Bruce Schneier on terrorist threat level alerts, from his most recent Cryptogram newsletter…
The color-coded threat alerts
issued by the Department of Homeland Security are useless today, but
may become useful in the future. The U.S. military has a similar
system; DEFCON 1-5 corresponds to the five threat alerts levels: Green,
Blue, Yellow, Orange, and Red. The difference is that the DEFCON
system is tied to particular procedures; military units have specific
actions they need to perform every time the DEFCON level goes up or
down. The color-alert system, on the other hand, is not tied to any
specific actions. People are left to worry, or are given nonsensical
instructions to buy plastic sheeting and duct tape. Even local police
departments and government organizations largely have no idea what to
do when the threat level changes. The threat levels actually do more
harm than good, by needlessly creating fear and confusion (which is an
objective of terrorists) and anesthetizing people to future alerts and
warnings. If the color-alert system became something better defined,
so that people know exactly what caused the levels to change, what the
change means, and what actions they need to take in the event of a
change, then it could be useful. But even then, the real measure of
effectiveness is in the implementation. Terrorist attacks are rare,
and if the color-threat level changes willy-nilly with no obvious cause
or effect, then people will simply stop paying attention. And the
threat levels are publicly known, so any terrorist with a lick of sense
will simply wait until the threat level goes down.”
Living under Orange reinforces this. It didn’t mean anything. Tom
Ridge’s admonition that Americans “be alert, but go about their
business” reinforces this; it’s nonsensical advice. I saw little that
could be considered a good security trade-off, and a lot of draconian
security measures and security theater.
I think the threat levels are largely motivated by politics. There are
two possble reasons for the alert.
Reason 1: CYA. Governments are naturally risk averse, and issuing
vague threat warnings makes sense from that perspective. Imagine if a
terrorist attack actually did occur. If they didn’t raise the threat
level, they would be criticized for not anticipating the attack. As
long as they raised the threat level they could always say “We told you
it was Orange,” even though the warning didn’t come with any practical
advice for people.
Reason 2: To gain Republican votes. The Republicans spent decades
running on the “Democrats are soft on Communism” platform. They’ve
just discovered the “Democrats are soft on terrorism” platform. Voters
who are constantly reminded to be fearful are more likely to vote
Republican, or so the theory goes, because the Republicans are viewed
as the party that is more likely to protect us.
(These reasons may sound cynical, but I believe that the Administration
has not been acting in good faith regarding the terrorist threat, and
their pronouncements in the press have to be viewed under that light.)
I can’t think of any real security reasons for alerting the entire
nation, and any putative terrorist plotters, that the Administration
believes there is a credible threat.