The post-9/11 flight security changes you don’t see
A shift in attitude towards handling hijackings is just one of the many complex and often controversial changes instituted over the past 20 years.
Before 19 terrorists could hijack the four aircraft used in the 9/11 attacks, they had to pass through airport security in Maine, Massachusetts, New Jersey, and Virginia. While some of them were flagged for screening by a security system known as CAPPS, or even hand-wanded after triggering metal detectors in Dulles airport, they nonetheless made it onboard the Boeing aircraft.
“By 8 a.m. on the morning of Tuesday, September 11, 2001, they had defeated all the security layers that America’s civil aviation system then had in place to prevent a hijacking,” the authors of The 9/11 Commission Report, which the government published in 2004, summarize in the volume’s first chapter.
The attacks may be far in the rearview mirror, but Bruce Hoffman, a senior fellow for counterterrorism and homeland security with the Council on Foreign Relations, argues that the threat to commercial aviation from terrorism is resurgent. “It’s back, and I’m terrified by it,” he says. He cites a “remarkably successful run” in increased security measures and a corresponding lack of successful attacks between 2004 and 2015, but says this ended with the bombing of a Russian charter flight out of the Sinai Peninsula six years ago, which killed 224 people.
“Until that attack, we had believed that we had strengthened aviation security to such an extent that it was a deterrent,” he says. He also cites a bomb on board a flight out of Mogadishu, Somalia, in February of 2016, which exploded, although the aircraft did not crash. “It’s worrisome that in recent years, terrorists—after a remarkably long lull—have once again, I think undisputedly, set their sights on commercial aviation.”
TSA-staffed security checkpoints designed to help prevent another attack have evolved to look quite different in the two decades since September 11, with passengers growing used to, though no less irritated by, routines such as removing shoes and leaving liquids behind.
But some of the more fascinating changes to airline security that sprang out of the tragedy of 9/11 are invisible to passengers. They include a drastic shift in philosophy toward how a flight crew would handle a hijacking, as well as a physical manifestation of that shift in the form of reinforced cockpit doors. Other changes are less straightforward and more controversial. Here’s how airline security has actually evolved since that day 20 years ago.
An attitude shift among the flight crew
Experts cite a dramatic change in how pilots would respond to a hijacking today. Before 9/11, the standard was to cooperate to some extent—take the hijackers where they wanted to go, for example, while trying to ensure aircraft and passenger safety—but after the attacks, the new priority was to keep would-be terrorists out of the flight deck at all costs.
That represents a major shift, says Brian Michael Jenkins, a senior advisor to the president of the RAND Corporation, and a terrorism and transportation security expert whose work in the field dates back to the early 1970s. Before 9/11, “safety was the principal concern,” he says. “The issue was compliance—don’t do anything to escalate the situation, to endanger the passengers—fly to wherever they want to fly, get the plane on the ground, and then we’ll try to sort it out.”
But 9/11, he notes, taught pilots that compliance can actually make a situation exponentially more deadly.
[Related: The stealth helicopters used in the 2011 raid on Osama bin Laden are still cloaked in mystery]
Reinforced cockpit doors are a physical example of that new philosophy. The FAA publicly called for airlines to install them in January of 2002. The barriers, according to an FAA press release about the mandate, are intended to shelter the flight deck “from intrusion and small arms fire or fragmentation devices, such as grenades.” The same directive from the FAA also tasked the airlines with improving the locks on those doors, “so that it can only be unlocked from inside the cockpit.”
Flight deck doors had locks before 9/11, but members of the cabin crew generally had keys. Now, the locking system is designed such that pilots can maintain total control over who comes inside.
“The manufacturers—Boeing, Airbus, Embraer, Bombardier—they were pretty quick to come up with designs that would meet the federal standards,” says John Cox, a retired commercial pilot whose aviation career spanned 1980 to 2005. “It was an industry-wide cooperation.” The FAA estimated the cost of each door to be around $15,000 at the time, with more expenses down the line in the form of increased fuel due to added weight.
Ultimately, the attitude shift after 9/11 was a brutal but necessary one. In a pre-9/11 hijacking, there was a route in which you could cooperate and protect passengers, Cox says. “After 9/11, the goal was protecting society as a whole, even if it meant that there was danger to the passengers—it was a horrible position to be in, but you could no longer give any thought of allowing control of the airplane to be passed away from the flight crew.”
Passenger attitudes and intelligence changes
Those armored doors are not the only subtle shifts to the flying experience. Jenkins, of the RAND Corporation, says that like members of the flight crew, passengers have also adopted a different mindset. “We know that on 9/11, the passengers on the last flight figured out what was going on, and they fought back,” Jenkins says. “It reflects an attitude that prevails today.” In a modern hijacking, he says, he suspects an instigator would face a very real risk of physical violence from “terrified passengers.”
Jenkins has seen other shifts, too. “One of the things that has improved enormously since 9/11—that people don’t see at all—is intelligence,” he says. “There is, post-9/11, unprecedented cooperation among the intelligence services and law enforcement organizations of the world.”
In the US, centralized hubs exist in the form of the National Counterterrorism Center as well as a database it runs called the Terrorist Identities Datamart Environment, or TIDE. Information from TIDE feeds into the FBI’s Terrorist Screening Center and its master watchlist, the Terrorist Screening Database.
But while the system may be more unified and efficient than in the pre-9/11 era, it’s punishing to those swept up in it, says Hugh Handeyside, a senior staff attorney with the American Civil Liberties Union’s (ACLU) national security project. He notes via email: “The federal government’s watchlisting system is massive and deeply unfair. It lacks even basic due process protections, and it overwhelmingly targets Muslims, members of immigrant communities, and people of color.”
Should the TSA notice how you swallow?
The most visible layer of aviation security for passengers, of course, involves the people and machines at TSA-run security checkpoints. The Government Accountability Office, or GAO, researches that agency, and has both praise and concern for how it’s doing. One of the tasks that it’s executed well, according to the GAO, is passenger vetting.
The TSA has done a good job at conducting a program called Secure Flight, says Tina Won Sherman, a director with the GAO’s homeland security and justice team; that involves getting passenger information from the airlines and matching it against the watchlist. Before this TSA-run program, the airlines themselves received information from the government and used it to match against their own manifest lists.
Then there are the weaknesses, which include the actual equipment that the TSA uses to screen passengers, bags, and cargo. The GAO is concerned about the maintenance of that tech: If it worked well when it was first installed years ago, has it been checked to ensure that it’s still sensitive to the right levels? Sherman says that with equipment designed to spot explosives, for example, that “TSA really hasn’t gone back and taken a look” to see if devices still function with the correct sensitivity. She cites the “degraded performances of those technologies.” Two GAO reports, one from 2019 and the other from this year, on cargo, describe the issues in more detail. Other problems have been well-documented.
Then there’s the bizarre, problematic arena of behavior analysis—the idea of looking at how someone acts to try to divine if they are a threat or not. When the GAO reviewed the evidence the TSA had underpinning its rationale for focusing on certain behavioral cues, it found that 98 percent of the sources supposedly validating those behaviors did not hold up—the source may have just been something as flimsy as a news or opinion article. All told, according to a 2017 report, the “GAO found that 3 of the 178 total sources cited could be used as valid evidence to support 8 of the 36 behavioral indicators in TSA’s revised list.”
As for what any of those behavioral indicators might be, the two examples the GAO is able to give are strange. According to the report, the TSA has considered “the way an individual swallows or the degree to which an individual’s eyes are open.” (The GAO has not released information on whether these two tells are supported by solid evidence, or have been debunked.)
Sherman says that while the TSA used to have officers whose main job it was to monitor passenger behavior, those specific positions are gone. They have now simply trained rank-and-file Transportation Security Officers in behavior detection, she says.
“We still continue to raise concerns about the behavior detection activities that TSA is conducting, both in terms of how they’re monitoring it in real time, and the extent to which it is continuing to contribute—if at all—to passenger discrimination,” Sherman says. After all, relying on unscientific factors as a reason to flag someone going through security can pave the way for an officer to make decisions based on their own bias, perhaps ignoring the sweaty palms they see on a white person and then using them as a reason to stop a person of color. It might also lead to undo harassment of individuals who are anxious and distraught at the TSA checkpoint, not because they have nefarious plans, but because they are accustomed to being questioned and receiving extra screening due to their ethnic background or religious attire.
Handeyside, of the ACLU, is highly critical of the behavior analysis program. He says: “It is no more valid for the TSA to use behavior detection techniques today than it was when experts, members of Congress, and government auditors roundly criticized their use five or ten years ago. The techniques are arbitrary and unscientific, and they create an unacceptable risk of racial and religious profiling.”
In an emailed statement to PopSci, a TSA spokesperson said: “For security reasons, TSA cannot outline the specific behaviors that officers trained in Behavior Detection look for; however, it is important to note that no single behavior will result in a behavior detection referral or call to law enforcement.” They added: “Behavior detection uses objective measures to identify those who may pose a threat to transportation security. Race, ethnicity or religion are not considered as factors in behavior detection activities.”
Aviation security plays a different role now
Ultimately, a bigger idea captures the way that the country now sees the role of aviation security, reflects Jenkins, of the RAND Corp. Before 9/11, he says it was taken much less seriously than it should have been and even faced resistance from the airlines; it was seen as a corporate issue. Of course, that changed.
“The federal government took it over, and mandated a number of additional measures,” he says. “But I think beyond the regulatory changes that took place post-9/11, it was really an attitude change that aviation security is a component of national security.”