TSA Behavioral Screening
Behavioral screening is a useful tool in deterring and preventing terrorist attacks. As I noted in this piece at Politico, a border patrol agent successfully used behavioral screening to stop the would-be Millennium Bomber. She noticed something “hinky” about a man driving south across the Canadian border. That “hinky” – fidgety and nervous behavior when asked routine customs questions – exposed a car full of explosives intended for the passenger terminal of Los Angeles International Airport.
Two items from the USA Today travel section highlight some mixed results with TSA behavioral screening. Today’s edition reports that behavioral screening, applied by Behavioral Detection Officers (BDOs) missed at least 16 people later linked to terror plots. On the other side of the equation, false positives can impose burdens on those who are nervous or upset for reasons other than terrorism aspirations.
The TSA Blog defended the program: “If you’re one of those travelers that gets frazzled easily (not hard to do at airports), you have no reason to worry. BDOs set a baseline based on the normal airport behavior and look for behaviors that go above that baseline. So if you’re stressing about missing a flight, that’s not a guaranteed visit from the BDOs.”
That would be reassuring if yesterday’s travel section hadn’t revealed that TSA screeners are keeping a list of those who get upset at intrusive screening procedures. “Airline passengers who get frustrated and kick a wall, throw a suitcase or make a pithy comment to a screener could find themselves in a little-known Homeland Security database.”
Of course, we can take comfort from the words of a TSA screener to security expert Bruce Schneier. “This isn’t the sort of job that rewards competence, you know.”
Are You Substituting Worst-Case Thinking for Reason?
Bruce Schneier has a typically good essay on the use of “worst-cases” as a substitute for real analysis. I noticed conspicuous use of “worst-case” in early reporting on the oil spill in the Gulf. It conveniently gins up attention for media outlets keen on getting audience.
There’s a certain blindness that comes from worst-case thinking. An extension of the precautionary principle, it involves imagining the worst possible outcome and then acting as if it were a certainty. It substitutes imagination for thinking, speculation for risk analysis and fear for reason. It fosters powerlessness and vulnerability and magnifies social paralysis. And it makes us more vulnerable to the effects of terrorism.
Worst-case thinking—the failure to manage risk through analysis of costs and benefits—is what makes airline security such an expensive nightmare, for example. Schneier concludes:
When someone is proposing a change, the onus should be on them to justify it over the status quo. But worst case thinking is a way of looking at the world that exaggerates the rare and unusual and gives the rare much more credence than it deserves. It isn’t really a principle; it’s a cheap trick to justify what you already believe. It lets lazy or biased people make what seem to be cogent arguments without understanding the whole issue.
It’s not too long for you to read the whole thing.
‘The Dumbest Terrorist In the World’?
Businessweek has a story quoting a former federal prosecutor in Brooklyn, Michael Wildes, speculating that Faisal Shahzad, the would-be Times Square bomber, made so many mistakes (leaving his house keys in the car, not knowing about the vehicle identification number, making calls from his cellphone, getting filmed, buying the car himself) that he may be the “dumbest terrorist in the world.” But Wildes can’t accept the idea that an al Qaeda type terrorist would be so incompetent and suggests that Shahzad was “purposefully hapless” to generate intelligence about the police reaction for the edification of his buddies back in Pakistan.
Give me a break. This incompetence is hardly unprecedented. Three years ago Bruce Schneier wrote an article titled “Portrait of the Modern Terrorist as an Idiot,” describing the incompetence of several would-be al Qaeda plots in the United States and castigating commentators for clinging to image of these guys as Bond-style villains that rarely err. It’s been six or seven years since people, including me, started pointing out that al Qaeda was wildly overrated. Back then, most people used to say that the reason al Qaeda hadn’t managed a major attack here since September 11 was because they were biding their time and wouldn’t settle for conventional bombings after that success. We are always explaining away our enemies’ failure.
The point here is not that all terrorists are incompetent — no one would call Mohammed Atta that — or that we have nothing to worry about. Even if all terrorists were amateurs like Shahzad, vulnerability to terrorism is inescapable. There are too many propane tanks, cars, and would-be terrorists to be perfectly safe from this sort of attack. The same goes for Fort Hood.
The point is that we are fortunate to have such weak enemies. We are told to expect nuclear weapons attacks, but we get faulty car bombs. We should acknowledge that our enemies, while vicious, are scattered and weak. If we paint them as the globe-trotting super-villains that they dream of being, we give them power to terrorize us that they otherwise lack. As I must have said a thousand times now, they are called terrorists for a reason. They kill as a means to frighten us into giving them something.
Making Sense of New TSA Procedures
Since they were announced recently, I’ve been working to make sense of new security procedures that TSA is applying to flights coming into the U.S.
“These new measures utilize real-time, threat-based intelligence along with multiple, random layers of security, both seen and unseen, to more effectively mitigate evolving terrorist threats,” says Secretary Napolitano.
That reveals essentially nothing of what they are, of course. Indeed, “For security reasons, the specific details of the directives are not public.”
But we in the public aren’t so many potted plants. We need to know what they are, both because our freedoms are at stake and because our tax money will be spent on these measures.
Let’s start at the beginning, with identity-based screening and watch-listing in general. A recent report in the New York Times sums it up nicely:
The watch list is actually a succession of lists, beginning with the Terrorist Identities Datamart Environment, or TIDE, a centralized database of potential suspects. . . . [A]bout 10,000 names come in daily through intelligence reports, but . . . a large percentage are dismissed because they are based on “some combination of circular reporting, poison pens, mistaken identities, lies and so forth.”
Analysts at the counterterrorism center then work with the Terrorist Screening Center of the F.B.I. to add names to what is called the consolidated watch list, which may have any number of consequences for those on it, like questioning by the police during a traffic stop or additional screening crossing the border. That list, in turn, has various subsets, including the no-fly list and the selectee list, which requires passengers to undergo extra screening.
The consolidated list has the names of more than 400,000 people, about 97 percent of them foreigners, while the no-fly and selectee lists have about 6,000 and 20,000, respectively.
Insecurity Cameras
Nearly half of the security cameras in the New York City subway system don’t work. That may seem like cause for alarm, and it may be from a financial standpoint — NYC isn’t getting a lot of return on its investment.
From a broader security standpoint, I don’t find this particularly disturbing. As the article points out, crime is down as ridership increases. Reducing the number of police officers on patrol in the subway (as NYC is doing) is more likely to facilitate increased criminality. A camera can catch many things on film, but the presence of law enforcement officers provides intangible benefits that technology cannot. The would-be Millenium Bomber was stopped by a border patrol agent who interviewed him and thought that something was “hinky” about his behavior. That hinkiness involved explosives, and the plot was foiled. Cameras don’t spot “hinky” like people can.
Security expert Bruce Schneier has been talking about this on his blog (emphasis on the Dubai assassination), and provides a fuller discussion of security cameras in this article on CNN.com:
If universal surveillance were the answer, lots of us would have moved to the former East Germany. If surveillance cameras were the answer, camera-happy London, with something like 500,000 of them at a cost of $700 million, would be the safest city on the planet.
We didn’t, and it isn’t, because surveillance and surveillance cameras don’t make us safer. The money spent on cameras in London, and in cities across America, could be much better spent on actual policing.
Security cameras have not proven a great deterrent to crime or terrorism. The attacks on September 11th and the London commuter bombings were not stopped by pre-attack footage of the perpetrators’ activities. Creating a surveillance state may make some people feel safer, but the resources can be better used elsewhere.
How to Prevent a Fort Hood Shooting
I wrote some posts a few months ago (1, 2, 3) about the difficulty of discovering and preventing essentially random events like the Fort Hood shooting. I was pleased by the compliment security guru Bruce Schneier paid them in his recent post, “Small Planes and Lone Terrorist Nutcases.” (Such happy subject matter we get to write about!)
Now comes Radley Balko with a great column illustrating what you get when authorities try to “get ahead” of this problem. “Pre-Crime Policing” tells the story of a gun buyer who had been tagged with the adjective “disgruntled.” A SWAT team appeared on his property, police tricked him into surrendering for a mental evaluation, they illegally entered his home, and they seized his guns.
Says the victim of these invasions, “South Oregon is big gun country. If something like this can happen here, where just about everyone owns a gun, it can happen anywhere.”
Especially if we ask law enforcement to prevent random violence.
PASS ID and National ID – Rejoinder to Schwartz
Ari Schwartz responded in characteristic even tones to my critique of his testimony in favor of the PASS ID Act, which would revive the moribund REAL ID law. It’s worth a rejoinder, and I’ll offer him the same again here if he wishes.
Ari clouds matters slightly by suggesting that my “strong biases” obscure certain facts. I readily admit having a strong bias in favor of liberty — it’s why I do what I do. Ari admits several biases, including one in favor of consensus-building, which was what I accused him of prioritizing over principle. Let’s put aside the question of bias.
It’s good to see Ari state that CDT does not support a national ID system. It would be better to see him state that CDT opposes having a national ID system. (I imagine this is just a matter of word choice, but it would be good to have clarity.)
Next, Ari says his testimony “makes it clear that we believe that PASS ID prevents the creation of a National ID system.” I don’t believe this is clear from his testimony. More importantly, this is not a sound assessment of what a national ID is or what PASS ID does.
We need some defined terms, so let’s tease out what he means by “national ID.” (He has told me that there is some distinction between a “national ID,” a “national ID system,” and perhaps a “national ID card,” but the distinction is lost on me. I believe a national ID card is part of a national ID system, both of which are commonly referred to in shorthand as a “national ID.”)
Twice in his testimony, he correctly calls REAL ID a national ID system. The factors that make it so appear to be “the very real possibility that individuals would not be able to function in American society without a REAL ID card” and “giving unfettered discretion to DHS to expand the ‘official purposes’ for which REAL ID cards could be required.”
TSA Search Overturned
A federal judge just threw out three fake passports discovered by a Transportation Security Agency (TSA) screener, holding that the search exceeded the TSA’s aviation security mission. (H/T Bruce Schneier)
This is long overdue; the TSA has moved beyond its original mandate and is now conducting searches for “contraband.” The search for anything that seems suspicious can quickly turn into an inquisition at the security checkpoint. Campaign for Liberty staffer Steven Bierfeldt experienced this at the St. Louis airport, and is now suing to prevent future searches beyond what is necessary for aviation security.
The invasive searches don’t add much to airline security anyway. Just as GAO investigators consistently defeat security at federal buildings, TSA screeners often fail to find fake explosives on security test teams.
As Bruce Schneier points out in his excellent book, Beyond Fear: Thinking Sensibly About Security in an Uncertain World, the two effective changes in airline security since September 11, 2001 have been (1) hardening of cockpit doors; and (2) airline passengers will resist because they know that their hijackers are playing for keeps.
Schneier spoke at Cato’s two-day conference on counterterrorism in January. Video at the link.
Terrorist Risk of Cloud Computing
Bruce Schneier skewers an imaginative fear-mongerer.
Schneier and Friends on Fixing Airport Security
Security guru Bruce Schneier comes down on the strictly pragmatic side in this essay called “Fixing Airport Security.” Because of terrorism fears, he says, TSA checkpoints are “here to stay.” The rules should be made more transparent. He also argues for an amendment to some constitutional doctrines:
The Constitution provides us, both Americans and visitors to America, with strong protections against invasive police searches. Two exceptions come into play at airport security checkpoints. The first is “implied consent,” which means that you cannot refuse to be searched; your consent is implied when you purchased your ticket. And the second is “plain view,” which means that if the TSA officer happens to see something unrelated to airport security while screening you, he is allowed to act on that. Both of these principles are well established and make sense, but it’s their combination that turns airport security checkpoints into police-state-like checkpoints.
The comments turn up an important recent Fourth Amendment decision circumscribing TSA searches. In a case called United States v. Fofana, the district court for the southern district of Ohio held that a search of passenger bags going beyond what was necessary to detect articles dangerous to air transportation violated the Fourth Amendment. “[T]he need for heightened security does not render every conceivable checkpoint search procedure constitutionally reasonable,” wrote the court.
Application of this rule throughout the country would not end the “police-state-like checkpoint,” but at least rummaging of our things for non-air-travel-security would be restrained.
I prefer principle over pragmatism and would get rid of TSA.
Don’t Fear Attacks on the Food Supply
Bruce Schneier, a participant in our January counterterrorism conference, reviews a recent report and discusses the possibility of attacks on the food supply in a post on his blog:
The quantities involved for mass poisonings are too great, the nature of the food supply too vast and the details of any plot too complicated and unpredictable to be a real threat. That becomes crystal clear as you read the details of the different incidents: it’s hard to kill one person, and very hard to kill dozens. Hundreds, thousands: it’s just not going to happen any time soon. The fear of bioterror is much greater, and the panic from any bioterror scare will injure more people, than bioterrorism itself.
Cato on Facebook
Cato on Twitter
Cato on Google+
Cato on YouTube
