To Profile or Not to Profile? (Part 2)

A Debate between Sam Harris and Bruce Schneier

Return to Part 1

A profile that encompasses “anyone who could conceivably be Muslim” needs to include almost everyone. Anything less and you’re missing known Muslim airplane terrorist wannabes.

SH:It includes a lot of people, but I wouldn’t say almost everyone. In fact, I just flew out of San Jose this morning and witnessed a performance of security theater so masochistic and absurd that, given our ongoing discussion, it seemed too good to be true. If I hadn’t known better, I would have thought I was being punked by the TSA.

The line at the back-scatter X-ray machines was moving so slowly that I opted for a full-body pat down. What was the hang up? There were five people in wheelchairs—four of whom appeared to be World War II veterans—who needed to be stripped of their shoes, coats, belts, etc. and forced to stand. They were followed by several old women from Mexico—who will be at the top of my watch list should we ever go to war against the cult of Our Lady of Guadalupe, but who were (you could just bet your life on it) perfectly harmless at present. I can honestly say that, even with nefarious characters like you, me, Bryant Neal Vinas, and Nicholas Cage warranting a secondary screening, 90% of the people I saw at airport security this morning should have been waved through without a word.

Once again, I think you are underestimating a trained screener’s ability to see that someone isn’t at all likely to be a suicide bomber. But let’s set this issue aside for the moment.

BS:Hawley specifically mentions wheelchairs in his book: “We know from al Qaeda training documents that terrorists are considering smuggling explosives in wheelchair wheels.” I’m not saying you should take everything in that book at face value, but think twice before dismissing something out of hand.

SH:I’m not claiming that there is something magically exculpatory about sitting in a wheelchair. But many people in wheelchairs are there for a reason—like advanced age—that makes them unlikely to be waging jihad. My point, once again, is that we are being both imprudent and impractical not to avail ourselves of all the information we can glean about the statistical likelihood that a person is a jihadist. But please continue with your analysis.

BS:Back to my analysis.

Of course, the relative threat of a passenger depends on his or her profile, and there’s a lot of room for debate as to which marginal cases are more or less likely to be terrorists. We could research the matter further. We could debate the relative risks of Asian-looking Muslim terrorists versus Semitic-looking Muslim terrorists, or the ability of the people who have taken over from bin Ladin or KSH to recruit Western-looking Muslims. If we had access to classified intelligence data, we could have a more informed debate. We could discuss how easy it is for a European Muslim terrorist to look and behave like an old rancher from Texas. Or a pretty blonde San Diegoan who talks about her Battlestar Galacticawalk-on. There’ll be some right answer, although it’s probably not knowable. But all of this goes away if you don’t profile. It doesn’t matter how effective al Qaeda leaders are at recruiting Muslims who don’t fit the profile. It doesn’t matter what the intelligence says, or who’s right and who’s wrong. By employing a simpler security system, the whole potential avenue of attack—not meeting the profile—disappears.

SH:All these concerns also go away if we don’t screen anyone at all. We could have the same security on planes that we have on trains—that is to say, none. We have to keep in mind the states of the world that we are comparing: one in which screeners intelligently focus on more likely threats, one in which they randomly screen people, including those who seem extraordinarily unlikely to be terrorists, and perhaps another condition in which no one receives a secondary screening at all.

BS:Not relevant. We’re only comparing profiling versus non-profiling, as I described above. We’re not analyzing absolute levels of security, and we’re not comparing anything other than those two things. Really, you have to be methodical with security analyses. I’m going to keep going.

Non-Muslim-looking Muslims isn’t the only source of error in your profiling system. Your system requires TSA screeners to make the profiling decision, and that’s going to be fraught with errors. Can we really trust TSA agents to tell the difference between a Tibetan Buddhist and an Indonesian Muslim? Or an American blonde surfer-dude and an Arab of similar age who used skin lightener and hair dye? Or a Mennonite man and someone who grew his hair to look like one? You say that terrorists will not look like “a family that looks like it just stepped out of a Ralph Lauren ad.” All that’s required for someone to look like that is a credit card and access to; can we trust screeners not to focus on clothes? Or facial hair. Making ethnic judgments isn’t easy, and there are going to be mistakes—lots of mistakes. And every mistake reduces security, especially since it’s easy for terrorists to test for flaws by repeatedly going through airport security on trial runs.

SH: I’m sorry—I don’t want to derail your analysis, because I really want to hear it—but I think you continue to trivialize how difficult it is to recruit people for jihad who look completely off type, and who can behavecompletely off type while passing through security. And I think you denigrate the ability of trained screeners, or even ordinary people, to profile accurately. Human beings are better at detecting threats than you allow.

The example of successful recruitment that you link to in your essay is no example at all. As you know, the Hindawi affair was a case in which a Jordanian Muslim attempted to bomb an El Al flight by hiding 3 lbs of Semtex and a detonator in the luggage of his pregnant fiancé, who happened to be Irish. What was the real threat here? We have a Western woman who simply could not imagine that her Muslim fiancé was so radicalized that he would murder her and his own unborn child for a chance to blow up a plane full of Jews. The screeners for El Al are paid to imagine precisely this sort of thing. That is why they interview passengers.

Looking more closely at certain people who fit the profile of a jihadist does not mean we must ignore everyone else. As I’ve said, all bags should be screened and all people should have their travel documents checked and be behaviorally profiled. But, in many cases, excluding someone from further scrutiny requires little more than a glance. Half the families I see at the airport are obviously not waging jihad. If any of them were actually jihadists, expecting to blow themselves up in a couple of hours, they would be the best actors on earth.

BS:Not half the families, all the families. One hundred percent of the people you see at airports and everywhere else you look are not terrorists. But one day, some TSA agent somewhere will see someone who is a terrorist. And relying simply on whether or not he thinks that person looks like a terrorist is just a dumb risk to take.

SH: Again, you seem to deny that it is possible to make statistically accurate judgments about other human beings. There are companies that can guess your favorite television shows by knowing little more than your age, gender, and zip code. This womanwas apparently strip searched by the TSA. It is not hard to know that this was guaranteed to be a waste of time.

I don’t mean to belabor the point, but I would recommend the following exercise to our readers: Go to a public place—a restaurant, coffee shop, shopping mall, or an airport—where you can unobtrusively watch people go about their business, and see how much you can know about them just by looking. Ask yourself, what are the chances that those 20-year-old girls in yoga pants, buying frappuccinos, are taxidermists? What about the guy in his 40s, deeply tanned as though he never goes indoors, with tattoos covering both arms—what are the chances he’s a cardiologist? If you do this, you will begin to feel that you know the answers to these questions. Of course, in a training scenario for airport screeners, the accuracy of such judgments could be tested.

I also want to remind you of the context in which our discussion began. I suggested that we admit that we are worried about Muslim jihadists and that we profile accordingly—and I was immediately pilloried as a racist and a hate-monger. Many of my sternest critics hurled your name at me—you being a prominent critic of profiling. Whether we can agree about the utility of profiling—part of my motivation for debating you on this topic was to answer these background charges of bigotry. Most of my critics want to argue that we have an ethical obligation notto profile. Even you flirted with this position in your essay (“Do we really want the full power of government to act out our stereotypes and prejudices? Have we Americans ever done something like this and not been ashamed later? This is what we have a Constitution for: to help us live up to our values and not down to our fears.”) So I think it is important to recall how emotionally charged the very notion of profiling is.

In my view, we are simply talking about maximizing our ability to detect those who intend to do us harm, while minimizing the material and social costs of doing this. It seems to me that the analogy to personal self-defense is pretty compelling: Imagine teaching a women’s self-defense class and instructing your students that they have an ethical obligation not to profile their potential assailants. Of course, this advice is so obscenely at odds with what is prudent for women to do that no self-defense instructor would ever say such a thing. Any approach to women’s self-defense that does not, at a minimum, teach them to profile menis pure delusion.

BS:Men are 50% of the population; it changes the analysis completely. The base rate really does matter.

SH:Again, you are confused about the relevant base rate. Men are 50% of the population—but how many men are rapists or murderers? One could argue that it is quite unfair for a woman to view all men as potential attackers (just as it’s unfair to view all Muslims as potential jihadists) because almost none of them are. So this analogy maps onto the problem of finding terrorists pretty well. Almost everyone who fits the profile of a conceivable jihadist (you, me, the guy from Pakistan, but not Barbara Bush) will, of course, not be one.

With this in mind, just imagine hearing the following story from your wife or daughter:

“I did something today that I’m very ashamed of. I was on an elevator alone, and a man got on who made me uncomfortable, so I stepped off before the doors closed and took another lift. The truth is, I profiled him. He was black and also appeared to be homeless. It was an extremely nice building in a wealthy and very white part of town—so he just didn’t seem to belong there. He also made strange eye contact with me when he stepped onto the elevator, but that could have been because he felt out of place. The truth is, I just didn’t like the feeling I got when I looked at him, and this feeling arose almost instantaneously. I know this makes me seem like a paranoid, racist, elitist profiler—and I feel terrible about it.”

Is there a husband or father on earth who would want to dignify this guilt? This woman did precisely the right thing—even with a low base rate of rapists and killers in the male population. And I would hope any woman would follow her example. In my view, her behavior does not even slightly convict her of racial bias, or a failure of compassion for the homeless, or any other sin. Political correctness—not wanting to appear racist or elitist in cases like this—has gotten women raped (we know this because we can talk to the victims) and probably killed (we can only assume). It is simply a fact that even untrained people are very good at making nearly instantaneous threat assessments—and a failure to trust these judgments raises one’s risk of being the victim of a violent crime. You seem to assume that even highly trained screeners would completely lack this ability.

I’m not suggesting that we should continually judge strangers on the basis of crude stereotypes. But people take in a vast amount of information about one another whenever they meet—dozens of variables get amplified or diminished in importance due to context. A young, white male with a shaved head and boots looks one way entering a cancer ward and another way loitering in the parking lot of a synagogue. Anyone who is determined to throw out all surface information of this kind, and just treat everyone the same, is not using his head.

BS: What you described above is behavioral profiling, and very different from what we’re discussing here. I wrote about this sort of thing in my book, Beyond Fear, in the context of terrorism. (See also this essay, about “looking hinky.”) And you are continually conflating the existence of a correlation with building a security system based on that correlation. One does not automatically imply the other.

SH:Sorry, but your purified notion of “behavioral profiling” is a fiction. You are attempting to divide that which cannot be divided. The fact that the man was black in the elevator example was relevant (as it increased the statistical likelihood that he didn’t have an apartment in that building); the fact that the bald man in the synagogue parking lot was white was also relevant (making it at least conceivable that he was a neo-Nazi skinhead). I am simply arguing that tossing out statistically relevant information is a bad idea—especially when your life depends on it. And what you call “behavioral profiling” simply can’t take place in isolation from these sources of information.

BS:Actually, it’s not. The two are very different. Yes, they are often used together. Yes, people can be trained to focus on one and not the other. Yes, they can work in conjunction with each other and they can work in opposition to each other. But they are different.

SH: The whole purpose of my previous articles was to suggest that we should have well-trained screeners who can use their discretion to spend less time focusing on the least threatening people—and that focusing on them purely for the sake of appearingfair could well get many people killed. I wrote the articles I would want to have written in the event that we have another terrorist incident involving a jihadist on an airplane. Of course, if a plane gets blown up by someone who looked and acted like Betty White, I will issue a public apology.

BS:Yes, you will, if someone whom you believe doesn’t meet the terrorist profile commits a terrorist act—and that list includes the “hundreds of western operatives, including from North America, of all ages, colors, genders, whatever” that Kip Hawley said U.S. intelligence is specifically following. If a plane is blown up by someone who doesn’t look like a Muslim jihadist, your entire profiling system failed. I’m making a simplicity argument. My proposed security system, which does not profile ethnically, has no such requirement. It is resilient to mistakes in my analysis.

This point is important. We can debate the details. We can run experiments with TSA agents and images on a computer screen. We can collect data by hiring people who meet the profile and get them to try to fool TSA agents. But as a security engineer, I’d rather build a system that doesn’t require us to figure out who’s right; the simpler system of not profiling makes the whole issue disappear.

We could also instruct screeners to err on the side of caution, and include any questionable cases in the profile, but then we’re back to a profile that encompasses so many people as not to be worth the bother.

There are more sources of error. Your system actually requires two judgment decisions: both the passenger being screened, and the screening anomaly being ignored or cleared. You specifically said that some anomalies would be checked all the time, and some would not. If the full-body scanner image clearly showed a gun-shaped object strapped to the leg of a passenger, presumably that would be checked in every case. But what about something that looks mostly like a gun? Or sort of like a gun? Or just a large blob of something? At some point, your system is going to allow a non-profiled person through but further check the profiled person. Luggage is the same. An obvious bomb will be checked in all cases. But something that might be a bomb will be let through in some cases but not others. A large knife will be confiscated in all cases, but a small knife only from those who meet the profile. Someone who sets off the metal detector is a harder call; there’s no information for the screener to go by other than the beep.

And I’m just considering the simplest case, where there are only two possible designations for individuals: in the profile or out. We can imagine something even more complicated: we check out obvious guns for everyone, probable guns only for those who are on the edge case of the profile, and possible guns only for those who definitely meet the profile.

Remember, this all has to be in the screener’s procedure manual. It’s not something that can be invented on the fly. The result will be an extraordinarily complex system, as we consider all of the possible cases. And the more complicated the system, the easier it is to make mistakes. Your proposed profiling system increases insecurity simply by existing.

Those are the security costs. There are also monetary costs. You want a system that has “well-trained screeners who can use their discretion to spend less time focusing on the least threatening people.” That’s a system where TSA agents have to use their judgment about whether to implement secondary screening, based both on their assessment of whether the passenger meets the profile and their assessment on how potentially dangerous the primary screening anomaly is. This requires a smarter and better-trained TSA agent than the current caliber of agent, and that’s expensive.

There are many reasons why employees are forced to substitute procedures for judgment, but the important one for this discussion is that it allows the employer to hire a cheaper employee. This is true across all industries, including the TSA. If you implement a system where TSA agents are going to make threat judgments of every passenger and every screening anomaly, you’re going to need to hire a better class of TSA agent (which means you’re going to have to pay them more) and you’re going to need to train them better (which means you’re going to have to spend money on that). Implementing this profiling system will require substantial additional personnel costs.

There’s also the start-up costs of creating the procedure manual for this system, but the ongoing costs will dominate. You said, “A dollar spent on a toddler whose family does not stand a chance of having rigged him to explode is a dollar wasted (i.e., not spent elsewhere).” With this system, you’re going to spend far more than a dollar in not wasting that dollar

There’s another cost that’s partly monetary and partly in efficiency. When implementing any human-based system, the interests of the people operating the system often don’t precisely coincide with the interests of those designing it. This is the principal-agent problem, and it manifests itself in your profiling system as the TSA agent who thinks “If I wave this person through without checking out the anomaly and he turns out to be a terrorist, it’s my ass on the line.” Because the cost to the agent of a false positive is zero but the cost of missing a real attacker is his entire career, screeners will naturally tend towards ignoring the profile and instead fully checking everyone. And the screener’s supervisor is unlikely to tell him, “Hey you need to ignore the next old lady that beeps,” because if he’s wrong then it’s hisass on the line. The phenomenon is more general than security; discretionary systems tend to gravitate towards zero-tolerance systems because “following procedure” is a reasonable defense against being blamed for failure. You can counteract this tendency by paying even more for even more intelligent screeners, and paying even more for more training, but otherwise, it will reduce the efficiency gains that are the primary purported benefit of your system.

SH:Do you think positive incentives would have the same effect? What if screeners won a million dollars every time they caught a real terrorist? I’m guessing they would focus on more likely suspects.

BS: Rewards can be a great motivational tool, but you have to be careful what you motivate. Remember, we don’t want screeners to focus on what they believethe threat is. We want them to focus on the actual threat.

SH:Again, I would argue that a screener’s beliefs and reality can converge more than you allow.

BS:I’m not done. There is another, more explicit, reduction in efficiency inherent to your profiling system. You’re expecting TSA agents to make these profiling decisions, and that takes time and attention. Moreover, your decisions will often require coordination between different TSA agents doing different jobs. The TSA agent who sees the anomaly resulting from the full-body scan is not the same agent who is looking at the passenger. The agent who notices the small knife or something that might be a bomb in scanned luggage is not the same person who is looking at the passenger who owns that piece of luggage. This procedure will cost time; there’s no way to avoid it. You have to pay for it with either money (more screeners) or security (screeners who are making these decisions aren’t doing something else instead).

So far, this analysis has assumed that the correlation between airplane terrorist and Muslim is one. Of course, it isn’t. It’s high, but it’s not one. You might not want to discuss Timothy McVeigh and the Unabomber, but both are examples of non-Muslim terrorists. Anders Behring Breivik in Norway massacred 77 and wounded 242 people; it’s not much of a stretch to think of him as a potential airplane suicide terrorist. In 2010, non-Muslim Andrew Joseph Stack, who looks as American as they come, flew a small airplane into a building in a suicidal terror attack.

Again, we can argue about the exact correlation between terrorist and Muslim. Perhaps you think it’s higher than I do. Perhaps someone with access to classified intelligence thinks it’s even higher, or even lower. And again, if we don’t ethnically profiling, then it doesn’t matter who is right and who is wrong. The simplification removes the issue entirely.

I’ve done my cost-benefit analysis of profiling based on looking Muslim, and it’s seriously lopsided. On the benefit side, we have increased efficiency as screeners ignore some primary-screening anomalies for people who don’t meet the profile. On the cost side, we have decreased security resulting from our imperfect profile of Muslims, decreased security resulting from our ignoring of non-Muslim terrorist threats, decreased security resulting in errors in implementing the system, increased cost due to replacing procedures with judgment, decreased efficiency (or possibly increased cost) because of the principal-agent problem, and decreased efficiency as screeners make their profiling judgments. Additionally, your system is vulnerable to mistakes in your estimation of the proper profile. If you’ve made any mistakes, or if the profile changes with time and you don’t realize it, your system becomes even worse.

This same basic analysis also holds true to random versus profiled secondary screening. Using the example of swabbing luggage randomly for explosive residue versus swabbing luggage of profiled people, there’s no efficiency benefit (screeners are performing the same number of swab tests) but a potential security benefit (the tests are being performed only on those who meet the profile). There are still the security risks resulting from an imperfect Muslim profile and the potential existence of non-Muslim terrorists. There are still the security risks from profiling errors. There is still the monetary cost of replacing procedures with judgments, the efficiency or monetary cost of the principal-agent problem, and the efficiency cost of making those judgments.

The difference is that the benefit isn’t very much. The point of a mandatory screening procedure, like looking for guns, is to ensure that no one has a gun. The point of a random procedure is to inject enough uncertainty into the system that terrorists can’t build a plot around getting through the security system. Replacing a random procedure with a profiled procedure increases the likelihood that someone who meets the profile will get caught, while at the same time decreasing the likelihood that someone who doesn’t meet the profile will get caught. The result is less uncertainty on the part of the terrorist, and therefore less overall security.

SH:I share your concern about the risk that some people could successfully game the system—but I still think we can exclude people who (effectively) pose zero risk. Needless to say, no system that we can live with (and afford) will be guaranteed to catch every terrorist.

And everything you have said about airport security would seem to apply to profiling in the course of gathering intelligence out in the world. Should we infiltrate the Sunni mosque or the Hindu ashram? Shall we flip a coin to introduce some randomness into this decision process? If we keep profiling mosques, won’t the jihadists just game the system by devoting themselves to yoga full time? Again, your argument seems to rest on a profound skepticism about our ability to ever know what we are looking for—along with a very high opinion of the enemy’s ability to recruit NFL cheerleaders.

BS:It might seem to apply to all of those things, but that doesn’t mean a careful analysis will yield the same conclusion. Just because in this case it doesn’t make sense to build a security system based on your correlation doesn’t mean it doesn’t make sense in every case. Sometimes we do flip coins to introduce randomness into security systems. Sometimes the bad guys can’t game the profile as easily as others. The lesson is not to rely on your intuition, but to perform a detailed security analysis to answer these questions.

In the profiling case, the mathematically optimal strategyis a combination of profiling and random sampling. But, really, this is simply too complicated to implement in any practical way at a security checkpoint. Given the choice between profiling and random sampling, random wins.

This analysis is not “a litany of concerns about profiling that are (in my view) easily answered.” It’s what happens when you take an idea for a security system and try to implement it in practice. It’s the real world.

SH:Well, actually, the paper you cite seems to support my intuitions pretty well. As you know, I’m not recommending “strong profiling”—and using “square-root biased sampling” seems to be another way of saying that we should profile, but we should keep the profile pretty broad; we should notice the differences between people, but we shouldn’t be overly impressed by those differences (i.e., we should be using the square-root of the prior probability that a person is a terrorist, rather than the probability itself). This research advocates that secondary screenings be “distributed broadly, although not uniformly, over the population.” That sounds pretty good to me.

It’s not altogether clear to me what assumptions have been built into this model. And I do not doubt that adding a layer of random screening to a base of profiling would increase security. I continue to believe, however, that certain people can be definitely excluded from the search space—Betty White—thereby raising our odds of catching real terrorists.

BS:The paper supports some of your intuitions about how useful your correlation is, but doesn’t speak at all to the efficacy of building a security system around that correlation. That’s what I have been trying to make explicit: just because a correlation exists doesn’t mean that it is smart security to use it as a mechanism for dividing people into two categories and subjecting those categories to different levels of security.

I agree that the result is perverse. I agree that, on the face of it, it makes no sense to screen someone who looks and acts like Betty White, or those four wheelchair-using World War II veterans at San Jose Airport. But it results in better security. By “obviouslywasting their time,” security screeners are in fact both saving time and improving security.

SH: Well, that’s not how I read the research you provided. There are many people for whom I would set the prior probability of their being a jihadist at (effectively) zero. Granted, the probability for any one person who fits the broader profile will be pretty low. But for certain people, I would put the probability higher than you might expect. And if we change the question slightly to encompass intelligence gathering—”What are the chances that this person knowsa few jihadists”—something like strong profiling begins to look pretty reasonable.

The paper you cite doesn’t describe the condition of knowing that the threat is coming from a single group. I continue to believe that anyone we can definitely exclude from that group (e.g., Betty White) shouldn’t capture any of our resources.

BS:And I believe that is because you are discounting the costs in money, efficiency, and security of implementing a system where they do not capture any resources. I say that if it costs you $2 plus ten seconds plus some additional security risk to save $1, then you should waste the $1, and move on.

Also, there is nothing in these analyses about political correctness, or fear of offending Muslims. You can perform the same basic analysis on fraudulent credit card transactions. You can perform it on Internet packets being screened by an intrusion detection system before entering your network.

There are other security concerns when you look at the geopolitical context, though. Profiling Muslims fosters an “us vs. them” thinking that simply isn’t accurate when talking about terrorism. I have always thought that the “war on terror” metaphor was actively harmful to security because it raised the terrorists to the level of equal combatant. In a war, there are sides, and there is winning. I much prefer the crime metaphor. There are no opposing sides in crime; there are the few criminals and the rest of us. There criminals don’t “win.” Maybe they get away with it for a while, but eventually they’re caught.

“Us vs. them” thinking has two basic costs. One, it establishes that worldview in the minds of “us”: the non-profiled. We saw this after 9/11, in the assaults and discriminations against innocent Americans who happened to be Muslim. And two, it establishes the same worldview in the minds of “them”: Muslims. This increases anti-American sentiment among Muslims. This reduces our security, less because it creates terrorists—although I’m sure it is one of the things that pushes a marginal terrorist over the line—and more that a higher anti-American sentiment in the Muslim community is a more fertile ground for terrorist groups to recruit and operate. Making sure the vast majority of Muslims who are not terrorists are part of the “us” fighting terror, just as the vast majority of honest citizens work together in fighting crime, is a security benefit.

Like many of the other things we’ve discussed here, we can debate how big the costs and benefits I just described are, or we can simplify our system and stop worrying about it.

One final cost. Security isn’t the only thing we’re trying to optimize; there are other values at stake here. There’s a reason profiling is often against the law, and that’s because it is contrary to our country’s values. Sometimes we might have to set aside those values, but not for this.

SH:I agree that we should be wary of “us vs. them” thinking. However, we must be honest about the where this is coming from in the present case—it comes from the reflexive, religious solidarity that many Muslims feel for their fellow Muslims, simply because they are Muslims. And this religious solidarity makes the model of fighting “crime” currently inapplicable. Ordinary bank robbers and murderers are not united by an ideology that they are aggressively seeking to spread—and are spreading, in a hundred countries. They don’t have large networks of support and a larger population of people who sympathize with their basic motives, if not their methods. We do not have charitable foundations and academic departments devoted to promulgating a sympathetic understanding of bank robbery and murder.

You wrote in your essay, “Beyond the societal harms of deliberately harassing a minority group, singling out Muslims alienates the very people who are in the best position to discover and alert authorities about Muslim plots before the terrorists even get to the airport.” This is quite true. But it is just another way of saying that we need Muslims to help profilewithin their own community, because only they can effectively do this. And yet you seem to believe that pretending that the Muslim community deserves no special scrutiny is the best way to ensure this cooperation. What if being honest with the Muslim community worked better?

BS:I have argued that, at airport security checkpoints, profiling based on “Muslim, anyone who could conceivably be Muslim” does not make security sense. It costs us more, reduces efficiency at security checkpoints, and decreases security. I am not making any generalizations, and I am certainly not conflating investigation and intelligence—following specific people who are out to do the world harm—with profiling a specific ethnic group.

SH:You have repeatedly questioned the relevance and wisdom of focusing on Muslims, and in ways that clearly have wider implications. You claim that however we profile, we will be subjecting vast numbers of innocent people to scrutiny, which comes at an unacceptable social and political cost; and there is no way to accurately profile anyway, because terrorists come in every size, shape, and color, and can change their tactics to evade all but a truly random screening. These concerns do not magically disappear once we leave the airport—nor do your conclusions about the importance of base rate. When you say, as you did a few moments ago—”Security isn’t the only thing we’re trying to optimize; there are other values at stake here. There’s a reason profiling is often against the law, and that’s because it is contrary to our country’s values. Sometimes we might have to set aside those values, but not for this.”—it is hard to believe that you are thinking only about airport security.

BS:Agreed, but those other security aspects are not relevant here. In this analysis I am only considering airport security. Actually, I am only considering passenger security checkpoints at airports. Pieces of my analysis are applicable elsewhere, of course, but don’t carelessly generalize security results without a complete analysis.

SH:Well, as I said in my second essay on this topic, I find it very strange that many people erupt in sanctimonious outrage at the idea of profiling at the airport, while cheerfully admitting the necessity of “gathering intelligence” out in the world. You surely know what intelligence work entails. Perhaps others don’t. The violations of people’s privacy and trust that arise in the course of looking for jihadists outside the airport, while occasionally covert, tend to be far more invasive and (one would imagine) offensive than the sort of profiling we are talking about at the airport.

I share your concern about not alienating the Muslim community. But we desperately need moderate Muslims to stop pretending that Islam is just like every other religion at this moment in history. As bad as Christianity and Judaism have been in the past (and may yet be again), only Muslims reliably work themselves into a killing rage over the mistreatment of a book; only Muslims murder their critics and apostates; only Muslims can be counted upon to riot by the tens of thousands over cartoons; and only Islam, with its doctrines of jihad and martyrdom, is perfectly suited to spawn a global death cult of suicidal terrorists.

We need moderate Muslims to admit that some of their coreligionists currently pose a danger to civil society unlike any other on the religious landscape. One would think this might be easy, as the effects of Muslim barbarism have so far been visited mostly on Muslims themselves. In fact, we need more people like Asra Nomani, whom you singled out for criticism as an otherwise intelligent person who mistakenly favors profiling. It seems to me that you have lost the plot here: Nomani has taken a remarkably courageous stand for honest self-criticism, in a community that tends to be violently opposed to it. This is yet another reason why I don’t think we can discuss the issue of profiling at the airport in isolation from our other efforts to combat the forces of jihad. Admitting that we know what we are looking for—Muslim extremists rather than generic terrorists—could oblige the Muslim community to truly come to terms with the problem.

BS:I’m not going to speak of Nomani’s motivations. This is a matter of security engineering, and in that context she is just another person with no security expertise applying her intuition to the problem.

SH:It seems to me that we have run out of steam, Bruce.

BS:We’re 13,000 words in; I’m not even sure we have any readers left.

SH:If that’s true, the terrorists really have won. I’m happy to give you the last word, but I hope you will address one point, in addition to saying anything else you might want to say, or linking to articles or books you have written if our readers want to follow up. It is still not clear to me what you actually recommend—nor is it clear why your views about profiling, if true, wouldn’t extend to all intelligence work, or even to immigration. Should we issue visas to people at random, or should we pay more attention to those applying from Yemen, Pakistan, and Somalia? For those seeking to immigrate from Canada, should we give more scrutiny to Arabs or to Inuit? I don’t see how you can pull the brakes once this train has left the station. The base rate of terrorism is low everywhere and on all occasions. And, yes, we have an ethical commitment to treating people fairly, wherever possible. But it seems to me that you have made far too much of these facts at the airport—and, given your reasoning, they should vitiate our commitment to targeted security on every other front. Rather than fly drones over Yemen, we should let them drift with the wind and rain down missiles at random.

You’ve admitted that profiling plus randomness is the bestalgorithm, but you think it’s too complicated to implement at the airport; elsewhere you’ve conceded that the Israelis are masters at behavioral profiling, but you’ve indicated that we cannot hope to emulate their approach because it would be too expensive. At various other points you have hinted that we should just return to pre-9/11 security and stop worrying. What do you think we should do?

BS:Let’s quickly review. The topic of this exchange, and the topic I’ve tried to stick to, is whether it makes sense to implement a two-tiered security system at airports, where “Muslims, or anyone who could conceivably be Muslim” get a higher tier of security and everyone else gets a lower tier. I have concluded that it does not, for the following reasons. One, the only benefit is efficiency. Two, the result is lower security because 1) not all Muslims can be identified by appearance, 2) screeners will make mistakes in implementing whatever profiling system you have in mind, and 3) not all terrorists are Muslim. Three, there are substantial monetary costs in implementing this system, in setting the system up, in administering it across all airports, and in paying for TSA screeners who can implement it. And four, there is an inefficiency in operating the system that isn’t there if screeners treat everyone the same way. Conclusion: airport profiling based on this ethnic and religious characteristic does not make sense.

And while you’ve objected to bits and pieces of this, the only argument you have made for this profiling system is that it’s common sense.

I agree that it might be unclear why my “view about profiling, if true, wouldn’t extend to all intelligence work, or even to immigration.” This stuff is hard, and security—especially complex technological security—is often unclear. One of the principles I most hoped to explain in this dialog is that intuition and common sense are poor guides to security trade-offs. What might seem to be a good idea often is not, and what seems to be a bad idea sometimes is. Beware of security by intuition and of security by emotion. Beware of generalizations. Beware of seemingly unrelated complexity.

And, of course, beware of complexity in general.

Your final question is a good one. I have written extensively about what I think should be done about airport security and terrorism in general, and I invite readers to read some of those essays. To anyone still reading, I invite you to read this and this.

Security is all about cost-benefit analyses: how can we get the most security for our money, convenience, freedoms, liberties, and so on. A lot of what we’ve implemented in our efforts to combat terrorism fail that analysis. In general, I am opposed to security measures that require us to guess the plot correctly , because it is so easy for terrorists to change tactics or target. This is really what your profiling system is: it’s a guess about who the next terrorist is going to be. If I had to pick someone to make that guess, I would pick Kip Hawley over you, but I would much rather build a security system that doesn’t require guessing at all. In general, I am in favor of security measures that are effective regardless of the plot: intelligence, investigation, and emergency response. This means to focus less on specific terrorist tactics—shoes, liquids, etc.—and more on the broad threat, but also to focus more on specific terrorist targets—airports and airplanes—than on the broad threat.

But perhaps most importantly, we should refuse to be terrorized. Terrorism isn’t really a crime against people or property; it’s a crime against our minds. If we are terrorized, then the terrorists win even if their plots fail. If we refuse to be terrorized, then the terrorists lose even if their plots succeed.

Peace out.

Categories: Airline Travel, Terrorism, Theory of Security

Sidebar photo of Bruce Schneier by Joe MacInnis.