THE REAL SCANDAL IS HOW THE SECURITY IS SUPPOSED TO WORK

http://www.skatingonstilts.com/skating-on-stilts/2009/12/security-fails.html
Six Uncomfortable Answers
We’ve got answers to some of my questions from yesterday. And they aren’t very comforting. All in all, they remind me of the saying that the small scandals in Washington are what’s illegal, but the real scandal is what’s legal. So, there were ways in which our air security system didn’t work as intended, and those are a small failure, but the real failure is the way our air security system is intended to work.

Here are six answers to my questions:

1. According to press reports, Abdulmutallab had a multiple entry visa to the US, and it was issued before Abdulmutallab’s father warned US authorities of his growing militance. It looks as though the warnings went to a US consular office in Nigeria while the visa was issued in London, which might have had some modest impact on whether consular officials took the warnings seriously. (Officials in London might have been more alert to the risk in Abdulmutallab’s visa, since they issued it, which might have led them to dig more deeply and report with more clarity on the warning.)

2. The intelligence/security agencies would like the consular officials in Nigeria to take the fall for this. The agencies seem to be telling journalists that the father’s warning wasn’t relayed to them with enough detail to justify putting Abdulmutallab on a no-fly or selectee list, so they just stuck him in the 550-thousand-name catchall database (known as TIDE, the Terrorist Identities Datamart Environment) rather than a more active 400-thousand-name database. But neither database would have made him a automatic “selectee” for special screening (roughly 14 thousand people are on that list), let alone no-fly status (4 thousand). And it’s hard to imagine that even transmitting a full transcript of the father’s warning would have boosted Abdulmutallab onto the selectee or no-fly list.

Why is it so hard to get on the selectee or no-fly lists? In part because privacy campaigners have made the lists less effective and more controversial by raising phony privacy concerns — and getting Congress to buy into those concerns. Here’s the problem: The lists are full of aliases and alternative spellings that the terrorists might use to defeat screening. As a result, many, many people (kids, Senators, grandmas) end up as selectees because their names resemble the aliases of terrorism suspects. The resulting hassles and complaints make officials cautious about adding large numbers of names to the selectee list.

So why doesn’t the US use other information, like date of birth, to “disambiguate” the lists — to separate terrorist suspects from regular folks? After all, we knew Abdulmutallab’s birthdate, along with a lot of other information; there was no need to stop every Abdul Mutallab or Abdul-Mutallab or abu Mutallab from flying to the US. But DHS hasn’t been able to disambiguate the list because privacy campaigners and Congress prohibited DHS from gathering birthdates from passengers. That information was too sensitive to share with the government, said the privacy groups, and they insisted that Congress prohibit DHS from running the selection process for years while DHS got over a series of privacy hurdles.

All those infants and grandmas on the selectee list were, I’ve said before, privacy victims. Years after the Congressional barriers were put in place, DHS finally got over them, and it has now started running the screening system. But the result the privacy campaign was years of delay in setting up a more effective selectee database and years of complaints from the privacy victims. As a result, the agencies got a bit gunshy about putting people on the selectee list, since the larger the list, the more complaints it generated from ordinary folks.

3. The databases where Abdulmutallab’s name was stored, however, were accessible to both FBI and DHS. So when he made a reservation to come to the US, DHS should have known he was coming. DHS probably would have flagged him for special scrutiny when he arrived in the US. That would make it very hard for him to enter the US, visa or not.

Al Qaeda seems to have a lot of respect for US border security screening. That’s why it is trying to commit terrorist attacks on US soil without actually entering the US. Since border measures were strengthened after 9/11, al Qaeda has tried three separate plots using the same basic technique — get on a transatlantic flight and blow it up before it lands and before the terrorists are put through our border screening process. Every plot has failed. But if this doesn’t remind you of the successive World Trade Center attacks, you’re not paying attention. They’ve got a schtick, and they’re going to keep using it until it works.

4. Unfortunately, TSA, the part of DHS that screens air travelers, doesn’t use the bigger terrorist databases for screening — unlike DHS’s border officials at CBP. Partly that’s because Congress forced DHS to leave traveler screening in the hands of the airlines for the phony privacy reasons described above. But it’s also because airline screening, unlike border screening, is not well designed to vary the level of screening depending on the risk a traveler poses. In shorthand, it is trying to find dangerous stuff, not dangerous people. So DHS’s access to the data about Abdulmutallab was practically irrelevant to his ability to get on the plane.

5. Practically but not entirely. There is one exception. CBP, which had access to the data, could have decided that it didn’t want Abdulmutallab flying to the US, and it could have enforced that decision by telling Delta/NW not to let him board. Because the visa had already been issued and because of limits on TSA’s use of identity in screening, this was the last chance to keep Abdulmutallab off the plane. We didn’t use it. How come? Did CBP decide that the derogatory information wasn’t enough to block Abdulmutallab without an interview? Or did Delta/NW take that decision out of CBP’s hands by failing to implement the AQQ requirement that was put in place a year ago? We still don’t know.

6. I asked several questions about how good the screening was in Nigeria and at Schiphol. I now think that it barely matters how good a job those screeners did. Without a reason to treat Abdulmutallab differently from other passengers, the current level of screening wasn’t likely to find the explosives. Like 9/11, when the hijackers carried boxcutters because boxcutters were allowed by current screening rules, al Qaeda is adapting to our rules, finding explosives and hiding places that our current procedures can’t detect.

The explosives Abdulmutallab was carrying weighed 80 grams. That’s about three ounces — roughly the weight of a third of a cup of sugar. So let’s role-play al Qaeda at home: put a third of a cup of sugar in a plastic sandwich bag. Roll it up. Can you think of place on your body where you could tape it so that it would be hard for a patdown to find? Or, if you don’t have that kind of imagination, here’s one clue: 80 grams happens to be a bit less than the weight of standard lightweight bra inserts for “enhancing cleavage.”

OK, now let’s roleplay TSA: What kind of patdown procedures are you going to put in place to find that rolled up plastic baggie? Those bra inserts? Remember, you’re committed to treating everyone the same way. Are you really going to pat down every passenger there and there — and carefully enough to distinguish a baggie from a fashion accessory or an anatomical feature?

According to the press, that’s DHS’s plan. From now on, we’ll see more, and more intimate, patdowns. Less carryon luggage. Closer looks at everything we do carry. And on international flights into the US, restrictions on getting items from overhead bins, plus restrictions on what we have on our laps, etc. In the longer run, we’ll use more of the millimeter wave machines that will surely be more appealing to passengers than a patdown that is indistinguishable from getting to third base.

But al Qaeda has already invented the “booty call” bomb, which makes even the millimeter wave machine ineffective. So I think we’re seeing the endgame for the current, nearly identity-free screening process. Only a system that looks for terrorists as well as weapons is likely to be able to defeat al Qaeda’s transatlantic flight plan.

Actually, al Qaeda’s fascination with transatlantic flights — and its fear of US border procedures — gives us an obvious way to try out a new approach to screening. Everyone on transatlantic flights is already carrying a passport. And we already have good passport-based screening and computer systems for border officials. Why not hook those systems to computers at the special US-bound screening checkpoints that already exist in European airports? Then the screeners could perform a graded set of inspections and patdowns that vary depending on whether the traveler is considered risky or not. Travelers in an intermediate status could be questioned, and US officials could be linked in by videoconference to check the answers against their information.

There is plenty of pain in an approach that looks for terrorists, not just weapons. For starters, the Obama Administration’s recent retreat from REAL ID and good driver’s license standards makes it impossible to implement identity-based screening inside the US for the next five to ten years. And, of course, everyone who ends up on the wrong side of the database will want to litigate about the data that led to their patdown, claiming viewpoint and ethnic discrimination, etc., etc.

Still, I don’t see a better alternative. The current path leads us to more and more obnoxious treatment of all travelers. And in the end, after all the mass-produced humiliation, it leads in all likelihood to failure.

Update: According to Reuters, KLM used APIS to check Abdulmutallab’s admissibility with CBP and got back no objection: it reports that the head of Nigeria’s civil aviation authority “said Abdulmutallab’s U.S. visa had been issued in London on June 16, 2008 and was due to expire in June 2010. He said it was scanned without the Advance Passenger Information System (APIS) returning any objection.” If that’s so, CBP/DHS has some explaining to do. It would mean that they knew the guy was coming and they also had access to the most recent intelligence, including the father’s report, but did nothing to stop him or get him checked out in Amsterdam. How come?

Comments are closed.