When an organization invites patrons into their building, they are entrusted with ensuring the safety of those patrons during their stay. The most commonly considered amenities include proper restroom facilities, ADA compliant structures, and protection against physical harm whilst in the space. An equally important element for arts organizations of the modern day is the safety of patrons in the digital space.

Most commonly, an organization may offer free public wifi to encourage interaction with digital experiences you are presenting. A second popular option is for facilities to utilize Bluetooth beacons or similar services to facilitate audio tours or aid patrons in navigating through a space or through certain content. What are the necessary precautions for maintaining patron safety in this space? What are the legal and ethical concerns that arise when handling patron data as they connect to your network? The insights provided in this article aim to answer the numerous questions that arise in the age of information organizations operate in today.

WiFi Networks

Public wifi networks are a common commodity that many of us engage with daily. While at the coffee shop or in the lobby of a museum, an open and discoverable network is almost always present and awaiting your connection. The notion surrounding public wifi utilities is that they are unsafe spaces in which to work. While this sentiment is true, it does not have to be the case.

An open and unsecure network that requires no password for access is a space that leaves patrons vulnerable. With very little technological expertise, a criminal may can easily hijack information broadcast over this network. Shockingly, browser add-ons exist that make this task relatively easy for someone who is a total novice at networking. While these add-ons exist to demonstrate the serious nature of the problem, they can be wielded for illegal purposes. Luckily, a quick fix exists for securing an organization’s public network. Changing the network from public and open to a WiFi Protected Access (WPA) network is an effective means of combatting would be cyber-criminals. WPA networks require a password for access. These can be implemented in a number of ways, such as a public posting within the space or printing the password at the bottom of a patron receipt.

Many will now be thinking that this sounds rather counter-intuitive; giving everyone an identical password is the same as having no password. This is not the case. While users all log in with the same password, the WPA network then assigns each patron’s device a unique password. These individualized browsing “channels” prevent the most common level snooping and theft of information over a wireless network. This method is not bullet-proof, but it is a quick and easy implementation that protects the hundreds or thousands of patrons who will benefit from public networks on an annual basis. It is a good practice to couple this security measure with some form of consent agreement that user will opt into when the connect to the network. These agreements can outline secure online procedures for patrons while they use an organization's network, furthering their risk management.

Bluetooth Devices

An ever-increasing number of arts organizations implement Bluetooth technologies as a means of enhancing visitor experience. Bluetooth Beacons can be utilized to guide patrons through an audio tour, or allow seamless interaction between a user cell phone and an exhibit. The utilization of Bluetooth in the arts space is in its early stages, therefore security considerations for the technology are as well.

Among the current security risks related to Bluetooth devices are the ability to eavesdrop on devices, crash operating systems, or drain batteries rapidly.  A number of these risks were initially circumvented through the creation of special, lower frequencies that were harder to compromise. In the past few years, new technologies have been developed that circumvent standard radio communication, but those products are only in their infancy.  In summary, Bluetooth is a great means of creating new types of experiences for patrons, but lacks some of the finer security measures found within other wireless technologies. If your organization is going to encourage visitors to power on their Bluetooth devices, be sure to encourage them to power them off as well, once they leave the venue.

Legal & Ethical Concerns

The legal constructs surrounding the collection, protection, and use of patron data vary greatly depending upon which region of the world your organization operates.  At the time of publication the United States has almost no specific legislation regarding how business entities utilize the data they collect, or what responsibilities they owe to their customers in terms of how it is protected. On the opposite end of the spectrum, the European Union has set regulations regarding what data can and cannot be collected, how long it must be stored when collected, and how it may be used and/or traded. Dependent upon where an organization operates, it is imperative that the staff understands the laws of their municipality when it comes to data governance. A more complete picture of this legal landscape will be examined by our staff soon.

The goals and missions of many arts organizations are centered on the patron and their experience. This level of attention should also be paid to their safety and security while they are a patron of your business. Building a system that promotes security within the confines of your building, and communicating it effectively, will allow an organization to garner trust amongst its patrons. When a patron feels that their experience is the top priority they are more likely to return, donate, or become a member. The notion of security is transforming from keeping patrons physically safe to safeguarding their personal and private digital assets. As exhibits, shows, and experiences move into the age of technology, so to must our concerns for patron safety.