- Transit security vs. aviation security
- Registered Traveler progress despite carping
- Protect airports, not planes?
- Devolve screening to airports
- News notes
In the wake of the London transit bombings, Homeland Security Secretary Michael Chertoff has come under fire for the following words: "The truth of the matter is, a fully loaded airplane with jet fuel, a commercial airliner, has the capacity to kill 3,000 people. A bomb in a subway car may kill 30 people. When you think about your priorities, you're going to think about making sure you don't have a catastrophic thing first." The New York Times and New York Senators Hillary Clinton and Charles Schumer have jumped all over Chertoff, calling for massive new expenditures on transit security.
But fundamentally, Chertoff is right. He has talked repeatedly about putting U.S. security policy on a more risk-based footing. He told Homeland Security magazine earlier this spring, "We have to put the resources where the highest risks are," in places facing the most vulnerabilities and which would suffer the most serious consequences from an attack. That includes things like reconfiguring current federal security grants from their current pork-based allocation (making sure every congressional district gets its fair share) to one based on risk, as well as resisting efforts to impose airport-type security measures on mass transit.
To begin with, attempting to screen every rail transit passenger as is done at airports would be enormously costly. A spokeswoman for the U.K.'s Department of Transport told the Wall Street Journal, "It's a very open system because people need to have quick access." Airport-type security "is not proportionate to the risk," she added. One estimate of the cost of outfitting U.S. rail systems with airport-type screening (from Homeland Security Research Corp.) is $45 billion.
But those who compare the modest sums spent on transit security with the $18 billion spent on airport security since 9/11 do have a point—though it's not the one they think they're making. If Chertoff is serious about adopting a risk-based approach, it's time to rethink the extremely costly system of passenger and baggage screening now operated by the Transportation Security Administration at more than 400 airports.
The biggest threat—the kind that can produce thousands of deaths—is of a hijacked airliner used as a guided missile to attack ground targets. Most security experts I talk with are convinced that a few basic measures completed several years ago have largely eliminated that threat. Specifically, by replacing all cockpit doors with greatly strengthened and locked doors, and by changing the protocols for dealing with hijackers, the odds of an airliner being converted to a missile are now extremely low.
So if that threat has largely been dealt with, what aviation threats are left? One is to create terror by blowing up individual airliners. That requires getting a critical quantity of explosives on board. This could be done by ground crews who have access to planes from the ramp, or by putting a bomb into cargo, in a checked bag, in a carry-on bag, or concealing plastique under a suicide terrorist's clothing. Note that none of these threat vectors involves nail scissors or cigarette lighters against which TSA screeners are valiantly guarding us (that's the hijack threat, already dealt with by other measures). A risk-based approach would suggest shifting emphasis from bad objects carried aboard by passengers to far more rigorous checking of suspicious passengers' bodies and carry-ons, as well as more serious efforts at cargo screening and ramp security.
Another remaining threat is suicide bombers taking out large numbers of passengers concentrated in terminals, before they go through checkpoints. And where are there large concentrations? In the long lines waiting to pass through those checkpoints and in the large crowds around lobby-based EDS machines. In other words, current TSA policies mandated by Congress have led to the very concentrations of people that suicide bombers seek to target.
I hope Secretary Chertoff resists calls to waste more money applying airport-type security to mass transit systems. But at the same time, he should insist that his policy shop take a really hard look at applying risk-based analysis to current airport security policies. It takes real leadership to tell Congress that current policies (which they mandated) are, in hindsight, misguided. But that's what someone needs to do.
There's a lot of good news about Registered Traveler, a concept I've been supporting for more than three years as part of a risk-based approach to passenger screening. First, the new private-sector Clear program at Orlando International is off to a great start. Second, TSA seems to be (at long last) fully supportive of nationwide, private-sector RT efforts. And third, a new coalition of airports is working to develop common RT standards to speed nationwide implementation.
The first all-encompassing RT program, launched by Verified Identity Pass at Orlando, moved from sign-ups to operations last week. CEO Steven Brill tells me they reached 5,000 enrollees this Monday and expect to be at 6,000 by the end of July. One exclusive Clear lane is now open at each of the two huge Orlando checkpoints. And they have now added three enrollment stations on the airside, to sign up passengers who have just endured the long regular lines and passed through the checkpoints. I signed up myself when I was in Orlando a couple of weeks ago.
At several recent aviation events, it's become evident that under the new Chertoff/Jackson regime at DHS, the TSA is now, after some earlier ambivalence, fully behind the concept. Justin Oberman, who directs TSA's RT efforts, says they plan to use the Orlando project as the model for a larger-scale rollout, calling Orlando "critically important" to the program's future. Everyone involved is anxiously awaiting TSA's pending decisions on what screening hassles Clear members will be able to avoidï¿½such as shoe and jacket removal and having to take out laptops and video cameras.
This month has also seen the debut of the Registered Traveler Interoperability Consortium, orchestrated by the American Association of Airport Executives and the Columbus, Denver, Minneapolis, Phoenix, San Francisco, and Washington D.C. airports. The group will develop and advocate an "industry-driven" approach to nationwide interoperability, "instead of sitting around and calling on TSA to issue standards," says AAAE's Carter Morris. The effort has the support of the Business Travel Coalition, which points out that an easy path toward interoperability would be to use the standards TSA has approved for Orlando. In addition to that, there needs to be a clearinghouse so that a service provider at Airport A can recognize cards issued by a different service provider at airport B.
But despite all this good news, you can't please everyone. Several members of Congress have raised concerns about the idea of private providers making a profit(!) by offering such a service, and about airports getting a portion of the annual membership fees. Both of those concerns were also voiced in congressional testimony last month by Northwest Senior VP for Customer Service, Robert Isom. He made the useful point that the main appeal to frequent flyers should be a more efficient checkpoint screening, rather than perks such as preferred parking spaces. But he also objected to the idea of airports participating financially—as if they did not have costs for adding specialized lanes and new equipment. And some have objected to the very idea of there being an annual fee—but without suggesting where else the resources would come from. The only other alternative would be taxpayers, and as Brill points out, asking taxpayers "to pay for a program that is targeted at a relatively small percentage of the traveling public wouldn't be fair."
Some have even suggested that because airports get a portion of the fee, they would have an incentive to keep the regular lines long, to drive more passengers to sign up and pay the fee. But that's ludicrous. Airports make money not from passengers wasting time in long lines but from their buying goods and services from airport concessionaires. Long checkpoint lines are not in anyone's interest—and the rapid expansion of RT nationwide is the most viable near-term approach to reducing those long lines.
No sooner had I sent out last month's issue with a critical assessment of the cost-effectiveness of proposals to equip all U.S. airliners with missile-defense systems than Raytheon unveiled a challenging alternative. Using new high-power microwave (HPM) technology, it proposes a system that could be installed at the top 33 airports for less than $1 billion. That compares with Rand Corporationï¿½s recent estimate of an $11 billion initial cost to equip all 6,800 airliners.
This is another example of looking for ways to get the most bang for the buck. To do very much good at protecting the civil airliner fleet from man-portable missile attacks (assuming this is judged to be a serious enough threat to warrant significant expenditures), you have to equip pretty near the whole fleet. And that gets very expensive. Not only is there the initial $11 billion cost, but there are also ongoing operating and maintenance costs to be sure these systems stay up-to-snuff in the harsh aviation environment (noise, vibration, big swings in temperature and pressure, etc.). Rand's estimate of total costs over 10 years was $38 billion.
With an airport-based approach, you can protect a large fraction of all planes simply by installing systems at the airports that handle most of the traffic. Hence, Raytheon's initial proposal suggests equipping the busiest 33 airports, which handle 71% of all airline takeoffs and landings. At $25 million apiece, that would total just $825 million. To be sure, there would be operating and maintenance costs with this approach, too. But ground-based systems are generally far more robust and much less expensive to maintain than airborne systems, which have to be optimized for light weight and small size.
While not fully ready to go, this is more than just a paper system. As detailed in Aviation Week (June 13,2005), Raytheon spent its own R&D money to develop and test the prototype, which it calls Vigilant Eagle. They have actually shot down several different types of shoulder-launched missiles at a distance of several miles, using pulses of high-power microwave energy. A typical airport system would include a ring of infrared sensors around the airport to detect missiles, a command center, and two large radar-like emitters. The system still needs further operational testing, as well as certifications by the Federal Aviation Administration and Federal Communications Commission.
Whether the missile threat to airliners is serious enough to warrant spending even $1 billion remains to be demonstrated. But if it is, this approach looks far more prudent than committing $38 billion (from the tooth fairy?) to equip 6,800 airliners.
Yesterday I testified before a subcommittee of the House Committee on Homeland Security. The subject was airport screening, and one of the underlying questions was: Why haven't airports chosen to opt out of TSA-provided screening services, as they've been free to do since TSA launched its Screening Partnership Program (SPP) last November?
I addressed that question last issue, pointing out that TSA designed SPP in a highly over-centralized way. Instead of permitting airports to issue an RFP, select the best proposal from among those submitted by TSA-certified screening companies, and then contract with that firm, the whole process is run by TSA from Washington. TSA plays match-maker, assigning the firm it thinks makes the best fit with the hapless airport. And TSA enters into and manages the contract, leaving the airport as an interested bystander. Airport directors look at this model and rightly conclude: What do I get out of that?
But instead of dwelling on that point, I focused most of my testimony on why and how all passenger and baggage screening should be devolved to the airport level. One reason to do this is to eliminate the current conflict of interest, in which TSA is both the screening provider and the security regulator. That's hardly the best way to promote accountability or objective performance assessments. Another reason is to much better match screening resources to workload. In recent research for a forthcoming Reason policy paper, I documented the huge swings from month to month in the number of passengers passing through the top 100 airports. Yet TSA re-allocates screeners to match workload needs once a year! So their M.O. builds in shortages and surpluses of screeners.
Hence, I proposed that the entire screening responsibility be devolved to each airport, with TSA making the rules and monitoring performanceï¿½and each airport free to provide screening with either its own workforce or a TSA-certified contractor that the airport would hire and manage. TSA would recompute the dollars for each airport at least quarterly (but ideally every month) to permit fine-tuning of workforce to workload. And airports would get the same kind of liability protection under the SAFETY Act as is available to equipment vendors and screening contractors. They would also be free to use the lump-sum screening money as they see fit, to permit the use of cross-trained, multi-function security workers.
This big a change would require, in addition to a big change in TSA thinking, action by Congress, since much of the centralized approach stems from the 2001 Aviation & Transportation Security Act. That might seem nearly impossible, but some of the reorganization of TSA and DHS that Secretary Chertoff has proposed will also require revisions to ATSA, so at least the issue will be on Congress's agenda.
Meanwhile, you can read my testimony when it's posted on www.reason.org next week.
Metal Forks Return—but Not Here. Agence France Press recently reported that British Airways will restore metal forks to its on-board meal services, following an April security decision by the U.K. transport department. Scissors, knitting needles, and metal forks, among other common household items banned from planes after 9/11, are once again being allowed on British flights. The decision was based on the improvement in security made possible by sealed cockpits, closed-circuit TV, and sky marshals. "We are now of the view that there are enough security measures in place to allow passengers to bring these items back on to planes," said a transport department spokesperson.
Non-X-ray Body Scanning. A new technology that uses millimeter-wave holography can detect non-metallic objects hidden beneath clothing. Developed by start-up company SafeView, Inc. in Silicon Valley, the portals are getting "excellent" feedback from operational testing at U.S. checkpoints in Iraq, according to Aviation Daily (July 8, 2005). The patented technology was originally developed at Battelle's Pacific Northwest National Laboratory. Four different SafeScout portals are being offered.
Ban Cell Phones in Tunnels? Whoops! In a hasty over-reaction to the London subway bombings, New York's MTA and the Port Authority of New York and New Jersey banned the use of cell phones in the city's four vehicular tunnels (Holland, Lincoln, Midtown and Battery). Cell phones had been used to trigger the bombs in the Madrid subway attack in 2004, but were not used by the suicide bombers in London. Fortunately, the agencies have had second thoughts. Barely 10 days later, after complaints that drivers would be unable to call 911 in the event of an accident or other tunnel emergency, they both rescinded the bans.