A quick Google search on the privacy concerns surrounding airport scanners yields enormous amounts of incendiary coverage dated between 2010 and 2013. Reports of invasive scans illustrated in graphic images abound, including detailed discussions about intimate piercings, personal hygiene products and genitalia coming into full view of the prying eyes of the machine and its operators. Then, just as the Snowden files showed a systemic approach to public surveillance through cloud providers, data centers and other mass collection mechanisms, "naked" airport scanners fell off the radar. This coincided with three events that effectively erased the scanner from the public's consciousness:

  1. the removal of some of the offending devices - such as suggestively named scanners like Rapiscan - done under the pretence that they had "slowed down security checkpoints".
  2. a concerted effort to shift the narrative towards the "health risks" that have been fully addressed by millimeter wave scanners, and the phrase "you receive thousands more times the radiation when you fly than when you go through the scanner"
  3. the introduction of ATR (automated target recognition), a system that replaces the visible image of the "naked" body on the operator's screen with an outline of the detected "threat", such as liquids, gels, plastics, powders, drugs, money, metals and ceramics and the doubling down on the use of the innocuous term "millimeter wave".

Mission accomplished. When you now carry out a search constrained to privacy-related articles from the past year, you get

a. a ton of articles downplaying the "safety" of the scanners themselves (because millimeters are small!)

b. distractive coverage over whether the "liquid ban" will be overturned (not to mention the shoes-on or off debate!)

c. at least one concerned individual asking "can airport scanners detect drugs in my bum?"And yet, there's plenty of activity in the airport security space worth keeping up with, if only because it impacts your civil liberties and human rights. I have previously written about the security theater surrounding scanners and why the public should not be so quick to allow their private parts to be scanned by millimeter waves or any other kind of mechanism that sees through clothes.

Having recently had the pleasure of going through London Heathrow's notoriously laborious airport security process, I had the opportunity to interact with staff, processes and devices expressly designed to make the public feel the presence of security all around them. Sadly, those processes amount to little more than uninformed security staff blindly following procedures that amount to little more than deterrence.

In my case, the deterrence came swiftly as soon as I uttered the phrase "I would like a pat down please". The response was "do you have a medical condition?" When I responded that this was only a concern over the privacy and security of the scanner, whose exposed network cable alluded to connectivity beyond the operator's screen."We will have to call a manager. There's no one here who can do pat-downs". I knew the process was going to take as long as possible, so I sent my family ahead to make themselves comfortable at the gate and proceeded to follow the process which included:

  • more people asking "why" and appearing genuinely puzzled that I would not want to place my legs some 75cm apart on the 3D scanner's platform
  • being led to a small examination room by two 'robust' men who presented me with a waiver to sign, indicating my compliance with the process.
  • the emptying of all my carry-on luggage and rub-down (to scan for traces of explosives) of dozens of my cables, usb keys and other trinkets.

Neither the spectacle nor the repeated attempts at changing my mind bothered me. The only thing I found disconcerting as part of the entire process was the fact that none of the staff knew anything about where the scanned images went, how they were collected and whether they were saved or transferred, say to a system that may use artificial intelligence analytics to try to 'learn' from the volumes of complacent and compliant travellers. The process concluded when the managers agreed that indeed the data does get collected and they did, themselves suspect that it might get transferred to other parties for further analysis. I appreciated their candour but it did nothing to increase my trust in the system. Was it worth a half-hour of my time to prove the point and preserve a bit of privacy? Absolutely.