Whenever you consider adding a layer of field intelligence to your preventative security efforts, it’s important to ask what goals you’re actually looking to achieve. This might sound like it goes without saying, but from my experience, as soon as terms like surveillance, surveillance detection and counter surveillance get thrown around, simple fundamentals like goals, parameters, measurements of success and cost-benefit ratios tend to take an undeserving backseat.
Let’s start by discussing some of terms that often come up.
Now, I understand that terminology is not necessarily the sexiest thing to dabble in, and that many people consider it to be mostly a logic chopping, hairsplitting game of theoretics. But the reason why terminology is important in this case is because it defines the actual goals and parameters of the mission – and different missions carry different sets of operational needs, budgets, legal requirements and liability concerns.
The three terms that come up most often in this field are: Surveillance, Surveillance Detection (SD) and Counter Surveillance (CS). Much less commonly mentioned, yet more commonly practiced than all three combined is surveillance deterrence.
Though surveillance can be something that we decide to use in order to collect information on persons of interest (POIs), it most often comes up as a problem – something we’re concerned about being on the receiving end of. For this reason, it’s worth making the distinction between surveillance (that we may consider applying), and hostile surveillance we’re concerned about receiving.
Surveillance that is used against your client/asset/property as part of pre-attack planning. Surveillance can be defined as the collection of information by means of covert observation. We’re not talking about electronic surveillance here (though this can be incorporated), but about a hostile person covertly observing something or someone you’re trying to protect, for the purpose of planning an attack. Surveillance, therefore, must contain the two ingredients of: observation and covertness. If you only have one of these, then it’s not real surveillance. If, for example, observation is done overtly – out in the open for all to see – then it’s not surveillance, it’s overt observation. Conversely, if one is operating so covertly that they can’t even observe the target and visually collect information on it, then all they’re doing is hiding, rather than conducting surveillance. It’s only in the overlap of observation and covertness – the narrow and murky estuary where the two merge together is where surveillance lives.
Now, if you’re concerned about hostile surveillance being directed against your client/asset/property, then there are two general ways to deal with it – one overt and one covert.
The overt stance, which I like to call Surveillance Deterrence, is to make it obvious to anyone collecting information that your client/asset/property is a hard target – one which might rank less favorably when compared to other, softer potential targets.
The essence of surveillance deterrence is to actively project visual control over the area around the target, along with an attempt to detect and acknowledge any person spending any time in the area, or even just passing through it (regardless of whether or not they seem suspicious). It’s important that special attention be paid to the vantage points around the target. These vantage points can be located and plotted out by a surveillance detection professional, performing a service called Surveillance Mapping.
After Surveillance Mapping is complete, conventional security officers – not even necessarily well trained ones (as is very often the case) – can be instructed to pay close attention to these locations. These instructions should include random visits to these vantage points, performed as often as possible, along with casual acknowledgements and even polite verbal engagements of people who occupy them (regardless of whether or not they appear suspicious).
Keep in mind that a skilled surveillance operative would probably assume a vantage point only after having established a solid cover and cover story, making it unlikely that he/she will be exposed by a conventional security officer. Nevertheless, when even a skilled surveillance operative is observed, acknowledged and verbally engaged in this way, it makes it more likely that they will either abandon their plan or choose a different target where they won’t be detected, much less acknowledged and engaged by security.
As for whether or not a surveillance deterrence agent can detect hostile surveillance, this remains an open question. I think it’s relatively safe to say that lower levels of hostile surveillance do have a good chance of being detected, but when it comes to the higher levels, it’s more likely that deterrence will be achieved without the surveillance deterrence agent managing to detect who they’ve deterred.
Surveillance Detection (SD)
This is the attempt to covertly determine if hostile surveillance is being conducted, and if so, to collect general information on the hostile surveillance entity (time, location, appearance, actions, and correlation to the target).
In order to detect the subtle indicators of hostile surveillance, SD operators must first be well versed in surveillance operations. Generally speaking, these indicators consist of various types of subtle correlations to the target, and possibly some subtle mistakes that might only be apparent to a covert SD operator who knows what to look for.
SD operations must be conducted in a covert manner – every bit as covert as hostile surveillance, if not more – because the person who is being detected might be trained in covert methodology. For this reason, no connection between the SD operator and the target, or the target’s security force, should be apparent.
Counter Surveillance (CS)
Counter surveillance is a follow-up measure that is taken only after hostile surveillance has been detected. CS basically turns the tables by conducting surveillance on the surveillance in order to collect more detailed information on it. It must therefore be conducted in at least as covert a manner as SD, if not more so, since CS will probably need to observe, and possibly follow, hostile surveillance for even longer periods of time.
Counter surveillance, as a possible follow-up to SD, will usually be conducted for the purpose of discovering who the hostile surveillance entity works for, investigation leading to arrest, collection of evidence for litigation, etc.
Choosing The Right Tool
Now that we’ve covered the basic ideas behind surveillance, surveillance deterrence, SD and CS, let’s compare and contrast them, and try to figure out which solutions are best fitted to which problems under which circumstances. The simplest way to do this is to consider which concerns you’re looking to mitigate, how you want them mitigated, and how much time, budget and effort you’re willing and able to spend.
From a legal perspective, one important factor to consider is that SD and surveillance deterrence don’t require any special licensing beyond your standard security one, since visual deterrence and physical detection don’t usually infringe on someone’s right to privacy.
CS, on the other hand, essentially closes the surveillance circle by going on the offensive and conducting active surveillance on the surveillance. For this reason, legally conducting CS (or surveillance) in the private sector will require some type of private investigation (PI) license. In this respect, surveillance and CS fall more comfortably into the purview of intelligence and investigation, while surveillance deterrence falls into the field of security, and surveillance detection straddles both fields.
As for comparing surveillance deterrence to surveillance detection, one big difference is that since the former is done overtly, it’s much less likely it will detect high level hostile surveillance. This isn’t to say that it’s ineffective against it, it just means that its main focus is on preventing the attack that results from such surveillance, rather than detecting the pre-attack surveillance itself.
Keep in mind that in order to deter, one doesn’t necessarily need to detect. Surveillance deterrence is an effort to prevent hostile surveillance from manifesting itself into a physical attack – with or without detecting it. This isn’t a desire to remain willfully oblivious to the existence of hostile surveillance, it’s simply a prioritization of goals – putting prevention of attack by means of deterrence above detection of surveillance.
Keep in mind that hostile surveillance isn’t in and of itself the main problem, the attack that might result from it is what we’re most concerned about. And though most security professionals would probably want to detect surveillance, since this would necessitate an addition of a completely new covert SD contingency – drastically expanding the scope and nature of operations and training (which both carry hefty price tags), most organizations tend to choose the more direct route of surveillance deterrence.
Though it may sound less alluring than surveillance detection or counter surveillance, surveillance deterrence makes up for this fact by being operationally simpler and much less expensive, which makes it more appealing and practical to a much wider market.
Another reason why SD is less common than surveillance deterrence is because SD is not in and of itself a solution to the problem of pre-attack hostile surveillance, like surveillance deterrence can be. SD is only a determination of whether or not the problem exists. This means that some type of solution must follow if it turns out that an actual problem has been diagnosed.
A natural question to ask at this point is why bother with surveillance detection if the much simpler surveillance deterrence can prevent an attack?
There are two non-mutually exclusive answers to this question:
The first lies in the possibility that a sufficiently motivated and capable hostile surveillance entity will decide to go ahead with their pre-attack planning despite the overt presence of surveillance deterrence agents. In situations like these, the overt appearance of surveillance deterrence agents actually goes against them because their presence and location can be easily discovered by a skilled hostile surveillance operative, who can then adjust his/her location and appearance in order to remain undetected.
In this strange cat-and-mouse game, the mouse actually has the advantage, since, if it’s not deterred by the cat’s presence, it can make its own presence unknown to the cat as it plans its attack. In these rare cases where there is a higher probability that pre-attack hostile surveillance won’t be visually deterred, we might want to take a different route – one which starts with surveillance detection. And to detect covert operatives on this level, one must also operate covertly.
As an aside, it’s worth keeping in mind that a hostile entity that possesses such a high level of motivation and skill will probably not dedicate itself to overcoming conventional security, much less surveillance deterrence agents, if the target isn’t sufficiently valuable. If the hostile entity’s risk-benefit calculation doesn’t merit their dedicating high level hostile surveillance to a less valuable target, then neither should our risk-benefit calculation favor dedicating an SD operation to it. Valuable targets attract valuable enemies, necessitating valuable detection and prevention measures. Less valuable targets might want to consider less expensive measures to protect against less skilled foes.
The second answer to why we should employ SD is if the target (client/principal) doesn’t want to live in an atmosphere of security and deterrence, or is concerned about outwardly projecting such an atmosphere. In these cases, if security and deterrence aren’t given a chance to overtly prevent hostile surveillance, then it might be necessary to covertly detect it, and then apply an appropriate follow-up measure.
In conclusion, this article is my little attempt at abolishing some of the mystery that still shrouds the private sector application of surveillance, surveillance deterrence, surveillance detection and counter surveillance.
My next article will discuss some of the overlaps and differences between surveillance and covert protection.
Get my book, Surveillance Zone now!
Go behind the scenes of corporate surveillance detection & covert special operations. Get a first-person account of actual covert operations I’ve participated in. Learn the secrets of the trade and discover a hidden world that’s all around you.
9 thoughts on “Surveillance, Surveillance Detection And Counter Surveillance”
A fine, clear, concise article. Thank you.
It explains the how and why of surveillance deterrence in a convincing manner, as well as being a good overview of surveillance.
It explains the need to apply both methods of surveillance.
Thanks for sharing information. Really informative information about uses and methods of Electronic counter surveillance.
[…] get conflated with SD is counter surveillance (CS). Counter surveillance (as I’ve explained in an earlier article) is when you turn the tables on a hostile surveiller that’s been detected; it’s when you go on […]
Very useful for freshers,
Thank you for sharing such a wonderful post!! Your post is very informative with lot of useful stuff. I am eagerly waiting to read your nest post. Keep posting!!
[…] are a great thing – if you can name something, you have power over it. The excellent article by Ami Toben on the surveillance lexicon awakened long-buried memories of wrestling with definitions in this […]
[…] Differences Between Strategies to Deal With Hostile Surveillance”, but I went instead with “Surveillance, Surveillance Detection and Counter-Surveillance”. You can argue whether these catchier titles might have been a bit misleading, but what is […]