Aviation Security-Related Findings and Recommendations of the 9/11 Commission

CRS Report for Congress
Aviation Security-Related
Findings and Recommendations
of the 9/11 Commission
Updated March 30, 2005
Bart Elias
Specialist in Aviation Safety, Security, and Technology
Resources, Science, and Industry Division

Congressional Research Service ˜ The Library of Congress

Aviation Security-Related Findings and
Recommendations of the 9/11 Commission
Summary
The 9/11 Commission found that al Qaeda operatives exploited known
weaknesses in U.S. aviation security to carry out the terrorist attacks of September
11, 2001. While legislation and administration actions after September 11, 2001
were implemented to strengthen aviation security, the 9/11 Commission concluded
that several weaknesses continue to exist. These include perceived vulnerabilities in
cargo and general aviation security as well as inadequate screening and access
controls at airports.
The 9/11 Commission issued several recommendations designed to strengthen
aviation security by: enhancing passenger pre-screening; improving measures to
detect explosives on passengers; addressing human factors issues at screening
checkpoints; expediting deployment of in-line baggage screening systems;
intensifying efforts to identify, track, and screen potentially dangerous cargo; and
deploying hardened cargo containers on passenger aircraft. In addition to these
specific recommendations, an overarching recommendation for transportation
security policy asserts that priorities should be set based on risk, and the most
practical and cost effective deterrents should be implemented assigning appropriate
roles and missions to federal, state, and local authorities, as well as private
stakeholders.
In response to the 9/11 Commission’s recommendations, the National
Intelligence Reform Act of 2004 (P.L. 108-458; 118 Stat. 3638) was enacted on
December 17, 2004. The act contains numerous aviation security provisions, many
of which address 9/11 Commission recommendations related to aviation safety.
These provisions build upon prior aviation security-related provisions, contained in
Vision 100 - the Century of Aviation Reathorization Act (P.L. 108-176; 117 Stat.
2490) that was enacted a year earlier on December 12, 2003, addressing many of the
concerns expressed by the 9/11 Commission.
This report will not be updated.

Contents
Exploited Weaknesses in Aviation Security.............................1
Legislative Actions Following the 9/11 Attacks..........................2
Recommendations of the 9/11 Commission.............................3
Enhancing Passenger Pre-Screening...............................4
Improving Measures to Detect Explosives on Passengers ..............5
Addressing Human Factors Issues at Screening Checkpoints ...........6
Expediting Deployment of In-Line Baggage Screening Systems ........7
Intensifying Efforts to Identify, Screen, and Track Cargo...............8
Deploying Hardened Cargo Containers ............................9
Risk-Based Prioritization as the Basis for Transportation Security Policy.10
Strategic Plan for Aviation Security..........................10
Cooperation and Integration.................................10
Congressional Actions in Response to the 9/11 Commission
Recommendations ............................................11
Vision 100 — Century of Aviation Reauthorization Act..............11
The National Intelligence Reform Act of 2004......................13
Possible Continuing Policy Concerns for Congress..................16

Aviation Security-Related Findings and
Recommendations of the 9/11 Commission
The Intelligence Authorization Act for FY2003 (P.L. 107-306; 116 Stat. 2383)
established the National Commission on Terrorists Attacks Upon the United States
(the 9/11 Commission). The bipartisan 9/11 Commission was charged with the
responsibilities of examining and reporting on the facts and causes of the September
11, 2001 terrorist attacks and presenting its findings, conclusions, and
recommendations for corrective measures to prevent future acts of terrorism to the
President and the Congress. The 9/11 Commission concluded its investigation and
released its final report on July 22, 2004. This CRS report discusses the 9/11
Commission’s findings and recommendations pertaining to aviation security.
Exploited Weaknesses in Aviation Security
The National Commission on Terrorists Attacks Upon the United States (the
9/11 Commission) found that al Qaeda terrorists exploited weaknesses in the aviation
security system to carry out the attacks of September 11, 2001. Weaknesses in
aviation security exploited by the 9/11 terrorists included
^!A pre-screening process that focused on detecting potential aircraft
bombers and not potential hijackers;
^!Lax checkpoint screening and permissive rules regarding small
knives;
^!A lack of in-flight security measures such as air marshals and
reinforced cockpit doors;
^!An industry-wide strategy of complying with hijackers in a non-
confrontational manner; and
^!A lack of protocols and capabilities for executing a coordinated
Federal Aviation Administration (FAA) and military response to
multiple hijackings and suicidal hijackers.
The 9/11 Commission found that underlying these specific weaknesses and
vulnerabilities in the aviation system was what they termed a failure of imagination
among senior policymakers and agencies responsible for intelligence, national
defense, and aviation security. The 9/11 Commission concluded that while suicide
hijackings were by no means a far-fetched possibility given al Qaeda’s past methods
and motives, “... these scenarios were slow to work their way into the thinking of¹
aviation security experts.” While some agencies were concerned about hijackings

¹ National Commission on Terrorist Attacks Upon the United States. The 9/11 Commission
(continued...)

and had speculated about various hijack scenarios, there were no specific
constructive actions taken to defend against these possible threats prior to September
11, 2001. Furthermore, the likelihood of a suicide hijacking scenario was greatly
underestimated. The 9/11 Commission also concluded that, before September 11,
2001, congressional oversight of aviation security was lacking while Congress
focused its aviation oversight activities on airport congestion and passenger service.
Regarding Congress’s aviation related activities prior to September 11, 2001, The
9/11 Commission wrote: “Heeding calls for improved air service, Congress
concentrated its efforts on a ‘passenger bill of rights’ to improve capacity, efficiency,
and customer satisfaction in the aviation system. There was no focus on terrorism.”²
Legislative Actions Following the 9/11 Attacks
In the aftermath of September 11, 2001, Congress moved quickly to pass the
Aviation and Transportation Security Act (ATSA, P.L. 107-71; 115 Stat. 597).
Designed to correct weaknesses in aviation security exploited by the 9/11 hijackers
as well as other potential vulnerabilities in transportation systems, ATSA established
the Transportation Security Administration (TSA) as a new organization within the
Department of Transportation responsible for security matters in all modes of
transportation. Highlights of ATSA included
^!Establishing a federal security screener workforce under TSA at
airports;
^!Requiring explosive detection screening of all checked bags;
^!Deploying air marshals on all high risk flights; and
^!Hardening cockpit doors.
ATSA also gave the TSA broad authority to assess threats to security in all
transportation modes, primarily focusing on aviation, and implement appropriate
security measures. In this regard, ATSA was seen as a comprehensive legislative
vehicle for addressing transportation security with a specific emphasis on aviation
security.
The following year, the Homeland Security Act of 2002 (P.L. 107-296; 116 Stat.
2135) established the Department of Homeland Security (DHS) and placed the TSA
within this new department. The act also authorized the arming of airline pilots as
an additional measure to protect aircraft against terrorist hijackers. Additional
aviation security measures were included in the most recent FAA reauthorization act,
Vision 100 - Century of Aviation Reauthorization Act (P.L. 108-176; 117 Stat.
2490). Most notably, Vision 100 established an aviation security capital fund to help
pay for placing explosive detection systems (EDS) “in-line” with baggage conveyers
and sorting facilities in an effort to improve the efficiency and effectiveness of

¹ (...continued)
Report (New York, NY: W. W. Norton & Co., 2004), p. 344.
² The 9/11 Commission Report, pp. 85-86.

checked baggage screening and expanded the program to arm pilots to include pilots
of all-cargo aircraft.
Despite these actions, congressional and administration oversight of aviation
security has identified several areas of vulnerability that persist. These include air
cargo operations; general aviation; access controls for airport employees; screener
performance; and possible terrorist attacks using shoulder-fired missiles.
Recommendations of the 9/11 Commission
The 9/11 Commission also recognized many of these vulnerabilities. The 9/11
Commission concluded that “[m]ajor vulnerabilities still exist in cargo and general
aviation security. These, together with inadequate screening and access controls,
continue to present aviation security challenges.”³ Based on these findings, the 9/11
Commission made specific recommendations regarding improvements to airport
passenger and baggage screening, and air cargo security. While the commission
identified potential threats posed by inadequate access controls to secured areas of
airports and general aviation operations, it did not issue any recommendations
pertaining to these risks. Also, while the 9/11 Commission acknowledged concerns
raised by previous and current administrations over possible shoulder-fired missiles
attacks against commercial airliners, it did not make any specific recommendations
regarding this threat.
The 9/11 Commission delineated its recommendations regarding aviation
security in a section titled “A Layered Security System.” As suggested by this title,
the 9/11 Commission concluded that the TSA must implement a multi-layered
security system that takes into consideration the full array of possible terrorist tactics.
The 9/11 Commission noted that these various layers of security must each be
effective in their own right and must be coordinated with other layers in a manner
that creates redundancies to catch possible lapses in any one layer. This conclusion
is consistent with aviation security mandates under ATSA and TSA’s concept of
“concentric rings of security.”⁴ Since many facets of aviation security have been
addressed through legislation and administration actions since the 9/11 attacks, the
9/11 Commission focused its aviation security recommendations on persisting
vulnerabilities in commercial aviation.
While not all recommendations offered in the 9/11 Commission’s final report
were formally labeled as such, CRS has identified six aviation-specific⁵
recommendations. These are: 1) enhancing passenger pre-screening; 2) improving
measures to detect explosives on passengers; 3) addressing human factors issues at
screening checkpoints; 4) expediting deployment of in-line baggage screening
systems; 5) intensifying efforts to identify, track, and screen potentially dangerous

³ Ibid., p. 391.
⁴ Transportation Security Administration. Budget Estimates: Fiscal Year 2004, March 2003.
⁵ For clarity, multi-part 9/11 Commission recommendations have been separately identified
in this report.

cargo; and 6) deploying hardened cargo containers on passenger aircraft. In addition
to these six aviation-specific recommendations, the 9/11 Commission also issued an
overarching recommendation for transportation security policy to set priorities based
on risk and implement the most practical and cost effective deterrents assigning
appropriate roles and missions to federal, state, and local authorities, as well as
private stakeholders.
Enhancing Passenger Pre-Screening
On September 11, 2001, passenger pre-screening consisted of three measures:
the Computer Assisted Passenger Prescreening System (CAPPS), answers to two
security-related questions asked by airline ticketing and gate agents, and the
presentation of photo identification to airline personnel. More than half of the
September 11, 2001 hijackers were identified as “selectees” based on one or more of
these pre-screening techniques. However, there was little consequence to their
selection because, at the time, pre-screening was used solely as a tool to screen for
individuals that might try to bomb a passenger jet using methods similar to those
employed in the bombing of Pan Am flight 103. While the CAPPS system is still in
use, its purpose has since been expanded to screen for possible hijackers as well.
CAPPS is maintained directly by the airlines as part of their security program and
uses computer algorithms to identify “selectees” based on matching passengers’
behaviors (e.g., method of ticket purchase) to hijacker and bomber profiles.
The follow-on to CAPPS, dubbed CAPPS II, has been embroiled in controversy
for the past two years over concerns regarding protection of personal data and civil
liberties. As proposed, CAPPS II would implement a two step process to: 1)
authenticate a passenger’s identity using commercial databases; and 2) check that
name against terrorist watch lists maintained by the federal government. If flagged
by the system, passengers could be either denied boarding or selected for secondary
screening. The 9/11 Commission recommended that improved passenger pre-
screening capabilities should not be delayed while the argument about a successor to
CAPPS continues. The 9/11 Commission further recommended that the prescreening
system should utilize the larger set of watchlists maintained by the federal
government. Both the Homeland Security Appropriations Act for FY2004 (P.L. 108-
90; 117 Stat. 1137) and Vision 100 directed the Department of Homeland Security
to address these concerns and limited implementation of CAPPS II to system testing
until the Government Accountability Office (GAO) verifies that adequate steps have
been taken to address these concerns. However, in February 2004, the GAO found
that the TSA had adequately addressed only one of the eight concerns regarding
CAPPS II implementation.⁶ Continued reluctance by the airlines to provide data for
testing CAPPS II due to liability concerns has also stymied progress. The 9/11
Commission recommended that airlines should be required to supply the information
needed to test and implement passenger pre-screening.

⁶ U.S. General Accounting Office. Aviation Security: Computer-Assisted Passenger
Prescreening System Faces Significant Implementation Challenges. GAO-04-385, February

2004.

Recent media reports indicate that the CAPPS II program has essentially been
scrapped over privacy concerns, however Secretary of Homeland Security Tom Ridge
has suggested that a new program with a different name might eventually take its
place.⁷ In light of the 9/11 Commission recommendation to forge forward with
implementing a passenger pre-screening system and the current lack of progress
toward developing such a system, Congress may intensify its oversight of the Secure
Flight program, the successor to CAPPS, and engage in debate over the best way to
proceed. H.R. 10 contains a provision that would require the TSA to take over
responsibility for prescreening from the airlines withing 180 days on enactment and
begin testing of the system by November 1, 2004. This measure is in line with
administration plans for the testing and roll-out of the Secure Flight program.
Improving Measures to Detect Explosives on Passengers
Evidence highlighted by the 9/11 Commission indicated that al Qaeda has had
a keen interest in bombing airliners for some time. The 9/11 Commission’s report
describes Ramzi Yousef’s 1994 bombing of a Phillippines Airlines flight bound for
Tokyo as a precursor to a larger operation — the so-called “Bojinka” plot — to
bomb multiple U.S.-bound airliners over the Pacific ocean. In the Philippines
Airlines bombing, Yousef reportedly assembled an improvised explosive device
(IED) in the airplane’s lavatory and hid it under a seat during the previous flight
affixing a digital watch timer he had invented.
Concerns over IEDs were brought to public attention in December 2001, when
Richard Reid attempted to down a transatlantic flight using explosives concealed in
a shoe. Concerns over IEDs were again raised by the media in October 2003 when
a college student, Nathaniel Heatwole, snuck banned items and materials resembling
plastic explosives aboard passenger jets. While neither of these high profile incidents
was cited in the 9/11 Commission report, the 9/11 Commission acknowledged
persisting weaknesses in the ability to detect explosives on passengers by formally
recommending that the TSA and Congress give priority to improving detection of
explosives on passengers. The 9/11 Commission further recommended that, as a
start, all individuals selected for secondary screening undergo explosives screening.
Current screening technologies and procedures offer limited capabilities to
detect explosives carried on passengers. While carry-on items and sometimes shoes
are x-rayed and may be subjected to secondary chemical trace detection screening
methods, passengers are typically only screened by metal detectors. New technology
offers the capability to detect bomb-making chemicals on individuals using trace
detection methods. These systems are being operationally tested in various
transportation settings including ongoing field tests at five airport sites: T.F. Green
State Airport, Providence, RI; Greater Rochester International Airport, NY; San
Diego International Airport, CA; Tampa International Airport, FL; and
Gulfport-Biloxi International Airport, MS . Other possible methods for detecting
explosives on passengers involve body scan imaging using low dose x-ray
backscatter or other techniques. Body scan technology is considered somewhat more

⁷ Mimi Hall and Barbara DeLollis. “Plan to collect flier data canceled,” USA Today, July

14, 2004.

controversial because it renders a nude image of the scanned individual which is
regarded by some as overly intrusive. Alternative methods to these technologies
include the use of bomb-sniffing dogs and physical searches of individuals. In light
of the 9/11 Commission recommendation, Congress may debate whether and how to
implement and fund an initiative for screening passengers using the most effective
means available. (See CRS Report RS21920, Detection of Explosives on Airline
Passengers: Recommendation of the 9/11 Commission and Related Issues.)
Addressing Human Factors Issues at Screening Checkpoints
The 9/11 Commission also recommended that the TSA conduct a human factors
study to understand problems in screener performance and set attainable objectives
for improving performance at screening checkpoints. Screener performance
deficiencies were highlighted by a recent DHS Inspector General’s audit that found
poor screener performance among both federal and contract screeners during covert
testing at screening checkpoints.⁸ The TSA has launched several initiatives to
address these concerns. For example, the TSA has greatly expanded the use of threat
image projection (TIP), a system that tests screener on-the-job performance by
projecting images of threat objects on x-ray monitors. Using data from TIP,
researchers can assess certain human performance needs in aviation security. The
TSA is also examining ways to improve the recurrent training of screeners.
Key human factors issues are likely to include screener selection and training,
fitness for duty, and human interaction with screening technologies. While the TSA
maintains a small cadre of human factors researchers and some ongoing research in
this area is being conducted by universities and contractors, research on aviation
security human factors and funding for these activities pales in comparison to human
factors research programs in the Department of Defense and FAA’s safety-related
human factors activities. Also, there presently is a lack of a comprehensive strategic
plan for addressing human factors in aviation security.
In light of this recommendation and persisting concerns over screener
performance, Congress may conduct oversight to identify areas where TSA’s human
factors research efforts may not be adequately addressing concerns over passenger
and baggage screening performance. Congress may also consider whether to task the
National Academy of Sciences or some other independent body with examining
human factors needs in aviation security. While the National Academy of Sciences
did address human factors in its 1999 assessment of aviation security technologies,
it has not conducted a focused study of human factors needs in the aviation security
system and has not examined this issue since the terrorist attacks of September 11,

2001.⁹ H.R. 10 contains a provision that would require the TSA to conduct human

⁸ Statement of Clark Kent Ervin, Inspector General, U.S. Department of Homeland Security.
Before the Committee on Transportation and Infrastructure, Subcommittee on Aviation, U.S.
House of Representatives, April 22, 2004
⁹ National Research Council. Assessment of Technologies Deployed to Improve Aviation
Security: First Report. Publication NMAB-482-5. Washington, DC: National Academy
Press, 1999.

factors studies to improve screener performance as part of a pilot program to examine
next-generation checkpoint screening technologies.
Expediting Deployment of In-Line Baggage Screening
Systems
The 9/11 Commission recommended that the TSA expedite installation of in-
line baggage screening systems. Therefore, Congress may debate the adequacy of
current funding for this activity. While Vision 100 authorizes up to $500 million
annually to be deposited into the aviation security capital fund, only $250 million was
appropriated in FY2004 and requested in FY2005 for this activity. Since the total
cost of integrating EDS equipment at all passenger airports is estimated to exceed $4
billion, it may take several years to complete integration of baggage screening
systems given current funding levels. Letters of intent (LOIs) issued to airports by
the TSA were established as a vehicle to leverage limited federal funding by
stretching obligations over several years. LOIs were created in appropriations
legislation as a means for TSA to convey to airports its intent to obligate future funds
for the purpose of EDS integration. However, the TSA has, thus far, implemented
LOIs by reimbursing airports for expenses as they are incurred. This approach could
further slow the progress of integrating EDS systems at airports.
The 9/11 Commission also recommended that “[b]ecause the aviation industry
will derive substantial benefits from [in-line EDS] deployment, it should pay a fair¹⁰
share of the costs.” However, defining that fair share has been a significant point
of contention. Airlines already indirectly pay the federal share of EDS integration
because the first $250 million annually, all that was budgeted in FY2004 for this
activity, must come directly from aviation security fees paid by the airlines and their
passengers. Airports pay a portion of the costs too, albeit a much smaller one. Under
the scheme adopted by Vision 100, large and medium-sized airports contribute 10%
of the cost while small airports contribute 5%. However, the TSA has proposed to
reduce the federal obligations for these programs and increase the local share to 25%
at large and medium-sized airports and 10% at small airports, a proposal that airports
obviously oppose. The 9/11 Commission did not specifically say what they would
consider to be a more equitable contribution from industry, however their
recommendation implies that they believe industry is not paying its fair share under
the current scheme.
Congress may continue debate over the equity of cost-sharing for EDS
integration in light of this recommendation. The House homeland security
appropriations bill (H.R. 4567) as reported included language to limit the federal
share for airport security projects to 75% at large and medium hubs and 90% at all
other airports, however, this language was stricken by a point of order during floor
debate.
Legislation introduced in the House (H.R. 5121) seeks to double the amount
collected in aviation security fees that must be designated for aviation security capital
fund from $250 million annually to $500 million annually for FY2005 through

¹⁰ The 9/11 Commission Report, p. 393.

FY2007. H.R. 5121 also seeks to increase the TSA’s flexibility to meet checked
baggage security screening requirements by allowing it to enter into multi-year
contracts, not to exceed 10-years, with airports or third party vendors to provide EDS
imaging capabilities. While most of the aviation security-related provisions of H.R.
5121 were incorporated into H.R. 10, neither of these measures were included in
H.R. 10.
Intensifying Efforts to Identify, Screen, and Track Cargo
The 9/11 Commission recommended that the TSA needs to intensify its efforts
to identify suspicious cargo, and appropriately screen and track potentially dangerous
cargo in aviation as well as in maritime operations. Stemming from
recommendations of the Aviation Security Advisory Committee (ASAC), a standing
committee of aviation stakeholders, the TSA unveiled a strategic plan for cargo
security in November 2003. That plan consists a multi-layered risk-based approach
with four key strategic objectives: 1) enhancing shipper and supply chain security;
2) identifying elevated risk cargo through pre-screening; 3) identifying technology
for performing targeted air cargo inspections; and, 4) securing all-cargo aircraft
through appropriate facility security measures.¹¹ Goals of the plan include pre-
screening all cargo shipments in order to determine their level of relative risk;
working with industry and federal partners to ensure that 100% of items considered
to pose an elevated risk are inspected; developing and ensuring that new information
and technology solutions are deployed; and, implementing operational and regulatory
programs that support enhanced security measures.¹² The 9/11 Commission
recommendations seem to imply that it concurs with TSA’s overall approach as
outlined in this strategic plan but feels that progress toward achieving these
objectives must be accelerated, and perhaps, augmented. Since the 9/11 Commission
recommendation provides no specific guidance on how to intensify the identification,
tracking, and screening of cargo, Congress may further scrutinize TSA’s efforts on
cargo security and further debate approaches to air cargo security.
Recent debate in Congress over air cargo security has focused on the level of
physical screening or inspection of cargo needed to adequately mitigate the risks
posed by cargo placed on passenger aircraft. While proposals have been offered to
require 100% physical screening or inspection of all cargo placed on passenger
aircraft, Congress has thus far supported TSA’s plan to, instead, implement a risk-
based approach that relies heavily on the known-shipper program and database to
assess shipments placed aboard passenger aircraft. Both H.R. 10 and S. 2845 contain

¹¹ Transportation Security Administration. Air Cargo Strategic Plan. November, 2003.
¹² There has been considerable confusion regarding the terms screening and inspection as
they pertain to air cargo, and presently no statutory or regulatory definitions of these terms
exist. In general, the TSA refers to screening as a vetting process, such as the use of a
known-shipper database, to assess the level of risk associated with a cargo shipment. TSA
uses the term inspections, on the other hand, to refer to physical scrutiny of cargo though
any of several available means such as canine teams, hand searches, or the use of x-ray
equipment or explosives detection systems. In this report, the term pre-screening has been
used in place of what TSA commonly calls screening to avoid confusion since this does not
refer to a physical screening process.

measures to improve the screening and tracking of cargo. S. 2845 would specifically
require the TSA to double the amount of air cargo screened within one year. (see
CRS Report RL32022, Air Cargo Security).
Deploying Hardened Cargo Containers
In addition to these measures to improve cargo security, the 9/11 Commission
specifically recommended the deployment of at least one hardened cargo container
on every passenger aircraft that also hauls cargo to carry suspicious cargo. The
National Research Council examined this very concept in 1999 and concluded it
would cost $125 million to acquire a sufficient number of hardened containers.¹³
They also estimated that the annual industry-wide cost of lost revenue due to reduced
aircraft revenue payload and increased fuel burn would total $11 million. Thus, even
if a proposal were made to federally fund this initiative, passenger airlines may
oppose it because it would increase operational costs.
It is likely that opponents of deploying hardened cargo containers would also
argue that, if recommended initiatives are implemented to improve the identification,
tracking, and screening of cargo, then hardened cargo containers are not needed. On
the other hand, proponents of deploying hardened cargo containers may argue that
doing so creates a redundant layer of defense, analogous to a hardened cockpit door,
that is consistent with the overarching goal of establishing a multi-layered security
system with built-in redundancies.
However, using just one hardened cargo container per passenger aircraft still
leaves the system open to potential vulnerabilities that are directly tied to the
effectiveness of measures to conduct risk-based assessments of cargo and flag
suspicious cargo. For this reason, the TSA currently requires that all cargo from
shippers that have not been properly vetted and verified through the known-shipper
program be carried in all-cargo airplanes and not aboard passenger airplanes. While
TSA is working on expanding its capabilities to detect high risk cargo, it is unclear
how this system could be adapted to assign risk levels that would permit certain
suspect cargo to travel in hardened cargo containers on board passenger airplanes.
Also, from a policy standpoint, it is unclear what criteria could be used to permit
shipment of suspicious cargo on passenger aircraft in hardened cargo containers
instead of offloading that shipment from passenger aircraft altogether. Congress may
debate whether deployment of hardened cargo containers could provide an effective
layer of security to protect against potential cargo bombings. A key policy issue in
this debate is likely to be the possible implications of allowing suspicious cargo to
travel on passenger aircraft even if they are secured in hardened cargo containers.
H.R. 10 contains a provision that would require TSA to carry out a pilot
program to evaluate the use of blast-resistant containers for carrying baggage and
cargo on passenger airliners. While S. 2845 does not contain a similar provision,
legislation passed by the Senate on May 9, 2003 (S. 165), would require the DHS in

¹³ National Research Council. Assessment of Technologies Deployed to Improve Aviation
Security: First Report.

coordination with the FAA to submit a report evaluating blast-resistant cargo
container technology.
Risk-Based Prioritization as the Basis for Transportation
Security Policy
In addition to the aviation specific recommendations discussed above, the 9/11
Commission also issued an overarching recommendation that risk-based priorities
for protecting all transportation assets be established. Based on this assessment of
risks, the 9/11 Commission recommended that TSA select the most practical and cost
effective approaches for implementing defenses of transportation assets and develop
a plan, budget, and funding to implement this effort. The plan, according to the 9/11
Commission, should assign roles and missions to federal, state, and local authorities,
as well as to private stakeholders.
Strategic Plan for Aviation Security. The risk-based approach to aviation
security is nothing new and has been viewed for some time as the principal policy
tool for allocating limited resources. What is lacking, however, is a unified strategic
plan for aviation security. To some extent, ATSA has set the strategy for aviation
security following the terrorist attacks of September 11, 2001. The TSA’s initial
focus was on meeting the mandates of ATSA, particularly deploying air marshals and
federal screeners. Now that TSA has achieved some level of normal operations, it
should be better poised to focus on developing a more formal strategy for national
aviation security policy. Based on TSA’s strategic approaches to date, particularly
in addressing air cargo security needs, it is likely that a risk-based multi-layered
approach to aviation security will form the core of future aviation security policy.
This appears to be largely in step with what the 9/11 Commission is recommending.
In light of the 9/11 Commission recommendation, Congress may consider whether
to formally task the TSA with developing a national strategy for aviation security that
addresses funding needs, budgetary implications, and the appropriate roles of federal,
local, and state authorities, and industry stakeholders. While some may argue that
such a plan already exists in various TSA program plans and budget documents,
others may argue that a more formal strategic planning document for aviation
security needs to be developed.
Cooperation and Integration. While aviation security relies extensively on
cooperation and the integration of shared responsibilities, challenges persist in
defining roles and allocating resources for state and local participation and industry
involvement. At airports, the local role is defined in the airport security program
which is tailored for each airport location. Physical security of the airport site is
ultimately the role of local jurisdictions carried out by airport operators, while TSA
maintains the overall role of security oversight and enforcement as well as direct
responsibility for passenger screening. The role of local governments, and in some
cases state authorities, in aviation security often involves both law enforcement
support for airport site security and law enforcement presence at screening
checkpoints. Passenger air carriers must also participate in security through
procedures and training for controlling access to aircraft and secured areas of
airports, carrying out security inspections of aircraft, and so on. In air cargo and
general aviation, security measures rely heavily on the direct participation of aircraft

owners and operators, while the federal role is one of oversight and enforcement of
aviation security requirements.
While implementing aviation security already involves federal, state, local, and
industry participation, what appears to be lacking is a unified plan or strategy for:
assigning roles and missions to each stakeholder based on careful consideration of
logistics and costs; and adopting a systems approach to define how each element
contributes to the overall security strategy.
In light of the 9/11 Commission recommendation, Congress and the TSA may
consider ways to improve the strategic planning, resource allocation, and integration
of federal, state, local, and private-sector resources for aviation security. Congress
and the TSA may also consider how the specific strategies and approaches to aviation
security may be integrated with an overarching transportation security strategy that
encompasses rail, maritime, and highway security as well and addresses logistics,
funding, and resource allocation to meet security needs in all modes of transportation.
H.R. 10 requires the Department of Homeland Security (DHS) to prepare and update
a transportation security plan and modal security plans including a modal plan for
aviation to: set risk-based priorities; select the most practical and cost-effective
methods for protecting aviation assets; and assign roles and missions to Federal,
State, regional, and local authorities, and aviation stakeholders.
Congressional Actions in Response to the 9/11
Commission Recommendations
Since the release of the 9/11 Commission report, Congress has given
considerable attention to the recommendations contained in the report. The Senate
Committee on Commerce, Science and Transportation held a hearing on the 9/11
Commission recommendations regarding transportation security on August 16, 2004,
and the House Subcommittee on Aviation held a hearing reviewing the aviation
security recommendations of the 9/11 Commission.
The 108^th Congress passed two major pieces of legislation containing numerous
provisions pertaining to aviation security: Vision 100 — Century of Aviation
Reauthorization Act (P.L. 108-176), which was enacted prior to the 9/11
Commission’s final report, and the National Intelligence Reform Act (P.L. 108-458;
118 Stat. 3638) which was enacted, in large part, in response to the 9/11
Commission’s recommendations..
Vision 100 — Century of Aviation Reauthorization Act
Before the 9/11 Commission had completed its report, several aviation security-
related provisions were included in Vision 100 - Century of Aviation Reauthorization
Act (P.L. 108-176) which was enacted on December 12, 2003.
Vision 100 established a redress process for pilots, mechanics or other licensed
aviation professionals whose certification is denied, suspended, or revoked on the
grounds that they pose a risk to aviation security. Vision 100 also requires the

Federal Aviation Administration to provide a justification to Congress when
establishing an Air Defense Identification Zone (ADIZ) around cities where pilots are
required to use special communications and operating procedures to enable air traffic
controllers to identify potential security threats.
Vision 100 also modified existing requirements for security training of airline
flight and cabin crew members. Under these provisions, the airlines are responsible
for providing mandatory basic training in security for crews, while the TSA was to
develop and provide a voluntary advanced self-defense training program for crew
members.
Vision 100 also required the Department of Homeland Security to study and
report to Congress on the effectiveness of the aviation security system, including the
air marshal program, hardening of cockpit doors, and security screening of
passengers, checked baggage, and cargo. The report was to include
recommendations, including legislative recommendations, for improving the
effectiveness of aviation security.
Vision 100 also created the Aviation Security Capital Fund. The act authorizes
up to $500 million per year through FY2007 to be appropriated to this fund and
requires that the first $250 million in aviation security fee collections be deposited
in this fund each year through FY2007. The act also provided the Undersecretary for
Border and Transportation Security with the authority to issue grants to airports for
projects to integrate baggage explosive detection systems with baggage conveyer
systems; reconfigure terminal baggage areas as needed to install explosive detection
systems; deploy explosive detection systems behind the ticket counter, in baggage
sorting areas, or in line with baggage handling systems; and for other aviation
security-related capital improvement projects. Vision 100 set the federal share of
costs for such projects at 90% for large and medium hub airports, and at 95% for all
other airports and set guidelines for the allocation of Aviation Security Capital Fund
monies for these projects.
Vision 100 also required the implementation of security programs for air charter
operators who use aircraft weighing more than 12,500 pounds maximum takeoff
weight.
Vision 100 also required the Government Accountability Office (GAO) to
review the proposed CAPPS II passenger prescreening system and prevented the TSA
from fully implementing this program until the Undersecretary for Border and
Transportation Security certified that a variety of enumerated issues pertaining to
civil liberties, privacy, data protection, system security, system performance, and
system oversight had been adequately addressed. The TSA has since scrapped the
CAPPS II program and is developing an alterative prescreening system called
“Secure Flight.”
Vison 100 also authorized flight crew members of all-cargo airlines to
voluntarily participate in the Federal Flight Deck Officer Program that trains and
deputizes armed pilots to guard aircraft cockpits against hostile attacks. Vision 100
also expanded the program to include other flight crew members, such as flight
engineers, in addition to pilots.

Vision 100 also requires the promulgation of regulations to ensure the security
of foreign and domestic aircraft repair stations. The act also requires the TSA, in
coordination with the FAA, to complete a security review and audit of foreign repair
stations that work on air carrier aircraft and components.
Vision 100 also modified the background check requirements for foreign pilots
seeking flight training in the United States. The act transferred the duties of
conducting these background checks from the Department of Justice to the DHS. The
provisions require flight schools or instructors to provide notification and
identification information for individuals seeking training in smaller aircraft,
weighing less than 12,500 pounds, and require background checks be completed
before training can be initiated in larger aircraft. The legislation authorizes fee
collections to offset the costs of conducting these background checks.
For further discussion see CRS Report RL32498, Vision 100: An Overview of
the Century of Aviation Reauthorization Act (P.L. 108-176).
The National Intelligence Reform Act of 2004
The National Intelligence Reform Act (P.L. 108-458) contains numerous
provisions related to aviation security, many directly addressing the concerns and
recommendations of the 9/11 Commission.
The act requires the Department of Homeland Security to develop, prepare,
implement, and update as needed, a National Strategy for Transportation Security as
well as modal-specific security plans including a plan for aviation security. The
modal security plan for aviation is to include a threat matrix outlining each threat to
the United States civil aviation system and the corresponding layers of security in
place to address these threats and a plan for mitigation and reconstitution of the
aviation system in the event of a terrorist attack.
The act requires the TSA to issue guidance for the use of biometrics in airport
access control systems and establish a biometric credential and authentication
procedures to identify law enforcement officers authorized to carry firearms aboard
passenger aircraft. The act authorizes $20 million, in addition to any other authorized
amounts, for research and development of biometric technologies for aviation
security. The act also authorizes $1 million to establish a center of excellence in
biometric technologies.
The act required the TSA to begin system testing of an advanced passenger
prescreening system by January 1, 2005. Although the act does not provide a
deadline for the completion of testing the prescreening system, it requires the TSA
to begin to assume the role of passenger prescreening and checking passenger names
against watch lists no later than 180 days after completing that testing. The act
requires the TSA to establish redress and remedy procedures for passengers who are
delayed or denied boarding because of being falsely identified or targeted by the
system, and requires the TSA to ensure that the number of such false positives is
minimized. The act also requires the TSA to establish an oversight board and
implement safeguards to ensure the security and integrity of the system and address

and resolve any privacy concerns. The act also requires that the DHS prescreening
of international flights to or from the United States be conducted prior to departure.
The act further requires that individuals seeking FAA certificates, such as pilots
and mechanics, as well as individuals requesting unescorted access to airport secure
areas and air operations areas be screened against the consolidated and integrated
terrorist watch list. The act also requires the TSA to establish a process where air
charter and leasing companies can voluntarily submit information regarding
prospective customers seeking to use aircraft weighing more than 12,500 pounds for
prescreening.
The act requires the Security Privacy Officer of the Department of Homeland
Security to report on the impact of the automatic selectee and no fly lists on privacy
and civil liberties and the Director of National Intelligence, in consultation with the
Secretary of Homeland Security, the Secretary of State, and the Attorney General, to
report on the criteria and standards applied in placing the names of individuals on the
consolidated screening watch list.
The act also directs the DHS to give high priority to developing, testing,
improving, and deploying airport checkpoint screening technologies to detect
nonmetallic, chemical, biological, and radiological weapons, and explosives on
passenger and carry-on items and requires the DHS to create a strategic plan for the
deployment and use of explosive detection equipment at airport screening
checkpoints. The act requires the TSA to initiate a pilot program to test advanced
airport checkpoint screening systems at five or more airports by March 31, 2005 and
authorizes $150 million per year in FY2005 and FY2006 to carry out this pilot. The
act also requires the TSA to carry out and report on a human factors study to better
understand problems with screener performance and take such action as may be
necessary to improve the job performance of airport screening personnel.
The act requires the Federal Air Marshal Service to continue operational
initiatives to protect the anonymity of Federal air marshals. The act also provides for
training law enforcement officers authorized to carry firearms on passenger aircraft
in inflight counterterrorism and weapons handling procedures and in the
identification of fraudulent identification documents such as passports and visas.
The act also encourages the President to pursue international agreements to enable
the maximum deployment of Federal air marshals on international flights, and
authorizes the DHS to provide air marshal training to foreign law enforcement
personnel.
The act authorizes the TSA to take necessary action to expedite the installation
and use of in-line baggage screening equipment at airports. The act further requires
the TSA to establish a schedule to expedite this activity and study cost-sharing
options among federal, state, and local governments, and the private sector for
integrating in-line baggage screening systems. The act increases the authorization
for the aviation security capital fund by authorizing up to $400 million per year
through FY2007, in addition to the initial $250 million deposited from aviation
security fee collections set forth in Vision 100.

The act directs the TSA to study the application of readily available wireless
communication technologies to enable cabin crew members to discreetly notify the
pilot in the case of a security breach or safety issue occurring in the cabin.
The act requires the FAA to begin issuing tamper resistant pilot licences with
a photograph of the bearer. The licence is to be capable of accommodating a digital
photograph, a biometric, or any other unique identifier considered necessary for
identification purposes.
The act requires the TSA to develop and report to Congress on standards for
determining appropriate screener staffing levels at airports that provide necessary
levels of security and keep passenger wait times to a minimum. The DHS is also to
study the feasibility of integrating operations of the screening workforce and other
aviation security-related DHS functions to coordinate these activities and increase
their efficiency and effectiveness. The act also authorizes the expenditure of $100
million for research and development of improved explosive detection systems and
directs the TSA to develop a plan and guidelines for implementing these systems.
The act also requires the TSA to prohibit airline passengers from carrying
butane lighters and any other objects considered by the TSA to be inappropriate
carry-on items.
The act also directs the President to urgently pursue international treaties to limit
the availability, transfer, and proliferation of Man-portable Air Defense Systems
(MANPADSs), such as shoulder-fired missiles, worldwide. The act further directs
the President to continue to pursue international arrangements for the destruction of
excess, obsolete, and illicit MANPADS stockpiles worldwide. The act requires the
President to report on diplomatic efforts to address MANPADS non-proliferation and
requires the Secretary of State to provide the Congress with annual briefings on the
status of these efforts. The act also requires the FAA to establish a process for
expedited certification of airworthiness and safety for missile defense systems that
can be mounted on commercial aircraft. The act also requires the DHS to provide a
report within one year assessing the vulnerability of aircraft to MANPADS attacks
and plans for securing airports and aircraft from this threat.
The act requires that a pilot program be established to evaluate the use of
blast-resistant cargo containers. The act authorizes $2 million to carry out this pilot
program. The act also authorizes $200 million each year through FY2007 for
improved air cargo and airport security related to the transportation of cargo on both
passenger aircraft and all-cargo aircraft, and $100 million per year through FY2007
for the research, development, and deployment of technologies to better identify,
track, and screen air cargo. The act establishes a grant program to encourage the
development of advanced air cargo security technology. The act also requires the
TSA to issue a final rule regarding its proposed regulations for the security of cargo
operations for both passenger and all-cargo aircraft. Finally, the act requires the
DHS, in coordination with the Department of Defense and the FAA, to report on the
threats posed by international cargo shipments bound for the United States and
provide an analysis of the potential for establishing secure facilities along established
international aviation routes for the purposes of diverting and securing aircraft
believed to pose a security threat.

In addition to the air-cargo security provisions in the National Intelligence
Reform Act of 2004, the Department of Homeland Security Appropriations Act, 2005
(P.L 108-334, Sec. 513) directs the DHS to research, develop, and procure certified
systems to inspect and screen air cargo on passenger aircraft at the earliest date
possible and amend security directives and procedures to, at a minimum, triple the
percentage of cargo inspected on passenger aircraft
Possible Continuing Policy Concerns for Congress
Since the 108^th Congress enacted several major provisions pertaining to aviation
security, many directly reflecting the concerns and recommendations of the 9/11
Commission, there are few policy concerns that were not addressed at all during the
108^th Congress. However, two areas where some may consider that policy concerns
were not adequately addressed through legislation in the 108^th Congress include
general aviation security and air cargo security procedures and oversight.
The 9/11 Commission made brief reference to concerns over the security of
general aviation operations, however it did not make any formal recommendations
to address this concern. During the 108^th Congress, legislation on the security of
general aviation operations focused on airport and airspace restrictions and
examining ways to alleviate what some believed to be unnecessary constraints on
certain operations. For example, a provision in Vision 100 required the DHS to
develop and implement a security plan allowing general aviation flights to resume
at Ronald Reagan Washington National Airport but set no timetable for carrying out
this provision. In appropriations language, on the other hand, temporary flight
restrictions over stadiums and other venues during major outdoor sports events were
kept in full force and made permanent. Arguably, the legislation pertaining to
general aviation security enacted during the 108^th Congress was viewed by many as
not being as cohesive and comprehensive as legislation addressing other aviation
security concerns. Some have expressed renewed concerns over the risk posed by
general aviation corporate jets, private planes, and helicopters in response to a recent
assessment prepared jointly by the Federal Bureau of Investigation (FBI) and the
DHS and widely reported in the press.¹⁴
Some may also argue that comprehensive legislation pertaining to air cargo
security operations and oversight and expansion of the known-shipper program were
not adequately addressed during the 108^th Congress. Specifically, comprehensive
measures that had been passed by the Senate in S. 165 (108^th Congress) were stripped
from the final version of the National Intelligence Reform Bill of 2004 and replaced
by language directing the TSA to make final proposed rulemaking addressing these
issues. This was presumably done because the TSA’s regulatory proposals largely
reflected the intent of the proposed legislation. However, because Congress did not
formally enact several of these specific provisions pertaining to air cargo security
operations and oversight, the 109^th Congress may be particularly interested in
oversight of the TSA’s implementation of its air cargo security rules and its air cargo
strategic plan to ensure that they meet desired objectives.

¹⁴ Eric Lichtblau. “Security Report on U.S. Aviation Warns of Holes,” The New York Times,
March 14, 2005.