SECUR.PORT Workshop: A conceptual report and summary of activities

In May 2020, the Secur.Ports workshop brought together 16 practitioners and 9 researchers with expertise in the field of port policing, port security, organised crime and border control. Funded by the British Academy, the workshop was organised by the University of Essex and Strategic Hub for Organised Crime Research (SHOC) at the Royal United Services Institute (RUSI), with the support of Ghent University and Research Foundation Flanders. The event featured contributors from seaports including Melbourne (Australia); Antwerp (Belgium); Rotterdam (The Netherlands); Genoa (Italy); Montreal (Canada); New York & New Jersey (USA); Liverpool (UK). Two EU-funded projects also contributed to the overall discussion, namely the PASSAnT project (for new port security technologies), led by the Belgian Network for Security, Iungos, the Belgian Vias Institute and the Dutch Institute of Technology and the WeCAPS project (Improving Port Security in Western and Central Africa), led by Expertise France.

Participants were grouped into two 2-hour long sessions with all practitioners asked to present on two enforcement or security issues they deemed most relevant in their port of reference. Presentations were followed by a Q&A and researchers acted as thematic discussants, contextualising and analysing some of the emerging themes from each session.

The following report is a short summary of these emerging themes:

• Information exchange and complex governance structures.

The biggest challenge shared by all ports and authorities related to the difficulty of information sharing. The main reasons for this challenge appear to be linked to:

1. Different and competing priorities for agencies and institutions active in policing and securing the waterfront, often working in siloed manners (cooperation problems);
2. Overlapping jurisdictions, mandates and duplication of effort in approaching certain investigations/security issues (coordination problems);
3. Inconsistent or incompatible confidentiality protocols, speed of technological innovation, data sharing cultures and requirements, including changes brought by new GDPR regulations in the EU (privacy concerns).

Several practitioners detailed attempts to improve coordination and communication at the port level through the creation of Information Sharing Centres or other bespoke groupings. It was suggested the port authority might be among the most appropriate facilitators (others might be the Mayor’s Office or law enforcement taskforces across different institutions) as they are able to secure the most cooperation across all parties. In one case, a third party acted as a facilitator between the public sector agencies and the private companies involved in the governance of the port. However, the biggest issue – the one of data sharing and confidentiality – mixed with occupational culture clashes, often leads to coordination remaining residual. For example, all ports suggested it is relatively easy to cooperate when intelligence-led investigations need ad-hoc support or access to port facilities and/or other institutions. While positive, this ad hoc approach is unsustainable in the long term, as intelligence-led and proactive cooperation and consistent data sharing are key to the detection of systematic abuse and improving port governance more broadly. Furthermore, it became clear that (semi-) public and private security providers in all ports involved are experimenting with different types of networks to enhance their cooperation, coordination and exchange of information.

• Inconsistent (mutual) law enforcement engagement with the private sector.

Apart from the UK port, which is completely private, most practitioners were based in landlord ports where the land is state-owned and assigned to private companies on long leases. The facilities’ owners act as tenants, and their business partners are treated as lawfully admissible ‘guests’ on the terminals’ premises. Some law enforcement agencies therefore struggle to establish consistent channels of communication with port authorities and their private security forces – which are at times in-house personnel and at times outsourced security firms. It is understood that the inconsistency of engagement between law enforcement and the private sector are felt on both sides, but in the workshop, there was no-one present from the private sector, so this point needs to be further addressed by involving those voices too.

Even when a good relationship is established – often through joint coordination teams – law enforcement authorities can struggle to execute routine or advanced investigations for a number of reasons, including: a) the difficulties of accessing port (private) premises without interrupting business; b) the trade facilitation priorities and targets of the businesses that employ private security versus the individual priorities of those security personnel, who may wish to be more personally cooperative but face explicit and implicit institutional incentives to be less cooperative.

• Knowledge and oversight of trusted insiders.

Relatedly, a lack of public-private engagement can limit law enforcement’s oversight of trusted insiders and corrupt practices. This occurs for a number of reasons, including: a) the difficulty of accessing personnel data belonging to the private sector; b) fragmented regulatory oversight of companies and businesses by port-facing law enforcement; c) limited knowledge of private sector processes and systems. Assessments of supply chain vulnerabilities are usually undertaken by border forces or by intermediaries who can bridge the public-private divide (at times, but not always, within port authorities). However, without law enforcement’s broader knowledge of organised crime, these assessments might remain superficial and focused on the breaches of border security alone. Furthermore, exchange on insights on security between port communities all over the world is scarce although there is an explicit need expressed by all participants, especially in the field of technology and innovation.

• Competing public sector priorities.

The above can be compounded by competing public sector priorities and limited resources that result in the treatment of port security as a predominantly border security – not organised crime or corruption – issue. Moreover, limited resources mean that border forces are increasingly hybrid in their roles, with a dual focus on immigration. Limited resources and a lack of intra-public sector information sharing between law enforcement can also be linked to the clear focus on inbound shipments, as opposed to outbound shipments. It is perhaps easier to justify a security interest in not allowing illicit goods into the country through the port, than it is to justify a security alert on outgoing cargo.

• The perennial battle between trade and security.

This speaks to the inherent tension between the needs of trade and those of security. From a management perspective, this is linked to the privatisation of the port economy that also calls for primacy of privacy and smooth business transactions. To view security as an added value essentially requires ‘added’ costs. From a law enforcement perspective, this hinders the streamlined performance of those hybrid duties, between policing and security, in the port space. Most port security regimes are historically and legally geared towards the protection of critical infrastructure from violence and physical threat by state and more recently non-state terrorist actors. This is ill suited to law enforcement’s focus on other non-violent security threats, including organised crime, illicit trafficking and corruption. From a different point of view, the issue of security might be addressed with respect to working conditions. In big ports low skilled and labour intensive jobs are easy to be found. These sectors tend to be exposed to informal regulation and deep conflicts between workers and employers. This is an issue we have to pay a better attention to, as it raises several questions about the degree and the form of unionisation, the degree of work deregulation, and even the possible presence of organised crime groups trying to access and corrupt workers.

Nonetheless, a negative image due to security problems can also have economic consequences for companies and the port operator. This mindswitch has increased the security mentality of at least a part of the private sector (terminals) active in the port area.

• Technological challenges and changes.

Technological advancement is considered a cornerstone of enhanced security in port terminals. All major port facilities are constantly updating the ways in which trade data is tracked and stored. Infrastructures, as well as the ways in which individuals interact, are constantly subjected to reviews of technological progress. Technological advancement, in the form of biometric equipment and scanning machinery affect patterns of enforcement and mobility in port facilities. Technology reduces – though it does not eliminate – the traditionally paper-based nature of port business.

While this may decrease the opportunity for illicit trade by distributing permissions and creating shared information repositories, it also poses new challenges and displaces certain risks. By making technologies more secure, people who have access to these technologies might become themselves targets. For example, while on the one hand it is difficult for most traffickers to access computer-based systems, this may lead to the attempted corruption of ‘back office’ staff rather than port workers on terminal grounds. This may also reduce the number of people that have to be approached by organised crime overall. Corruption is not only curbed by reducing physical opportunities; corruption is also a matter of reducing incentives.

• Cyber Security.

Beyond technology-enabled insider threats and corruption, increased reliance on technology in port governance and control also creates new systemic vulnerabilities that can be exploited by previously irrelevant organised crime networks. Hackers may seek to gain access to information about cargo or shipments, or blackmail or extort port operators. There is robust evidence of an illicit marketplace where developers sell and create bespoke malware for organised crime networks.

Businesses using port facilities may also have inadequate cyber security protections that lead to unforeseen threats. Several incidents demonstrate that hackers can successfully manipulate IT systems to release or introduce illicit cargo, for example. Cyber security therefore extends to the integrity, maintenance and confidentiality of information held by IT systems and IT-enabled assets, including private users of the port. Cyber security needs to be part of a holistic approach to port security, with law enforcement and relevant regulators trained to investigate cyber-enabled incidents.

• Corruption as a port security challenge.

Curbing both individual and institutional corruption on the waterfront remains a priority. It was suggested how almost every organised crime investigation uncovered a problem with integrity and corruption, either concerning private employees, or border and law enforcement agents.

In the past – and in some respects to this day in some ports (i.e., New York, Montreal, Melbourne) – corruption on the waterfront was mostly confined to certain types of workers, usually unionised and entrusting one another. More recently and with the growing complexities and less hierarchical and more distributed nature of the port economy, including IT enhancements, different individuals are becoming interesting for organised crime groups as criminal networks necessitate to have access to key knowledge and information about how processes work in the port. Vulnerable positions of workers and employees, including high ranking employees, can be very different from what they were before.

Vulnerable positions and practices are dynamic, changing and adapting to security protocols and so are the possible rewards that the illicit markets offers. While tackling individual instances of corruption uncovered in the course of an investigation is possible, a systemic ability to detect and deter systemic corruption and vulnerabilities requires resources that many authorities lack. Moreover, specific forms of corruption relate to working regulation matters. It has been pointed out that especially in contexts characterised by non-coordinated market economies, organised crime groups have tried to infiltrate unions within ports in order to: a) extort money from employees through intimidation; b) infiltrate some legal business by collecting bribes; and c) influence the support that unions might give to local politics.

• Why corruption? Deterring criminality in port governance.

It was therefore widely agreed that anti-corruption policies and procedures need to be strengthened. It was considered crucial to understand the how, but also crucially the why, law-abiding workers are recruited and become involved in organised crime networks. The question of why different individuals, in different ranking positions in the port management, economy, security and policing realms, become approachable or are otherwise co-opted into criminal activities remains key.

Rational choice theories of crime, together with routine activities and situational crime prevention techniques, are often embedded into security protocols, to reduce incentives, increase the risks, reduce the benefits and harden the targets. Yet while profit remains perhaps the most important incentive, the social and cultural enablers of corrupt activity cannot be tackled through hard security measures.

Therefore, the problem is not only one of reducing incentives and benefits of criminal involvement, but also one of providing different, highly-localised responses to corruption. In addition to introducing risk assessments to evaluate transparency and anti-corruption, and enforcing best practices in hiring procedures to identify any problematic relationship before joining the port, there’s the need to dig deeper. This includes understanding the underlying dynamics of discontent, the individual perceptions of fairness, and the collective approach to industry relations. These are themes that transcend the initial goals of our seminar, but where nevertheless interesting findings.

• The port-city interface and the port-sea interface.

One of the underlying issues that unites many of the themes above is the necessity to look at ports from both sea and city perspectives. The criminal shadow economy of the area surrounding port cities and regions is intimately linked to port culture and dynamics. Take, for example, the illicit drug supply chain which can involve the import or export of the commodity itself, as well as criminal payments through local legal vehicles, trade based money laundering, the local investment of criminal procedures, and the immediate consequences of drug consumption and violence surrounding the port. Organised crime through ports is naturally linked to secondary local phenomena (i.e., money laundering, violence, the social acceptability of corrupt practices or illicit goods, etc).

The port-city interface should therefore be considered more in current security regimes. Tools like the International Shipment and Port Facility Security (ISPS) Code for maritime security are much more focused on the port-sea interface and largely aimed at counter-terrorism scenarios. Criminal activities on the waterfront, instead, go far beyond these narrow boundaries. Many companies see the ISPS as something that needs to be fulfilled administratively on paper, rather than something that can actually help in the daily jobs against organised crime and illicit trafficking.

A call to adapt the ISPS Code, or introduce other tools or international codes of conduct, to the actual reality and modus operandi of organised crime was considered a future area of enquiry across the board. The tools and languages of maritime security do not always provide the leverage or right mandate to allow law enforcement to investigate and prosecute criminality at sea or in ports. Similarly, the tools and priorities of institutions countering-organised crime do not always consider the importance or challenges of policing hybrid areas or the sea. Overall, maritime security is about ports as much as port security is about the cities’ and host territory’s fight against organised crime.

Dr Anna Sergi, Alexandria Reid, Dr Luca Storti and Professor Marleen Easton

The views expressed in this article are those of the author(s) and do not necessarily reflect the views of RUSI or any other institution. With thanks to funding from the British Academy ‘Tackling the UK’s International Challenges’’fund, Grant no. IC3/100276.