WASHINGTON -- Homeland Security officials in the Bush administration are considering ways to use the insurance industry as a free-market-friendly vehicle to drive chemical facilities, food companies, utilities, and other businesses to take greater precautions against terrorist attacks without heavy-handed new regulations.
The concept of using insurance to spur companies to spend on counterterrorism measures may solve a vexing homeland security problem: Despite improvements the government has made to upgrade security at public facilities since the 2001 Al Qaeda attacks, 85 percent of American infrastructure is privately owned and underprotected.
Any attack on chemical, ground transportation, banking, food, energy, or utility sectors could cause massive destruction and cripple the economy. But companies have lobbied hard to defeat legislation to force them to upgrade their security practices, finding allies among free-market Republicans in Congress.
Proponents hope the insurance proposal will be a sweeping solution to the impasse. The basic idea would be to have the government or each industry develop a minimum set of security "best practices." Then, insurers would audit companies for compliance with those standards, with the power to reduce premiums for those who comply.
The idea is being promoted by homeland security specialists close to the Bush administration, although many still disagree on how the details should work. In addition, the insurance industry is skeptical about any version that would require it to provide terrorism insurance -- a still fledgling and poorly understood market -- or to offer discounts based on someone else's standards.
Valerie Smith, a spokeswoman for the Department of Homeland Security, confirmed that Alfonso Martinez-Fonts, head of the department's Private Sector Office, has been working on the issue, although the department declined to make him available for an in-depth interview.
"The insurance issue is being discussed at the department," Smith said. "It would be premature to talk about it until more conversations have been had with the industry and more decisions have been made. Everyone agrees that this is an important issue and good ideas to think about."
In a further sign that the administration may be quietly paving the way for the model, the White House's 2006 budget request for Homeland Security, unveiled last week, doubled funding for a Freedom of Information Act-exempt program that examines trade secrets from private businesses to assess their vulnerabilities to terrorism.
"The theory is perfect," Paul Rosenzweig, a homeland security analyst with the conservative Heritage Foundation, said of the insurance proposal. "The reality may be problematic. It's absolutely worth exploring, and indeed it looks like they are putting a lot more money into [exploring] it."
Many security specialists warned that relying on each industry to develop its own voluntary security standards has been a failure for two reasons: Executives fear the market will punish them for diverting profits into security if their competitors do not do likewise. And companies suspect that regulatory mandates still may come and they do not want to waste money buying the wrong things.
"In the chemical industry, for example, voluntary standards have not worked, period," said P. J. Crowley, a former insurance executive and former National Security Council official. "Part of the answer is finding incentives for them to make the business decision to adapt their materials or processes to reduce or eliminate the risk."
Frank Cilluffo, who until 2003 served as President Bush's special assistant for homeland security, said he is fascinated by the idea of offering less expensive insurance against terrorism to companies that take appropriate precautions. He said it would constitute "a business case for homeland security to ensure that the private sector is fulfilling its share of their responsibility."
The system would encourage companies to protect against limited threats, such as truck bombs or internal sabotage, and the government would guard against greater threats, such as nuclear terrorism.
"Hopefully, these steps, which will be incentivized and/or mandated, will raise the bar higher and improve our countermeasures against terrorism," said Cilluffo, now head of the Homeland Security Policy Institute at George Washington University. "This is not the panacea. This is not the solution. But it takes us a whole lot closer."
But many homeland security and insurance specialists caution that there are obstacles that must be resolved before an insurance-driven system could work. The challenges include getting insurance companies to provide terrorism insurance and determining which security measures are necessary in each industry.
The first problem arises because very few terrorist attacks have occurred in the United States. So, unlike with hurricanes or car crashes, there is little historic data that can be used to predict the risk of attacks now that the United States is at war with Al Qaeda and other Islamist jihadists.
Charles Benda, the homeland security practice leader for Lexington Insurance, said insurers have started to understand damage from terrorist attacks that use conventional methods such as truck bombs, based on blast radius data from military research. But predicting the frequency of attacks is trickier, he said.
"The way to get accurate data is to have more data points to map it out and analyze it," Benda said. "Fortunately, we don't have too many data points, so that makes it very difficult to price insurance costs in terms of future attacks. You can make some assumptions about target cities, target buildings, and target industries, but that still doesn't address the issue of frequency."
Because a terrorist attack from an unconventional weapon, such as a nuclear bomb, would result in incalculably high damages, specialists say the government probably would have to serve as an "insurer of last resort," backstopping the insurance industry against losses above a certain amount.
Still, insurers probably would lobby against legislation that forced them to reduce premiums for companies that follow someone else's guidelines. Each insurer probably would want to preserve the freedom to make pricing decisions, which could jeopardize the uniform standards coveted by security analysts.
"Until you can show that this certified list of things actually does have an impact and does prevent losses, insurers should not be told to provide a discount," said Julie Rochman, senior vice president for the American Insurance Association, a trade group. "Otherwise, you're artificially suppressing the price of coverage, and you've done nothing to prevent the losses."
Richard Thomas, the chief domestic underwriter for AIG, said he "would not recommend any government regulation in this area," adding that his company was closely monitoring efforts to establish uniform standards.
"We're not going to cede our underwriting judgments to the Department of Homeland Security," Thomas said.
But Cilluffo said insurance companies could work together with security specialists in various industries to develop appropriate precautions they agreed with.
He also warned that if the private sector does not establish a "standard of care" on its own, trial lawyers suing businesses after a future terrorist attack would fill that vacuum.
That notion was also sounded by the Sept. 11 Commission. Its final report recommended that the insurance industry use a preparedness standard in evaluating businesses, which would be exposed to lawsuits if they did not comply with the standard.
"Private sector preparedness is not a luxury; it is a cost of doing business in the post-9/11 world," the commission wrote. "It is ignored at a tremendous potential cost in lives, money, and national security."