It is unfortunate for those tasked with protecting privacy and confidential information that the public does not understand eavesdropping as a threat. I’m referring to the actual meaning of the word eavesdropping- secretly listening to private conversations of others. Current use of the term in the media covers everything from the NSA recording phone call data to the local drug store collecting your shopping habits from your CVS card. Real eavesdropping can be a very focused as well as personal attack on private and confidential information.
Many consider eavesdropping to be a joke. In this interview with Jay Leno, he admits hiding in a closet and listening to an executive meeting, then going back to do it again on a second day:
TV shows and movies don’t help, as they often portray eavesdropping as something easy to defeat and nothing to get too worked up about.
The company director is concerned about a leak, so the sweep “team” -usually just one geek tech department guy- comes in holding a black box with an odd shaped antenna, he walks around the room and locates the bug by listening to the beep tones coming from his box. And of course, the device they find has a blinky red LED to let us know that it is active. The entire operation appears to take about fifteen minutes total, yet maybe only one minute of screen time.
And then on another show, we may see the cop/detective/geeky boyfriend who notices interference on his cell phone/ FM radio/television set/or police radio, and then by walking around the room, finds the signal coming from the lamp or perhaps a picture frame. The bug is revealed again in less than a minute.
I enjoy the humorous banter on the police/crime writer show Castle, but I cringe when every eavesdropping device they find comes with a serial number that is traceable back to the spy shop who sold it and of course the shop has records of the purchaser. This doesn’t happen in any country I’m aware of. In the US, devices for eavesdropping are illegal to be sold to the public, and when they are, they certainly have no traceable numbers on them.
Burn Notice goes a little further, adding a bit more excitement and technical prowess to the spy operations but they still do not address the illegality of their operations.
Ok, those examples are from tv shows and movies, their purpose is to entertain. The trouble is that when I speak with potential clients who have very serious concerns, many of them, unless they actually have security experience, expect a true sweep to take about the same amount of time and effort that they saw on TV. They are surprised when our team arrives with at least five cases of equipment and we need at least 4 or 5 hours for covering just a few offices.
Treating eavesdropping casually does little to help protect corporate assets. Employees as well as executives are usually clueless that they might be committing a felony when they just want to listen in to meetings they were not invited to. Perhaps a bigger concern is that the threat from those who are truly seeking to do damage or actively steal information may also be treated casually, considered insignificant, or that it does not need to be taken seriously.
Back to TV: The problem of course, is not new, Rob and Laura Petrie discovered the trouble with eavesdropping on an early episode of the Dick Van Dyke Show. The whole episode is actually pretty funny (you can find it on YouTube- search “trouble with eavesdropping”) but the revealing portion is below. Rob and Laura become sucked into the eavesdropping drama and it ruins their evening. How many employees do you know who would resist such an opportunity?
Memorable quotes revealing the addictive nature of eavesdropping…
Rob when Laura suggests turning it off: “It’s just a toy. We’re not eavesdropping, we’re playing!”
Laura when Rob suggests turning it off: “We eavesdropped this long, we can eave a few drops longer…”
It’s a good laugh, but there are lessons to be learned: eavesdropping is not a joke, employees, executives, and security management need to take the confidentiality of their work and their business seriously.
– Charles Patterson, ExecSecurity.com