This is part of IEEE Spectrum's special report: Critical Challenges 2002: Technology Takes On
Present ID to suspicious guard. Step through metal detector while briefcase is X-rayed. Swipe keycard and enter PIN to access authorized areas. Once, this sequence of events was a good way to set the stage in a James Bond movie. But today, for an increasing number of employees, some or all of these checkpoints are the start to a regular workday.
Although terrorism is probably the focus of most people's current concern, the need for protection from such nightmares as workplace and school violence has been fanning a demand for more secure environments for some time. Proposed solutions range from the simple, like putting better locks on doors, to the experimental, like automatic face-recognition systems. On a long-term basis, they even include architectural measures: designing buildings so that bomb-laden trucks can't readily approach them. But when the demand is met, do we really end up safer? And how much, if any, privacy must we surrender for that security?
The answer, not surprisingly, depends on the situation. Keeping terrorists off airplanes is different technically and sociolegally from keeping unauthorized employees out of certain parts of a factory, which is different yet again from fighting crime in public parks. Technically, it is much easier to verify that an employee is who he says he is than to identify a shadowy figure who has no proper picture on file. Sociolegally, it is lawful and usually acceptable for an employer to control access to parts of its plant and to subject employees to some scrutiny. But, in the United States at least, ordinary citizens have expectations of privacy, and as we shall discuss, some programs for monitoring public places with cameras--especially cameras equipped with face-recognition systems--have alarmed people as politically diverse as Barry Steinhardt, associate director of the Manhattan-based American Civil Liberties Union (ACLU), and Texas Republican Richard K. Armey, outgoing majority leader of the U.S. House of Representatives.
Courteous access control
For businesses, the first line of defense--controlling who and what enters the building--is often also the last line. "The biggest concern is access control," said Richard McCormick, vice president of the Business Risks International division of Pinkerton, the oldest corporate security firm in the United States, headquartered in Chicago. "A lot of companies don't do anything. You walk in the door and maybe there's somebody sitting there. You say you're here to see someone, and they say 'Fine, just go down the hall, it's the third door!'" McCormick observed.
Adding more security needn't make an office lobby feel like Checkpoint Charlie. "Good access control, if it's done well, does not have to interfere with people's rights. In fact, good access control is somewhat transparent," said McCormick, suggesting that, say, a policy of making visitors wait in the lobby until they can be escorted to their destination by an employee can be as much about good business courtesy as good security.
In McCormick's view, technology is a critical element. "Generally, you try to use technology as opposed to personnel. It's cheaper and in many cases does a better job," he said, citing the problem of securing parked aircraft in countries where drug smuggling is rife. Rather than relying on guards, who may be part of a smuggling operation themselves, McCormick would equip planes with an intrusion-monitoring system that would download a report to a returning pilot's handheld computer. The pilot could then search indicated areas.
Similarly, although some personnel will always be required to respond to alarms and so on, McCormick would much prefer to monitor an area with cameras than have patrols. But others are bothered by the introduction of such surveillance equipment into workplaces.