Ethics are an important – but some might argue, undervalued – aspect of the security marketplace. To kindle the industry’s interest in ethics, the Security Industry Association (SIA) in early 2019 created a working group on Ethics in Security Technology. The working group developed a list of ethical principles, which were approved by the organization’s Executive Committee and Board of Directors and became the SIA Membership Code of Ethics.
SIA member companies must adhere to the Code of Ethics, and there are consequences of noncompliance, up to and including possible expulsion from the organization. In addition to adopting the Code of Ethics, the Board of Directors have revised the organization’s bylaws to require that members read, understand and adhere to the Code of Ethics as a condition of SIA membership.
“SIA wanted to be proactive on this and give members resources to navigate day-to-day issues,” said Ron Hawkins, SIA Director of Industry Relations. He notes that the Code is intentionally written broadly to be applied to a range in cases, and to provide SIA leaders with latitude making decisions.
Current members will be required to adhere to the code when they renew their membership
Current members will be required to adhere to the code when they renew their membership, which will be sometime during 2020 or in the first half of 2021, depending on when a member joined (for a one-year term).
If there is an ethics-related complaint or an issue with a member company, the matter is considered by SIA leadership, which will review the concerns and ask the member company to respond. The resulting judgment might be a written notice/warning, a suspension of membership or expulsion. Enforcement of the Code of Ethics might be triggered by media coverage, government announcements, or written complaints submitted to the SIA Executive Committee.
Hawkins emphasises that each complaint will be handled by the Executive Committee and full Board of Directors on a case-by-case basis to address anything not specified in the principles, which focus on requirements rather than consequences.
Hawkins says it would be unlikely that any public announcement would be made about enforcement of the Code unless or until a member company were expelled.
Since the Code of Ethics took effect on July 1, 2020, SIA has not taken any action on any member company. Any issue with any current member would be addressed on their membership renewal date, Hawkins said.
The code applies to all SIA member companies, both manufacturer companies (which make up more than half of the membership) as well as to integrators, service providers, distributors and other member companies.
Act with honesty, integrity and transparency
Among the principles in the Code of Ethics are requirements to act with honesty, integrity and transparency, and to avoid fraudulent or misleading business practices. Marketing materials must be accurate. Sustainability and environmental impacts of products and services must be considered.
The Code also opposes prejudice, harassment and abuse in the workplace
The Code also opposes prejudice, harassment and abuse in the workplace. SIA companies should work with law enforcement to enhance public safety while respecting expectations of privacy.
Cybersecurity risks should be monitored and mitigated “as much as reasonably possible, according to industry best practices.” Products, services and solutions should not be designed or manufactured in a manner as to “surreptitiously transmit information to third parties.”
Finally, the principles require SIA member companies not to “knowingly” design, manufacture, sell or deploy products that have been deemed by any government authority or self-regulatory entity to “support the infliction of human rights abuses, the restrictions of civil liberties, and/or the implementation of other oppressive measures.”
Hawkins says that the interpretation of “knowingly” would be made by SIA leaders.
Why does the industry need The Code of Ethics?
He would not comment on whether the Code of Ethics applies to activities by global companies that do not involve that company’s U.S. subsidiary (which is a SIA member). Such details would be decided on a case-by-case basis by the SIA Board of Directors, he said.
The Code of Ethics is needed in part because the security industry impacts important issues for society at large, from privacy to civil liberties to national security.
The Code of Ethics is needed in part because the security industry impacts important issues for society
“Everywhere you go, you encounter security technologies, such as video cameras in public places,” says Hawkins. “Even if someone is not a purchaser or user of security technology, they will encounter it every day. So security is in a unique position because of its reach beyond the people who buy and use it, and it requires consideration of issues such as civil liberties and privacy.”
Hawkins notes that the SIA Board of Directors already has its own “Code of Ethics” which directs how board members perform their duties, such as abstaining from a decision that might involve a competitor.