Sponsors (3)
The bill requires airlines to create and share protected resiliency and cybersecurity plans to reduce disruptions and improve oversight, but it imposes compliance costs, carries some data-exposure risk, and may not deliver immediate operational improvements without further enforcement or funding.
Airline passengers, travelers, and transportation workers: carriers must develop and regularly update resiliency plans (covering weather, staffing, and IT), which should reduce the frequency and severity of travel disruptions over time.
Airlines and passengers: strengthened cybersecurity and IT preparedness requirements reduce the risk of system outages that cause large-scale delays and cancellations.
Covered carriers and policymakers: confidentiality protections encourage carriers to share sensitive operational details for usable plans, while a GAO audit/report gives Congress and regulators oversight data to assess preparedness and guide future policy or assistance.
Airlines and taxpayers: carriers will face compliance costs to develop and update detailed resiliency plans, which could lead to higher fares or reduced investment in other areas.
Airline passengers and transportation workers: the statute mainly mandates planning and reporting, not operational mandates or new funding, so travelers may not see immediate reductions in disruptions without follow-up enforcement or resources.
Covered carriers: submitting vulnerability and operational information—even with confidentiality protections—carries some risk that sensitive details could be exposed or misused.
Based on analysis of 2 sections of legislative text.
Requires covered airlines to develop and update operational resiliency plans addressing weather, staffing, IT/cybersecurity, and other disruptions and mandates a GAO audit of those plans.
Requires large U.S. airlines covered by 14 C.F.R. § 259.3 to develop, maintain, and regularly update an operational resiliency strategy to limit the passenger impacts of severe weather, staffing shortages, IT/cybersecurity failures, and other disruptions. The Department of Transportation must require these strategies within one year of enactment, protect submitted confidential business information, and the Government Accountability Office must audit the strategies and report findings to relevant congressional committees within a year after completing the audit.
Introduced May 17, 2025 by Richard Ray Larsen · Last progress May 17, 2025