Liability Protection: An Often Overlooked Aspect of Business Continuity

Among the numerous specialized topics and activities important to the preparedness, security, and defense of the United States from terrorist acts are: protection of the food supply; response and recovery activities; special event planning; radiological preparedness; medical emergencies; bioterrorism; power-grid modernization; and the detection of chemical warfare agents.

The various technologies and services closely related to these topics and activities – and others involving the physical and cyber protection of the nation’s critical infrastructure and key resources (CI/KR) – have one thing in common: the private-sector providers and consumers of such goods and services are eligible for a unique type of federal protection from third-party liability when an act of terrorism has been committed. From this liability protection comes a major component related to the continuity of operations planning (COOP), which is not only an operational advantage for the providers of the products and services but also for their customers who are the owners and operators of the CI/KR.

The COOP & SAFETY Act Nexus 

In 2002, Congress passed, among other legislation, the Homeland Security Act, which created the U.S. Department of Homeland Security (DHS) and contained the less well known SAFETY Act (Support Anti-terrorism by Fostering Effective Technologies). The principal purpose of the latter Act is, through the statutory limitation of potential liability, to encourage sellers of services and technologies that protect the public to develop and deploy such technologies, as opposed to avoiding the marketplace for fear of liability.

The rationale leading to passage of the SAFETY Act was that, when a private-sector business sells technological products or services that are used at a site (physical or virtual) affected by an act of terrorism, that business could face costly, even enterprise-crippling, liability claims. Now, fortunately, sellers that have received a SAFETY Act “Designation” have limited liability, thus ultimately saving the enterprise.

An ancillary but equally important benefit provided by the seller’s SAFETY Act coverage is that its customers are immune to third-party liability lawsuits related to the alleged failing of a technology or service covered by the SAFETY Act, an advantage that allows for (but does not necessarily guarantee) continued operations in the future. This “flow-down” liability protection that customers receive also serves as a significant market differentiator. Not only will customers of a SAFETY-Designated company know that the products and/or services being purchased have been vetted and approved by DHS, but also that they (the purchasers) will benefit from automatic liability protection. Seen from that perspective, the SAFETY Act serves both sellers and buyers as a critical component of the COOP equation.

Protecting Future Investments 

The process for achieving SAFETY Act coverage varies depending on the specific type of product or service involved. For certain technologies, typically devices and “widgets” that can be tested to a statistical probability of success, the process is relatively uncomplicated. However, at the other end of the spectrum – for example, services that are heavily dependent on human factors – the process can be both long and arduous. Either way, the success of the application depends largely on the seller demonstrating – via documentation based heavily on repeatable processes, procedures, and quality assurance measures – that the product or service is reliably effective.

For providers of products and/or services designed to protect their customers from acts of terrorism and/or the effects caused by such acts, the SAFETY Act can be the ultimate COOP tool. It will not only allow for the continued deployment of the counter-terrorism products and/or services involved, but also help ensure the continued operations of the purchasing organizations. That combination provides unique protection that allows those same organizations to continue operations even after a potentially devastating loss.

There is one cautionary note, though, that should be kept in mind, by users as well as providers of the products and services involved. Because of the numerous nuances and details of this very complicated piece of legislation, SAFETY Act experts should be consulted before manufacturing, deployment, or purchasing decisions are made based on the protections afforded by the SAFETY Act.