Tag: TSA

Strip-Search Machines: A Loss Seeds the Win

Last week, the D.C. Circuit Court of Appeals rejected a Fourth Amendment challenge to the Transportation Security Administration’s strip-search machine policies, but it found that the TSA violated the Administrative Procedure Act in rolling them out. Too bad that the court arrived at the Fourth Amendment issues before they were ripe.

The bulk of the decision was devoted to the TSA’s law violation in creating strip-search machine policies without doing a notice-and-comment rulemaking. That’s the procedure federal agencies are required to carry out when Congress has delegated them legislative authority. Congress did delegate such authority when it told the Department of Homeland Security to develop technologies that detect nonmetallic, chemical, biological, and radiological weapons in 2004’s Intelligence Reform and Terrorism Prevention Act.

“[T]he TSA has advanced no justification for having failed to conduct a notice-and-comment rulemaking,” the court wrote, adding that it expects the agency “to act promptly on remand to cure the defect in its promulgation.”

The TSA will likely spout “constantly changing threat environment” boilerplate to try and argue that it can avoid notice and comment under the APA’s “good cause” exception. An agency can skip notice and comment “when the agency for good cause finds … that notice and public procedure thereon are impracticable, unnecessary, or contrary to the public interest.”

But the threat environment is not “constantly changing” at the level of abstraction relevant for the strip-search machine policy—some people are out there who might try to get dangerous articles onto planes—and these machines will be in place for decades, if not permanently, under the TSA policy. They will affect the privacy and security of billions of air passenger journeys. Even if there were need for haste in rolling out the machines, nothing makes it uniquely difficult, or anything other than appropriate, for the TSA to engage in a public process to substantiate its actions.

When the TSA does a rulemaking, it will have to lay out its strip-search machine policies and—crucially—justify them. Notice-and-comment rules are subject to court review, and reversal if they are “arbitrary, capricious, an abuse of discretion, or otherwise not in accordance with law.” That is a rather low standard, but it’s a higher standard than the agency has ever met before—none at all.

The TSA will have to exhibit how its risk management supports the installation and use of strip-search machines. How did the TSA do its asset characterization (summarizing the things it is protecting)? What are the vulnerabilities it assessed? How did it model threats and hazards (actors or things animated to do harm)? What are the likelihoods and consequences of various attacks? Risk assessment questions like these are all essential inputs into decisions about what to prioritize and how to respond.

Congress dictated detection of various harmful agents, a form of interdiction. (The other responses to risk are acceptance, prevention, and mitigation.) Given the array of choices available to it, how did the TSA select strip-search machines?

Crucially, how well do strip-search machines reach the risks identified in their risk assessment? This is a cost-benefit question. How much do strip-search machines cost to purchase, maintain, and operate? The costs denominated in dollars include money spent on buying the machines, configuring airports, and paying TSA salaries to operate the machines and process passengers. Such costs also include opportunity costs imposed on travelers when the time they spend at airports lengthens to accommodate extended security screening and variable delays. Yet more costs are denominated in lost privacy and dignity to the traveler. These are substantial, though hard to quantify.

Security benefits are also hard to quantify, but the agency should do so if it is to justify its policies as something better than random or intuitive reaction. DHS and TSA officials endlessly talk about risk and risk management, but they cannot honestly say they are doing risk management if they are not thinking these issues all the way through. I’ve offered a methodology for valuing security benefits, and security experts (as well as students) have analyzed the costs and benefits of homeland security programs. The TSA can do it too.

Watch in the rulemaking for the TSA to obfuscate, particularly in the area of threat, using claims to secrecy. “We can’t reveal what we know,” goes the argument. “You’ll have to accept our generalizations about the threat being ‘substantial,’ ‘ever-changing,’ and ‘growing.’” It’s an appeal to authority that works with much of the American public, but it is not one to which courts—a co-equal branch of the government—should so easily succumb.

If it sees it as necessary, the TSA should publish its methodology for assessing threats, then create a secret annex to the rulemaking record for court review containing the current state of threat under that methodology, and how the threat environment at the present time compares to threat over a relevant part of the recent past. A document that contains anecdotal evidence of threat is not a threat methodology. Only a way of thinking about threat that can be (and is) methodically applied over time is a methodology.

With this information in hand, a court would not only be ready to assess the TSA’s rule under the Administrative Procedure Act’s “arbitrary and capricious” standard. It would be ready to assess the reasonableness of the TSA’s strip-search machines and procedures under the Fourth Amendment.

Without that information, the D.C. Circuit plugged the strip-search machines into the strangely incoherent “administrative search” exception to the Fourth Amendment. In two pages of analysis (out of the opinion’s seventeen), the court found that strip-search machines are administrative “because the primary goal is not to determine whether any passenger has committed a crime but rather to protect the public from a terrorist attack.”

Come again?

It seems the court could have taken judicial notice that terrorist attacks are carried out through one or more criminal behaviors. People who have weapons or other dangerous articles at airport checkpoints are subject to arrest and prosecution. Crime control and public protection are one in the same, even in counterterrorism.

The “administrative search” exception to the Fourth Amendment seems to rest on the willingness of a court to abstract away the fact that individuals are prevented from proceeding where they would go (seized) while their persons, papers, and effects are rummaged (searched) for the purpose of discovering violations of the criminal laws. Earlier in the opinion, in fact, the court mocked the idea that the TSA might not “engage in ‘law enforcement, correctional, or intelligence activity.’” It surely does. This is not “administrative.” It’s criminal law enforcement.

Perhaps with a full record—a notice-and-comment rulemaking with a docket full of information and analysis—the D.C. Circuit and other courts will have the opportunity to revisit whether the TSA’s strip-search machine policies are constitutionally reasonble, or whether they’re unexamined reaction. Last week’s “loss” on the Fourth Amendment issue sets the stage for sounder thinking on the strip-search machine policy.

All of this would be obviated, of course, if airline security were restored to private hands.

Beware the Depends Bomber?

My Washington Examiner column this week is on TSA, the federal agency that’s its own reductio ad absurdum.

In the latest TSA atrocity, the agency forced a wheelchair-bound, 95-year-old leukemia patient to remove her adult diaper, for fear she might be wired to explode. “It’s something I couldn’t imagine happening on American soil,” her distraught daughter told the press: “Here is my mother, 95 years old, 105 pounds, barely able to stand, and then this.”

My God, what is she on about? Proper procedure was followed!

As I point out in the column:

in a classic case of “mission creep,” TSA is taking its show on the road and the rails.

Remember when, pushing his bullet-train boondoggle in the 2011 State of the Union, President Obama cracked that it would let you travel “without the pat-down”? Not funny—also, not true.

Earlier this year, Amtrak passengers in Savannah, Ga., stepped off into a TSA checkpoint. Though the travelers had already disembarked the train, agents made women lift their shirts to check for bra explosives. Two weeks ago, armed TSA and Homeland Security agents hit a bus depot in Des Moines, Iowa, to question passengers and demand their papers.

These raids are the work of TSA’s “Visible Intermodal Prevention and Response” (VIPR or “Viper”) teams—an acronym at once senseless and menacing, much like the agency itself.

All this is happening at a time when al Qaeda looks more harried, pathetic, and weaker than ever. But hey, you can never be too careful, right?

Feel Safer?

Should TSA Change Its Policy?

News that Transportation Security Administration officers required a 95-year-old cancer patient to remove her adult diaper for search lit up the social media this weekend. It’s reminiscent of the recent story where a 6-year-old girl got the pat-down because she didn’t hold still in the strip-search machine. TSA administrator John Pistole testified to a Senate hearing that the agency would change its policy about children shortly thereafter.

So, should the TSA change policy once again? Almost certainly. Will it ever arrive at balanced policies that aren’t punctuated by outrages like this? Almost certainly not.

You see, the TSA does not seek policies that anyone would call sensible or balanced. Rather, it follows political cues, subject to the bureaucratic prime directive described by Cato chairman emeritus and distinguished senior economist Bill Niskanen long ago: maximize discretionary budget.

When the TSA’s political cues pointed toward more intrusion, that’s where it went. Recall the agency’s obsession with small, sharp things early in its tenure, and the shoe fetish it adopted after Richard Reid demonstrated the potential hazards of footwear. Next came liquids after the revelation of a bomb plot around smuggling in sports bottles. And in December 2009, the underwear bomber focused the TSA on everyone’s pelvic region. Woe to the traveler whose medical condition requires her to wear something concealing the government’s latest fixation.

The TSA pursues the bureaucratic prime directive—maximize budget—by assuming, fostering, and acting on the maximum possible threat. So a decade after 9/11, TSA and Department of Homeland Security officials give strangely time-warped commentary whenever they speechify or testify, recalling the horrors of 2001 as if it’s 2003. The prime directive also helps explain why TSA has expanded its programs following each of the attempts on aviation since 9/11, even though each of them has failed. For a security agency, security threats are good for business. TSA will never seek balance, but will always promote threat as it offers the only solution: more TSA.

Because of countervailing threats to its budget—sufficient outrage on the part of the public—TSA will withdraw from certain policies from time to time. But there is no capacity among the public to sustain “outrage” until the agency is actually managing risk in a balanced and cost-effective way. (You can ignore official claims of “risk-based” policies until you’ve actually seen the risk management and cost-benefit documents.)

TSA should change its policy, yes, but its fundamental policies will not change. Episodes like this will continue indefinitely against a background of invasive, overwrought airline security that suppresses both the freedom to travel and the economic well-being of the country.

In a 2005 Reason magazine “debate” on airline security, I described the incentive structure that airlines and airports face, which is much more conducive to nesting security with convenience, privacy, savings, and overall traveler comfort and satisfaction. The threat of terrorism has only dropped since then. We should drop the TSA.

State Officials Needn’t Heed Feds’ Threats

Federal officials blitzed Texas this week to fight a bill pending in Austin that would control TSA groping of air travelers in that state, reports Forbes’ “Not-So-Private Parts” blogger Kashmir Hill.

Federal government officials descended on the Capitol to hand out a letter … from the Texas U.S. Attorney letting senators know that if they passed the bill, the TSA would probably have to cancel all flights out of Texas. As much as they love their state, the idea of shutting down airports and trapping people in Texas was scary enough to get legislators to reconsider their support for the groping bill…

The federal government’s threat to shut down air travel is serious, but empty. As we’ve seen time and again with the REAL ID Act, the federal government does not have the political will to attack passenger air travel in the name of increasing surveillance and intrusion.

In fact, earlier this year, the Department of Homeland Security didn’t even bother to threaten any repurcussions for states before it once again pushed back a May 2011 (false) deadline for REAL ID compliance. (Previous instances noted here and here.) The REAL ID Act allows the federal government to refuse licenses and ID cards from non-complying states at airport checkpoints, but it’s just not going to happen.

The DHS announcement notes $175 million in spending on REAL ID so far. That waste continues to accrue so long as Congress appropriates money for the national ID program, which will never be implemented.

While we’re on the subject of empty threats from federal officials—and do see Julian Sanchez’s post hitting the same subject—it has been more than four years since then-Secretary of Homeland Security Michael Chertoff said about the REAL ID Act:

If we don’t get it done now, someone is going to be sitting around in three or four years explaining to the next 9/11 Commission why we didn’t do it.

Secretary Chertoff was wrong—factually wrong on the imminence and nature of the terror threat, and ethically wrong to tout terror threats in an attempt to defeat the will of our free people.

With our stubborn insistence on freedom, the American people and state leaders have done a better job of assessing the threat environment than the Secretary of Homeland Security. As I said when I testified on this topic to the Pennsylvania legislature, state leaders should continue to recognize that they are as equipped, if not better equipped, than federal officials to judge what is right for their people. Counterterrorism and airport security are not an exception to that, though federal imperiousness in these areas remains at a high.

Flynn’s ‘Recalibrating Homeland Security’

The May/June issue of Foreign Affairs focuses on “The New Arab Revolt” (also the focus of an event at Cato a month ago). Some of the articles have a touch of datedness because they refer to the continuing pursuit of Osama bin Laden. But not so Stephen Flynn’s “Recalibrating Homeland Security,” ($) a terrific discussion of how the federal government’s post-9/11 policies have failed to meet the challenge of terrorism. Flynn throws a sentence at the living icon of al Qaeda, but the insights of his article are well worth taking in.

Most insightfully, Flynn theorizes just why it is that “nearly a decade after al Qaeda struck the World Trade Center and the Pentagon, Washington still lacks a coherent strategy for harnessing the nation’s best assets for managing risks to the homeland—civil society and the private sector.”

During the Cold War, the threat of nuclear war with the Soviet Union required “a large, complex, and highly secretive national security establishment.”

To an extraordinary extent, this same self-contained Cold War-era national security apparatus is what Washington is using today to confront the far different challenge presented by terrorism. U.S. federal law enforcement agencies, the border agencies, and the Transportation Security Administration (TSA) are subsumed in a world of security clearances and classified documents. Prohibited from sharing information on threats and vulnerabilities with the general public, these departments’ officials have become increasingly isolated from the people that they serve.

This helps explain TSA’s effrontery with travelers, the “secrecy reflex,” and the ongoing risk of overreaction. Flynn stresses that focusing on resiliency will do our country much better than those brittle, fear-backed political demands for 100% protection.

“Read the whole thing” is a bloggic accolade that I use sparingly, recognizing the limits on readers’ time. At a brief 10 pages, despite the hurdle of having to log in/buy access to the article, Flynn’s “Recalibrating Homeland Security” gets my: Read the whole thing.

House Approps Strips TSA of Strip-Search Funds

The fiscal 2012 Department of Homeland Security spending bill is starting to make its way through the process, and the House Appropriations Committee said in a release today that “the bill does not provide $76 million requested by the President for 275 additional advanced inspection technology (AIT) scanners nor the 535 staff requested to operate them.”

If the House committee’s approach carries the day, there won’t be 275 more strip-search machines in our nation’s airports. No word on whether the committee will defund the operations of existing strip-search machines.

Saving money and reducing privacy invasion? Sounds like a win-win.

After bin Laden

As Chris Preble noted early Monday morning, Osama bin Laden is dead. In addition to celebrating V-OBL Day, we should take a moment to reflect on wars of the last decade and the civil liberties we have sacrificed since September 11, 2001. Malou Innocent makes the case for reconsidering our foreign policy, and Jim Harper asks if he can have his airport back. We lay out these thoughts in more detail in this Cato video, After bin Laden.

The phrase “after bin Laden” has a nice ring to it. Cato held counterterrorism conferences in 2009 and 2010, and there’s more Cato work on counterterrorism and homeland security here.