Safety Act rule improves process

Final rule clarifies previously vague measures and removes some provisions industry had not liked

The final rule implementing the Support Anti-terrorism by Fostering Effective Technologies Act of 2002, better known as the Safety Act, marks a significant improvement compared with the interim rule it replaces, but it is not without flaws, said an attorney whose practice covers the law.

“It’s a much, much better regulation than what we had before,” said David Bodenheimer, a partner at Crowell and Moring. The Homeland Security Department “has finally heard Congress loud and clear that they’re supposed to be unleashing America’s best technology to combat terrorism.”

The law is intended to encourage companies to field innovative technologies. It limits the liability damages for companies supplying designated technologies to an amount covered by insurance. It forbids punitive damages and requires all litigation to be tried in a federal court. Companies must submit their products to DHS for evaluation.

Bodenheimer said the final rule improves on the interim rule in at least three ways: It allows DHS to approve systems rather than having to approve individual components of a system; it no longer requires certification to automatically terminate when a company modifies a product; and it makes clear that the act’s protections apply outside the United States.

The rule is still flawed, Bodenheimer said. Certifications automatically expire after several years; it requires companies to certify, under threat of penalty, parameters that can only be estimated, not precisely measured; and the submission process requires companies to risk having their private information exposed through data theft or other security breaches.

The new final rule, however, streamlines the Safety Act evaluation process, which should help bring new technologies to the market, Bodenheimer said. “There are companies that, because of the burden and the risk, have simply refused to submit applications,” he said. “In some cases, they’re not offering the technology. This changes that calculus.”

Tom Conaway, managing partner of homeland security at Unisys, said there are some jobs that the company probably would not pursue without Safety Act coverage. Unisys has one solution under evaluation for Safety Act certification, and it will submit more, Conaway said.

For the most part, he added, DHS improved the application of the act with the final rule. “They made very good progress in getting to the final rule,” he said. “They did indeed seem to address a lot of concerns and recommendations that industry had been talking about.”

Alan Chvotkin, senior vice president and counsel at the Professional Services Council, said he is pleased with the regulation. “The final rule is a critical step forward and gives clear guidance to [DHS] officials, other government agencies and the companies that are encouraged to promote the development and deployment of anti-terrorism technologies.”

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.