Speeches recovered from the Conservative party’s online archive More…

Pauline Neville-Jones: EU rules are fatal for terror watchlist

In November 2001, in a speech to Harvard University, former US President Bill Clinton said '[we] live in the age of interdependence [where] borders don't count for much or stop much, good or bad, anymore'. 

Clinton was not subscribing to the view put forward by globalists that states are anachronistic as a result of economic interdependence and technological advances in communication and transport - far from it. 

He went on to say that states should use their foreign policy and development agendas to address the root causes of insecurity worldwide, before they reach a country's borders.

So I agree about this tremendously important task: it is always best to deal with the cause rather than the symptom of a problem, a thesis which is championed in the Conservative Party's Green Paper on National Security Strategy.  Given the domestically generated terrorist threat, I would add that we need proper community cohesion and integration strategies too.  But as the Green Paper notes, these efforts will not always be successful.  So we also need to provide in other ways against dangers approaching the national territory, and borders play a vital role in this.

As Clinton recognised however, treating borders just as static points of defence on the ground that one can make physically watertight no longer works and has not done so for quite a long time.  I think we all agree that function of the border should be to give us an opportunity to ensure that travel is safe, but to wait to deal with a threat as it reaches or approaches our shores is to leave until far too late ensuring that effective security kicks in.

We need to push security out to the point of journey start - to allow the authorities to be informed about individuals intending travel to and from the UK, and therefore to focus on those posing a threat without hampering the journey of blameless millions.  But the Government's attempt to do so (the current e-Borders scheme) will not achieve this; implementation of e-Borders has been slow and expensive - dogged by problems and unmet deadlines - and will not provide the information base for a risk-based approach to border and transport security, as it should.  Nor does the UK fare better when it comes to physical security: in controlled environments at ports and airports, we are not yet targeting security measures on those who pose the greatest risk.

It is these two areas - effective information and the effective deployment of physical security measures - that I want to look at.  In this speech I am going focus mostly on the example of air travel, but what I say is equally applicable to maritime and land transport.

<h2>Intelligent borders</h2>

For the UK to be effective and efficient in relation to flights in and out of the UK, we need what might be termed "intelligent" borders.  In other words, we need to be well informed about the level of risk posed by people wishing to leave and enter the country.

Now following the failed attack at Christmas on the airliner heading for Detroit, the Government said that it would move in the direction of having intelligent borders.  It wants to extend the current Home Office watch list and use this as the basis for putting in place, first, a no-fly list and, secondly, a larger list of those who should be subject to special measures such as enhanced screening prior to boarding flights from, and bound into, the UK. 

The public might think it odd that we did not have such lists already.  It is surely peculiar that while our airports would not permit a plane that was not airworthy to land or be flown by an unqualified pilot, thus representing a danger to all other airport users, we continue to take risks that could be reduced with the passengers on board.  One person can kill many.  Moreover, and this is particularly worrying, the Government was not upfront about the challenges involved.  Indeed, I am concerned that the Government's plans are not currently realisable.

Let me explain.  The current Home Office watch list, which the Government intends to use to set up the no-fly and special measures lists, will need to be substantially reformed if it is to fulfil this task.   It currently contains 1.3 million names which are not categorised nor, apparently, does it include all those who should be on it.  Take the example of Abdulmutallab, the would-be Detroit bomber, who was refused a visa to this country to attend a bogus college.  These valid grounds for refusal had not however been linked up in any way with information about his conduct when a student in the UK or subsequently which should have given rise to serious concern about the right of such an individual to board an aircraft to or from any destination any where in the world.  So, as it stands, one does wonder how reliable a basis the watch list is for other lists to be built upon it.

Furthermore, for any kind of watch list system to do its job, it has to interact with accurate advance information about those who plan to enter and leave the country.  The Government is relying for this on the e-Borders programme.  But there are three reasons why this is unlikely to work properly.

First, there is a question mark about the ability of the chosen technical solution to interface with a watch or no fly list system.

Secondly, what advance data will UK authorities actually obtain? 

This audience will be aware that carriers have to provide authorities with service information such as the name of the carrier, arrival and departure points and times, and also travel document information, taken from the machine readable zones of passports or identity documents.  This is known as Travel Document Information or Advance Passenger Information, and is compared against watch lists to identify known persons of interests before they arrive in or depart from the UK. 

But this system is only effective to the extent that the details provided are accurate: the recent case of fake British passports being used by those who assassinated a Hamas commander in Dubai demonstrates the current limits of this approach.  Furthermore, and my third point, in December the European Commission made clear the legal position that, on the basis of the right to freedom of movement, the collection of API data for EU citizens or their family members may not be made compulsory and also that intra-EU travel carriers may not be instructed to deny boarding to travellers who fail to communicate API, regardless of their nationality. What a loophole! Abdulmuttalab, let us remember, changed planes in Schipol.  He could have been coming to the UK.

Quite apart from the unsatisfactory regime surrounding API data, there is also the question of Other Passenger Information or Passenger Name Record (PNR).  This includes information such as the passenger's contact details and travel itinerary.  Some countries, such as the US, have come to require quite extensive information to be provided in advance, such as previous travel, the purpose of the proposed trip, with whom an individual is staying and where, whether they will travel within the destination country and so on.

Getting balance in the quantity of information collected is important.  But equally, it is arguable that PNR information provides a better base for the assessment of the risk that an individual might pose which can be investigated further before that person is permitted to even start their journey.   But then we discover that under e-Borders PNR capture is to be capped at 100 million records from 100 carriers.  This represents just forty percent of all journeys.  What on earth is the good of that? 

Three other features are also of note here.  First, carriers only need to provide PNR data to the extent they know it.  Secondly, the Government is not pushing to collect PNR for intra-EU travel and will not do so until the European Union puts in place relevant legislation - but a framework decision on PNR put forward by the Council in 2007 explicitly excluded intra-EU or domestic travel.  Unlike ADI, therefore, collection of PNR within the EU does not seem a possibility for the Government, irrespective of the assessment of the level of the terrorist threat that prevails.  The Government tries to reassure us by saying that the selection of routes required to provide PNR will be based on the risk they pose individually - seemingly on the assumption that European routes are less risky.  Flights from Schipol will of course not be included.  Terrorists better be very cooperative and start their journey in places we have categorised as risky so we pick them up in time!  What nonsense is this? 

Finally, the Government says that it does not profile or, as things stand, intend to profile terrorist behaviour using PNR.  It acknowledges that in this respect it is different from other countries and says it remains open to re-assessment of this option.  Reassess I say.

In other words, Ladies and Gentlemen, the information base and processes for an effective watch and no-fly list system in the UK simply do not exist.  It seems doubtful that, had Abdulmutallab been travelling via the UK, e-Borders would have flagged him up as a potential threat.  We are hamstrung by rigid one size fits all in all circumstances European rules which in my view do not balance proportionately the rights to privacy and freedom of movement of passengers with the duty of governments not to put citizens at a level of mortal risk which they  are able to reduce.  The Commission needs to ask itself some questions.  Why are its rules not capable of taking the threat level into account?   Does it not agree that borders should actively facilitate safe travel?

<h2>Physical security: technology and people</h2>

There is, of course, more to transport security than intelligent borders.  By themselves adequate information and situational awareness are not foolproof.  No single approach to security can by itself offer a one hundred per cent guarantee.  That is why people champion the idea of layered security.

It is because individuals not on any radar can still carry dangerous items with intent that physical security measures are needed at points of departure, during travel, during transit/transfer and on arrival.  Each of these stages of a journey requires a different response: bollards, stringent luggage requirements, pat-searches, hardened cabin doors and rules about behaviour during travel, are all illustrative examples.  People tend to think mostly of airports and aircraft in this context - but I would apply these thoughts equally to the maritime domain and to rail.

Despite recognition of the importance of a layered approach to achieving effective security, the picture is not yet satisfactory.  There are a number of issues. 

Who is responsible for setting physical security standards?  Who enforces these standards and provides oversight and training?  Who is responsible for the implementation of these standards?  In other words, how do we know there are not gaps?  Government, carriers, operators, private security companies and different police forces all have roles in what the military would call a congested and cluttered space.  Enforcement varies and the apportionment of costs causes argument.  Greater clarity is urgently needed. 

The recent Policing and Crime Act removed the system of airport designation and should put in place a principle of joint accountability (and funding) for airport security.  The Conservative Party welcomes this as a move in the right direction but doubts whether these steps - which do not extend to other types of ports of entry - go far enough.  I would also suggest that there is scope for reviewing the relationships between the Office for Security and Counter Terrorism, TRANSEC and the Centre for the Protection of National Infrastructure.

The Government appears, post the attempted attack over Detroit, to be taking a greater role in defining standards.  I think this is right though the standards chosen must be the right ones.  Forced to act in a hurry, it has mandated the introduction of full body scanners despite the fact that such devices, which certainly have real uses, might well not have detected the explosive PETN carried by Abdulmutallab.

I have to say that I do not think the objections to body scanning are strong.  It is perfectly possible to obscure the face of a passenger to the person screening.  And less intrusive technologies such as tomography or neutron scanning may well help.  Scanners can also be deployed in ways which are less obstructive to the flow of non-suspect passengers than the arch through which we have become so accustomed to having to walk.  I would also add that nothing is more important that identifying threats posed by a handful of individuals so that we can ensure the safety while limiting intrusion into the privacy of many.

Which points in the direction in which we need to go.  Selectivity - not, as we largely have at present, one size fits all.  We do not need to treat passengers as if they are all equally liable to commit an unlawful act.

There has been a rather uninformed debate about what is incorrectly termed "profiling", based on the fear that groups of individuals categorised in crude ways according to race or nationality will be systematically discriminated against.  That would be politically foolish as well as ineffective.  And it would be extremely extravagant with scarce resources.  We should also not be blind to the resentment caused by quite unjustified interference with law abiding passengers because of the absence of willingness to give behavioural analysis an appropriate place in the scheme of things.

So we need to focus resources on the individuals who represent a threat or potential threat: we need behavioural analysis to help us and it must be done in a sophisticated way that is intelligence led.  It should involve staff fully trained to observe, identify and assess suspicious behaviour, including signs of stress, fear and deception.  All this is not new, as Customs officers will tell you.

The advantage of behavioural analysis at borders and on transport systems would be significant.  It increases the probability of identifying risky individuals, helps target limited resources on the areas of greatest risk, and also creates a more hostile environment for malicious actors by making it difficult for them to predict security measures.

<h2>International action and cooperation</h2>

London, of course, is a major global transport hub.  So all our measures are of limited value in isolation.  We need to take all the measures necessary to ensure that passengers leaving UK soil for destinations overseas have been fully cleared.  But we are also entitled to expect the same of sending airports.  There needs to be much more effort put into that aspect of air travel: not just effective information sharing but also effective information acquisition and high standards of physical security. Incentivising some airport authorities will be a challenge.  But ultimately we have the whip hand and should either subject to extra tests planes coming in to land from insecure provenances.  What we want is to stop dangerous individuals ever getting on board.

<h2>Conclusion: effective security is a deterrent</h2>

My overall point is that a more fundamental review of how UK border and transport security is needed than that which followed the attempted attack over Detroit.  Ultimately our approach has not changed significantly, nor have we yet grasped how each different layer of security - here and abroad actually fits (or should fit) together.  There are gaps and weaknesses in the current and proposed regime. 

Of course, no security regime can guarantee that nothing will ever go wrong and I do not wish to suggest that I imagine this is not the case.  But in situations such as travel where the fate of all is so clearly governed by the actions of one or a very few, the precautions taken have to weigh heavily on the side of safety. And effective security is itself a deterrent to attempts.  That means systems that are not riddled with the holes we have at present and which are capable of identifying the suspicious passenger at least level of risk and inconvenience to others. I am the first to defend our liberties.  We wish to be secure precisely to maintain our freedoms but we have to be sensible about what is fundamental to our way of life.  And we should be willing to review and adjust the measures to the security situation prevailing.  And, to revert to my starting point, we must work for a world in which the root causes of conflict and current insecurities are solved on the spot so that at least some of the panoply of security measures now in operation can be reduced if not entirely dispensed with.

Keyboard shortcuts

j previous speech k next speech