Are You Ready for The Terrorism (Protection of Premises) Bill?

Posted: 14 Aug, 2023.

In 2023, the UK Government will introduce the Terrorism (Protection of Premises) Bill, designed to improve the protection of publicly accessible places from terrorist attacks. The legislation is intended to ensure that businesses and organisations are better prepared to deal with – and respond to – serious incidents.  

Also known as ‘Martyn’s Law’ or Protect Duty, the Terrorism (Protection of Premises) Bill is borne from the growing number of terrorist attacks across the UK and the campaign by Figen Murray, the mother of one of the 22 victims of the Manchester Arena attack in 2017.

According to the latest government figures, the UK has foiled 27 terrorist plots since March 2017, which serves to highlight the necessity of this law, should the worst happen. It is expected to add another layer of protection, working alongside the day-to-day actions of the police and security services. 

Who needs to be ready for The Terrorism (Protection of Premises) Bill?

The first draft of the bill published on 2 May 2023 identifies the qualifying premises, what parts of these premises, and the types of events which will fall under scope. Qualifying premises are split into two tiers:

  • 100+ capacity – standard duty premises
  • 800+ capacity – enhanced duty premises

The legislation will introduce a legal obligation for the owners and operators of publicly accessible locations (PALs) to take suitable and proportionate measures to protect the public from terrorist attacks and increase public safety.

A publicly accessible location has currently been defined by the Government as “any place to which the public has access, on payment or otherwise, as of right or by virtue of express or implied permission”. It is also noted that PALs can be contained with one another. Outdoor locations qualify if there has been an invitation or ticketed event arranged, regardless of whether it is paid or non-paid.

This means that the new legislation will affect all 333 local authorities in the UK as they are responsible for open public spaces such as parks, beaches, cities, and town centres, as well as indoor venues such as town halls.  

It is also estimated that around 650,000 UK businesses could be affected by the new legislation, ranging from large venues such as the O2 Arena to smaller venues such as theatres and even large restaurants.

Large organisations that employ more than 250 people and operate in publicly accessible places are included, although offices are excluded as access is not “publicly available”.

Exceptions will also be in place for schools, nurseries and places of worship which will fall under standard duty even where their capacity would otherwise put them into the enhanced duty category. 

Other venues impacted include:

  • Retail stores, shopping centres and markets
  • Transport hubs
  • Commercial ports
  • Schools and universities
  • Medical centres and hospitals
  • Hotels, pubs, clubs, and casinos
  • Sports stadium, music venues, festivals, visitor and tourist attractions
  • Places of worship
  • Government offices, including town halls and job centres
  • High streets, public squares, parks, and beaches.

The premises must be primarily used for one of these listed purposes to qualify, so premises used occasionally for public use will not fall into the category of “qualifying public premises”. Instead, these sorts of premises occasionally used for large events should fall under the “qualifying public events” category.

For both duty levels, the persons responsible are those who have control of the premises for their relevant use.

While the details of these duties are still unknown, the explanatory notes to the bill say the burden on standard duty premises is meant to be “low-cost”, while the impact on enhanced duty premises is expected to be more onerous.

Qualifying public events

The legislation will also apply to qualifying public events, which can be defined as public events held at premises that are not qualifying public premises, where express permission is required to enter for the purpose of attending the event (with or without payment) and where the event has a capacity of 800 individuals or over.

Such events, like music festivals and country fairs on private land, must adhere to the same standards as enhanced duty premises. The responsibility for compliance lies with the persons controlling the premises during the event, even in cases of joint control or third-party-hosted events. The definition of “persons” here includes individuals, companies and other incorporated entities.

What are the obligations?

Standard duty premises

Standard duty premises will be required to undertake “basic, low-cost activities to improve preparedness”. This means undertaking and maintaining a “standard terrorism evaluation”, which will need to be provided to all those who work at the premises. This evaluation must be reviewed whenever a “material change” is made to the premises and at least annually. This should include:

  • the type of terrorism most likely to occur at the premises,
  • terrorism prevention measures in place at the premises,
  • harm reduction measures, and
  • procedures to be followed if a terrorist act occurs.

The scope also requires terrorism protection training which must be provided to “relevant workers”. There is no requirement for these workers to be paid, so volunteers could be within the scope of this definition. It is defined that a person is a “relevant worker” if they “have responsibilities that make it appropriate for them to receive terrorism protection training”.

Enhanced duty premises and qualifying public events

Larger premises and qualifying events will need to comply with all elements of the standard duty, as well as several additional measures. These are;

  • a terrorism risk assessment must be produced,
  • a named individual must be appointed as the designated senior officer for the premises (or event), and will be responsible for regularly reviewing and updating the terrorism risk assessment,
  • organisations must implement reasonably practicable security measures to reduce the risk of, and harm caused by, terrorist acts occurring at or near the premises or event; and
  • responsible persons must prepare and maintain a security plan, which must be provided to the regulator.

The bill states that this obligation should not impose a “disproportionate burden” on the persons in control, however, it is not yet clear what is considered “disproportionate”. It’s expected that security plans will be required to include;

  • Procedures for alerting the emergency services
  • Procedures for alerting persons at, or in the immediate vicinity of, the premises or event;
  • Procedures for securing the premises or event, where it is safe and appropriate to do so.

Who is the regulator for the Terrorism (Protection of Premises) Bill?

Inspection and enforcement of the Terrorism (Protection of Premises) bill will be managed by a regulator yet to be confirmed. This may be the Home Office or could be a newly established regulator.

Qualifying public premises will need to register with the regulator, and they must be notified of any public events as soon as the details are made public.

How will the Terrorism (Protection of Premises) Bill be enforced?

The regulator possesses a range of civil and criminal sanctions to ensure compliance with the legislation. For standard duty premises, the regulator can issue fixed penalties up to a maximum of £10,000. However, for enhanced duty premises and qualifying public events, the regulator’s authority extends to imposing higher fixed penalties, either £18 million or 5% of worldwide revenue, whichever is greater. Additionally, the regulator can utilise daily penalties for continuous non-compliance.

It is noted that the penalties imposed by the regulator must be deemed appropriate and proportionate to the specific contravention.

Civil sanctions can also be imposed to address non-compliance, while criminal offences are reserved for the most severe breaches. Contravention notices may be issued to outline the contravention and the necessary steps to rectify it. In cases of serious violations, restriction notices can be applied, limiting the use of specific premises for certain purposes for up to six months, exclusively for enhanced duty premises and events.

Failure to adhere to contravention or restriction notices may lead to further fines. Moreover, failure to comply with these notices becomes a criminal offence for enhanced duty premises and events, potentially resulting in personal liability for directors or senior officers of a body corporate.

What are the Benefits of the Terrorism (Protection of Premises) Bill?

The Terrorism (Protection of Premises) Bill is expected to have a positive impact on public safety, as the measures put in place to comply are likely to have wider benefits than solely preventing terrorist attacks and could prevent other criminal acts by default.

For those implementing protective measures for the first time, it will mean venue owners and operators will have a new understanding of how vulnerable their organisation is and taking protective steps will be at the top of their to-do list.

The key objective of the Bill is to drive an improved culture of safety and security where venue owners and operators understand the potential threats and implement reasonable, proportionate, and coordinated measures in response.

What can organisations do to prepare for the (Terrorism Protection of Premises) Bill?

The draft Bill was published and laid before the House of Commons on 2 May 2023. It will now face pre-legislative scrutiny by the Home Affairs Select Committee before it is formally introduced to Parliament. So although the final wording of the Bill is yet to be confirmed, organisations should start to consider their role in protecting the public from terror threats as soon as possible.

Understand the Risks

Although all locations under the Terrorism (Protection of Premises) Bill are potential targets, it’s essential for owners and operators to understand the specific terror threats facing their organisation. This includes understanding that motivations, targets and attack methods vary and change over time, as well as understanding how your organisation might be affected – either by being targeted directly or indirectly.

Review risk assessments

Most venues will have existing risk assessments in place and the Terrorism (Protection of Premises) Bill is expected to complement this for standard duty premises.

Enhanced duty premises and qualifying public events will be required to have a separate terrorism risk assessment. In order to get ahead of this requirement, PALs can review their current risk assessment to see where relevant hazards have already been identified and measures put in place. These risk assessments will need to be taken a step further to specifically identify what is reasonably practicable to mitigate risks and vulnerabilities during a terrorist attack.

Like standard risk assessments, the terrorism risk assessment will need to be reviewed and updated at least annually, in line with different threat levels and changes to internal or external risk context as time goes on.

Internal risk context – for example, following an expansion of an organisation’s premises and/or staff numbers, or a change in the business model, such as a restaurant starting to serve customers outside.

External risk context – for example, a significant terrorist attack in the UK or a change in the Government’s national terrorism threat level assessment.

Address vulnerabilities

When conducting your risk assessment and incident response plan there are likely to be gaps identified where new measures are required to address vulnerabilities. This could include physical security measures such as;

  • Security doors
  • Blast-resistant glazing
  • Fences
  • Bollards
  • CCTV
  • Electronic access control
  • Intruder detection systems

Alternatively, less invasive technology could be implemented. For example, technology solutions that support the identification of potential threats, limit the opportunity for an attack and coordinate the response in the event of an attack.

Create incident response plans

In order to guarantee a coordinated and time efficient response in an emergency, clear guidelines need to be drawn up and communicated to all staff, with regular refresher training provided. When creating this plan, consider how you and your staff would respond to an incident occurring inside, outside, or near to your building or site.

Embed a security culture

A culture of safety should be created alongside considering what can be done to make it harder for a terrorist to conduct target research, such as introducing a policy for reporting suspicious behaviour. Staff are the most likely to pick up on odd or unusual behaviour, so encourage them to report anything that seems suspicious, whether this is a person themselves or bags left unattended.

To embed a culture of safety you should also be security-minded in your communications, particularly online. Include messages demonstrating your commitment to ensuring security and safety and avoid providing specific information that could aid in planning an attack, such as floorplans. 

Stay up to date with the latest guidelines

Each organisation’s nominated health & safety team or professional will no doubt be up to speed on the latest developments in the industry, but it is worth paying close attention to the latest guidance for mass gatherings and physical security.

Read the full draft bill and guidance notes

Incorporating technology into a new Protect Plan

Technology is advancing all the time and, as we find new ways of using it to our advantage, we also create new opportunities to keep people safe. It is therefore extremely important not to forget the significant role that technology has to play should a terrorist attack happen.

Critical event management

As a disaster unfolds, communicating quickly and effectively with those on the ground is key to cutting down response time and allowing a rapid exchange of accurate information. Our emergency alert system is designed to deliver mass notifications in precisely this sort of situation. It is a crisis event communications solution that will cut through the noise of daily chatter to alert employees to potential risks and provide them with the information they need to safeguard themselves and those around them.

Messages are sent to devices within a specified location using geofencing technology and overriding any ‘do not disturb’ settings. The text within the alert cannot be edited or forwarded which safe-guards the credibility of the instructions as the situation unfolds, giving the recipient peace of mind to do their job effectively and confidently.

It is simple to use, with an intuitive user interface that can sit on multiple devices and operating systems, sending and tracking mass safety messages to thousands of employees simultaneously with the capacity to send around 2,000 messages per second.

Body worn video

Another form of technology that provides a further layer of security is a body worn camera. Overt and obvious, body worn video technology often works as a deterrent to aggressive and violent behaviour. However, when we’re talking about meticulously planned acts of terror, body cameras serve a different purpose.

Attached to an individual, they provide an alternative perspective of events to CCTV cameras which might not be able to capture people’s faces, particularly if the venue has been previously scouted, as they often are. Additionally, body worn cameras are not fixed in a set location; this mobility means that footage can be captured from wherever the incident is taking place.

Be sure to choose a high-spec camera that can do more than just record events. Peoplesafe’s body worn video solution works alongside our lone worker app so that an SOS alert can be triggered enabling two-way communication to the Alarm Receiving Centre (ARC) where a Controller can listen to events as they unfold and react accordingly. This means that those not at the scene can provide advice and instruction at a time when the wearer is likely to be under extreme stress.

Peoplesafe Pro App and Reveal Media body worn camera

The Alarm Receiving Centre operates 24 hours a day, 7 days a week and is manned by highly trained, experienced staff who are experts at handling crisis situations of all kinds. It is certified against BS EN 50518:2019 Category 1 and BS 8484:2022. Not only is the ARC on hand to provide support to those on the ground during a crisis, they also have access to the highest level of police response, giving them direct access to police control rooms without the need for a 999 call. 

We’ve come a long way since the Manchester Arena attack and learnt many lessons.  Technological advances are key to enabling organisations to react faster and communicate better, saving precious time and lives as a result. When it comes to public safety, exceeding requirements is a safer way to go, so we would urge organisations not to wait for the legislation to go live but to get everything in place now. Making sure that everyone on the ground and running the show knows what to do should the worst happen is what ‘Martyn’s Law’ is all about.

Find out more

If you would like to discover more about how to communicate with employees during a crisis, no matter where on the globe they (or you) are, read more about our mass notification system, and find answers to our most frequently asked questions and the details you need to get in touch with our team. 

For further guidance on the Protect Duty legislation, visit our guide below:

Click to read Terrorism (Protection of Premises) Bill – Are You Ready? Download

Related Products

Emergency Alert System

Simple and dedicated emergency alert system.
  • £0 set up costs
  • Set up in 1 hour and send messages in seconds
  • Active Directory and HR platform integrations

Body Worn Camera

Instant deterrent for potential verbal and physical abuse with 24/7 support.
Share
Subscribe to our newsletter
Receive quarterly emails with the latest Peoplesafe developments including product and technology innovations, upcoming events and industry news and tips.
Related Posts
25 March 2025
What Does the Worker Protection Bill 2023 Mean for Employers?
Read More
6 August 2024
Employer vs Employee Health and Safety Responsibilities
Read More
30 July 2024
Guide to Business Continuity for Event-Based Companies
Read More
The UK's leading provider of technology-enabled employee safety solutions.
Get in touch
Newsletter Sign Up
We'll never share your email with anyone else.
Products
Sectors
About Us
Resources
© 2025 Skyguard Ltd T/A Peoplesafe. Company Registration Number: 04107459. All rights reserved. Peoplesafe is part of the Send for Help Group.
Enquire