from the show-us-you-actually-care-about-security dept
The TSA was imposed on us following the terrorist attacks on September 11, 2001. Supposedly necessitated by this “new” terrorist threat, the TSA shrugged into action, becoming another layer of irritating bureaucracy standing between benign travelers and their freedom of movement.
Since then, it has gotten worse. The TSA has spent billions on tech, training, and polyester blends and delivered us little more than a new way to get hassled by The Man. What the TSA has been completely incapable of doing in its two decades of existence is prevent any terrorist attacks. Those threats have most often been handled by passengers who were subjected to intrusive screenings only to find themselves on board with would-be terrorists the so-called “experts” were unable to detect.
The TSA has taken every failure — and those have been several and spectacular — in stride. It has asked for more power, more intrusive screening methods and devices, and more facial recognition tech at more airports. And it has obtained all of this, despite being unable to show any of this has made it better at its job.
Facial recognition tech is on its way to becoming the only way passengers will be allowed to board planes. Sure, it’s technically opt-out, but TSA agents aren’t all that forthcoming about this option and tend to treat those who do bypass the biometric screeners as inherently suspicious.
And that’s on top of what the TSA already has. It has spent years obtaining all manner of body/substance screening tech that still hasn’t done much more than prove that letting machines do TSA agents’ jobs for them hasn’t necessarily made us any safer.
The latest report [PDF] from the Government Accountability Office doesn’t offer any signs of improvement. While it does note the TSA has “taken steps” to implement recommendations the GAO handed out on two previous occasions (2019 and 2022), this 2023 report says there’s still a long way to go before the TSA can be considered to be in compliance, much less competent.
Buying and deploying screening tech may sound like a solution to ever-shifting threats (threats that do not include hijacking/blowing up planes, as the TSA inadvertently admitted years ago). But all that money doesn’t mean a thing if no one’s ensuring the purchased devices are doing their job and/or aren’t due to be phased out for something more accurate.
TSA certifies technologies to ensure they meet requirements before deployment, and its officers are to regularly calibrate deployed technologies to demonstrate they are minimally operational. However, neither of these actions ensures that technologies continue to meet requirements after deployment.
“Works out of the box” is not the same thing as “still functioning well” years later. How bad could it be? Well, the report says the TSA was already failing to ensure continued functionality almost a decade ago.
In 2015 and 2016, the Department of Homeland Security (DHS) tested a sample of deployed explosives trace detection and bottled liquid scanner units and found that some no longer met detection requirements.
The TSA’s response was to start working on an update of its tech calibration policies. It started this process in 2020. As we get set to close out 2023, this project still hasn’t been completed. As the GAO points out, the processes currently in place only ensure screening tech is “minimally operational,” a phrase that means it powers up when the power button is pushed, but little else. Meeting the baseline is not the same thing as having equipment capable of detecting explosives years after installation. Machinery doesn’t tend to improve the longer it’s in operation. But the TSA apparently feels its job is done once the machines have been installed and powered up.
The TSA has its excuses, but the GAO says those excuses have zero worth.
TSA officials stated that there are challenges in designing a process to ensure that screening technologies continue to meet detection requirements after deployment. For example, TSA officials stated that it is not feasible to conduct live explosives testing in airports. Further, while it is relatively easy to temporarily transfer smaller screening technologies, such as explosives trace detection units, to a controlled setting for live explosives testing, it would not be feasible to transfer larger installed units, such as advanced imaging technology. However, as we have previously reported, independent test measures exist to test these technologies such as a national standard for measuring image quality in explosives detection systems.
Then there’s the combination of problems caused by the TSA’s tech and the officers who operate it. After meeting with twelve “discussion groups” composed of TSA officers, the GAO found (back in 2022) that the screening tech “alarm[ed] frequently on certain passengers.” Triggering the most “alarms” were transgender passengers, people wearing religious headwear, and “passengers with certain hair types and styles” (read: flying while black). Here’s what those groups had to say:
The officers stated that they push a blue or pink button on the advanced imaging technology machine to specify the gender passengers are scanned as, based on their visual assessment of the passengers’ gender presentation. The officers stated that passengers may undergo additional screening if the gender button selected on the machine does not match the gender of the passenger. In addition, officers noted that transgender passengers may trigger alarms depending on the nature of their transition, because the technology may register potential threats in the groin and chest areas.
The officers also stated that the advanced imaging technology cannot adequately screen certain hair types and styles (e.g., heavy braids), which can result in some passengers, including Black women, triggering alarms on the machines.
Furthermore, officers stated that passengers who have medical conditions, prostheses, or disabilities that prevent them from holding the required position for advanced imaging technology screening (i.e., stand with their arms positioned over their heads) may be required to undergo additional screening.
Not great. As the ACLU and National Center for Transgender Equity pointed out to the GAO and TSA, binary selection is not the way to go. In addition, the Sikh Coalition stated Sikhs were guaranteed to received additional screening because their turbans would “automatically” result in the generation of an alarm by passenger screening tech.
In response, the TSA claimed it frequently met with advocacy groups to help determine what issues were being caused by its tech and its (apparently hands-off) approach to this tech deployment. What the TSA wasn’t able to demonstrate — at least not to the GAO’s satisfaction — was that all of this stated concern for these particular travelers had resulted in any meaningful changes in policies or procedures.
While the TSA did decide to eliminate the pink/blue options and replace with a simple, gender-neutral “scan” button, the rest of its promised changes have yet to materialize. The TSA claims it is collecting more data on “referrals” based on machine alarms and has briefed officers on these issues, but the GAO has yet to see any of this data firsthand.
To fully implement our recommendations, TSA will need to provide evidence that it has collected data on passenger referrals and used these data to assess the extent to which its screening practices align with its anti-discrimination policies to identify any needed actions to improve compliance.
In other words, show your work. Saying is not doing. Much of what’s discussed here has been known by the TSA since 2015. The rest of it the TSA was surely aware of but not made officially aware of until the 2019 GAO report. But certainly it was aware its tech was disproportionately singling out certain passengers. But it chose to do nothing about it until its failures were made public by its oversight. Government agencies with this much power should always strive to do better. What they shouldn’t do is wait around until they’ve been instructed to do better several times over the past decade.