While the independent aviation safety experts in the Review Panel and the Australian Government peruse these and the other 250-plus submissions, a more immediate and alarming pair of events has been noted and which threatens aviation in Australia. This has prompted our call for an urgent review of certain aspects of aviation security.
The first involved a convicted terrorist fleeing Australia successfully using commercial air transport. Khaled Sharrouf (who admitted to terrorism offences against the Criminal Code in relation to a foiled terrorist attack in Sydney in 2005) was convicted by the Supreme Court of NSW in 2009. He was arrested for stealing clocks and 140 batteries alleged to have been connected with preparations for a terrorist act some have described as being on par with the September 11, 2001 attacks in New York. Mr Sharrouf served his principal jail time of 5 years, was paroled for part of it and, alarmingly, on 6 December 2013 is alleged to have boarded a plane from Sydney Airport bound for Kuala Lumpur and has not been seen since.
News sources allege that Mr Sharrouf used his brother’s passport and was destined for Syria.
The second event was the 17 February 2014 hijacking of an Ethiopian Airlines 767 (Flight ET702) was headed to Milan and Rome from Addis Ababa. The co-pilot 31 year old Hailemedhin Abera Tegegn) locked the Captain out of the flight deck and flew to Geneva, Switzerland, seeking asylum as he felt threatened in Ethiopia. The hijacking was noticed by plane spotters around the world before the aircraft had even landed.
The first event clearly necessitates a review of aviation security screening at Australia’s borders. Much has been done in relation to physical security and searches at borders, including the Australian Government’s Review of Aviation Security Screening which was announced in 2007, and reported in 2009. The focus of this review was screening technologies and regulatory changes aimed at improving security outcomes (put simply, the avoidance of hijackings and unlawful interference with aircraft in flight) and associated passenger facilitation goals (that is, ensuring minimum interference with the movement of passengers from landside to airside at airports).
In addition the Australian Government announced a package of measures to strengthen aviation security on 9 February 2010 which culminated in the introduction of full body scanner machines at Australian airports in 2012. These have all been positive steps forward since the not too long ago introduction of aviation security regulations in Australia (ie, the Aviation Transport Security Act 2004 (Cth) and Aviation Transport Security Regulations 2005 (Cth) which commenced on 10 March 2005). Those laws establish a framework to safeguard against unlawful interference with aviation, and were largely prompted by the terrorist acts on 11 September 2001. The Act establishes minimum security requirements for civil aviation in Australia by imposing obligations on persons engaged in civil aviation related activities, such as airlines and airports.
The review and initial aviation security legislation post dated and preceded, respectively an Independent Review of Airport Security and Policing for the Government of Australia conducted by the Rt Hon Sir John Wheeler DL in September 2005 (Wheeler Review). This was deemed necessary in light of the, as noted by Wheeler “less than optimal consultation” around the Act and Regulations, which he also noted could “benefit from a review with the aim of clarification and simplification”. He further noted “there is a danger that airport security could become focused on compliance with regulations rather than on the crucial preventative role through assessing threat and risks on an ongoing, involving and consultative basis, and mitigating these in a timely way” (page xv).
Paradoxically, the Wheeler Review did not examine border controls at Australian airports but did note:
Terrorists and criminals may take advantage of the large number of false or altered travel documents in circulation world-wide. Passengers with multiple legal passports also present concerns because travel to potential terrorist training areas may not be able to be tracked easily, especially when names on different passports are not identical. (p 49) … Emerging technology, such as Smartgate, may provide real efficiencies and more rigour in screening incoming passengers. (p 49)It appears insufficient thought was given in the legislation, and the subsequent reviews, to the real hole in security presented by the failure to properly weight and distribute statistically probable uses of genuine travel documents by associates of convicted terrorists. While work has been done on this type of data matching by the Australian Customs and Border Protection Service and Department of Immigration and Border Protection, the alleged escape by Mr Sharrouf on 6 December 2013 indicates that more must be done to ensure genuine documents are not misused by non-genuine, and potentially dangerous, travellers.
It was alleged that the passport used by Mr Sharrouf (his brother Mostafa’s) had alerts placed on it which were not sufficient for authorities to demand the carrier of the passport be stopped.
The second concerning event, the hijacking raises some peculiar elements of aviation security now only becoming more widely appreciated by the wider (rather than aviation-centred) community. While the hijacking by a member of the flight crew is unusual in and of itself, and raised issues as to the licensing and suitability of operational personnel, that is not the focus of this critique.
In fact, the way the hijacking came to be known to be happening in real time by people around the world is submitted to be the real danger, or something which is presently unregulated and perhaps should be as cyber security dangers have the capacity to cause unlawful interference with aviation. Plane spotters in Australia and elsewhere noted the hijacking was taking place when the “7500” transponder code was broadcast by the Ethiopian Airline co-pilot (who wanted to be noted by air traffic control). The transponder code is an internationally recognised sign that an aircraft is being hijacked and is picked up by signals received by air traffic controllers.
The code was also picked up by plane spotters using both freely available and commercially available apps and internet sites which both monitor aircraft flight paths, locations, and in some instances live air traffic control chatter. While the subject holds fascination for millions worldwide, and is in no way different from the now hardly used VHF handheld scanner technology which plane spotters used while sitting along airport fences, the sheer reach and accessibility of this information provides cause for concern.
The fact that those with access to this information include those who have insidious intentions cannot be ignored. It would be important that any review which looks at the interface of aviation security, watchlist and data matching technology and border controls, also look at the emerging dangers of the unprecedented access to flight information in the public’s hands.
Laws have a long way to go to catch up with this sort of potential danger. It has not been much more than a decade since the introduction of aviation security identification and background checks for those with a genuine need to be at airside locations. Several industry groups note those requirements do little to contribute to security and are nothing more than inconveniences to genuine pilots (see the Aviation Safety Regulation Review submission of the Aircraft Owners and Pilots Association at page 2: here).
The information which is “out there” though, covers more than the locations and headings of passenger aircraft. It includes the wireless computer systems used to control flights and connect them with ground terminals and their parent companies. Hostile intruders could potentially interfere with such signals to alter the handling and control of air traffic.
These aspects of aviation security may sound futuristic and unlikely, but they are not the stuff of science fiction. The February 2014 edition of Aero Space (the magazine of the Royal Aeronautical Society runs a feature article on the problems, noting that “the measures that have served [aviation] well for a century may no longer be sufficient to guard against a new generation of threats” (see “Cyber-security and aviation” by Angus Batey). The laws in relation to such interference may be inferred from other laws about interference with aviation (for example the definition of “unlawful interference with aviation” in ss 10(1)(f) of the Act is sufficiently broad to capture “damaging or destroying air navigation facilities” but this is at best a tenuous link with the kinds of communications and information technologies discussed above).
In short then, it appears that aviation security regulation in Australia is in need of review. We have one of the safest commercial aviation sectors in the world and a good way to ensure it is kept that way is to ensure aviation security legislation stays abreast with aviation technologies and users of it.
Written by Shine Lawyers. Last modified: January 7, 2020.