A decade-long Homeland Security Department effort to better secure America’s shipping ports from terrorism using biometric identification cards has been so bungled that lawmakers should consider other alternatives, a congressional watchdog reports.
The report this week from the Government Accountability Office questioning the Transportation Worker Identification Credential initiative is the latest to find significant flaws in Homeland Security’s efforts to use advanced technology to better fortify the country since the Sept. 11, 2001 terror attacks.
The TWIC program was supposed to provide a tamper-resistant biometric ID card to maritime workers, granting them unescorted access to secure areas in ports and maritime facilities. The program was required by a 2002 maritime security law passed by Congress in the aftermath of the Sept. 11 attacks.
GAO investigators found a multi-year pilot to test TWIC biometric cards in several locations was seriously flawed, often producing inaccurate data to congressional overseers about who was accessing sensitive maritime sites and when.
“DHS’s reported findings were not always supported by the pilot data, or were based on incomplete or unreliable data, thus limiting the report’s usefulness in informing Congress about the results of the TWIC reader pilot,” GAO reported this week.
“For example, reported entry times into facilities were not based on data collected at pilot sites as intended. Further, the report concluded that TWIC cards and readers provide a critical layer of port security, but data were not collected to support this conclusion,” it added.
The GAO concluded that the “results of the pilot are unreliable for informing” Congress and DHS on whether to implement a permanent program, and that policymakers should consider weighing other solutions.
“Given DHS’s challenges in implementing TWIC over the past decade, at a minimum, the assessment should include a comprehensive comparison of alternative credentialing approaches, which might include a more decentralized approach, for achieving TWIC program goals,” the report said.
The Homeland Security Department disagrees with the GAO’s conclusions, and is proceeding with creating a final regulation to mandate the TWIC program nationwide based on the pilot program.
Transportation Security Administration and Coast Guard officials inside the department argue the problems with data collection during the pilot “were not significant to the conclusions” that the technology enhances maritime security, the report said.
GAO said Homeland Security officials did not heed its prior concerns raised in 2009 and 2011 about the quality of the pilot program. But its concerns in the latest report go beyond how the pilot was conducted, identifying possible ways TWIC readers could be foiled during a security breach.
For instance, GAO investigators said the biometric card readers suffered errors from time to time and the security logs “were not detailed enough to determine the reason for errors, such as biometric match failure, an expired TWIC card or that the TWIC was identified as being on the list of revoked credentials."
The investigators also found that data about who was granted access to secure maritime facilities that was reported from 31 of the 34 pilot tests sites did not match the information investigators found when they went back to the site.
GAO said the stakes for creating a robust security control system for ports could not be higher in an era of growing maritime commerce.
“Ports, waterways, and vessels handle billions of dollars in cargo annually, and an attack on our nation’s maritime transportation system could have serious consequences,” it warned. “Maritime workers, including longshoremen, mechanics, truck drivers, and merchant mariners, access secure areas of the nation’s estimated 16,400 maritime-related transportation facilities and vessels, such as cargo container and cruise ship terminals, each day while performing their jobs.”