Who’s really in charge of an in-flight aviation crisis?

Aviation Security Consultant, Captain Tom Walsh, addresses the issues of ‘captain’s authority’ and ‘common strategy’ by government officials, airport security managers, airport law enforcement and other first responders to security events involving commercial airliners at their airports, and discusses where the responsibility lies.


I shall begin this article by illustrating the issue with an actual incident that – thankfully – ended without injury, but could easily have ended with both injuries and significant liability on the part of the law enforcement and airport involved. In September of 2012, allegedly due to a call suggesting that terrorists with gas masks were hiding in the wheel wells of two airliners arriving at New York’s John F. Kennedy International Airport from Europe, two 767 wide-body airliners (an American flight and a Finnair flight), were directed to a remote spot and then surrounded by law enforcement and emergency vehicles. Incredibly, the flight crews were not told the reason why. A video from a news report of this incident is available1.

You’ve got 60 seconds”. Is this a reasonable response by the Captain?

In the recording, the concerned Captain of the American flight requests and then demands information.

The Captain finally states “okay, we’re surrounded by emergency vehicles. There’s a reason for this! Somebody’s got to give us the reason or we’re going to evacuate the aircraft. You’ve got 60 seconds”. Is this a reasonable response by the Captain?

Yes, absolutely. Any airline captain would understand his concern and agree with his demand to know what was happening and why. He most likely thought there was a fire or other emergency and he absolutely needed to know what was going on. The final decision of whether to evacuate an aircraft is made solely by the Captain, and the more time the crew has to prepare for this, the better.

The Captain is responsible, by international law, for the safety of the passengers, crew and the aircraft. In an emergency, he or she can deviate from any and all aviation regulations to meet the demands of that emergency. Of course they can be called on to justify their actions afterwards but they do have absolute authority in an emergency situation. In this case, the Captain was surrounded by emergency vehicles, implying a serious problem and he was not being told why. He was legally in charge of the aircraft, but others thought they were. This is the first serious problem I’d like to discuss. For a brief review of the actual regulations governing Captain’s Authority, the pertinent ICAO rule can be found in Annex 2, Paragraph 2.3.2.

To paraphrase only slightly, the section states: “The pilot-in-command shall have final authority as to the disposition of the aircraft while in command.” The section further states that the Captain should follow the aviation regulations, which would normally include air traffic control instructions, but also clearly states that they “may deviate from these rules in the interest of safety”. The United States Federal Aviation Administration Regulations (FARs) are perhaps a little more forceful in supporting Captain’s Authority.

FAR 91.3(b) states: “The pilot in command of an aircraft is directly responsible for, and is the final authority as to, the operation of that aircraft. In an in-flight emergency requiring immediate action, the pilot in command may deviate from any rule of this part to the extent required to meet that emergency.” The FAA has interpreted this rule to include aircraft operations on the ground as well.

Clearly the intent around the world is for the Captain to have full authority to do whatever they deem necessary in an emergency. This is generally not a problem when it comes to more typical but still rare emergencies such as mechanical problems. There is usually plenty of communication as to exactly what is going on and the emergencies are almost always resolved safely.

But serious security incidents are also an emergency!

The incident at JFK raises several important questions. Why was Captain’s Authority so poorly understood here? Why was the Captain kept in the dark as to what was happening? Why was his reaction and the resulting danger not anticipated by the authorities? It certainly should have been. Was this just an isolated incident due to the nature of the alleged threat, as ludicrous as this scenario was? What about other security scenarios? Are the assumptions by authorities on what the aircrew will do correct?

Unfortunately, I think the potential for danger is unacceptably high around the world at most airports when it comes to emergency responses to aircraft security events. I know for certain that this is a problem in the United States and I can only hope it’s not the same in some other parts of the world, but I suspect it is. This brings me to the second problem I’d like to discuss: Common Strategy. In past aviation security projects, and as a law enforcement liaison pilot, I have been asked to participate in or evaluate a number of hijack, airport terrorism and other security exercises in the U.S. These exercises ran the gamut from tabletop exercises to actual simulated aircraft hijackings with airborne aircraft, terrorist role players onboard and multiple airport, state and federal agencies involved. In all of them, I found that there was a poor understanding of what flight crews are now trained to do or likely to do in a serious security event. In most of them, the authorities assumed that the crew would do as they wished or were instructed, which was typically to take the aircraft to a remote spot. This is dangerously incorrect and is a holdover from the pre-9/11 days.

That may be what the Captain will do, but in many cases he may not comply and he has full authority not to comply, as discussed above. Depending on the type of security emergency, he or she may stop the aircraft at a place of their choosing. Most emergency responses that I saw in these exercises did not consider that possibility at all. In many cases, they had no plans for what crews were most likely to do. I also found that most of the airports in the United States had a poor understanding, if any, of the new Common Strategy; our specific guidance for responding to various security threats, up to and including an attempted breach of the flight deck. Some even had no idea what that was until I explained it to them. This is not the forum for a full discussion of the U.S. Common Strategy, and in fact the information is considered sensitive security information by the Transportation Security Administration and is restricted to those with a ‘need to know’.

For our purposes here though, I can say that the Common Strategy known around the world was originally developed in response to traditional aircraft hijackings. It generally called for cooperation with hijackers and to get the aircraft on the ground and deal with the problem there. But after the 9/11 attacks in the United States, Common Strategy was dramatically changed. Unfortunately, that information is poorly understood, if known at all, by many who should know, even in the United States. I’m certain the problem is worse outside the U.S.

I also have concerns about some elements of the U.S. Common Strategy, but nevertheless, every airport that U.S.-based crews fly into should have a clear understanding of what we are now trained to do with specific security incidents. To make the problem even more complex, crews from other countries may have developed different strategies and expectations and may react differently. Emergency planners and first responders at all airports need to have a clear understanding of possible reactions by different crews from around the world.

One way to do that would be to include an actual airline pilot familiar with the airport and the types of aircraft that operate there very early in the planning stages for any emergency response or hijack exercises. Better yet, establish a formal liaison programme that includes actual airline pilots and make them a part of your security process. A pilot with appropriate aviation security training would be the best choice. In past hijack exercises I have observed, I found multiple serious errors in the assumptions about aircraft and aircrews. In one notable example, a major U.S. Category X airport had spent a considerable sum of money on a required aircraft hijack exercise that included scenarios that were very unrealistic or impossible.

No pilot had been asked to help with the exercise until it was too late to change it. This unfortunately resulted in negative training for a large number of agencies and airport departments. A knowledgeable pilot could help develop scenarios that are both realistic and pertinent to the actual threats we face today. In an actual security emergency, a well-prepared airport or law enforcement agency should also be able to immediately contact a trained and knowledgeable pilot to answer questions and point out potential dangers. In the New York incident, any airline pilot could have told them that terrorists with gas masks in a wheel well on an eight-hour flight from Europe was not a viable scenario. They would also have immediately anticipated the Captain’s reaction and been able to point out the dangers before even being asked. The most obvious danger would be with an evacuation of the aircraft when not required. There are almost always injuries involved when evacuating an aircraft, typically sprains, bruises or ankle and leg injuries. Because of this, an aircraft should never be evacuated unless it’s more dangerous to remain onboard.

To summarise, within this article I have described what I see as two serious problems and illustrated them with an actual event. There seems to be a misunderstanding on the part of airport and law enforcement authorities as to who is in charge of the aircraft in a security emergency. Make no mistake; until the aircraft is stopped and the doors are opened, the Captain is in charge of the aircraft. Furthermore, U.S. crews now deal with security incidents differently. Airports around the world need to understand this and be certain their response plans acknowledge and anticipate what the Captain is likely to do and why.



Tom-WalshCAPTAIN TOM WALSH is a U.S.-based active International Captain and Aviation Security Consultant. He is the Senior Aviation and Aviation Security Subject Matter Expert for BayFirst Solutions, a Washington, D.C.-based firm specialising in risk management, policy and risk analysis. BayFirst Solutions is currently assisting the U.S. Government in ongoing vulnerability and risk assessment studies in the global aviation system.

He can be reached at [email protected].

Send this to a friend