Homeland Security Watch

News and analysis of critical issues in homeland security

March 16, 2010

Why I Hate Freedom

Filed under: Aviation Security, General Homeland Security — by Deirdre Walker on March 16, 2010

Dee Walker has appeared in Homeland Security Watch several times.  Her initial and subsequent posts about her experiences with the Transportation Security Administration continue to ripple. — Chris Bellavita

—————-

I was recently quoted in a column in the Philadelphia Inquirer.  The column was a re-hash of my on-going struggle with TSA.  I have struggled over many months to elevate the debate about TSA above the “why can’t I keep my water”  and “why does my grandma have to get out of her wheelchair” dialogue.  Apparently, my struggle has been in vain.

In a comment posted to Daniel Rubin’s column, a reader asked, “Why does Deirdre Walker hate freedom?”

Wow.  I didn’t know I hated freedom.  Then, I began to think about it and I realized, yup, I do hate freedom.

Here are my top 10 reasons: (Well, I was going to have 10, but since everyone in the public sector is cutting back, I’ll cut back to 5.)

  1. I am a hedonist. Freedom requires work and sacrifice.  As a former police officer, I worked rotating shifts, weekends, Thanksgiving, St. Patrick’s Day and New Year’s.  I worked midnights and then got up after two hours of sleep to sit in court all day, then returned to work the street a few hours later.  I worked snowstorms and tropical storms, undercover and sometimes unarmed in order to arrest drug dealers and pimps.  Later in my career, I jumped from bed at 2am or whenever the phone rang on my birthday, on Christmas and during vacations.  Until very late in my career, none of this felt less a privilege than a sacrifice.  Then I looked back at an adult life characterized by missed birthdays, funerals, family dinners and some seriously dysfunctional personal relationships.  Only then I realized what sacrifice looks like and more importantly, I understood what it feels like.  I don’t just speak of it.  I did it.  Generally, it kinda sucks.  It makes you older faster and more cynical than most.  I hate sacrifice, therefore, I must hate freedom.
  2. I am adventurous. Freedom, apparently, requires that we all have the same, safe perspective on freedom.  This apparently means neither questioning authority nor challenging conventional wisdom (an oxymoron that I love).  Clearly, those irritating activities were good enough for our Founding Mothers and Fathers, but why should I get involved?  I have built a life and career on asking “why” and challenging the answers I received.  That is how, I think, we step into the abyss of change.  Change, it seems, is a threat to freedom.  I love change.  Therefore, I must hate freedom.
  3. I am agnostic. I was not raised in a religious family, and I see that as a good thing, personally.  I am generally very ignorant regarding most forms of formal religion.  Due to my interest in all things homeland security, I probably know more about Islam than I do about Buddhism or Christianity.  I have deep and abiding respect for the rights of my fellow citizens to worship as they please.  I do not see a commensurate tolerance for those of us who choose not to worship formally; in fact, we are often viewed with pity, regarded with suspicion and spoken of with bile.  Religious freedom is a foundation of our Constitution, and apparently, God loves freedom.  I do not believe in God and therefore, I must hate freedom.
  4. I am comfortable. I have no room for learning from people with whom I disagree.  I cannot fathom that I might not be right, all of the time, and why on earth anyone with half a brain would bother to disagree with me when I am so very clearly right.  As a retiree, I recently enrolled in a graduate studies program so that I might more effectively plumb the depths of my lack of tolerance for new ideas; but really, I already know everything I need to know.  Therefore, I must hate freedom.
  5. I am disingenuous. I made a career of being a good “second”.  As an assistant chief of police, I did not aspire to my bosses job.  I got to do the work, and he got to take the heat.  Well, it seems I say I like to fly under the radar, but I currently miss no opportunity to step into the light to rag on TSA.  Unfortunately, I am very deeply concerned about the agency trajectory and have spent quite a bit of time composing my thoughts on this topic.  I have tried to ensure that this dialogue is informed by my education and experience, not just my emotions.  Challenging a key component of the Department of Homeland Security has led many people to quite reasonable offer that I because I do this, I must hate my country.  Fortunately, I like it when people question my motives and label me as unpatriotic.  I thrive on reflexive insults.  I am rebellious not robotic and therefore, I must hate freedom.

So, I hope I have made clear why it is that I hate freedom.  Freedom is overrated and undermined.  It is perishable.  It takes too much thought and debate.  It requires a lot of work.  It breeds humility and tolerance.  Who has time for any of that?

February 1, 2010

Budget Day - Security Stays Strong?

Filed under: Aviation Security, Budgets and Spending — by Jessica Herrera-Flanigan on February 1, 2010

Today is budget day for President Obama.  Expect a Fiscal Year 2011 budget of $3.834 trillion, of which $1.415 trillion is in discretionary funding.   The budget includes a three-year freeze on a number of discretionary program. The budget, if implemented, puts our 2011 projected deficit at $1.267 trillion or 8.3 percent of GDP.

Homeland Security, which has been rumored before Christmas Day to be facing a freeze and possible cuts to programs, will receive a bump up of 2 percent to $46.3 billion.  It is safe to say that the December 25th underwear bomber incident influenced the agency’s budget, with early information released by the White House highlighting $734 million to support the deployment of up to 1,000 new Advanced Imaging Technology screening machines at airport checkpoints and new explosive detection equipment for baggage screening.  There will also be an increase in the number of international flights covered by Federal Air Marshals to “defend against attempted attacks on aviation.”

Interestingly, in the quick overview released at 6am this morning by the White House, there was not a single mention of border security.   Numbers for Customs & Border Protection and related border/immigration programs are worth watching when the budget is released later today, especially as it might give some insight into where immigration reform may fall in terms of priorities for the President this year.

Also of note, the budget includes $33 billion for a 2010 supplemental request and $159.3 billion for 2011 to support overseas contingency operations, including those in operation in Afghanistan and Pakistan.  DoD family support programs will grow 3 percent to $8.8 billion and State Department funding (excluding war costs) will increase by 2.6 percent.   The President also intends to provide $50.6 billion in advance appropriations for the VA medical care program.

Look for a deeper analysis later today/this evening.

January 13, 2010

Houston, We Have a Problem

Filed under: Aviation Security, Intelligence and Info-Sharing, Terrorist Threats & Attacks — by Mark Chubb on January 13, 2010

story in Monday’s New York Times once again highlighted the growing problem facing the United States in its efforts to combat terrorism: We’re swimming in sensors and drowning in data. Terrorism and its extremist adherents have no better ally in their efforts to harm us than our innate tendency to mistake problems of being for problems of knowing, and in doing so to tie ourselves in knots.

As inconceivable as the motivations and actions of terrorists may seem to us, their behavior does not pose an unimaginable much less unknowable threat. Although we may not know when, where, or how they intend to strike, we can be pretty sure they will.

Our inability to wrap our heads around the “why” of terrorism leads us to oversimplifications and misapprehensions about the nature of the terrorist threat on one hand and a tendency to over-reach in our efforts to know who they are and what they are up to on the other. This leads us to frame the problem of terrorism primarily as an effort to identify and interdict unknown enemies.

Our preoccupation with finding out whom we should target leads us to collect more information than we need, and, consequently, far more than we can intelligently manage. As such, it becomes not only increasingly difficult, but also increasingly impractical to assemble a coherent picture of the threats facing us.

With the possible combinations so numerous, we see few options besides throwing everything we have at the problem of sifting and sorting the data every way we can. But that’s the problem: We cannot sort or sift fast enough. Picking up the pace does no good. No matter how fast we work, we still make little or no progress.

Thankfully, looking for answers does not always require us to look for evidence. Sometimes all the evidence we need is already available, and all we really need to ask ourselves is “what does it all mean.”

Fortunately, this situation often arises when the stakes are high, making it a familiar setting for any experienced homeland security professional. Thos with experience know that gathering more information will not change the nature of a high-stakes problem nor will it make the solution any clearer. Indeed, just the opposite may be the case.

The popular Ron Howard movie Apollo 13 recounts the successful effort to save the crew of the crippled spacecraft after an unexpected explosion compromised the life support system aborting the original mission. In the movie (but apparently not in real-life), as the stakes became clear, flight director Gene Kranz played by actor Ed Harris, tells the engineers assembled to work out a strategy for saving the ship and its crew. “Failure is not an option.”

These words echo the sentiments expressed by President Obama during his scathing critiques of what he characterized as the intelligence failures that allowed the Nigerian Farouk Umar Abdulmutallab, who is accused of attempting to destroy Northwest Airlines flight 253, to board the Detroit-bound aircraft in Amsterdam despite apparent foreknowledge of his links to extremists. As the President noted, intelligence agencies had the information, but they did not know what it meant and did not act on what they did know before Abdulmutallab boarded the flight.

In a scene from Apollo 13, a group of engineers assembles in a meeting room and a box of assorted items representing the materials available to the astronauts aboard the crippled spacecraft is emptied before them. Their charge was to figure out how to combine these resources in a new way to achieve the goal of keeping the crew alive and returning them to earth safely.

This sort of situation as it applies to terrorism has confronted the west before. Other countries confront this reality today. Few can afford to act as the United States has in imposing new regulations and technical security requirements on its people and its trading partners. Instead, they adapted their behavior to the reality of the threat confronting them.

When IRA bombers threatened riders on London’s Underground, the operators of the system relocated vendors to improve sight lines and removed rubbish bins to make it harder to conceal an incendiary or explosive device. Passengers too became an integral part of the security arrangements.

Whether we can afford to invest in better technology or not, we should ask ourselves whether what we have to invest will prove worth the cost when we look back at the value obtained. If NW 253 teaches us anything, it is that the investments we have already made in airport security and intelligence gathering and analysis have not made the target that much harder.

Looking at the security landscape before us, we might discover that we are far better off than we realize. The same things that prevented the terrorists aboard United Airlines flight 93 from succeeding on 9/11 saved lives again on Christmas Day. When everything is said and done, relying on the resourcefulness and courage of average Americans is not such a bad thing to do when failure is not an option.

January 11, 2010

Keeping the Skies Friendly?

Filed under: Aviation Security, General Homeland Security — by Jessica Herrera-Flanigan on January 11, 2010

In 1965, Leo Burnett Co. designed a campaign focused on the theme “Fly the Friendly Skies” for United Airlines.  The campaign lasted more than 30 years, ending in 1996 when United took its advertising in a new direction, first focusing on “Rising” and then on “it’s time to fly.”  For those of you who may want to reminisce about some of those feel-good (and corny) ads, here are some links to a few of my favorite:

While seemingly random, this campaign came to mind as I was reading about what seems to be an increase in the number of disruption of flights  from unruly passengers.  On Wednesday, a passenger in Miami on  a flight to Detroit shouted that he wanted to “kill all the Jews” as the plane was beginning its takeoff. The plane had to turn around and the man removed.

Last Thursday, two F-15 fighter jets were scrambled by NORAD to escort a Hawaii-headed flight back to Portland, Oregon after a passenger became “uncooperative.“ 

The next day, a flight from Atlanta to San Francisco was diverted to Colorado Springs and two F-16 fighter planes were sent from NORAD to escort the plane.

In this heightened environment, airlines and officials are more likely to take the cautious route and turn planes around or divert them when unruly passengers are reported.  Unfortunately, such actions for every drunk or misbehaving passenger complicate the nation’s aviation security efforts and cost significant amount of time and money.   While the military  doesn’t estimate costs,  one quote put the cost at $10,000 an hour for the scrambling of each jet. That cost does not include the additional cost for fuel, personnel, and resources to accommodate diversions.  Add to that the disruption of schedules and costs to travelers, the costs are outrageous.  To make matters worse, the diversions also frustrate an already strained flying public.

Post 9/11, the diligence and security of planes has increased - pilots, airline personnel, attendants, and passengers are more aware of their surroundings and fellow fliers.  While much attention has been paid to screening efforts in recent days, I wonder if the increasing phenomenon of plane diversions should also be examined to determine what solutions or alternatives may be in order.

January 8, 2010

The Week (Year?) in Aviation

Filed under: Aviation Security — by Jessica Herrera-Flanigan on January 8, 2010

If  on December 24th, one had asked the various consultants, academic/think-tank types, and security experts what the biggest homeland security issue would be in 2010, one could expect answers relating to border security, international security, and maybe, cybersecurity. Two weeks later and only a week into the new Year, 2010 is quickly turning into the “year of aviation security.”

The December 25th underwear bombing incident refocused attention  on the vulnerabilities to our aviation system.  In his speech yesterday, President Obama did not specifically identify aviation security as part of the systematic failure resulting in the incident - most of that attention was given to failures across intelligence agencies.  That said, he did, as part of his directive on corrective actions, state that the Department of Homeland Security should:

  • Aggressively pursue enhanced screening technology, protocols, and procedures, especially in regard to aviation and other transportation sectors, consistent with privacy rights and civil liberties; strengthen international partnerships and  coordination on aviation security issues.
  • Develop recommendations on long-term law enforcement requirements for aviation security in coordination with the Department of Justice.

While the Department bear the brunt of criticism for the underwear bomber, the same will likely not be the case for the incident at the Newark incident on Sunday.   In that incident, Newark Liberty International Airport was shut down for seven-hours after a passenger observed a man enter the airport’s “sterile area” without clearing security. Unable to find the man, the concourse had to be emptied and a multi-hour security sweep endured. The failures there have pointed to:

  • The TSA officer responsible for keeping people from entering through the exit area leaving his post for two minutes.  That officer has been put on administrative leave.
  • The failures of Port Authority of New York and New Jersey cameras (purchased with TSA money) to record the incident, as the recording function of the cameras had been turned off. It is unclear whether the proper functioning of the cameras, as well as recognizing the cameras were not working, falls to TSA or the Port Authority.

While the underwear bomber and the Newark incident gained a lot of national attention, we started to see, as expected from a press with aviation security on its mind, a few other stories the past two weeks on the aviation front.  For example, last week in Philadelphia, a local ABC station featured Congressman Robert Brady raising concerns regarding the de-certification of TSA bomb sniffing dogs at the Philadelphia airport, after the failed two tests.  The dogs, as far as I can tell from reports, remained on duty  (or maybe replaced with certified dogs?) USA Today also covered the incident and pointed to a few other locations where dogs either failed to identify or misidentified explosives. I would expect that we will see more aviation security stories in the coming weeks.

So what does all this renewed attention on aviation security mean?

Pundits say we can expect some changes in our screening processes - though it is unclear what those changes (putting aside technology) might be.

Expect an increase on the international diplomacy side.

On the technology side, we know already that in fulfillment of President Obama’s directive on screening, the U.S. government is using $25 million in stimulus money to buy and install 150 more whole body image scanners in airports this year. This is in addition to the 40 scanners already in use.   Indeed, if you are to believe Jim Cramer of Mad Money, homeland security/counterterrorism companies will be one of the top investments of 2010.   He predicts more spending and more attention for companies selling screening, biometrics, and air cargo (among other technologies) solutions.

January 7, 2010

White House Review of the December 25, 2009 Attempted Terrorist Attack

Filed under: Aviation Security, Intelligence and Info-Sharing — by Christopher Bellavita on January 7, 2010

[from the best librarian in homeland security]

The White house has released its summary of the review on the December 25, 2009 Attempted Terrorist Attack

http://www.whitehouse.gov/sites/default/files/summary_of_wh_review_12-25-09.pdf

and the related directive

http://www.whitehouse.gov/sites/default/files/potus_directive_corrective_actions_1-7-10.pdf

The press release says:

“The review of our security and intelligence systems following the attempted terrorist attack on Christmas Day has been completed.  The President spoke two days ago about “the urgency of getting this right,” and the identification of failures in this review, along with the immediate ordering of reforms and corrective steps both today and in the days since this incident, are a recognition of that urgency.  This review is also a recognition that while there is no place for partisanship and the old Washington blame game in dealing with Al Qaeda and the threat they represent, keeping American safe depends on honest and direct accountability.”

http://www.whitehouse.gov/blog/2010/01/07/release-security-review-conducted-after-failed-christmas-terrorist-attack-0

And here is a link to the president’s remarks about “strengthening intelligence and aviation security.”

December 30, 2009

“The operation was a failure, but the patient lived.”

Filed under: Aviation Security, Events, General Homeland Security, Intelligence and Info-Sharing, Strategy — by Christopher Bellavita on December 30, 2009

“Politically correct” means constraining the way one behaves or uses language because one is afraid to violate powerful orthodoxies.

President Obama has officially declared that “a systemic failure has occurred,” and he considers it to be “…totally unacceptable.”

Obviously, when a system fails in a technologically advanced society, the only politically correct thing to do is fix it.

One fixes system failures by identifying the offending elements and replacing them with elements that are not going to fail.

It is irrational to do anything other than that.

But what if this was not (except with hindsight) a preventable systemic failure?  What if it is in the nature of complex systems to “self organize” and every now and then  just fail?

On this point, see “Complexity, contingency, and criticality,” by Bak and Pakzuski (originators of the sandpile avalanche metaphor — i.e., “for a wide variety of phenomena, there are no deep underlying causes, just an accumulation of tiny accidents.”).

Less technical treatments of the idea can be found in Charles Perrow’s , “Normal Accidents: Living with High-Risk Technologies;Mark Buchanan’s Ubiquity: Why Catastrophes Happen;” or Joshua Cooper Ramo’s, The Age of the Unthinkable: Why the New World Disorder Constantly Surprises Us And What We Can Do About It.”

If you have time for only one of these, I’d recommend Buchanan’s book, Ubiquity.  Here is an excerpt from Edward Skidelsky’s review of Ubiquity:

Applied to history, this theory suggests that … [significant events] demand no explanation beyond a narration of the precise chain of events that compose them. In the sand pile, it is impossible to specify the cause of a huge avalanche other than by tracing its exact progress right back to the original grain that triggered it all off. There are no “laws of avalanches” distinct from the laws governing the movement of the individual grains. And any grain … can, if it falls at the right time and place, start an avalanche. The only way to understand the history of the sand pile is to recount it; old-fashioned narrative history turns out to be the most scientific of all.

The vision of history that emerges from Ubiquity is tragic. It is the vision of the Iliad. History stands permanently poised on the brink of catastrophe; the abduction of one woman can lead to the destruction of cities. Instability is an inalienable feature of human life. We flatter ourselves that we have overcome it through the development of rules and institutions, not realising that those very rules and institutions are equally subject to its depredations…. [my emphasis]

———————–

From the  perspective of “self organized criticality,” what has been termed “system failure” is not always a problem that can be fixed.  Sometimes it’s a terrain feature one has to adapt to.

It may be politically correct to use the “fix it and move on” language.  But defaulting to such correctness may constrain useful thinking about alternatives.

[Mark Chubb's very thoughtful piece earlier today illustrates such alternative thinking.]

Resilience is premised on the idea that sometimes bad stuff happens.  And when it does, you get back up.

One does not encourage resilience by placing blind faith in the perfectibility of complex systems — particularly systems whose complexity is generated by people and technology.  One’s faith is better placed in the knowledge that complex systems will fail, so what happens when they do?

Questions like that outline a path toward resilience.

———————–

Here’s an image of the TSA system emerging orthodoxy says “failed:”

tsa-layers-of-security-vertical

Maybe political correctness demands there should be more or better pieces, or sub-pieces, or links, or procedures added to the complexity of the 20 layers and the unfathomable environment that surrounds those layers.

But you will note that “Passengers” are part of the current system.

As Mark notes, Flight 253 did land safely. Abdulmutallab failed.

Some element in the homeland security enterprise ought to get credit for the success.  The passengers did not sit quietly and wait for the bomber to try again amidst the smoke and smell.  They acted.

It is trite to say, but homeland security, including aviation security, is not simply the government’s job.  It is everyone’s responsibility — not in theory, but in fact.

It is politically incorrect to think otherwise.




Binary Explosives

It looks like I spoke too soon by posting my Top 10 for 2009 last week.  Just when you think it’s safe to get back in the skies somebody tries to blow up an airplane with an underwear bomb. (I will avoid the small but obvious temptation to employ sophomoric, prepubescent potty humor here.)

In an effort to underscore the seriousness with which the threat is taken, President Obama yesterday cited “human and systemic failures,” which he termed “totally unacceptable” for allowing Umar Farouk Abdulmutallab to board a Northwest Airlines flight from Amsterdam to Detroit. His failed attempt to initiate an explosive device as the flight approached its destination occurred despite apparent warnings that al Qaeda radicals in Yemen were preparing a Nigerian operative for an attack and a nearly simultaneous warning from the young man’s father that his devout son had fallen off the grid and might be a risk to the United States.

The revelation that the United States government, possibly even two stations in the same intelligence service, had in its possession the information with which to identify and interdict a terrorist target before he could act has been taken as the intelligence equivalent to the binary explosive device that Mr. Abdulmutallab sought unsuccessfully to detonate. Like the alleged terrorist, the intelligence community’s technology failed to operate as intended.

Neither event should come as much of a surprise. Perpetrating a terrorist attack on an airliner remains a very complex undertaking, which has no doubt become more complicated due to the measures taken by the United States and its allies since 9/11. Assembling and actuating an improvised explosive device remains a complex and risky undertaking for those handling it, especially when it must be designed and deployed in a fashion that renders it both difficult to detect and under the deliberate control of an operative. A device of the type employed in this instance is difficult, if not impractical to test beforehand.

Soon after the attack, we learned that Mr. Abdulmutallab had come to the attention of officials at the U.S. embassy in Abuja, Nigeria after his father expressed concern his son had been radicalized. This understandably rare approach from a distressed parent raised appropriate alarm bells, but was not in and of itself sufficient cause to consider Mr. Abdulmutallab a full-fledged terrorist.

This morning we learned more about the information that might have led President Obama to characterize intelligence failures in such stark terms.  News reports indicate that intelligence services monitoring communications in Yemen intercepted an exchange indicating that an unidentified Nigerian operative was prepared for deployment. In hindsight, it seems clear that these two pieces of information are related. But combining them, like actuating the explosives Mr. Abdulmutallab carried, is harder to do than it seems.

In addition to the President’s statement yesterday, we learned a bit more about the alleged bomber himself from what appear to be his own posts to an Islamic chat room on the internet. While these musings help paint a picture of a lonely, troubled young man struggling with his identity, purpose, and relationships, these writings do not suggest anything more serious than the sorts of emotional difficulties that face many young men as they reach adulthood. Taken in the context of his activities at the time, rather than our knowledge of the present circumstances, they seem rather constructive even reasonable attempts to seek stability and direction.

That Mr. Abdulmutallab found stability and purpose, despite education and advantage, in associating with terrorists understandably troubles us. But it also suggests we should not look for easy answers lest we fall prey to the same sort of misfortune Mr. Abdulmutallab himself now faces (or would have, for that matter, had he succeeded in his designs).

By definition, a systemic failure occurs when multiple, independent structural deficiencies conspire to permit the occurrence of an unwanted or unintended consequence, which would otherwise have been avoided had any single deficiency not existed. While we examine the multiple missed opportunities that allowed Mr. Abdulmutallab to come so close to bringing down Northwest flight 253, we should not overlook the fact that his attempt ultimately failed.

In our efforts to outdo ourselves and improve the performance of the aviation security and intelligence processes associated with this incident, we must remain mindful that success has its own perils. Like Mr. Abdulmutallab we may either become entangled in our own plot or have to destroy ourselves to succeed in any meaningful way.

December 28, 2009

Christmas Incident: Heightened Security

Filed under: Aviation Security — by Jessica Herrera-Flanigan on December 28, 2009

Going through airport security on Christmas afternoon, I noticed signs of additional security. Whispering among Transportation Security Administration (TSA) officials  regarding increased random pat-downs of travelers.  More carry-on baggage being re-screened and searched by hand.  I had not yet heard the news out of Detroit but knew enough from experience that something was up. Upon boarding the plane, individual television screens at each seat were carrying DIRECTV and CNN.  One woman a few rows behind me decided she did not want to fly to D.C. after all and de-boarded the plane.

Throughout the flight, I was glued to the screen, watching CNN and other news channels beaming in experts via telephone and video feed talking about the attack. Few facts were clear though everyone who appeared or spoke seemed to have some thought on whether there was blame to be had, whether the event was preventable, and what this meant for security. Two days later, facts are still being compiled and the blame game appears to be escalating as, unfortunately, politics rears its ugly head in DC.

As we continue to hear more about the incident and the response, here are a few observations:

This Should Not Be A Democrat or Republican Issue:  Post-incident, there appears to be an increase in rhetoric in the politicians and talking heads blaming the Obama Administration for “downplaying” terrorism.  Others have pointed that the failures, if any, of watchlists and no-fly lists date back to the Bush Administration.  It is safe to say that the brave passengers on Northwest Flight 253 on Christmas were likely of various political stripes and probably counted among themselves supporters and detractors of both Administrations.  It has been said time and time again - homeland security is not a Democrat or Republican issue.  With regards to the current incident,  tragedy was averted because of the diligence of the passengers and crew of 253 and they were part of the homeland security system that was built over the past eight years. Whether other parts of the system need reinforcement, improvement, or revamping should be reviewed but should be done so in a constructive manner designed to strengthen security and not place blame.

The Investigation is Ongoing and the Facts As Reported, Even By “Authorities,” May Not Be Right: One thing I have noticed over the last several days - the facts keep evolving as the news evolves.  This is, in part, due to the “breaking news” nature of our news cycles that rely on “authorities,” “eyewitnesses,” and “experts” to dissect situations.  One thing is clear - the investigation into the incident is ongoing and some facts will not and should not be made public to allow the investigators and prosecutors to do their jobs.  Also, the reasoning for some increased security efforts may be classified and should be kept so to protect both the sources and methods by which the intelligence agencies gather information.  For the public, this means we need an increased awareness as we sift through the available information and a dose of reality to recognize that talking heads are not necessarily in the know on the most sensitive facts.

The Watchlist System Needs Improvement: During my time on the House Homeland Security Committee, we held numerous hearings and briefings on the terrorist watchlist system  and its databases.  What has come to light in the past few days is the complexity of the system.  A parent reporting that his son is becoming radicalized may result in an open file and an entry into the 550,000 + Terrorist Identities Datamart Environment  but what elevates that person to the next level so he is on a “no fly” or “selectee” list or otherwise identified to international, federal, state and local officials as a threat?  At the same time, how can the list be designed so that the innocent are not wrongly flagged and kept from travelling? (We’ve all heard the horror stories of neighbors, politicians, and even children being wrongly flagged because their names are similar to individuals on the list).  President Obama’s order this past weekend to review the databases is the right move.  The solution, however, will not be an easy one.

Technology Improvement and Implementation: It was reported that international flights into the U.S. were delayed by at least an hour due to increased security after Friday’s incident.  In addition to noting the problems with the watchlist system, a number of commentators have discussed the need to use detection equipment at checkpoints and the privacy concerns that accompany their use.  In particular, body-scanning machines - x-ray backscatter and millimeter wave screening - are being pointed to as technologies that could assist in efforts to quickly, efficiently, and accurately screen passengers.  The technologies have met resistance due to privacy concerns.  Back in October, I wrote The Right to Be Left Alone, which noted that the technology had undergone a Privacy Impact Assessment by the DHS Privacy Office and had been found to have sufficient privacy protections in place.  If we are to meet evolving terrorism threats, we need evolving technologies that have proven privacy benefits and protections.

TSA Needs its Administrator ASAP: TSA’s nominated Administrator, Erroll Southers, is in limbo in the Senate, his nomination held up by Sen. Jim DeMint (R-SC) over whether or not Southers plans to support the unionization of TSA screeners.  Few questions, if any, have been raised about Southers’ qualifications or the merit of his nomination.   He would join TSA from the Los Angeles World Airports Police Department, where he served as the Assistant Chief for Homeland Security and Intelligence.  He also has held positions as the Deputy Director of the State of California, a local police officer, and a Special Agent of the Federal Bureau of Investigation.  Friday’s incident makes it very clear that TSA needs permanent leadership now to ensure that the agency is doing all it can for passenger security. Now is not the time for holding Southers’ nomination up over an administrative policy issue.  One of the first actions that the Senate should take up upon its return is to move on Southers’ nomination.

As more information comes to light in the next few days, there may be additional observations to be made.  As a closing note, is heartening to note DHS and TSA, along with federal agencies, responded quickly to the Christmas day incident.  New security measures and procedures were implemented with little disruption (other than expected delays).   Secretary Napolitano and TSA encouraged Americans to “continue their planned holiday travel.”  We were encouraged to be diligent but not fearful.   That, in and of itself, shows how homeland security has evolved and how segments of the system are working.   Expect other parts to undergo extensive review in the coming weeks and months.

December 17, 2009

Five questions for DHS about the TSA Operations Manual Release

Filed under: Aviation Security — by Christopher Bellavita on December 17, 2009

Deirdre Walker — who has posted before (here and here), is today’s guest author:

———————————————————

I recently offered a pair of blog articles that documented my travels through TSA security checkpoints.   In those articles, I attempted to first provide a reasonably accurate recitation of events.  I then outlined the concerns I have as a result of those events, and provided some historical, professional and social context for those concerns.  I have been amazed at the quality, thoughtfulness and substance of many of the replies that have been posted in response.

Unfortunately, all of this pales when compared to the recent posting on the Internet of the TSA Operations Manual.

Today, I googled the term ‘TSA Operations Manual’ and got  74,900 hits in .11 seconds.   The secret SOP genie is finally out of the bottle and is merrily flying around the Internet while curious folks like me are pointing, waving and effectively taking pictures.  I completed a cursory review of the manual in an attempt to ascertain whether answers to questions asked by me and by other travelers were accurate.  I have come, begrudgingly,  to the short-term conclusion that many TSA screeners are prolific prevaricators or, more likely, have a highly compromised command of TSA Operations Policy.   This leads me to overlapping areas of even greater concern: accountability and opportunity.

In my first post on Homeland Security Watch, I suggested that we, the traveling public, are responsible for the screening processes that we subject ourselves to whenever we choose to fly.  These processes, I argued, unfold in both an inconsistent and haphazard manner, as opposed to an “unpredictable in order to be hard to defeat” manner.  I wrote that by sleep walking through security check points with blind trust in the TSA’s ability to keep us safe, we have reaped what we have sown with our passivity.  I indicated that I intend to challenge TSA when opportunity presents, which in my experience has been most frequently represented by my tendency to get selected for “random” (which it is not) secondary screening (which is flawed and inconsistent).

Now, I find myself having to roust myself from the temporary comfort of knowing that “someone,” (or five someones, in this case) is being held accountable for the failed redaction and ultimate Internet release of the TSA Ops Manual.  In my past experience as a police officer, I have both observed and been accused of engaging in an organizational response that is presented as accountability, but is more readily refered to as ‘scapegoating’.

Since we now know that five employees of TSA have been placed on administrative leave pending an investigation into the release of this supposed “secret” document, perhaps the time is right to challenge ourselves, TSA officials and those with oversight responsibility to be wary of the difference between accountability and scapegoating.  I offer a five point sketch of those differences, especially as they regard leadership, consistency, fairness, clarity and justice.

1-  Is agency leadership being held to the same degree of accountability as the individuals who are currently on leave, pending investigation? Currently, there is no way to know the answer to that question due to necessary protections being provided to the affected personnel.  While it is easy to succumb to the appeal of the voices singing for heads on platters, it is important to keep in mind that the affected employees may be innocent of any transgression (indeed, maybe not) and their privacy must be protected in order that a fair determination can be made.   Eventually, we will need to know the outcome and consequences of this review to first, rest assured that manure can and will roll up the chain of command as effectively as it rolls down.   Second, we need to be certain that when it comes to the potential dismissal of employees, other, less altruistic agendas are not at work.

2-Are the affected employees being treated in a manner that is consistent with similar past transgressions and that considers their overall work record? Some will argue that heads must roll, and quickly,  for this screw-up.  Ordinarily, I might agree.  But there are two problem with this swift response mode.  First, I have observed that pressure to demonstrate to the public that swift action is being taken frequently leads to flawed decisions.  There is often an incongruent relationship between swift and accurate.  Second, consider that TSA is an agency that has been oozing hubris for a number of years now.  I believe that sufficient evidence is available to indicate that the operations manual release is symptomatic of a far larger problem, or series of problems, which have been continuing fodder for many a critical blog entry and media article.

3- Are the affected employees enjoying the protections that can and must be offered to federal employees subject to administrative investigations? Keep in mind that there has been no mention of a criminal investigation into this matter.  This is an administrative matter, but the potential consequences to the affected employees are significant.  Tossing a few GS -14 or 15 heads to Congress may satiate the dogs and render them sluggish.  We need to be keenly aware of the potential exercise of diversionary discipline and stay hungry for information and evidence of commitment to organizational improvement.

4-Were the processes governing the handling of the TSA Operations manual clear and consistent? Section I.4.B of the manual indicates that the released document is identified SSI, or sensitive security information, in accordance with 49 CFR 1520.  This section of the law indicates that SSI regulations only apply to “covered persons,” to wit:

Covered person means any organization, entity, individual, or other person described in §1520.7. In the case of an individual, covered person includes any individual applying for employment in a position that would be a covered person, or in training for such a position, regardless of whether that individual is receiving a wage, salary, or other form of payment. Covered person includes a person applying for certification or other form of approval that, if granted, would make the person a covered person described in §1520.7.

In short, if you are neither cleared or employed by the government, you are exempt from this regulation and cannot be held accountable for the release of SSI that comes to your attention.  Additionally, Section 1.4.D offers a list of “covered” persons authorized to possess the document.  The list is lengthy.  Section 1.4.E provides the process to report lost or stolen copies.  Since people’s jobs are on the line for this release, I believe it is fair to ask how many times the document has been previously reported lost or stolen, and what, if anything, the outcome of the investigations into these reports revealed.   Those answers are critical to defining the true damage that this release has caused.  Until that definition is clarified, it will be impossible to determine an appropriate “punishment” for this transgression.

5- What is the point? Collectively, we seem to have quickly concluded that the release of this SOP has provided potential terrorists with a readily available “how-to-defeat TSA guide”.  Maybe so.  What this release really caused is a further erosion of public trust in and support for a deeply troubled agency.  Perhaps, that is not at all a bad thing.

The attacks of September 11, 2001 demonstrated to all of us that terrorists do not need a SOP to be successful. Terrorists will almost always make their plans based upon what we do, not on what our SOPs say we do.

We know from the release of this document that what TSA has been doing and what its SOP says it was supposed to be doing are not always the same thing (I was particularly drawn to procedures regarding opposite sex searches and selections for secondary screening).  If we now fully sucumb to our lingering fear of openly questioning these policies and those that are developed to replace them, then we have missed a very important point regarding the nature of democracy.  More disturbing, we are effectively doing more damage to that entity than the terrorists could ever hope to inflict.

We know that the SOP genie ain’t going back in that bottle.  Accordingly, we need to demand that the TSA seize this event as an opportunity to engage us, the American Traveling Public, in a meaningful effort to revamp the nonsensical processes and inconsistent procedures that have stoked a growing conflagaration of public anger for years.

If we, as the consumers of these publcily funded and vital safety services, take the easy and inviting path by merely waiting for the GS heads to be placed on spikes in front of the palace, then shame on us all.   We will have missed our chance at meaningful reform and possibly, truly enhanced safety.  Then, the fault lies at our own feet, every time we take off our shoes at a checkpoint.   That would be true justice.

November 25, 2009

In Memoriam: David Stone, Former Administrator of TSA

Filed under: Aviation Security, General Homeland Security — by Jessica Herrera-Flanigan on November 25, 2009

CQ and AviationNews.net reported late this afternoon that David Stone, a former Administrator of the Transportation Security Administration, passed away this past weekend in Arlington, VA. He was 57. 

Read Admiral Stone was a graduate of the Naval Academy and spent 28 years in the Navy before retiring in April 2002. He then became the first federal security director at Los Angeles International Airport, where he oversaw the creation of a 2,700 federal security workforce for passenger screening checkpoints at the airport.  At the end of 2003, he was named the third administrator of TSA.  He resigned that post in June 2005 and has since served as a security consultant. Recently, he was based out of Bangalore, India, working for Cisco.  He had come to the U.S. in the past week for an awards event honoring TSA employees.  He is survived by his wife Faith.  Cause of death is unknown.

In a statement, TSA said “The TSA community is deeply saddened to share the news that former TSA Administrator David Stone has passed away… We are grateful for his service to our country and his dedication to the mission and people of TSA.”

September 7, 2009

Three responsible for 3-1-1 are convicted

Filed under: Aviation Security, Terrorist Threats & Attacks — by Philip J. Palin on September 7, 2009

The BBC is reporting, “Three men have been found guilty of plotting to kill thousands of people by blowing up planes flying from London to America with home-made liquid bombs.”

The convictions, announced late on Monday, stem from arrests made in 2006. Law enforcement authorities indicate the plot was close to execution at the time of the arrests.

According to the BBC, “The plot is believed by intelligence sources to have been directed by al-Qaeda. The BBC understands that the key contact for the plotters in Pakistan was a British man, Rashid Rauf. He was reported to have been killed in November 2008 by a US missile strike against militants in Pakistan.”

Uncovering the plot resulted in a sudden ban on passenger-carried liquids. Regulations have since been regularized to manage the risk while allowing small amounts of liquids in carry-ons.

The Transportation Security Administration allows, “3-1-1 for carry-ons = 3.4 ounce bottle or less (by volume); 1 quart-sized, clear, plastic, zip-top bag; 1 bag per passenger placed in screening bin. One-quart bag per person limits the total liquid volume each traveler can bring. 3.4 oz. container size is a security measure.” Other TSA carry-on guidance is available here.

According to the Guardian, the 2006 operation exposed substantive differences — and strained relations — between British and US counterterrorist organizations.  There continues to be a US tendency to make arrests earlier, while the Brits extend surveillance as long as possible in order to flesh-out terrorists connections.

July 21, 2009

Flight Restriction Debate Making Comeback?

Filed under: Aviation Security — by Jessica Herrera-Flanigan on July 21, 2009

I read with interest this morning a little-noticed article in the Martha’s Vineyard Gazette entitled “Obama Air Space Curbs Worry Pilots.”  The story notes the increasing angst among the general aviation (GA) community, as well as in the recreational aviation business, in Martha’s Vineyard of the expected Presidential family vacation to the island.

The GA community expects that the Federal Aviation Authority (FAA) will issue a Temporary Flight Restriction (TFR) to increase security during the family’s visit. TFRs, for those not familiar, “defines an area restricted to air travel due to a hazardous condition, a special event, or a general warning for the entire FAA airspace.” The FAA sends out detailed information on a TFR through a Notice to Airmen (NOTAM).  Given the necessary security precautions taken to protect to the President and other VIPS, notice often comes a couple of days, at most, before enforcement.

Following 9/11, the focus on TFRs among the GA community increased significantly as their use significantly.  The increases use of TFRs occurred for a variety of reasons, including increased concern over the security of certain high-risk locations (i.e. New York and D.C.), regulations that allowed for TFRs to be put in place for major sports events and air shows, and an increase in natural disasters such as wildfires that required restrictions for public safety reasons.  (Note: In addition to TFRs, there are certain Air Defense Identification Zones (ADIZs) that provide a more permanent no-fly zone around cities and areas such as D.C.  As those of us who live in Washington know, there have been several scares requiring evacuted government buildings and dispatched fighter jets resulting from air violations.)

As TFRS increased, there were rumblings among some in the GA community that TFRs and ADIZs shoul be scaled back, especially as more unknowing pilots found themselves facing criminal charges or other enforcement action for violating the restricted air space.  Those rumblings, however, seem to have calmed down some in the last couple of years as the restrictions became more of the norm and groups like the Aircraft Oowners and Pilots Association (AOPA) increased efforts to educate and provide instructions to the GA community about FAA TFR NOTAMs.

Getting back to the Gazette story, I wonder if we will see a renewal to revisit the TFR/ADIZ debate in a more comprehensive manner.  The story notes that any TFR restrictions on Martha’s Vineyard could have a devastating economic effect on some of the small businesses operating tour and aviation services onto the island.  In particular, the article profiled the owner of a biplane tour business, finding that he could lose more than an 1/8 of his business if a TFR was placed into effect during the Presidential visit.  The article also noted that during the summer, approximately 70% of traffic into the island’s airport is from GA aircraft.

Whether this TFR issue will simply fly away is still to be seen. The difference from past arguments on the issue is an increased focus on the economic impact, especially on small businesses, caused by the security restriction.  Given the state of the economy, will we see an economy versus security debate emerge?

January 22, 2009

Day One at DHS Starts with 5 Directives

Filed under: Aviation Security, Infrastructure Protection, Risk Assessment, State and Local HLS, Strategy — by Jonah Czerwinski on January 22, 2009

Day One at DHS started with Secretary Napolitano at the helm issuing five Action Directives centered on the Protection mission for the Department. The directives request internal reviews to be conducted on how DHS protects critical infrastructure, conducts risk analysis, shares information with state and local authorities, “integration” of DHS engagement of states, localities, and tribes, and protection measures aimed at air, surface, and maritime transportation sector. The last one includes a “side by side comparison of the threat environment, resources and personnel devoted to each transportation sector.”

“One of my top priorities is to unify this department and to create a common culture. These action directives are designed to begin a review, evaluation and dialogue between the various functions of this department and me,” said Secretary Napolitano.

Further directives are expected to come soon concerning preparedness, response, recovery, and immigration.

Following is the text describing the directives as issued at DHS:

• Critical infrastructure protection. This core mission of DHS entails a broad mandate to reduce the vulnerability of key systems and structures to natural and manmade threats. DHS oversees the national critical infrastructure list and manages 18 infrastructure sectors established under Homeland Security Presidential Directive-7, with primary responsibility for information technology, telecommunications, chemical, transportation, emergency services, and postal and shipping. This entails extensive dealings with other federal agencies, states, and the private sector, involving collaboration, data collection, risk analysis, and sharing of best practices. What is the current status of the critical infrastructure list, relations with the 18 sector security councils and the other departments that have critical infrastructure protection roles? What are the plans to enhance protection? How do we enhance private sector participation? An oral report is due Jan. 28.

• Risk analysis. Given the extensive number of vulnerabilities to manmade and natural disasters and the limitations on resources, determining national priorities and the judicious distribution of resources are a major element of the department’s mission. What is the status of risk analysis metrics and what is the plan and time frame for setting up a full-blown system to govern the establishment of critical infrastructure programs, the priorities among national planning scenarios, and the distribution of grants to state, local, and tribal entities? More broadly, how can DHS enhance risk management as the basis of decision making? An oral report is due Jan. 28.

• State and local intelligence sharing. Core to the department’s ability to successfully carry out its mission is sharing information within the department, and between DHS and other federal, state, local, tribal, and private sector entities. Across the department there are currently multiple operational, technological, programmatic, and policy-related activities underway to focus on improved information sharing.

o Given the importance of this mission, please provide a complete inventory of all operational, programmatic, technology, and policy related activities currently underway.

o Provide an evaluation of which activities hold the most promise for achieving the smooth flow of information on a real time basis.
The inventory and evaluation should take into account the voices of all stakeholders, especially state, local and tribal entities.
The evaluation should also consider the private sector’s perspective and its relationship to these stakeholders.

o The inventory and evaluation should focus on ensuring that the department’s information sharing efforts are closely linked to government-wide efforts to establish the Information Sharing Environment as called for the Intelligence Reform and Terrorism Prevention Act of 2004.

o DHS Intelligence & Analysis should evaluate whether DHS is meeting all of its information sharing missions as described in Section 201(d) of the Homeland Security Act of 2002, P.L. 107-296, especially Section 201(d)(1).

An oral report is due Jan. 28.

• Transportation security. TSA is directed to provide a review to the Secretary of the current strategies, plans and programs for security of the air, surface, and maritime transportation sector, to include a side by side comparison of the threat environment, resources and personnel devoted to each transportation sector. TSA shall coordinate, as necessary, with all pertinent components and offices in DHS, as well as with all relevant outside bodies and advisory councils. An oral report is due Jan. 28.

• State, local and tribal integration. To promote policies to more fully integrate American state, local, and tribal governments in the development of policies and programs to protect our nation and help it recover from natural and manmade disasters consistent with the homeland security interests of the United States, the DHS Office of Intergovernmental Affairs shall:

o Immediately contact every relevant governmental association, e.g. the National Governors Association, National Association of Counties, League of Cities and Towns, U.S. Conference of Mayors, National League of Cities, National Emergency Management Association, and the National Congress of American Indians, announcing that DHS intends to revitalize its relationship with state, local, and tribal governments effective immediately with the intent of creating a working partnership.

o Immediately plan for an accelerated process of soliciting and collecting input from our state, local and tribal partners on how to improve the programs and processes of DHS.

o This input should include, but not be limited to, the following topics:
a. Critical infrastructure
b. Grant making
c. Interoperability
d. Intelligence collection and dissemination
e. Emergency services
A preliminary written report is due Feb. 10.

November 26, 2008

Chertoff, TSA Chief Hawley Convene Blogger Roundtable

Filed under: Aviation Security, Humor — by Jonah Czerwinski on November 26, 2008

On November 17, DHS Secretary Michael Chertoff and TSA Administrator Kip Hawley convened the next blogger roundtable, this time at TSA Headquarters. Topics covered Secure Flight, general aviation security regulations, holiday security measures, technology investments, and other issues. This may have been the final roundtable Secretary Chertoff convenes with the bloggers. However, it was the first time HLSwatch.com was singled out by the Secretary for a recent post with which he took issue. After the usually round-the-table introductions, S1 said the following with a smile:

Mr. Czerwinski: Jonah Czerwinski. Good to see you again, Mr. Secretary.

Secretary Chertoff: By the way I’m going to call you out on one thing. So you disagree with my saying that when I do risk, I put the most weight on consequence? And you said, but on Wall Street they disagree with that. They think it’s more a matter of probability than consequence. I rest my case.

Mr. Czerwinski: They may not be the people to watch–

Secretary Chertoff: Right. It was my position on consequence, which I’ve articulated for a couple years now, is what I’ve now learned that in the trade they call it the fat tail. If you read Black Swan so it’s inside baseball.

Mr. Czerwinski: I noted that, thank you.

Secretary Chertoff: All right, shoot.

Sheesh. Chertoff was referring to my 29 OCT 08 post entitled Chertoff Addresses the Beta, in which I suggest that he described risk assessment in his speech to the Wharton School in such a way that could trigger extremes of excessive caution or excessive spending. I made the ill-timed analogy of how risk is assessed on Wall Street. Oops. The full roundtable transcript is available on the TSA blog.

Fortunately, we won a small victory after that playful jab at my criticism of the Secretary’s risk assessment formula. The roundtable concluded as follows:

Secretary Chertoff: I have to say, people say, why do you do blogging? I’m not saying this to feed your egos. I said, I thought that by and large, in terms of focused, sustained, engaged, and knowledgeable questions, the bloggers who cover us regularly do a great job, and it is useful for me to get feedback because I actually do read these – I read the good ones, I don’t read the nutty ones – to get feedback about stuff that is working and not working, and I think that it is a great way for us to communicate, because we do get, you know, good questions come from a knowledge base. You guys do follow this stuff on a regular basis.

Mr. Czerwinski: When you hand over the “Leadership Journal,” can we get you to guest blog at some point?

Secretary Chertoff: Yeah, I probably will.

Fellow bloggers in attendance included:

Rich CooperSecurity Debrief

Barbara Peterson – Conde Nast Traveler & Daily Traveler

Matt Phillips – Wall Street Journal & The Middle Seat Terminal

Tom Smith - ACI-NA

Benet Wilson – Aviation Week & Towers and Tarmacs

Chad Wolf – Security Debrief

Have a great Thanksgiving everybody. I’ll keep up with developments and update HLSwatch.com over the long weekend if something is time sensitive. If, however, the next few days are as uneventful as I hope, I’ll see you on DEC 1.

November 17, 2008

Letters to a Young Agency: Obama Writes to DHS, TSA About His Priorities

Filed under: Aviation Security, Organizational Issues — by Jonah Czerwinski on November 17, 2008

During the closing days and weeks of the 2008 presidential race, Barack Obama wrote a series of letters to John Gage, National President of the American Federation of Government Employees, to explain his priorities for the federal workforce if he becomes President of the United States. Then-candidate Obama dedicated one letter to DHS and another specifically to the TSA.

In his letter to Gage about DHS, Obama expressed concerns about DHS workforce policies. The lack of collective bargaining and the unintended consequences of “pay-for-performance” on morale and results served as the core of the letter. Obama intends to restore collective bargaining. He wrote that he will “ensure that each nominee [in an Obama-Biden Administration] has a clear understanding of the labor-management collective bargaining process and my commitment to assuring its fairness. The same goes for my appointments to the Federal Labor Relations Authority and the Federal Services Impasses Panel.”

He stressed that DHS workers should be rewarded for high quality work, but that the Bush Administration’s “failure to fund the initiative [“pay-for-performance” system] guaranteed that rewarding one employee would be at the expense of another. This is unfair and serves to reduce morale, rather than improve it,” Obama wrote.

In a separate letter directed specifically at the TSA, Obama cited issues raised by Transportation Security Officers (TSO) about the need for collective bargaining rights. “Advocating for TSOs to receive collective bargaining rights and workplace protections will be a priority for my administration,” Obama wrote to Gage in late October.

That other DHS officers serving as Border Patrol Agents, Federal Protective Officers, or Capitol Police, for example, all have collective bargaining rights makes this inequity a top workforce priority for Obama. Citing high attrition rates among the TSO workforce, Obama intends to re-examine the Performance Accountability and Standards System (PASS) for TSOs to “determine whether it meets minimum standards of fairness, transparency, and accountability.” If it does not, expect the Obama-Biden Administration to replace the PASS system with the General Schedule wage system used by the rest of the federal government, including other DHS agencies.

This afternoon, I have the opportunity to meet with TSA Administrator Kip Hawley and DHS Secretary Michael Chertoff. I hope to ask them about these plans, as well as current initiatives like Secure Flight.

November 1, 2008

U.S.-EU Strike Accord on Air Cargo Screening

Filed under: Aviation Security, International HLS — by Jonah Czerwinski on November 1, 2008

There are about 300 flights a day to the U.S. that originate from the 27 EU countries. How the cargo on those planes is screened has been an issue over which the U.S. and EU have negotiated for years. DHS wants our European counterparts to apply the same security standards we do on flights from the U.S. across the Atlantic. With a little help from a Congressional deadline, the European Commission and TSA struck an agreement yesterday to apply U.S. standards for air cargo screening for half of the cargo on U.S.-bound passenger flights by February 2009 and all cargo on all flights by 2010.

The agreement, signed on the 30th by TSA chief Kip Hawley and Zoltan Kazatsay, Deputy DG for Energy and Transport at the European Commission, meets a Congressionally mandated deadline under the 9/11 Commission Act to require screening of 100 percent of cargo on passenger planes by August 2010. Kudos to TSA and the DHS Policy shop for successfully concluding this effort.

Under the agreement, the EU and the U.S. will use the same screening equipment, provide the same training to screeners and impose the same security requirements for the facilities where the cargo is screened. Currently, 95 percent of flights within the U.S. and departing from the U.S. undergo cargo screening.

October 23, 2008

A Welcome Reversal on the Watchlist

Filed under: Aviation Security, Intelligence and Info-Sharing, Privacy and Security — by Jonah Czerwinski on October 23, 2008

Earlier this year DHS and the airlines went head-to-head over who should be responsible for checking passengers’ names against the federal no-fly list. DHS said they would maintain a list of names of people that would either be subject to additional screening (“selectee”) or not be permitted to fly (“no-fly”). It did not take long for the air lines to object, claiming an undue burden on their operations, and DHS fretted over inconsistent application of the list by the private air carriers. Eventually, all agreed the situation wasn’t working and today Secretary Chertoff issued a new “rule” reversing the process.

Under the new rule, part of Secure Flight, airlines will submit encrypted flight reservation information to TSA. TSA will compare that data with a constantly maintained/updated no-fly list and selectee list. Then TSA will send the results back to the airline “if there’s a problem,” said Chertoff during a press event today. It is unclear if the airlines only hear back from TSA in the event of a “hit” on the list. It may be the case that if TSA doesn’t comment, then the air lines are clear to board the passenger. Silence equals acceptance?

The private sector fell short in carrying out baggage screening, and so we gave it back to TSA. The private sector failed to meet expectations on the no-fly lists, and so it goes back to TSA. This would seem like a clear cut victory for the airlines. They offload all the risk to TSA at the screening lanes and with checking the no-fly lists.

But this is a win for the traveling public, too. Someone once said that “government is the name we give to those things we decide to do together.” This is a classic example. It never made sense to outsource this important process to the private sector.

And then the Secretary made it interesting: Ever wonder how many names are on that watch list? Well Chertoff decided to share some details. Estimates have ranged up to 1 million names. According to the Secretary, “there are fewer than 16,000 — that’s one six — 16,000 unique individuals who are selectees in TSA’s database.” (He further clarified, “That’s 16,000. One six.”)

He went on state that most people on the list “are not even American citizens” and the vast majority of the names are for further screening (selectee status); they are not necessarily banned from flying. That number is closer to 2,500, of which approximately 10% are American citizens, according to the Secretary.

October 15, 2008

When CBP Searches Your Laptop

Filed under: Aviation Security, Border Security, Intelligence and Info-Sharing — by Jonah Czerwinski on October 15, 2008

~ Guest Blog ~

By Nathan A. Sales

Should customs officers be able to search your laptop computer at the border the same way they inspect your suitcase?

Not if public opinion is any guide. Earlier this year, the Washington Post caused some heartburn when it reported that border officials occasionally “look at information stored in electronic devices such as laptops without any suspicion of a crime.” One U.S. Senator calls the searches “truly alarming.”

He’s not alone. Laptop searches can do real harm to ordinary travelers’ privacy interests. When told that the government claims the power to rummage through computers, BlackBerries, and flash drives at the border, many people react with shock, even revulsion. A laptop search seems terribly invasive. The average traveler may be willing to hand over his suitcase for inspection, but his laptop seems a bridge too far.

Yet it’s also true that laptop searches are an important tool in the government’s efforts to detect terrorists and combat child exploitation. In fact, federal courts have decided twelve cases involving laptop searches at the border, and every single one has involved child pornography.

My sense is that suspicionless laptop searches generally are consistent with the Fourth Amendment. Under the Supreme Court’s border-search doctrine, “non-routine” searches (e.g., invasive searches of the body) are off-limits unless officers have a reasonable suspicion of wrongdoing. By contrast, “routine” searches (e.g., searches of property) need not be based on any suspicion whatsoever. Routine searches are constitutional simply by virtue of the fact that they occur at the border.

How does the border-search doctrine apply to laptops? The consensus among lower courts is that laptop searches are “routine”; officers therefore don’t need reasonable suspicion before conducting them.

The courts are probably right, for a simple reason: technological neutrality. The privacy protections we enjoy shouldn’t depend on whether we store our data in digital format or on paper. Customs can inspect mail, address books, and photo albums with no suspicion at all. Why should the rule change when we keep our correspondence, contacts, and pictures on a laptop? The mere fact of computerization shouldn’t make a difference.

Of course, laptops are different from other property. They contain more personal data than other items that cross the border; the information can be quite sensitive; and the government might keep data from a laptop for a long time, maybe indefinitely. But while laptops are different, they don’t deserve a blanket exception to the border-search doctrine. In fact, laptop searches have the potential to be less, not more, intrusive than traditional border inspections of physical objects. With keyword searches, automated computer processes can identify specific data points that might warrant further investigation. That means human beings don’t need to rifle through the laptop’s hard drive manually.

While the Fourth Amendment imposes few restrictions on laptop searches, policymakers should adopt some additional safeguards. In particular, the government should formalize the standards it uses to pick travelers for laptop searches, to ensure people aren’t singled out for impermissible reasons like race or religion. It also should adopt rules for retaining information from laptops; if a search uncovers no evidence of crime, customs would be hard pressed to justify keeping any data. And the government should apply special protections to sensitive data like trade secrets and privileged correspondence. Supplemental standards like these would equip the government with the tools it needs, while helping to prevent the privacy interests of law-abiding travelers from becoming collateral damage in the war on terrorism.

Readers interested in this topic may wish to download my recent article, “Run for the Border: Laptop Searches and the Fourth Amendment.”

Nathan A. Sales served as deputy assistant secretary of homeland security for policy development from 2006-2007 and is now on the faculty of George Mason University School of Law.

September 4, 2008

Air Transit Still at Risk

Filed under: Aviation Security, Terrorist Threats & Attacks — by Jonah Czerwinski on September 4, 2008

Suspected terrorists have recently been tracking airplane crew members of the Israeli national airline, El Al, in Toronto, purportedly in preparation for an attack on airline personnel. Al Haaretz reports today that Israeli intelligence thinks Hezbollah seeks to attack Israeli targets abroad to avenge the February assassination of Imad Mughniyeh, Hezbollah’s number two and suspected of being involved in the 1983 bombing of the U.S. barracks in Beirut. Hezbollah blames Mossad for the assasination.

I wouldn’t exactly call this alarmist either:
• July 2002: Two people are killed by a gunman firing on El Al passengers at LAX before an Israeli security official shot and killed the gunman.

• May 2003: EL Al canceled a flight to Kenya after receiving an intelligence warning of a planned attack.

• September 2003: An El Al flight from Tel Aviv to Los Angeles diverts to Montreal because of a warning of a terror attack planned for its layover in Toronto.

• November 2005: Seven Dutch youths arrested for planning to attack an El Al plane.

• June 2006: Swiss authorities uncover an attempt by a Muslim terror cell to attack an El Al plane in Germany.

• November 2006: Germany arrests six on suspicion of planning to blow up an El Al plane leaving from Frankfurt.

• Summer 2008: Hezbollah cell caught collecting against Israeli targets in Canada, including the Israeli Embassy in Ottawa.

August 14, 2008

Embrace Common Sense Security at Our Airports

Filed under: Aviation Security — by Clark Kent Ervin on August 14, 2008

~Guest Post~

All too often, the visceral reaction to a story about homeland security is “huh?” The latest example for me is this headline in last week’s USA Today, “TSA weighs gun ban in unsecured areas.”

The gist of the article is that, prompted by the request of Atlanta’s Hartsfield-Jackson Airport, the Transportation Security Administration is pondering whether airports may ban firearms from terminals, parking lots, and other parts of the airport before screening checkpoints. At checkpoints and beyond, firearms, as well as other weapons – knives, bombs, etc. – are, of course, banned. The rationale for that ban, of course, is that firearms can be used to kill masses of people past the checkpoint, including people on board airplanes.

The “huh” factor here comes from two things. First of all, if guns are banned past the checkpoint because they can be used to kill people, doesn’t it go without saying that they should likewise be banned before the checkpoint because they can be used to kill people? In other words, isn’t the point of the present ban to prevent mass killing? If so, why should guns be banned past the checkpoint but not before it?

Second, if there’s no practical difference between the pre-checkpoint area and the post-checkpoint area in terms of the possibility that guns can be used to kill people, what is TSA “weighing?”

Yes, of course, there is the Second Amendment. Under certain circumstances, people may legally carry firearms. However, implicitly, the foregoing sentence means that there are other circumstances under which people legally may not carry firearms. The circumstance that legally permits airports to ban firearms past the checkpoint – people on board airplanes could be killed – is the same circumstance that should make banning firearms anywhere on airport property a no-brainer.

Surely it isn’t the case that the lives of those in airports who are planning to board airplanes are worthier of protection than the lives of those who are at airports for other reasons – to drop off family or friends; to shop or dine at restaurants or shops before checkpoints; or to work in parts of the airport before checkpoints. If not, as I say, TSA’s deliberative process can and should be short.

That is not to say that there wouldn’t be legal challenges. (Remember the judge who sued his dry cleaners for ruining his favorite pants, seeking $65 million in damages?) But that’s what TSA’s lawyers are for. Those lawyers stand a good chance of ultimately prevailing, if the recent upholding of the ban by a federal judge Monday is any indication. In any event, TSA policy makers should take out their “Approved” stamp; firmly affix it to Hartsfield-Jackson’s application; and move on to weighing closer questions.

Clark Kent Ervin is Director of the Homeland Security Initiative at The Aspen Institute. Ervin served as the first Inspector General of the United States Department of Homeland Security from January 2003 to December 2004. Prior to his service at DHS, he served as the Inspector General of the United States Department of State from August 2001 to January 2003.

August 9, 2007

Data Consolidation Proposal Billed as “Secure Flight” Measure

Filed under: Aviation Security, Technology for HLS — by Jonah Czerwinski on August 9, 2007

DHS announced today passenger prescreening measures to improve matching against government watch lists.  To do this, DHS is publishing two regulations:

(1) Advance Passenger Information System (APIS) Predeparture Final Rule, which enables DHS to collect manifest information for international flights departing from or arriving in the United States prior to boarding; and

(2) Secure Flight Notice of Proposed Rule Making (NPRM), which lays out DHS plans to assume watch list matching responsibilities from air carriers for domestic flights and align domestic and international passenger prescreening.

According to the DHS announcement, the changes are intended to improve targeting for determining which passengers pose a threat.  The result should be more accurate assessments of potentially dangerous passengers while easing the imposition on legitimate travelers.   This includes “better resolution for misidentified passengers,” the announcement says.  I presume this means applying more effective redress protocols to enable passengers wrongly identified as being on a watchlist so that they may be removed from it.  Presently, it is not clear how this change affects the existing DHS Traveler Redress Inquiry Program (DHS TRIP).

APIS results from a mandate in the 2004 Intelligence Reform and Terrorism Prevention Act (IRTPA).  The new measure will require air carriers to submit passenger data 30 minutes prior to departure or as each passenger checks in for the flight.  According to the statement:

Receiving both APIS and PNR data at least 30 minutes before a plane departs allows DHS to perform security checks against federal watch lists prior to passenger boarding, taking this responsibility from carriers and eliminating potential flight diversions due to watch list concerns.  For vessels departing from foreign ports bound for the United States, current requirements to transmit passenger and crew arrival manifest data between 24 to 96 hours prior to arrival will remain unchanged, but requires vessel carriers to transmit APIS data 60 minutes prior to departure from the United States. The APIS final rule follows an NPRM [notice of proposed rulemaking] published in the Federal Register on July 14, 2006.

 The Screening Coordination Office, which is led by Kathy Kraninger at DHS, is leading an effort to provide air carriers with “consolidated data submission requirements,” according to the statement.  This is to be done by integrating Secure Flight data and the APIS data into one stream. This is a helpful fact sheet describing implications of this change.

Once published in the Federal Register, the APIS final rule and the Secure Flight NPRM will be open for comment via the Federal e-Rulemaking Portal.

August 8, 2007

TSA Tests New Passenger Imaging Technologies

Filed under: Aviation Security, Technology for HLS — by Jonah Czerwinski on August 8, 2007

TSA last week announced contract awards to begin testing millimeter wave imaging machines and backscatter machines at airports in Phoenix, Los Angeles, and New York’s JFK. These passenger imaging technologies screen passengers for weapons, explosives, and other metallic and non-metallic threats under layers of clothing.

The announcement includes contract awards to American Science & Engineering (backscatter), L-3 Communications (millimeter wave), and Rapiscan Systems (backscatter). Total cost of the initial contracts is ~$2.3 million, with options to escalate. More information available here.

July 26, 2007

U.S.-EU Strike Accord on PNR Data Sharing

Filed under: Aviation Security, International HLS, Legal Issues, Privacy and Security — by Jonah Czerwinski on July 26, 2007

Looks like the U.S. and EU overcame the most recent tussle concerning how the two allies will share private or personal information in pursuit of terrorists (and other criminals, or course).  The press release from this afternoon is available here.  Following are the main points:

  • The Department of Homeland Security will collect 19 types of PNR data.
  • The data will be maintained for seven years in an active file, and eight years thereafter in a dormant file with limited access.
  • How DHS collects PNR data from airline reservation systems changes, too. Air carriers will now transmit PNR data directly to DHS.
  • European air carriers get legal assurance that they will not be in violation of EU privacy law.

February 14, 2007

GAO: Collaborate Across USG, with Private Sector on Air Screening

Filed under: Aviation Security, General Homeland Security, Technology for HLS — by Jonah Czerwinski on February 14, 2007

The new GAO study, rolled out in testimony this week by Director of Homeland Security and Justice Issues Cathleen Berrick, suggested that DHS and the Transportation Security Administration should improve their risk-based decision making methods, planning and program evaluations, and the ways in which TSA collaborates with relevant stakeholders.

GAO cites Secure Flight – the domestic passenger prescreening system – as an example of disjointed or insufficient management attributes that have kept this program off schedule.  It’s worth reading the sections of this critique that make the case for better coordination across TSA and the international passenger screening efforts under the auspices of Customs and Border Protection.  This dimension of the report forces a more interesting discussion about how the different, but closely related, mission areas of the DHS components (TSA, CBP, S&T) could better reinforce one another and reduce duplication where similar objectives could be pursued with shared methods, data, technology, etc.  Screening of passengers lends itself perfectly to this ongoing challenge.

The new study also takes a look at how TSA and others could better partner with relevant private sector stakeholders.  Primary opportunities for better collaboration include:

  • Reducing the time it takes to screen air cargo in order to diminish the disruption to delivery time for air carriers;
  • Training individual cargo inspectors on more effective inspection technology;·       
  • Supporting the development and deployment of improved inspection technologies; and
  • Determining the best approach to implementing a “risk-based management approach to securing air cargo.”

The GAO report, entitled Aviation Security: Progress Made in Systematic Planning to Guide Key Investment Decisions, but More Work Remains, is found here.  A one-page summary also is available.

Updated DHS Schedule:

Thursday, February 15

Deputy Secretary Michael P. Jackson will testify before the House Homeland Security Committee on the department’s 2007 goals: 9:00 AM EST/311 Cannon House Office Building/Washington, DC/OPEN PRESS

Friday, February 16

Secretary Michael Chertoff will deliver remarks to the American Chamber of Commerce: 7:45 AM CST/ Intercontinental Presidente Hotel/ Campos Eliseos 218/ Col Polanco Mexico City, Mexico/ OPEN PRESS

U.S. Citizenship and Immigration Services Chief of Citizenship Alfonso Aguilar will deliver the keynote address on citizenship and immigration issues at the Puebla State Forum on U.S.-Mexico Immigration Reform Puebla: 8:30 AM CST/ State Congress/ Puebla, Mexico/ OPEN PRESS

U.S. Coast Guard Commandant Admiral Thad W. Allen will provide remarks on recreational boating safety and maritime security at the annual meeting of Boating Writers International:  8:30 AM EST/ Miami Beach Convention Center:/ 1901 Convention Center Drive/ Miami Beach, FL/ OPEN PRESS

US-VISIT Acting Director Robert Mocny will testify before the House Appropriations Committee Subcommittee on Homeland Security on the fiscal year 2008 budget request for US-VISIT: 10:00 AM EST/ 2362 Rayburn House Office Building/ Washington, DC/ OPEN PRESS 

January 9, 2007

Some TSA screening humor

Filed under: Aviation Security, Humor — by Christian Beckner on January 9, 2007

The New York Times ran a story last week making light fun of certain aviation screening rules (hat tip: Wonkette), one which described some of TSA’s more bizarre screening rules, including rules for snowglobes and most notably, helper monkeys:

Like dogs, some specially trained monkeys are classified as service animals to assist handicapped people. But you really have to wonder if these sample sentences — from the security administration’s rules for how transportation security officers at walk-through metal detectors should handle monkeys — were written with a straight face:

“When the handler and the monkey go through the W.T.M.D. and the W.T.M.D. alarms, both the handler and the monkey must undergo additional screening.” The rules add that security officers “have been trained not to touch the monkey during the screening process” and that “the inspection process may require that the handler take off the monkey’s diaper as part of the visual inspection.”

January 5, 2007

DHS developing new traveler redress system

Filed under: Aviation Security, Privacy and Security — by Christian Beckner on January 5, 2007

The Federal Register contained a notice today by the TSA on a new information collection requirement related to a program that has not previously disclosed, based on a quick Google search of its name:

The Rice-Chertoff Initiative (RCI) Department of Homeland Security Traveler Redress Inquiry Program (DHS TRIP) was developed as a voluntary program by DHS to provide a one-stop mechanism for individuals to request redress who believe they have been: (1) Denied or delayed boarding; (2) denied or delayed entry into or departure from the United States at a port of entry; or (3) identified for additional (secondary) screening at our Nation’s transportation hubs, including airports, seaports, train stations and land borders. The DHS TRIP office will be located at, and managed by, TSA. In order for individuals to request redress, they are asked to provide identifying information, as well as details of the travel experience.

The one-year anniversary of the launch of the Rice-Chertoff Initiative is later this month; this program is the result of Chertoff’s promise in that speech to establish a “government-wide traveler screening redress process before the end of this year [2006].”

For more on this issue, see this earlier post.

December 18, 2006

National Strategy for Aviation Security in the works

Filed under: Aviation Security — by Christian Beckner on December 18, 2006

A few months ago, Heritage Foundation scholar Jim Carafano wrote a memo proposing the need for the government to develop a “national air security strategy,” similar to the National Strategy for Maritime Security. Around that same time, the White House issued a still-classified directive (HSPD-16 / NSPD-47) on aviation security, about which few details are publicly known.

Consistent with this recommendation and directive, the federal government seems to be developing a National Strategy for Aviation Security. A Google search of this phrase reveals a link to the entry page for a TSA webboard where there is a menu option titled “National Strategy for Aviation Security.” The Google search also reveals a couple of other references to the Strategy, i.e. the program for an aviation conference in Oregon, within which one of the speakers’ bios references it.

The development of this Strategy prompts a number of questions. Is it still under development, or has it been finished and quietly disseminated inside the federal government? Are there plans to make it public, or will this be like the frequently-panned National Strategy for Transportation Security, which was a classified document and never published? Which non-governmental stakeholders have been consulted in the development of this Strategy?

Hopefully we’ll see a public version of this National Strategy in the next year, following the model of the National Strategy for Maritime Security, which has served its purpose since publication as a useful reference strategy for all maritime security stakeholders.

Next Page »