TSA plans to double its use of whole-body scanners
Agency also likely to make scanning compulsory for all airline passengers, GAO says
Computerworld - A new report from the U.S. Government Accountability Office shows that the Transportation Security Administration plans to install more than double the number of whole-body scanners at U.S. airports than originally planned.
Instead of deploying 878 units by the end of 2014, the TSA now plans to install as many as 1,800 scanners -- or advanced imaging technologies -- at U.S. airports. Rather than using them as an optional, secondary screening measure, the TSA's revised strategy calls for increasing the use of the devices as a compulsory, primary screening measure "where feasible," the report said.
The TSA's revised plans stem from the failed Christmas Day bombing attempt of Northwest Flight 25. The new plans will cost the TSA an additional $2.4 billion in staffing alone, the GAO said. The report called on the TSA to do a complete cost-benefit analysis of the technology to determine an optimal deployment strategy.
"While GAO recognizes that TSA is attempting to address a vulnerability exposed by the December 2009 attempted attack, a cost-benefit analysis is important as it would help inform TSA's judgment," the report said.
The TSA did not immediately respond to a request for comment.
Whole-body scanners are designed to detect nonmetallic weapons and explosives concealed under a passenger's clothing, such as the explosive PETN powder that the accused would-be Christmas Day bomber, 23-year-old Nigerian Umar Abdul Mutallab, concealed in his underwear. The technology is being rolled out at 30 major U.S. airports, most recently at Boston's Logan International and Chicago's O'Hare.
Supporters of the scanners say the technology is vital to bolstering security at U.S. airports. Despite complaints by travelers subjected to whole-body scans, the technology appears to be supported by a majority of Americans. A USA Today Gallup poll taken in the aftermath of the failed bombing attempt indicated considerable support, with 78% of the respondents favoring the use of whole-body scanners if it improved airline security.
Privacy groups and others opposed to the technology, meanwhile, claim that use of the scanners amounts to a strip search of air travelers. Security analysts and even the GAO itself have called for a thorough review of the effectiveness of the technology in day-to-day airport security operations.
Last week's GAO report (download PDF) is the agency's third in the last six months to touch on whole-body scanners. Like the previous reports, this one also raised questions about the effectiveness of the technology and whether a body scanner would have been able to thwart the Christmas Day bomber. The report also said the GAO is reviewing the results of operational tests of the scanners conducted by the TSA, to get a better understanding of the technology's effectiveness.
The GAO noted that the TSA has made an estimate of the life-cycle costs associated with the use of whole-body scanners but has so far not conducted a cost-benefit analysis of using the technology compared with other means, such as pat-downs, metal detectors or other practices. The TSA's revised plans to deploy 1,800 scanners represents a twofold increase from previous plans, the report said. For fiscal 2011, the TSA has requested 3,550 additional full-time employees to operate the machines at a cost of nearly $220 million. From 2012 to 2104, the agency will likely need additional staff to operate the devices, each of which costs $170,000 and requires three full-time employees to run it.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.
Read more about Security in Computerworld's Security Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts