We urge the creation of one level of security that applies at every airport and air carrier nationwide. There should be no difference in the security standards that are applied at small airports and those that apply at large ones. There should be no difference between the security standards that apply to small airlines and those applied to large ones. We should also understand that a Boeing 777 from Delta Air Lines and a Federal Express DC-10 would make equally lethal terrorist missiles. Therefore, there should be no difference between the security standards that apply to passenger operations and those that apply to cargo operations.

There is an Irish toast that goes, "Here is to those who love us; and for those who do not, may the good Lord turn their hearts. But if he does not turn their hearts, may he turn their ankles, so that we will know them by their limping."

We should allow our security personnel to better focus their efforts in screening of people who are unknown by reducing the level of scrutiny that is applied to people we already know and trust. When I report to work at any airport in the country, I am likely to spend a fair amount of time in a long line only to have my flight kit emptied and my overnight bag searched, just to make sure that I am not carrying anything that I could use to commandeer the airplane upon which I am legally assigned second in command.

Of course, the security personnel who search my bags certainly have no independent way to verify that I am who I say I am. If we did not know better, we would assume that there was not any simple way to separate the wheat from the chaff, pilots, flight attendants, ramp workers and law enforcement officers from the general public. But the truth is that the technology exists today for a combined computer chip and biometric verification system that could be implemented expeditiously and economically.

A system could be implemented that would allow me access to a secure area based on a swiped card and a fingerprint scan that would generate my picture and employment status on a security monitor that would be monitored by a security officer and that would happen both at the gate and when we come through security.

Many of my colleagues and I became airline pilots after we served long military tours where we held top secret clearances and were entrusted with weapons of mass destruction. We passed extensive background checks then and again when we were hired by Delta.

We also need a way to know that the baggage in the cargo hold contains no device that is intended to cause destruction of the aircraft, its passengers and its crew. Until such time as we are able to implement this universal baggage screening, we urge the creation of an inexpensive photo manifest in order to quickly remove any bag in the event its owner does not board. Aviation safety is based in part on multiple redundancies, so that if one system fails, there is a backup to prevent a catastrophe. In the cockpit, we have two altimeters, two air speed indicators and two yokes. The aircraft has two hydraulic systems, two engines, two air/ground safety sen

sors.

The ultimate redundancy in aviation security must include both an impregnable cockpit and the ability of the flight crew to respond

to a threat in the gravest extreme. If we are prepared to scramble U.S. fighter jets to intercept a commandeered commercial passenger aircraft, ought we not provide the crew with equipment and training that is sufficient to eliminate a threat short of destruction of the aircraft?

Thank you very much for the opportunity to share the views of the Air Line Pilots Association this morning and I will be happy to answer any questions.

[The prepared statement of Mr. Macginnis follows:]

PREPARED STATEMENT OF KEVIN D. MACGINNIS, MEMBER, AVIATION SECURITY COMMITTEE, DELTA PILOTS MASTER EXECUTIVE COUNCIL, AIR LINE PILOTS ASSOCIATION, INTERNATIONAL

I am Kevin Macginnis, a member of the Aviation Security Committee of the Delta Pilots Master Executive Council of the Air Line Pilots Association, International. I also serve as Chairman of the Aviation Security Committee of ALPA Council 44. Council 44 represents more than 4,000 Atlanta-based Delta pilots. ALPA represents 67,000 airline pilots who fly for 47 U.S. and Canadian airlines. We are sincerely appreciative of the opportunity to appear before the Committee to present our views on the important subject of aviation security.

ALPA has been at the forefront of the effort to create a more secure airline travel system. We are pleased, therefore, that the President, on November 19, 2001, signed into law P.L. 107-71, the Aviation and Transportation Security Act, which contains many of the provisions we had urged be adopted.

This hearing is most timely, in that it concerns the actual implementation of that law's numerous provisions and other initiatives. Congress' oversight role will be critically important to prevent a repeat of some of the FAA's regulatory missteps in years past. One example of such a misstep was the agency's failure to produce major security regulations in a timely manner-revised CFR 14 Parts 107 and 108 were published this summer, 10 years after revisions began! We are hopeful that the new DOT Under Secretary's office will produce NPRMs and final rules in a more expeditious fashion.

For many years, ALPA has promoted One Level of Safety for all air carriers carrying passengers or cargo in the United States. We, therefore, strongly support One Level of Security during the implementation of Federal security-related regulations. Instituting a single security level, by definition, means the abolition of today's sundry security levels and practices for airlines and airports based on perceived threat. A terrorist-guided missile, in the form of a fully loaded airliner, can take off from any commercial airport in the country and wreak havoc on unsuspecting innocents virtually anywhere below. A suicidal bomber can affect a terrorist attack as decisively on an airplane departing from Des Moines as one leaving from Dulles. There is no difference between a fully loaded B-747 cargo airplane and a fully loaded B747 passenger airplane in terms of their use as terrorist missiles. Each of our recommendations is made in this context.

Following are some specific initiatives we believe need to be addressed in the implementation of the new law.

EMPLOYEE AND PASSENGER IDENTIFICATION

ALPA has been promoting the need for positive, electronic verification of identity and electronic airport access control systems since 1987-shortly after the downing of PSA flight 1771 by an armed, disgruntled, former airline employee. This mass murder, which bore similarities to the hijackings of September 11th, was attributable in large measure to identity-verification inadequacies that have yet to be addressed 14 years later.

At ALPA's urging, the FAA required approximately 200 of the largest commercial airports to install computerized access control systems in the late 1980's and early 1990's. However, in spite of the entire aviation industry's arguments to the contrary, the agency failed to (1) create a detailed set of performance standards for use by the airport community and (2) provide for the access control and identification needs of the transient airline employee population. This mismanagement was, and still is, expensive for the airports and airlines-the initial estimate of about $170 million for access controls actually rose to more than $600 million, and the figures continue to climb. There are also numerous costs that are difficult or impossible to compute stemming from the inefficiencies related to transient airline employee's lack of access at airports.

In the mid-1990's the FAA, with ALPA's urging and congressional funding, performed a test of what came to be known as the Universal Access System (UAS). Two million taxpayer dollars were spent on those tests involving two major airlines and four large airports. For all practical purposes, those funds were wasted. Although the FAA completed successful tests of the UAS and standards were finalized for the system in 1998, there has been no implementation by any airline of the system, per stated congressional intent. This failure came as a result of an FAA policy to leave UAS implementation to the sole discretion of the carriers.

Although magnetic stripe technology was used as the basis for UAS tests, there are now several advanced, mature technologies that could be used to positively identify authorized personnel. The FAA is expected to complete a study of its recent tests of a Memory Chip Card (MCC) system for identifying armed law enforcement officers in the near future. This technology is much more secure than magnetic stripe and has the additional capability of storing an extensive amount of data that can be used for both security and other types of uses.

The FAA has stated that these same readers could also be used by airlines for issuance of MCC cards to their employees. ALPA is recommending that the airlines use the MCC, or an equally secure technology or technology combination (e.g., smart card with biometric reader), as the means for performing several important functions, including the following:

1. Positive access control for all employees who work at the airport, not just nontransients. Airline pilots and other transient employees currently rely on a very nonsecure method of moving around airports, which creates the potential for security breaches. Namely, they request airport-based, company employees to open doors for them as a courtesy based on their possession of an airline ID card. As we know, ID cards and uniforms could be fraudulently used to gain access, which underscores the need for electronic verification.

2. Positive verification of identity at the screening checkpoint to enable transient employees to be processed more quickly. Passengers are enduring long lines at the security screening checkpoint. These lines are made longer by the screening of pilots, flight attendants and other individuals in positions of trust, who are often screened several times a day. The lack of equipment for positively identifying these individuals wastes limited screening resources and further inconveniences the traveling public.

3. Identity verification of jumpseat riders. Use of the jumpseat by commuting pilots is an absolute necessity in today's airline environment. Unfortunately, that privilege has been severely curtailed since shortly after the terrorist attacks because there is no way to positively verify the jumpseat requester's identity and employ

ment status.

4. A platform for digital pilot licenses and medical information. Consistent with language in the Act, we recommend that the same card, or type of card, be used by the FAA for containing a pilot's license and medical information. ALPA is working with FAA Flight Standards on this concept. Smart cards have more than sufficient memory for this purpose and others that the airlines may develop.

One important aspect of access control systems and UAS is the need for specifying a single set of performance standards to be used by all equipment suppliers and system integrators. Different types of technologies, used by different airports and airlines, can be incorporated into the aviation security system if interoperability is a requirement for all of them. RTCA, an aviation standards organization, may be useful in helping to create such standards.

In concert with the new security law's provisions regarding passenger identification, several organizations are promoting "smart" cards for passengers to be read at the screening checkpoint. Conceptually, such individuals would be processed more quickly than those without a card at a special lane created for this purpose. ALPA supports this recommendation provided that the passengers voluntarily submit to a thorough background check and, if possible, a criminal history records check, in order to receive this card. The background check should be updated at least annually in order to retain it.

Evidencing the importance of this issue, nine of the 33 DOT Rapid Response Team (RRT) recommendations relate to the subject of employee and passenger identification and access control, namely: Aircraft Security Report recommendations 7 and 8; and, Airport Security Report recommendations 2, 4, 7, 8, 9, 13, 16. A copy of these recommendations is included with my statement.

We recommend that the government amend CFR 14 FAR Parts 107 and 108 to accomplish the following:

1. Identify a single performance standard that will be used by access control equipment providers and integrators, the airlines and airports to create a universal access system.

2. Require airlines and airports to create such a universal access system that incorporates, at a minimum, the following features: (1) can be used by any transient airline employee at any U.S. airport where they operate (2) requires the carriage of only one piece of media (e.g., smart card) (3) positively identifies pilots for jumpseat-riding purposes (4) allows the bearer to open all access-controlled doors to which they have authorized entry (5) allows the electronic storage of pilot license and medical certificates, and (6) is used as the principal means of processing transient employees through the security screening checkpoint.

3. Establish a provision within FAR Part 108 that will allow the creation of a "trusted passenger" identification and security screening checkpoint methodology aimed at increasing security and checkpoint throughput.

HIRING CRITERIA AND PERFORMANCE STANDARDS

The foundation of a good security system for any entity, public or private, is a sound set of hiring criteria. Non-trustworthy employees cost time, money, and in the most extreme cases, can be life-threatening. The aviation industry has failed in several respects to ensure that only the most trust-worthy individuals are hired into critical, security-sensitive positions.

Background checks, consisting mostly of employment verification, have been used by the aviation industry for a number of years. These checks have more recently been supplemented by criminal history records investigations when a lapse in employment has occurred or there is some other questionable matter associated with an applicant's past.

It is our recommendation that criminal history records checks be performed on all new employee applicants to help ensure that only the most ethical and trustworthy employees be allowed within airport secure areas. Unfortunately, the issue of background and criminal history checks is greatly complicated by non-U.S. citizens and those who have been U.S. citizens for only a short time.

Accordingly, we recommend that the government amend CFR 14 FAR 107 and 108 to require mandatory pre-hire criminal history records check for all applicants who are U.S. citizens. An Interpol criminal history records check should be performed on all applicants who are either not U.S. citizens, or have not been U.S. citizens for at least 10 years. We endorse the Act's specific provisions for screener hiring standards.

Performance standards for baggage screening can best be tested and monitored through use of the Threat Image Project System, or TIPS. TIPS intermingles images of bags containing threat objects at random with the x-ray or EDS images of real bags. Screeners are required to identify the threat objects in a TIPS image, just as they do in a real bag, and their results are quantified and logged by computer. Performance of screeners has been shown to substantially improve with TIPS technology and it should be made a mandatory component of all baggage screening equipment.

EMPLOYEE TRAINING

Pilots at many U.S. airlines view the security training that they receive from their companies as boring, irrelevant, and unrealistic—much of it is repetitive from year to year and may largely consist of watching video tapes. Accordingly, ALPA wholeheartedly endorses the new provision contained in the Act that calls for the government and industry to develop "detailed guidance for a scheduled passenger air carrier flight and cabin crew training program to prepare crew members for potential threat conditions." We recommend that new regulations also provide for security training of all-cargo pilots, who have special requirements in this regard.

An Air Transport Association (ATA) working group has recently developed, with our input, a very brief response to the RRT on Aircraft Security recommendation number 12. That response, however, does not fulfill the requirements of the Act for a number of reasons, not the least of which is that it does not identify an adequate response to acts of air piracy. ALPA has scheduled a meeting to occur in a few days with FBI, FAA, Secret Service, and other government and industry organizations to develop a new "Common Strategy" that can be used for training airline personnel on air piracy strategies. A revised Common Strategy is needed to develop many of the training elements that Congress has identified.

We recommend that FAR Part 108 be amended to specifically require that airlines incorporate all of the program elements identified in the Act, plus any additional elements that may be identified during the rulemaking process.

BAGGAGE AND CARGO SCREENING

ALPA endorses the new security bill's provisions to require security screening of all checked bags loaded onto passenger-carrying aircraft and the screening of cargo and mail on cargo aircraft. The potential for carrying a bomb-laden bag onto an aircraft is very real and needs to be addressed expeditiously.

The new security law provides the Under Secretary with a 1-year study period for reporting on the screening requirements applicable to aircraft with 60 or fewer seats used in scheduled passenger service. We recommend that all baggage of all airline passengers be screened, regardless of the size of aircraft on which they fly. Also, as we understand the Act, there will be some passengers who travel on small aircraft from certain points of origin without benefit of security screening who will be charged as much as $5.00 for security services on a one-way trip. This situation may be as the result of an oversight, but it is one that deserves the attention of Congress.

We recommend that Congress quickly take this issue up and provide legislation that will ensure that everyone who travels on U.S. commercial aircraft, and pays a security fee, is provided the same level of security.

ALPA has for several years promoted the concept of creating an electronic passenger and baggage manifest. Similar to the problem of employee identity verification, the airlines are not currently capable of positively determining who has boarded their aircraft. This is demonstrated when aircraft leave the gate with an inaccurate manifest; we know of one airline that routinely allows flights to leave the gate with up to a two-person error. As another example, after one accident last year, an airline CEO made a public request for assistance in identifying the passengers on his own aircraft! The security ramifications are also substantial-unless we know that the person boarding the aircraft is the same one who bought the ticket, we cannot positively determine that the individual has been through the security checkpoint.

Currently available technology can be applied to this problem in order to create an inexpensive photo manifest of boarding passengers and their checked bags. The photo manifest will enable airlines to, among other things, (1) positively identify each person and bag on the aircraft (2) reduce the potential of boarding someone who has not been through screening (3) create a strong deterrence against fraudulent ticketing (4) quickly identify a bag(s) that must be removed in the event that its owner does not board the flight (5) create an accurate passenger manifest that can be used in the event of an accident or other tragedy and, (6) if tied to appropriate data bases, identify those of possible criminal intent.

ADDITIONAL MEASURES IN THE AVIATION AND TRANSPORTATION SECURITY ACT

I would like to turn your attention now to the need for additional regulations for implementing certain provisions of the Act. ALPA has been heavily involved in the development of, and responses to, the security recommendations of the DOT Rapid Response Teams (RRTs), and I would like to address the status of some of those recommendations as part of this discussion.

Aircraft Cockpit Hardening

We are encouraged by the rapid move toward full, voluntary fleet compliance with Special FAR 92-2, which FAA recently issued. Today, nearly every U.S. passenger airliner has been modified to provide better, although temporary, security of the flight deck. Modification of the cargo fleet, although allowed by SFAR 92-2, was not supported by FAA funding, as was the case with the passenger aircraft fleet. As a result, modifications to cargo airlines' cockpit doors lag those of the passenger aircraft. It is important that cargo aircraft cockpit doors be strengthened for several reasons, including (1) cargo aircraft are subject to air piracy, just like passenger aircraft (2) security protecting cargo aircraft is nearly always less stringent than for passenger aircraft (3) cargo flight crews are often required by their companies to board additional, non-screened employees or couriers, about whom the pilots may know little or nothing, in seats outside the cockpit door.

The process to institute permanent cockpit door design changes referred to in the Act and in DOT aircraft security RRT's recommendations two, three, and four has already begun. A recent regulatory proposal by the ATA would provide for improved security of passenger airliner flight decks. Once again, however, the proposal does not include cargo carrier aircraft. The RRT recognized the need for improvements to both types of transport aircraft doors when they specified, "retrofit of the entire US fleet" in their recommendations.

Furthermore, the ATA proposal stops short of requiring complete protection against gunshots, grenades, and other explosive devices. The design standards pro