The Federal Aviation Administration (FAA) has issued a Notice (FAA Notice) that it is replacing the current methods for restricting release of private aircraft flight plan data (the so-called Block Aircraft Registration Request, or BARR Program). The revisions will go into effect on August 2, 2011 (subject to vigorous dispute, as discussed below). The below guidance is accurate as of the date of this publication, but this is a rapidly evolving issue and change/clarification is likely.
The National Business Aviation Association (NBAA) and other organizations are seeking relief both on Capitol Hill and in the courts. The FAA made its decision to make more flight data available (by narrowing the ability to block access to this information) premised on the Open Government Act (Public Law 110-174, 2007), which encourages accessibility, accountability and openness in government. Opponents say that the risks of releasing the data (and the fact that the data provides "live" flight tracking) far outweigh any perceived benefit. Opponents have sought an injunction to allow the issue to be litigated before the policy chance is effective.
Operators seeking to block public access to their flight plan data information must submit a written notice of a "Certified Security Concern." According to the clarifying information accompanying the FAA Notice, companies need to consider the following:
- Do you qualify? To claim a Certified Security Concern, an operator must establish: (a) facts and circumstances establishing a "Valid Security Concern," meaning a verifiable threat to person, property or company, including a threat of death, kidnapping or serious bodily harm; a recent history of violent terrorist activity in the area in which the aircraft will operate; or a threat against a company; or (b) that the owner or operator has a bona fide business-oriented security concern under Treasury Regulation 1.132-5(m). To fit within the Treasury Regulations, there needs to be a specific basis for the security concern (not a generalized concern) AND there needs to be an "overall security plan" and "independent security study" applicable to that employee.
- What must you file? The FAA Notice does not specify what, if anything, needs to be included to establish a Certified Security Concern.
However, in response to NBAA questions, the FAA provides the following guidance:
- The security concern must exist at the time of certification;
- No supporting documentation is required; and
- There is no form.
For those operators seeking to claim a Certified Security Concern, a letter containing the following information should be sent electronically and via "snail mail":
- Identification of the aircraft (make, model, serial and registration numbers);
- A statement that either there is a Valid Security Concern affecting the aircraft at issue or that there is a business-oriented security concern under the Treasury Regulations; and
- A request that the FAA block the aircraft identification either prior to FAA release of the data feed (preferred) or to block the aircraft identification from release by subscribers to the FAA data feed.
Letters should be emailed to CertifiedSecurityConcern@faa.gov; a registered copy should be sent to: FAA Certified Security Concern, ATO System Operations Services, Room 1002, 800 Independence Avenue, SW, Washington, DC 20591.
In the future, the FAA may issue a mandatory form that places unfavorable requirements or consequences on operators. Until then, it is our expectation that the FAA will honor requests without inquiry (and may examine filings at a later date).