Suppressing Air Security Gaps

by Robert Poole
Issue 213– October 10, 2012

Early last year, following a string of early-2011 security breaches at Newark Airport, Sen. Frank Lautenberg (D, NJ) asked the Department of Homeland Security’s Office of Inspector General to investigate what factors contributed to these and similar breaches, whether the high incidence of breaches at Newark is typical of other large airports, and what actions were taken at Newark in response to the breaches.

The OIG’s report was released last month, and it does not paint a reassuring picture. (The redacted version is on the agency’s website (www.oig.dhs.gov); it is “Transportation Security Administration’s Efforts to Identify and Track Security Breaches at Our Nation’s Airports,” OIG-12-80.

The OIG team visited and collected 17 months’ worth of data from Newark and five other large airports. Though most of the tables of comparative data are blanked out, the text states that the number of security breaches at Newark was only “slightly higher” than at some of the other airports.

At all six airports, the team found that not all security breaches were reported, as they are supposed to be, to TSA headquarters. (One reason for that is that two different TSA Operating Directives define security breaches differently.) At all six airports, only a fraction—ranging from a low of 42% at Newark to a high of 88% at a redacted airport—had corrective actions noted or reported; the average of the six airports was only 54%. And because of all these shortcomings, TSA headquarters “cannot use [security breach] information to monitor trends or make general improvements to security.”

As is often the case with OIG reports, the agency in this case agreed with both of the report’s recommendations: to come up with and implement a single, comprehensive definition of “security breach” and to develop a comprehensive oversight strategy so that patterns and trends can be analyzed at TSA headquarters.

But the OIG team did not ask a more fundamental question. How can it be that the agency charged with making transportation security policy and regulating all aspects of aviation security did (or does) such a sloppy job of riding herd on its own screening workforce? And I think the underlying reason is simply that, consciously or otherwise, the TSA doesn’t want to make its workforce look bad. And that stems from the agency’s built-in conflict of interest in which it is both the aviation security policymaker/regulator and the operator of the largest single component (in staff and budget) of airport security.

No other major developed country does air security this way. In Canada, the corresponding agency does policy-making and regulating—but hires licensed security firms to carry out all airport screening functions. In most of Europe, a national agency sets security policy and oversees its implementation by airports and airlines—but it is each airport’s responsibility to provide the screening functions.

Congress created this mistake in the hastily enacted Aviation & Transportation Security Act of 2001, which “federalized” airport security in this dysfunctional manner. Until and unless Congress reforms TSA, to eliminate its dual roles, we will remain stuck with the consequences of this unfortunate conflict of interest.

Robert Poole edits the Reason Foundation’s Airport Policy News, where this first appeared.