10 Oct 2017
Safety in numbers
By Anthony Bergin and Jason Brown
Developing a public-private partnership approach to protecting crowded places from terrorism.
Following the recent Council of Australian Governments (COAG) special meeting on counter-terrorism, most discussion focused on the announcement of national facial biometric matching capability.
However, little attention was given to the fact that all states and territories welcomed the August launch of the Australia-New Zealand Counter-Terrorism Committee’s (ANZCTC) Australia’s Strategy for Protecting Crowded Places from Terrorism. The strategy aims to make places such as sports stadia, transport infrastructure, shopping centres, tourist attractions, and civic spaces more resilient to terrorist attacks.
Although some may disagree, the Strategy is a step forward in providing guidance and tools for both private enterprise and local government to reduce the likelihood and harm from a terrorist incident in areas where crowds present an attractive target for malicious actors, not just terrorists.
The section on the role of local government is especially useful: it’s the first time the third tier of government has been noted in a Commonwealth counter-terrorism strategy or plan.
The Strategy makes a positive contribution to developing Australia’s response to terrorism by highlighting the terrorism threat to owners and operators of crowded venues.
But at the same time, we shouldn’t lose sight of the fact that there’s also value in an ‘all-hazards’ approach to safety and security: many of the security and safety controls that can be implemented to deal with predictable hazards, such as natural hazards or industrial accidents, will also have a mitigating impact on the likelihood of extreme malicious acts. Barriers against an ATM ‘ram raid’, for example, will also be useful against a deliberate mass rundown. Video surveillance against theft provides reconnaissance and investigation for terrorist threats and acts.
On the basis of likelihood alone, such control measures should be considered first before those controls for the lower likelihood, yet high-impact, malicious event. An all-hazards risk assessment should be undertaken prior to conducting a venue terrorist assessment and audit. The malicious actor threat, from criminal, unstable individuals through to terrorists, should be part of this consideration.
The Strategy’s recognition that the private sector has a vital role to play in protecting crowded places is welcome. This respects the owners and operators and recognises they understand the problem and to a greater or lesser degree have security as a part of their business.
But in some places, the Strategy creates an impression that government is best placed to provide protective security advice. That’s not the case: few in government have formal security-specific qualifications, certifications, professional memberships, or have had responsible corporate security experience.
It’s revealing that there’s only one mention of an industry association in the Strategy. And there’s no recognition that such bodies are a source of information and expertise. The International Association of Venue Managers and ASIS International, for example, both have international sub-committees looking at the issue of protecting crowded places.
The Strategy fails to recognise the concept of precincts created by the location of crowded places and associated business infrastructure.
This would, for example, include areas such as the Sydney Olympic Park and the Victorian National Gallery and Arts Centre. In a precinct model, deployable physicals controls can be developed to suit the events planned and reduce vulnerability.
A precinct approach would include the key businesses that would be affected by additional controls or by a malicious event occurring. It should include others in a precinct, such as hotels, restaurants and chemist shops, which may be part of the response. We’d note that some police commands and venue owners have already adopted this approach.
Precinct operators should be members of the proposed Crowded Places Forums that are sensibly suggested in the Strategy and are being rolled out in each capital city. The Forums will be places for information sharing between police and owners and operators. The Strategy is right to observe that it’s a ‘key responsibility of government to ensure those who own and operate crowded places have access to high-quality threat information’.
The Strategy has included some useful audit and assessment tools. Large venues will often have their own Chief Security Officer. But the tools will help some operators, such as smaller shopping centres, who won’t always have the resources to employ security professionals.
In terms of methodology, there are some limitations in the assessment tools, but overall they will send owners in the right direction for engagement with police and government.
The Strategy is also positive in promoting resilience as a key characteristic of being able to respond to incidents. But the real key to resilience is the people involved. This doesn’t just mean owners and operators: we need to build a greater awareness of public safety procedures for those in crowded places.
The Strategy makes reference to the central role of security providers. But with several states dragging their feet, the failure to develop an effective national licensing regime, enhanced standards and training for security service providers is a severe hole in our protective security planning.
The Strategy doesn’t recognise what’s required from security professionals: individuals who can conduct effective all-hazards risk management, in particular, related to malicious actors.
Institutions such as the Australian Security Industry Association, Security Professionals’ Australasia and its Registry have developed a number of initiatives for recognition. But they require support and participation from government, with possibly a co-regulatory model being considered.
The other important people issue is the opportunity to leverage the trained and licenced body of men and women already deployed on private sector security duties. Modest government funding might be considered in developing their capacity to supplement other first responders.
Representation on the ANZCTC’s Crowded Places Advisory Group (CPAG) should include non-government organisations, such as Red Cross, as well as emergency services to ensure that advice on controls to reduce the terrorist threat don’t have unintended consequences for other safety and security issues.
Lastly, the Strategy has a problem in dealing with the proportionality of the controls that can be applied by the owner: it suggests liability for owner/operators if they get it wrong.
The allocation of resources to mitigate risk has to have a reasonable degree of certainty that it will achieve the objectives. The nature of terrorism – with its high uncertainty, low probability and high consequences – is absolutely dependent on good intelligence and assessment of the threat to assist in identifying the right controls.
This is a job for government and generalised assessments are of little help to a venue or other crowded place. That said, owners and operators do understand what’s required under duty of care principles as set out in state occupational health and safety legislation.
The new Strategy is useful in advancing a partnership approach with business owners and operators. Platforms like the crowded places forums and the CPAG, (with useful representation from the local government peak body, the Australian Local Government Association), should reach out to state governments.
We agree with our political leaders that it’s important for all stakeholders to implement the measures outlined in the Strategy as soon as possible. And it’s useful that the Strategy is designed to be a ‘live’ document which will be reviewed on a regular basis by the CPAG and the ANZCTC.
But the new Strategy is just one piece of the jigsaw which needs to be placed in the bigger puzzle of national security and resilience.