Ambient backscatter is a new communication technology that utilizes ambient radio frequency signals of other systems to enable battery-free devices, such as tags and sensors, to communicate with each other. This paper investigates the physical layer security problem for ambient backscatter communication systems with multiple tags/sensors. Specifically, a new protocol is suggested to facilitate communication process and enhance the security of data transmission between the multiple tags and the reader. This protocol can lead to much lower bit error rate (BER) for the uplink from the tags to the reader, and meanwhile maintain almost the same BER for the wiretap link from the tags to the eavesdropper. We also propose detection approaches and derive closed-form detection thresholds for the reader and the eavesdropper. It is shown that increasing number of tags can lower BER at the reader receiver. It is also found that the number of tags and the number of training symbols can be optimized to maximize data rate gap between the reader and the the eavesdropper. Interestingly, it is found that the maximum data rate gap, a measure for secrecy capacity, is not obtained at high signal-to-noise ratio (SNR). Simulation results are then provided to corroborate our proposed studies.