Posts

TSA Security Still Not Secure But Maybe We Can Keep Our Shoes on Soon

The Senate Appropriations Committee is holding a hearing to discuss results of a still secret IG audit of TSA screening, featuring testimony from both TSA Administrator Peter Neffenger (who was only confirmed in July) and DHS’s IG, John Roth.

While neither will explain the results of the audit, Roth’s testimony makes it clear the audit did not turn out very well.

Our testing was designed to test checkpoint operations in real world conditions. They were not designed to test specific, discrete segments of checkpoint operations, but rather the system as a whole. The failures included failures in the technology, in TSA procedures, and in human error. We found layers of security simply missing.

Neffenger’s testimony provided more details which make it clear TSA had been emphasizing screening speed over security, especially as passenger volume and the incentive to carry on luggage has gone up.

The team’s initial conclusion is that the screening effectiveness challenges noted by the Inspector General were not merely a performance problem to be solved solely by retraining our officers. Officer performance is but one among many of the challenges. TSA frontline officers have repeatedly demonstrated during their annual proficiency evaluations that they have the knowledge and the skill to perform the screening mission well. Nor was this principally a failure of the AIT technology. These systems have greatly enhanced TSA’s ability to detect and disrupt new and evolving threats to aviation. AIT technology continues to perform to specification standards when maintained and employed properly, and we continue to improve its detection capabilities.

The challenge can be succinctly described as a set of multi-dimensional factors that have influenced the conduct of screening operations, creating a disproportionate focus on efficiency and speed in screening operations rather than security effectiveness. These challenges range across six dimensions: leadership, technology, workforce performance, the environment, operating procedures, and system design. Of these six, strong drivers include leadership focus, environmental influences, and system design.

Pressures driven by increasing passenger volume, an increase in checkpoint screening of baggage due to fees charged for checked bags as well as inconsistent or limited enforcement of size requirements for hand-carried bags and the one bag plus one personal item (1+1) standard1 create a stressed screening environment at airport checkpoints. The challenges also include the range of complex procedures that we ask our officers to employ, resulting in cognitive overload and personnel not properly employing the technology or a specific procedure. The limitations of the technology, the systems detection standards, TSA officers’ lack of training on equipment limitations, and procedures that failed to resolve the alarms appropriately all undermined our ability to effectively screen, as noted by the Inspector General’s report.

There’s a lot in both that addresses leadership (and Roth’s testimony makes it clear he kept raising the alarm under former TSA Administrator John Pistole), so hopefully Neffenger will do better at this.

The great news is Neffenger is looking at technology that will both work more efficiently without sacrificing security. Of particular note, he says there is a way to scan for shoe explosives without forcing us to take our damn shoes off.

So maybe we’ll move away from security theater in upcoming months and years?

Michael Hayden, Privacy and Counterterrorism Frugality Champion

Of 1,423 words in an article questioning whether deficit hawkery might cut the domestic spying budget, Scott Shane devotes over a sixth–roughly 260–describing what former NSA and CIA Director Michael Hayden thinks about the balances between funding and security.

Remarkably, none of those 260 words disclose that Hayden works for Michael Chertoff’s consulting group, which profits off of big domestic spying. This, in an article that cites Chertoff’s electronic border fence among the expensive counterterrorism duds that were subsequently shut down (Shane mentions “puffer” machines as well, but not the Rapiscan machines that Chertoff’s group lobbied for, which are now being withdrawn as well).

And then there’s a passage of Shane’s article that touches on topics in which Hayden’s own past actions deserve disclosure.

Like other intelligence officials after 2001, Mr. Hayden was whipsawed by public wrath: first, for failing to prevent the Sept. 11 attacks, and then, a few years later, for having permitted the National Security Agency to eavesdrop on terrorism suspects in the United States without court approval.

Perhaps, as a result, he often says that the American people need to instruct the government on where to draw the line. He told an audience at the University of Michigan last month, for instance, that while a plot on the scale of the Sept. 11 attacks was highly unlikely, smaller terrorist strikes, like the shootings by an Army psychiatrist at Fort Hood in Texas in 2009, could not always be stopped.

“I can actually work to make this less likely than it is today,” Mr. Hayden said. “But the question I have for you is: What of your privacy, what of your convenience, what of your commerce do you want to give up?”

To be fair, Shane counters Hayden’s claims by noting that “secrecy … makes it tough for any citizen to assess counterterrorism programs.”

But he doesn’t mention one of the biggest examples where Hayden–where anyone–chose both the most expensive and most privacy invasive technology: the wiretap program Hayden outsourced to SAIC rather than use in-house solutions.

As Thomas Drake has made clear, by outsourcing to SAIC, Hayden spent 300 times as much as he would have with the in-house solution.

One of them was Lieutenant General Michael Hayden, the head of the agency: he wanted to transform the agency and launched a massive modernization program, code named: “Trailblazer.” It was supposed to do what Thin Thread did, and more.

Trailblazer would be the NSA’s biggest project. Hayden’s philosophy was to let private industry do the job. Enormous deals were signed with defense contractors. [Bill] Binney’s Thin Thread program cost $3 million; Trailblazer would run more than $1 billion and take years to develop.

“Do you have any idea why General Hayden decided to go with Trailblazer as opposed to Thin Thread, which already existed?” Pelley asked.

[snip]

Asked to elaborate, Drake said, “Careers are built on projects and programs. The bigger, the better their career.” [my emphasis]

Along the way, Hayden repeatedly blew off Congressional staffer Diane Roark’s inquiries about privacy protection.

When Binney heard the rumors, he was convinced that the new domestic-surveillance program employed components of ThinThread: a bastardized version, stripped of privacy controls. “It was my brainchild,” he said. “But they removed the protections, the anonymization process. When you remove that, you can target anyone.” He said that although he was not “read in” to the new secret surveillance program, “my people were brought in, and they told me, ‘Can you believe they’re doing this? They’re getting billing records on U.S. citizens! They’re putting pen registers’ ”—logs of dialled phone numbers—“ ‘on everyone in the country!’ ”

[snip]

[Former HPSCI staffer Diane Roark] asked Hayden why the N.S.A. had chosen not to include privacy protections for Americans. She says that he “kept not answering. Finally, he mumbled, and looked down, and said, ‘We didn’t need them. We had the power.’ He didn’t even look me in the eye. I was flabbergasted.” She asked him directly if the government was getting warrants for domestic surveillance, and he admitted that it was not. [my emphasis]

So it’s not just disclosure of all the ways Hayden has and does profit off of continued bloated domestic surveillance that Shane owes his readers: he also should refute Hayden’s claims about the relationship between cost, privacy, and efficacy.

Michael Hayden’s SAIC-NSA boondoggle is one case where secrecy no longer hides how much money was wasted for unnecessary privacy violations.

Yet somehow, that spectacular example of the unnecessary waste in domestic spying doesn’t make it into the 260 words granted to Hayden to argue we need continued inflated spending.

Racial Profiling Is Wrong, Sometimes

The NYT has a long article revealing that TSA officers in Boston were profiling people of color as part of its behavior detection program.

In interviews and internal complaints, officers from the Transportation Security Administration’s “behavior detection” program at Logan International Airport in Boston asserted that passengers who fit certain profiles — Hispanics traveling to Miami, for instance, or blacks wearing baseball caps backward — are much more likely to be stopped, searched and questioned for “suspicious” behavior.

“They just pull aside anyone who they don’t like the way they look — if they are black and have expensive clothes or jewelry, or if they are Hispanic,” said one white officer, who along with four others spoke with The New York Times on the condition of anonymity.

It’s an important article that deserves attention, particularly given the White House’s practice of refusing to let citizens use the White House’s own accountability mechanisms to complain about the TSA, as happened Friday when it took down its petition process just before the petition attained the signatures that would have elicited a White House response.

But the article dissolves into hilarity around about paragraphs 35 and 36, when the article quotes a noted civil libertarian assailing racial profiling.

Representative Peter T. King, a New York Republican who has pushed for more aggressive counterterrorism measures, said he was troubled by the reports of profiling in Boston.

“If it is going on, it is wrong and can’t be defended,” Mr. King said.

Peter King?!?! The NYT quotes Peter King worrying about racial profiling without noting that with King’s rabid support the NYPD has turned the Gray Lady’s own city in to the poster child for illegal racial profiling? Without noting that King has turned the House Homeland Security Committee into an instrument of racial profiling? C’mon, NYT, you can’t be unaware that these comments, from King, are not credible!

Or maybe they are. After all, since Wade Page’s attack on a Sikh temple brought increased focus on the threat represented by white supremacists, King has faced calls to hold hearings on the radicalization of white people, just like he held a never-ending series of hearings on the radicalization of Muslims. Maybe King has thought about how inappropriate it would be to suggest all white people–or even all white supremacists–might be terrorists. Maybe King has developed a new found hatred of racial profiling now that there’s good reason white people might be targeted.

But you’d think the NYT would want to explain why a local Congressman’s statements conflict so dramatically with his past actions.

The Terrorist Watchlist: One Watchlist Among a Collection of Databases and Watchlists

Timothy Healy, the Director of the FBI’s Terrorist Screening Center, has a telling comment at the end of Charlie Savage’s story on documents revealing new details about the terrorist watch list.

But Mr. Healy said the government could not reveal who was on the list, or why, because that would risk revealing intelligence sources. He also defended the idea of the watch list, saying the government would be blamed if, after a terrorist attack, it turned out the perpetrator had attracted the suspicions of one agency but it had not warned other agencies to scrutinize the person.

Mr. Healy also suggested that fears of the watch list were exaggerated, in part because there are many other reasons that people are subjected to extra screening at airports. He said more than 200,000 people have complained to the Department of Homeland Security about their belief that they were wrongly on the list, but fewer than 1 percent of them were actually on it.

It’s a neat boast–that just 1 percent of the people who have reason to believe the government has them in a big database turn out to be in the database (the terrorist watch list, formally the Terrorist Screening Database or TSDB) at issue.

But given that the documents reveal an interlocking set of multiple databases, that ought to be little comfort. The Known and Suspected Terrorist list was, somewhat disturbingly, actually the Violent Gang and Terrorist Organization File until August 2009 (see PDF 17), suggesting that the Bush Administration kept all scary brown people together in one database, but also making clear that there is now a Gang File that is very similar to the KST file. The TSDB is separate from the No Fly and Selectee lists; hypothetically the latter two lists are a subset of the former (people from the TSDB have to be submitted and approved to be put on the TSA lists), but it is not absolutely clear that is the case for the less stringent Selectee list (PDF 100 makes it clear the No Fly list is). There are the Consular Lookout and Support System and the Interagency Border Inspection System; while inclusion in the TSDB should automatically include someone in these databases, it is not clear that these databases only include those in the TSDB (PDF 55 and 59 suggest they were in 2004, though it’s not clear that that is still the case). The Terrorist Screening Center also provides access to other databases–the Automated Case Support System, the Foreign Terrorist Tracking Task Force database, and TSA’s Office of Transportation Threat Assessment database (PDF 26), all of which are distinct from the KST, and PDF 59 seems to make clear that the latter TSA list is not included in the TSDB. PDF 89 makes it clear there are other Department of Homeland Security and DOJ terrorist watch lists that are not the same as the TSDB. There is a Customs and Border Patrol database that includes additional information (see PDF 95) that will not be included in the TSDB.

In short, when Healy says there are many other reasons why people are subject to screening at airports, he is not saying that people aren’t in a database somewhere, only that they are not in his database.

Then there’s the possibility of a false positive–of someone being stopped because he had the same name as someone in the TSDB. The documents describe how to put someone in the database with just a name and approximate age, and there at least used to be a Handling Code dedicated to people with limited biographical data (see PDF 45). And Healy himself admitted (PDF 101) that 60-70% of the people reported to the Terrorist Screening Center, some via stops and some via other bureaucratic means, are not positive matches to the list, which says some people are being stopped for no reason. Further, PDF 103 makes it clear that almost half the people who complain about being on the watchlists (that less than 1 percent Healy referred to) were either a false positive or were not appropriately on the watchlist.

So sure. The TSDB isn’t necessarily the reason everyone is being stopped. But that doesn’t mean the country’s vast array of databases and watchlists are working properly.

More Security Theater as Play

Some weeks back, I posted on a Disney ride that offers riders the opportunity to be “verbally accosted by a security droid.” Now, kids can play at being a TSA-worker themselves with a security wand:

There’s nothing cooler than being a TSA agent for Homeland Security and now the Spy Gear Security Scanner lets kids live out their dreams. It’s a handheld security wand whose LED lights flash and an alarm goes off when it detects metal, just like the real thing!

Now, frankly, I’m less disturbed by this than by the Disney ride. There’s nothing wrong with being a TSA worker; it’s the rules they have to follow that are the problem. And I’d rather kids learn to be a TSA worker than to believe submitting to abusive ones is fun.

That said, it’s just one more indication of the way our culture is normalizing security theater by making it “play” for children.

First Mickey Donned Night Vision Goggles, Now Mickey Embraces GateGrope

I’ll admit, I was merely disgusted when Mickey Mouse tried to trademark Seal Team 6. But Mickey’s seeming embrace of GateGrope is far more disturbing. (h/t Bruce Schneier) In a press release boasting about changes to Walt Disney World’s Star Tour ride, Disney boasts of their imitation TSA checkpoints!

The second room of the queue is now a security check area, similar to a TSA checkpoint. The two G-series droids are still there, G2-9T scanning luggage and G2-4T scanning passengers. For those attraction junkies, you’ll remember that the G-series droids are so named because in the original Disneyland Park version of the ride, they were created by removing the “skins” from two of the goose animatronics from the soon-to-close America Sings attraction (Goose = “G” series). While we won’t tell you why, you’ll enjoy paying a lot of attention to what the scans of the luggage show is inside. When it’s your turn to go through the passenger scan (a thermal body scan), you may be verbally accosted by a security droid. Also, keep an eye out in the queue for an earlier version of RX-24 (“Captain Rex”) from the original Star Tours; he’s labeled “defective” and has some familiar dialogue.

Families are paying something like $280 a day to be amused at Walt Disney World. And as part of the amusement, they “get” to go through a “thermal body scan”?!?!?! All enhanced by the pleasure of being “verbally accosted by a security droid”!?!?!?! And all this as a way to make standing in line for obscene amounts of time to feel like a celebration of fantasy and/or capitalism rather than a pathology just like it was in the former Soviet Union?

I’m actually surprised that Schneier isn’t even more appalled at this than he is, given that he’s been as skeptical of “security theater” as anyone.

I mean, I want to know how a company with close regulatory ties to the federal government decides it will now claim it’s fun to submit to verbal abuse at the hand of what is cast as a “droid”? … How it decides either that “security scans” are such a part of our reality that no endless queue should be without one–all to help suspend our disbelief, I assume–or that a body scan is a good way to kill time in an hour-long line?

Sure, there’s a history of using Mickey Mouse to get children to accommodate security “precautions.” But do we really need to use Mickey to accustom children to RapeAScan?

TSA’s Legal Justification for Gate Grope

The Electronic Privacy Information Center has been suing the Department of Homeland Security because it refused to engage in the public rule-making process before it adopted RapeAScan machines as part of the primary screening at airports. DHS responded to EPIC’s suit the other day. While I think their response will be largely successful as written, they’re playing games with the timing of EPIC’s suit so as to avoid doing any discussion or even administrative privacy assessment of giving passengers a choice between being photographed nude or having their genitalia fondled.

The key to this is that EPIC first requested a request for review of whether DHS should have engaged in rule-making on May 28, 2010, before TSA changed pat-down procedures. It then submitted its brief on November 1, 2010, after the enhanced pat-downs were being rolled out. But the issue still focuses on the machines and not the machines in tandem with the invasive pat-downs. So a central part of DHS’ argument is that passengers are given an alternative to the RapeAScan machines: pat-downs. But its filing never deals with the possibility that pat-downs are more invasive than even the RapeAScan machines.

TSA communicates and provides a meaningful alternative to AIT screening. TSA posts signs at security checkpoints clearly stating that AIT screening is optional, and TSA includes the same information on its website. AR 071.003. Those travelers who opt out of AIT screening must undergo an equal level of screening, consisting of a physical pat-down to check for metallic and nonmetallic weapons or devices. Ibid.

A physical pat-down is currently the only effective alternative method for screening individuals for both metallic and nonmetallic objects that might be concealed under layers of clothing. The physical pat-down given to passengers who opt out of AIT screening is the same as the pat-down given to passengers who trigger an alarm on a walk-through metal detector or register an anomaly during AIT screening. Passengers may request that physical pat-downs be conducted by same gender officers. AR 132.001. Additionally, all passengers have the right to request a private screening. Ibid. More than 98% of passengers selected for AIT screening proceed with it rather than opting out. AR 071.003.

And by focusing on this alternative with no real discussion of what it currently entails, DHS dodges the question of whether the two screening techniques together–RapeAScans and enhanced pat-downs–violate passengers’ privacy. Note, for example, how the filing boasts of two Privacy Impact Assessments TSA’s privacy officer did (plus an update just as EPIC was last complaining about this technology).

Pursuant to 6 U.S.C. § 142, DHS conducted Privacy Impact Assessments (“PIAs”) dated January 2, 2008, and October 17, 2008, to ensure that the use of AIT does not erode privacy protections. AR 011.001-.009, 025.001-.010. The second PIA was updated on July 23, 2009 and lays out several privacy safeguards tied to TSA’s use of AIT. AR 043.001-010.

Now, as a threshold matter, there’s something odd about DHS citing 6 U.S.C. § 142 here. Its requirement for PIAs reads:

The Secretary shall appoint a senior official in the Department to assume primary responsibility for privacy policy, including – (1) assuring that the use of technologies sustain, and do not erode, privacy protections relating to the use, collection, and disclosure of personal information; (2) assuring that personal information contained in Privacy Act systems of records is handled in full compliance with fair information practices as set out in the Privacy Act of 1974 [5 U.S.C. 552a]; (3) evaluating legislative and regulatory proposals involving collection, use, and disclosure of personal information by the Federal Government; (4) conducting a privacy impact assessment of proposed rules of the Department or that of the Department on the privacy of personal information, including the type of personal information collected and the number of people affected; and (5) preparing a report to Congress on an annual basis on activities of the Department that affect privacy, including complaints of privacy violations, implementation of the Privacy Act of 1974 [5 U.S.C. 552a], internal controls, and other matters. [my emphasis]

See how it says the department has to do PIAs “of proposed rules”? That suggests the Privacy Officer treated the plan to use RapeAScans as a rule and did a PIA accordingly. But this entire filing–which explains why DHS refused to accede to EPIC’s request to conduct public rule-making on the use of RapeAScans–argues that the implementation of the machines did not constitute a rule. But they did a PIA as if it was a rule!

But there’s another thing this filing doesn’t say about PIAs: that Congress demanded TSA publish a PIA on the enhanced pat-downs.

In the absence of an Executive branch level Privacy and Civil Liberties Oversight Board that would evaluate decisions such as this, it was crucial that the Department of Homeland Security’s Privacy Officer and Office for Civil Rights and Civil Liberties thoroughly evaluate and publish written assessments on how this decision affects the privacy and civil rights of the traveling public. To date, the Department has not published either a Privacy Impact Assessment (PIA) nor a Civil Liberties Impact Assessment (CLIA) on the enhanced pat down procedures. Without a published PIA or CLIA, we cannot ascertain the extent to which TSA has considered how these procedures should be implemented with respect to certain populations such as children, people with disabilities, and the elderly. By not issuing these assessments, the traveling public has no assurance that these procedures have been thoroughly evaluated for constitutionality.

So while DHS boasts that it did PIAs on the RapeAScans before it rolled them out, it still does not appear to have done a PIA on the groping that serves as DHS’ much touted alternative to RapeAScans, much less a PIA on the two techniques offered together.

Now, DHS is using procedural complaints to object to EPIC’s inclusion of Nadhira Al-Khalili on the complaint, a lawyer with ties to the Muslim community. But their response to EPIC’s freedom of religion complaint seems to suggest they recognize they are vulnerable: suggesting that if a Muslim (or anyone else with documented reason to be opposed to having nude pictures taken and/or their genitalia groped by strangers) were to sue, the procedures would not hold up.

But for now, DHS is treating the RapeAScans separately from the groping so as to be able to argue that in conjunction with the “choice” of being groped, the RapeAScans present no big privacy problem.

Protecting DC’s Metro from the FBI and Facebook

While I’ve been in moving hell (one more day, a long drive, and then!!! relax), there have been two developments in the FBI’s efforts to fearmonger in the DC Metro.

As I first reported several weeks ago, TSA Director and former FBI Deputy Director John Pistole testified to Congress that we need to implement searches on public transportation because of the threat invoked by an FBI-invented plot.

We need to search people on the DC Metro, Pistole was basically saying, because the FBI chose to target the DC Metro in one of their stings.

On Thursday, the DC Metro announced they will–in conjunction with Pistole’s TSA–start conducting the random searches Pistole said we needed because of FBI’s sting.

Metro Transit Police today advised customers they will conduct random inspections of carry-on items, as part of the continuously changing law enforcement programs designed to keep the system safe.

[snip]

The inspections will be conducted in conjunction with Transportation Security Administration officials and are expected to take only minutes and are designed to be non-intrusive, as police will randomly select bags or packages to check for hazardous materials using ionization technology as well as K-9 units trained to detect explosive materials. Carry on items will generally not be opened and physically inspected unless the equipment indicates a need for further inspection.

Anyone who is randomly selected and refuses to submit their carry-on items for inspection will be prohibited from bringing those items into the station. Customers who encounter a baggage checkpoint at a station entrance may choose not to enter the station if they would prefer not to submit their carry-ons for inspection.

Since the time Pistole tried to use an FBI-invented plot to justify searches, a somewhat more real threat to the Metro did occur. On November 18, 2010, Arlington, VA resident Awais Younis boasted on his Facebook about the best way to maximize damage on–among other targets–the Metro.

The complainant recounted that during a chat with Ghilzai [aka Younis] in November 2010, Ghilzai described how to build a pipe bomb and what type of shrapnel would cause the greatest amount of damage. Ghilzai also stated that he could place a pipe bomb under a sewer head in Georgetown (assumed to be a reference to the neighborhood in Washington, D.C.) at rush hour to produce the greatest number of casualties. Ghilzai further stated that the third and fifth cars in the METRO trains had the highest number of commuters on them and he could place pipebombs in these locations and would not be noticed. Complainant responded by saying “you wouldn’t do that,”and Ghilzai replied by saying,”watch me.”

Mind you, there was little to indicate this was anything more than a boastful threat on the Toobz–Younis didn’t act on this threat. The FBI has as much as admitted that when they have emphasized that Younis wasn’t charged with any terrorism related charges.

Yet coverage of the decision to search the Metro mentioned both the FBI-created sting and this Facebook boast to explain the threat:

The inspections have been in the works for years, and are not a response to any particular threat, Taborn said. However, in recent months various threats to the system have come to light. One man was accused of casing stations in what he thought was an al-Qaida plot to bomb and kill commuters and another man is charged with threatening on Facebook to detonate pipe bombs in the subway system.

So it all works out! Based in part on the FBI’s own manufactured “terrorist attack” DC’s commuters will experience the joy of random searches.

Who needs real terrorist threats when the FBI can invent their own?

Update: Joy for job fixed per zapkitty.

John Pistole: “What I Think Is Appropriate in Terms of Privacy”

This entire interview between TSA Director John Pistole, James Fallows, and Jeffrey Goldberg is worth reading. But I’m particularly interested in what Pistole says about his role in finding the appropriate balance between security and privacy.

James Fallows: I’d like to start with a question both Jeff and I have raised, which is the whole question of the balance between security, on the one hand, and liberty and privacy concerns, on the other. Is it TSA’s job to set that balance? Or how do you think that balance is set?

John Pistole: The way I view it is for TSA to develop the security protocols that afford the best security, while recognizing that there is a balance. The best security would be something way beyond what we’re doing.

Jeffrey Goldberg: The best security would be to just not allow people on planes. That’s perfect security.

Pistole: That’s “risk elimination.” And we’re not in the risk-elimination business, we’re in risk mitigation, informed by the latest intelligence, informed by our friends [in the intelligence agencies], and informed by the results of our covert testing.

Those things inform judgments and actions and then we take that information — I take that information — and then ask the experts how can we address these threats? They come up with different things based on all the information they have, and then they make a recommendation, and then it’s up to me to say, OK, does that exceed what I think is appropriate in terms of privacy?

So that’s my responsibility. To say, does this give us security, without violating something that would be a Fourth Amendment issue? [my emphasis]

According to Pistole, it’s up to him–his responsibility–to determine what the appropriate balance between privacy and security.

Now, I appreciate that, at some level, it is up to him. He’s in charge of TSA and he’s got to make the final decision whether to implement (or discontinue) a controversial scanning technology.

But it’s not up to him.

It’s up to the entities that review counterterrorism techniques for their civil liberties and privacy impact. Specifically it’s up to the Privacy and Civil Liberties Oversight Board, which is mandated by Congress to do the following:

(1) analyze and review actions the executive branch takes to protect the Nation from terrorism, ensuring that the need for such actions is balanced with the need to protect privacy and civil liberties; and

(2) ensure that liberty concerns are appropriately considered in the development and implementation of laws, regulations, and policies related to efforts to protect the Nation against terrorism.

The PCLOB never got fully off the ground after it was passed in 2007. More appallingly, Obama hasn’t even nominated anyone to the board.

Absent review by the PCLOB, Department of Homeland Security is required to conduct a Privacy Impact Assessment, which it appears not to have done either. And Pistole should know that these reviews should take place, since Bennie Thompson reminded him of the fact several weeks ago.

In the absence of an Executive branch level Privacy and Civil Liberties Oversight Board that would evaluate decisions such as this, it was crucial that the Department of Homeland Security’s Privacy Officer and Office for Civil Rights and Civil Liberties thoroughly evaluate and publish written assessments on how this decision affects the privacy and civil rights of the traveling public. To date, the Department has not published either a Privacy Impact Assessment (PIA) nor a Civil Liberties Impact Assessment (CLIA) on the enhanced pat down procedures. Without a published PIA or CLIA, we cannot ascertain the extent to which TSA has considered how these procedures should be implemented with respect to certain populations such as children, people with disabilities, and the elderly. By not issuing these assessments, the traveling public has no assurance that these procedures have been thoroughly evaluated for constitutionality.

There is a means to conduct an independent review of where the line between privacy and security is–or at least there’s supposed to be, even if Obama refuses to fulfill that mandate.

I’m sure it’s nice for Obama and Pistole that, rather than having an independent board review gate grope before it gets implemented, Pistole just took it on himself to decide whether it’s constitutional and appropriate or not.

But that’s not how it’s supposed to work.

FBI Entrapment Leads to TSA Pat-Downs

A couple of weeks back, I pointed to John Pistole’s testimony that directly justified the expansion of VIPR checkpoints to mass transport locations by pointing to a recent FBI-entrapment facilitated arrest.

Another recent case highlights the importance of mass transit security. On October 27, the Federal Bureau of Investigation (FBI) arrested a Pakistan-born naturalized U.S. citizen for attempting to assist others whom he believed to be members of al Qaida in planning multiple bombings at Metrorail stations in the Washington, D.C., area. During a sting operation, Farooque Ahmed allegedly conducted surveillance of the Arlington National Cemetery, Courthouse, and Pentagon City Metro stations, indicated that he would travel overseas for jihad, and agreed to donate $10,000 to terrorist causes. A federal grand jury in Alexandria, Virginia, returned a three-count indictment against Ahmed, charging him with attempting to provide material support to a designated terrorist organization, collecting information to assist in planning a terrorist attack on a transit facility, and attempting to provide material support to help carry out multiple bombings to cause mass casualties at D.C.-area Metrorail stations.

While the public was never in danger, Ahmed’s intentions provide a reminder of the terrorist attacks on other mass transit systems: Madrid in March 2004, London in July 2005, and Moscow earlier this year. Our ability to protect mass transit and other surface transportation venues from evolving threats of terrorism requires us to explore ways to improve the partnerships between TSA and state, local, tribal, and territorial law enforcement, and other mass transit stakeholders. These partnerships include measures such as Visible Intermodal Prevention and Response (VIPR) teams we have put in place with the support of the Congress. [my emphasis]

Now to be clear, as with Mohamed Mohamud’s alleged plot, Ahmed’s plot never existed except as it was performed by FBI undercover employees. In fact, at the time the FBI invented this plot, now TSA-head Pistole was the Deputy Director of FBI, so in some ways, Ahmed’s plot is Pistole’s plot. Nevertheless, Pistole had no problem pointing to a plot invented by his then-subordinates at the FBI to justify increased VIPR surveillance on “mass transit and other surface transportation venues.” As if the fake FBI plot represented a real threat.

And according to Gary Milano (who appears to be TSA’s Federal Security Director for Tampa), that’s what they’re now doing–telling the bad guys (among whom they include “immigration law violators” and “bulk cash” smugglers) they’re going to be searching Greyhound for them. (Randy Balko posted the YouTube here.)

Now, to be sure, these no-warning searches are more effective than the security theater Pistole has ramped up at airports.

But that doesn’t excuse the logic: John Pistole points to a plot the FBI–under his management–cooked up, as if it represents a “real” threat. He uses it to justify expanding VIPR to mass and surface transit venues. And then when TSA does set up one of those VIPR checkpoints, we learn they’re not looking for TATP (which is what Pistole implied in his testimony to Congress), but instead illegal aliens and cash smugglers.

I guess that all makes it okay, right? The plot justifying this checkpoint never existed, but then, they’re not really looking for the things they suggested they were looking for as defined by that plot. So it doesn’t matter that it was a fake terrorist plot, since the whole point of it seems to be to justify immigration and smuggling raids.