Seven Years Later

As many of us reflect on 9/11, I wanted to share the story about how I came to TSA and what it meant to wear the TSA uniform. In September 2001, I lived in Fairfield, Ohio and was living the rock and roll dream as a musician. My wife was working third shift. When I got out of bed on 9/11, my wife was still sound asleep.

I went through my normal morning routine, making coffee and reading the news on the internet. I pulled up CNN and read a developing story about a plane that had just hit the World Trade Center. The first thing I thought of was the B-25 Bomber Plane that hit the Empire State Building in 1945. I was sure it had to be a similar type of accident.

I turned on the television and saw the World Trade Center tower on fire with giant plumes of smoke pouring out. Nobody quite knew what to make of it, but it was all too apparent what was going on after the second plane hit the south tower. America was under attack.

As I watched the news, my wife slept peacefully. I couldn’t bring myself to wake her. The world she knew when she went to bed that night would never be the same again.

It was hard for me to believe that I was feeling the same things as I had more than ten years earlier when the first Gulf War ground effort began. In 1991, I wore the uniform of a soldier of the United States Army while serving in the Persian Gulf with the 3rd Armored Division.

Thinking back, I remember wishing I was still in the Army so I could do something. In my college political science class, we talked about terrorism coming to America. I knew this was just the beginning and we’d get hit again eventually. So when I read about the formation of TSA, I was intrigued. I jumped at the chance to serve my country again. I proudly wore a new uniform, this time the one of at Transportation Security Officer, and serving again on the frontline to prevent another attack. Many other former military folks joined TSA along with me - today 25 percent of our frontline officers are veterans. Others also jumped at the chance to serve their country. I actually met people that took a pay cut to come work for TSA because the mission and the job meant that much.

The uniforms we wore weren’t the greatest, but we were proud to wear them. They identified us as frontline officers serving in the war against terrorism. Today, at airports around the country, passengers will see the new TSA uniform. I think the blue shirts look better, but most importantly, they better represent the dedication and professionalism of our officers. They also represent the evolution of our agency. The training, experience and nature of an officer's work today are far different than the job of a pre-9/11 "screener."

The uniform and badge are part of a series of changes at TSA, both cultural and operational. Soon, every person on the frontline, both officers and managers, will undergo two full days of revolutionary new training that will continue to change the focus from looking for bad things to looking for bad people. Security isn't better when officers follow a static checklist mentality - it's better when officers use their experience, judgment and training to assess the whole situation and look for the people with intent to do harm - people who might use common, everyday items like drinks or remote control toys converted into IEDs. That's why looking at behavior and other anomalies are so important.

Thinking back to 9/11 and when I joined TSA, I remember how people often said hello and even shook our hands. For the traveling public, it's been seven years without an attack in the U.S., and to many, the rules are now burdensome and our checkpoints are a necessary evil. For officers, it's one day at a time, with some days when you find a gun, a knife, hollowed out shoes, or items in bags that look like plastic explosives or an IED. Things that make the hair on the back of your neck stand up, your heart stop, because it's a threat until you can prove it's not one. It happens far more than you think, so when an officer asks to get a better look at you or your bag, know that it's because they want to make sure everything's okay.

Today, at airports around the country, officers on duty at 8:46 a.m. participated in a moment of silence to mark 9/11. The new uniform also carries a reminder of 9/11. If you look closely at the patch on an officer's left shoulder, you’ll see nine stars and eleven stripes behind the eagle. If you look at the eagle’s wing, you will see the Twin Towers. We think about it all the time so passengers can get safely to their destination. Our personal creed is “not on my watch.”

Bob

EoS Blog Team

An Update on Checkpoint Friendly Laptop Bags

It’s been almost a month since we launched our new laptop bag procedures. As expected, there have been a few folks (including my Dad) who thought they could just leave their laptops in any old bag with cables and gadgets galore. We expected some confusion and just like any new procedure we’ve rolled out, we’re hopeful that the majority of folks will get the hang of it pretty quick. We put together a video that might help some of you out.

Click here to see a video on new laptop bag procedures.

Here are a couple of laptop bag related stories I found on the web.

USA Today: Flyers Cheer Laptop Policy Change

Jet with Kids: Airport Security and Laptops – Reporting Back (Lessons Learned)

But enough of my yackin’ – I wanted to share what others who have tried the new process had to say. Please remember that TSA does not endorse any of these bags specifically, we’re just sharing the insights and experiences of the travelers.

ZD Net: The Mobile Gadgeteer

Laptop Mag: Checkpoint-Friendly Laptop Bag: It Works

PC World: Road Test: Checkpoint Friendly Laptop Bags

In case you missed it, check out our original blog post announcing the launch of the new laptop bag procedures.

Bob

EoS Blog Team

More on Passive Millimeter Wave Technology

Some folks are getting the wrong idea that the SPO-7 passive millimeter wave technology used at Denver and Minneapolis-St. Paul airports during the recent conventions is a mobile Millimeter Wave portal and can see through clothing. That’s not the case. These are two separate technologies that look for threats in different ways.

The Millimeter Wave portal - the booth you walk into at checkpoints in certain airports - penetrates garments and provides an image. The SPO-7, which uses passive millimeter wave technology to detect threats from a distance, produces an image, but it’s simply the type of image you would see on a video camera. Images are not stored.

The SPO-7 unit consists of two separate sensors and a monitoring location. By simultaneously comparing the illumination levels from two locations on an individual’s body, the SPO-7 detects potential threats such as suicide vests and other improvised explosive devices (IEDs) that are hidden under individuals’ clothing. On the screen, it produces a light, using a red-to-green scale, that suggests anomalies such as the presence of explosives. That's why the screen and the officer viewing the screen doesn't need to be in a remote location.

Security officers operating the SPO-7 will work closely with Behavior Detection Officers. The teams will be equipped with wireless headsets to communicate with each other about possible concerns. TSA also partners closely with local law enforcement who will respond if called.

Unlike the stationary (and large) millimeter wave portal, the SPO-7 is mobile and only requires a few hours of training for use. This comes in handy to provide an additional layer of security in specific areas, in both the aviation, mass transit and maritime environments.

In crowded public areas such as ferry terminals, mass transit stations and most recently, airports, the SPO-7 works without breaking passengers’ stride.

And lastly, to address safety and privacy concerns, the SPO-7 does not shoot X-rays or any other type of radiation at people. It merely measures energy that emanates from the human body. Signage is prominently displayed where the SPO-7 is used to notify the public. SPO-7 enables TSA to add an unpredictable security measure without adding inconvenience to passengers.

The SPO-7 pilots will continue at the Denver and Minneapolis-St. Paul airports for 60-90 days.

So, the two key things you should take away from this post are:

The SPO-7 cannot see through your clothing.

The SPO-7 does not project X-rays or any other types of radiation.

Here are some screen shots of what the operator sees:





Bob

TSA EoS Blog Team

New Security Technologies Make Airport Debut

Blogging has been light this week, with some on the team out for end-of-summer vacations and Bob's out taking care of his new baby.

So this week, as one political convention comes to a close and another is about to start, we wanted to highlight a story on our website about two new technologies that have been deployed in the two convention city airports. Those traveling through Denver and Minneapolis-St. Paul might see these explosives and threat detection technologies that have previously been used in other modes of transportation and can be flexibly deployed to airports.

The technologies are passive millimeter wave, a mobile technology which has been used in maritime and mass transit to detect the characteristics of explosives hidden on the body. It is completely safe, non-invasive and does not store information. A hand-held spectrometer can penetrate sealed containers in seconds and identify a wide range of solid and liquid explosives using laser technology.

To learn about other ways TSA and other Department of Homeland Security components are working to keep convention travel and sites safe, check this out.

We'll get back into the regular swing of things next week, and we hope all of our readers enjoy a safe and fun Labor Day weekend.

Lynn
EoS Blog Team

Information on the Chicago Aircraft Inspections

There have been some questions on our blog and elsewhere about the Chicago aircraft inspections.

Also, I've noticed some confusion out there, so please note that this involved a Transportation Security Inspector, (TSI) not a Transportation Security Officer. (TSO)

Here's what we posted on our website.

On August 19 a Transportation Security Inspector (TSI) was conducting a routine compliance inspection on aircraft parked on the airfield at Chicago’s O’Hare Airport (ORD). The TSI inspected nine American Eagle aircraft to look for and test, among other things, access vulnerabilities or areas were someone with ill intent could gain access to the aircraft.

Aircraft operators are required to secure each aircraft when left unattended. The TSIs are encouraged to look for and follow through on vulnerabilities. During the inspection process at ORD the Inspector used a Total Air Temperature (TAT) probe – a probe that protrudes from the side of the aircraft that is used to measure outside air temperature – to pull himself up while investigating possible access vulnerabilities with the unattended aircraft.

The Inspector was following through on regulatory inspection activity. The Inspector was able to gain access to the interior of seven of the nine aircraft inspected, which is an apparent violation of the airline’s security program. TSA is reviewing the inspection results and depending on the conclusion, could take action with the airline, up to and including levying of civil penalties.

While the inspection process is a vital layer of aviation security, it is not TSA’s intent to cause delays or potential damage to aircraft as a result of our inspections. TSA took immediate steps to re-enforce education about sensitive equipment located on the exterior of a plane.

---

Facts:

• TSA has 1,465 Transportation Security Inspectors at almost 150 airports that can cover all modes of transportation.
  
  
  • 535 in air cargo (including 85 dedicated canine teams)
  • 755 in aviation
  • 175 in surface transportation modes)

TSIs undergo a 4-week basic training course that consists of security regulations overview, inspection procedures, and safety briefings. TSIs are also trained through a formal on-the-job training program and periodic formal recurrent training. Additionally, Inspectors receive local safety training at each airport when they receive their airport identification.

Bob
EoS Blog Team

Covert Testing Results Critical to Security

Recently, the Government Accountability Office (GAO) released a report on TSA’s covert testing program. We’ve written about the report and posted it on our website. Some media and blogs have covered the report and created some misperceptions along the way –headlines like: “TSA Doesn’t Look Into Airport Security Screener Failures don’t help. So we wanted to talk a bit about the covert testing process at TSA.

TSA undergoes covert testing by three entities: The GAO, the DHS Inspector General and TSA’s own Office of Inspection. The recent GAO report focused on TSA’s covert testing procedures. During the course of the year long GAO review, the auditors examined all TSA covert test reports and recommendations, and had access to new policy or Standard Operating Procedure changes derived from the covert test recommendations. Many of the changes are in place today to further enhance the safety and security of the traveling public.

The report validated TSA’s covert testing program and included some recommendations. The recommendation that is causing confusion deals with the way TSA records test failures.

GAO recommended that TSA include a line item in our database for "failures." One would assume “failure” means someone missed an IED, but in fact the failure could be in how a rule is applied, how a technology functions in a specific airport, or how a procedure requires follow-up on an alarm. Because of the vast amount of qualitative information recorded by testers, they write more detailed explanations of failures in a written report instead of a line item in a database. We did, however, concur with the GAO recommendation and have now added a category to the data base on failures in addition to the more detailed reports we’ll continue to do.

The specific misperception we wanted to clear up is what we do with the test results. In some of the blog coverage I’ve seen, including the link mentioned above, some think we don’t do anything with the test results, which is far from the truth. These results are critical to closing security gaps in individual airports and throughout the entire aviation system. As soon as a covert test is completed in an airport, the findings are shared with the TSA leadership there, noting areas for improvement, whether it be in the application of Standard Operating Procedures, use of technology or other areas. The testers also meet with Transportation Security Officers after the testing is completed to show them where mistakes were made and offer suggestions to immediately close any security gap.

After the airport staff is briefed, the testers conduct a briefing to TSA senior staff to show them the failures and recommendations. Information is shared with the Office of Security Operations, which oversees TSA operations at airports nationwide. This gives headquarters an opportunity to look at results at one airport to see if there are implications for the whole aviation network. As needed, Standard Operating Procedures and training could be changed, technology is tweaked, and processes can be changed at the national level based on covert tests.

Bottom line: we take these results – and the results of GAO and the DHS Inspector General - very seriously and TSA constantly uses them to improve security.

Lynn,

EoS Blog Team

Keep Your Lap Top IN if you have a “Checkpoint Friendly” Bag

James Brown once sang Papa's Got a Brand New Bag. Well, it may be a different kind of bag than what the Godfather was singing about, but now everybody can feel better than James Brown and keep their laptop in their “checkpoint friendly” bag as long it meets certain criteria. You may already own a “checkpoint friendly” bag and not even know it.

Tomorrow (8/16) is the day that new laptop procedures roll out nationwide.

For all of you Debbie Downers out there, we realize that purchasing or owning one of these bags isn’t your free ticket to never have your laptop searched again. However, there is a darned good chance that your laptop won’t be searched. To put it in perspective, how many times has your laptop been searched when it’s been out of the bag? It’s pretty rare.

Just think of it this way, as long as there is nothing in your bag besides the laptop, you’re good to go. But, please remember that our Officers are trained to look for anomalies and if something looks odd or out of place, they will search your laptop. Next time you go through security, look around and see how many laptops are undergoing secondary screening. It’s rare.

Now I know what you’re thinking. You’re a road warrior and you’ve got all sorts of cables, adapters, gadgets and gizmos. You’re probably wondering where you’re going to put all of that stuff. Have no fear, several manufacturers have been hard at work designing bags that meet “checkpoint friendly” criteria. Just Google “checkpoint friendly laptop bags” and you’ll have a wide variety to choose from. Just remember, the TSA does not endorse any of these bags and you’ll need to be aware of our criteria to ensure you buy the right type of bag. These are some examples of bags that meet our criteria.

This new procedure will make things a little easier for our travelers while lessening the amount of preparation and recomposure time. Hopefully this will reduce your hassle factor at the checkpoint and make for happier passengers and happy passengers make the bad guys stand out.

Happy traveling and we hope to hear from you here about your experiences with the new procedures.

Blogger Bob

EoS Blog Team

You won’t be put on a TSA “List” if you forget Your ID

“Lack of ID put fliers on TSA list.”

This USA Today story perpetuates exactly the type of misperceptions that damage the credibility of a system designed to protect the traveling public in a post 9/11 world. The paper was careful not to be inaccurate but omitted information we provided that would have given a more balanced perspective.

An August 13 USA Today article overstated the Transportation Security Administration’s interest in passengers who come to airport checkpoints without identification but cooperate in establishing their identity. The story gives the public the impression they might be put on a “list” if they forget their ID. That is false.

Passengers whose identity is confirmed will not be added to any watch list or face additional scrutiny during future checkpoint visits.

When it comes to security, identity matters. Positively identifying passengers is a critical tool in TSA’s multi-layered approach to security and one that has been bolstered significantly during the past 18 months. On June 21 enhanced identification requirements went into effect and passengers now have to be positively identified before proceeding past the checkpoint. This makes sense because our law enforcement and intelligence partners go to great lengths to identify people planning attacks on aircraft. It is our obligation to stop them once they have been identified.

Since the new requirements went into effect, 16,434 people nationwide have come to the checkpoint without identification for a variety of reasons. The identity of these individuals was successfully resolved in all but 558 instances. This was during a period of time that 92 million people flew in the United States.

TSA collects real-time information from airports across the country so that our operation center can look for patterns and data points of significant security value. The information is only shared with other law enforcement partners on a need-to-know basis. The ability to "connect the dots" on emerging situations can not be underestimated. In the post 9/11 world, such analysis is so fundamental to protecting the American public that it was a recommendation of the 9/11 Commission.

Because our mission requires this capability, we do collect information about individuals who present false identification or misrepresent themselves to get in an airplane.

Christopher
TSA EoS Blog Team

Furthering the Dialogue on IDs

This post is from TSA's Chief Counsel Francine Kerner. It was originally intended to be a response in the comments section to answer some ID questions, but we thought it deserved its own post. Thanks to Francine for taking the time to provide this well thought out and very informative response.

I would like to share my perspective of this issue and my legal analysis. From my perspective, in considering these matters, we need to go back to first principles: what security goals are we trying to achieve? One goal is to ensure that bad things are kept out of the sterile area. Another goal is to ensure that known or suspected terrorists are kept out of the secure areas of the airport and off airplanes. We simply do not want to provide a terrorist with access to the aviation transportation system to plan, plot or carry out criminal acts.

To achieve the first goal, keeping out bad things, we perform a physical examination of passengers, employees and other individual who enter the secure areas of the airport. We also perform a physical examination of their property. Sometimes these security measures take place at the checkpoint. Sometimes they take place at other entrances to the airport.

To achieve the second goal, prohibiting entry by known or suspected terrorists (regardless of what they are carrying), we perform or cause others to perform an identity check against government databases. Identity vetting of airport or airline employees is a rigorous process that is based on a collection of fingerprints, a criminal history records check, and a security threat assessment.

Of obvious necessity, identity vetting of passengers is handled differently. I think of it as a two-step process, a responsibility shared between the air carriers and TSA. The air carriers compare a passenger's name to government watch-lists, while TSA ensures that the name provided to a carrier, as reflected on the boarding pass, matches the ID that the passenger is carrying.

It is instructive to note that before September 11, under government directive, air carriers were required to check a passenger's name against government watch-lists and confirm a passenger's identity by examining specified forms of identification.

Over the last year or more, TSA has taken over the identity verification process, stationing TSOs before the checkpoint to perform this function. More recently, TSA has determined that passengers who fail to show ID must otherwise assist in confirming their identity before being permitted sterile area entry. All of these steps have been taken to improve aviation security. Real ID and Secure Flight are other government programs that will continue to strengthen the identity vetting process.

As Chief Counsel, I firmly believe that TSA's ID requirements are warranted from a security perspective and entirely legal. Under a TSA regulatory provision, 49 C.F.R. § 1540.105(a)(2), a person may not enter the sterile area “without complying with the systems, measures, or procedures” applied to control access to the restricted area in question. Verifying the identity of passengers who access the sterile area falls within this rubric and is, in fact, part of TSA’s screening process. It is true that an earlier regulatory provision, 49 C.F.R. § 1540.5, which sets forth definitions, states that access to the sterile area is “generally” controlled through the “screening” of persons and property and that “screening function means the inspection of individuals and property for weapons, explosives, and incendiaries.” The definition of “screening function,” which focuses on physical inspection—the most intrusive form of screening—cannot be read to limit the Administrator’s broad expanse of authority under the operative language of section 1540.105(a)(2) to establish “systems, measures or procedures” governing sterile area access, including an ID screening process. Certainly, the common definition of screening encompasses methods other than physical intrusion. One definition of screening listed by Google reads as follows: “Is the person on a watch-list? Biometric information can be used to determine if a person is cleared to be in a restricted area, or if the person is on a watch list (eg the FBI Most Wanted list).” Similarly, under section 1602(a)(5) of the 9/11 Implementation Act, H.R. 1, the definition of cargo “screening” includes methods other than physical inspection. Given the Administrator’s fundamental statutory responsibility pursuant to 49 U.S.C. § 44901 to secure the aviation transportation system, a unduly narrow construction of § 1540.105(a)(5) cannot be justified.

I hope my response furthers the dialogue on these important issues. Thank you again for raising your concerns.

Francine Kerner
EoS Blog Contributor

Encryption Is the Issue In Case of Missing Laptop

The Transportation Security Administration (TSA) continues to investigate the circumstances surrounding the loss of a Clear®- owned laptop computer on July 26 that contained unencrypted data of approximately 33,000 customers. TSA has verified that a laptop was discovered by Clear® officials yesterday at San Francisco International Airport (SFO). It was voluntarily surrendered to TSA officials for forensic examination.

TSA’s regulatory role in this matter is as follows: Every commercial airport is required to have an approved airport security plan. So Registered Traveler is part of that comprehensive plan at the airports where it operates. Under the airport security plan, the sponsoring entity, (SFO in this case) is required to assure its vendors have an approved information security program. Because the computer at SFO was not encrypted it is in violation of the airport’s security plan.

TSA also has the ability to go directly to vendors when the plan is not being adhered to so TSA is conducting a broad review of all Registered Traveler providers’ information systems and data security processes to ensure compliance with security regulations.

Clear® needs to meet the information security requirements that they agreed to as part of the Register Traveler program before their enrollment privileges will be reinstated. Encryption is the wider issue as opposed to one incident with one laptop. So for now, Clear® enrollments remain curtailed.

Current customers will not experience any disruption when using Registered Traveler.

Eos Blog Team