the possibility of adding additional forms of screening, in particular various types of psychological tests.
It is vital to acknowledge the formidable challenges posed by screening individuals for potential security concerns. The proportion of the population of job candidates who represent true security risks is unknown, but likely to be very small. This low base rate makes it difficult to detect true threats because “screening in populations with very low rates of the target transgressions (e.g., less than 1 in 1,000) requires diagnostics of extremely high accuracy” (NRC 2003:5), and these do not exist for the problems we are trying to address (or for many others). There is no way to escape the risk that good candidates will be screened out in order to detect a small number of people who pose genuine threats to security. This is not a new issue and, as discussed in Chapter 2, the U.S. government attempts to address this dilemma through a number of approaches aimed at assuring personnel reliability.
Efforts at screening for rare individuals or behaviors will therefore inevitably struggle with concerns about either failing to identify someone who has the disqualifying background or behavior or identifying someone as having disqualifying background or behavior when she or he does not. These two concerns are inversely related: the more one tries to avoid letting a security risk get through the screening, the more one increases the number of innocent individuals who will “fail” the test. The 2003 National Research Council (NRC) study The Polygraph and Lie Detection illustrates the difficult trade-offs facing policymakers with the example of a polygraph screening exam with an accuracy index of 0.90 for a hypothetical population of 10,000 government employees that includes 10 spies:
If the test were set sensitively enough to detect about 80 percent or more of deceivers, about 1,606 employees or more would be expected [to] “fail” the test; further investigation would be needed to separate the 8 spies from the 1,598 loyal employees caught in the screen. If the test were set to reduce the numbers of false alarms (loyal employees who “fail” the test) to about 40 of 9,990, it would correctly classify over 99.5 percent of the examinees, but among the errors would be 8 of the 10 hypothetical spies, who could be expected to “pass” the test and so would be free to cause damage. (NRC 2003:6)
In addition to the general dilemma of such trade-offs, the impact of unnecessarily excluding someone who does not introduce a security risk poses a special problem for the technical and research personnel in the BSAT workforce. If there is a large pool of potentially qualified applicants, a manager could decide that she or he can “afford” to incorrectly exclude someone who is in fact qualified because there are many others from whom to choose. (Even if the employer is not affected, “failing” the test could have harmful conse-