Lots of Regulations and Cash but is it Working?
by Vicki Contavespi

Ports are complicated, amorphous creatures.  Their sheer breadth is staggering. In the U.S. alone, there are more than 3,700 cargo and passenger terminals and more than 1,000 harbor channels running along roughly 12,800 miles of coastline. The Port of Houston, not even the biggest, has 28 miles of coastline. According to the U.S. Coast Guard, there are 361 major ports with Port Authorities; others are governed by various state and local public entities, port-navigation districts and municipal port departments.

Port Authorities’ purview includes airports, bridges, tunnels, commuter rail systems, inland river or shallow draft barge terminals, industrial parks, Foreign Trade Zones, world trade centers, terminal or short-line railroads, shipyards, dredging, marinas and other public recreational facilities. They compete amongst themselves because, ultimately, ports are engines of commerce. Big engines of commerce.

According to the American Association of Port Authorities’ most recent numbers (from 2007), commercial activities created jobs for more than 13.3 million Americans, including nearly 12 million who are employed in exporter/importer-related businesses and support industries throughout the U.S. And, the airport & maritime security budgets are expected to grow to roughly $40 billion by 2018, up from $22.28 billion in 2013. (Source: Markets & Markets Report and Research & Markets reports)

An attack on a major U.S. port would have serious ramifications for the entire globe because, according to U.S. Census statistics, the value of international goods shipped through U.S. seaports in 2011 was $1.73 trillion, representing more than 11 percent of the total U.S. GDP.  This does not include the value of domestic cargo moved through seaports (estimated to be one billion tons annually), the value of cargo-handling services or cruise-industry impacts.

Acting, not Reacting

When the U.S.S. Cole was attacked in 2000, it became apparent that ships and ports needed more protection, especially against unorthodox threats, but when 9/11 happened, a major sea change occurred: No longer could ports be defensive and laid back—they had to get proactive, and fast.

Two programs, the Maritime Transportation and Security Act (MTSA) for the U.S. and the International Ship and Facility Security (ISPS) Code, for international voyages, were put into law in 2002 and 2004, respectively.

The ISPS Code, introduced by the United Nations in conjunction with 108 countries, and the MTSA require vessels and port facilities to conduct regular vulnerability assessments and develop evolving security plans that include passenger-, vehicle- and baggage-screening procedures; security patrols; the establishment of restricted areas; initiation of personnel-identification procedures; access control measures; and/or the installation of surveillance equipment. However, not all vessels and port facilities in the U.S. are affected by the MTSA regulations.  Only those sectors considered to have a high risk of involvement in an incident are affected by this law.

Herman Gomez, a maritime security consultant and the former director of the Office of Training, Planning and Development of the Security/Police Division at the Port of Miami, says that the most important part of these codes is the requirement that each port create and maintain a thorough security plan, detailing everything that a port has, including how it is organized, how many people are dedicated to security, what kind of communications the officers use, what kind of training they give and how often it is done. Also mandated is maintaining a contingency plan in case of disaster.

“One problem with the security plan,” says Gomez, “is that sometimes a port implements a new feature but it isn’t reflected in writing on the plan because of lack of time or sloppiness.” These omissions could severely impact procedures during an incident.

However, his major concern is that the codes require every major international seaport to secure its access control by water, and it is nearly impossible for all ports and marinas to have surveillance equipment or, at the very least, a patrol boat in the water. “Major ports do this as required by the code,” Gomez relates, “but some ports don’t have the money to comply with these regulations.” The Port of Miami, one of the largest in the world, spent some $50 million to comply with security requirements for both the passenger and cargo areas.

Smaller ports do what they can, but they are the soft underbelly of the maritime security world.

Paving a Fast Lane for Access Control
Then there is the Transportation Worker Identification Credential, or the TWIC program, which mandated that the DHS issue an ID card with biometrics (like fingerprints) to control access to secure areas of ports or on ships. Meant for Coast Guard-credentialed merchant mariners, port-facility employees, long shore workers, truck drivers, and others requiring unescorted access to secure areas of maritime facilities and vessels regulated by MTSA, the Transportation Safety Administration (TSA) had a preliminary deadline of 6 million maritime workers, all of whom were to have cards by 2004. It didn’t happen. As of April 14, 2014 the U.S. Coast Guard reports that total enrollment is 2.95 million with 1.99 million active cards. On them is the person’s name, the card’s expiration date, a digital photo and two fingerprints.

But, as Edward Madura, security chief of the Port of Everett, Wash. says, “The West Coast’s Long Shore Union won’t put their cards into the readers.” Why? “They feel it’s an invasion of privacy.” This seems a vacuous stance since even smartphones use biometric fingerprints. Moreover, these same longshoremen could shut down commerce and leave a facility unable to move its goods.

Bureaucracy also bedevils port-security professionals. “It took us a year to get the TSA to realize that sometimes TWIC cards are illegitimate,” says Madura. “They told us operators that we couldn’t take action on someone who tried to use a valid TWIC illegitimately. We can kick them off the facility but we cannot call the police or take the card,” he adds. What they can do is fine them $10,000 per person, per incident, but if that fraudulent user happened to have a malevolent goal, too bad—once a dirty bomb or some other sort of WMD has reached a port, it’s already too late.
The Port of Los Angeles: 4,300 acres of land spread along 43 miles of waterfront.
The Port of Los Angeles: 4,300 acres of land spread along 43 miles of waterfront.

The TWIC system has another major oversight problem—it does not tap into the national criminal database. So, if a card holder has a felony, is a drug dealer or simply had their driver’s license revoked, they would still be able to get a card.

“TWIC is a federal requirement, and it’s good, but some seaports require other types of ID in addition to the TWIC, and that is working better,” says Herman Gomez. It also makes a lot of sense.

And a Fast Lane for Cargo
Other major initiatives stemming from 9/11 are the Customs-Trade Partnership Against Terrorism (C-TPAT) and the Container Security Initiative (CSI), which are a voluntary supply-chain security programs headed up by U.S. Customs and Border Protection (CBP). They focus on improving the security of the foreign ports and private sector’s supply chains vis-à-vis terrorism.

Companies that obtain a C-TPAT or a CSI certification must have a documented process for assessing and alleviating risks throughout their international supply chain. The plan allows companies to get quicker cargo processing and fewer Customs examinations.

Lack of funding is a major bugaboo of this program, but security managers know they need to have it to keep goods flowing. Gomez says, “CBP is doing its job, there are x-ray machines in most major seaports and smaller ones use two antennae with CBRNE sensors, which the cargo container passes through.” However, he says that “Many are private ports, meaning the land belongs to the government and the port operation belongs to the private sector. They try to save money as much as they can and some international ports are lagging behind.”

At this point, roughly 12 percent of all international cargo shipments are inspected in the U.S. However, there are about 60 CSI-certified ports in Europe, Latin-America and Africa that are well-equipped, too, according to Gomez. These ports handle about 80% of the cargo entering the U.S.  The CSI and C-TPAT programs are considered to be excellent.

Upgrading Technologies
In the 10 years since the ISPS and MTSA codes have been in place, the security at U.S seaports and aboard vessels has improved tremendously, and so has technology. Smaller ports are doing what they can to upgrade to the latest 360-degree surveillance technologies, to install radar and other sensors in terminals and around their perimeters. Cruise ships, too, are upgrading both onboard and in terminals.

Roughly 22 million people took a cruise last year. Cruise lines have separate laws from ports and, according to Steve Donovan, Oncam Grandeye’s director of sales for the Americas, “a lot of the guidelines were so subjective that the industry hasn’t implemented any standards.” Royal Caribbean was a leader, Donovan relates, and took a proactive approach to security by arming each of its 20 ships with more than 700 cameras. ”For years cruise lines didn’t want to discuss security,” says Donovan, who is in charge of the Royal Caribbean work with Oncam. “Now, they need to prove they are safe for customers, and they are upgrading to 360-degree technology, which saves them money because it requires fewer cameras while giving them better visibility as to what is happening onboard.”

Ironically, the biggest concern for some ports is the cruise ships themselves, because when a floating city comes into port it opens up a whole new can of worms. “It turns the security people’s jobs into hell,” says Madura.

That may be, but it also brings in a huge pot of gold to the ports and the cities they visit. According to Cruise Market Watch, the total worldwide cruise industry is estimated to be worth $37.1 billion (a 2.3% increase over 2013). “Getting the cruise lines brings in more jobs for people onboard, in parking facilities and building new infrastructure,” says Donovan. “What are needed are stronger security standards.” The same can be said for virtually the entire maritime world.