Relationship between public and private security

Good Practices

Consider carefully whether appropriate alternatives exist to the use of off-duty public security personnel as private security providers.

As part of the risk and impact assessment, consider risks and potential impacts of using public security personnel as private security providers.

• Assess the capabilities, practices and human rights track record of public security forces.
• Analyse the legal framework that regulates the private security industry and find out if it is legally allowed for public security personnel to work for a private security provider when off-duty. If legal, ensure the assessment provides a clear picture of any restrictions and conditions.
• Consider focused stakeholder engagement with affected communities to identify any additional concerns and/or risks associated with the use of public security as private providers.

Request a letter of consent from the relevant public security institution stating that the concerned individuals are allowed to work for a private security provider.

Conduct a training needs analysis during contract negotiations with the private security provider and agree on a training programme with the provider based on the results, including assigning clear responsibilities for the delivery of each part of the training.

• Ensure the training programme follows the recommendations listed within Training – Working with Private Security Providers), with a special focus on the following elements:
  • Differences in the mandate and responsibilities between public and private security roles.
  • Differences in the rules for public security and private security, especially on the use of force and firearms. Once in a private security capacity, the rules are different. It is essential that public security officers working as private security understand the different rules applicable to the provision of private security services, to law enforcement operations and to the conduct of hostilities in situations of armed conflict (i.e. when international humanitarian law applies). For instance, while the UN Code of Conduct for Law Enforcement Officials and the UN Basic Principles on the Use of Force and Firearms are crucial documents for public security, private security providers do not have the same mandate and should follow national laws and recognized good practices such as the International Code of Conduct for Private Security Service Providers.
• Provide use of force training that addresses:
  • Reasonable steps to avoid the use of force.
  • The use of force continuum, including force de-escalation techniques to resolve threats with minimum necessary force.
  • Compliance with all national and international obligations.
  • Proportionality to the threat and appropriateness to the situation.
  • The key differences between mandates, rules and responsibilities of public security forces and private security.
  • Use of force in self-defence or in defence of others, under imminent threat of serious injury, death and/or perpetration of a serious crime involving grave peril to life.
  • Weapon-specific training for all personnel who are to carry a weapon.
  • Restraining or apprehending individuals.
• Integrate practical exercises that include locally relevant scenarios and possible contingencies to put all of the above points into practice. Start by providing a background briefing to private security providers on local conditions, the operating environment, risk assessment findings and stakeholder engagement observations. Communicate all tasks and expectations to participants; discuss each step of the actions and responsibilities of participants; and run through the whole scenario with role-players. When feasible and relevant, public security should also participate in these exercises. This will help participants understand their different roles and responsibilities in the event of an incident.
• Include the details and conditions regarding the training programme in the contract.

Complement the training with additional measures.

• Ask supervisors to regularly deliver short talks focused on key principles of the Voluntary Principles on Security and Human Rights and the International Code of Conduct for Private Security Providers.
• Provide supporting materials (e.g. a pocket book with key aspects of the company’s code of conduct for private security providers and/or other relevant standards).
• Identify and engage with ‘champions’ within the public security sector that, due to rank or status, can effectively promote good practices with colleagues.

Facilitate cooperation between public and private security providers in the form of information-sharing, regular coordination and engagement, and any specific legal requirements of cooperation.

Ensure that all private security personnel working on the company’s site wear the uniform of the private security provider or company.

• The uniform should be clearly distinguishable from the public security uniform and should be easily identifiable. Having a distinct uniform for each job may help off-duty public security personnel differentiate between their two roles.

Ensure that off-duty officers do not bring their weapons, firearms or ammunition to the company premises.

Key Resources

• Guidance on the Use of Force by Private Security Providers (DCAF 2019)

Good Practices

Conduct/update risk and impact assessment

(see Adequate and appropriate private security arrangements: properly identifying risks and impacts within Private security within risk and impact assessment – Working with Private Security Providers).

• Analyse the structure, functioning and performance of public security forces.
• Identify specific challenges in the interaction between public and private security.

Meet with the chain of command of public security forces and other government stakeholders at the regional and/or local level before finalising private security arrangements.

(see Security arrangements  – Working with Public Security Forces)

• Clearly communicate private security arrangements, as well as findings from the risk assessment, with public security and other relevant government stakeholders.
• Raise the International Code of Conduct for Private Security Service Providers and other international standards on the conduct for both public and private security providers (e.g. the Voluntary Principles on Security and Human Rights).
• Seek agreement on the different roles assigned to public and private security. On this basis, agree with the chain of command of public security forces on the rules for their deployment around the company’s facilities. In particular, determine mechanisms and procedures for scaling up or down depending on the changing environment.
• Establish formal and consistent reporting and communications mechanisms between public security forces, the company and its private security providers.
• Agree on a process to investigate human rights abuses.
• Establish a written agreement or memorandum of understanding with the local management of public security reflecting all of the above, or consider substitute measures in the absence of a memorandum of understanding (see Memorandum of Understanding – Working with Public Security Forces).

Finalise negotiations with the selected private security provider and establish a contract that outlines specific requirements regarding the private security provider’s engagement with public security

(see Compliance with international standards and good practices: developing implementation guidance within Bids and contracts – Working with Private Security Providers).

• Define clearly the different roles and responsibilities of public and private security, including the company’s in-house security.
• Share information on public security arrangements around the company’s site, as well as any agreements reached with the public security forces’ chain of command.
• Require the private security provider to designate a focal point for liaising with the company’s security department and with public security points of contact.
• Establish reporting and communications mechanisms based on the agreement with public security.
• Clarify what equipment is available and who can use it.

Following prior agreement with the public security forces’ chain of command, encourage the organisation of joint drills involving public security working in the company’s area of operations, the private security provider and the company’s in-house security.

• Clarify roles, responsibilities and reporting lines. Promote information-sharing between different actors.
• Ensure joint drills address the phases of incident response, including:
  • Preparation and review of rules (including for the use of force).
  • Alert.
  • Deployment.
  • Designation of the on-site team leader.
  • Actions on contact.
  • Resolution of the incident.
  • Provision of medical attention and evacuation, if required.
  • Review of post-incident lessons learned.
  • Final reporting and follow-up.
• Consider inviting relevant local stakeholders to these exercises. This will promote understanding of the different roles and responsibilities of public and private security.

Set regular meetings (e.g. once a month) to discuss security arrangements with the appointed points of contact for both public security forces and the private security provider, as well as ad hoc meetings immediately after an incident. These meetings should address any relevant security-related updates in the area (see in-country working groups).

Coordinate with other companies operating in the area.

• Share experiences on working with both public and private security. Identify key challenges and lessons learned.
• Seek coherence in security practices in order to prevent confusion on the roles of different security actors.
• Consider developing a contingency plan in case public security previously assigned to the company’s area of operations become unavailable or do not respond to calls for action.

Conduct needs assessment for high-risk situations, including an analysis of public security forces’ ability to respond

(see Private security within risk and impact assessment and  Working with Public within Security arrangements – Working with Private Security Providers).

• Assess company needs against the capacity of public security forces. The needs assessment should focus on issues such as training, equipment, transportation and communications.
• Measure average response times for public security forces to get to the project site in an emergency.
• Identify additional training and equipment needs of private security personnel.
• Assess alternative available solutions, including community-led or third-party assistance (e.g. from an international organisation or home government).

Update the risk assessment.

• Analyse relevant past security incidents where public security response was required and identify trends, if any.
• Assess whether providing logistical, financial or in-kind support (e.g. training or communications equipment) to local public security can improve public security’s ability to respond. Consider whether other actors (e.g. home governments, human rights institutions, international organisations, multi-stakeholder initiatives) can address gaps through capacity-building, training and other assistance activities. If this is not feasible, balance benefits against possible negative consequences of providing such support (see Equipment  – Working with Public Security Forces).

Practical Tools

• Use of Security Forces: Assessing and Managing Risks and Impacts (International Finance Corporation 2017)

Engage with a wide variety of stakeholders to address plans for dealing with high-risk situations and emergency response.

• Engage with host government actors and public security forces’ chain of command at the national, regional and local levels to identify appropriate means of addressing this challenge.
• Meet with other companies operating in the area, if any, to share experiences and concerns and to pool efforts for improving the situation.
• Consult with international NGOs, civil society organisations and local communities to discuss risks and impacts associated with the current situation, as well as to jointly identify possible solutions.

Establish early warning mechanisms that allow the company to request public security support with sufficient time for them to arrive before situations become violent

(see Oversight and accountability – Working with Private Security Providers).

• Develop an information-sharing system with other companies and local stakeholders.  This can help identify local tensions before they develop into high-risk situations.
• Consider establishing a multi-stakeholder security forum to discuss security and human rights issues. The forum should include representatives from local communities, ensuring the most vulnerable groups are adequately represented. (See Stakeholder engagement and Case study: In-country working group supports mediating challenges in South Kivu, Democratic Republic of the Congo – Working with Communities)
• Identify early warning signs based on research on past security incidents, conducted as part of the risk assessment.

Consider information-sharing and close coordination to help improve the response time of public security, taking into account the findings of the needs and risk assessments.

• Seek ways to improve communication and coordination between public and private security (see Operations with both public and private security (including in-house security): addressing multiple lines of command, poor communication, inadequate coordination and difficulties in investigating human rights abuse within Relationship between Public and Private Security – Working with Private Security Providers).
• Establish formal and consistent reporting and communication mechanisms with public security forces, including the designation of points of contact at each relevant level.
• Consider the possibility of providing logistical, financial or in-kind support to improve the response time of public security forces (see Provision of logistical, financial and/or in-kind support to public security forces: managing the associated risks within Equipment – Working with Public Security Forces).

Establish a security response team that can act as first responders as necessary.

• Develop response guidelines and procedures (including rules for use of force, weapons and firearms, as well as procedures for restraining and apprehending persons) and ensure response team members are trained accordingly.
• Ensure the response team coordinates with public security and withdraws as soon as public security is deployed on site.
• Ensure the security response team has training in first aid.

Include a clause outlining the approach to apprehending persons in the company’s code of conduct for private security providers, as well as in the contract with the private security provider.

• In line with the International Code of Conduct for Private Security Service Providers (ICoC), stipulate that private security providers may not ‘take or hold any persons except when apprehending persons to defend themselves or others against an imminent threat of violence, or following an attack or crime committed by such persons against Company Personnel, or against clients or property under their protection, pending the handover of such detained persons to the Competent Authority at the earliest opportunity’.
• In accordance with the ICoC, also require that all apprehended persons should be treated ‘humanely and consistent with their status and protections under applicable human rights law or international humanitarian law, including in particular prohibitions on torture or other cruel, inhuman or degrading treatment or punishment’.
• Stipulate that there should be no firearms in the room where anyone is temporarily detained and that force shall not be used to try to prevent people from escaping.
• Require the presence of a female guard to aid in apprehending women, should this situation occur.
• Make this provision part of the information communicated to local communities and public security authorities.

Adjust the training programme for private security personnel on a regular basis to address findings from the needs and risk assessments

(see Private security personnel lacking adequate training: ensuring application of international norms and standards on human rights and IHL to day-to-day security duties within Training – Working with Private Security Providers).

• Ensure training covers all relevant aspects regarding appropriate and proportionate use of force. Use of force training shall address:
  • Proportionality to the threat and appropriateness to the situation. Basic principles should cover reasonable steps to avoid the use of force. As explained by ASIS International, security personnel should use force only ‘in self-defence, the defence of others against the imminent threat of death or serious injury, or to prevent a particularly serious crime involving grave threat to life’.
  • The use of force continuum, including force de-escalation techniques to resolve threats with minimum necessary force,
  • Compliance with all national laws, human rights law, international humanitarian law and other obligations.
  • Competence-based training, such as: human rights risk management; hostile environment; local culture; gender, age and religious considerations; de-escalation of situations; incident reporting; communications; and appropriate response to citizen complaints.
  • Weapons- and firearms-specific training for all personnel who may carry a weapon.
  • Medical and psychological health.
• Include a session on conflict management, crowd control, public order and apprehending persons, based on the company’s code of conduct for private security providers. Explain that these tasks should primarily be performed by public security forces.
• Explain the differences between the roles of public security forces and private security providers (see Off-duty public security personnel working for PSPs: addressing possible confusion and mitigating human rights risks within Relationship between Public and Private Security – Working with Private Security Providers). In particular, emphasise that private security providers have narrower discretion to use force (only in self-defence or defence of others against the imminent threat of death or serious injury, or to prevent the perpetration of a particularly serious crime involving grave threat to life), and generally cannot apprehend or detain persons.

• Conduct practical exercises using real-life scenarios so that private security personnel learn good practices for responding to high risk-situations in an effective way. Ensure these are in compliance with the International Code of Conduct for Private Security Service Providers and/or other standards like the Voluntary Principles on Security and Human Rights. The Geneva Centre for Security Sector Governance (DCAF) has developed a Use of Force Guidance Tool that specifically applies to private security providers, drawing on the United Nations Basic Principles on the Use of Force and Firearms by Law Enforcement Officials. The UN Basic Principles can also be read for inspiration; however, they are written only for public security forces. The differences in mandate and rules should be made clear.

If the above recommendations are not sufficient to properly manage security risks, consider requesting the permanent deployment of public security forces closer to the project site.

• Engage with all relevant stakeholders (e.g. host government authorities, public security representatives, other companies, local communities) to ensure their different needs and concerns are taken into account in the deployment of public security forces.
• If the host government lacks the necessary resources, consider providing financial or in-kind support for the permanent deployment of public security forces. If the company takes this course of action, address potential risks through the risk assessment and communicate to local stakeholders.