Reflections of ‘the echo chamber’ in international Aviation Security regulation
Southpac’s Principal Advisory, Aviation Security, Jim Termini, argues the prevalence of non-evidence-based opinions can skew the perception of threats and vulnerabilities in the aviation security landscape.
The ‘echo chamber’ is alive, well and thriving in aviation security (AvSec). Sometimes known as ‘the borg’, the ‘echo chamber’ is the mass of voices that repeats impractical ideas, reflects uninformed hyperbole and speculates in an unhelpful manner, often when it is needed the least.
Symptoms of ‘echo chamber’ residency include, but are not limited to; lacking of any evidence-based analytics (or any evidence at all), limited critical thinking, low levels of professional intellect and an absence of objective solution creation. Assimilation into the ‘echo chamber’ is remarkably easy, avoidance is not.
The ‘echo chamber’ specialises in rehashing and reframing of historic data based on personal opinions and experiences, often to suit a narrative. The prevalence of non-evidence-based opinions can skew the perception of threats and vulnerabilities. This creates a feedback loop where outdated practices are perpetuated rather than critically assessed and updated.
I raise this article as a provocation because there are current subjects bouncing around within the ‘echo chamber’ that require healthy discourse. Accepting that it is sometimes difficult to discuss aviation threat and risk in an open forum, we should also accept that if industry is discussing specifics, then there is no secret. How arrogant must we be to think that the innovation, imagination and technical skills required for a potential attack are outside the thought process of those attackers?
All of our relevant international organisations tend to agree that robust AvSec measures should be risk-focused, proportionate, effective and sustainable. For security measures to be risk assessed we must have reliable and accurate threat data[1] from which vulnerabilities can be defined, potential consequences can be derived and effective mitigations implemented.
Regulation is the cornerstone of National AvSec programmes[2], but with some notable exceptions, regulation is trending down the path of decline in quality, possibly as a by-product of deregulation policies in some areas. The ICAO Universal Security Audit Programme – Continuous Monitoring Approach (USAP-CMA) policy limits the issuance of Significant Security Concerns[3] (SSeCs) to only audit areas that require Effective Implementation (EI) of measures, reducing the focus on effective regulation.
Additionally, regulators, as individuals, tend to cycle in and out of National AvSec Appropriate Authorities (AAs), leading to further degradation in expertise (due possibly to the Dunning-Kruger[4] effect taking a hold in this post-COVID environment across both regulators and regulated), and therefore continuity and efficacy of measures. Some of this is undoubtedly led by industry ‘echo chamber’ inhabitants lobbying regulators based on reverberations and little empirical evidence.
The ICAO Global Aviation Security Plan (GASeP)[5] provides a sound framework for six (6) priority areas to underpin and build an AvSec regime upon, yet its effectiveness depends on the quality of regulation and the expertise of those implementing and enforcing it.
CASE STUDY: It is open-source information[6],[7] that there have been very recent attacks against civil aviation, possibly perpetrated by a State actor. These attacks deployed improvised hybrid (combination explosive and incendiary) devices that were readily predictable; they weren’t clever, imaginative or innovative – just a different spin on a known theme. So, what has our typically reactive response been to these devices? Generally, it has been to revert to outdated practices[8], (the old Account Consignor (AC) measures) slightly amended, that industry and regulators alike have spent years repealing and/or replacing, or, to take no action at all. It has been to try and play down the fact these attacks took place and the consequences should they have functioned on a civil aircraft, as seems intended. When compared to the immediate and robust global reaction to the Improvised Liquid Explosive Devices (ILED) of 2006, we have slidden down the slope of apathy.
Have we taken nothing on board from that event, arguably second only to 9/11 in terms of impact on aviation? Our Research & Development (R&D) has taken 18 years to deliver technology that can repeatedly and reliably detect viable levels of liquid explosive in an operational environment (notwithstanding recent reversals of some State rules for LAGs). National AAs are at odds with each other as to how to effectively deal with the progress that has been made. Another by-product of the ‘echo chamber’?
This weak global response serves to feed the ‘echo chamber’, it promotes speculation and fails to hold the potential attackers to account. The reactive responses to these attacks, focusing on outdated practices rather than learning from incidents, reflect a broader failure to adapt. This stagnation, driven by the ‘echo chamber’ and an overreliance on personal perspective, merely repeats past mistakes and leaves the industry vulnerable.
The sad truth is that we are collectively largely incapable of any other type of response, other than a mass grounding. The decline in the quality of regulation, the stagnation of critical thinking across regulators and regulated, perpetuated by the ‘echo chamber’ and over reliance on historic data dooms us to repeating the failings of the past.
Only through robust, evidence-based discourse can the international AvSec sector evolve and counter emerging and variant threats whilst remaining operationally and cost effective.
Breaking free from the ‘echo chamber’ requires a collective effort to prioritise critical thinking and adaptability. Only through development of an environment of inclusive dialogue (diversity of opinion and experience) can the AvSec community evolve to meet contemporary challenges while ensuring the safety and security of civil aviation.
Jim Termini is Southpac Aerospace’s Principal Advisor Aviation Security.
[1] I use ‘data’ to refer to both intelligence and information
[2] ICAO Critical Elements (CE) 1 & 2
[3] https://www.icao.int/Security/USAP/Pages/Limited-Transparency-and-Significant-Security-Concerns.aspx
[4] https://www.verywellmind.com/an-overview-of-the-dunning-kruger-effect-4160740
[5] https://www.icao.int/Security/Pages/Global-Aviation-Security-Plan.aspx
[6] https://www.asiacargonews.com/en/news/detail?id=10121
[7] https://www.asiacargonews.com/en/news/detail?id=10062
[8] https://www.cbp.gov/sites/default/files/2024-08/enhanced_acas_faq_cbp_08-2024_-_508_complete.pdf