Professional Documents
Culture Documents
Part V
The growth of the security industry is an important factor in justifying regulation. Since the
1970s, private security personnel have outnumbered public law enforcement officers. In 1990,
for example, private security employed 1.5 million people and spent $52 billion per year, while
public law enforcement employed 600,000 and spent $30 billion per year. These gaps have only
widened in recent years and it is now estimated that private security outnumbers public law
enforcement by at least three to one. According to market analysts, this trend will continue. The
international demand for private security services is expected to grow at a rate of 7.7 percent per
year through 2008. In short, private security is increasingly responsible for the protection of
people, places and assets; yet, little consideration was given to its role in national security prior
to 9/11.
A related concern is the possibility of a lawsuit based on a negligent hiring decision and lack
of due diligence in the hiring process. Negligent hiring litigation has been described as the
fastest-growing area of employment litigation, with plaintiff verdicts averaging $3 million
(Rosen, 2008). Public oversight of private security has also become an issue given the increased
use of contract private security officers by the Federal Protective Service.
In general, regulation of businesses and private activities is justified under the general police
powers of the government. Because security business is usually local in nature (despite the
existence of national security service companies), the most appropriate level of government
for administration of regulatory provisions is the state or municipality.
To exercise its general police powers constitutionally, federal or state government must
establish that some aspect of the public welfare is involved and that unregulated activity in
the field under consideration would likely harm some or all of the public. As workplace
violence, terrorism, and other attacks continue, the public perception of the need for govern-
ment regulation increases, leading agencies to act.
2. SELF-REGULATION
One way to regulate the industry is through the creation of national guidelines and standards
by which security professionals can be judged.
1
The ASIS guidelines program has received a Designation award under the Support Anti-terrorism by Fostering Effective
Technology Act of 2002 (the SAFETY Act) from DHS. That designation limits the designee’s liability for acts arising from
the use of guidelines in connection with an act of terrorism and precludes claims of third-party damages against
organizations using guidelines to prevent or limit the scope of terrorist acts. See http://www.asisonline.org/guidelines/
guidelines.htm.
After September 11, 2001, ASIS began working diligently to develop standards with other
groups (ASIS, 2010):
ASIS had previously chosen not to promulgate guidelines and standards, but world events have
brought to the forefront the need for a professional security organization to spearhead an initiative
to create security advisory provisions. By addressing specific concerns and issues inherent to
the security industry, security guidelines and standards will better serve the needs of security
professionals by increasing the effectiveness and productivity of security practices and solutions,
as well as enhancing the professionalism of the industry.
ASIS has been a leader in developing standards and best practices, often in conjunction with
state and federal legislative initiatives. As of late 2009, the organization was working to develop
several such documents, including Organizational Resilience: Security, Preparedness, and
Continuity Management Systems—Requirements with Guidance for Use; Facilities Physical
Security Measures Guidelines, and American National Standard for Workplace Violence Preven-
tion and Intervention.
The federal government, too, is focusing on security standards. As the name suggests, the
Department of Homeland Security (DHS) Voluntary Private Sector Preparedness Accreditation
and Certification Program (known as PS-Prep) is designed to promote, not require, nationwide
resilience in an all-hazards environment by encouraging private-sector preparedness. The
program will provide a mechanism by which a private-sector entity may be certified by an
accredited third party as conforming to one or more preparedness standards adopted by
DHS. However, ASIS notes that third-party certification can be a barrier to small- and medium-
sized businesses working to improve preparedness, and it favors a system in which businesses
that want certification are not forced to choose from a set list of standards but can develop
voluntary standards that work best for their organization.
● Airport security. The Pan Am 103 bombing in 1988 represented a shift in terrorism
strategy—from hijacking a plane to fly to another country to bombing for its own sake.
In 1996, the government chartered the Commission on Aviation Security and Safety to
study the problem and recommend solutions. After the 9/11 terror attacks, security
focused more on airline employees, enhanced passenger and baggage screening, and
reassignment of authority. Terror tactics showed that ‘‘terrorists no longer want to sit
at the table, they want to blow it up and everyone at it’’ (White, 2002). Aircraft themselves
had become weapons of mass destruction.
What followed was the new Transportation Security Administration (TSA). While most
airports use TSA-employed screeners, TSA also offers the Screening Partnership Program,
through which an airport operator may apply to have security screening conducted by
personnel from a qualified private contractor working under federal oversight. At the
same time, each airport has a federal security manager with overall responsibility for
screening. Such a hybridized system of control and oversight will be interesting to study
to determine its acceptance, effectiveness, and receptivity to private interests.
● Publicly traded companies. Major scandals involving publicly traded companies, such as
Enron, WorldCom, and Arthur Anderson LLP, have fueled distrust of corporate accounting
practices and ethics. One result was the Sarbanes-Oxley Act (2002). The act did not
replace the private accounting profession with a federal staff, but it did establish an
oversight board that is under tight government control and that wields governmental
authority (Michael, 2006). Many security professionals are aware of the act’s effect on
physical security systems and audits.
Efforts to regulate the entire security industry suffer from a lack of uniform momentum.
Despite calls for regulation in the 1970s, 1980s, and 1990s, little regulation has been instituted.
3. GOVERNMENT REGULATION
The form of government regulation is usually determined by whether the primary objective
is control of the activity or the raising of revenue through taxation.
Early regulatory statutes tended to deal exclusively with persons offering security services to
the general public. State legislatures and local municipalities were persuaded that without
regulation, such persons might be unqualified and might cause injury or harm to clients and
others. In a New York State case (Shorten v. Millbank, 1939) construing the purpose of that
state’s licensing and regulatory statute, the court held that ‘‘[p]rovisions of this section...are
for the protection of the public at large and to prevent from engaging in that business
disreputable, incompetent persons who would prey upon the public.’’
Today, security regulation varies widely among the states. Although nearly all statutes define
the regulated service or activities, the period for which any license issued will be valid, the
license fee, and the penalties for engaging in the regulated business without registration, they
differ on other provisions. The following are other requirements they may specify, with the
most common listed first:
● good character
Many government bodies that regulate security services also require evidence of financial
responsibility, usually a bond, to ensure faithful and proper performance.
● Directors and managers of in-house security services as well as owners and managers
of contract security services should be licensed.
● All employees of both proprietary and contract security organizations should be registered
by the state.
● Each licensee and registrant should meet minimum standards or qualifications (which
could vary among types of licensees and registrants).
● All new applicants for licensing and registration should have completed high school or
its equivalent or must pass a special literacy test.
● State agencies should require minimum training programs for all types of private security
personnel.
● Separate training programs should be required for different security positions, such as
guard, investigator, polygraph operator, and central station alarm responder.
● Currently employed security personnel should be given one year to meet the training
requirements.
● Private security personnel should be prohibited from carrying concealed firearms while
on duty. Company-furnished weapons should remain on company property during
off-hours.
● Statutory liability should be imposed on private security businesses for weapons abuses
by their employees against private citizens.
● Regulatory agencies should have the authority and resources to spot-check private secu-
rity records and operations.
● Local police and insurance companies should forward to the regulatory agency any
information coming to their attention involving major complaints or incidents involving
security personnel.
● Jurisdictions should regulate the color and style of private security uniforms, as well as
the use of police titles by private security personnel.
● Any firm hiring the services of an independent security contractor should be held liable
for any negligent failure to control the contract staff.
● The federal government should consider funding a research center to evaluate the effec-
tiveness of private security personnel. Its findings should be included in an overhauled
statistical reporting system to be maintained by the insurance industry.
Many of the recommendations were later incorporated into the PSOEAA. Debate over their
usefulness continues.
At the time of the study, existing state regulations dealt with guards and investigators offering
services to the public. Control of proprietary security forces, i.e., those working for a single
employer, did not come until much later and is still not the rule.2
The second method applies to the licensing or registration of employees of the business other
than those named on the original application. Registration of such employees is required
upon employment and consists of filing their name and other identifying data, usually finger-
prints, with the appropriate agency. The employee may also need to provide a personal
history statement and generally must answer questions concerning prior criminal convictions.
Specific details vary among regulatory bodies. The least that is typically required where
regulatory requirements exist is the filing of the individual’s name and submission of finger-
prints. In most cases, the employee can work provisionally in security assignments pending
return of the completed file check from the regulatory agency. In some locales this process
can take several months and may not involve any express communication. A lack of reply
from the regulatory body is deemed to indicate a lack of disqualifying information.
The problem of long delays in checking applicants for security positions is serious and has
resulted in harm to clients or third parties by unsuitable security employees. Lack of a
2
Legislative tracking and advocacy regarding security regulation is done by such groups as the National Fire Protection
Association, National Burglar and Fire Alarm Association, National Association of Security Companies, and ASIS.
requirement for an express communication from the regulatory agency can result in lost or
strayed disqualification notices and indefinite retention of unacceptable employees.
● Security officers (guards and guard services): contract security officers and the agencies
that employ them. Proprietary officers are often exempt from statutes and ordinances.
This category typically includes armored car personnel.
● Armed versus unarmed security officers: those that carry or do not carry firearms. Armed
and unarmed security personnel may need to meet different requirements. Separate
records may be maintained.
● Private investigators: firms or people offering investigative services for a fee. Executive
protection personnel, if addressed, may fall under this category.
● Alarm companies: firms and personnel that design, sell, install, service, and monitor
fire and intrusion alarm systems.
● Guard dogs: canines to protect property. Regulations may cover their licensing, care,
handling, and use. Animals specifically trained for drug or bomb detection are typically
regulated by a separate division of government.
Some government agencies also have license requirements for polygraph operators,3 consul-
tants, process servers, locksmiths, repossession agents, claims adjusters, bouncers, motorcade
escorts, and special police. Special police are generally private security personnel with limited
authority to act as police or peace officers in some area of their employment, such as a private
residential community.
3
Aside from polygraph licensing statutes, many states have statutes prohibiting or limiting the use of the polygraph as a
condition of employment or continued employment. The most significant polygraph legislation yet passed is the federal
Employee Polygraph Protection Act of 1988 which sharply limited polygraph use by private employers.
● Private Security Officer Quality Assurance Act of 1993, HR 1534. Introduced by Represen-
tative Matthew Martinez of California, this bill did not pass either, but like its predecessors,
its intent was to require states to ensure the quality of security services and the compe-
tence of private security officers. Compliance with the bill was to be a requirement for
eligibility to receive certain federal funds.
● Private Security Officer Quality Assurance Act of 1995, HR 2092. Introduced by Represen-
tatives Bob Barr of Georgia and Matthew Martinez of California, this never-passed bill
was intended to expedite state reviews of criminal records of applicants for private
security officer employment. The bill also suggested employer licensing, classroom and
in-service training, and state reciprocity. The bill was characterized as a ‘‘Sense of Con-
gress,’’ meaning it would not be binding even if passed but that Congress thinks it is a
good idea.
● Law Enforcement and Industrial Security Cooperation Act of 1996, HR 2996. This never-
passed bill was intended to create a commission to encourage cooperation between
public sector law enforcement agencies and private sector security professionals to
control crime.
and private security and recommending changes to such laws that would enhance
cooperation between public-sector law enforcement agencies and private-sector security
professionals. The commission would have a life of two years and would be required to
submit a closing report of its actions and recommendations.
● Private Security Officer Employment Authorization Act of 2004. This law, enacted as
Section 6402 of the Intelligence Reform and Terrorism Prevention Act of 2004, authorizes
a fingerprint-based check of state and national criminal history records to screen prospec-
tive and current private security officers. The bill is intended to provide security employers
with access, through the states, to the FBI national criminal history record database. It
requires written consent from employees before such searches and employee access to
any information received, and it establishes criminal penalties for the knowing and
intentional use of information obtained through criminal history record searches for
purposes other than determining an individual’s suitability for employment as a private
security officer. In practice, the states have been very slow to establish systems to facilitate
this process.
In the future, federal bills focused on developing an environment of cooperation could possibly
include regulation of the industry as a whole or of security officers specifically, but the
historical direction has been to leave legislation to the states.
Another complication is that one division of state government may regulate security officers,
while another regulates private investigators, each imposing different requirements. States
also vary in how they carry out the licensing process. In some states with a state licensing
requirement, a business must initiate its license request with the municipality in which
it operates.
When inquiring whether a state regulates the security industry, a security manager should be
specific and check closely how regulations are applied. Practitioners should check regulatory
bodies in the state where they do business for the most up-to-date information affecting
their specific type of business. Until the states adopt uniform regulatory practices, nothing
should be assumed.
One other type of legislative approach to regulation of security can be found in local crime
prevention codes. These typically prescribe elements of physical security, such as the kinds
of locks to be used; the means of securing windows; control of ingress via transoms, roofs,
and other points of entry; secure storage containers; and alarm systems. Such codes may
establish minimum requirements for residential or commercial properties or both. Enforce-
ment is indirect—by way of a business’s or homeowner’s inability to obtain casualty insurance
against crime losses unless in compliance with the local ordinance.
The future of regulation in the security field will likely involve joint efforts by ASIS, other
private-sector stakeholders, and government bodies to provide for a safe, secure, and profitable
environment.