Secrecy is not Security | SnallaBolaget.com
One of the most persistant comments we get, and one of the most persistant opinions about security, is that security measures, security means and tech needs to be kept secret for them to be effective. Here on SnallaBolaget.com we catch a good deal of flak for revealing the workings of airport security, for example, or for letting you know where to look if you think someone’s put a tracker on your vehicle. Our argument remains the same as it always has been, namely that secrecy does not equal security.
[ad name=”TopOfContent”]
To be fair; secrecy does have its place in security, but it’s not the place most people seem to think it has, or should have. Security guards and police trying to rein in people taking pictures of “secure facilities”, “building security”, etc. are simply ignorant of how real security measures work, and what to prioritize. And this misconception is not a new or a minor issue confined to small, private security operations, either. Police departments, federal and state law enforcement and multinational, multibillion dollar security operations like Securitas still teach and instruct their guards to target information gathering and photography/videography. US embassy security (DSS) around the world will try to stop you from taking pictures of their sites, and so will a lot of others. The practice of “First Amendment Audits” have become increasingly popular, making yet another argument in the effort to debunk secrecy as a security measure.
If Google Earth and Google StreetView has taught us anything, it’s that access to images of somewhere, does not lead to crime, terrorism or a decline in security.
The Case for Transparent Security
Since the beginning, we’ve made it a point to reveal the hidden side of security, and we’ve made some people angry, we’ve made others happy, and we think that’s the way it’s supposed to be. Some people have had to adjust their security measures because we’ve shown the world where the holes are (making their security better as a result), and some have based their whole setup on what we’ve talked about, implementing measures that they otherwise would not have known about – making their security better than it would have been, as well.
We’d like to know who the losing party in that equation is, because we can’t find any.
In addition to making security up its game, we’ve also seen that informing the public of the reasons and reasoning behind security measures they see every day, makes for a better experience. If you know why the TSA (yes, the TSA is a joke, we know) or your local equivalent makes you go through that thing, then it’s all the more acceptable. Ignorance is far from bliss, and anyone who’s been on the receiving end of some procedure they don’t understand the reasoning behind, will certainly agree.
Making security transparent and understandable works on many more levels than the road to secrecy, and increasin understanding and the level of information amongst “the common man” is absolutely certain to not lead anywhere but to smoother security operations and to a minimization of that invaded feeling many people carry around with them when they have to deal with security and security personell.
Defining the line – what should be secret, what should be shown?
Think of it this way: knowing that you have roving security patrols doesn’t help anyone. Actually – having people know it might deter someone from trying to break into your facility. When that patrol goes out or when it comes by, or how long it spends on the rounds (and the route) will help someone if they’re planning an attack. Also, knowing how that patrol works (on foot, with flashlights, in a golf car, etc) won’t help anyone either – knowing the access areas of the seurity force, will.
In other words, images and video, and knowing what the security measure is will never be a problem. What will be a problem is the day that security patrol gets stuck in a rythm, for example when they leave the office every hour on the hour, spends 6 minutes on rounds and sit for another 54 minutes. The what doesn’t need secrecy. The how and the if does need it. What a screener sees on the x-ray machine screen doesn’t need secrecy – but the operator’s personal training time and records for finding small items might need it.
[ad name=”TopOfContent”]
The bottom line is that secrexy will never be security, and anyone who says differently should probably never be put in charge of anything remotely related to security.