24 Hour Support: 888.705.0999

Media Center

Articles and Compendiums
Threatscapes Risk Intelligence

Suspicious Activity Reporting

Part 1: Are We Doing Our Part?

Doing our part to prevent terrorism begins with understanding our part. A recent study shows that in the general population, awareness and understanding of Suspicious Activity Reporting, or SARs, is hazy at best.

The Suspicious Activity Reporting program arose in the wake of the 9/11 Commission Report, which exposed the dangerous deficiencies in information sharing between federal, state and local law enforcement agencies. With efforts like the Nationwide Suspicious Activity Reporting Initiative (NSI) and the establishment of fusion centers throughout the country, great progress has been made toward establishing a standardized nationwide capacity for gathering, documenting, processing, analyzing, storing, and sharing terrorism-related suspicious activity reports in a manner that rigorously protects the privacy, civil rights, and civil liberties of all Americans.

Preventing terrorism is a responsibility of every American, and requires an alert and informed citizenry that is ready to report suspicious activity that may be indicative of a terrorist act or terrorism planning.

Federal Emergency
Management Association and
International Association of
Chiefs of Police

But, expectations of law enforcement have changed dramatically as well. As a nation, we now look to our law enforcement agencies not only to reactively police traditional crime but also to proactively prevent terrorist attacks. The paradox is that with the expansion in law enforcement responsibilities has come a reduction in budgets that ultimately means fewer boots on the ground in our communities.

Particularly in this socio-economic climate, opening up the informational channels between law enforcement agencies is only half the battle. The other half is bringing members of the community fully into the information loop. That half of the battle is a long way from won, according to a February 2012 report released by the International Association of Chiefs of Police (IACP) in cooperation with the Federal Emergency Management Agency (FEMA).

Based on findings from household surveys, focus groups and interviews, the report reveals that only a small percentage of the population even knows what constitutes suspicious activity. When asked for descriptions or examples of suspicious activity, a mere 5% of those surveyed accurately described behavior consistent with terrorist activity. More than one third of respondents associated suspicious activity with traditional crimes such as breaking and entering, robbery, etc. Approximately one fourth of respondents identified suspicious activity as any unusual or out of the ordinary behavior in their communities or workplaces.

The IACP report is a call to action for local law enforcement and community leaders to educate the public to recognize and report suspicious activity. Security departments and contractors are among those with a clear stake in building community awareness and support for Suspicious Activity Reporting (SARs). Decreasing profit margins in the contract security industry mean that security managers are facing the same challenge as law enforcement: to do more with less. In this climate, informed citizens serving as extra eyes and ears can save lives.

Security organizations are ideally positioned to encourage and promote suspicious activity reporting from the top-down as trusted advisers to executive decision makers and from the bottom-up, at the front lines of virtually every highly rated terrorist target, from national landmarks to transportation hubs to critical infrastructure sites. Through strategic outreach efforts, businesses, together with their security partners, can easily foster community awareness and support for SARs. And security personnel interact with thousands of people every day as they provide the first line of defense. What opportunities might exist there to educate and motivate members of our communities to act as force multipliers?

The IACP report found that while 3 out of 4 citizens would report suspicious activity to prevent harm or help law enforcement, 95% of those surveyed demonstrated misunderstanding as to what behaviors constitute suspicious activity, a statistic that provides a clear starting point for education efforts.

The table below is the Information Sharing Environment Suspicious Activity Reporting Functional Standard (ISE SAR FS), Version 1.5.

Category Description
DEFINED CRIMINAL ACTIVITY AND POTENTIAL TERRORISM NEXUS ACTIVITY

Breach/Attempted Intrusion

Unauthorized personnel attempting to or actually entering a restricted area or protected site. Impersonation of authorized personnel (e.g. police/security, janitor).

Misrepresentation

Presenting false or misusing insignia, documents, and/or identification, to misrepresent one's affiliation to cover possible illicit activity.

Theft/Loss/Diversion

Stealing or diverting something associated with a facility/infrastructure (e.g., badges, uniforms, identification, emergency vehicles, technology or documents {classified or unclassified}, which are proprietary to the facility).

Sabotage/Tampering/ Vandalism

Damaging, manipulating, or defacing part of a facility/infrastructure or protected site.

Cyber Attack

Compromising, or attempting to compromise or disrupt an organization's information technology infrastructure.

Expressed or Implied Threat

Communicating a spoken or written threat to damage or compromise a facility/infrastructure.

Aviation Activity

Operation of an aircraft in a manner that reasonably may be interpreted as suspicious, or posing a threat to people or property. Such operation may or may not be a violation of Federal Aviation Regulations.

POTENTIAL CRIMINAL OR NON-CRIMINAL ACTIVITY REQUIRING ADDITIONAL FACT
INFORMATION DURING INVESTIGATION1

Eliciting Information

Questioning individuals at a level beyond mere curiosity about particular facets of a facility's or building's purpose, operations, security procedures, etc., that would arouse suspicion in a reasonable person.

Testing or Probing of Security

Deliberate interactions with, or challenges to, installations, personnel, or systems that reveal physical, personnel or cyber security capabilities.

Recruiting

Building of operations teams and contacts, personnel data, banking data or travel data

Photography

Taking pictures or video of facilities, buildings, or infrastructure in a manner that would arouse suspicion in a reasonable person. Examples include taking pictures or video of infrequently used access points, personnel performing security functions (patrols, badge/vehicle checking), security-related equipment (perimeter fencing, security cameras), etc.

Observation/Surveillance

Demonstrating unusual interest in facilities, buildings, or infrastructure beyond mere casual or professional (e.g. engineers) interest such that a reasonable person would consider the activity suspicious. Examples include observation through binoculars, taking notes, attempting to measure distances, etc.

Materials Acquisition/Storage

Acquisition and/or storage of unusual quantities of materials such as cell phones, pagers, fuel, chemicals, toxic materials, and timers, such that a reasonable person would suspect possible criminal activity.

Acquisition of Expertise

Attempts to obtain or conduct training in security concepts; military weapons or tactics; or other unusual capabilities that would arouse suspicion in a reasonable person.

Weapons Discovery

Discovery of unusual amounts of weapons or explosives that would arouse suspicion in a reasonable person.

Sector-Specific Incident

Actions associated with a characteristic of unique concern to specific sectors (such as the public health sector), with regard to their personnel, facilities, systems or functions.

1 Note: These activities are generally First Amendment-protected activities and should not be reported in a SAR or ISE-SAR absent articulable facts and circumstances that support the source agency's suspicion that the behavior observed is not innocent, but rather reasonably indicative of criminal activity associated with terrorism, including evidence of pre-operational planning related to terrorism. Race, ethnicity, national origin, or religious affiliation should not be considered as factors that create suspicion (although these factors may be used as specific suspect descriptions).

Behaviors fitting these categories and descriptions are not necessarily precursors to terrorism, but they are suspicious activities and should be reported as such. They might be the dots that trained law enforcement officers can connect to stop an attack and save lives.

If observers don't know these are suspicious activities, or don't know how to report them, or don't know if they should – then what they don't know has tremendous potential to hurt us all.

Part 2 of this series provides a compendium of tools and resources for improving public support for SARs. 

Sources:
Improving the Public's Awareness and Reporting of Suspicious Activity, IACP/FEMA
Building Communities of Trust, a Guidance for Community Leaders, IACP/FEMA
Security Management, September 2012
Security Management, September 2011

About U.S. Security Associates

U.S. Security Associates (USA) is the market-leading, wholly-owned American, full-service safety and security solutions provider. With over 160 locally-responsive offices, international locations and over 50,000 dedicated professionals, they offer the most complete array of physical security, remote surveillance, and global consulting and investigations to ensure better outcomes for thousands of clients and a range of industries. Innovative applications of leading-edge, proprietary technology enable USA to rank annually among the world's best training companies, sustain the highest standards of quality, and underscore world-class customer service with unparalleled accountability. USA's rise as one of the largest innovative security solutions leaders is a natural byproduct of these differentiators and enables the company to provide the most Safe. Secure. Friendly.® environments for people, assets, and brands. For more information, visit www.ussecurityassociates.com.

For more information please contact:

Natalie Fischer, Marketing Manager
Phone: 770.643.7782
Email: nfischer@ussecurityassociates.com





©2017 U.S. Security Associates