ABC News reports that the Transportation Security Administration (part of the US Department of Homeland Security) has had a security breach and its screening manual is now public. ABC News has links to the manual and a sample CIA credential. (After the jump, read TSA’s response.)
In a massive security breach, the Transportation Security Agency (TSA) inadvertently posted online its airport screening procedures manual, including some of the most closely guarded secrets regarding special rules for diplomats and CIA and law enforcement officers.
The most sensitive parts of the 93-page Standard Operation Procedures were apparently redacted in a way that computer savvy individuals easily overcame.
The document shows sample CIA, Congressional and law enforcement credentials which experts say would make it easy for terrorists to duplicate.
The improperly redacted areas indicate that only 20 percent of checked bags are to be hand searched for explosives and reveal in detail the limitations of x-ray screening machines. […]
The document contains a list of items for which screening is not required including wheelchairs, footwear of disabled individuals, casts and orthopedic shoes. […]
TSA screeners are also told to require extra screening for any passenger whose passport was issued by Cuba, Iran, North Korea, Libya, Syria, Sudan, Afghanistan, Lebanon, Somalia, Iraq, Yemen or Algeria.
The document also reveals that during peak travel times, TSA screeners who check identification can reduce from 100 percent to 25 percent the times they use black lights to authenticate documents.
TSA posted a response about the security breach on its blog:
TSA has learned that an outdated version of our Standard Operating Procedures document had been improperly posted to the Federal Business Opportunities Web site. TSA took swift action to remove the document when this was discovered.
The version of the document that was posted was neither implemented nor issued to the workforce. In fact, there have been six newer versions of the document since this version was drafted. Standard Operating Procedures change regularly as intelligence provides information on new threats and we find better ways improve security.
A full review is now underway to ensure proper procedures are followed in the future.
TSA has many layers of security in place to keep the traveling public safe, and we are confident that the screening procedures we currently have put in place remain strong.
This is second time in two months that TSA’s security screening rules have been publicly debated. Last month, it was revealed that the Transportation Security Administration had changed its rules concerning airport searches after a lawsuit by an angry aide to Ron Paul who was detained by TSA. Steven Bierfeldt was asked why he was carrying $4,700 in cash as well as several other questions “that bore no relevance to pre-flight safety screening. These questions included inquiries into his employment, the source of the money in his possession, and the purpose of his trip to St. Louis,” according to the lawsuit (pdf).
The ACLU received a copy of the September directive from TSA as part of the case documents and published it (download here from ACLU; Privacy Lives archive copy here (3 MB)). TSA told the ACLU not to publish the October directive, though this was also part of case documents.