The duty to provide reasonable security against foreseeable crime risks has held my attention since the landmark case involving singer Connie Francis, who was assaulted by an unknown assailant in her motel room after a performance on Long Island. While innkeepers have had a duty to provide security for their guests as long ago as the Middle Ages, the notion of holding the innkeeper responsible in damages for an assault on a guest by an unknown attacker because of the alleged negligence of the lodging’s owner was a new concept in the 1970’s. It has since has given rise to a very active premises liability practice for lawyers on both sides of the issue.
On September 9th, 2003, Judge Alvin Hellerstein in the Federal District Court in New York denied the motion to dismiss the cases of victims of 9/11 who were killed in the World Trade Center. Their law suits will go forward not only against the building’s owner and the airlines, but also against the security companies who allowed the terrorists access to the airliners and even the manufacturer of the aircraft, Boeing, all of whom are being sued for negligent security. This decision has raised criticism for its policy implications, which appear to have extended the concept of the legal doctrine of “duty” to new lengths, and pushed the always-imprecise notion of “foreseeability” to yet greater challenges (especially to the imaginations of plaintiffs seeking damages).
To understand the concept of liability for negligent security, it is important to understand something about negligence law and its relationship to criminal law, especially since they often share the same legal concepts. We learn early on in our society that when we engage in a potentially dangerous activity we may be held responsible for the safety of others, and that to disregard that responsibility can result in punishment to us if that conduct caused an injury to another. For such a violation, courts will usually impose a fine or imprisonment on the perpetrator of the act. Often, however, the issue is handled in a civil court, resulting in the person whose negligence allowed harmful conduct to occur being held responsible for money damages to the victim — even if that person did not actually inflict the harm — because the crime was not prevented. Negligence can be thought of as a failure to observe the duty of security owed to a victim; that failure is described as a “breach” of the duty of care.
Not every act of negligence results in liability in damages for the injury sustained by one to whom a duty of care is owed. But when a breach is determined to be responsible for an injury, it is identified as the cause of the injury. That finding is called “causation.” It is often the case that, even where it is determined that a duty has been breached and that causation has resulted in a criminal act such as a burglary, if nothing was taken and no harm was caused, there are no damages.
Without damages, the perpetrator may still be punished for his criminal act. The one who owed the duty to provide security will not owe any money to the victim and their will be no liability on the part of the one who breached the duty. For there to be a claim of negligence there must be a duty that was breached by the one who owed it, that breach must have caused some harm to the one entitled to the duty, and that harm must be measurable in damages.
To understand the concepts of duty and breach, the concept of “foreseeability” of the risk must be introduced. In a general sense, all risks are foreseeable; but only “reasonably” foreseeable risks need concern those responsible for providing security.
The current debate over whether the events of September 11th were foreseeable is a case in point. The possibility of terrorists commandeering an airliner for purposes of changing its destination or holding the passengers and crew hostage were known possibilities on 9/11. For that reason, we have had passenger screening since the early 1970s. The real question of whether the hijacking of a commercial airliner in the United States for use as a missile is foreseeable is more difficult to determine. While one can argue either way on the question, producing evidence in support of the view that such an occurrence was reasonably foreseeable presents yet another question.
Assuming that we conclude that such an event was reasonably foreseeable, then we must deal with the question of whether the security in place to prevent the hijacking was reasonably designed to protect those to whom the duty is owed. If we conclude that the security in place was reasonably calculated to defeat the threat, then the mere fact that it failed to neutralize the threat is not proof that the duty owed was breached, since the performance by those owing the duty need only be reasonable but not fool-proof. Before a defendant can be declared negligent, a jury will need to conclude that he or she failed to provide a reasonable defense against a reasonably foreseeable risk.
Reasonably Foreseeable Acts of Terrorism
In New York City — where two of the world’s tallest buildings were caused to collapse to their foundations in less that an hour; where thousands of passengers can be killed in a single subway station by a chemical agent; and where all of our public buildings, transportation hubs, and institutions are foreseeable targets of chemical, biological, or nuclear weapons in the hands of terrorists — where does one begin to develop a reasonable security program against terrorist acts which have, since 9/11, become reasonably foreseeable? Without a clear history of such threats, determining which risks are reasonably foreseeable and what constitutes a reasonable response is being calculated on a case-by-case basis. Unfortunately, those with the duty to protect against such risks may find themselves inundated with ideas but with very little basis upon which to support them, because of their inability to perform an accurate risk analysis.
For reasons of common law and tradition, governments have been allowed to move without a rational risk analysis in developing programs to protect the public against terrorism. Our airports have been experimenting with everything from advanced computer electronics in identifying weapons to exploring the possibility of requiring some 5,000 or more commercial airliners to be outfitted with anti-missile systems.
Installing and operating security systems to protect the public against criminal acts perpetrated by terrorists or others has frequently resulted in failure when tested in the workplace. When teams are sent into our airports to test the ability of screeners and their equipment in identifying weapons and explosives, those screeners continue to perform miserably, allowing as many as 90 percent of contraband to go through. Because of legislation and governmental immunity from liability for such breaches in the duty owed to the public, the government is usually not the defendant even if their performance is the cause of the breach.
On September 11th, however, it was not the government at the screening stations that failed to identify and detain the terrorists and confiscate their weapons — it was a group of private security contractors employed by airlines that may have breached their duty through negligent performance of their employees. That question will likely be litigated in the future, since the plaintiffs in that case have already overcome the motion to dismiss their law suits.
If private parties are to be held liable for security negligence from acts of terrorism, they will need to determine how to develop security programs that are reasonably calculated to defend against the foreseeable risks uniquely associated with their obligations to those to whom they owe a duty to protect. Since those obligated to protect others from the foreseeable risks of crime are most often businesses, a good place to start is with its own employees.
Involve Your Employees
The quickest and most effective way to secure a workplace is to integrate all employees into the security program. Not too many years ago, requiring all employees to wear some form of identification was met with resistance. Today, there is a hardly a workplace where employees are not required to possess, if not wear, an identification card for access and to move about the facility. In light of the ongoing threat of terrorism, and for just good crime prevention policy, every employee needs to learn basic security awareness and how to respond when faced with an imminent or actual security threat. We may never know how much injury and loss of life in he 9/11 attacks is attributable to a failure to train workers in the proper response to an emergency, or because the training provided was ignored by a panicked employee who did not have the confidence to help him or herself, or others who needed assistance. In a world of high level risks, fire drills alone just aren’t a good enough response to reasonably foreseeable security risks.
The Department of Homeland Security announced recently that it was presenting an award to the University of Southern California, which will break ground for the building of the first of several graduate schools to offer degrees in homeland security. In doing so, the government has announced the need to develop responsible training in identifying risks and building defenses against them.
While such programs will go along way toward elevating the level of professional security, we remain faced with a color-coded threat every day which requires our attention. Individuals and organizations that do not have the ability to identify the broad range of risks to life and property faced every day, or the ability to develop reasonable defenses against them, must seek help from those who are able to provide it. Aside from skilled and trained security professionals already at work in the private sector across America, crime prevention personnel serving in the nation’s police departments and agencies are available to provide a helping hand, and should be called upon for their skills. Whether it is concern over the issue of liability for damages resulting from the breach of the duty to provide reasonable security, or the recognition that each of us has a responsibility for ourselves and others to prepare to provide for personal security, now is the time to get started on a protection program. For too long as a nation we have left our own protection to others and have in too many cases regretted doing so. Our first line of defense against crime will always be our law enforcement agencies, who have distinguished themselves by their devotion to their duty to serve the public. With the coming of the age of terrorism and the recognition that our homes, schools, workplaces, and even houses of worship are vulnerable to criminal activity, we need to help law enforcement by preventing crime before it occurs, deterring crime by being aware of the conditions and persons that breed it, and terminating criminal activity when there is nobody available to do it for us.
It is with a sense of sadness that we need to seek compensation from those who were unable or unwilling to meet their duty to protect victims from criminal activity that was reasonably foreseeable. But such consequences are also reasonably foreseeable, and require attention if we are to create an environment in which we are at least reasonably safe. It is the prospect of massive loss resulting from new deadly weapons in the hands of criminals whose motivations are often difficult to calculate that requires all responsible citizens to play a more active role in the war on terrorism. Much can be done by private citizens in that regard. For individuals and organizations with a duty for security for others, duty, breach causation and damages are indeed words that take on new meaning in a world with terrorism.