One of the complaints users receiving emergency broadcasts on their mobile I was the Alert Ready messaging experienced Monday transmitted two messages in Ontario for the same alert. One in English and the other in French. This caused the end user to experience interruption twice when only once was warranted.
This made me wonder about the service and protocol it used. In theory a well designed protocol would allow for a single alert in multiple languages. I did a little bit of investigation last night on the Alert Ready System. As it turns out, it uses a standard “Canadian Protocol” called CAP-CP (Canadian Profile of the Common Alerting Protocol), which is based on an overall international standard protocol called called the Common Alerting Protocol or CAP.
A quick glance of the protocol shows that both CAP-CP and CAP support multiple languages in a single alert. So why did we receive two alerts, one for each language? It could be that Pelmorex, the company that runs the Alert Ready system sent an individual alert for each language, one in English and a separate one in French. Of course if a single alert was sent with both English and French, the user mobile device then has to discern which one to display. Ideally, it would select the default language of the device as the selection process. If however, the specific device is not programmed to do this, it could just display all the messages to the end user in the alert, which would cause the end user to see both, or maybe it only sends the first language found, or some other behaviour. The end user device plays an important role in the delivery of the alert, and given the number of devices, different version of O/S etc. it may be beyond the alerting services control to some extent.
Here is sample pseudo-code from the official site showing how the CAP-CP protocol supports multiple languages in a single alert:
Looking at the official CAP protocol which CAP-CAP was based off, here is an XML example of a Amber alert in multiple languages:
The first Alert Ready discussion can be found here, although it is not required.
Everyone was working quietly in my office yesterday when all of a sudden mobile phones starting blaring an alarm and some playing a recorded message. This was the new Alert Ready system in Canada that has recently been deployed.
The particular message above was an standard “Amber Alert” issued by the OPP in regards to a missing child. The alert startled many (which I guess it should do), interrupted work etc. What I found interesting was the behaviour that followed. In my office, many started trying to figure out how to disable the alerts, or change it so they would vibrate, basically trying to control the conditions of when and how alerts were received. I would suggest this is not the behavioural response that an emergency broadcast system wants to train their population to have. Whoever makes the decisions on what is broadcast, when and how for this system, I would suggest they look into the vast previous experience many in emergency services, incident response and monitoring are aware of. If you over use it, people will start to not pay attention to it. I have heard it called “The Crying wolf effect” or the “Cassandra Effect” – basically false alarms (or in this case alarms that don’t apply to an individual) cause the receiver to ignore or put less urgency on the alerts.
While the news reports that you cannot disable or “opt-out” of these alerts, I would suggest that actually depends on the type of phone and version of software you have. My phone which is a phone that is under a year old had thankfully has many options:
On my phone, I have quite a bit of control. I can totally disable the alerts. If I enable them, I can choose the category of alerts I care to be notified about and those I do not. How I want to be notified vibration and or sound. If alert sound is enabled, use current volume setting or full volume. I can choose to enable or disable the speaking of the alert message. Some of my colleagues had none of these options, and others had only the option to enable or disable emergency alerts.
I struggle with the idea of not giving the user control of what they receive and do not receive and when they receive it. I know when I purchase or select mobile phones in the future, this is now one of the criteria I will look into. I want the control, independent of what any ‘authority’ feels is in my best interest.
Just shy of six years, TD holds the record for both the largest company and the longest tenure I have had with a company to date.
Moving to a financial institution this size represented a big change for me. For the previous ten years, I worked for small consulting firms and a successful start-up. I went to work at TD not because it was a financial institution or large company but because of a few individuals that were there I wanted to work with again, specifically an executive that I had worked for in the past. He brought me on board, and quickly helped me get the exposure I needed to be successful. One of the first introductions was to an executive in the risk management area of the bank (he was actually one of the individuals that interviewed me prior to being hired). He provided wonderful opportunities, visibility, and cover when required. Thanks to him, I learned much about the risk side of security from the perspective of a large enterprise. His guidance and advice was invaluable. In fact, I was lucky. All of my leaders were good in their own way and I can recall learning from all of them.
In my time at TD, I was involved with not only security and technology, but risk, audit, team leadership, and team management. I was exposed and worked with budgets and the budgeting process, strategy from a technical and business perspective, incident response and management, implementation planning, vendor management, and other disciplines. I met many executives, many I still keep in contact with. They all have different views and experiences to draw upon. All great people.
That chapter in my career has closed, and a new chapter has started. In my new role, I will still have a security “Fin-Tech” focus, but I will be expanding to help several financial services as opposed to just one as well as other verticals with security.
My time at an enterprise was invaluable for my growth. I worked with many amazing people, many who are now friends and with continued effort will continue to be friends.
On to the next chapter ……