Brian Sims

Protect Duty: Public protection and preparedness against terrorist attacks

THE HOME Office has recently begun a public consultation on how the Protect Duty may be used to enhance the protection of publicly accessible locations across the UK from terrorist attacks. Stephen Panton outlines the key points.

The Government’s proposals are based around the set of safety and security protocols known as ‘Martyn’s Law’, developed in the wake of the Manchester Arena terrorist attack back in 2017. If introduced, the Protect Duty would apply to a significant number of private, public and third sector organisations here in the UK.

The consultation, which is open until 2 July 2021, is targeted at: 

*Organisations employing 250 members of staff or more and which operate at publicly accessible locations where there’s significant and/or regular public footfall, irrespective of the number and size of stores and outlets they have in the UK

*Individuals and organisations who own or operate publicly accessible venues and spaces with the capacity to hold 100 people or more

*Organisations who store, sell or hire products (such as vehicles, knives and potentially harmful substances) that could be used as weapons by terrorists in an attack at a publicly accessible location, 

*Local and public authorities responsible for public accessible locations which usually have no clear boundaries or well-defined entrances/exits and Government offices

Defining ‘publicly accessible’

Publicly accessible locations are defined as “any place to which the public has access, on payment or otherwise, as of right or by virtue of express or implied permission” and include retail stores, Shopping Centres and markets, transport hubs, commercial ports, schools and universities, medical centres and hospitals, hotels, pubs, clubs and casinos, sports stadium, music venues, festivals and visitor and tourist attractions, places of worship, Government offices (including town halls and job centres) and High Streets, public squares, parks and beaches.

Private venues, such as places of employment or other locations where there’s no public access, are not intended to fall within the scope of the Protect Duty.

Duty holders would be required to assess the potential risk and impact of a terror attack at the locations they own, operate or control and take proportionate protective security and organisational preparedness measures to make it harder for a would-be terrorist to carry out a successful attack.

The proposed requirements are outlined in the ‘Best Practice Examples’ in Annex 2 of the consultation and vary depending on the size of the organisation, the scale of the event and the number of employees and predicted number of visitors at each location.

Best practice examples include the operator of a single town centre shop with ten to 15 employees and up to 100 customers at a time would be required to carry out and record a terrorist attack risk assessment, train and provide staff with information on how to spot and report suspicious activity and respond to each type of attack identified as a risk as well as, wherever possible, co-ordinate active security measures with other local businesses.

Those looking after a medium-sized business location, part of a national chain, with several hundred employees and hundreds of visitors at each location at any one time would also be required to base their risk assessment on the Counter-Terrorism Local Profile, plan how the site can support a police intervention and also how to integrate public safety personnel, visible guarding deterrents and whole-site lockdown measures into existing security arrangements.

The management team at a large venue with many employees and thousands of visitors each day would be required to carry out a risk assessment covering all risks within the current threat spectrum and introduce a layered approach towards active security including search and screening at access points, employee screening, hostile vehicle mitigation and traffic control measures. They would also be required to develop incident response, communications and police intervention support plans.

Inspection and enforcement

The Government’s consultation envisages a combination of remote compliance monitoring and inspection regimes, using evidence-based risk assessments to determine how and where resources should be deployed.

It’s proposed that enforcement would be primarily based on civil sanctions (such as fines) with offences to include persistent failure to take reasonable steps to reduce the potential impact of attacks.

Organisations operating in the rail (international, domestic heavy and light rail) and aviation sectors would be exempt on the basis that they’re already subject to legislative requirements designed to assess and mitigate against terrorist threats.

‘Chemical Oil Gas’, ‘Container Ro-Ro’ and ‘Other Bulk Cargo’ ports would also be excluded as such operations do not take place in publicly accessible locations.

The Government’s 60-page consultation document can be downloaded here.

Stephen Panton is a Partner at Womble Bond Dickinson (UK) LLP

Company Info


64 High Street, RH19 3DE
RH19 3DE

03227 14

Login / Sign up