Recently I've been updating my chapter on employment policies for improving security in the Computer Security Handbook, 5th Edition, edited by Seymour Bosworth, myself and Eric Whyne (due out Autumn 2008), and I decided to include some information about the use of polygraphs as a tool for screening applicants and employees.

In the next few columns, I’ll be sharing some of the information I’ve collected and analyzed.

According to the frequently asked questions (FAQ) pages sponsored by the American Polygraph Association (motto: “Dedicated to Truth”), a polygraph is a device which records a number of physiological markers such as respiration, heart rate, blood pressure and galvanic skin response (sweating). Used by trained professionals, the device displays a chart of subject responses to questioning by law enforcement agents, attorneys involved in both civil and criminal legal procedures, and employers (subject to legal restrictions).

The most comprehensive report about the use and abuse of polygraph testing I found was published in 2003, when the Committee to Review the Scientific Evidence on the Polygraph, a group organized by the National Research Council of the United States National Academy of Sciences, published a scholarly report entitled The Polygraph and Lie Detection.  In addition to purchasing the 416-page hardback book for $44.96, readers can also download it as a PDF for $38.50, buy both paper and PDF for $58.50 or read the text online for free as HTML or as GIF images of the original pages. In the rest of this article, I’ll refer to the report as the “NAS Report.”

Appendix E of the NAS Report (“Historical Notes on the Modern Polygraph”) mentions the view reported by the Indiana Polygraph Institute that “John Larson invented the polygraph in 1921 while a medical student at the University of California and a police officer of the Berkeley Police Department.” 

A competing claim is that William Moulton Marston independently created a prototype of today’s polygraph during his graduate studies at Harvard University from 1915 to 1921: "He began working on his blood pressure approach to deception in 1915 as a graduate student under the direction of Hugo Munsterberg in the Harvard Psychological Laboratory. According to Marston’s son, it was his mother Elizabeth, Marston’s wife, who suggested to him that 'When she got mad or excited, her blood pressure seemed to climb.'"

M. E. Kabay, PhD, CISSP-ISSMP, specializes in security and operations management consulting services. CV online.