Rand Paul has introduced legislation that is aiming at tightening the reins on the TSA, the US federal agency tasked with transportation security in the country. The TSA has, in the years after “9/11″, gained notoriety for their security theories, strategies and methods, and it seems that even US lawmakers have realized that something must be done about the rampaging behemoth agency.
Rand Paul’s main points are that airports should be able to use private security companies instead of TSA agents, that passengers must be granted the right to contact an attorney if they are detained, and that reasonable protests from passengers must be allowed if they feel violated. This seems like the best idea since the TSA was originally formed, doesn’t it? Bruce Schneier disagrees, and here’s our response to the self-proclaimed security guru.
This seems to be a result of a fundamental misunderstanding of the economic incentives involved here, combined with a magical thinking that a market solution solves all. In airport screening, the passenger isn’t the customer. (Technically he is, but only indirectly.) The airline isn’t even the customer. The customer is the U.S. government, who is in the grip of an irrational fear of terrorism.
This is wrong. Well, it’s both wrong and right, in fact – the airlines and the passengers aren’t the customers (not even “technically”), but neither is the US government. The airport is the customer. The airport selects the company, and the DHS approves the choice. This means that the “magical” market solution actually works – the customer of the security company (i.e. the airport) can pick and choose which security company they want, based on several criteria, and the company that can deliver the best service at the best price will prevail. There’s nothing magical about it – it’s just how any market works. Schneier, it seems is not all that well schooled in economics, either.
We have to remember that the airport needs the passengers to be happy, as much as possible. A happy passenger is more likely to spend money in the terminal, making revenue for the shops that are there and the airport itself. If the Hicksville Airport, Hair Care and Tire Center has a bunch of happy passengers that made it through security in good time due to the efficient and service minded security company, they’ve got time for half an hour in the barber’s chair. A strapped-for-time, angry passenger will just stew at the gate for whatever amount of time he/she has. Makes sense, don’t it?
It doesn’t matter if an airport screener receives a paycheck signed by the Department of the Treasury or Private Airport Screening Services, Inc. As long as a terrorized government — one that needs to be seen by voters as “tough on terror,” wants to stop every terrorist attack regardless of the cost, and is willing to sacrifice all for the illusion of security — gets to set the security standards, we’re going to get TSA-style security.
That’s just ridiculous. Any government in the western world today wants to be seen as “tough on terror”. That, however, does not automatically translate to TSA, or TSA-style security. Looking at airport security in other countries, specifically European countries, the government will control the making of regulations for airport / air travel security, and private security companies will carry out the tasks. In most cases, the regulations will be international, adhere to standards that are world wide (or as close as they come), and in many cases, they will even be made to conform to the excessive US regulations, while still avoiding the TSA-style security. There are few similarities between walking through a European checkpoint and the TSA checkpoints.
Taking a look around the internet, you’ll find thousands upon thousands of horror stories involving the TSA, but only a few from other places – there are even some stories about the “very professional and pleasant” Scandinavian checkpoints…
The conclusion that a government determined set of regulations always will result in “TSA-style security” is just plain uninformed and silly. We’re sorry – there’s just no other word for it.
We can put the airlines, either directly or via airport fees, in charge of security,, but that has problems in the other direction. Airlines don’t really care about terrorism; it’s rare, the costs to the airline are relatively small (remember that the government bailed the industry out after 9/11), and the rest of the costs are externalities and are borne by other people. So if airlines are in charge, we’re likely to get less security than makes sense.
This is just strange. Why would you put one of the airport’s customers in charge of the airport’s security? That would be akin to making Starbucks in charge of the airport security, simply because they have a couple of franchises in the terminal. It doesn’t make much sense. This is also why it’s the airport that’s in charge of the security, and the airline expects the security to go without a hitch. The airport provides a service to the airline, and the airline provides a service to the passengers. Schneier needs to try and wrap his head around that one before setting out on a wild goose chase. Again.
This is also one of the reasons why the “magic” (see above) called a “market” works – the airline expects the airport to have security, so that it can provide a service to its customer – the passenger. If the airport can’t provide that service in a sensible manner, then, as in all other places, the customer will take its business elsewhere. Remember – the airline is the airport’s customer, and the passenger is the airline’s customer. It’s pretty neat, yeah? Also, saying that airlines don’t care about terrorism is a bit…how shall we put it… ignorant. The cost of terrorism to the individual airline on an annual basis is perhaps “small”, but is Schneier really unaware that avoiding terrorism is also in the best economical interest of the airlines?
I too want to rein in the TSA, but the only way to do that is to change the TSA’s mission. And the only way to do that is to change the government that gives the TSA its mission. We need to refuse to be terrorized, and we need to elect non-terrorized legislators.
But that’s a long way off. In the near term, I’d like to see legislation that forces the TSA, the DHS, and anyone working in counterterrorism, to justify their systems, procedures, and expenditures with cost-benefit analyses.
This is just narrow minded. Well, not just narrow minded – it’s also near-sighted. Schneier has a tendency to be categorical, and it’s usually his way or the highway, so to speak. That approach rarely solves anything, and in this case, he simply refuses to see the benefits of the proposed legislation. This will reign in the TSA. Why? Because of all the things we’ve already discussed. Schneier looks at markets as something “magical”, apparently, while a process where more and more airports kicking the TSA out in favor of cost effective and efficient private security will not only send a signal to the government – it will also send a signal to airports who choose to keep the federal agency in charge of security; people and passengers (and thereby business and money) will flock to airports that have superior, professional and private security companies installed.
Any political process takes time, but this is something that can be done almost right away, and with ripple effects that will not necessarily be slow.
Bruce Schneier is a self-proclaimed security guru who has been very outspoken on the topic of airport security, and his disdain of how it’s been done over the past decade or so. That is a good thing – if there are no critics, then there won’t be any improvement. However:
- Bruce Schneier is not certified in anything but IT security and cryptography. He is not a CPP, a PSP or any other kind of physical security certification. He is not a member of ASIS. He has not worked in airport security. He is not law enforcement. In short, please look up “self-proclaimed”. He claims to have coined the term “security theatre”, in the sense that it is security only for “show” without any real impact or effect. “Security theatre” has in fact been used as a term for years by security professionals. It is also known as a “deterrent”.
It seems that Schneier just wants to be negative about this – on one hand, he wants the TSA to change, he wants lawmakers to pressure the agency and the government, and he wants security to be sensible. On the other hand, he bashes whoever tries to do just that, as Rand Paul is doing right now. Schneier needs to keep in mind that Rome was neither built nor burnt in one day, and while changing the TSA, the regulations and methods is necessary, that will too take time. Rand Paul‘s proposed legislation is, however, a giant leap in the right direction.