Fixing Airport Security

Brief Analyses | Government

No. 376
Thursday, October 11, 2001
by by Robert W. Poole, Jr. and Viggo Butler

The terrorist attacks on the Pentagon and the World Trade Center have emphasized that the present U.S. airport security system is not adequate to the task.

Problem: Screening Passengers vs. Access Control.

While all parts of the system need improving, the biggest hole concerns access to "secure" areas behind the scenes, not the flow of passengers through metal detectors at screening points. The new passenger-focused regulations (banning remote bag check-in, keeping cars away from terminals, restricting the use of e-tickets) would have done nothing to stop the terrorists and will do little more than add to already long delays at airports.

Instead of imposing such new burdens on passengers, a better approach is to make use of improved technology, such as:

  • More-sophisticated luggage-screening devices, used on every single bag;
  • New people-scanners that can detect even ceramic knives under people's clothes;
  • Biometric systems for access control to secure areas at airports, to ensure that only those individuals authorized to go there can actually do so.

Problem: Fragmentation of the Security System.

The most fundamental problem with airport security is its fragmentation. Security today is the joint responsibility of the Federal Aviation Administration, airport operators and airlines. The airlines handle the security-screening checkpoints for passengers, hiring contractors that often pay minimum wage for what are inherently boring and repetitive jobs. Turnover in those positions is typically well above 100 percent per year.

Additionally, control of access to secure areas is shot through with loopholes. Everybody is responsible for airport security - which means nobody is really in charge. In response, some have called for creating a federal security service to take over passenger screening and possibly some other functions. But merely changing the uniforms will not change either the nature of the work or the incentives to cut corners in the name of everyday convenience. (In fact, most federal security is also provided by relatively low-wage contract personnel.) What's needed is a single point of responsibility at each airport, held accountable for every aspect of security. That responsible and accountable party should be the airport owner/operator.

The European Approach.

We already can see how much better this model works, because it's already done this way in Europe. London's airports, especially Heathrow, have long been extremely sensitive to the terrorist threat. And security there is first-rate. Airport owner/operator BAA employs all the passenger screening people itself, and pays them decent wages. Turnover, not surprisingly, is but a fraction of what is typical of U.S. airports. Some of these employees eventually move up to other positions within the company. At the London airports, every single bag is X-rayed (which has never been done for domestic flights in this country), and there is positive matching of bags with passengers (again, unheard-of in this country). London typifies a large-scale trend in Europe toward a more professional model of airport management.

In Europe today, an airport is seen as a business: an enterprise run by qualified (and highly paid) professionals, serving a number of different customers, and expected to make a profit (and pay taxes!) by doing so.

"In Europe, security is the responsibility of the airport."

A growing number have been shifted into private ownership over the past decade. Since Margaret Thatcher converted the former British Airports Authority into the publicly traded BAA in 1987, a total of 17 U.K. airports have shifted into the private sector. On the continent, privatized airports include Athens, Copenhagen, Dusseldorf, Frankfurt, Hamburg, Naples, Rome, Turin, Vienna and Zurich, with Amsterdam and Berlin soon to follow. In each case, the corporate model has led to more professional management and increased resources for meeting numerous customer needs - including security.

The U.S. Approach.

By contrast, the United States is still stuck with the old model: the airport as a no-frills place to get people on and off planes, at the lowest possible cost. Run by civil servants, it is not expected to take (entrepreneurial) risks, or to take major responsibilities, or seek profit, but simply to do what is expected of it by the airlines and the FAA. Although there are dedicated professionals running some U.S. airports, all too often we have positions filled by political appointees like the former governor of Massachusetts' driver (who was the chief of airport security at Boston's Logan Airport, where two of the doomed flights originated).

Airports as Businesses.

One way to improve U.S. airport security is to shift airport management to the emerging global corporate model. An airport becomes a major business enterprise, run by world-class professionals who take on the full responsibilities of ownership, including a serious pro-active commitment to security. This does not mean that all major airports would be sold or leased to private companies. Many of the European airports now being privatized (e.g., Amsterdam and Frankfurt) have been run for years as government corporations, with one or more units of government as their shareholders. The important thing is that they were run as real businesses: controlling their assets, taking entrepreneurial risks, making profits and paying taxes. It would not be that difficult to "corporatize" U.S. airports, and then allow their state or municipal shareholders, over time, to decide whether or not to sell shares to the public or to sell a significant stake to one of the global airport companies.

Changes to Make Now.

Until that kind of institutional change comes about, we can still take immediate measures to provide much stronger incentives for security accountability. Instead of trying to micromanage security procedures from Washington, the FAA should set forth stringent outcome-based requirements, and make each airport operator solely responsible for compliance. (That would relieve the airlines from the unwanted duty of running passenger screening and farming it out to the lowest bidder.) The FAA should carry out far more frequent security tests, on a random basis. Airports that flunk should face hugely increased financial penalties, and even the threat of shut-down. If the FAA can yank the operating certificate of an airline that doesn't measure up on safety compliance, why not hold airports accountable in the same way?

Airports now run by political appointees who are not really qualified to cope with such levels of responsibility would have newly powerful incentives to make changes. They could either hire managers and staff with much greater qualifications or they could hire one of the global airport firms to manage the airport for them. Either way, responsibility and accountability for airport security would be where it belongs: with those who own and operate the airport.

Unlike an expanded sky marshals program, which is clearly a law enforcement function and is properly provided and paid for by the federal government, providing a secure airport environment is one of the responsibilities of owning and operating a large commercial property. Shopping malls and office parks are responsible for the security of their premises, building the cost into their rents. They interface with local law-enforcement personnel as needed, depending on the level of interaction needed. Airport security is no different in principle. It is the responsibility of the airport owner/operator, with suitable interfacing with local police (as is already the case at most airports).

The costs of improved airport security will be different at every airport, depending on how much space redesign is needed, the amount of new technology that must be added (versus what is already in place at better-run airports), etc. Thus, it is appropriate that the users of each airport bear those costs, either indirectly (via higher rent payments by the airlines using the airport) or in the form of an additional passenger facility charge to be added to their ticket price.

The United States has an airport security problem for two reasons. First, none of us realized the degree of threat posed by 21st-century terrorism, so we did not make security a high enough priority. But in addition, we have less airport security than in Europe because we're still using an obsolescent model of airport management. "Federalizing" airport security is not the answer. Dramatically increasing accountability of airport owner/operators is a far better approach. It works in Europe, and it can work here as well.

Robert Poole is Director of Transportation Studies at the Reason Public Policy Institute. Viggo Butler, the retired CEO of Lockheed Air Terminal, recently served on the FAA's Research, Engineering & Development Advisory Committee and chaired its security subcommittee. This Brief Analysis is adapted from the Reason Public Policy Institute's Rapid Response #106 with permission.

Read Article as PDF