This
is
another
excerpt from my book on technology, terrorism, and
DHS, tentatively titled "Skating on Stilts." (If you want to
read the excerpts in a more coherent fashion, try the categories on the
right labeled "Excerpts from the book." I'm afraid I can't fix the bug
in TypePad that prevents me from putting them in the category in
reverse-chronological order, but I have started putting chapters up in
pdf form from time to time.) Comments and factual quibbles
are welcome, either in the comments section or by email:
[email protected]. If you're dying to order the book, send
mail to the same address.
--Stewart Baker
In fact, nothing illustrates
the clout of the left-right privacy machine than a second failing demonstrated
on Christmas Day 2009. That is TSA’s
inability to use screening information that is routinely used by all the other
security agencies in government.
The US has pretty good
information on four hundred thousand terrorism suspects, but fewer than twenty
thousand of them are on the lists that TSA uses to screen air travelers. That means that 95% of the identified terrorist
suspects can get on a plane bound for the
CBP knows about these 400
thousand suspects. The FBI and CIA know
about them. So does the State
Department. But not TSA. For TSA, if you aren’t on the no-fly or
selectee lists, you’re just regular folks.
Why? Because that’s the way the privacy
campaigners want it. It’s the intended
result of their remarkably successful effort first to stall and then to roll
back the security reforms undertaken after 9/11.
There’s a well-establish civil
libertarian mythology about the nation’s response to 9/11. In the myth, a frightened US government
throws civil liberties out the window within weeks of the attacks, launching a
seven-year attack on our privacy that a new administration is only now slowly
(too slowly, say the advocates) beginning to moderate.
In real life, privacy groups
mobilized within weeks of 9/11, and they won victory after victory, right from
the start. First, within a month of the
attacks, they forced the Justice Department to negotiate the USA PATRIOT Act
line by line with Chairman Leahy of the Judiciary committee – a process often
ignored when the act is presented as fait
accompli imposed on a panicky Congress by the Executive Branch.
Then within eighteen months of
the attacks, the privacy campaigners killed the TIPS program, designed to
encourage citizens to report suspicious behavior, as well as Adm. Poindexter’s
Total Information Awareness program.
After that, they went looking
for bigger game. What they found was
TSA, a gift that would keep on giving for half a decade.
As both a civil libertarian and someone who does network security for a living, I've been of two minds while reading these chapters from your forthcoming book. On one hand, I'm generally against all the things you castigate the privacy advocates for railing against. On the other hand I've seen the difference between what users think is safe and what is actually safe.
After pondering this for a while, I've got a few thoughts:
From my prospective the privacy folks were getting their tails handed to them all through the Bush administration. I don't really see that having changed much when the administration changed. I wonder if difficulties you ran into are because the privacy lobby is strong, or just that our system is so dysfunctional that it's hard to get anything done.
I also wonder if the privacy groups would be so up in arms about every additional security proposal if they felt they could trust the Government to stay within the bounds they set (or at least seem to set). The patriot act contained lots of provisions for general criminal investigations, not just those related to terrorism. The backscatter machines were spec'ed to be able to store and transmit images, despite the TSA saying they were not capable of doing so. The government did not ask FISA to be revisted until after the NSA was caught tapping into AT&T's backbone.
Finally, I do have to say that the Christmas bombing and reading your blog has influenced how I look at the TSA looking for dangerous people instead of dangerous things. Until recently I was firmly of the opinion that the TSA has no business trying to identify people (and that doing so may violate our right to travel freely). However, if there are weapons that can't be reasonably detected short of caviety searches that changes things. I still look at the TSA as largely security theater. TSA personal that appear competent are pretty hard to find, but the ones that are just making time till the end of the day are all over the place.
Posted by: Nick | Feb 04, 2010 at 04:24 PM
Thanks to Nick for a thoughtful comment.
Posted by: sbaker | Feb 05, 2010 at 05:32 PM
"The government did not ask FISA to be revisted until after the NSA was caught tapping into AT&T's backbone. "
Ho, ho, ho. I love how you say "caught", as though A) it hadn't been happening since the telephone existed and B) nobody knew about it. The purpose of the domestic-wiretap reveal was to combat pro-terrorist lawfare; courts generally take a dim view of "we can't reveal the evidence against this man because it's all classified".
Posted by: DensityDuck | Feb 11, 2010 at 03:07 PM