Conversation with Kip Hawley, TSA Administrator (Part 5)
This is Part 5 of a five-part series. Link to whole thing.
BS: So far, we've only talked about passengers. What about airport workers? Nearly one million workers move in and out of airports every day without ever being screened. The JFK plot, as laughably unrealistic as it was, highlighted the security risks of airport workers. As with any security problem, we need to secure the weak links, rather than make already strong links stronger. What about airport employees, delivery vehicles, and so on?
KH: I totally agree with your point about a strong base level of security everywhere and not creating large gaps by over-focusing on one area. This is especially true with airport employees. We do background checks on all airport employees who have access to the sterile area. These employees are in the same places doing the same jobs day after day, so when someone does something out of the ordinary, it immediately stands out. They serve as an additional set of eyes and ears throughout the airport.
Even so, we should do more on airport employees and my House testimony of April 19 gives details of where we're heading. The main point is that everything you need for an attack is already inside the perimeter of an airport. For example, why take lighters from people who work with blowtorches in facilities with millions of gallons of jet fuel?
You could perhaps feel better by setting up employee checkpoints at entry points, but you'd hassle a lot of people at great cost with minimal additional benefit, and a smart, patient terrorist could find a way to beat you. Today's random, unpredictable screenings that can and do occur everywhere, all the time (including delivery vehicles, etc.) are harder to defeat. With the latter, you make it impossible to engineer an attack; with the former, you give the blueprint for exactly that.
BS: There's another reason to screen pilots and flight attendants: they go through the same security lines as passengers. People have to remember that it's not pilots being screened, it's people dressed as pilots. You either have to implement a system to verify that people dressed as pilots are actual pilots, or just screen everybody. The latter choice is far easier.
I want to ask you about general philosophy. Basically, there are three broad ways of defending airplanes: preventing bad people from getting on them (ID checks), preventing bad objects from getting on them (passenger screening, baggage screening), and preventing bad things from happening on them (reinforcing the cockpit door, sky marshals). The first one seems to be a complete failure, the second one is spotty at best. I've always been a fan of the third. Any future developments in that area?
KH: You are too eager to discount the first -- stopping bad people from getting on planes. That is the most effective! Don't forget about all the intel work done partnering with other countries to stop plots before they get here (UK liquids, NY subway), all the work done to keep them out either through no-flys (at least several times a month) or by Customs & Border Protection on their way in, and law enforcement once they are here (Ft. Dix). Then, you add the behavior observation (both uniformed and not) and identity validation (as we take that on) and that's all before they get to the checkpoint.
The screening-for-things part, we've discussed, so I'll jump to in-air measures. Reinforced, locked cockpit doors and air marshals are indeed huge upgrades since 9/11. Along the same lines, you have to consider the role of the engaged flight crew and passengers -- they are quick to give a heads-up about suspicious behavior and they can, and do, take decisive action when threatened. Also, there are thousands of flights covered by pilots who are qualified as law enforcement and are armed, as well as the agents from other government entities like the Secret Service and FBI who provide coverage as well. There is also a fair amount of communications with the flight deck during flights if anything comes up en route -- either in the aircraft or if we get information that would be of interest to them. That allows "quiet" diversions or other preventive measures. Training is, of course, important too. Pilots need to know what to do in the event of a missile sighting or other event, and need to know what we are going to do in different situations. Other things coming: better air-to-ground communications for air marshals and flight information, including, possibly, video.
So, when you boil it down, keeping the bomb off the plane is the number one priority. A terrorist has to know that once that door closes, he or she is locked into a confined space with dozens, if not hundreds, of zero-tolerance people, some of whom may be armed with firearms, not to mention the memory of United Flight 93.
BS: I've read repeated calls to privatize airport security: to return it to the way it was pre-9/11. Personally, I think it's a bad idea, but I'd like your opinion on the question. And regardless of what you think should happen, do you think it will happen?
KH: From an operational security point of view, I think it works both ways. So it is not a strategic issue for me.
SFO, our largest private airport, has excellent security and is on a par with its federalized counterparts (in fact, I am on a flight from there as I write this). One current federalized advantage is that we can surge resources around the system with no notice; essentially, the ability to move from anywhere to anywhere and mix TSOs with federal air marshals in different force packages. We would need to be sure we don't lose that interchangeability if we were to expand privatized screening.
I don't see a major security or economic driver that would push us to large-scale privatization. Economically, the current cost-plus model makes it a better deal for the government in smaller airports than in bigger. So, maybe more small airports will privatize. If Congress requires collective bargaining for our TSOs, that will impose an additional overhead cost of about $500 million, which would shift the economic balance significantly toward privatized screening. But unless that happens, I don't see major change in this area.
BS: Last question. I regularly criticize overly specific security measures, because forcing the terrorists to make minor modifications in their tactics doesn't make us any safer. We've talked about specific airline threats, but what about airplanes as a specific threat? On the one hand, if we secure our airlines and the terrorists all decide instead to bomb shopping malls, we haven't improved our security very much. On the other hand, airplanes make particularly attractive targets for several reasons. One, they're considered national symbols. Two, they're a common and important travel vehicle, and are deeply embedded throughout our economy. Three, they travel to distant places where the terrorists are. And four, the failure mode is severe: a small bomb drops the plane out of the sky and kills everyone. I don't expect you to give back any of your budget, but when do we have "enough" airplane security as compared with the rest of our nation's infrastructure?
KH: Airplanes are a high-profile target for terrorists for all the reasons you cited. The reason we have the focus we do on aviation is because of the effect the airline system has on our country, both economically and psychologically. We do considerable work (through grants and voluntary agreements) to ensure the safety of surface transportation, but it's less visible to the public because people other than ones in TSA uniforms are taking care of that responsibility.
We look at the aviation system as one component in a much larger network that also includes freight rail, mass transit, highways, etc. And that's just in the U.S. Then you add the world's transportation sectors -- it's all about the network.
The only components that require specific security measures are the critical points of failure -- and they have to be protected at virtually any cost. It doesn't matter which individual part of the network is attacked -- what matters is that the network as a whole is resilient enough to operate even with losing one or more components.
The network approach allows various transportation modes to benefit from our layers of security. Take our first layer: intel. It is fundamental to our security program to catch terrorists long before they get to their target, and even better if we catch them before they get into our country. Our intel operation works closely with other international and domestic agencies, and that information and analysis benefits all transportation modes.
Dogs have proven very successful at detecting explosives. They work in airports and they work in mass transit venues as well. As we test and pilot technologies like millimeter wave in airports, we assess their viability in other transportation modes, and vice versa.
To get back to your question, we're not at the point where we can say "enough" for aviation security. But we're also aware of the attractiveness of other modes and continue to use the network to share resources and lessons learned.
BS: Thank you very much for your time. I appreciate both your time and your candor.
KH: I enjoyed the exchange and appreciated your insights. Thanks for the opportunity.
Posted on August 3, 2007 at 6:12 AM • 53 Comments