Order Code RL32625
CRS Report for Congress
Received through the CRS Web
Passenger Rail Security:
Overview of Issues
Updated January 20, 2006
David Randall Peterman
Analyst in Transportation
Resources, Science, and Industry Division
Congressional Research Service ˜ The Library of Congress

Passenger Rail Security: Overview of Issues
Summary
The July 2005 bombings of transit trains in London again demonstrated the
vulnerability of passenger rail systems to terrorist attack. The number of riders and
access points make it impractical to subject all rail passengers to the type of screening
airline passengers undergo. Nevertheless, steps can be taken to reduce the risks of
an attack.
The 9/11 Commission called for a systematic analysis of transportation assets,
the risks to those assets, and the costs and benefits of different approaches to
defending those assets; the Commission also called for homeland security assistance
to be distributed based on these assessments of risks and vulnerabilities, rather than
according to population.
The Intelligence Reform and Terrorism Prevention Act of 2004 (P.L. 108-458)
did not directly address passenger rail security, but did direct the Department of
Homeland Security (DHS) to create a national strategy for transportation security.
This plan would identify national transportation assets, set risk-based priorities for
their protection, assign responsibilities for their protection, and recommend
appropriate levels and sources of funding for these efforts. DHS delivered a
classified report on a “National Strategy for Transportation Security” to Congress in
September 2005.
The FY2006 appropriations bill for the Department of Homeland Security
(DHS) provided $150 million for grants for freight rail, passenger rail, and transit
security; the same amount was provided for FY2005. The House-passed DHS
authorization bill (H.R. 1817) provides no specific requirements for passenger rail
security; it would require DHS to work with stakeholders and public officials to
develop best security practices for public transportation. Several other bills have
been introduced that would increase federal responsibility for passenger rail security.
A key challenge facing Congress is balancing the desire for and cost of
increased rail passenger security with the impacts of security measures on the
operating efficiency of passenger rail systems, with the potential costs that could be
incurred in the event of one or more attacks, and with the costs and benefits of other
options for promoting homeland security. Some argue for greatly increased federal
funding to help secure passenger rail systems against terrorist attack. Others argue
that passenger rail systems are not only inherently vulnerable targets for terrorist
attack, and thus difficult to defend, but also are only one among many groups of
potential terrorist targets (e.g., schools, shopping malls, etc). Attempting to defend
each of these groups of potential targets would cost billions of dollars, and the
security measures may not only be of unproved effectiveness but may also interfere
with the way these institutions operate, imposing many indirect costs on society.
Some argue that greater overall security can be achieved at less cost by focusing
federal security spending on anti-terrorist activities of national defense, intelligence,
and law-enforcement organizations, reducing the threat of terrorism to all homeland
activities. This report will be updated as warranted.

Contents
Passenger Rail Systems Are Inherently Vulnerable . . . . . . . . . . . . . . . . . . . . 1
What Security Measures Have Been Taken for Passenger Rail? . . . . . . . . . . 2
Industry Security Spending and Funding Requests . . . . . . . . . . . . . . . . . . . . 2
Risk Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Evaluating Security Funding Requests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Security Involves Trade-Offs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Legislation in the 109th Congress . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
List of Tables
Table 1. Share of FY2005 DHS Transit Security Grant Funding Going to
Top Six Urban Areas by Passenger Rail Ridership . . . . . . . . . . . . . . . . . . . . 9

Passenger Rail Security: Overview of Issues
In the current atmosphere of heightened concern about terrorism, the bombings
of London subway trains on July 7th, 2005, and the attempt to repeat those bombings
on July 21st, increased congressional interest in reducing the risk of attacks against
passenger rail operations in the United States. The 9/11 Commission characterized
the federal emphasis on aviation security spending as “fight[ing] the last war,” noting
that “opportunities to do harm are as great, or greater, in maritime or surface
transportation.”1 This report summarizes the challenges of securing passenger rail
systems, options for making decisions about security funding, industry requests for
funding, and legislative initiatives. It does not address the security of freight rail
operations. However, since some passenger rail operations use the same track and
facilities as freight rail, these topics cannot be completely separated.
Passenger Rail Systems Are Inherently Vulnerable
Passenger rail service takes four forms: heavy rail (e.g., subway systems like
Washington D.C.’s Metro), commuter rail (e.g., Maryland’s MARC and Virginia’s
Virginia Railway Express [VRE] trains), light rail (e.g., Dallas’ DART) — these all
fall under the category of public transit — and intercity passenger rail (Amtrak).
These forms share certain characteristics that make them vulnerable to attack: they
make scheduled stops along fixed routes; their operations depend on people having
quick and easy access to stations and trains; and the number of access points and
volume of ridership make it impractical to subject all rail passengers to the type of
screening that airline passengers undergo. As the 9/11 Commission noted in its final
report, “Surface transportation systems such as railroads and mass transit remain hard
to protect because they are so accessible and extensive.”2
In light of that vulnerability, the casualty rate for terrorist attacks on passenger
rail facilities is lower than might be expected. According to an estimate based on a
database of terrorist incidents maintained by the RAND Corporation and the
Oklahoma City Memorial Institute to Prevent Terrorism, there were a total of 181
terrorist attacks on trains and rail-related targets such as stations worldwide between
1998-2003, an average of 30 per year.3 These incidents resulted in a total of 431
deaths. One attack — a derailment of a train followed by attacks on the surviving
1 The 9/11 Commission Report: Final Report of the National Commission on Terrorist
Attacks Upon the United States
, New York: W. W. Norton, 2004, p. 391.
2 The 9/11 Commission Report, 2004, p. 391.
3 These numbers do not include the 2004 Madrid bombing, which killed 191 people.

CRS-2
passengers, in Angola — accounted for 252 of these deaths.4 There were no attacks
recorded in the United States. Of course, this does not mean there will not be attacks
in the United States in the future.
What Security Measures Have Been Taken for Passenger
Rail?

On May 20, 2004, the Department of Homeland Security issued security
directives for passenger rail systems.5 These directives have not been made public,
but according to reports, largely reflect actions already taken by many rail systems.6
These include removing or hardening trash containers on boarding platforms that
could be used to hide bombs, increasing the presence of security officers, using video
surveillance in and around stations, conducting random inspections of passengers and
baggage (sometimes with the help of bomb-sniffing dogs), and encouraging riders to
look for suspicious activity.
With limited options for preventing an attack, transit agencies have focused on
minimizing the harm from an attack (this is referred to as “consequence
management”). Consequence management efforts include vulnerability assessments,
emergency planning, emergency response training and drilling of transit personnel,
ideally in coordination with first responders, as well as purchase of communication
and safety equipment. The federal government has assisted many of these efforts
with funding and expertise.7 These actions also help agencies prepare for natural
disasters, criminal activity, and other potential disruptions to their operations.
Industry Security Spending and Funding Requests
The passenger rail community says that it has made security improvements, but
is constrained by the limits of available funding; thus its primary security issue is
finding a way to pay for additional security improvements. The transit industry
(which includes bus-only systems as well as rail systems, but does not include
Amtrak) reports that it has spent over $2 billion on security activities since 9/118; the
industry has requested $5.2 billion in federal security-related capital investment (for
protection of infrastructure and vehicles, enhancing evacuation capabilities, and
improving emergency response) over three years and $800 million annually in
4 Cited by Jack Riley, Director of RAND Public Safety and Justice, in testimony before the
Senate Committee on Commerce, Science, and Transportation, March 23, 2004.
5 United States Department of Homeland Security Press Office, “Department of Homeland
Security Announces New Measures to Expand Security for Rail Passengers,” May 20, 2004.
6 Peter Whoriskey, “U.S. Issues Anti-Terror Regulations for Rail Systems,” Washington
Post
, May 21, 2004, p. B1.
7 United States General Accounting Office, Rail Security: Some Actions Taken to Enhance
Passenger and Freight Rail Security, but Significant Challenges Remain
, GAO-04-598T,
pp. 11-14.
8 William W. Millar, President, American Public Transportation Association, testimony
before the Subcommittee On Economic Security, Infrastructure Protection, and
Cybersecurity, House Homeland Security Committee, September 7, 2005.

CRS-3
ongoing operating and maintenance expenditures — a total of $7.6 billion over three
years, or just over $2.5 billion annually.9 It is not clear how much of the requested
funding is for securing passenger rail operations versus securing bus operations; for
the transit industry, passenger rail operations represented 67% of total capital costs
and 32% of total operating costs in FY2002.10 Amtrak has identified $110 million
in one-time costs and $10-12 million annually in on-going costs for security
activities.11
The federal government provided $65 million in security grants to transit
agencies in FY2003,12 $50 million in FY2004,13 and $150 million for security grants
for intercity passenger rail, freight rail, and transit in both FY200514 and FY200615
— a total of $415 million over four years (in FY2002 the federal government also
made one-time appropriations of $100 million to Amtrak and $39 million to the
Washington Metropolitan Area Transit Authority for security expenses16). The
industry’s request for $7.6 billion in security funding over three years is over 20
times more than Congress has provided over the past three years. Given the size of
the passenger rail community’s requested funding, it is likely that policy makers will
want to evaluate the potential effectiveness of the industry’s proposed spending, as
well as consider the role of local and state governments in funding security
improvements for transit agencies. In addition, policy makers might consider the
other funding needs of the transit community, such as the need for increased spending
to accommodate increasing demands for transit service.
There is a general consensus among security experts that passenger rail systems
are inherently vulnerable, and thus virtually impossible to defend against attack, due
to the very nature of their design and operations. The recent record of passenger rail
attacks worldwide — 181 attacks over a period of six years, resulting in 431 deaths
(252 of which were caused by one attack) — suggests both the relative frequency of
such attacks and the relatively low mortality of most attacks. Congress has indirectly
acted to increase the security of passenger rail operations (and many other activities
of daily life) in recent years by providing additional funding for anti-terrorist
activities of national defense, intelligence and law-enforcement organizations, as well
as increased funding for broader homeland security activities.
9 American Public Transportation Association, Survey of United States Transit System
Security Needs and Funding Priorities: Summary of Findings
, April 2004, p. 1.
10 American Public Transportation Association, 2004 Public Transportation Factbook.
11 These include security improvements to its largest stations and its tunnels, backup
communications and control capacity, and adding the capability to track train movements
outside the Northeast Corridor. Testimony of E. R. Frazier, Sr., Amtrak Chief of Police and
Security, before the Senate Committee on Commerce, Science, and Transportation, March
23, 2004.
12 In the FY2003 Emergency Wartime Supplemental Appropriations Act, P.L. 108-11.
13 In the FY2004 DHS Appropriations Act, P.L. 108-90.
14 In the FY2005 DHS Appropriations Act, P.L. 108-334.
15 In the FY2006 DHS Appropriations Act, P.L. 109-90.
16 In the FY2002 Department of Defense Appropriations Act, P.L. 107-117

CRS-4
The ability of the passenger rail community to fund desired security
improvements out of its own resources is limited: both the transit industry and
Amtrak operate at a deficit and require government assistance to cover their costs.
However transit agencies also receive a significant amount of funding from local and
state governments. One issue is whether the federal government should have the
primary responsibility for funding security improvements for transit agencies, or
whether that responsibility should be shared with local and state governments. The
federal government has generally considered security a responsibility of the transit
agency and the local community. Advocates of federal responsibility for security
funding argue that, since the greatest current concern is chiefly about attacks from
foreign terrorists, the federal government should bear responsibility for providing
security funding in its role of providing national defense. Also, they argue that the
economic difficulties faced by state and local governments limit their ability to assist
transit agencies with additional security funding. Advocates of a local responsibility
for funding security improvements argue that the federal government is exercising
its national defense responsibility through funding national defense efforts, that
taxpayers all over the country should not be required to pay for security
improvements to a relatively small number of transit agencies located in large
metropolitan areas, and that since local and state governments are concerned with the
security of the metropolitan areas in which these transit agencies operate, it makes
sense for these governments to be involved in securing the transit agencies as well.
Moreover, many of the security measures that passenger rail organizations may
employ have other benefits to the systems, often in reducing other types of threat to
passengers (for example, from ordinary criminal activity and accidents) that are
considered to be chiefly local responsibilities. Finally, having the local community
take responsibility for funding the security improvements can help in evaluating the
cost-effectiveness of proposed security improvements, as the local community would
have the opportunity to decide what security improvements seem worth paying for.
Congress may also consider the benefit of increased funding for the security of
the passenger rail community against the other funding needs of the community. The
Federal Transit Administration (FTA) has estimated that the transit industry requires
significant increases in capital spending (in the range of $3 billion to $8 billion
annually) merely to keep pace with rising demand; the industry is looking to the
federal government to help meet that need by increasing capital funding for transit.
The DOT Inspector General has testified that Amtrak requires additional resources
merely to return its system to a state of good repair and thus reduce the risk of a
serious accident.17 In an environment where federal domestic spending is likely to
be severely constrained, policymakers may wish to evaluate the overall value of
providing additional funding to increase passenger rail and transit services versus
additional funding for securing passenger rail systems, funding which may be of
questionable value in improving their security.
17 Kenneth M. Mead, Inspector General, United States Department of Transportation,
Assessment Report on Amtrak’s 2003 and 2004 Financial Performance and Requirements,
CC-2005-13, November 18, 2004.

CRS-5
Risk Management
One approach that could be used for assessing the level of funding needed and
how to allocate it is threat-based risk management. The Government Accountability
Office (GAO)18 and the 9/11 Commission19 recommended the use of threat-based risk
management to guide security actions, and the Homeland Security Act of 2002 (P.L.
107-296) directed that this approach be used for protecting key resources and critical
infrastructure assets. The Transportation Security Administration (TSA) is using this
approach to guide its security efforts.20
Threat-based risk management may be conceptualized as an equation:
Vulnerability + Threat + Criticality = Risk.21 ‘Vulnerability’ refers to ways a system
may be open to attack; ‘Threat’ refers to the likelihood of an attack on a system;
‘Criticality’ refers to the potential consequences of an attack; and ‘Risk’ results from
the combination of vulnerability, threat, and criticality. One implication of this
equation is that, while a passenger rail system may be vulnerable to attack, the risk
to the system may nevertheless be low if no threat is apparent, or if the vulnerability
is in an area where the consequences of an attack would be limited. Another
implication is that there are several ways to manage the risk to passenger rail. One
way is to make changes in the passenger rail systems to lower their vulnerability to
attack (e.g., hiring more police officers, introducing random screening of passengers
and bags, installing security cameras); another is to reduce the potential consequences
of an attack (e.g., through coordinated emergency response training exercises with
local first responders); and yet another is to make changes elsewhere that reduce
threats to those systems (e.g., putting more money into intelligence and law
enforcement to combat terrorism).
As the above equation indicates, a formal risk assessment results from the
combination of several studies: vulnerability assessments, threat assessments, and
criticality assessments. Each of these component studies has limitations. The
vulnerability of a system to attack, and the criticality of the system in the event of an
attack, must be assessed on the basis of assumptions about what sorts of attacks
might be attempted and a weighing of the impact of different types of consequences
(e.g., injuries and deaths, economic disruption, environmental degradation, symbolic
impact). The level of threat to a system is the sort of knowledge typically acquired
18 GAO, Transportation Security: Federal Action Needed to Help Address Security
Challenges
, GAO-03-843, June 2003, p. 51; Rail Security: Some Actions Taken to Enhance
Passenger and Freight Rail Security, but Significant Challenges Remain
, GAO-04-598T,
p. 14.
19 The 9/11 Commission Report, pp. 391, 396.
20 Stephen McHale, Deputy Administrator, Transportation Security Administration,
Testimony before the Subcommittee on Infrastructure and Border Security, House Select
Committee on Homeland Security, May 12, 2004.
21 For more discussion of risk management, see CRS Report RL32561, Risk Management
and Critical Infrastructure Protection: Assessing, Integrating, and Managing Threat,
Vulnerabilities and Consequences
, by John Moteff; and Carl A. Roper, Risk Management
for Security Professionals
, Butterworth-Heinemann, 1999.

CRS-6
by intelligence and law enforcement agencies and will likely change over time as new
information comes to light. Thus a risk assessment is an estimate, based on several
other estimates, and does not provide unambiguous guidance to prioritizing security
efforts. As well, producing these estimates necessarily involves decisions that
policy-makers may wish to review.
Moreover, using risk assessments of individual transit facilities to produce a
overall risk management strategy for a group of facilities introduces an additional set
of challenges. GAO recently published a review of the progress made by a few DHS
entities in applying risk management techniques to homeland security activities.22
In the report, GAO notes that there is little experience with using a risk management
approach to deal with terrorism.23 GAO found that the agency that had made the
most progress, the Coast Guard, while able to prioritize infrastructure according to
risk within individual seaports, was not yet able to prioritize infrastructure or
compare risks among different seaports.24
As a result of the Homeland Security Act of 2002 (P.L. 107-296), the
Information Analysis and Infrastructure Protection Directorate of the Department of
Homeland Security has been working for some time on risk assessments of key
resources and critical infrastructure assets of the United States, in order to prepare a
National Plan for Critical Infrastructure and Key Resources Protection, which was
due to Congress at the end of calendar year 2004 (but has not yet been completed).
The Intelligence Reform and Terrorism Prevention Act of 2004 (P.L. 108-458)
directs DHS, working jointly with DOT, to develop “risk-based priorities across all
transportation modes” for protecting transportation assets, “the most appropriate,
practical, and cost-effective means of defending those assets,” and a national
transportation strategic plan that defines “the agreed upon roles and missions of
Federal, state, regional, and local authorities.” This national transportation strategic
plan, and the security plans for each transportation mode that are also required, were
due to Congress by April 1, 2005. Due to the sensitive nature of some of this
information, the act provides that classified information shall be provided to the
appropriate congressional committees separately. DHS sent a classified report to
Congress on September 9, 2005 on a “National Strategy for Transportation Security.”
The result of the National Strategy and the security plans for each mode should
be something along the lines of what the 9/11 Commission stated that the
Transportation Security Administration should be able to provide for Congress:
identification of the “the array of potential terrorist attacks, the layers of security in
place, and the reliability provided by each layer,” as well as recommendations to
improve weak individual layers.25 With the aid of this information, Congress can
22 GAO, Risk Management: Further Refinements Needed to Assess Risks and Prioritize
Protective Measures at Ports and Other Critical Infrastructure
, GAO-06-91, December
2005.
23 Ibid, p. 3.
24 Ibid, p. 41.
25 The 9/11 Commission Report, p. 392. In its Final Report on the 9/11 Commission
(continued...)

CRS-7
better evaluate the security funding requests of various groups in light of the relative
risks to each group and the relative effectiveness (including cost-effectiveness) of
security strategies. Whether these plans will enable Congress to achieve the goal it
set in the Intelligence Reform and Terrorism Prevention Act of 2004 — that the
protection of transportation assets should be prioritized according to relative risk, and
that funding for transportation security should be distributed according to
assessments of relative risk and vulnerability — is unclear. While there may be some
general measures that can be used to assess the relative risk to transportation assets
in different locations,26 the task of prioritizing the protection of transportation assets
in different locations and across different modes faces many challenges.27
Evaluating Security Funding Requests
There are no comprehensive studies by independent sources of passenger rail
security needs and costs. Since 9/11, individual transit agencies have undertaken
vulnerability and criticality assessments, often with the assistance of technical teams
provided by FTA and TSA, but few agencies have done complete risk assessments,
and until now the individual agency assessments have not been combined to produce
a larger picture. For that matter, it is not clear if the assessments that have been done
have used similar methods, so that they would be comparable. The transit
community’s security funding request appears to be based largely on the self-
perceived needs of individual agencies rather than a comprehensive risk management
analysis of the transit community. The National Transportation Security Strategy and
the passenger rail- and mass-transit-related modal security plans mentioned above
may help Congress in evaluating the transit community’s $7.6 billion security
funding request.
As mentioned above, those plans will not be conclusive; their intent is to
provide some guidance to policy-makers, but the plans will be based on studies
which include decisions (e.g., which assets are critical, what kinds of threats are
considered, what consequences are considered and how they are weighed in relation
to each other) that policy-makers may wish to review. In the meantime, Members
may wish to consider factors that may have influenced the size of the transit
community’s security request. Transit agencies have limited knowledge of the level
of risk to their system, and so may be inclined to imagine the worst; the consequences
of an attack on a system could be disastrous; and in the aftermath of an attack, a
transit agency whose ambitions for security were less than ‘state-of-the-art’ could
25 (...continued)
Recommendations (published December 5, 2005), the Commission gave the Administration
a grade of “C-“ for the National Strategy on Transportation Security, noting that “[W]hile
the strategy reportedly outlines broad objectives, this first version lacks the necessary detail
to make it an effective management tool.”
26 RAND notes that . Henry H. Willis, Andrew R. Morral, Terence K. Kelly, Jamison Jo
Medby, Estimating Terrorism Risk, RAND Center for Terrorism Risk Management Policy,
2005, p. 22.
27 GAO, Risk Management: Further Refinements Needed to Assess Risks and Prioritize
Protective Measures at Ports and Other Critical Infrastructure
, GAO-06-91, December
2005.

CRS-8
face harsh criticism from its community — though that criticism could be deflected
toward the federal government (and Congress) if the agency could claim that it had
received much less security funding than it had requested.
From the congressional perspective, providing additional security funding for
transit agencies may not be the best way to increase the security of those systems.
There are several ways to reduce risks: by reducing threats, by reducing
vulnerabilities, and by reducing consequences. The range of options available to
transit agencies are largely limited to the latter two approaches, but Congress has the
option of promoting the security of transit agencies and other homeland organizations
by providing increased funding to agencies that combat terrorism directly, such as the
military, intelligence, and law enforcement agencies. Given limited resources,
strategies that reduce the risk to many categories of assets may be more cost-effective
than strategies that focus on individual categories of assets.
As Congress considers this trade-off — providing more funding for passenger
rail systems to improve their security versus more funding for intelligence and law-
enforcement agencies to improve the security of the nation as a whole, including
passenger rail systems — in evaluating how much to spend on passenger rail security,
one option for consideration is that of requiring a significant local match for any
security grants provided for transit agencies. That would encourage transit agencies
and their communities to evaluate the cost and potential benefit of the various
security options available to them, and to take greater responsibility for the trade-off
decisions that are made on the local level.
Another issue is deciding how to distribute funding for security within the
passenger rail community. Congress faces the perennial conflict between efficiency
and equity: whether to try to direct funding to where it might have the greatest impact
(by some measure of risk), or whether to try to equalize the amount of funding every
recipient gets (by some measure of equity). The equity approach would largely
ignore risk management considerations and potentially lead to a less than efficient
allocation of resources, from the standpoint of security. In its final report, the 9/11
Commission recommended that “Homeland security assistance should be based
strictly on an assessment of risks and vulnerabilities...Congress should not use this
money as a pork barrel.”28 The Commission’s recommendation included the
proposal that community security needs be evaluated according to benchmarks that
would be developed by a panel of security experts. TSA is still preparing the
passenger rail security plan, and other transportation mode-specific plans, that would
help inform risk-based allocations of federal security funding. In the meantime,
grants to help transit systems improve their security have been provided through the
FY2003, FY2004, FY2005 and FY2006 DHS appropriations acts.29 DHS has not
made explicit the criteria by which it determines the grant amounts, but the
allocations appear to be based on a combination of threat-based risk management
criteria as well as a general distribution to most major transit systems in the U.S.
28 The 9/11 Commission Report, p. 396.
29 P.L. 108-11 (the FY2003 Emergency Wartime Supplemental Appropriations Act), P.L.
108-90, P.L. 108-334, and P.L. 109-90, respectively.

CRS-9
In FY2003, the first year of its transit security grant program, DHS’ Office of
Domestic Preparedness provided $65 million to 20 transit agencies in 14 urban areas.
In FY2005 the Office of State and Local Government Coordination and Participation
(the successor to the Office of Domestic Preparedness) provided $108 million to 25
urban areas, listing 46 transit agencies in those areas as eligible to receive funding
from those grants. The amounts of the grants vary; those areas with the largest rail
ridership received the largest grants (see Table 1). New York City transit systems
(defined, for the purposes of this grant program, as including New Jersey Transit and
the commuter rail service of the Connecticut Department of Transportation) account
for nearly 60% of all U.S. transit passenger rail trips, in an urban area that has already
been the target of repeated terrorist attacks. New York City transit systems received
50% ($32.4 million) of the total grant funding in FY2003, but 35% ($37.6 million)
of the total grant funding in FY2005. Meanwhile, urban areas whose share of U.S.
rail ridership is relatively small, and whose rail transit systems are not generally
thought of as likely targets for terrorist attacks, such as Buffalo, Dallas, Houston,
Jacksonville, Memphis, Miami, Minneapolis, New Orleans, Pittsburgh, Sacramento,
and St. Louis, received transit security grant funding (8% of the total funding — $8.5
million) in FY2005.
Table 1. Share of FY2005 DHS Transit Security Grant Funding
Going to Top Six Urban Areas by Passenger Rail Ridership
Share of U.S. Total
Share of Total DHS
Passenger Rail Ridership
Transit Security Grant
Urban Area
(FY2002)
Funds (FY2005)
New York Citya
58%
35%
Washington, D.C.b
8%
10%
Boston
8%
9%
Chicago
7%
10%
San Franciscoc
4%
7%
Philadelphia
4%
7%
Source: American Public Transportation Association, 2004 Public Transportation Factbook, Tables
108-111, 130, 133, 136; Department of Homeland Security, FY2005 Transit Security Grant Program
Allocations.
Calculations by CRS.
a. The New York City urban area eligible rail systems include the New York Metro Transit Authority,
the Port Authority of New York and New Jersey, New Jersey Transit, and the commuter rail
operation of the Connecticut Department of Transportation.
b. The Washington, D.C. urban area eligible rail systems include the Washington Metropolitan Area
Transit Authority and the commuter rail operations of Maryland (MARC) and Virginia (VRE).
c. The San Francisco urban area eligible rail systems include BART, the Municipal Railway, the
Altamont Commuter Rail Authority, and the light rail operations of the Santa Clara Valley
Transit Authority.
Security Involves Trade-Offs
As noted above, with a worldwide average of 30 terrorist attacks on passenger
rail annually in recent years, the likelihood of a terrorist attack on any particular rail
station is low — but the impact of an attack on a station in the United States (in lives

CRS-10
lost and public reaction) could be high. Congress faces the challenge of determining
how much responsibility the federal government should assume for the security
desires of local passenger rail systems, how much funding the federal government
can provide for passenger rail security in light of other homeland security needs and
other transportation needs, and then determining how that security funding should be
distributed within the passenger rail community.
Security efforts involve tradeoffs in money and time. One key policy issue is
where to strike the balance between the desire for security and the efficient operation
of the rail systems; another is striking the balance between the cost of security efforts
in passenger rail and other federal priorities, including security efforts in other areas.
Some observers, noting that the number of potential terrorist targets in the United
States — such as passenger rail trains — is virtually limitless, question the value of
efforts to make these targets more secure. They argue that many such efforts are not
cost-effective, given that if one set of targets — for example, trains — is made more
secure, terrorists might simply shift to softer targets such as buses or shopping malls.
Moreover, these security efforts impose a variety of costs on the public, in money,
time, inconvenience, and limitations on personal freedoms. These observers argue
that a more effective strategy is to increase funding for efforts to disrupt the terrorist
groups that are the source of these threats (e.g., funding for intelligence and law
enforcement agencies) and for efforts to respond to any attacks (e.g., funding for first
responders).30 Others argue — though rarely in print — that the government and
other entities should take visible actions intended to increase the security of people’s
daily activities even if the value of those actions is uncertain, because it is important
for Americans’ sense of security that the federal government and other organizations
be perceived as doing something to make them safer. But such actions involve trade-
offs too, and one of the trade-offs is that resources may be applied to activities with
limited security value that might otherwise be applied to activities with greater
security value.
Legislation in the 109th Congress
Legislation has been introduced in the 109th Congress dealing with passenger
rail security. These bills implicitly raise the following issues:
! how much federal control there should be over passenger rail
security?
! how much federal responsibility — particularly financial
responsibility — there should be for passenger rail security?
! how much funding should be directed toward passenger rail security
as opposed to other homeland security efforts?
! how should the range of potential security activities for the
passenger rail sector be prioritized?
! how should security funding be allocated among the passenger rail
service providers?
30 Jennifer Barrett, “An Enormous Waste of Money,” Newsweek Web Exclusive, March 17,
2004, [http://www.msnbc.msn.com/id/4549661/] [viewed 7/8/2004].

CRS-11
Passenger rail security bills that have been introduced include H.R. 153
(Menendez), H.R. 1109 (Lynch), H.R. 2351 (Oberstar), Title IV of S. 12 (Biden), and
S. 1052 (Young). These bills are very similar in two respects; they would increase
the responsibility of the federal government for passenger rail security, and increase
the funding available for passenger rail security. These bills are also similar to S.
2273 (108th Congress), which was passed by the Senate near the end of the 108th
Congress, but was not acted on by House. More specifically, these bills:
! direct DHS to conduct a rail transportation vulnerability assessment,
prepare a security plan, and provide prioritized recommendations to
Congress on improving rail transportation security;
! authorize funding for fire and life-safety improvements to Northeast
Corridor tunnels in New York City, Baltimore, and Washington,
D.C.31; and
! direct DHS to conduct a research and development program to
improve rail transportation security.
In addition, most of the bills include provisions to:
! have DHS create a freight and passenger rail security improvement
grant program to provide grants to freight rail companies and
Amtrak for security improvements;
! have GAO study foreign rail transport security programs;32
! require DHS to execute a memorandum of agreement with the
Department of Transportation governing their roles in addressing
railroad transportation security;
! require DHS to study the feasibility of screening rail passengers,
baggage, and cargo33; and
! require Amtrak to develop a plan to assist the families of passengers
involved in rail accidents; and protect rail security whistleblowers.
A bill requiring DHS to conduct a vulnerability assessment of public transportation
systems, H.R. 1116 (Millender-McDonald), has also been introduced. These bills
have been referred to the committees of jurisdiction; S. 1052 was ordered to be
reported with a substitute amendment.
Legislation dealing with the authorization of, and appropriations for, the
Department of Homeland Security also has implications for passenger rail security.
H.R. 1817, DHS’s authorization legislation, would require DHS to work with public
transportation stakeholders and public officials to develop best security practices for
securing public transportation. The bill does not provide any authorizations
31 H.R. 1109 includes funding for improvements to the Back Bay tunnels in Boston.
32 GAO is already in the process of reviewing the security practices used by foreign rail
systems. Transportation Security: Systematic Planning Needed to Optimize Resources,
GAO-05-357T, p. 21.
33 TSA conducted a three-part pilot screening project during the period May - August 2004
(the Transit and Rail Inspection Pilot, or TRIP) focused on screening intercity rail
passengers and baggage.

CRS-12
specifically for transportation security; the chairman of the authorizing committee
noted during 2005 that the thus-far brief existence of both the authorizing committee
and DHS itself had not allowed for detailed work on many issues, and that DHS’s
new secretary was reviewing the structure and functions of the department. As a
result, the committee would hear the results of the review before proceeding with
additional authorization legislation.34 H.R. 1817 was passed by the House on May
18, 2005.
The FY2006 appropriations bill for DHS (P.L. 109-90) provided $8 million to
hire additional federal rail security inspectors and deploy canine teams (as part of $36
million for the surface transportation security activities of the Transportation Security
Administration; H.Rept. 109-241) and $150 million for grants for intercity passenger
rail, freight rail, and public transportation security (as part of $1.2 billion in state and
local discretionary grants administered by the Office of State and Local Government
Coordination and Preparedness). This is approximately the same level of funding
that was provided in the DHS FY2005 appropriation bill (P.L. 108-334: $150 million
for state and local passenger rail, freight rail, and public transportation security
grants, and $12 million for rail security activities in TSA).
34 Representative Christopher Cox, Congressional Record, May 18, 2005, pp. H3455-3456.