Combining Security & Convenience: A Balancing Act

Media reports and security “experts” routinely ask if TSA really makes air travelers safer or if we are simply trying to make things more inconvenient in the name of security.

Safety and convenience can be a bit like oil and water at times, but TSA is always trying to balance the two. It’s not always easy, and we know passengers aren’t always thrilled to take off their shoes or put their liquids in a baggie. But you don’t take your shoes off because of Richard Reid and the liquid explosive threat isn’t over because the UK plot was foiled. Everything TSA does is rooted in intelligence, and every security measure is done to mitigate a threat.

Sometimes security measures come after a plot is busted, such as the August 10 liquids plot. In August 2006, existing technology could not root out the peroxide-based explosives from all the other liquids that come through the checkpoint. The threat was very real, and continues to be real, as all the news on terrorism this week shows. Three men involved in the UK plot have since been convicted for trying to blow up commercial airliners with liquid bombs. Watch this video to see the capabilities of liquid explosives to do catastrophic damage to a commercial airliner.

So we first enacted a total ban along with the UK and other countries. Then after national labs here and overseas studied the intel, we worked with international partners to come up with the policy of packing 3.4 ounce or smaller containers in the one quart baggie so passengers could take necessary liquids in their carry-on bags.

Other times, we proactively enact measures to mitigate a threat, like when we announced that remote control toys could receive additional screening last year, and again this month, when we deployed test kits to give added scrutiny to certain powders that could be used to make explosives. Both items can be used to create an IED, but instead of banning them, we use existing technology to mitigate the threat with very little impact on most travelers.

There are some other examples of balancing security with convenience to improve your travel experience:

Laptop Friendly Bags: Officers continue to this day to find gun parts and other prohibited items hidden in laptops, as well as tampered laptops. While it’s an extra step to take your laptop out of its bag, that extra step helps officers make sure they get a clear view without other items in your laptop bag getting in the way. So we worked with industry to come up with Laptop Friendly Bags that allow you to keep your laptop in your bag and give officers the clear view of the laptop that they need to keep you safe.

AT X-rays: Advanced Technology X-rays give officers a better and multidimensional view of your bag which in turn leads to fewer bag searches and reruns. AT X-rays can also be upgraded to address evolving threats.

Black Diamond Self Select and Family Lanes: Self Select and Family Lanes are based on feedback from frequent fliers and passengers with children or special needs. This enhancement allows passengers to travel through checkpoints at their own skill level and pace. TSA has also positioned technology to screen medically necessary liquids at the Family/Liquids lanes.

Imaging Technology: Not only has the use of Millimeter Wave and Backscatter made things safer for the flying public by detecting both metallic and non-metallic threat items that could be hidden on a body, it has allowed us to take a more hands-off approach when screening certain passengers. It has been a long time coming for passengers with metal implants who always have to undergo a pat down.

Alternative Screening Procedures: Good security requires giving the same level of screening to all passengers. While we must treat those with disabilities and other special needs with respect, over the years, we have seen many people try to get prohibited items through the checkpoint using wheelchairs, casts – even in prosthetics. If people think there’s a loophole, they will try to use it. That’s why TSA has created many alternate screening procedures for passengers with special needs such as disabilities, children, small infants , soldiers and wounded warriors.

Secure Flight: It’s critical to keep known terrorists off planes. But it’s unfortunate when people whose names are similar to those who are really on a watch list are unable to print a boarding pass at home or at a kiosk. It’s worse when someone in an airport tells a mom or dad that their child is on the No Fly List – because no child is. Secure Flight brought watch list matching back inside the government, so we could ensure a high level of security and reduce the hassle factor. Providing your name as it appears on your government-issued ID as well as your gender and date-of-birth reduces the chance of misidentification by more than 99% to make travel safer and easier.

Paperless Boarding Pass: The paperless boarding pass puts a 2D barcode encrypted boarding pass directly onto a passenger’s PDA or cell phone. It mitigates the threat of fraudulent boarding passes and it’s a customer service improvement for airlines and passengers.

TSA is not only concerned about balancing security and convenience – the equation isn’t complete without talking about privacy. Privacy considerations have been built into Secure Flight, imaging technology and other screening functions.

TSA’s layered approach to aviation security incorporates elements long before the airport all the way to the plane. You will never see or be affected by many of those elements. And while engaged passengers and hardened cockpit doors have gone a long way to preventing another 9-11 style attack, we also have to focus on preventing future attacks. As current media reports show, terrorists continue to look at IEDs, including peroxide-based explosives. Preventing an IED from getting on a plane involves intel-sharing, technology, highly trained officers and random, unpredictable screening procedures.

Kristin Lee

Assistant Administrator for Strategic Communications and Public Affairs

Administrator Kip Hawley's Final TSA Blog Post

TSA opened up this web dialogue about a year ago to get feedback from the public and engage with them on the issues that they presented. We have learned a great deal from those of you who have posted and I am grateful for your engagement with us. While some of the individual comments are painful to read and/or based on something that is factually wrong, taken as an aggregate there are undeniable, unavoidable themes.

One of those themes is that TSA's security is intellect-free. The broad categories seem to be about doubting the reality of the current threat, perceived vulnerabilities, and experiences that defy common sense.

With this post, I would like to touch on threat and vulnerabilities and focus on how TSA is introducing more 'smart' security at the airport.

Threat information comes in many forms, virtually all of it coming to us with restrictions on how we can use it. The good news is that we get it -- and use it -- to craft our security activities, and we literally do that every day. The bad news is that a condition of getting the really detailed and actionable information is that we cannot fully explain to the public the 'why' behind what we do. Ellen Howe's previous post discusses how we have tried to get out as much as we can on the 'why,' most recently, with the Ad Council.

The point on vulnerabilities is that since there are vulnerabilities in every system, what's important is to identify them and then compensate for those vulnerabilities with other measures. TSA is involved in risk-management - understanding our vulnerabilities, looking at what terrorists may be planning, and devoting our main efforts to reduce the risk of attacks with catastrophic consequences.

You might look at it like mapping out a spectrum of attacks causing catastrophic consequences, then overlaying it with vulnerabilities, and then circling in red the vulnerabilities associated with high-consequence attack scenarios where we know terrorists are plotting. We look for compensating measures across the spectrum to protect against vulnerabilities or plotting of which we are unaware. But first of all, we take action to close down any vulnerabilities circled in red. When we see an intersection of threat, vulnerability and consequence, TSA takes action as we have with liquids and shoes even though we know that they will not be popular. We are more likely to consider convenience issues in other areas of the spectrum and devote considerable effort in working with our airport and airline colleagues to make things work with the least possible inconvenience. There are technology answers -- but we have to close the gap until the technology answer works and is deployed.

Part of the problem with the 'common sense' theme is that our rhetoric of smarter, flexible, unpredictable, stay-ahead-of-the-terrorist strategy can clash with your personal experience. Some measures are in place now and others rolling out that will sharply reduce that disconnect. I will mention a few examples in each of our key areas: people, technology, and process.

First off with our people, TSA is about two-thirds of the way through retraining our entire airport workforce, from Federal Security Director to front-line Officer. (Headquarters elements are also included.) This training is worthy of its own post but it is two full days in length and covers the gamut from human factors to updated information on terrorist weapons and tactics. It is all about being smart about how we do our security job and how to think in terms of identifying real - and sophisticated - threats and less about running through a checklist.

Secondly, we are also about two-thirds through a major deployment of much more sophisticated carry-on bag scanners, AT-X-ray. About 600 of the new, smarter AT's are deployed already with another 300 more in the next few months. These are the machines that will be able to detect threat liquids (or powders, gels, etc.) automatically and will allow TSA to change the baggie requirement and clear up many of the head-scratching moments you now endure. (Probably about a year away.)

Finally, I have spoken about wanting to break up the rigidity of checkpoint screening and mentioned a goal of changing it up, spreading it out, and calming it down. With a re-trained workforce that has better technology, we can make the existing process calmer. There are opportunities also to make process changes that will make things smoother. For instance, where we have rigid and predictable criteria for extra screening (like last minute travel changes and one-way tickets), we can get more security value by using less obvious criteria like randomness or behavior and make things less congested at the checkpoint.

While this forum will continue to hear from our vigorous critics, I hope that in addition to the words of the indefatigable Blogger Bob and his colleagues, you will see that TSA has backed them up with actions in the year that the EoS Blog has been in business.

Our on-line presence is much clearer, deeper, and more accessible - and improvements will continue. Black Diamond, laptop bags, clearer signage, better explanations of the “why”, are all examples of actions taken by TSA that were helped by this blog discussion. You've helped us prioritize your pain points and we do, in fact, work to reduce those.

The security needs in aviation (and surface transportation) are significant and on-going. Real security risk mitigation can only happen when all parties - including the public - are active, positive participants. The men and women of TSA are amazing in their commitment to protect you and it has been an honor to serve with them. I hope that, going forward, your personal experience with our people, bolstered by better technology and process, will bring us together in support of our common objective - untroubled transportation to our chosen destination and a safe, smooth return home.

Thank you for your interest and participation,

Kip

Yet Another ID Post...With Some Answers to Your Questions

The ID topic has elicited lots of emotion. Many posters feel very strongly on this topic and I respect that discussion and their positions. This is a case where taking steps for aviation security touch other, related controversies that are larger societal/political issues. To the extent that there are legal issues relating to TSA’s actions, they will be resolved elsewhere.

I would like to move on to other topics since we are not going to solve the several complex issues here and we do have lots of other security issues to discuss.

The essential point is that validating a passenger’s identity matters a great deal from a security point of view. Our intelligence, military, and law enforcement colleagues -- at great risk to themselves -- develop sensitive information about potential attacks and the people behind them. They get that information to us so that TSA can do its part and keep those people off aircraft. It is our obligation to protect passengers and crew using the best information that we can get. That is what we are doing.

We will leave this open for further discussion and then move on with our next post. But before we move on, I wanted to provide answers to some of your questions.

Q: If requiring ID is truly instrumental in keeping the flying public safe, why did it take the TSA until June of 2008 to institute that policy?

A: Building blocks.

TSA put up a national security baseline in 2002. This involved creating the organization, staffing, buying and installing equipment -- and the very familiar magnetometer/x-ray checkpoint. No-Fly and Selectee lists were established and given to airlines for them to match versus their ticketed passengers. Airlines continued the pre-9/11 practice of hiring contractors locally to check ID’s. That created a basic physical screening process at the checkpoint (TSA operated) and a basic person screening process through the airlines.

In 2006 and 2007 TSA strengthened the person screening process by adding a new layer (behavior) and improving the watchlist matching. Along with the Terrorist Screening Center (TSC), TSA scrubbed the No-Fly and selectee lists and essentially cut them in half. (CIA and FBI are the major players nominating people to the Watchlists, TSC maintains a consolidated, accurate, government-wide watchlist, and TSA operationally makes sure No-Flys don’t fly.) The system is vulnerable to people evading watchlists if they use a fake identity with the airline and then show a fake ID at the checkpoint. This vulnerability was called out by many on-line posters (and noticed by us) and we took a major step last year to upgrade the ID checks by integrating the checking of ID’s with the rest of TSA’s security. That is why you now have TSA officers, with lights and loupes examining ID’s throughout the system.

The ID requirements we’re talking about here, are the next building blocks to be added. First, to require identity verification and better define the hierarchy of good ID’s -- hence the ‘gold standard.’

We know that terrorists use fake ID's to evade security scrutiny. While I recognize that there are very valid philosophical issues and debates around ID’s, for TSA, this issue is about closing vulnerabilities and stopping attacks.

There is considerable operational complexity to resolving the identity of a person without an ID real-time at the checkpoint. It is getting done now but is still clunky at times. We will get better over the coming months. In answer to the question, all of the building blocks mentioned above, needed to be in place. They are now and aviation is safer as a result

Q: What will TSA do if a majority of the states refuse to issue REAL ID cards to their respective citizens?

A: We would attempt to verify identity with other means, it would just take longer.

Q: If TSA believes that 1) checking ID increases safety to the flying public and 2) the no-fly list is there to catch terrorists, then why are the TSOs that check IDs at the airport not comparing names to those on the no-fly list?

A: Because those checks are done before the boarding pass is issued. It is done in the background by a combination of the airlines and TSA. The system is automated and close matches are resolved on a one by one basis. For more on issues about passengers who have problems because someone else with their name is on the list, please see DHS Trip.

Q: Since it has been claimed by TSA that the 3-1-1 rule was implemented due to the circumstances surrounding the London bomb plot, what position will TSA take if the defendants are found not-guilty?

A: I can’t comment on the U.K. legal system but “certainty” in a criminal proceeding is very carefully defined. I can tell you from the intelligence and law enforcement information developed in this case that the threat to U.S. aircraft was chilling, lethal and the clock was ticking when they were arrested. Had that plot not been discovered, there may well have been thousands of casualties. Doubt about the reality or efficacy of that threat? Zero.

Kip

Why We Do What We Do: When Security Officers Find Illegal Items at the Checkpoint

A number of readers have raised questions about TSA's legal authority to make a referral to other law enforcement entities when evidence of a crime unrelated to aviation security is discovered during the screening process. This post explains that Transportation Security Officers (TSOs) are required to make such referrals. TSO referrals have led to the arrest and/or conviction of individuals for serious crimes such as illegally possessing narcotic drugs, transporting child pornography, and bulk cash smuggling.

As you know, the job of our security officers is to screen passengers and their belongings for weapons, explosives, and other prohibited items that pose a risk to transportation security. In the course of performing that responsibility, security officers sometimes come across illegal items that are not directly related to transportation security. For instance, last month in Guam, TSOs screening checked baggage discovered almost $900,000 in U.S. currency along with an undisclosed amount of crystal methamphetamine. Although anyone in the United States is free to travel with currency, the failure to make a currency report to Customs and Border Protection when leaving the country with more than $10,000 in cash is a violation of federal criminal law. 31 U.S.C. §§ 5316 and 5322. Attempting to smuggle bulk cash out of the country also violates 31 U.S.C. § 5332, a felony that carries a possible prison term of up to 5 years.

As a component of the Department of Homeland Security, TSA's standard operating procedures require Transportation Security Officers to report evidence of potential crimes to the appropriate local, state or federal law enforcement authorities. When a TSO opens a bag and discovers a large stash of ecstasy or obvious child pornography, he or she is not permitted to close the bag and turn a blind eye to these serious offenses. Instead, a TSO is required to call for law enforcement support. It is up to the responding law enforcement authorities—not our TSOs—to decide whether an arrest is warranted.

TSA's practice of referring evidence of criminality to other law enforcement entities is not only good public policy, it is fully supported by the court decisions. The courts have recognized that illegal items found during a warrantless “special needs” or administrative search, such as the search of an airline passeger's luggage for weapons or explosives, may be turned over to the police. See, for example, United States v. $557,993.89, More or Less, in U.S. Funds (pdf), 287 F.3d 66, 81-83 (2d Cir. 2002) (plain-view seizure of large number of money orders valid because airport security screeners permitted to search briefcase for weapons were not required to ignore evidence of crimes).

This case and others apply the principle of the plain-view doctrine, which allows a police officer to seize an unlawful item that he discovers in plain view, even if he comes across the item while carrying out unrelated duties. For instance, police who enter a residence in response to a call for medical assistance may seize contraband they see in plain view. See, for example, United States v. Quezada, 446 F.3d 1005, 1008 (8th Cir. 2006) (seizure of shotgun in plain view valid because officer entered apartment with reasonable belief that someone was inside but unable to answer).

The incidental discovery of illegal items in the screening of carry-on bags, is not, as one post suggested, akin to forcing a motorist to open his trunk at a sobriety checkpoint. Police officers conducting field sobriety tests at a vehicular checkpoint have no need to look in the trunk of a car to determine if the driver is impaired. By contrast, TSA screeners need to inspect every carry-on bag for weapons, explosives, and other prohibited items that pose a risk to transportation security. To do so, they must examine all compartments of the bag that are capable of concealing such items. If their task causes them to discover evidence of crime, they must ensure a prompt law enforcement referral.

And Now, a Word from Our Lawyers…

Since there are no lawyers on the blog team, they asked me to weigh in on some comments that have come into the blog on legal and constitutional issues. I'm the Chief Counsel at TSA, Francine Kerner, and I hope I can provide some useful information to those interested in the legal aspects of the screening process.

In regard to comments questioning the constitutionality of TSA's airport security screening procedures, the courts have addressed the issue and disagree with the notion that our procedures are unconstitutional. TSA takes the rights of the traveling public very seriously, and in implementing security screening measures, carefully weighs the intrusiveness of those measures against the need to prevent terrorist attacks involving aircraft. Balancing the same considerations, the courts have long approved searches of airline passengers and their bags for weapons and explosives as constitutionally permissible under what is now commonly referred to as the "administrative search" or "special needs" exception to the Fourth Amendment warrant requirement. See, for example, United States v. Edwards, 498 F.2d 496 (2d Cir. 1974). More recently, the courts have ruled that TSA procedures involving identification checks and passenger screening satisfy the requirements of the Fourth Amendment and properly respect the public's qualified right to travel.

See, for example, United States v. Aukai, 497 F.3d 955 (9th Cir. 2007) (en banc); Gilmore v. Gonzales, 435 F.3d 1125 (9th Cir. 2006), cert. denied, 127 S. Ct. 929 (2007); United States v. Hartwell, 436 F.3d 174 (3d Cir.), cert. denied, 127 S. Ct. 111 (2006).

I see that at least one person was troubled by the fact that TSA's screening of airline passengers sometimes yields evidence of crimes not directly related to aviation security. Our responsibility and focus in the airport screening process is to prevent a terrorist attack involving aircraft. In the course of carrying out our mission by screening for weapons and explosives, however, we sometimes incidentally discover illegal items unrelated to transportation security. Federal law and policy require that we refer such items to law enforcement officers for appropriate action. See, for example, United States v. Marquez, 410 F.3d 612, 617 (2005).

To the commenters who have complained about receiving secondary screening despite not having alarmed the walk-through metal detector, there are several reasons why an airline passenger may receive additional screening. For example, some passengers are randomly selected for secondary screening in order to help detect dangerous items that might not alarm the metal detector. Adding this element of randomness to the process makes manipulating the system more difficult.

And finally, to address the comments that expressed concerns about screening in retaliation for voicing complaints about TSA: it is not TSA's policy to subject anyone to additional screening because of their political views or complaints about the screening process. However, threatening a security officer may trigger additional screening.

Thank you for the opportunity to respond to your concerns.



update by Francine on 2/27/08:

To date, we have received over 100 responses to our post regarding TSA's legal authority to conduct security screening at airports. Many of your responses raise questions about the authority of TSA personnel to request a name or other identifying information (ID) from a passenger. You also want to know why the information is requested, how the information is used after you provide it, and whether TSA is following the requirements of the Privacy Act of 1974 (Privacy Act), 5 U.S.C. § 552a, in requesting and using your personal information. Today's post will answer these questions.

In simple terms, the Privacy Act is a statute that controls the government's collection of personal information for later use. This is an important point. Merely asking a traveler to provide ID for a quick examination at the checkpoint does not trigger application of the Privacy Act as long as the agency is not making a record of the information to use in the future. In contrast, if TSA records a traveler's name or other identifying information with the intention of filing the information so that it can be retrieved at a later date by the traveler's name or ID, the agency is required to comply with the provisions of the Privacy Act.

During the screening process, TSA tries to identify individuals who may be planning to do us harm now or in the future. TSA tries to prevent potentially dangerous items from being brought into the boarding area. Finally, TSA responds to incidents that occur during the screening process. A passenger may need medical assistance, screened property may be damaged, lost or stolen, or an individual may become abusive in challenging a screening determination. Handling of these or any other matters may lead TSA personnel to request a traveler's name or other identifying information for filing in a Privacy Act system of records.

As a general matter, information filed in a TSA Privacy Act system of records may be used for a variety of security and administrative purposes. It may be used to identify individuals who require special screening procedures. It may be used to pursue a criminal prosecution or a civil enforcement action. It may be used to evaluate an injury or property claim, or to respond to a passenger complaint. TSA has listed all of the routine uses for the information it collects in the Privacy Act system of records notices published by the agency in the Federal Register. Most of the personal information collected in connection with the screening process is kept in a TSA system of records entitled DHS/TSA 001 Transportation Enforcement Records System (TSERS). See 69 FR 71828 (Dec. 10, 2004).

In some situations where TSA collects information directly from an individual, the Privacy Act requires TSA to provide a written notice to the individual setting forth its authority to gather the information and describing how the agency will use the information. One example of a TSA Privacy Act notice appears on the comment card that may be obtained at some screening checkpoints. Requesting a comment card should not result in harassment of any traveler. Additionally, TSA will accept anonymous comments either by filling out a comment card or by forwarding comments to the TSA Contact Center at tsa-contactcenter@dhs.gov.

Under the Privacy Act, any individual may submit a request to TSA to obtain the information we have on file about the requestor. With rare exceptions, which are set forth in the Federal Register, we will provide the requestor with the information we have in our files.

If you wish to see a further discussion of the Privacy Act, please see our Web site, at:
http://www.tsa.gov/research/reading/regs/privacy_act_faq.shtm.

Thank you for your comments and questions about the Privacy Act. We hope that you will check back on the Blog for future posts regarding legal issues.

What It Takes to be a Transportation Security Officer

Many people at TSA are checking out our blog, from security officers on the front line to management here at TSA’s headquarters. Today, we received a post from Mo McGowan, who heads up aviation security operations at TSA:

Since there have been hundreds of comments about our Transportation Security Officers (TSOs) on this blog ranging from "they're great" to "they stink," I thought it might be interesting to take an inside look into what it takes to be an officer and what they do.

So what does it take to be hired as an officer? Applicants are tested before they’re hired, and have quite a bit of required training afterward. Applicants for “screening” jobs take a series of image interpretation tests before they are ever offered a job. (About one in 20 applicants actually becomes an officer.) Even after they’ve been on the job, TSA requires ongoing training throughout the year.

Once hired, officers:
- Participate in more than 120 hours of classroom and on-the-job training before they ever screen a person or a bag;
- Undergo a series of tests before receiving a work assignment;
- Complete even more training if they are going to screen both passengers and baggage (More than half of our officers do this); and
- Complete an annual certification process that includes more written tests, image interpretation tests, and a third party evaluation.

So training is a regular, important part of an officer’s job.

Seven times every day, every checkpoint in the U.S. is tested with ‘fake’ threats to ensure that our officers are on alert. Most of these fake items are very difficult to identify on the computer screen, and most of these items are detected. Unfortunately, we’re all most likely to hear about the few prohibited items that pass through undetected rather than the thousands of items that are identified at the checkpoint.

On a typical day in the U.S., security officers find two guns and around 2,800 knives and blades (of varying sizes) on passengers and in carry-on bags. Those are the most commonly discovered prohibited items, but it’s hard to imagine how many other potential threats are identified on a daily basis.

We at TSA don’t want anything to happen ‘on our watch.’ This means a lot to me when my family flies, or when I fly to see my grandkids. It means that officers want to be thorough even though it might be inconvenient for us sometimes. It means that they take our safety, security, and the threat seriously, and try their best to prevent and deter the individuals who wish to do us harm.

At TSA, we think about one passenger at a time, two million times a day.

Thanks,
Mo

A Few Thoughts on Consistency and Where We're Going...by Kip Hawley

Thanks for participating in the Evolution of Security blog. In the coming weeks we will ask for your opinions about some issues we have now in discussion -- balancing intrusions into personal space (pat-downs, imaging) with better detection, devoting dedicated lanes to 'speedsters' frequent flyers and how to manage who goes to that lane -- are two examples. We will also continue to go where you take us with the issues you raise. I would like to address one of those issues now: 'why do I get different results at different airports?'

There are two main issues: a) process consistency, where we want to have the same result everywhere; and, b) purposeful variation so as not to offer a static target.

Let me say up front that we have sometimes confused the issue ourselves, seemingly excusing unwanted results with 'well we do it differently on purpose' answers. While I understand the frustration of not having a completely identical process every time, I cannot say that you will ever be able to go through completely on autopilot. Here's my perspective...

Let's take process consistency first. Imagine we were a manufacturing business and that we wanted to crank out identical, high quality widgets. That's hard to do even when you use precision equipment and consistent materials. If TSA were a manufacturer, we would be processing over 700 million unique transactions a year, using over 40,000 different people, at over 400 locations. And, rather than combating maintenance woes (although we do) and the standard banes of manufacturing quality, our enemy is active, intelligent, malicious, patient, and adaptive.

Because TSA started from scratch, we used very defined 'standard operating procedures' in order to get the new organization up and running. Over time, that detailed process control started to work against us. It had the effect of making the job checklist-oriented. ('If I follow the SOP, then I am doing my job.') The tighter we squeezed to demand tighter adherence to the SOP, the more we squeezed individual initiative and thinking out of it.

While we had great people as TSO's, we were putting them in situations where they had to do things 'because it's SOP' whether or not it made sense. It was not helpful for public credibility or for keeping our people sharp.

Since nobody would care that we followed the SOP precisely if there was a successful attack, and since our enemy can observe our SOP and plan ways to beat it -- we needed something more.

This is the purposeful variation part. The idea is to have a menu of different security measures that TSOs add randomly to the standard process.

Everybody goes through the magnetometer and puts carry-ons through the x-ray and if there is an alarm, it is resolved. However, given the limits of technology and simple human fallibility, vulnerabilities inevitably exist. We are covering those vulnerabilities by adding, truly at random, additional measures. For example, in the last couple of months, I have had two versions of a quick pat-down. My computer was swabbed for an explosives check, as were my shoes even though I didn't alarm going through (Yes, I go through security just like everyone else). We also have new handheld liquid and solid explosives detection devices deployed as well as a variety of other measures. You may, and should, see what I mean in an upcoming trip.

I should also add that we have recently added other layers of security to address the same vulnerabilities that I have been discussing -- behavior detection, document checking, K-9 teams, undercover air marshals, etc.

So, our theory of how to achieve process consistency from a quality control perspective is to train well and set outcome goals that encourage individual initiative and judgment. We think that for a distributed workforce that sees endless variety in passenger situations and faces an adaptive enemy -- that is the way to go. This means that, yes, you will see some differences trip to trip on some judgment things that are not on purpose. That is the price for a thinking, switched-on front-line -- if you want people thinking, then you have to let them make decisions based on their training and experience.

You will also see some different measures applied trip to trip that are purposeful, put there to prevent someone from exploiting a vulnerability.

Thanks for working with us, Kip

More on the Liquid Rules: Why We Do the Things We Do (Commenting Disabled)

Last week, there was a post on the ars technica blog by Jon Stokes, Senior Editor and Co-Founder, posing some questions on TSA’s liquids rules similar to other questions we’ve gotten on the blog so far. Kip Hawley wrote the following response, and we wanted to post it here for TSA blog readers to see as well.

Jon,

Thanks for the question on liquids. We have lots of material on our site (tsa.gov) going into the liquids issue so that is available for background, including the video of it blowing up. I'll try here to break the question down into the sub-questions I hear most. I enjoy ars technica, especially that it is thoughtful and issue-oriented and I appreciate having the opportunity to address your question.

Was this a real threat? Yes, there was a very serious plot to blow up planes using liquid explosives in bombs that would have worked to bring down aircraft.

Why don't you just ban all liquids? Because our National Labs and international allies demonstrated to my satisfaction that there is, in fact, a scientific basis for allowing small amounts of liquids on as carry-on. We try to prohibit the minimum possible from a security standpoint. Also, the consequence of banning all liquids is a large increase in the number of checked bags, which creates its own issues.

Why can't multiple people bring on explosives in three-ounce containers and mix them post security? The tough one! Tough because there are parts of the reason that are truly classified but here goes... (read them all before throwing up your hands!)

1. We are involved in risk management. The question to me is: "What do you have to do to make a successful attack so complex that an intelligent enemy would recognize that the odds of success are too low?"


2. Because there are limits to our ability to detect every thing every time at the checkpoint, we use layers of security. For example, I and senior leaders at TSA work every day with the intelligence and law enforcement communities world-wide to get insights in how to make our security better -- frequently adding specific training and sometimes, respecting our obligations to the intell and law enforcement communities (like our remote control toys advisory), communicating directly to the public. Also, we reduce risk by a) adding behavior detection capability, K-9 teams, surge teams and document checking out front; and b) by undercover presence throughout the area behind the checkpoint, as well as better screening of the supply chain of items in the sterile area after the checkpoint.


3. We reduce risk by deciding what we believe is necessary for a completed bomb -- the core of the 100ml (3.4 ounce) limit. Extensive testing began the morning of August 10, 2006 -- the day the liquids plot was made public -- to determine if there is a level at which any liquid brought onboard a plane represents little risk. These were tests by multiple government agencies, National Laboratories and other nations and they assisted in the 3-1-1 formulation. We announced 3-1-1 on September 26, 2006 and that allowed travelers to go on overnight trips without having to check a bag. That is the trade-off: if 3-1-1 is too complicated, you can always just check your bag.


4. The preparation of these bombs is very much more complex than tossing together several bottles-worth of formula and lighting it up. In fact, in recent tests, a National Lab was asked to formulate a test mixture and it took several tries using the best equipment and best scientists for it to even ignite. That was with a bomb prepared in advance in a lab setting. A less skilled person attempting to put it together inside a secure area or a plane is not a good bet. You have to have significant uninterrupted time with space and other requirements that are not easily available in a secured area of an airport. It adds complexity to their preferred model and reduces our risk, having the expert make the bomb and give it to someone else to carry aboard. They are well aware of the Richard Reid factor where he could not even ignite a completed bomb. Simple is truly better for them. Also, bomb-makers are easier for us to identify than so-called clean 'mules.'


5. The container itself adds complexity. A 100ml container limits the effect of, and even the ability of, a detonation. It also forces a more precise mix, and a lot more boost -- which makes it easier to detect from that side. Even creative ways to smuggle liquids in are less effective because, eventually, they still have to mix it right and get it into the right container, etc. There are also issues with what kind of container you use, but let's leave them to puzzle that out further...


6. The baggie gives us two benefits: A) It serves as a visually identifiable, easy way to limit quantity. Even if they wanted to bring multiple bottles to mix, we limit the quantity of their total liquids as well (bottles "hidden" in the carry-on bag stick out). B) The baggie serves to concentrate the vapor - substances used to create liquid explosives are very volatile and emit fumes even through sealed bottles. (We have tested.) We have liquid explosives detectors that take advantage of the vapor concentration factor in the baggie. This way, we do not have to examine what's inside every bottle, regardless of what the label says.


7. The effect of pulling out liquids and aggregating them separately allows our security officers to have a clear look at the liquids -- and, perhaps just as important, it de-clutters the carry-on bag so that we have a clearer view of that as well.


8. With our medical exceptions, they have to talk to one of our Security Officers who can use a variety of methods to tell whether it presents a problem including test strips, and hand-held detectors that are highly effective, even with closed and sealed bottles. With the larger bottles, the other features needed to make it viable would be very apparent.

A few other points, this policy has been adopted in more than 80 countries worldwide and means that there are common rules almost everywhere you fly. The choice is a total ban or this, and we are working very hard at a technology solution that should make this better all around. Think early 2009 for that.

The challenge is to reduce risk on the things we know about (shoe bombs, liquids) while having enough other measures in place to disrupt what we don't know is coming. Any time we fixate on one thing, you have to be concerned about opening up something elsewhere. Balance, flexibility, and unpredictability are key. So is going on offense by being connected to intelligence / law enforcement and being proactive with our surge patrols, undercover activities, etc. AND getting TSA and passengers back on the same side! That last one is what we're trying to do at our checkpoint with our TSOs and online with our blog.

Whatever you think about our policies -- please recognize our Security Officers who train and test every day and will do whatever it takes to make you and your families safe when you fly. They are the best in the world and are on your side; please give them a little recognition when you see them. Thanks for the opportunity to comment,

Kip

Welcome (Commenting Disabled)

Two million travelers come in contact with the Transportation Security Administration every day. It is an intense experience all around -- extremely personal in some senses but also impersonal at the same time.

There is no time to talk, to listen, to engage with each other. There isn’t much opportunity for our Security Officers to explain the ‘why,’ of what we ask you to do at the checkpoint, just the ‘what’ needs to be done to clear security. The result is that the feedback and venting ends up circulating among passengers with no real opportunity for us to learn from you or vice versa. We get feedback verbally and non-verbally at the checkpoint and see a lot in the blogs, again without a real dialogue.

Our ambition is to provide here a forum for a lively, open discussion of TSA issues. While I and senior leadership of TSA will participate in the discussion, we are turning the keyboard over to several hosts who represent what’s best about TSA (its people). Our hosts aren’t responsible for TSA’s policies, nor will they have to defend them -- their job is to engage with you straight-up and take it from there. Our hosts will have access to senior leadership but will have very few editorial constraints. Our postings from the public will be reviewed to remove the destructive but not touch the critical or cranky.

Please be patient and good-humored as we get underway. The opportunity is that we will incorporate what we learn in this forum in our checkpoint process evolution. We will not only give you straight answers to your questions but we will challenge you with new ideas and involve you in upcoming changes.

One of my major goals of 2008 is to get TSA and passengers back on the same side, working together. We need your help to get the checkpoint to be a better environment for us to do our security job and for you to get through quickly and onto your flight. Seems like the way to get that going is for us to open up and hear your feedback...

Thanks for joining us,
Kip Hawley