Disclosure of TSA Manual Stirs Leak Anxiety

The inadvertent disclosure of a “sensitive” Transportation Security Administration manual on procedures for screening airline passengers has prompted renewed interest in legal remedies and penalties that may be available to the government to minimize the impact of such unauthorized disclosures.

In a letter (pdf) to the Department of Homeland Security yesterday, several Republican lawmakers asked:  What can be done to prevent the continued publication of such material on non-governmental web sites (such as cryptome.org and wikileaks.org)?

“How has the Department of Homeland Security and the Transportation Security Administration addressed the repeated reposting of this security manual to other websites and what legal action, if any, can be taken to compel its removal?” wrote Reps. Peter T. King (R-NY), Charles W. Dent (R-PA) and Gus M. Bilirakis (R-FL).

“Is the Department considering issuing new regulations pursuant to its authority in section 114 of title 49, United States Code, and are criminal penalties necessary or desirable to ensure such information is not reposted in the future?”

The short answer seems to be that existing legal authorities cannot easily be used to compel the removal of such records from public websites, and that any attempt to do so would likely be counterproductive, and would itself do damage to press freedom and other societal values.

Meanwhile, conservative talk show host Rush Limbaugh yesterday lashed out at the Federation of American Scientists in his own commentary on the TSA Manual disclosure.

“What an unmitigated disaster this is,” he said.  “Every day it’s something, every day is an unmitigated disaster.  ‘The original version of the manual [is] still available online preserved by websites that monitor government secrecy and computer security’ [a quote from the Washington Post], which tells you all you need to know about the motives of these sites, such as the so-called watchdogs at the Federation of American Scientists.”

This is not as gratifying as it might have been, since FAS had nothing to do with the disclosure of the TSA Manual.  In fact, had we been the ones to discover the unredacted Manual, we probably would have refrained from publishing it.

In 2005, the National Security Agency published a tutorial on how to properly redact and publish sensitive documents.  See “Redacting with Confidence: How to Safely Publish Sanitized Reports Converted From Word to PDF” (pdf).

5 Responses to “Disclosure of TSA Manual Stirs Leak Anxiety”

  1. Dissent December 10, 2009 at 7:39 PM #

    “In 2005, the National Security Agency published a tutorial …”

    Yes, but that was the NSA. This was the TSA. They don’t read the stuff beginning with N.

    King et al.’s ideas for criminalizing re-posting will only lead to a greater Streisand Effect. If they want to try to legislate Whack-a-Mole, less power to them.

  2. Phil Mocek December 11, 2009 at 1:53 PM #

    Someone posted to Flyertalk Forums the following draft of a letter to those Republican lawmakers:

    http://www.flyertalk.com/forum/travel-safety-security/1024410-sop-discussion-12.html#post12964756

    Dear Representative King,

    Today you published a letter written to Janet Napolitano in which you expressed alarm that the “specific procedures for calibrating magnetometers” was released in the poorly redacted TSA SOP.

    That procedure is widely known as any internet search will reveal. In fact the Department of Justice has an in depth document describing the details of that procedure. The DOJ hosted document also includes mechanical drawings and specifications for test objects.

    You can find the in depth DOJ document at http://www.ncjrs.gov/pdffiles1/nij/193510.pdf

    You also expressed alarm over the fact that the TSA SOP has been reposted on websites not under Government control. In your letter you revealed your eagerness to punish those that dared to post NON-secret, UNclassified information. A knee-jerk response to this would result in a miscarriage of justice. Reform and oversight of the DHS/TSA operation is in order because of this and many other issues recently brought to light.

    This SOP and the much more sensitive Screening Checkpoint and Checked
    Baggage Screening SOPs are entrusted to entry level, low paid, TSOs with no security clearance. With the TSA workforce turnover rate hovering around 20% a more likely scenario for a terrorist organization to use to discover SSI is the simple bribery of a disgruntled screener.

    Instead of wishing to inappropriately punish those that exposed this breach in TSA policy, you should be thanking them. That SOP was online for nine months before being found by accident. How many times do you think the terrorist organizations, and the countries that sponsor them, have scoured U.S. Government websites for errors such as this.

    Unlike the terrorists and the covert operations agents of rogue Governments, the citizens that discovered this leak brought attention to the public and to Government officials such as yourself, affording the TSA the opportunity to plug the security holes it created .

    Those that you are trying to demonize are not against airport security, in fact the person that discovered this document revealed it on a forum for FREQUENT flyers. These are the very people that interact with the TSA on a daily basis. These are the citizens that want real security, not the dog and pony show that the TSA has provided to date.

    There are far more serious security hazards created by TSA policy than this inadvertent leak of non-secret, unclassified information, such as the fact that the screeners are not screened before, during or after their shifts. The fact that luggage is not secured from molestation by TSA or airline employees, making it very easy to plant a bomb. If you can take something you can plant something. The fact that forced ID verification at the checkpoint is useless and those resources should be placed looking for weapons, explosives and incendiaries.

    I realize that you get a pass on selectee screening as a perquisite of your position and may not be able to fully grasp what happens to your constituents at the TSA checkpoint, so I invite you to fly several times without the benefit of your Congressional identification.

    I trust that once you take me up on my challenge you will be appalled at the gaping holes in security caused by the TSA that are not related to this latest faux pas.

  3. SoTex December 11, 2009 at 5:13 PM #

    I continue to be bemused by the Republicans’ passionate dedication to government secrecy, when they’re also the ones who keep telling us that the government is the problem with America. They could choose one or the other or neither, but not both at the same time.

  4. Cheaptalk December 11, 2009 at 5:28 PM #

    I don’t see a problem with Republicans having preference for protecting national security secrets while also arguing that the government has too large of a role in society.

    On the one hand, these are two very distinct issues. On the other hand, however, they both share in the criticism that gov’t is inefficient at best, and incompetent otherwise.

Trackbacks/Pingbacks

  1. Musings on Wikileaks « Secrecy {Book} - April 6, 2010

    [...] a newish term coined by Secrecy News called “leak anxiety.” There’s not a solid definition, but it appears to be a case of premptive agency [...]

Leave a Reply