Security theater

From Infogalactic: the planetary knowledge core
Jump to: navigation, search

Security theater is the practice of investing in countermeasures intended to provide the feeling of improved security while doing little or nothing to actually achieve it.[1] Some experts such as Edward Felten have described the airport security repercussions due to the September 11, 2001 attacks using commercial jetliners in the United States, as security theater.[2]


Security theater has real monetary costs but by definition provides no security benefits, or the benefits are so minimal as to not be worth the cost.[3] Security theater typically involves restricting or modifying aspects of people's behavior or surroundings in very visible and highly specific ways,[3] which could involve potential restrictions of personal liberty and privacy, ranging from negligible (confiscating water bottles where bottled water can later be purchased) to significant (prolonged screening of individuals to the point of harassment).

Security theater encourages people to make uninformed, counterproductive political decisions.[citation needed] The feeling of (and wished for) safety can actually increase the real risk. The disruption, cost, and fear caused by security theater acts as positive feedback for those who wish to exploit it: even if they fail to take lives, they can cause large economic costs.

Critics such as the American Civil Liberties Union have argued that the benefits of security theater are temporary and illusory since after such security measures inevitably fail, not only is the feeling of insecurity increased, but there is also loss of belief in the competence of those responsible for security.

Increased casualties

Two studies by a group of Cornell University researchers have found that strict airport security in the United States after the 9/11 attacks has the unintended consequence of increasing road fatalities, as would-be air travelers decide to drive and are exposed to the far greater risk of dying in a car accident.[4][5] In 2005, the researchers looked at the immediate aftermath of the attacks of September 11, 2001, and found that the change in passenger travel modes led to 242 added driving deaths per month.[4] In all, they estimated that about 1,200 driving deaths could be attributed to the short-term effects of the attacks.

In 2007, the researchers studied the specific effects of a change to security practices instituted by the TSA in late 2002. They concluded that this change reduced the number of air travelers by 6%, and estimated that consequently, 129 more people died in car accidents in the fourth quarter of 2002.[5] Extrapolating this rate of fatalities, New York Times contributor Nate Silver remarked that this is equivalent to "four fully loaded Boeing 737s crashing each year."[6]

Economic costs

The 2007 Cornell study also noted that strict airport security hurts the airline industry; it was estimated that the 6% reduction in the number of passengers in the fourth quarter of 2002 cost the industry $1.1 billion in lost business.[7]

The ACLU has reported that between October 2008 and June 2010, over 6,500 people traveling to and from the United States had their electronic devices searched at the border.[8] The Association of Corporate Travel Executives, whose member companies are responsible for over 1 million travelers and represent over $300 billion in annual business travel expenditures, reported in February 2008 that 7% of their members had been subject to the seizure of a laptop or other electronic device. Electronic device seizure may have a severe economic and behavioral impact. Entrepreneurs for whom their laptop represents a mobile office can be deprived of their entire business. Fifty percent of the respondents to ACTE's survey indicated that having a laptop seizure could damage a traveler's professional standing within a company.

The executive director of the Association of Corporate Travel Executives testified at a 2008 hearing of the Senate Judiciary Subcommittee on the Constitution seizure of data or computers carrying business proprietary information has and will force companies to implement new and expensive internal travel policies.[9]

Increased risk of targeted attacks

The direct costs of security theater may be lower than that of more elaborate security measures. However, it may divert portions of the budget for effective security measures without resulting in an adequate, measurable gain in security.[10]

Because security theater measures are often so specific (such as concentrating on potential explosives in shoes), it allows potential attackers to divert to other methods of attack.[3] This not only applies to the extremely specific measures, but can also involve possible tactics such as switching from using highly scrutinized airline passengers as attackers to getting attackers employed as airline or airport staff. Another alternate tactic would be simply avoiding attacking aircraft in favor of attacking other areas where sufficient damage would be done, such as cinemas.[3]


Lua error in package.lua at line 80: module 'strict' not found. While it may seem that security theater must always cause loss, it may actually be beneficial, at least in a localized situation. This is because perception of security is sometimes more important than security itself.[11] If the potential victims of an attack feel more protected and safer as a result of the measures, then they may carry on activities they would have otherwise avoided. In addition, if the security measures in place appear effective, potential attackers may be dissuaded from proceeding or may direct their attention to a target perceived as less secure. Unsophisticated adversaries in particular may be frightened by superficial impressions of security (such as seeing multiple people in uniform or observing cameras) and not even attempt to find weaknesses or determine effect.[citation needed]


Some measures which have been criticized as security theater include:

Airport security measures

  • Many procedures of the Transportation Security Administration have been criticized as security theater. Specific measures critiqued as security theater include the "patting down the crotches of children, the elderly and even infants as part of the post-9/11 airport security show" and the use of full body scanners, which "are ineffective and can be easily manipulated." [12] Many measures are put in place in reaction to past threats and "are ineffective at actually stopping terrorism, as potential attackers can simply change tactics."[12]
  • The use of Computer Assisted Passenger Prescreening System (CAPPS) and its successor, Secure Flight—programs which rely on static screening of airline passenger profiles to choose which people should be searched—has been criticized as ineffective security theater.[13] The TSA's Registered Traveler Program and Trusted Traveler Program have been criticized on similar grounds.[13] The CAPPS has been demonstrated to reduce the effectiveness of searching below that of random searches since terrorists can test the system and use those who are searched least often for their operations.[14]
  • A 2010 Government Accountability Office (GAO) report found that the TSA's $900 million Screening Passengers by Observation Techniques (SPOT) program, a behavioral-detection program introduced in 2007 that is aimed at detecting terrorists, had detected no terrorists and failed to detect at least 16 people who had traveled through airports where the program was in use and were later involved in terrorism cases.[15][16] In 2013, a GAO report found that no evidence existed to support the idea that "behavioral indicators ... can be used to identify persons who may pose a risk to aviation security."[15] A separate 2013 report by the Department of Homeland Security Office of Inspector General found that the TSA had failed to evaluate the SPOT program and could not "show that the program is cost effective."[15] The SPOT program has been described as security theater.[16][17][18]
  • With the aim of preventing individuals on a No Fly List from flying in commercial airliners, U.S. airports require all passengers to show valid picture ID (e.g. a passport or driver's license) along with their boarding pass before entering the boarding terminal. At this checkpoint, the name on the ID is matched to that on the boarding pass, but is not recorded. In order to be effective, this practice must assume that 1) the ticket was bought under the passenger's real name (at which point the name was recorded and checked against the No Fly List), 2) the boarding pass shown is real, and 3) the ID shown is real. However, the rise of print-at-home boarding passes, which can be easily forged, allows a potential attacker to buy a ticket under someone else's name, to go into the boarding terminal using a real ID and a fake boarding pass, and then to fly on the ticket that has someone else's name on it.[19][20][21][22] Additionally, a 2007 investigation showed that obviously false IDs could be used when claiming a boarding pass and entering the departures terminal, so a person on the No Fly List can simply travel under a different name.[23]
  • Facial recognition technology was introduced at Manchester Airport in August 2008. A journalist for The Register claimed that "the gates in Manchester were throwing up so many false results that staff effectively turned them off.[24] Previously matches had to be 80% the same – this was quickly changed to 30%. According to Rob Jenkins, a facial recognition expert at Glasgow University, when testing similar machines at a 30% recognition level, the machines were unable to distinguish between the faces of Osama bin Laden and Winona Ryder, bin Laden and Kevin Spacey, nor between Gordon Brown and Mel Gibson.[25]

Random search programs on public transit and in other public places


  • One commentator has "publicized database initiatives" generally as "acts of Security Theater," writing: "An inherently intuitive allure attaches to scanning massive amounts of data in dimly lit control rooms, using sophisticated algorithms and scientific computer-matching methods to predict future behaviors and identify suspect individuals. This approach looks smart and makes some people feel safer....Accumulation of more data to the layman suggests not only better information, but potential for better intelligence. Yet, data mining is inherently flawed in its ability to find 'extremely rare instances of patterns across an extremely wide variety of activities and hidden relationships among individuals,' and encourages 'fishing expeditions.'"[31]
  • The draft Communications Data Bill ("snoopers' charter") proposed by the British government under Prime Minister David Cameron and Home Secretary Theresa May has been criticized as security theater.[32] Similarly, Cameron's proposal to ban encryption in the UK has been criticized as ineffective security theater.[33]


The term security theater was coined by computer security specialist and writer Bruce Schneier for his book Beyond Fear,[34] but has gained currency in security circles, particularly for describing airport security measures.

Examples of use of the term:

<templatestyles src="Template:Blockquote/styles.css" />

For theater on a grand scale, you can't do better than the audience-participation dramas performed at airports, under the direction of the Transportation Security Administration. ... The T.S.A.'s profession of outrage is nothing but 'security theater,' Mr. Schneier said, using the phrase he coined in 2003 to describe some of the agency's procedures.

— "Theater of the Absurd at the T.S.A.", The New York Times; December 17, 2006[35]

<templatestyles src="Template:Blockquote/styles.css" />

Airline passengers will be able to bring many types of cigarette lighters on board again starting next month after authorities found that a ban on the devices did little to make flying safer, a newspaper reported Friday. 'Taking lighters away is security theater,' Transportation Security Administration chief Kip Hawley told The (New York) Times in an interview.

— "Report: Plane Lighter Ban to Be Lifted", Associated Press; July 20, 2007[36]

See also


  1. Lua error in package.lua at line 80: module 'strict' not found.
  2. Lua error in package.lua at line 80: module 'strict' not found.
  3. 3.0 3.1 3.2 3.3 Lua error in package.lua at line 80: module 'strict' not found.
  4. 4.0 4.1 Lua error in package.lua at line 80: module 'strict' not found.
  5. 5.0 5.1 Lua error in package.lua at line 80: module 'strict' not found.
  6. Lua error in package.lua at line 80: module 'strict' not found.
  7. Lua error in package.lua at line 80: module 'strict' not found.
  8. Lua error in package.lua at line 80: module 'strict' not found.
  9. Lua error in package.lua at line 80: module 'strict' not found.
  10. Lua error in package.lua at line 80: module 'strict' not found.
  11. Lua error in package.lua at line 80: module 'strict' not found.
  12. 12.0 12.1 Eric Levenson, The TSA Is in the Business of 'Security Theater,' Not Security, Wired (January 31, 2014).
  13. 13.0 13.1 Bruce Schneier, Airline Security a Waste of Cash, Wired (December 1, 2005).
  14. Lua error in package.lua at line 80: module 'strict' not found.
  15. 15.0 15.1 15.2 Jana Winter & Cora Currier, Exclusive: TSA’s Secret Behavior Checklist to Spot Terrorists
  16. 16.0 16.1 Kevin D. Williamson, The TSA's 95 Percent Failure Rate: Security Theater as Farce, National Review (June 3, 2015).
  17. Jeffrey Goldberg, The Things He Carried, The Atlantic (November 2008).
  18. Thomas Cincotta, Behavior Profiling: Ineffective and Expensive Security Theater, Political Research Associates (July 29, 2010).
  19. Slate's Andy Bowers on Airport Security loopholes – Boing Boing
  20. Crypto-Gram: August 15, 2003
  21. A dangerous loophole in airport security. – By Andy Bowers – Slate Magazine
  22. Fake Boarding Pass Generator mirror site – Boing Boing
  23. Flying without ID won't work? Try making your own ID. – Boing Boing
  24. Cardiff Airport gets more security theatre
  25. Lua error in package.lua at line 80: module 'strict' not found.
  26. 26.0 26.1 Markus Rauschecker, Metro's Random Bag Searches: Reasonableness, Randomness, and "Security Theater", University of Maryland Center for Health and Homeland Security (January 7, 2011).
  27. 27.0 27.1 Ann Scott Tyson, Metro bag searches criticized by public, Washington Post (January 4, 2011).
  28. Benjamin R. Freed, Metro's Bag Searches Are Pretty Empty, It Turns Out, DCist (June 12, 2012).
  29. Tim Cushing, Chicago Transit Cops Start Up Their Own Security Theater, Will Start Randomly Swabbing Bags For Explosive Residue, TechDirt (November 6, 2014).
  30. Timothy Geigner, NFL Ramps Up Security Theatre, TechDirt (September 21, 2011).
  31. Candice L. Kline, Security Theater and Database-Driven Information Markets: A Case for an Omnibus U.S. Data Statute, 39 U. Tol. L. Rev. 443 (2008).
  32. Ray Corrigan, World War II is long over, but the fight agains [sic] oppressive, invasive state laws continues, Open University (May 12, 2015).
  33. Bruce Schneier, David Cameron's Plan to Ban Encryption in the UK, Schneier on Security (January 13, 2015).
  34. Lua error in package.lua at line 80: module 'strict' not found.
  35. Theater of the Absurd at the T.S.A.
  36. TSA To Lift Ban On Most Lighters On Planes/Security Chief Says Taking Lighters Away From Passengers Was "Security Theater"

External links

The dictionary definition of security theater at Wiktionary