An unidentified man breached airport security at Newark Airport on Sunday, walking into the secured area through the exit, prompting an evacuation of a terminal and flight delays that continued into the next day. This problem isn’t common, but it happens regularly. The result is always the same, and it’s not obvious that fixing the problem is the right solution.
This kind of security breach is inevitable, simply because human guards are not perfect. Sometimes it’s someone going in through the out door, unnoticed by a bored guard. Sometimes it’s someone running through the checkpoint and getting lost in the crowd. Sometimes it’s an open door that should be locked. Amazing as it seems to frequent fliers, the perpetrator often doesn’t even know he did anything wrong.
Basically, whenever there is — or could be — an unscreened person lost within the secure area of an airport, there are two things the TSA can do. They can say, “This isn’t a big deal,” and ignore it. Or they can evacuate everyone inside the secure area, search every nook and cranny — inside the large boxes of napkins at the fast food restaurant, above the false ceilings in the bathrooms, everywhere — looking for anyone hiding, and then rescreen everybody, causing delays of six, eight, twelve hours or more. That’s it; those are his options. And there’s no way he’s choosing to ignore the risk; even if the odds are minuscule that it’s a problem, it’ll cost him his career if he’s wrong.
Several European airports have their security screening organized differently. At Schipol Airport in Amsterdam, for example, passengers are screened at the gates. This is more expensive and requires a substantially different airport design, but it does mean that if there is a problem only the one gate has to be evacuated and searched and the people rescreened.
American airports can do more to secure against this risk, but I’m reasonably sure it’s not worth it. We could double the guards to reduce the risk of inattentiveness, and redesign the airports to make this kind of thing less likely, but that’s an expensive solution to an already rare problem. As much as I don’t like saying it, the smartest thing is probably to live with this occasional but major inconvenience.
Bruce Schneier is an internationally renowned security technologist and author.