Jan 20 2017

Inspector General: TSA uses secrecy to avoid embarrassment

A report on the security of TSA operational IT and communications systems released last month by the DHS Office of the Inspector General (OIG) is prefaced with a scathing critique of the redactions demanded by the TSA in the censored public version of the report.

The OIG report found a pervasive lack of basic security measures and consciousness at TSA airport facilities: doors propped open or with locks taped off, unmonitored entrances, lack of logs of physical access to communication nodes and servers, lack of redundancy, etc.

But the TSA tried to keep the OIG from reporting on even those problems that at already been publicly reported, after TSA review and permission, in earlier OIG reports or other pages of the same report. The real point of the TSA’s censorship is not security but avoidance of public and Congressional debate and oversight.

Here’s what the DHS’s own internal auditor reported:

I must lodge an objection regarding the way that TSA has handled information in the report it considered Sensitive Security Information (SSI). Specifically, we issued the draft report, Summary Report on Audits of Security Controls for TSA Information Technology Systems at Airports, to the Department on September 16, 2016.

[W]e asked for agency comments, including a sensitivity review, within 30 days of receipt of the draft. On October 7, 2016, the Chief of the SSI Program provided the results of its sensitivity review, marking as SSI various passages in the report. The redactions are unjustifiable and redact information that had been publicly disclosed in previous Office of Inspector General (OIG) reports. I am challenging TSA’s proposed redactions to our summary report….

I can only conclude that TSA is abusing its stewardship of the SSI program. None of these redactions will make us safer and simply highlight the inconsistent and arbitrary nature of decisions that TSA makes regarding SSI information. This episode is more evidence that TSA cannot be trusted to administer the program in a reasonable manner.

This problem is well-documented. In addition to my previous objection to the handling of one of our reports, the House Committee on Oversight and Government Reform in 2014 issued a bipartisan staff report finding that TSA had engaged in a pattern of improperly designating certain information as SSI in order to avoid its public release because of agency embarrassment and hostility to Congressional oversight.

As recently as a hearing held this summer, Chairman Katko of the Committee on Homeland Security, Subcommittee on Transportation Security, stated that the improper invocation of SSI “raised the specter that we’ve heard again and again about TSA conveniently using the security classifications to avoid having public discussions about certain things that may be unpleasant for them to discuss in public.”

In response to a request from House Homeland Security Committee Chairman McCaul, Transportation Security Subcommittee Chairman Katko, and Oversight and Management Efficiency Subcommittee Chairman Perry, the OIG has initiated a review of TSA’s management and use of the SSI designation. We expect to issue our final report in the summer of 2017.

Inconsistently and inappropriately marking information in our reports as SSI impedes our ability to issue reports to the public that are transparent without unduly restricting information, which is key to accomplishing our mission and required under the Inspector General Act . In order to meet our timeliness requirements, we are publishing this report with the redactions as requested. However, this letter serves as our formal direct appeal to the Administrator of TSA to remove the above-listed redactions….

4 thoughts on “Inspector General: TSA uses secrecy to avoid embarrassment

  1. Pingback: Which Airline President Declared War on the Nation's Elites? And Another Measure of Airline Revenue - View from the Wing

  2. Not only is this conduct apalling, it may be criminal. Giving false statements to federal investigators, cl assifying information to avoid embarrassment and obstruction of justice are but a few of the charges which come to mind.
    This definitely requires further investigation and, likely, disciplinary action if not criminal charges.

  3. The time, effort and money do not match the security risk. We as Americans do not deserve to be treated like criminals. We have some of the brightest minds who I am certain can install a much better system of screening that does not include having our bodies groped and scanned. Just because you stand in line to board a plane does not mean you consent to groping and scanning. We need intelligence based protection not being groped by some unknown TSA worker. The security screening in place is one of the dumbest systems I have ever seen. The government has no right to grope us. By the way what terrorist has the TSA ever caught or stopped?

  4. Testimony of DHS Inspector General John Roth Before the Committee on Oversight and Government Reform, U.S. House of Representatives, “Transparency at TSA” (March 2, 2017):

    https://www.oig.dhs.gov/assets/TM/2017/OIGtm-JR-030217.pdf

    TSA has a history of taking an aggressive approach to applying redactions, particularly with respect to a category of information known as Sensitive Security Information, commonly known by its acronym, SSI. This problem is well-documented….

    Entities outside the OIG have made similar findings, and I believe that the problem is deeply rooted and systemic…. And in 2016, the House Committee on Homeland Security, Subcommittee on Transportation Security, objected to TSA’s management and use of the SSI designation, noting that the improper invocation of SSI “raised the specter that we’ve heard again and again about TSA conveniently using the security classifications to avoid having public discussions about certain things that may be unpleasant for them to discuss in public.”

    TSA’s misapplication of the SSI designation can have far-reaching consequences….

    These examples raise serious concerns about whether TSA can be trusted to make reasonable, appropriate, and consistent SSI designations…. We often find ourselves questioning TSA’s purported SSI redactions….

    TSA’s refusal to remove unsupportable SSI designations — including designations pertaining to previously published information — raises serious questions about its stewardship of the SSI program. None of these redactions will make us safer, and they serve to highlight the inconsistent and often arbitrary nature of TSA’s SSI designations….

    Under DHS policy, any authorized holder of SSI who believes an SSI designation is improper or erroneous is encouraged to challenge the marking…. This appeals process is structured to ratify TSA’s SSI designations and prevent review of such designations by independent, external entities. The appeals process is foreordained and fails to properly balance the public’s right to information against non-speculative threats to aviation security, and it is vulnerable to abuse.

    OIG Upcoming Work

    We are currently in the fieldwork stage of a comprehensive review of TSA’s management of its SSI program and its use of the SSI designation. . We expect to issue a final report by July 2017 and will provide a copy of the report to this Committee when it is published.

Leave a Reply

Your email address will not be published. Required fields are marked *