On December 30, 2002, the U.S. Coast Guard published a Notice of meetings and a request for comments relating to maritime security (67 Fed. Reg. 79742). Following are some thoughts on this important issue. I must commence by stating that I have the highest respect for the Coast Guard. The maritime and port security missions are vital to the U.S. and the world. There is no agency better qualified to lead this important program. Congress has assigned heavy responsibilities to the Coast Guard and, at the same time, required that the initial work be done in an impossibly short time. The Coast Guard is accustomed to working in real time and will accomplish the mission in the shortest possible period. While the U.S. Coast Guard will lead the maritime security effort, it is by no means the only player. Other federal agencies, such as the Customs Service, the Immigration and Naturalization Service (INS), the Transportation Security Administration (TSA), and the Animal and Plant Health Inspection Service (APHIS), have important roles to play. State and local agencies, including the numerous port authorities, are important members of the team. The private sector, though, is where maritime security will actually come into being. The active and willing participation of ship owners and operators, masters and crew, and facility operators and employees will be the meat on the bones of statutes, regulations and guidelines. I applaud efforts by the Coast Guard to hold these public meetings to gather comments. The meetings will improve appreciation of the program on the part of the regulated community while enhancing the understanding of the Coast Guard of the complex nature of the task it has been assigned. The eventual regulations will be vastly improved because of this effort. In its Notice, the Coast Guard asked for comments on a number of specific and fairly detailed questions. I will leave those comments to persons actually operating ships and facilities impacted by the maritime security proposals, who are far better qualified to assist the Coast Guard with their implementation. Instead, I will limit my comments to over-arching issues and common themes that transcend detailed issues. Background The International Ship and Port Facility Security (ISPS) Code was recently adopted at an international conference convened by the International Maritime Organization (IMO). The ISPS Code directs flag administrations to require ship owners and operators to institute security programs and develop vessel security plans. The international conference also adopted various amendments to the International Convention for the Safety of Life at Sea (SOLAS Convention). The U.S. Congress recently enacted the Maritime Transportation Security Act of 2002 (MTSA). Among other things, this statute directs the Secretary of the department in which the Coast Guard is operating to require owners and operators of ships operating in U.S. waters to institute security programs and develop vessel security plans. As Admiral Collins recently stated at an international conference in Singapore on maritime security, the international and U.S. requirements are complementary. They are not, though, exactly the same. That is why this process becomes complex. While there in nothing in the MTSA that is inconsistent with the ISPS Code, the MTSA does contain various provisions not found in the ISPS Code. For sake of clarity and consistency, I will refer to the vessel security plan required by the ISPS Code as the international VSP. I will refer to the vessel security plan required by the MTSA as the U.S. VSP. Review of International VSP The first issue that arises is whether the U.S. Coast Guard will review the international VSP of a foreign (i.e., non-U.S.) ship. This is unclear because, at one point in the Notice of December 30, 2002, it states that the Coast Guard will deem flag administration approval of a vessel security plan (VSP) prepared in accordance with SOLAS and the ISPS Code to meet the Secretarial approval requirement of the MTSA. Elsewhere in the Notice, though, it states that the Coast Guard intends to mandate compliance with the SOLAS amendments and the ISPS Code including part A and part B. Only Part A of the ISPS Code is mandatory on an international basis and flag administration approval will only be based on compliance with Part A. It is unclear how the Coast Guard can deem flag state approval to be equivalent to Secretarial approval if the Coast Guard is going to impose requirements not present in the international sector. Actual review by the U.S. Coast Guard of an international VSP prepared for a foreign ship raises at least three questions. The ISPS Code, at section 9.9.1 of Part A, severely restricts the authority of Port State Control officials to review the international VSP of a foreign vessel. It is unclear how the U.S. Coast Guard can review the international VSP of a foreign ship without violation of the ISPS Code. The second question regarding U.S. Coast Guard review of an international VSP is more practical than legal. The ISPS Code allows the international VSP to be written in English, French, or Spanish and in the working language of the crew, if other than one of these three languages. If is doubtful whether the Coast Guard can conduct a meaningful review of an international VSP written in a language other than English. The third question in this regard is whether the Coast Guard intends to issue an approval letter with regard to an international VSP for a foreign ship. The Notice is silent on this issue, but the MTSA states, at 46 U.S. Code § 70130(c), that a vessel security plan shall be submitted within six months of the issuance of the interim regulations and that the Secretary shall have the plan promptly reviewed and shall approve the plan if it meets regulatory requirements. If the vessel security plan for a foreign vessel operating in U.S. waters has to be submitted for approval by the U.S. Coast Guard, then the significance of the statement that the Coast Guard will deem flag administration approval of a vessel security plan (VSP) prepared in accordance with SOLAS and the ISPS Code to meet the Secretarial approval requirement of the MTSA is unclear. It is recommended that the U.S. Coast Guard write its regulations so as to maintain the distinction between the international VSP and the U.S. VSP. For port state control purposes, the Coast Guard should limit itself to conducting normal examinations to determine whether a foreign vessel has a valid international VSP and is in substantial compliance therewith. For domestic purposes, the Coast Guard should establish a separate and distinct requirement for ships operating in U.S. waters to have on board a U.S. VSP, meeting the requirements of the MTSA. Owners and operators should be permitted (but not required) to prepare one VSP meeting both the international and U.S. requirements. Qualified Individual The MTSA, at 46 U.S.C. § 70103(c)(3)(B), requires that a U.S. VSP "identify the qualified individual having full authority to implement security actions, and require immediate communications between that individual and the appropriate Federal official and the persons providing personnel and equipment pursuant to subparagraph (C)." The Notice, though, is silent on this issue. Does the Coast Guard consider the qualified individual (QI) to be the ship security officer (SSO), the company security officer (CSO), the master, or some other person? If the QI is considered by the Coast Guard to be some person other than the SSO, CSO, or master, must this person be physically located in the United States and must this person be available on a 24-hour basis? Will the Coast Guard address this MTSA requirement in the rulemaking discussed in the Notice, or will this be done in a separate rulemaking? In order to provide maximum flexibility, it is recommended that the Coast Guard permit a company to designate the CSO, SSO, master, or some other person who is reasonably available to serve as the QI. It is recommended that the QI provision be included in the interim regulations. Availability of Security Measures The MTSA, at 46 U.S.C. § 70103(c)(3)(D), requires that a U.S. VSP "identify, and ensure by contract or other means approved by the Secretary, the availability of security measures sufficient to deter to the maximum extent practicable a transportation security incident or a substantial threat of such a security incident." These words are wholly ambiguous. The MTSA Conference Report states, in pertinent part: • Section 70103(c)(3)(D) regarding antiterrorism measures is not intended to require vessel operators to contract in advance or otherwise arrange for antiterrorism response resources. The Conferees consider antiterrorism response the responsibility of local, state and Federal law enforcement agencies. The Conference Report implies that the vessel operator is responsible for providing antiterrorism deterrence security measures, but may rely fully on government agencies, such as the Coast Guard, Federal Bureau of Investigation (FBI), and the Department of Defense to handle any response that may be required in the event that a terrorist incident does occur. It is recommended that the Coast Guard immediately provide the regulated community with guidance regarding how it interprets this provision and seek comment thereon. It is recommended that the Coast Guard limit itself to recommending that vessel owners and operators identify responsible providers of security measures for potential use, while relying primarily on government law enforcement agencies, as indicated in the Conference Report. The MTSA, though, allows such a short deadline between promulgation of the interim rule by the Coast Guard and compliance by the ship owner or operator that it will be extremely difficult for owners and operators to vet responsible providers of security measures unless they have some earlier indication of what may be required. This early indication could be provided by means of a Notice, a Navigation and Vessel Inspection Circular (NVIC), or even a news release. After all, the MTSA has exempted this rulemaking from various requirements of the Administrative Procedures Act. Consistency with National and Area Maritime Security Plans The MTSA, at 46 U.S.C. § 70103(c)(3)(A), requires that the U.S. VSP "be consistent with the requirements of the National Maritime Transportation Security Plan and Area Maritime Transportation Security Plans." When will a National Maritime Transportation Security Plan be issued? When will all of the various Area Maritime Security Plans be issued? Rather than rushing to publish such National and Area plans so that vessel operators can make their security plans consistent, it is recommended that the Coast Guard waive compliance with this provision until the next iteration of a ship's U.S. VSP following publication of the National and Area Maritime Transportation Security Plans. This will provide the Coast Guard time to draft well-considered plans and to put them out for public comment. Security Incident Response Plans The MTSA, at 46 U.S.C. § 70104, requires that the Secretary establish security incident response plans for vessels and facilities that may be involved in a transportation security incident. These plans, which may be included in the U.S. VSP, must provide for a comprehensive response to an emergency, including notifying and coordinating with local, state, and federal authorities (including FEMA); securing the vessel or facility; and evacuating the vessel or facility personnel. It is unclear from this provision exactly what Congress intended. The MTSA Conference Report, though, sheds some light on the issue. It appears that Congress was, in large measure, concerned with external impacts (particularly oil spills) that might result from a security incident. The Conference Report cites the OPA 90 tank vessel oil spill response plans (VRP) and the non-tank vessel oil spill response plans required by several states as examples. It is recommended that the Coast Guard include the Security Incident Response Plan requirement in its interim regulations implementing the U.S. VSP requirements. Training Both the ISPS Code and the MTSA include provisions relating to training of personnel with maritime security responsibilities. It is recommended that the interim regulations (and even the final regulations planned for promulgation in November 2003) include no specific training requirements. Rather, the Coast Guard should seek public input on what training requirements should be established and should plan to include those requirements in a future version of the VSP regulations. The goal should be to develop a training standard consistent with the spirit of the International Convention on Standards of Training, Certification and Watchkeeping (STCW Convention). Such a delay in the establishment of specific training requirements will provide training institutions time needed to develop curricula and companies time needed to send their personnel to the schools. It is important for the Coast Guard to signal its intentions early, in order for the regulated community to provide meaningful input and plan ahead. In similar fashion, the original OPA 90 regulations were intentionally vague regarding several issues that were fleshed out in the next iteration thereof, after vital experience was gained and public input was considered. Deadlines The amendments to SOLAS (with the exception of certain provisions related to AIS) and the ISPS Code will come into effect on July 1, 2004. The Coast Guard Notice states that the MTSA requires the oast Guard to issue a temporary interim rule as soon as practicable and goes on to say that the agency plans to promulgate its temporary interim rule no later than June 2003 and its final rule by November 2003. The MTSA, at § 102(c) (uncodified), requires the Secretary to "establish the plans required under 70104(a)(1) of title 46, United States Code, as enacted by this Act, before April 1, 2003." This latter requirement relates to the Security Incident Response Plans, which are discussed above. It is recommended that the Coast Guard work diligently toward meeting the April 1 deadline, but accept the fact that not all deadlines can be met. I seem to recall that not a single regulatory deadline contained in the Oil Pollution Act of 1990 (OPA 90) was met by the Coast Guard officer assigned to that project (myself). Deadlines such as this are excellent incentives, but not always within the realm of possibility.