The TSA is trying to resurrect a terrible program that been deservedly thwarted since its post-9/11 conception. It was CAPPS, then CAPPS II, then Secure Flight. Under all those guises, the goal was the aggregate any and all commercially available datasets into a behemoth database and then generate unique ‘aviation risk profiles’ for any airline passenger.
The TSA couldn’t find a cello in a phone booth, let alone a real terrorist. More passenger profiling won’t help. Quite the opposite, too much data for the purpose at hand is a grave privacy threat and creates so much noise you’ll never find the signal…or even know if there is one.
(By the way, when I say ‘real terrorist’, I mean someone possessing the will and the capacity to carry out an attack with the same level of devastation we saw on September 11, 2001. Yes, the death of even one innocent is a tragedy, but we need to be at least a little utilitarian; we are after all, weighing the civil liberties of a nation. It’s also vital that we don’t define acts of violence where terrorism was never part of the motive from actual acts of terror. In policy, getting the definitions right matters. As for malcontents who spew venom but have no ability to do more, let them babble away on their unread blogs.)
Ah, but, bad ideas, like bad food, always comes back on you. TSA is taking another whack at a horse that really deserves to be left for dead. The ACLU reports on that. But have thoughts of my own on why it’s a terrible idea.
1. Datasets are inevitably used for purposes beyond their original scope. The sprawling collection of datapoints the TSA wants would be no exception. Privately held data sets are so prized by the state because, for one reason, the 1974 Privacy Act, to which Washington still pays lip service, limits the extent and purpose of government agencies when sharing their own private data about citizens with one another. Sadly, in 1974 no one thought to add a line or two banning the feds from expropriating private data for dubious purposes. Obviously, TSA wants to take the easy route. You know who suffers when the state tries to take shortcuts? We do.
2. Datasets, even good ones, are purpose built. They adapt poorly, if at all, to applications outside a narrow scope. Credit ratings are good if you want a loan, but what do they really say about your work skills, let alone the odds you’ll blow up a building on your next business trip? Prior academic performance is very telling in choosing who has what it takes to thrive in a doctoral program, but can’t peg how safe a driver someone is or whether he’d intentionally drive his car into a petrol tank. I know this isn’t an absolute statement; sophisticated analysis can use one dataset make accurate predictions about our behavior in a wholly unrelated area. This has led to a real need to think about how we administer data privacy as developments in statistics are teaching us much more can be revealed about our most intimate habits from seemingly benign data than we had once thought. But this is in the realm of subtle and advanced ability that far outstrips the TSA and is, anyway, something that happens when you’re searching for a trait far more common than being a genuine terrorist mastermind. I say more about that below. Anyway, while we’re at it, a lot of big private databases the TSA wants so badly are notoriously full of errors and slow to be corrected.
3. TSA employees are in a paradoxical situation. They promise to do the impossible – identify all threats to the U.S., keep them from moving into or within our borders, and prevent all terrorism. This is like a new father swearing his child will never have a skinned knee. It’s a fine goal. And there is no way in heaven or on earth it will every happen. You cannot forbid tragedy. Anyone who has flown since the fall of 2002 knows full well that the TSA are not of the caliber to deliver anything near perfect security. Nobody is capable of delivering perfection, but some are much further away than others. Giving more resources to people who have demonstrated ineptitude wastes time and money, creates a pantomime of ‘doing something’, and never addresses the underlying problems. In this case, that refers to the twin problems of formulating a real national security policy for the threats we do face and of getting a handle on our rapidly growing surveillance state.
4. A closely related paradox goes like this: if a terrorist has formulated a plan, recruited a team, gotten access to materials and information, trained, bought airplane tickets, and made it to the airport on the day of her flight….she’s going to carry out her attack. To suppose that someone could do all that without alerting any of the intelligence agencies and without setting off any alarms, yet be identified and thwarted by a glorified mall cop is preposterous. The only people who could seriously believe such a scenario are TSA employees with delusions of adequacy. At its root, our current security policy takes as an implicit assumption that bad actors don’t evolve or learn. Widespread profiling of airline passengers will only ensure that any real terrorist has a strong incentive to game the system.
5. Secrecy is bad for civil rights and for efficiency. If this program comes into widespread adoption, the algorithm by which the TSA does and does not approve people to fly will almost certainly be withheld, as will all the precise details about the dataset feeding into it. Many eyes, goes the saying, make all bugs shallow. With few people getting eyes on the data and the algorithm, our freedom to travel in our our land will be at the mercy of something about as well developed as a middle school science project. Among the few people who will get to see the data and the algorithm will be the private contractors tasked with running the system. DHS/TSA will then use that very fact to deny FOIA requests. They won’t really have the data; a private entity will. And FOIA can’t compel private entities to turn over data. I’m not being paranoid here. The government is already very adept at playing that game.
6. Being bound by the output of an algorithm no one gets to see or test makes it impossible to know if the algorithm is working or when it’s been abused. The TSA already has an algorithm they use to pull passengers aside for ‘enhanced screening’. They are accusations of every type of discrimination you can imagine. The TSA has been accused of picking on foreign nationals and on naturalized Americans who retain the accents of their homelands. They’ve been accused of racial and ethnic profiling – based on either genuine racism or on stupid notions about what will please their supervisors. People allege, with good reason, that they clothes – t-shirts with anti-government slogans or religious vestments – marked them out. A parade of women charged they were deemed threats and felt up in the name of security when something far baser was going on. People get pulled aside for ‘looking Muslim’, something especially grotesque when you realize the average TSO couldn’t tell a Muslim from a Sikh to save his life. There are charges that homophobic TSOs pick on people they identify as gay to humiliate them with enhanced screenings. The elderly, the handicapped, and the retarded have all been targets. There are charges that people who look poor get picked on because, really, what will the likes of them do about it. And there are charges that people are look affluent get picked on, because when else would someone working for the TSA ever be the dominant figure in that encounter. And, of course, there are charges that the TSA makes things especially rough for anyone who, in any way, fails to be totally obsequious to the TSA.
It’s a good thing all that profiling isn’t necessary because the TSA is certainly not choosing to focus on likely threats. The point, through, is that we all know the system is being abused. TSOs are humans. They come with human flaws and frailties and shortcomings, chief among those the willingness to abuse power for their own ego. But the TSA always assures us their frontline workers obey the rules and follow the algorithm. And we can’t say absolutely they aren’t because we aren’t allowed to test the algorithm. You say you were patted down as punishment for not stoking the TSO’s ego, or because he thought you were hot, or because he doesn’t like non-whites? Yeah, can you prove it? When you aren’t allowed to know what the rules are, you have no grounds to prove the rules were broken or to seek redress.
7. It’s yet another move by the state to condition us to accept massive intrusions on our privacy to do the simplest things. Even if we give the TSA the benefit of the doubt and presume they don’t mean to make us into automatons, that will be the end state.
8. Even if it’s voluntary it won’t really be voluntary. The closest thing the TSA currently has is the Pre-Check program, in which anyone willing to cough up money and personal data may submit to an opaque process by which the TSA may or may not approve you to use expedited security lines. We are not allowed to know what the criteria are. A more widespread program, even if billed as a ‘voluntary’ thing, wouldn’t be. Our government likes to evade serious discussion on privacy violations by telling us we can always choose to abstain from whatever is the context of the latest surveilling. Don’t like warrantless wiretaps? Fine, don’t have a phone. Don’t want the state to know your credit? Then don’t ever get credit card or apply for a loan. Don’t like patdowns? Well, no one is making you fly. The truth, though, is that certain things are vital for anyone wanting to participate in American society in 2013. A government telling us to live as hermits if we want privacy is a profoundly unserious entity. Even then, those who do go largely off the grid come under suspicion precisely because they aren’t participating in all the monitored ways of our modern life. If you don’t have a credit card, a cell phone, and a FaceBook account, the state probably already thinks you’re a terrorist. Speaking of that…
9. Our government’s ideas about what is indicative of terrorist intentions are baffling. According to DHS, merely wanting to protect your privacy is a red flag. The least anti-government sensibility means the NSA likely has a dossier on you, already. These are people who have decided things like frequently moving or having poor credit make a man worthy of suspicion. But rootlessness and poor financial skills, along with lots of other idiotic ‘predictors’, are very slight causes indeed for judging someone to be a real threat to the nation’s very security. Some people choose very private lives or don’t quite fit in. And some people prefer chunky peanut butter to smooth. Whatever conclusions we might draw about a man from the accumulated data of his electronic life, is-he-or-isn’t-he-about-to-kill-us-all is not one of them.
10. This is because neither the TSA nor anyone else really know what to look for. Sure, part of it is that they’re largely fools. Part of it is also that the government definition of ‘terrorist’ is an amorphous concept used to label political enemies more than to describe those who represent genuine threats to peace and safety. But they are trying to build predictive pattern analysis to look for an event so rare there can be no pattern, certainly not a predictive one. We have known, as a country, in the modern age, two major terrorist attacks on our own soil; one caused by foreign nationals (9/11) and one by homegrown loons (Oklahoma City). Thus, the government is deciding what to look for from a set of two events with less than two dozen actors in toto. That’s a dataset without enough points to run even the most basic tests. You can learn nothing from it.
And yet, from a dataset too small to tell us anything, the TSA wants to use another dataset too contaminated to be useful to look for a result so rare it may not exist at all. The TSA falsely assumes there are terrorists and plots ’round every corner and looks frantically for what just isn’t there. To go looking for something as rare as another Mohammad Atta means that the smallest possible false positive rate will still result in tens of thousands of innocent people being harassed, detained, and deprived of the right to move about their own land. Looking at the false positive rates TSA actually has gotten on projects they’ve already rolled out, we’d really be looking at millions of wrongly punished individuals and airport security wait times that would make today’s two hours lines look easy. A program predicated on speeding up pre-flight security would achieve the exact opposite.
11. The desperation to justify the expense and civil liberties violation of something like this will cause the TSA to ‘define terrorism down’ making more and more behavior grounds for being banned from flying, being arrested, and being monitored. The least problem with that is that the output of the algorithm will be contaminated past the ability to draw anything reliable or accurate from it.
12. This is more Security Theater. Even suggesting such a plan smacks of a ploy to make us think our government is hard at work securing us, but the reality is that it’s diverting resources from things that do enhance real security against genuine threats will wrongly placating the public that we have got our bases covered.
13. Not that it matters too much in terms of how far this plan will go. DHS, TSA, and their ilk know, at least at the top levels, that they are playing a game to get power and money while controlling people. Our counterterrorism policy is all about preparing to re-fight yesterday’s battles. The one thing we can be sure no terrorist will try again is hijacking planes and steering them into skyscrapers. But we have wasted billions and are legally committed to wasting trillions more on ‘preventing’ just that. In terms of tactical and economic sense, it’s as daft as enforcing blackouts on the Eastern Seaboard to thwart Nazi U-Boats in 2013. Even perfect policies are only perfect for the narrow context in which they were developed. Our national security policy is far from perfect. It’s context is a manipulative political fantasyland.
Praise for PPC From Our Lefty "Fan"
- "Zany-ass bombast-entertainment...Hackneyed weirdo communist pseudo-nostalgia" --Alan Franklin, ProgressNow
- PPC Training for Activists
UPDATE: Something apparently got messed up with the PayPal buttons during this past weekend’s database glitch – fixed now. Yes, it’s that time again — PPC will be conducting training classes for center-right activists on Saturday, April 20 and Saturday, April 27, at Independence Institute in Denver. The tentative class schedule is as follows: Saturday, [...]
- Holder’s First Letter to Paul Precipitates the Best Filibuster Ever
- The Lamest Twitter Argument Ever Offered?
- Return of the PPC Re-Education Camps – You Know You Want to Be There
- Supreme Courts Blesses Warrantless Surveillance of Citizens in a Kafkaesque Farce
- GOP Elite and the Ruling Class
- Do We Now Get to Call Joe Salazar a “Rapist”?