Counter-Terrorism: October 13, 2004

Archives

Three years after 9/11, the Department of Homeland Security (DHS) has failed to compile a single viable terrorist watch list, leaving border guards and other security personnel without the means to verify if a person should be allowed into the country. Nine different agencies still operate a dozen different lists. DHS's inspector general has taken its agency to task for failing to provide the proper leadership to create a master list. 

According to the FBI, no terrorists have been caught through the airlines "no-fly" lists or other pre-flight screening. A handful of criminals not smart enough to travel using aliases have been caught and arrested, however. While there are over 300,000 suspected terrorists and associates on various government watch lists, only a fraction of those names have end up moving on to the "no-fly" list. 

Currently, the 10-month-old DHS Terrorist Screen Center handles screening requests on a 24/7 basis from numerous agencies, ranging from immigration officers at U.S. airports, State Department consular officials issuing visas overseas, and local law enforcement officials. So far, the screening center has enjoyed "modest success" in combing the various lists so they can be shared with other agencies, but it has encountered problems in hiring personnel and trying to get all the different data pulled together into a single format. Only half the 160 staff members needed for the center have been hired, mainly because there aren't enough analysts with high security clearances available. Each agency has developed different formats. The Justice Department's National Crime Center's database was designed to handle names up to 30 characters in English longer than other lists while the State Departments lists are designed for different spelling of names in Russian, Chinese, Spanish, and Arabic.

Watch lists didn't prevent Yusuf Islam formerly Cat Stevens from getting on board an American Airlines flight to Washington D.C. Mr. Islam was marked on a no-entry list for allegedly helping to raise funds for a terrorist organization. His plane was half way across the Atlantic before being diverted to Bangor, Maine where he was pulled off. 

According to recent court testimony by the Transportation Safety Agency (TSA), the U.S. government has no "hard and fast" rules for who goes onto its secret no-fly list that the airlines use for screening passengers. Before 9/11, there were only 16 people on the list. Today, there are roughly 20,000 names, with an increasing number of people stopped from flying because they have a name that sounds like a name on a no-fly list. Going onto the list is a "subjective" process without hard and fast rules, according to a TSA officer. 

With current lists, spelling and how a name sounds counts, so the potential for beating the system if a name is misspelled or (more likely) by traveling under an assumed alias that isn't on a watch list is quite high. Each airline uses a different technique to match passenger names to a no-fly list using a technique that strips the vowels out of a passenger's name and assigns a code based on a name's phonetic sound. Similar-sounding names get caught up in the lists. Representative Donald E. Young was flagged on a watch list when an airline computer system mistook him for watch-list Donald Lee Young. 

Several Congressmen and Senators have made it onto no-fly lists; the most embarrassing example occurred when the senior Senator from Massachusetts was prohibited from flying from Washington to Boston to attend the Democratic National Convention this summer. It took three phone calls to DHS Secretary Tom Ridge and several weeks of work to have him removed from the list. 

Frequent fliers caught in the no-fly lists have already figured out how beat the system by simply changing the way their names are spelled on their tickets. It could include adding their middle initial, full middle name, or adding titles. 

Tests for more sophisticated passenger screening tools are already underway. TSA has demanded airlines turn over passenger records of all domestic flights during June 2004 so it can test its new Secure Flight data mining software before it goes into regular use. Secure Flight replaces the much maligned CAPPS-II system. Civil libertarians were uncomfortable with provisions in CAPPS-II requiring fliers to supply birth date, home address, and home phone number in order to search both government and commercial (i.e. credit card) databases. 

Current screening measures are very simple and known by frequent fliers. Buying a one-way ticket is a guarantee to be pulled aside for a detailed search by TSA security personnel before boarding, as well as buying a plane ticket with cash. It is likely terrorists would have little difficulty either getting a credit card or a debit card and little problem buying a (usually cheaper) round-trip ticket. Doug Mohney