Cracks in System Open to Terrorists
Imagine if the world's most notorious fugitive, Osama bin Laden, attempted to board an airliner in the United States. Suppose he were clean-shaven, sporting short hair, wearing a pin-striped business suit and looked like so many other travelers that no suspicions were raised. How far might he get? If he used aliases such as names of family members he would be nabbed instantly and whisked away for questioning. That's because many of his relatives are on the FBI's secret "no-fly list," according to intelligence sources.
But suppose he boldly decided to use his own name. Would he be cleared to fly? Insight recently learned that scenario was tested at a U.S. airport in the South during January. The result was troubling: America's most-wanted fugitive is cleared to fly. According to airline-security documents obtained by this magazine, the name Osama bin Laden was punched into the computer by an airline official and, remarkably, that name was cleared at the security checkpoint all passengers must pass through before being issued a boarding pass.
The realization that Osama bin Laden made the cut sent shivers down the spines of airline-security officials who discovered the system gap. "When the most-wanted man in modern history is not included on the list of possible terrorists there are some serious deficiencies in the system which need to be addressed," says an airport-security official familiar with the test. In fact, Insight has learned from law-enforcement sources that at least two other names of known terrorists cleared security checkpoints when officials punched them into the computer.
As shocking as these revelations may seem, airline-security experts and privacy-advocate groups say they are not surprised. Kathleen Sweet, author of Aviation and Airport Security: Terrorism and Safety Concerns, tells Insight the incident confirms the vulnerability of the current system. "It often fails to detect terrorists until they have boarded the plane," and by then it might be too late, Sweet warns. As she points out, "We have computers talking to each other but not necessarily in a timely manner."
When Transportation Security Administration (TSA) spokesman Mark Hatfield was asked why bin Laden's name did not set off alarms, he grew silent. Obviously uncomfortable, he at last said the airlines that employ Computer-Assisted Passenger Screening (CAPS), a software program designed to flag suspicious travelers, don't use it, well, consistently. "It is almost 10 years since CAPS began, and there is just not a great deal of consistency between the airlines," he says. "It is possible for some airlines to flag some passengers while other airlines may end up clearing them to fly." The real-time data aren't even sent to the ticket agent, which means a name recently flagged may not show up in the airline system until it's too late. Pressed to comment specifically on bin Laden's name being cleared to fly, Hatfield refused to attempt an explanation unless told how and by whom the terrorist's name was entered.
Hatfield simply acknowledges there are systematic flaws in the system and says that's why TSA proposed in January to build an upgraded version called Computer-Assisted Passenger Prescreening System II (CAPPS II). The proposed system would transmit real-time data with no delays and be run by TSA rather than the airlines.
The first CAPS program was the brainchild of the White House Commission on Aviation Safety and Security, better known as the "Gore Commission," because the former vice president chaired the panel. Its report directed the federal government to "consider aviation security as a national-security issue" and President Bill Clinton dumped $100 million into such efforts, helping to launch the first CAPS program in 1998, three years before 9/11.
Details of the software were kept under close wraps by the federal government, which feared the slightest release of information could help terrorists defeat the system. But in the last five years information about CAPS slowly has emerged through disclosures in congressional hearings, investigative reports and release of hundreds of pages of related documents during civil suits filed by angry passengers who claimed they unjustly were targeted. An even more revealing look at the Gore system was presented in a study conducted by the Massachusetts Institute of Technology (MIT). According to the study, CAPS profiles and provides risk-assessment analysis by matching a would-be traveler's itinerary with data from historical records pertaining to known terrorist activities. Information under scrutiny might include a person's address, how and when they paid for the ticket, how many times they have traveled abroad, names of traveling companions, destination, rental-car transaction and whether the passenger bought a one-way or round-trip ticket.
Once the profile is created it remains in the CAPS software, which is accessible from every airline check-in counter in the nation. As soon as a passenger checks in, the ticket agent immediately enters the traveler's name into the CAPS console. The passenger's travel itinerary then is linked to government databases that scour the information to see if it matches the terrorist profile. Thereupon a "threat index" is assigned to identify the potential risk the passenger poses to the flight.
The CAPS system separates suspicious passengers into two groups: Passengers who "fit the profile" become "selectees" and are subjected to heightened security measures, while those deemed too high a security risk are denied a boarding pass. The FBI keeps the "selectees" list secret, but passengers easily can find out if they have triggered an alert because the ticket agent will stamp their boarding passes with a huge "S" that tips airport screeners to do a more extensive search.
On the surface more scrutiny may seem to ensure more security, but the MIT study concluded that CAPPS II actually will weaken airline security by making the screening process overly predictable. MIT warned that the system easily can be penetrated by terrorists who send test subjects into the airport to identify what will get a passenger flagged - something intelligence experts believe the 9/11 terrorists did months in advance.
Daniel Biran, assistant managing director at Citigate Global Intelligence & Security (CGIS), an international business-intelligence and security firm, says the central problem with U.S. airline security is that it is predictable. "Unpredictability creates real problems for terrorists," he says. For CAPPS II to be effective, he emphasizes that it must go "beyond data mining and look at human behavior." Biran notes that simply relying on watch lists would not have caught the 9/11 terrorists because "none interacted with the watch list."
Who goes onto these secret lists is of great interest to terrorists but also has been a sore point among passengers who claim the Bush administration may be targeting those critical of administration policies and intelligence operations. While both the TSA and FBI insist they don't target groups based on political orientation but focus on suspicious traveling patterns and names of suspected terrorists, this does not explain why some repeatedly have had problems boarding planes. Consider just a few examples:
But it's not always those on the left who are being scrutinized. An Insight re-porter ran into difficulty recently at Ronald Reagan Washington National Airport, where he was taken aside and questioned by law-enforcement officials. The writer, who has been highly critical of intelligence failures in both the Bush and Clinton administrations, thought he might be on the list in order to show that TSA is not profiling by ethnicity. He missed his flight but was put on another. His ticket stub was stamped with a prominent "S," an indication that he is on the selectee list.
The Insight man wants to know how he and other loyal Americans can get off the no-fly list. But TSA won't say because currently there is no procedure for this. Under CAPPS II there is to be an om-budsman system through which passengers can appeal inappropriate scrutiny. For the moment, says a security official, "You do have a better chance of getting off the no-fly list than the selectee list," but how even this may be done remains a mystery.
The barring from flights of U.S. citizens has prompted lawsuits, of course, led by the American Civil Liberties Union (ACLU), the Electronic Privacy Information Center and the Arab-American Anti-Discrimination Committee, which claims about 200 Arab men have been detained illegally, with at least five being pulled off planes, because of their ethnicity. The ACLU also has filed a series of lawsuits against the Justice Department to determine what criteria are being used by the FBI to put someone on the no-fly list. So far it has received about 100 pages of nonresponsive "answers" and redacted information concerning the list.
Documents released in the lawsuits consist of e-mails, letters and correspondence to congressmen from U.S. citizens trying to remove themselves from the list and complaining of an invasive system that has resulted in missed flights and uncomfortable searches. The complaints filed include those of a 71-year-old English teacher, a municipal worker who encountered a National Guardsman aiming an M-16 rifle at him when he refused to stand on one leg because he was recovering from a leg injury and a woman who shares the same name as an Australian man 20 years her junior who is suspected of being a terrorist. The government records indicate TSA has been receiving about 11,000 complaints a year, though how many of those come from good citizens who needlessly have been detained or arrested remains unknown because, according to TSA, "there is no pressing need" to collect such information. Airline-security analyst Sweet says she would like to see the lists made public with names, details and photographs, as with FBI most-wanted lists. But TSA says that would tip off the terrorists.
TSA officials insist the new screening system, CAPPS II, will eliminate most of the bumbling and mistakes because it will be more accurate while fulfilling the agency's mission "to ensure freedom of movement." But the new proposed system has set off a firestorm of criticism among privacy groups which charge that TSA appears more interested in regulating people's movements than guarding the U.S. border and maintaining homeland security. Prompted by public concern, the General Accounting Office released a preliminary report showing the system had failed again and again.
In the meantime, privacy advocates fear TSA will be building a more extensive dossier on travelers by collecting and sharing personal data with law-enforcement and intelligence agencies that could result in more names on more lists and more headaches for passengers. When TSA announced in the Federal Register in January that its CAPPS II program would involve building an Aviation Security Screening Records (ASSR) database, it attracted about 14,000 public comments in less than a month, which Hatfield says "have been not always cheers and applause."
The database would link together information from the airlines on their passengers, to include such personal data as credit reports, credit-card purchases, FBI files, arrest reports, job history, telephone logs and motor-vehicle records. In the past much of this information could not be collected by the government without a search warrant and probable cause. Access to some of this data would require changes in privacy laws. While some critics believe CAPPS II is dead in the water, and at least two airlines reportedly have backed out of field tests because of a public backlash, Hatfield insists a preliminary test of the system will begin this summer and full implementation may come before the end of the year.
Once these data are collected, CAPPS II would use a formula to assess the potential security risk presented by each passenger. Some reports suggested that each would be assigned a color, such as green for "okay," yellow for "more screening" or red for "no fly," but Hatfield insists there is no color system. Instead, he says, passengers will be separated into three categories - primary screening, which all passengers must undergo; selectee screening for further evaluation; and the no-fly list. He assures Insight that no personal data would be leaked into the wrong hands.
It's simply a matter of trusting the federal government, you see, something that does not sit well with those concerned about an increase in identity theft and privacy abuse. Lisa Dean, director of the Center for Technology Policy at the Free Congress Foundation, warns that TSA promises the personal data will not be misused and will be given out only to those with a "need to know," but she says it fails to tell the public that TSA reserves the right to give out this information to anyone it deems appropriate. "We have lost control," she says. "The information collected on us puts our identity up for grabs."
In fact, concern has grown as a result of recent reports indicating that JetBlue and Northwest airlines may have provided federal contractors with personal data on millions of passengers without their consent during a test trial of a security-software system. Hatfield maintains the system being tested was not CAPPS II but involved other agencies and other projects. He insists TSA is listening carefully to public concern and it already has made sweeping changes such as reporting only warrant information involving violent crimes to law-enforcement authorities instead of providing all outstanding-warrant in-formation.
Air Transport Association (ATA) spokesman Doug Wills says his group, which represents about 20 major airlines, supports implementation of CAPPS II because "the old system is not sufficient to do what we need to do." However, he says, ATA remains concerned about possible privacy abuse. "We want to know who gets access to the data and, if the federal government discloses the information, we want to know how it is being used and for what purpose," he says. "What does your Visa card or credit rating have to do with identity verification? We don't think that's necessary."
Similarly, Airline Pilot Association (APA) spokesman John Mazor says his association supports CAPPS II but favors eliminating the credit-report data and providing security cards to pilots and transportation workers who have undergone extensive FBI background checks. The pilots are frustrated about their own screening, he says. Robert Cox, a senior airline captain with a major U.S. airline and a former special-projects officer for the national-security committee of the APA, filed this comment about CAPPS II last month to the Federal Register:
"I served in the Army as a paratrooper and with Special Forces, and I am one hell of a patriotic SOB. I take extreme issue with anyone who insinuates otherwise, and unfortunately it happens to me three to four times a day. Several of my comrades have been arrested because they too take extreme issue with the insinuation that they are, or have criminal intent (by virtue of searching for explosives in my shoes, or removing my nail clippers after a thorough search of my bag), and yet are turned loose to fly 250 passengers from the cockpit of a commercial airliner not 25 yards from the screening point. And while I can't say this at the screening point, I can here: I have a crash ax in the cockpit that is FAR more dangerous than my nail clippers. Another interesting item: I have the control wheel. Is anyone else missing the logic here?"
Enough is enough, and when political correctness gets into the equation tempers flare. Former congressman John Cooksey (R-La.) said recently on a radio show, "Someone who comes in with a diaper on his head, and a fan belt wrapped around the diaper, needs to be pulled over." While critics were quick to suggest that a diaper should be put in Cooksey's mouth until he learns to be politically correct, Rachel Ehrenfeld, director of the New York-based American Center for Democracy and author of Narco-Terrorism, Evil Money, and the forthcoming Funding Evil: How Terrorism Is Financed and How to Stop It, says she is tired of political correctness getting ahead of good sense. She says Israeli airlines don't walk the PC line, but they have the best airline security in the world. Ehrenfeld warns that the 1997 decision of the Clinton Justice Department never to use race, religion, national origin or ethnicity as a screening factor is a grave mistake.
According to Ehrenfeld, security agents should pay special attention to passengers born in countries including Syria, Egypt, Libya, Sudan, Iran, Saudi Arabia and the Persian Gulf states, Lebanon, Iraq, Jordan, Yemen, Morocco, Pakistan, Indonesia and the Philippines - all countries that had and/or continue to have terrorists in training. "We should even ask them their religion," she says, although discrimination laws would need to be changed to allow that. "I don't care about political correctness. I don't want to blow up in midair."
The screening of airline personnel, from baggage checkers to those preparing food, also falls short of what is needed, Ehrenfeld says. For example, she notes 35 percent of the 1.5 billion pieces of airline baggage trigger a false alarm, but the follow-up on these electronic warnings rests strictly with the screener. If 30,000 of the 55,000 screeners hired recently have not even been given a background check, and with at least 50 security agents at New York's JFK International Airport now known to have passed background checks that did not reveal their criminal record, Ehrenfeld wonders, how reliable is the service we are getting from TSA?
Meanwhile, a traveler selected by CAPS for special screening recently was forced to drink a mysterious liquid found on his possession after failing to persuade authorities he was conducting a science experiment with pond water. The way airline-security officials reacted, you'd think they had busted Osama bin Laden instead of a 7-year-old boy. But of course the real Osama is cleared to fly.
Timothy W. Maier is a writer for Insight magazine