Recent acts of sabotage against U.S. pipelines have raised concern about the security of the nation's energy pipeline system and the federal program to protect them. On March 20, 2017, the developer of the Dakota Access Pipeline alleged in a court filing that it had experienced "recent coordinated physical attacks along the pipeline." On February 26, 2017, law officers fatally shot a man who reportedly had used an assault rifle to attack the Sabal Trail Pipeline, a natural gas pipeline under construction in Florida. On October 11, 2016, a coordinated group of domestic environmentalists caused the shutdown of five pipelines in four states transporting crude oil from Canada to the United States. The activists entered locked enclosures to access manual valves, seeking to stop the flow of oil on these pipelines. According to a press release, the activists acted in support of Native American opposition to the Dakota Access Pipeline and to encourage an "extraordinary shift away from fossil fuels" to avert a "climate catastrophe."
Prior to the October disruptions there had not been a successful physical attack on U.S. oil or natural gas pipelines over the last 15 years. However, in 2011 and 2012, there were two unsuccessful attempts to bomb U.S. natural gas pipelines in Oklahoma and Texas. Natural gas pipelines in British Columbia, Canada, were bombed six times between October 2008 and July 2009 in acts classified by Canadian authorities as environmentally motivated. A 2014 threat assessment by the Royal Canadian Mounted Police concluded that "petroleum companies are being ... increasingly threatened by violent extremists" with a climate change agenda and that "the most likely targets include ... pipelines."
The federal program for pipeline security is administered by the Transportation Security Administration (TSA) within the Department of Homeland Security (DHS). The Aviation and Transportation Security Act of 2001 (P.L. 107-71), which established TSA, authorized the agency "to issue, rescind, and revise such regulations as are necessary" to carry out its functions (§101). The Implementing Recommendations of the 9/11 Commission Act of 2007 (P.L. 110-53) directs TSA to promulgate pipeline security regulations and carry out necessary inspection and enforcement if the agency determines that regulations are appropriate (§1557(d)). Thus, TSA has regulatory authority for the security of natural gas and hazardous liquid (e.g., oil, carbon dioxide) pipelines throughout the United States. In fulfilling these responsibilities, TSA cooperates with the Department of Transportation (DOT)—the federal regulator of pipeline safety—under a 2004 memorandum of understanding (MOU) and a 2006 annex to facilitate security collaboration.
TSA's Pipeline Mode is part of its Surface Division—along with the Mass Transit and Passenger Rail, Highway and Motor Carrier, and Freight Rail Modes. According to TSA, its Pipeline Mode is administered by six dedicated full-time equivalent (FTE) staff responsible for stakeholder engagement. The mode is also assisted, as needed, by six FTEs in the Surface Division's Industry Engagement Support Section and 15 FTEs each in its Policy Analysis and Policy Execution branches.
Although the TSA has regulatory authority for pipeline security under P.L. 107-71 and P.L. 110-53, its activities have relied upon voluntary industry compliance with the agency's security guidance and best practice recommendations. In 2003, TSA initiated its Corporate Security Review (CSR) program—visiting the largest pipeline operators to review their security plans, inspect their facilities, and provide recommendations. TSA has completed over 140 CSRs. In 2008, the TSA initiated its Critical Facility Inspection Program (CFI) to conduct in-depth inspections of all the critical facilities of the 125 largest pipeline systems in the United States. TSA concluded the initial CFI inspections in 2011, a total of 347 site visits. Over the last decade, TSA has also engaged in pipeline security initiatives such as developing training resources, facilitating security drills, and participating in Sector Coordinating Councils and Joint Sector Committees, among other activities. TSA states that it has had "great success" with its voluntary guidelines, emphasizing their collaborative nature and their flexibility to respond to evolving threats.
In a 2011 pipeline threat assessment, TSA stated that, while foreign groups have expressed interest in attacking U.S. pipelines, "violent domestic extremists, homegrown terrorists, and lone offenders likely also pose threats to pipeline networks." According to the assessment, domestic extremists "include, animal and environmental activists, disgruntled employees, and lone individuals... often focused on single issues." The assessment concluded, however, "with high confidence that the terrorist threat to the U.S. pipeline industry is low." In a 2016 Federal Register notice, TSA stated that it expects pipeline companies will report approximately 30 "security incidents" annually—both physical and cyber. The agency's latest threat assessment was released to pipeline industry partners in January 2017, but it is not publicly available. In April 2017, TSA stated to CRS that the recent security incidents "do not change the terrorism threat to pipelines here in the Homeland."
In the 114th Congress, three pipeline security issues came under particular scrutiny: TSA's use of voluntary standards, the agency's pipeline threat assessments, and the resources devoted to TSA's pipeline division. Although TSA believes a voluntary approach to U.S. pipeline security is most effective, in 2010, the National Energy Board of Canada mandated security regulations for jurisdictional Canadian petroleum and natural gas pipelines. Canada's decision to regulate security raises questions as to the relative merits of a voluntary versus regulatory approach. Some policymakers also have questioned whether the TSA devotes enough funding to pipeline security relative to other surface transportation modes. Concerns about the quality and specificity of federal threat information have long been an issue across critical infrastructure sectors, including pipelines. A September 2016 report by the DHS Inspector General suggests that the latter two issues are closely linked, concluding that "TSA lacks an intelligence driven, risk-based security strategy that informs security and resource decisions across all transportation modes." In light of the recent security incidents, Congress may reexamine the adequacy of the federal pipeline security program and how the TSA and private industry work together to secure pipelines.