Matt Drudge wants us to blame "Big Sis" because "SECURITY LET SUSPECT ON PLANE."
And the AP has a similar take, leading with, " The no-fly list failed to keep the Times Square suspect off the plane."
Is there a fail here? And if so, whose fault is it?
To catch everyone up, judging from AP reports, my initial guess was probably right: The government put Shahzad on its terror watchlists, including the no-fly list, and DHS recognized his name when Emirates airline gave its passenger manifest to DHS. This of course was just before takeoff, so the plane had already pulled back the jetway when Customs and Border Protection stopped the flight: "By the time [DHS/CBP] officials spotted Shahzad's name on the passenger list and recognized him as the bombing suspect they were looking for," AP says, " he was in his seat and the plane was preparing to leave the gate."
I thought that was impressively fast work -- roughly 8 hours from identification through designation, population to the computer system, and identification before takeoff. But not so fast that it can't be secondguessed, apparently.
The implicit criticism in Drudge and AP is that the no-fly list didn't work, that Shahzad should not have been able to buy a ticket at all. Well, if the system had worked perfectly, that's true. Shahzad would have been stopped at the gate.
So why didn't it work perfectly? It appears that Emirates was running the no-fly list -- that is, the airline itself was checking passenger names against the no-fly list that it got from TSA. But Emirates apparently didn't update its version of the no-fly list between the time TSA added Shahzad and the time of its JFK flight.
Maybe it's not a complete surprise that an airline take eight hours or more to update its list. But if that was a failure, it seems as though the blame should fall on Emirates, not TSA.
Now, you might ask (unless you're Ron Paul) why we would choose to rely on under-incentivized and under-financed private companies to run a major national security program? This looks like a job that government can and does do better than the private sector.
After all, CBP, which is a government agency, managed to update its list in that 8 hours, and then to catch Shahzad with what was probably as little as half an hour of review time. Why were we relying on dozens of airlines and computer systems to run the no-fly list instead of a single government computer system?
Ah, here it gets interesting. TSA has been trying to take over administration of the no-fly list since 2003. It's in the process of doing that, finally, this year. Why the delay? Simple: Privacy campaigners, left and right. Privacy groups claimed that TSA could not be trusted with data about who was checking in and what their reservations said.
They in turn persuaded Sen. Ron Wyden (D-OR) to put a provision in the DHS appropriations bill that stalled the transfer of responsibility for the no-fly list from airlines to TSA for years. (I tell the story in Skating on Stilts.)
In fact, it looks as though the transfer still hasn't happened in the case of Emirates. So if you want to blame someone for the design of the no-fly system, you might want to point the finger at the privacy lobby and their supporters in Congress and media.
Which, by the way, certainly seem to have included one Matt Drudge (See, for example, this heart-pounding headline from March 18, 2004: "TSA To Require Airlines To Divulge Passenger Records ..." Or this from November 29, 2007: "TSA wants to require birthdate, gender to purchase airline tickets; background checks... ")
So, Matt Drudge, if you're looking for someone to blame the "No-Fly Fail" on, well, you just might want to glance in the mirror.
Nothing like blaming the messenger. It wasn't the fault of "privacy campaigners" that the Government has taken nearly a decade to assume control of the watch listing process. A long series of hopelessly bloated, ineffective and unfair proposals fell of their own weight. Simple and fair could have been put in place years ago. http://www.aclu.org/blog/technology-and-liberty/blaming-messenger-watchlist-problems
Posted by: Barry Steinhardt | May 07, 2010 at 06:07 PM
Barry Steinhardt rises to defend Matt Drudge and the ACLU. The left-right privacy lobby in action. And not especially persuasive. Barry claims the program somehow mysteriously failed on its own, omitting the lobby's determined assault, which no doubt also accounts for the shifting, ever-shrinking scope of the program. And he claims the lobby never opposed a narrowly defined program but in a post full of links he doesn't link to a single serious (or unserious) ACLU proposal for actually implementing the narrow program he says it supported.
Posted by: stewart baker | May 09, 2010 at 10:32 AM
Much appreciated Stewart! But you are giving the "privacy lobby" way to much credit/blame for the "ever shifting" program. The program kept morphing because it was badly designed and built on a base of sand-- the hopelessly bloated watch list. BTW, the watch list's deficiencies were chronicled by Federal Government's own internal reviews. I long list of critical reports, as well as the ACLU's clear statement that we did not oppose a narrowly tailored watch list, can be found at http://www.aclu.org/technology-and-liberty/watch-lists.
Posted by: Barry Steinhardt | May 09, 2010 at 01:40 PM
Accounts for the shifting, ever-shrinking scope of the program.
Posted by: cheap laptops canada | May 21, 2010 at 08:28 AM