There are 40 million stolen passports in Interpol’s Stolen and Lost Travel Documents database in Lyon, France, including at least two that were used to board ill-fated Malaysia Airlines Flight 370 early Saturday morning. Naturally, speculation about what might have caused the plane’s disappearance has fallen on the two people who boarded with those passports. Did they carry out a terrorist strike? Or, like the other 237 passengers and crew on the flight, were they also victims? An urgent global law enforcement effort is currently focused on determining the answers to those questions.

Yet as important as that investigation is, there’s no overlooking the fact that it wouldn’t have been necessary had Malaysia, or China, followed the lead of a handful other Interpol member countries and checked passenger passports against Interpol’s SLTD database. The SLTD program, which allows law enforcement agencies to input and then access data on stolen passports worldwide, launched in 2002 in the wake of the 9/11 attacks. There’s no publicly available data that measures its successes, but Interpol’s website provides a few examples. In 2007, an airport passport check in Lyon resulted in the arrest of two women involved in smuggling migrants using stolen passports; in 2011, a passport check in Pakistan triggered an Interpol alarm and the arrest of a terror suspect wanted in connection with a 2007 attack in the Maldives, before he could board a flight for the island nation.

Unfortunately, the program has had relatively limited buy-in by Interpol’s 190 member countries, with the U.S., U.K. and United Arab Emirates accounting for more than half of the 800 million searches made annually. The reasons appear to vary, from cost and technical issues surrounding the linking of passport-control computers to the database, to a generalized lack of urgency. While Interpol hasn’t released data on the volume of Chinese or Malaysian searches, it’s abundantly clear that on Saturday night at least, both countries failed to avail themselves of Interpol’s resources. “No checks of the stolen Austrian and Italian passports were made by any country between the time they were entered into Interpol’s database and the departure of flight MH370,” the agency said in a Sunday statement.

In fact, responsibility for screening passports doesn’t only belong to the country of departure. The U.S., for example, collects passport data of all incoming international passengers before they depart their country of origin. Had China followed that protocol on Saturday, there’d likely be no need for an investigation this week. Indeed, despite the Chinese government’s best attempts, blame for the breach cannot be pinned entirely on Malaysia.

Nonetheless, much of it should be. Immigration and security procedures at Kuala Lumpur International Airport, departure point for Flight 370, are notoriously lax. Last November, for example, an international flight from Indonesia arrived at a domestic terminal and passengers were allowed to disembark without passing immigration or customs. Had a local politician not been a passenger on the flight, the lapse might never have been noticed. While this is hardly scientific, my own experience, based upon 12 transits I’ve made in and out of KLIA over the last 15 months, seems to indicate a general decline in security, including the abandonment of passenger fingerprinting at immigration, and lax enforcement of rules that passengers remove laptops and shoes while going through security. Security at other Malaysian airports doesn’t appear ― at least to a regular passenger such as myself ― much better.

Malaysian officials are deflecting suggestions that the government might have done more to ensure authenticity of passports. When news broke that the holders of the two stolen passports were Asian, Datuk Seri Dr. Ahmad Zahid Hamidi, Malaysia’s Home Minister, told the press, in slightly disjointed terms, that the problem was ineffective racial profiling by immigration officers: “I am puzzled how come (immigration officers) cannot think, an Italian and Austrian (passenger) but with Asian facial features.”

Fortunately, the safety of air passengers isn’t just the responsibility of governments with limited accountability. It also belongs to airlines with financial interests in being perceived as safe. In 2011, Interpol recognized this explicitly, when Secretary-General Ronald K. Noble told a travel industry conference that “global aviation security requires the industry to step in where governments fail.” Noble announced i-Checkit, a pilot program in which passport numbers are screened at the point of airline ticket purchase. (The program will also apply to hotel reservations and other travel-related transactions.) Theoretically, at least, this step will keep holders of stolen passports from showing up at the airport at all.

More important, it places the burden of security on the entities most likely to be harmed by a breach: the airlines, and their bottom lines. Malaysia Airlines, which was pummeled in Monday trading, and China Southern, the code-share partner on Flight 370 (and the airline from which the tickets were purchased using the purloined passports), would be well-advised to be among the first airlines to sign up for i-Checkit. The safety of their passengers, and the credibility of their businesses, depends on it.

By Adam Minter

Adam Minter is a regular contributor to Bloomberg View based in Shanghai and the author of “Junkyard Planet,” a book on the global recycling industry. ― Ed.

(Bloomberg)