Dory Retherford to Retire, Brad Dietz Promoted to Senior Manager of Customer Support

Per Mar Security Services announced that Dory Retherford, Per Mar’s Monitoring Center Manager, has decided to retire as of July 1, 2022. Retherford has been a dedicated Per Mar employee for more than 42 years. In February of 1980, Retherford started working at Per Mar as a third shift dispatcher to gain experience in the security industry. She has held several positions throughout her career at Per Mar, including customer care agent, data entry, and manager of the Monitoring Center. “Dory has been an incredibly dedicated employee throughout her 42 years at Per Mar,” said Brian Duffy, CEO. “She was hired by my mother and grew with the company into her current role, and Dory very well understands the critical importance of delivering on our promise of fast, continuous monitoring service around the clock. She has earned a great retirement.”

Not only does Retherford manage the Monitoring Center, but she has served on Per Mar’s Employee Charity Fund committee, and volunteered at many events over the years. Retherford said, “I like what I do. It is an important job and fulfilling. It gives a sense of security to the customers that we take care of every day. There is always something great about getting an apprehension. The dispatchers are very important to our company. I have always been proud of them. I have great supervisors, assistant supervisors and dispatchers who do a heck of a job every day.” Upon reflecting on her 42 year career at Per Mar, Retherford said, “I will miss the people. I enjoy the people that I work with. They have kind of been as much my family as my actual family. I consider myself fortunate because I have actually worked for all three generations of the Duffy family. I truly, truly, enjoy the Duffy family, so it’s been easy to stay.”

Another long-term employee of 21 years, Brad Dietz, has been promoted to Senior Manager of Customer Support. Retherford and Dietz have been working together for months in preparation for her retirement and his new role. As Senior Manager of Customer Support, Dietz’s responsibility is to oversee both Monitoring Centers as well as Customer Care in an effort to leverage their strengths and expand their responsibilities to increase customer satisfaction.

“Brad has been an incredibly valuable contributor to our customer satisfaction for a long time, with experience in both the Monitoring Center and Customer Care,” said Chris Edwards, President of Electronic Security. “He was promoted to lead the care team in the middle of the pandemic and has done an excellent job. We are very excited about him continuing to build on the good work Dory has done over the years.”

E&C Announces Subcommittee Markup of Bipartisan, Bicameral Privacy Legislation & Seven Other Bills

Energy and Commerce Committee Chairman Frank Pallone, Jr. (D-NJ), Ranking Member Cathy McMorris Rodgers (R-WA), Consumer Protection and Commerce Subcommittee Chair Jan Schakowsky (D-IL), and Subcommittee Ranking Member Gus Bilirakis (R-FL) announced today that the Consumer Protection and Commerce Subcommittee will hold a markup on Thursday, June 23, at 10:30 a.m. (EDT) in the John D. Dingell Room, 2123 of the Rayburn House Office Building.

“This week, we will take another major step in putting people back in control of their data and strengthening our nation’s privacy and data security protections by marking up the bipartisan American Data Privacy and Protection Act,” Pallone, Rodgers, Schakowsky, and Bilirakis said. “We continue to welcome and encourage input as we begin this next step in the regular order process. The Subcommittee will also consider seven other bills, including legislation to protect children from dangerous products, prevent unwanted recording by smart devices, and defend horses from inhumane practices. We look forward to working with Committee members on both sides of the aisle to advance these important bills.”   

 The Subcommittee will consider the following bills:

 H.R. 8152, the “American Data Privacy and Protection Act,” which was formally introduced in the House today by Pallone, Rodgers, Schakowsky, and Bilirakis. 

 H.R. 3355, the “Save America’s Forgotten Equines Act of 2021” or the “SAFE Act,” which was introduced by Reps. Schakowsky and Vern Buchanan (R-FL).

 H.R. 3962, the “Securing and Enabling Commerce Using Remote and Electronic Notarization Act of 2021,” which was introduced by Reps. Madeleine Dean (D-PA), Kelly Armstrong (R-ND), and 32 original bipartisan cosponsors.

 H.R. 4081, the “Informing Consumers About Smart Devices Act,” which was introduced by Reps. John Curtis (R-UT) and Seth Moulton (D-MA). 

 H.R.4551, the, “Reporting Attacks from Nations Selected for Oversight and Monitoring Web Attacks and Ransomware from Enemies Act” or the “RANSOMWARE Act,” which was introduced by Rep. Bilirakis.

 H.R. 5313, “Reese’s Law,” which was introduced by Reps. Robin Kelly (D-IL), Jodey Arrington (R-TX), and Ted Lieu (D-CA).

 H.R. 5441, the “Prevent All Soring Tactics Act of 2021” or the “PAST Act,” which was introduced by Rep. Steve Cohen (D-TN) and 212 other original bipartisan cosponsors.

 H.R. 6290, the “ Act,” which was introduced by Reps. Paul Tonko (D-NY), Cindy Axne (D-IA), and Fred Upton (R-MI).

This will be a hybrid markup that includes both in person and remote member attendance via Cisco Webex video conferencing. Members of the public may view the markup via live webcast accessible on the Energy and Commerce Committee’s website. Please note the webcast will not be available until the markup begins.


Our language is included under Sec. 101 (b) (4) as a permissible service

1              (4) To prevent, detect, protect against, or re-

2             spond to a security incident, or fulfill a product or

3             service warranty. For purposes of this paragraph,

4             security is defined as network security as well as in-

5 t           trusion, medical alerts, fire alarms, and access con-

6             trol security.

Analysis of American Data Privacy and Protection Act (ADPPA) Discussion Draft Released June 3

The following information and analysis is being shared with TMA members courtesy of The Security Industry Association (SIA).

Over the last week, SIA Government Relations has been collecting and analyzing feedback from their members on the bipartisan data privacy discussion draft under consideration in the House Energy and Commerce Committee (which was released June 3).  SIA has concerns pertaining to some specific issues addressed in the language as it appears that could have sweeping impact on the use of video surveillance systems, alarm systems and biometric technologies (see below).

SIA Government Relations will be working quickly to raise concerns about these issues with the key Congressional offices to ensure they are addressed, as it is likely this measure would clear committee before the July 4 recess and possibly the House by August on its current trajectory.  Subcommittee markup could occur as early as next week.

Below is described SIA’s analysis and member input received as of June 14th. Additional analysis of the House bill (and a competing Senate bill released by Sen. Cantwell that may also receive consideration this month) is also provided.

Framework: The overall framework ADPPA does not align with the GDPR and existing state data privacy laws in important respects, fails to preempt laws harmful to businesses and consumers, e.g., the Illinois Biometric Information Protection Act (BIPA), and includes a private right of action sure to encourage abusive class action lawsuits. Specific to our industry, significant and interrelated flaws in the definition of key terms and provisions make it incompatible with the effective use of many security systems, among other negative impacts. Without substantial revisions the measure would have serious – and likely unintended – negative impact on public safety.

Security Systems: The draft’s broad definition of “biometric information” combined with the prohibitions on its collection, processing, and transfer in Sec. 102(a)(3) would essentially prohibit the commercial use of security cameras of any kind without obtaining the “affirmative express consent” of all individuals who are recorded – consent a malicious actor is unlikely to provide. Apart from this concerning outcome, this would create an insurmountable burden in the security setting, when such cameras are ubiquitous components of security systems widely used and accepted for protecting most businesses, commercial facilities, schools, transit systems, and connected public spaces in the country – and virtually every business and non-profit organization is considered a “covered entity” subject to requirements under the bill.

By including “facial imagery” (versus biometric measurements) in the definition of “biometrics”, any photo or video recording of a face becomes “biometric information” under the draft, regardless of how it’s used. Significantly, data privacy laws in five states already specifically exclude photographs, video recordings and derived information from their definition of biometric information. Additionally, all current state data privacy laws include some form of an exception for security and anti-fraud purposes and/or cooperation with law enforcement. Likewise, the general exceptions in Title II Sec. 209 of the discussion draft include (albeit narrowly) “to detect or respond to a security incident” and “to protect against fraudulent or illegal activity.” However, the Title I’s Section 102(a)(3) prohibition with respect to biometric information appears to supersede the exceptions in Title II, rendering these limited security and anti-fraud exceptions inapplicable to photo and video data.

Similarly, due to the overly broad definition of “precise geolocation information” in the bill, the transfer prohibition in Section 102 (a)(2) likely encompasses the date, time and location information typically associated with photo and video data when it is created and included when it is transmitted, impeding operation of security and life safety systems. For example, remote video verification for intrusion detection systems is increasingly utilized to reduce false alarms. Use of this technology may include the transmission of facial imagery along with this associated information. It is objectively impossible to obtain consent from all individuals that may trigger such alarms. Additionally, while the exceptions in Section 209 apply to “covered data” in the draft text, this does not also explicitly include “sensitive covered data” (like biometric information and precise geolocation information).

For the reasons outlined above, it is imperative to, among other things, 1) provide a more robust and workable security exception in Section 209, 2) clarify that Section 209 exceptions apply to practices in Title 1 and to sensitive covered data, and 3) exclude photos and video from the definition of “biometric information.”

Consent: Instead of aligning with GDPR and the latest state data privacy laws providing for a “clear affirmative act” to signify consent, the discussion draft would require a similar sounding – but different – “affirmative express consent” which could be inferred to negate the ability to use notice and consent mechanisms like signage, etc. Affirmative express consent” as defined in the draft should be replaced with the common definition of consent used in existing state data privacy laws in Colorado, Virginia, Utah and Connecticut.

Law Enforcement: All current state data privacy laws include an exception to requirements when it comes to cooperating with or assisting law enforcement investigations, including Connecticut’s data privacy law enacted last month. Subsection (a)(9) on law enforcement cooperation in Section 209 of the draft (which is currently bracketed for review) should be retained and expanded to include facilitation with a law enforcement investigation.

Government Contractors: Related to law enforcement and other functions, there are many private entities that collect, process and/or transfer information to federal, state or local governments as a contractor, including acting upon their behalf in some cases. It appears under the bill’s framework that government entities, while not covered entities, could be considered third parties in this arrangement. Therefore, it should be clarified that contractors acting in this capacity are considered service providers and not covered entities.

First Responders and Alarm Systems: Additionally, to address the third-party issue above, the exceptions should be clarified in Section 209 to include covered data that may be transmitted to first responders (as third parties) for responding life safety emergencies, such as fire, etc. in addition to security incidents.

Publicly Available Information: Information about individuals that is available to the public is not private and thus is excluded from the definition of covered data. However, the draft substantially narrows the commonly accepted definition of “publicly available information” used across existing state data privacy laws with additional caveats. This definition should be adjusted to align with definitions in existing state laws to ensure publicly available information continues to generally mean information lawfully available to the general public through government records, widely distributed media or required to be displayed in public by local, state or Federal law.

Biometrics Definition/Provisions: As currently drafted, data could be included as “biometric information” that is not actually biometric or does not present a privacy risk, because there is no requirement that such data is used to identify a specific individual. The definition should be aligned with all existing state data privacy laws in the U.S. that address biometrics, by requiring an identification capability or purpose for data to be considered biometric information. Also, unless the Section 102 prohibition with respect to biometric information is altered or removed, it will effectively prevent beneficial applications of biometric technologies for access control and security, where the collection of biometric data and use of analytics is necessary to distinguish between enrolled/non-enrolled individuals.

Facial Recognition: Under Section 404(k) any state law solely addressing facial recognition is not preempted. This section should be removed. Facial recognition data is not fundamentally different than all other biometric data. Software-specific templates are created based on biometric measurements that are compared with enrolled data for similarity to make probabilistic match determinations. While some states have specifically restricted or regulated use of facial recognition by law enforcement and/or other government entities, no state has enacted a law specifically regulating or restricting use of this technology by the private sector entities covered by the ADPPA. At the same time, commercial use of facial biometrics around the world for applications like identity protection and authenticated access to accounts and services is rapidly growing. For these reasons it makes little sense encourage future state laws that might be at odds with the principles and structure of national data privacy rules, and no reason why the rules specific to biometric information contemplated in ADPPA would be insufficient to protect such data.

Latest Update on Pending Privacy Legislation, June 8th

Proposed Data Privacy Bill Stands a Shot at Becoming First Comprehensive Federal Privacy Law

A discussion draft of a comprehensive data privacy bill was released last Friday by a bipartisan group of legislators in the House and Senate. Consumer rights advocates say the proposed compromise legislation is the biggest step to date toward granting individuals meaningful privacy protections.

The draft bill, currently known as the American Data Privacy and Protection Act (the “Data Privacy Act”), would allow users to opt out of target advertisements and to sue Internet companies that improperly sell their data. It is sponsored by US Reps Frank Pallone, Jr (D-NJ) and Cathy McMorris Rodgers (R-WA), who are Chairman and Ranking Member of the House Committee on Energy and Commerce, and US Senator Roger Wicker (R-MS), Ranking Member of the Senate Committee on Commerce, Science and Transportation. However, insiders say the legislation faces an uphill battle without the support of Sen. Maria Cantwell (D-WA), who is chair of the Senate Commerce Committee. Cantwell is believed to support more liberal priorities for online user rights.


“This bipartisan and bicameral effort to produce a comprehensive data privacy framework has been years in the making, and the release of this discussion draft represents a critical milestone,” Pallone, Rodgers, and Wicker said. “In the coming weeks, we will be working with our colleagues on both sides of the aisle to build support and finalize this standard to give Americans more control over their personal data. We welcome and encourage all of our colleagues to join us in this effort to enable meaningful privacy protections for Americans and provide businesses with operational certainty. This landmark agreement represents the sum of years of good faith efforts by us, other Members, and numerous stakeholders as we work together to provide American consumers with comprehensive data privacy protections.”

As summarized by a House Energy and Commerce Committee press release, the Data Privacy Act would:

  • Establish a strong national framework to protect consumer data privacy and security;
  • Grant broad protections for Americans against the discriminatory use of their data;
  • Require covered entities to minimize on the front end, individuals’ data they need to collect, process, and transfer so that the use of consumer data is limited to what is reasonably necessary, proportionate, and limited for specific products and services;
  • Require covered entities to comply with loyalty duties with respect to specific practices while ensuring consumers don’t have to pay for privacy;
  • Require covered entities to allow consumers to turn off targeted advertisements;
  • Provide enhanced data protections for children and minors, including what they might agree to with or without parental approval;
  • Establish regulatory parity across the internet ecosystem; and
  • Promote innovation and preserve the opportunity for start-ups and small businesses to grow and compete.

The legislation would give individual users new rights to access, correct and delete their digital data, and companies would be responsible for informing third parties to make changes to the data of users that have submitted a verified request. The Federal Trade Commission (FTC) would be required to maintain a public registry of data brokers and create a mechanism of users to opt out of targeted advertisements and other data sharing practices. Individuals would be permitted to sue companies, but only after a four-year waiting period after the legislation is enacted. They would also need to notify state and federal officials before proceeding, and they could not pursue their legal action of a government prosecutor takes up their case.

Proposed exceptions in the current draft (at Section 209) would generally allow collection, processing or transfer of covered data for narrowly-tailored purposes such as completing transactions, when data is collected to perform system maintenance, diagnostics or when addressing security incidents, among other things. The draft bill also provides exemptions for small entities that earned gross annual revenues of $41 million or less for the prior three years, that did not collect or process the covered data of 100,000 individuals in a year (except for processing payments and promptly deleting covered data for requested products/services) and that did not derive more than half their revenue from transferring covered data. These smaller entities may choose to delete, rather than correct, and individual’s covered data.

The Center for Democracy & Technology (CDT), a nonprofit research group that receives funding from tech companies such as Apple and Google, issued the following statement upon the release of the proposal:

“This draft shows that there is a bipartisan path forward on long-overdue legislation to protect consumers’ privacy. Americans want and desperately need legislation to protect their personal data and promote trust in the online world. While it’s not perfect, the draft is a hopeful first step. We urge Congress to move forward with the legislative process and pass legislation by the end of this year.”


Cisco, Juniper, Fortinet gear targets in China attacks on telecoms, US gov warns

Three U.S. government agencies urged operators to patch their systems and take several other steps to boost security, warning state-sponsored attacks from China have been targeting routers within their networks since 2020.

In a joint advisory, the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) said attackers have spent the last few years sniffing out and exploiting vulnerabilities in network devices such as small and home office routers and network attached storage devices. They listed gear from Cisco, Citrix, Fortinet and Netgear among the most commonly targeted devices.

Proposed Privacy Legislation May Impact Monitoring Companies

The United States House of Representatives has just introduced a privacy bill that has been endorsed by the Chairman and Ranking Republican of the Energy and Commerce Committee and the Ranking Republican of the Senate Commerce Committee.

The bill establishes rules for when and how data can be shared. We would also point out that the bill does require explicit consent from your customers to share information and must report to them when you do. On P. 17 there is a discussion of Geolocation services which might impact TMA members.

We think the alarm monitoring industry would be exempt based upon the exemptions on P. 39 items (1), (3), & (6), but we are providing a definition of alarm monitoring and writing clarifying language specific to alarm monitoring in item (3).


House leaders swipe at Chamber over privacy bill letter

With a key House panel set to hold a hearing on a bipartisan, bicameral consumer data privacy proposal next week, Republicans were upset to see the U.S. Chamber of Commerce already bashing the bill.

The group was circulating a draft letter saying the American Data Privacy and Protection Act “is unworkable and should be rejected,” CNBC reported on Thursday.

The influential business group complains the proposal doesn’t go far enough in preempting state laws while also creating a “private right of action” that would allow individuals to sue companies if they believe their data is being misused.

“A national privacy law should be a true national standard but the bill’s preemption language carves out fifteen different state laws including those in California and Illinois,” the group wrote. “This legislation would create a new national patchwork of privacy laws.”

The draft proposal would give consumers more control over their personal data, including limiting information that can be collected on the front end, supporters say.

Rep. Cathy McMorris Rodgers (Wash.), top Republican on the Energy and Commerce Committee, was especially unhappy over the Chamber letter.

“It is disappointing to see the Chamber – who has urgently called for a national privacy framework for years – suddenly change their tune like this,” Sean Kelly,CMR’s spokesperson, said in a statement.

“They are not being constructive by asking Congress to abandon ongoing bipartisan, bicameral efforts on a federal privacy standard,” said This draft bill is going through the regular order process, and includes policies that have been public and received comment in one form or another for several years. We are continuing to welcome and encourage stakeholder feedback, especially from those who still believe a federal data privacy standard is urgently needed.”

This is just the last flare-up between the Chamber and Republicans on the Hill. The big business lobby, once an ally to Republicans, has faced increased skepticism from GOP lawmakers, including House Minority Leader Kevin McCarthy.

House Energy and Commerce’s Consumer Protection and Commerce subcommittee has a hearing set for Tuesday on this issue, so we’ll definitely hear a lot more on this proposal.

TMA Standards Committee to Host Town Halls on TMA-AVS-01

TMA’s proposed ANSI standard, TMA-AVS-01 – Alarm Verification Standard Preliminary Technical Review period is now closed. The next step in the ANSI standards development process is the 60-day public comment period. We currently anticipate this will begin Mid-July.

In line with this formal comment period, TMA’s Standards Committee has scheduled five, stand-alone Virtual Town Hall question and answer forums for TMA members and other stakeholders. Security, monitoring, and public safety practitioners are encouraged to attend one or more of these sessions to share comments, ask questions, and exchange dialogue with the Standards Committee and their peers.

TMA-AVS-01 – Alarm Validation Standard

Register to attend one or more of the following TMA Virtual Town Hall Meetings (Each begins at 1:00PM/ET):

Napco Hosted Cell-Based Access Control System Wins ESX Innovation Award 2022

NAPCO Security Technologies is pleased to share the news that its  AirAccess® Access Control System, featuring automatic-networking via popular Napco StarLink® Cellular, has been chosen as the winner of the ESX Innovation Award 2022, for “Access Control/ID Systems in Access Control/ID System for Hosted / Managed Access”.  AirAccess speeds creating new hosted access accounts faster, providing RMR from managed-access &  24/7 Central Station monitoring option. With a flat monthly rate, not per door pricing, it’s easy for pros to bid and easy for small & medium-sized businesses (SMBs) to afford.  Cell-/Cloud-Based it automatically makes the network connections, without IT Dept /firewall issues and delays, and features easy  5-Step System Configuration Wizard in its simple cloud-based software. Wireless from the clouds to the doors, choose wireless panel w/Prox Readers &/or wireless PIN/Prox locks. Right-sized for SMBs, the  Airaccess’ Free App with built-in mobile credential, SMS-alerts & lockdown-security controls, checks all the boxes for today’s accounts. Free customizable consumer mailers /statement stuffers are available for multiple vertical markets too.


For more on AirAccess Access Control RMR made easy by Napco, ask for the AirAccess Starter Kit (#AA-KIT1A)  at your security distributor or  contact your local Napco Sales Rep, or phone NAPCO HQ at 1.800.645.9445.

AlarMax Distributors Acquires Cassidy Technologies and Expands to 25 Locations Across the U.S.

The acquisition of Cassidy Technologies’ branches, in St. Paul, MN and Des Moines, IA, will continue to expand the AlarMax national, U.S. footprint.

Roger Graf, President at AlarMax stated, “We are very happy to welcome Chris Johnson and the Cassidy Team into the AlarMax Family and are excited about our future together.”

Cassidy Technologies customers will now enjoy an expanded product assortment, greater branch inventory levels and AlarMax’s considerable buying power, providing better dealer pricing.

The St. Paul branch is located at 2135 Energy Park Drive, St. Paul, MN and can be reached at 612-333-0646. Chris Johnson is the Branch Manager. The Des Moines branch is located at 1335 NE 50th Ave., Des Moines, IA and can be reached at 515-280-4804.  Wade Cox serves as Branch Manager. Our sales office in New Berlin, WI, can be reached at 262-754-0100. 

Per Mar Security Services has Ranked in SDM’s Top 100 for over 30 years

Per Mar Security Services, based in Davenport, IA, is ranked 16 in SDM’s 2022 Top 100 list. This is the 32nd consecutive year that Per Mar has ranked in the SDM 100 Report.

Chris Edwards, President of Per Mar’s Electronic Security Division, said, “The team at Per Mar is excited to again be in the top 20 of SDM’s Top 100 ranking.  We achieved outstanding growth during the past year while also focusing on our customer experience, resulting in outstanding retention.  We look forward to continued success with the release of our Intelligent Video Monitoring offering, and forthcoming access control enhancements to give our customers innovative ways to protect their people, and their property.”

The SDM 100 Report measures consumer dollars gained by security companies in order to present an account of the size of the market captured by the 100 largest residential and non-residential electronic security providers in the United States.