Here's a lesson in security relativity: In the United States, airport screeners "pat down" selected passengers, at times waving a magnetometric wand over their bodies, or frisking them. In contrast, French aviation personnel cannot make physical contact with a passenger unless a law enforcement officer is present. And in Israel, the country thought to have the tightest aviation security in the world, screeners will occasionally order "all-orifice" searches of suspect passengers' body cavities. "They leave no stone unturned," notes Stephen Luckey, head of the North American Air Line Pilots Association's security panel.
The current lack of international security standards means protocols vary wildly from country to country and airport to airport. In many international airports, such as Mexico City's and Hong Kong's, "secure" pre-boarding areas are like malls, with restaurants and duty-free shops where passengers mingle after passing through security checkpoints. The Amsterdam airport, in contrast, effectively quarantines people in an enclosed area once they have undergone screening. And in Jakarta, passengers walk through a metal detector before proceeding to the other side of the terminal, where their bags are screened. (Most airports place the walk-through metal detectors and baggage X-ray machines together, to prevent passengers from switching contraband from their person to their bags.)
Addressing the absence of baseline security standards around the globe is the next great challenge in securing the skies. After several years focused on domestic security, the United States is now ratcheting up efforts to thwart threats abroad, which, unfortunately, seem to be formidable. In February, CIA director George Tenet told Congress that intelligence agents had discovered "chilling" terrorist plots worldwide. "On aircraft plots alone," Tenet testified, "we have uncovered new plans to recruit pilots and to evade new security measures in Southeast Asia, the Middle East, and Europe."
This past December and January, the threats were specific enough that U.S. officials asked several airlines to cancel some U.S.-bound flights, mostly from Paris and London, but also from Mexico City and Glasgow. The official reason for the cancellations, which continued well into this year, was that certain passenger names resembled those on terrorist watch lists. When it turned out that at least some of these red-flag names belonged to improbable suspects, including a five-year-old child and a Welsh insurance salesman, there was a sense that American officials may have overreacted, or that the terrorism watch lists needed updating. But the ongoing saga also raises questions about the state of security at international airports, and whether the United States and the rest of the world have done enough over the past 21/2 years.
By all accounts, aviation security around the world is better than ever. After 9/11, the International Civil Aviation Organization (ICAO)—a 188-nation body that was founded in 1947—asked its members to meet higher standards. (Asked is the operative word; the organization gives all nations "complete and exclusive sovereignty" over their airspace, and has no real enforcement power.) Among other things, ICAO (pronounced "I-kay-oh") called for 100 percent passenger and baggage screening, aircraft searches prior to takeoff, restricted access to cockpits and secure areas of airports, and improved personnel training.
As part of these efforts, ICAO started auditing countries' security programs. This is a tremendous step forward, according to Peter Riess, a retired 747 pilot and former chair of the International Federation of Air Line Pilots' Associations; he'd been recommending audits for years. ICAO now sends teams to consult with civil aviation authorities in various countries to see if they meet the organization's security standards. According to the group's spokesman, Denis Chagnon, last year ICAO audited 20 members, and it will audit 40 more by the end of 2004.
The results are confidential between ICAO and the audited countries—if the countries want it that way—so the flying public may not know whether a given nation is meeting ICAO standards. Nor are the governments of countries whose airlines fly to and from audited nations privy to this information. But Riess notes that news of deficient ICAO status would surely spread fast in security circles, leading to repercussions such as diplomatic pressure from other countries. "Audits can and will make a difference," says Riess.
ICAO has a reputation as a neutral organization. Things get more complicated when one country attempts to impose its standards on others or introduces programs that violate the sensibilities, and sometimes the laws, of foreign nations. This winter the British Air Line Pilots Association vociferously opposed a U.S. request to put armed sky marshals on some flights bound for America. The resistance should have been no surprise, since in many European countries even police officers do not carry guns. Observes Chris Yates, security analyst for the London-based aviation trade publication Jane's Airport Review: "The U.S. government tries to strong-arm us where it feels it's necessary. We just smile politely and tell them to go home. I think most of us on this side of the pond believe we have nothing to learn from the U.S. on aviation security."
The United States is currently trying to persuade the European Union to adopt a second-generation Computer-Assisted Passenger Prescreening program (CAPPS II) on flights to and from EU member nations (see page 166). However, as proposed, CAPPS II would violate the EU's sweeping privacy laws, which restrict governments from collecting personal data about citizens. The United States has brokered a special waiver that would exempt CAPPS II from these laws, but this must be approved by the European Parliament, and privacy advocates are fighting to defeat it. Beyond CAPPS II, Washington has proposed that the U.S. Customs Office post security officials at foreign airports to check for passengers attempting to use fraudulent travel documents. When announced in March, the plan immediately met with international resistance; the U.K.'s Department for Transport spokesman said that his country was not prepared to negotiate sovereignty over its airports, a sign that security proposals involving other countries increasingly need to be handled with astute diplomacy.
David Tiedge, head of the International Affairs Office at the U.S. Transportation Security Administration (TSA), knows the importance of delicacy. Of the TSA's program that evaluates the security level of foreign airports and aircraft, he says, "We use the term 'assessment'—we don't use the term 'inspection.'" When the TSA "assesses" a foreign airport—the program, formerly run by the FAA, covers 200 key airports worldwide—it works with the State Department, gives the host country advance notice, and has officials from that country present for the review. If the TSA finds that a foreign airport isn't meeting ICAO's recommended standards, it will typically keep the findings confidential and give the airport 90 days to correct problems. Such a warning "isn't foolproof, but it has an effect," says Paul Hudson, head of the D.C.-based Aviation Consumer Action Project (ACAP). Since 9/11, Tiedge says, there have been "a few" instances of TSA warnings, but he declined to specify the number.
If the airport doesn't comply in time, or if the situation is deemed serious enough to warrant immediate action, the TSA can issue a public advisory by placing signs at U.S. airports and inserts into the tickets and boarding passes for flights to the noncompliant airport. This has happened only once in the program's 17-year history: in 1993, when the FAA found security to be substandard at Murtala Mohammad International Airport in Lagos, Nigeria. (The warning was lifted in 1999.)
It has taken a while for the issue of global security to get official attention in Washington. At press time, the General Accounting Office had not received any requests from Congress to review U.S. action on foreign aviation security in the post-9/11 world. Cathleen Berrick, a director of the GAO's Homeland Security & Justice section, concedes that this is surprising, especially because the GAO is now reviewing no fewer than 14 aviation security matters, and in the past it evaluated the country's foreign airport and aircraft security assessment program when it was run by the FAA. The Department of Homeland Security Inspector General's office did begin its own review of the TSA's assessment program in February; when results are released later this year, we'll have our first official post-9/11 report on how the TSA is handling that responsibility.
What is already clear, to many experts, is that despite new security measures and evaluation programs, there remain some weaknesses in global aviation security. Most often cited is "the people aspect," according to Billie Vincent, president and CEO of Aerospace Services International, a Chantilly, Virginia consulting firm: "You don't have any system unless you have good people, properly selected and appropriately trained." He credits ICAO's 10 worldwide training centers for raising the bar,but notes that uneven standards remain a problem. Another concern is the lack of standardization. "Aviation is global," observes Teun Platenkamp, head of KLM's security. "The more the system is harmonized, the more effective it is. It also makes it clear for the traveling public."
There's no shortage of suggestions for improving the situation, both among American experts and their counterparts abroad. Luckey, head of the Air Line Pilots Association's security panel, thinks the United States should consider entering into more bilateral aviation security agreements. The FAA already has such accords with 27 countries, including the U.K.,Canada, and Japan, primarily on safety issues. Expanding these to include security, or entering separate ones on security, might make dealing with some of the more contentious standards, like armed sky marshals, an easier proposition, since the sense of partnership helps to override worries about national sovereignty. "They're like shaking hands," says Luckey of bilateral agreements. "Once you shake hands, it breaks the ice. When you do something by invitation, it's better received than if you try to impose it on a country."
ACAP's chief, Hudson, has proposed that ICAO occupy an ex officio place on the TSA's Aviation Rulemaking Advisory panel. That would bring the panel more input from an international perspective. "It wouldn't be unprecedented," he notes, since the European Joint Aviation Authorities have sat on FAA panels.
Nico Voorbach, chair of the International Federation of Air Line Pilots' Associations' security panel, thinks there should be a way for all security staff—airline, government, and airport officials—to report problems to ICAO, with follow-up to make sure they have been corrected. (That information would not be made public but would be available to security personnel.) Such a system would give people a clear sense about what to report and when. In addition, a central repository of reports from around the globe could help ICAO extrapolate patterns.
Others have suggested that ICAO be given enforcement powers. But the emerging consensus in the aviation community is that expanding ICAO's role could lead to international friction or cause the organization to develop an uncomfortably cozy relationship with the airlines and airports—or both.
In the United States, it's hard to predict how much attention global aviation security will continue to get in an election year. As ever, the urgency with which politicians deal with the issue will depend on actual threats or attacks, thwarted or otherwise. Fortunately, there are plenty of federal officials, as well as private-sector experts, who will carry on the work in the international arena.
Given the United States' reputation as a unilateral aggressor, cooperating with other countries to improve global airport security standards will require more diplomatic finesse than ever. A lack of bilateral collaboration could create an opportunity for a terrorist to escape detection—or worse. This past winter, there were press reports that French officials prematurely announced the cancellation of a Paris—Los Angeles Air France flight, to the chagrin of U.S. investigators, who had hoped to ensnare the plane's suspect passenger(s) at Charles de Gaulle. One must hope that in the future countries will put aside their differences, given how much is at stake.
The United States' proposed second-generation Computer-Assisted Passenger Prescreening System (CAPPS II) faces a string of challenges at home and abroad. If implemented, it would replace CAPPS I, the computerized screening system created in the mid-1990's. CAPPS I uses criteria such as one-way ticket purchases and cash payments to flag passengers as potential security risks; those identified receive additional scrutiny.
CAPPS II's aim is much broader: to make sure each passenger is who he says he is. This will require all passengers boarding domestic flights and U.S.-bound planes from abroad to provide their date of birth and address. (All that's required now is the passenger's name, plus a contact phone number.) The idea is to "authenticate" the passenger's identity by comparing personal information against commercial databases, then assign a threat level: green, yellow, or red. Reds don't fly, yellows get additional scrutiny, and greens are clear to board but might face additional random screening not related to CAPPS II.
Privacy activists object to CAPPS II on principle. They have a point. Date of birth is a key component in identity theft. The U.S. government would also have passengers' names checked against their credit accounts (though not their credit ratings)—questionable, even if not illegal.
In Europe, CAPPS II is a legal issue: it violates the European Union's privacy laws. This winter, U.S. officials asked the European Commission for an exemption, but such a plan must still be approved by the European Parliament.
At home, CAPPS II also faces obstacles, including concern over how passengers can appeal an erroneous threat-level assignment. Congress has tied future funding to a report from the General Accounting Office. In February, the GAO reported that the Transportation Security Administration was not ready to put CAPPS II into effect, so the government is going back to the drawing board. Observers say that the system in its present form is a long shot.