Tuesday, February 08, 2005

No Fly On Us

"If you assume the No-Fly List serves an important purpose, the system as it presently operates contains a gaping, dangerous loophole that makes the list nearly useless."
(Andy Bowers, A Dangerous LoopHole. Slate, Feb 7th, 2005)

These so-called security measures have been widely criticized (for example by Bruce Schneier), and it is hard to believe that anyone in authority seriously believes they would actually stop an attack. According to the POSIWID principle, if we want to understand the true purpose of the security checks, we should look at what these checks actually achieve.
  • People spend longer in airports and spend more money in the retail outlets. The airport ecosystem becomes more profitable.
  • Fast-track procedures for business class travellers encourage more business class travel. Self-service procedures reduce airline costs. The airlines become more profitable.
  • People become accustomed to (and therefore more tolerant of) queues and delays. This allows for more flexible utilization of staff, aeroplanes and landing slots by airlines and airports.
See previous posts: Broken Suitcases and Feeble Security.

As Adam Shostak points out, while there are benefits to some players, the overall economic effect is to reduce efficiency. In other words, this is a negative-sum game - the costs to the many outweigh the benefits to the few. But that's a very common pattern of system dysfunction.

It turns out that this vulnerability has been known about for ages. I knew I'd seen a number of similar things in Bruce Schneier's newsletter, but I have now been reminded that Bruce mentioned this exact vulnerability in August 2003. Moreover, Adam Shostak claims to have seen a detailed presentation given to senior TSA managers last February. So what is really going on here? I think this just adds weight to the POSIWID argument.

updated Feb 14th, Feb 16th.

No comments: