Stories about TSA outrages are all over the Internetchildren being treated roughly, medical needs not being properly allowed for, sneers at the political correctness; you name it. Neptunus Lex looks for a way around them, and one of his commenters suggests hiring ex-military to do the work. An analyst notes gravely that avoiding the airlines means more deaths on the highways. TSA agents wail that this isn’t what they signed up for. (As to that last: the Angel Eyes Rule applies. They taken the money.)

What to do? There seems to be general agreement that we have to do something to ensure that air travel is safe. But is this the best way to do it?

Commenter “Stephanie” at Protein Wisdom gets to the root of the matter:

…any security that operates on a perimeter limited basis is by default not secure at the point where security begins. Each time you expand the perimeter, the target also gets moved.

What TSA is doing is called, technically, perimeter security. There is an area you want to protect, so you throw up a cordon around it, being careful who gets in or out. In this case, the entire airline travel system is the “area”; the “cordon” around the perimeter is composed of solid barriers (fences, walls, buildings, and other structures that are putatively impassable), with only a few places where penetration of the barrier is permitted (the TSA checkpoints). The idea is to refuse passage to anyone with ill intent, with possession of the means to carry out ill intent as a proxy for the intent itself, which can’t be determined because mind-reading isn’t feasible.

Perimeter “security” is not secure.

Think of a car tire. It’s strong and holds the air in quite nicely until a nail comes along, whereupon it gets pierced and all the air leaks out. The basic problem with perimeter security is that the bad guys can concentrate all their effort on a single point, like the point of the nail, and can move their point of attack around until they find a weak spot. Once the weak point is found and penetrated, the attackers then have freedom of movement within the “secure” area. The perimeter has to be stronger than the attackers everywhere; the attackers only have to be stronger than the perimeter at one point. This leads inevitably to heroic, expensive, extreme, and ultimately ridiculous measures being taken to reinforce the perimeter.

Any bean-counter will look at that and say, “Well, obviously we need to expand the perimeter. If we double it, it only costs twice as much, but it protects four times the area.” That overlooks the nail-point effect. Doubling the perimeter at the same level of effort leaves each point just as vulnerable to pinpoint attack, while providing four times the value inside the perimeter for the attackers if they succeed.

That offers a clue as to the proper measures: Make the perimeter as small as possible. The smallest possible perimeter is no perimeter at all — each person within the secure area is responsible for his or her own security. That’s obviously impractical in this case, because air travel includes many individuals who aren’t capable of keeping themselves secure. Children, the handicapped, people who are weak for whatever reason cannot keep themselves secure, and many more people are unwilling to take security measures for themselves because they feel someone else should do it. There are also sub-areas relevant to security that individuals have little or no access to — passengers can’t supervise the baggage handling systems, for instance. Some system intermediate between a perimeter and individual security is called for.

That intermediate system is called security in depth. In the ideal or textbook case it includes a perimeter, but a relatively porous one that’s easy for people needing to use the secure system to traverse. The perimeter looks for gross, easily-detected threats, and is assumed to pass better-concealed ones, and is thus relatively cheap in both senses — the personnel and equipment needed aren’t top of the line, and passing it isn’t hard for users. Within the secure area there are many people looking out for security concerns, and because there are many of them they can each concentrate on a relatively small area of responsibility. Threats pass the perimeter, but are deflected or repulsed before they reach vulnerable places.

What would security in depth look like, as applied to the airline travel system?

The single most numerous class of people within the system is passengers. A system of security in depth must involve the passengers, because they have both personal concern for their own safety and access to other passengers who might be a threat. This has already worked. The highjackers of Flight 93 were frustrated by passengers on the plane; the “shoe bomber” and “underwear bomber” were detected and frustrated by other passengers. Airline personnel, airport workers, and purpose-hired security people can and should be depended upon to maintain security in their own areas of expertise, but they have other things to do to make the airplanes fly. Passengers have leisure, interest, and concern. A successful system of security in depth must utilize that resource.

When the problem first surfaced several people offered the jocular suggestion that passengers all be armed. The question “Do you have a firearm?” should have two followups: if “Yes”, the next question is “Is your ammunition safe to use on the plane?”, and if “No”, it’s “Do you prefer automatic or revolver for your loaner?” That’s silly, of course — in a full-bag Libertarian system it might work, but there are too many people who find guns distasteful for it to go over.

Another suggestion was more Air Marshals, people trained in identifying and dealing with threats at the point of most vulnerability, aboard the airplane during boarding, flight, and deplaning. Unfortunately, Air Marshals are expensive. Not only do you have to pay them relatively well because of the level of expertise required, but they require extra and different measures to acommodate them at the perimeter, and they displace paying passengers, which reduces revenue. There’s also a Gresham’s Law corollary: People might be attracted to the job of Air Marshal because of the free travel rather than the actual job, and the more you try to minimize the expense of Air Marshals the more likely it becomes that such people will predominate within their ranks.

Air Marshals would be an effective component of travel security if we could afford enough of them, but we can’t. Passengers must be involved in a truly effective security scheme. Putting the two together gives the concept of Deputy Air Marshals.

Many States have Concealed Carry Firearm License laws requiring the person who wants to carry a weapon to pass a course of instruction in safe use of the firearm. In most cases those courses are expensive both in money and in time, but lots of people are willing to pay — and in many if not most cases, the courses graduate individuals who are actually better trained to deal with violent altercations than the official police are because they are motivated to learn on their own, rather than it being a difficult job requirement. Going by the record, CCFL laws have been very successful. The number of CCFL holders who get in trouble using firearms is minuscule, and there have been many cases of CCFL holders being effective aids to security among the general population.

Set up a course, open to existing CCFL holders, training people in the specific duties of an Air Marshal. Such a course will be expensive in both money and time — I estimate that it would need to be at least a week of eight-hour days, because it must cover not only threat detection and resolution, but also the peculiarities of aircraft. No one, least of all the people who might be interested in such information, wants people blazing away within the aircraft cabin. Fear of decompression is ‘way overblown; airplanes leak air on purpose to preserve circulation, and a few bullet holes wouldn’t add much to that. The real problem is electrical wiring, hydraulic lines, flight controls, and vulnerable structural points being damaged, and Air Marshals have to learn such things. The course would also have to cover different laws regarding firearm possession and use in the areas served by airline flights, a large expansion of the CCF licensing process.

Graduates of the course would be appointed Deputy Air Marshals, entitled to pass the security perimeter unsearched and responsible in turn for contributing to security within the terminal while waiting and on board the aircraft. The simple ability to get through the cordon with minimum difficulty would make the status extremely attractive to almost everyone, and those with the resources and ability to take and pass the course would leap at the opportunity. On the average, a person who takes one flight per month ends up wasting a full week every year dealing with airline security, and there are many people who fly that much or more, whose investment in the course would be cost-effective.

Once the Deputy Air Marshal system was in full operation, there would be few if any flights that didn’t have at least one such person on board, and many where a large minority of the passengers were thus qualified. This yields highly effective security in depth that doesn’t cost the system anything. The Deputies took the course at their own expense; they pay for their tickets, and don’t displace a revenue-generating passenger; they receive neither salary nor commission; and they reduce the load on the perimeter guards, making that system both cheaper and more effective.

The only objection I see is the acronym. DAM is a little pejorative. Perhaps change the word order — Air Marshal Deputy, AMD perhaps? Suggestions welcome.