Airlines are supposed to check passengers against a no-fly list before they are allowed to board, but the airlines don’t always have the most current no-fly list. Current U.S. law requires airlines to transmit the passenger lists of flights bound for the United States to the Department of Homeland Security within 15 minutes of takeoff. DHS officials then check the names against the no-fly list. The problem is that the names aren’t transmitted until after takeoff, which means people are actually flying. So it’s really a misnomer to call it a no-fly list, and the whole notion of having such a list to prevent would-be terrorists from boarding airplanes falls into the category of “what’s wrong with this picture?”
The U.S. government is currently negotiating with airlines to get the passenger lists 60 minutes before departure, but most airlines are resisting, saying flights would be delayed. But in a world where keywords can be Googled with a nearly instantaneous response, transmitting and checking passenger names in a timely fashion should not be an insurmountable problem. In fact, since passengers cannot go through security to get to their departure gate without first having a boarding pass, wouldn’t it make sense for those names to be transmitted to DHS on a rolling, real-time basis? Such a procedure is certainly not beyond the capabilities of modern technology. More important, it would be a way to prevent people whose names are on the no-fly list from flying — sparing all the other passengers the major inconvenience of a detour to Bangor and the airlines the not trivial cost of an unscheduled landing and departure.
But the no-fly list problem goes beyond the basic issue of this list not being checked until after an aircraft has already taken off. The larger problem is knowing whether the person in question is the same person on the no-fly list. In both the Air France and Alitalia cases, the problem was mistaken identity.
Mistaken identity should not be a problem since the US-VISIT (Visitor and Immigrant Status Indicator Technology) program requires practically all visitors to apply for a visa (in their country of origin) to enter the United States. That application process includes providing biographical and biometric information — two index finger scans and a digital photograph. Common sense says that people who apply for visas should be cross-checked against the no-fly list and any other terrorist watch lists to determine if they are a potential threat.
In the case of the Air France flight, although the passenger in question had the same name and birth date as someone on the no-fly list, he had been issued a visa and he did not match the physical description of the person on the no-fly list. In other words, there was no real reason to divert the 169 passengers aboard Air France flight 332 and delay their arrival in Boston. And there was no real need to embarrass and humiliate the man, his wife, and two children by escorting them off the plane, detaining them, and subjecting them to questioning.
Homeland security is serious business. Preventing would-be terrorists from entering the country is one of the most important things that DHS must do. Yet managing a no-fly list should be a relatively simple and straightforward affair. For example, even if the no-fly list is sent to DHS within 15 minutes after takeoff, why is it not apparently checked until the aircraft is almost ready to land in the United States — several hours into its flight?
Yet the evidence suggests that we can’t do something this simple right. And if we can’t do the simple things right, what are the prospects that we will be able to do the more difficult tasks of homeland security — like screening for weapons of mass destruction?