The Recurring Folly of ‘If You See Something, Say Something’

As tensions with Iran worsen, the post-9/11 homeland-security playbook is coming back. But hypervigilance against vague threats is more useless than ever.

Police officers inspect a bag in a New York subway station.
After a terrorist attack in Belgium in 2016, New York police inspect bags in a subway station. (Richard Drew / AP)

Bill de Blasio warned New Yorkers on Friday that their city might be subject to retaliatory attacks from Iran. “I’m not saying this to be alarmist,” the mayor said as he and his underlings ticked off—in a slightly alarming fashion—a series of defensive measures the city might take after the American air strike that killed the Iranian general Qassem Soleimani. Though the New York Police Department had received no specific, credible threats, de Blasio and other officials warned of more bag checks at the subways and increased police presence throughout the city. The city is no stranger to terrorism and would maintain a better-safe-than-sorry posture. “If you see something, say something,” de Blasio said.

Recent talk of homeland threats, and the just-in-case operational response, are based on nothing more than the rather uncontroversial assessment that Iran will feel obliged to do something to respond to the killing of Soleimani. The homeland-security practices to which Americans became accustomed after 9/11 long ago became a bad habit—one more divorced than ever before from the kinds of threats the United States might actually face. Intended to calm the public, gestures like the ones de Blasio described presume that Iran would be both reckless and capable enough to target an American city—and that greater vigilance alone would prepare us for that possibility. Now nearly two decades old, the post-9/11 style of security theater also risks masking the real vulnerabilities in the American homeland against a potential Iranian action.

As tensions flare abroad, elected leaders in the United States want to be seen as doing something. In the days since Soleimani’s death, other major cities have also promised greater vigilance, more police on the streets, and closer cooperation with state and federal authorities based on vague intelligence that tells us simply that Iran is angry. In the years after 9/11, Republicans capitalized politically on the public’s fears, and Democrats ever since have been eager to show commanding leadership. And for Democratic mayors with higher political ambitions—a category that briefly included de Blasio, who made a short-lived presidential bid—the orderly patrolling of a homeland under siege might make a perfect narrative foil to Donald Trump’s impulsive decision making.

Accepting risk is a profound challenge for American homeland-security planning. Military planners must make assumptions about acceptable losses. In the civilian context, we have no such concept, meaning that officials are expected to act on any potential for harm, however vague or indirect. You can tell me that the threat of an attack has increased 1 percent, and as a rational person I would view that as negligible—unless you tell me that my child is among those facing a 1-percent-greater risk, in which case you had better do something. Because American officials and the public they serve have no easy way of discussing the differences among different levels of risk, we see any visible sign of action by police and other agencies as progress. But sometimes action is mere entropy.

Americans can be pretty confident that Iran will respond to the attack on Soleimani, but how, when, and in what form elude prediction. The response could happen in Iraq against American troops or elsewhere in the Middle East against U.S. interests—or the interests of American allies such as Israel or Jordan. The target could be a military base, an embassy, a shipping route, or an oil field. It could happen today or months from now. It could be launched by Iranian forces or proxies in the area. The operation could involve assassins, or drones, or missiles, or cyberattacks. The sheer volume of chatter and the multiplicity of leads produce what’s known in the homeland-security world as intelligence soup.

Nearly 20 years after 9/11, American elected officials of many political stripes remain wedded to the idea that threats of terrorism or hostile military action by foreign actors can be regulated at will, as with an on-off switch.

Under the multi-hued terrorism-alert system devised by the George W. Bush administration, the federal government sought to notify first responders and the public of potential shifts by shifting from one color to the next—for instance, from yellow (elevated risk) to orange (high risk). These shifts were based on intelligence, much of it undisclosed, that was publicly presented as credible but not specific. In practice, the system was subject to abuse and mere whim. Cities would try to raise their level of readiness, often redeploying their employees and spending more money, without any clear sense of which threat they might be preparing for.

The color-coded system was widely and rightly ridiculed as a disaster, and the Obama administration (in which I served) scrapped it. Yet Americans are still living in an orange-alert world. The public is still told simultaneously to freak out and that everything is under control. Not helpful.

Today, the Pavlovian movement of first responders and transportation personnel after an event such as the Soleimani air strike not only makes the public suspect that there is actually an immediate homeland-security threat to be worried about, but it could also distract official attention from what may be the greatest potential threat from Iran against the American homeland: a cyberattack against some piece of our crucial infrastructure. Shutting down an aviation-control or electrical or energy system could bring the United States to a standstill without a shot being fired. Iran has flexed its cyber muscles in the past. This specific threat—one that should prompt no new police on the street—has now been acknowledged by the Department of Homeland Security, which on Saturday issued a National Terrorism Advisory System (NTAS) bulletin to alert the private-sector companies that operate most of the crucial systems upon which America is built of their potential vulnerability to Iranian aggression.

The NTAS, which replaced the color-coded system in 2010, is intended to provide a more nuanced and narrative approach to guide the public, local governments, and resources. An NTAS bulletin is intended to serve as an intelligence briefing, to alert readers to potential risks, but it requires no bag checks or police overtime. It acknowledges that intelligence rarely comes in the form of a tip about a ticking time bomb.

Not every change in the threat level requires a show of force in the streets. The better-safe-than-sorry positioning is a cliché worth burying. The homeland-security threats that America faces today, both from Iran specifically and from all possible enemies generally, are too varied and inconclusive to think that the post-9/11 playbook—more cops, more heavy equipment, more money, more intrusions on civilian life—needs to still be a part of our homeland-security response. The threats have changed since 9/11. Our homeland-security response should too.