As a former fraud detective, I couldn’t help but wonder how I would have reacted to a file of this nature had it come across my desk.

In terms of enforcement, the only section of the Criminal Code that might potentially apply is s. 122 c.c. “Breach of Trust by Public Officer”, although several other sections of the Code certainly come into play for the purposes of defining the terms and limitations of this section. The application of s. 122 c.c., however, is problematic for a variety of reasons.

Proportionality

In considering the overall law that might apply to the kind of activity being alleged, I would first consider proportionality. Simply speaking, from an enforcement perspective, the Criminal Code of Canada is “the big hammer”. The principle of aligning the consequences with the relative severity of the act might be best demonstrated when considering traffic enforcement. Section 249(1) of the Criminal Code creates the offense of operating a motor vehicle in a manner “dangerous to the public”. Arguably, most traffic offenses create de facto situations where the public is placed at risk and there are certainly instances where the actions of a driver are so heinous that this Criminal Code section is appropriately applied. In the majority of circumstances, however, even in the event of a collision where there can certainly be significant property damage and often injury, an applicable section of the Traffic Safety Act (TSA) is more correctly applied.

Certainly, facilitating queue jumping with regard to medical services is not “OK”. Having said that, it’s at the top of a slippery slope that includes far more serious related activities. If, for example, it was being alleged that individuals had been given access to rationed medical services concurrently denied to others, or if the activities amounted to a critical triage that could be associated to the long term health or survival of a specific individual, then the enforcement of a Criminal Code statute might be appropriate. Likewise, if an official was deriving a tangible personal benefit from their queue-manipulating activity, then the general principle of proportionality would probably be satisfied in terms of seeking criminal recourse. To date, I don’t believe that any of these aggravating features are being alleged.

Given this set of circumstances, as an investigator, I think my first reaction would be to wonder whether the alleged actions didn’t “fit” better as a violation of a Code of Conduct or similar codified job-specific standard of behaviour. Assuming, for example, that health workers fall under the general category of the “Public Service” then I would review the, “Code of Conduct and Ethics for the Public Service of Alberta” While, frustratingly, the Code of Conduct goes into very little detail in relation to the kind of activity in question, it does stipulate that: “ Employees are expected in all regards to conduct their duties with impartiality.”

The consequences for violation of the Code of Conduct include employment disciplinary measures up to and including job termination.

Given the nature of the allegations, as an investigator, I would probably recommend this approach to my complainant as being more appropriate than pursuing a Criminal Code charge.

Applicability of the Section Itself

The first problem I would have with applying s. 122 c.c. is that it is a very general section and, although it appears to roughly apply, it is s. 121 c.c. that deals specifically, and in detail, with corruption by government officials. As an investigator, if the alleged behaviour was criminal in nature, I would anticipate that the offence would be set out in this section.

To contravene s. 121 c.c., however, the official would need to have been offered, or to have received something for the benefit that they provided. This does not appear to fit the circumstances being alleged with respect to medical queue jumping.

Although a more general section than 121. c.c. it might be a legal error to assume that, although not explicit, s. 122 c.c. does not require that the official receive some reciprocal benefit. Case law suggests that “breach of trust” is generally interpreted to mean using a public position to obtain, directly or indirectly, some benefit or to promote the private ends of the official themselves. If interpreted in this manner, then s. 122 c.c. would no longer “fit” the circumstances being alleged.

In the final analysis, it appears that Parliament has not clearly created a criminal offense in circumstances where a government official creates a benefit for others without the requisite expectation or receipt of any appreciable reciprocal advantage for themselves.

Whether of Not “Duty” applies

My last consideration in deciding whether to launch a criminal investigation into allegations of this nature would be to determine whether there was an actual duty imposed on the official. It is important to understand that, from a legal perspective, the duty should be something that is a specific requirement of the associated “office”. It’s always better if the duty is specified or codified in some way. An employee, for example, has a general duty to show up for work pursuant to the provisions of his/her employment contract. They may also have a duty to submit their work on time, or hundreds of other things that may be categorized as a “duty”, but these things really amount to employment expectations. Notwithstanding the other arguments that I have presented, as an investigator, I would like to know that there was some specific evidence of a duty imposed on the official that I could deliver to the court as an essential ingredient of the charge. Is there a specific duty imposed on any health official to ensure that the health services “queue” is maintained and administered in a certain manner? I’m guessing; probably not.

Recently quoted by the Edmonton Journal, Dr. Sanjeev Anand is correct when he states that law enforcement will likely consider the resource implications of intaking a file of this nature, but with all respect due to Dr. Anand, I disagree that the main problem would involve getting people who have received some benefit to speak with investigators. Attempting to identify or solicit “Whistleblowers” would be the worst possible investigative approach to a file of this nature. The fact that certain individuals have received an advantage will be implicit in the health records themselves. If the sort of favouritism being alleged does exist, then the patterns revealed during a records audit should provide sufficient evidence in this regard. With the collection of system-based evidence, whether an individual subsequently denies or admits that they have received a benefit may become somewhat moot. The problem, from a law enforcement perspective is the scope of the activity and access to the necessary records. Given the enormity of health care, and considering the number of transactions, clients and switch points within the system, an investigation would have to begin by employing advanced analytics against the available data. Furthermore, to detect an anomaly, you would first have to know what an anomaly looks like. There is no indication that the current health care system is sufficiently “self aware” to know what constitutes “out of the ordinary”. These are among the practical investigative problems.

While I cannot speak for the RCMP Commercial Crimes Section, I wonder if they won’t feel that the initiation of a complaint of this nature, made by a political party, doesn’t reduce them to the status of a pawn in what is otherwise a fully political exercise. As an investigator, knowing that I had dozens of files pending, with unassigned files backed up 18 months to 2 years, I would wonder about the political priorities that might exist 36 to 48 months down the road, as this is surely the minimum amount of time it would take to begin the file and then investigative it properly.

Unless, of course, someone could somehow get the file placed at the head of my queue.

Sterling’s partners dug deep into our own pockets to finance the production of “Collateral Damage-Surviving a Violent Encounter”. We were totally convinced that this kind of awareness training containing simple powerful messages and easily remembered strategies would be an instant “hit”. We were convinced that organizations would enthusiastically embrace an Occupational Health & Safety style solution based on training and awareness as opposed to turning their workplaces into heavily wired armed fortresses.

It is impossible to predict what might have mitigated the terrible incident in Arizona involving Congresswoman Gabrielle Giffords but I can’t help but believe that spending 17 minutes watching Collateral Damage – How to Survive a Violent Encounter wouldn’t have helped at least some of those people.

Regardless, I want to take a moment to comment on a news item that I read today in the Edmonton Journal entitled “Post office tries to stamp out “Granny Scam” If I can figure out how to do it, I will try to create a hypertext link to the actual article.

http://www.edmontonjournal.com/news/Post+office+tries+stamp+Granny+Scam/3337194/story.html

The crux of the article was that Canada Post is instructing its clerks to watch for potential victims of the “Grandparent Scam” and take preventative action against this particularly odious and prolific fraud.

For those of you not familiar with this particular social engineering variant, it involves a fraudster phoning an elderly person and pretending to be a grandchild in financial difficulty. The fraudster then convinces their victim to withdraw money and send it to them, often as postal money orders. In the worst case scenario, elderly people are encouraged to take cash advances against their credit cards.

I don’t know about you, but I grew up in an era where Canada Post bashing was a national past time. It seemed that they were perpetually on strike and that individual postmen always seemed to be making issues about everything from the amount of steps they had to climb to the weight of mail in their bags. For a time, there were people who would insist that Canada Post was representative of everything that was wrong with this country.

I admit that there may have been a few moments when I actually felt this way myself but, recently, I have completely reversed engines! Actually, I should have done it long ago. I live outside of a small town North of Edmonton and the individual service that I have received from my local Canada Post outlet has been nothing short of amazing. The women who run my local post office are patient, friendly and infinitely accommodating and…they always have been!

My outstanding customer service experiences aside, Canada Post’s latest initiative to encourage its employees to identify and intervene in situations where some of the most vulnerable members of our community are about to be victimized, is nothing short of courageous and laudable.

Sterling Security is currently involved in conducting a comprehensive anti-fraud framework for a Calgary financial institution. As part of the engagement, I discussed the possibility of recommending a “Vulnerable Customer Fraud Prevention Policy” with a former bank executive who I have known for many years.

“They’re not asking you for that.” He said. “They want you to address their fraud losses not those of the customers.”

“Yes. I realize that, but surely their customers are important to them and protecting customers must translate into a good business practice.” I replied.

“That’s not their job. The bank can’t be looking out after everybody like that. If I was still with the bank, I would never support that!” My friend shot back.

I am still pushing for a “Vulnerable Customer” policy for the bank that we are currently working with but, based on my colleague’s initial response to the idea, I don’t hold out much hope.

Perhaps one day soon, banks and other corporations will think more like Canada Post!

Intuitively, it seems reasonable that tightening up on the loose and/or carelessly held bits of personal information that float about should logically mitigate the threat of identity fraud. The empirical evidence, and my own experience in investigating identity frauds, however, have convinced me that privacy measures actually offer little to no assistance in this regard.

There are a number of very good reasons why privacy initiatives fail to address identity fraud, but it all begins with a widely-held misunderstanding about what human identity actually is and how it functions in a modern and increasingly technical society.

Although we all possess an identity, we seldom pause to consider exactly what it is and how our individual identities allow us to function and interact with society. The basic misunderstanding actually begins with our own very personal misperception about our own identities. We tend to perceive that our identity is somehow intrinsically and indivisibly fused to who we are. From this perspective, it seems reasonable that identities represent something that we can own and therefore, something capable of being “stolen”. This misconception contributes to our vulnerability and effectively detours us from developing effective strategies to combat criminal identity fraud.

Identity is not a “thing” it is, in fact, a collection of diverse “stuff” about ourselves that, when accumulated, in differing circumstances and in various ways, makes us recognizable to others. It is not who we “are” but merely a vital but nebulous representation of who we are. Our individual identities begin to form after birth when, starting with our names, we accumulate the bits and pieces of information that society uses to distinguish us from one another. These individual pieces of information are, in fact, capable of being stolen or otherwise misappropriated, but as individuals we seldom own or control these various identity elements. In fact the various elements that we string together in a sort of social equivalent of an algorithm most likely originate and “belong” to multiple and diverse sources outside our actual control. Regardless, this leads privacy advocates to believe that protecting these personal identity elements, particularly those held outside of our control, will mitigate identity “theft”. At first glance, this seems like a reasonable assertion but, unfortunately, that approach completely misunderstands how society and the individual actually use identity to interact.

Not only do we not own or control the majority of our identity attributes, despite our perceptions, neither do we own or control the identity that they collectively come to form. The concept of ownership denotes a certain set of rights and subsequent control over something. Neither criminal nor civil law affords us such rights to our identities. For something to be stolen it must first be capable of being owned.

Privacy experts might suggest that I am simply arguing semantics. They will say that, regardless of what it is called, mischief committed in relation to an individual’s identity begins with the misappropriation of personal information and that privacy initiatives aim to protect that information in a number of ways. This is naïve. The practical truth is that even with the most basic information about somebody, a criminal can easily generate enough new personal identity elements to make a co-opted identity viable.

The solution to identity fraud requires a review of how a very limited and traditional approach to identifying human beings has failed to keep pace with the modern technology of communication and commerce. Traditionally, society has relied on a named-based identity system that is very effective at securely associating names with assets. The challenge now, however, occurs in attempting to confidently and securely link a unique individual with their name and other identity elements. When the vast majority of people lived in small communities, society relied on natural biometrics to accomplish this.

Human beings have an innate but somewhat limited ability to process a range of biometrics. To varying degrees, we can distinguish, identify and recall a number of human characteristics that are perceivable through our senses. Subject to the limitations of our senses, memories and intellects, we can recognize people’s faces, voices and even mannerisms. This works extremely well in small communities where this still serves as the primary means used to identify others and effectively relegates the importance of an actual name to nothing more than a useful mechanism in secondary social interactions. Our ability to employ natural biometric recognition has been increasingly compromised by the growing size of our communities, as well our need to interact with one another remotely and over long distances. Society has responded by adding additional identity factors, authenticators and corroborators to augment people’s names in an attempt to bridge the growing identity gap. Identity vulnerability has been additionally aggravated, not because of the prevalence and availability of personal information as privacy experts would suggest, but rather due to the lack of it.

But even access to a wider range of identity authenticators and elements will eventually fail to address the identity gap fermenting in Marshal McLuhan’s ever-shrinking global village. The problem is further exacerbated by the fact that identity has now become the most accepted means of financial exchange, eclipsing more traditional forms of currency. Not only are our identities vulnerable; they are valuable. The combination of vulnerability and value create a potent enticement for criminal mischief.

In order to protect our financial systems and economy it will become increasingly important to securely link the individual to their identity. I believe that this will mean employing a wider range of automated biometric systems to replicate, but considerably extend, our ability to confidently and accurately recognize each other. This approach is generally considered an anathema to privacy advocates and admittedly does not come without significant risk. As my colleague Jeanne Proulx has appropriately pointed out, once we bind a person’s social identity to them biometrically, the individual, rather than simply their identity, becomes the new currency in the modern world. I acknowledge that this has significant implications in the event that a person’s biometric data was ever compromised as it would be virtually impossible to restore.

The below model illustrates these concepts. It demonstrates that in attempting to mitigate identity crime, privacy initiatives target the wrong element. Until we can effectively strengthen the manner in which we associate an identity to the actual individual, the growing problem of identity crime will not have been addressed.

Functioning Social Relationships - Identity

© Sterling Security and Information Integrity www.sterlingsecurity.ca

A gunman shot three current or former employees of Parkwest Medical Center in Knoxville, Tenn., before killing himself on April 19. One of the women died at the scene and the other two were taken to the University of Tennessee Medical Trauma Center where at least one of the surviving victims is still in critical condition. Police are still trying to determine a motive for the shooting. Thus far no connections between the gunman and the women or the medical center have been found. The attack occurred near the patient discharge area of the hospital. The gunman, whose identity is being withheld pending notification of next of kin, was armed with a pistol, but it is unclear how many shots were fired.

Click here for the link to the New York Times Article

CPIC is an amalgamation of information services administered by the RCMP on behalf of subscribing law-enforcement agencies.

It is not so much a database as it is an information system and portal to a variety of information repositories, registries and record systems. As well as an information conduit, one of its main functions is to serve as a secure communication channel for its law-enforcement subscribers.

What Kind of Information is Available From CPIC?

The vast majority of the actual information originates directly from CPIC’s subscriber agencies as well as through information sharing agreements with selected organizations and several other jurisdictions. Not all of the information available from CPIC is accessible by officers at roadside. Information requested from non-integrated foreign systems is only available after predetermined protocols have been satisfied.

While CPIC imposes standards, audits and quality control, it is still susceptible to inaccuracies originating from the contributing agencies. Many of these errors will be clerical/transcriptional in nature but can also result from careless investigations, intelligence or contributing agencies collecting false information in the field. Naturally, there is a higher level of integrity associated to information anchored to fingerprints.

CPIC’s preference to anchor identity through fingerprint biometrics is somewhat constrained by two factors:

• The ability to obtain fingerprints pursuant to legislation
• The availability of fingerprints for certain categories of CPIC entries particularly those involving alerts and warrants issued on reasonable and probable grounds

For the purpose of running subjects at street level, the most relevant of CPIC’s information systems is the Criminal Name Index or CNI which provides:

• gender and basic physical description of the subject
• the subject’s FPS number (if applicable),
• a code-based synopsis of the subject’s criminal record,
• any alias names associated to the subject
• the Orion fingerprint classification codes associated to the subject(s) fingerprints,
• a numerical score indicating how close the returned entries are to the information submitted,
• caution codes for individuals who have been designated as violent, suicidal or escape risks,
• the month and year of the most recent entry
This system can be searched a number of ways. If you have an FPS (Federal Penitentiary Services) number you can conduct a search by directly submitting the number but, mainly, subject files are accessed by submitting a surname, given names and a date of birth.

It is important to mention that the above searches for criminal synopsis, warrants and alerts, only represents a fraction of the information that can be accessed, one way or another, through or directly from CPIC. The ability to access additional information may be restricted by several factors including the skill and imagination of the individual officer, the circumstances of the field encounter and the limitations of an individual officer’s technology or his/her immediate access to it.

CPIC, however has a powerful SoundEx algorithm and will return “hits” on information that somewhat matches the information provided. Subjects who attempt to avoid detection by misspelling their surnames, interchanging their given names or who knock a few years off their dates of birth may find such tactics ineffective in hiding from the system.

Unless your subject has been charged with an offence, CPIC will return no information at all.

With the possible exception of information contained within certain alerts or warrants, CPIC does not include information about a subject’s residency, next of kin, associates or vehicles.

Where Does CPIC Information Come From?

Fingerprints, photographs and information relative to criminal charges are obtained by contributing police services under the authority of the federal Identification of Criminals Act. Information relating to warrants, intelligence and alerts on individuals as well as information relating to stolen autos and other property is submitted and shared pursuant to federal and provincial/territorial privacy legislation that provides for this kind of information to be collected and shared.

Who Has Access?

Access to CPIC is only granted to law-enforcement agencies who apply and meet the necessary criteria for inclusion. Applications are considered by a committee represented by the RCMP and other CPIC subscribers. There are different levels of access that can be granted depending on the requesting law-enforcement agency’s function and needs.

Some CPIC information is available to the public through the burgeoning “Security Clearance” enterprise whereby police services retail a report based on criminal record information. It is important to note that, as an agency, CPIC itself does not release information unless it has confirmed identity through fingerprints. Information derived from CPIC sources, however, is made available to police agency subscribers for the purpose of “crime prevention programs”. These police services ostensibly access criminal history from CPIC under the provisions of their security clearance programs and in turn retail it to individuals who require the information for program or employment purposes. With a few exceptions, security clearances provided by these programs are not based on fingerprints.

These programs vary widely from one jurisdiction to the next but, with a few notable exceptions they involve an applicant presenting themselves in person and providing suitable identification while granting written consent to have their names searched. Although rules differ, some jurisdictions will also query their local police records. There is no consistency in what each agency will actually report in their security clearance reports but generally only records of conviction will be reported and these will often exclude conditional discharges, minor offenses or records that are deemed to be too old. In many cases the people preparing the security clearance report have the discretion to include or exclude information after considering the stated reason for the clearance being requested. No fingerprints are used to confirm the information returned and most agencies will have this fact conspicuously printed on the report that they provide. The applications used by most jurisdictions require the client to identify any other names that they have used or otherwise been known by. As far as I can determine, this declaration is made pursuant to the “honour system”. I am not aware of any solemn declaration or any statutory requirement that would actually compel someone applying for this clearance to actually tell the truth.

Another contentious issue involving CPIC access involves independent information brokers who obtain their criminal background information through cooperative police services. Most of these services are conducted remotely with neither the police service nor the information broker ever having face-to-face contact with the client or the actual subject of the inquiry. The organization requesting the information is responsible for obtaining identification and consent from the subject who is usually a prospective employee. The client organization generally transmits the identity documents and the consent to access CPIC to the broker who then forwards the package on to the police service with whom they have an agreement. These police services may be located within an entirely different part of the country from where the request is actually originated. After “running” the name, the police service relays the information back through the broker to the requesting organization.

Most police services will not conduct CPIC inquiries unless they are able to confirm a subject’s identity in face-to-face encounters and the vast majority will only provide the results of the inquiry directly to the subject themselves. A number of vulnerabilities are created by those police services who work with the independent brokers in the manner described.

• There is no practical way to ensure that the request is legitimate
• There is no practical way to confirm identity or to ensure that the subject has not used or been known by other names
• There is no practical way to ensure that the consent is legitimate
• Only CPIC information will be considered in the “check” as valuable local information will not be available to the remote police service
• The information passes through several hands and may never actually be received by the subject themselves

In December the RCMP sought to reign in the information brokers by reminding subscribing agencies of the existing CPIC rules and protocols. This resulted in explicit instructions about how subscribers were to respond in situations where a name inquiry resulted in a match with a CPIC record. CPIC instructed subscribers to reply in a manner indicating that the record check could not be conducted and that the subject should submit to fingerprints. Ostensibly, this would still mean that a “negative” check, where no apparent name match had been obtained, would still be confirmed.

Unfortunately the other issues, as detailed above, were not addressed and the information brokers must have been relieved that this “crackdown” by CPIC did not overly infringe on their prevailing business model.

If the RCMP is, in anyway, uncomfortable with the way that CPIC information is being sold and resold, it is possible that the lack of any practical, timely alternative is prompting their tolerance.

The following CPIC FAQ provides additional details with respect to the RCMP’s position relative to the use of CPIC for security clearance purposes.

http://www.cpic-cipc.ca/English/crfaq.cfm

CPIC also makes information publicly available over the Internet for:

Stolen automobiles (By Vehicle Identification Number – VIN)

Stolen automobiles (By vehicle licence number)

Stolen bicycles (By serial number)

CPIC would rather relate everything to fingerprints and does, in fact, file everything under a fingerprint-centric system when biometric fingerprint information is available pursuant to the Federal Identification of Criminals Act. It is not uncommon for a CPIC fingerprint-based identity to have numerous alias names associated to it. In the field, police officers list these aliases whenever they encounter them and they dutifully find their way onto the individual’s Federal Penitentiary Services (FPS) file. Thankfully, the file also contains additional information including the subject’s physical description that can be particularly helpful in reconciling a person’s identity to a CPIC entry.

As I have said, while the system relies heavily on fingerprints to anchor individual identity, from the roadside, the system is accessed almost exclusively by submitting a name and this is where things can begin to go wrong.

What CPIC Doesn’t Do

Don’t get me wrong, CPIC information is great. It’s always good to know who you are dealing with but on the street there are some serious limitations in terms of confirming the identity of people you are dealing with. When people are fingerprinted, they are generally always photographed as well but these images are not available quickly or easily. Although the CNI returns information on the subject’s fingerprint classifications, only officers with previous fingerprint training can confirm the classifications and even this can be a challenge working with a flashlight in the back of a patrol car. When dealing with people, experienced officers become comfortably adept at anticipating which individuals are likely to have a criminal past. In the absence of any credible documents, the fact that no CPIC information exists is often a strong indicator that an incorrect name has been provided.

Reprinted from Security Management Weekly April 2, 2010

Data released by the federal government shows that healthcare workers face more violence in the course of their jobs than do employees in other fields. These violent incidents can take a number of forms, such as patients assaulting nurses or shootings at hospitals like the one that took place at Danbury Hospital in Connecticut on March 2. Experts say that there are a number of reasons why healthcare workers are at a greater risk of violence, including the fact that there are a growing number of elderly patients suffering from dementia, said Danbury Hospital President Frank Kelly. In addition, psychiatric patients are also prone to violent outbursts, said David Schildemeier, a spokesman for the Massachusetts Nurses Association. Long hours of waiting in overcrowded emergency rooms and the increasingly violent nature of society have also contributed to an increase in violence at hospitals and other healthcare facilities, experts say. In response to the rising rate of violence against healthcare workers, Massachusetts is considering legislation that would require healthcare facilities to implement violence protection programs. Legislation has already been passed in New York that requires healthcare institutions in the state to perform individual risk assessments to prevent violence and to develop policy statements to address violence. Hospitals are also taking steps to increase security, such as equipping security guards with Tasers and installing metal detectors.

Follow this link to the full article:

http://snipurl.com/v837r

Unfortunately, I was characteristically late for the interview and found myself being whisked out to a courtyard where a cameraman was patiently standing by. It was clear that there wasn’t going to be a lot of “prep” for the interview. The reporter’s first question was the equivalent of a left hook to the temple. “You know, I’ve checked the Internet and I can’t find a single incident where anything like this has ever happened here before.” I stumbled but then recovered sufficiently to begin talking about a few relatively recent violent incidents that came to mind. “Yes…but none of those had anything to do with an employee.” Ah…there was the distinction.

It was, however, a distinction that I had never made and in the follow-up media coverage to this incident, it is something that I have considered at some length. In what often amounts to a final act of homicidal self-expression, if a human being decides to take up arms against others before taking his or her own life, how much do the particular circumstances really differentiate one killer from another? Whether the situation relates to terrorists in Mumbai, a gunman on campus, a lunatic in a MacDonald’s restaurant or someone who walks into a coffee shop and opens fire on policeman during their break; are these really fundamentally different kinds of assailants, or are we making a mistake by classifying them based on the triggering mechanism, their disparate motivations, or their choice of victim?

From the perspective of a company who addresses survivability in circumstances of public place violence, there are really only two kinds of assailants. The first is not generally suicidal and employs force and/or the threat of force to achieve a defined purpose that represents a specific personal living goal. That is not to say that this person is not capable of administering lethal force in their pursuit of financial or political gain, but in the case of these individuals, violence is simply the means and not the objective. They have every intention of surviving to enjoy the spoils of their adventure whether they have in mind a financial, political or a more esoteric reward. At the other extreme you have individuals who are suicidal and have no intention of consolidating personal gain from their actions. These individuals arrive with real weapons, often seek general targets rather than specific ones, and have no other intention but to inflict the greatest loss of life possible before taking their own lives. They do not negotiate and they have no escape plan beyond ending their own lives.

Police procedures, dating back 40 years or more, established the standard for dealing with “Armed and Barricaded” individuals. This approach involved the rapid establishment of a perimeter and then gaining optimal control of the assailant’s immediate environment. Once the police had effectively quarantined the assailant, they would begin to gather intelligence and formulate a plan. Time was now on their side. Unless the imminent or continued loss of life presented an immediate issue, a tactical response was usually not favoured. Incident commanders preferred to call in negotiators who were trained to defuse the situation and eventually effect the surrender of the subject. For many years, this approach was entrenched in police organizations and continues to be reflected in everything from their operational procedures to their training, role specialization and equipment. The more or less obvious problem with this approach is that it takes a hellishly long time to respond and deploy the necessary resources and equipment.

To their credit, police are now training “Active Shooter” scenarios where first responders are no longer restricted to establishing perimeters but are encouraged to engage the assailant as quickly as possible in order to mitigate loss of life. The trick here is going to be in attempting to, at the outset, correctly identify what kind of an assailant is being encountered and to respond quickly enough to be effective. There are still many circumstances where establishing a perimeter, controlling the scene, and negotiating with a subject, may be preferable to going in with guns blazing.

Regardless of whether the police decide to “lock down” a scene or to actively engage an assailant, both approaches suffer from the same flaw. Both rely on some level of expert or specialized resource arriving in time. Unfortunately, whether by design or programming, people appear disposed to wait for the “cavalry” to arrive. On many occasions this has proven to be a fatal miscalculation.

The bottom line is that people need to assume a realistic and appropriate level of responsibility for their own personal safety, at least until that responsibility can be reasonably transferred to responding emergency services professionals.

I have resisted entering blogs or otherwise promoting our online instructional video following some of the latest incidents of public violence in Edmonton. I worry that I will be perceived as profiteering on what are often tragic events while at the same time I am concerned that, as these incidents escalate in frequency and severity, harsher security measures may ultimately result.

The first time I actually realized how the cost of public violence might manifest itself was in Bali, Indonesia. Although it was several years after the tragic Bali nightclub bombing that killed so many vacationers, as we approached the resort where we had dinner reservations, our car was waved over and surrounded by heavily armed security guards. Even though I have been in law enforcement my entire career, I felt intimidated and uneasy. It was easy to tell that my wife and daughters felt the same way. We were questioned about our reservations and a mirror was used to inspect the undercarriage of the taxi. The women were questioned about their handbags. The guards were extremely polite but, at least from a Western perspective, the scene was still menacing in many respects. When we visited the Philippines a few years later we realized just how tame the Indonesians had been as we were subjected to armed guards and airport style metal detectors at the entrances to shopping plazas, most of which required that bags be checked before entering. Unfortunately, from an expert security perspective, I realized that these very socially restrictive practices would probably prove woefully ineffective at either addressing or deterring an organized public act of violence. In some respects, these measures accomplished little more than providing an outward appearance of security which can be particularly insidious if they result in a false sense of being safe.

On reflection, I think that what I witnessed in Indonesia and the Philippines is representative of the same attitude that makes public instruction in personal safety such a hard-sell here in North America. Despite distance and cultural differences, people everywhere may be a little too willing to abdicate a critical level of responsibility for their own safety to “professionals” who, in turn, have to resort to increasingly overt means in order achieve, or be seen to achieve, secure environments.

To me this is something like watching a man choke to death on a piece of steak while looking on, resolute in your conviction that these matters are best left to professionals who will, hopefully, arrive soon.

Sterling’s 18 minute professional instructional video can be purchased for $4.99 from our website at:

www.sterlingsecurity.ca

The promotional video can also be viewed on the website for on Youtube.

If your organization or group has questions about personal, workplace or campus issues involving mitigating public acts of violence, do not hesitate to contact Sterling Security at 780-945-0119 for a free consultation.

Sterling endorses the SAS approach as it uniquely identifies the predictors and precursors of deceit which is an essential element of criminal fraud and the characteristic that distinguishes fraud from theft-based crimes.

Companies moving into compliance with Bill 198 (C SOX) will find the SAS tools align well with the anti-fraud tone and requirements of the legislation. To register for the Webinar please go to:

http://www.sas.com/images/email/c19065/finalhtml.html

I look forward to joining you there!