Terrorism and Security Issues Facing the
Water Infrastructure Sector

Claudia Copeland
Specialist in Resources and Environmental Policy
May 26, 2009
Congressional Research Service
7-5700
www.crs.gov
RL32189
CRS Report for Congress
Prepared for Members and Committees of Congress

Terrorism and Security Issues Facing the Water Infrastructure Sector

Summary
Damage to or destruction of the nation’s water supply and water quality infrastructure by terrorist
attack or natural disaster could disrupt the delivery of vital human services in this country,
threatening public health and the environment, or possibly causing loss of life. Interest in such
problems has increased greatly since the September 11, 2001, terrorist attacks in the United
States.
Across the country, water infrastructure systems extend over vast areas, and ownership and
operation responsibility are both public and private, but are overwhelmingly non-federal. Since
the attacks, federal dam operators and local water and wastewater utilities have been under
heightened security conditions and are evaluating security plans and measures. There are no
federal standards or agreed-upon industry practices within the water infrastructure sector to
govern readiness, response to security incidents, and recovery. Efforts to develop protocols and
tools are ongoing since the 2001 terrorist attacks. This report presents an overview of this large
and diverse sector, describes security-related actions by the government and private sector since
September 11, and discusses additional policy issues and responses, including congressional
interest.
Policymakers have been considering a number of initiatives, including enhanced physical
security, better communication and coordination, and research. A key issue is how additional
protections and resources directed at public and private sector priorities will be funded. In
response, Congress has provided $862 million in appropriations for security at water
infrastructure facilities (to assess and protect federal facilities and support security assessment
and risk reduction activities by non-federal facilities) and passed a bill requiring drinking water
utilities to conduct security vulnerability assessments (P.L. 107-188). When Congress created the
Department of Homeland Security (DHS) in 2002 (P.L. 107-297), it gave DHS responsibilities to
coordinate information to secure the nation’s critical infrastructure, including the water sector.
Under Homeland Security Presidential Directive-7, the Environmental Protection Agency (EPA)
is the lead federal agency for protecting drinking water and wastewater utility systems.
Recent congressional interest has focused on two legislative issues: (1) security of wastewater
utilities, and (2) whether to include water utilities in chemical security regulations implemented
by DHS. In the 109th Congress, a Senate committee approved legislation to encourage wastewater
treatment works to conduct vulnerability assessments and develop site security plans (S. 2781).
Similar legislation was introduced in the 110th Congress (S. 1968), but there was no further action
on the bill. Also in the 110th Congress, bills to extend DHS’s Chemical Facilities Anti-Terrorism
Standards were considered but not enacted. One bill (H.R. 5533) would have preserved an
existing exemption for water utilities from chemical facility standards, while another (H.R. 5577)
would have included them in the scope of DHS security rules. The Obama Administration has
requested that the current chemical facilities standards, which are scheduled to sunset September
30, 2009, be extended for one year without modification. Continuing attention to these issues in
the 111th Congress is possible, along with interest in how the federal government coordinates its
own activities and communicates policies and information to the water infrastructure sector.

Congressional Research Service

Terrorism and Security Issues Facing the Water Infrastructure Sector

Contents
Introduction ................................................................................................................................ 1
Background ................................................................................................................................ 1
Responses to Security Concerns .................................................................................................. 3
EPA ...................................................................................................................................... 6
Reclamation and the Corps.................................................................................................... 8
Department of Homeland Security ........................................................................................ 8
Coordination and Information Sharing ................................................................................ 10
Policy Issues and Congressional Responses............................................................................... 10
Congressional Activity ........................................................................................................ 13
Appropriations .............................................................................................................. 13
Legislative Issues .......................................................................................................... 14

Figures
Figure 1. Water Infrastructure Security Appropriations .............................................................. 14

Contacts
Author Contact Information ...................................................................................................... 17

Congressional Research Service

Terrorism and Security Issues Facing the Water Infrastructure Sector

Introduction
The September 11, 2001, attacks on the World Trade Center and the Pentagon have drawn
attention to the security of many institutions, facilities, and systems in the United States,
including the nation’s water supply and water quality infrastructure. These systems have long
been recognized as being potentially vulnerable to terrorist attacks of various types, including
physical disruption, bioterrorism/chemical contamination, and cyber attack. Damage or
destruction by terrorist attack could disrupt the delivery of vital human services in this country,
threatening public health and the environment, or possibly causing loss of life. Further, since most
water infrastructure is government-owned, it may serve as a symbolic and political target for
some. This report presents an overview of this large and diverse sector, describes security-related
actions by the government and private sector since September 11, and discusses additional policy
issues and responses, including congressional interest.
The potential for terrorism is not new. In 1941, Federal Bureau of Investigation Director J. Edgar
Hoover wrote, “It has long been recognized that among public utilities, water supply facilities
offer a particularly vulnerable point of attack to the foreign agent, due to the strategic position
they occupy in keeping the wheels of industry turning and in preserving the health and morale of
the American populace.”1 Water infrastructure systems also are highly linked with other
infrastructure systems, especially electric power and transportation, as well as the chemical
industry which supplies treatment chemicals, making security of all of them an issue of concern.
These types of vulnerable interconnections were evident, for example, during the August 2003
electricity blackout in the Northeast United States: wastewater treatment plants in Cleveland,
Detroit, New York, and other locations that lacked backup generation systems lost power and
discharged millions of gallons of untreated sewage during the emergency, and power failures at
drinking water plants led to boil-water advisories in many communities. Likewise, natural
disasters such as the 2005 Gulf Coast hurricanes and 2007 Mississippi River floods caused
extensive and costly damage to multiple infrastructure systems—transportation, water, electric
power, and telecommunications.
Background
Broadly speaking, water infrastructure systems include surface and ground water sources of
untreated water for municipal, industrial, agricultural, and household needs; dams, reservoirs,
aqueducts, and pipes that contain and transport raw water; treatment facilities that remove
contaminants from raw water; finished water reservoirs; systems that distribute water to users;
and wastewater collection and treatment facilities. Across the country, these systems comprise
approximately 77,000 dams and reservoirs; thousands of miles of pipes, aqueducts, water
distribution, and sewer lines; 168,000 public drinking water facilities (many serving as few as 25
customers); and about 16,000 publicly owned wastewater treatment facilities. All of these systems
and facilities must be operable 24 hours a day, seven days a week. Ownership and management
are both public and private; the federal government has ownership responsibility for hundreds of

1 J.E. Hoover, “Water Supply Facilities and National Defense,” Journal of the American Water Works Association, vol.
33, no. 11 (1941), 1861.
Congressional Research Service
1

Terrorism and Security Issues Facing the Water Infrastructure Sector

dams and diversion structures, but the vast majority of the nation’s water infrastructure is either
privately owned or owned by non-federal units of government.
The federal government has built hundreds of water projects, primarily dams and reservoirs for
irrigation development and flood control, with municipal and industrial water use as an
incidental, self-financed, project purpose. Many of these facilities are critically entwined with the
nation’s overall water supply, transportation, and electricity infrastructure. The largest federal
facilities were built and are managed by the Bureau of Reclamation (Reclamation) of the
Department of the Interior and the U.S. Army Corps of Engineers (Corps) of the Department of
Defense.
Reclamation reservoirs, particularly those along the Colorado River, supply water to millions of
people in southern California, Arizona, and Nevada via Reclamation and non-Reclamation
aqueducts. Reclamation’s inventory of assets includes 471 dams and dikes that create 348
reservoirs with a total storage capacity of 245 million acre-feet of water. Reclamation projects
also supply water to 9 million acres of farmland and other municipal and industrial water users in
the 17 western states. The Corps operates 276 navigation locks, 11,000 miles of commercial
navigation channel, and approximately 1,200 projects of varying types, including 609 dams. It
supplies water to thousands of cities, towns, and industries from the 9.5 million acre-feet of water
stored in its 116 lakes and reservoirs throughout the country, including service to approximately
one million residents of the District of Columbia and portions of northern Virginia.
The largest Corps and Reclamation facilities also produce enormous amounts of power. For
example, Hoover and Glen Canyon dams on the Colorado River represent 23% of the installed
electrical capacity of the Bureau of Reclamation’s 58 power plants in the West and 7% of the total
installed capacity in the Western United States. Similarly, Corps facilities and Reclamation’s
Grand Coulee Dam on the Columbia River provide 43% of the total installed hydroelectric
capacity in the West (25% nationwide). Still, despite its critical involvement in such projects,
especially in the West, the federal government is responsible for only about 5% of the dams
whose failure could result in loss of life or significant property damage. The remaining dams
belong to state or local governments, utilities, and corporate or private owners.
A fairly small number of large drinking water and wastewater utilities located primarily in urban
areas (about 15% of the systems) provide water services to more than 75% of the U.S. population.
Arguably, these systems represent the greatest targets of opportunity for terrorist attacks, while
the large number of small systems that each serve fewer than 10,000 persons are less likely to be
perceived as key targets by terrorists who might seek to disrupt water infrastructure systems.
However, the more numerous smaller systems also tend to be less protected and, thus, are
potentially more vulnerable to attack, whether by vandals or terrorists. A successful attack on
even a small system could cause widespread panic, economic impacts, and a loss of public
confidence in water supply systems.
Attacks resulting in physical destruction to any of these systems could include disruption of
operating or distribution system components, power or telecommunications systems, electronic
control systems, and actual damage to reservoirs and pumping stations. A loss of flow and
pressure would cause problems for customers and would hinder firefighting efforts. Further,
destruction of a large dam could result in catastrophic flooding and loss of life. Bioterrorism or
chemical attacks could deliver widespread contamination with small amounts of microbiological
agents or toxic chemicals, and could endanger the public health of thousands. While some experts
believe that risks to water systems actually are small, because it would be difficult to introduce
Congressional Research Service
2

Terrorism and Security Issues Facing the Water Infrastructure Sector

sufficient quantities of agents to cause widespread harm, concern and heightened awareness of
potential problems are apparent. Factors that are relevant to a biological agent’s potential as a
weapon include its stability in a drinking water system, virulence, culturability in the quantity
required, and resistance to detection and treatment. Cyber attacks on computer operations can
affect an entire infrastructure network, and hacking in water utility systems could result in theft or
corruption of information, or denial and disruption of service.
Responses to Security Concerns
Water infrastructure system designers, managers, and operators have long made preparing for
extreme events a standard practice. Historically, their focus has been on natural events—major
storms, blizzards, and earthquakes—some of which could be predicted hours or longer before
they occurred. When considering the risk of manmade threats, operators generally focused on
purposeful acts such as vandalism or theft by disgruntled employees or customers, rather than
broader malevolent threats by terrorists, domestic or foreign. The events of September 11, 2001,
changed this focus.
Federal dam operators went on “high-alert” immediately following the September 11 terrorist
attacks. Reclamation closed its visitor facilities at Grand Coulee, Hoover, and Glen Canyon dams.
Because of potential loss of life and property downstream if breached, security threats are under
constant review, and coordination efforts with both the National Guard and local law enforcement
officials are ongoing. The Corps also operates under continued high defense alert and temporarily
closed all its facilities to visitors after September 11, although locks and dams remained
operational; most closed facilities later re-opened, but security continues to be reassessed.
Following a heightened alert issued by the federal government in February 2003, Reclamation
implemented additional security measures which remain in effect at dams, powerplants, and other
facilities, including limited access to facilities and roads, closure of some visitor centers, and
random vehicle inspections.
Although officials believe that risks to water and wastewater utilities are small, operators have
been under heightened security conditions since September 11. Local utilities have primary
responsibility to assess their vulnerabilities and prioritize them for necessary security
improvements. Most (especially in urban areas) have emergency preparedness plans that address
issues such as redundancy of operations, public notification, and coordination with law
enforcement and emergency response officials. However, many plans were developed to respond
to natural disasters, domestic threats such as vandalism, and, in some cases, cyber attacks.
Drinking water and wastewater utilities coordinated efforts to prepare for possible Y2K impacts
on their computer systems on January 1, 2000, but these efforts focused more on cyber security
than physical terrorism concerns. Thus, it was unclear whether previously existing plans
incorporate sufficient procedures to address other types of terrorist threats. Utility officials are
reluctant to disclose details of their systems or these confidential plans, since doing so might alert
terrorists to vulnerabilities.
Water supply was one of eight critical infrastructure systems identified in President Clinton’s
1998 Presidential Decision Directive 63 (PDD-63)2 as part of a coordinated national effort to

2 “The Clinton Administration’s Policy on Critical Infrastructure Protection: Presidential Decision Directive 63,” May
22, 1998; see http://www.fas.org/irp/offdocs/paper598.htm.
Congressional Research Service
3

Terrorism and Security Issues Facing the Water Infrastructure Sector

achieve the capability to protect the nation’s critical infrastructure from intentional acts that
would diminish them. These efforts focused primarily on the 340 large community water supply
systems which each serve more than 100,000 persons. The Environmental Protection Agency
(EPA) was identified as the lead federal agency for liaison with the water supply sector. In
response, in 2000, EPA established a partnership with the American Metropolitan Water
Association (AMWA) and American Water Works Association (AWWA) to jointly undertake
measures to safeguard water supplies from terrorist acts. AWWA’s Research Foundation
contracted with the Department of Energy’s Sandia National Laboratory to develop a
vulnerability assessment tool for water systems (as an extension of methodology for assessing
federal dams). EPA supported a project with the Sandia Lab to pilot test the physical vulnerability
assessment tool and develop a cyber vulnerability assessment tool. An Information Sharing and
Analysis Center (ISAC) supported by an EPA grant became operational under AMWA’s
leadership in December 2002. It will allow for dissemination of alerts to drinking water and
wastewater utilities about potential threats or vulnerabilities to the integrity of their operations
that have been detected and viable resolutions to problems.3
Research on water sector infrastructure protection has been underway for some time. The
Department of the Army conducts research in the area of detection and treatment to remove
various chemical agents. The Federal Emergency Management Agency (FEMA) has led an effort
to produce databases of water distribution systems and to develop assessment tools for evaluating
threats posed by the introduction of a biological or chemical agent into a water system. The
Centers for Disease Control and Prevention is developing guidance on potential biological agents
and the effects of standard water treatment practices on their persistence. However, in the January
2001 report of the President’s Commission on Critical Infrastructure Protection, ongoing water
sector research was then characterized as a small effort that leaves a number of gaps and
shortfalls relative to U.S. water supplies.4 This report stated that gaps exist in four major areas,
concerns that remain relevant and are guiding policymakers now.
• Threat/vulnerability risk assessments,
• Identification and characterization of biological and chemical agents,
• A need to establish a center of excellence to support communities in conducting
vulnerability and risk assessment, and
• Application of information assurance techniques to computerized systems used
by water utilities, as well as the oil, gas, and electric sectors, for operational data
and control operations.
Less attention has been focused on protecting wastewater treatment facilities than drinking water
systems, perhaps because destruction of them likely represents more of an environmental threat
(i.e., by release of untreated sewage) than a direct threat to life or public welfare. Vulnerabilities
do exist, however. Large underground collector sewers could be accessed by terrorist groups for
purposes of placing destructive devices beneath buildings or city streets. Pipelines can be made
into weapons via the introduction of a highly flammable substance such as gasoline through a
manhole or inlet. Explosions in the sewers can cause collapse of roads, sidewalks, and adjacent

3 For additional information, see http://www.waterisac.org/.
4 Critical Infrastructure Assurance Office, Report of the President of the United States on the Status of Federal Critical
Infrastructure Protection Activities,
January 2001, 209 p. See http://www.fas.org/irp/offdocs/pdd/
CIP_2001_CongRept.pdf.
Congressional Research Service
4

Terrorism and Security Issues Facing the Water Infrastructure Sector

structures and injure and kill people nearby. Damage to a wastewater facility prevents water from
being treated and can impact downriver water intakes. Destruction of containers that hold large
amounts of chemicals at treatment plants could result in release of toxic chemical agents, such as
chlorine gas, which can be deadly to humans if inhaled and, at lower doses, can burn eyes and
skin and inflame the lungs.
Since the 2001 terrorist attacks, many water and wastewater utilities have switched from using
chlorine gas as disinfection to alternatives which are believed to be safer, such as sodium
hypochlorite or ultraviolet light. However, some consumer groups remain concerned that many
wastewater utilities, including facilities that serve heavily populated areas, continue to use
chlorine gas. To prepare for potential accidental releases of hazardous chemicals from their
facilities, more than 2,800 wastewater and drinking water utilities, water supply systems, and
irrigation systems already are subject to risk management planning requirements under the Clean
Air Act. Still, some observers advocate requiring federal standards to ensure that facilities using
dangerous chemicals, such as wastewater treatment plants, use the best possible industry practices
(practices that are referred to as Inherently Safer Technologies, or ISTs) to reduce hazards.5 In
June 2007, the U.S. Chemical Safety and Hazard Investigation Board issued a safety bulletin
recommending that the Department of Transportation increase regulation of wastewater and
drinking water treatment plants and other types of facilities that receive chlorine gas by railcar to
require that they install remotely operated emergency isolation devices to unload chlorine
railcars, for rapid shutdown in the event of leakage or other failure.6
In March 2006, the Government Accountability Office (GAO) reported on a survey of security
measures at 200 of the nation’s largest wastewater utilities.7 GAO found that many have made
security improvements since the 2001 terrorist attacks. Most utilities said they had completed, or
intended to complete, a plan to conduct some type of security assessment, although there is no
federal mandate to do so. More than half of responding facilities indicated they did not use
potentially dangerous gaseous chlorine as a wastewater disinfectant. However, the report noted
that these utilities have made little effort to address collection system vulnerabilities, due to the
technical complexity and expense of securing collection systems that cover large areas and have
many access points. Some told GAO investigators that taking other measures, such as converting
from gaseous chlorine, took priority over collection system protections. In a 2007 follow-on
study, GAO reported that actual and projected capital costs to convert from chlorine gas to
alternative disinfection methods range from about $650,000 to just over $13 million. Factors
affecting conversion costs included the type of alternative method; the size of the facility; and
labor, building, and supply costs, which varied considerably.8
There are no federal standards or agreed-upon practices within the water infrastructure sector to
govern readiness, response to security incidents, and recovery. EPA is not authorized to require

5 See, for example, Environmental Defense, Eliminating Hometown Hazards, Cutting Chemical Risks at Wastewater
Treatment Facilities,
December 2003, 14 p.; and Center for American Progress, Toxic Trains and the Terrorist Threat,
How Water Utilities Can Get Chlorine Gas Off the Rails and Out of American Communities
, April 2007, 23 p.
6 For information, see http://www.chemsafety.gov/index.cfm?folder=recommendations.
&page=details&ReportID=40&RecipientID=78&show=yes#78.
7 U.S. Government Accountability Office, Securing Wastewater Facilities, Utilities Have Made Important Upgrades
but Further Improvements to Key System Components May Be Limited by Costs and Other Constraints,
GAO-06-390,
March 2006, 64 p.
8 U.S. Government Accountability Office, Securing Wastewater Facilities, Costs of Vulnerability Assessments, Risk
Management Plans, and Alternative Disinfection Methods Vary Widely
, GAO-07-480, March 2007, 26 p.
Congressional Research Service
5

Terrorism and Security Issues Facing the Water Infrastructure Sector

water infrastructure systems to implement specific security improvements or meet particular
security standards. Efforts to develop voluntary protocols and tools are ongoing since the 2001
terrorist attacks. Wastewater and drinking water utility organizations are implementing computer
software and training materials to evaluate vulnerabilities at large, medium, and small utility
systems, and EPA has provided some grant assistance to drinking water utilities for vulnerability
assessments. Out of funds appropriated in 2002 (P.L. 107-117), EPA awarded grants to nearly 900
large and medium drinking water utilities to conduct vulnerability assessments. EPA also has
targeted grants to “train the trainers,” delivering technical assistance to organizations such as the
Rural Community Assistance Program and the Water Environment Federation that, in turn, can
assist and train personnel at thousands of medium and small utilities throughout the country.
Rural and small systems also have received support from the U.S. Department of Agriculture.
With financial support from EPA, drinking water and wastewater utility and engineering groups
developed three security guidance documents, issued in December 2004, that cover the physical
design of online contaminant monitoring systems, and physical security enhancements of
drinking water, wastewater, and stormwater infrastructure systems. The documents provide
voluntary guidelines for assisting utilities that have completed vulnerability assessments to
mitigate vulnerabilities of their systems through the design, construction, operation, and
maintenance of both new and existing systems. Based on the three guidance documents, these
groups also have drafted training materials and a set of voluntary standardized best engineering
practices that recommend measures to protect water and wastewater infrastructure against a range
of threats, including terrorist attacks and other sources of potential harm, such as accidents,
chemical contamination, and natural disasters.9
EPA
EPA has taken a number of organizational and planning steps to strengthen water security. The
agency created a National Homeland Security Research Center within the Office of Research and
Development to develop the scientific foundations and tools that can be used to respond to attacks
on water systems. The Center conducts applied research on ways to protect and prevent, mitigate,
respond to, and recover from security events. In September 2003, EPA created a Water Security
Division in the Office of Water, taking over activities initiated by a Water Protection Task Force
after the September 11 terrorist attacks. This office provides guidance and tools to utilities as they
assess and reduce vulnerabilities of their systems. It trains water utility personnel on security
issues, supports the WaterISAC, and implements the agency’s comprehensive research plan.
EPA has issued both a Water Security Research and Technical Support Action Plan, identifying
critical research needs and providing an implementation plan for addressing those needs, and a
Strategic Plan for Homeland Security. The Strategic Plan, which is not limited to water security
concerns, identifies several mission-critical areas on which EPA intends to focus its homeland
security planning: critical infrastructure protection; preparedness, response, and recovery;
communication and information; protection of EPA personnel and infrastructure; and self-
evaluation.
There has been evaluation of some of these EPA efforts. A preliminary review of the Research
and Action Plan by a panel of the National Research Council identified some gaps, suggested

9 See http://www.asce.org/static/1/wise.cfm.
Congressional Research Service
6

Terrorism and Security Issues Facing the Water Infrastructure Sector

alternative priorities, and noted that the Plan was silent on the financial resources required to
complete the research and to implement needed countermeasures to improve water security. Also
in 2003, EPA’s Inspector General issued an evaluation report on the initial Strategic Plan for
Homeland Security and concluded that the agency had not outlined how resources, activities, and
outputs will achieve the water security program’s goals. Moreover, the Inspector General said that
EPA lacks fundamental components, such as performance measures, for monitoring program
performance against goals.10 EPA responded that long-term objectives for critical water
infrastructure protection activities could be identified in a future revised strategic plan. A second
Strategic Plan for Homeland Security, issued in October 2004, updated the initial strategy
principally by reflecting projected funding and resources for the next two years on EPA’s strategic
objectives and recognizing the evolving role of the Department of Homeland Security.11
Reviewing these efforts, the National Research Council concluded in 2007that EPA has developed
useful contaminant information and exposure assessment tools in several key areas, but that other
areas, such as physical and cyber security, contingency planning, and wastewater security, have
shown weaker or somewhat disjointed progress. An overarching issue is making water security
information accessible to those who might need it.12
GAO has issued two reports discussing how future federal funding can best be spent to improve
security at drinking water and wastewater utilities.13 Both reports are based on the views of
subject matter experts identified by GAO. In the drinking water report, specific activities judged
by the experts to be most deserving of federal support included physical and technological
upgrades, education and training for staff and responders, and strengthening key relationships
between water utilities and others such as law enforcement and public health agencies. In the
wastewater report, the experts cited the replacement of gaseous chemicals used in the disinfection
process with less hazardous alternatives as a key activity deserving of federal funds, along with
improving local, state, and regional collaboration, and support facilities’ vulnerability
assessments. Asked how federal funds should be allocated, both groups of experts favored giving
priority to utilities that serve critical assets (such as public health institutions, government, and
military bases) and to utilities serving areas with large populations.
A key focus of EPA’s activities since 2005 has been the Water Sector Initiative. Initially known as
WaterSentinel, it is a pilot project that could serve as a model for water utilities throughout the
country. Its purpose is to test and demonstrate contamination warning systems at drinking water
utilities and municipalities. So far, EPA has awarded grants to install and evaluate early warning
systems to Cincinnati, New York, and San Francisco, and the agency expects to award similar
grants to two other cities in the future.14
More broadly, EPA has expanded its security activities in two ways. First, its focus has enlarged
from the post-9/11 emphasis on terrorism to an “all hazards” approach, emphasizing to water

10 U.S. Environmental Protection Agency, Office of Inspector General, EPA Needs a Better Strategy to Measure
Changes in the Security of the Nation’s Water Infrastructure,
Report No. 2003-M-00016, September 11, 2003.
11 U.S. Environmental Protection Agency, “Homeland Security Strategy,” October 2004, 46 p.
12 National Academies Press, Improving the Nation’s Water Security, Opportunities for Research, Water Science and
Technology Board, 2007. Hereafter, Improving the Nation’s Water Security.
13 U.S. Government Accountability Office, Drinking Water, Experts’ Views on How Future Federal Funding Can Best
Be Spent to Improve Security
, GAO-04-29, October 2003, 69 p.; and Wastewater Facilities, Experts’ Views on How
Federal Funds Should Be Spent to Improve Security
, GAO-05-165, January 2005, 70 p.
14 EPA’s FY2010 budget request seeks $22.4 million ($9 million more than in FY2009) in order to fully fund five
Water Sector Initiative pilot cooperative agreements.
Congressional Research Service
7

Terrorism and Security Issues Facing the Water Infrastructure Sector

utilities that issues of risk identification and risk reduction also include natural disasters (which
were the focus of much of the industry’s attention before 2001) and protection of hazardous
chemicals. Second, EPA supports the establishment of intrastate mutual aid and assistance
agreements, known as Water/Wastewater Agency Response Networks (WARNS), to facilitate
flow of personnel and resources during response to emergencies. They are intended to provide
mechanisms for establishing emergency contacts and facilitating short-term emergency assistance
to restore critical operations. Mutual aid agreements existed in California and Florida before the
2005 Gulf hurricanes, and more formal efforts to establish similar programs in all 50 states
followed on those disasters. So far, WARNS have been established in about 20 states, according
to EPA.
Reclamation and the Corps
Officials have been reassessing federal infrastructure status and vulnerabilities for several years.15
The Bureau of Reclamation’s site security program is aimed at ensuring protection of
Reclamation’s 252 high- and significant-hazard dams and facilities and 58 hydroelectric plants.
After September 11, Reclamation committed to conducting vulnerability and risk assessments at
280 high-priority facilities. Risk assessments at these facilities were completed between FY2002
and FY2006. These assessments resulted in recommendations now being implemented to enhance
security procedures and physical facilities, such as additional security staffing, limited vehicle
and visitor access, and coordination with local law enforcement agencies. The Corps implements
a facility protection program to detect, protect, and respond to threats to Corps facilities and a
dam security program to coordinate security systems for Corps infrastructure. It also implements
a national emergency preparedness program which assists civilian governments in responding to
all regional/national emergencies, including acts of terrorism. Both agencies participate in the
Interagency Committee on Dam Safety (ICODS), which is part of the National Dam Safety
Program that is led by FEMA.
A February 2003 White House report16 presented a national strategy for protecting the nation’s
critical infrastructures and identified four water sector initiatives: identify high-priority
vulnerabilities and improve site security; improve monitoring and analytic capabilities; improve
information exchange and coordinate contingency planning; and work with other sectors to
manage unique risks resulting from interdependencies. The strategy is intended to focus national
protection priorities, inform resource allocation processes, and be the basis for cooperative public
and private protection actions.
Department of Homeland Security
The Department of Homeland Security (DHS, established in P.L. 107-297) has a mandate to
coordinate securing the nation’s critical infrastructure, including water infrastructure, through
partnerships with the public and private sectors. It is responsible for detailed implementation of
core elements of the national strategy for protection of critical infrastructures. One of its tasks is
to assess infrastructure vulnerabilities, an activity that wastewater and drinking water utilities

15 For additional information, see CRS Report RL34466, The Bureau of Reclamation’s Aging Infrastructure, by Nic
Lane.
16 The White House, Office of Homeland Security, The National Strategy for the Physical Protection of Critical
Infrastructures and Key Assets,
February 2003, 90 p.
Congressional Research Service
8

Terrorism and Security Issues Facing the Water Infrastructure Sector

have been doing since the September 11 attacks, under their own initiatives and congressional
mandates (P.L. 107-188; see “Legislative Issues,” page 14).The legislative reorganization did not
transfer Corps or Reclamation responsibilities for security protection of dams and other facilities
or EPA’s responsibilities to assist drinking water and wastewater utilities.
In December 2003, President Bush issued Homeland Security Presidential Directive/HSPD-7
which established a national policy for the federal government to identify, prioritize, and protect
critical infrastructure as a part of homeland security.17 The directive called for DHS to integrate
all security efforts among federal agencies and to complete a comprehensive national plan for
critical infrastructure protection. In 2006, DHS issued a National Infrastructure Protection Plan
(NIPP), proposing a framework of partnerships between private industry sectors and the
government that would work together to secure the nation’s vital resources. For example, EPA
would work with water treatment and wastewater systems, while dams would cooperate with
DHS. The Department updated the NIPP in February 2009.18 The plan is intended to provide the
unifying structure for the integration of a wide range of efforts for the enhanced protection and
resiliency of the nation’s critical infrastructure and key resources into a single national program.
The Department established the Critical Infrastructure Partnership Advisory Council (CIPAC) to
coordinate federal infrastructure protection programs with similar activities of the private sector,
and state, local, and tribal governments. In 2004, CIPAC established a Government Coordinating
Council (GCC) and non-government coordinating council for each sector. The CIPAC Water
Sector Committee includes representatives from both the Water GCC(federal members) and the
Water Sector Coordinating Council (SCC). The Water SCC consists of 24 members from state
and local agencies, water utilities, and water affinity organizations.
In response to the original NIPP, DHS and the GCCs, in conjunction with the Sector Coordinating
Councils, prepared 17 sector-specific plans which were completed in May 2007. The plans
identify sector profiles and assets, assess risks, prioritize infrastructure, identify sector protection
plans and measures of progress. The water sector plan for wastewater and drinking water focuses
on four goals: (1) sustaining protection of public health and the environment; (2) recognize and
reduce risks; (3) maintain a resilient infrastructure; and (4) increase communication, outreach,
and public confidence.19 The sector plan for dams, including federal dams, is one of 10 that DHS
determined presents security sensitivity issues if widely distributed; thus, those 10 plans were not
released to the public. In an early review of the sector plans, GAO found that the drinking water
and wastewater sector plan was more developed than that of many other sectors, largely because
the sector has a 30-year history of protection and cooperation, but for that reason, the plan did not
provide added value for the sector.20

17 The White House, December 17, 2003 Homeland Security Presidential Directive/ HSPD-7, Critical Infrastructure
Identification, Prioritization, and Protection.
HSPD-7 superseded PDD-63, which started the process of federal
protection of critical infrastructure even before the 2001 terrorist attacks.
18 U.S. Department of Homeland Security, National Infrastructure Protection Plan 2009, February 2009,
http://www.dhs.gov/xlibrary/assets/NIPP_Plan.pdf.
19 U.S. Department of Homeland Security and U.S. Environmental Protection Agency, Water, Critical Infrastructure
and Key Resources Sector-Specific Plan as input to the National Infrastructure Protection Plan, May 2007, 122 p. See
http://www.dhs.gov/xlibrary/assets/Water_SSP_5_21_07.pdf.
20 U.S. Government Accountability Office, Critical Infrastructure Protection: Sector Plans and Sector Councils
Continue to Evolve,
GAO-07-706R, July 10, 2007, p. 4.
Congressional Research Service
9

Terrorism and Security Issues Facing the Water Infrastructure Sector

In the NIPP, DHS described a plan to develop a risk analysis method that would include a
uniform means of measuring risk and assessing consequences across infrastructure sectors. Some
drinking water and wastewater treatment industry officials commented that this plan, known as
the Risk Analysis and Management for Critical Asset Protection (RAMCAP), raised concern that
it could force some facilities to conduct new, or revise existing, vulnerability assessments.
Drinking water industry officials are said to be concerned that a new method may not recognize
vulnerability assessments that many drinking water utilities have already completed under
requirements of the 2002 Bioterrorism Preparedness Act (see “Legislative Issues,” page 14). This
is a particular concern for small and rural utilities, many of which have used simpler security
models to complete their vulnerability assessment plans and would prefer to build on that model
to conduct RAMCAP and similar activities.
Coordination and Information Sharing
The Homeland Security Department’s involvement in water security concerns has been growing,
although under HSPD-7, EPA continues as the lead federal agency to ensure protection of
drinking water and wastewater treatment systems from possible terrorist acts and other sabotage.
Since early 2004, DHS has been preparing guidance documents on how each infrastructure sector,
including water systems, can protect itself from security threats. For some time, the two agencies
have been working to clarify their roles in providing security to water utilities.
One of the functions of the Water Sector Coordinating Council is to be a point of contact for DHS
to vet potential water security policies, allowing one-stop shopping for federal officials. In 2003,
DHS created an information-sharing network, called the Homeland Security Information Network
(HSIN). Both it and the existing WaterISAC share the goal of providing security information to
water utilities, but they differ in some respects. The WaterISAC is a private, subscription service
(although it receives some federal funding) that provides information to about 530 water utilities
and others on security matters. It is the primary communication tool in the water sector. The
HSIN, a software program, is a free, federally funded platform for information sharing. It is not
limited to the water sector, and it provides no information by itself; it acts as a bulletin board
where DHS, EPA, and utilities can post security-related information. Distinct from the HSIN and
the WaterISAC is the Water Security Channel (WaterSC), launched in 2004 as a free service of
the WaterISAC, which disseminates EPA and DHS general security bulletins at the request of
those agencies to more than 8,400 utilities, state agencies, engineering firms, and researchers.
Policy Issues and Congressional Responses
Congress and other policymakers have considered a number of initiatives in this area, including
enhanced physical security, communication and coordination, and research. Regarding physical
security, a key question is whether protective measures should be focused on the largest water
systems and facilities, where risks to the public are greatest, or on all, since small facilities may
be more vulnerable. A related question is responsibility for additional steps, because the federal
government has direct control over only a limited portion of the water infrastructure sector. The
distributed and diverse nature of ownership (federal, non-federal government, and private)
complicates assessing and managing risks, as does the reality of limited resources. The adequacy
of physical and operational security safeguards is an issue for all in this sector. One possible
option for federal facilities (dams and reservoirs maintained by Reclamation and the Corps) is to
restrict visitor access, including at adjacent recreational facilities, although such actions could
Congressional Research Service
10

Terrorism and Security Issues Facing the Water Infrastructure Sector

raise objections from the public. Some operators of non-federal facilities and utilities are likewise
concerned. As a precaution after the September 11 attacks, New York City, which provides water
to 9 million consumers, closed its reservoirs indefinitely to all fishing, hiking, and boating and
blocked access to some roads.
Policymakers have examined measures that could improve coordination and exchange of
information on vulnerabilities, risks, threats, and responses. This is a key objective of the
WaterISAC and also of the Department of Homeland Security, which includes, for example,
functions of the National Infrastructure Protection Center (NIPC) of the FBI that brings together
the private sector and government agencies at all levels to protect critical infrastructure,
especially on cyber issues. One issue of interest is how the Department is coordinating its
activities with ongoing security efforts by other federal agencies and non-federal entities that
operate water infrastructure systems, including its implementation of the comprehensive national
plan required by Presidential Directive/HSPD-7.
For some time, the two agencies have been working to clarify their roles in providing security to
water utilities and in other areas and have negotiated agreements concerning joint research
projects and coordination for specific field operations. Nevertheless, in the conference report
accompanying the FY2005 Consolidated Appropriations Act, Congress directed EPA to enter into
a memorandum of understanding (MOU) with DHS to define the relationship of the two entities
with regard to the protection and security of the nation. The memorandum was expected to
specifically identify areas of responsibilities and the potential costs (including which entity pays,
in whole or part) for meeting such responsibilities.21 In response, EPA did not enter into a new
MOU but instead, in November 2005, issued a report that identified general authorities that
govern EPA’s and DHS’s respective actions, ongoing projects that reflect coordination, and
existing project-specific MOUs.
This report on roles and responsibilities still may not resolve the potential for duplication and
overlap among agencies. Currently, for example, policies are being developed both by DHS and
EPA, although both agencies are represented on DHS’s Water Sector Committee through the
CIPAC process. Information sharing and dissemination even in this one sector are occurring
through several different mechanisms: DHS supports the Homeland Security Information
Network (HSIN), while drinking water and wastewater utilities also may receive security-related
advisories from two other sources, the WaterISAC and the Water Security Channel. Some have
questioned the multiple advisory groups, on top of existing entities, and in particular the potential
that the several mechanisms for sharing homeland security information could transmit
inconsistent information and make the exchange of information more complicated, not less.
Others are optimistic that the systems and groups will sort themselves out into compatible and
complementary networks of information sharing, but that process could take considerable time.
In its March 2006 report, GAO commented on these multiple information services designed to
communicate information to the water sector, but also acknowledged EPA’s and DHS’s ongoing
efforts to coordinate their activities to advance water sector security. GAO recommended that
DHS and the Water Sector Coordinating Council identify areas where information-sharing
networks supported by EPA and DHS (especially the WaterISAC and HSIN) could be better
coordinated to avoid operational duplications and overlap and to ensure that security threat

21 H.Rept. 108-792, to accompany H.R. 4818, Consolidated Appropriations Act, 2005, Congressional Record, daily
edition, November 19, 2004, p. H10850.
Congressional Research Service
11

Terrorism and Security Issues Facing the Water Infrastructure Sector

information is provided to water systems on a timely basis. Water utility industry groups
responded to GAO’s recommendation by saying that such coordination efforts are, in fact,
underway, and DHS is reportedly reviewing HSIN and considering its future role in information
sharing.
DHS-EPA coordination again received congressional attention in the 110th Congress. In its draft
report on FY2009 funding for DHS, the House Appropriations Committee included report
language urging DHS to work with EPA on water security issues. The report encouraged the
National Protection and Programs Directorate of DHS to work with EPA “to improve federal
outreach to water system managers, increase support and guidance on implementation of risk
assessment techniques, and publicize effective protective measures that can be taken to increase
water system security.”22
Beyond the water sector itself, there is interest in larger coordination issues involving cross-sector
interdependencies of critical infrastructures. As noted previously, water utilities are dependent on
electric power to treat and distribute power, and electric power is essential to collecting and
treating wastewater. Adequate and uninterrupted supply of water is necessary to support
municipal firefighting.23 When disasters occur, what affects power also affects water supply, also
affects sanitary services, also affects communications capability. The National Infrastructure
Advisory Council, which provides the President, through DHS, with advice on infrastructure
security, reportedly is considering using the water sector as the focus for a study of sector
interdependencies.
Another information issue concerns the extent of EPA’s ability to collect and analyze security data
from water utilities, especially information in vulnerability assessments submitted under the
Bioterrorism Preparedness Act (discussed below). EPA officials believe that the act permits
reviewing utility submissions for overall compliance and allows aggregation of data but precludes
the agency from asking for or analyzing data showing changes in security levels, as a safeguard
against unintended release of such information. Others, including EPA’s Inspector General,
believe that EPA has the authority and responsibility to review and analyze the information in
order to identify and prioritize threats and to develop plans to protect drinking water supplies.
Among the research needs being addressed are tools for vulnerability and risk analysis,
identification and response to biological/chemical agents, real-time monitoring of water supplies,
and development of information technology. The cost of additional protections and how to pay for
them are issues of great interest, and policymakers continue to consider resource needs and how
to direct them at public and private sector priorities. A critical issue for drinking water and
wastewater utilities is how to pay for physical security improvements, since currently there are no
federal funds dedicated to these purposes, and utilities generally must pay for improvements
using the same revenue or funding sources also needed for other types of capital projects.

22 U.S. Congress, House, Committee on Appropriations, “Draft report to accompany Department of Homeland Security
Appropriations Bill, 2009,” 110th Congress, 2d session, p. 97, available from http://www.cq.com.
23 Improving the Nation’s Water Security, p. 10.
Congressional Research Service
12

Terrorism and Security Issues Facing the Water Infrastructure Sector

Congressional Activity
Since the September 11, 2001 attacks, Congress has conducted oversight on a number of these
issues and considered legislation to address various policy issues, including government
reorganization, and additional appropriations.
Appropriations
Since the September 11 terrorist attacks, Congress has provided appropriations to the Corps, the
Bureau, and EPA for security-related programs and activities to protect water infrastructure, as
shown in Figure 1. Through FY2009, these appropriations have totaled $862 million.
For both the Bureau of Reclamation and the Army Corps of Engineers, appropriations
immediately after September 11 were intended to support risk assessment of needed security
improvements, followed by implementation of measures to ensure the safety and security of the
public, Reclamation and Corps employees, and the facilities. For example, since FY2004, both
agencies have implemented physical hardening and other protective measures, as well as
personnel and information security. Both agencies continue to assess and reassess security needs
at their facilities as part of ongoing efforts to ensure their long-term security. Reclamation’s
security budget includes a law enforcement program (guards and surveillance), facility
fortification, studies, and review. For several years, Reclamation’s security activities focused on
five National Critical Infrastructure (NCI) dam facilities: Hoover, Shasta, Grand Coulee, Glen
Canyon, and Fulsom; in recent years, other facilities also have received recommended security
upgrades. Physical security enhancements at Reclamation facilities are intended to protect those
facilities from terrorist threats, other criminal activities, and unauthorized operation of water
control systems, thus reducing the high risk rating at critical assets. The Corps’ budget as shown
in Figure 1 covers recurring security costs (i.e., guards and monitoring) for its administrative
buildings and other general use facilities. The Corps also funds certain project-specific facility
security upgrades; these amounts cannot be easily identified in the Corps’ budget and are not
reflected in the figure.
Congressional Research Service
13

Terrorism and Security Issues Facing the Water Infrastructure Sector

Figure 1. Water Infrastructure Security Appropriations
Millions of Dollars
300
260
250
200
149.4
150
104.4
100
72.7
66.3
71.8
69.9
67.5
67.3
50
0
FY2002 FY2003 FY2004 FY2005 FY2006 FY2007 FY2008 FY2009 FY2010
req.
EPA
Reclamation
COE

Source: Compiled by CRS.
Funding appropriated to EPA has supported a number of activities. Significant portions of
appropriations in FY2002 and FY2003 were for EPA grants for vulnerability assessments carried
out by large and medium-size drinking water systems, to assist them in complying with
requirements of the Public Health Security and Bioterrorism Preparedness and Response Act (P.L.
107-188, discussed below). EPA appropriations also have supported training and development of
voluntary industry practices for security, and grants to states and territories to coordinate activities
for critical water infrastructure security efforts ($5 million per year; EPA proposes to eliminate
funding for these grants in FY2010 due to completion of states’ high priority activities which has
decreased demand for the funds). EPA also provides support for water security information
sharing for drinking water and wastewater utilities through the WaterISAC and the Water Security
Channel. EPA has supported two special initiatives since FY2006: a pilot program to design,
deploy, and test biological or other contamination warning systems at drinking water systems (see
discussion of the Water Sector Initiative, on page 7), and a related program, the Water Alliance for
Threat Reduction (WATR), to train utility operators at the highest risk systems.
Legislative Issues
In May 2002, Congress approved the Public Health Security and Bioterrorism Preparedness and
Response Act (P.L. 107-188). Title IV of that act required drinking water systems serving more
than 3,300 persons to conduct vulnerability analyses and to submit the assessments to EPA. The
legislation authorized grant funding to assist utilities in meeting these requirements. (For
information, see CRS Report RL31294, Safeguarding the Nation’s Drinking Water: EPA and
Congressional Actions
, by Mary Tiemann.) Legislation authorizing Reclamation to contract with
local law enforcement to protect its facilities also was enacted during the 107th Congress (P.L.
107-69).
In 2001, the House and Senate considered but did not enact legislation authorizing a six-year
grant program for research and development on security of water supply and wastewater
Congressional Research Service
14

Terrorism and Security Issues Facing the Water Infrastructure Sector

treatment systems (H.R. 3178, S. 1593). Some of the drinking water research provisions in these
bills were included in the Bioterrorism Preparedness Act. In 2002, the House approved a bill
authorizing $220 million in grants and other assistance for vulnerability assessments by
wastewater treatment utilities (H.R. 5169), but the Senate did not act on a related bill (S. 3037).
In the 108th Congress, legislation authorizing vulnerability assessment grants to wastewater
utilities was approved by the House, by a 413-7 vote (H.R. 866, identical to H.R. 5169 in the
107th Congress). The Senate Environment and Public Works Committee approved related
legislation (S. 1039, S.Rept. 108-149). No further action occurred, due in part to concerns
expressed by some that the legislation did not require that vulnerability assessments be submitted
to EPA, as is the case with drinking water assessments required by the 2002 Bioterrorism
Preparedness Act.
Wastewater security issues again received some attention in the 109th Congress. In May 2006, the
Senate Environment and Public Works Committee approved S. 2781 (S.Rept. 109-345). It was
similar to S. 1039 in the 108th Congress in that it would have encouraged wastewater utilities to
conduct vulnerability assessments and authorized $220 million to assist utilities with assessments
and preparation of site security plans. It also included provisions responding to GAO’s March
2006 report that found that utilities have made little effort to address vulnerabilities of collection
systems, which may be used by terrorists to introduce hazardous substances or as access points
for underground travel to a potential target.24 S. 2781 would have authorized EPA to conduct
research on this topic. During consideration of the bill, the Senate committee rejected an
amendment that would have required, rather than encouraged, treatment works to conduct
vulnerability assessments and also would have required high-risk facilities to switch from using
chlorine and similar hazardous substances to other chemicals that are often referred to as
“inherently safer technologies.” There was no further action on this bill. Similar legislation was
introduced in the 110th Congress (S. 1968), but no further action occurred.
Another issue of recent interest has been the concerns of a number of water supply and power
users of Bureau of Reclamation facilities about paying for security costs at these facilities. Since
September 11, Reclamation has increased security and anti-terrorist measures at federal multi-
purpose dams. From 2002 through 2004, all of the incremental security costs were paid by the
federal government. However, since 2005, the Administration has requested that users should
fully reimburse government for the guards and patrols portion of site security costs. In the
Administration’s view, project beneficiaries have had several years to adjust their expectations,
budgets, and planning for current guard and patrol levels and that post-September 11 cost
increases should now be considered project O&M expenses subject to allocation among project
purposes and reimbursement from beneficiaries.
Many users have argued that security costs for which the general public is the beneficiary,
including obligations for national defense, should properly be the federal government’s
responsibility. The issue is especially a concern for beneficiaries of Reclamation’s five high-
priority dams, such as Hoover and Grand Coulee, which have the largest security needs, because
these users are being asked to pay a proportionally higher share of total security costs than users
of other Reclamation facilities. Hearings on the issue were held by the House Natural Resources

24 U.S. Government Accountability Office. Securing Wastewater Facilities, Utilities Have Made Upgrades but Further
Improvements to Key System Components May Be Limited by Costs and Other Constraints
, GAO-06-390, March 2006,
64 p.
Congressional Research Service
15

Terrorism and Security Issues Facing the Water Infrastructure Sector

Committee, in June 2006, and the Senate Energy and Natural Resources Committee, in July 2007.
A compromise of sorts is reflected in legislation enacted in May 2008. Section 513 of the
Consolidated Natural Resources Act of 2008 (P.L. 110-229) requires water and power users to
pay for the cost of security guards, but sets an $18.9 million cap on the amount to be paid by
users.
The issue of security of wastewater and drinking water utilities also was debated in connection
with legislation dealing with chemical manufacturing plant security. As part of a bill providing
FY2007 appropriations for the Department of Homeland Security, Congress included provisions
that authorizing DHS to establish risk-based and performance-based security standards at the
nation’s chemical plants (the Chemical Security Act, Section 550 of P.L. 109-295). Under the
legislation, chemical plants are required to conduct vulnerability assessment and create and
implement site security plans based on identified vulnerabilities.25 During consideration of
comprehensive chemical plant security bills during the 109th Congress, some had proposed that
water systems (drinking water and wastewater) be included in the legislation because many store
or use extremely hazardous substances, such as chlorine gas, that can injure or kill citizens if the
chemicals are suddenly released (see page 5). However, water system officials argued that the
water sector should be excluded, because facilities have already undertaken vulnerability
assessments (as required for many drinking water systems under the 2002 Bioterrorism Act, and
as many wastewater utilities have done voluntarily). Further, they argued that requirements in the
legislation were potentially duplicative of Risk Management Plan provisions in the Clean Air Act,
which apply to more than 2,800 of the largest water systems.
The chemical plant security provisions in P.L. 109-295 endorsed these arguments and excluded
water systems from the new requirements. Implementing regulations promulgated by DHS in
2007 exempted water systems from security standards. However, under the statute, the DHS rules
will sunset on September 30, 2009. The 110th Congress considered legislation to reauthorize
DHS’s chemical security program, but no legislation was enacted. At issue were two pending
legislative proposals. H.R. 5533 would have revised and extended the chemical facility security
program and would continue to exempt water facilities. H.R. 5577 would have revised the U.S.
chemical plant security program and would have included drinking water and wastewater
facilities in its coverage, requiring covered facilities to consider the use of “inherently safer
technology,” which could force them to switch chemicals or change their operations to reduce
risk.26
At a House Homeland Security Committee oversight hearing in July 2007, DHS Assistant
Secretary for Infrastructure Protection Bob Stephan said that the water sector’s exclusion from the
Chemical Security Act created a “regulatory gap,” because chemicals that are covered by the act,
including chlorine, are found at unregulated wastewater and drinking water facilities, as well as
regulated conventional chemical plants. He also said that DHS is reviewing ways to boost
safeguards at water utilities that use large amounts of gaseous chlorine. Similarly, in testimony
before a House subcommittee in June 2008, EPA and DHS officials testified in support of
eliminating the current exemption for wastewater and drinking water facilities from chemical
security regulations. Water utilities oppose being included in the DHS program, arguing that it
could lead to costly new mandates. The debate also raises the issue of federal agency roles and

25 For additional information, see CRS Report RL33847, Chemical Facility Security: Regulation and Issues for
Congress
, by Dana A. Shea and Todd B. Tatelman.
26 Ibid.
Congressional Research Service
16

Terrorism and Security Issues Facing the Water Infrastructure Sector

leadership, such as whether EPA should be granted a formal consultative role in development and
implementation of chemical security rules. Some were concerned that legislation such as H.R.
5577 would create uncertainty about coordination between EPA and DHS and whether EPA’s lead
role for the water utility sector would be altered.
Continuing interest in many of these issues is likely in the 111th Congress – especially renewed
consideration of the applicability of chemical security standards to the water sector. In the
FY2010 budget for DHS, presented in May 2009, the Obama Administration requested that the
existing chemical facility standards, which exempt wastewater and drinking water facilities and
which are scheduled to sunset on September 30, be extended without modification for one year.27
Also of possible interest is how the federal government coordinates its own activities and
communicates policies and information to the water infrastructure sector.

Author Contact Information

Claudia Copeland

Specialist in Resources and Environmental Policy
ccopeland@crs.loc.gov, 7-7227





27 U.S. Department of Homeland Security, Congressional Budget Justification FY2010, May 2009, p. 15,
http://www.dhs.gov/xlibrary/assets/dhs_congressional_budget_justification_fy2010.pdf.
Congressional Research Service
17