Text: H.R.3699 — 116th Congress (2019-2020)All Information (Except Text)

There is one version of the bill.

Text available as:

Shown Here:
Introduced in House (07/11/2019)


116th CONGRESS
1st Session
H. R. 3699


To codify the Transportation Security Administration’s responsibility relating to securing pipelines against cybersecurity threats, acts of terrorism, and other nefarious acts that jeopardize the physical security or cybersecurity of pipelines, and for other purposes.


IN THE HOUSE OF REPRESENTATIVES

July 11, 2019

Mr. Cleaver introduced the following bill; which was referred to the Committee on Homeland Security


A BILL

To codify the Transportation Security Administration’s responsibility relating to securing pipelines against cybersecurity threats, acts of terrorism, and other nefarious acts that jeopardize the physical security or cybersecurity of pipelines, and for other purposes.

Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,

SECTION 1. Short title.

This Act may be cited as the “Pipeline Security Act”.

SEC. 2. Pipeline security responsibilities.

Subsection (f) of section 114 of title 49, United States Code, is amended—

(1) in paragraph (15), by striking “and” after the semicolon at the end;

(2) by redesignating paragraph (16) as paragraph (17); and

(3) by inserting after paragraph (15) the following new paragraph:

“(16) maintain responsibility, in coordination with the Director of the Cybersecurity and Infrastructure Security Agency, as appropriate, relating to securing pipeline transportation and pipeline facilities (as such terms are defined in section 60101 of this title) against cybersecurity threats (as such term is defined in section 102 of the Cybersecurity Information Sharing Act of 2015 (Public Law 114–113; 6 U.S.C. 1501)), an act of terrorism (as such term is defined in section 3077 of title 18), and other nefarious acts that jeopardize the physical security or cybersecurity of such transportation or facilities; and”.

SEC. 3. Pipeline security section.

(a) In general.—Title XII of the Implementing Recommendations of the 9/11 Commission Act of 2007 is amended by adding at the end the following new section:

“SEC. 1209. Pipeline security section.

“(a) Establishment.—There is within the Transportation Security Administration a pipeline security section to carry out pipeline security programs in furtherance of section 114(f)(16) of title 49, United States Code.

“(b) Mission.—The mission of the section referred to in subsection (a) is to oversee, in coordination with the the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security, the security of pipeline transportation and pipeline facilities (as such terms are defined in section 60101 of title 49, United States Code) against cybersecurity threats (as such term is defined in section 102 of the Cybersecurity Information Sharing Act of 2015 (Public Law 114–113; 6 U.S.C. 1501)), an act of terrorism (as such term is defined in section 3077 of title 18, United States Code), and other nefarious acts that jeopardize the physical security or cybersecurity of such transportation or facilities.

“(c) Leadership; staffing.—The Administrator of the Transportation Security Administration shall appoint as the head of the section an individual with knowledge of the pipeline industry and security best practices, as determined appropriate by the Administrator. The section shall be staffed by a workforce that includes personnel with cybersecurity expertise.

“(d) Responsibilities.—The section shall be responsible for carrying out the duties of the section as directed by the Administrator of the Transportation Security Administration, acting through the head appointed pursuant to subsection (c). Such duties shall include the following:

“(1) Developing, in consultation with relevant Federal, State, local, Tribal, territorial entities and public and private sector stakeholders, guidelines for improving the security of pipeline transportation and pipeline facilities against cybersecurity threats, an act of terrorism, and other nefarious acts that jeopardize the physical security or cybersecurity of such transportation or facilities.

“(2) Updating such guidelines as necessary based on intelligence and risk assessments, but not less frequently than every three years.

“(3) Sharing of such guidelines and, as appropriate, intelligence and information regarding such security threats to pipeline transportation and pipeline facilities, as appropriate, with relevant Federal, State, local, Tribal, and territorial entities and public and private sector stakeholders.

“(4) Conducting security assessments based on the guidelines developed pursuant to paragraph (1) to provide recommendations for the improvement of the security of pipeline transportation and pipeline facilities against cybersecurity threats, an act of terrorism, and other nefarious acts that jeopardize the physical security or cybersecurity of such transportation or facilities, including the security plans, practices, and training programs maintained by owners and operators of pipeline facilities.

“(5) Carrying out a program to inspect pipeline transportation and pipeline facilities, including inspections of pipeline facilities determined critical by the Administrator based on a risk assessment conducted in consultation with relevant Federal, State, local, Tribal, and territorial entities and public and private sector stakeholders.

“(6) Preparing notice and comment regulations for publication, if determined necessary by the Administrator.

“(e) Details.—In furtherance of the section’s mission, as set forth in subsection (b), the Administrator and the Director of the Cybersecurity and Infrastructure Security Agency may detail personnel between their components to leverage expertise.”.

(b) Updated guidelines.—Not later than March 31, 2021, the section shall publish updated guidelines pursuant to section 1209 of the Implementing Recommendations of the 9/11 Commission Act of 2007, as added by subsection (a).

(c) Clerical amendment.—The table of contents for the Implementing Recommendations of the 9/11 Commission Act of 2007 is amended by inserting after the item relating to section 1208 the following new item:


“Sec. 1209. Pipeline security section.”.

SEC. 4. Personnel strategy.

(a) In general.—Not later than 180 days after the date of the enactment of this Act, the Administrator of the Transportation Security Administration, in coordination with the Director of the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security, shall develop a personnel strategy for enhancing operations within the pipeline security section of the Transportation Security Administration, as established pursuant to section 1209 of the Implementing Recommendations of the 9/11 Commission Act of 2007, as added by section 3.

(b) Contents.—The strategy required under subsection (a) shall take into consideration the most recently published versions of each of the following documents:

(1) The Transportation Security Administration National Strategy for Transportation Security.

(2) The Department of Homeland Security Cybersecurity Strategy.

(3) The Transportation Security Administration Cybersecurity Roadmap.

(4) The Department of Homeland Security Balanced Workforce Strategy.

(5) The Department of Homeland Security Quadrennial Homeland Security Review.

(c) Resources.—The strategy shall include an assessment of additional resources determined necessary by the Administrator.

(d) Submission to Congress.—Upon development of the strategy, the Administrator of the Transportation Security Administration shall provide to the Committee on Homeland Security of the House of Representatives and the Committee on Commerce, Science, and Transportation of the Senate a copy of such strategy.

SEC. 5. Oversight.

(a) Report to Congress.—The Administrator of the Transportation Security Administration shall report to the Committee on Homeland Security of the House of Representatives and the Committee on Commerce, Science, and Transportation of the Senate not less than annually on activities of the pipeline security section of the Administration, as established pursuant to section 1209 of the Implementing Recommendations of the 9/11 Commission Act of 2007, as added by section 3, including information with respect to guidelines, security assessments, and inspections. Each such report shall include a determination by the Administrator regarding whether there is a need for new regulations or non-regulatory initiatives and the basis for such determination.

(b) GAO review.—Not later than two years after the date of the enactment of this Act, the Comptroller General of the United States shall conduct a review of the implementation of this Act and the amendments made by this Act.