Homeland Security Watch

News and analysis of critical issues in homeland security

November 5, 2013

“LAX shooting: Does anyone care?”

Filed under: Aviation Security,General Homeland Security — by Christopher Bellavita on November 5, 2013

(Posted before the reports started coming in of yet another shooting; this time in Paramus, N.J.  Another day, another shooting.)

This essay, by Joel Silberman, appeared Monday on the Los Angeles Times website.  (my emphasis, below)

LAX is not trending on Twitter. Seventy-two hours after a man opened fire on our gateway to the world, there is no discernible outcry for action, little apparent conversation at all. As I write these words, the latest mass shooting is not on the front page of the left-leaning Huffington Post or the right-leaning Drudge Report. It’s not lighting up the social media outlets where average people exchange points of view, or the op-ed pages where our nation’s elite do the same. The president called the head of the TSA to express condolences, but there will be no presidential visit to console the families of the victims. And that’s probably just as well because it would just make everyone complain about the traffic. Unpleasant though it may be to admit, it seems we’ve become uncomfortably numb.

In fairness, even horrifying attacks are relative: One adult dead and many wounded is not equivalent to the mass slaughter of schoolchildren that we witnessed 10 1/2 months ago. That was worse. And reporters for local news outlets — including The Times — have more than proven that they, at least, are not numb, with their extensive coverage of the LAX story.

But the question remains: Who cares? Literally, who? When people care, the atmosphere is like it was after the Boston Marathon bombings or the Newtown, Conn., shooting. Can anyone honestly claim that we are in that kind of atmosphere right now? If a body falls — or five of them fall — in a forest of exhausted indifference, do they make a sound?

Of course, our numbness to this kind of violence is born not only of its proliferation but of a rational recognition that our government is not up to the task of addressing it. When even the most moderate legislation on guns faces a filibuster in the Senate and won’t be brought up for a vote in the House, practical people can justifiably conclude that arguing about the issue further is a futile academic exercise. Even those who don’t follow politics know that there’s no change forthcoming, so they throw up their hands. Meanwhile, conservative leaders who insisted on improvements to the American mental health system as an alternative to gun legislation have not been forthcoming with concrete proposals. And so our country is at an impasse, with its citizens caught in the crossfire.

Inevitably, firearms fundamentalists argue that “the only thing that can stop a bad guy with a gun is a good guy with a gun.” This is a brilliantly empowering slogan, the kind that could lift us all out of our desensitized malaise. After all, it’s fun to imagine that our personal security and well-being are all within our hands, that powerlessness is a malignant fantasy of the weak. But the events at LAX last Friday showed both the truth and the lie of the “good guy with a gun” promise: Yes, because the gunman’s target, a major airport, is one of the most security-heavy facilities in the country, he was brought down quickly by armed police. Even so, he also proved that no matter how many good guys with guns you have around, when a crazy person can spray off 700 rounds in a minute, he only needs a few seconds to do plenty of damage.

In a way, it’s really a shame that the airport shooter wasn’t Arab or Muslim. If he had been, the incident would have been deemed an act of terrorism, and terrorism warrants a serious response. But he was white instead of Middle Eastern and used a gun instead of a bomb, so now it’s not terrorism; it’s the price of freedom.

If there’s any silver lining in all this — and it is a very slim silver lining — it’s that maybe TSA agents will be given a little bit more respect, at least for a while. Perhaps people will be reminded that as annoying as it may be to have someone rifling through their belongings, TSA agents are, at the end of the day, security employees who are worthy of the esteem that designation implies. A few bad apples may make headlines for bad behavior, but the majority are hardworking people who deserve at least as much deference as the guards who work at government buildings or Staples Center .

Ultimately, the increasing frequency of mass shootings has given us a choice: live in panic and despair, or learn to suck it up and deal. Given the options of jitters or jadedness, the impulse to keep calm and carry on is understandable. There is even a sense of something like relief because there was only one fatality at LAX, a foreboding knowledge that next time we might not be so “lucky.”

The thing is, though, LAX was just one of several mass shootings in recent days . Eventually, inevitably, something will have to wake us from our self-protective stupor. I just fear what that thing might be.

Joel Silberman is a Los Angeles-based writer and the producer of such viral Web videos as “Legitimate Rape” Pharmaceutical Ad (TW) and Kids Do The News . Follow him on Twitter @Wordpeggio .

November 2, 2013

Gerardo I. Hernandez

Filed under: Aviation Security — by Philip J. Palin on November 2, 2013

Hernandez

On Friday Transportation Security Administration behavior-detection officer, Gerardo I. Hernandez, 39, (above) was shot to death at Los Angeles International Airport. He was a husband and father of two.

Two other TSA officers were also shot and wounded in the incident, according to TSA Administrator John Pistole. There are several reports that the gunman was specifically targeting TSA agents.

In my tradition yesterday was All Saint’s Day when we remember those who have especially served the Good. Today is All Soul’s Day when we are encouraged to pray grace for those who have died.

March 5, 2013

Knives on planes again. Well, some knives.

Filed under: Aviation Security — by Christopher Bellavita on March 5, 2013

The Transportation Security Agency blog says some knives and some sporting equipment will be allowed back on planes, in late April.

According to the announcement,

…the following items [will be permitted] in carry-on bags [and presumably -- for knives -- in one's pocket] beginning April 25th:

  • Small Pocket Knives – Small knives with non-locking blades smaller than 2.36 inches and less than 1/2 inch in width will be permitted
  • Small Novelty Bats and Toy Bats
  • Ski Poles
  • Hockey Sticks
  • Lacrosse Sticks
  • Billiard Cues
  • Golf Clubs (Limit Two)

The change “is part of an overall Risk-Based Security approach” whose hermetically mysterious internal analytics can distinguish between the risks associated with a 6 centimeter, half inch wide, non-locking blade; and the risks created by a 7 centimeter, three-quarter inch wide, locking blade.

Maybe there is some science behind the metric.  But if the decision process was similar to many of the early TSA decisions Kip Hawley described in his book Permanent Emergency: Inside the TSA and the Fight for the Future of American Security, there may have been more BOGSAT involved than science.

Whatever the rationale, for those who look at carrying knives as a 2nd Amendment right, a bit of pre-9/11 freedom is coming to an airport near you on April 25th.

It’s probably not a coincidence April 25th was selected to allow knives to return to flight. It is the 329th anniversary of the first patent for a thimble.

The date may also reflect the sense of humor of whoever at TSA decided small knives are an acceptable risk. On April 25th, 221 years ago, Nicolas Pelletier became the first person to be executed by guillotine – a different kind of knife.

 

Here are the TSA-provided pictures outlining the new rules (click on the image to make it bigger):

 

 

January 29, 2013

We can do better

Filed under: Aviation Security,General Homeland Security — by Christopher Bellavita on January 29, 2013

Today’s post is written by Max Geron, a law enforcement official I work with occasionally.

 

Atlantic correspondent James Fallows wrote the other day about the lawsuit filed by Shoshana Hebshi, an American citizen who, according to her complaint, was a passenger on a Frontier Airlines flight on September 11, 2011.

Another passenger(s) reported that Hebshi and two other passengers, who the reporting passenger didn’t know, “looked suspicious” or were “acting suspicious.”

Hebshi described how she was arrested and forcibly removed from the plane, made to submit to a strip search and several hours of detention and interrogation. According to a complaint filed by the ACLU, the FBI has since publicly stated that Ms. Hebshi was not involved in any suspicious activity.

The question I pose to homeland security leaders at all levels and the enterprise as a whole is: Can we not do better than this?

The Hebshi incident is an example of the lingering effects of terrorism, and these effects are not restricted to air travel.

First comes the loss of infrastructure and loss of life. What subsequently follows is the loss of peace of mind and consequently the loss of freedoms.

I understand the mandate to be cautious. I’ve done that. I’ve erred on the side of caution in the performance of public safety. But just as in the case of police chases where — in essence — the courts said “Law Enforcement, you are the experts and you should know better when to terminate a pursuit for the safety of others,” so too do I see us needing to say to our homeland security enterprise that “Sorry, it’s 9/11 and everyone’s pretty jumpy” is not a valid reason for depriving someone of their civil liberties and subjecting them to a humiliating strip search.

Consider the security checks Shoshana Hebshi had already gone through and the fact that this wasn’t another case of a traveler making a scene at a TSA checkpoint. In this instance the authorities came to her well after she had been cleared for boarding and was, according to her, minding her own business.

The most glaring fact is she was never charged nor was she even hinted at having done anything wrong.

So how do we do both? How do we maintain the requisite level of protection from the terrorists while still maintaining civil liberties and dignity?  How do we instill in our people, the “do-ers” of homeland security, a different or perhaps a more focused set of values? Values that say while there may be a threat and we must investigate, we equally need to be discriminating and unwavering in the protection of our citizens’ rights and dignity.

Consider President Obama’s inaugural speech on January 21, 2013. He said, “We, the people, still believe that every citizen deserves a basic measure of security and dignity….” [Emphasis added]

So where do we begin?

First of all ask yourself, how well do you know your personnel and what their values are?  How would they have handled a similar situation?

I would suggest that you engage your personnel in conversations and ask them how they would handle situations such as these. You may be surprised by their answers.

Secondly, it’s imperative that your organization and you communicate your values to your agents and employees. Do not expect them to get it by osmosis. We all need to be reminded, time-to-time of what’s important.

That leads me to my final suggestion. Make these conversations or interactions a regular part of your leadership legacy.   Our decisions and our actions form our legacy, the same is true for our organizations. I submit that the more we can do that, the less often interactions like those described by Ms. Hebshi will occur.

However we do it — whether with training on values-based decision making, procedural means, hiring criteria, or some other way — we should all agree that it come sooner rather than later.

May 15, 2012

Permanent Emergency — Kip Hawley’s time at TSA

Filed under: Aviation Security — by Christopher Bellavita on May 15, 2012

I have one chapter left to read in Kip Hawley and Nathan Means’ book Permanent Emergency.  The book describes Hawley’s term as TSA Administrator, from 2005 until 2009.

I don’t want the book to end.  It’s really good.

I’ve read Tom Ridge’s and Michael Chertoff’s after-office books.   Permanent Emergency is in its own class, at least when it comes to back-in-the-day homeland security memoirs.  Ridge’s book engages the reader.  Chertoff’s book challenges (ok, it’s a hard read).

Hawley and Means’ work is a page turner.  I will not be surprised if Permanent Emergency is made into a movie.  A made-for-TV movie. But still, a movie. (By then, maybe the book can lose the melodramatic subtitle, “Inside the TSA and the Fight for the Future of American Security.”)

—————————————————-

Here are some of the questions the book asks and answers:

How did TSA get into the behavioral detection business?  Why do passengers really have to take their shoes off during screening? (It’s not because of the shoe bomber.)

What’s life like for a screener? Why do they check wheelchairs and people who’s hips have been replaced?  Why do they follow rules instead of use their discretion?  What was the only professional decoration Hawley had on his “love me” wall?

What command center did the TV show 24 model?  What law enforcement agency receives “the best and most specialized firearms training?” How long does it take to fire a senior executive who’s not doing his job?

How credible was the UK liquid bomb threat? How long did TSA have to implement the liquids ban? How did they get it done? Why is the 3 ounce rule actually 3.4 ounces? (Ask someone who knows the metric system.) And why plastic bags? What happened to the man in Milwakee who wrote “Kip Haweley is an idiot” on his plastic bag?

How did the TSA blog get started?  And how did Blogger Bob get his job?  Why did TSA use the Blogger platform (available free from Google) instead of spending millions to develop a proprietary blogging platform? Why did the blog change its name from the empirically accurate “Evolution of Security” to the bureaucratically bland “TSA Blog.” (The book doesn’t answer the last two questions, but inquiring minds remain interested.)

Where did Hawley get his ideas from about aviation security as a complex adaptive system?  Why was he told not to talk about complexity theory in public? (Seriously.)

—————————————————-

Every man is the hero of a biography he had a hand in writing. This book is no exception.  At times Permanent Emergency reads like a 21st century version of Mr. Smith Goes to Washington. Like Mr. Smith, Hawley (and the talented team of people he collected and credits) got things done. Not everything he wanted to do. But progress.

Also like Mr. Smith, I’m sure there were people in Washington who wanted Hawley gone before he did leave.  I spoke with a few of them over the years.  The consensus from those few was “nice guy, but in over his head.”

OK, but who’s not in over their head in this homeland security business? That does not mean you can’t learn how to get things accomplished.

Permanent Emergency would be a valuable addition to almost any homeland security academic program in the country. For one thing, it’s written so well students will actually read it. I’m not kidding when I say it’s a page turner.

For another, it shows how one person (ok, one person with great contacts and experience) can make a difference. It shows the importance of being able to spot talent and clear the path for that talent to disrupt — in creative and productive ways – staid organizations. It shows the role politics, bureaucracy, leadership, science, research, trial and error, communication, good and bad luck, public relations, physical energy, commitment, intelligence, risk management, sacrifice and persistence play in getting things done in homeland security.

It also reminds the reader how much uncertainty and stumbling and making things up characterized homeland security’s first years.

—————————————————-

I met Kip Hawley twice. I found him creatively thoughtful, sincere, and caring. He also appears to listen to the people talking to him. Those traits come through in the book.

Before I read Permanent Emergency I was not a fan of how TSA does its mission. For a lot of reasons, I think on balance the costs — including the privacy we surrender to fly — are greater than the benefits we receive from submitting to the government.  I recognize there are other views — including Kip Hawley’s.

After reading Hawley and Means’ book, I’m still not a TSA fan.  But the authors make me doubt some of the reasons why I hold the postion I do.

Whether you largely agree with TSA’s role in homeland security or not, if you read this book your views about the agency and the people who serve in it will change.  Maybe permanently.

 

March 20, 2012

“About the stupidest thing anyone could ever do.”

Filed under: Aviation Security — by Christopher Bellavita on March 20, 2012

Here’s a thought a friend sent me:

“Three stories about arrests at airports for trying to carry a gun through a checkpoint.  This happens about 4 times a day on average and it is up to state/locals to press charges, even though it’s a Federal offense.

Sometimes they tell Bubba to put the gun back in the car.  Some authorities book ‘em.

I find it interesting in Texas the middle aged white guy is released on $5,000 bail, while in Chicago the 61 year old African American woman has bail set at $75,000. Do you find this odd?”

 

TSA: Man tries to take gun through airport security

[March 19th]

A man has been accused of trying to take a gun through security at George Bush Intercontinental Airport.

Transportation Security Administration officials said an agent noticed the weapon at checkpoint on Sunday.

[The man], 45, was arrested and charged with possession of a prohibited weapon. He was booked into the Harris County Jail with bond set at $5,000.

 

Woman charged with trying to bring gun on plane at Midway

[March 16th]

A 61-year-old Chicago woman was ordered held today on $75,000 bail after she was charged with trying to bring a gun on to an airplane at Midway International Airport, officials said.

[The woman was arrested} Thursday after a Transportation Security Administration agent noticed a gun in her carry-on bag as it went through a security checkpoint and X-ray scanner, police said.

The .25 caliber RG Industries semi-automatic handgun was unloaded, police said. After the agent spotted the gun, the woman told authorities that  that the gun was hers but said she was unaware that the gun was in the bag, police said.

She appeared in bond court today, officials said. She was charged with trying to board an aircraft with a weapon.

 

Man charged with trying to carry loaded gun onto a plane at Midway

[February 19th]

A Chicago man was arrested at Midway Airport on Saturday morning after an X-ray scan of his luggage showed he was carrying a loaded handgun in his laptop bag, prosecutors said.

[The man] said he forgot the chrome semiautomatic .25-caliber Beretta pistol, loaded with eight live rounds, was in his bag when he went to the airport to board a flight to Atlanta to visit family, said his attorney…

[The man] was charged with attempting to board a plane with a weapon, and Cook County Judge … ordered him held on $30,000 bond Sunday.

The gun formerly belonged to [the man’s] deceased aunt, his lawyer said, and a police report indicated he has a valid state firearm card.

[The man, a public employee in the city], would not have intentionally carried a loaded gun to the airport, [the man's attorney] said, because that would be “about the stupidest thing anyone could ever do.”

———————

And in a completely unrelated and totally fabricated story–

Potential Matchup Between Black Man and Mormon Poses Dilemma for Bigots. Nowhere to Turn, Disgruntled Haters Say

NEW YORK (The Borowitz Report) – With a fall presidential contest between President Barack Obama and former Massachusetts governor Mitt Romney seeming increasingly likely, America’s bigots are finding themselves in a quandary over which candidate to support, prominent bigots confirmed today.

Across the U.S., voters who describe themselves as bigots are complaining that a first-ever matchup between a Black man and a Mormon, while historic, is forcing them to ask a difficult question: which group do they hate more?

“I’ve always seen myself as pretty versatile, bigotry-wise,” said Herb Torlinson, a hardware salesman from Wilkes-Barre, Pennsylvania. “But I guess this is going to be an election that really puts my different hates to the test.”

At the Clapboard Corner Café in Youngstown, Ohio, a group of bigots who gather for breakfast once a week to discuss their dislike of various racial and religious groups echoed Mr. Torlinson’s sentiments.

…[David]  Colehurn said that his bigotry towards both Black people and Mormons was making him entertain thoughts of voting for a third-party candidate, but that he was “turned off” by the possibility of a bid from Texas congressman Ron Paul: “I hate old people.”….

January 24, 2012

Detaining a United States Senator to help make America safe

Filed under: Aviation Security,Risk Assessment — by Christopher Bellavita on January 24, 2012

Here is a 10 minute CNN interview with Senator Rand Paul, as he discusses his side of what happened at the Nashville airport on Monday.  Senator Paul says he was detained by TSA because he wanted to walk through the body imaging machine a second  time after the machine apparently showed he had something on his leg.  Senator Paul wanted to lift his pant leg and show there was nothing there.  TSA, apparently, insisted on patting down the United States Senator. Senator Paul declined and was not allowed to travel on that particular flight.

Here is a link to the Transportation Security Administration’s blog telling their side of the story.  One part of that post includes this explanation:

When a passenger or bag alarms in screening technology at a TSA checkpoint, the alarm has to be resolved before the passenger can enter the secure area past the checkpoint.  Passengers who refuse to complete the screening process can’t be granted access to the secure area. TSA notifies law enforcement when this happens, and law enforcement officers can escort them out of the checkpoint.  This isn’t done to punish the passenger– it’s done to ensure that every person who gets on a plane is screened appropriately.

The White House press secretary had this to say about Paul’s claim he was detained:

“Let’s just be clear… the passenger was not detained. The passenger triggered an alarm during routine airport screening, but refused to complete the screening process in order to resolve the issue. Passengers, as in this case, who refuse to comply with security procedures are denied access to the secure gate area. In this case, the passenger was escorted out of the screening area by local law enforcement. It’s my understanding he has now rebooked and passed through security without incident, and that has resolved itself.”

Senator Paul said: he certainly felt like he was detained.

“If you’re told you can’t leave, does that count as detention?” Paul asked. “I tried to leave the cubicle to speak to one of the TSA people and I was barked at: ‘Do not leave the cubicle!’ So, that, to me sounds like I’m being asked not to leave the cubicle. It sounds a little bit like I’m being detained.”

—————————-

I heard TSA Administrator Pistole a few weeks ago talking about wanting to move TSA away from looking for dangerous objects and toward looking for dangerous intent.

I think that is a worthwhile objective.

To implement that idea,  Pistole (and yes, it is pronounced “pistol”) noted in a speech last month, TSA has :

… begun implementing additional risk-based security measures at numerous airports [to] expedite the screening process for travelers we know and trust the most, and travelers who are willing to voluntarily share information with us before they travel.

This initiative includes easing access for the military:

U.S. service members are entrusted to protect citizens with their lives and as such, TSA is recognizing that these members pose very little risk to security.

—————————-
In the decade TSA has been in business, the agency’s employees have:

screened more than five billion passengers and detected thousands of firearms among countless prohibited items discovered and prevented those weapons from entering the cabin of an aircraft.

I have not seen or read evidence or anecdotes to suggest any – repeat – any of the TSA-screened passengers caught with prohibited items planned to commit a terrorist act.  And that includes Sergeant 1st Class Trey Scott Atwater, the man who reportedly brought C4 explosives with him in his carry on baggage last December.  (Earlier this month, Atwater was released on a 50,000 dollar unsecured bond.)

I do not have access to classified information. Maybe TSA has prevented  or displaced terrorist aviation-related attacks.  I want to grant the agency the benefit of the doubt here.  But I am willing to bet, say, $10,000 none of those possible attacks was perpetrated by a United States Senator.

—————————-

People can be — and are — stupid, criminal, sneaky and forgetful when it comes to bringing things onto an aircraft.  (I am not without sin here.)  But at what point do we start actually doing risk-informed, risk-based, risk-whatever decision making with passenger screening?

Unless TSA’s continuously evolving risk-based security model seeks to achieve zero risk, why does it take so long to develop discretionary policies “for travelers we know and trust the most,” for people who a reasonable person would consider not to be a risk?

During Monday’s Republican debate in Florida, Newt Gingrich used the phrase “huge institutional barriers against doing the right thing.”  Is that what’s going on here? Is it congress, the administration, TSA, the airline industry who intends to take another decade to get this worked out?  Who is calling the timing shots here? What is the delay?

I do not ask this to be snarky.  I’d really like to know why a nation-wide trusted flyer program cannot be put into place before the summer arrives.

I would be more than happy to make space available on this blog to help clarify why this is taking so long.

—————————-

Some flyers may experience a tinge of Schadenfreude at Senator Paul’s experience. But something is deeply wrong when TSA employees are not given — by law, or policy, or doctrine, or procedure, or whatever —  the discretion to treat a United States Senator with some common sense.

Senator Paul did not have “dangerous intent.”  He was not planning to bring the plane down.

If he wanted to destroy America he has access to a much more powerful device.

 

..

January 3, 2012

Defending the TSA?!?

Filed under: Aviation Security,Risk Assessment,Terrorist Threats & Attacks — by Arnold Bogis on January 3, 2012

I feel somewhat uncomfortable defending the actions of a group that seemingly brings so much discomfort to so many, but a recent Vanity Fair article on airport security not only regurgitates the obvious and well known, but lacks little strategic point of view.  First, the well-known:

Not only has the actual threat from terror been exaggerated, they say, but the great bulk of the post-9/11 measures to contain it are little more than what Schneier mocks as “security theater”: actions that accomplish nothing but are designed to make the government look like it is on the job. In fact, the continuing expenditure on security may actually have made the United States less safe.

From an airplane-hijacking point of view, Schneier said, al-Qaeda had used up its luck. Passengers on the first three 9/11 flights didn’t resist their captors, because in the past the typical consequence of a plane seizure had been “a week in Havana.” When the people on the fourth hijacked plane learned by cell phone that the previous flights had been turned into airborne bombs, they attacked their attackers. The hijackers were forced to crash Flight 93 into a field. “No big plane will ever be taken that way again, because the passengers will fight back,” Schneier said.

Buried within the article is, in my opinion anyway, a very nice articulation of the problem of looking at the issue of terrorism risk simply by crunching the numbers:

Has the nation simply wasted a trillion dollars protecting itself against terror? Mostly, but perhaps not entirely. “Most of the time we assess risk through gut feelings,” says Paul Slovic, a psychology professor at the University of Oregon who is also the president of Decision Research, a nonprofit R&D organization. “We’re not robots just looking at the numbers.” Confronted with a risk, people ask questions: Is this a risk that I benefit from taking, as when I get in a car? Is it forced on me by someone else, as when I am exposed to radiation? Are the potential consequences catastrophic? Is the impact immediate and observable, or will I not know the consequences until much later, as with cancer? Such questions, Slovic says, “reflect values that are sometimes left out of the experts’ calculations.”

Security theater, from this perspective, is an attempt to convey a message: “We are doing everything possible to protect you.” When 9/11 shattered the public’s confidence in flying, Slovic says, the handful of anti-terror measures that actually work—hardening the cockpit door, positive baggage matching, more-effective intelligence—would not have addressed the public’s dread, because the measures can’t really be seen. Relying on them would have been the equivalent of saying, “Have confidence in Uncle Sam,” when the problem was the very loss of confidence. So a certain amount of theater made sense. Over time, though, the value of the message changes. At first the policeman in the train station reassures you. Later, the uniform sends a message: train travel is dangerous. “The show gets less effective, and sometimes it becomes counterproductive.”

Eventually, Bruce Schneier overreaches and follows his generally reasonable assertions with analysis that only serves to buttress his own arguments while ignoring a bit of reality:

Terrorists will try to hit the United States again, Schneier says. One has to assume this. Terrorists can so easily switch from target to target and weapon to weapon that focusing on preventing any one type of attack is foolish. Even if the T.S.A. were somehow to make airports impregnable, this would simply divert terrorists to other, less heavily defended targets—shopping malls, movie theaters, churches, stadiums, museums. The terrorist’s goal isn’t to attack an airplane specifically; it’s to sow terror generally. “You spend billions of dollars on the airports and force the terrorists to spend an extra $30 on gas to drive to a hotel or casino and attack it,” Schneier says. “Congratulations!”

This simplifies the issue in ways that are counterproductive.  Two points:

1. Air travel remains an attractive target due to the cost benefit ratio: it takes very little explosive to bring down a plane and kill hundreds, while at the same time creating a spectacular event that instantaneously affects a large industry in the short and long term. The shoe or underwear bombers would have caused relatively little damage at a shopping mall or casino, but could have easily killed hundreds in an instance and caused enormous economic damage if successful on their original mission.  The liquid bombing plot seemed to be aiming for thousands of deaths and a truly strategic impact, one not attainable by the same number of operatives killing themselves in other public spaces (before it is brought up, I do know of the line of reasoning that a wave of attacks against American malls would have a huge impact…but I guess that I have greater faith in citizen resilience in that we as a nation would not hide at home following such an event).

There is a lot of security theater at airports, but much of it began in response to a rash of hijackings decades ago.  When there was no security it was simple to bring a gun or bomb aboard a flight, take it hostage, and gain attention for one’s political demands.  Steps were taken to make this more difficult.  Reasonable steps should be taken now when instead of simply attention the goals include death on a grand scale.

2. Terrorists do not simply “switch from target to target and weapon to weapon.” Groups consider their goals, determine their resources, and plan for what is then attainable.  The IRA was a sophisticated group capable of inflicting a great number of civilian casualties, yet they were restrained by their political goals.  Al Qaeda has different goals and therefore utilizes different methods.  The same will be true of other current and future groups.  If killing hundreds is a goal but resources are limited to a few poorly trained agents, targeting an airliner would seem more attractive than attempting an operation similar to the assault on Mumbai. Terror is a goal when traditional military victory is out of reach, however it should not be thought that all groups and individuals would generalize this goal into a least common denominator and aim for the easiest target.  That is partly what got us into trouble the last time…(Pre-9/11: What?  Worry about a group of actors with no state backing?!?  Preposterous…now about those Chinese….).

Mr. Schneier has performed an invaluable service over the years bringing to light deficiencies in our homeland security thinking, and Mr. Mann (the author of the article in question) accomplishes the same by exposing it to a wider audience.  Yet I can’t help but think that by not considering the issues a few steps beyond shouts of “security theater,” the conversation we should have about homeland security as a nation will not take place.

November 29, 2011

Please turn off all electronic devices

Filed under: Aviation Security — by Christopher Bellavita on November 29, 2011

“That means anything with an on-off switch has to be turned to the off position,” the flight attendent said in that awkward linguistic style that calls crashing into the ocean a water landing.

“It must be turned off,” the attendent repeated as if the passengers had ignored the first order. “Completely off; not placed in Airplane Mode.”

I can’t remember how many years I’ve heard this refrain. I always assumed it had something to do with electronic devices emiting signals that could interfere with the plane’s navigation system. I think I recall hearing a flight attendent say that several years ago. Ok, maybe 30 years ago.

I know practically nothing about electronics or navigation systems.  I trust the experts.

The last decade has seen the growth of items in the flight attendent announcement of what counts as an electronic device: cell phones, computers, iPads, Kindles, handheld video games, noise cancelling ear phones.

If you’ve flown much you know the drill. You use your cell phone until the door closes. All electronic equipment remains off until you reach 10,000 feet.  You hear a few beeps, followed by an announcement about turning on “approved electronic devices.”

I’ve often wondered how many people actually turn their devices off.  Sometimes I forget to turn mine off.

I saw an article on this topic in Tuesday’s New York Times by Nick Bilton called “Fliers Must Turn Off Devices, but It’s Not Clear Why.”

Some excerpts:

Millions of Americans who got on a plane over the Thanksgiving holiday heard the admonition: “Please power down your electronic devices for takeoff.” And absolutely everyone obeyed. I know they did because no planes fell from the sky. No planes had to make an emergency landing because the avionics went haywire. No planes headed for Miami ended up in Anchorage. We were all made safe because we all turned off all our Kindles, iPads, iPhones, BlackBerrys and laptops, just as the Federal Aviation Administration told us to. ….

OK, that was sarcasm.

According to the F.A.A., 712 million passengers flew within the United States in 2010. Let’s assume that just 1 percent of those passengers — about two people per Boeing 737, a conservative number — left a cellphone, e-reader or laptop turned on during takeoff or landing. That would mean seven million people on 11 million flights endangered the lives of their fellow passengers.

Yet, in 2010, no crashes were attributed to people using technology on a plane. None were in 2009. Or 2008, 2007 and so on. You get the point.

Bilton writes

… rules that are decades old persist without evidence to support the idea that someone reading an e-book or playing a video game during takeoff or landing is jeopardizing safety.

Bilton reports on a 2006 study that found “insufficient evidence to change the policy,” meaning the gadgets are presumed to be potentially dangerous unless they can be proven to be safe.  It’s erring on the side of safety.

…I’m not arguing that passengers should be allowed to make phone calls while the plane zooms up into the sky. But, why can’t I read my Kindle or iPad during takeoff and landing? E-readers and cellphones can be easily put into “Airplane Mode” which disables the device’s radio signals.

One part of the article in particular drew my attention.  Having everyone turn off their devices might actually create a greater hazard.

The government might be causing more unnecessary interference on planes by asking people to shut their devices down for take-off and landing and then giving them permission to restart all at the same time. According to electrical engineers, when the electronic device starts, electric current passes through every part of the gadget, including GPS, Wi-Fi, cellular radio and microprocessor.

It’s the equivalent of waking someone up with a dozen people yelling into bullhorns.

Bilton’s conclusion is

As more and more people transition from paper products to digital ones, maybe it’s time to change these rules.

The article received almost 200 comments. So many comments that Bilton wrote a second article — titled “It’s called ‘Airplane mode’ for a reason” — to respond to the comments. That article is available here: http://bits.blogs.nytimes.com/2011/11/28/its-called-airplane-mode-for-a-reason/

The consensus of the comments, like many issues in homeland security, is polarized. Some people believe the risk is overblown. Other people believe the risk, while small, is potentially serious. One person says he’s flown on Air Force One several times and no one every turned off their phone. Another person, a pilot, said his GPS navigation went blank once because someone in the plane was using a cell phone.

Bilton writes:

Surely if electronic gadgets could bring down an airplane, you can be sure that the Department of Homeland Security and the Transportation Security Administration, which has a consuming fear of 3.5 ounces of hand lotion and gel shoe inserts, wouldn’t allow passengers to board a plane with an iPad or Kindle, for fear that they would be used by terrorists.

 

 

September 26, 2011

Ray Kelly: “I mean in an extreme situation, you would have some means to take down a plane.”

Filed under: Aviation Security,Terrorist Threats & Attacks — by Arnold Bogis on September 26, 2011

Is the NYPD equipped to shoot down airplanes?

That quote comes from yesterday’s “60 Minutes” interview with New York City’s Policy Commissioner Ray Kelly.  Here is a slightly expanded version:

Pelley: Are you satisfied that you’ve dealt with threats from aircraft, even light planes, model planes, that kind of thing?

Kelly: Well, it’s something that’s on our radar screen. I mean in an extreme situation, you would have some means to take down a plane.

Pelley: Do you mean to say that the NYPD has the means to take down an aircraft?

Kelly: Yes, I prefer not to get into the details but obviously this would be in a very extreme situation.

Pelley: You have the equipment and the training.

Kelly: Yes.

Obviously, this script and the actual footage have likely undergone some editing.

In addition, the phrase “take down” does have different meanings in this context.  Kelly could be suggesting that a local police force (albeit the largest in the nation and one leaning so forward in terms of counter-terrorism that if it had a nose it might be touching the ground) has the ability to shoot down an aircraft in flight.

Or he could be suggesting that if terrorists took the passengers of any particular airplane hostage, NYPD now has a dedicated force knowledgeable and practiced at assaulting the airplane while on the ground and rescuing the hostages.

The second option would be impressive, but not surprising.

The first would be shocking and not just a little worrisome.

Update: During a 7-hour drive today, I had a little time to think about this issue.  My first reaction upon reading the AP report was that a statement was taken out of context and used for a short, sensational news piece. I would guess the vast majority of knowledgeable people thought that Kelly was naturally speaking of “take down” in terms of a tactical SWAT operation. However, there may be a little bit more to this than that simple explanation.

Two assumptions: (1) While I did not watch the actual televised interview, I’m assuming both it and the transcript were not edited and this piece of the conversation took place exactly as publicized; and (2) that Ray Kelly is not just a professional but an incredibly smart and savvy  political player–and that is meant as a compliment in terms of a specific skill set.

I interpret the reporter’s question not to mean a threat from a plane sitting on a local tarmac, whether that means hostages or simply a known terrorist situation. Hence the inclusion of light and model planes–threats not usually thought of requiring a response from an armed team on the ground–unless, of course, the plot is discovered in advance. However, I would wager the reporter was speaking of 9/11 and lesser scenarios where the aircraft is in the air, and “take down” means knock it out of the air.

Kelly might have been confused by the question, though I doubt it (see assumption 2). Instead, I’m thinking he either might have understood but had no answer that did not include non-NYPD assistance (not the point of the interview) and resorted to speaking of a situation where a SWAT team could be utilized.  If later pushed for clarification, he could simply explain that he was not talking about shooting aircraft out of the sky but “taking down” in the tactical operational sense.

Or, with a dash more deviousness, he might have understood the reporter’s question to mean shooting down an aircraft in flight and made use of dual definition of “take down” to suggest NYPD had such a capability, knowing that if later pushed for clarification he could explain he meant a particular SWAT ability to storm a plane on a tarmac.  In this instance, however, instead of simply wishing to keep the focus of the interview on the NYPD he understood what the headline would be–”NYPD has the capability to take down aircraft”–and hoped that it would add to the efforts at deterring terrorists from striking New York City.  Regardless of the veracity of the statement, if some wannabe terrorists are thinking of using a light plane filled with explosives to strike a target in the City, perhaps there is a chance they would reconsider if they even thought for a moment that the NYPD had their own anti-aircraft capability.

A bit conspiratorial, but I did have a lot of time on my hands during the drive…

Update 2: Apparently while I was in the car, Noah Shachtman of Wired’s “Danger Room” blog not only addressed the deterrent effect of Kelly’s comments but also filled in the blank concerning NYPD’s capability in this regard: he may have been speaking of actually shooting down a plane (not just using SWAT vernacular regarding a ground assault) and it is by means of a .50 caliber rifle: http://www.wired.com/dangerroom/2011/09/can-the-nypd-shoot-down-a-plane-kinda-sorta-not-exactly/

June 28, 2011

Absolute security as the minimum adequate security

Filed under: Aviation Security,General Homeland Security,Risk Assessment — by Christopher Bellavita on June 28, 2011

Andrew Bacevich described (in this video) what happened when the United States lost its nuclear monopoly in 1949, and faced the possibility it would be completely destroyed by the Soviet Union:

“Policymakers reacted in panic….  [This] possibility came to be seen as something that was intolerable.  And from that time down to the present … there has been a theme in US national policy that posits absolute security as the minimum adequate security.”

———————

The woman in the picture is 95 years old.  She weighs about 100 pounds.  She uses a wheelchair because she has difficulty standing.

According to a story in the Northwest Florida Daily News, written by Lauren Sage Reinlie, the woman was detained, searched, and asked to remove her soiled adult diaper.  The TSA screener had to complete the pat down search before the woman would be permitted “to fly to Michigan to be with family members during the final stages of her battle with leukemia.”

The familiar and predictable outrage the incident generated was balanced by the familiar and predictable response from TSA:

The TSA works with passengers to resolve any security alarms in a respectful and sensitive manner….

During any part of the process, if there is an alarm, then we have to resolve that alarm….

[T]he procedures are the same for everyone to ensure national security.

TSA cannot exempt any group from screening because we know from intelligence that there are terrorists out there that would then exploit that vulnerability….

While every person and item must be screened before entering the secure boarding area, TSA works with passengers to resolve security alarms in a respectful and sensitive manner.

We have reviewed the circumstances involving this screening and determined that our officers acted professionally and according to proper procedure.

The woman’s daughter thought about the official response:

“[If] you’re just following rules and regulations, then the rules and regulations need to be changed….  I’m not one to make waves, but dadgummit, this is wrong. People need to know. Next time it could be you.”

———————

I think Bacevich’s observation is important.  Absolute security ought not be the minimum level of adequate security.

The woman’s observation is also important, “Dadgummit, this is wrong.”

Congress and TSA know this.

As Kelley Vlahos’ article in the June issue of Homeland Security Today summarizes, the future of airport security screening is supposed to be a shift from “no one is exempt” to an approach driven more by intelligence and risk.

Congressman Mike Rogers agrees with this vision.  But — like some DHS leaders and many fliers — Rogers is impatient:

I don’t think [TSA has] to explain to people that it’s potentially dangerous to fly … with terrorists continuing to target Americans, but we have to be reasonable in our efforts.  When American’s see intrusive practices that don’t seem to be intelligence-driven or smart, it drives them nuts….  I think [TSA] wants to get there, but we need to do it tomorrow and not three years from now.”

Absolute security takes a very long time to achieve.  Adequate security may take even longer.

March 29, 2011

Front door theater and backstage muck: consent of the governed in aviation security

Filed under: Aviation Security — by Christopher Bellavita on March 29, 2011

Today’s blog was researched and written by a “concerned Department of Homeland Security law enforcement officer.”

—————————————————–

How far can consent be stretched?

The Transportation Security Administration (TSA) can be a lightning rod in the ever-evolving world of homeland security.  This is true for the agency and for the much larger operational concept it embodies.  It is not fair to pile on, but TSA often begs for the attention with their actions and possible mission creep into other venues.

The Visible Intermodal Prevention and Response (VIPR) is one of the TSA programs that can generate questions and interesting privacy and authority discussions.  According to TSA in 2007:

VIPR teams work with local security and law enforcement officials to supplement existing security resources, provide deterrent presence and detection capabilities, and introduce an element of unpredictability to disrupt potential terrorist planning activities.

Looking to expand the VIPR concept beyond the rail sector to other forms of mass transit, TSA has been reaching out to several high-volume ferry operators to provide additional security, particularly during the summer months when ridership is at its peak.

And…

VIPR teams enhance TSA’s ability to leverage a variety of resources quickly to increase visible security in any mode of transportation anywhere in the country and are a normal component of TSA’s nimble, unpredictable approach to security.

The TSA VIPR operation at the train station in Savannah, Georgia in late February 2011 sparked another debate about the authorities and responsibilities of TSA Transportation Security Officers (screeners) and TSA Federal Air Marshals well away from the aviation environment.

Does the concept of implied consent to search apply if you wish to travel via commercial aviation and now possibly rail?  The TSA employees reportedly searched adults and children at a train station after they departed the train.   These reported searches have generated concerns because the subjects had already disembarked the stated area of concern or threat (i.e., the train) that supposedly created the “justification” or need for the “consent” search in the first place.

TSA’s Blogger Bob proactively addressed the incident and concerns on the TSA blog site to explain their actions and possible error(s):

A video of Transportation Security Officers (TSOs) screening passengers at a Savannah, Georgia Amtrak station has been gaining quite a bit of attention and many are wondering why we were screening passengers who had just disembarked from a train.

We were wondering the same thing.

The screening shown in the video was done in conjunction with a VIPR operation. During VIPR operations, any person entering the impacted area has to be screened. In this case, the Amtrak station was the subject of the VIPR operation so people entering the station were being screened for items on the Amtrak prohibited items list as seen in the video.

It should be noted that disembarking passengers did not need to enter the station to claim luggage or get to their car.

Signs such as the one shown here are posted at the entrance to the impacted area.

However, after looking into it further, we learned that this particular VIPR operation should have ended by the time these folks were coming through the station since no more trains were leaving the station. We apologize for any inconvenience we may have caused for those passengers.

So by now, you’re probably wondering what a VIPR is? Is it a type of snake that we misspelled? A really cool car… Nope. It’s a team that’s made up of Federal Air Marshals, Surface Transportation Security Inspectors, Transportation Security Officers, Behavior Detection Officers and Explosive Detection Canine teams. The teams provide a random high-visibility surge into a transit system and work with state and local security, and law enforcement officials to expand the unpredictability of security measures to detect, deter, disrupt or defeat potential criminal and/or terrorist operations.

Ignoring the clear question about their “authority” to conduct searches beyond the implied consent of a passenger at an airport who wishes to fly and not drive to his destination, what is the true benefit or intention of these VIPR operations? Is there value beyond mere presence? Is this an expansion of the agency’s responsibility and authority?    Does the TSA have such abundant resources that they can afford to expand well beyond the aviation environment, if even only for sporadic VIPR operations?

These questions may be unfair after the horrid results of terrorist attacks in the rail environment in Spain and England.  Nevertheless, these VIPR operations may not fully conform to their primary duties in the post 9/11 environment.

Even though the word “transportation” in their agency name encompasses a larger world in the eyes of some people, should TSA employees also be operating at seaports and private marinas where broader authorities and training are required for border searches, inspections and proper interaction with the public.  This is a policy and liability question for discussion by the government and its people.  Where does that discussion happen?  And when?

—————————————————–

How successful has TSA been in the aviation environment, almost ten years after the 9/11 terrorist attacks?   A Washington Post article,  Auditors question TSA’s use of and spending on technology, raises many important concerns and questions about the benefit of the billions of dollars expended by TSA for screening:

Before there were full-body scanners, there were puffers. The Transportation Security Administration spent about $30 million on devices that puffed air on travelers to “sniff” them out for explosives residue. Those machines ended up in warehouses, removed from airports, abandoned as impractical.

But government auditors have faulted the TSA and its parent agency, the Department of Homeland Security, for failing to properly test and evaluate technology before spending money on it.

The GAO has said that the TSA has “not conducted a risk assessment or cost-benefit analysis, or established quantifiable performance measures” on its new technologies. “As a result, TSA does not have assurance that its efforts are focused on the highest priority security needs.”

“They’re adding layers of security and technology, but they need to do a cost-benefit analysis to make sure this is worthwhile,” said Steve Lord of the GAO’s Homeland Security and Justice team, who has reviewed the TSA’s purchases. “They need to look at whether there is other technology to deploy at checkpoints. Are we getting the best technology for the given pot of money? Is there a cheaper way to provide the same level of security through other technology?”

(In addition to TSA related concerns, the DHS Office of the Inspector General recently recommended that the strategic sourcing of detection equipment at DHS could help its agencies save money and standardize its equipment purchases.)

Beyond the established TSA airport screening locations, TSA conducts subsequent passenger baggage searches in the airport concourses after the passengers were already processed by their personnel.  Another recent Washington Post article addressed this issue, describing the experiences of a passenger at the Seattle Seattle-Tacoma International Airport who had reportedly cleared TSA screening and was awaiting her flight.

As she waited for her flight from Seattle-Tacoma International Airport to Medford, Ore., last month, Linda Morrison noticed something unusual in the waiting area.

“A lady in a TSA uniform came over, put on her rubber gloves and went up and down the rows of seats, choosing bags to go through,” remembered Morrison, a retired corporate recruiter who lives in Seattle. “She didn’t identify herself, didn’t give a reason for the search. She seemed to be targeting larger carry-on bags.”

Morrison was stunned. She expected to be screened at the designated checkpoint area, or maybe at the gate, where the TSA sometimes randomly checks passengers as they board. But this was different. “To me, it just felt like an illegal search performed by a police state,” she said.

Ms. Morrison is not alone with her concerns.  Not all air travelers concur with these expanded screening operations, according to the Washington Post article:

James Morrissey, a University of Illinois biochemistry professor and a frequent air traveler, prefers “intrusive security.” “TSA has become a law unto itself, and it routinely tramples the civil rights of the flying public,” he says. “Unfortunately, there will always be some people who will be perfectly okay with having their rights trampled in the name of security. But allowing this to happen is very disturbing to me.”

Jeff Stollman, a security and privacy consultant in Philadelphia, thinks that “annoying” better describes air travel in 2011. He’s irked by what he calls “security theater” that offers no real protection against terrorism. “I suspect that a lot of the current controls don’t really do that much to improve security,” he said.

Matthew Gast, a technology writer who works for a San Francisco-based publishing company, believes that it doesn’t matter what it’s called – it’s wrong. The TSA has gone “too far” in trying to protect us from terrorism. “I have not taken a flight since I was forced to allow a TSA agent to put his hands down my pants,” he said. “It’s the only time I felt unsafe in an airport.”

Other frequent travelers have voiced their concerns.  A number of airline pilots reportedly continue to disagree with the current TSA screening procedures resulting in at least one pending lawsuit against the TSA:

Two U.S. commercial airline pilots complained in a lawsuit on Friday that new screening procedures for flight crews — scaled back after complaints by pilots — were still too invasive and violated privacy rights.

Pilots and flight crews complained the new screening exposed them to excessive radiation because they fly so frequently and that extra scrutiny for them was unnecessary because they already control the planes.

According to the TSA blog, TSA is again reviewing a more focused approach through identity based screening and a known traveler program:

For some time now, there has been much talk about implementing a Trusted Traveler program and switching to more of an identity-based approach. Good news… Administrator Pistole is on board with a known traveler approach. He spoke earlier this month at the American Bar Association and talked about his vision for this concept. You can read his remarks here.

—————————————————–

All these articles (and the thirteen at the end of this post) raise controversial, but important questions for consideration and discussion:

  • Is the mission to maintain a sufficient level of confidence in air travel by spending money for homeland security theater, or is it to provide a truly secure aviation environment?   What are the cost limitations, if any, in our current economic world?


  • Does it make sense to expend these very valuable and limited resources at the front door when the back doors at many airports are often wide open, given the ability of hundreds of thousands of Security Identification Display Area (SIDA) badged employees to introduce and remove all forms of contraband and other interesting items?  If this threat is not fully appreciated, please spend some time with the agencies conducting smuggling and theft investigations at the airports to evaluate the enormous insider threat (the next threat?).


  • Does a policy of hiring employees with significant criminal convictions and associations affect the quality of screening and/or faith in the process by the American public?  Does this practice also expand the insider threat in the aviation environment?

Unfortunately, the investment of billions of dollars in technology (useful or not) and personnel at the front door of the airports may be the easier challenge to tackle at this time rather than considering the likely next threat to commercial aviation.

However, the central question I want to raise remains, how far can consent be stretched?  Must we sacrifice liberty for security and to what extent? Are we really using our imagination and connecting the dots in a post 9/11 world?

Maybe we should just be quiet and patriotically remove our shoes to support homeland security theater.

—————————————————–

  1. http://www.gadling.com/2010/02/04/tsa-forces-richmond-airport-to-issue-access-badge-to-convicted-f/?icid=main%7Cmain%7Cdl5%7Clink6%7Chttp%3A%2F%2Fwww.gadling.com%2F2010%2F02%2F04%2Ftsa-forces-richmond-airport-to-issue-access-badge-to-convicted-f%2F
  2. http://www.denverpost.com/ci_12755515?source=rss
  3. http://abcnews.go.com/WNT/story?id=129658&page=1
  4. http://www.wsvn.com/features/articles/carmelcase/MI90493/
  5. http://www.allvoices.com/news/8400162-tsa-agent-arrested-for-helping-drug-suspects-sneak-through-security
  6. http://online.wsj.com/article/AP0eabbe9f157c43c089bf9be4e4d9cd10.html
  7. http://articles.nydailynews.com/2011-02-16/news/28622234_1_tsa-officers-baggage-drug-dealer
  8. http://www.myfoxorlando.com/dpp/news/orange_news/013110_TSA_agent_arrested_for_molestation-
  9. http://www.nbclosangeles.com/news/local/TSA-Security-Agent-Arrested-at-LAX-80858482.html
  10. http://articles.cnn.com/2011-02-16/justice/new.york.tsa.arrests_1_tsa-officers-third-degree-grand-larceny-bag?_s=PM:CRIME
  11. http://www.smartertravel.com/blogs/today-in-travel/tsa-supervisor-arrested-stole-cash-from-travelers.html?id=6114960
  12. http://www.wreg.com/news/wreg-tsa-security-officer-arrested,0,4936320.story
  13. http://www.rawstory.com/rs/2010/11/26/tsa-worker-accused-assault-jail-time-stalking-harassment/#

 

March 27, 2011

TSA’S Baggage Problem

Filed under: Aviation Security — by Jessica Herrera-Flanigan on March 27, 2011

Recently, I served as a member of the US Travel Association’s Blue Ribbon Panel for Aviation Security,  a group brought together to evaluate aviation security.  US Travel, based on recommendations made by the panel, released a report, A Better Way, Building a World Class System for Aviation Security.  The report made recommendations, based on the following goals and recommendations:

  • Goal Number One – Improve the Transportation Security Administration (TSA) checkpoint by increasing efficiency, decreasing passenger wait times and screening passengers based on risk
    • Implement a risk-based Trusted Traveler program
    • Give TSA authority over entire checkpoint area
    • Improve preparation of travelers
    • Encourage fewer carry-on bags
  • Goal Number Two – Improve governmental efficiency and cooperation in the execution of its security responsibilities
    • Reinstitute the Aviation Security Advisory Committee
    • Facilitate non-partisan leadership of TSA
    • Develop a comprehensive technology procurement strategy
    • Encourage wider use of secure identification documents
    • Reduce duplicative TSA screening for international arrivals
    • Expand trusted traveler programs to qualified international passengers
    • Eliminate duplication between TSA and CBP
    • Push for international cooperation with U.S. security standards
  • Goal Number Three – Restructure our national approach to aviation security by developing and utilizing real risk management methods and tools
    • Implement well-defined risk management processes

If there was an underlying theme throughout the paper and recommendations, it is “let’s ensure that aviation security is risk-based and we have an established risk management process.”  A risk-based Trusted Traveler concept is one for which TSA Administrator Pistole has advocated in front of Congress and various business groups over the last several months.

One recommendation for which security concerns may not be apparent at first blush but is costing millions and will be a huge problem if unaddressed is the number of carry-ons being brought onto planes.  The recent trend of airlines charging travelers for any checked bags is forcing a number of passengers to bring more carry-on bags onto each flight.  The result: increased checkpoint congestion and the government having to dedicate more resources, equipment, and personnel to screen passenger bags. Secretary Napolitano, earlier this month, estimated during a Congressional hearing that the extra carry-on baggage generated by checked baggage fees is costing TSA $260 million.

What will happen as the economy improves and more people begin to fly more? What types of costs, delays, and congestion will result? Is it really a good use of our security resources to force TSA to focus on screening carry-on bags instead of looking for terrorist threats?

The report recommends that the Department of Transportation issue regulations requiring that airlines allow all passengers one checked bag, even if that bag is limited to the size of a carry-on bag.  It also recommends that DOT set standards for the number and size of items that a passenger can bring on a plane. These are common-sense recommendations that will not only make the experience of travelers better but will allow our security officials to focus on security, as opposed to random bags.

January 29, 2011

Kip Hawley: Compliance with security procedures is not enough

Filed under: Aviation Security — by Christopher Bellavita on January 29, 2011

from: latimes.com/news/opinion/commentary/la-oe-hawley-tsa-20110129,0,5091218.story

Plugging the airport security gaps

Post-9/11 security has done its job, but we must continue to adapt. To foil endlessly resourceful terrorists, we need to improve in three areas.

————————————————

[note: the three areas are:

1. Multiple layers of security deployed throughout the airport that are changing regularly and seem unpredictable.

2. Ownership of the security result must be jointly shared by TSA, the airports, airlines, law enforcement, vendors and  the traveling public

3. Active assessment and allocation of risk-management resources that balance risk tradeoffs]

By Kip Hawley

January 29, 2011

After this week’s airport bomb attack in Moscow, Russian President Dmitry Medvedev declared that there was a “systemic failure to provide security.” That is difficult to dispute. But the claims of Domodedovo Airport’s spokesperson that “we fully met all the requirements in the sphere of air transport security for which we are responsible” was probably also correct. Yet ultimately, dozens of people are dead and dozens more wounded. So who is to blame? What’s wrong with the system? And are we in America also at risk?

In the United States, we divide security responsibility according to who performs the activity. For example, Transportation Security Administration personnel search carry-on bags at checkpoints, while airport law enforcement officers patrol the airport perimeter. TSA also requires that airports make public address announcements and not allow vehicles to park at the airport curb, and that airlines inspect aircraft food trays. Each activity costs money, so TSA requires only what it can justify, write down and audit.

But security that depends on an auditable checklist of written requirements is always going to be vulnerable to an enemy that can change the method of attack based on those regulations. Once TSA publishes what is required, three things happen: vulnerability is embedded where those measures are weak; the minimum required becomes the maximum undertaken by the security players; and the regulated party feels protected from blame because it did what was required. Unfortunately, in counter-terrorism, regulations alone are not enough.

When responsibility is finally determined in Russia, there probably will be a gap between what Domodedovo Airport was required to do and what it could have done to prevent the attack. But top-down rules allocate responsibility in slices, fragmenting responsibility, thereby eliminating any one party’s accountability in security’s overall outcome. A corollary vulnerability is that no government can issue regulations quickly enough to cover every conceivable angle of attack. Therefore, if compliance with set rules is our system, it is a system born to fail.

Post-9/11 security has done its job, but we must continue to adapt. To foil endlessly resourceful terrorists, we need to improve in three areas.

First, we need multiple layers of security deployed throughout the airport that are changing regularly and, to outsiders, seem unpredictable. Layers such as K-9 teams, random inspections and behavior detection agents, by their very randomness, prevent terrorists from identifying a security gap and exploiting it.

Second, ownership of the security result must be jointly shared. TSA, the airports, airlines, law enforcement, vendors and, yes, the traveling public all share responsibility for our security outcomes. The fear of blame within a security apparatus leads to bureaucratic inaction, which eventually leads to gaping security holes.

And last, we need active assessment and allocation of risk-management resources that balance what I call risk tradeoffs.

Effective security is, in fact, risk management. Our political leaders and security authorities make judgments about where to set the risk-management needle. They have chosen to take the minimum possible risk at airport passenger checkpoints, resulting in pat-downs and plastic bags. The needle registers a little more tolerance in the maintenance area, or so-called backside of airports, and more still in the public areas. But how much risk do we want to accept in these public areas? And how much more hassle can we take?

When we call for more security in public areas, we should be searching for a risk balance that protects us yet is sustainable.

The victims’ families in Russia, or anywhere, do not care about excuses from segments of security that each claim it did its job according to the rules. When responsibility is diffused in systemic failure, we may tweak procedures, assure ourselves that we have fixed the problem, while disregarding the truth that static security based on regulations isn’t enough. Risk management must be constantly assessed and depends on each of the participants accepting ownership and being actively involved in how resources are deployed.

Before we hear the words “systemic failure” again, we should take another look at regulation-based security and recognize that compliance with procedure is not enough when it comes to stopping terrorism threats.

Kip Hawley served as administrator of the U.S. Transportation Security Administration from 2005 until 2009.

Copyright © 2011, Los Angeles Times

January 24, 2011

Aviation Security: Curbside to Cockpit

Filed under: Aviation Security — by Jessica Herrera-Flanigan on January 24, 2011

In a recent speech to the American Bar Association’s Standing Committee on Law and National Security,  Transportation Security Administrator John S. Pistole discussed the need for aviation security to be “curbside to cockpit.”

Unfortunately, today’s attack at the Domodedovo Airport on the outskirts of Moscow (the busiest airport in Eastern Europe),  demonstrates the importance of a comprehensive approach to aviation security.  The attack today killed 29 people in a waiting area for arriving passengers, just outside the Customs area. Another 50 were hospitalized, including  35 who were listed in critical condition.  As in most airports, the area struck was outside the security zone.

In response to the attack, TSA stated  “We are monitoring the tragedy at Moscow’s Domodedovo airport. As always, we are working with our international partners to share information regarding the latest terrorist tactics and security best practices.”

This response by TSA is a reasoned one that hopefully will prevail in the coming days over more reactionary ones.  Today’s incident demonstrates how complicated aviation security is, not only in the U.S., but internationally. Threats can be mitigated, but they must be done so through risk management and cooperation globally.   The creation of international standards and strengthened information and intelligence sharing for terrorist attacks are also both critical tools.

As the U.S.  further develops its “curbside to cockpit” vision for aviation security, it should recognize that security must be layered and that  VIPR teams, explosive detection technologies, canines, and behavioral patterns are all important parts of a security program.   Just as important is the recognition that not all travelers are the same and mechanisms for getting low-risk travelers in and out of airports quickly, while focusing government attention on those that are higher risk is critical to our future efforts.

November 22, 2010

The Pat Down …

Filed under: Aviation Security — by Jessica Herrera-Flanigan on November 22, 2010

In case you missed it, here is a link to Saturday Night Live’s skit on TSA’s enhanced security procedures.

The skit made light of what has spread quickly over the last week — protests from travelers, the White House, the left, and the right over the increased use of Advanced Imaging Technologies (AIT) and “pat-downs” for those who refuse to go through the full-body scanners or trigger the metal detectors.   The use of these procedures and the ensuing uproar have left TSA and its new Administrator John Pistole in a difficult position.  Yesterday Pistole seemed to back away from assertions he had made earlier in the day on television programs that TSA would not change its policies by issuing a statement that the agency would work to make screenings “as minimally invasive as possible.”

In many ways, TSA could not win in this situation.  On one hand, if it did not change “something” to make security stronger this holiday season and another “underwear bomber” appeared, then the agency would have been made into a political piñata.  On the other hand, its roll out of procedures that can be deemed invasive and burdensome and that make normal Joes and Jills who are flying feel like the bad guys hasn’t gained the agency any fans.

The truth of the matter is that as we get further away from 9/11 without a successful attack happening, TSA’s job becomes harder.  (Indeed, the same can be said of DHS as a whole).  Americans feel more secure and less worried that something is going to happen, especially when they are trying to survive economic hardships that face them day to day.  As a result, TSA must be more transparent on its security efforts and use a common sense litmus to what it employs.  Few, I would venture, would argue that we do not want TSA to protect us and that the agency must be capable of stopping the next terrorist who targets an airplane.  What should the agency do?

First, it should continue its efforts to develop more intelligent screening and security measures.  After a recent flight, it dawned on me that the agency’s efforts often only see what “good” travelers want them to see.  It is incumbent on the traveler, for example, to remove his liquids, his computer, and take off his jackets and shoes before going through security.   Sometimes people forget to remove their liquids and nothing happens.  Most of us know of some travelers who routinely ignore the liquids out mandate and still have not been stopped.  Other times, some of the practices leave us scratching our heads.  For example, I recently traveled with a three month old whose booties had to be removed because they counted as shoes.  As someone who has worked on homeland security issues, I know why many of these practices exist but I still wonder how we can make things better so that the things we are protecting (the traveling public) are not left feeling as if they are the threat or worse, more threatened.  Investment in new technologies that can scan our bags for liquids or allow us to leave our shoes on would go a along way. Of course, the implementation of emerging technologies and measures such as profiling will not likely be without criticism.  The deployment of AIT machines have demonstrated that.

Second, TSA should embrace programs such as  domestic registered traveler programs that have a security component and allow those travelers who are a minimal security risk to pay a fee, submit to a  background check, and go through an enhanced security checkpoint experience.

Third, TSA should heed the recommendations of the Inspector General last week in its report, Transportation Security Administration’s Management of Its Screening Workforce Training Program Can Be Improved, and ensure that screeners receive thorough and consistent training.  A number of the “horror stories” reported about TSA’s screening procedures over the past several days do not stem from the new procedures per se but from mistakes made by TSA officers.  For example, Administrator Pistole told “Good Morning America” this morning that at least one screening went too far when an officer reached insider’s a traveler’s underwear.  Stories of forced removals of prosthetics and breakage of urostomy bags also demonstrate the need for good training.

Fourth, Congress needs to help TSA out by partnering with the agency and not playing out its efforts via the news cycle and blogs.  TSA has nearly an impossible task and it could use some constructive help in coming up with long-term solutions and not being forced into reactionary positions.

Last, the American people can help TSA out by being patient yet diligent.  TSA is tasked with assuring that we mitigate as many risks as possible to ensure that we avoid another 9/11.  Sometimes it might not be able to share threat information with the public because it is protecting its information sharing mechanisms or needs to continue its investigation.  While we should hold a common sense test to the agency, we should give it some leeway to do its job.

Next Page »