Although the SAFETY Act can cap a company’s liability exposure at a predetermined amount of insurance, and even eliminate a company’s liability exposure altogether, “it remains one of the most underreported and underutilized” risk management and litigation management tools for companies in any industry that uses security products, services, software, guards, professional security certification programs, assessments and emergency response plans.
Passed in response to the massive liability encountered in lawsuits stemming from Sept. 11, 2001, as well as those lawsuits that held the Port Authority of New York and New Jersey liable for the 1993 World Trade Center attacks, the SAFETY Act provides two classifications designed to incentivize companies to develop and deploy anti-terrorism products and services by limiting or eliminating liability should an act of terrorism occur.
By submitting an application to the Department of Homeland Security, a company’s products, services, threat-assessment best-practices, threat response plans and control center operations, among others, can gain “designation.” A designation of “Qualified Anti-Terrorism Technology” provides a company the following benefits:
• No punitive damage exposure;
• Claims against the seller are capped at an amount no greater than the limits of liability insurance coverage required to be maintained by the seller through DHS;
• Exclusive federal court jurisdiction;
• Plaintiff’s recovery is reduced by amounts from collateral sources; and
• No joint and several liability for noneconomic damages.
A company may obtain additional protections by simultaneously seeking the second classification of DHS “certification.” A certified product, service, or security plan provides a company with a presumption of dismissal pursuant to the government contractor defense; placement on DHS’s approved list for Homeland Security Products; and a certificate of conformance.
What may be equally important to note is that under either designation or certification, the only proper defendant in any civil lawsuit is the seller of the SAFETY Act-approved technology. This, in effect, may legally immunize customers, suppliers, subcontractors, etc., which may provide a potential competitive marketplace advantage.
Recent DHS certifications indicate that not only products, but also security processes and best-practices designed to prevent, detect or deter acts of terrorism have been approved. For example, the NFL Best Practices for Stadium Security is a set of guidelines for stadium security management designed to deter and defend against terrorist attacks at football stadiums. It includes standards for non-game-day operations, game-day operations, threat assessments and emergency plans. This “Qualified Anti-Terrorism Technology” also includes the vetting, hiring and training of personnel used to provide the services.
Designation and certification remain in effect between five and eight years, but the protections for incidents occurring within those time frames remain without limit.
Courts are likely to evaluate whether a defendant company was “on-notice” of a foreseeable attack, which is a potentially lower standard given today’s widespread awareness of the issue. Thus, the steps a company takes to deter and reduce potential harm, such as best-practices, training programs, vetting and threat assessments, may indicate “reasonableness” when they are employed as an overall threat-reduction program.
John N. Maher is a partner in the Chicago office of law firm Duane Morris LLP. Kerry B. McTigue is a partner in the Washington, D.C. office of Duane Morris LLP. He practices in the area of intellectual property law and litigation.
