Tag: TSA

Behavior Detection as Interrogation

With the Department of Homeland Security constantly spinning out new projects and programs (plus re-branded old ones) to investigate you, me, and the kitchen sink, it’s sometimes hard to keep up. But I was intrigued with a report that behvaior detection officers are getting another look from the Transportation Security Administration. Behavior detection is the unproven, and so far highly unsuccessful (Rittgers, Harper), program premised on the idea that telltale cues can reliably and cost-effectively indicate intent to do harm at airports.

But there’s a new behavior detection program already underway. Or is it interrogation?

Due to a bottleneck at the magnetometers in one concourse of the San Francisco airport (no strip-search machines!), I recently had the chance to briefly interview a Transportation Security Administration agent about a new security technique he was implementing. As each passenger reached him, he would begin to examine the traveler’s documentation and simultaneously ask the person’s last name. He confirmed to me that the purpose was to detect people who did not immediately, easily, and accurately respond. In thousands of interactions, he would quickly and naturally learn to detect obfuscation on the part of anyone carrying an ID that does not have the last name they usually use.

As a way of helping to confirm identity, it’s a straightforward and sensible technique. Almost everyone knows his or her last name, and quickly and easily repeats it. The average TSA agent with some level of experience will fluently detect people who do not quickly and easily repeat the name on the identity card they carry. The examination is done quickly. This epistemetric check (of a “something-you-know” identifier—see my book, Identity Crisis) occurs during the brief time that the documents are already getting visual examination.

Some people will not repeat their name consistent with custom, of course. The hard of hearing, speakers of foreign languages, people who are very nervous, people who have speech or other communication impediments, and another group of sufferers—recently married women—may exhibit “suspicious” failure to recite their recently changed surnames. Some of these anomalies TSA agents will quickly and easily dismiss as non-suspicious. Others they won’t, and in marginal cases they might use non-suspicious indicia like ethnicity or rudeness to adjudge someone “suspicious.”

The question whether these false positives are a problem depends on the sanction that attaches to suspicion. If a stutterer gets a gauntlet at the airport each time he or she fails to rattle off a name, the cost of the technique grows compared to the value of catching … not the small number of people who travel on false identification—the extremely small number of people who travel on false identification so as to menace air transportation.

We used this and closely related techniques, such as asking a person’s address or the DMV office where a license was issued, at the bar where I worked in college. It did pretty well to ferret out people carrying their older friends’ IDs. Part of the reason it worked well is because our expert doormen could quickly escalate to further inquiry, dismissing their own suspicions or denying entry to the bar very quickly. The cost of getting it wrong was to deny a person entry to the bar and sometimes possession of a license. These are relatively small costs to college students, unlike the many hours in time-costs to a traveler wrongly held up at the airport. According to my interview, suspicion generated this way at the airport requires a call to a supervisor, but I did not learn if secondary search is standard procedure, or if cases are handled some other way.

TSA agents are not doormen at bars, of course, and the subjects they are examining are not college kids out to get their drink on. These are government agents examining citizens, residents, and visitors to the United States as they travel for business and pleasure, often at high cost in dollars and time. The stakes are higher, and when the government uses a security technique like this, a layer of constitutional considerations joins the practical issues and security analysis.

I see three major legal issues with this new technique: Fourth Amendment search and seizure, the Fifth Amendment right against self-incrimination, and Due Process. When questioning joins an ID check at the airport, it’s a deepening of a search that is already constitutionally suspect. The Fifth Amendment issues are interesting because travelers are being asked to confess through their demeanor whether they are lying or telling the truth. It would seem to cross a Fifth Amendment line and the rule against forced self-incrimination. The Due Process issues are serious and fairly straightforward. When a TSA screener makes his or her judgment that a person is not responding consistent with custom and is therefore “suspicious,” these judgement calls allow the screeners to import their prejudices. Record-keeping about suspicion generated using this technique should determine whether administration of this epistemetric check violates constitutional due process in its application.

In its constant effort to ferret out terrorist attacks on air transportation, the TSA is mustering all its imagination. Its programs raise scores of risk management issues, they create constitutional problems, and they are a challenge to our tradition of constitutionally limited government. The threat that a person will use false identification to access a plane, defeating an otherwise working watch-list sytem, to execute some attack is utterly small. At what cost in dollars and American values do we attack that tiny threat?

The founding problem is the impetuous placement of federal government agents in the role of securing domestic passenger aviation. There are areas where government is integral to securing airports, airlines, and all the rest of the country—foreign intelligence and developing leads about criminal plots, for example—but the day-to-day responsibility for securing infrastructure like airports and airplanes should be the responsibility of its owners.

If the TSA were to go away, air security measures might be similar in many respects, but they would be conducted by organizations who must keep travelers happy and safe for their living. The TSA hasn’t anything like private airports’ and airlines’ incentives to balance security with convenience, privacy, cost-savings, and all other dimensions of a satisfactory travel experience. Asking people their names at airport security checkpoints is an interesting technique, and not an ineffective one, but it should probably be scrapped because it provides so little security at a relatively great cost.

TSA’s Partial Retreat From Full-Body Scans

It’s tempting to believe that the Transportation Security Administration’s move to change the software in strip-search machines is a response to the court ruling finding that it violated the law in rolling out the machines, but it’s almost surely coincidence.

The new software will show items that the software deems suspicious on a generic outline of a body rather than showing a detailed body image. The change will indeed reduce the invasiveness of the machine strip-search process. And because the image is less revealing, it can be viewed in the screening area instead of at a remote location. That means there doesn’t need to be a person dedicated to looking at denuded images of travelers. A major cost of running these machines—payroll—drops by a substantial margin.

The software will almost certainly not do as good a job of discovering hidden weapons as a human looking at a detailed image would. If it’s calibrated to over-report, TSA agents will rightly start to ignore its alerts on belt buckles and underwire bras. If it’s calibrated to under-report, well, it might fail to alert on an actual weapon or bomb. But those things are exceedingly rare, and the increased risk probably won’t make a difference.

In fact, that’s the interesting thing happening here: the TSA is allowing a small increase in risk in exchange for large gains in privacy and cost savings. The reason it took years of complaints, litigation, legislation, and other conflict is because the TSA did not analyze the risks and its responses before going forward with strip-search machines as it did. Trial-and-error isn’t costly to the government. The taxpayer fronts the money and gives up the privacy.

None of this means the TSA has now gotten the balance right. The airport security gauntlet will still be an overwrought mess and an affront to constitutional liberty. We will have to remain insistent on principle, on dignity and privacy, and on sound risk management while TSA gets a public relations bump from being less awful than it was before.

Strip-Search Machines: A Loss Seeds the Win

Last week, the D.C. Circuit Court of Appeals rejected a Fourth Amendment challenge to the Transportation Security Administration’s strip-search machine policies, but it found that the TSA violated the Administrative Procedure Act in rolling them out. Too bad that the court arrived at the Fourth Amendment issues before they were ripe.

The bulk of the decision was devoted to the TSA’s law violation in creating strip-search machine policies without doing a notice-and-comment rulemaking. That’s the procedure federal agencies are required to carry out when Congress has delegated them legislative authority. Congress did delegate such authority when it told the Department of Homeland Security to develop technologies that detect nonmetallic, chemical, biological, and radiological weapons in 2004’s Intelligence Reform and Terrorism Prevention Act.

“[T]he TSA has advanced no justification for having failed to conduct a notice-and-comment rulemaking,” the court wrote, adding that it expects the agency “to act promptly on remand to cure the defect in its promulgation.”

The TSA will likely spout “constantly changing threat environment” boilerplate to try and argue that it can avoid notice and comment under the APA’s “good cause” exception. An agency can skip notice and comment “when the agency for good cause finds … that notice and public procedure thereon are impracticable, unnecessary, or contrary to the public interest.”

But the threat environment is not “constantly changing” at the level of abstraction relevant for the strip-search machine policy—some people are out there who might try to get dangerous articles onto planes—and these machines will be in place for decades, if not permanently, under the TSA policy. They will affect the privacy and security of billions of air passenger journeys. Even if there were need for haste in rolling out the machines, nothing makes it uniquely difficult, or anything other than appropriate, for the TSA to engage in a public process to substantiate its actions.

When the TSA does a rulemaking, it will have to lay out its strip-search machine policies and—crucially—justify them. Notice-and-comment rules are subject to court review, and reversal if they are “arbitrary, capricious, an abuse of discretion, or otherwise not in accordance with law.” That is a rather low standard, but it’s a higher standard than the agency has ever met before—none at all.

The TSA will have to exhibit how its risk management supports the installation and use of strip-search machines. How did the TSA do its asset characterization (summarizing the things it is protecting)? What are the vulnerabilities it assessed? How did it model threats and hazards (actors or things animated to do harm)? What are the likelihoods and consequences of various attacks? Risk assessment questions like these are all essential inputs into decisions about what to prioritize and how to respond.

Congress dictated detection of various harmful agents, a form of interdiction. (The other responses to risk are acceptance, prevention, and mitigation.) Given the array of choices available to it, how did the TSA select strip-search machines?

Crucially, how well do strip-search machines reach the risks identified in their risk assessment? This is a cost-benefit question. How much do strip-search machines cost to purchase, maintain, and operate? The costs denominated in dollars include money spent on buying the machines, configuring airports, and paying TSA salaries to operate the machines and process passengers. Such costs also include opportunity costs imposed on travelers when the time they spend at airports lengthens to accommodate extended security screening and variable delays. Yet more costs are denominated in lost privacy and dignity to the traveler. These are substantial, though hard to quantify.

Security benefits are also hard to quantify, but the agency should do so if it is to justify its policies as something better than random or intuitive reaction. DHS and TSA officials endlessly talk about risk and risk management, but they cannot honestly say they are doing risk management if they are not thinking these issues all the way through. I’ve offered a methodology for valuing security benefits, and security experts (as well as students) have analyzed the costs and benefits of homeland security programs. The TSA can do it too.

Watch in the rulemaking for the TSA to obfuscate, particularly in the area of threat, using claims to secrecy. “We can’t reveal what we know,” goes the argument. “You’ll have to accept our generalizations about the threat being ‘substantial,’ ‘ever-changing,’ and ‘growing.’” It’s an appeal to authority that works with much of the American public, but it is not one to which courts—a co-equal branch of the government—should so easily succumb.

If it sees it as necessary, the TSA should publish its methodology for assessing threats, then create a secret annex to the rulemaking record for court review containing the current state of threat under that methodology, and how the threat environment at the present time compares to threat over a relevant part of the recent past. A document that contains anecdotal evidence of threat is not a threat methodology. Only a way of thinking about threat that can be (and is) methodically applied over time is a methodology.

With this information in hand, a court would not only be ready to assess the TSA’s rule under the Administrative Procedure Act’s “arbitrary and capricious” standard. It would be ready to assess the reasonableness of the TSA’s strip-search machines and procedures under the Fourth Amendment.

Without that information, the D.C. Circuit plugged the strip-search machines into the strangely incoherent “administrative search” exception to the Fourth Amendment. In two pages of analysis (out of the opinion’s seventeen), the court found that strip-search machines are administrative “because the primary goal is not to determine whether any passenger has committed a crime but rather to protect the public from a terrorist attack.”

Come again?

It seems the court could have taken judicial notice that terrorist attacks are carried out through one or more criminal behaviors. People who have weapons or other dangerous articles at airport checkpoints are subject to arrest and prosecution. Crime control and public protection are one in the same, even in counterterrorism.

The “administrative search” exception to the Fourth Amendment seems to rest on the willingness of a court to abstract away the fact that individuals are prevented from proceeding where they would go (seized) while their persons, papers, and effects are rummaged (searched) for the purpose of discovering violations of the criminal laws. Earlier in the opinion, in fact, the court mocked the idea that the TSA might not “engage in ‘law enforcement, correctional, or intelligence activity.’” It surely does. This is not “administrative.” It’s criminal law enforcement.

Perhaps with a full record—a notice-and-comment rulemaking with a docket full of information and analysis—the D.C. Circuit and other courts will have the opportunity to revisit whether the TSA’s strip-search machine policies are constitutionally reasonble, or whether they’re unexamined reaction. Last week’s “loss” on the Fourth Amendment issue sets the stage for sounder thinking on the strip-search machine policy.

All of this would be obviated, of course, if airline security were restored to private hands.

Beware the Depends Bomber?

My Washington Examiner column this week is on TSA, the federal agency that’s its own reductio ad absurdum.

In the latest TSA atrocity, the agency forced a wheelchair-bound, 95-year-old leukemia patient to remove her adult diaper, for fear she might be wired to explode. “It’s something I couldn’t imagine happening on American soil,” her distraught daughter told the press: “Here is my mother, 95 years old, 105 pounds, barely able to stand, and then this.”

My God, what is she on about? Proper procedure was followed!

As I point out in the column:

in a classic case of “mission creep,” TSA is taking its show on the road and the rails.

Remember when, pushing his bullet-train boondoggle in the 2011 State of the Union, President Obama cracked that it would let you travel “without the pat-down”? Not funny—also, not true.

Earlier this year, Amtrak passengers in Savannah, Ga., stepped off into a TSA checkpoint. Though the travelers had already disembarked the train, agents made women lift their shirts to check for bra explosives. Two weeks ago, armed TSA and Homeland Security agents hit a bus depot in Des Moines, Iowa, to question passengers and demand their papers.

These raids are the work of TSA’s “Visible Intermodal Prevention and Response” (VIPR or “Viper”) teams—an acronym at once senseless and menacing, much like the agency itself.

All this is happening at a time when al Qaeda looks more harried, pathetic, and weaker than ever. But hey, you can never be too careful, right?

Feel Safer?

Should TSA Change Its Policy?

News that Transportation Security Administration officers required a 95-year-old cancer patient to remove her adult diaper for search lit up the social media this weekend. It’s reminiscent of the recent story where a 6-year-old girl got the pat-down because she didn’t hold still in the strip-search machine. TSA administrator John Pistole testified to a Senate hearing that the agency would change its policy about children shortly thereafter.

So, should the TSA change policy once again? Almost certainly. Will it ever arrive at balanced policies that aren’t punctuated by outrages like this? Almost certainly not.

You see, the TSA does not seek policies that anyone would call sensible or balanced. Rather, it follows political cues, subject to the bureaucratic prime directive described by Cato chairman emeritus and distinguished senior economist Bill Niskanen long ago: maximize discretionary budget.

When the TSA’s political cues pointed toward more intrusion, that’s where it went. Recall the agency’s obsession with small, sharp things early in its tenure, and the shoe fetish it adopted after Richard Reid demonstrated the potential hazards of footwear. Next came liquids after the revelation of a bomb plot around smuggling in sports bottles. And in December 2009, the underwear bomber focused the TSA on everyone’s pelvic region. Woe to the traveler whose medical condition requires her to wear something concealing the government’s latest fixation.

The TSA pursues the bureaucratic prime directive—maximize budget—by assuming, fostering, and acting on the maximum possible threat. So a decade after 9/11, TSA and Department of Homeland Security officials give strangely time-warped commentary whenever they speechify or testify, recalling the horrors of 2001 as if it’s 2003. The prime directive also helps explain why TSA has expanded its programs following each of the attempts on aviation since 9/11, even though each of them has failed. For a security agency, security threats are good for business. TSA will never seek balance, but will always promote threat as it offers the only solution: more TSA.

Because of countervailing threats to its budget—sufficient outrage on the part of the public—TSA will withdraw from certain policies from time to time. But there is no capacity among the public to sustain “outrage” until the agency is actually managing risk in a balanced and cost-effective way. (You can ignore official claims of “risk-based” policies until you’ve actually seen the risk management and cost-benefit documents.)

TSA should change its policy, yes, but its fundamental policies will not change. Episodes like this will continue indefinitely against a background of invasive, overwrought airline security that suppresses both the freedom to travel and the economic well-being of the country.

In a 2005 Reason magazine “debate” on airline security, I described the incentive structure that airlines and airports face, which is much more conducive to nesting security with convenience, privacy, savings, and overall traveler comfort and satisfaction. The threat of terrorism has only dropped since then. We should drop the TSA.

State Officials Needn’t Heed Feds’ Threats

Federal officials blitzed Texas this week to fight a bill pending in Austin that would control TSA groping of air travelers in that state, reports Forbes’ “Not-So-Private Parts” blogger Kashmir Hill.

Federal government officials descended on the Capitol to hand out a letter … from the Texas U.S. Attorney letting senators know that if they passed the bill, the TSA would probably have to cancel all flights out of Texas. As much as they love their state, the idea of shutting down airports and trapping people in Texas was scary enough to get legislators to reconsider their support for the groping bill…

The federal government’s threat to shut down air travel is serious, but empty. As we’ve seen time and again with the REAL ID Act, the federal government does not have the political will to attack passenger air travel in the name of increasing surveillance and intrusion.

In fact, earlier this year, the Department of Homeland Security didn’t even bother to threaten any repurcussions for states before it once again pushed back a May 2011 (false) deadline for REAL ID compliance. (Previous instances noted here and here.) The REAL ID Act allows the federal government to refuse licenses and ID cards from non-complying states at airport checkpoints, but it’s just not going to happen.

The DHS announcement notes $175 million in spending on REAL ID so far. That waste continues to accrue so long as Congress appropriates money for the national ID program, which will never be implemented.

While we’re on the subject of empty threats from federal officials—and do see Julian Sanchez’s post hitting the same subject—it has been more than four years since then-Secretary of Homeland Security Michael Chertoff said about the REAL ID Act:

If we don’t get it done now, someone is going to be sitting around in three or four years explaining to the next 9/11 Commission why we didn’t do it.

Secretary Chertoff was wrong—factually wrong on the imminence and nature of the terror threat, and ethically wrong to tout terror threats in an attempt to defeat the will of our free people.

With our stubborn insistence on freedom, the American people and state leaders have done a better job of assessing the threat environment than the Secretary of Homeland Security. As I said when I testified on this topic to the Pennsylvania legislature, state leaders should continue to recognize that they are as equipped, if not better equipped, than federal officials to judge what is right for their people. Counterterrorism and airport security are not an exception to that, though federal imperiousness in these areas remains at a high.

Flynn’s ‘Recalibrating Homeland Security’

The May/June issue of Foreign Affairs focuses on “The New Arab Revolt” (also the focus of an event at Cato a month ago). Some of the articles have a touch of datedness because they refer to the continuing pursuit of Osama bin Laden. But not so Stephen Flynn’s “Recalibrating Homeland Security,” ($) a terrific discussion of how the federal government’s post-9/11 policies have failed to meet the challenge of terrorism. Flynn throws a sentence at the living icon of al Qaeda, but the insights of his article are well worth taking in.

Most insightfully, Flynn theorizes just why it is that “nearly a decade after al Qaeda struck the World Trade Center and the Pentagon, Washington still lacks a coherent strategy for harnessing the nation’s best assets for managing risks to the homeland—civil society and the private sector.”

During the Cold War, the threat of nuclear war with the Soviet Union required “a large, complex, and highly secretive national security establishment.”

To an extraordinary extent, this same self-contained Cold War-era national security apparatus is what Washington is using today to confront the far different challenge presented by terrorism. U.S. federal law enforcement agencies, the border agencies, and the Transportation Security Administration (TSA) are subsumed in a world of security clearances and classified documents. Prohibited from sharing information on threats and vulnerabilities with the general public, these departments’ officials have become increasingly isolated from the people that they serve.

This helps explain TSA’s effrontery with travelers, the “secrecy reflex,” and the ongoing risk of overreaction. Flynn stresses that focusing on resiliency will do our country much better than those brittle, fear-backed political demands for 100% protection.

“Read the whole thing” is a bloggic accolade that I use sparingly, recognizing the limits on readers’ time. At a brief 10 pages, despite the hurdle of having to log in/buy access to the article, Flynn’s “Recalibrating Homeland Security” gets my: Read the whole thing.