Ҥ 44920a. Registered traveler program

“(a) In general.—An airport operator may enter into a contract with a qualified registered traveler services provider to provide registered traveler services under subsection (d) to registered traveler program participants, if the Administrator of the Transportation Security Administration approves the application of the qualified registered traveler services provider under subsection (c)(2).

“(b) Qualified registered traveler services provider.—

“(1) IN GENERAL.—A private entity is a qualified registered traveler services provider if—

“(A) the entity is in compliance with section 536 of the Department of Homeland Security Appropriations Act, 2015 (49 U.S.C. 114 note);

“(B) the Administrator has approved an application for the entity under subsection (c)(2); and

“(C) the entity meets such other requirements as the Administrator may establish.

“(2) TREATMENT OF EXISTING REGISTERED TRAVELER SERVICES PROVIDERS.—

“(A) IN GENERAL.—Notwithstanding paragraph (1), a private entity providing registered traveler services as of the date of the enactment of this section shall be deemed to be a qualified registered traveler services provider for purposes of this subsection if the entity—

“(i) meets the requirement under paragraph (1)(A); and

“(ii) is operating pursuant to the requirements established by the Administrator for the registered traveler program of the Administration as of the date of the enactment of this section.

“(B) CONTINUATION OF CONTRACTS.—A contract entered into before the date of the enactment of this section with a private entity that meets the requirements of subparagraph (A) shall remain in effect on and after that date in accordance with the terms of the contract.

“(c) Applications.—

“(1) SUBMISSION.—A private entity seeking to become a qualified registered traveler services provider shall submit to the Administrator an application at such time, in such manner, and containing such information as the Administrator may require.

“(2) APPROVAL.—

“(A) IN GENERAL.—Not later than 180 days after the date of receipt of an application submitted by an entity under paragraph (1), the Administrator shall approve or deny the application.

“(B) STANDARDS.—The Administrator shall approve an application submitted by an entity under paragraph (1) if the Administrator determines that—

“(i) the level of security provided by the entity will be equal to or greater than the level that would be provided by Federal Government personnel; and

“(ii) the approval would not detrimentally affect the cost efficiency or the effectiveness of identity verification, traveler vetting status authentication, or provision of access to physical screening at an airport.

“(C) REPORTS ON DENIALS OF APPLICATIONS.—

“(i) IN GENERAL.—If the Administrator denies an application submitted by an entity under paragraph (1), the Administrator shall provide to the entity, not later than 60 days after the date of the denial, a written report that sets forth—

“(I) the findings that served as the basis for the denial;

“(II) the results of any cost or security analysis conducted in considering the application; and

“(III) recommendations on how the entity can address the reasons for the denial.

“(ii) SUBMISSION TO CONGRESS.—The Administrator shall submit to the Committee on Commerce, Science, and Transportation of the Senate and the Committee on Homeland Security of the House of Representatives a copy of any report provided to an entity under clause (i).

“(d) Registered traveler services.—For purposes of this section, registered traveler services provided by a qualified registered traveler services provider include the following:

“(1) IDENTITY VERIFICATION.—The use of identity verification procedures or technologies, including the use of biometrics, to securely verify the identity of a registered traveler program participant who has entered an airport security checkpoint or any other area under the control or authority of the Administrator.

“(2) TRAVELER VETTING STATUS AUTHENTICATION.—The authentication, by manual or electronic means, of the vetting status, as determined by the Transportation Security Administration, of a registered traveler program participant whose identity has been verified under paragraph (1), which may include authentication of paper or electronic travel documentation or electronic confirmation of travel information by the qualified registered traveler services provider.

“(3) ACCESS TO PHYSICAL SCREENING.—

“(A) IN GENERAL.—The direction, from an employee of the qualified registered traveler services provider or through an automated process operated by the qualified registered traveler services provider, for a registered traveler program participant, whose identity has been verified under paragraph (1) and whose vetting status has been authenticated under paragraph (2), to proceed directly, in an unimpeded manner, without re-verification of the identity or re-authentication of the vetting status of the traveler, to the appropriate area for physical screening designated by the Administrator.

“(B) PHYSICAL SCREENING DEFINED.—In this subsection, the term ‘area for physical screening’ means an area, including a lane within an airport security checkpoint or any other area, at which an individual and the personal property of an individual are screened by an agent of the Transportation Security Administration.

“(4) ADDITIONAL SERVICES.—Such other additional services at the airport security checkpoint or any other area under the control or authority of the Administrator as the Administrator may approve.

“(e) Registered traveler services provided.—The Administrator shall—

“(1) develop policies, procedures, and capabilities that allow qualified registered traveler services providers to provide to registered traveler services program participants the full extent of registered traveler services; and

“(2) undertake audits under subsection (f) of the performance of qualified registered traveler services providers providing registered traveler services at airports under this section, and allow providers to correct any deficiencies identified during such audits.

“(f) Audits of qualified registered traveler services providers.—

“(1) IN GENERAL.—Not less frequently than once every 5 years, the Administrator shall conduct an audit, which shall last not more than 1 month, of each qualified registered traveler services provider to determine if the provider is meeting the standards described in subsection (c)(2)(B).

“(2) STRATEGY REQUIRED.—

“(A) IN GENERAL.—In carrying out paragraph (1), the Administrator shall develop a strategy for conducting audits under that paragraph to determine if qualified registered traveler services providers are meeting the standards described in subsection (c)(2)(B).

“(B) ELEMENTS.—The strategy required by subparagraph (A) may include the examination of a percentage of registered traveler services program participants, not to exceed 5 percent of the average number of such participants traveling on a daily basis, who are screened under procedures of the Transportation Security Administration applicable to travelers who are not registered traveler services program participants. Subsection (d)(3) shall not apply to registered traveler services program participants screened under such procedures.

“(3) IMPROVEMENT PLANS.—

“(A) IN GENERAL.—If, after completing an audit under paragraph (1) of a qualified registered traveler services provider, the Administrator determines that the provider does not meet the standards described in subsection (c)(2)(B), the Administrator shall develop an improvement plan with the provider to bring the provider into compliance with those standards by the date that is 12 months after the Administrator provides the plan to the provider.

“(B) COMPLETION OF IMPROVEMENT PLANS.—If a provider for which an improvement plan was developed under subparagraph (A) does not come into compliance with the standards described in subsection (c)(2)(B) by the date required by that subparagraph, the Administrator may—

“(i) provide the provider with additional time to come into compliance with those standards;

“(ii) take administrative action against the provider; or

“(iii) require the suspension or termination under subsection (g) of the contract between the provider and the airport operator entered into under subsection (a).

“(4) AUTHORITY FOR IMMEDIATE CONTRACT TERMINATION.—If, during an audit conducted under paragraph (1), the Administrator determines that a qualified registered traveler services provider has acted with gross negligence or failed repeatedly to comply with any standard, regulation, directive, order, or applicable law, the Administrator may require the immediate suspension or termination under subsection (g) of the contract between the provider and the airport operator entered into under subsection (a).

“(g) Termination or suspension of contracts.—

“(1) IN GENERAL.—The Administrator may require an airport operator to suspend or terminate, as appropriate, any contract entered into under subsection (a) with a qualified registered traveler services provider to provide registered traveler services at an airport if the Administrator determines that the provider has acted with gross negligence or failed repeatedly to comply with any standard, regulation, directive, order, or law applicable to—

“(A) the hiring or training of personnel to provide such services;

“(B) the handling of personal information; or

“(C) the provision of such services at the airport.

“(2) REPORT REQUIRED.—If the Administrator requires the termination or suspension of the contract of a registered traveler services provider under paragraph (1), the Administrator shall, not later than 30 days after requiring the termination or suspension, submit to the Committee on Commerce, Science, and Transportation of the Senate and the Committee on Homeland Security of the House of Representatives a report that describes in detail—

“(A) the reasons the contract was terminated or suspended;

“(B) if the contract was suspended and not terminated, the actions the Administrator is requiring the provider to take before the contract is reinstated; and

“(C) measures the Administrator is taking to improve future registered traveler services contracts.

“(h) Secure flight program availability.—

“(1) IN GENERAL.—The Administrator shall make available to qualified registered traveler services providers providing registered traveler services under this section the same systems (including the advanced passenger prescreening system under section 44903(j)(2)(C)), programs, capabilities, and information, or successor systems, programs, and capabilities, that, as of the date of the enactment of this section, are available to—

“(A) airport operators;

“(B) air carriers;

“(C) foreign air carriers; or

“(D) qualified private screening companies operating at airports participating in the screening partnership program authorized under section 44920.

“(2) REQUIREMENT RELATING TO ADVANCED PASSENGER PRESCREENING SYSTEM.—Upon making access to the advanced passenger prescreening system under section 44903(j)(2)(C) available to a registered traveler services provider under paragraph (1), the Administrator shall carry out the requirements described in clause (iii) of that section, as applicable to the registered traveler services provider—

“(A) to establish sufficient operational safeguards to reduce the opportunities for abuse of the system;

“(B) to implement substantial security measures to protect the system from unauthorized access;

“(C) to adopt policies establishing effective oversight of the use and operation of the system; and

“(D) to ensure that there are no specific privacy concerns with the technological architecture of the system.

“(i) Innovative screening approaches and technologies.—

“(1) IN GENERAL.—The Administrator shall encourage qualified registered traveler services providers to recommend to the Administrator innovative identity verification and screening approaches and technologies.

“(2) RESPONSE.—Upon the receipt of any recommendations from a qualified registered traveler services provider under paragraph (1), the Administrator shall—

“(A) review and respond in writing to the qualified registered traveler services provider within 30 days;

“(B) if appropriate, test or conduct a pilot project with respect to such approaches and technologies; and

“(C) if appropriate, deploy such approaches and technologies.

“(j) Public health standards.—A registered traveler services program participant shall be required to meet or exceed any public health standards that the Administrator requires all other travelers in air transportation to meet.

“(k) Registered traveler services program participant defined.—In this section, the term ‘registered traveler services program participant’ means an individual who voluntarily chooses to participate in registered traveler services that are provided by a qualified registered traveler services provider.”.