Calculated risk

Posted: 17 November 2016 | | No comments yet

In today’s turbulent times airport security officials are repeatedly questioning whether airports should move away from blanket security checks and adopt the risk-based security approach. Dr Simon A. Bennett, Director of the Civil Safety and Security Unit at the University of Leicester, weighs up the pros and cons of risk-based security.


The March 2016 bombing of Brussels Airport in Zaventem and Maalbeek metro station in Brussels killed 32 people and injured over 300. I reacted by writing an article in which I argued for a proportionate response to the threat of terrorism. A couple of days later I received an e-mail from a reader who accused me of complacency. He argued that in order to address the threat posed by Daesh and similar terrorist organisations, every passenger should be scanned and searched before they entered their allotted terminal. He believed that this measure should be introduced at every international terminal regardless of the threat level and potential inconvenience to the travelling public. I didn’t reply. In my opinion such Draconian measures would risk bringing the industry to its knees: firstly, because processing passengers through security would take much longer; secondly, because passengers would have to queue in the open air or in tents, causing satisfaction scores to plummet; and thirdly, because such a measure would present Daesh with a propaganda coup. Daesh could boast of causing misery, disruption and expense to, in its eyes, Kuffar (non-believers).

The nature of today’s threat These days there is much talk in security circles about ‘New Terrorism’, the distinguishing characteristics of which are said to be:

  • Simultaneity – the temporal concentration of bombings, massshootings or Kamikaze attacks
  • Maximum kill – a determination to eliminate as many civilians as possible
  • Maximum shock – a determination to kill in the most gruesome ways imaginable
  • Maximum exposure – a desire to engineer live media coverage of attacks
  • Maximum economic disruption – because Daesh and its imitators consider profit to be the foundation stone of western society, a determination to inflict the greatest economic cost possible
  • Global reach – the ability to strike at anyone, anywhere, anytime, with impunity

While an accurate definition of New Terrorism, claims by security experts that it began with the attacks of 9/11 are incorrect. New Terrorism emerged in September 1970 when the Popular Front for the Liberation of Palestine (PFLP) hijacked two aircraft to an abandoned RAF airfield in Jordan – Dawson’s Field – and inspired the hijacking of a third aircraft to Dawson’s Field. A fourth aircraft, a Pan Am 747, was blown up in Cairo. It was too large to land at the desert airstrip. The incongruity of a TWA 707, Swissair DC-8 and BOAC Super VC-10 sitting in the middle of a desert proved a magnet for the world’s media. Film of the aircraft being dynamited was beamed around the world. The PFLP hijackings were the genesis of New Terrorism.

Responses: Risk-based security

Threats such as those posed by Daesh require innovative responses – one being so-called risk-based security. In contrast to the blanket security measures in force at most airports, risk-based security uses profiling, interviews, travel history analysis and other measures to distinguish low- from high-risk passengers. Low-risk passengers are subjected to minimal on-airport checks, while high-risk passengers are subjected to additional checks.


For reasons that are obvious, Ben Gurion, Israel’s only international airport, practices risk-based security. At , risk-based security measures are supplemented by perimeter checks. The Daily Telegraph’s David Blair commented: “By the time a traveller is finally allowed to board a plane departing from Israel, he or she will have cleared no less than 12 layers of security.” Does Israel’s multi-level, risk-based security system work? Given that not one passenger has been killed or wounded inside the airport, or on board an aircraft on the airport’s ramps and runways for 44 years, the answer is probably ‘yes’. But could Israel’s multi-level, risk-based security system be rolled out at every international airport? Probably not. Having just one international airport means Israeli authorities can concentrate resources and expertise in one location. It is doubtful that countries with several international airports could afford to implement the Ben Gurion gold standard at every one. It is worth remembering that Ben Gurion processes under 17 million passengers per annum. Paris Charles de Gaulle processes 66 million and London Heathrow, 75 million. There are over two dozen international airports in the United Kingdom alone.

Risk-based security uses profiling, interviews, travel history analysis and other measures…

Governments must therefore strike a balance between security, practicality and affordability. There are other demands on national budgets besides that of airport security; some of which, such as spending on education, healthcare and state pensions for the elderly, are politically charged.

Risk-based security: A critique

Whilst effective, risk-based security is not without its problems. Firstly, there are concerns about privacy. One approach to risk-based security is to create a database of low-risk passengers who would be subject to fewer checks at the airport. Fewer checks would mean less time spent getting from the car-park, rail or bus terminal to the departure gate. However, some have expressed concern about the volume and security of the personal data required to support such a system. Others, such as Barry Steinhardt, Director of the Technology and Liberty Programme at the American Civil Liberties Union, have warned that those unable to get onto the database “would be increasingly subjected to intrusive, humiliating and time-consuming searches”.

“Governments must strike a balance between security, practicality and affordability…”

Secondly, there are concerns that a risk-based security system might lead to the application of crude stereotypes. For example, the calculation by airport and airline staff and the police of security risk on the basis of a prospective traveller’s dress code, skin colour, native tongue, non-verbal communication, demeanour or country of birth. A risk-based security system would offer police officers, airport and airline staff who were prejudiced the opportunity to express their prejudices in their decision-making. Prejudice is a fact of life. It afflicts every profession, including academia (where it generally manifests as anti-Semitism) and the security profession (where it generally manifests as racism or Islamaphobia).


Thirdly, there is no guarantee that a prospective traveller judged to be low-risk would not subscribe to an extremist ideology, such as those peddled by Daesh, Al-Qaeda, Al-Shabaab or Boko Haram. Stereotyping creates lacunae, especially in regard to turncoats.

The turncoat blind-spot

The turncoat problem is best illustrated by the case of the so-called White Widow, Samantha Lewthwaite. A senior figure in Islamist terror group Al-Shabaab, Lewthwaite’s provenance can only be described as English Establishment. Her soldier father served in Northern Ireland. The highly intelligent Lewthwaite studied at London University. Her life changed direction when she married Germaine Lindsay – one of the London 7/7 suicide bombers. Following the 7 July 2005 attacks that killed 52 people, Lewthwaite fled the country and today she is one of the Western world’s most wanted terrorism suspects.

If an intelligent young woman born into an English military family and residing in a sleepy, conservative town can be turned, anyone can be turned. The case of Samantha Lewthwaite reconfirms the dangers of stereotyping. Risk-based security has certain advantages, such as reducing the time it takes the majority of passengers to negotiate the security process, and the freeing up of scarce security resources. However, it also has disadvantages, such as allowing those who have been turned (or those who sympathise with Islamist terror groups) relatively easy access to infrastructure, passengers and aircraft. My view is therefore that we should stick with our current blanket security systems, however cumbersome, as they are the best way to intercept turncoats. We should be mindful of the possibility that the assumptions that underpin risk-based security regimes may be incorrect.

About the author 

simon-bennettDr Simon A. Bennett is Director of the Civil Safety and Security Unit at the University of Leicester. He has a Master’s degree in Communication and Technology and a PhD in the Sociology of Scientific Knowledge from Brunel University in London. He has taught risk management at the University of Leicester for many years and works as a consultant to the aviation industry where he specialises in flight-deck human factors (teamwork, communication, leadership, morale, hierarchy, stress, fatigue, etc.). Dr Bennett has published in numerous academic journals. His books include Human Error – by design? (Palgrave-Macmillan), A Sociology of Commercial Flight Crew (Ashgate), Londonland (Libri) and After Hubris, Nemesis: Why flag carriers fail (Vaughan Papers). Before entering academia, Dr Bennett managed a city IT department.

Send this to a friend