Electronic Privacy Information Center v. United States Department of Homeland Security

653 F.3d 1, 397 U.S. App. D.C. 313, 2011 U.S. App. LEXIS 14503, 2011 WL 2739752

• Court: Court of Appeals for the D.C. Circuit
• Decided: July 15, 2011
• Docket: 10-1157
• Status: Published

Opinion

Opinion for the Court filed by Circuit Judge GINSBURG.

GINSBURG, Circuit Judge:

The Electronic Privacy Information Center (EPIC) and two individuals petition for review of a decision by the Transportation Security Administration to screen airline passengers by using advanced imaging technology instead of magnetometers. They argue this use of AIT violates various federal statutes and the Fourth Amendment to the Constitution of the United States and, in any event, should have been the subject of notice-and-comment rulemaking before being adopted. Although we are not persuaded by any of the statutory or constitutional arguments against the rule, we agree the TSA has not justified its failure to issue notice and solicit comments. We therefore grant the petition in part.

I. Background

By statute, anyone seeking to board a commercial airline flight must be screened by the TSA in order to ensure he is not “carrying unlawfully a dangerous weapon, explosive, or other destructive substance.” 49 U.S.C. §§ 44901(a), 44902(a)(1). The Congress generally has left it to the agency to prescribe the details of the screening process, which the TSA has documented in a set of Standard Operating Procedures not available to the public. In addition to the SOPs, the agency has promulgated a blanket regulation barring any person from entering the so-called “sterile area” of an airport, the area on the departure side of the security apparatus, “without complying with the systems, measures, or procedures being applied to control access to, or presence or movement in, such area[ ].” 49 C.F.R. § 1540.105(a)(2). The Congress did, however, in 2004, direct the TSA to “give a high priority to developing, testing, improving, and deploying” at airport screening checkpoints a new technology “that detects nonmetallic, chemical, biological, and radiological weapons, and explosives, in all forms.” Intelligence Reform and Terrorism Prevention Act of 2004, Pub.L. No. 108-458, § 4013(a), 118 Stat. 3719 (codified at 49 U.S.C. § 44925(a)).

The TSA responded to this directive by contracting with private vendors to develop AIT for use at airports. The agency has procured two different types of AIT scanner, one that uses millimeter wave technology, which relies upon radio frequency energy, and another that uses backscatter technology, which employs low-intensity X-ray beams. Each technology is designed to produce a crude image of an unclothed person, who must stand in the scanner for several seconds while it generates the image. That image enables the operator of the machine to detect a nonmetallic object, such as a liquid or powder — which a magnetometer cannot detect — without touching the passengers coming through the checkpoint.

The TSA began to deploy AIT scanners in 2007 in order to provide additional or “secondary” screening of selected passengers who had already passed through a magnetometer. In 2009 the TSA initiated a field test in which it used AIT as a means of primary screening at a limited number of airports. Based upon the apparent success of the test, the TSA decided early in 2010 to use the scanners everywhere for primary screening. By the end of that year the TSA was operating 486 scanners at 78 airports; it plans to add 500 more scanners before the end of this year.

No passenger is ever required to submit to an AIT scan. Signs at the security checkpoint notify passengers they may opt instead for a patdown, which the TSA claims is the only effective alternative method of screening passengers. A passenger who does not want to pass through an AIT scanner may ask that the patdown be performed by an officer of the same sex and in private. Many passengers nonetheless remain unaware of this right, and some who have exercised the right have complained that the resulting patdown was unnecessarily aggressive.

The TSA has also taken steps to mitigate the effect a scan using AIT might have upon passenger privacy: Each image produced by a scanner passes through a filter to obscure facial features and is viewable on a computer screen only by an officer sitting in a remote and secure room. As soon as the passenger has been cleared, moreover, the image is deleted; the officer cannot retain the image on his computer, nor is he permitted to bring a cell phone or camera into the secure room. In addition to these measures to protect privacy, the agency has commissioned two studies of the safety of the scanners that use backscatter technology, each of which has found the scanners emit levels of radiation well within acceptable limits. Millimeter wave scanners are also tested to ensure they meet accepted standards for safety.

The petitioners, for their part, have long been unsatisfied with the TSA’s efforts to protect passengers’ privacy and health from the risks associated with AIT. In May 2009 more than 30 organizations, including the petitioner EPIC, sent a letter to the Secretary of Homeland Security, in which they objected to the use of AIT as a primary means of screening passengers. They asked that the TSA cease using AIT in that capacity pending “a 90-day formal public rulemaking process.” The TSA responded with a letter addressing the organizations’ substantive concerns but ignoring their request for rulemaking.

Nearly a year later, in April 2010, the EPIC and a slightly different group of organizations sent the Secretary and her Chief Privacy Officer a second letter, denominated a “petition for the issuance, amendment, or repeal of a rule” pursuant to 5 U.S.C. § 553(e). They argued the use of AIT for primary screening violates the Privacy Act; a provision of the Homeland Security Act requiring the Chief Privacy Officer upon the issuance of a new rule to prepare a privacy impact assessment; the Religious Freedom Restoration Act (RFRA); and the Fourth Amendment. In May the TSA again responded by letter, clarifying some factual matters, responding to the legal challenges, and taking the position it is not required to initiate a rulemaking each time it changes screening procedures. In July, the EPIC, joined by two members of its advisory board who travel frequently and have been subjected to AIT screening by the TSA, petitioned this court for review.

II. Analysis

The petitioners focus their opening brief upon their substantive challenges to the TSA’s decision to use AIT for initial screening. They raise all the legal claims foreshadowed in their request for rulemaking, as well as a claim under the Video Voyeurism Prevention Act. As explained below, however, our attention is most drawn to their procedural argument that the TSA should have engaged in notice- and-eomment rulemaking.

A. Notice and Comment

In their opening brief, the petitioners argue the TSA “refus[ed] to process” and “effectively ignored” their 2010 letter, which was “explicitly marked as a ‘petition’ ” for rulemaking under § 553. The TSA responds that the petitioners did not petition “for the issuance, amendment, or repeal of a rule,” as authorized by § 553(e), because “the relief actually sought [was] ... the immediate suspension of the AIT program.” A construction of § 553(e) that excludes any petition with a goal beyond mere process is dubious at best, and the agency offers no authority for it. The petitioners were clearly seeking “amendment!] or repeal of a rule”; that their aim was expressed in terms of the substance of the rule surely does not work against them. Indeed, we would be surprised to find many petitions for rule-making that do not identify the substantive outcome the petitioner wants the agency to reach. *

Anticipating this conclusion, the TSA next argues it responded appropriately to the petition by denying it. We will set aside an agency’s decision to deny a petition for rulemaking only if it is “arbitrary, capricious, an abuse of discretion, or otherwise not in accordance with law.” 5 U.S.C. § 706(2)(A). Moreover, “an agency’s refusal to institute rulemaking proceedings is at the high end of the range of levels of deference we give to agency action under our arbitrary and capricious review.” Defenders of Wildlife v. Gutierrez, 532 F.3d 913, 919 (D.C.Cir.2008) (internal quotation marks omitted). Here, however, the TSA denied the petition on the ground it “is not required to initiate APA rulemaking procedures each time the agency develops and implements improved passenger screening procedures.” Because this position rests upon an interpretation of the Administrative Procedure Act, the crux of our review turns upon our analysis of that statute. See Am. Horse Prot. Ass’n, Inc. v. Lyng, 812 F.2d 1, 5 (D.C.Cir.1987) (court may overturn decision to deny petition for rulemaking if based upon “plain errors of law” (internal quotation marks omitted)).

We turn, then, to § 553(b) and (c) of the APA, which generally require an agency to publish notice of a proposed rule in the Federal Register and to solicit and consider public comments upon its proposal. See U.S. Telecom Ass’n v. FCC, 400 F.3d 29, 34 (D.C.Cir.2005) (“This .court and many commentators have generally referred to the category of rules to which the notice- and-comment requirements do apply as ‘legislative rules’ ”). As the TSA points out, however, the statute does provide certain exceptions to this standard procedure; in particular, as set forth in § 553(b)(3)(A), the notice and comment requirements do not apply “to interpretative rules, general statements of policy, or rules of agency organization, procedure, or practice.” The TSA argues its decision to use AIT for primary screening comes within all three listed categories and therefore is not a “legislative rule” subject to notice and comment.

1. Procedural Rule

We consider first the TSA’s argument it has announced a rule of “agency organization, procedure, or practice,” which our cases refer to as a “procedural rule.” In general, a procedural rule “does not itself ‘alter the rights or interests of parties, although it may alter the manner in which the parties present themselves or their viewpoints to the agency.’ ” Chamber of Commerce of U.S. v. DOL, 174 F.3d 206, 211 (D.C.Cir.1999) (quoting Batteyton v. Marshall, 648 F.2d 694, 707 (D.C.Cir.1980)). That is, the rule does “not impose new substantive burdens.” Aulenback, Inc. v. Fed. Highway Admin., 103 F.3d 156, 169 (D.C.Cir.1997). As we have noted before, however, a rule with a “substantial impact” upon the persons subject to it is not necessarily a substantive rule under § 553(b)(3)(A). See Pub. Citizen v. Dep’t of State, 276 F.3d 634, 640-41 (2002). Further, the distinction between substantive and procedural rules is “one of degree” depending upon “whether the substantive effect is sufficiently grave so that notice and comment are needed to safeguard the policies underlying the APA.” Lamoille Valley R.R. Co. v. ICC, 711 F.2d 295, 328 (D.C.Cir.1983). Those policies, as we have elsewhere observed, are to serve “the need for public participation in agency decision-making,” Chamber of Commerce, 174 F.3d at 211, and to ensure the agency has all pertinent information before it when making a decision, Am. Hosp. Ass’n v. Bowen, 834 F.2d 1037, 1044 (1987). In order to further these policies, the exception for procedural rules “must be narrowly construed.” United States v. Picciotto, 875 F.2d 345, 347 (D.C.Cir.1989).

Of course, stated at a high enough level of generality, the new policy imposes no new substantive obligations upon airline passengers: The requirement that a passenger pass through a security checkpoint is hardly novel, the prohibition against boarding a plane with a weapon or an explosive device even less so. But this overly abstract account of the change in procedure at the checkpoint elides the privacy interests at the heart of the petitioners’ concern with AIT. Despite the precautions taken by the TSA, it is clear that by producing an image of the unclothed passenger, an AIT scanner intrudes upon his or her personal privacy in a way a magnetometer does not. Therefore, regardless whether this is a “new substantive burden,” see Aulenback, 103 F.3d at 169, the change substantively affects the public to a degree sufficient to implicate the policy interests animating notice-and-comment rulemaking. Cf. Pickus v. Bd. of Parole, 507 F.2d 1107, 1113-14 (D.C.Cir.1974) (rules governing parole hearings not procedural because they went “beyond formality and substantially affect[ed]” prisoners’ liberty). Indeed, few if any regulatory procedures impose directly and significantly upon so many members of the public. Not surprisingly, therefore, much public concern and media coverage have been focused upon issues of privacy, safety, and efficacy, each of which no doubt would have been the subject of many comments had the TSA seen fit to solicit comments upon a proposal to use AIT for primary screening. To confirm these issues were relevant to the TSA’s deliberations about AIT, we need look no further than its assurances to that effect in its response to the petitioners’ 2010 letter: “AIT screening . has proven effective in addressing ever-changing security threats, and numerous independent studies have addressed health concerns. TSA has carefully considered the important ... privacy issues.” For these reasons, the TSA’s use of AIT for primary screening has the hallmark of a substantive rule and, therefore, unless the rule comes within some other exception, it should have been the subject of notice and comment.

2. Interpretive Rule

The TSA next tries to justify having proceeded without notice and comment on the ground that it announced only an “interpretative” rule advising the public of its current understanding of the statutory charge to develop and deploy new technologies for the detection of terrorist weapons. For their part, the petitioners argue the rule is legislative rather than interpretive because it “effectively amends a prior legislative rule,” Am. Mining Congress v. Mine Safety & Health Admin., 995 F.2d 1106, 1112 (D.C.Cir.1993), to wit, the secondary use of AIT only to back-up primary screening performed with magnetometers. See also Sprint Corp. v. FCC, 315 F.3d 369, 374 (D.C.Cir.2003) (“an amendment to a legislative rule must itself be legislative” (internal quotation marks omitted)).

The practical question inherent in the distinction between legislative and interpretive regulations is whether the new rule effects “a substantive regulatory change” to the statutory or regulatory regime. U.S. Telecom Ass’n, 400 F.3d at 34-40 (FCC effected substantive change when it required wireline telephone carriers to permit customers to transfer their telephone numbers to wireless carriers). For the reasons discussed in Part II.A.1, we conclude the TSA’s policy substantially changes the experience of airline passengers and is therefore not merely “interpretative” either of the statute directing the TSA to detect weapons likely to be used by terrorists or of the general regulation requiring that passengers comply with all TSA screening procedures. Although the statute, 49 U.S.C. § 44925, does require the TSA to develop and test advanced screening technology, it does not specifically require the TSA to deploy AIT scanners let alone use them for primary screening. Concededly, there is some merit in the TSA’s argument it has done no more than resolve an ambiguity inherent in its statutory and regulatory authority, but the purpose of the APA would be disserved if an agency with a broad statutory command (here, to detect weapons) could avoid notice-and-comment rulemaking simply by promulgating a comparably broad regulation (here, requiring passengers to clear a checkpoint) and then invoking its power to interpret that statute and regulation in binding the public to a strict and specific set of obligations.

3. General Statement of Policy

Finally, the TSA argues notice and comment is not required because, rather than promulgating a legislative rule, the agency, in announcing it will use AIT for primary screening, made a “general statement ] of policy.” The question raised by the policy exception “is whether a statement is ... of present binding effect”; if it is, then the APA calls for notice and comment. McLouth Steel Prods. Corp. v. Thomas, 838 F.2d 1317, 1320 (D.C.Cir.1988). Our cases “make clear that an agency pronouncement will be considered binding as a practical matter if it either appears on its face to be binding, or is applied by the agency in a way that indicates it is binding.” Gen. Elec. Co. v. EPA, 290 F.3d 377, 383 (D.C.Cir.2002) (internal citation omitted); see also Chamber of Commerce, 174 F.3d at 212-13. It is enough for the agency’s statement to “purport to bind” those subject to it, that is, to be cast in “mandatory language” so “the affected private parties are reasonably led to believe that failure to conform will bring adverse consequences.” Gen. Elec., 290 F.3d at 383-84 (internal quotation marks omitted).

The TSA seems to think it significant that there are no AIT scanners at some airports and the agency retains the discretion to stop using the scanners where they are in place. More clearly significant is that a passenger is bound to comply with whatever screening procedure the TSA is using on the date he is to fly at the airport from which his flight departs. 49 C.F.R. § 1540.105(a)(2) (no passenger may enter the “sterile area” of an airport “without complying with the systems, measures, or procedures being applied to control access to” that area). To be sure, he can opt for a patdown but, as the TSA conceded at oral argument, the agency has not argued that option makes its screening procedures nonbinding and we therefore do not consider the possibility. We are left, then, with the argument that a passenger is not bound to comply with the set of choices presented by the TSA when he arrives at the security checkpoint, which is absurd. *

In sum, the TSA has advanced no justification for having failed to conduct a notice- and-comment rulemaking. We therefore remand this matter to the agency for further proceedings. Because vacating the present rule would severely disrupt an essential security operation, however, and the rule is, as we explain below, otherwise lawful, we shall not vacate the rule, but we do nonetheless expect the agency to act promptly on remand to cure the defect in its promulgation. See Allied-Signal, Inc. v. Nuclear Regulatory Comm’n, 988 F.2d 146, 150-51 (D.C.Cir.1993).

The agency asks us to “make clear that on remand, TSA is free to invoke the APA’s ‘good cause’ exception” to notiee- and-comment rulemaking, 5 U.S.C. § 553(b)(B) (exception “when the agency for good cause finds ... that notice and public procedure thereon are impracticable, unnecessary, or contrary to the public interest”). We have no occasion to express a view upon this possibility other than to note we do not reach it.

B. Substantive Claims

We turn next to the statutory and constitutional claims raised by the petitioners. None of their arguments, as we explain below, warrants granting relief.

1. Statutory Claims

The petitioners argue first that capturing images of passengers is unlawful under the Video Voyeurism Prevention Act, 18 U.S.C. § 1801, a claim the TSA urges should be dismissed because it was not raised before the agency. See 49 U.S.C. § 46110(d) (“court may consider an objection to an order ... only if the objection was made in the proceeding conducted by the [agency] or if there was a reasonable ground for not making the objection in the proceeding”). As the petitioners argue, however, § 46110(d) presupposes there was an agency “proceeding” where the party could advance its argument in the first instance, the absence of which is the very matter at issue here. The TSA more helpfully reminds us the WPA “does not [apply to] any lawful law enforcement, correctional, or intelligence activity.” 18 U.S.C. § 1801(c). Because the only “unlawfulness” the petitioners claim in order to get around that exception is the alleged violation of the Fourth Amendment, which we reject below, and their argument the TSA does not engage in “law enforcement, correctional, or intelligence activity” borders upon the silly, we conclude the exception applies here.

The petitioners next argue the TSA’s use of AIT violates the Privacy Act, 5 U.S.C. § 552a, a statute that applies only insofar as the Government maintains a “system of records” from which it can retrieve a record by using an individual’s name or other identifying information, see id. § 552a(a)(5), (e)(4); Maydak v. United States, 363 F.3d 512, 515 (D.C.Cir.2004). Here the TSA points out it does not maintain data from AIT scanners in a “system of records” linked to names or any other identifier. Even if, as the petitioners speculate, the TSA has the ability to combine various sources of information and then to link names to the images produced using AIT, their Privacy Act claim still fails because they offer no reason to believe the TSA has in fact done that. See Henke v. Dep’t of Commerce, 83 F.3d 1453, 1460-61 (D.C.Cir.1996) (“retrieval capability is not sufficient to create a system of records”).

The petitioners also claim the Chief Privacy Officer of the DHS failed to discharge her statutory duties generally to “assurfe] that the use of technologies” does not “erode[ ] privacy protections” and, more specifically, to make an assessment of the rule’s impact upon privacy. See 6 U.S.C. § 142(a)(1), (4). The CPO has, however, prepared three privacy impact assessments of the AIT program. Although, as the petitioners point out, the CPO made those assessments before the agency decided to extend the use of AIT from primary screening at six airports and secondary screening at selected others to primary screening at every airport, she also explained she would update the assessments “as needed.” Mary Ellen Callahan, Privacy Impact Assessment Update for TSA Whole Body Imaging 10 (July 23, 2009) . We infer from the absence of any subsequent assessment a determination by the CPO that her prior efforts remain sufficient to cover the impact upon privacy of the expanded use of AIT, see Lichoulas v. FERC, 606 F.3d 769, 780 n. 8 (D.C.Cir. 2010) (presumption of regularity attaches to actions by administrative officials); the petitioners have failed to show that determination is arbitrary or capricious, see 5 U.S.C. § 706(2)(A). As for the broad claim under § 142(a)(1) that the CPO has not done enough to safeguard privacy, the petitioners make no more specific objection that would enable us to disturb the CPO’s conclusion that the privacy protections built into the AIT program are sufficiently “strong.” Therefore this argument fails as well.

Last, the petitioners claim the use of AIT violates the RFRA, 42 U.S.C. § 2000bb et seq., because revealing a person’s naked body “offends the sincerely held beliefs of Muslims and other religious groups.” The TSA argues that Nadhira Al-Khalili, the only person the petitioners assert has any religiously founded objection to AIT, is not a proper party because she is not named in the petition for review, see Fed. R.App. P. 15(a) (petition must “name each party seeking review”); indeed, she first appeared as a purported party in the petitioners’ opening brief. The petitioners respond that their opening brief should be treated as a complaint is treated in the district court, that is, as the appropriate document in which to list the complaining parties. They provide no reasoning to support this assertion and the case they cite actually says something quite different: “ ‘A petition for review ... is analogous to a complaint[,] in which all parties must be named.’ ” Elkins Carmen v. STB, 170 F.3d 1144, 1145 (D.C.Cir.1999) (quoting Fed. R.App. P. 15(a) advisory committee’s note).

Next, the petitioners contend their claims and Al-Khalili’s should be considered as one because she is legal counsel for an organization that was a party to their 2010 letter, the TSA’s response to which is here under review. The case they cite for support, Rampengan v. Gonzales, 206 Fed-Appx. 248, 252 (4th Cir.2006), concerned a family of four who had jointly applied for asylum and, having been treated in an administrative proceeding as a single party under the husband’s name, listed only his name in their petition for review of the administrative decision. AlKhalili, in contrast, claims no familial or agency or other formal relationship with any other petitioner; her employer, despite having joined the letter to the TSA, did not petition for review. Accordingly, neither Al-Khalili nor her employer is before us and, there being no actual petitioner with standing to assert a religious injury cognizable under the RFRA, see Lujan v. Defenders of Wildlife, 504 U.S. 555, 560-61, 112 S.Ct. 2130, 119 L.Ed.2d 351 (1992) (no standing absent an injury-in-fact fairly traceable to the challenged conduct and likely to be redressed by a favorable decision); see also Warth v. Seldin, 422 U.S. 490, 499, 95 S.Ct. 2197, 45 L.Ed.2d 343 (1975) (litigant “generally must assert his own legal rights and interests, and cannot rest his claim to relief on the legal rights or interests of third parties”), that claim must be dismissed.

2. Fourth Amendment Claim

Finally, the petitioners argue that using AIT for primary screening violates the Fourth Amendment because it is more invasive than is necessary to detect weapons or explosives. In view of the Supreme Court’s “repeated!] refus[al] to declare that only the least intrusive search practicable can be reasonable under the Fourth Amendment,” City of Ontario v. Quon, — U.S. —, 130 S.Ct. 2619, 2632, 177 L.Ed.2d 216 (2010) (internal quotation marks omitted), and considering the measures taken by the TSA to safeguard personal privacy, we hold AIT screening does not violate the Fourth Amendment.

As other circuits have held, and as the Supreme Court has strongly suggested, screening passengers at an airport is an “administrative search” because the primary goal is not to determine whether any passenger has committed a crime but rather to protect the public from a terrorist attack. See United States v. Aukai, 497 F.3d 955, 958-63 (9th Cir.2007) (en banc) (passenger search at airport checkpoint); United States v. Hartwell, 436 F.3d 174, 178-81 (3d Cir.2006) (Alito, J.) (same); United States v. Edwards, 498 F.2d 496, 499-501 (2d Cir.1974) (Friendly, J.) (carry-on baggage search at airport); see also Illinois v. Lidster, 540 U.S. 419, 124 S.Ct. 885, 157 L.Ed.2d 843 (2004) (police set up checkpoint to obtain information about earlier crash); Mich. Dep’t of State Police v. Sitz, 496 U.S. 444, 110 S.Ct. 2481, 110 L.Ed.2d 412 (1990) (sobriety checkpoint). An administrative search does not require individualized suspicion. City of Indianapolis v. Edmond, 531 U.S. 32, 41, 47-48, 121 S.Ct. 447, 148 L.Ed.2d 333 (2000) (individualized suspicion required when police checkpoint is “primarily [for] general crime control,” that is, “to detect evidence of ordinary criminal wrongdoing” unlike “searches at places like airports ... where the need for such measures to ensure public safety can be particularly acute”). Instead, whether an administrative search is “unreasonable” within the condemnation of the Fourth Amendment “is determined by assessing, on the one hand, the degree to which it intrudes upon an individual’s privacy and, on the other, the degree to which it is needed for the promotion of legitimate governmental interests.” United States v. Knights, 534 U.S. 112, 118-19, 122 S.Ct. 587, 151 L.Ed.2d 497 (2001) (internal quotation marks omitted).

That balance clearly favors the Government here. The need to search airline passengers “to ensure public safety can be particularly acute,” Edmond, 531 U.S. at 47-48, 121 S.Ct. 447, and, crucially, an AIT scanner, unlike a magnetometer, is capable of detecting, and therefore of deterring, attempts to carry aboard airplanes explosives in liquid or powder form. On the other side of the balance, we must acknowledge the steps the TSA has already taken to protect passenger privacy, in particular distorting the image created using AIT and deleting it as soon as the passenger has been cleared. More telling, any passenger may opt-out of AIT screening in favor of a patdown, which allows him to decide which of the two options for detecting a concealed, nonmetallic weapon or explosive is least invasive.

Contrary to the EPIC’s argument, it is not determinative that AIT is not the last step in a potentially escalating series of search techniques. In Hartwell, from which the petitioners tease out this argument, the Third Circuit upheld an airport search that started with a walk-through magnetometer, thence to scanning with a hand-held magnetometer and, when the TSA officer encountered a bulge in the passenger’s pocket, progressed (according to the passenger) to the officer’s removing a package of crack cocaine from that pocket. 436 F.3d at 175-76. The court noted, however, that its opinion, while describing the search at issue there as “minimally intrusive,” did “not purport to set the outer limits of intrusiveness in the airport context.” Id. at 180 & n. 10. Nothing in HaHwell, that is, suggests the AIT scanners must be minimally intrusive to be consistent with the Fourth Amendment.

III. Conclusion

To sum up, first, we grant the petition for review insofar as it claims the TSA has not justified its failure to initiate notice- and-comment rulemaking before announcing it would use AIT scanners for primary screening. None of the exceptions urged by the TSA justifies its failure to give notice of and receive comment upon such a rule, which is legislative and not merely interpretive, procedural, or a general statement of policy. Second, we deny the petition with respect to the petitioners’ statutory arguments and them claim under the Fourth Amendment, except their claim under the RFRA, which we dismiss for lack of standing. Finally, due to the obvious need for the TSA to continue its airport security operations without interruption, we remand the rule to the TSA but do not vacate it, and instruct the agency promptly to proceed in a manner consistent with this opinion.

So ordered.

* We have no need to reach petitioners’ claim the TSA unreasonably delayed in responding to their 2009 letter; our remand to the agency of their 2010 petition for rulemaking gives them all the relief they would obtain in any event.

* The TSA's argument it has not promulgated a “rule” also fails because the question at issue is again whether the agency’s pronouncement is or purports to be binding. Cf. Amoco Prod. Co. v. Watson, 410 F.3d 722, 732 (D.C.Cir. 2005).