By Kathryn Watson
TSA officials are “abusing” their authority by covering up information technology (IT) security gaps at airports, according to a blistering new Department of Homeland Security (DHS) Office of Inspector General (IG) report.
DHS Inspector General John Roth blasted TSA officials in unusually harsh language for demanding the IG inconsistently redact information about the TSA’s security practices in part because agency officials refused to maintain airport security cameras because they believe that isn’t TSA’s responsibility.
The TSA is responsible on a daily basis for 1.8 million commercial airline passengers’ safety at 440 federally regulated airports, the IG said.
“I can only conclude that TSA is abusing its stewardship of the Sensitive Security Information (SSI) program,” Roth wrote in a letter attached to the report. Roth’s SSI reference was to information that is unclassified but potentially damaging to transportation security if made public.
“None of these redactions will make us safer and simply highlight the inconsistent and arbitrary nature of decisions that TSA makes regarding SSI information. This episode is more evidence that TSA cannot be trusted to administer the program in a reasonable manner,” Roth said.
The TSA, for example, asked the IG to redact information on TSA’s fire protection systems in airport server rooms, but the IG had already published that information in a previous report without objections from TSA. Those and other issues were largely resolved, but TSA increased secrecy about them, the IG said.
The IG granted TSA’s request to redact some information to meet “timeliness requirements” for issuing the report, but highlighted all the instances in which TSA demanded redactions of phrases or findings that were cited elsewhere in the report, or cited in previous reports.
“Inconsistently and inappropriately marking information in our reports as SSI impedes our ability to issue reports to the public that are transparent without unduly restricting information, which is key to accomplishing our mission and required under the Inspector General Act,” Roth wrote.
“In order to meet our timeliness requirements, we are publishing this report with the redactions as requested. However, this letter serves as our formal direct appeal to the administrator of TSA to remove the above-listed redactions,” Roth said.
The TSA, led by Administrator Peter Neffenger, hasn’t resolved two recommendations the IG made earlier this year — using a data management system that connects airport screening equipment to servers, and taking responsibility for maintaining closed-circuit televisions and cameras at airports.
TSA officials claim it will take more time and money to create such a data management system.
TSA also “disagrees that closed-circuit televisions, including cameras, at airports constitute IT equipment and that TSA is responsible for maintaining them,” the report said.
The TSA did resolve other issues the IG identified in a previous report, including performing monthly vulnerability scans of servers.
The IG made two additional recommendations in the latest report — that TSA has backup data communications capabilities in case of circuit outages, and creates a plan for reviewing security controls on a regular basis nationwide. The agency agreed with those recommendations.
Congress created the TSA under former President George W. Bush in November 2001 in response to the terrorism attacks on Sept. 11, 2001, but the IG has uncovered the agency’s systemic security failures ever since. (RELATED: America’s Security Problems Start With The TSA, But Certainly Don’t End There)
Undercover IG agents were able to sneak fake weapons and explosives past agents and security systems in 67 of 70 attempts — a 96 percent failure rate — during the summer of 2015.
There is also little accountability for TSA officials, who are as likely to die on the job as to be fired.