Take a balanced approach to security

I attended an excellent security conference in early March. As expected, there were a lot of stimulating presentations on intrusion detection systems and responses, and planning. But I have to admit that I was taken aback by a couple of issues related to post-9-11.

One speaker, a respected security expert with several publications to his credit, suggested that governments must confront the issue of foreign nationals working in sensitive areas. He was not only referring to sensitive areas in the context of national interests (eg. defence, law enforcement, intelligence gathering, local employees working in Canadian Embassies, etc.), but to much more mundane vulnerabilities such as infrastructure.

Without really making the point, I had the feeling that he was also referring to landed immigrants and others, so I asked about second generation Canadians. He said that this politically incorrect discussion also needs to take place. However compelling his arguments, have we forgotten the lessons of interring the Japanese during World War II solely because of their ethnic origin? I’m sure that the perceived threats at that time were as real as they seem today. As now, the U.S. had undergone a devastating attack on U.S. soil.

One problem with this approach is the false sense of security it gives. We need to worry as much about the enemy within – for example, the Timothy McVeigh’s and the persons involved in mailing anthrax.

In the last few months, many ethnic minorities have had their rights stripped in the name of national security. Some of these people have previously undergone more background scrutiny checks to get and hold their current positions than many of us will ever have to endure. If called upon to review these cases, I find it hard to believe that the various privacy and human rights commissions will support indiscriminate screening based upon one’s ethnic origin.

The threats are real, but a cynic might think that many security alerts have more to do with increasing organizational budgets by instilling fear among citizens, rather than a comprehensive security response. So-called experts are still identifying potential targets in the news (which arguably gives the bad guy’s ideas), and they have not addressed problems in airport security (such as the recent deployment of bleeding-edge technology, and low paid, transitory screening personnel).

Passenger lists are transmitted to the U.S., apparently without commonly accepted privacy safeguards. Reportedly, U.S. air carriers are being sued for allowing plain-clothes male security personnel to “pat down” female passengers while airport security fails to find weapons more than 50 per cent of the time.

I, for one, am prepared to rely upon, and hold accountable, security professionals without the weekly update. I expect them to issue high probability security alerts, to consult the public on policy matters in a professional manner, and to go quietly about their jobs based upon threat-risk analyses. In fairness, many government organizations do go about their business in a professional manner. The problem is with those who try to cash in by instilling paranoia to promote a particular agenda, or try to resurrect previously unacceptable projects in the name of national security.

Realistically, we will have to give up some freedoms to confront legitimate threats. We all have a role to play in protecting our nation and our companies. We cannot turn the keys to the kingdom over to just anyone. But neither should we demand background checks and other intrusions that go beyond reasonable security precautions.

I’m concerned that the biggest problem with this domestic war on terrorism is the threat to the Canadian way of life. If we discard our respect for privacy and human rights in favour of an excessive security response, we will have lost the war on terrorism.

Obviously, these speakers caught my attention. While I advocate strong privacy protection, there is a pressing need for a public policy discussion. My brand of privacy and theirs may not be that far apart. What I usually find, once the dialogue begins, is that the shared objectives of security professionals can be accommodated while adhering to fundamental privacy and human rights. The answer is not to implement cosmetic security procedures to quell the public’s demands for action.

This discussion is particularly germane to our profession because of our reliance on information and communications technology, our management of the country’s infrastructure, and the skills shortages that plague our industry during periods of high growth.

Several speakers at the conference said that the balance between security/privacy and individual rights must be readjusted post 9-11. Where is that balance for you?

Boufford, I.S.P., is president of e-Privacy Management Systems – a consulting firm specializing in privacy and information technology. He can be reached at John.Boufford@e-Privacy.ca. His Web page can be viewed athttp://www.e-Privacy.ca.