Were 72 DHS Employees Found on Terrorist Watch Lists?

Democratic Rep. Stephen Lynch misrepresented a report from the Department of Homeland Security in 2015 to defend a Republican bill that increased screening requirements against refugees from Iran and Syria.

In December 2015, Lynch told WGBH-FM:

Back in August, we did an investigation — the Inspector General did — of the Department of Homeland Security, and they had 72 individuals that were on the terrorist watch list that were actually working at the Department of Homeland Security. The director had to resign because of that. Then we went further and did an eight-airport investigation. We had staffers go into eight different airports to test the department of homeland security screening process at major airports. They had a 95 percent failure rate. We had folks – this was a testing exercise, so we had folks going in there with guns on their ankles, and other weapons on their persons, and there was a 95 percent failure rate.

At the time of the interview, Lynch had broken party lines and voted in support of the American Security Against Foreign Enemies (SAFE) Act of 2015, which was passed by the House on November 19 2015. It called for the U.S. to “pause” on admitting Syrian and Iranian refugees into the country while establishing a new system requiring that every subsequent refugee’s application for entry be approved by the Secretary of Homeland Security as well as the Director of National Intelligence and the director of the Federal Bureau of Investigations.

Lynch was one of 47 Democratic House members who voted for the bill despite a veto threat from then-U.S. President Barack Obama. However, the SAFE Act failed to advance in the Senate and was not brought to a vote.

The congressman’s statement made reference to a report from the Department of Homeland Security (DHS) released that June reviewing “enchancements” to the screening process for Transportation Security Administration (TSA) workers who had access to “secure areas of commercial airports.”

According to the report:

TSA recurrently vetted aviation workers with access to secured areas of commercial airports every time the Consolidated Terrorist Watchlist was updated. However, our testing showed that TSA did not identify 73 individuals with terrorism-related category codes because TSA is not authorized to receive all terrorism-related information under current interagency watchlisting policy.

Investigators for DHS said that the TSA “had less effective controls in place” for making sure employees were authorized to work within the United States or that they did not have a criminal record that would disqualify them from having access to more secure airport areas. Instead, the latter agency relied on subcontractors to vet prospective employees.

That gap in the vetting process also manifested itself in employee records that were incomplete. According to the report:

Specifically, we identified over 1,500 records in TSA’s screening gateway where an individual’s first name contained two or fewer characters; over 300 contained a single character. We identified an additional 75,000 records where individuals with active aviation worker credentials were listed […] as being citizens of non-U.S. countries, but did not have passport numbers listed. Out of those records, over 14,000 also did not list alien registration numbers. According to TSA, the passport number is a desired field to collect, but is not required.

Through analysis of TSA data, we determined that nearly 87,000 active aviation workers did not have [Social Security numbers] listed. Pursuant to the Privacy Act, TSA is not authorized to require the collection of SSNs, although TSA’s data matching model identified the SSN as a strong matching element. TSA encouraged applicants to submit their SSNs during the application process; however, to the extent individuals applying for aviation worker credentials do not list their SSNs, TSA may be unable to identify additional strong matches for analysts to manually review.

DHS Inspector General John Roth explained the report’s findings in testimony to a House subcommittee in June 2015, saying that the 73 (not 72) individuals were missed because the TSA did not have access to all the data it needed:

Despite rigorous processes, TSA did not identify 73 individuals with links to terrorism because TSA is not cleared to receive all terrorism categories under current inter-agency watchlisting guidance. At our request, the National Counterterrorism Center (NCTC) performed a data match of over 900,000 airport workers with access to secure areas against the NCTC’s Terrorist Identities Datamart Environment (TIDE). As a result of this match, we identified 73 individuals with terrorism-related category codes who also had active credentials. According to TSA officials, current interagency policy prevents the agency from receiving all terrorism-related codes during vetting.

Roth testified that the TSA “must work with DHS” to send a formal request for access for more categories covering terrorism-related material.

While DHS oversees the TSA, Lynch’s remark conflated the two agencies. He also misspoke in saying that “the director had to resign” over the report’s findings. Jeh Johnson remained as DHS director during that time; but Melvin Carraway, the acting TSA administrator, was reassigned in June 2015.

Update 9/28/2021, 3:00pm: This article has been revamped and updated. You can review the original here