Chapter Eight: Bad People, not Bad Objects – Shaking the Skies


Bad People,
Not Bad

The need for more efficient and
harmonized security

A knee-jerk reaction

Like safety, security is an essential building block of modern aviation. And again, like safety, the industry has been able to raise the bar ever higher on security. But the similarities stop there. Security has a very different story to safety.

The key to success with safety was the team approach. The sharing of information and the sense of camaraderie that prevails in aviation safety is the result of the pioneering spirit that gave birth to this great industry. It’s understood that all airlines can learn from each other when it comes to safety and no airline will keep important safety information to itself. Sharing data makes everybody safer.

But this didn’t happen with security post-9/11. And it’s easy to understand why.

It was a normal, busy day at OPODO when the Twin Towers were attacked. With the entire OPODO team, I watched the plane fly into the second tower. It was truly shocking. I had seen those towers being built, having worked in New York in the 1970s. I used to count the floors being constructed whenever I walked to work on Wall Street. Every 20 floors there was a different colour marker, which made the task easier.

The terrible events of 9/11 were always going to evoke an emotional response, especially in the United States. But it was tough in London too. The close relationship between the United Kingdom and the Unites States meant that everybody in London feared their city could be next. I even took to walking to work rather than taking the London Underground. And at OPODO, as at many businesses, there was a huge impact on business. We were left to do the same job but with 10% less resources. Some of the staff had been with us less than a month and had even moved countries to take a job with OPODO, but we had no choice other than to let them go. It was a painful and frightening time for everybody.

But, of course, it was worse in the United States. They had been targeted, the attack had been on their soil, and it was very difficult for them to keep calm and take considered action.

A very vocal debate developed in the United States. The fact is that the information to stop the attacks had been available but it was too fragmented. More than ten agencies dealt with national security and a lack of coordination created a gap in the system. The United States was spending billions of dollars to defend its country, but no agency was effectively handling the mass of information gathered in a consolidated effort to evaluate the risk and take appropriate counter-measures.

And remember, for the United States, flying was mass transportation, little different from the railways or greyhound buses. A passenger simply got on at one end of the journey and got off at the other. There wasn’t much in place to improve upon. Sadly, it was all too easy for a terrorist to board an aircraft and use the aircraft as a weapon of mass destruction.

All this created trouble from the beginning. The United States wanted to change aviation security swiftly and decisively but it had enormous internal difficulties to overcome. And of course, what the United States decided would affect the rest of the world.

Admirals in the air

It took more than 15 months for the Bush Administration to build a new government structure that could lead and implement the many aviation security changes needed. The new department had to retake control of security for a mode of transportation that could no longer afford a romantic vision of flying. The first Secretary appointed to run the new Department of Homeland Security (DHS) was Tom Ridge in 2003. A former Congressman and Governor of Pennsylvania with no specific experience, he created an Advisory Security System that just made the situation worse. Alarmingly, he didn’t realize the difficulties and the panic that would be created should a day be designated “red”. And all it meant was that the public should be vigilant. There were no plans to make security any different on red days. And they say some of my ideas are crazy!

Michael Chertoff took over from Ridge in 2005. A former judge and government legal heavyweight, he was the co-author of the US Patriot Act. He wasn’t Bush’s first choice, though. The former New York Police Department Chief, Bernie Korkik, was the first man nominated but had to decline the offer.

Chertoff started his tenure as Secretary of DHS with some startling ideas about lasers on board aircraft to defend against missile attacks. This was prompted by the Transportation Security Administration (TSA), the specialized branch of DHS dealing with transport security. At the beginning, the TSA was headed by an Admiral. Several times, while I was speaking with Admiral Loy and his successor Admiral Stone, we joked that most of our discussions were related to aviation but none of the US contingent had commercial or even military flying experience. Admiral Loy was a very competent man and I respected his input, but in the end I convinced the TSA to have some specific expertise from our industry joining the discussions.

The TSA has to deal with a lot of enquiries. But most of these calls are from Congressmen supporting companies more interested in selling some technology or other rather than addressing real risks. This is how Chertoff got the laser idea. It took the TSA valuable time to explain to the Congressmen and these companies that the risk of a plane being the target of a shoulder-launched surface-to-air missile was very remote. The risk assessment showed it would not be effective to equip commercial aircraft with the technology to defeat this threat. And anyway, a commercial plane does not maneuver like a fighter aircraft and would not be able to take advantage of the technology being used on military planes.

IATA created GASAG, the Global Aviation Security Action Group, to bring together all the major aviation players around common security positions. We needed to stop the really extreme views that were developing. The Group was successful in setting the tone for security policies on important issues like harmonization, funding and sky marshals. And we were also able to stop the US Visit Exit Program implementing the collection of fingerprints from travellers departing the United States. The idea would have forced airlines employees to perform a government role and the industry to bear the costs of the equipment, estimated at $12 billion. It wouldn’t have been much fun for visitors either. I personally led the lobbying effort against the program, explaining at the Congress and government levels that this was not acceptable. We managed to put an end to this nonsense in summer 2008.

By this time, Chertoff had moved on to expanding the Advanced Passenger Information (API) program. API was creating a serious problem for many of our non-US members and in particular the EU airlines. The European CEOs had an impossible dilemma: if they provided the United States with the required information on passengers then they faced being prosecuted under EU privacy laws; but if they refused to release the information to the United States then they would be liable for a substantial fine every time they flew there.

I had to use all my diplomatic skills to broker a deal between Franco Frattini, the Vice President of the EC, and Secretary Chertoff. I explained that the airlines could not be exposed to this legal uncertainly and that a solution had to be found. Months of negotiations did not solve the problem, however. Just days before a self-imposed deadline there was still no solution on the table. I told my friend Frattini that both he and Chertoff had respected background experience as judges—so why not use that experience to find an instrument that could fit into the two legislations and solve the problem. It helped that they could fall back on their legal expertise rather than play politics and matters moved along swiftly after that. Just hours before the deadline, it was agreed that European airlines could send the passenger information. But a committee was formed to take care of “special cases”, in effect creating a legal loophole.

It was a tough negotiation and it didn’t make me optimistic about the future. But things changed for the better in 2009 when the Obama Administration appointed Janet Napolitano to the role as Secretary of the DHS.

My first visit to the new Secretary was very different from my previous meetings with the DHS team. She immediately understood that the concept of the former administration—“we decide, you implement” — could not work in a complex industry such as aviation. Finally, we had someone who understood that aviation’s collaborative approach to safety could also work for security.

We first met at the old Marine Base Building, which looks like a bunker. But for once, aviation wasn’t under fire from ridiculous government requirements. I gave Secretary Napolitano some examples of inconsistent requests from the US Administration and the confusing regulations sent to airlines by different offices of the same Department. The Secretary was very open and requested an explanation from her staff. A couple of months later many of the smaller problems were solved.

Secretary Napolitano brought a fresh approach to aviation security. She recognized that the threat and the industry are complex and global. More importantly, she understood that the industry and governments must work together. And it was not just words. I really felt it was the start of a new chapter in aviation security, a chapter that would produce many positive changes, an increased level of security and an end to passenger hassle.

But just as were starting to make real progress, in December 2009 a terrorist tried to get a bomb on board a US-bound aircraft from Amsterdam.

The Amsterdam incident

A passenger had boarded a Delta Air Lines plane in Amsterdam, enroute to Detroit. He had sown a bomb into his underwear that fortunately failed to detonate. He was tackled and held down by another passenger while the plane was landed safely.

The joy of a safe landing was short-lived. There was no escaping the fact that the system had failed miserably. A bomb had made it on board an aircraft.

I exchanged a lot of phone calls with the authorities in the United States and I was planning to fly to Washington to meet with Secretary Napolitano to offer IATA’s assistance in any tightening of the system. As a matter of courtesy more than anything else, I invited Secretary Napolitano to Geneva to meet with myself and several of the senior airline CEOs. I was really pleased when she accepted the invitation and we quickly made arrangements for the meeting, which took place in January 2010.

I knew it would be a difficult discussion. That much was to be expected. What I didn’t expect was the large number of requests from the US security forces regarding the logistics of the visit. I was planning to host a dinner at my villa, which is located in what is considered to be a good area of Geneva, near numerous consulates and diplomatic missions. Somewhat surprisingly, I was advised that because I had a large garden there was a risk and we should go elsewhere. That didn’t fill me with confidence but we eventually settled on a nice chalet restaurant by Lake Geneva, near the United Nations. Of course, the establishment had to be inspected by the CIA and the Geneva police first.

The dinner was well attended. Secretary Napolitano and I were joined by some of the most prominent representatives of the Swiss Confederation government and many airline CEOs. The first course, a salad, was served and was very enjoyable. We all looked forward to the main course. But ten minutes later nothing had appeared. 20 minutes, 30 minutes…and still nothing. I started panicking and tried to attract the attention of my staff seated at the table, but everyone was involved in lively discussions. After some 50 minutes the main dish had still not arrived. But I caught glimpses of my very effective PA, Silvia Krahl, rushing up and down the stairs, signalling to me that all was under control. I always felt reassured when Silvia was dealing with something.

I asked what had gone wrong. Apparently there had been so many electronic devices fitted, including a scrambled, direct satellite connection to the White House, that the power had been drained from the kitchen and the meal had to be cooked elsewhere.

The White House connection was actually used during the dinner. Apparently there was a security alert in London and the Secretary had to discuss the US position with President Obama. It all made for a long dinner but I’m pleased to say that it ended up a positive one and we were able to build on the relationship the following day at the IATA offices.

Obviously a single meeting cannot solve every challenge, but a security roadmap was developed. We agreed to work together to ensure security measures could benefit from airlines’ operational expertise; to aligning requirements with industry capabilities; and to getting governments to harmonize their approach across borders. We also agreed that a next generation security checkpoint would be necessary, one that could look for bad people and not just bad objects.

The real result was not the agenda but rather the new approach brought forward by President Obama and Secretary Napolitano. Combining government intelligence with airline operational expertise was the right way to go.

Trusting the shipper

In October 2010, there was another terrorist plot, this time using printer cartridges to get explosives aboard cargo carriers. Good information shared between different security agencies, notably those of the Saudi Arabians and the United States, stopped the incident in time—which shows how far aviation security had come since 9/11. But the plot was also an example of how vulnerable the air freight system is today.

Cargo is an important part of the air transport industry—it represents over $50 billion in revenue. Some 35% of total goods by value are shipped by air. Most of the high-tech components, microchips, automotive parts, TVs, medical components, medicines and high-class fashion are transported by air. Much of it is part of a “just-in-time” production and delivery model crucial to many businesses. If the system stops, the world stops. We experienced that during the Icelandic volcano eruption when many factories had to close due to the lack of spare parts.

The reason air cargo is so vulnerable is simple—there is no technology available today that can effectively scan a large cargo container. And it’s near impossible to unpack the container to scan single packages because the time and space that would require would gridlock the entire air freight system. It would probably cause some major delays for passenger flights too.

To mitigate the risk the shipper evaluates the origin of a shipment. Did it come from a trusted company, one that has sent shipments before and has declared all the required information? This is the basis of cargo security today. Given that we cannot scan entire containers and that we cannot afford to unpack them, it is the sensible way forward. IATA is playing a big role in ensuring the robustness and harmonization of so-called known shipper programs. The association’s e-freight program will be particularly important, doing away with an unreliable paper system and moving air cargo into the digital world. It started in 2009 and will need a couple of years yet to be fully implemented. It has taken longer than taking away the passenger ticket because it relies on freight forwarders to make the change rather than the airlines. But it will make a major difference to the entire cargo process, including cargo security.

Security costs

The United States’ confusion after 9/11 has influenced government policy on aviation security for the past decade. For the most part, governments have pursued policies that have had little regard for the costs they impose on travellers and that fail to deliver on appreciable risk reduction. By 2010, a real patchwork of regulations around the world was costing airlines $7.4 billion. Inevitably, these costs are reflected in the higher cost of travel for passengers and higher costs for shippers.

Security costs don’t stop there. The TSA alone spends around $5 billion manning walk-through metal detectors, overseeing baggage x-rays and conducting other screening activities. The National Aviation Studies Advisory Panel estimates that since 9/11 the TSA has spent $40 billion on screening passengers. And if these costs are extrapolated to airports worldwide, clearly vast amounts of money are being spent on a process that just seems to be getting worse in terms of the customer experience. Security queues are long and often intimidating. Throughput of passengers has dropped from an average of 335 passengers per hour prior to 9/11 to an average of 149 passengers per hour today. And every passenger is uniformly screened. Benjamin Franklin first said that time is money but he would have been shocked by exactly how much time and money has been wasted on aviation security.

The buffer time between arriving at an airport and getting on a flight has naturally been extended too. According to a survey by the Resources System Group, the number of passengers arriving at an airport two or three hours before departure rose from 20% to 40% in the three years following 9/11. The number of passengers arriving just one hour in advance fell from 20% to 10%. The survey also revealed passengers travelling on business class would be willing to pay $70 extra to reduce travel time by one hour while other, less time-sensitive passengers on leisure trips and visiting friends would pay up to $31. Another study by Robert Poole of RAND calculates that the additional time spent waiting at the airport in the United States due to security procedures has cost passengers about $8 billion a year in the past decade.

In the United States, the economic and social cost of the failure of security measures does not end with air transport. Researchers at Cornell University found evidence that after 9/11 some travellers switched from flying to driving. They found that over 1,200 road traffic fatalities could be attributed to the impact of 9/11. Of course, this cannot be directly attributed to the added inconvenience caused by security measures. But it can be attributed to a fear of terrorism; a fear that the immediate security reaction by US authorities did not allay. This illustrates the unintended consequences of the failure of security measures.

The hassle for the passenger and the cost for the industry cannot be tolerated any longer.

Tomorrow’s system today

Security has been improved since 9/11. But these improvements have come at a very high price, financially and in terms of the passenger experience. And the fact is that air traffic continues to grow. There is no way the security system in place today can cope with the needs of tomorrow. I would argue that the system is already failing. At thousands of airports around the world, passengers are being hassled, confused and intimidated. Should belts and shoes stay on, should the laptop come out of the bag? It is a one-size-fits-all approach.

Technology is an important part of the solution. We are not speaking about rocket science here, just improving the current system or speeding up some existing technologies. I believe that too many companies have got lazy in recent years and are not putting in the necessary effort to find new products. The existing products are selling well and selling for a premium. There is no need to put out version 2 when version1 is still a hot seller.

We need a security experience that is effective, efficient and convenient for countries, airlines and airport operators. IATA’s idea of searching for bad people and not just bad objects is predicated on the proactive use of intelligence data, combined with new technologies and harmonized throughout the world. I had been working on this concept for some time as it was clear that governments were not going to seek global solutions without IATA’s assistance.

The main problem I had was finding someone with the necessary skills to be the IATA Director of Security. The position requires someone with an aviation background to interface with his airline counterparts. But, post9/11, we also needed some added value. There needed to be experience in the security agency system and an understanding of future technological trends. Most of all, the person had to have the willpower to drive change.

The manager I inherited at IATA didn’t have the right profile. I looked around for his replacement but could not find anyone in the industry. So I extended my search to respected security agencies with recognized international experience. I appointed a former high-ranking officer of the Canadian Mounties, but he did not fit into the job. Aviation is like a club and if you have not been a part of it, it can be difficult to adapt, to understand the culture and gain the respect necessary to lead the 240 or so IATA member airlines.

I then appointed another important expert in security, this time with a background in intelligence in a major European country. He had also held a top job at one of the top European multinational companies. Again, however, the chemistry did not work. The role needed his technical knowledge, but when you’re dealing with governments at a very senior level, you also need great diplomatic and negotiating skills. There was an amicable parting of the ways and IATA certainly gained from the knowledge that this person brought to the IATA team.

I could not afford failure for a third time. I started looking internally and, as on many other occasions, the best placed person was indeed already working for IATA. I had hired Ken Dunlap in 2005 as Director of Security for North America. He later took on the global position. He had worked for United Airlines as a pilot and was then involved in security issues within his airline and with the House Foreign Affairs Committee. Ken has done a great job and will play a vital role in improving the security process for passengers and government in the years ahead.

Ken was instrumental in following up on Secretary Napolitano’s visit to Geneva in January 2010. During her visit, I told Secretary Napolitano that we needed to find a way to meet security requirements that doesn’t involve a horrible experience for the passenger. I followed up on this by visiting experts and exchanging views with manufacturers in the major technical areas. A visit to Israel was very useful in evaluating new technologies and the latest in behavioural analysis techniques.

I started working with Ken and initially we asked what the passenger wanted. Our answer was a process that was fast and uncomplicated; no undressing, searching pockets for keys and coins, putting miniature toiletries in a clear plastic bag and so on. Thinking about this, we recognized that a one-size-fits-all process was never going to achieve this goal. As it stood, the security checkpoint had to assume the worse of everybody. So we started wondering about how to differentiate between passengers. We needed to separate the frequent flyer with masses of personal information available with the passenger for whom there were no records and who had paid cash. It was the beginning of yet another “crazy Giovanni idea”.

Airlines had information available on their passengers but this wasn’t enough. We needed to integrate this with national security agencies and cross-profile with criminal records. We believed we had a good concept. The security process of the future needed to differentiate between passengers so that resources could be allocated efficiently. And this would mean working with all the information available, from airline frequent flyer schemes through to data held by security agencies.

From a passenger point of view, he or she will send all required information prior to the flight. If she is a member of a frequent flyer scheme, much of this information is already stored. Then, at the airport, she will approach the security area and present her documents to a machine or an officer. Her information will be processed and within seconds she would be directed to one of three lanes. All she will have to do then is walk through the lane, which would be less than ten metres long, and into the departure lounge. Technology will screen her as she walks along the lane, verifying identity and scanning for any unacceptable items. If she is directed toward the “higherrisk” lane then she would have to walk slower as the scanning took place. If there is still an issue there will be additional procedures and perhaps personal screening in a booth. The whole process will usually take less than a minute, and frankly, it is the only way aviation security will be able to handle more than 3 billion airline passengers a year. By 2030, we’re anticipating some 16 billion passengers a year. If we carry on treating everybody as high risk, which is what happens at the moment, then soon enough the security queues would trail out to the parking lot.

Coming up with the idea of a Checkpoint of the Future (CoF) was the easy part. The hard part was how to make this happen. We had taken some important steps before I retired. At my last AGM as Director General of IATA in Singapore, we had a display of the CoF concept and I had won several important acknowledgements that this was the way forward. The European Commission, the Chinese government, the US Department of Homeland Security, Interpol and a number of countries all expressed support for the CoF project.

How quickly we get to the CoF from here depends largely on the governments. To begin with, they must put pressure on manufacturers to come up with the technology necessary to screen a moving target. That means stopping the enormous sums of money governments are spending on current technology. Only when manufacturers’ healthy profit margins are threatened will they start serious work on producing a next generation of scanners. The basic technology is there so I’m confident we can solve the technical issues quickly.

I think the toughest part of the concept is getting governments to agree on the data needed to assess a passenger properly. What will make the US government feel safe enough to direct a passenger toward the low-risk lane? Governments around the world don’t necessarily have to harmonize. The CoF will present a menu of options so the authorities can choose the package that is right for them and for the airport. Even so, there does need to be mutual recognition of risk assessment systems and this will take a lot of talking and some skilful negotiations.

Checkpoint of the Future has adopted a three-phase strategy. By 2014, existing technologies and processes will be adjusted to pave the way for a risk-based concept. By 2017, biometric identification and known traveller programs should be mature enough for differentiation in passenger screening to become quite common. Finally, by 2020, unobtrusive screening—walking through a lane without stopping— should be a reality.

Getting security right is vital to the future sustainability of the industry. Passengers appreciate that flying is quick, relatively cheap compared with other modes of transportation and very, very safe. But the hassle at the security checkpoint means many people aren’t fond of flying. So improving security would have a real impact on the relationship between the passenger and the airline. While security is a problem, airlines will find it hard to win passenger support. But if aviation can solve this problem then it will regain a lot of credibility in the eyes of the public. This will go a long way to counteracting the negative policies of so many governments. This is in addition to the obvious operational efficiencies an improved security checkpoint would bring. So with one shot, aviation could achieve two great results.

At the 2012 Davos World Economic Forum, Secretary Napolitano, who is a strong supporter of the Checkpoint of the Future, said to the audience, “It’s time to take away the ‘Future’ and just call it ‘Checkpoint of Today’.” Coming from such a prominent member of the US government it points to a brilliant future for the CoF.

I also spoke at the 2012 Davos World Economic Forum. As Chairman of the Aviation, Travel and Tourism Council, I presented a new e-visa project that was also presented to the G20 Summit in Mexico. Imagine a future that did away not only with a very unpleasant security experience but also with all the paperwork involved in getting the right stamp in your passport even before you fly. What the travel experience needs to achieve is the subject of the last chapter.