Book Review: Against Security

Against Security: How We Go Wrong at Airports, Subways, and Other Sites of Ambiguous Danger, by Harvey Molotch, Princeton University Press, 278 pages, $35.

Security is both a feeling and a reality, and the two are different things. People can feel secure when they’re actually not, and they can be secure even when they believe otherwise.

This discord explains much of what passes for our national discourse on security policy. Security measures often are nothing more than security theater, making people feel safer without actually increasing their protection.

A lot of psychological research has tried to make sense out of security, fear, risk, and safety. But however fascinating the academic literature is, it often misses the broader social dynamics. New York University’s Harvey Molotch helpfully brings a sociologist’s perspective to the subject in his new book Against Security.

Molotch delves deeply into a few examples and uses them to derive general principles. He starts Against Security with a mundane topic: the security of public restrooms. It’s a setting he knows better than most, having authored Toilet: The Public Restroom and the Politics of Sharing (New York University Press) in 2010. It turns out the toilet is not a bad place to begin a discussion of the sociology of security.

People fear various things in public restrooms: crime, disease, embarrassment. Different cultures either ignore those fears or address them in culture-specific ways. Many public lavatories, for example, have no-touch flushing mechanisms, no-touch sinks, no-touch towel dispensers, and even no-touch doors, while some Japanese commodes play prerecorded sounds of water running, to better disguise the embarrassing tinkle.

Restrooms have also been places where, historically and in some locations, people could do drugs or engage in gay sex. Sen. Larry Craig (R-Idaho) was arrested in 2007 for soliciting sex in the bathroom at the Minneapolis-St. Paul International Airport, suggesting that such behavior is not a thing of the past. To combat these risks, the managers of some bathrooms—men’s rooms in American bus stations, in particular—have taken to removing the doors from the toilet stalls, forcing everyone to defecate in public to ensure that no one does anything untoward (or unsafe) behind closed doors.

Subsequent chapters discuss security in subways, at airports, and on airplanes; at Ground Zero in lower Manhattan; and after Hurricane Katrina in New Orleans. Each of these chapters is an interesting sociological discussion of both the feeling and reality of security, and all of them make for fascinating reading. Molotch has clearly done his homework, conducting interviews on the ground, asking questions designed to elicit surprising information.

Molotch demonstrates how complex and interdependent the factors that comprise security are. Sometimes we implement security measures against one threat, only to magnify another. He points out that more people have died in car crashes since 9/11 because they were afraid to fly—or because they didn’t want to deal with airport security—than died during the terrorist attacks. Or to take a more prosaic example, special “high-entry” subway turn­stiles make it much harder for people to sneak in for a free ride but also make platform evacuations much slower in the case of an emergency.

The common thread in Against Security is that effective security comes less from the top down and more from the bottom up. Molotch’s subtitle telegraphs this conclusion: “How We Go Wrong at Airports, Subways, and Other Sites of Ambiguous Danger.” It’s the word ambiguous that’s important here. When we don’t know what sort of threats we want to defend against, it makes sense to give the people closest to whatever is happening the authority and the flexibility to do what is necessary. In many of Molotch’s anecdotes and examples, the authority figure—a subway train driver, a policeman—has to break existing rules to provide the security needed in a particular situation. Many security failures are exacerbated by a reflexive adherence to regulations.

Molotch is absolutely right to home in on this kind of individual initiative and resilience as a critical source of true security. Current U.S. security policy is overly focused on specific threats. We defend individual buildings and monuments. We defend airplanes against certain terrorist tactics: shoe bombs, liquid bombs, underwear bombs. These measures have limited value because the number of potential terrorist tactics and targets is much greater than the ones we have recently observed. Does it really make sense to spend a gazillion dollars just to force terrorists to switch tactics? Or drive to a different target? In the face of modern society’s ambiguous dangers, it is flexibility that makes security effective.

We get much more bang for our security dollar by not trying to guess what terrorists are going to do next. Investigation, intelligence, and emergency response are where we should be spending our money. That doesn’t mean mass surveillance of everyone or the entrapment of incompetent terrorist wannabes; it means tracking down leads—the sort of thing that caught the 2006 U.K. liquid bombers. They chose their tactic specifically to evade established airport security at the time, but they were arrested in their London apartments well before they got to the airport on the strength of other kinds of intelligence.

In his review of Against Security in Times Higher Education, aviation security expert Omar Malik takes issue with the book’s seeming trivialization of the airplane threat and Molotch’s failure to discuss terrorist tactics. “Nor does he touch on the multitude of objects and materials that can be turned into weapons,” Malik laments. But this is precisely the point. Our fears of terrorism are wildly out of proportion to the actual threat, and an analysis of various movie-plot threats does nothing to make us safer.

In addition to urging people to be more reasonable about potential threats, Molotch makes a strong case for optimism and kindness. Treating every air traveler as a potential terrorist and every Hurricane Katrina refugee as a potential looter is dehumanizing. Molotch argues that we do better as a society when we trust and respect people more. Yes, the occasional bad thing will happen, but 1) it happens less often, and is less damaging, than you probably think, and 2) individuals naturally organize to defend each other. This is what happened during the evacuation of the Twin Towers and in the aftermath of Katrina before official security took over. Those in charge often do a worse job than the common people on the ground.

While that message will please skeptics of authority, Molotch sees a role for government as well. In fact, many of his lessons are primarily aimed at government agencies, to help them design and implement more effective security systems. His final chapter is invaluable on that score, discussing how we should focus on nurturing the good in most people—by giving them the ability and freedom to self-organize in the event of a security disaster, for example—rather than focusing solely on the evil of the very few. It is a hopeful yet realistic message for an irrationally anxious time. Whether those government agencies will listen is another question entirely.

This review was originally published at reason.com.

Posted on December 14, 2012 at 12:24 PM • 12 Comments

Comments

RobDecember 14, 2012 2:05 PM

I think your statement "many security failures are exacerbated by a reflexive adherence to regulations" needs to be examined a bit because there's an important bit of psychology there. When you're training someone on a task, repetition is part of the training to develop "muscle memory" for the task. This is so under stressful situations you do not freeze or otherwise forget how to perform a task. As a mathematician, I use this all the time when working a problem. If the answer I get does not make sense, I revert to the most basic training I have to ensure that all the steps have been followed correctly. So, while "reflexive adherence to regulations" can be bad when things go awry, it is also supposed to get us through the problem. To me this indicates that the problem is not adherence to regulations, but the regulations themselves. Additionally, part and parcel of our training must be for dealing with variances in the problems themselves, and regulations that are overly restrictive would prevent the creative solutions that are sometimes needed.

Clive RobinsonDecember 14, 2012 6:36 PM

With regards the comments of (Times Higher Education, aviation security expert) Omar Malik that Molotch has failed to discuss terrorist tactics and said “Nor does he touch on the multitude of objects and materials that can be turned into weapons,”

It brings into question Omar Malik's security knowledge and perception.

As many readers hear know any object is a weapon therefore any kind of list (which is what Omar appears to want) would at best be incompleate, and is in fact a diversion from the underlying issue, so as such would be the equivalent of "putting a band-aid on a broken bone".

For example of all the objects available take something as (apparently) inoffesnsive as a sheet of A4 paper, if you know how to fold it and use it the result could be a rupture to an eyeball or ear drum, perhaps neither fatal but certainly injuries that will dibilitate you for life.

What turns the A4 from inofensive to weapon is the mind of the attacker honed by knowledge and training. You can take any object they are all agnostic to their use and apply exactly the same base reasoning that it is not the object that is the weapon but the mind of the person using it. Thus it's pointless listing objects or specific tactics because you easily "fall into a locked in mindset".

As far as I am aware the only way to reliably beat the mind of an attacker is by better or better applied knowledge and training. It is the application of knowledge and training that underpins all security and especialy that of intelligence led policing. It is the ability to see how knowledge and training applies to classes of objects not specific objects that gives insight as to how to most effectivly negate that advantage in others (something that has been known about for millennia as with "the art of war" and "know thy enemy").

Thus Omar Malik's view point called question in my mind as to if he actually is an "Aviation Security Expert". And after a little investigation it appears his background is as a UK RAF flight instructor and British Airways captain with 12 years' experience in accident investigation, mainly focusing on accident prevention, culminating in 2009 in a book "The Grown-Ups' Book of Risk".

Thus his background could be viewed as impinging on his viewpoint in the same way a forensic examiners would.

As some are aware I caution against forensic led views because in general it works backwards compared to science. That is in forensics you argue backwards from effect to cause, not the normal forward argument of from cause to effect. As a result it tends to distort the apreciation of probability and thus the abiility to view things differently.

For example, A golfer hit's a golf ball and it lands hard on a tuft of grass damaging it. From a forensic point of view you assume the effect is bad and argue backwards to mitigate the risk. That is you assume that where the tuft is is a point of danger and thus you focus on protecting that point. If however you take the viewpoint that on hitting the golf ball "what goes up must come down" you are not focusing on the point of impact or the damage but the fact that the ball has been hit in the first place. This alows you to step back and ask other quesstions such as if it is actually going to land on the grass at all and if it does what damage it is going to do etc. So you look not just at damage to a tuft of grass, but all tufts, trees, shrubs, buildings etc. Obviously this is a very different outlook as it covers many classes of objects that might be damaged not a specific instance of just one class of object. As a result you would consider the scientific aproach, as with golf driving ranges, cricket and baseball practice nets you would first limit the risk of damage at the source (ie the point of hitting the ball) not by taking the backwards aproach of protecting all individual potential points of impact.

But there is another isssue, that has to be considered, the forensic aproach works backwards from an event that has happened nomater how unlikely the odds. That is the 200million to one shot has happened when the ball has landed, but has it? That is if you said the ball will land on this tuft causing this damage befor the ball was hit then yes, but if it lands on a different tuft then no. So if instead you said it's going to land on the grass then that 200million to one shot is more like a one in three shot.

Most people don't realise the difference and it's a trick lawyers and others use frequently to make what was an unlikely event seem common or the other way around depending on which argument does there client best service.

But it's knowing the difference that is important because a 200million to one risk is probably not worth mitigating against but a three in one risk is. It's why when assessing risk you should not look at a specific instance in one of several classes, you should try and find a solution that mitigates all instances in a specific class and where possible as many if not all classes.

To see this think about the odds of a plane flying into a skyscraper in NYC? prior to 9/11 there had been one event that for various reasons was very limited in the damage it caused. Then consider how many bombs have been planted in NYC or how many earth quakes have hit NYC and how many fires there have been in NYC sky scrapers, storm damage etc etc.

Our perceptual bias is to give very low probabilities to all of these events, the law requires that the risk of fire be mitigated against.

However when you abstract out what is involved with mitigating against fire much of it applies to all these other classes of event.

When we look back at 9/11 one thing that stands out from the figures is the number of lives saved by effective evacuation drills. These drills are a result of Fire Codes but because of their broad nature they cover a whole series of classes of risk.

And it is this broad almost unspecific approach that works not the highly specific aproach of focusing on one instance of one class of attack.

61northDecember 14, 2012 9:35 PM

Your comments about the necessity of bottom-up organization and flexibility bring to mind an excellent book about real-life responses to disasters:

A Paradise Built in Hell: The Extraordinary Communities That Arise in Disaster by Rebecca Solnit

She discusses at length the well-documented phenomenon that people pull together in disasters and other crises to help each other in often new and innovative ways. It's the authority figures who are attempting to follow rules and preserve a certain government structure who generally fail or resort to violence in a crisis. I've found this to be completely consistent with my personal experience having lived through several major disasters and having worked as a Red Cross volunteer for many years.

I see no reason why the same principles shouldn't apply to other forms of crisis such as security problems.

Jakub NarebskiDecember 15, 2012 2:58 AM

Or to take a more prosaic example, special “high-entry” subway turn­stiles make it much harder for people to sneak in for a free ride but also make platform evacuations much slower in the case of an emergency.

It is interesting to see how this is solved in different cities. In Warsaw, Poland there are used turnstiles. In Rome, Italy there are used fast opening saloon style light doors. In Moscow, Russia the entry is longer, and saloon style doors are by default in fully open position (supposedly they close on unauthorized entry). In Wien, Austria there are no guards at all.

Snarki, child of LokiDecember 15, 2012 3:24 AM

@Rob: "...part and parcel of our training must be for dealing with variances in the problems themselves, and regulations that are overly restrictive would prevent the creative solutions that are sometimes needed."

Part and parcel of the problem is the insistence on hiring minimum-wage security people.

Police officers get far more training, far more comprehensive experience, higher pay and job security, a real career path, and are expected to use their judgment.

TSA screeners? Not so much. They are hired and treated as human cogs in a security machine. Because to do otherwise would cost much MUCH more. And leave less money to go to well-connected contractors.

Perhaps the TSA screeners should get union representation from the Actor's Equity Assn.

FigureitoutDecember 16, 2012 10:22 PM

@Clive Robinson
--I was going to say pretty much the same thing (Ofc not worded as well), b/c of the recent heinous act in CT. Politicos & Journos are focusing the debate of removing a single tool (in the process perhaps disrespecting my judgement to use a tool "properly"), instead of like you said, where these perverted actions come from (maybe bullying, no one reaching out). They should also make very clear that you don't point a gun barrel at something you don't intend to shoot, even if it's "empty" or on the "safety"; yet someone I knew still "played around" and killed his friend accidently. I won't make many friends w/ my point about "extreme perversion of agnostic tools" on a site full of hackers that make tools do things they weren't meant to, but it is a point worth thinking about; especially w/ security. But I'm sure some in CompSec would agree that perverting a server to try and infect any machine it talks to, isn't "cool" hacking.

Your ex. about damage from a hit golf ball is funny, as I've actually been hit by one while "on the links"; didn't really hurt but if it was 6in. higher there may have been some brain damage.

RobDecember 17, 2012 12:21 AM

@Snarki, love the moniker, btw. I agree completely, but it doesn't change my point that the essence of training is to develop certain habits. If the training is inflexible enough, then the resulting habits are equally inflexible. But, as you said, good training costs money which would deprive someone of their Learjet.

ChromatixDecember 17, 2012 6:39 AM

Regarding ticket barriers, in the Helsinki area (the only place in Finland that could justify them) there aren't any. Meanwhile in London they are becoming much more common and are widely despised.

The fare-evasion problem is solved in Helsinki by the employment of roving teams of ticket inspectors. They can descend on any public transport vehicle (train, metro, tram, bus, probably even ferry) or picket a metro station (where tickets are required on the platform, not just the vehicles). They wear uniforms that are distinctive when seen close up, but which blend into the crowd sufficiently to allow them to board undetected. Instead of barriers, there are machines to buy tickets from installed prominently in vehicle entrances and stations.

Problems with barriers mentioned by Londoners include being a major nuisance for anyone travelling with their hands full, especially with heavy/large luggage; people with pushchairs or wheelchairs; people who are simply not very quick on their feet...

Ticket barriers are also common on Japanese urban railways, but there fare evasion is still a big problem. The reason is that people have discovered ways to fool the system. One of them is to buy two genuine, valid tickets, which cover short journeys including the start and end stations, but not the part in between. Personal-smartcard based systems might be less susceptible to this attack than paper or disposable-smartcard tickets.

FallOfTheEmpireDecember 17, 2012 9:45 AM

Congratulations for another great post.

"Those in charge often do a worse job than the common people on the ground".
I don't know there at USA, but here in Spain, whenever an emergency happens, the most dangerous thing is the avalanche (floods) of people.
IMHO, your sentence is not true. I would change "often" for "rarely".

However, I believe that proceedings such as training people to help us learn how to deal with danger in general, and really skilled security members placed strategically (not only in this or that "target" building), along with less maniac prohibitions (sometimes it looks like my mother is on charge here :D ) would do a lot.

Tom OdegardDecember 18, 2012 8:22 AM

Options: View Full Header | View Printable Version | Download this as a file | Spam | Blacklist | Add to Address Book

At 03:36 PM 12/17/2012, you wrote:

"Those in charge often do a worse job than the common people on the ground."

Case in point: after the Loma Prieta earthquake brought the freeway down in a domino-like collapse. Many, many Oakland residents got ladders up to the first level and began helping those that could walk over the wall and down to ground level. This activity continued for at least one or two hours with more and more Oaklanders helping with ladders and guide ropes. Then the Emergency personnel, cops, and Cal Trans workers arrived and immediately labeled the non-official folk: looters and criminals.

In the area where we were working (two of my tenants and myself from 42nd and Shafter with two ladders worked in the area bounded by 40th and 30th Streets) we saw no-evidence to support these allegations. The uniforms wanted us out of there for all sorts of "good" reasons - liability - safety - etc. but they chose to vilify our help. Unfortunately, this is often the case in mass catastrophes and is the direct result of arrogance and a "we" versus "them" approach to community relations, esp. when many of the "helpers" are people of color.

The author is absolutely correct that kindness leads to co-operation. My wife is disabled and for long distances, a 1/4 mile, must use a wheelchair. As a result we go to the head of the line at Airport security, the titanium in her neck and the metal in her knees demand personal attention. Airport security is mostly efficient and impersonal. There is more warmth from the sky caps and Barristas. This is truly unnecessary and leads to greater errors in flexibility and ultimately misinformed profiling by the TSA.

30 years ago at the age of 40 my wife and I decided to try to find something complimentary to say to each and every person we made eye
contact with. For six months or so we were pretty quiet. As time went on we became more and more adept at finding acceptable compliments to offer friends and strangers alike. Some of the best and most universal are: You know you are doing an excellent job. That's one fabulous tattoo/hair style/dress/outfit. Where did you get that great necklace. Thank you so much for your attention and great service.

Over time compliments have become our reflex and almost everyone we come in contact with smiles when they see us coming, compliment us in turn, and consider us "wave to" friends. We took this tack because we, like so many modern folks, had silent critical loops in our minds as we looked out on the world. "Why does he walk like that? What a goofball! What a fat so and so." And much worse. These are silent judgments that rebound on the thinker. No wonder depression is the number one mental illness.

We really enjoy your newsletter and the links it provides - we confess that 60% of it goes over our heads - but we are now taking steps to ensure some privacy by watching what we say. Fortunately we
still depend on a hardline phone and try not to say anything stupid. Yes we have a trac-fone but live w/o cell or wi fi. Recently my wife reminded me of those times, long past, when we had party lines and/or "Operstors". Then it was common knowledge that you never said anything you didn't want posted all over town. Welcome Ladies and Gentlemen to the early 50's.

AnonDecember 24, 2012 10:47 PM

It's would be interesting to see some more details on how the 2006 bombers were stopped. For example, they installed video and audio surveillance in Ahmed Ali flat, but what evidence made them decide to do that? Just as importantly, would the evidence they had prior to flat surveillance been enought to get a warrant under US law?

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..