A civil rights organisation wants to hear examples of security measures that are so ill-advised, impotent or irritating that they should be named and shamed.
Privacy International (PI) announced on Monday that it is holding the "Stupid Security Awards" in an attempt to highlight the absurdities of the security industry.
These awards were first held by PI in 2003. They are being staged again, according to PI director Simon Davies, in response to a sharp rise in "pointless, intrusive, stupid and self-serving" security measures.
"The situation has become ridiculous," said Davies in a statement. "Security has become the smokescreen for incompetent and robotic managers the world over".
Prizes that will be awarded include, Most Egregiously Stupid Award, Most Inexplicably Stupid Award, Most Annoyingly Stupid Award, Most Flagrantly Intrusive Award and Most Stupidly Counter-productive Award.
As an example, Davies cited the North London school which had been fingerprinting pupils without their parents' consent, and Network Rail's decision, back in 2003, to ban train-spotters from its stations as they were potential terrorists.
The rise of organised cybercriminals means that many IT managers are wrestling with the challenge of tightening up security. PI argues, though, that companies who introduce new security measures unthinkingly can cause more harm than good.
The competition closes on 31 October 2006. Nominations can be emailed to stupidsecurity@privacy.org.
Talkback
I am with 99% of readers who don't know what egregious means.
In defense of security professionals
Some security measures may seem stupid to the public or to those who don't understand security.
However to someone who eats, sleeps and breathes security there are reasons that just everyone may not understand.
http://www.forestwander.com
In reply to the previous comment "In defense of security professionals", I partly agree with you. But still there are security measures which are stupid to some extent. This is probably due to the fact that security professionals are mostly over-cautious and does not want to take any risk.
Its comparitively easy to spend loads of money and build a secured environment, but the real skill is to justify the security barrier with respect to threat.
A simple analogy is, someone was murdered in a pub doesnt mean one will stop going to pub.
Anyway, I personally welcome this idea of Stupid Security prize, at least it will be a good laugh in this serious security world.