Entries Tagged "air travel"
Page 21 of 46
Self-Defense Pen
I’m sure you need some skill to actually use this, and I’m also sure it’ll get through airport security checkpoints just fine.
Perverse Security Incentives
An employee of Whole Foods in Ann Arbor, Michigan, was fired in 2007 for apprehending a shoplifter. More specifically, he was fired for touching a customer, even though that customer had a backpack filled with stolen groceries and was running away with them.
I regularly see security decisions that, like the Whole Foods incident, seem to make absolutely no sense. However, in every case, the decisions actually make perfect sense once you understand the underlying incentives driving the decision. All security decisions are trade-offs, but the motivations behind them are not always obvious: They’re often subjective, and driven by external incentives. And often security trade-offs are made for nonsecurity reasons.
Almost certainly, Whole Foods has a no-touching-the-customer policy because its attorneys recommended it. “No touching” is a security measure as well, but it’s security against customer lawsuits. The cost of these lawsuits would be much, much greater than the $346 worth of groceries stolen in this instance. Even applied to suspected shoplifters, the policy makes sense: The cost of a lawsuit resulting from tackling an innocent shopper by mistake would be far greater than the cost of letting actual shoplifters get away. As perverse it may seem, the result is completely reasonable given the corporate incentives—Whole Foods wrote a corporate policy that benefited itself.
At least, it works as long as the police and other factors keep society’s shoplifter population down to a reasonable level.
Incentives explain much that is perplexing about security trade-offs. Why does King County, Washington, require one form of ID to get a concealed-carry permit, but two forms of ID to pay for the permit by check? Making a mistake on a gun permit is an abstract problem, but a bad check actually costs some department money.
In the decades before 9/11, why did the airlines fight every security measure except the photo-ID check? Increased security annoys their customers, but the photo-ID check solved a security problem of a different kind: the resale of nonrefundable tickets. So the airlines were on board for that one.
And why does the TSA confiscate liquids at airport security, on the off chance that a terrorist will try to make a liquid explosive instead of using the more common solid ones? Because the officials in charge of the decision used CYA security measures to prevent specific, known tactics rather than broad, general ones.
The same misplaced incentives explain the ongoing problem of innocent prisoners spending years in places like Guantanamo and Abu Ghraib. The solution might seem obvious: Release the innocent ones, keep the guilty ones, and figure out whether the ones we aren’t sure about are innocent or guilty. But the incentives are more perverse than that. Who is going to sign the order releasing one of those prisoners? Which military officer is going to accept the risk, no matter how small, of being wrong?
I read almost five years ago that prisoners were being held by the United States far longer than they should, because ”no one wanted to be responsible for releasing the next Osama bin Laden.” That incentive to do nothing hasn’t changed. It might have even gotten stronger, as these innocents languish in prison.
In all these cases, the best way to change the trade-off is to change the incentives. Look at why the Whole Foods case works. Store employees don’t have to apprehend shoplifters, because society created a special organization specifically authorized to lay hands on people the grocery store points to as shoplifters: the police. If we want more rationality out of the TSA, there needs to be someone with a broader perspective willing to deal with general threats rather than specific targets or tactics.
For prisoners, society has created a special organization specifically entrusted with the role of judging the evidence against them and releasing them if appropriate: the judiciary. It’s only because the George W. Bush administration decided to remove the Guantanamo prisoners from the legal system that we are now stuck with these perverse incentives. Our country would be smart to move as many of these people through the court system as we can.
This essay originally appeared on Wired.com.
Radio Interview with Me
Last Saturday I was interviewed on Paul Harris’s Chicago radio show.
Racial Profiling No Better than Random Screening
Not that this is any news, but there’s some new research to back it up:
The study was performed by William Press, who does bioinformatics research at the University of Texas, Austin, with a joint appointment at Los Alamos National Labs. His background in statistics is apparent in his ability to handle various mathematical formulae with aplomb, but he’s apparently used to explaining his work to biologists, since the descriptions that surround those formulae make the general outlines of the paper fairly accessible.
Press starts by examining what could be viewed as an idealized situation, at least from the screening perspective: a single perpetrator living under an authoritarian government that has perfect records on its citizens. Applying a profile to those records should allow the government to rank those citizens in order of risk, and it can screen them one-by-one until it identifies the actual perpetrator. Those circumstances lead to a pretty rapid screening process, and they can be generalized out to a situation where there are multiple likely perpetrators.
Things go rapidly sour for this system, however, as soon as you have an imperfect profile. In that case, which is more likely to reflect reality, there’s a finite chance that the screening process misses a likely security risk. Since it works its way through the list of individuals iteratively, it never goes back to rescreen someone that’s made it through the first pass. The impact of this flaw grows rapidly as the ability to accurately match the profile to the data available on an individual gets worse. Since we’ve already said that making a profile is challenging, and we know that even authoritarian governments don’t have perfect information on their citizens, this system is probably worse than random screening in the real world.
In the real world, of course, most of us aren’t going through security checks run by authoritarian governments. In Press’ phrasing, democracies resample with replacement, in that they don’t keep records of who goes through careful security screening at places like airports, so people get placed back on the list to go through the screening process again. One consequence of this is that, since screening resources are never infinite, we can only resample a small subset of the total population at any given moment.
Press then examines the effect of what he terms a strong profiling strategy, one in which a limited set of screening resources is deployed solely based the risk probabilities identified through profiling. It turns out that this also works poorly as the population size goes up. “The reason that this strong profiling strategy is inefficient,” Press writes, “is that, on average, it keeps retesting the same innocent individuals who happen to have large pj [risk profile match] values.”
According to Press, the solution is something that’s widely recognized by the statistics community: identify individuals for robust screening based on the square root of their risk value. That gives the profile some weight, but distributes the screening much more broadly through the population, and uses limited resources more effectively. It’s so widely used in mathematical circles that Press concludes his paper by writing, “It seems peculiar that the method is not better known.”
Other articles on the research here, here, and here. Me on profiling.
Michael Chertoff Claims that Hijackings were Routine Prior to 9/11
I missed this interview with DHS Secretary Michael Chertoff from December. It’s all worth reading, but I want to point out where he claims that airplane hijackings were routine prior to 9/11:
What I can tell you is that in the period prior to September 12, 2001, it was a regular, routine issue to have American aircraft hijacked or blown up from time to time, whether it was Lockerbie or TSA or TWA 857 [I believe he meant TWA 847 – Joel] or 9/11 itself. And we haven’t had even a serious attempt at a hijacking or bombing on an American plane since then.
BoingBoing provides the actual facts:
According to Airsafe.com, the last flight previous to 9/11 to be hijacked with fatalities from an American destination was a Pacific Southwest Airlines flight on December 7th, 1987. “Lockerbie” refers to Pan Am Flight 103 which was destroyed by a bomb over Scotland after departing from London Heathrow International Airport on its way to JFK, with screening done—as now—by an organization other than the TSA. TWA Flight 847 departed from Athens (Ellinikon) International Airport, also not under TSA oversight.
While Wikipedia’s list of aircraft hijackings may not be comprehensive—I cannot find a complete list from the FAA, which does not seem to list hijackings, including 9/11, in its Accidents & Incidents Data—the last incident of an American flight being hijacked was in 1994, when FedEx Flight 705 was hijacked by a disgruntled employee.
The implication that hijacking or bombing of American airline flights is a regular occurrence is not borne out by history, nor does it follow that increased screening by the TSA at airports has prevented more attacks since 9/11.
Kip Hawley Is Starting to Sound Like Me
Good quote:
“In the hurly-burly and the infinite variety of travel, you can end up with nonsensical results in which the T.S.A. person says, ‘Well, I’m just following the rules,'” Mr. Hawley said. “But if you have an enemy who is going to study your technology and your process, and if you have something they can figure out a way to get around, and they’re always figuring, then you have designed in a vulnerability.”
Gunpowder Is Okay to Bring on an Airplane
Putting it in a clear plastic baggie magically makes it safe:
Mind you, I had packed the stuff safely. It was in three separate jars: one of charcoal, one of sulphur, and one of saltpetre (potassium nitrate). Each jar was labeled: Charcoal, Sulphur, Saltpetre. I had also thoroughly wet down each powder with tap water. No ignition was possible. As a good citizen, I had packed the resulting pastes into a quart-sized “3-1-1” plastic bag, along with my shampoo and hand cream. This bag I took out of my messenger bag and put on top of my bin of belongings, turned so that the labels were easy for the TSA inspector to read.
Schneier on 60 Minutes
I’m on 60 Minutes today. If you’re a new reader who has just found me from that show, welcome. Here are links to some of my previous writings about airplane security:
Airport Pasta-Sauce Interdiction Considered Harmful
The TSA’s Useless Photo ID Rules
Airline Security a Waste of Cash
Airplane Security and Metal Knives
I also interviewed Kip Hawley last year.
This page contains all my essays and op eds.
Everyone, consider this the thread to discuss the show.
I’m particularly croggled by this quote from the CBS page:
“…it’s why the TSA was created: to never forget,” Hawley tells Stahl.
This quote summarizes nicely a lot about what’s wrong with the TSA. They focus much too much on the specifics of the tactics that have been used, and not enough on the broad threat.
EDITED TO ADD (12/23): Here’s the segment.
Sidebar photo of Bruce Schneier by Joe MacInnis.