Protect Duty – are you prepared?


Protect Duty

The long discussed Protect Duty, otherwise known as Martyn’s Law, was one of the 38 proposed bills in the Queen’s Speech on 10 May.

The bill aims to introduce new security requirements for certain public locations and venues, with the goal of protecting people from terrorist attacks.

The bill also touches upon an inspection and enforcement regime, aiming to ‘educate, advise and ensure compliance with the Duty.’

A driving factor behind the proposal is the fact that counter terrorism security efforts often fall in the pecking order when compared to other, legally required, activities, states the draft bill. Plus, during the consultation for the bill, seven in 10 respondents agreed that ‘those responsible for publicly accessible locations should take appropriate and proportionate measures to protect the public from attacks.’

In this article we provide some practical information on what organisations may need to consider when drafting a plan to meet the requirements of the new Protect Duty.


After a terrorist suicide bomb attack in the lobby of an arena in Manchester in 2017, several inquiries highlighted a range of security-related failings. As a result of both official findings and public pressure, heroically led by the mother of one of the 22 victims, Figen Murray OBE, a public consultation and pending draft legislation will put some responsibilities for terrorism security onto organisations who own and operate publicly assessable locations (PALs).


Publicly accessible locations are defined as “any place to which the public has access, on payment or otherwise, as of right or by virtue of express or implied permission” and include;

  • Retail stores, shopping centres and markets
  • Transport hubs
  • Commercial ports
  • Schools and universities
  • Medical centres and hospitals
  • Hotels, pubs, clubs, and casinos
  • Sports stadium, music venues, festivals, visitor and tourist attractions
  • Places of worship
  • Government offices, including town halls and job centres
  • High streets, public squares, parks, and beaches.


Organisations that fall into the scope of the Protect Duty will be required to:

  • Use available information and guidance provided by the Government (including the police) to consider terrorist threats to the public and staff at locations they own or operate.
  • Assess the potential impact of these risks across their functions and estate, and through their systems and processes.
  • Consider and take forward ‘reasonably practicable’ protective security and organisational preparedness measures (for example staff training and planning for how to react in the event of an attack).

Government publications regarding the Protect Duty suggest that without “legal compulsion”, counterterrorism security infrastructure and procedures are currently considered to be secondary priorities behind legal requirements such as workplace health and safety. As such, though there is an emphasis on the avoidance of placing a disproportionate burden on organisations, this legislation will likely involve stringent enforcement through financial penalties and fines for those who consistently fail to meet their obligations.


1: Adopt the basic principles regardless of legislation

Whatever the extent of the legislation, the principles that came out of the Protect Duty consultation make good sense. The proposed legislation outlines base level best practice that organisations should be adopting to keep their staff and students safe. On that basis consider adopting the principles of the Protect Duty, regardless of whether the legislation is passed or not.

Should the worst happen and you are impacted by a terrorist attack, the commercial and reputational damage of not having the basics in place could be catastrophic!

2: Use Protect Duty as a helpful guide to Duty of Care.

We believe the Protect Duty is a useful and practical guide to meeting your Duty of Care requirements. Whether the legislation is passed or not, there is a need to meet Duty of Care obligations and this should be seen as a useful handrail to guide on this journey.

3: Don’t overcomplicate things, particularly your risk assessments.

Our opinion is that security risk assessments should be incorporated into the overall risk assessment process. You don’t need a different methodology, framework or report structure for security risk. In fact, in order to ensure the security agenda is raised organisation wide, incorporate security risk into existing frameworks.

4: Protect Duty is as much about briefing staff as investing in expensive kit.

Complying with the Protect Duty is as much about briefing staff and having sensible and pragmatic policies, practices ad plans in place, as it is about expensive security infrastructure and capital expenditure.

5: Put an incident response plan in place.

When considering responses to an incident, a proper robust plan should be in place that includes evacuation, invacuation and lockdown scenarios. How to mobilise key responders, inform other agencies and Senior Managers as well as preparing to brief the media, will also need to be considerations for your planning.

Effective communication is vital, and the Callmy Alert service has been designed to support the execution of your critical incident plans, and a variety of other Business Continuity and Emergency situations.

Please contact us to discuss how Callmy Alert can help support your Protect Duty, student safety, lone working compliance, or Organisational Resilience.

Source content:, CHC Global Ltd.