Skip to main content
Health & Safety Event 2022

8 - 10 April 2025
NEC, Birmingham

News

Image

12 Jan 2023

Are You Ready for The Protect Duty Legislation?

Peoplesafe Stand: 3/H10

In 2023 the UK Government will introduce new Protect Duty legislation, designed to improve the protection of publicly accessible places from terrorist attacks. The legislation is intended to ensure that businesses and organisations are better prepared to deal with – and respond to – serious incidents.  

Also known as ‘Martyn’s Law’, the proposed legislation has come about following a number of terrorist attacks across the UK and the campaign by Figen Murray, the mother of one of the 22 victims of the Manchester Arena attack in 2017.

According to the latest government figures, the UK has foiled 27 terrorist plots since March 2017, which serves to highlight the necessity of this law, should the worst happen. It is expected to add another layer of protection, working alongside the day-to-day actions of the police and security services. 
 

What will the new law require & how might it be enforced? 

The legislation will introduce a legal obligation for the owners and operators of publicly accessible locations (PALs) to take suitable and proportionate measures to protect the public from terrorist attacks and increase public safety.

There is currently no legislative requirement for organisations or venues to consider or employ security measures in most public places. Yet 7 in 10 respondents in the Protect Duty consultation agreed that those responsible for publicly accessible locations should take appropriate and proportionate measures to protect the public from attacks.

It is expected that Protect Duty will require organisations to:

  1. Engage with freely available counter-terrorism advice and training provided by the Government and the police.
  2. Conduct vulnerability assessments of their operating places and spaces, considering the impact on the public.
  3. Mitigate the risks created by the vulnerabilities using ‘reasonably practical’ measures.
  4. Have a counter-terrorism plan.
  5. Plan for the threat of terrorism.

In the Queen’s speech in 2022 it was stated that “without legal compulsion, counter terrorism security efforts are often prioritised behind legally required activities.”. So although the current guidelines state the desire for measures to be “reasonable and not overly burdensome”, the duty will likely involve regularly diarised and on-the-spot inspections by a governing body, aiming to ‘educate, advise and ensure compliance with the Duty’. This is expected to be backed up by financial penalties for consistent non-compliance.

In this situation, the term ‘reasonably practical allows owners/operators to weigh a risk against the effort, time and money needed to mitigate each risk.

It is proposed that “compliance would be demonstrated by providing assurance that the threat and risk impacts have been considered, and appropriate measures have been considered and taken forward (implemented or plans in place for their progression)”.

If a security breach is considered serious enough, venues could face prosecution under legislation such as the Corporate Homicide or Corporate Manslaughter Act.
 

Who needs to be ready for Protect Duty?

The latest public consultation (which ran from 26 Feb 2021 to 2 July 2021) considered three main areas that Protect Duty should apply to: public venues for more than 100 people; large organisations that employ more than 250 people and operate in publicly accessible places; and all public spaces.

The new legislation will, therefore, affect all 333 local authorities in the UK as they are responsible for open public spaces such as parks, beaches, city and town centres, as well as indoor venues such as town halls.  

It is also estimated that around 650,000 UK businesses could be affected by the new legislation, ranging from large venues such as the O2 Arena to smaller venues such as theatres and even large restaurants.

A publicly accessible location has currently been defined by the Government as “any place to which the public has access, on payment or otherwise, as of right or by virtue of express or implied permission” and includes;

  • Retail stores, shopping centres and markets
  • Transport hubs
  • Commercial ports
  • Schools and universities
  • Medical centres and hospitals
  • Hotels, pubs, clubs, and casinos
  • Sports stadium, music venues, festivals, visitor and tourist attractions
  • Places of worship
  • Government offices, including town halls and job centres
  • High streets, public squares, parks, and beaches.
     

What are the Benefits of the Protect Duty legislation?

Protect Duty is expected to have a positive impact on public safety, as the measures put in place to comply are likely to have wider benefits than solely preventing terrorist attacks and could prevent other criminal acts by default.

For those implementing protective measures for the first time, it will mean venue owners and operators will have a new understanding of how vulnerable their organisation is and taking protective steps will be at the top of their to-do list.

The key objective of Protect Duty is to drive an improved culture of safety and security where venue owners and operators understand the potential threats and implement reasonable, proportionate, and coordinated measures in response.
 

What can organisations do to get ahead and prepare for this now?

Although final wording of the Duty is yet to be confirmed, organisations should start to consider their role in protecting the public from terror threats as soon as possible.
 

Understand the Risks

Although all locations under the Protect Duty are potential targets, it’s essential for owners and operators to understand the specific terror threats facing their organisation. This includes understanding that motivations, targets and attack methods vary and change over time, as well as understanding how your organisation might be affected – either by being targeted directly or indirectly.
 

Review risk assessments

Most venues will likely have existing risk assessments in place and Protect Duty is expected to complement these by running in parallel rather than imposing additional measures. 

It is therefore likely that existing risk assessments will be taken a step further, with the creation of a ‘Protect Plan’ developed to identify what is reasonably practicable to mitigate risks and vulnerabilities during a terrorist attack. Like standard risk assessments, the Protect Plan will need to be reviewed and updated at least annually, in line with different threat levels and changes to internal or external risk context as time goes on.

Internal risk context – for example, following an expansion of an organisation’s premises and/or staff numbers, or a change in the business model, such as a restaurant starting to serve customers outside.

External risk context – for example, a significant terrorist attack in the UK or a change in the Government’s national terrorism threat level assessment.

 

Address vulnerabilities

When conducting your risk assessment and incident response plan there are likely to be gaps identified where new measures are required to address vulnerabilities. This could include physical security measures such as;

  • Security doors
  • Blast-resistant glazing
  • Fences
  • Bollards
  • CCTV
  • Electronic access control
  • Intruder detection systems

Alternatively, less invasive technology could be implemented. For example, technology solutions that support the identification of potential threats, limit the opportunity for an attack and coordinate the response in the event of an attack.
 

Create incident response plans

In order to guarantee a coordinated and time efficient response in an emergency, clear guidelines need to be drawn up and communicated to all staff, with regular refresher training provided. When creating this plan, consider how you and your staff would respond to an incident occurring inside, outside, or near to your building or site.


Embed a security culture

A culture of safety should be created alongside considering what can be done to make it harder for a terrorist to conduct target research, such as introducing a policy for reporting suspicious behaviour. Staff are the most likely to pick up on odd or unusual behaviour, so encourage them to report anything that seems suspicious, whether this is a person themselves or bags left unattended.

To embed a culture of safety you should also be security-minded in your communications, particularly online. Include messages demonstrating your commitment to ensuring security and safety and avoid providing specific information that could aid in planning an attack, such as floorplans. 
 

Stay up to date with the latest guidelines

Each organisation’s nominated health & safety team or professional will no doubt be up to speed on the latest developments in the industry, but it is worth paying close attention to the latest guidance for mass gatherings and physical security.
 

Incorporating technology into a new Protect Plan

Technology is advancing all the time and, as we find new ways of using it to our advantage, we also create new opportunities to keep people safe. It is therefore extremely important not to forget the significant role that technology has to play should a terrorist attack happen.

View all News
Loading

The Safety & Security Event Series

The Health & Safety Event LogoFire Safety Logothe security eventThe Workplace EventNational Cyber Security ShowPSOL Logo