The NCS4 (National Center for Sports Safety and Security) is a government organization based on the campus of the University of Southern Mississippi. It primarily serves in an advisory role to the NCAA. In mid-July 2015, the NCS4 released its latest edition of “best practices.”
This manual attempts to cover virtually every topic about venue safety and security… with one glaring exception. It omits the overwhelming presence of personal cell phones and the ability to wirelessly transmit and receive false information while an event is in progress.
The looming prospect of a decentralized, real-time saturation of information leading to an unexpected evacuation, likely resulting in a panic and inevitably, an artificially generated stampede is far more than the 500 lb. elephant in the room. It’s also a black swan scenario. If executed with malicious intent, there’s the potential for a 9/11-like tragedy. Yes, I’m referring to a “dominipede” or domino stampede (multiple, simultaneous human stampedes likely impacting the NFL 1 o’clock slate).
I’ve offered the NCS4 input in the past — repeatedly encouraging them to explicitly warn fans that LEGITIMATE emergency venue evacuation orders would NEVER be delivered via their personal cell phones. Not only did they demonstrate an unwillingness to embrace this common sense, public safety position, they also banned me from their facebook page. Most of them surely understand the fundamental security disconnect, but just like other government organizations, nobody wants to step up and directly confront the issue at hand. Why? Because it would be a blatant admission that the problem itself exists. If you acknowledge a problem, you own it. This catch-22 is a familiar refrain.
There’s an obvious reason that you would NEVER initiate a real-world evacuation through cellular means (social media alerts, bulk text messages, mass notifications, etc.). Why? Because that’s just not how it’s done. Regardless of the reason for an evacuation, the paramount concern is to present a unified, cohesive, all-encompassing directive. This is not responsibly achieved by trying to contact everyone on a subliminal, individual basis via their personal mobile devices. Emergency evacuations are serious business. That’s why it’s imperative to use the public address system and the video monitors… so there’s absolutely no room for confusion whatsoever.
Doesn’t it strike you as a little peculiar that nobody ever raises the possibility of a potential downside to 50,000 – 100,000 active cell phones in any NCAA or NFL stadium? This same generic safety concern applies to other sports organizations as well — MLB, NHL, NBA, MLS, NASCAR and INDY Racing.
Isn’t it odd that cyber-security is continually referenced as one of the most imminent threats to U.S. national security yet everything is presented in terms of identity theft and economic consequence, not injury or loss of life?
Let’s analyze a few statements from the 2015 “Best Practices” guide.
(page 22) – heading Command and Control, subheading Communications:
Ensure that you do not rely on any single method/system of communicating for operational or emergency communications. Especially cellphones as they are the first to go out in a crisis.
Wireless communication is typically very efficient, but the statement cell phones are “the first to go out in a crisis” is somewhere in the realm between misleading and incorrect. It also seems poorly worded. Information delivered via the public address system and video monitors supersedes cellular transmissions because both occur in real-time.
(page 36) – heading Cyber Security, subheading Policy and Planning:
In today’s world this has become a greater risk due to its potential for far reaching impacts based upon cyber systems controls over large segments of our environment and there extensive use.
The NCS4 encourages readers to address cyber-security issues. But it neglects to mention the presence of cell phones in large, confined crowds. In certain cases, this number can exceed 100,000. And by the way, it’s “their” not “there.”
Has it ever occurred to the NCS4 that somebody might try to evacuate a large stadium without the knowledge or consent of the incident commander? The most likely reason being a malicious attempt to induce a human stampede. There is one other possibility I suppose. The notion that someone might try to stage an evacuation solely for their own amusement. Either way, wouldn’t it be a good idea to develop a contingency plan? You know, just in case.
(page 37) – heading Cyber Security, subheading Training
DHS and FBI can assist with training programs.
The Best Practices report routinely references guidance and assistance from DHS and the FBI. However, neither federal department is willing to address the prospect of an “artificially generated stampede.” The federal government is rarely proactive with transformational matters concerning public safety. Its general preference is to “fix” a problem in the aftermath of a tragedy. Think in terms of planes crashing into buildings. Compounding the dilemma, no government department has a vested interest in tackling the issue. The risk/reward return ratio is very unfavorable. Reasons being… plausible deniability, foreseeable litigation and the voluntary admission that a scenario exists which could render a venue unsafe. The federal government is also not in the habit of diminishing or marginalizing its power or control (in this case, limiting the options of the FCC, FEMA, WEA, etc.).
p. 48 – heading Behavioral Issues, subheading Disturbances – Pre, During and Post Game
Be proactive, since at some point in time you will have to address these issues.
Formally addressing a wide range of issues is a necessary component in being proactive. The NCS4’s recent edition delves into celebratory disruptions/rioting, civil disturbances/demonstrations, drunk and disorderly conduct, field encroachments, fighting, illegal drug use/possession, throwing objects and the use of vulgar language. Considering the historical prevalence of human stampedes in stadium settings worldwide, it seems anomalous how there’s no mention of the word “stampede” in the entire 172 page document.
p. 75 – heading Crowd Dynamics/Management, subheading Evacuation/Sheltering
Anticipate that an incident could occur that causes a non-ordered impromptu/panic mass evacuation – consider how you will respond. This is clearly the most dangerous of situations due to panic. Plan your response of how to use the crowd flow, your environment and methods of communication.
Excellent! I agree. It’s imperative to anticipate negative outcomes. Unfortunately, the NCS4 won’t offer any specific examples governing the evacuation process. This is typical of government bureaucratic reports so as not to offer tangible evidence if things take a turn for the worse. Much of the overall report appears vague and specious. Considering the seriousness of the issues presented, it would be beneficial to offer some real-world, concrete examples grounded in precedent.
p. 76 – heading Evacuations/Sheltering, subheading Communication
Communication may take many forms such as signage (posted non-electronic and electronic), public address, radio, social media, and in person. You should leverage all forms.
This statement is patently false. During an evacuation, you should NOT leverage “all” forms. The number one, overriding objective in any large scale evacuation is to reach the largest captive audience possible in a clear, concise, efficient fashion. This is not achieved through cellular transmissions. Why? Because it’s not the optimum means of communication. Many fans don’t have cell phones. Many have them turned off. Many wouldn’t hear a ringtone or notice incoming information. It’s simply not a verifiable, reliable way to contact EVERYONE. That mission is vastly better served through the public address, the video monitors and to a lesser extent, stadium personnel (ushers, security, etc.).
(p. 109) heading Incident Response Plans, subheading Cyber Intrusion/Attack
Protect systems that have operations and control over various aspects of the facility. Many components of today’s facilities are operated via cyber programs that control the components (i.e. HVAC, lighting, PA, video boards, etc.).
The NCS4 maintains a purposely narrow view of cyber-security. Yet again, there’s zero admission regarding the presence of personal cell phones. Wireless carrier hacks, intentional misuse of opt-in notification systems, widespread social media hoaxes, spoofing, spamming, bulk text alerts… these represent far more realistic cyber-security threats as opposed to someone trying to “hack” the PA or manipulate a jumbotron.
(p. 110 cont.)
Pre-planning is important to preventing an incident from getting out of control and precipitating violence.
I agree. I also agree with daytime talk show host Dr. Phil who often says, “you cannot change what you won’t acknowledge.” Is any of this starting to sound like it makes sense?
(p. 112) under the same heading, subheading Evacuation/Relocation/Shelter-in-Place
Life safety under all conditions is first and foremost.
Apparently, life safety isn’t as important as they would have you believe. Virtually everyone in the crowd has an active cell phone. These mobile devices can be used to function as decentralized weapons, saturating false information (both intentionally and inadvertently) in an attempt to induce widespread panic. The myriad of cell phones in any large venue constitutes a relatively new, societal variable. And this variable cannot be ignored in perpetuity. Eventually, someone will test the cracks in the system.
(page 124) – heading Risk and Threat Assessment/Vulnerabilities and Planning, subheading Assessments
Conduct a Risk/Threat Assessment for vulnerabilities of ALL events and collect Intelligence/information. Risk and threats exist, but until identified and ranked for mitigation there is a potential for disaster.
I agree. But what happens when you won’t conduct a specific threat assessment because it’s a seemingly impossible issue to resolve? Transformative issues are often paradoxical. They are usually solved through knowledge and awareness (forest fires, impaired driving, etc.) as opposed to allocating funds (building bridges, paving roads, etc.).
Furthermore, human stampedes develop instantaneously. You do not mitigate a stampede. You prevent it. Mitigation is not an option. Because the act of mitigation requires time (the successful completion of an O.O.D.A. loop – Observe, Orient, Decide, Act). I know of no stampede in the history of mankind where an incident commander or authority figure prematurely brought it to a halt. It’s inconsistent with the definition of what constitutes a stampede.
Legit venue evac orders are not delivered via personal cell phones. You either explicitly tell people this… or you don’t.
page 158 – heading Technology Use/Implementation/Innovation/Information Management, subheading Social Media
Use Social Media to inform attendees of security, weather or other emergency issues and monitor feedback.
For the love of god, NO! You do not use social media to stage a successful evacuation of a large, confined crowd in any way, shape or form. Social media is a decentralized platform. Anyone can weigh in. Platforms like facebook and twitter are easily manipulated, challenged and marginalized. If anything, it’s an ideal means for perpetuating a hoax.
Now if you want to use social media to provide updates AFTER the initial evac is underway, I have no problem with that. If you wish to tweet about what time the game will resume or post information about where to seek shelter, those matters are best left to the discretion of incident command.
Let’s try to sum this up.
In the Appendix of the most recent Best Practices report, there are a total of 102 individuals listed as “contributors” from the 2015 National Intercollegiate Athletics Safety and Security Summit. The Steering Committee has an additional 13 prominent individuals from the worlds of law enforcement and emergency management. A wide variety of federal agencies (DOJ, FCC, FBI, DHS, FAA, OSHA, BATF, NTSB, NWS, NIMS, NFPA, CALEA, etc.) also provide input. Am I to presume that none of these experts or organizations have any concerns whatsoever about how wireless hyper-connectivity could impact venue safety?
Another hot-button issue involving outdoor sports venues is the presence of recreational drones. Once again, the word “drone” appears nowhere in this exhaustive, 2015 report. Sound familiar? Forgive me for sounding cynical, but I’m starting to sense some bureaucratic consistencies.
Every page in the entire 2015 Best Practices report has statements about being proactive. Stage drills, troubleshoot, think outside the box, establish and follow protocol, implement a strategy, if you see something say something, expect the unexpected. Stay ahead of the curve. Be alert. Take action. Anticipate, observe, analyze. Investigate, respond, coordinate, collaborate. Regarding safety, do everything you can to be safe… with one enormous exception, of course.
I realize the threats I’m addressing are considered taboo, but this is not challenging subject matter. I’m not the only person on the planet earth who has these concerns. I’m just the only person willing to make an issue of it. You either make a conscious decision to tell people the truth (legit venue evac orders are not issued via their personal cell phones) or you choose to purposely leave them in the dark… in a state of perpetual ignorance.
There’s a much simpler question at hand. At some future point in time, will the concerns I’ve raised regarding artificially generated stampedes inevitably have to be dealt with? If you believe the answer to be affirmative, the moral decision is to take definitive action — in this case, simply divulging a universal, inconvenient truth. Unless of course, you honestly believe the modern, technological equivalent of shouting “fire” in a crowded theater is not a credible concern.
Realistically, rather than focusing purely on the negative outcome (human stampedes), perhaps a better path forward is to ask yourself an obvious question. Could something like this be attempted? The answer to which… is a resounding yes. And if that’s the case, whaddya gonna do about it? I’m afraid the current answer is… nuthin’.