Arnold Barnett, a leading expert on aviation safety and a professor at MIT Sloan School of Management, has applied statistical techniques to study the effectiveness of the security measures in place at U.S. airports. We spoke to him about the successes and failures of post-9/11 airline safety and the hidden dangers of teddy bears.
CSO: What did you find in your analysis of airline security?
Arnold Barnett: We can sometimes estimate the cost of a security measure, but it's harder to know the benefits. For example, airline agents used to ask those simple security questions at check-in--"Has anyone unknown to you asked you to carry an item? Has your luggage been out of your immediate control?" They stopped asking because they said a terrorist would never admit to those questions. But that doesn't mean they weren't useful. Last summer, a 9-year-old kid was given a teddy bear by a stranger at a hotel in the presence of his mother. When he walked through the security check, they found Teddy contained a loaded gun. Luckily it didn't contain plastic explosives, which they can't detect. If the boy's mother had been asked that question, she might have said, "You know, someone did give us something." If you believe time is money, then asking those questions isn't free. But the calculations I've done suggest the terrible price we would pay if a terrorism attempt was successful.
What is your view of the current state of airline security?
To say that terrorists could easily defeat (our security measures) is overly harsh. But security is far from impregnable. I saw a story that claimed that the lack of recent terrorist events is proof that the security works. Well, there hasn't been terrorism against seaports either, and there's lots of concern that the screening there is minimal. Secretary of Homeland Security Tom Ridge said that the recent flight cancellations involving planes from Europe probably prevented a terrorist attack. If that's true, that would be encouraging. But without evidence, I don't know if one can call the lack of terrorist attacks a success.
What about cargo security?
For a while after 9/11, they wouldn't allow heavy U.S. mail on passenger airplanes, but now they have resumed carrying mail greater than 1 pound, subject to canine detection. The detection rates are pretty good--dogs have an 80 percent chance of detecting an explosive. But when someone drops off a package weighing more than a pound at the post office, they don't have to show a photo ID. If there's an 80 percent chance a dog would catch an explosive inside a package, and a 20 percent chance it wouldn't, from the terrorist's point of view that's not so bad.
Will the TSA's Capps II program's use of personal and demographic data improve the overall level of security?
There are lots of reasons to suspect that Capps II may not be that successful. Suppose a thief stole my wallet and created a fake ID with my name, address, date of birth and his picture. As I understand it, this program doesn't know how to deal with that. Another problem is that a lot of people involved in terrorism don't match profiles. In Israel there was a bus bombing where the perp was a clergyman, the father of two young children. The Israelis openly admit that he didn't match any profiles. With Capps II, they want to use data mining to identify people based on past patterns. The TSA is saying they won't use ethnic profiling, or personal credit history or medical history, but the more information they throw out, the less effective it is.