Security theater is the practice of implementing security measures that are considered to provide the feeling of improved security while doing little or nothing to achieve it.

The term was originally coined by Bruce Schneier for his book Beyond Fear

Practices criticized as security theater include airport security measures, stop-and-frisk policies on public transportation, and clear bag policies at sports venues.

Etymology

The term security theater was coined by computer security specialist and writer Bruce Schneier for his book Beyond Fear, but has gained currency in security circles, particularly for describing airport security measures.

Examples of use of the term:

Examples

Some measures which have been called security theater include:

Airport security measures

Many procedures of the TSA have been criticized as security theater. Specific measures critiqued as security theater include the "patting down the crotches of children, the elderly and even infants as part of the post-9/11 airport security show" and the use of full body scanners, which "are ineffective and can be easily manipulated." Many measures are put in place in reaction to past threats and "are ineffective at actually stopping terrorism, as potential attackers can simply change tactics." The TSA's Registered Traveler Program and Trusted Traveler Program have been criticized on similar grounds.

A 2010 United States Government Accountability Office (GAO) report found that the TSA's $900million Screening Passengers by Observation Techniques (SPOT) program, a behavioral-detection program introduced in 2007 that is aimed at detecting terrorists, had detected no terrorists and failed to detect at least 16 people who had traveled through airports where the program was in use and were later involved in terrorism cases. In 2013, a GAO report found that no evidence existed to support the idea that "behavioral indicators[...] can be used to identify persons who may pose a risk to aviation security."

alt=A TSA officer, smiling, looks down at a passenger's identification. The passenger is in the foreground, facing away from the camera, and is dressed in black.|thumb|A TSA officer checks a passenger's ID.

With the aim of preventing individuals on the No Fly List from flying on commercial airliners, U.S. airports require all passengers to show valid picture ID (e.g. a passport or driver's license) along with their boarding pass before entering the boarding terminal. At this checkpoint, the name on the ID is matched to that on the boarding pass, but is not recorded. In order to be effective, this practice must assume that 1) the ticket was bought under the passenger's real name (at which point the name was recorded and checked against the No Fly List), 2) the boarding pass shown is real, and 3) the ID shown is real. However, the rise of print-at-home boarding passes, which can be easily forged, allows a potential attacker to buy a ticket under someone else's name, to go into the boarding terminal using a real ID and a fake boarding pass, and then to fly on the ticket that has someone else's name on it. Additionally, a 2007 investigation showed that obviously false IDs could be used when claiming a boarding pass and entering the departures terminal, so a person on the No Fly List can simply travel under a different name.

Facial recognition technology was introduced at Manchester Airport in August 2008. A journalist for The Register claimed that "the gates in Manchester were throwing up so many false results that staff effectively turned them off." Previously matches had to be 80% the same to their passport pictures to go through, and this was quickly changed to 30%. According to Rob Jenkins, a facial recognition expert at Glasgow University, when testing similar machines at a 30% recognition level, the machines were unable to distinguish between the faces of Osama bin Laden and Winona Ryder, bin Laden and Kevin Spacey, nor between Gordon Brown and Mel Gibson.

Random search programs on public transit and sports venues

Random bag searches on subway systems – a practice that has been used on the Washington Metro and on New York City mass transit – have been condemned as ineffective security theater and a waste of resources. Such programs have also been criticized by members of the public and civil liberties groups.

Similarly, the Chicago Transit Authority police's deployment of random explosive-residue-swabbing checkpoints at public transit stations has been criticized as an ineffective means of security. Pat-downs of fans entering arenas for National Football League and metal detectors at Major League Baseball games have also been criticized as security theater. Additionally, the effectiveness of Clear and Large Bag policies at many major sports venues in the United States has been questioned repeatedly.

Credit card signatures have been a longstanding subject of scrutiny and generally referred to as theatrical measure, as they have been notably criticized for having no true effect on deterring or stopping credit card fraud.

Effects

By definition, security theater practices provide no measurable security benefits, or minimal benefits that do not outweigh the cost of such practices. Security theater typically involves restricting or modifying aspects of people's behavior or surroundings in very visible and highly specific ways,

Organizations such as the US TSA, who have implemented security theater practices, have been found to be highly ineffective, with one 2015 investigation resulting in TSA agents failing to prevent illegal items in 95% of trials. A follow up study in 2017 found similar results, though the TSA did not release an exact rate of success or failure.

Perception

Security theater is ineffective at stopping terrorism and crime, but it may be beneficial insofar as it changes the perception of security. If customers or travelers feel more protected and safer as a result of the measures, then they may carry on activities they would have otherwise avoided, which could lead to socioeconomic benefits. Extrapolating this rate of fatalities, New York Times contributor Nate Silver remarked that this is equivalent to "four fully loaded Boeing 737s crashing each year."

Economic costs

The 2007 Cornell University study also noted that strict airport security hurts the airline industry; it was estimated that the 6% reduction in the number of passengers in the fourth quarter of 2002 cost the industry $1.1billion in lost business.

The ACLU has reported that between October 2008 and June 2010, over 6,500 people traveling to and from the United States had their electronic devices searched at the border. The Association of Corporate Travel Executives (ACTE), whose member companies are responsible for over one million travelers and represent over $300billion in annual business travel expenditures, reported in February 2008 that 7% of their members had been subject to the seizure of a laptop or other electronic device. Electronic device seizure may have a severe economic and behavioral impact. Entrepreneurs for whom their laptop represents a mobile office can be deprived of their entire business. Fifty percent of the respondents to ACTE's survey indicated that having a laptop seizure could damage a traveler's professional standing within a company.

The executive director of the ACTE testified at a 2008 hearing of the Senate Judiciary Subcommittee on the Constitution seizure of data or computers carrying business proprietary information has forced and will force companies to implement new and expensive internal travel policies.

Increased risk of targeted attacks

The direct costs of security theater may be lower than that of more elaborate security measures. However, it may divert portions of the budget for effective security measures without resulting in an adequate, measurable gain in security.

Because security theater measures are often so specific (such as concentrating on potential explosives in shoes), it allows potential attackers to divert to other methods of attack.

Documents uncovered by the ACLU found that until late 2012, the US TSA maintained training manuals that exclusively focused on examples of Arab or Muslim terrorists. In 2022, the US GAO found that advanced imaging technologies by the TSA disproportionately selected passengers of minority groups for additional screening, and a follow up report in 2023 found the same issue. The ACLU dropped their lawsuit against the TSA in 2017, but a report published by the organization, as well as reports published by the US GAO and a scientific advisory group found that the SPOT program had no scientific basis for effectiveness.

See also

  • Christopher Soghoian – creator of a website that generated fake airline boarding passes
  • Hygiene theater
  • Placebo effect
  • Target hardening
  • Watching-eye effect
  • Dramaturgy (sociology)

References

  • Crypto-Gram, Bruce Schneier's newsletter
  • Sometimes, Security Theater Really Works Gadi Evron and Imri Goldberg argue that security theater saves lives