The SAFETY Act: Risk Management for Anti-terrorism Products and Services

Faced with this reality, many companies are in the business of providing protection against terrorism in the form of products (software and others) and services. However, developers of these technologies face risks. What happens if a product fails to stop the attack it was designed to prevent? What happens if protective software is breached in an attack? How many lawsuits will the product developer face? These liability concerns could deter potential manufacturers or sellers of anti-terrorism technologies from developing, deploying and commercializing these potentially life-saving technologies. The SAFETY Act is intended to address these concerns.

Unfortunately, terrorism is not new. It has existed for a long time — well before September 11, 2001 — and will exist far into the future. Faced with this reality, many companies are in the business of providing protection against terrorism in the form of products (software and others) and services. However, developers of these technologies face risks. What happens if a product fails to stop the attack it was designed to prevent? What happens if protective software is breached in an attack? How many lawsuits will the product developer face? These liability concerns could deter potential
manufacturers or sellers of anti-terrorism technologies from developing, deploying and commercializing these potentially life-saving technologies. The SAFETY Act is intended to address
these concerns.

What is the SAFETY Act?

After the 9/11 terrorist attacks, Congress enacted the Support Anti-terrorism by Fostering Effective Technologies Act of 2002 (the “SAFETY Act”) as part of the Homeland Security Act of 2002, Public Law 107-296. The SAFETY Act, by bestowing liability protections for providers of certain anti-terrorism technologies, provides incentives for the development and deployment of these technologies by creating a system of risk and litigation management.

SAFETY Act protections are available to sellers of Qualified Anti-terrorism Technology (QATT). QATT is “any technology designed, developed, modified, procured, or sold for the purpose of preventing, detecting, identifying, or deterring acts of terrorism or limiting the harm such acts might otherwise cause.” The technology eligible to be a QATT includes “any product, equipment, service (including support services), device, or technology (including information technology) or any combination of
the foregoing. Design services, consulting services, engineering services, software development services, software integration services, threat assessments, vulnerability studies, and other analyses relevant to homeland security may be deemed a Technology. …”

Persons or entities seeking SAFETY Act protections must apply to the Department of Homeland Security (DHS) for either designation as QATT, or the additional protection of certification as QATT. Certification means that the QATT technology designated has been reviewed comprehensively by DHS and it has been found that the technology “will perform as intended, conforms to the Seller’s specifications, and is safe for use as intended.”

As part of a SAFETY Act designation and/or certification, the Secretary of Homeland Security will require the seller of the technology to obtain liability insurance in an amount appropriate “to satisfy otherwise compensable third-party claims arising out of, relating to, or resulting from an Act of Terrorism” when QATT has been deployed. SAFETY Act designations will be reconsidered by DHS after five to eight years.

The SAFETY Act gives the Secretary of Homeland Security broad discretion in determining whether to
designate a particular technology as QATT, although the following criteria (and others) may be considered:
– Prior U.S. government use or demonstrated substantial utility and effectiveness
– Availability of the technology for immediate deployment
– The potential liability of the seller
– The likelihood that the technology will not be deployed unless the SAFETY Act protections are conferred
– The risk to the public if the technology is not deployed
– Evaluation of scientific studies
– The effectiveness of the technology in defending against acts of terrorism
– Determinations made by federal, state or local officials that the technology is appropriate for preventing, detecting, identifying or deterring acts of terrorism or limiting the harm that such acts might otherwise cause.

Benefits of SAFETY Act Designation/Certification

Once a technology receives a SAFETY Act designation and/or certification, it is entitled to certain protections for claims arising from the performance or non-performance of the seller’s QATT in relation to an Act of Terrorism. An Act of Terrorism is defined as an act that (i) is unlawful; (ii) causes harm, including financial harm, to a person, property or entity in the United States; and (iii) uses or attempts to use instrumentalities, weapons or other methods designed or intended to cause mass destruction, injury or other loss to citizens or institutions of the United States.

A technology that has received a SAFETY Act designation is entitled to the following protections:
– Only one cause of action exists for loss of property, personal injury or death for the performance or nonperformance of the seller’s QATT in relation to an Act of Terrorism
– The one cause of action may be brought only against the seller of the QATT and may not be brought against the buyers, the buyers’ contractors, downstream users, the seller’s suppliers or contractors, or any other person or entity
– Exclusive jurisdiction in federal court
– Liability for sellers of the technology is limited to the amount of liability insurance coverage for the QATT required by the Secretary of Homeland Security
– No joint and several liability for noneconomic damages such as physical and emotional pain, suffering, inconvenience, physical impairment, mental anguish, disfigurement, loss of enjoyment of life, loss of society and companionship, loss of consortium, hedonic damages, injury to reputation and any other nonpecuniary losses (in other words, sellers of the technology can only be liable for the percentage of noneconomic damages that is proportionate to their responsibility)
– A complete bar on punitive damages and prejudgment interest
– The reduction of a plaintiff’s recovery by the amount of collateral source compensation (i.e., insurance or government benefits that a plaintiff receives or is eligible to receive).

A product that receives a SAFETY Act certification is entitled to the same protections as a SAFETY Act designation described above, as well as an additional benefit: a rebuttable presumption that the seller of the technology is entitled to the government contractor defense. The government contractor defense is an affirmative defense that immunizes sellers from liability for certain claims brought
under the SAFETY Act. Under the SAFETY Act, this rebuttable presumption can be overcome only by clear and convincing evidence that the seller acted fraudulently or with willful misconduct when applying for SAFETY Act protections. Notably, in the SAFETY Act context, the government contractor defense applies not only to those selling to the federal government but also to those selling to
state and local governments and the private sector as well. If a technology achieves SAFETY Act certification, it will also be placed on DHS’s Approved Products List for Homeland Security.

The government contractor defense immunizes sellers from liability for certain claims brought under the SAFETY Act.

Some of the SAFETY Act protections are also available for certain technologies that are in the development process but that require additional testing and evaluation. “Developmental testing and evaluation” designations will include limitations on the use and deployment of the subject technology, will remain terminable at will by DHS in the event of safety concerns, and will have a limited term not to exceed a reasonable period for testing and evaluating the technology (presumptively not longer
than 36 months). Further, SAFETY Act protections will apply only to acts that occur during the period specified in the “developmental testing and evaluation” designation.

Previously Granted Designations and Certifications

As of April 30, 2009, DHS had granted 104 designations, 132 certifications/designations, and 20 “developmental testing and evaluation” designations.

Designations granted in 2009 include a system that scans cargo for radiological and nuclear materials;
a security management system for chemical facilities and operations; and a Web-based application designed to assist first responders by providing information such as architectural drawings and floor plans.

Recent certification/designations include systems designed to improve the interoperability of communications among first responders; software for airport baggage screening; and encapsulated insoluble powder for the treatment of known or suspected radioactive contamination.

Recent “developmental testing and evaluation” designations include vehicles designed to detect underwater explosives placed on ship hulls; an aboveground fuel storage tank designed to withstand the impact of certain attacks; and a system that prevents attacks on maritime assets by small surface vessels.

Both large and small companies alike are seeking SAFETY Act protections for their products and services. Even the National Football League is involved in the SAFETY Act process. In December of 2008, it received a designation and certification for a set of “best practices” guidelines for stadium
security.

Conclusion

A company that has developed anti-terrorism technologies — or even products and services that were developed for other purposes but could serve an anti-terrorism function — should consider seeking SAFETY Act designation and/or certification from the Department of Homeland Security to manage the risks associated with these technologies. Additionally, SAFETY Act protection can serve as a valuable marketing tool for these technologies.

Please contact the author if you are interested in learning how the SAFETY Act might benefit your company or if you would like to apply for SAFETY Act protections.