The Support Anti-Terrorism By Fostering Effective Technology Act of 2002 (the "SAFETY Act") provides tort reform protections for sellers of products or services that can be used to detect, identify, defend against or respond to acts of terrorism. The SAFETY Act was drafted in part to respond to concerns companies had that conducting business in the homeland security market segment would expose them to nearly limitless legal liability. Such fears are quite valid given the highly active plaintiffs' bar in the U.S., as well as a number of decisions in U.S. courts holding that entities providing security in a number of terrorist events (9/11 terrorist attacks, 1993 World Trade Center bombing, 1996 Olympic Park bombing) could be or actually are liable for damages arising out of those events.
Under the SAFETY Act, the seller of an "anti-terror technology" (which is either a product or a service) may apply to the Department of Homeland Security ("DHS") for immunity from civil claims following a terrorist attack. If the protections of the SAFETY Act are awarded, sellers and customers of anti-terror products and services are protected from liability arising out of terrorist attacks. Such protections are awarded only after DHS thoroughly reviews the seller's product or service.
Even if SAFETY Act immunity is circumvented (and it can only be circumvented by showing that the seller lied or committed willful misconduct when filing its application), other protections are still available, such as a bar on punitive damages, liability is capped at the amount of the seller's insurance, and claims may only be filed in U.S. federal court. SAFETY Act protections apply regardless of whether the customer is a government or private entity . These incentives are designed to help ensure that the U.S. has as many tools in its arsenal as possible to deter and defeat terrorist activities.
Essentially any product or service that has an anti-terror application is eligible for protections under the SAFETY Act. Examples of products and services that have been awarded protections under the SAFETY Act include security guard services, advanced video surveillance systems and biological warfare agent detectors. Other examples include vulnerability assessment and "red team" security services. Indeed, Triple Canopy was the first company to receive full SAFETY Act protections for its comprehensive risk and vulnerability assessment services.
In order to be eligible for SAFETY Act protections, a company will have to demonstrate that their product or service can in some way deter, defend against, identify, respond to or mitigate an act of terrorism. The fact that a product or service can be used for purposes other than acts of terrorism will not preclude an award of SAFETY Act protections. Even if the product or service is only used in limited circumstances for anti-terror purposes, it will still be eligible for SAFETY Act protections.
A company obtains SAFETY Act protections by filing an application with the DHS Science & Technology Directorate. The application requires the submission of certain information on the product or service. The information required includes:
• Specific definition of the products and services to be covered
• How the product or service operates
• Measures taken to ensure that the product or service meets specifications set by the manufacturer
• Steps taken to ensure that the product or service performs as intended
• Evidence that the product or service is effective
• Evidence demonstrating that the product or service does not cause more harm than good
Once all the information has been successfully submitted to DHS, the Science & Technology Directorate will take up 120 days to review and issue a decision on a SAFETY Act award. If the product or service does not have all the evidence required for immunity, DHS may instead grant a limit on the amount of damages that can be awarded against the applicant. Should applicants receive a cap on damages (known as "Designation") instead of civil immunity (known as "Certification"), they are free to resubmit at any time to increase their level of protection. If the DHS denies coverage outright, the applicant is free to submit another application at any time.
Under either Designation and Certification, a successful applicant must still maintain a set amount of insurance that would provide coverage for losses involving acts of terrorism. The amount of insurance - as specified by DHS - represents the maximum amount of damages that could be awarded against a SAFETY Act-approved company as related to the product or service in question. Thus the previously mentioned cap on damages under a SAFETY Act Designation is equal to the amount of insurance that must be carried. The insurance amount would also represent the maximum amount of damages a company would be liable for in the unlikely event a Certification is nullified by a court. Potential applicants that do not presently have a terror-related insurance program would have to obtain one after SAFETY Act protections are awarded, and companies like AIG stand ready to provide applicable policies.
The insurance requirements under the SAFETY Act are:
• Obtain a specified amount and type of liability insurance that is required by the DHS
• Enter into reciprocal waivers of claims with specified parties (or show a good faith effort to do so)
• Provide annual certification of insurance coverage to the DHS
• Notify the DHS of any change in type or amount of insurance coverage
Insurance can be obtained on a Stand Alone SAFETY Act Policy that satisfies all DHS requirements with dedicated limits or through a terrorism endorsement to a Products or Errors/ Omissions (E&O) policy with shared limits. A qualified Casualty Insurance Broker can best guide a company to the appropriate policy.
Given all of the above, providers of security products and services may wish to consider filing a SAFETY Act application for a number of reasons. First and foremost, the SAFETY Act provides unusually strong liability protections which essentially cannot be replicated. Second, receipt of SAFETY Act approval is a strong marketing tool, particularly given that it is evidence of a strong and independent review of the product by DHS.
The SAFETY Act is a unique liability management tool, and should be carefully considered by any provider or user of security-related products or services. The SAFETY Act represents a rare opportunity to minimize or eliminate the potentially devastating liability associated with terrorist attacks, and so all buyers and sellers of anti-terror tools should take advantage of it.
Brian Finch is the leader of the Homeland Security Practice at the law firm Dickstein Shapiro LLP. Robert Cruz is the leader of the Homeland Security Practice at AIG. This article is a collaborative effort; please note that each sentence in this article is not necessarily representative of the views of either Messrs. Cruz or Finch individually, nor their respective companies or clients.