[Congressional Bills 109th Congress] [From the U.S. Government Publishing Office] [S. 2145 Reported in Senate (RS)] Calendar No. 495 109th CONGRESS 2d Session S. 2145 To enhance security and protect against terrorist attacks at chemical facilities. _______________________________________________________________________ IN THE SENATE OF THE UNITED STATES December 19, 2005 Ms. Collins (for herself, Mr. Lieberman, Mr. Coleman, Mr. Carper, Mr. Levin, Mr. Corzine, and Mr. Salazar) introduced the following bill; which was read twice and referred to the Committee on Homeland Security and Governmental Affairs June 26, 2006 Reported by Ms. Collins, with an amendment [Strike out all after the enacting clause and insert the part printed in italic] _______________________________________________________________________ A BILL To enhance security and protect against terrorist attacks at chemical facilities. Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled, <DELETED>SECTION 1. SHORT TITLE.</DELETED> <DELETED> This Act may be cited as the ``Chemical Facility Anti- Terrorism Act of 2005''.</DELETED> <DELETED>SEC. 2. DEFINITIONS.</DELETED> <DELETED> In this Act:</DELETED> <DELETED> (1) Chemical source.--The term ``chemical source'' means a facility designated as a chemical source by the Secretary under section 3.</DELETED> <DELETED> (2) Critical infrastructure.--The term ``critical infrastructure'' has the meaning given the term in section 2 of the Homeland Security Act of 2002 (6 U.S.C. 101).</DELETED> <DELETED> (3) Department.--The term ``Department'' means the Department of Homeland Security.</DELETED> <DELETED> (4) Environment.--The term ``environment'' has the meaning given the term in section 101 of the Comprehensive Environmental Response, Compensation, and Liability Act of 1980 (42 U.S.C. 9601).</DELETED> <DELETED> (5) Higher risk tier.--The term ``higher risk tier'' means a tier designated by the Secretary as a higher risk tier under section 3(e)(3).</DELETED> <DELETED> (6) MTSA-regulated facilities.--The term ``MTSA- regulated facility'' means a facility subject to the security requirements under chapter 701 of title 46, United States Code (commonly known as the ``Maritime Transportation Security Act'').</DELETED> <DELETED> (7) Owner or operator.--The term ``owner or operator'' means any person who owns, leases, operates, controls, or supervises a chemical source.</DELETED> <DELETED> (8) Release.--The term ``release'' has the meaning given the term in section 101 of the Comprehensive Environmental Response, Compensation, and Liability Act of 1980 (42 U.S.C. 9601).</DELETED> <DELETED> (9) Secretary.--The term ``Secretary'' means the Secretary of Homeland Security.</DELETED> <DELETED> (10) Security measure.--</DELETED> <DELETED> (A) In general.--The term ``security measure'' means an action to ensure or enhance the security of a chemical source against a terrorist incident.</DELETED> <DELETED> (B) Inclusions.--The term ``security measure'', with respect to a chemical source, includes measures such as--</DELETED> <DELETED> (i) employee training and background and identification authentication checks;</DELETED> <DELETED> (ii) the limitation and prevention of access to controls of the chemical source;</DELETED> <DELETED> (iii) the protection of the perimeter of the chemical source;</DELETED> <DELETED> (iv) the installation and operation of intrusion detection sensors;</DELETED> <DELETED> (v) the implementation of measures to increase computer or computer network security;</DELETED> <DELETED> (vi) the implementation of other security-related measures to ensure or enhance the security of a chemical source from a terrorist incident;</DELETED> <DELETED> (vii) the implementation of measures and controls to prevent, protect against, or reduce the consequences of a terrorist incident, including--</DELETED> <DELETED> (I) contingency and evacuation plans;</DELETED> <DELETED> (II) early warning systems; and</DELETED> <DELETED> (III) the relocation, hardening of the storage or containment, modification, processing, substitution, or reduction of substances of concern; and</DELETED> <DELETED> (viii) the conduct of any similar security-related activity, as determined by the Secretary.</DELETED> <DELETED> (11) Substance of concern.--The term ``substance of concern'' means--</DELETED> <DELETED> (A) a chemical substance present at a chemical source in quantities equal to or exceeding the threshold quantities for the chemical substance, as defined in or established under paragraphs (3) and (5) of section 112(r) of the Clean Air Act (42 U.S.C. 7412(r));</DELETED> <DELETED> (B) ammonium nitrate, in a quantity to be determined by the Secretary by regulation; and</DELETED> <DELETED> (C) any other chemical substance designated as a substance of concern by the Secretary under section 3(i) in quantities equal to or exceeding the threshold quantities established under section 3(i), based on the potential extent of death, injury, or serious adverse effects to human health and safety or the environment or the potential impact on national or economic security or critical infrastructure caused by a terrorist incident involving the chemical substance.</DELETED> <DELETED> (12) Terrorism.--The term ``terrorism'' has the meaning given the term in section 2 of the Homeland Security Act of 2002 (6 U.S.C. 101).</DELETED> <DELETED> (13) Terrorist incident.--The term ``terrorist incident'' means--</DELETED> <DELETED> (A) a terrorist attack against a chemical source;</DELETED> <DELETED> (B) a release from a chemical source into the environment of a substance of concern that is caused by an act of terrorism; and</DELETED> <DELETED> (C) the theft of a substance of concern by a person for off-site release in furtherance of an act of terrorism.</DELETED> <DELETED>SEC. 3. DESIGNATION AND TIERING OF CHEMICAL SOURCES.</DELETED> <DELETED> (a) Designation.--Not later than 1 year after the date of enactment of this Act, the Secretary shall--</DELETED> <DELETED> (1) promulgate regulations establishing criteria for designating chemical sources by using the risk factors described in subsection (b) and by evaluating the types of facilities described in subsection (c) that shall be considered in designating chemical sources; and</DELETED> <DELETED> (2) designate chemical sources in existence as of that date.</DELETED> <DELETED> (b) Risk Factors To Be Considered.--In establishing criteria under subsection (a)(1) for designating chemical sources, the Secretary shall consider--</DELETED> <DELETED> (1) the perceived threat to a facility, including a consideration of adversary capabilities and intent, preparedness, target attractiveness, and deterrence capabilities;</DELETED> <DELETED> (2) the potential extent and likelihood of death, injury, or serious adverse effects to human health and safety or to the environment caused by a terrorist incident at a facility;</DELETED> <DELETED> (3) the threats to or potential impact on national security or critical infrastructure caused by a terrorist incident at a facility;</DELETED> <DELETED> (4) the potential threats or harm to the economy that would result from a terrorist incident at a facility, including whether a facility is the sole supplier, or the producer of a high percentage, of a product that is critical to the economy, the chemical industry, or national security;</DELETED> <DELETED> (5) the proximity of a facility to population centers;</DELETED> <DELETED> (6) the nature and quantity of substances of concern at a facility; and</DELETED> <DELETED> (7) such other security-related factors as the Secretary determines to be appropriate and necessary to protect the public health and safety, critical infrastructure, and national and economic security.</DELETED> <DELETED> (c) Criteria for Facilities.--In establishing criteria under subsection (a)(1) for designating chemical sources, the Secretary shall--</DELETED> <DELETED> (1) consider any facility that is a stationary source (as defined in section 112(r)(2) of the Clean Air Act (42 U.S.C. 7412(r)(2)) for which the owner or operator is required to complete a risk management plan in accordance with section 112(r)(7)(B)(ii) of the Clean Air Act (42 U.S.C. 7412(r)(7)(B)(ii));</DELETED> <DELETED> (2) consider any other facility that produces, uses, or stores a substance of concern; and</DELETED> <DELETED> (3) determine whether any additional facility (including, as of the date of the determination, any facility that is operational and any facility that will become operational in the future) shall be designated chemical sources under this Act.</DELETED> <DELETED> (d) Exclusions.--In designating facilities as chemical sources, the Secretary shall not include any facility owned or operated by the Department of Defense or the Department of Energy.</DELETED> <DELETED> (e) Tiered Security System.--</DELETED> <DELETED> (1) In general.--Not later than 1 year after the date of enactment of this Act, the Secretary shall promulgate rules establishing a risk-based tier system of chemical sources that--</DELETED> <DELETED> (A) shall be based on the criteria established by the Secretary under subsection (a)(1);</DELETED> <DELETED> (B) consists of several tiers of chemical sources;</DELETED> <DELETED> (C) to the maximum extent practicable, enables a chemical source to develop appropriate site- specific measures to meet the security performance standards established under subsection (f) for the tier applicable to the chemical source; and</DELETED> <DELETED> (D) provides guidance to the owner or operator of a chemical source regarding the steps that would enable the chemical source to move to a lower risk tier, if the owner or operator seeks to move to a lower risk tier.</DELETED> <DELETED> (2) Determination of tier.--Not later than 1 year after the date of enactment of this Act, the Secretary shall determine the tier applicable to each chemical source designated under subsection (a)(2).</DELETED> <DELETED> (3) Higher risk tiers.--The Secretary shall designate 1 or more tiers established under paragraph (1) as higher risk tiers.</DELETED> <DELETED> (f) Security Performance Standards.--</DELETED> <DELETED> (1) In general.--The Secretary shall establish security performance standards appropriate to the risk-based tiers established under subsection (e).</DELETED> <DELETED> (2) Contents.--The security performance standards established under paragraph (1) shall--</DELETED> <DELETED> (A) set increasingly strict security requirements as the level of risk for the tier increases;</DELETED> <DELETED> (B) enable a chemical source to select security measures that, in combination, satisfy the security performance standards established by the Secretary; and</DELETED> <DELETED> (C) be based on the criteria in section 4(a)(2).</DELETED> <DELETED> (3) Guidance.--</DELETED> <DELETED> (A) In general.--The Secretary shall provide guidance to a chemical source regarding the types of security measures that, if applied, could satisfy the security performance standards.</DELETED> <DELETED> (B) Alternate measures.--The owner or operator of a chemical source shall have flexibility to employ different security measures than those contained in the guidance described in subparagraph (A) if such measures satisfy the security performance standards established for the tier applicable to the chemical source.</DELETED> <DELETED> (g) Notice to Facilities.--Not later than 180 days after the date of enactment of this Act, the Secretary shall notify facilities that may be designated as chemical sources regarding the review of facilities and designation of chemical sources to be conducted under this Act, including the timeline for such review and designation.</DELETED> <DELETED> (h) Subsequent Determinations.--</DELETED> <DELETED> (1) Periodic review of determinations.--Not later than 3 years after the designation of chemical sources under subsection (a)(2), and every 3 years thereafter, the Secretary shall, after considering the criteria established under subsection (a)(1) and the exclusions under subsection (d), determine whether to designate any additional facility as a chemical source or remove the designation of any particular facility as a chemical source.</DELETED> <DELETED> (2) Other review.--In addition to the periodic review required under paragraph (1), the Secretary may, after considering the criteria established under subsection (a)(1) and the exclusions under subsection (d), designate a facility as chemical source or remove the designation of any facility as a chemical source.</DELETED> <DELETED> (3) Duty to report.--</DELETED> <DELETED> (A) Facilities becoming operational.-- </DELETED> <DELETED> (i) In general.--Each facility described in clause (ii) shall file a petition with the Secretary for a determination on whether that facility should be designated as a chemical source not later than 180 days after the later of--</DELETED> <DELETED> (I) the date of the promulgation of final rules under subsection (a)(1); or</DELETED> <DELETED> (II) the date that facility becomes operational.</DELETED> <DELETED> (ii) Facilities covered.--A facility described in this clause is a facility--</DELETED> <DELETED> (I) that becomes operational on or after the date of the designation of chemical sources under subsection (a)(2); and</DELETED> <DELETED> (II) at which a threshold quantity of a substance of concern is present.</DELETED> <DELETED> (B) Existing facilities.--</DELETED> <DELETED> (i) In general.--Each facility described in clause (ii) shall submit a petition to the Secretary for a determination on whether that facility should be designated as a chemical source not later than 180 days after the later of--</DELETED> <DELETED> (I) the date of the promulgation of final regulations under subsection (a)(1); or</DELETED> <DELETED> (II) the date on which the threshold quantity of a substance of concern is first present at that facility.</DELETED> <DELETED> (ii) Facilities covered.--A facility described in this clause is a facility--</DELETED> <DELETED> (I) for which the owner or operator is not required to complete a risk management plan under section 112(r)(7)(B)(ii) of the Clean Air Act (42 U.S.C. 7412(r)(7)(B)(ii));</DELETED> <DELETED> (II) that is operational before the date of the promulgation of the final rules establishing criteria for designating chemical sources under subsection (a)(1); and</DELETED> <DELETED> (III) at which a threshold quantity of a substance of concern is present.</DELETED> <DELETED> (C) Consultation.--The Secretary, in consultation with the Administrator of the Environmental Protection Agency, shall establish a mechanism for the Secretary to receive notice in a timely fashion of a facility required by the Administrator to complete a risk management plan in accordance with section 112(r)(7)(B)(ii) of the Clean Air Act (42 U.S.C. 7412(r)(7)(B)(ii)).</DELETED> <DELETED> (D) Regulations.--The Secretary may promulgate regulations to carry out this paragraph.</DELETED> <DELETED> (i) Designation, Exemption, and Adjustment of Threshold Quantities of Substances of Concern.--</DELETED> <DELETED> (1) In general.--The Secretary may, by regulation--</DELETED> <DELETED> (A) designate a chemical substance, in a particular threshold quantity, as a substance of concern under this Act;</DELETED> <DELETED> (B) exempt a chemical substance from designation as a substance of concern under this Act; and</DELETED> <DELETED> (C) establish or revise the threshold quantity for a chemical substance to be designated a substance of concern.</DELETED> <DELETED> (2) Considerations.--In designating or exempting a chemical substance or establishing or revising the threshold quantity of a chemical substance under paragraph (1), the Secretary shall consider the potential extent of death, injury, or serious adverse effects to human health and safety or the environment and the potential impact on national security, the economy, or critical infrastructure that would result from a terrorist incident involving the chemical substance.</DELETED> <DELETED> (3) Regulations.--The Secretary may make a designation, exemption, or revision under paragraph (1) in the regulations promulgated under subsection (a)(1).</DELETED> <DELETED>SEC. 4. VULNERABILITY ASSESSMENTS, SITE SECURITY PLANS, AND EMERGENCY RESPONSE PLANS.</DELETED> <DELETED> (a) Requirement.--</DELETED> <DELETED> (1) In general.--Not later than 1 year after the date of enactment of this Act, the Secretary shall promulgate regulations that require the owner or operator of each chemical source--</DELETED> <DELETED> (A) to conduct a vulnerability assessment, evaluating the vulnerability of the chemical source to a terrorist incident;</DELETED> <DELETED> (B) to prepare and implement a site security plan that addresses the risks identified in the vulnerability assessment; and</DELETED> <DELETED> (C) to prepare and implement an emergency response plan or prepare and implement an addendum to an existing emergency response plan to include response planning for a terrorist incident.</DELETED> <DELETED> (2) Regulatory criteria.--The regulations promulgated under paragraph (1)--</DELETED> <DELETED> (A) shall be risk-based, performance based, and flexible; and</DELETED> <DELETED> (B) shall include consideration of-- </DELETED> <DELETED> (i) the criteria established by the Secretary under section 3(a)(1);</DELETED> <DELETED> (ii) cost and technical feasibility; and</DELETED> <DELETED> (iii) scale of operations.</DELETED> <DELETED> (3) Co-located chemical sources.--The regulations promulgated under paragraph (1) shall permit the development and implementation of coordinated vulnerability assessments, site security plans, and emergency response plans in any case in which more than 1 chemical source is operating at a single location or at contiguous locations, including cases in which a chemical source is under the control of more than 1 owner or operator.</DELETED> <DELETED> (4) Sharing of threat information.--To the maximum extent practicable under applicable authority and in the interests of national security, the Secretary shall provide State and local government officials and an owner or operator of a chemical source with threat information that is relevant to the chemical source in particular or to the chemical sector in general.</DELETED> <DELETED> (5) Contents of vulnerability assessment.--A vulnerability assessment shall--</DELETED> <DELETED> (A) be based on a rigorous methodology developed or endorsed by the Secretary;</DELETED> <DELETED> (B) incorporate any threat information provided under paragraph (4);</DELETED> <DELETED> (C) address the appropriate security performance standards established by Secretary under section 3(f); and</DELETED> <DELETED> (D) include an analysis of--</DELETED> <DELETED> (i) physical security;</DELETED> <DELETED> (ii) communication systems;</DELETED> <DELETED> (iii) electronic, computer, or other automated systems which are utilized by the chemical source;</DELETED> <DELETED> (iv) the sufficiency of security measures relative to the threats and consequences of a terrorist incident, including vulnerabilities at the chemical source arising from the nature and quantities of substances of concern and the use, storage, or handling of substances of concern; and</DELETED> <DELETED> (v) other areas, as determined by the Secretary.</DELETED> <DELETED> (6) Contents of site security plan.--A site security plan shall--</DELETED> <DELETED> (A) indicate the tier applicable to the chemical source, as determined by the Secretary under section 3(e)(2);</DELETED> <DELETED> (B) address the risks identified in the vulnerability assessment;</DELETED> <DELETED> (C) address the appropriate security performance standards established by Secretary under section 3(f);</DELETED> <DELETED> (D) include security measures appropriate to the tier level of the chemical source that address the risks identified in the vulnerability assessment and are sufficient to deter, to the maximum extent practicable, a terrorist incident or a substantial threat of such an incident;</DELETED> <DELETED> (E) include security measures to mitigate the consequences of a terrorist incident;</DELETED> <DELETED> (F) describe, at a minimum, particular plans, processes, or procedures that could be used by or at the chemical source in the event of a terrorist incident;</DELETED> <DELETED> (G) identify the roles and responsibilities of employees at the chemical source;</DELETED> <DELETED> (H) identify steps taken by the chemical source to coordinate security measures and plans for response to a terrorist incident with Federal, State, and local government officials, including law enforcement and first responders and specify the security officer who will be the point of contact for the National Incident Management System and Federal, State, and local law enforcement and first responders; and</DELETED> <DELETED> (I) describe the training, drills (including periodic unannounced drills), exercises, and security actions of persons at the chemical source, to be carried out under the plan to deter, to the maximum extent practicable, a terrorist incident or a substantial threat of such an incident.</DELETED> <DELETED> (7) Contents of emergency response plan.-- </DELETED> <DELETED> (A) In general.--An emergency response plan shall--</DELETED> <DELETED> (i) specifically address the consequences of a terrorist incident identified in the vulnerability assessment prepared under paragraph (4);</DELETED> <DELETED> (ii) be consistent with the site security plan prepared under paragraph (6); and</DELETED> <DELETED> (iii) identify the roles and responsibilities of employees at the chemical source.</DELETED> <DELETED> (B) Relationship to the national contingency plan.--</DELETED> <DELETED> (i) In general.--Except as provided in clause (ii), an emergency response plan shall be a Federally approved or certified emergency response plan in effect on the date of enactment of this Act that is--</DELETED> <DELETED> (I) consistent with guidance provided by the National Response Team established under the National Contingency Plan created under section 105 of the Comprehensive Environmental Response, Compensation, and Liability Act of 1980 (42 U.S.C. 9605); and</DELETED> <DELETED> (II) modified to satisfy the requirements of subparagraph (A).</DELETED> <DELETED> (ii) No existing plan.--The owner or operator of a chemical source that does not have a Federally approved or certified emergency response plan in effect on the date of enactment of this Act shall follow the guidance provided by the National Response Team established under the National Contingency Plan created under section 105 of the Comprehensive Environmental Response, Compensation, and Liability Act of 1980 (42 U.S.C. 9605) in developing an emergency response plan to meet the specific considerations of that chemical source.</DELETED> <DELETED> (C) Protection of security information.-- If, in order meet the requirements of this paragraph, the owner or operator of a chemical source is required to include in an emergency response plan information, the release of which would be detrimental to the security of the source, that information shall be separated in a security addendum to the emergency response plan.</DELETED> <DELETED> (8) Guidance to chemical sources.--Not later than 1 year after the date of enactment of this Act, the Secretary shall publish guidance to assist owners and operators of chemical sources in complying with this Act, including advice on aspects of compliance with this Act that may be unique to small business concerns.</DELETED> <DELETED> (b) Certification and Submission.--</DELETED> <DELETED> (1) In general.--Not later than 6 months after the date of the promulgation of regulations under subsection (a)(1), each owner or operator of a chemical source shall certify in writing to the Secretary that the owner or operator has completed a vulnerability assessment and has developed and implemented, or is implementing, a site security plan and an emergency response plan in accordance with this Act.</DELETED> <DELETED> (2) Submission.--Not later than 6 months after the date of the promulgation of regulations under subsection (a)(1), an owner or operator of a chemical source shall submit to the Secretary copies of the vulnerability assessment, site security plan, and emergency response plan of the chemical source for review.</DELETED> <DELETED> (3) Failure to comply.--If an owner or operator of a chemical source fails to certify or submit a vulnerability assessment, site security plan, or emergency response plan in accordance with paragraph (2), the Secretary may issue an order requiring the certification and submission of a vulnerability assessment, site security plan, or emergency response plan in accordance with this section.</DELETED> <DELETED> (c) Review by the Secretary.--</DELETED> <DELETED> (1) In general.--The Secretary shall review the vulnerability assessment, site security plan, and emergency response plan submitted by the owner or operator of a chemical source under subsection (b)(2) to determine whether the assessment and plans and the implementation of such plans comply with this section.</DELETED> <DELETED> (2) Disapproval.--The Secretary shall disapprove a vulnerability assessment, site security plan, or emergency response plan submitted under subsection (b)(2) if the Secretary determines that the vulnerability assessment, site security plan, emergency response plan, or the implementation of such plans does not comply with this section.</DELETED> <DELETED> (3) Compliance.--</DELETED> <DELETED> (A) In general.--If the Secretary disapproves a vulnerability assessment, site security plan, or emergency response plan of a chemical source under paragraph (2), the Secretary--</DELETED> <DELETED> (i) shall provide the owner or operator of the chemical source a written notification of the determination that includes a clear explanation of deficiencies in the vulnerability assessment, site security plan, emergency response plan, or implementation of the site security plan;</DELETED> <DELETED> (ii) shall consult with the owner or operator of the chemical source to identify appropriate steps to achieve compliance;</DELETED> <DELETED> (iii) if, following consultation under clause (ii), the owner or operator of the chemical source does not achieve compliance by such date as the Secretary determines to be appropriate under the circumstances, shall issue an order requiring the owner or operator to correct specified deficiencies; and</DELETED> <DELETED> (iv) if the owner or operator continues to be in noncompliance, may issue an order for the chemical source to cease operation.</DELETED> <DELETED> (B) Compliance for higher risk tiers.-- </DELETED> <DELETED> (i) In general.--Not later than 1 year after the later of the date of the promulgation of regulations under subsection (a)(1) and the date of the promulgation of regulations under section 3(e), the Secretary shall--</DELETED> <DELETED> (I) determine whether to approve, disapprove, or modify the vulnerability assessment, site security plan, and emergency response plan submitted under subsection (b)(2) by a chemical source in a higher risk tier; and</DELETED> <DELETED> (II) determine whether a chemical source in a higher risk tier is operating in compliance with the site security plan and emergency response plan submitted by the chemical source under subsection (b)(2).</DELETED> <DELETED> (ii) Enforcement.--The Secretary may issue an order to a chemical source in a higher risk tier to cease operation if the Secretary--</DELETED> <DELETED> (I) disapproves the vulnerability assessment, site security plan, or emergency response plan submitted under subsection (b)(2) by a chemical source in a higher risk tier; or</DELETED> <DELETED> (II) determines that a chemical source in a higher risk tier is not operating in compliance with the site security plan or emergency response plan submitted by the chemical source under subsection (b)(2).</DELETED> <DELETED> (C) Compliance for other tiers.--Not later than 5 years after the date of the submission of the vulnerability assessment, site security plan, and emergency response plan by a chemical source that is not in a higher risk tier under subsection (b)(2), the Secretary shall complete the review of the assessment and plans and make a determination regarding compliance with this section.</DELETED> <DELETED> (D) Subsequent review.--The Secretary may conduct subsequent reviews and determinations of compliance under this Act for a chemical source on a schedule as determined to be appropriate by the Secretary, with priority given to chemical sources in a higher risk tier.</DELETED> <DELETED> (d) Submission and Certification of Changes.--</DELETED> <DELETED> (1) In general.--Not later than 60 days after the date on which a change is made to a chemical source that affects the security of the chemical source, the owner or operator of the chemical source shall--</DELETED> <DELETED> (A) notify the Secretary in writing;</DELETED> <DELETED> (B) provide a description of the change at the chemical source; and</DELETED> <DELETED> (C) either--</DELETED> <DELETED> (i) request a waiver from resubmitting the vulnerability assessment, security plan, and emergency response plan; or</DELETED> <DELETED> (ii) review and resubmit the vulnerability assessment, site security plan, and emergency response plan, with the appropriate modifications.</DELETED> <DELETED> (2) Notice and request.--If the Secretary determines that additional modification of a vulnerability assessment, site security plan, or emergency response plan is required, the Secretary shall--</DELETED> <DELETED> (A) provide a written notice to the chemical source owner or operator, requiring modifications addressing any matters specified in the notice; and</DELETED> <DELETED> (B) provide the owner or operator of the chemical source not less than 60 days after the date of the notice under subparagraph (A) to submit proposed modifications.</DELETED> <DELETED> (3) Temporary security measures.--During the period before the Secretary approves a modified vulnerability assessment, site security plan, or emergency response plan or issues a waiver, an owner or operator of a chemical source shall ensure temporary security measures are implemented.</DELETED> <DELETED> (e) MTSA-REGULATED Facilities.--</DELETED> <DELETED> (1) In general.--Except as provided in paragraph (4), a chemical source that is also a MTSA-regulated facility shall comply with this Act.</DELETED> <DELETED> (2) Compliance.--</DELETED> <DELETED> (A) In general.--A chemical source that is also a MTSA-regulated facility shall review its facility security assessment, facility security plan, and emergency response plan and make any modifications necessary to comply with the security performance standards established for the tier applicable to the chemical source under section 3(f) and the requirements of subsection (a)(1).</DELETED> <DELETED> (B) Submission.--Not later than 180 days after the date on which the Secretary promulgates regulations under subsection (a)(1), the owner or operator of a chemical source that is also a MTSA- regulated facility shall--</DELETED> <DELETED> (i) submit the facility security assessment, facility security plan, and emergency response plan, with any appropriate modifications under subparagraph (A), for the chemical source to the Federal Maritime Security Coordinator for the area in which the chemical source is located and the Secretary for approval; and</DELETED> <DELETED> (ii) certify in writing to the Federal Maritime Security Coordinator for the area in which the facility is located and the Secretary that--</DELETED> <DELETED> (I) the facility security assessment and facility security plan for the facility are in compliance with the security performance standards for the tier applicable to the chemical source under section 3(f) and the requirements under subsection (a)(1); and</DELETED> <DELETED> (II) the owner or operator has submitted an approved or certified emergency response plan required under chapter 701 of title 46, United States Code, to the Federal Maritime Security Coordinator for the area in which the facility is located.</DELETED> <DELETED> (3) Review by the secretary.--In accordance with the procedures under subsection (c), the Secretary, in consultation with the Federal Maritime Security Coordinator for the area in which a chemical source that is also a MTSA- regulated facility is located, shall determine whether a facility security assessment and facility security plan submitted under paragraph (2)(B) meets the security performance standards established by the Secretary under section 3(f) and the requirements under subsection (a)(1).</DELETED> <DELETED> (4) Exemption.--A chemical source that is a MTSA- regulated facility is exempt from section 6(d) of this Act.</DELETED> <DELETED> (5) Integration and coordination.--</DELETED> <DELETED> (A) In general.--The Secretary shall implement this Act and chapter 701 of title 46, United States Code, in as consistent and integrated manner as possible.</DELETED> <DELETED> (B) Coast guard.--The Secretary shall ensure coordination between the Under Secretary for Preparedness and the Coast Guard Commandant in carrying out this Act.</DELETED> <DELETED> (f) Alternative Security Programs.--</DELETED> <DELETED> (1) In general.--The Secretary may consider a petition submitted by any person that describes--</DELETED> <DELETED> (A) alternate procedures, protocols, and standards established by an industry entity, Federal, State, or local government authorities, or other applicable laws; and</DELETED> <DELETED> (B) the scope of chemical sources to which such program would apply.</DELETED> <DELETED> (2) Review.--The Secretary may review the requirements of any alternative security program submitted under paragraph (1) to determine whether a vulnerability assessment, security plan, or emergency response plan prepared under that program meets each required element under subsection (a)(1) for a vulnerability assessment, security plan, and emergency response plan submitted under subsection (b)(2).</DELETED> <DELETED> (3) Determination.--</DELETED> <DELETED> (A) In general.--If the Secretary determines that a vulnerability assessment, security plan, or emergency response plan prepared under that alternative security program meets each required element under subsection (a)(1) for a vulnerability assessment, security plan, and emergency response plan submitted under subsection (b)(2), the Secretary shall notify the petitioner that any chemical source covered by that program may submit an assessment or plan prepared under that program without further revision.</DELETED> <DELETED> (B) Other determinations.--If the Secretary determines that a vulnerability assessment, security plan, or emergency response plan prepared under that alternative security program does not meet each required element under subsection (a)(1) for a vulnerability assessment, security plan, and emergency response plan submitted under subsection (b)(2)-- </DELETED> <DELETED> (i) the Secretary may specify what modifications would be necessary to meet the required elements for a vulnerability assessment, security plan, or emergency response plan submitted under subsection (b)(2); and</DELETED> <DELETED> (ii) a chemical source covered by that program may submit the assessment or plans with the specified modifications.</DELETED> <DELETED> (C) Form.--Any action taken by the Secretary under this paragraph shall be made by rule, regulation, or order.</DELETED> <DELETED> (4) Review.--Nothing in this subsection shall relieve the Secretary of the obligation--</DELETED> <DELETED> (A) to review the vulnerability assessment, security plan, and emergency response plan submitted by each chemical source under this section according to the performance standards established by section 3(f) and the requirements under subsection (a)(1); or</DELETED> <DELETED> (B) to approve or disapprove each submission on an individual basis.</DELETED> <DELETED> (g) Periodic Review.--</DELETED> <DELETED> (1) In general.--On the timeline established by the Secretary under paragraph (2), the owner or operator of a chemical source shall--</DELETED> <DELETED> (A) review the adequacy of the vulnerability assessment, site security plan, and emergency response plan for the chemical source;</DELETED> <DELETED> (B) certify to the Secretary that the chemical source has completed the review and implemented any necessary modifications to the vulnerability assessment, site security plan, or emergency response plan; and</DELETED> <DELETED> (C) provide to the Secretary a description of any changes to the vulnerability assessment, site security plan, or emergency response plan.</DELETED> <DELETED> (2) Timing.--The Secretary shall establish a timeline for review appropriate to the tier level of the chemical source that requires a review--</DELETED> <DELETED> (A) for a higher risk tier, not later than 1 year after the date of approval of a vulnerability assessment, site security plan, and emergency response plan under subsection (b)(1) and not less often than every 3 years thereafter; and</DELETED> <DELETED> (B) for all other tiers, not later than 5 years after the date of approval of a vulnerability assessment, site security plan, and emergency response plan under subsection (b)(1) and not less often than every 5 years thereafter.</DELETED> <DELETED>SEC. 5. RECORDKEEPING; SITE INSPECTIONS; PRODUCTION OF INFORMATION.</DELETED> <DELETED> (a) Recordkeeping.--The owner or operator of a chemical source shall retain a copy of the vulnerability assessment, site security plan, and emergency response plan for the chemical source for not less than 5 years after the date on which such assessment or plan was approved by the Secretary under section 4(c).</DELETED> <DELETED> (b) Right of Entry.--</DELETED> <DELETED> (1) In general.--In carrying out this Act, the Secretary or the designee of the Secretary, on presentation of credentials, shall have a right of entry to, on, or through-- </DELETED> <DELETED> (A) the premises of a chemical source; and</DELETED> <DELETED> (B) any premises on which any record required to be maintained under subsection (a) is located.</DELETED> <DELETED> (2) Audits and inspections.--</DELETED> <DELETED> (A) In general.--The Secretary shall, at such times and places as the Secretary determines to be appropriate, conduct, or require the conduct of, facility security audits and inspections, the requirements of which may be established by rule, regulation, or order.</DELETED> <DELETED> (B) Scope.--Audits and inspections under subparagraph (A) shall ensure and evaluate compliance with this Act.</DELETED> <DELETED> (c) Requests for Records.--In carrying out this Act, the Secretary may require the submission of, or, on presentation of credentials, may at reasonable times seek access to and copy-- </DELETED> <DELETED> (1) any records, reports, or other information described in subsection (a); and</DELETED> <DELETED> (2) any other documentation necessary for the-- </DELETED> <DELETED> (A) review or analysis of a vulnerability assessment or security plan; or</DELETED> <DELETED> (B) implementation of a security plan.</DELETED> <DELETED> (d) Compliance.--If the Secretary determines that an owner or operator of a chemical source is not maintaining, producing, or permitting access to records or to the premises of the chemical source as required by this section, the Secretary may issue an order requiring compliance with the relevant provisions of this section.</DELETED> <DELETED>SEC. 6. INFRASTRUCTURE PROTECTION AND IMPLEMENTATION.</DELETED> <DELETED> (a) Coordination.--</DELETED> <DELETED> (1) In general.--The Secretary shall ensure effective chemical security planning and response by providing the necessary infrastructure, leadership, technical assistance, guidance, and accountability for security planning and response in areas surrounding chemical sources.</DELETED> <DELETED> (2) With other law.--The Secretary shall model the regulations promulgated, organizations established, and actions taken under this section on the requirements of sections 70102, 70103, 70104, and 70112 of title 46, United States Code.</DELETED> <DELETED> (3) With committees.--The Secretary, and those in positions assigned under this section, shall coordinate with other Federal area security and response committees in order to provide a unified and effective Federal effort for security and response organizational infrastructure for the Nation. Nothing in this section shall supersede any other Federal area security or response committee and the entities established under this section shall be organized to complement such other committees.</DELETED> <DELETED> (b) Compliance Office.--</DELETED> <DELETED> (1) Establishment.--Not later than 3 months after the date of enactment of this Act, the Secretary shall establish an office under the Assistant Secretary for Infrastructure Protection that shall be responsible for implementing and enforcing this Act.</DELETED> <DELETED> (2) Activities.--The Secretary, acting through the Assistant Secretary for Infrastructure Protection, shall-- </DELETED> <DELETED> (A) provide leadership, guidance, planning, technical assistance, resources, and conduct oversight activities to establish an effective chemical security planning and response infrastructure for the Nation;</DELETED> <DELETED> (B) provide leadership, personnel, training, equipment, other resources as necessary, and technical assistance to--</DELETED> <DELETED> (i) Federal, State and local government agencies;</DELETED> <DELETED> (ii) Infrastructure Protection Regional Security Offices; and</DELETED> <DELETED> (iii) Area Security Committees, as requested by the Federal Area Security Coordinator;</DELETED> <DELETED> (C) coordinate with law enforcement agencies, first responders, and chemical sources regarding the response to a potential or actual terrorist incident at a chemical source;</DELETED> <DELETED> (D) review and approve each Area Security Plan submitted under subsection (d); and</DELETED> <DELETED> (E) coordinate with the Office of State and Local Government Coordination and Preparedness of the Department, to ensure some homeland security grants administered by the Department support the plans required under this section.</DELETED> <DELETED> (c) Infrastructure Protection Regional Security Offices.-- </DELETED> <DELETED> (1) In general.--Not later than 6 months after the date of enactment of this Act, the Secretary shall establish in each Federal Emergency Management Agency Region an Infrastructure Protection Regional Security Office, for purposes of carrying out this Act and coordinating regional security, as described in this section.</DELETED> <DELETED> (2) Membership and duties.--Each Infrastructure Protection Regional Security Office shall--</DELETED> <DELETED> (A) consist of--</DELETED> <DELETED> (i) the personnel of the Infrastructure Protection Office of the Department within the region; and</DELETED> <DELETED> (ii) a regional security advisory staff, to be appointed by the Secretary;</DELETED> <DELETED> (B) review and approve each Area Security Plan for the region to ensure coordination between regions and States;</DELETED> <DELETED> (C) oversee implementation of this Act to ensure consistent implementation within the region, in conjunction with the strategic mission and policies of, and guidance from, the Department; and</DELETED> <DELETED> (D) perform other functions as assigned by the Secretary necessary to implement the requirements of this Act or help protect other critical infrastructure.</DELETED> <DELETED> (d) Area Security Committees and Plans.--</DELETED> <DELETED> (1) Designation of areas and federal area security coordinators.--</DELETED> <DELETED> (A) Deadline.--Not later than 6 months after the date of enactment of this Act, the Secretary shall designate geographic areas for the Area Committees established under paragraph (2).</DELETED> <DELETED> (B) Requirements.--In designating areas under subparagraph (A), the Secretary shall ensure that--</DELETED> <DELETED> (i) except as provided in subparagraph (C), all parts of the United States are included in an area; and</DELETED> <DELETED> (ii) no area is larger than a single State, although an area may incorporate portions of more than 1 State, based on the organization and number of chemical sources in a geographic area.</DELETED> <DELETED> (C) Exclusion.--Any area designated under section 70103(a)(2)(G) of title 46, United States Code, shall not be included in any area designated under this Act.</DELETED> <DELETED> (2) Establishment and designation.--</DELETED> <DELETED> (A) Committees.--There is established for each area designated by the Secretary under paragraph (1) an Area Security Committee, comprised of members appointed by the Secretary, in consultation with State and local government officials, from qualified and effected security and response personnel of Federal, State, and local government agencies, chemical sources, local emergency planning and response entities, other critical infrastructure sectors, and other appropriate organizations.</DELETED> <DELETED> (B) Coordinator.--For each area designated by the Secretary under paragraph (1), the Secretary shall designate a Federal Area Security Coordinator with knowledge of and experience in the activities required under this subsection.</DELETED> <DELETED> (3) Duties.--</DELETED> <DELETED> (A) Committees.--Each Area Security Committee, under the direction of the Federal Area Security Coordinator for the area assigned to such Area Security Committee, shall--</DELETED> <DELETED> (i) meet not less frequently than twice per year;</DELETED> <DELETED> (ii) prepare the Area Security Plan described in paragraph (4) for that area and submit the Area Security Plan to the Secretary for approval; and</DELETED> <DELETED> (iii) coordinate with Federal, State, and local government officials and chemical sources to enhance the security and response planning of those officials and to assure effective preplanning of joint security and response efforts, including exercises, drills, evacuations, sheltering, and rescue.</DELETED> <DELETED> (B) Coordinator.--Each Federal Area Security Coordinator shall, for the area assigned to such official--</DELETED> <DELETED> (i) conduct audits and inspections of chemical sources under this Act;</DELETED> <DELETED> (ii) provide appropriate guidance and support to chemical sources; and</DELETED> <DELETED> (iii) perform such other duties as are required by the Area Security Committee or the Secretary.</DELETED> <DELETED> (4) Area security plans.--</DELETED> <DELETED> (A) In general.--Not later than 2 years after the date of enactment of this Act, each Area Security Committee shall prepare and submit to the Secretary for approval an Area Security Plan for the area assigned to such Area Security Committee.</DELETED> <DELETED> (B) Plan requirements.--The Area Security Plan shall--</DELETED> <DELETED> (i) coordinate the resources of the area assigned to the Area Security Committee to deter a potential or actual terrorist incident at a chemical source in that area, or to respond to a terrorist incident at a chemical source in that area;</DELETED> <DELETED> (ii) coordinate with the National Infrastructure Protection Plan, the National Response Plan, the site security plan of any chemical source located in the area assigned to the Area Security Committee, other appropriate national security and response plans, and the Area Security Plans for contiguous areas;</DELETED> <DELETED> (iii) reflect security and response post-incident investigative reports, as determined by the Secretary;</DELETED> <DELETED> (iv) describe in detail the responsibilities of an owner or operator of a chemical source (based upon the approved site security plan for the chemical source) and of Federal, State, and local government agencies in responding to potential or actual terrorist incident at a chemical source operating in the area assigned to the Area Security Committee;</DELETED> <DELETED> (v) describe the area covered by the plan, list the assets and resources available to respond to a terrorist incident, and include any other information the Secretary requires;</DELETED> <DELETED> (vi) be updated periodically by the Area Security Committee; and</DELETED> <DELETED> (vii) provide for coordination with the appropriate Federal, State and local government agencies or members of local entities that plan for emergency releases from chemical sources regarding how local populations that may be affected by a release are provided with information, including evacuation planning, sheltering in place, and areas of refuge.</DELETED> <DELETED> (5) Review.--Not later than 24 months after the date of enactment of this Act, the Secretary shall--</DELETED> <DELETED> (A) review each Area Security Plan developed under paragraph (4);</DELETED> <DELETED> (B) require amendments to any plan that does not meet the requirements of this section; and</DELETED> <DELETED> (C) approve each plan that meets the requirements of this section.</DELETED> <DELETED> (e) Area Exercises and Drills.--</DELETED> <DELETED> (1) In general.--The Secretary shall periodically conduct drills and exercises, some without prior notice, including full functional and communications exercises of security and response capability in each area for which an Area Security Plan is required under this section and under the site security plan and emergency response plans of relevant chemical sources.</DELETED> <DELETED> (2) Scope of participation.--The drills and exercises conducted under paragraph (1) may include participation by--</DELETED> <DELETED> (A) Federal, State, and local government agencies, including law enforcement and first responders;</DELETED> <DELETED> (B) the owner and operator of any chemical source in the area;</DELETED> <DELETED> (C) members of local entities that plan for emergency releases;</DELETED> <DELETED> (D) representatives of other critical infrastructure; and</DELETED> <DELETED> (E) other participants as determined appropriate by the Secretary or the designee of the Secretary.</DELETED> <DELETED> (3) Reports.--The Secretary shall publish annual reports on drills under this subsection, including assessments of the effectiveness of the plans described in paragraph (1), lessons learned, and a list of any amendments made to improve any plan described in paragraph (1). The annual reports shall not include protected information.</DELETED> <DELETED>SEC. 7. HEIGHTENED SECURITY MEASURES.</DELETED> <DELETED> (a) In General.--If the Secretary determines that additional security measures are necessary to respond to a threat assessment or to a specific threat against the chemical sector, the Secretary may issue an order to the owner or operator of a chemical source setting forth mandatory security measures. Only the Secretary or the designee of the Secretary may issue an order under this section.</DELETED> <DELETED> (b) Period of Order.--</DELETED> <DELETED> (1) In general.--Any order issued by the Secretary under subsection (a) shall be effective upon issuance and shall remain in effect for a period of not more than 90 days, unless the Secretary files an action in an appropriate United States district court before the expiration of that 90-day period.</DELETED> <DELETED> (2) Effect of filing.--If the Secretary files an action described in paragraph (1), an order issued by the Secretary under subsection (a) shall remain in effect for 14 days in addition to the 90-day period under paragraph (1), or for such shorter or longer period as may be authorized by the court in which such action is filed.</DELETED> <DELETED>SEC. 8. PENALTIES.</DELETED> <DELETED> (a) Administrative Penalties.--</DELETED> <DELETED> (1) Penalties.--The Secretary may impose an administrative penalty of not more than $25,000 per day, and not more than a maximum of $1,000,000 per year, for failure to comply with an order or directive issued by the Secretary under this Act.</DELETED> <DELETED> (2) Notice and hearing.--Before imposing a penalty under paragraph (1), the Secretary shall provide to the person against which the penalty is to be assessed--</DELETED> <DELETED> (A) a written notice of the proposed penalty; and</DELETED> <DELETED> (B) not later than 30 days after the date on which the person receives the notice, the opportunity to request a hearing on the proposed penalty.</DELETED> <DELETED> (3) Procedures.--The Secretary shall promulgate regulations establishing procedures for administrative hearings and appropriate review, including necessary deadlines.</DELETED> <DELETED> (b) Civil Penalties.--</DELETED> <DELETED> (1) In general.--The Secretary may bring an action in a United States district court against any owner or operator of a chemical source that violates or fails to comply with any order or directive issued by the Secretary under this Act or a site security plan approved by the Secretary under this Act.</DELETED> <DELETED> (2) Relief.--In any action under paragraph (1), a court may issue an order for injunctive relief and may award a civil penalty of not more than $50,000 for each day on which a violation occurs or a failure to comply continues.</DELETED> <DELETED> (c) Criminal Penalties.--An owner or operator of a chemical source who knowingly violates any order issued by the Secretary under this Act or knowingly fails to comply with a site security plan approved by the Secretary under this Act shall be fined not more than $50,000 for each day of such violation, imprisoned not more than 2 years, or both.</DELETED> <DELETED>SEC. 9. PROTECTION OF INFORMATION.</DELETED> <DELETED> (a) Disclosure Exemptions.--</DELETED> <DELETED> (1) Records of the department.--</DELETED> <DELETED> (A) In general.--Except as provided in subsection (b), the Department shall not be required under section 552 of title 5, United States Code, to make available to the public a record described in subparagraph (B).</DELETED> <DELETED> (B) Records not disclosed.--A record described in this subparagraph is--</DELETED> <DELETED> (i) a vulnerability assessment, site security plan, or a security addendum to an emergency response plan obtained by the Department under section 4;</DELETED> <DELETED> (ii) an area security plan required under section 6(d)(4);</DELETED> <DELETED> (iii) materials developed or produced by a chemical source exclusively in preparation of documents referred to in clause (i) and obtained by the Department under section 4; or</DELETED> <DELETED> (iv) any record developed exclusively for the purposes of this Act by the Department, or produced exclusively for the purposes of this Act by a chemical source and obtained by the Department under section 4, to the extent that the record contains information that--</DELETED> <DELETED> (I) describes a specific chemical source or the specific vulnerabilities of a chemical source;</DELETED> <DELETED> (II) was taken from a record described in clause (i) or (ii) or from a copy of such record in possession of the chemical source; and</DELETED> <DELETED> (III) would, if disclosed, be detrimental to the security of a chemical source.</DELETED> <DELETED> (2) Records of other agencies.--</DELETED> <DELETED> (A) In general.--A Federal agency other than the Department shall not be required under section 552 of title 5, United States Code, to make available to the public a record described in subparagraph (C).</DELETED> <DELETED> (B) Referral of requests.--If a Federal agency other than the Department receives a request under section 552 of title 5, United States Code, for a record described in clause (i) or clause (ii)(I) of subparagraph (C), the agency, without consideration by the agency of whether subparagraph (C)(ii)(II) is satisfied--</DELETED> <DELETED> (i) shall not disclose the record; and</DELETED> <DELETED> (ii) shall refer the request to the Department for processing and response.</DELETED> <DELETED> (C) Records not disclosed.--A record described in this subparagraph is any record-- </DELETED> <DELETED> (i) described in paragraph (1)(B) that was shared by the Department with the agency under this section; and</DELETED> <DELETED> (ii) produced exclusively for the purposes of this Act by the agency, to the extent that the record contains information that--</DELETED> <DELETED> (I) describes a specific chemical source or the specific vulnerabilities of a chemical source;</DELETED> <DELETED> (II) was taken from a record described in clause (i); and</DELETED> <DELETED> (III) would, if disclosed, be detrimental to the security of a chemical source.</DELETED> <DELETED> (3) Records of state or local government agencies.--</DELETED> <DELETED> (A) In general.--A State or local government agency shall not be required under any State or local law providing for public access to information to make available to the public a record described in subparagraph (B).</DELETED> <DELETED> (B) Records not disclosed.--A record described in this subparagraph is any record-- </DELETED> <DELETED> (i) described in paragraph (1)(B) that was shared by the Department with the State or local government agency under section 6; and</DELETED> <DELETED> (ii) produced exclusively for the purposes of this Act by the State or local government agency, to the extent that the record contains information that--</DELETED> <DELETED> (I) describes a specific chemical source or the specific vulnerabilities of a chemical source; and</DELETED> <DELETED> (II) was taken from a record described in clause (i) or (ii) or from a copy of such document in possession of the chemical source.</DELETED> <DELETED> (b) Public Information.--</DELETED> <DELETED> (1) In general.--</DELETED> <DELETED> (A) Information disclosed.--Except as provided in subparagraph (B), the following records shall be made available to the public under section 552 of title 5, United States Code:</DELETED> <DELETED> (i) Certifications.--A certification under section 4(b)(1).</DELETED> <DELETED> (ii) Order for failure to comply.--An order under section 4(b)(3).</DELETED> <DELETED> (iii) Compliance certificates.--A certificate of compliance under paragraph (2).</DELETED> <DELETED> (iv) Other orders.--The identity of any chemical source and the owner or operator of the chemical source for which any other order or any approval or disapproval is issued under this Act, together with information identifying the applicable order, approval, or disapproval.</DELETED> <DELETED> (B) Exception.--</DELETED> <DELETED> (i) In general.--If the Secretary makes a specific finding and determination with respect to a particular chemical source that releasing any record described in subparagraph (A) regarding that chemical source would increase the risk to the security of any chemical source, the Secretary may establish a period, not to exceed 6 months, during which the record shall not be made available to the public under section 552 of title 5, United States Code.</DELETED> <DELETED> (ii) Extension.--Not more than 60 days before to the expiration of a period established under clause (i) (or an extension of such period under this clause), the Secretary may extend the period for an additional period not to exceed 6 months if the Secretary makes a specific finding and determination with respect to a particular chemical source that releasing any record described in subparagraph (A) regarding that chemical source would increase the risk to the security of any chemical source.</DELETED> <DELETED> (iii) Notice to gao.--If the Secretary determines not to allow a record to be made available to the public under clause (i) or extends the period of nondisclosure under clause (ii), the Secretary shall submit to the Comptroller General of the United States, for inclusion and evaluation in the reports under section 12, a detailed statement--</DELETED> <DELETED> (I) identifying the chemical source;</DELETED> <DELETED> (II) describing the record;</DELETED> <DELETED> (III) explaining the basis for the Secretary's determination; and</DELETED> <DELETED> (IV) describing any security measures being implemented by the chemical source.</DELETED> <DELETED> (2) Certification of compliance.--When the Secretary determines that a chemical source is in compliance with the requirements of this Act, the Secretary shall issue and make available for public inspection a certificate of approval that contains the following statement: ``</DELETED>____ <DELETED>(chemical source name) </DELETED>____ <DELETED>is in compliance with the Chemical Facility Anti- Terrorism Act of 2005.''.</DELETED> <DELETED> (3) Report to congress.--Not less frequently than once each year, the Secretary shall submit to Congress a public report on the performance of chemical sources under the Act, in the aggregate, including a description of common problems, solutions, and industry best practices.</DELETED> <DELETED> (c) Development of Protocols.--</DELETED> <DELETED> (1) In general.--The Secretary, in consultation with the Director of the Office of Management and Budget and appropriate Federal law enforcement and intelligence officials and in a manner consistent with existing protections for sensitive or classified information, shall, by regulation, establish confidentiality protocols for maintenance and use of records described in paragraphs (1)(B), (2)(C), and (3)(B) of subsection (a).</DELETED> <DELETED> (2) Requirements for protocols.--The protocols established under paragraph (1) shall ensure, to the maximum extent practicable, that--</DELETED> <DELETED> (A) the records shall be maintained in a secure location; and</DELETED> <DELETED> (B) access to records shall be limited-- </DELETED> <DELETED> (i) as may be necessary to-- </DELETED> <DELETED> (I) enable enforcement of this Act; or</DELETED> <DELETED> (II) address an imminent and substantial threat to security, health, safety, or the environment;</DELETED> <DELETED> (ii) to State or local law enforcement officials, first responders, or other State or local government officials granted access to records for the purpose of carrying out this Act; and</DELETED> <DELETED> (iii) to other persons granted access for the purpose of carrying out this Act.</DELETED> <DELETED> (3) Other procedures in protocols.--The protocols established under paragraph (1) shall also--</DELETED> <DELETED> (A) provide for the labeling of any record described in paragraph (1)(B), (2)(C), or (3)(B) of subsection (a), to enable the sensitive information in such record to be traced back to the specific document from which the information was derived;</DELETED> <DELETED> (B) accommodate the making of disclosures under sections 2302(b)(8) and 7211 of title 5, United States Code, and provide guidance to employees as to how to make such disclosures without compromising security;</DELETED> <DELETED> (C) include procedures applicable to a request under section 552 of title 5, United States Code, requiring that any portion of a record that reasonably may be separated shall be provided to a person requesting the record after redaction of any portion that is exempt from disclosure;</DELETED> <DELETED> (D) establish procedures by which a record described in paragraph (1)(B), (2)(C), or (3)(B) of subsection (a) may become subject to the requirements regarding public disclosure under section 552 of title 5, United States Code, when, because of changed circumstances or the passage of time, disclosure of the record would not be detrimental to the security of a chemical source.</DELETED> <DELETED> (d) Process for Reporting Problems.--</DELETED> <DELETED> (1) Establishment of a reporting process.--The Secretary shall establish, and provide information to the public regarding, a process by which any person may submit a report to the Secretary regarding problems, deficiencies, or vulnerabilities at a chemical source.</DELETED> <DELETED> (2) Confidentiality.--The Secretary shall keep confidential the identity of a person who submits a report under paragraph (1) and any such report shall be treated as a record described in subsection (a)(1)(B), to the extent that it does not consist of publicly available information.</DELETED> <DELETED> (3) Acknowledgment of receipt.--If a report submitted under paragraph (1) identifies the person making the report, the Secretary shall respond promptly to such person and acknowledge receipt of the report.</DELETED> <DELETED> (4) Steps to address problems.--The Secretary shall review and consider the information provided in any report submitted under paragraph (1) and shall take whatever steps the Secretary determines appropriate to address any problems, deficiencies, or vulnerabilities identified.</DELETED> <DELETED> (5) Retaliation prohibited.--No employer may discharge any employee or otherwise discriminate against any employee with respect to the compensation to, or terms, conditions, or privileges of the employment of, such employee because the employee (or a person acting pursuant to a request of the employee) made a report under paragraph (1).</DELETED> <DELETED> (6) GAO reporting.--The Comptroller General of the United States shall, in the reports under section 12-- </DELETED> <DELETED> (A) describe the number and type of problems, deficiencies, and vulnerabilities reported on under this subsection; and</DELETED> <DELETED> (B) evaluate the Secretary's efforts in addressing such problems, deficiencies, and vulnerabilities.</DELETED> <DELETED> (e) Protected Disclosures.--Nothing in this Act shall be construed to limit--</DELETED> <DELETED> (1) the right of an individual to make any disclosure--</DELETED> <DELETED> (A) protected or authorized under section 2302(b)(8) or 7211 of title 5, United States Code; or</DELETED> <DELETED> (B) to the Special Counsel, the inspector general of an agency, or any other employee designated by the head of an agency to receive similar disclosures; or</DELETED> <DELETED> (2) the applicability or enforcement of sections 818 and 820 of the Transportation, Treasury, Housing and Urban Development, the Judiciary, and Independent Agencies Appropriations Act, 2006 (Public Law 109-115).</DELETED> <DELETED> (f) Materials Not Held by Agencies.--Nothing in this Act shall be construed to limit the rights or obligations of any chemical source, any entity that is not a Federal, State, or local government agency in possession of a record described in paragraphs (1)(B), (2)(C), and (3)(B) of subsection (a), or any individual, with respect to the withholding or disclosure of any information or record held by the chemical source, entity, or individual, regardless of whether or not the Department has received or possesses similar or identical information or a similar or identical record.</DELETED> <DELETED> (g) Disclosure of Independently Furnished Information.-- </DELETED> <DELETED> (1) In general.--Nothing in this Act shall be construed to affect the handling, treatment, or disclosure of a record or information obtained from a chemical source under any other law.</DELETED> <DELETED> (2) Other authority.--Nothing in this Act shall be construed to affect any authority or obligation of an agency to disclose any record that the agency receives independently of a record that is exempt under this section from the public disclosure requirements under section 552 of title 5, United States Code, regardless of whether or not the Department has an identical or similar record that is so exempt.</DELETED> <DELETED> (h) Other Obligations Unaffected.--</DELETED> <DELETED> (1) In general.--Nothing in this section affects any obligation of the owner or operator of a chemical source to submit or make available information to a Federal, State, or local government agency under, or otherwise to comply with, any other law.</DELETED> <DELETED> (2) No use of information to gain governmental benefit.--The owner or operator of a chemical source may not use any record described in paragraph (1)(B), (2)(C), or (3)(B) of subsection (a) to satisfy any legal requirement or obligation other than a requirement under this Act or to obtain any grant, permit, contract, benefit (including agency forbearance, loans, or deduction or modifications of agency penalties or rulings) or other governmental approval.</DELETED> <DELETED> (i) Availability of Information to Congress.--Nothing in this Act shall be construed to authorize information to be withheld from Congress.</DELETED> <DELETED> (j) Penalties for Unauthorized Disclosure.--Any officer or employee of a Federal, State, or local government agency who, in a manner or to an extent not authorized by law, knowingly discloses any record described in paragraph (1)(B), (2)(C), or (3)(B) of subsection (a) shall--</DELETED> <DELETED> (1) be imprisoned not more than 1 year, fined under chapter 227 of title 18, United States Code, or both; and</DELETED> <DELETED> (2) if an officer or employee of the Government, be removed from Federal office or employment.</DELETED> <DELETED>SEC. 10. STATE AND OTHER LAWS.</DELETED> <DELETED> (1) In general.--Nothing in this Act shall preclude or deny any right of any State or political subdivision thereof to adopt or enforce any regulation, requirement, or standard of performance respecting chemical facility security that is more stringent than a regulation, requirement, or standard of performance in effect under this Act, or shall otherwise impair any right or jurisdiction of the States with respect to chemical facilities within such States unless there is an actual conflict between a provision of this Act and the law of the State.</DELETED> <DELETED> (2) Other requirements.--Nothing in this Act shall preclude or deny the right of any State or political subdivision thereof to adopt or enforce any regulation, requirement, or standard of performance, including air or water pollution requirements, that are directed at problems other than reducing damage from terrorist attacks.</DELETED> <DELETED>SEC. 11. CHEMICAL SECURITY REPORTING.</DELETED> <DELETED> Not later than 6 months after the date of enactment of this Act, the Secretary shall submit to the Committee on Homeland Security and Governmental Affairs of the Senate and the Committee on Homeland Security and the Committee on Energy and Commerce of the House of Representatives an update of the national strategy for the chemical sector required to be submitted by the Secretary to the Committee on Appropriations of the Senate and the Committee on Appropriations of the House of Representatives by February 10, 2006.</DELETED> <DELETED>SEC. 12. REVIEW BY THE GOVERNMENT ACCOUNTABILITY OFFICE.</DELETED> <DELETED> (a) Accessibility.--The Secretary shall provide access to the Government Accountability Office of any document or information required to be submitted to, generated by, or otherwise in the possession of the Department under this Act.</DELETED> <DELETED> (b) Review and Reports.--</DELETED> <DELETED> (1) In general.--Not later than January 1 of the first year following the calendar year in which the regulations are promulgated under section 4(a)(1), and on January 1 of each year thereafter, the Government Accountability Office shall submit a report described under paragraph (2) to--</DELETED> <DELETED> (A) the Committee on Homeland Security and Governmental Affairs of the Senate; and</DELETED> <DELETED> (B) the Committee on Homeland Security of the House of Representatives and the Committee on Energy and Commerce of the House of Representatives.</DELETED> <DELETED> (2) Contents.--Each report submitted under paragraph (1) shall include--</DELETED> <DELETED> (A) a review of site security plans, vulnerability assessments, and emergency response plans under this Act; and</DELETED> <DELETED> (B) a determination of whether such plans and assessments are in compliance with this Act.</DELETED> <DELETED>SEC. 13. AUTHORIZATION OF APPROPRIATIONS.</DELETED> <DELETED> There are authorized to be appropriated such sums as are necessary to carry out this Act.</DELETED> SECTION 1. SHORT TITLE. This Act may be cited as the ``Chemical Facility Anti-Terrorism Act of 2006''. SEC. 2. DEFINITIONS. In this Act: (1) Chemical source.--The term ``chemical source'' means a facility designated as a chemical source by the Secretary under section 3. (2) Critical infrastructure.--The term ``critical infrastructure'' has the meaning given the term in section 2 of the Homeland Security Act of 2002 (6 U.S.C. 101). (3) Department.--The term ``Department'' means the Department of Homeland Security. (4) Environment.--The term ``environment'' has the meaning given the term in section 101 of the Comprehensive Environmental Response, Compensation, and Liability Act of 1980 (42 U.S.C. 9601). (5) Higher risk tier.--The term ``higher risk tier'' means a tier designated by the Secretary as a higher risk tier under section 3(e)(3). (6) MTSA-regulated facilities.--The term ``MTSA-regulated facility'' means a facility subject to the security requirements under chapter 701 of title 46, United States Code (commonly known as the ``Maritime Transportation Security Act''). (7) Owner or operator.--The term ``owner or operator'' means any person who owns, leases, operates, controls, or supervises a chemical source. (8) Protected information.--The term ``protected information'' means-- (A) a vulnerability assessment, site security plan, an area security plan required under section 6(d)(4), and a security addendum to the emergency response plan under section 4(a)(7)(C), prepared for the purposes of this Act and obtained by the Department under section 4; (B) materials obtained by the Department and developed or produced by a chemical source exclusively in preparation of records, documents, or information referred to under subparagraph (A) or an emergency response plan; (C) any document or other information obtained by the Secretary or a State or local government from a chemical source in accordance with this Act, to the extent that the document or information contains information that-- (i) describes a specific chemical source or the specific vulnerabilities of a chemical source; (ii) was taken from a record described under subparagraph (A) or (B) or from a copy of such record in the possession of the chemical source; and (iii) would, if disclosed, be detrimental to the security of a chemical source; and (D) any document prepared by, or provided to a Federal agency or State or local government, to the extent that the document contains information that-- (i) describes a specific chemical source or the specific vulnerabilities of a chemical source; (ii) was taken from a record described under subparagraph (A) or (B) or from a copy of such record in the possession of the chemical source; and (iii) would, if disclosed, be detrimental to the security of a chemical source. (9) Release.--The term ``release'' has the meaning given the term in section 101 of the Comprehensive Environmental Response, Compensation, and Liability Act of 1980 (42 U.S.C. 9601). (10) Secretary.--The term ``Secretary'' means the Secretary of Homeland Security. (11) Security measure.-- (A) In general.--The term ``security measure'' means an action to ensure or enhance the security of a chemical source against a terrorist incident. (B) Inclusions.--The term ``security measure'', with respect to a chemical source, includes measures such as-- (i) employee training and background and identification authentication checks; (ii) the limitation and prevention of access to the controls of the chemical source; (iii) the protection of the perimeter of the chemical source; (iv) the installation and operation of intrusion detection sensors; (v) the implementation of measures to increase computer or computer network security; (vi) the implementation of other security- related measures to ensure or enhance the security of a chemical source from a terrorist incident; (vii) the implementation of measures and controls to prevent, protect against, or reduce the consequences of a terrorist incident, including-- (I) contingency and evacuation plans; (II) early warning systems; and (III) the relocation, hardening of the storage or containment, modification, processing, substitution, or reduction of substances of concern; and (viii) the conduct of any similar security- related activity, as determined by the Secretary. (12) Substance of concern.--The term ``substance of concern'' means-- (A) a chemical substance present at a chemical source in quantities equal to or exceeding the threshold quantities for the chemical substance, as defined in or established under paragraphs (3) and (5) of section 112(r) of the Clean Air Act (42 U.S.C. 7412(r)); and (B) any other chemical substance designated as a substance of concern by the Secretary under section 3(i), including ammonium nitrate, in quantities equal to or exceeding the threshold quantities established under section 3(i), based on the potential extent of death, injury, or serious adverse effects to human health and safety or the environment or the potential impact on national or economic security or critical infrastructure caused by a terrorist incident involving the chemical substance. (13) Terrorism.--The term ``terrorism'' has the meaning given the term in section 2 of the Homeland Security Act of 2002 (6 U.S.C. 101). (14) Terrorist incident.--The term ``terrorist incident'' means-- (A) a terrorist attack against a chemical source; (B) a release from a chemical source into the environment of a substance of concern that is caused by an act of terrorism; and (C) the theft or diversion of a substance of concern by a person for off-site release in furtherance of an act of terrorism. SEC. 3. DESIGNATION AND TIERING OF CHEMICAL SOURCES. (a) Designation.--Not later than 1 year after the date of enactment of this Act, the Secretary shall-- (1) promulgate regulations establishing criteria for designating chemical sources by using the risk factors described in subsection (b) and by evaluating the types of facilities described in subsection (c) that shall be considered in designating chemical sources; and (2) designate chemical sources in existence as of that date. (b) Risk Factors To Be Considered.--In establishing criteria under subsection (a)(1) for designating chemical sources, the Secretary shall consider-- (1) the perceived threat to a facility, including a consideration of adversary capabilities and intent, preparedness, target attractiveness, and deterrence capabilities; (2) the potential extent and likelihood of death, injury, or serious adverse effects to human health and safety or to the environment caused by a terrorist incident at a facility; (3) the threats to or potential impact on national security or critical infrastructure caused by a terrorist incident at a facility; (4) the potential threats or harm to the economy that would result from a terrorist incident at a facility, including whether a facility is the sole supplier, or the producer of a high percentage, of a product that is critical to the economy, the chemical industry, or national security; (5) the proximity of a facility to population centers; (6) the nature and quantity of substances of concern at a facility; and (7) such other security-related factors as the Secretary determines to be appropriate and necessary to protect the public health and safety, critical infrastructure, and national and economic security. (c) Criteria for Facilities.--In establishing criteria under subsection (a)(1) for designating chemical sources, the Secretary shall-- (1) consider any facility that is a stationary source (as defined in section 112(r)(2) of the Clean Air Act (42 U.S.C. 7412(r)(2))) for which the owner or operator is required to complete a risk management plan in accordance with section 112(r)(7)(B)(ii) of the Clean Air Act (42 U.S.C. 7412(r)(7)(B)(ii)); (2) consider any other facility that produces, uses, or stores a substance of concern at which a risk factor described in subsection (b) is present; and (3) determine whether any additional facility (including, as of the date of the determination, any facility that is operational and any facility that will become operational in the future) shall be designated chemical sources under this Act. (d) Exclusions.--In designating facilities as chemical sources, the Secretary shall not include any facility owned or operated by the Department of Defense or the Department of Energy, or any facility owned or operated by a licensee or certificate holder of the Nuclear Regulatory Commission. (e) Tiered Security System.-- (1) In general.--Not later than 1 year after the date of enactment of this Act, the Secretary shall promulgate rules establishing a risk-based tier system of chemical sources that-- (A) shall be based on the criteria established by the Secretary under subsection (a)(1); (B) consists of several tiers of chemical sources; (C) to the maximum extent practicable, enables a chemical source to develop appropriate site-specific measures to meet the security performance standards established under subsection (f) for the tier applicable to the chemical source; and (D) provides guidance to the owner or operator of a chemical source regarding the steps that would enable the chemical source to move to a lower risk tier, if the owner or operator seeks to move to a lower risk tier. (2) Determination of tier.--Not later than 1 year after the date of enactment of this Act, the Secretary shall determine the tier applicable to each chemical source designated under subsection (a)(2). (3) Higher risk tiers.--The Secretary shall designate 1 or more tiers established under paragraph (1) as higher risk tiers. (f) Security Performance Standards.-- (1) In general.--Not later than 1 year after the date of enactment of this Act, the Secretary shall establish security performance standards appropriate to the risk-based tiers established under subsection (e). (2) Contents.--The security performance standards established under paragraph (1) shall-- (A) set increasingly strict security requirements as the level of risk for the tier increases; (B) enable a chemical source to select security measures that, in combination, satisfy the security performance standards established by the Secretary; and (C) be based on the criteria in section 4(a)(2). (3) Guidance and consultation.-- (A) In general.--On the date on which the Secretary establishes security performance standards under paragraph (1), and based on the risk factors to be considered under subsection (b), the Secretary shall provide guidance to a chemical source regarding the types of security measures that, if applied, could satisfy the security performance standards. (B) Alternate measures.--The owner or operator of a chemical source shall have flexibility to employ different security measures than those contained in the guidance described in subparagraph (A) if such measures satisfy the security performance standards established for the tier applicable to the chemical source. (C) Higher risk tiers.--At the request of the owner or operator of a chemical source assigned to a higher risk tier under subsection (e)(2), the Secretary shall provide consultation on the types of security measures that, if applied, could satisfy the security performance standards. (g) Notice to Facilities.--Not later than 180 days after the date of enactment of this Act, the Secretary shall notify facilities that may be designated as chemical sources regarding the review of facilities and designation of chemical sources to be conducted under this Act, including the timeline for such review and designation. (h) Subsequent Determinations.-- (1) Periodic review of determinations.--Not later than 3 years after the designation of chemical sources under subsection (a)(2), and every 3 years thereafter, the Secretary shall, after considering the criteria established under subsection (a)(1) and the exclusions under subsection (d), determine whether to designate any additional facility as a chemical source or remove the designation of any particular facility as a chemical source. (2) Other review.--In addition to the periodic review required under paragraph (1), the Secretary may, after considering the criteria established under subsection (a)(1) and the exclusions under subsection (d), designate a facility as a chemical source or remove the designation of any facility as a chemical source. (3) Duty to report.-- (A) Facilities becoming operational.-- (i) In general.--Each facility described in clause (ii) shall file a petition with the Secretary for a determination on whether that facility should be designated as a chemical source not later than 180 days after the later of-- (I) the date of the promulgation of final rules under subsection (a)(1); or (II) the date that facility becomes operational. (ii) Facilities covered.--A facility described in this clause is a facility-- (I) that becomes operational on or after the date of the designation of chemical sources under subsection (a)(2); and (II) at which a threshold quantity of a substance of concern is present. (B) Existing facilities.-- (i) In general.--Each facility described in clause (ii) shall submit a petition to the Secretary for a determination on whether that facility should be designated as a chemical source not later than 180 days after the later of-- (I) the date of the promulgation of final regulations under subsection (a)(1); or (II) the date on which the threshold quantity of a substance of concern is first present at that facility. (ii) Facilities covered.--A facility described in this clause is a facility-- (I) for which the owner or operator is not required to complete a risk management plan under section 112(r)(7)(B)(ii) of the Clean Air Act (42 U.S.C. 7412(r)(7)(B)(ii)); (II) that is operational before the date of the promulgation of the final rules establishing criteria for designating chemical sources under subsection (a)(1); and (III) at which a threshold quantity of a substance of concern is present. (C) Consultation.--The Secretary, in consultation with the Administrator of the Environmental Protection Agency, shall establish a mechanism for the Secretary to receive notice in a timely fashion of a facility required by the Administrator to complete a risk management plan in accordance with section 112(r)(7)(B)(ii) of the Clean Air Act (42 U.S.C. 7412(r)(7)(B)(ii)). (D) Regulations.--The Secretary may promulgate regulations to carry out subparagraphs (A) and (B). (i) Designation, Exemption, and Adjustment of Threshold Quantities of Substances of Concern.-- (1) In general.--The Secretary may, by regulation-- (A) designate a chemical substance, in a particular threshold quantity, as a substance of concern under this Act; (B) exempt a chemical substance from designation as a substance of concern under this Act; and (C) establish or revise the threshold quantity for a chemical substance to be designated a substance of concern. (2) Considerations.--In designating or exempting a chemical substance or establishing or revising the threshold quantity of a chemical substance under paragraph (1), the Secretary shall consider the potential extent of death, injury, or serious adverse effects to human health and safety or the environment and the potential impact on national security, the economy, or critical infrastructure that would result from a terrorist incident involving the chemical substance. (3) Regulations.--The Secretary may make a designation, exemption, or revision under paragraph (1) in the regulations promulgated under subsection (a)(1). SEC. 4. VULNERABILITY ASSESSMENTS, SITE SECURITY PLANS, AND EMERGENCY RESPONSE PLANS. (a) Requirement.-- (1) In general.--Not later than 1 year after the date of enactment of this Act, the Secretary shall promulgate regulations that require the owner or operator of each chemical source-- (A) to conduct a vulnerability assessment, evaluating the vulnerability of the chemical source to a terrorist incident; (B) to prepare and implement a site security plan that addresses the risks identified in the vulnerability assessment; and (C) to prepare and implement an emergency response plan or prepare and implement an addendum to an existing emergency response plan to include response planning for a terrorist incident. (2) Regulatory criteria.--The regulations promulgated under paragraph (1)-- (A) shall be risk-based, performance-based, and flexible; and (B) shall include consideration of-- (i) the criteria established by the Secretary under section 3(a)(1); (ii) cost and technical feasibility; and (iii) scale of operations. (3) Co-located chemical sources.--The regulations promulgated under paragraph (1) shall permit the development and implementation of coordinated vulnerability assessments, site security plans, and emergency response plans in any case in which more than 1 chemical source is operating at a single location or at contiguous locations, including cases in which a chemical source is under the control of more than 1 owner or operator. (4) Sharing of threat information.--To the maximum extent practicable under applicable authority and in the interests of national security, the Secretary shall provide State and local government officials and an owner or operator of a chemical source with threat information that is relevant to the chemical source in particular or to the chemical sector in general. (5) Contents of vulnerability assessment.--A vulnerability assessment shall-- (A) employ or be based on a rigorous methodology developed or endorsed by the Secretary; (B) incorporate any threat information provided under paragraph (4); (C) address the appropriate security performance standards established by Secretary under section 3(f); and (D) include an analysis of-- (i) physical security; (ii) communication systems; (iii) the vulnerability of programmable electronic devices, computers, computer or communications networks or other automated systems which are utilized by the chemical source; (iv) the sufficiency of security measures in place when the vulnerability assessment is prepared relative to the threats and consequences of a terrorist incident, including vulnerabilities at the chemical source arising from the nature and quantities of substances of concern and the use, storage, or handling of substances of concern; and (v) other areas, as determined by the Secretary. (6) Contents of site security plan.--A site security plan shall-- (A) indicate the tier applicable to the chemical source, as determined by the Secretary under section 3(e)(2); (B) include security measures that, in combination, address-- (i) the risks identified in the vulnerability assessment; and (ii) the appropriate security performance standards established by Secretary under section 3(f) for the tier applicable to the chemical source, as determined by the Secretary under section 3(e)(2); (C) include security measures-- (i) sufficient to deter, to the maximum extent practicable, a terrorist incident or a substantial threat of such an incident; (ii) to mitigate the consequences of a terrorist incident; and (iii) to increase the security of programmable electronic devices, computers, computer or communications networks, and other automated systems. (D) describe, at a minimum, particular plans, processes, or procedures that could be used by or at the chemical source in the event of a terrorist incident; (E) identify the roles and responsibilities of employees at the chemical source; (F) identify steps taken by the chemical source to coordinate security measures and plans for response to a terrorist incident with Federal, State, and local government officials, including law enforcement and first responders and specify the security officer who will be the point of contact for the National Incident Management System and Federal, State, and local law enforcement and first responders; (G) describe the training, drills (including periodic unannounced drills), exercises, and security actions of persons at the chemical source, to be carried out under the plan to deter, to the maximum extent practicable, a terrorist incident or a substantial threat of such an incident; and (H) describe security measures that would be implemented under an order issued by the Secretary or the designee of the Secretary under section 7(a). (7) Contents of emergency response plan.-- (A) In general.--An emergency response plan shall-- (i) specifically address the consequences of a terrorist incident identified in the vulnerability assessment prepared under paragraph (5); (ii) be consistent with the site security plan prepared under paragraph (6); and (iii) identify the roles and responsibilities of employees at the chemical source. (B) Relationship to the national contingency plan.-- (i) In general.--Except as provided in clause (ii), an emergency response plan shall be a Federally approved or certified emergency response plan in effect on the date of enactment of this Act that is-- (I) consistent with guidance provided by the National Response Team established under the National Contingency Plan created under section 105 of the Comprehensive Environmental Response, Compensation, and Liability Act of 1980 (42 U.S.C. 9605); and (II) modified to satisfy the requirements of subparagraph (A). (ii) No existing plan.--The owner or operator of a chemical source that does not have a Federally approved or certified emergency response plan in effect on the date of enactment of this Act shall follow the guidance provided by the National Response Team established under the National Contingency Plan created under section 105 of the Comprehensive Environmental Response, Compensation, and Liability Act of 1980 (42 U.S.C. 9605) in developing an emergency response plan to meet the specific considerations of that chemical source. (C) Protection of security information.--If, in order to meet the requirements of this paragraph, the owner or operator of a chemical source is required to include in an emergency response plan information, the release of which would be detrimental to the security of the source, that information shall be separated in a security addendum to the emergency response plan. (8) Guidance and consultation to chemical sources.-- (A) In general.--On the date on which the Secretary promulgates regulations under paragraph (1), the Secretary shall provide guidance to assist owners and operators of chemical sources in complying with this Act, including advice on aspects of compliance with this Act that may be unique to small business concerns. (B) Higher risk tiers.--At the request of the owner or operator of a chemical source assigned to a higher risk tier under section 3(e)(2), the Secretary shall provide consultation on achieving compliance with this Act, including consultation on the guidance provided under subparagraph (A). (b) Certification and Submission.-- (1) In general.--Not later than 6 months after the date of the promulgation of regulations under subsection (a)(1), each owner or operator of a chemical source shall certify in writing to the Secretary that the owner or operator has completed a vulnerability assessment and has developed and implemented, or is implementing, a site security plan and an emergency response plan in accordance with this Act. (2) Submission.--Not later than 6 months after the date of the promulgation of regulations under subsection (a)(1), an owner or operator of a chemical source shall submit to the Secretary copies of the vulnerability assessment, site security plan, and emergency response plan of the chemical source for review. (3) Failure to comply.--If an owner or operator of a chemical source fails to certify or submit a vulnerability assessment, site security plan, or emergency response plan in accordance with paragraph (2), the Secretary may issue an order requiring the certification and submission of a vulnerability assessment, site security plan, or emergency response plan in accordance with this section. (c) Review by the Secretary.-- (1) In general.--The Secretary shall-- (A) review the vulnerability assessment, site security plan, and emergency response plan submitted by the owner or operator of a chemical source under subsection (b)(2) to determine whether the assessment and plans and the implementation of such plans comply with this section; (B) provide written notice to the owner or operator of the chemical source regarding the determination of whether the assessment and plans described in subparagraph (A) comply with this section; and (C) provide written notice to the owner or operator of the chemical source, if the Secretary determines the implementation of a plan described in subparagraph (A) does not comply with this section. (2) Disapproval of site security plans.--Notwithstanding any other provision of this subsection, the Secretary may not disapprove a site security plan submitted under subsection (b)(2) based on the presence or absence of a particular security measure, if the site security plan satisfies the security performance standards established under section 3(f) for the tier applicable to the chemical source. (3) Compliance.-- (A) In general.--If the Secretary disapproves a vulnerability assessment, site security plan, or emergency response plan of a chemical source under paragraph (1), or determines that the implementation of such a plan does not comply with this section, the Secretary-- (i) shall provide the owner or operator of the chemical source a written notification of the determination that includes a clear explanation of deficiencies in the vulnerability assessment, site security plan, emergency response plan, or implementation of the site security plan; (ii) shall consult with the owner or operator of the chemical source to identify appropriate steps to achieve compliance; (iii) if, following consultation under clause (ii), the owner or operator of the chemical source does not achieve compliance by such date as the Secretary determines to be appropriate under the circumstances, shall issue an order requiring the owner or operator to correct specified deficiencies; and (iv) if the owner or operator continues to be in noncompliance, may issue an order for the chemical source to cease operation. (B) Compliance for higher risk tiers.-- (i) Interim notice.--Not later than 9 months after the later of the date of the promulgation of regulations under subsection (a)(1) and the date of the promulgation of regulations under section 3(e), the Secretary shall-- (I) conduct a preliminary review of the vulnerability assessment, site security plan, and emergency response plan submitted under subsection (b)(2) by a chemical source assigned to a higher risk tier under section 3(e)(2); and (II) provide notice and assistance in achieving compliance with this Act to any chemical source assigned to a higher risk tier under section 3(e)(2) for which the Secretary determines the vulnerability assessment, site security plan, or emergency response plan may not be approved under clause (ii). (ii) Determination.--Not later than 1 year after the later of the date of the promulgation of regulations under subsection (a)(1) and the date of the promulgation of regulations under section 3(e), the Secretary shall determine whether to approve, disapprove, or modify the vulnerability assessment, site security plan, and emergency response plan submitted under subsection (b)(2) by a chemical source assigned to a higher risk tier under section 3(e)(2). (iii) Implementation.--The Secretary shall determine whether implementation of the plans described in clause (ii) complies with this section. (iv) Enforcement.--The Secretary may issue an order to a chemical source assigned to a higher risk tier under section 3(e)(2) to cease operation if the Secretary-- (I) disapproves the vulnerability assessment, site security plan, or emergency response plan submitted by such chemical source under subsection (b)(2); or (II) determines that the implementation of a plan described in subclause (I) does not comply with this section. (C) Compliance for other tiers.--Not later than 5 years after the date of the submission of the vulnerability assessment, site security plan, and emergency response plan under subsection (b)(2) by a chemical source that is not assigned to a higher risk tier under section 3(e)(2), the Secretary shall complete the review of the assessment, plans, and implementation of such plans and make a determination regarding compliance with this section. (D) Subsequent review.--The Secretary may conduct subsequent reviews and determinations of compliance under this Act for a chemical source on a schedule as determined to be appropriate by the Secretary, with priority given to chemical sources assigned to a higher risk tier under section 3(e)(2). (d) Submission and Certification of Changes.-- (1) In general.--Not later than 60 days after the date on which a change is made to a chemical source that would have a materially detrimental effect on the security of the chemical source, the owner or operator of the chemical source shall-- (A) notify the Secretary in writing; (B) provide a description of the change at the chemical source; (C) certify to the Secretary that the chemical source has completed the review and implemented any necessary modifications to the vulnerability assessment, site security plan, or emergency response plan; and (D) provide to the Secretary a description of any changes to the vulnerability assessment, site security plan, or emergency response plan. (2) Notice and request.--If the Secretary determines that additional modification of a vulnerability assessment, site security plan, or emergency response plan is required, the Secretary shall-- (A) provide a written notice to the chemical source owner or operator, requiring modifications addressing any matters specified in the notice; and (B) provide the owner or operator of the chemical source not less than 60 days after the date of the notice under subparagraph (A) to submit proposed modifications. (3) Temporary security measures.--During the period before any revised security measures are implemented, an owner or operator of a chemical source shall ensure temporary security measures are implemented to address, to the maximum extent practicable, the vulnerabilities identified by the owner or operator of the chemical source during preparation of the assessment or plans. (e) MTSA-Regulated Facilities.-- (1) In general.--Except as provided in paragraph (4), a chemical source that is also a MTSA-regulated facility shall comply with this Act. (2) Compliance.-- (A) In general.--A chemical source that is also a MTSA-regulated facility shall review its facility security assessment, facility security plan, and emergency response plan and make any modifications necessary to comply with the security performance standards established for the tier applicable to the chemical source under section 3(f) and the requirements under subsection (a)(1). (B) Submission.--Not later than 180 days after the date on which the Secretary promulgates regulations under subsection (a)(1), the owner or operator of a chemical source that is also a MTSA-regulated facility shall-- (i) submit the facility security assessment, facility security plan, and emergency response plan, with any appropriate modifications under subparagraph (A), for the chemical source to the Federal Maritime Security Coordinator for the area in which the chemical source is located and the Secretary for approval; and (ii) certify in writing to the Federal Maritime Security Coordinator for the area in which the facility is located and the Secretary that-- (I) the facility security assessment and facility security plan for the facility are in compliance with the security performance standards for the tier applicable to the chemical source under section 3(f) and the requirements under subsection (a)(1); and (II) the owner or operator has submitted an approved or certified emergency response plan required under chapter 701 of title 46, United States Code, to the Federal Maritime Security Coordinator for the area in which the facility is located. (3) Review by the secretary.--In accordance with the procedures under subsection (c), the Secretary, in consultation with the Federal Maritime Security Coordinator for the area in which a chemical source that is also a MTSA-regulated facility is located, shall determine whether a facility security assessment and facility security plan submitted under paragraph (2)(B) meets the security performance standards established by the Secretary under section 3(f) and the requirements under subsection (a)(1). (4) Exemption.--A chemical source that is a MTSA-regulated facility is exempt from section 6(d) of this Act. (5) Integration and coordination.-- (A) In general.--The Secretary shall implement this Act and chapter 701 of title 46, United States Code, in as consistent and integrated manner as possible. (B) Coast guard.--The Secretary shall ensure coordination between the Under Secretary for Preparedness and the Coast Guard Commandant in carrying out this Act. (f) Alternative Security Programs.-- (1) In general.--The Secretary may consider a petition submitted by any person that describes-- (A) alternate procedures, protocols, and standards established by an industry entity, Federal, State, or local government authorities, or other applicable laws; and (B) the scope of chemical sources to which such program would apply. (2) Review.--The Secretary may review the requirements of any alternative security program submitted under paragraph (1) to determine whether a vulnerability assessment, security plan, or emergency response plan prepared under that program meets each required element under subsection (a)(1) for a vulnerability assessment, security plan, and emergency response plan submitted under subsection (b)(2). (3) Determination.-- (A) In general.--If the Secretary determines that a vulnerability assessment, security plan, or emergency response plan prepared under that alternative security program meets each required element under subsection (a)(1) for a vulnerability assessment, security plan, and emergency response plan submitted under subsection (b)(2), the Secretary shall notify the petitioner that any chemical source covered by that program may submit an assessment or plan prepared under that program without further revision. (B) Other determinations.--If the Secretary determines that a vulnerability assessment, security plan, or emergency response plan prepared under that alternative security program does not meet each required element under subsection (a)(1) for a vulnerability assessment, security plan, and emergency response plan submitted under subsection (b)(2)-- (i) the Secretary may specify what modifications would be necessary to meet the required elements for a vulnerability assessment, security plan, or emergency response plan submitted under subsection (b)(2); and (ii) a chemical source covered by that program may submit the assessment or plans with the specified modifications. (C) Form.--Any action taken by the Secretary under this paragraph shall be made by rule, regulation, or order. (4) Review.--Nothing in this subsection shall relieve the Secretary of the obligation-- (A) to review the vulnerability assessment, security plan, and emergency response plan submitted by each chemical source under this section according to the performance standards established by section 3(f) and the requirements under subsection (a)(1); or (B) to approve or disapprove each submission on an individual basis. (g) Periodic Review.-- (1) In general.--On the timeline established by the Secretary under paragraph (2), the owner or operator of a chemical source shall-- (A) review the adequacy of the vulnerability assessment, site security plan, and emergency response plan for the chemical source; (B) certify to the Secretary that the chemical source has completed the review and implemented any necessary modifications to the vulnerability assessment, site security plan, or emergency response plan; and (C) provide to the Secretary a description of any changes to the vulnerability assessment, site security plan, or emergency response plan. (2) Timing.--The Secretary shall establish a timeline for review appropriate to the tier level of the chemical source that requires a review-- (A) for a higher risk tier, not later than 1 year after the date of approval of a vulnerability assessment, site security plan, and emergency response plan under subsection (c)(1) and not less often than every 3 years thereafter; and (B) for all other tiers, not later than 5 years after the date of approval of a vulnerability assessment, site security plan, and emergency response plan under subsection (c)(1) and not less often than every 5 years thereafter. SEC. 5. RECORDKEEPING; SITE INSPECTIONS; PRODUCTION OF INFORMATION. (a) Recordkeeping.--The owner or operator of a chemical source shall retain a copy of the vulnerability assessment, site security plan, and emergency response plan for the chemical source for not less than 5 years after the date on which such assessment or plan was approved by the Secretary under section 4(c). (b) Right of Entry.-- (1) In general.--In carrying out this Act, the Secretary or the designee of the Secretary, on presentation of credentials, shall have a right of entry to, on, or through-- (A) the premises of a chemical source; and (B) any premises on which any record required to be maintained under subsection (a) is located. (2) Audits and inspections.-- (A) In general.--The Secretary shall, at such times and places as the Secretary determines to be appropriate, conduct, or require the conduct of, facility security audits and inspections, the requirements of which may be established by rule, regulation, or order. (B) Scope.--Audits and inspections under subparagraph (A) shall ensure and evaluate compliance with this Act. (C) Higher risk tiers.-- (i) In general.--Not later than 1 year after the date of submission of the vulnerability assessment, site security plan, and emergency response plan under section 4(b)(2) by the owner or operator of a chemical source assigned to a higher risk tier under section 3(e)(2), and every year thereafter, the Secretary shall conduct an audit or inspection of such chemical source. (ii) Federal area security coordinator audits.--An audit or inspection by a Federal Area Security Coordinator shall qualify as an audit or inspection under clause (i). (iii) Exemption from annual audits and inspections.-- (I) In general.--The Secretary may exempt a chemical source from annual audits or inspections under this subparagraph, if the chemical source has been found in compliance with this Act by the Secretary based upon 5 consecutive years of audits or inspections. (II) Audits and inspections.--If the Secretary exempts a chemical source under this clause, during the 5-year period after the date of granting such exemption, and during each 5-year period thereafter, the Secretary shall conduct not less than 1 audit or unannounced inspection of such chemical source. (c) Requests for Records.--In carrying out this Act, the Secretary may require the submission of, or, on presentation of credentials, may at reasonable times seek access to and copy-- (1) any records, reports, or other information described in subsection (a); and (2) any other documentation necessary for the-- (A) review or analysis of a vulnerability assessment or security plan; or (B) implementation of a security plan. (d) Compliance.--If the Secretary determines that an owner or operator of a chemical source is not maintaining, producing, or permitting access to records or to the premises of the chemical source as required by this section, the Secretary may issue an order requiring compliance with the relevant provisions of this section. SEC. 6. INFRASTRUCTURE PROTECTION AND IMPLEMENTATION. (a) Coordination.-- (1) In general.--The Secretary shall ensure effective chemical security planning and response by providing the necessary infrastructure, leadership, technical assistance, guidance, and accountability for security planning and response in areas surrounding chemical sources. (2) With other law.--The Secretary shall model the regulations promulgated, organizations established, and actions taken under this section on the requirements of sections 70102, 70103, 70104, and 70112 of title 46, United States Code. (3) With committees.--The Secretary, and those in positions assigned under this section, shall coordinate with other Federal area security and response committees in order to provide a unified and effective Federal effort for security and response organizational infrastructure for the Nation. Nothing in this section shall supersede any other Federal area security or response committee and the entities established under this section shall be organized to complement such other committees. (b) Compliance Office.-- (1) Establishment.--Not later than 3 months after the date of enactment of this Act, the Secretary shall establish an office under the Assistant Secretary for Infrastructure Protection that shall be responsible for implementing and enforcing this Act. (2) Activities.--The Secretary, acting through the Assistant Secretary for Infrastructure Protection, shall-- (A) provide leadership, guidance, planning, technical assistance, resources, and conduct oversight activities to establish an effective chemical security planning and response infrastructure for the Nation; (B) provide leadership, personnel, training, equipment, other resources as necessary, and technical assistance to-- (i) Federal, State and local government agencies; (ii) Infrastructure Protection Regional Security Offices; and (iii) Area Security Committees, as requested by the Federal Area Security Coordinator; (C) coordinate with law enforcement agencies, first responders, and chemical sources regarding the response to a potential or actual terrorist incident at a chemical source; (D) review and approve each Area Security Plan submitted under subsection (d); and (E) coordinate with the Office of State and Local Government Coordination and Preparedness of the Department, to ensure some homeland security grants administered by the Department support the plans required under this section. (c) Infrastructure Protection Regional Security Offices.-- (1) In general.--Not later than 6 months after the date of enactment of this Act, the Secretary shall establish in each Federal Emergency Management Agency Region (or the regional office of a successor agency with responsibility for emergency management, preparedness, and response) an Infrastructure Protection Regional Security Office, for purposes of carrying out this Act and coordinating regional security, as described in this section. (2) Membership and duties.--Each Infrastructure Protection Regional Security Office shall-- (A) consist of-- (i) the personnel of the Infrastructure Protection Office of the Department within the region; and (ii) a regional security advisory staff, to be appointed by the Secretary; (B) review and approve each Area Security Plan for the region to ensure coordination between regions and States; (C) oversee implementation of this Act to ensure consistent implementation within the region, in conjunction with the strategic mission and policies of, and guidance from, the Department; and (D) perform other functions as assigned by the Secretary necessary to implement the requirements of this Act or help protect other critical infrastructure. (d) Area Security Committees and Plans.-- (1) Designation of areas and federal area security coordinators.-- (A) Deadline.--Not later than 6 months after the date of enactment of this Act, the Secretary shall designate geographic areas for the Area Security Committees established under paragraph (2). (B) Requirements.--In designating areas under subparagraph (A), the Secretary shall ensure that-- (i) except as provided in subparagraph (C), all parts of the United States are included in an area; and (ii) no area is larger than a single State, although an area may incorporate portions of more than 1 State, based on the organization and number of chemical sources in a geographic area. (C) Exclusion.--Any area designated under section 70103(a)(2)(G) of title 46, United States Code, shall not be included in any area designated under this Act. (2) Establishment and designation.-- (A) Committees.--There is established for each area designated by the Secretary under paragraph (1) an Area Security Committee, comprised of members appointed by the Secretary, in consultation with State and local government officials, from qualified and affected security and response personnel of Federal, State, and local government agencies, chemical sources, local emergency planning and response entities, other critical infrastructure sectors, and other appropriate organizations. (B) Coordinator.--For each area designated by the Secretary under paragraph (1), the Secretary shall designate a Federal Area Security Coordinator with knowledge of and experience in the activities required under this subsection. (3) Duties.-- (A) Committees.--Each Area Security Committee, under the direction of the Federal Area Security Coordinator for the area assigned to such Area Security Committee, shall-- (i) meet not less frequently than twice each year; (ii) prepare the Area Security Plan described in paragraph (4) for that area and submit the Area Security Plan to the Secretary for approval; and (iii) coordinate with Federal, State, and local government officials and chemical sources to enhance the security and response planning of those officials and to assure effective preplanning of joint security and response efforts, including exercises, drills, evacuations, sheltering, and rescue. (B) Coordinator.--Each Federal Area Security Coordinator shall, for the area assigned to such official-- (i) conduct audits and inspections of chemical sources under this Act; (ii) provide appropriate guidance and support to chemical sources; and (iii) perform such other duties as are required by the Area Security Committee or the Secretary. (4) Area security plans.-- (A) In general.--Not later than 2 years after the date of enactment of this Act, each Area Security Committee shall prepare and submit to the Secretary for approval an Area Security Plan for the area assigned to such Area Security Committee. (B) Plan requirements.--The Area Security Plan shall-- (i) coordinate the resources of the area assigned to the Area Security Committee to deter a potential or actual terrorist incident at a chemical source in that area, or to respond to a terrorist incident at a chemical source in that area; (ii) coordinate with the National Infrastructure Protection Plan, the National Response Plan, the site security plan of any chemical source located in the area assigned to the Area Security Committee, other appropriate national security and response plans, and the Area Security Plans for contiguous areas; (iii) reflect security and response post- incident investigative reports, as determined by the Secretary; (iv) describe in detail the responsibilities of an owner or operator of a chemical source (based upon the approved site security plan for the chemical source) and of Federal, State, and local government agencies in responding to potential or actual terrorist incident at a chemical source operating in the area assigned to the Area Security Committee; (v) describe the area covered by the plan, list the assets and resources available to respond to a terrorist incident, and include any other information the Secretary requires; (vi) be updated periodically by the Area Security Committee; and (vii) provide for coordination with the appropriate Federal, State and local government agencies or members of local entities that plan for emergency releases from chemical sources regarding how local populations that may be affected by a release are provided with information, including evacuation planning, sheltering in place, and areas of refuge. (5) Review.--Not later than 3 years after the date of enactment of this Act, the Secretary shall-- (A) review each Area Security Plan developed under paragraph (4); (B) require amendments to any plan that does not meet the requirements of this section; and (C) approve each plan that meets the requirements of this section. (e) Area Exercises and Drills.-- (1) In general.--The Secretary shall periodically conduct drills and exercises, some without prior notice, including full functional and communications exercises of security and response capability in each area for which an Area Security Plan is required under this section and under the site security plan and emergency response plans of relevant chemical sources. (2) Scope of participation.--The drills and exercises conducted under paragraph (1) may include participation by-- (A) Federal, State, and local government agencies, including law enforcement and first responders; (B) the owner and operator of any chemical source in the area; (C) members of local entities that plan for emergency releases; (D) representatives of other critical infrastructure; and (E) other participants as determined appropriate by the Secretary or the designee of the Secretary. (3) Reports.--The Secretary shall publish annual reports on drills under this subsection, including assessments of the effectiveness of the plans described in paragraph (1), lessons learned, and recommendations, if any, to improve the programs, plans, and procedures under this subsection. The annual reports shall not include protected information. (f) Regulations.--The Secretary may promulgate such regulations as are necessary to carry out this section. SEC. 7. HEIGHTENED SECURITY MEASURES. (a) In General.--If the Secretary determines, based on the risk factors described in section 3(b), that additional security measures are necessary to respond to a threat assessment or to a specific threat against the chemical sector, the Secretary may issue an order to the owner or operator of a chemical source to implement the heightened security measures described under section 4(a)(6)(H). Only the Secretary or the designee of the Secretary may issue an order under this section. (b) Period of Order.-- (1) In general.--Any order issued by the Secretary under subsection (a) shall be effective upon issuance and shall remain in effect for a period of not more than 90 days, unless the Secretary files an action in an appropriate United States district court before the expiration of that 90-day period. (2) Effect of filing.--If the Secretary files an action described in paragraph (1), an order issued by the Secretary under subsection (a) shall remain in effect for 14 days in addition to the 90-day period under paragraph (1), or for such shorter or longer period as may be authorized by the court in which such action is filed. SEC. 8. PENALTIES. (a) Administrative Penalties.-- (1) Penalties.--The Secretary may impose an administrative penalty of not more than $25,000 for each day, and not more than a maximum of $1,000,000 for each year, for failure to comply with an order or directive issued by the Secretary under this Act. (2) Notice and hearing.--Before imposing a penalty under paragraph (1), the Secretary shall provide to the person against which the penalty is to be assessed-- (A) a written notice of the proposed penalty; and (B) not later than 30 days after the date on which the person receives the notice, the opportunity to request a hearing on the proposed penalty. (3) Procedures.--The Secretary shall promulgate regulations establishing procedures for administrative hearings and appropriate review, including necessary deadlines. (b) Civil Penalties.-- (1) In general.--The Secretary may bring an action in a United States district court against any owner or operator of a chemical source that violates or fails to comply with any order or directive issued by the Secretary under this Act or a site security plan approved by the Secretary under this Act (2) Relief.--In any action under paragraph (1), a court may issue an order for injunctive relief and may award a civil penalty of not more than $50,000 for each day on which a violation occurs or a failure to comply continues. (c) Criminal Penalties.--An owner or operator of a chemical source who knowingly and willfully violates any order issued by the Secretary under this Act or knowingly and willfully fails to comply with a site security plan approved by the Secretary under this Act shall be fined not more than $50,000 for each day of such violation, imprisoned not more than 2 years, or both. SEC. 9. PROTECTION OF INFORMATION. (a) Disclosure Exemptions.-- (1) Records of the department.--The Department shall not be required under section 552 of title 5, United States Code, to make available to the public protected information. (2) Records of other agencies.--If a Federal agency other than the Department receives a request under section 552 of title 5, United States Code, for protected information, that Federal agency-- (A) shall not disclose the record; and (B) shall refer the request to the Department for processing and response. (3) Records of state or local government agencies.--A State or local government agency shall not be required under any State or local law providing for public access to information to make available to the public protected information. (b) Certifications and Orders.-- (1) In general.-- (A) Information not disclosed.--Except as provided in subparagraph (B), the following records shall not be made available to the public under section 552 of title 5, United States Code: (i) Certifications.--A certification under section 4(b)(1). (ii) Order for failure to comply.--An order under section 4(b)(3). (iii) Compliance certificates.--A certificate of compliance under paragraph (2). (iv) Other orders.--Any other order or any notice of disapproval issued under this Act. (B) Exception.-- (i) In general.--If the Secretary makes a specific finding and determination with respect to a particular chemical source that releasing any record described in subparagraph (A)(i) or (iii) regarding that chemical source would not increase the risk to the security of any chemical source, the Secretary may make the record available to the public under section 552 of title 5, United States Code. (ii) Notice to gao.--If the Secretary does not allow a record to be made available to the public under this subsection, the Secretary shall submit to the Comptroller General of the United States, for inclusion and evaluation in the reports under section 12, a detailed statement-- (I) identifying the chemical source; (II) describing the record; (III) explaining the basis for the Secretary's determination; and (IV) describing any security measures being implemented by the chemical source. (2) Certification of compliance.--When the Secretary determines that a chemical source is in compliance with the requirements of this Act, the Secretary shall issue a certificate of approval that contains the following statement: ``____ (chemical source name) ____ is in compliance with the Chemical Facility Anti-Terrorism Act of 2006.''. (3) Report to congress.--Not less frequently than once each year, the Secretary shall submit to Congress a public report on the performance of chemical sources under the Act, in the aggregate, including a description of common problems, solutions, and industry best practices. (c) Development of Protocols.-- (1) In general.--The Secretary, in consultation with the Director of the Office of Management and Budget and appropriate Federal law enforcement and intelligence officials and in a manner consistent with existing protections for sensitive or classified information, shall, by regulation, establish confidentiality protocols for maintenance and use of records containing protected information. (2) Requirements for protocols.--The protocols established under paragraph (1) shall ensure, to the maximum extent practicable, that-- (A) the records shall be maintained in a secure location; and (B) access to records shall be limited-- (i) as may be necessary to-- (I) enable enforcement of this Act; or (II) address an imminent and substantial threat to security, health, safety, or the environment; (ii) to State or local law enforcement officials, first responders, or other State or local government officials granted access to records for the purpose of carrying out this Act, including providing such officials and first responders with information on the extent to which security of chemical sources in the State or local area is being achieved; and (iii) to other persons granted access for the purpose of carrying out this Act. (3) Other procedures in protocols.--The protocols established under paragraph (1) shall also-- (A) provide for the labeling of any record containing protected information to enable the sensitive information in such record to be traced back to the specific document from which the information was derived; (B) accommodate the making of disclosures under sections 2302(b)(8) and 7211 of title 5, United States Code, and provide guidance to employees as to how to make such disclosures without compromising security; (C) include procedures applicable to a request under section 552 of title 5, United States Code, requiring that any portion of a record that reasonably may be separated shall be provided to a person requesting the record after redaction of any portion that is exempt from disclosure; and (D) establish procedures by which a record containing protected information may become subject to the requirements regarding public disclosure under section 552 of title 5, United States Code, when, because of changed circumstances or the passage of time, disclosure of the record would not be detrimental to the security of a chemical source. (d) Process for Reporting Problems.-- (1) Establishment of a reporting process.--The Secretary shall establish, and provide information to the public regarding, a process by which any person may submit a report to the Secretary regarding problems, deficiencies, or vulnerabilities at a chemical source. (2) Confidentiality.--The Secretary shall keep confidential the identity of a person who submits a report under paragraph (1) and any such report shall be treated as a record containing protected information to the extent that it does not consist of publicly available information. (3) Acknowledgment of receipt.--If a report submitted under paragraph (1) identifies the person making the report, the Secretary shall respond promptly to such person and acknowledge receipt of the report. (4) Steps to address problems.--The Secretary shall review and consider the information provided in any report submitted under paragraph (1) and shall take appropriate steps under this Act to address any problems or deficiencies identified. (5) Retaliation prohibited.--No employer may discharge any employee or otherwise discriminate against any employee with respect to the compensation to, or terms, conditions, or privileges of the employment of, such employee because the employee (or a person acting pursuant to a request of the employee) made a report under paragraph (1). (6) GAO reporting.--The Comptroller General of the United States shall, in the reports under section 12-- (A) describe the number and type of problems, deficiencies, and vulnerabilities reported on under this subsection; and (B) evaluate the Secretary's efforts in addressing such problems, deficiencies, and vulnerabilities. (e) Protected Disclosures.--Nothing in this Act shall be construed to limit the right of an individual to make any disclosure-- (1) protected or authorized under section 2302(b)(8) or 7211 of title 5, United States Code; (2) protected under any other Federal or State law that shields the disclosing individual against retaliation or discrimination for having made the disclosure in the public interest; or (3) to the Special Counsel, the inspector general of an agency, or any other employee designated by the head of an agency to receive similar disclosures. (f) Materials Not Held by Agencies.--Nothing in this Act shall be construed to limit the rights or obligations of any chemical source, any entity that is not a Federal, State, or local government agency in possession of a record containing protected information, or any individual, with respect to the withholding or disclosure of any information or record held by the chemical source, entity, or individual, regardless of whether or not the Department has received or possesses similar or identical information or a similar or identical record. (g) Disclosure of Independently Furnished Information.-- (1) In general.--Nothing in this Act shall be construed to affect the handling, treatment, or disclosure of a record or information obtained from a chemical source under any other law. (2) Other authority.--Nothing in this Act shall be construed to affect any authority or obligation of an agency to disclose any record that the agency receives independently of a record that is exempt under this section from the public disclosure requirements under section 552 of title 5, United States Code, regardless of whether or not the Department has an identical or similar record that is so exempt. (h) Other Obligations Unaffected.-- (1) In general.--Nothing in this section affects any obligation of the owner or operator of a chemical source to submit or make available information to a Federal, State, or local government agency under, or otherwise to comply with, any other law. (2) No use of information to gain governmental benefit.-- The owner or operator of a chemical source may not use any record containing protected information to satisfy any legal requirement or obligation other than a requirement under this Act or to obtain any grant, permit, contract, benefit (including agency forbearance, loans, or deduction or modifications of agency penalties or rulings), or other governmental approval. (i) Availability of Information to Congress.--Nothing in this Act shall be construed to authorize information to be withheld from Congress. (j) Penalties for Unauthorized Disclosure.--Any officer or employee of a Federal, State, or local government agency who, in a manner or to an extent not authorized by law, knowingly discloses any record containing protected information shall-- (1) be imprisoned not more than 1 year, fined under chapter 227 of title 18, United States Code, or both; and (2) if an officer or employee of the Government, be removed from Federal office or employment. (k) Public Availability of Information in Reports.--The Government Accountability Office shall not make any protected information available to the public in any report under section 12, except as provided under subsection (b)(1) of this section. SEC. 10. STATE AND OTHER LAWS. (a) In General.--Nothing in this Act shall preclude or deny any right of any State or political subdivision thereof to adopt or enforce any regulation, requirement, or standard of performance respecting chemical facility security that is more stringent than a regulation, requirement, or standard of performance in effect under this Act, or shall otherwise impair any right or jurisdiction of the States with respect to chemical facilities within such States unless there is an actual conflict between a provision of this Act and the law of the State. (b) Other Requirements.--Nothing in this Act shall preclude or deny the right of any State or political subdivision thereof to adopt or enforce any regulation, requirement, or standard of performance, including air or water pollution requirements, that are directed at problems other than reducing damage from terrorist attacks. SEC. 11. CHEMICAL SECURITY REPORTING. Not later than 6 months after the date of enactment of this Act, the Secretary shall submit to the Committee on Homeland Security and Governmental Affairs of the Senate and the Committee on Homeland Security and the Committee on Energy and Commerce of the House of Representatives an update of the national strategy for the chemical sector required to be submitted by the Secretary to the Committee on Appropriations of the Senate and the Committee on Appropriations of the House of Representatives by February 10, 2006. SEC. 12. REVIEW BY THE GOVERNMENT ACCOUNTABILITY OFFICE. (a) Accessibility.--The Secretary shall provide access to the Government Accountability Office of any document or information required to be submitted to, generated by, or otherwise in the possession of the Department under this Act. (b) Review and Reports.-- (1) In general.--Not later than January 1 of the first year following the calendar year in which the regulations are promulgated under section 4(a)(1), and on January 1 of each year thereafter, the Government Accountability Office shall submit a report described under paragraph (2) to-- (A) the Committee on Homeland Security and Governmental Affairs of the Senate; and (B) the Committee on Homeland Security of the House of Representatives and the Committee on Energy and Commerce of the House of Representatives. (2) Contents.--Each report submitted under paragraph (1) shall include-- (A) a review of site security plans, vulnerability assessments, and emergency response plans under this Act; and (B) a determination of whether such plans and assessments are in compliance with this Act. SEC. 13. JUDICIAL ACTIONS. (a) Regulations.--Not later than 60 days after the date of promulgation of a regulation under this Act, any person may file a petition for judicial review relating to the regulation with the United States Court of Appeals for the District of Columbia. (b) Orders.-- (1) In general.--Except as provided in section 7(b), not later than 60 days after the date of a final agency action under this Act, the owner or operator of a chemical source affected by such action may file a petition for judicial review of the action or order with the United States district court for the district in which-- (A) the chemical source is located; or (B) the owner or operator of the chemical source has a principal place of business. (2) Limitation of parties.--The parties in any civil action commenced under paragraph (1) shall be limited to-- (A) the owner or operator filing the petition; and (B) the Secretary. (c) Exclusivity of Remedies.--Except as provided in section 7(b) and subsections (a) and (b) of this section, no final agency action by the Secretary (including regulations) under this Act shall be subject to judicial review under chapter 7 of title 5, United States Code. (d) Standard of Review.--On the filing of a petition under subsection (a) or (b), the court shall review the regulation or other final action or order that is the subject of the petition in accordance with chapter 7 of title 5, United States Code. (e) Private Actions.--Nothing in this Act confers on any private person a right of action against an owner or operator of a chemical source to enforce any provision of this Act. SEC. 14. AMMONIUM NITRATE. (a) Short Title.--This section may be cited as the ``Secure Handling of Ammonium Nitrate Act of 2006''. (b) Findings.--Congress finds that-- (1) ammonium nitrate is an important fertilizer used to produce a reliable and affordable food supply for the United States and the world; (2) in the wrong hands, ammonium nitrate may be used for illegal activities; (3) the production, importation, storage, sale, and distribution of ammonium nitrate affects interstate and intrastate commerce; and (4) it is necessary to regulate the production, storage, sale, and distribution of ammonium nitrate. (c) Definitions.--In this section: (1) Ammonium nitrate.--The term ``ammonium nitrate'' means solid ammonium nitrate that is chiefly the ammonium salt of nitric acid and contains not less than 33 percent nitrogen by weight. (2) Facility.--The term ``facility'' means any site where ammonium nitrate is produced or sold. (3) Handle.--The term ``handle'' means to produce or sell ammonium nitrate. (4) Handler.--The term ``handler'' means any person that produces or sells ammonium nitrate. (5) Purchaser.--The term ``purchaser'' means any person who buys or takes ownership of ammonium nitrate. (d) Regulation of Handling and Purchase of Ammonium Nitrate.-- (1) In general.--The Secretary shall regulate the handling and purchase of ammonium nitrate to prevent the misappropriation or use of ammonium nitrate in violation of law. (2) Regulations.--The Secretary shall promulgate regulations that require-- (A) handlers-- (i) to register facilities; (ii) to sell or distribute ammonium nitrate only to handlers and purchasers registered under this section; and (iii) to maintain records of sale or distribution that include the name, address, telephone number, and registration number of the immediate subsequent purchaser of ammonium nitrate; and (B) purchasers to be registered. (3) Use of previously submitted information.--Before requiring a facility or handler to submit additional information for registration under this subsection, the Secretary shall-- (A) request from the Attorney General, and the Attorney General shall provide, any information previously submitted to the Attorney General by the facility or handler under section 843 of title 18, United States Code; and (B) at the election of the facility or handler-- (i) use the license issued under that section instead of requiring additional information for registration under this subsection; and (ii) consider the license to fully comply with the requirement for registration under this subsection. (4) Consultation.--In promulgating regulations under this subsection, the Secretary shall consult with the Secretary to Agriculture to ensure that the access of agricultural producers to ammonium nitrate is not unduly burdened. (5) Protection of information.--Notwithstanding any other provision of this Act, registration information under this section shall be treated as protected information under this Act. (e) Enforcement.--The Secretary may promulgate regulations that establish a process for periodic monitoring or auditing of handler records pertaining to the sale or transfer of ownership of ammonium nitrate to determine compliance with the requirements established under this section. (f) Administrative Provisions.-- (1) Cooperative agreements.--The Secretary-- (A) may enter into a cooperative agreement with the Secretary of Agriculture, or the head of any State department of agriculture or its designee involved in agricultural regulation, in consultation with the State agency responsible for homeland security, to carry out this section; and (B) wherever possible, should seek to use cooperation of State agricultural entities or their designees that oversee handler operations when seeking cooperative agreements to implement the registration and enforcement provisions of this section. (2) Delegation.-- (A) In general.--The Secretary may delegate to a State the authority to assist the Secretary in the administration and enforcement of this section. (B) Delegation required.--On the request of the Governor of a State, the Secretary shall delegate to the State the authority to carry out actions under subsection (d) or (e), on a determination by the Secretary that the State is capable of satisfactorily carrying out that subsection. (C) Funding.--If the Secretary enters into an agreement with a State under this subsection to delegate functions to the State, the Secretary shall provide to the State adequate funds to enable the State to carry out the functions. (g) Civil Liability.-- (1) Unlawful acts.--It is unlawful for any person to-- (A) fail to perform any duty required by this section; (B) violate the terms of registration under this section; (C) fail to keep any record, make any report, or allow any inspection required by this section; or (D) violate any sale or distribution order issued under this section. (2) Penalties.-- (A) In general.--A person that violates this section may be assessed a civil penalty by the Secretary of not more than $50,000 for each violation. (B) Notice and opportunity for a hearing.--No civil penalty shall be assessed under this subsection unless the person charged has been given notice and opportunity for a hearing on the charge in the county, parish, or incorporated city of residence of the person charged. (3) Jurisdiction over actions for civil damages.--The district courts of the United States shall have exclusive jurisdiction over any action for civil damages against a handler for any harm or damage that is alleged to have resulted from the use of ammonium nitrate in violation of law that occurred on or after the date of enactment of this Act. SEC. 15. AUTHORIZATION OF APPROPRIATIONS. There are authorized to be appropriated such sums as are necessary to carry out this Act. Calendar No. 495 109th CONGRESS 2d Session S. 2145 _______________________________________________________________________ A BILL To enhance security and protect against terrorist attacks at chemical facilities. _______________________________________________________________________ June 26, 2006 Reported with an amendment