Coast Guard Publishes TWIC Final Rule
It requires owners and operators of certain vessels and facilities regulated by the Coast Guard to conduct electronic inspections of Transportation Worker Identification Credentials as an access control measure.
The U.S. Coast Guard has published its final rule on Transportation Worker Identification Credential (TWIC) reader requirements. It requires owners and operators of certain vessels and facilities regulated by the Coast Guard to conduct electronic inspections of TWICs as an access control measure, and the rule implements recordkeeping requirements and security plan amendments.
The rule applies to Risk Group A facilities and vessels:
- Vessels certificated to carry more than 1,000 passengers
- Vessels that carry certain dangerous cargo (CDC) in bulk
- Vessels engaged in towing another Risk Group A vessel
- Facilities that handle CDC in bulk
- Facilities that receive vessels certificated to carry more than 1,000 passengers
These include waterfront facilities handling dangerous cargoes (as generally defined in 49 CFR parts 170 through 179); waterfront facilities handling liquefied natural gas and liquefied hazardous gas; facilities transferring oil or hazardous materials in bulk; Mobile Offshore Drilling Units; cargo vessels or passenger vessels subject to the International Convention for Safety of Life at Sea, 1974 (SOLAS), chapter XI-1 or Chapter XI-2; foreign cargo vessels larger than 100 gross register tons; self-propelled U.S. cargo vessels larger than 100 gross tons; offshore supply vessels; passenger vessels certificated to carry more than 150 passengers; passenger vessels carrying more than 12 passengers engaged on an international voyage; barges carrying bulk cargoes regulated under the Coast Guard's regulations regarding tank vessels or CDC; barges carrying CDC or cargo and miscellaneous vessels engaged on an international voyage; tank ships; and, generally, towing vessels more than 8 meters in register length engaged in towing barges.
According to USCG, the rule builds on existing regulations designed to ensure that only individuals who hold a valid TWIC are granted unescorted access to secure areas of Coast Guard-regulated vessels and facilities; it implements requirements of the Maritime Transportation Security Act of 2002 and the Security and Accountability For Every Port Act of 2006 (SAFE Port Act).
DHS requires that a security guard examines the security features (hologram and watermark) embedded on the surface of the credential, checks the expiration date listed on the card, and compares the photograph to the person presenting the credential. "While this system of 'visual TWIC inspection' provides some benefits," USCG stated, "it does not address all security concerns, nor does it make full use of the security features contained in the TWIC. For example, if a TWIC is stolen or lost, an unauthorized individual could make use of the credential, and provided that individual resembles the picture on the TWIC, could gain access to a secure area. Additionally, if a TWIC is revoked because the individual has committed a disqualifying offense, such as the theft of explosives, there is no way for security officers on a vessel or at a facility to determine that fact from the face of the TWIC. Finally, a sophisticated adversary could forge a realistic replica of a credential. It is also worth noting that since a TWIC-holder is required to renew his or her credential every 5 years, the TWIC-holder's resemblance to the picture on the TWIC may decrease over time, rendering visual inspection a somewhat less accurate means to confirm identity. Through the process of 'electronic TWIC inspection,' by which TWICs are authenticated, validated, and the individual's identity confirmed biometrically, all of these scenarios would be thwarted or mitigated."