities.
DHS has gone to great lengths to provide a better vehicle
for requesting an expedited review. DHS has also reduced the
potential review time from 150 days to 120 days. And I applaud
the undersecretary's comments that he views 120 days as the
outside limit.
While there is always room for improvement, it should be
perfectly clear that the final rule and the new application kit
are, in fact, significant steps forward.
Suggestions for improvement. As DHS is aiming to create a
robust and user-friendly application process, I would suggest
some of the following improvements: Increased oversight by the
science and technology leadership.
It is unrealistic to expect that Secretary Chertoff's
senior staff can exert significant daily oversight over the
SAFETY Act program.
I would urge Undersecretary Admiral Cohen to assign a
senior member of his staff with the responsibility of being a
kind of SAFETY Act ombudsman. This should be someone who has
access to DHS policy makers and has the ability to interact
regularly with the SAFETY Act office to ensure that policy
decisions are, in fact, translated into action.
Better utilization of the SAFETY Act inside and outside of
the federal government. Homeland security is not the sole
responsibility of the Department of Homeland Security. Many
other members of the federal family, including the Department
of Defense, Health and Human Services, Department of
Agriculture, all play a vital role in defending the nation.
DHS should do its part to help ensure that other federal
agencies understand the SAFETY Act and how it can be best
utilized to our nation's advantage.
DHS should also use the National Infrastructure Protection
Plan, or the NIPP, as much as possible, as it itself explicitly
encourages the use of SAFETY Act-approved products to help
protect the nation's critical infrastructure and key resources.
Given that the NIPP is the DHS blueprint for protecting the
nation's critical infrastructure in partnership with the
private sector, that encouragement makes plain sense.
Allow for better-defined marketing of SAFETY Act approvals.
Driven by concerns about the misuse of its seal, DHS has barred
its use in conjunction with the promoting of SAFETY Act
approval.
I would ask the department to create a special logo that
only SAFETY Act-approved technologies and services could use.
There is ample precedent for such a logo--the USDA's national
organic program comes to mind--and it would go a long way to
resolve what has become an unnecessary impediment to allowing
SAFETY Act-approved technologies to be better utilized.
This is important to note, because SAFETY Act-approved
technologies can, in fact, be used by any customer, including
private-sector customers.
And to Mr. Dicks's comments earlier, I have seen a number
of applications that are intended to be used solely by the
private sector and helped get those through the review process.
Better-defined time frames. No one is still quite sure what
it means to receive an expedited review. DHS needs to give
applicants a better sense of what exactly an expedited review
means so they can better plan in the application process.
Despite the bumps in the road, from my perspective, the
SAFETY Act program is one of the stars of the Department of
Homeland Security. There are still improvements to be made, but
I believe that we are now in the realm of fine-tuning and not
major overhauls when it comes to the SAFETY Act.
That concludes my prepared remarks, and I am delighted to
answer any questions.
[The statement of Mr. Finch follows:]
Prepared Statement of Brian E. Finch
Chairman Rogers, Chairman Reichert, Ranking Member Meek, Ranking
Member Pascrell, and other distinguished members of the Subcomittees,
it is an honor to appear before you today to discuss my experiences in
assisting applicants in obtaining liability protections under the
Support Anti-Terrorism By Fostering Effective Technology Act of 2002
(the SAFETY Act).
My name is Brian Finch, and I am counsel at the law firm Dickstein
Shapiro LLP, where I also serve as the head of the firm's Homeland
Security Practice Group. While I am here in my personal capacity, I am
delighted to share with you my many experiences over the past three
years with the SAFETY Act. It has not always been an easy process, and
there have been times of great frustration for both myself and the
companies that I have represented. However, it is my firm belief that
the SAFETY Act implementation process has been steadily improving and
that the Department of Homeland Security has made some great strides
over the past few years to make the process easier and more efficient.
Given the many challenges that DHS faces on a daily basis, it is my
opinion that DHS has given an extraordinary amount of attention to
improving the SAFETY Act process, and that it should ultimately be
commended for its efforts.
I have been involved in the SAFETY Act process for the better part
of the last three years. Over that time frame I have helped to draft
dozens of SAFETY Act applications, including the very first two
applications to receive Certification and Designation under the SAFETY
Act. I have helped prepare a wide variety of applications. I have for
instance helped draft applications for non-intrusive detection devices,
explosive detection equipment, decision support software, maintenance
services, systems integration services, vaccines, and vulnerability
assessment methodologies to name but a few.
The size of companies for which I have provided SAFETY Act
assistance has ranged from the exceptionally large to small ventures
generating just a few million dollars annually. I am currently working
with well over a dozen companies that have applications in various
stages of review, and those companies range from large defense
conglomerates to smaller security contractors, as well as trade
associations.
Experiences With SAFETY Act Application Review Procedures
With that wide range of clients and applications, I have
encountered any number of scenarios in the SAFETY Act application
process. My involvement typically starts with the decision making
process on what applications to submit all the way through to
counseling on ways to utilize the receipt of a SAFETY Act approval. I
have handled some very straightforward applications that passed through
review with relative ease, and I have been involved in some
applications that entailed painstaking reviews and immense amounts of
effort. This has allowed to me see both patterns and aberrations in the
review process.
In that vein, I would like to start with my basic views about the
SAFETY Act application process. As I inform all potential applicants,
the process will involve some significant thought and effort as we must
present to the Department a thorough overview of the technology or
service in question. Applicants have a responsibility to present
evidence demonstrating that their technology is safe, effective, and
has a usefulness as anti-terror technology. At the same time, they must
be aware that the Department has a responsibility to conduct a fair and
meaningful review. DHS must have at its disposal sufficient information
to make a determination that technology or service at issue is in fact
safe, effective, and useful.
In my experience, what constitutes ``sufficient information'' has
over the past three years varied significantly and been somewhat of a
mystery. Some applications have moved swiftly through the review
process with dozens of pages of documentation. Others have submitted
literally thousands of pages of backup documentation, and yet
applicants will receive numerous additional requests for information.
These additional requests for information have often led to
applications being held for several months beyond the 150 day decision
timeframe.
The applicants who have run into the continued requests for
information or have had their applications under review for months
beyond the prescribed timeline are the ones that typically talk about
the SAFETY Act process being akin to a ``mini-FDA'' process. Based on
my work, I can say that the application review process has at times
been unnecessarily involved. While the majority of my application
experiences have not been negative, there certainly have been occasions
where the level of documentation requested and the delays in the
process could be deemed excessive. For example, one application
informed DHS that guard dogs--including those used by the applicant--
could detect over 20,000 different smells. In response, DHS asked us to
provide proof of that statement, including a list of the 20,000 smells.
That seemed excessive.
Given the number of applications where I have been involved, I have
grown accustomed to those types of information requests and can warn
applicants about the level of detail that must be provided. Clients who
are not used to that experience, however, are more than a little
surprised and frankly disappointed by how much information must be
provided. Applicants are always quite willing to provide the
information needed as they are committed to successfully pursuing
coverage, but at the same time they are baffled as to why DHS would
demand so much information. That, if anything, has been the source of
much consternation.
Part of that distress has come about in part because at times there
seems to be a significant disconnect between the senior management of
DHS and the implementation staff. While DHS leadership has always
seemed to have grasped the importance of a smooth running SAFETY Act
application process, that message seems not to always flow down
consistently to the implementers and the reviewers. Instead of a
unified theme of quick and efficient reviews of applications one is
left with the impression that review staff are more committed to
microscopic reviews of applications, leading to reviews getting bogged
by details of an application. This results in unnecessary delays and
frustration at the process.
Again, this does not represent the majority of my experiences.
Indeed for most applications I have encountered personnel at all levels
that are committed to the success of the SAFETY Act program and who
would like to see applications succeed. I generally applaud the efforts
of the DHS staff at all levels. However, I would be remiss if I did not
mention that the heightened scrutiny of applications has occurred on
more than one occasion and has led some applicants to express
significant frustrations.
Despite the less than perfect experiences, I have found that an
ever increasing number of companies are willing to pursue SAFETY Act
protections. While the pace of approvals was generally considered to be
slow, the recent uptick in the number of approved technologies has
galvanized a number of companies to start the process. Even more
important is the fact that we are starting to see an increasing number
of customers who have decided that potential vendors should have either
obtained or be seeking SAFETY Act approval. The fact that customers
have recognized that SAFETY Act coverage is a valuable tool and
accordingly believe it that they should be using SAFETY Act approved
products and/or services is a strong indicator that the process is
working. If there were no value in it, no would even think twice about
it--particularly on the customer side.
I should also note that when the SAFETY Act was first brought
online, a strong misperception existed that it would apply only to
cutting edge ``widgets,'' and not existing solutions or services
generally. This misperception, which existed despite the best efforts
of DHS, in my opinion contributed to the relatively small number of
applicants at the beginning of the process.
To its credit, DHS has invested significant energy to dispel those
myths. A significant number of approvals have been issued to service
providers, and issuing those approvals has proven to be the best remedy
for any concerns about the potential breadth of approvals that can be
issued. And I would like to particularly note that DHS has gone out of
its way to help ensure that applications encompassing less obvious but
vitally important anti-terror services received a fair review.
These applications, which include engineering services, security
guidelines, and professional certification programs, may not have the
visceral appeal of an explosive trace detection device or an anthrax
detector, but they play just as an important part of the nation's anti-
terror efforts as any other widget or service. DHS should be lauded for
such approvals because it will make it easier to attract similar
innovative applications.
THE FINAL RULE AND REVISED APPLICATION KIT
Ever since the Interim Final Rule and the initial Application Kit
were released in the Fall of 2003, industry and commentators have been
pointing out its flaws and asking when they would be supplemented or
replaced. After years of questions and promises of ``imminent''
release, DHS finally released both the Final Rule and a Revised
Application Kit this last summer.
DHS itself admits these documents are not the final say on all
things SAFETY Act, which is both appropriate and welcome. Yet before
the inevitable discussion begins about how both the Final Rule and the
new Kit go far enough, I would like to note to the Committees what I
believe are several very welcome new developments. While both the Final
Rule and the Kit contain many improvements, I believe the following are
especially noteworthy:
Pre-Qualification of Procurements: Since the SAFETY Act was
enacted, potential applicants have been searching for ways to
better ensure a guarantee that if they submitted a bid on a
particular procurement they would obtain SAFETY Act coverage.
Many procurement officials (particularly those outside of DHS),
in light of the lack of an official vehicle for doing so, could
do nothing more than offer to support an applicant's package to
do DHS. While such support is always welcome, no one had the
confidence that it would be sufficient to ensure a particular
application's success. Under the Final Rule, customers are now
armed with a way to help ensure that potential vendors will in
fact receive SAFETY Act coverage. The Final Rule spells out a
``Pre-Qualification Designation Notice'' process that should be
warmly welcomed. Agencies now have a method by which they can
submit their potential procurement to DHS for review. If DHS
finds that the potential procurement would merit SAFETY Act
approval, vendors who are ultimately chosen to provide the
specified technology will receive an expedited review, either
affirmatively or presumptively be deemed to satisfy the
criteria for a SAFETY Act Designation, and can submit a
streamlined application. This is truly a step forward, as now
procuring agencies are armed with a methodology that will allow
them to guarantee SAFETY Act approval. That in turn should help
bring forward more potential vendors, increasing choice and the
potential that the proper technology will be deployed.
Developmental Testing & Evaluation Designations: In the
development phase of any technology, including those to be used
to combat terrorism, it is quite normal for an unfinished or
unproven product to be field tested or deployed in limited
circumstances. Such preliminary deployments are necessary in
order to finalize testing or verify the value of the
technology. In the context of anti-terror technologies such
deployments can be extremely problematic given that terrorist
activity could realistically occur during the deployment.
SAFETY Act protections would obviously be ideal to limit
liability concerns, but the Interim Final Rule did not
contemplate offering protections for such deployments. The
Final Rule has significantly addressed those concerns, however,
by creating a heretofore unavailable liability protection
method. DHS has made available a limited set of SAFETY Act
protections for technologies that are being developed, tested,
evaluated, modified or are otherwise being prepared for
deployment. The SAFETY Act protections offered under a
Developmental Testing & Evaluation (or DT&E) Designation will
last for no more than 36 months, shall apply only to limited
deployments, and could have other restrictions imposed as
determined by the Under Secretary for Science & Technology.
While a DT&E Designation is far more limited than a full SAFETY
Act Designation or Certification, it provides a measure of
liability protection that otherwise was not available. Given
that many technologies need an operational deployment in order
to be finalized, this category of application will allow such
deployments to proceed without fear of crushing liability.
Changes to the Application Kit: One of the more regularly
maligned facets of the process has been the SAFETY Act
Application Kit. The initial version of the Kit was criticized
by many as confusing, overly repetitive, and lacking guidance
on what it would take to receive an ``expedited review''. The
new Kit addresses many of those concerns. First and foremost,
DHS has drastically toned down the ``Pre-Application'' section
of the Kit. Applicants no longer have to fill out a confusing
form that often resulted in grand misconceptions about a
particular technology. DHS now makes clear that a Pre-
Application consultation is strictly voluntary, and has gone to
great lengths to make that process easier for potential
applicants to undertake. DHS has also added a section asking
directly what entities have been procuring the technology in
question. Importantly included in that section are categories
for commercial organizations and foreign governments. That
inclusion recognizes the importance of anti-terror deployments
not only to Federal, state and local governments but also to
foreign governments and commercial entities, all of whom are
vital partners in the fight against terrorism. DHS has also
gone to great lengths to provide a better vehicle for
requesting an expedited review. A specific section has been set
up to address this issue, which should make it easier for an
applicant to explain what pressing deadlines they are facing
and why DHS should issue a decision in less time than typically
required. In that vein DHS has also reduced the potential
review time from 150 to 120 days.
While there are many other changes in the Final Rule and
Application Kit that could be discussed, it should be sufficient to
note that the Department has gone a long way to address many of the
concerns expressed by applicants. There will always be room for
improvement, as discussed in part below, but one should be absolutely
clear that the Final Rule and Kit represent significant steps forward
and that the Department should be applauded for its actions.
SUGGESTIONS FOR IMPROVEMENTS TO THE SAFETY ACT PROCESS
Even in light of the great strides taken by the Department, there
are other steps it could undertake in order to ensure that the SAFETY
Act realizes its full potential. An overarching goal for the Department
should be to create a robust and user friendly process that is well
known inside and outside of the Department, and whose use is considered
a high priority by all entities. To that end, I would suggest the
following operational steps in order to better implement the SAFETY
Act.
Increased Oversight By Science & Technology Leadership
From the moment he was sworn in, Secretary Chertoff has made clear
that getting the SAFETY Act right was one of highest priorities. In
numerous speeches the Secretary has underscored the importance of the
Act and his commitment to improving the process. As a regular
participant in the SAFETY Act process, his dedication to the success of
the program has been plainly evident. This commitment has also been
demonstrated by a number of other DHS offices, including most
prominently the General Counsel's office.
However, as we are all aware, the SAFETY Act is not the only
priority for the Department. The very mission of the Department
requires it to be focused on any number of emergencies or emerging
threats at any given point. To a large extent that has resulted in an
unfortunately reality where the Department operates ``out of the in-
box,'' reacting to the crisis of the day. Because of that reality, it
is unrealistic to expect that senior staff in the General Counsel's
Office or in the Secretary's Office can exert significant oversight on
the SAFETY Act program.
A more appropriate level of oversight can be exerted however by the
Science & Technology Directorate, which is entrusted with administering
the SAFETY Act. The new S&T Under Secretary, Admiral Jay Cohen, is in a
prime position to strike a balance between the high level of policy
direction and operational supervision. Under Secretary Cohen has at his
disposal the personnel necessary to ensure that the policy directives
of the Department are properly implemented by the Office of SAFETY Act
Implementation (OSAI), including any contractor who conducts a review.
To date, no one person has been able to fill such a role, with the
result being an unfortunate disconnect between policy directives and
implementation. In order to bridge that gap, I would urge the Under
Secretary to assign a senior member of his S&T staff the responsibility
of being a kind of ``SAFETY Act Ombudsman,'' someone to who has access
to and can regularly interact with policy makers within the Department,
but at the same time has the ability to interact regularly with OSAI to
ensure that policy decisions are translated into action. The creation
of such a position, potentially within the Under Secretary's immediate
office, will significantly reduce the communication disconnect that
has, frankly, hindered progress for the SAFETY Act program.
Better utilization of the SAFETY Act inside and
outside of the Federal government
Homeland security as a mission is not the sole responsibility of
DHS. Numerous other members of the Federal family, ranging from the
Department of Defense to the Department of Health and Human Services as
well as the Department of Agriculture, all play a vital role in
defending the nation from terrorist threats. Because of the shared
responsibilities, each department procures its own anti-terror goods
and services and also helps promote their use on a state and local
level as well as in the private sector.
For those and many other reasons, DHS should do its part to help
ensure that other Federal agencies understand the SAFETY Act and how it
can be best utilized. This can take many forms, including encouraging
other Federal agencies to pre-qualify procurements for SAFETY Act
approval. For example, it makes plain sense to have the Department of
Defense utilize the SAFETY Act when procuring technologies to conduct
force protection operations at its facilities. Similarly the Department
of Health and Human Services should not be shy about promoting the use
of the SAFETY Act when procuring technologies and services that will be
used when a mass casualty event occurs. DHS should work with other
Federal agencies to encourage the use of SAFETY Act approved products
by private sector partners. This could take the form, for instance, of
the Department of Agriculture encouraging companies to use SAFETY Act
certified companies to perform security services in order to help
reduce the risk of agro-terrorism. The bottom line is that DHS should
work actively with other agencies involved in homeland security to
increase their knowledge and utilization of the SAFETY Act.
One vehicle in particular that DHS should use to promote the use of
the SAFETY Act outside of the Department itself is the National
Infrastructure Protection Plan (the ``NIPP''). The recently released
final version of the NIPP explicitly encouraged the use of the SAFETY
Act approved products to protect critical infrastructure and key
resources. This was a very smart move by the Department and should be
utilized as fully as possible. Given that the NIPP is the DHS blueprint
for not only protecting the nation's critical infrastructure but also
partnering with other Federal, state and local agencies as well as the
private sector to do so, it only makes sense to use that vehicle to
help promote the SAFETY Act. Protecting the nation's critical
infrastructure is a daunting and extremely expensive task, and helping
to ensure that SAFETY Act approved items are used will help mitigate
costs and provide a measure of assurance that properly vetted items are
being employed.
Allow for better defined marketing of SAFETY Act
approvals
One question that companies constantly face when they receive
SAFETY Act approval is how they advertise their hard won victory.
Initially DHS encouraged as much marketing as possible, including not
objecting to the use of the official DHS seal in materials promoting an
applicants receipt of SAFETY Act approval.
Over the past year DHS has altered that policy. Driven by major
concerns about the misappropriation of the DHS seal generally, the
Department has made clear that the official DHS seal may be used by
non-Federal agencies only in very limited circumstances. This means
that the use of the DHS seal in conjunction with promoting a SAFETY Act
approval is no longer permissible.
One can understand the Department's rationale in these
circumstances. It wants to control the use of its seal and wants to
avoid the appearance of endorsing a particular technology or service.
Neither are unrealistic motivations, but successful applicants should
be allowed some measure of latitude in promoting the receipt of SAFETY
Act protections. Currently many applicants are without significant
direction on how to appropriately market their SAFETY Act approval.
Recognizing that a core purpose of the SAFETY Act is to promote the
widespread deployment of anti-terror technologies, DHS should do what
it can to help encourage that goal. In order to strike a balance
between that objective and the Department's legitimate concern about
the misappropriation of the official DHS seal, I would ask the
Department to seriously consider the creation of a special logo that
only SAFETY Act approved technologies and services could utilize. There
is ample precedent for such a logo (including recently from the
Department of Agriculture's National Organic Program), and its use
would go a long way to resolve what has been an unnecessary impediment
to successful applicants.
Better define time frames for expedited reviews
Even after all the progress that has been made, one issue that
continues to be of concern for applicants relates to expedited reviews
of SAFETY Act applications. More specifically, no one is quite sure
what it means to receive an ``expedited'' review. For some time the
Department has maintained that if an application is granted an
expedited review, it means that it will be moved to the top of the
review pile. However, knowing that the number of applications received
is still fairly low, and given the tendency of reviews to get mired in
details, that has offered little comfort to applicants.
If, as the Department predicts, there will soon be a significant
upswing the number of applications received, receiving a high priority
review will likely be more meaningful. Similarly, the reduction by 30
days of the amount of time DHS is given to conduct a review (assuming
the DHS does not grant itself numerous extensions, as it has been known
to do) could be helpful here. However, there are still going to be
times when parties could be significantly aided with a start to finish
time frame that runs closer to 60 days than 120. DHS certainly needs
and must be given time to conduct a meaningful review of an
application, but it also needs to give applicants a better sense of
what exactly an expedited application means. This could take the form
of agreeing upon a target date for an decision to be issued or window
in which an application should be returned.
CONCLUSION
Chairman Rogers, Chairman Reichert, Ranking Member Meek, Ranking
Member Pascrell, and other distinguished Members of the Subcomittees,
from my perspective the SAFETY Act program is one of the shining stars
of the Department of Homeland Security. Its implementation has not
always been the smoothest, and there are still improvements to be made,
but on the whole I firmly believe that the Department should be
applauded for the hard work it has put in to the program. I feel
comfortable in stating that DHS has addressed many of the pressing
concerns that legitimately faced applicants, and we are now in the
realm of fine tuning and not major overhauls when it comes to the
SAFETY Act.
This concludes my prepared remarks. I am delighted to answer any
questions.
Mr. Reichert. Thank you, Mr. Finch.
The chair recognizes our last witness today, Mr. David
Bodenheimer, who is a partner at the law firm of Crowell &
Moring here in Washington, D.C.
STATEMENT OF DAVID BODENHEIMER, ESQ., CROWELL & MORING LLP
Mr. Bodenheimer. Thank you. Mr. Chairman and members of the
committee, I thank you for holding these hearings today on the
SAFETY Act implementation on the fifth anniversary of September
11th. We all appreciate the vital role of the SAFETY Act in
unleashing lifesaving technology to protect us against
terrorism.
I am David Bodenheimer, a partner in the law firm of
Crowell & Moring here in Washington, D.C., where I specialize
in government contracts and have a particular passion for
homeland security and the SAFETY Act, about which I have been
busy lecturing, writing, advising clients and co-chairing the
American Bar Association homeland security committee. I appear
today in my personal capacity, and my comments are my own.
This year Secretary Chertoff and his team have made great
strides in implementing the SAFETY Act. However, the terrorists
are not resting, and neither can we.
The SAFETY Act has a very clear congressional purpose,
saving lives through antiterrorism technology. With the same
urgency that we mobilized the industrial base for World War II,
we need to supercharge the SAFETY Act so that we can build the
world's greatest arsenal of technology against terrorism.
I would like to summarize four points from my testimony.
Number one, we must assure the confidentiality of SAFETY
Act data. DHS agreed that successful implementation of the
SAFETY Act depends upon protecting trade secrets. To do so, DHS
must have a sound information security program.
Industry concerns expressed during the 2003 hearings have
been magnified by some hard knocks this year on DHS information
security, including failing scores on the FISMA report, delays
in appointing the assistant secretary for cybersecurity and
continuing criticisms by OMB, GAO and the DHS inspector
general.
Quite simply, the capability and credibility of DHS
commitments to protect SAFETY Act data hinge upon a robust
information security program.
In addition, DHS must issue confidentiality procedures
promised in 2003, procedures addressing the who, what, when,
where and how of data protection, who can see the SAFETY Act
data, what controls protect that data, and how will DHS enforce
the rules.
As the focal point for the security of cyberspace, DHS
should showcase its leadership role by establishing best
practices for guarding the most valuable technologies and
secrets of SAFETY Act applicants.
Number two, we must encourage development of breakthrough
technologies. The new rules recognize that new and developing
technologies may indeed qualify for SAFETY Act coverage, but
these items have been given second-class status, burdened with
limitations on use and deployment, approvals terminable at will
by DHS and restrictions on the duration of coverage generally
to 36 months.
These rules send the wrong message. We must encourage
breakthrough technologies revolutionizing the war on terror.
Just stopping terrorist attacks with conventional bombs does
not make us safer when the terrorists have moved on to common
household products to build bombs in midair.
Thus, the DHS rules should welcome both developmental and
breakthrough technologies so there will be no penalty to
companies submitting breakthrough technologies for review and
approval.
Number three, we must assure the full duration of SAFETY
Act protection. The DHS rule imposes a mandatory sunset period
upon approved antiterrorism technology, thus requiring renewal
every 5 years to 8 years.
The DHS mandatory sunset period cannot be squared with the
express terms or purpose of the SAFETY Act. Indeed, the SAFETY
Act offers protections without any term limits, consistent with
the statutory purpose of encouraging more technology more
rapidly to our front line defenses.
Number four, we must establish an appeals process. An
appeals process is consistent with the legislative intent
favoring liberal approval, not rejection, of liability
protection for antiterrorism technology.
In addition, an appeals process is the rule, not the
exception, in the federal arena for everything from
pharmaceuticals and pesticides to federal contract awards. The
right time for an approvals process is now, not after a
terrorist incident causes us to regret the unavailability of a
technology.
Thank you for your time. I welcome your questions.
[The statement of Mr. Bodenheimer follows:]
Prepared Statement of David Z. Bodenheimer
Introduction
Mr. Chairmen and Members of the Committee. Thank you for holding
these hearings today on the Department of Homeland Security's
implementation of the Support Anti-terrorism by Fostering Effective
Technologies Act of 2002 (SAFETY Act). On the fifth anniversary of
September 11th, we all understand and appreciate the vital role of the
SAFETY Act in unleashing our technology to combat terrorism and protect
the Homeland.
I am David Bodenheimer, a partner in the law firm of Crowell &
Moring LLP in Washington, DC where I specialize in Government Contracts
and Homeland Security. As part of this practice, I have advised
clients, published articles, and lectured extensively on Homeland
Security and SAFETY Act matters. In addition, I serve as Co-Chair of
the ABA Science and Technology Section's Special Committee on Homeland
Security. However, I appear before your Committee today in my personal
capacity and the views that I express are my own.
This year, Secretary Chertoff and his team at the Department of
Homeland Security (DHS) have made real progress in implementing the
SAFETY Act by issuing final regulations in June, revising the
application procedures in August, and approving SAFETY Act technologies
at a more rapid pace. DHS deserves praise for these advances that bring
the SAFETY Act closer to realizing its potential to expedite the
development and deployment of anti-terrorism technology. However, the
terrorists are not resting and neither can we. More remains to be done
to better align the DHS implementation of the SAFETY Act with the
Congressional intent to accelerate the availability of anti-terrorism
technology by providing statutory protection from liability lawsuits
arising out of terrorist acts. As discussed below, implementation of
the SAFETY Act would benefit from the following enhancements:
Assuring the Confidentiality of SAFETY Act Data
Encouraging the Development of Breakthrough
Technologies
Synchronizing Procurements and SAFETY Act Approvals
Extending the Duration of SAFETY Act Protection
Establishing an Appeals Process
The SAFETY Act's Purpose to Promote Anti-Terrorism Technology
The DHS implementation of the SAFETY Act must be measured against
the statutory purpose established by Congress. The SAFETY Act has a
purpose that is both simple and clear--save lives through anti-
terrorism technology. To clear the path for such technology to move
from the drawing board to the ``Nation's front-line defense,'' Congress
created protections against liability lawsuits:
The Select Committee [on Homeland Security] believes that
technological innovation is the Nation's front-line defense
against the terrorist threat. Unfortunately, the Nation's
products liability system threatens to keep important new
technologies from the market where they could protect our
citizens. In order to ensure that these important technologies
are available, the Select Committee believes that it is
important to adopt a narrow set of liability protections for
manufacturers of these important technologies.\1\
* * *
Briefly, the SAFETY Act ensures that U.S. companies will be
able to develop and provide vital anti-terrorism technologies
to help prevent or respond to terrorist attacks--without the
threat of crippling lawsuits.\2\
This purpose rests upon a fundamental, Congressionally recognized
premise--anti-terrorism technology is essential to Homeland defense.\3\
Quite simply, we cannot secure over 100,000 miles of land and sea
borders--much less our cyber borders--merely with guns, guards, and
gates.\4\ Only with technology can we tackle the gargantuan tasks of
defending our vast borders and infrastructure against terrorism, while
maintaining the flow of commerce, as mandated by the Homeland Security
Act of 2002. Pub. L. No. 107-296, Sec. 402(8), 116 Stat. 2178.
Consequently, the appropriate question is whether the DHS
implementation of the SAFETY Act fully and effectively serves this
objective of fostering more anti-terrorism technology, more quickly,
and more efficiently for Homeland Security.
In its final rule, DHS recognizes the purpose underlying the SAFETY
Act: ``The purpose of this rule is to facilitate and promote the
development and deployment of anti-terrorism technologies that will
save lives.'' 71 FED. REG. 33147 (June 8, 2006). While both the DHS
final rule and revised application kit represent considerable
improvements over their predecessors, further revisions must be made to
assure that neither the spectre of crippling liability lawsuits nor the
hurdles of the DHS review process foreclose or delay our access to the
most robust arsenal of anti-terrorism tools.
DHS Enhancements for Opening the Anti-Terrorism Technology Pipeline
The following enhancements would serve the SAFETY Act's purpose by
encouraging more companies to accelerate the pace of bringing the
widest array of technology to our battle against terrorism.
Assuring the Confidentiality of SAFETY Act Applications & Data
In its earliest proposed rules on the SAFETY Act, DHS acknowledged
``that successful implementation of the Act requires that applicants'
intellectual property interests and trade secrets remain protected in
the application process and beyond.'' 68 FED. REG. 41423 (July 11,
2003). In the latest rules, DHS has taken commendable steps to maintain
the confidentiality of SAFETY Act application data by: (1) treating
``the entirety of the application'' as ``confidential under appropriate
law''; (2) recognizing the applicability of various trade secret laws
to the application information; and (3) committing to ``utilize all
appropriate exemptions from the Freedom of Information Act.'' 71 FED.
REG. 33151, Sec. N and 33168, Sec. 25.10 (2006). However, DHS needs to
take additional steps to assure SAFETY Act applicants that their most
valuable technologies and secrets will be secure. Two key steps are:
(1) establish a sound information security program; and (2) provide
transparency and controls for any sharing of SAFETY Act data.
Information Security Program. A sound information security program
is critical to avoid disincentives for companies to share SAFETY Act
data about their most valuable technologies with DHS.\5\ The new rules
encourage electronic applications, but still do not address the
concerns raised during the 2003 hearings on SAFETY Act implementation:
We are also concerned that the Department has not clearly
identified how it specifically will protect this sensitive
proprietary data from unauthorized disclosure or dissemination
. . . . While ITAA will certainly be the first to support and
embrace the power of the Internet to enhance and transform
business processes, the Internet is still an open system and is
vulnerable to breaches. We are concerned that there is no
mention of a comprehensive management plan to secure the
systems over which data will be transmitted, policies and
procedures applicable to DHS personnel operating and having
access to the system, or details on the technological
approaches the Department will take to secure the data provided
by applicants. We urge the Department to work with industry to
develop and implement a comprehensive plan to secure the data
and network over which this highly sensitive, proprietary
information will flow.\6\
These concerns have been magnified by cybersecurity issues that
continue to challenge DHS, including: (1) failing scores on information
security for the past two years on the Federal Information Security
Management Act (FISMA) report card; \7\ (2) continuing delays in
filling the Assistant Secretary for Cybersecurity position; \8\ and (3)
various information security concerns identified by the Office of
Management and Budget (OMB), GAO and the DHS Inspector General.\9\
While the SAFETY Act regulations include DHS commitments to protect the
confidentiality of applicant data, DHS needs to roll out a FISMA-
compliant information security program built around the standards
published by OMB and the National Institute of Standards and Technology
(NIST).\10\ With sound information security, DHS can better achieve the
SAFETY Act purpose of encouraging more applicants to offer a broader
array of technology due to their confidence that DHS will protect their
confidential data.
Transparency & Controls for Information Sharing. In 2003, the
interim SAFETY Act regulations stated that DHS ``shall establish
confidentiality protocols for maintenance and use of information
submitted to the Department under the SAFETY Act and this part.'' 68
FED. REG. 59703, Sec. 25.8 (2003). The final SAFETY Act regulations
offer little more transparency or detail, stating that DHS ``shall
establish confidentiality procedures for safeguarding, maintenance and
use of information submitted to the Department under this part.'' 71
FED. REG. 33168, Sec. 25.10(a) (2006).\11\ These latest SAFETY Act
regulations do not address industry concerns lingering from the 2003
SAFETY Act hearings regarding with whom DHS may share data, under what
conditions, and with what controls in place. In both their testimony to
Congress and comments to DHS, the major industry trade associations
requested greater transparency and protection:
The regulations should require DHS in every instance to provide
advance notification to the submitter when considering whether
to disclose SAFETY Act information to third parties, give the
submitter the right to refuse to agree to disclosure of the
information, and to seek judicial review of any decision to
disclose the information before such disclosure is made.\12\
As the ``focal point for the security of cyberspace'' under
Homeland Security Presidential Directive (HSPD) 7 (Dec. 7, 2003), DHS
can demonstrate its leadership role in this area by establishing ``best
practices'' for guarding the confidential information of SAFETY Act
applicants. In particular, DHS should adopt SAFETY Act regulations that
not only incorporate the industry requests above (notice, consent, and
review), but should also include technical and management controls
(e.g., digital audits and watermarks) capable of tracking who received
the data, which recipients signed non-disclosure agreements, what
copies have been made, and when audits and training have been
conducted. By publishing and implementing such rules governing SAFETY
Act data, DHS will greatly enhance both its capability and credibility
to protect this confidential information.
Encouraging Development of Breakthrough Technologies
The new regulations properly recognize the eligibility of
developmental technology (i.e., technology that is being developed,
tested, evaluated, modified or is otherwise being prepared for
deployment'') for SAFETY Act protection. 71 FED. REG. 33161,
Sec. 25.4(f) and 33156, Sec. R (2006). However, these regulations and
new Application Kit appear to establish an undue preference for
existing technologies. At least six times, the Application Kit repeats
the following statement emphasizing past or current sales as a critical
factor in the approval process: ``It may be very important and could
significantly expedite your application if your Technology has been
acquired or utilized (or is subject to an ongoing procurement) by the
military, a Federal agency, or a state, local or foreign government
entity.'' Application Kit at 21, 23, 27, 34, 35, 40 (July 2006). More
worrisome, the new regulations create a second-class status for
developmental technologies, imposing ``limitations on the use and
deployment'' of such items, making approval ``terminable at-will'' by
DHS, and generally restricting the duration of the designation
(``presumptively not longer than 36 months''). 71 FED. REG. 33156,
Sec. R (2006).
The new SAFETY Act regulations and Application Kit send the wrong
message, and create the wrong incentives, for companies building the
anti-terrorism arsenal. Due to the heightened uncertainties in the
SAFETY Act approval process for such breakthroughs, companies have
greater incentive to invest their research dollars in anti-terrorism
technology ready to be fielded now, rather than in breakthrough
technologies that may revolutionize the war against terror. We cannot
afford to focus the SAFETY Act approvals solely upon today's
technologies (i.e., detecting conventional explosives) when the
terrorists have moved on to nail polish and peroxide to build bombs in
mid-air.\13\ Furthermore, approvals burdened with ``limitations'' and
``terminable at-will'' conditions undermine the certainty needed to
foster new anti-terrorism technologies, as the DHS rules acknowledge:
``The Department is aware of this concern and understands that
undependable or uncertain liability protections would not have the
desired effect of fostering the deployment of anti-terrorism
technologies.'' 71 FED. REG. 33152, Sec. D (2006). As the purpose of
the SAFETY Act is to provide ``critical incentives for the development
and deployment of anti-terrorism technologies'' (71 FED. REG. 33147
(2006) (emphasis added)), development of such technologies should not
be shortchanged.
In any event, the effort to distinguish between developmental and
existing technologies may be illusory, as most technologies have
elements of both:
For example, many solutions evolve and cannot be completely
defined or fixed in advance. It is therefore important to
provide coverage when systems design, for instance, is part of
the contract performance.\14\
Indeed, nearly all of the major Homeland Security programs include
ongoing, evolutionary design and development work in parallel with
other program activities.15 As the president of one trade association
explained, companies need to know during the design phase whether
SAFETY Act protection is available:
It is important that the regulations provide for QATT
protection when systems design is part of the required contract
performance. In the absence of such protection, Sellers may be
unwilling to proceed.\16\
Thus, the DHS regulations and Application Kit should make clear
that the SAFETY Act approval process will welcome both developmental
and existing anti-terrorism technology and that companies will not be
penalized in the application process for presenting breakthrough
technologies for review and approval.
Synchronizing Procurements and SAFETY Act Approvals
In its latest regulations, DHS ``recognizes the need to align
consideration of SAFETY Act applications and the government procurement
process more closely.'' 71 FED. REG. 33156, Sec. P (2006). In addition,
DHS has identified several procedures that should assist in
accomplishing this objective, including (1) the option for agencies to
seek ``a preliminary determination of SAFETY Act applicability,'' (2)
the use of ``Block Designation or Block Certification,'' and (3) the
potential that DHS ``may expedite SAFETY Act review for technologies
subject to ongoing procurement processes.'' 71 FED. REG. 33156, Sec. P
(2006). These procedures represent positive steps towards the critical
objective of synchronizing procurements and SAFETY Act approvals.
However, more needs to be done, as discussed below.
For companies selling anti-terrorism technology, the parallel track
of procurements and SAFETY approvals presents substantial risks and
uncertainties:
Disqualification: Company is disqualified because it
conditioned its bid upon receiving timely SAFETY Act approval;
Delay: Company receives award prior to SAFETY Act
approval, thus ``betting the company'' during the interim; or
Default: Company receives contract award--but not
SAFETY Act approval--forcing company either to default or to
perform at risk.
According to an NDIA survey, ``25 percent of the respondents had
`no bid' over 50 procurements because the company would be unable to
obtain SAFETY Act protection in time for the procurement.'' \17\ While
such ``no bid'' actions may be less common with the accelerated pace of
SAFETY Act approvals, the risk of losing opportunities for major
technological advancements and breakthroughs must be carefully weighed
in light of the purpose of the SAFETY Act.
In particular, DHS can foster the development and deployment of
anti-terrorism technology by accepting the risk of delayed SAFETY Act
approval. For example, DHS could offer indemnification under Public Law
No. 85-804 or authorize bids contingent upon SAFETY Act approval.\18\
By shouldering approval risks that fall almost entirely within its
control, DHS would expand the field of competition and the array of
anti-terrorism technologies available to both DHS and the public.
In addition, the approval process should benefit from a new
position for a SAFETY Act technology advocate tasked with breaking
bottlenecks, resolving impasses, and expediting critical applications.
Such a technology advocate would reduce the risk of approval delays
that plagued a similar process in the 1960's and 1970's when a small
part of the Food & Drug Administration (FDA) review staff occasionally
delayed life-saving drugs with excessive information demands.\19\ In
addition, a SAFETY Act technology advocate would help DHS to avoid the
type of pitfalls encountered by the pharmaceutical industry when the
FDA review staff found it easier to deny, than approve,
applications.\20\ With this technology advocate, the DHS objective
would be directly aligned with Congressional intent that the SAFETY Act
``Support'' and ``Foster'' anti-terrorism technologies to save lives.
Extending the Duration of SAFETY Act Protection
Without identifying any support in the statute itself, the DHS
final rule imposes a mandatory sunset period upon approved anti-
terrorism technology, thus requiring renewal every ``five to eight
years'' to maintain protection. 6 C.F.R. 25.6(f), (h); 71 FED. REG.
33163-4 (2006). Since the time that DHS initially proposed this ``five
to eight year'' period in 2003, industry consistently opposed it.\21\
DHS seeks to justify this rule based upon the assumption that the
approval depends upon factors such as ``a specific threat environment,
the nature and cost of available insurance, and other factors all of
which are subject to change.'' 71 FED. REG. 33155, Sec. N (2006).
However, the factual basis for this assumption is unclear, as some
technologies--like blast-proof glass and bomb-sniffing dogs--will
change at glacial paces, if at all. If either the technology or the
insurance requirements change, the DHS rules already impose reporting
requirements that assure continued DHS supervision. 6 C.F.R.
Sec. Sec. 25.5(g), (h), 25.6(l), 71 FED. REG. 33162, 33165 (2006). If
the threat environment changes, new technologies will replace the old.
Thus, this agency-imposed restriction on the statute appears neither
justified nor necessary.
In any event, the DHS mandatory sunset period cannot be squared
with the express terms or purpose of the SAFETY Act. First, the SAFETY
Act establishes statutory protections without any term limits. For
example, the Act states that ``No punitive damages . . . may be
awarded,'' rather than that ``No punitive damages . . . may be awarded
for five to eight years.'' 6 U.S.C. Sec. 442(b)(1). If Congress
intended to limit the duration of statutory protections, the SAFETY Act
surely would have said so. Second, the limited shelf-life for approved
technologies will create a bow wave of renewals in five to eight years,
burdening industry and DHS alike with paperwork and distracting both
from the more important task of seeking and approving new technologies.
Unless the review is a mere formality (in which case it is
unnecessary), the additional burden and risk undermine the incentives
for technology investments. Accordingly, the DHS renewal requirement
runs counter to the statutory purpose of encouraging and facilitating
the development and deployment of more technology more quickly.
Establishing an Appeals Process
Even for an arbitrary or unreasonable denial of a SAFETY Act
application, the DHS rules cut off any opportunity for an
administrative or judicial appeal. 6 C.F.R. Sec. 25.9(c)(2), 71 FED.
REG. 33167 (2006) (``Under Secretary's decision shall be final and not
subject to review''). Instead, DHS suggests that an ``interactive
process'' in which an applicant may ``provide supplemental information
and address issues'' is ``sufficient recourse.'' 71 FED. REG. 33155
Sec. O (2006). Since 2003 when DHS proposed an ``interactive process''
without any appeal, the major trade associations expressed the need for
an appeals process.\22\
This DHS policy of unreviewable denials is contrary to legislative
intent favoring liberal approval, not rejection, of liability
protection for anti-terrorism technology: ``it is Congress' hope and
intent that the Secretary will use the necessary latitude to make this
list as broad and inclusive as possible, so as to insure that the
maximum amount of protective technology and services become
available.'' 23 Furthermore, this ``no appeal'' policy sends the wrong
message, shielding the DHS reviewers from scrutiny or accountability
for denying applications and discouraging companies from pursuing
applications that may be denied without recourse. Finally, while DHS
has accelerated the pace of approvals in the past year under Secretary
Chertoff's leadership, the DHS rules do not include any procedural
safeguards that would prevent a return to the period when DHS approved
just six technologies in sixteen months.\24\ Given the SAFETY Act's
purpose to ``save lives'' through technology (71 FED. REG. 33147
(2006)), the right time for an appeals process is now, not after a
terrorist incident causes us to regret the unavailability of a
technology that could have protected us.
In the federal realm of agency actions, administrative or judicial
review is the rule, not the exception. More than 50 years ago, agencies
contended that rejection of a contractor's bid was too discretionary
for external review, but the Court of Claims disagreed, instead
recognizing a disappointed bidder's right to judicial review for breach
of an agency's implied duty ``to give fair and impartial
consideration'' to bid and proposal submissions. Heyer Prods. Co. v.
United States, 135 Ct. Cl. 63, 69 (1956). In addition, agencies
themselves have acknowledged the need for administrative or judicial
review by establishing procedures for appeals and protests for
everything from pesticides and pharmaceuticals to radio frequency (RF)
devices and federal contract awards.\25\ For SAFETY Act anti-terrorism
technology designed to save lives, the case for a review or appeals
process is at least equally compelling--if not more so.
Conclusion
Under Secretary Chertoff's leadership, DHS should be commended for
bringing the SAFETY Act much closer to achieving its statutory purpose.
With additional enhancements described above, the SAFETY Act can reach
its full potential of facilitating the development and deployment of
technologies essential to our fight against terrorism. I am available
to answer your questions.
Endnotes
\1\ H.R. REP. NO. 107-609, Pt. 1, at 118 (July 24, 2002).
\2\ 148 CONG. REC. E2079 (daily ed. Nov. 15, 2002) (statement of
Rep. Armey).
\3\ Border Technology: Keeping Terrorists Out of the United States:
Hearing Before the Senate Subcomm. on Terrorism, Technology & Homeland
Security and Subcomm. on Immigration, Border Security and Citizenship
of the Comm. on the Judiciary, 108th Cong., 1st Sess. 1-8 (Mar. 12,
2003) (statement of Sen. Kyl: ``people can't possibly patrol the entire
area, and therefore we are going to have to continue to enhance the
application of technology'') (statement of Sen. Feinstein: ``technology
is not the sole answer . . . but it is an essential element'');
(statement of Sen. Kennedy: ``We know that a great deal more has to be
done in this area not only in getting the best technology, but also
having it interoperable'').
\4\ ``The old security paradigm in this country of guns, gates, and
guards is changing fast. And technology is going to replace it all.''
Fiscal Year 2004 Homeland Security Appropriations: Hearings Before
House Subcomm. on Homeland Security of Comm. on Appropriations, 108th
Cong., 1st Sess. (Mar. 20, 2003) (statement of Rep. Wamp).
\5\ With respect to critical infrastructure information, the
Government Accountability Office (GAO) has documented instances in
which industry does not share information with DHS due to concerns
about ``potential release of sensitive information'' and uncertainty
about how such information ``will be used or protected from
disclosure.'' GAO, Critical Infrastructure Protection: Challenges in
Addressing Cybersecurity 14 (July 19, 2005) (GAO-05-827T).
\6\ Implementing the SAFETY Act: Advancing New Technologies for
Homeland Security: Hearings before House Comm. on Government Reform,
108th Cong., 1st Sess. 44 (statement of Mr. Miller) (hereinafter the
``2003 House SAFETY Act Hearings'').
\7\ Rep. Davis, ``No Computer System Left Behind: A Review of the
2005 Federal Computer Security Scorecards,'' House Comm. on Government
Reform (Mar. 16, 2006) (http://reform.house.gov/UploadedFiles/
TMD%20FISMA%2006%20Opener.pdf).
\8\ Krebs, ``A Year Later, Cybersecurity Post Still Vacant,''
Washington Post p. A21 (July 13, 2006); ``Democratic Senators, Industry
Coalitions Urge DHS to Fill Still Vacant Cyber-Chief Slot,'' BNA
Privacy Law Watch (July 14, 2006).
\9\ OMB, FY 2005 Report to Congress on Implementation of the
Federal Information Security Management Act of 2002 at 39 (Mar. 1,
2006) (43% of DHS systems certified and accredited; 52% of security
controls tested); id at 40 (DHS IG gave rating of ``Poor'' to DHS)
(http://www.whitehouse.gov/omb/inforeg/reports/
2005_fisma_report_to_congress.pdf); GAO, Critical Infrastructure
Protection: Challenges in Addressing Cybersecurity 9-10 (July 19, 2005)
(GAO-05-827T) (identification of DHS cybersecurity responsibilities and
problem areas).
\10\ OMB Circular No. A-130; OMB News Release, ``OMB Reinforces
Strict Adherence to Safeguard Standards'' (June 26, 2006); OMB Memo to
Department and Agency Heads, ``Protection of Sensitive Agency
Information'' (June 23, 2006) (M-06-16) (www.whitehouse.gov/omb/
memoranda/fy2006/m06-16.pdf); NIST Special Publication 800-53A (2nd
Public Draft) (Apr. 2006) (http://csrc.nist.gov/publications/
drafts.html#sp800-53-Rev1).
\11\ The DHS commitments to require non-disclosure agreements and
to check for potential conflicts of interest are not new, as both the
interim regulations in 2003 and the final regulations in 2006 address
these issues. 68 FED. REG. 59687 (2003); 71 FED. REG. 33151 (2006).
\12\ 2003 SAFETY Act Hearings 54 (statement of Mr. Miller); id. at
150 (comments of Information Technology Association of America (ITAA),
the Professional Services Council (PSC), the Aerospace Industries
Association (AIA), and National Association of Manufacturers (NAM).
\13\ ``Technology isn't available to detect potentially lethal
liquids hidden in sports drink bottles or other containers. The foiled
airline attack from the U.K. highlighted the merits of good
intelligence, which stopped the liquid bomb scheme before it reached a
critical point.'' Alva, ``Billions of Dollars Buy Tighter Security But
Work Remains,'' Investor's Business Daily A1 (Sept. 11, 2006).
\14\ 2003 House SAFETY Act Hearings 58 (statement of Mr. Soloway).
\15\ GAO, Homeland Security: Progress Continues, but Challenges
Remain on Department's Management of Information Technology 30-31 (Mar.
29, 2006) (GAO-06-598T) (discussing challenges relating to requirements
definition and development for major Homeland Security programs).
\16\ 2003 House SAFETY Act Hearings 65 (statement of Mr. Soloway).
\17\ NDIA and PSC letter to DHS Under Secretaries Hale and McQueary
dated Feb. 3, 2005.
\18\ For the Secure Border Initiative (SBI) Net program, the DHS
Request for Proposals specifically recognizes that the procurement
should be covered by the SAFETY Act, but warns offerors that
``Proposals in which pricing or any other term or condition is
contingent upon SAFETY Act protections of the proposed product(s) or
service(s) will not be considered for award.'' In a number of other
procurements, contractors have been disqualified for conditioning their
proposals upon SAFETY Act approval.
\19\ For example, in 1969, one FDA reviewing officer repeatedly
demanded more data on the efficacy of aspirin in preventing heart
attacks (including submission of all prior literature on aspirin),
ultimately forcing E. R. Squibb & Sons, Inc. to abandon the research
initiative. Wardell, ``Rx: More Regulation or Better Therapies?''
Regulation at 25-6 (Sept.-Oct. 1979). Five years later, studies by the
National Institute of Health (NIH) confirmed substantial reductions in
heart attacks attributable to aspirin, thus demonstrating the costs of
unnecessary delays in the drug approval process. Id.; see also Elwood &
Sweetnam, ``Aspirin and Secondary Mortality After Myocardial
Infarction,'' The Lancet 1313 (1979).
\20\ The former FDA Commissioner described the incentives for FDA
staff to take ``negative action on new drug applications'' as
``intense'' during the late 1960's. Grabowski, Drug Regulation and
Innovation 76 (quoting speech by former FDA Commissioner Schmidt before
the National Press Club in Washington, DC on Oct. 29, 1974).
\21\ DHS does not explain why ``five to eight years'' represents an
appropriate period of time. During hearings in 2003, the president of
the ITAA objected to the ``arbitrary timeframe for designation,''
adding alternatively that ``we also believe that the timeframe should
be extended to a minimum of 10 years--if not substantially longer--
which is more consistent with the effective dates of long-term services
agreements and more realistically reflects the length of time necessary
to develop and implement complex systems and services.'' 2003 House
SAFETY Act Hearings 48 (statement of Mr. Miller). Similarly, the PSC
president testified that ``there is no public policy reason to impose
any fixed period of time on the useful life of the Designation period
of a QATT [qualified anti-terrorism technology]. Indeed, in some cases,
a contract performance period can extend beyond five or eight years.''
Id. at 65 (statement of Mr. Soloway).
\22\ 2003 House SAFETY Act Hearings 55 (statement of Mr. Miller).
In comments on the DHS proposed regulations in 2003, the ITAA, PSC,
AIA, and NAM all requested an appeals process. Id. at 149.
\23\ 148 CONG. REC. E2080 (daily ed. Nov. 15, 2002) (statement of
Rep. Armey).
\24\ ``Shortly after being sworn in, Secretary of Homeland Security
Michael Chertoff stated: `There is more opportunity, much more
opportunity, to take advantage of this important law, and we are going
to do that.' '' 71 FED. REG. 33148 (2006). During the earlier phase of
SAFETY Act implementation ``from October 2003 to February 2005, six
technologies were designated Qualified Anti-Terrorism Technologies
under the SAFETY Act.'' Id.
\25\ C.F.R. Sec. 152.118(e) (2006) (right to hearing for denial of
application for insecticide, fungicide or rodenticide); 47 C.F.R.
Sec. Sec. 1.106, 1.115 (2006) (petition for reconsideration by Federal
Communications Commission (FCC) staff or for review by the FCC
Commissioners for denial of RF equipment authorization); 21 C.F.R.
Sec. Sec. 201,235 (2006) (hearing or judicial review for denial of a
new drug application); Federal Acquisition Regulation (FAR) Sec. 33.103
(agency review and alternative dispute procedures for disappointed
bidders for federal contracts).
Mr. Reichert. Thank you, Mr. Bodenheimer.
I will first go to Ms. Jackson-Lee for her questions.
Ms. Jackson-Lee. Thank you very much.
And I do appreciate the witnesses and thank you for your
understanding of our schedule. I want to raise a concern that
looms over the heads of the traveling public.
Obviously, the recent finds or discoveries, if you will,
law enforcement--a combination of intelligence authorities just
the past couple of weeks with the British busting of a
potential terrorist act.
That then sent, of course, the summer travel schedule
spinning, as well as the thoughts and minds of travelers, and
then, of course, the determination decisions that have to be
made by the industry.
You have a traveling public that now is forbidden from
taking toothpaste onto their carriers on the basis of safety.
But certainly, as Americans and many times as travelers, we are
used to convenience.
That is an element, if you will, for technology, either how
you detect it, how you use the sophistication of the screening
system to ensure that you are able to secure but also that you
are able to provide the traveling public with the conveniences
that they understand and expect, not deflecting the importance
of homeland security.
So let me ask Mr. Bodenheimer, because you mentioned the
words best practices, you mentioned breakthrough,
developmental, et cetera, which are words that are music to me,
what is thwarting this new department and the SAFETY Act to do
meaningful technology and research? That is something that we
need.
We are being delayed and detained. So let me just pose that
question to you, and I don't know if you reviewed the
department structure, but you have heard Secretary Cohen. What
more do we need to do?
And this is urgent. And I would imagine that the traveling
public--but America believes that homeland security and
technology is urgent. What do we need to do? I yield to the
gentleman.
Mr. Bodenheimer. I fully agree with you that this, in fact,
is urgent. We are talking about not only lifesaving technology
but, as you point out, technology which will provide the flow
of commerce so that we don't choke our economy through lacking
the type of technologies to keep us not only safe but also
economically viable.
I think DHS needs to put the resources in here as a top
priority. I believe that in terms of staffing they need not
only additional staffing but, in addition, a lack of turnover.
One of the comments that I have heard is when an
application goes in, you never know whether you are going to be
dealing with the same person today that you deal with tomorrow
and next time.
I believe that they need to bring in the necessary
expertise to be able to push the applications through rapidly.
I think they also need to take the steps of assuring
confidentiality of the information, of encouraging the
breakthrough technologies so that the message gets out to
industry that they know that they are welcome and they are
protected when they provide their information.
Ms. Jackson-Lee. Let me yield back to the distinguished--
unless there is someone desiring to--I will take a quick
response.
Mr. Howell. I think that one of the most interesting parts
of the reorganization plan that Vice Admiral Cohen has put
together is he has reoriented the Science and Technology
Directorate so that it serve the needs of its customers, its
customers as he has defined them in his reorganization plan as
being the directorates within DHS.
Therefore, he will be more responsive and directly
responsive to the needs of TSA and what it sees as the threats,
and therefore put science and technology research dollars
toward those threats. That was not the case prior to his
reorganization plan. We think that is critically important.
We also have or would argue that his additional set of
customers is the owners and operators of the critical
infrastructures and finding a way to integrate their needs,
their desires, their views on threats and research and
development priorities based on those threats is absolutely
essential.
And then once you have an understanding of the priorities
of both the public-and private-sector customers that he
responds to, have a SAFETY Act process that prioritizes and
expedites those is appropriate in our view.
Ms. Jackson-Lee. Thank you.
Mr. Soloway, I think you had--it looks like I am getting a
lot of--if I can get Mr. Soloway and if you can do yours in
seconds, and then Mr. Meldon. Thank you.
Mr. Soloway?
Mr. Soloway. Thank you, Ms. Jackson-Lee. I would just
suggest that in this discussion we can't divorce the discussion
of the S&T organization with sort of the broader procurement
regime of the federal government, which does involve Congress.
It does involve the Office of the Chief Procurement Officer.
And two quick analogies. In the Clinton administration I
served in the Defense Department in a senior acquisition
position, and one of our great challenges was opening up our
acquisition processes to cutting-edge technologies, be they
very small firms out in the hinterlands or very large firms who
would not do business with the government because of so many of
the unique rules and requirements that we layered on them.
More recently, in the aftermath of Katrina, I traveled to
Mississippi with Mr. Thompson to talk to four or five dozen
small businesses in his district that wanted to participate in
the cleanup process. And we spent a whole half day with them
walking through all of the requirements associated with doing
government contracting.
So part of this is an organizational challenge for S&T.
Part of it, I think, is a broader discussion of do we have the
right procurement regime in place to attract those firms in a
way that they can afford to do business with the U.S.
government. And that would involve the Congress as well as the
department.
Ms. Jackson-Lee. Thank you, Mr. Soloway.
Mr. Meldon?
Mr. Meldon. I would add the following, Ms. Jackson-Lee.
Number one, I think that what needed to be done was done. I.e.,
once the problem was identified, there was a sense of urgency
and industry responded. Remember, industry is also part of this
equation, as is the Department of Homeland Security.
Number two is that in Undersecretary Cohen's remarks, he
mentioned dual-use technology. We can't assume that we know
what the next terrorist's use of some technology for a benign
purpose is going to be for the wrong purpose.
Therefore, what industry is looking for from the department
is prioritization of future R&D development for dollars to be
spent on what the next threat is going to be.
Who would have imagined that a Coca-Cola or Gatorade could
be used to blow up an airplane, okay? Well, now we know. Now we
are responding. The government and industry is responding.
But how do you prioritize that? That is something that I
think needs to be considered.
Ms. Jackson-Lee. It is a good question to leave on,
Chairman Reichert. Thank you very much for your indulgence.
And on our side, let me simply say the word ``urgent''
should be the word resounding out of this room. And I think
there is some good instruction from these individuals on small
businesses, on cutting-edge technology, on industry.
And, Mr. Chairman, maybe we can work on getting this, I
guess, infant sector of the Homeland Security Department--
Secretary Cohen; we are glad he is there--to give priorities,
because I think that is going to be key.
We can't be constantly in the back side of the issue. We
have got to be in the front side. Now we are trying to find out
about Gatorade and Coca-Cola and everything else. I know all of
us would have hoped that maybe intelligence and otherwise could
have gotten us 6 months out at least. And how do we counter
these?
So I hope maybe this committee can help focus on that
priority.
Thank you, Mr. Chairman.
Mr. Reichert. Thank you, Ms. Jackson-Lee.
I want to maybe just make a couple of comments first before
I ask my questions. Maybe some of you know I was sheriff in
Seattle for a number of years, 33 years in law enforcement. My
last 8 years, I was the sheriff of King County in Seattle,
Washington.
Part of my duties, of course, was to come before the county
council--it was a 13-member committee--and testify. And every
now and then I would show up and there would be one or two
people sitting in the chair. And I would be a little bit
offended, because I thought what I had to say was important.
I just want to remind you that because you have two members
sitting here does not mean your testimony is not important.
This is critical for us to hear. Your testimony is critical.
The number of people sitting on the dais here doesn't apply
to the importance of your input.
One of the things that we have done in our subcommittee is
we have taken every statement by every witness, since I took
the chair of Science, and Technology, Emergency Preparedness
back in October of last year, and evaluated each one of those
statements as if I were investigating a murder case, looking
for commonalities positive, looking for commonalities negative.
And then you base your legislation upon the information
that you provide in your statements. So I don't want you to
leave here today thinking that your presence here was not
appreciated and is not important, because your testimony, your
statements, will all be reviewed and thoroughly examined so
that we can begin to work with you.
This isn't a job, as someone said in their testimony, just
for Homeland Security, but for a number of other departments,
and for businesses that you represent across this country and
for members of Congress. So all of us are in this together.
And since there are only two of us, I will take just a
little bit more time to say that I really understand this
progression of science, not because I have any real background
in science, but because in my experience in investigating one
of the most horrendous crimes ever committed in this country, a
series of murders in Seattle where 80 people were killed, and
we were able to convict someone for 50 of these murders. The
science was the key.
The science will be the key in homeland security. And I
know that the undersecretary is keenly aware of that and has
presented a plan.
But in 1982, having a Rolodex file, no computers, no
AFPIS--automated fingerprint identification system--no idea
that DNA was on the horizon, but only a blood type is what we
were looking for. And years later, DNA arrives and a
fingerprint identifying the man responsible for the death of at
least 80 people.
So we know where this is headed, and we know that we have
the right man in charge of this effort, and we know that we
have a great dedicated group of people like yourselves
representing businesses across this country involved in this
process.
So my first question is what is the most common criticism
you hear from businesses about the SAFETY Act. And anyone on
the panel can--what is the most common criticism? Is it the
process, the application process, or what is the most common
criticism?
Mr. Finch?
Mr. Finch. Mr. Chairman, I would say in my experience,
among the most normal criticisms that we get is that the
application process to date has been overly involved and has
required too much detail in terms of the amount of information
that must be provided.
Everybody understands the responsibility of the Department
of Homeland Security to conduct a meaningful review and to have
faith in its determination that the technology at issue is, in
fact, safe, effective and useful.
But over the past years, as I mention in my testimony, what
constitutes sufficient information has fluctuated up and down.
It has varied from application to application. If you submit
enough applications, you can see patterns. But if you are
relatively new to the process, it can catch you a little bit by
surprise.
And I think the department has taken that to heart, and I
believe Secretary Chertoff, from the moment he assumed his
position, understood that improvement needed to be made to the
process and that it had to be a quicker, leaner and more
efficient process. Not to say that it would be a rubber stamp;
nobody would ever expect that. Nobody would ever agree to that.
However, they do understand that it may not necessarily
require drilling down to the subatomic level on some of these
applications. Applicants sign their name to this application
saying that everything is truthful that is included. And if
they don't do that, then they suffer consequences at a later
date.
Mr. Reichert. Thank you.
Mr. Soloway?
Mr. Soloway. Yes, if I could just add on to that, and I
second Mr. Finch's comments, I think first of all the emergence
of the final rule has eliminated some of the more common
comments that we have had over the last several years.
But a number of us made reference in our comments to a
streamlined application kit. And I want to be clear--and I
think Mr. Finch made the point that no one is suggesting a
rubber stamp here, but leaving aside for a moment the amount of
information the department determines it needs, there is also a
staggering of timing of information.
How much does the department need at various stages of this
process? And to load it front end all the way oftentimes
requires levels and degrees of information that either you
can't even get at that moment, are not necessarily relevant to
that moment in time.
So part of the point of the application kit that this
coalition of groups created was really to define a staggering
so that you are not staggered at the very front end by this
total volume that you don't really need to get through that
level of process at that time.
So there is also a timing issue for the volume of
information as well as a definition of the total volume that
you need.
Mr. Reichert. Mr. Meldon?
Mr. Meldon. In keeping with your question about commonality
of themes, Mr. Reichert, I would say that as Undersecretary
Cohen mentioned in his remarks, there is a supposed 120-day to
150-day period by which these applications are to be reviewed
and passed on.
And the problem with that is that if the department comes
back with questions for the seller of the technology within 90
days or 100 days, the clock starts all over again, so it is not
a flat 120 days. It is a flat 120 days after the final
submission of all of the information that has been requested by
the department relative to the certification and designation of
the technology.
Mr. Reichert. Any other comments?
Mr. Bodenheimer?
Mr. Bodenheimer. It depends in part upon the size of the
business. One of the things that I have found is that the
small-and medium-sized businesses have been completely
terrified by the process of going through the application,
trying to comply with the regulation.
I still have heard from even the large businesses that the
new application demands a very large amount of information, and
they anticipate that the burden will not be substantially
lessened.
The most common complaint I hear from the large companies
is this issue of synchronizing the procurement process with the
SAFETY Act approval process that several of the panel members
have identified.
There are a number of companies who simply will not bid on
government procurements out of fear that they will not get the
SAFETY Act approval in time.
Mr. Reichert. Because of the length of the process and the
complications of the process, there is a cost involved to the
companies that are looking at completing the paperwork and
going through this process, besides the time of the employees
involved in trying to research and fill out the paperwork, is
that--
Mr. Bodenheimer. Yes. There is a huge burden in filling out
the applications. I believe Mr. Soloway in 2003 identified a
burden of about 1,000 hours to fill out the applications, and
some of the large businesses are telling me that still they
anticipate the burden will be in the same range.
Mr. Reichert. Mr. Finch?
Mr. Finch. I would like to comment on that a little bit,
again, given my experience in working with companies both
large, small and in between. Your experience depends on the
company you are dealing with.
I would say, actually, in a number of instances where I
have dealt with smaller companies, the process has actually
been somewhat easier for them, if for no reason other than they
are a little bit more nimble than the larger companies.
There is less people who retain the information that is
necessary for the SAFETY Act review process. So it can vary
from time to time and from company to company.
And you know, on a related note, when we were talking about
the marriage of procurement and the SAFETY Act, again, I think
it cannot be overstated that one of the great successes of the
new rule and the new application kit is this prequalification
process.
You talk about, you know, companies not willing to bid upon
a particular procurement because they are concerned they won't
get SAFETY Act approval. The department has heard that
criticism, heard it from some of the largest municipalities in
the country, who said we need these technologies, but we need
to also guarantee that they will receive SAFETY Act approval.
By virtue of the prequalification, there is now a process
in place to assure that whoever wins that particular
procurement--and it doesn't have to be a particular company; it
can be whoever wins, one of five companies, 10 companies, 15
companies that bids--they will be assured by virtue of the
prequalification process they will ultimately receive SAFETY
Act approval.
And that is an important aspect that I think cannot be
understated. And the department should, frankly, again, be
applauded for that.
Mr. Reichert. Thank you.
Any other comments?
Mr. Howell, in your testimony you remarked that DHS needs
to strengthen its procurement and acquisition process in order
to achieve coordination with antiterrorism procurements and the
SAFETY Act.
Do you have some performance metrics in mind?
Mr. Howell. Candidly, I think it comes down to the issue of
performance metrics. One of the largest challenges that I think
Ms. Duke and others in the DHS procurement office have
identified is coming up with effective performance metrics for
antiterrorism procurements.
One of the biggest challenges in measuring things like
responses to SBInet proposals is the lack of performance
metrics in that request for proposal.
It is designed to be a very open-ended process where
vendors come forward with unique solutions, yet at the same
time that creates a challenge. How does one define the efficacy
of a technology and therefore determine its efficacy in a
SAFETY Act review and as part of the procurement process?
And you know, a lot of it gets to the challenges that DHS
procurement officials face, and I would defer part of this to
Mr. Soloway, because he is much more expert in this area than I
am. But the procurement staff, as we all know--the sense of
urgency has been discussed here repeatedly.
There is an extraordinary sense of urgency in the DHS
procurement staff, in that they must perform probably under
compressed time frames from what they might otherwise be used
to in going through an orderly process of conducting market
research, planning a procurement strategically, building out
their performance metrics, and then actually putting their
procurement on the street.
All of those time frames are extraordinarily compressed,
and finding a way to incorporate liability issues and SAFETY
Act concerns in that process, I would argue, has been a
tremendous challenge, as has been the whole issue of
identifying performance metrics.
And I would invite Mr. Soloway to add some additional meat
onto those bones.
Mr. Soloway. I would just make two very quick comments.
Number one, I think performance metrics are critical, but I
don't think we can hold people accountable for performance
metrics until we give them the tools to meet the performance we
expect and are asking.
And that is really a training and education challenge for
the department, and I think the Congress can be very helpful
here.
Our office has worked with Mr. King and Mr. Thompson on
prospective legislation to help essentially close off or closet
off some funds to ensure that the office of procurement has
adequate funds to train its workforce, because, as you know, in
tight budgets, some of the first things to get cut are training
and travel.
So we have to give the people the tools first before we
hold them accountable, though I agree fully with Mr. Howell.
I think the second thing is to have a lot more engagement
between DHS and this committee and others so that as people are
trying to do things innovatively, particularly in a compressed
time frame, particularly when a new threat emerges and we need
action quickly, that we don't have a lot of after-the-fact
second-guessing when people have acted in good faith, whether
or not they have done everything absolutely right.
There can be mistakes made, and try to separate that out,
and so the workforce knows that it is supported both in their
department and on the Hill and elsewhere to be innovative and
go out and react quickly to challenges as they emerge.
Mr. Reichert. Well, I want to thank all of you for your
testimony today and your patience. And we have a short month of
work here, so everyone is running off to other hearings here
and there.
But I recognized a few things that I want to mention very
quickly. One, we are, I think, very encouraged that
communication that we talked about here today is in existence,
and people are working on that, and it is absolutely the key to
our success.
The undersecretary recognized that. As soon as he took
office, he opened communication with our staff on both sides
and personally sat down and had discussions with them. And I
know that he will be doing that with you if he hasn't done that
already, and he has been seated behind you the entire time
listening to your testimony.
So I think there is a lot of encouraging things happening
in our efforts.
The three things I hear that need to be improved upon,
though, certainly is the application process. We need to really
make sure that we encourage new technology and break through
those bureaucratic rules and regulations that hinder the
development of new technologies.
And, of course, the last thing we just talked about was the
acquisition process. And I know all of you are working hard on
that.
I certainly appreciate, again, you taking time to be here
today. Thank you all for your testimony.
And this hearing stands adjourned. Thank you.
[Whereupon, at 12:35 p.m., the subcommittees were
adjourned.]
A P P E N D I X
Questions from Representative Peter King for Elaine Duke Responses
Insurance Related Questions
1. The Department's August 15, 2006 revised Application, the
question is presented if insurance purchased for SAFETY Act claims can
be paid for non-Safety Act claims. Would the Department approve an
insurance program where the full liability limits could be exhausted by
non-SAFETY Act claims? If so, what insurance funds will be used for the
SAFETY Act claims?
Response: The issue of erosion of available insurance proceeds was
taken into consideration when an applicant's insurance program was
considered. It depended on the amount of insurance that was available
relative to the likelihood of claims associated with the deployment of
that technology. The Under Secretary of Science and Technology would
not allow erosion in which there is a small insurance policy associated
with the particular technology. If large corporate general liability
policies are pledged by the sellers, the tendency had been to allow
erosion of those large policies for non-SAFETY Act related claims. It
is our intention to move away from erosion to single non-erodable
limit.
2. In cases where the Department allows a company to self-insure
for certain technologies or services, will the amount of self-insurance
required be equal to the amount of insurance required? How will the
Department ensure that an applicant has the financial solvency to
fulfill its self-insurance commitment?
Response: In the event of self-insurance, the Department of
Homeland Security weighs a number of factors, including, non-transfer
of risk to an insurance company, cost of capital, financial health of
the company, company assets, management, etc. We also conduct a
benchmark analysis to determine the amount of insurance normally
carried by similar companies selling similar products or services.
Furthermore, we have subject matter experts conduct a `risk based'
analysis based upon the characteristics of the product or service
utilizing a standard template developed with the assistance of the
world's largest insurance broker. All of these factors are considered
in setting the appropriate amount of insurance. However, the use of
self-insurance is rare and never mandated.
The Department may require any company permitted to self-insure to
either obtain a financial instrument to guarantee coverage (e.g.,
letter of credit from a bank) a pledge of assets, or a certification
from the seller that it possesses sufficient assets to satisfy the
insurable amount. Because of the small number of cases in which there
has been self-insurance, it would be inappropriate to make broad
generalizations about the methods employed to ensure that the seller is
solvent. Each seller's situation is examined on a case by case basis.
The Department keeps abreast of available and affordable commercial
insurance products for the smaller applicants with low revenue, but
effective, anti-terrorism technologies. In these instances, the
Department will also require periodic reports from the applicant
concerning revenues from their SAFETY Act technology, so the Department
will be able to re-visit the insurance affordability issue over time.
3. Does the Department support ``self-insurance'' even if there is
SAFETY Act insurance available in the world market at prices that would
not unreasonably distort the sales price of the approved technology? In
what cases does the Department support such self-insurance?
Response: The Department will generally require applicants to
acquire (or maintain in force) a contract of insurance to satisfy the
insurance requirement, although the Department will entertain requests
to self-insure and allow self insurance on an exceptional basis. In the
event of self-insurance, the Department weighs a number of factors,
including, non-transfer of risk to an insurance company, cost of
capital, financial health of the company, company assets, management,
etc. We also conducted a benchmark analysis to determine the amount of
insurance normally carried by similar companies selling similar
products or services. Furthermore, we have subject matter experts
conduct a `risk based' analysis based upon the characteristics of the
product or service utilizing a standard template developed with the
assistance of the world's largest insurance broker. All of these
factors are considered in setting the appropriate amount of insurance.
4. If an insurance policy only provides terrorism coverage for acts
deemed to be a terrorist attack under the Terrorism Risk Insurance Act
(TRIA), does that policy qualify as ``sAFETY Act insurance'' under the
Department's interpretation of the Act; especially since the definition
of an Act of Terrorism is very different between the two laws?
Response: The Department of Homeland Security's practice has been
to accept a Terrorism Risk Insurance Act (TRIA)/Terrorism Risk
Insurance Extension Act (TRIEA) endorsement for acts of terrorism
without requiring a company to purchase additional insurance since that
requirement would most likely unreasonably distort the price of the
anti-terrorism technology. We are also sensitive to not require
insurance coverage that is not reasonably available on the worldwide
insurance markets.
The Department keeps abreast of sources of available insurance that
are affordable and which will provide an adequate level of protection
in the event a SAFETY Act technology is involved in a loss caused by an
act of terrorism.
Questions from Representative Mike Rogers (AL)
1. Can you please describe the training that procurement officials
receive about the SAFETY Act? Are there plans to revise such training
to reflect the recent changes? Response: The procurement community has
received and will continue to receive SAFETY Act training and guidance
through multiple venues, including formal briefings/training,
workshops, and on-line training.
Training accomplished thus far has included:
In 2005, Science and Technology (S&T) and the
Office of the Chief Procurement Officer (OCPO) prepared
and posted to the Defense Acquisition University (DAU)
virtual campus web site training material that provides
an overview of the SAFETY Act, including the vendor
application process.
In June 2006, in collaboration with S&T, the
OCPO briefed the heads for each of the eight DHS
contracting activities (HCA) on the SAFETY Act and the
procedures for implementing SAFETY Act considerations
into DHS procurements.
In August 2006, S&T and OCPO issued a joint memorandum
to the heads of the DHS HCAs, the component Offices of General
Counsel (OGC), and the DHS Program Management Council (PMC)
discussing the implementation of the SAFETY Act in acquisition
planning.
In September 2006, S&T and OCPO also briefed the DHS
Program Management Council on the SAFETY Act and related
processes and procedures. The Program Management Council is a
component of the Program Management Center of Excellence, which
works to develop the policies, procedures and other tool sets
needed for DHS Program Managers to succeed.
With the final publication of the SAFETY Act program rule, and the
development of a federal government-wide procurement regulation on the
SAFETY Act, future training plans include:
Familiarization training to acquaint DHS contracting
professionals on the SAFETY Act in general and how and when it
applies to DHS procurements.
Development and delivery of a workshop for the purpose
of developing a subject matter expert within each of the
contracting Components on the SAFETY Act and its application to
DHS procurements. The subject matter expert would then assist
contracting professionals within each Component on evaluating
the need for SAFETY Act coverage on applicable procurements and
the procedures for implanting coverage.
Development of an on-line training course that
provides just-in-time training to contracting professionals as
needed.
In addition to training, OCPO is currently working to further
revise the Department's current acquisition planning guide, which is
contained in the Homeland Security Acquisition Manual (HSAM) (a
document describing DHS' internal procurement policies and procedures)
to incorporate guidance and procedures on how to apply and implement
the SAFETY Act to applicable procurements. Last, OCPO is preparing a
source selection guide, which will also include information on the
SAFETY Act.
2. What specific procurement process changes has your office made
to ensure greater coordination between the SAFETY Act approval process
and the procurement process?
Response: To effectively integrate SAFETY Act considerations in the
procurement process, the OCPO works closely with S&T to facilitate open
communication and align processes. OCPO and S&T personnel collaborated
in developing a proposed FAR case to implement the SAFETY Act. They are
also developing a case for revising the Homeland Security Acquisition
Regulation (HSAR) to include DHS-specific policy related to SAFETY Act
implementation. OCPO personnel revised the Homeland Security
Acquisition Manual (HSAM) to alert both requirements and contracting
personnel of the need to address SAFETY Act applicability early on in
the acquisition process and document the consideration in the
acquisition plan. OCPO is currently preparing an additional revision to
the acquisition planning guide to provide additional procedures on how
to apply and implement the SAFETY Act to applicable procurements.
3. At what point in the procurement process does the SAFETY Act
become a factor? Is it at the outset of the procurement or at some
other point?
Response: For those requirements potentially involving anti-
terrorism technologies, SAFETY Act concerns should be addressed as soon
as possible after identifying the mission need. However, absent the
ability to make that identification, the requirement for SAFETY Act
protections may be identified later in the process (e.g. at the
solicitation or proposal phases). In order to preclude impacting the
acquisition cycle time, early identification is crucial.
4. Ms. Duke, in your testimony you discuss how you will expedite
the SAFETY Act process with certain procurements such as with Radiation
Portal Monitors (ASP) and the Liquid Based Explosives Detection
Technologies. However, the industry is concerned about all
procurements, specifically if they are not particularly high profile.
What steps can your office take to expedite the
process and eliminate duplicative paperwork for all
procurements?
Response: DHS remains dedicated to ensuring that consideration for
SAFETY Act coverage is addressed in all appropriate procurement
actions. In addition to the various educational formats envisioned, the
final program rule provided a number of tools that will be used to
expedite SAFETY Act processes. Among these are block designations,
block certifications and the prequalification designation notice
(PQDN). Use of these instruments allows contractors to submit
streamlined SAFETY Act applications. Use of the streamlined SAFETY Act
application results in expedited processing by the OSAI. Additionally,
DHS maintains the SAFETY Act website at https://www.safetyact.gov/,
which includes a list of technologies that have been granted
``Designations'' and another list of approved SAFETY Act products.
These two resources can be helpful to potential offerors in developing
proposals for requirements that could employ those technologies.
5. What is the method and level of communication that occurs
between the procurement officials and the Office of SAFETY Act
Implementation? For instance, is the communication formal such as
weekly meetings or less formal? Does communication only occur at the
upper management level of each component or can a procurement officer
pick up the phone and have a discussion with Science and Technology
about a specific technology?
Response: Project managers/requirements personnel and contracting
officers are encouraged to discuss requirements for potential anti-
terrorism technologies with OSAI representatives as early as possible
in the acquisition process. OSAI personnel are available to assist
anyone involved in the acquisition, from upper-level management to
working-level requirements development personnel.
There is regular interaction between the Chief Procurement Officer
and the Acting Director of the Office of SAFETY Act Implementation.
Additionally, strong relationships are being built by the senior
management of the Directorate. As part of assigned duties, the Director
of Transition has been actively reaching out to other agencies to
inform and educate them about the SAFETY Act and its possible role in
their procurements.
6. What actions are being taken to develop and pursue the companion
Federal Acquisition Regulation and any necessary DHS acquisition
regulation or instructions? When can we expect that such regulations
will be issued?
Response: As mentioned in September 2006, DHS requested that the
FAR Council, composed of representatives from the General Services
Administration (GSA), National Aeronautics and Space Administration
(NASA), Department of Defense (DOD) and the Office of Federal
Procurement Policy (OFPP), initiate a proposed Federal Acquisition
Regulation (FAR) case to establish uniform federal procurement policy
implementing the SAFETY Act. The FAR Council accepted the DHS request
to initiate the rulemaking case. Both OCPO and S&T personnel
participated with the FAR law team in drafting a FAR case. The proposed
case was sent to both FAR councils, i.e. the Defense Acquisition
Regulations Council (DARC) and the Civilian Agency Acquisition Council
(CAAC), for consideration on November 1, 2006. OCPO and S&T continue to
be involved as the case progresses through the DARC and CAAC, by
attending meetings where the case is discussed. The timeframe for
taking a case from its beginning to publication depends on such factors
as complexity, urgency, and whether the case is determined by OMB to be
a significant case. Every effort is being made to expedite the process
as much as possible. Agency-specific policy and guidance will be
included in revisions to the DHS acquisition regulation and manual as
appropriate.
7. The final program regulations say that all information on the
program, including who has applied, will be kept confidential. While
that makes sense for an individual applicant, there is no information
on overall SAFETY Act activity except final actions. While protecting
proprietary information, what plans does the Department have for
providing some transparency to the process? Would DHS commit to
publicly reporting on a regular basis information such as the number of
registrations filed and the status of such applications?
Response: The Office of SAFETY Act Implementation (OSAI) seeks to
have the process as transparent as possible to both applicants and the
public. However, one of the key components in ensuring that the number
of applications continues to rise is protecting applicants and their
technologies. Revealing which companies have applied and the exact
status of their applications would result in revealing SAFETY Act
confidential information without their permission. OSAI will continue
to provide program updates on the number of applicants and awards
issued as the SAFETY Act program continues to grow.
OSAI is committed to ensuring the confidentiality of SAFETY Act
matters. To ensure that applicant confidentiality is maintained, we
have recently had the Department of Homeland Security's Office of the
Inspector General (IG) perform an inspection of our computer systems
used for the storage and transmission of proprietary information. The
system was certified and accredited.
8. There are several references in the final rule and the revised
application kit to a ``streamlined'' application kit, but there is no
other information in the material. What is the DHS plan for a
``streamlined'' application process?
Response: The Department of Homeland Security has refined the
SAFETY Act application kit and the application process more generally
to reduce burdens and to focus more precisely on collecting the
information necessary for the review of a particular anti-terrorism
technology. The revised kit was posted on the SAFETY Act website
(www.safetyact.gov) on August 21, 2006.
The Department had recognized that the initial SAFETY Act
application kit was overly burdensome and the application process could
be streamlined and made less bureaucratic. Utilizing an intensive
internal and external `lessons learned' process, as well as all public
comments, we implemented improvements in the application kit to make it
more applicant friendly; we have received positive feedback on the
improvements. For example, the amount of information required has been
significantly modified to remove unnecessary burdens on the applicants
without compromising the needed data required by our staff and
reviewers. In terms of streamlining the application kit, the Department
has dramatically decreased the number of financial questions. In
particular, since the program is forward looking, we have eliminated
questions concerning past sales and insurance history. To better
protect company confidentiality, we have removed questions that delve
into cost of production and unit costs. The revised kit requests
significantly less technical information from the applicants. In
addition, the workflow software has been modified to make it easier to
track and respond to applicant questions. The Office of SAFETY Act
Implementation will continually work to improve the process.
9. What is the status of current discussions within the Federal
government about whether other sellers of Anti Terrorism Technology
throughout the Federal government will be eligible to apply for SAFETY
Act designation and certification? Are products and services procured
through DHS grants being considered for SAFETY Act coverage?
Response: All sellers of anti-terrorism technologies are eligible
to apply for SAFETY Act protection. The Office of SAFETY Act
Implementation (OSAI) is reaching out to other agencies, monitoring
fedbizopps.gov and working with the procurement and grant officers to
inform them about the benefits of SAFETY Act protection. It should be
emphasized that there are no limitations on availability of SAFETY Act
protections to the sellers of anti-terrorism technologies that might be
associated with any government funding agreement, including grants. The
Department of Homeland Security has issued internal guidance and has
initiated a Federal Acquisition Regulation (FAR) case to address
whether sellers of various technologies are eligible for SAFETY Act
designation or certification.
Q04420: 10. Testimony from Panel II experts includes the suggestion
that the duration of SAFETY Act protection once a technology receives
designation or certification should be extended beyond the five to
eight year time period. Is the Department currently reviewing the
duration of protection and if so, what modifications to the current
policy are under consideration?
Response: The qualification for SAFETY Act coverage depends on a
combination of the ability of the technology to be effective in a
specific threat environment, the nature and cost of available
insurance, and other factors, all of which are subject to change. Since
the expiration of SAFETY Act Designation and Certification would impact
only future sales of the subject qualified anti-terrorism technologies
(QATT), the Department of Homeland Security believes that mandatory
reconsideration of technologies after five to eight years provides a
fair balancing of public and private interests while providing the
certainty required by Sellers. Sellers may apply for renewal up to two
years prior to the expiration of their SAFETY Act Designation to
provide for continuity of coverage.
The Department is cognizant of the need for a sufficient period of
protection for successful SAFETY Act applicants to achieve the main
goal of the Act, which is to facilitate the deployment of the needed
technologies. Therefore, the Office of SAFETY Act Implementation looks
for opportunities to maximize the length the awards are given,
consistent with the range set forth in the Final Rule
11. Under Secretary Cohen, in September 2006 you unveiled your plan
to restructure the Directorate of Science and Technology. Where does
the Office of SAFETY Act Implementation fit into the proposed
restructuring to ensure it receives the appropriate attention and
stature?
Response: The Office of SAFETY Act Implementation has been placed
under the authority of the Director of Transition, who reports directly
to the Under Secretary. This has been done because the Director of
Transition is responsible for the deployment of all advanced
technologies. This structure provides increased visibility for the
SAFETY Act. Additionally, all proposed awards are examined for
consistency with the ongoing development of DHS standards by senior
staff assigned to the technology testing and evaluation office.
12. The Committee has some concerns about whether the Office of
SAFETY Act Implementation has sufficient resources to ensure successful
implementation of the recent changes-to the rule and application kit-
that will increase the efficiency and timeliness of the process.
When will a permanent director for the Office of
Safety Act Implementation be appointed beyond the current
Acting Director?
Response: We are currently searching for a permanent director for
the Office of SAFETY Act Implementation and believe we will have a
person placed in that position in the near future.
How many additional Full Time DHS Employees do you plan to
add in order to meet the expected increased demand for applications and
other actions?
Response: The Science and Technology (S&T) Directorate
will continue to monitor the Office of SAFETY Act Implementation (OSAI)
to ensure proper Federal oversight. We intend to meet expected demand
by bringing on contract staff and Federal personnel as appropriate. To
that end, the Department has hired a Deputy Director for the OSAI and
expects to hire an Outreach Coordinator and a permanent Director in the
near term.
13. One of the overriding concerns that industry has expressed to
the committee is that the SAFETY Act process has lost its focus and
gotten bogged down in government bureaucracy.
How will the changes made in the final rule and the
revised application kit support the vision of congress that the SAFETY
Act protections for industry would help bring innovative homeland
security technologies very quickly to the field?
Response: The Final Rule and the new application kit are vital to
improving how the SAFETY Act process works and increasing the number of
technologies that are granted SAFETY Act awards. The Department of
Homeland Security has done analysis of the entire process and has
eliminated, consolidated, and improved the Office of SAFETY Act
Implementation (OSAI) to make the process more efficient with no loss
in the quality of the application reviews. OSAI has also developed
consistent policies and procedures.
The Final Rule reflects the many comments and suggestions that were
made while the program operated under the Interim Rule. Significant
progress has been made over the last several years and the Final Rule
will allow the program to be more efficient and hospitable. Of the many
changes made, there are a number of key provisions that will help
applicants. For example, the Final Rule establishes a program to extend
certain liability SAFETY Act protections to certain anti-terrorism
technologies that are still in the process of undergoing developmental
testing and evaluation to validate their safety and efficacy.
The Final Rule also incorporates provisions that establish a
flexible approach to align consideration of SAFETY Act applications and
government procurement processes more closely. The Department will, on
an on-going basis, provide guidance for effectively coordinating
government procurements and consideration of SAFETY Act Applications.
In addition, the preamble to the SAFETY Act Final Rule stated that
the Department would soon publish a new SAFETY Act application kit
which would account for the changes contained in the Final Rule and
which would state with greater specificity the information required to
properly evaluate a SAFETY Act application. The Department had
recognized that the initial SAFETY Act application kit was overly
burdensome and the application process could be streamlined and made
less bureaucratic. The Department has refined the SAFETY Act
application kit and the application process more generally to reduce
burdens and to focus more precisely on collecting the information
necessary for the review of a particular anti-terrorism technology. The
revised kit was posted on the SAFETY Act website (www.safetyact.gov) on
August 21, 2006.
Finally, the Department recognizes that each SAFETY Act application
is different. Our aim is to have an interactive and flexible
application process and to focus the SAFETY Act application kit on
soliciting essential information that may be supplemented as necessary
with individual applicants on a case by case basis.
With the Final Rule and the new application kit in place, we are
confident that the number of applicants will continue to increase along
with the technologies being given liability protection.
Questions from Representative Bennie Thompson
1. According to the rule, the Department ``may expedite SAFETY Act
review for technologies subject to ongoing procurement processes.''
This applies to procurements on any level--Federal, state, or local. As
part of the Committee's recent authorization, we required the Secretary
``to ensure coordination of the Department's efforts to promote
awareness and utilization of the litigation and risk management
provisions of the SAFETY Act in the procurement of qualified anti-
terrorism technologies at the Federal, State, and local levels.
What kind of outreach is currently underway at the
Department to inform procurement officials on the state and
local levels on the significance of the SAFETY Act as they
consider technologies to purchase?
Response: The DHS public website includes links to the Office of
SAFETY Act Implementation (OSAI) where state and local procurement
officials can obtain information related to the SAFETY Act. The OSAI
web page includes links to a large amount of information describing
SAFETY Act procedures as well as lists of products and services that
have received SAFETY Act designation or certification. The OSAI
attended many targeted conferences to let state and local officials
know about the SAFETY Act. The OSAI has given workshops and presented
on panels so more state and local officials can be aware of the program
and work to integrate it into their own practices and procurements.
2. In this Committee's recent authorization, we required the
Secretary to issue a Departmental management directive requiring
appropriate coordination between Department procurement officials and
the Department officials responsible for implementing the SAFETY Act in
advance of any Department procurement involving a qualified anti-
terrorism technology.
Though this legislation may not go to the floor, what
efforts are underway to write and deliver such a directive?
Response: Both OCPO and S&T are dedicated to promoting awareness
and utilization of SAFETY Act protections in contracting for qualified
anti-terrorism technologies. While this relationship has not been
formalized in a Departmental management directive, we have developed a
collegial liaison though our combined efforts in delivering briefings/
training and in preparing the strawman FAR case for the FAR Council.
3. In this Committee's recent authorization, we required the
Secretary to include SAFETY Act instruction for all acquisition
employees and their representatives.
What kind of SAFETY Act procurement training is
underway at the present, and what are your efforts to include
such instruction in the future?
Response: The Defense Acquisition University (DAU) virtual campus
web site provides an overview of the SAFETY Act, including the vendor
application process. In June 2006, in collaboration with Science and
Technology (S&T), the Office of the Chief Procurement Officer (OCPO)
briefed the component HCAs on the SAFETY Act and procedures for
implementing SAFETY Act considerations into DHS procurements. In August
2006, S&T and OCPO issued a joint memorandum to the component HCAs, the
component Offices of General Counsel (OGC), and the DHS Program
Management Council (PMC) discussing the implementation of the SAFETY
Act in acquisition planning. The Program Management Council is an
element of the Program Management Center of Excellence, which works to
develop the policies, procedures and other tool sets needed for DHS
Program Managers to succeed. In September 2005 S&T and OCPO briefed the
DHS Program Management Council on the SAFETY Act and related processes
and procedures.
With the final publication of the SAFETY Act program rule, and the
development of a federal- wide procurement regulation on the SAFETY
Act, OCPO's future training plans include: general SAFETY Act training
for DHS contracting professionals to acquaint them with how and when it
applies to DHS procurements; workshops to develop Component SAFETY Act
subject matter experts to assist contracting professionals in
evaluating the need for SAFETY Act coverage; development of an on-line
training course to provide just-in-time training to contracting
professionals. In addition, to training, OCPO is currently working to
revise the Department's current acquisition planning guide, which is
contained in the Homeland Security Acquisition Manual (HSAM) (a
document describing DHS' internal procurement policies and procedures)
to incorporate guidance and procedures on how to apply and implement
the SAFETY Act to applicable procurements. A source selection guide is
also in process that will include a discussion of the SAFETY Act.
4. In 2005, the security company Wackenhut was granted SAFETY
coverage, which at the time was the first and only such Designation and
Certification for a contract security service provider. This coverage
would allow Wackenhut--if its protective service plan failed during a
terrorist attack--to assert affirmative defenses to liability for
third-party claims. According to Wackenhut, the services it received
SAFETY Act coverage for ``are designed to envision and defend against
possible terrorist scenarios, deny terrorists access to secured
facilities, and to respond to terrorist related security breaches.''
Unfortunately, as you're no doubt aware, Wackenhut fell out of favor
with the Department, which recently solicited a new contract for
security personnel. This stemmed in part from a poorly handled
situation in which Wackenhut employees failed to properly handle an
anthrax-type situation. One Wackenhut guard told the press ``I had
never previously been given training . . . describing how to respond to
a possible chemical attack.'' Many news outlets have reported
Wackenhut's failings in securing energy plants.
How can the Department comfortably issue liability waivers
for services that apparently are providing less than adequate coverage?
Under your recent rule, applicants must notify the Department when they
make modifications to technologies that would go outside the scope of
the designation or certification. How will this work for services?
Response: The rules and procedures are the same for technology
producers and service providers. Like technology producers, service
providers have a continuing obligation under the Final Rule to notify
the Department of Homeland Security of any significant modification of
a qualified anti-terrorism technology (QATT) that causes the QATT to no
longer to be within the scope of the original Designation or
Certification (See Sec. 25.6(l) of the final rule). Also, if there is a
significant change that negatively impacts the seller or the QATT, this
might affect insurance coverage (i.e. insurance company may withdraw or
significantly reduce coverage). As part of the seller's continuing
obligations, it must report any material change in insurance coverage
required by the Designation. This will also be taken into account when
the applicant submits its request for renewal of the QATT's
Designation/Certification.
5. In July 2006, this Committee passed as part of its authorization
bill a section on the SAFETY Act. Included were provisions to add
additional FTEs to the SAFETY Act Office, which we understood to be
lacking an adequate number of staffers.
Can you provide us with update numbers--how many
contractors and FTEs are currently employed at the SAFETY Act office?
Would the authorization recommendations be sufficient to achieve your
goals for SAFETY Act implementation in 2007 and beyond?
Response: Currently, there are two full-time equivalents (FTE)
working as the Acting Director and the Deputy Director for the Office
of SAFETY Act (OSAI). There are four contractors supporting the Federal
oversight personnel. In addition, there are three senior personnel
providing technical, legal, and administrative oversight. This staffing
has been sufficient; however the Department of Homeland Security will
continue to evaluate the need for additional staff.
6. The final regulations for information sharing state that DHS
``may use information that has been submitted to the Department under
the SAFETY Act.''
Who is the Department planning on sharing this information
with? What regulations have been established to guard this confidential
information? What efforts are underway to safeguard the interests of
applicants?
Response: Protecting the privacy of sensitive applicant data is one
of the Department of Homeland Security's top concerns. There is no plan
to share any SAFETY Act information. The Department is committed to
taking all appropriate steps to protect the proprietary information of
applicants consistent with applicable Freedom of Information Act (FOIA)
exemptions, the Trade Secrets Act (18 U.S.G. 1905), the Privacy Act of
1974 (5 U.S.C. Sec. 552a), and other applicable law. As an example of
this commitment, those engaged in evaluating applications are required
to enter into appropriate nondisclosure agreements. In addition, prior
to being granted access to any proprietary information associated with
an application or its evaluation, each potential evaluator is examined
for potential conflict of interest. Finally, the Department's conflict
of interest and confidentiality policies apply to everyone associated
with SAFETY Act implementation. In addition, the SAFETY Act IT System--
Technical Evaluation System for SAFETY Act (TESSA)) has been certified
and accredited. Additional IT security elements have been deployed to
add a greater level of protection to all applicant materials.
7. According to the recently published rule, ``the Department shall
establish confidentiality procedures for safeguarding, maintenance and
use of information submitted to the Department under this part.''
When will the Department publish these rules and/or
management directives?
Response: On August 22, 2006, the Office of SAFETY Act
Implementation (OSAI) published applicable rules and procedures to
implement the requirements of Department of Homeland Security, 6 CFR 25
(the Final Rule) in an OSAI Memorandum entitled: ``Office of SAFETY Act
Implementation Procedures for Marking, Storing and Destroying SAFETY
Act Confidential Information Documents and Electronic Media''. The
document supplements the requirements and procedures contained in
Department of Homeland Security Management Directive 11042.1
``Safeguarding Sensitive but Unclassified (For Official Use Only)
Information,'' dated January 6, 2005. The Department will continue to
assess whether additional guidance is necessary.
8. According to the Department, an appeals process to challenge
Safety Act determinations is unnecessary because ``the interactive
process [between evaluators and applicants during the application
process] will provide sufficient recourse to applicants.'' But while
the Department has accelerated the pace of approvals in the past year,
the Department's rules do not include any procedural safeguards to
prevent a return to a time when the Department approved only 6
technologies in sixteen months.
Has there been any consideration given to the
establishment of an administrative review process for the
SAFETY Act similar to the kinds available to applicants that
received denials from the EPA, FCC, or the FAR bidding process?
Response: Yes, the Office of SAFETY Act Implementation (OSAI) has
developed a strict administrative review process to ensure timely
consideration of all cases by the Under Secretary.
9. The final rule mentions a ``rapid system for prospectively
reviewing significant modifications.''
What efforts are underway to create this system?
Response: There is currently an expedited process in place to
evaluate modifications that do not fundamentally alter the approved
technology. The goal of this process is to reduce the response time by
50 percent.
�