Wednesday, January 23, 2013

Body Scanner: Who says looks don’t count?


By Prof. Alan (Avi) Kirschenbaum*

The recent decision of the TSA to replace one type of body scanner with another is, at first glance, a remarkable shift in policy for the agency that is the final arbitrator of all matters dealing with airport security. Even more surprising, this decision was brought about by the pressures of non-airport security stakeholders (the Electronic Privacy Information Center), and related to privacy issues rather than security.

Source: TSA blog
This shift in policy is, of course, a bit simplistic as the installation of alternative body scanners remains. The goal is to detect as fast as possible those persons who carry items deemed a threat to security. My emphasis on “as fast as possible” is the reason for body scanners as airport management is extremely sensitive to increasing “through-put,” that magical word that is directly linked to bottom line profits or losses. It is a technological fix that fits into the assembly line design of airports as a people-processing factory. But the technology does have its limits. And people aren’t always compliant.

This was brought home in an analysis, during the BEMOSA project, of the role that passengers play at screening check points. For conventional screening (and it seems for full body scanners as well), screening detection and threat avoidance is guided by rule compliance. The technology is very sophisticated, but we found that there was a problem with employees bending, breaking or ignoring the rules, and even more problematic was passenger behavior. Passengers argued and negotiated with the security employees! What we discovered was that security checking is a complex social process and not the simplistic picture of automated filtering by technology.

The critical time factor of the passenger negotiating over a prohibited item not only put the proverbial monkey wrench into the spokes of the technology, but was, in fact, the key to the flow affecting passenger “through-put.” Shaving off 2-5 seconds per passenger by an advanced algorithm paled in comparison to the time-consuming social process of negotiating whether to open a bag, go through the metal detector, refusal to give up an expensive bottle of whisky or even take off shoes!

So the TSA policy change is really no change at all as it still continues (with an internal logic of justification) to seek the design of a better mouse trap. But to do so there still remains the missing link – employees and passengers. Perhaps the king will realize he is naked only when the evidence proves it to be the case.

---

*The writer is the initiator and coordinator of BEMOSA (Behavioral Modeling of Security in Airports).

Thursday, January 3, 2013

IATA’s new airport security vision neglect the human factor

By Prof. Alan (Avi) Kirschenbaum*

As part of its 2012 annual review, the International Air Transport Association (IATA) has forecast that airline traffic is expected to rise to 3.6 billion passengers in 2016 from 2.8 billion in 2011.

The recent IATA review covers the issue of security as part of its comprehensive program to strengthen the air industry. Security, as we all know, has been prominent in public and scientific discussion and it is satisfying to note that the new vision for the checkpoint of the future (CoF) is one response to make airport and air travel more secure and pleasant for the passenger.

The emphasis of this effort appears to be primarily focused on technological means to enhance security – developing technology and software to enhance (API) advanced passenger information and (PRN) passenger name record information. The implication is that this will promote passenger flow-through and reduce inconvenience and “friction” for passengers during their airport experience.

The notable “missing link” in this vision is people. Certainly, technology is a critical part of airport security, but this perspective ignores the fact that the entire security decision-making process is in the hands of both employees and to some extent the passengers. Nor is there mention of the airport as a complex social organization within which employees and passengers interact with security technology within two distinct social and communications networks – the formal administrative and informal.

These extremely vital aspects presented in the IATA report are marginalized, as they do not reflect how security actually operates in reality.

It is here that the BEMOSA project has made a major contribution to providing an evidence-based depiction of the actual behavioral security decision-making process among a wide range of employees in airports distributed across Europe. The fact that up to 40 percent of the decision-makers bend, break and even ignore the rules; that security decisions are primarily made within groups; that most threats are assessed as false alarms; the degree to which employees trust security technology and to which the opinions of friends directly impacts on rule compliance are the reality of security in airports.

These findings can be integrated into the checkpoint of the future by recognizing that technology is only one component in the airport triumvirate for not only enhancing security but also making airports viable business organizations.

---

The writer is the initiator and coordinator of BEMOSA (Behavioral Modeling of Security in Airports). This article was first published in i-HLS Web site.*