The Transportation Security Administration (TSA) is under fire for accidentally releasing a confidential manual detailing security procedures used at airport screening points across the nation. Portions of the manual were redacted (covered with black boxes), but whoever redacted these statements did so simply by pasting black boxes over the sensitive passages, rather than removing the sensitive text. The black boxes were easily removed, thus revealing the text beneath.
Needless to say, the manual, titled "Screening Management: Standard Operating Procedures" should now be changed to "Screening Circumvention: How Not to Get Caught," because the document includes all sorts of interesting details that would help someone slip through security. Such as:
- A list of the nations whose passports automatically trigger additional screening.
- A list of the credentials (with detailed images) one must present to be exempted from screening.
- The code TSA uses to designate travelers selected for additional screening.
- A detailed description of "diplomatic pouches" that are exempt from screening.
- And perhaps most importantly, that screeners may cut down on the use of ultraviolet document scanners during peak times, making it easier for forgeries to sneak through.
The TSA is conducting a full review of the leak, saying in a release that it "takes this matter very seriously and took swift action when this was discovered. A full review is now underway. TSA has many layers of security to keep the traveling public safe and to constantly adapt to evolving threats. TSA has appropriate measures in place to effectively screen passengers at airport security checkpoints nationwide."
On its blog, the TSA says the document leaked was "outdated" and claims "there have been six newer versions of the document since this version was drafted." But it's not clear how drastically different those versions are or whether or not the more sensitive portions of the leaked version have changed.
Oh my, where to begin? Never mind the sensitive material now available to the entire world—the mere fact that the TSA would A) do such a laughable job of redacting text and B) release that poorly redacted document doesn't inspire confidence in an agency charged with far graver tasks. The fact that the TSA allowed this to happen suggests an agency bereft of adequate oversight.
But the clear cause for concern here are the details themselves, the various tricks and loopholes one could exploit to get through security. One imagines these will have to be addressed, lest the system remain vulnerable to someone with the time and inclination to forge a TSA-approved passport or set of credentials.
And in the meantime, the TSA might be better off owning up to its mistakes instead of relying on shopworn clichés such as "layers of security." Obviously there weren't enough layers of security in this case, and it would be reassuring if the TSA very plainly stated it would—or better yet, already has—replace the leaked procedures with new ones.
Instead, we're left wondering what else the agency is screwing up.