QUESTIONS EOR MAY 22-23 HEARINGS ON AVIATION SECURITY Page 1 of 7

QUESTIONS FOR MAY 22-23 HEARINGS ON AVIATION SECURITY

PANEL ONE: WHERE WERE WE AS OF 9/11/01?

1. In the three months leading up to September 11, 2001, how would you characterize the
relationship between the U.S. intelligence community on the one hand and the aviation security
system on the other? How responsive was the intelligence community to information requests and
needs from the aviation security system? What were the major obstacles to the flow of security-
related intelligence information from the intelligence community to the various components of the
aviation security system? (What about after September 11: what is the situation now? What still
needs to be done to improve this relationship?)

2. DOT Assistant Under Secretary for Intelligence Claudio Manno testified before the Joint
Intelligence Inquiry in October of 2002 "Until the passage of the Aviation and Transportation
Security Act (ATSA), DOT distribution of threat information was severely limited because some
of the information had to be disseminated without being protected from release into the public
domain. Only the FAA had sufficient authority to share "sensitive security information" (SSI)."
How did this limitation impact the aviation security system's ability to learn of terrorist threats to
civil aviation up to September 11, 2001? (What about after September 11: what is the situation
now? What still needs to be done to improve this situation?)

3. What information lead to the issuance of the FAA security circular of June 22, 2001? Describe
specifically the response of the aviation security system to the circular. In particular, what
security-related actions were taken at Dulles, Logan and Newark airports? What, if any, changes
occurred in these security procedures between the time of their employment and September 11?

4. Between June 22, 2001 and September 11, 2001, what did DOT and the FAA know about general
and specific terrorist threats to civil aviation? About general and specific threats from al Qaeda?
About potential threats from the individual 9/11 hijackers? MR. MAY: What did the airlines know
about such threats?

5. In your view, what were the most significant threats to civil aviation as of September 10, 2001 ?
How did the system of aviation security governance affect the system's response to those threats?
(What about after September 11: what is the situation now?)

6. On September 10, 2001, how confident were you that the terrorist threat to U.S. civil aviation
could be effectively countered? How likely did you believe it to be: that terrorists would target
U.S. civil aviation for attack? That the U.S. intelligence and law enforcement communities would
successfully identify, apprehend or otherwise prevent such terrorists from gaining entrance into
the U.S. or the U.S. civil aviation system? That profiling and other intelligence assets within the
aviation security system itself would successfully identify, apprehend or otherwise prevent such
terrorists from gaining entrance onto commercial aircraft? That the baggage and passenger
screening system would prevent such terrorists from bringing on board explosives or weapons
necessary to hijack a commercial aircraft? That the personnel and security procedures on board
commercial aircraft would defeat terrorist hijacking attempts? (How would you change any of
these assessments based on the current situation?)

1. As of September 11, 2001, what was the status of each of the following, first for the U.S. civil
aviation system as a whole, and second, at Dulles, Logan and Newark airports:

a. FAA security guidelines and security-related communications on civil aviation (including

Security Directives, Emergency Amendments and Information Circulars)

http://kinesis.swishmail.com/webmail/imp/view.php?thismailbox=INBOX&index=183&id... 5/12/2003
 y^STIONS FOR MAY 22-23 HEARINGS ON AVIATION SECURITY Page 2 of 7
/

b. Airport and air carrier security plans

c. Computer-assisted passenger prescreening (CAPPS) system

d. Checked baggage screening

e. Passenger and carry-on baggage screening?

(What about after September 11: what is the situation now? What still needs to be done to
improve these measures?)

8. As of September 11, 2001, what performance indicators were employed to measure the
effectiveness of computer-assisted passenger prescreening, and the passenger, carry-on and
checked baggage screening systems? What was the measured performance of these systems in the
civil aviation security system as a whole, and specifically at Dulles, Logan and Newark airports,
and at American and United airlines? What sanctions, if any, were imposed for any failures to
meet performance requirements? What was the enforcement record on any such sanctions? (What
about after September 11: what is the situation now? What still needs to be done to improve these
systems?)

9. What procedures were in place on September 11, 2001 to insure compliance by airports, airlines
and contractors with FAA security policies and procedures? How well were these procedures
implemented, and how was compliance measured? (What about after September 11: what is the
situation now? What still needs to be done to improve system compliance?)

10. With regard to the operation of the computer-assisted passenger prescreening system by American
and United airlines between August (when the hijackers began purchasing their tickets) and
September 11, 2001, was this system applied to:

a. Passengers proceeding through airport screening

b. Carry-on baggage of passengers proceeding through airport screening

c. Checked baggage?

(What about after September 11: what is the situation now?)

11. Very specifically, as of September 11, 2001 what was the status of box cutters and short knives
within:

a. FAA security guidelines

b. Airport security plans for Dulles, Logan and Newark airports

c. Primary air carrier security plans for Dulles, Logan and Newark airports?

12. What FAA, airport, airline, pilot and/or flight attendant regulations, guidelines, and/or training
procedures were in place on September 11, 2001 for dealing with hijackers in general and suicide
hijackers in particular? (What about after September 11: what is the situation now? What still
needs to be done to improve these measures?)

13. It has been reported that the hijacker pilots may have undertaken a series of surveillance flights on
U.S. air carriers between May and August of 2001. What do we know about these flights? In

http://kinesis.swisrimail.com/webmail/imp/view.php?thismailbox=rNBOX&index=183&id... 5/12/2003
 STIONS FOR MAY 22-23 HEARINGS ON AVIATION SECURITY Page 3 of 7

hindsight is there anything about their actions with respect to these flights that should have
triggered closer scrutiny of these individuals?

MR. MEAD: In testimony you gave to the Senate Committee on Governmental Affairs on
September 25, 2001, you stated that, "Under the current system, those charged with aviation
security oversight (FAA) and those charged with providing the security (the airlines and airports)
are themselves facing other priorities, missions, and, in some cases, competing economic
pressures." Would you elaborate on the impact of the old system itself upon the system's security
performance? Do you believe that the aviation system's governance problems were well known
prior to September 11, 2001? If so, why were changes not made to correct the problems? (What
about after September 11: what is the situation now?)

15. How did economic factors, including the de-regulation of civil aviation in the late 1970s, affect
the performance of the aviation security system? (What about after September 11: what is the
situation now? What effect are economic factors having today?)

16. What was the status of security clearances for airport security personnel at Dulles, Logan and
Newark airports on September 11, 2001? (What about after September 11: what is the situation
now? What still needs to be done to improve this situation?)

17. What was the status of the federal air marshal program on September 11, 2001? (What about after
September 11: what is the situation now? What still needs to be done to improve this program?)

18. The General Accounting Office, the DOT Inspector General and others identified the performance
of the airport security passenger and baggage screening system as a significant problem for many
years prior to September 11, 2001. Why were these warnings evidently not acted upon? In other
words, why was low screener performance tolerated for many years?

19. MR. MAY: From the airline perspective, how would you characterize the pre-September 11, 2001
performance of the federal aviation security system in each of the following respects:

a. Sharing of threat information

b. Issuance and enforcement of security guidelines

c. Measurement of system performance?

(What about after September 11: what is the situation now? What still needs to be done to
improve this performance?)

PANEL TWO: WHAT HAPPENED?

1. Published reports indicate that nine of the nineteen hijackers were selected for special security
scrutiny prior to boarding the hijacked flights: six by the computer-assisted prescreening (CAPPS)
system, two because of identification document irregularities, and one because he was traveling
with one of the latter two. Are these reports accurate? Specifically, what triggered each selection?
In each case, what was done as a result of the selection? Were the individuals detained,
questioned, subjected to special screening, or subjected to any other special treatment? What were
the results of any such actions?

2. What weapons did the 9/11 hijackers use, and how did the weapons get on board the aircraft? In
the aftermath of the 9/11 hijackings there were published accounts of box cutters being found on
board another commercial aircraft. Are those accounts accurate? Have you been able to rule out
the introduction of the weapons used in the September 11, 2001 hijackings prior to the boarding of

http://kinesis.swishmail.com/webmail/imp/view.php?thismailbox=rNBOX&index=l 83&id... 5/12/2003

 SSTIONS FOR MAY 22-23 HEARINGS ON AVIATION SECURITY Page 4 of 7

the hijackers?

3. There were published reports that one of the flight attendants on board American Airlines Flight
11 phoned information that a gun had been fired on board that flight. What do we currently know
about the source and accuracy of those reports?

4. In your opinion, was the introduction of the weapons onto the four hijacked flights a result of
flaws in FAA regulations, air carrier security plans, screener performance, some combination of
these, or some other factor (such as unauthorized access to the aircraft)?

5. What information do we have of any other hijackings which were planned in conjunction with the
four 9/11 hijackings but which were not carried out?

6. Published accounts indicate that Boston flight controllers determined that American Airlines
Flight 11 had been hijacked at 8:20 AM on September 11, 2001, and that two flight attendants
telephoned American Airlines personnel with confirmation that a hijacking had occurred at 8:21
AM. However, these reports claim that NORAD was not notified of the hijacking until 8:40 AM,
some nineteen or twenty minutes later. Are these reports accurate? If so, what was the cause of the
delay in notification? Did the FAA, the flight controllers and the airline follow proper procedures?

7. With the benefit of hindsight, would the presence of sky marshals on the hijacked flights have
prevented the September 11, 2001 hijackings? What about better designed FAA security
guidelines and air carrier security plans? What about better-trained screeners?

8. Did your organization prepare an after-action analysis of precisely what happened on September
11, 2001? If so, please supply the Commission with a copy of such report and any supporting
documents, and if the report or documents are classified, with an unclassified version. If not, why
didn't you perform such an analysis?

9. Did flight controllers lose radar contact with any of the hijacked flights at any point? If so, why?

PANEL THREE: WHERE ARE WE NOW? WHERE DO WE GO FROM HERE?

1. Please describe how each of the following aspects of civil aviation security has changed since
September 11, 2001, and how such changes address problems associated with the previous
security system. Also indicate for each what remains to be done to optimize security performance:

a. Federal security guidelines and security-related communications

b. Airport and air carrier security plans

c. Computer-assisted passenger prescreening (CAPPS)

d. Checked baggage screening

e. Passenger and carry-on baggage screening

f. Air marshal program

g. Security training for flight and cabin crews

h. Flight deck intrusion and penetration resistance

http://kinesis.swishmail.corn/webmail/imp/view.php?thismailbox=rNBOX&index=183&id... 5/12/2003
 ,£STIONS FOR MAY 22-23 HEARINGS ON AVIATION SECURITY Page 5 of 7

i. Flight school security

j. Anti-missile protection for airliners

2. What is the most current information available on deployment of explosives detection machines
(compared to the goal of 1,100) and trace detection machines (versus 6,000 goal) for baggage
screening? What percentage of all checked baggage is currently being screened (versus 100%
goal)?

3. How do we currently measure success in the various components of the aviation security system?
How should we measure it? More specifically, what do we currently know about the performance
of the passenger and baggage screening system?

4. What is the status, and your evaluation, of the following specific aviation security laws or
proposals:

a. Arming of commercial air pilots

b. Trusted Traveler program

c. CAPPSII

d. Biometric identification of passengers and airport employees

e. Inspection of air cargo

f. Criminal background checks on commercial airport employees?

5. According to the Congressional Research Service, for FY2003 TSA has received total
appropriations of $5.18 billion, of which $4.52 billion, or 87 percent, has been allocated for
aviation security functions mandated by the Aviation and Transportation Security Act (ATSA).
Furthermore, $3 billion, or 58 percent of the total, is being used for airport screening alone. In
your view, does this represent an optimal prioritization, both among all transportation modes and
within civil aviation security itself? If not, how should these priorities be re-ordered?

6. What is the status of the memoranda of agreement that TSA has been pursuing in order to
facilitate cooperation and coordination with the various transportation modal agencies?

7. What is the status of the Transportation Security Oversight Board established by the Aviation and
Transportation Security Act (ATSA)? Specifically, how is it progressing in fulfilling its mandates
to facilitate the coordination and sharing of transportation-related intelligence information, and to
develop a common database in support of this effort?

8. How should security, convenience and privacy concerns be balanced with respect to civil
aviation?

9. Current law requires TSA to remain intact for two years but allows the agency to be restructured
after that time. What, if any, restructuring options are currently being considered, and why? What
restructuring options should be considered?

10. In April testimony to this Commission, Gerald Dillingham of the General Accounting Office
(GAO) identified five long-term institutional challenges facing TSA and our national
transportation security efforts:

http://kinesis.swishmail.com/webmail/imp/view.php?thismailbox=INBOX&index=183&id... 5/12/2003
 jESTIONS FOR MAY 22-23 HEARINGS ON AVIATION SECURITY Page 6 of 7

a. Developing a comprehensive risk management approach

b. Ensuring that funding needs are identified and prioritized, and costs are controlled

c. Establishing effective coordination among the many responsible public and private entities

d. Ensuring adequate workforce competence and staffing levels

e. Implementing security standards for transportation facilities, workers and security

equipment.

What is your evaluation of the GAO analysis? What is TSA currently doing to address each of
these challenges? What more remains to be done?

11. The 2002 National Research Council report, Making the Nation Safer, declared, "the most critical
need in the transportation sector is a systematic approach to security." More specifically, it called
for development of "coherent, layered security systems for all transportation modes, particularly
shipping containers and vehicles that contain large quantities of toxic or flammable materials."
Finally, the NRC recommended that TSA "establish a strategic research and planning office -
attuned to but distinct from the agency's operational and enforcement responsibilities." What is
your evaluation of these findings and recommendations, and what is TSA currently doing to
address them? What more needs to be done?

12. The 2002 Hart-Rudman task force report, America - Still Unprepared, Still in Danger, includes
among its "key" recommendations a charge to "Recalibrate the agenda for transportation security;
the vulnerabilities are greater and the stakes are higher in the sea and land modes than in
commercial aviation. Systems such as those used in the aviation sector, which start from the
assumption that every passenger and every bag of luggage poses an equal risk, must give way to
more intelligence-driven and layered security approaches that emphasize prescreening and
monitoring based on risk criteria." What is your evaluation of these comments, and what is TSA
currently doing to address them? What more needs to be done?

13. MR. STEELE: The President's Commission on Aviation Security and Terrorism, which was
convened in the aftermath of the December 21, 1988 destruction of Pan Am Flight 103 over
Lockerbie, Scotland, issued its final report to the President in May of 1990. As Associate
Administrator of Civil Aviation Security from 1990 to 1992, you had a key vantage point with
regard to the reaction to and implementation of the Commission's recommendations. Please
comment on the following findings and recommendations of the Commission, which would
appear to have been relevant 11 years later on September 11, 2001. For each, please indicate what
was done back in the early 1990s, and your assessment of what has been done thereafter, both
before and after September 11, 2001:

a. The Commission finds that the U.S. civil aviation security system is seriously flawed and
has failed to provide the proper level of protection for the traveling public. The system
needs major reform.

b. The Commission finds the Federal Aviation Administration to be a reactive agency -

preoccupied with responses to events to the exclusion of adequate contingency planning in
anticipation of future threats.

c. The FAA should seek the assistance of the FBI in making a thorough assessment of the
current and potential threat to the domestic air transportation system.

d. The Congress should require criminal background checks for all airport facilities. The

http://kinesis.swishmail.com/webmaiyimp/view.php?thismailbox=INBOX&index=183&id... 5/12/2003
 JESTIONS FOR MAY 22-23 HEARINGS ON AVIATION SECURITY Page 7 of 7

legislation should identify certain criminal records that indicate a potential security risk and
enable airport operators to deny employment on that basis.

e. The FAA must begin to develop stronger security measures for controls over checked
baggage, controls over persons with access to aircraft, testing of security systems, the use of
modern x-ray equipment, and the prescreening of passengers.

f. The FAA must take the lead in stressing the role of human factors in the security equation;
training must be improved.

14. MR. HALL: In addition to your service as Chairman of the National Transportation Safety Board,
you served on the White House Commission on Aviation Safety and Security, which was created
in August 1996 in the aftermath of the destruction of TWA Flight 800 and which made its report
to the President in February 1997. Please comment on the following items contained in the report
that would appear to be relevant to the events of September 11, 2001. Please indicate what impact
each finding or recommendation had on the civil aviation security system before and after
September 11,2001:

a. Improvements in aviation security have been complicated because government and industry
often found themselves at odds, unable to resolve disputes over financing, effectiveness,
technology and potential impacts on operations and passengers. Americans should not have
to choose between enhanced security and efficient and affordable air travel.

b. The FAA should work with industry to develop a national program to increase the
professionalism of the aviation security workforce, including screening personnel.

c. The FAA should require criminal background checks for all screeners and all airport and
airline employees with access to secure areas.

d. The FAA should complement technology with automated passenger profiling.

e. The FAA should certify screening companies and improve screener performance.

f. The FAA should aggressively test existing security systems.

g-

http://kinesis.swishmail.com/webmail/imp/view.php?thismailbox=rNBOX&index=183&id... 5/12/2003