Academic literature on the topic 'Airports – Security measures – United States'

The article presents the results of research that focus on the problem of developing by the United States effective legal, organizational and technical so-lutions to increase the security of civil aviation, including passengers on board aircraft and at airports. An important part of scientific considerations was to characterize the organization of security systems at airports operating in the United States. The presented results are not limited to the theoretical aspects of counteracting terrorism, but also characterize practical organizational and technical projects implemented in the aviation security system in the USA

Several governmental entities: the Secretary of Transportation; the Departments of Defense, Homeland Security, and Commerce; the Federal Aviation Administration (FAA); National Aeronautics and Space Administration (NASA); and industry, aligned their resources to develop the Next Generation Air Transportation System (NextGen), a new approach to safety at airports in the United States (U.S.). NextGen places the responsibility for safety within airport management and changing the FAA's role from testing, inspecting, and certifying to approval and periodic audits of the Safety Management Systems (SMS) programs at U.S. airports. The purpose of the research was to determine, through a comprehensive literature review and evaluation, whether SMS will be used as the framework for U.S. airports to move safely into the year 2025. The researcher concluded that the vision for SMS implementation was well defined and the requirements fairly clear, but guidance and support for SMS implementation at U.S. airports are lacking.

The content and key aspects of the US Cyber Security Strategy are considered. The principles of the state cyber security policy of the USA are defined. Typical threats to the United States in cyberspace are outlined. The state priorities for strengthening the components of cyber defense in the United States are summarized. The issue of financing cyber security in the United States in 2021 is detailed. The principles of joint activities of American-Ukrainian relations in the field of cyber security are specified. The list of measures implemented in the United States to strengthen the state's capabilities in the field of cyber security has been identified.

Exports of technology and items containing technical information are regulated by the United States government. United States export control regulations exist to help protect national security, economic, and political interests. United States defense industry companies manufacture products and develop technologies and information that the United States has a particular interest in protecting. Therefore, defense industry companies must comply with United States export control regulations when exporting items and information to their international partners and customers. An “export” not only includes shipments of hardware or other tangible assets to foreign end-users but also includes the sharing of certain types of information with foreign recipients in the form of phone conversations, emails, meetings, conferences, presentations, and so on. Many employees of defense industry companies travel internationally with company issued laptops and cellphones containing company information that could be viewed by foreign persons. All of these activities are considered exports and may require prior authorization from the United States government under export control regulations. Failure to follow export regulations could result in a violation requiring a report to the United States government that may result in civil penalties or criminal charges. Additionally, intentional as well as unintentional releases of information to certain foreign persons could be detrimental to a defense industry company’s business and reputation and may even result in security concerns for the United States. Although the government has an interest in regulating defense industry companies’ technology and information, critics argue that strong export control regulations may result in invasions of privacy, violations of free speech, and a displacement of the United States as a leader in a world of technological advancement. However, despite current regulations, defense industry information is still at risk of cyberattacks and inadvertent data releases, creating potential threats to national security and the security of company technology and information. In an effort to secure company and sensitive information while exporting, defense industry companies utilize encryption and other cybersecurity measures. Advancing technologies in cybersecurity can help the government and defense industry companies by bolstering the security of their information. These same advancements can also aid attackers in breaking through cybersecurity defenses. Some advances in technology are even preventing law enforcement from gathering necessary information to conduct investigations when cyber-attacks occur, making it difficult to identify criminal actors and seek justice.The United States government faces challenges in creating and up- dating regulations to keep up with consistently advancing technology. Likewise, defense industry companies must adhere to government regulations by creating robust compliance programs, but they should also implement security and compliance measures above and beyond what the government requires to ensure more effective security for their technology and information. This Article discusses the effect of advancing cyber technology; United States export regulations; reporting requirements related to the export of encrypted items; and encryption technology in the defense industry. First, the Article defines encryption and encrypted items. Second, the Article explains United States regulations of ex- ports and specifically, regulations related to encryption and encrypted items. Third, the Article explains the need for defense industry companies to export and to use encrypted items. Fourth, the Article analyzes criticisms of export regulations and the differing views on United States controls. Fifth, the Article will discuss the complexities of com- plying with export regulations and defense industry compliance pro- grams. Sixth, the Article examines the outlook for encryption technology, the future of regulations related to cybersecurity, and the outlook for defense industry security measures and compliance with regulations. The United States government is beginning to recognize the need for more advanced security measures to protect domestically produced technology and information, especially information that puts national security at risk. Specifically, the technology and information produced by United States defense industry companies should be protected from getting into the hands of our foreign adversaries at all costs. In response to the growing need for security measures, the United States government has implemented new programs, commissions, agencies, and projects to create more robust security systems and regulations. The United States should employ the most talented and experienced cybersecurity professionals to innovate and produce security systems that protect our nation’s most sensitive information. The government should then provide these systems to its defense industry companies at minimal cost and should require companies to use the best technology in its security measures. With or without the government’s assistance, defense industry companies within the United States must also implement their own measures of protection. Current policies offer little protection of sensitive and export controlled information including encrypted items and in- formation. In addition, the government should also provide the defense industry companies better guidance and access to resources in order to assist them in protecting the important information and encrypted items.207 For example, any new systems or software purchased by the United States should be made available to defense industry companies as the standard. If the government truly wishes to protect its most important technology and information, it should provide the new systems at minimal cost to the defense industry. Advancements in security programs should be shared with defense industry companies as soon as they are available and ready for use. Nevertheless, the government may not want to provide defense industry companies with the best security technology because in the event that the government needs to conduct an investigation, a company utilizing strong cyber- security and encryption software is much more difficult to investigate. Alternatively, the United States could update current regulations to require that defense industry companies must utilize specific security measures or face a penalty for failing to do so. Such regulation could require defense companies to implement more robust security pro- grams with updated security software. This is a less effective solution as the advancement in cyberattack technology increases so rapidly, and reformed regulations will likely be outdated as soon as they are implemented. It makes more sense to require that defense companies must implement the most updated software and programs determined by government security experts and cyber-security experts. Also, by allowing defense companies to decide which security companies it will work with, the defense companies obtain the option to shop for the best and most expensive program, or the company could choose the cheapest option, resulting in less efficient security. Cybersecurity regulations that are too specific run the risk of being outdated quickly, whereas broad requirements leave the option for companies to implement the lowest of security measures. Even if the government declines these suggested measures, defense industry companies should make the protection of their sensitive in- formation and encrypted items top priority. This method would re- quire complete buy-in from the senior management within the company and a thorough flow-down of cultural beliefs among its employees. A change in norms must be implemented, and defense industry personnel should be inundated with reminders on the importance of information security. Companies should provide employees with easy access to guidance, training, and assistance in handling, sharing, protecting, and exporting sensitive and export controlled information. Changing company culture takes time, and failure to change personnel beliefs will result in a lack of understanding and potential violations of export control regulations. In the worst cases, data spills and cyberattacks could result in the loss of sensitive or even classified in- formation that could jeopardize national security. Huge unauthorized data releases of sensitive information will negatively affect a company’s reputation thus affecting its ability to generate revenue. The risks in using and exporting encryption technology and sensitive information should be a major concern for defense industry companies. This concern should motivate the government to invest significant resources into compliance programs. Resources such as dedicated and qualified personnel can create policy and procedure to ensure compliance with United States government regulations, and the procedures will provide guidance and training to all employees. In addition, companies should employ IT security, data security, and counterintelligence personnel to work with the compliance team in innovating preventive measures and in addressing any potential data releases and export violations. Immediate actions and counter measures should be prioritized not just among the compliance and security teams but should be a known, expected response from all employees. In other words, cybersecurity norms should be instilled company-wide and thoroughly policed from within the company. How a company chooses to implement such measures remains discretionary, but a better resourced compliance department dedicated to implementing effective policies and responding quickly to potential issues will prevent export control violations and data releases of important information. Defense industry companies transfer export controlled information that may subject the United States to security risks. The United States responds to this risk by implementing regulations to control the high- risk exports. Defense industry companies must comply with these regulations. Therefore, defense industry companies should approach exports and cybersecurity from the standpoint that technology is always advancing—failure to simultaneously advance security and compliance measures will leave the country and the company vulnerable to attack.

AbstractAs a follow-up to the terrorist attack of 11 September 2001 and due to the threat that such attacks may be reiterated in different forms, the United States has taken several measures with the view to forestall terrorist attacks from the sea. The measures include the Container Security Initiative and measures to enhance port security. This presentation describes the content of such measures and the reaction of states and international organisations thereto. The question is raised whether such measures may be taken unilaterally or rather through international force.

For many immigrants to the United States, between 1892 and 1924, admission was contingent upon a medical inspection at an immigration centre, such as the one located at Ellis Island in the harbour of New York City. Much like passing through customs or security at airports today, these medical inspections were dreaded by immigrant travellers, and United States Government and Public Health Service (PHS) publications show that these medical inspections were escalating in intensity and emphasis during the early twentieth-century. The purpose of the PHS inspections becomes especially evident when looking at the gender considerations, or lack thereof, which arose during medical inspections at Ellis Island. A gender analysis of the PHS medical inspections, examined through the use of oral histories and photographs, provides a window into understanding the primary concern of the United States Public Health Service.

The United States, dominating the world's energy markets as a producer and consumer is sensitive to changes in this market and intends to influence the development of global energy policy. Supply will be increased by nations such as Venezuela, Indonesia and perhaps in the future a United Yemen and the Commonwealth of Independent States, moving to freer market economies which will allow investment opportunities previously inaccessible to foreign companies. Although world energy demand will grow little of this will be in the US where, under the National Energy Strategy, comprehensive measures are being introduced to improve energy efficiency. The US energy security will be further improved by such measures as diversification of supply, larger domestic production and increasing interdependence between suppliers, traders and consumers.

Mobile phone usage is growing at an unprecedented rate. The ability to remain connected, the ease of smart phone use and declining mobile costs have allowed this technology to expand at a very high rate globally. The study aimed to quantitatively determine the reasons for inactive practice of security measures of smart-phone usage among college students in the United States. The study also examined the Consideration of Future Consequences (CFC) level in relation to the level of smart-phone security measures, determined the levels of security measures on smart-phone (SP) by users, and establish the relationship between CFC level and the levels of smart-phone security measures among college students. Using a quantitative research survey and simple random sampling procedure, the methodology focused on analyzing data through testing of hypotheses. The t-test, Pearson’s correlation, regression coefficients and their respective p-values. The results showed 69.8% of college students set PIN, password and screen lock on their smart phones while 74.8% were cautious with smart phone applications and 6.2% practiced on setting of security software including rooting services. On the other hand, 35.4% protected their SP data through encryption, 47.4% had data checks and security alert while 46.2% had set Bluetooth applications and 41.4% had used backup storage for sensitive data. Use of Biometrics or other security unknown security adoptions were not included in the study. The study also found that lack of knowledge about technology or applications for SP security, lack of security habits and practices, rigorous involvement of setting SP security details like backups, encryption, security software etc., assumptions that SP are security and tamper-proof as well as lack of training, guidance and after sale services on SP security are significant reasons for lack of security measures practices concerning smart-phone usage by college students.

Can tighter cargo security measures lead to higher trade costs and increased trade frictions? This paper examines the impact of the Container Security Initiative (CSI), implemented by the United States in several foreign ports after the September 11 terrorist attacks. It analyzes monthly data for all containerized U.S. imports from 1999 to 2006, by foreign port and country of origin. The analysis exploits these longitudinal data at the port-level and the varying starting dates across CSI ports to identify the causal effect of the initiative. While higher import charges over time are observed, the results find no significant evidence of a “CSI effect” on either import costs or import flows.

Comprising many airplanes, airports, aircrew, and employees, aviation industry is a large sector that is very vulnerable to attacks, whether it is from terrorists or criminals. Aviation history is fraught with examples of airport bombings, hijackings, and sabotage terrorist attacks. The most destructive of which is the tragedy of September 11, 2001, the cornerstone of today's aviation security policies. This study uses risk assessment tools to determine the dimensions of danger and threats against the aviation industry and addresses how vulnerable the aviation sector is. After vulnerabilities and threats are examined, possible impacts of attacks against the aviation security are discussed. This study also explores the pre and post September 11 policies that governments and policy makers develop to reduce risks in aviation sector. In addition, it discusses weaknesses and strengths of these policies which surfaced during the implementations. Finally, this study proposes some recommendations based on vulnerabilities and threats of aviation security.

This study researches the varying threats that emanate from terrorists who carry their activity into the online arena. It examines several elements of this threat, including virtual to virtual attacks and threats to critical infrastructure that can be traced to online sources. It then reports on the methods that terrorists employ in using information technology such as the internet for propaganda and other communication purposes. It discusses how the United States government has responded to these problems, and concludes with recommendations for best practices.

This study employed a qualitative case study method to evaluate the efforts of one university to conduct hazard mitigation and disaster preparedness planning activities and used the Federal Emergency Management Agency framework and selected writings of sociologist and disaster researcher E.L. Quarantelli as models for evaluating the institution's approach. The institution studied was assigned a fictitious name and the identities of the study participants withheld in order to protect the integrity of the institution's planning efforts and its personnel. The study utilized a 92-item questionnaire, field interviews, and review and analysis of documentary materials provided by the institution for data collection purposes. Pattern-matching techniques were applied to identify themes and trends that emerged through the course of data collection. The results indicate the institution has developed an organizational culture that is broadly responsive to and engaged in disaster preparedness planning at multiple levels in a manner generally consistent with principles identified in select writings of Quarantelli. Results further indicate the institution has engaged in identifying hazard mitigation priorities but not in a manner consistent with that advocated by the Federal Emergency Management Agency in its publication entitled Building a Disaster-Resistant University.

Thesis (M.S.)--Naval Postgraduate School, 2004.
Title from title screen (viewed Mar. 15, 2005). "September 2004." "ADA427180"--URL. Includes bibliographical references (p. 89-90). Also issued in paper format.

Thesis (M.S. in Computer Science)--Naval Postgraduate School, Sept. 2004.
Thesis advisor(s): Cynthia E. Irvine, Karen Burke. Includes bibliographical references (p. 161-162). Also available online.

AbstractThis chapter analyses the concept of the “national security interest”, which is widely recognised as allowing a state to determine which areas of its economy are restricted or prohibited to foreign investors. This chapter seeks to identify what constitutes a threat for a state and how that threat is managed both domestically and internationally. Despite the recognition of a state’s right to take measures it considers essential to its security, there are limits. The rules established by the Organisation for Economic Co-operation and Development (OECD) and the United Nations Conference on Trade and Development (UNCTAD) and other international instruments are non-binding but can serve as a guide for states in determining the limits of the national security approach. International investment agreements can restrict the right of states to take security-related measures. Finally, customary international law, in light of the good faith obligation, can serve as a basis for assessing measures taken by a state and pave the way for a better balance between the rights of a state and those of foreign investors.

Several governmental entities: the Secretary of Transportation; the Departments of Defense, Homeland Security, and Commerce; the Federal Aviation Administration (FAA); National Aeronautics and Space Administration (NASA); and industry, aligned their resources to develop the Next Generation Air Transportation System (NextGen), a new approach to safety at airports in the United States (U.S.). NextGen places the responsibility for safety within airport management and changing the FAA's role from testing, inspecting, and certifying to approval and periodic audits of the Safety Management Systems (SMS) programs at U.S. airports. The purpose of the research was to determine, through a comprehensive literature review and evaluation, whether SMS will be used as the framework for U.S. airports to move safely into the year 2025. The researcher concluded that the vision for SMS implementation was well defined and the requirements fairly clear, but guidance and support for SMS implementation at U.S. airports are lacking.

This chapter explores the differing visions of the American welfare state put forward by moderately liberal Democrats and moderately conservative Republicans from the late 1940s through the end of the 1950s. Truman and Stevenson Democrats looked to northern European models for inspiration in the postwar era, but modified their social democratic character to gain the acceptance of a nation with a political culture of individualism and anti-statism. Eisenhower-era Republicans thought in terms of insuring male “breadwinners” against major losses of income rather than a comprehensive, citizen-based model of social welfare entitlement. Even that more limited approach marked a major break with more strongly conservative visions of social provision via the private sector. This narrowing of differences between moderate liberals and moderate conservatives on social welfare policy sheds light on the extent to which the politics and public policy of this period can fairly be characterized as consensual. In policy terms this was embodied by the major reforms of Social Security undertaken by the Truman and Eisenhower administrations in 1950 and 1954 respectively. Its limitations were conversely reflected in the failure to enact social welfare measures that did not conform to the New Deal tradition, particularly in the field of healthcare.

Chapter 4 applies the proportionality model to two cases of IO exceptionalism at the United Nations (UN) Security Council. First, it explains the normalization of the Council’s self-asserted emergency power to act as a global legislator. After 9/11, the Council, for the first time, decreed abstract, general, and indefinite rules to the entire international community. Despite opposition in the aftermath, it was capable to arrogate a permanent de facto legislative competence by credibly justifying the measures as necessary. Second, the chapter accounts for the constitutional containment of the Council’s regime of targeted sanctions against terror suspects. Through Resolution 1390 (2002), the UN Security Council implemented the so-called “terror lists” financially sanctioning all listed individuals without providing for a legal remedy. Against the preferences of the most powerful states, a coalition of societal actors and courts successfully induced procedural improvements by delegitimizing the measures as excessive.

Participation in social networks, forums, and other discussion groups is a growing trend in the United States. Aside from the benefits of online social media, there is a growing concern about privacy and safety from the devolvement of personal information online. As a result of this unfriendly social media climate, Americans are taking measures to protect personal identity and to avoid surveillance by others. The purpose of this chapter is to analyze factors predicting which groups are most concerned about Internet privacy. In addition, this chapter explores how concerns regarding Information privacy are impacting usage of social network sites. We explore these questions using multivariate regression analysis and individual level data from the Pew Internet and American Life Project. Our findings suggest that those with the greatest fears regarding online privacy are not staying offline but are taking necessary precautions to address concerns.

The Internet has emerged as the dominant medium in enabling banking transactions. Adoption of e-banking has witnessed an unprecedented increase over the last few years. In today’s online financial services environment, authentication is the bedrock of information security. Simple password authentication is the prevailing paradigm, but its weaknesses are all too evident in today’s context. In order to address the nature of similar vulnerabilities, in October 2005, the Federal Financial Institutions Examination Council (FFIEC)—which comprises the United States’ five federal banking regulators—published joint guidance entitled Authentication in an Internet Banking Environment, recommending that financial institutions deploy security measures to reliably authenticate their online banking customers. The analysis of FFIEC guidance presented in the article are with the view to equip the reader with a glimpse of the issues involved in understanding the guidance for specific banking organization that may help towards learned and better decisions regarding compliance and improved security. The chapter will allow Information Technology managers to understand information assurance issues in e-banking in a holistic manner, and help them make recommendations and actions to ensure security of e-banking components.

This chapter discusses how SDOs have mitigated the targeting of protocol vulnerabilities by security agencies. It begins with protocols identified by the Internet Engineering Task Force (IETF). In this context, the chapter explains legal measures underpinning state surveillance such as the 2018 renewal of Section 702 of the US Foreign Intelligence Surveillance Act (FISA). The latter part of the chapter looks at the action of states with development of government positions in the United Kingdom and United States, most notably against the company Huawei. It examines the position of the engineering community and technology companies in relation to these conditions.

Today, information security is one of the highest priorities on the IT agenda. In 2003, Luftman and McLean (2004) conducted a survey of Society for Information Management members to identify the top 20 information technology (IT) issues for executives. Security and privacy issues were ranked third, after IT/ business alignment and IT strategic planning. Concept of information security applies to all the data stored in information systems or being communicated in information networks and encompasses measures applied on all layers of open system interconnect (OSI) model of international standards such as application, networking, and physical. Sophisticated technologies and methods have been developed to: • Control access to computer networks • Secure information systems with advanced cryptography and security models • Establish standards for operating systems with focus on confidentiality • Communication integrity and availability for securing different types of networks • Manage trustworthy networks and support business continuity planning, disaster recovery, and auditing The most widely recognized standards are: • In the United States: Trusted Computer System Evaluation Criteria (TCSEC). • In Canada: Canadian Trusted Computer Product Evaluation Criteria (CTCPEC). • In Europe: Information Technology Security Evaluation Criteria (ITSEC). All of theses standards have recently been aggregated into Common Criteria standards. And yet, the information systems continue to be penetrated internally and externally at a high rate by malicious code, attacks leading to loss of processing capability (like distributed denial-of-service attack), impersonation and session hijacking (like man-in-the-middle attack), sniffing, illegal data mining, spying, and others. The problem points to three areas: technology, law, and IT administration. Even prior to the drama of 9/11, several computer laws were enacted in the USA and yet more may come in the future. Still the fundamental threats to information security, whether they originated outside the network or by the company’s insiders, are based on fundamental vulnerabilities inherent to the most common communication protocols, operating systems, hardware, application systems, and operational procedures. Among all technologies, the Internet, which originally was created for communication where trust was not a characteristic, presents the greatest source of vulnerabilities for public information systems infrastructures. Here, a threat is a probable activity, which, if realized, can cause damage to a system or create a loss of confidentiality, integrity, or availability of data. Consequently, vulnerability is a weakness in a system that can be exploited by a threat. Although, some of these attacks may ultimately lead to an organization’s financial disaster, an all-out defense against these threats may not be economically feasible. The defense actions must be focused and measured to correspond to risk assessment analysis provided by the business and IT management. That puts IT management at the helm of the information security strategy in public organizations.

The growth of the Internet has changed our lives significantly. Not so long ago, computers used to be viewed as luxury items to have at home. People used to rely mainly on televisions and newspapers as the primary sources of news. Today, the Internet has become an essential service to depend on for many industries, such as news agencies, airports, and even utility companies. This was the beginning of a new-trillion-dollar industry: the Internet industry. However, the Internet was designed to be an open, academic tool, never to be secure. As a result, cybercrimes, cyber warfare, and other cyber illegal activities have spread to become a significant portion of Internet traffic. Cybercrimes often challenge law enforcement. It is difficult to know the exact location where an attack originated, and there are no cyber borders between nations. As a result, fighting cybercrimes requires international cooperation. The purpose of this chapter is to shed some light on motives of cybercrimes, technologies used by hackers, and solutions that can be adopted by individuals, organizations, and governments. This chapter also presents the United States (USA) and international perspectives on cybercrimes and privacy laws. In summary, individuals, organizations, and nations have roles to play in achieving security and reducing cyber risks.

This chapter considers a variety of methods of treating Germany. The main objective of the United Nations in the treatment of Germany is to prevent it from ever again becoming a threat to the security of the world. The problem of securing this objective could be approached through destruction of Germany's industrial potential, destruction of Germany as a political entity, and removal from German society of the causes of aggression. The chapter shows that the first two solutions should be deferred until it is clear that the third alternative proves unworkable. In order to eliminate the causes of aggressiveness in German society, temporary and long-term disabilities should be imposed upon Germany. The chapter also examines the causes of German aggression, the United States' policy toward Germany, short-term measures during the period of military government, conditional measures during the probationary period, and permanent impositions upon Germany.

Gas pipelines and networks are subject to multiple regulatory governance arrangements. One regime is economic regulation which is designed to ensure fair access to gas markets and emulate the price pressures of competition in a sector dominated by a few companies. Another regime is technical regulation which is designed to ensure pipeline system integrity is sufficient for the purposes of public safety, environmental protection and physical security of supply. As was highlighted in analysis of the San Bruno pipeline failure, these two regulatory regimes have substantially different orientations towards expenditure on things such as maintenance and inspection which ultimately impact public safety. Drawing on more than 50 interviews, document review and case studies of specific price determinations, we have investigated the extent to which these two regulatory regimes as enacted in Australia may conflict, and particularly whether economic regulation influences long-term public safety outcomes. We also draw on a comparison with how similar regulatory requirements are enacted in the United Kingdom (UK). Analysis shows that the overall orientation towards risk varies between the two regimes. The technical regulatory regime is a typical goal-setting style of risk governance with an overarching requirement that ‘reasonably practicable’ measures are put in place to minimize risk to the public. In contrast, the incentive-based economic regulatory regime requires that expenditure should be ‘efficient’ to warrant inclusion in the determination of acceptable charges to customers. How safety is considered within this remains an open question. Best practice in performance-based safety regimes such as those used in the UK and Australia require that regulators adopt an attitude towards companies based on the principle of ‘trust but verify’ as, generally speaking, all parties aim for the common goal of no accidents. Equally, in jurisdictions that favor prescriptive safety requirements such as the United States (US) the common goal remains. In contrast, stakeholders in the economic regulatory regime have significantly diverse interests; companies seek to maximize their individual financial returns and regulators seek to exert downward price pressures. We argue that these differences in the two regulatory regimes are significant for the management of public safety risk and conclude that minimizing risk to the public from a major pipeline failure would be better served by the economic regulatory regime’s separate consideration of safety-related from other expenditure and informed by the technical regulator’s view of safety.