- Student Exposed the Underlying Flaw
- Cockpit Doors Still Vulnerable?
- Private Trusted-Traveler Proposal
- Master Watch List Still Doesn't Exist
- Rethinking Defense Against Terrorism
I'm hardly the only one who thinks the 20-year-old college student did this country a great service by dramatizing the holes in our very expensive airport screening system. But unlike those calling for even tougher screening (disassemble those wheelchairs, empty that sippy cup!), the lesson I draw is that Congress needs to take a deep breath and a long, hard, second look at the approach they mandated in haste in the aftermath of 9-11.
The fundamental divide is between creating an ever more intrusive system of trying to keep bad objects off aircraft or shifting to a system that, based on risk assessment, aims to keep bad people off planes. The General Accounting Office has been recommending the latter, most recently in its Sept. 9, 2003 report, "Aviation Security: Progress Since September 11, 2001 and the Challenges Ahead" (GAO-03-1150T). And in response, the Transportation Security Administration has created an Office of Threat Assessment and Risk Management whose job it is to weigh various threats and set priorities based on cost-benefit analysis. This will help the agency as it moves from dealing with just aviation to the enormous transportation security challenges involved with, for example, trucks crossing our northern and southern borders and millions of cargo containers entering by ship. The enemy of such an approach is Congress riling itself up over the crisis of the month�one month shoulder-launched missiles, the next month cargo screening on passenger planes—and enacting new mandates regardless of criticality, costs, or benefits.
To his credit, Admiral Loy has kept pressing for some version of the much-feared CAPPS II, in order to be able to focus less attention on the vast majority of air travelers and more on a small subset of higher-risk ones. TSA lost a lot of credibility early on, by proposing a design that was overkill, incorporating many elements of the now-discredited DARPA Total Information Awareness proposal. But it is essential to a risk-based approach to use intelligence information to do triage—to decide where to focus serious resources so as not to waste time and money on those who are highly likely to be what they appear to be: ordinary air travelers. So it�s terribly important for TSA to finalize a streamlined version with strong privacy and error-correction features.
Only then will it be possible to rethink and revise the policy of trying to keep 100% of potentially dangerous objects off of planes, regardless of who�s carrying them.
I must have heard it a dozen times this year: "Since our cockpit doors are now invulnerable, we no longer need to worry about planes being hijacked." Those who assert this may be arguing that it's irrelevant that screeners miss box-cutters or other potential weapons or that we no longer need sky marshals. But in fact, the initial assertion is incorrect. The new Kevlar/composite door is very hard to breach, when it's closed and locked. But on nearly every flight, that door will be opened a number of times—whenever a captain or first officer needs to use the lavatory or whenever a flight attendant delivers or picks up food-service items. Each time the door is opened, the cockpit is vulnerable to intrusion.
Airline pilot Bob Semprini has proposed a solution. He's designed a secondary door that can be stowed (like a pocket door in a house) in the bulkhead in front of the first row of passenger seats. The procedure would be that whenever the cockpit door had to be opened, the area forward of the secondary door would be cleared of any passengers, the secondary door closed and secured, and only then would the cockpit door be opened.
How much this would cost is not clear, and whether this is the best investment we can make in hardening airliners is also not clear. But if we�re going to make further policy decisions based on the assumption that the cockpits have been secured, Semprini has done a real service by showing that this is not yet the case—but that a fix is achievable.
Since the wait for TSA to bring forth its long-promised Registered Traveler program seems interminable, it�s good to see a proposal for such a system emerge from the private sector. Steven Brill, creator of Court TV and The American Lawyer, last week announced the formation of Verified Identity Card Inc. The company intends to offer travelers a way to obtain pre-clearance and a secure identity card to speed the trip through airport screening. Customers would apply and be validated as not being on terrorism watch lists or having a criminal record, via a TSA-approved process. They would receive an electronic card that encodes a fingerprint and thumbprint, to verify that the person showing up at the airport is actually the one who's been pre-cleared.
Brill's concept for the private sector to provide this service picks up on one of the recommendations of Reason Foundation's May 2003 policy study, "A Risk-Based Airport Security Policy." (www.reason.org/ps308.pdf) We argued there that, just as the private sector operates massive systems that authorize millions of credit card transactions each day without raising concerns about Big Brother, so "day-to-day operation and administration [of a trusted traveler program] could well be outsourced to one or more private sector service bureau firms, who would interface with both TSA and the individual airlines."
Needless to say, some privacy advocates just don't get the difference between a voluntary system (like credit cards) and a mandatory system. Marc Rotenberg of the Electronic Privacy Information Center jumped on the proposal as a "Big Brother card . . . minted in the private sector." We dealt at length with these kinds of privacy objections in the policy study noted above, so I won't repeat them all here. As a life-long libertarian, I'm as concerned about a Big Brother state as anyone you can find. But I also believe in trusting adults to make their own informed choices about whether to take a job that requires a security clearance, apply for a mortgage, use credit and debit cards, etc.
I couldn't quite believe it, but the dateline on the article really was Sept. 16, 2003. The Bush administration was announcing the creation of a new counter-terrorism center that will develop (not "has developed"—this is future tense) a master watch list of terror suspects.
As incredible as it may seem, the article went on to report that more than two years after Sept. 11, 2001, federal agencies still maintain "at least a dozen watch lists" that overlap in purpose, such as the "no-fly" list for boarding commercial planes and the list of those barred from entering the country. Moreover, as the GAO reported in April, some of the agencies involved had no policies for sharing information. And those that did share were beset by battles over turf and used outdated technology.
Given that the new master list is expected to include some 100,000 names, and may also include those involved in domestic violence unrelated to terrorism, it's clear that privacy safeguards (such as a way to get off the list if you are put on it in error) are needed. But it's equally clear that the lack of communication that let several of the 9-11 hijackers enter the country even though they were on the CIA's list is unacceptable. Though appallingly late, the new master list is better late than never.
One of the basic truths that economics teaches is that resources are limited. In security, as in every other area of life, we can never do everything conceivable; hence, we have to set priorities and make choices. Recently, I've discovered a powerful framework for thinking about how to do so in defending our society (including air transportation) against the new terrorist threat.
Its author is Manuel Trajtenberg of Tel Aviv University . In a May 2003 working paper, he develops a formal model of terrorism involving three parties: terrorists, potential targets, and government. The terrorists have to decide whether or not to strike, and if so, which target(s) to hit. Potential targets decide how much to invest in their own security. The government decides how much to invest in fighting terrorism. And in that battle, it has to allocate resources between two possible strategies: fight terrorism at its source (the S-strategy) or protect particular local targets (the L-strategy).
Applying plausible numbers to this model, Trajtenberg finds that "the net impact of enhancing the security of a particular target is to increase the risk faced by others." That's hardly surprising: terrorists will very likely seek the path of least resistance. But his larger conclusion is even more striking: in a world or country with N potential targets, "the S-strategy is about N times as effective as the L-strategy." And since N is likely to be in the tens or hundreds of thousands, this means that putting resources into fighting terrorism at its source is tens or hundreds of thousands of times more effective than protecting individual targets.
Trajtenberg notes that what we seem to be doing is just the opposite of this, spending increasing billions on hardening selected targets (commercial airliners, passenger airports) while spending far less than tens or hundreds of thousands more than that on "locating, monitoring and intercepting terrorist cells around the world, disrupting their logistical and financial base, limiting their access and mobility," etc. He goes on to suggest that defense R&D be refocused significantly away from Cold War-era big weapons systems and toward development of sensory computer interfaces for detection and intelligence gathering, and for computer technologies for massive data analysis.
To be sure, it is not politically realistic to suggest that we spend nothing on target hardening, in aviation or elsewhere. But when the halls of Congress and the daily news are filled with calls to spend new billions on such efforts (e.g., $20 billion to equip all airliners with rudimentary defenses against shoulder-launched missiles), Trajtenberg's hard-headed analysis should give us the backbone to resist. (Note: Trajtenberg's Working Paper #11-03 is from the Foerder Institute. I have been able to find only an abstract on-line, but have a hard copy of a presentation he gave in Washington last April, which is a good summary of the working paper.)