How to Make the TSA (and Airports) Work Better

The risk-averse Transportation Security Administration must practice the risk-management doctrines that the Department of Homeland Security preaches, write P.J. Crowley and Lindsey Ross.

Iranian President Mahmoud Ahmadinejad, center, listens to a technician during his visit of the Natanz Uranium Enrichment Facility in 2008. (AP/ Iranian Presidents office)
Iranian President Mahmoud Ahmadinejad, center, listens to a technician during his visit of the Natanz Uranium Enrichment Facility in 2008. (AP/ Iranian Presidents office)

As passengers lined up to board a recent US Airways flight to Orlando, FL at Reagan National Airport in Washington, D.C., two transportation security officers performed random pat-downs, a tactic designed to make aviation security less predictable to a potential attacker. It was good security theater and gave the appearance of increased protection, but the Transportation Security Administration’s spot inspections were a waste of effort since they occurred less than 100 yards from a primary passenger screening checkpoint.

Two months earlier, on New Year’s Day 2009, eight Muslim-American passengers and a ninth legal resident were pulled off an AirTran flight at Reagan, also destined for Orlando, after someone misinterpreted a comment during the boarding process and alerted the crew. Eventually, all passengers deplaned and were rescreened. The flight took off two hours late, minus the law-abiding citizens who were subsequently cleared by the FBI.

These anecdotes are not meant to suggest that increased aviation security is unimproved and unnecessary—quite the opposite. After a relatively rocky start, the Transportation Security Administration has measurably improved aviation security. Its workforce is increasingly professional, stable, and motivated, with new uniforms to boot. Lengthy security lines are now the exception rather than the rule. And if history is a guide, the passenger aviation system remains the most accessible way for a would-be terrorist to attack the United States and its economy.

What these two incidents do suggest, however, is that those who are responsible for operating the system don’t trust it. Former TSA Administrator Kip Hawley regularly highlighted the 20 layers of aviation security, from better intelligence to passenger and baggage screening to behavioral observation. But before he left office, he added a 21st layer: the random pat-downs at the gate.

The airline crews, federal air marshals, and transportation security officers charged with defending the system are clearly afraid of making mistakes. On New Year’s Day, after talking with both the passengers who said something and those who heard something, no security official was willing to exercise good judgment and conclude that there was no real threat to the airplane. No one wanted to be responsible if something went wrong.

This incident and others like it indicate that while the Department of Homeland Security may preach risk management, TSA, its largest operating agency, does not practice it. As a result, improved security comes with too much wasted effort, at a social and economic cost that is too high and ultimately unsustainable.

Unlike its counterparts in other countries, aviation security at U.S. airports is labor intensive. Separate TSA officers authenticate your identification, usually a driver’s license; study an X-ray image of your carry-on bag; wave you through an explosive detection portal; perform a trace detection test on your briefcase if needed; and restock the plastic trays we use as we shed our coats, jackets, shoes, and pocket change.

This adds up, line by line and checkpoint by checkpoint (not to mention a separate process for checked baggage) at 450 U.S. airports, to an army of 50,000 transportation security officers. Put another way, almost 25 percent of DHS’s workforce is locked into one security requirement: preventing someone from boarding and either hijacking or blowing up a passenger airplane. By comparison, fewer than 300 people at the federal level focus on surface transportation, including the security of transit systems, which are another favored terrorist target. Janet Napolitano, in her third month as DHS secretary, has ordered a review of this imbalance.

DHS was formed in 2003 with terrorism as its primary focus, but as we have seen over the past six years, homeland security is not static. Its attention to terrorism came at the expense of emergency preparedness and contributed to the slow response following Hurricane Katrina. More recently, political attention has turned to securing borders and enforcing a broken immigration system. Just last week, DHS announced that it is sending additional resources to the border to improve interdiction of money and guns heading south to the drug cartels that are at war with the Mexican government.

In future years, additional manpower to address emerging or changing threats may be difficult to find as the federal budget inevitably tightens. Most Americans support increases in the size of the Army and Marine Corps in light of ongoing operations in Iraq and Afghanistan. Yet DHS, a less popular agency, will have to economize within its existing workforce of 208,000 if it needs different capabilities.

Five DHS operating components—the Secret Service, Customs and Borders Protection, Citizenship and Immigration Services, Immigration and Customs Enforcement, and the Coast Guard—perform functions inherent to the federal government. Also essential is the Federal Emergency Management Agency, which has only 4,500 full-time employees and needs to grow if it is to help local communities respond to more Katrinas exacerbated by global warming.

The most obvious mission area where a major shift of manpower is possible is passenger aviation. TSA can accomplish this by fielding new technology and returning at least some checkpoint operations to the private sector.

The recent economic stimulus bill included roughly $1 billion in funding for TSA, including $300 million for explosive detection systems at passenger security checkpoints. The rest is for checked baggage. New technologies have been developed and await TSA certification.

Most urgently, new systems are needed to close vulnerabilities that were revealed by the alleged 2006 liquid bomb plot in Great Britain. It is unclear what the suspects intended to actually do, but TSA was concerned enough to limit the amount of liquids that passengers can place in carry-on luggage. Industry believes new technology will reduce the risk of a liquid bomb and a shoe bomb, but TSA has yet to agree. No doubt the agency is fearful of deploying new technology only to have the Government Accountability Office discover a new weakness.

The solution is a security system that is effective and efficient, yet adaptive and innovative. These are not qualities normally associated with the public sector. It is time to reevaluate the assumption made in 2001 Aviation Transportation Security Act, or ATSA, that aviation security is an inherently governmental function. The private sector with appropriate government oversight is fully capable of handling the security responsibility currently performed by government transportation security officers. In fact, a recent Government Accountability Office study found that when considering both “cost and performance” there is little to no difference between the government and private sector.

One place this private-sector implementation has already been successful is in the Registered Traveler program, which has existed for several years. Frequent flyers, mostly business travelers, have shown a willingness to pay up to $200 and submit to a background check in exchange for shorter lines and less hassle at airports. TSA sees Registered Traveler as competition, however, and has developed diamond lanes at airports to undercut it. Absent TSA support, similar ventures now are little more than concierge services. This is short sighted. The federal government should view Registered Traveler as an innovation platform to increase DHS’s efficiency, not as a threat.

Business flyers and citizens who submit to background checks, together with government employees with security clearances, pose a much lower risk to passenger aviation. If TSA followed a genuine risk-management strategy, this population would receive a lower level of scrutiny than someone flying for the first time. Everyone should be screened, but not everyone has to be checked in the same way.

Given this lower risk, TSA could deploy new technology in Registered Traveler lines and test it under real-world conditions— what the Pentagon calls operational test and evaluation. Under these circumstances, TSA should welcome rigorous GAO audits to identify system weaknesses and make adjustments before making a large-scale investment. Better technology that allows passengers to keep their shoes on and keep computers in their briefcases would increase system throughput and require fewer TSA employees at each checkpoint.

Finally, rather than simply having Registered Traveler lanes terminate at a TSA checkpoint, private companies could manage these checkpoints, subject to rigorous TSA oversight. The privately run checkpoints could be expanded airport by airport— the ATSA law gives airports that choice—assuming the companies are at least as effective as and probably more efficient than government-run lanes. This would free up TSA manpower that could be deployed to shore up other aviation-related security challenges such as air cargo. TSA would then have more officials to oversee rail security, another pressing concern. Thinning the passenger air security workforce would also provide DHS greater flexibility to move manpower where it is needed the most, including at seaports or land borders.

DHS has spent its first six years simply getting itself up and running. It is still maturing, but is much more capable than it was in 2003 or even 2005. Transportation security will always be one of its core missions, but the security environment is dynamic and DHS needs to be resilient if it is to stay ahead of changing threats.

DHS rightly preaches risk management. TSA needs to practice what it preaches.

P.J. Crowley is a senior fellow and director of homeland security and Lindsey Ross is a researcher at the Center for American Progress.

The positions of American Progress, and our policy experts, are independent, and the findings and conclusions presented are those of American Progress alone. A full list of supporters is available here. American Progress would like to acknowledge the many generous supporters who make our work possible.