November 19, 2013 | New York Daily News

Two Cheers for New TSA Screening

New Transportation Security Administration procedures reported late last month represent a dramatic change from the often caricatured, scan-every-grandma checkpoint security policies adopted just after 9/11.

The changes were bound to be controversial: Rather than treating passengers neutrally at checkpoints, TSA is beginning to aggressively differentiate perceived risks, with the screening process beginning even before passengers reach the airport.

This is a policy evolution we should cheer — with one big caveat.

TSA will assess the level of scrutiny that should be applied to passengers based in part on information it draws from various databases. Though the precise information the agency will rely on hasn’t been disclosed, the New York Times notes that sources may include car registration and employment data, as well as a passenger’s “tax identification number, past travel itineraries, property records, physical characteristics and law enforcement or intelligence information.”

The civil liberties and privacy communities have been predictably displeased. Edward Hasbrouck, a consultant to the Identity Project, evoked the dystopian future of “Minority Report,” telling the Times: “I think the best way to look at it is as a pre-crime assessment every time you fly.”

But is the policy justifiable? Absolutely. Security procedures are burdensome, time-consuming and expensive. The system can either apply those burdensome and expensive procedures equally across the population, or it can try to focus limited resources on the most serious threats.

For example, assume TSA needs to allocate resources between two passengers: a 35-year-old male who has a prior conviction for making explosive devices, and a 90-year-old retiree who has accumulated no criminal record in her long life. Would an ideal system treat them the same at a checkpoint?

 

Though this is an extreme example, with 1.8 million passengers screened every day, there will be similarly large variations amongst them. The case that risk differentiation should never occur is blind to that fact.

In fact, the debate over risk differentiation, rather than polarizing on the question of whether it is acceptable, should be about which specific types are beneficial, and which are unwise or intrusive.

Nor does risk differentiation always result in passengers facing increased scrutiny; often, it can do the opposite. TSA’s PreCheck, perhaps the best thing to happen to air travel in the past dozen years, allows passengers who agree to a background check to pass through a far faster, less intrusive checkpoint.

You can think of the new system as focusing scrutiny on the unlucky few – or on wisely lightening the load on the lucky many.

So forget about the question of whether factoring risk assessment into screening makes sense — and focus instead on how it’s done.

It’s fair to have concerns when considering the precise types of data and the methods TSA will use to inform its decisions. Here, privacy advocates have a point.

As with other areas where the government must balance security and our sense of civil liberties, the question is how much intrusiveness is too much.

There are certain kinds of information we wouldn't want the government to access in evaluating risks, full stop: medical records, for example, are particularly intimate and almost entirely unrelated to evaluating who might pose a threat to aviation.

Other kinds of information may be relevant to risk assessment, yet it would make us rightly uncomfortable for TSA to trawl through our personal data. It would be, justifiably, highly controversial if TSA scrutinized every phone call we have made, email we have sent, or website we have visited. Debates about how to balance concerns about liberty and security are thus important.

To be clear, in the new system mistakes will certainly be made. Some passengers will be subjected to additional scrutiny who, in an ideal world, would not be; some people will feel that their rights were violated. Such is the case, unfortunately, for any set of policies designed to promote risk differentiation. But these problems existed too — and were likely more pervasive — under the old system of checkpoint security.

Of course, in a truly ideal world, people wouldn’t be trying to blow up planes in the first place. But since we do not live in that world, it’s best to minimize the expense of security procedures and the burden we all feel while flying, while at the same time minimizing vulnerabilities to terrorist attack. Risk differentiation is a step in the right direction.

Gartenstein-Ross is a senior fellow at the Foundation for Defense of Democracies and an adjunct assistant professor in Georgetown University’s security studies program. He is the author or volume editor of twelve books and monographs, including “Bin Laden’s Legacy.”