Judging by the number of cardboard boxes in Adm. James Loy's office at the US Transportation Security Administration (TSA) last autumn, Loy might have just finished packing or been just about to unpack. The truth is, from July to November, he was in a holding pattern. His office, in Washington, DC, was temporary — and not just because it was hastily constructed from prefab walls after the post-9/11 flurry of legislation to Fix Things.
Loy was waiting for official word from US Congress that would allow him to drop the "acting" from his title of undersecretary of transportation for security. Only when his confirmation came through, right before Thanksgiving, could he unpack the boxes in an empty office across the hall that has real walls. Even then, no one knew how long he'd last in the office vacated by John Magaw, who was ousted seven months after being brought in to help build TSA from scratch.
Magaw left in July, ostensibly for health reasons, but really because Secretary of Transportation Norman Mineta thought the former Secret Service head didn't play well with politicians or the airline industry. "Magaw wasn't the right guy for the job, and that's putting it nicely," says Billie Vincent, former director of security for the Federal Aviation Administration turned consultant. "Is Loy the right guy? We don't know yet."
What CSO-types in the airline industry do know now is that TSA is listening to them. Loy's staff meets regularly with officials from the major airlines about how to prevent another 9/11 without crippling an industry that, according to the Air Transport Association of America, lost more than $US7 billion in 2002.
Loy's work thus far has had mixed results. Even as he was celebrating the fact that his organisation met its deadline to replace private security guards at airport checkpoints with 45,000 better-trained federal ones, he had to face the fact that about 30 of the nation's busiest airports would not have permanent systems in place to screen all checked baggage for explosives.
Nowhere is the age-old struggle between convenience and security more pronounced than in the battle to secure America's skies. Loy, who retired as commandant of the Coast Guard the same day he was tapped for TSA, seems older and wiser than his 60 years. But he's still optimistic that he can strike the balance necessary to keep the nation's air travelers — and the industry that serves them — both safe and satisfied.
CSO Senior Writer Sarah D. Scalet recently spoke with Loy about that challenge.
CSO : I used to go to a copy shop with a sign that said, "Fast, cheap and good — pick two." It seems a little like the trade-off for airline security: convenience at the gate versus cost versus good security. How do you achieve a balance?
James Loy: If you think about the post-9/11 security world that we're living in, we're attempting to come to grips with what I've termed the "new normalcy." We've been living under the yellow Homeland Security alert level for months now. [Mineta's] challenge in the face of that new normalcy is to achieve world-class customer security and world-class customer service. It is a balance of two, at least for the moment, equally weighted goals.
TSA is focused for the moment on aviation security and airports because of the way the ATSA [the Aviation and Transportation Security Act, which called for the creation of TSA] was written, but eventually we want the national transportation system writ large to be the benefactor of a higher security profile. We can provide that in a variety of ways. We can make it so stifling that we eliminate commerce, bring commercial aviation to its knees and irritate every member of the American public who's going through a checkpoint. Or we can make an investment in our employees such that they become professional enough that the travelling public will look back on the experience of going through a checkpoint and say, They were professional; they helped me through the process; they told me why I had to take off my shoes; and they said, Have a nice flight. Citizens can either look back and say, That's the worst thing that ever happened to me; I'm never flying again. Or they can say, I am delighted to be the subject of adequate security. That's what I mean by the balance.
In regard to the hassle factor at the gate, you think it's not a matter of how long someone waits in line at the gate but rather the demeanor of the person she encounters when she gets to the front of it?
It's both of those things. Unfortunately we have at the moment a hassle-factor environment. I am methodically trying to get rid of it one step at a time, but we do not want to get rid of it if the only way to do so is to lower the security profile. I have no idea what the index is, but let's say we've gained from a 2 to an 8 on a 10-point scale in security. In order for me to increase customer service and customer satisfaction, I am I willing to take the 8 back down to a 5.
Are those steps the items on your "stupid rule" list that I've read about?
The stupid rule list is [Deputy Secretary of Transportation Michael] Jackson's name for it, but I guess I will own it. For example, the two-question rule ["Has anyone unknown to you asked you to carry an item on this flight?" and "Have any of the items you are travelling with been out of your immediate control since you packed them?"] was around for 16 years. Doing away with it was a matter of bringing it onto the table and saying, very objectively, what does this add to the security experience? If the answer is nothing, then we should do away with it.
How do you define the difference between safety and security?
In the old days it was a blur — 9/11 clarified it. Safety is all about the equipment on board, the training of the pilots, the effectiveness of the flight attendants, whether the wing is going to fall off, if the rudder does what it's supposed to do. All those things remain the responsibility of the Federal Aviation Administration. The security piece is focused on how transportation security fits inside Homeland Security, which fits inside national security.
The airline industry is under financial strain, but people in the industry have said you're more in tune with their needs than your predecessor. How do you balance your relationship with them with the fact that better security will cost money?
There are many stakeholders in the aviation system — some are commercial, some are passenger, some are cargo, some are charter, some are general aviation aircraft. If I'm doing my job right, I will have inculcated in my staff the value of reaching to the impacted players in the industry when we are in the midst of developing policies — not to closet ourselves up into a little bunch of federal bureaucrats and hope we get it right. Better security, almost by definition, will have to cost money. It's a matter of who pays. The federal government is certainly going to make a huge contribution in that regard by way of appropriations from Congress. This organisation is into its 10 billionth dollar investment from Congress.
At the same time, Congress recently left a cap on the number of employees you could hire.
That's a whole other story. To whatever degree the airline industry is in the financial straits that it claims, certainly very vocally and avidly, there's a lot of things that can be paid for by others. Already, the flying passenger is paying the bill, and the taxpayer is paying it through a different channel, in appropriations to TSA and other agencies. The "who pays" issue is foggy, and it is enormously important to us because we're doing things that Congress directed us to do.
How do you handle not having enough staff?
There were some unfortunate numbers used early on to suggest that the third-party contract screeners hired by the airlines prior to the establishing of TSA — somewhere between 20,000 and 30,000 screeners — represented the entire screener population. The reality was, that number may have been the employees of third-party screeners, but it belies the contributions being made by airlines and other oversight associated with the screeners. It did not include gate screeners. It also included almost zero baggage screeners, which were not part of the scene before 9/11. When you add it all up, that's where we come down on numbers as high as 33,000 at checkpoints and 22,000 baggage screeners for a total of 55,000. There's still much at play there. Congress voted the 45,000 cap on the organisation, but there was little clarity as far as what the definition was or should be. We may very well be able to live with 45,000 full-time screeners, if the rest of the organisation was exempt from that definition. And we have part-time and temporary hires who don't count against the permanent full-time cap.
You were against the issue of arming pilots. A lot of our readers must secure programs they feel are inherently insecure. What safeguards will you implement so that you're more comfortable with it?
I just found it difficult to champion the idea of introducing weapons into an environment that we've gone to great pain to keep clean, with the exception of federal air marshals. Having said that, I can also read the tea leaves, and the tea leaves are pretty bold with Congress in favour of arming pilots by 87-6 on the Senate side and 3-1 on the House side. My effort will be to make the process as methodical as possible.
As far as the trusted or "registered" traveller program, people say it favours convenience over security. How will you ensure that terrorists don't infiltrate that system?
The secret is the background investigation process that we would require of anyone who would end up a registered traveller. It would not be based on, "I promise never to bring a weapon on board an airplane." It'd be based on a background investigation and a fingerprint check against criminal history files.
Do you think there's too much concern about political correctness as far as profiling?
I have used the "P" word. I think it is appropriate for us to examine behaviour patterns like those that offered a chance for 19 terrorists to commandeer four commercial jetliners. There's profiling with a big "P," which is the American instinct against gender-based, ethnic-based, racial-based kinds of profiling, and obviously we don't want to go there. On the other hand, there's profiling with a small "p," which is about potentially understanding behavior patterns and acting on them in the interest of security for the nation. I would be equally remiss if we didn't find better ways to do that.
What's the status of the CAPS [computer-assisted passenger prescreening] program?
CAPS 1, which we inherited, is the only game in town. It's being used at the moment, but it is providing less than adequate security services. As soon as you know the rules, you can find a way around them. We want CAPS 2 to be a system that is going to do two things. First, we want it to be much better at the identification business. Today, in CAPS 1, when I buy a ticket it says "Loy, J.", all I need to do is show a photo ID, which I could have bought at Battery Park right after I bought a watch. There are law enforcement standards associated with identification that we need to incorporate. And those have to be bounced off a list of people whose names we have concerns about. It's looking not at, did you buy a one-way ticket this morning, but rather, do you have a criminal history? We've worked hard as a country to build a terrorist tracking task force in the Department of Justice, which I'm sure must have a database that we should be using.
CAPS 2 has to incorporate the ability to do those kinds of things and down the road add applications that might enhance our ability to do more thoughtful things. For example, there's some excellent software that we're looking at that is about name identification. Mohammed has, for example, many interpretations of spelling around the world. A software program could help us determine whether or not the right Mohammed is the guy standing in front of us. And that all has to be focused on a system that enables an almost instant turnaround query so that even a walk-up person buying a ticket at the terminal can be queried against the CAPS system.
Can you prevent someone from getting on a plane who hasn't actually broken the law?
I have to be careful here because this is classified stuff, but it's a matter of, what are the deliverable outcomes and what's the labelling process? If you worry about profiling up front, you worry about labelling. There's a category of folks who deserve more scrutiny. If we find someone, when we check against the FBI database, who's wanted for murder in 12 states, we ought to keep him from boarding the aircraft. The point is that CAPS 2 will be a quantum level better in security and customer service. If we have it in place, and we re-sequence the events that actually occurred at an airport, we can probably get rid of gate screening — the secondary screening that occurs just before you board the aircraft. My goal as part of the customer service hassle-factor reduction would be to eliminate gate screening.
What do you think of news reports from time to time where someone walks through a security gate with nonapproved items?
I'm troubled when journalists or whoever else break the law consciously to test the system. That in and of itself is a bother to me. The inspector general's office has a very robust self-testing system that is designed to do the same thing in an environment in which we can take the appropriate action. Which is to say, if we get something through, we want to go back with remedial training instantly for the screener or the screener's supervisor, or maybe even find that the performance is such that termination is the right answer. You might remember a case a while back where a woman successfully got a .357 Magnum through the checkpoint process in Atlanta, carried it all the way to Philadelphia, left the sanitised area, came back through the checkpoint and was found there. When we tracked that one back in Atlanta — it was not a TSA employee, by the way — we isolated the screener, who had done exactly what she was supposed to do. She didn't understand what she saw on the screen and called her supervisor. The supervisor said, "I see what you mean." He hand-checked the bag and didn't find the weapon, and off it went on the airplane. The screener is still working; the supervisor is not. The notion there is accountability.
We have to understand that it's a system. It's not the screener's failure by definition. It may be equipment failure. It may be procedure failure. It's the way those things work together that provides the security we're after.