In the aftermath of the London 7/7 terror attacks that targeted the UK capital's public transport network, the need for increased vigilance against the threat of terrorism became a priority for the UK government. Though various measures were taken to prevent subsequent incidents, ten years later, a suicide bomb attack within the concourse of the Manchester Arena killed 22 people as they left a pop concert, and many more were injured and traumatized.
To ascertain how such an atrocity was able to happen, the UK Home Secretary established the Manchester Arena Inquiry in October 2019, with security arrangements at the venue a key focus. The ensuing report, published in July 2021, concluded that multiple opportunities to thwart the attack, or at least reduce the death toll, were missed.
Crucial lapses included:
- Substandard risk assessments and threat mitigation
- Failure of security staff to appreciate the current terror threat level
- Insufficient response to concerns raised regarding the attacker’s suspicious behavior
- A lack of perimeter security devices that would have led to the bomber being searched
The report provided a series of recommendations, including providing support for the new ‘Protect Duty’ named after Martyn Hett who was tragically killed in the Arena bombing. This as a result of Martyn’s Mum tirelessly campaigning for security to be placed higher on the agenda by event organizers and venues. This was suggested to apply to owners and operators of public venues, large organizations, and those responsible for public spaces. The Protect Duty would require these stakeholders to factor terrorist threats into their strategic planning and implement proportional protective security.
Here, we examine what the Protect Duty will likely include, the possible repercussions on legal requirements in other countries, and how U.S. security professionals can use the findings of the inquiry to fulfil their ethical responsibility of protecting human life.
Segmented Frameworks to Aid Compliance
The Protect Duty consultation emphasizes the need to distinguish between types of publicly accessible areas and to develop guidelines that limit excessive costs or burdens on staff resource and time. It is hoped that customizing requirements within a segregated framework rather using than a 'one-size-fits-all' alternative will help promote and ensure stakeholder compliance.
Preliminary recommendations within the Protect Duty consultation suggest making a distinction between three main areas:
- Public venues with a capacity of 100+ persons (e.g., tourist attractions and theatres)
- Large organizations operating at publicly accessible locations and employing 250+ staff (e.g., retail and entertainment chains)
- Public spaces (e.g., beaches, thoroughfares, bridges, and pedestrianized areas)
Whether the Protect Duty legislation contains a framework that is segmented in this way, it could, and arguably should serve as a model for other countries who often apply high terror threat levels. Especially those that have experienced attacks across a range of spaces and venues.
Promoting Stakeholder Collaboration
A key complexity when producing rigorous risk assessments for large public venues and spaces is identifying stakeholders and allocating appropriate responsibility or remit for security.
Landowners, occupiers, and tenants would be the primary subjects of a Protect Duty, however; complications arise around degrees of responsibility where venues such as shops, bars, and stalls are occupied by different leaseholders. In theory, they are complications that could be mitigated if overall responsibility for security is subcontracted to a supplier, though this would then raise questions as to whether these suppliers would be subject to the Protect Duty.
The Protect Duty consultation seeks to untangle this by apportioning equal responsibility for the safety of employees and visitors to all stakeholders operating within a venue's perimeter. By promoting deeper collaboration, backed up by enforceable legislation, stakeholders in the U.S. can move to a place where they work together by committee, ensuring all official advice and recommendation is shared and understood, and security protocols are implemented and observed.
The Importance of Security Staff Training
The Manchester Arena Inquiry pointed to security staff complacency around the national terror threat level and their failure to respond to reports of the attacker’s suspicious behavior as critical factors which enabled the attack.
It is thought that the prolonged period within which the UK threat level had remained at 'severe' contributed to the complacency among the Arena's security teams. The events of that evening revealed in the harshest possible terms why the threat level was set as such and, in future, more emphasis must be placed on higher threat levels where they are applied and operational procedures adapted appropriately.
Where security teams must ensure that heightened vigilance is maintained, training becomes imperative. In the UK, Action Counters Terrorism (ACT) - a national awareness scheme to protect buildings, business areas, and their surrounding vicinities from the threat of terrorism - provides free training which is compiled and delivered by the National Counter Terrorism Security Office (NaCTSO). The Security Industry Authority (SIA) also offers support where more targeted training is necessary.
However, e-learning courses alone are not sufficient, even when considered to be high quality. Practical 'prevent and respond' training, including first aid training, must be a regular feature within the training schedules of security personnel.
Reviewing, Inspecting, and Enforcing
When seeking to mitigate threats as grave as terrorism, it is insufficient for risk assessments to be compiled in-house without external review. They must be certified with a kitemark of approval to signify a quality benchmark, include consistent criteria, and be appropriately differentiated for the size and type of venue to which they apply.
Review processes must also be rigorous, performed regularly, and modified where there are changes to the threat landscape and to accommodate the emergence of new, threat-mitigating technologies.
Due in part to insufficient resources, a lack of active enforcement meant warnings at the Manchester Arena which were not identified. As recommended in the Protect Duty consultation, counter-terrorism and security agencies, licensing officers, and law enforcement must co-operate more transparently to avoid similar failures.
Finally, both planned and unplanned venue inspections should be carried out with site visits covering licensing checks and stakeholders instructed that enforcement consequences are as serious as breaches of health and safety legislation.
An All-American Protect Duty
Though the UK Protect Duty is yet to be finalized and published, the consultation includes suggestions that all countries could benefit from, including the U.S.
Each country will face its own challenges when implementing suggestions and, in the U.S., determining which stakeholder is responsible for each part of the duty, is likely to be a major obstacle.
It’s a concern that was raised by Stuart Taylor, CEO of Stucan Solutions Corporation, a security firm based in Virginia, who said: "The question is whether the U.S. government and law enforcement agencies will support and implement a program like the Protect Duty with the debate inevitably centering on who will pay. Insurance and tax rebate incentives may soften the blow, but there would likely be pushback regarding jurisdiction as individual states don't appreciate federal mandates, and the U.S. is so polarized politically, red and blue state agreement would be difficult to engineer.”
As in the UK, the U.S. would also have to consider the costs associated with introducing additional policies should a version of Protect Duty be introduced. Observing how the UK manages these costs and shares responsibility between stakeholders, leaseholders, venue owners, and security teams will be crucial.
The Manchester Arena Inquiry Report is a distressing portrayal of the many failings that enabled an atrocity of such scale to occur. The proposed 'Protect Duty' will act to formalize better preparedness in the future and will present a detailed blueprint for the US to follow. As Stuart Taylor noted, “…all businesses, schools, and venues have a duty of care to their employees and guests to implement a scalable form of the Protect Duty.”
The U.S. should closely monitor how Protect Duty is rolled out in the UK and begin to make preliminary preparations should a similar ruling be introduced in the future.
About the Author:
Director at ATG Access, Iain Moran first joined ATG over 20 years ago as an electrical engineer. He now leads the Commercial UK Sales and High Security Sales teams, whilst also looking after transactions in America, Australia and Canada. In his time at ATG Access he has helped to secure high profile security projects including The Shard, Sydney Opera House, London Olympics 2012, various Network Rail train stations and multiple airports including LAX Airport.