Counterterrorism Laws & Regulations

The Ammonium Nitrate Security Program is a proposed regulation developed by the Department of Homeland Security (DHS) in response to direction from Congress to "regulate the sale and transfer of ammonium nitrate by an ammonium nitrate facility...to prevent the misappropriation or use of ammonium nitrate in an act of terrorism."

Learn more about proposed Ammonium Nitrate Security Regulations

Statute

Homeland Security Appropriations Act of 2007 Public Law 109-295 (PDF, 109 pages - 289 KB). An Act of Congress mandating that the Secretary of the Department of Homeland Security establish risk-based performance standards for the security of high-risk chemical facilities within six months of the enactment of the Act. Also mandated was the development of vulnerability assessments as well as the development and implementation of site security plans for high-risk chemical facilities. The Chemical Facility Anti-Terrorism Standards (CFATS) interim final rule was created to fulfill the requirements of this Act.

Public Law 110-161, Section 534 (Consolidated Appropriations Act, for FY 2008 (PDF, 614 pages - 1.65 MB)), enacted December 2007, amended Section 550 of P.L. 109-295 by adding a new section (h). Attached in PDF format is the statutory language authorizing the Chemical Facility Anti-Terrorism Standards Regulations (6 CFR Part 27) consolidated from the two statutes (PDF, 3 pages - 58 KB ).

Public Law 111-83, Section 550b (Department of Homeland Security Appropriations Act, 2010 (PDF, 48 pages – 265 KB)) enacted October 28, 2009, amended Section 550 of P.L. 109-295 by striking “three years after the date of enactment of this Act’’ and inserting ‘‘on October 4, 2010’’ thus extending the authority of the Department to regulate high-risk chemical facilities through October 4, 2010. Attached in PDF format is the statutory language authorizing the Chemical Facility Anti-Terrorism Standards Regulations (6 CFR Part 27) consolidated from the three statutes (PDF, 2 pages - 54 KB).

Regulations

Advance Notice of Proposed Rulemaking: Chemical Facility Anti-Terrorism Standard (CFATS). Published December 28, 2006. In order to fulfill the requirements of Public Law 109-295 (PDF, 109 pages - 290 KB), the Department of Homeland Security developed and published this Advance Notice of Proposed Rulemaking, indicating that a new standard was under development, and requesting public comments on the proposed rule. Public comments were accepted from all sources through February 7, 2007.

Interim Final Rule: Chemical Facility Anti-Terrorism Standards (CFATS). Published April 9, 2007. After gathering and incorporating comments from individuals, trade associations, companies, and numerous other entities, the CFATS was published as an Interim Final Rule. An essential part of this rule was a proposed Appendix A, or the list of Chemicals of Interest (COI) as well as the quantities of each COI that would require a chemical facility to complete and submit a Top Screen consequence assessment to the Department of Homeland Security through the secure online Chemical Security Assessment Tool (CSAT).

Appendix A to the Chemical Facility Anti-Terrorism Standard, Final Rule. Published November 20, 2007. This list consists of approximately 300 Chemicals of Interest (COI) and their individual Screening Threshold Quantities (STQ). Any facility that has an Appendix A COI in a quantity at or above the listed STQ for any period of time is covered by the standard, and must submit a Top Screen within 60 calendar days.

Clarification to Chemical Facility Anti-Terrorism Standards; Propane. Published March 21, 2008. This notice clarifies how certain provisions of the Chemical Facility Anti-Terrorism Standards (CFATS) apply to the Chemical of Interest (COI) propane, which is understood by the Department of Homeland Security to contain at least 87.5% of the chemical propane. Specifically, this notice clarifies the Screening Threshold Quantity and counting rules that apply to the COI propane.

Notices Posted in the Federal Register

CFATS Regulatory Evaluation. Published on April 9, 2007. This regulatory assessment was prepared in order to estimate the magnitude of cost chemical facility owners and/or operators would incur implementing the Chemical Facility Anti-Terrorism Standards (CFATS) interim final rule (IFR).

Federal Register CSAT Registration Reminder. Published April 25, 2007. The Department of Homeland Security recommends that chemical facilities register to access the Chemical Security Assessment Tool (CSAT) system. This is a voluntary registration process for facilities that think they may be covered by the Department of Homeland Security's Chemical Facility Anti-Terrorism Standards located in 6 CFR Part 27 and that would like to initiate the process to determine whether or not they are covered by 6 CFR Part 27.

Agricultural Facilities Time Extension Notification. Published on January 9, 2008. The Department of Homeland Security published a letter that it issued on December 21, 2007. Through this letter, the Department granted a time extension for farmers and other agricultural users who would otherwise have been required to submit a Top-Screen consequence assessment through the secure online Chemical Security Assessment Tool Top-Screen.

Draft Risk-Based Performance Standards Guidance. Published on October 27, 2008. The Department of Homeland Security accepted comments on the draft "Risk-Based Performance Standards" Guidance associated with the Chemical Facility Anti-Terrorism Standards.

Risk-Based Performance Standards Guidance. Published on May 15, 2009. This guidance provides DHS’s interpretations of the level of performance facilities in each of the risk-based tiers created by CFATS should strive to achieve under each Risk-Based Performance Standard (RBPS). It also seeks to help facilities comply with CFATS by describing in greater detail the eighteen RBPSs enumerated in CFATS, and by providing examples of various security measures and practices that could be selected to achieve the desired level of performance for each RBPS at each tier.

DHS request for comment on CFATS regulatory provisions for aboveground gasoline storage tanks. Published on January 12, 2010. The Department of Homeland Security invites public comment on issues related to certain regulatory provisions in the Chemical Facilities Anti-Terrorism Standards (CFATS) that apply to facilities that store gasoline in aboveground storage tanks. Written comments must be submitted on or before March 15, 2010.

Paperwork Reduction Act Notices for Comment

Federal agencies are required to provide justifications before requesting information from individuals and groups, to ensure that the information is necessary and will used effectively. The Office of Management and Budget (OMB) manages this requirement and grants approval for requests of information.

CSAT Information Collection Request (1670-0007)

ICR Expired 05/31/2011

• 60 Day Notice to solicit comments for OMB Collection #1670-0007 (Helpdesk, User Registration, CVI Authorized User Training and Application, Top Screen, SVA, and SSP). Published November 23, 2007.


• 30 Day Notice to solicit comments for OMB Collection #1670-0007 (Helpdesk, User Registration, CVI Authorized User Training and Application, Top Screen, SVA, and SSP). Published January 28, 2008.

ICR Expired 03/31/2013

• 60 Day Notice to solicit comments for a revision to OMB Collection #1670-0007. Published July 01, 2009. This revision modifies the burden on many of the instruments based upon historical data submitted to the Department since the initiation of the collection. Several of the instruments are refined to reflect the maturing regulatory program. The instruments in collection #1670-0007 include: CFATS Helpdesk, Chemical-terrorism Vulnerability Information Authorization, CSAT User Registration, CSAT Top-Screen, CSAT Security Vulnerability Assessment and Alternative Security Program submitted in lieu of the CSAT Security Vulnerability Assessment, and the CSAT Site Security Plan and Alternative Security Program submitted in lieu of the CSAT Site Security Plan.


• 30 Day Notice to solicit comments for a revision to OMB Collection #1670-0007. Published September 25, 2009. This revision modifies the burden on many of the instruments based upon historical data submitted to the Department since the initiation of the collection. Several of the instruments are refined to reflect the maturing regulatory program. The instruments in collection #1670-0007 include: CFATS Helpdesk, Chemical-terrorism Vulnerability Information Authorization, CSAT User Registration, CSAT Top-Screen, CSAT Security Vulnerability Assessment and Alternative Security Program submitted in lieu of the CSAT Security Vulnerability Assessment, and the CSAT Site Security Plan and Alternative Security Program submitted in lieu of the CSAT Site Security Plan.


• Notice of Action issued by OMB to the Department authorizing the revised collection of information under OMB Collection #1670-0007. Issued on March 19, 2010. The information collection includes: CFATS Helpdesk, Chemical-terrorism Vulnerability Information Authorization, CSAT User Registration, CSAT Top-Screen, CSAT Security Vulnerability Assessment and Alternative Security Program submitted in lieu of the CSAT Security Vulnerability Assessment, and the CSAT Site Security Plan and Alternative Security Program submitted in lieu of the CSAT Site Security Plan. The complete information collection package may be found on the OMB website, www.reginfo.gov.

• 60 Day Notice to solicit comments for a revision to OMB Collection #1670-0007. Published December 17, 2012. This revision modifies the burden on many of the instruments based upon historical data submitted to the Department since the initiation of the collection. Several of the instruments are refined to reflect the maturing regulatory program. The instruments in collection #1670-0007 include: CFATS Helpdesk, Chemical-terrorism Vulnerability Information Authorization, CSAT User Registration, CSAT Top-Screen, CSAT Security Vulnerability Assessment and Alternative Security Program submitted in lieu of the CSAT Security Vulnerability Assessment, and the CSAT Site Security Plan and Alternative Security Program submitted in lieu of the CSAT Site Security Plan.

• 30 Day Notice to solicit comments for a revision to OMB Collection #1670-0007. Published March 18, 2013. This revision modifies the burden on many of the instruments based upon historical data submitted to the Department since the initiation of the collection. Several of the instruments are refined to reflect the maturing regulatory program. The instruments in collection #1670-0007 include: CFATS Helpdesk, Chemical-terrorism Vulnerability Information Authorization, CSAT User Registration, CSAT Top-Screen, CSAT Security Vulnerability Assessment and Alternative Security Program submitted in lieu of the CSAT Security Vulnerability Assessment, and the CSAT Site Security Plan and Alternative Security Program submitted in lieu of the CSAT Site Security Plan.

CFATS Personnel Surety Information Collection (1670-NEW)

ICR Submitted in June of 2011 – (Withdrawn July 2012)

• 60 Day Notice to solicit comments for OMB Collection #1670-NEW (CFATS Personnel Surety). Published June 10, 2009. This information collection will allow high-risk chemical facilities to comply with 6 CFR 27.230(a)(12)(iv) to implement "measures designed to identify people with terrorist ties."
• 30 Day Notice to solicit comments for OMB Collection #1670-NEW (CFATS Personnel Surety). Published April 13, 2009. This information collection will allow high-risk chemical facilities to comply with 6 CFR 27.230(a)(12)(iv) to implement "measures designed to identify people with terrorist ties." The 30 day notice also responds to comments received during the 60 day comment period.
• Paperwork Reduction Act (PRA) Notice that (a) responds to comments received during the PRA 30-day comment period, and (b) notifies the public that the Office of Management and Budget is beginning its review of the PRA Information Collection Request for the CFATS Personnel Surety Program.

NEW ICR Submitted in February of 2014

• 60 Day Notice to solicit comments for OMB Collection #1670-NEW (CFATS Personnel Surety Program). Published March 22, 2013. This information collection will allow high-risk chemical facilities to comply with 6 CFR 27.230(a)(12)(iv) to implement "measures designed to identify people with terrorist ties."

• 30 Day Notice to solicit comments for OMB Collection #1670-NEW (CFATS Personnel Surety Program). Published February 3, 2014. This information collection will allow high-risk chemical facilities to comply with 6 CFR 27.230(a)(12)(iv) to implement "measures designed to identify people with terrorist ties."

Chemical Facilities Anti-Terrorism Standards (1670-0014)

ICR Expired 03/31/2013

• 60 Day Notice to solicit comments for OMB Collection #1670-0014 (CFATS). Published July 1, 2009. This information collection will be used by facilities to communicate with or notify the department regarding, for example, a Request for Redetermination, Request for an Extension, Notification of New Top-Screen, and a Request for a Technical Consultation.


• 30 Day Notice to solicit comments for OMB Collection #1670-0014 (CFATS). Published September 25, 2009. This information collection will be used by facilities to communicate with or notify the department regarding, for example, a Request for Redetermination, Request for an Extension, Notification of New Top-Screen, and a Request for a Technical Consultation.


• Notice of Action issued by OMB to the Department authorizing the collection of information under OMB Collection #1670-0014. Issued on March 19, 2010. The information collection is used by facilities to communicate with or notify the department regarding, for example, a Request for Redetermination, Request for an Extension, Notification of New Top-Screen, and a Request for a Technical Consultation. The complete information collection package may be found on the OMB website, www.reginfo.gov.

• 60 Day Notice to solicit comments for OMB Collection #1670-0014 (CFATS). Published December 17, 2012. This information collection will be used by facilities to communicate with or notify the department regarding, for example, a Request for Redetermination, Request for an Extension, Notification of New Top-Screen, and a Request for a Technical Consultation.

• 30 Day Notice to solicit comments for a revision to OMB Collection #1670-0014. Published March 18, 2013. This information collection will be used by facilities to communicate with or notify the department regarding, for example, a Request for Redetermination, Request for an Extension, Notification of New Top-Screen, and a Request for a Technical Consultation.

Chemical-terrorism Vulnerability Information (CVI) Information Collection (1670-0015)

ICR Expires 03/31/2013

• 60 Day Notice to solicit comments for OMB Collection #1670-0015 (Chemical-terrorism Vulnerability Information). Published July 01, 2009. This information collection will be used to manage the CVI program in support of CFATS.


• 30 Day Notice to solicit comments for OMB Collection #1670-0015 (Chemical-terrorism Vulnerability Information). Published September 25, 2009. This information collection will be used to manage the CVI program in support of CFATS.


• Notice of Action issued by OMB to the Department authorizing the collection of information under OMB Collection #1670-0015. Issued on March 19, 2010. This information collection is used to manage the CVI program in support of CFATS. The complete information collection package may be found on the OMB website, www.reginfo.gov.
• 60 Day Notice to solicit comments for OMB Collection #1670-0015 (Chemical-terrorism Vulnerability Information). Published December 17, 2012. This information collection will be used to manage the CVI program in support of CFATS.
• 30 Day Notice to solicit comments for OMB Collection #1670-0015 (Chemical-terrorism Vulnerability Information). Published March 18, 2013. This information collection will be used to manage the CVI program in support of CFATS.

Privacy Impact Assessments

In compliance with the Privacy Act (5 U.S.C. §552a (e) (3)), CFATS is making publicly available its Privacy Act Statement and updating documentation about how personal information is handled, used, shared, and protected by CFATS.

• CSAT Privacy Impact Assessment (original, published March 25, 2007) (PDF, 15 pages - 211 KB).


• CSAT Privacy Impact Assessment Update (update, published May 25, 2007) (PDF, 10 pages - 216 KB).


• CSAT Privacy Impact Assessment Update (update, published October 27, 2008) (PDF, 5 pages - 211 KB).


• CFATS Privacy Impact Assessment Update (update, published June 5, 2009) (PDF, 7 pages - 198 KB).


• CFATS Privacy Impact Assessment Update (update, published June 11, 2009) (PDF, 6 pages - 168 KB).

System of Record Notices

The Privacy Act of 1974 mandates that an agency must file a public System of Records Notice (SORN) when a new system is created that will collect and/or house personal information.

• CFATS PII is collected under the General Information Technology Access Account Records System (GITAARS) DHS/ALL-004.

E-Verify. An online system operated jointly by the Department of Homeland Security and the Social Security Administration (SSA) where employers can check the work status of new hires online by comparing information from an employee's I-9 form against SSA and Department of Homeland Security databases.

Optional Practical Training Interim Final Rule. An interim final rule extending the period of Optional Practical Training (OPT) from 12 to 29 months for qualified F-1 non-immigrant students with a degree in science, technology, engineering, or mathematics who are employed by businesses enrolled in the E-Verify program.

H-2A Temporary Agricultural Worker Program Proposed Changes. The proposed changes to the rule reduce current limitations and certain delays faced by U.S. employers and relax current limitations on employers’ ability to petition for multiple, unnamed agricultural workers.

Critical Infrastructure Information Act. The Critical Infrastructure Information Act of 2002 (CII Act) seeks to facilitate greater sharing of critical infrastructure information among the owners and operators of the critical infrastructures and government entities with infrastructure protection responsibilities, thereby reducing the nation’s vulnerability to terrorism.

Final Rule: Procedures for Handling Protected Critical Infrastructure Information. These procedures govern the receipt, validation, handling, storage, marking and use of critical infrastructure information voluntarily submitted to the Department of Homeland Security (PDF, 17 pages - 168 KB).

Changes to the Visa Waiver Program to Implement the Electronic System for Travel Authorization (ESTA) Program: Interim Final Rule. Requires Visa Waiver Program travelers to provide certain biographical information to U.S. Customs and Border Protection (CBP) officers electronically before departing to the United States.

Public Health Security and Bioterrorism Preparedness and Response Act of 2002 (Bioterrorism Act/BTA)
Includes a number of provisions designed to improve the food safety efforts of the Food and Drug Administration (FDA) in cooperation with U.S. Customs and Border Protection (CBP), including new authority to protect the food supply against terrorist acts and other threats.