More Window Dressing?

032120071605567535.JPG

At the end of the year I renewed my annual Customs decal to expedite crossing back into the States on our frequent trips to Montreal, Canada. But this year the pleasurable anticipation of trips to Montreal was stifled by the announcement by the Department of Homeland Security (DHS) that, despite literally thousands of negative comments, it was going ahead and implementing its final rule about the Advanced Information on Private Aircraft Arriving and Departing the United States. The rule, issued on November 17, 2008, had an effective date of December 18, 2008, and a compliance date of May 18, 2009.

Now, I do understand the need to protect our country against groups intent on doing it harm. But if someone's determined to die for his cause -- no matter how misguided -- he's not inclined to obey rules, which thus only inconvenience those who comply with them.

According to the DHS's Bureau of Customs Border Protection (CBP), the purpose of its new rule is to increase U.S. national security as well as that of private aircraft operators. The rule requires that the pilot (or a designee) provide electronic notification through the CBP's electronic Advance Passenger Information System (eAPIS) of specific information about the passengers and crew at least 60 minutes before departing to or from the United States. The names of the passengers and crew are then checked by DHS against those on the No-Fly list. "If an individual on the 'No-Fly' list is identified on the manifest, DHS will conduct a risk-based analysis to determine whether to grant, restrict or deny landing rights [or permission to depart]."

Assuming someone is planning a terrorist act, how likely is he to transmit his manifest or ask for approval to depart? And if he does send a manifest would he provide his real name or those of his cohorts? Most of us feel that by definition, pilots of "private" aircraft know their passengers. But apparently not. According to the CBP "it is entirely possible that the family members, friends, acquaintances and employers who may travel as passengers on private aircraft are in fact on the 'No-Fly' list unbeknownst to the pilot ... . The final rule addresses the threat to national security presented by private aircraft or any of its occupants, whether or not the operator of the aircraft has a personal relationship with any or all passengers."

In the past, general aviation proponents have been able to convince the DHS that rules affecting general aviation should acknowledge the differences in the operations and the size and weight of private aircraft. But that's no longer the case. The CBP rule treats all "private aircraft" the same. The DHS stated that it feels "private aircraft" are a weak link in national security and that it wants to implement rules that more closely bring "private aircraft" to a level equivalent with that for the airlines.

In justifying its application of the rules regardless of size or weight, the CBP said, "... Even though large aircraft may inflict more damage if flown into infrastructure, both large and small aircraft present a threat because they may be used to transport terrorists or terrorist weapons. Creating an exemption for private aircraft would provide a loophole that could compromise our national security."

There's no question the rule is unpopular. The DHS received more than 2,900 comments and virtually all were against the implementation of the rule. Many complained that the rule would do nothing to improve national security. Others questioned why CBP was concerned with "terrorists" leaving the country? In responding CBP said "it believes that the outbound passenger manifest information allows CBP and other law enforcement officials to better identify individuals who may be on the 'No-Fly' watch list." It then added that the "outbound information is necessary because any airborne aircraft can be used to transport a dangerous device and gain access to U.S. airspace."

I find that statement worrisome. When the CBP says "any airborne aircraft" it's not limiting itself to those on international flights. In fact, in describing the applicability of the final rule, the CBP stated: "Only inbound and outbound international flights are subject to this rule. At this time, domestic operations are not affected."

A number of commenters expressed concern that "electronic" access to the eAPIS website at outlying international airports might not be available. The CBP acknowledged the problem and did amend the rule to allow pilots to file the manifest for both the outbound and the return flight inbound at the same time. The CBP also agreed "certain elements of a previously submitted arrival and/or departure manifest (i.e., flight cancellation, expected time of arrival and changes in arrival location) may now be amended via telephone, radio or existing processes and procedures if access to the internet is unavailable."

The rule doesn't indicate how pilots will be notified that permission has been granted. A query to CBP brought this response: "The pilot also leaves a contact number for any issues that may arise. CBP makes the checks and can make a call back to the pilot with clearance information, or clearance processing can give him/her notification in the electronic system. The pilot has several options to find out about clearance, prior to takeoff."

There's no provision for the CBP to acknowledge initial receipt of a pilot's submission. "Pilots will know that the eAPIS transmission has been received, based upon CBP's response to the transmission. Clearance for a flight to or from the United States should never be assumed regardless of the amount of time that has elapsed; only the pilot's receipt of a cleared response from CBP ensures that the agency has received the arrival and/or departure manifest submission."

However long it takes, rule-abiding pilots will want to wait for their clearance. Pilots of aircraft departing the United States or departing a foreign place for the United States who fail to comply will be subject to a civil penalty of $5,000 for the first violation and $10,000 for each subsequent violation as well as possible criminal penalties.

In the past, I've questioned some of the efforts made to protect our national security. Unfortunately many of the rules affecting general aviation seem more an opportunity for officials with DHS to appear to be doing something than really making a difference in security. First we had the requirement to carry a government issued picture ID when we fly (despite the fact that the hijackers on 9/11 all had them). Then there's the prohibition of aircraft operations below 3,000 feet agl within a three-nautical-mile radius of any stadium having a seating capacity of 30,000 or more people. How will that rule prevent someone intent on doing damage? Even if an F-15 could be scrambled in time to intercept an airplane over a stadium, what could it do?

Don't forget the ADIZ (air defense identification zone) around Washington, D.C. It's been more successful in embarrassing wayward pilots than in protecting the seat of government. And by February 9 of this year, any pilot who flies VFR within 60 nautical miles of the D.C. VOR/DME must have completed either the FAA's one-time special awareness training online course or seminar. And despite the apparent ineffectiveness of the ADIZ, a new Special Flight Rules Area (SFRA) 30 nm in radius, centered on the DCA vortac and extending from the surface to 18,000 feet msl, was scheduled to go into effect in February. The SFRA replaces the D.C. ADIZ and essentially makes it permanent.

And now there's the TSA's Large Aircraft Security Proposal (LASP) that will apply to all general aviation aircraft that weigh more than 12,500 pounds. The intent is to bring large general aviation aircraft into compliance with the same security rules that apply to commercial airlines. The proposed rule ignores the fact that the passengers in general aviation airplanes are typically well known by the operators. In addition to other requirements the proposed rule lists more than 80 items that are prohibited from being carried in the cabin and must be "checked." I'm not sure how that's going to work when the cargo space of many large business jets is accessible in flight from the cabin. In addition, some operators will be required to develop procedures for carrying armed air marshals.

Will the new cross-border notification rule do anything to improve security? I doubt it. The CBP itself estimates that, although a total of some 280,000 private aircraft carrying approximately 600,000 passengers would be affected annually as a result of the rule, on only two occasions would there be a passenger on the "No-Fly" list. But then, through the resolution process, the passengers would likely be downgraded from "No-Fly" and the entire aircraft would be "cleared" to make the flight. If it anticipates that in a year only two out of 280,000 manifest submissions will turn up someone on the watch list and the watch list designation will be "resolved," why go to the trouble?

We don't need more window dressing. General aviation already has a very effective security measure in place with the AOPA/TSA Airport Watch Program. The program encourages the country's more than 600,000 pilots to be alert for suspicious activity and to report it to 866/GA-SECURE (866/427-3287).

Perhaps President Roosevelt said it best, "The only thing we have to fear is fear itself."

Signing On to eAPISThe Advance Information on Private Aircraft Arriving and Departing the United States Final Rule requires pilots of private aircraft (or their designees) to electronically transmit through the eAPIS notices of arrival and/or departure and traveler manifest information to the Bureau of Customs Border Protection a minimum of 60 minutes prior to departure.

In order to post the required information pilots have to register with the eAPIS site (eapis.cbp.dhs.gov). Once at the site, pilots have to agree to a number of very specific terms and conditions before they're allowed to continue the registration process. In addition to admonitions that the information provided must be "accurate, current and complete," the terms require that "Sender IDs and passwords must not be written down or disclosed ... . Users of the eAPIS site are required to have antivirus software installed and set to run automatically on all computers used to access eAPIS... . Users are responsible for performing full scans of these systems on a regular basis and eliminating any virus contamination." Each time a pilot logs on to the site he'll be required to again agree to the terms and conditions before proceeding.

To register, pilots provide basic information (birth date, address, e-mail address, phone numbers, etc.) and create a password. Once the rule became effective on December 18, 2008, pilots registering for eAPIS Private Aviation accounts should have received an e-mail within about five days that included a sender ID and an activation key. To complete the registration process persons had to go to the website eapis.cbp.dhs.gov, enter their sender ID and password and log in. At that point, entering the activation key activates the account.

Questions or concerns? Contact private.aircraft.support@dhs.gov.