Engler and Prantl system of classification in plant taxonomy
Can Trust In Security TEchnologies be Enhanced through Certification?
1. Can Trust in Security Technologies be Enhanced through Certification?:
Lessons from the CRISP project.
Thordis Sveinsdottir
Trilateral Research Ltd
7th Biennial Surveillance & Society Conference
Barcelona 20-23 April 2016
2. Security Certification – European Context
The EU security market, which is strong and fast growing:
Includes very different types of products and services
Is supplied by very varied stakeholder group
There is also a plethora of assorted standards and certification schemes for
security products, systems and services and there is a distinct lack of
harmonisation and mutual recognition of these schemes across Europe.
CRISP project objectives are to:
Aid in the harmonisation of the European security market through pan-
European certification
Increase citizen trust in security products, systems and services through
integrating social dimensions in the evaluation phase
3. The CRISP project
Evaluation and Certification Schemes for Security Products (CRISP)
36 Month project
1st April 2014-1st March 2017
Website: http://crispproject.eu/
Twitter: @CRISP_Project
4. RRI approach to security RD&I
There is a need to align security technologies, especially those
which breech citizens’ fundamental rights and privacy, with societal
needs and values to a greater extent (von Schomberg, 2011)
RRI focus allows for seeing tensions between security and fundamental
rights:
as a set of practices and issues that can be addressed with an approach where a
concern for ethical and social consequences of technologies are weaved into the
R&D process
as a process where users and other stakeholders are engaged with producers
early on, to allow for adjustments to security processes, products and systems.
5. CRISP evaluation of social dimensions
CRISP will contribute a holistic evaluation methodology for security
products, systems and services that encompasses :
A defined use scenario
Multiple stakeholder perspectives on any one security technology
At the highest level the four dimensions, Security, Trust, Efficiency and
Freedom Infringement (S-T-E-Fi) are each used for evaluation, and
consideration is also paid to their interrelations and potential conflicts.
Within each evaluation dimension, a number of evaluation criteria are
defined, which are further narrowed down to specific evaluation
questions for each product
6. The CRISP Web tool
A project manager sets up a scenario, which serves as basis for
evaluation.
Information providers answer questions for each of the STEFi dimensions
7. Stakeholder Analysis
Stakeholders included: Security industry, certification bodies, standardisation
organisations, accreditation bodies, insurers, DPAs, policy makers and end users
Questions to ascertain the opportunities, needs and challenges of current evaluation
and certification of security systems. Ascertaining the need for a scheme such as
CRISP
Stakeholder analysis consisted of case study research of three technology areas.
Video Surveillance
Alarm Systems
Remotely Piloted Aircraft Systems (drones).
The case studies included: Desk research, Interviews with stakeholders, Web
surveys
8. Stakeholder needs from certification
It provides clear added value (Security industry, certification
bodies):
Low administrative burden
Low cost
One-stop certification
Transparency at all levels (e.g., documentation, evaluation,
certification processes)
A robust scheme (minimum allowance for difference)
Flexibility of scheme (e.g., to allow for technological innovation)
9. Possible limitations of the CRISP scheme
The contextual nature of security
National security cultures/specificities
Different users/use contexts
Different use possibilities of any one product
The subjectivity of the STEFi dimensions
Too “soft” to serve as effective evaluation criteria
Concern over key dimensions and their definitions
10. Trust through certification?
Case study findings indicate that certification of a product, system or service
enhances feelings of trust, e.g.:
The notion of certification as a ‘seal of quality’ or assurance to end users’ ranked as
the most important benefit of certification by 85% of supply-side respondents and
82% of demand-side respondents*.
Certification was also seen to have the benefit of “improving service and product
standards” and was selected by 42,6% of supply and 57,1% of demand side
stakeholders
However:
Certification needs to be a transparent process – currently too opaque and
confusing
Certification seal needs to be well known to be respected/trusted
11. Contact
Full findings can be found in the Work Package Report - Sveinsdottir, T., Finn, R.,
Wadhwa K., Rodrigues, R., van Zetten, J. Wurster, S., Murphy, P., Hirschmann, N.,
Rallo, A., Garcia, R., Pauner, C., Viguri, J., Kalan, E. and Kolar, I. (2015) D3.1
Stakeholder Analysis. Available at: http://crispproject.eu/wp-
content/uploads/2015/03/CRISP-D3.1-Stakeholder-Analysis-FINAL.pdf
Thordis Sveinsdottir – thordis.sveinsdottir@trilateralresearch.com