The SAFETY Act is actually a part of the Homeland Security Act of 2002 or HSA (Public Law 107-296). The HSA is the law that created the Department of Homeland Security or DHS. Congress enacted SAFETY Act to provide very broad liability protections for the qualified users and providers of anti-terrorism products, systems and services. The Act’s purpose is to ensure that the threat of potential liability suits does not limit or deter the use of products and services that could help save lives.

The SAFETY Act is very broad as to what terrorism related identification, prevention or mitigation methods can be protected. The Act's criteria, application, evaluation and approval process applies equally to services as it does to "hard" products.  It can apply to a single, very specific technology or service as well as to a comprehensive overall anti-terrorism and response program. These could include vulnerability assessments, protection of assets including proprietary information and cyber security, emergency preparedness and response services, ongoing security, training and audit processes.

The Act's protections can also apply to systems integration and the overall decision process involved in selecting, implementing, managing and integrating multiple anti-terrorism products and services including software, physical building design, construction, security procedures, training or other services used for preventing, detecting, identifying, mitigating or deterring acts of terrorism.

SAFETY Act protection can be granted to new as well as existing services and technologies and retroactively at the discretion of the DHS.

Again, the range of products or services that can potentially receive SAFETY Act protection is very broad. It can apply to any procedure, technology, software or service that is designed, developed, modified, procured or used for deterring, preventing, detecting, identifying, minimizing, responding to, or recovering from acts of terrorism or limiting the harm such acts might cause. It can apply to both new and existing products. These can be things you provide to others or things you do or use yourself to protect lives and property. 

Any entity that uses, sells or otherwise provides anti-terrorism products, technologies or services, or products and/or services that aid in the response to, recovery from or limiting the harm from a terrorist act can apply for SAFETY Act protection.

The term of a SAFETY Act designation is typically five to seven years and must be renewed with the DHS each subsequent term.

IMPORTANT NOTES

• SAFETY Act protections apply perpetually for all QATTs provided during the actual term of the Designation.
• If tthe QATT is materially modified at any time, and such modification could impact its application, effectiveness or use, the Seller can automatically loose protection under the SAFETY Act.  The Seller needs to inform and/or re-apply to DHS for approval or re-qualification if there is any question as to a material modification on its QATT.

Under DHS interpretation, the use of SAFETY Act approved products or services confers key benefits to the user. This is in addition to the broad benefits provided to the provider / Seller of those qualified products. 

Even if the products or services you may use are already SAFETY Act Designated, you must evaluate the need to apply on your own for SAFETY Act protection. If you use many products and suppliers or, manage, provide or integrate anti-terrorism products or services yourself or, are involved in the decision process on what to use or buy, applying for your own SAFETY Act protection becomes extremely important.  Without your own Designation, you are relying entirely on third parties for a lesser level of protection than you could obtain on your own.

The SAFETY Act requires that an application be filed with, reviewed and specifically qualified by the DHS.  Assuming the application is complete, the decision must be given within 120 days. Once formally qualified by the DHS, the SAFETY Act automatically confers its broad liability protections to the applicant.

The SAFETY Act uses the term "Seller" throughout. The Seller is actually the applicant once their products or services are approved by the DHS. Again, the Seller DOES NOT have to be a manufacturer or even sell things to apply and qualify under the law.

The Seller is the direct beneficiary of all of the applicable SAFETY Act liability protections.

Once the products and/or services are qualified, the applicant (now deemed the "Seller") is automatically entitled, under federal law, to significant limitations of their liability stemming from a designated terrorist act or event.

Some of the key SAFETY Act benefits and protections include:

• A limitation, or “cap” on your liability equal to the amount of liability insurance coverage required by the DHS.
• Exclusive jurisdiction in Federal court  for all related suits
• Punitive damage claims are barred
• Non-compensatory damages are barred
• Non-economic damages are barred unless the plaintiff was physically harmed. Non-economic damages include things such as pain and suffering, mental anguish, loss of consortium etc.
• Pre-judgment interest is barred  Pre-judgment interest is interest on an award normally imposed by the court from the date of the event until the date the ultimate award is determined
• A prohibition on joint and several liabilities for non-economic damages Only that percentage of the ultimate claim amount that is directly attributed to the given defendant’s negligence can be recovered
• Credit for Other Plaintiff Recoveries The Seller’s liability would be reduced for other compensation that may be available to the claimant from collateral sources such as insurance recoveries or other defendants

If your company is involved in homeland security or anti-terror security in any way, whether for yourself or others, it is critical to know if, and how, you can benefit from the SAFETY Act.  Applying to the DHS requires some dedicated time and poses some unique insurance challenges. However, not applying when you could have otherwise qualified could create much more severe challenges in the future.

Use outside experts to assist you in this critical task.

If an entity could otherwise qualify but does not apply for protection, it could:

• Add un-capped / un-insured catastrophic exposures to its bottom line
• Significantly increase any directors’ and officers’ personal exposures
• Significantly impact the company’s stock price or valuation
• Impact the ability to sell all, or part of the company
• Lose the ability to compete against SAFETY Act Certified companies
• Be disqualified under any bids requiring SAFETY Act Designation
• Loose a procurement to a SAFETY Act qualified competitor under the new FAR SAFETY Act guidelines 
• Drastically increase chances of becoming the plaintiff's “soft target”
• Violate Sarbanes-Oxley*

An ‘‘Act of Terrorism’’ under the SAFETY Act is any act that the Secretary of Homeland Security determines meets the requirements under the Act.  In general, it must:

*  "harm" has been interputed by the DHS to include financial harm so acts outside the US that threaten a US entity financially could be construrd as covered by the act.  Since this is a US law, it will only apply to suits brought within the US.

 ** "other loss" has been interputed by the DHS to include financial loss such as loss, theft or disruption to sensitive data on, or operations controled over, a computer network.

It is very important to understand that the SAFETY Act’s protections DO NOT APPLY to any liability, claim or suit that does not arise from a designated act of terrorism or response to, or recovery from, such act. 

This represents a very important liability and insurance related consideration for products that have other inherent risks due to their very nature. Some examples could include vaccines, medicines, lasers, weapons, explosives, ammunition, radioactive or other toxic or hazardous products or chemicals, etc.

“Anti-terrorist Technology”or “ATT”, is very broad in scope. The definition can apply to a wide range of new and existing technologies. These can include “Hard” products such as equipment, machines and other devices.  It can apply to advice, studies, procedures, services as well as to software and other forms of intellectual property. “Technology” is described in the Final Rule as any product, equipment, service (including support services), device, or technology (including information technology) or any combination of the foregoing. Design services, consulting services, engineering services, software development services, software integration services, threat assessments, vulnerability studies, and other analyses relevant to homeland security may be deemed a Technology.

“Qualified Anti-Terrorism Technology” or “QATT”, is described in the Final Rule as any Anti-terrorist Technology designed, developed, modified, procured, or sold for the purpose of preventing, detecting, identifying, or deterring acts of terrorism or limiting the harm such acts might otherwise cause, for which a Designation has been issued.

The Designation “label” actually applies to the advice, procedure, product or service that the DHS has approved as the Qualified Anti-terrorism Technology or “QATT”. Once “Designated”, it is listed as an “Approved Product for Homeland Security” and the applicant, now deemed the “Seller”, is automatically protected under the applicable SAFETY Act provisions.

A “D T & E Designation” can be granted for Anti-terrorist Technology that is being Developed, Tested, Evaluated, modified or is otherwise being prepared for deployment.  Once the Under Secretary has Designated a TT & E Qualified Anti-Terrorism Technology, it is eligible for protection under the Act. 

The D T & E Designation is typically for a much shorter period and much more limited in the allowed scope of deployment until the QATT is fully tested and a full Designation is granted after reviewing a new application.

Once a product or service is “Designated”, the Seller that obtained that Designation becomes eligible for “Certification”. If granted, that “Certified” Seller can invoke the Government Contractor Defense for covered claims arising out of the Designated technology. The successful assertion of this defense eliminates any liabilityon the part of that Seller.

A Block Designation or a Block Certification indicates that the DHS has determined that the QATT satisfies the technical criteria for either Certification or Designation and that no additional technical analysis will be required in evaluating applications from other potential Sellers of that QATT. The terms of that Block Designation will establish the conditions which an additional applicant may receive SAFETY Act coverage as a user or provider of the subject technology. Applications from other potential Sellers of a QATT that has received either Block Designation will receive expedited review and will not require submission of information concerning the underlying "Block" technology.

The Secretary of Homeland Security (“Secretary”) is responsible for administration of the SAFETY Act. 

The Final Rule states: “All of the Secretary's responsibilities, powers, and functions under the SAFETY Act, except the authority to declare that an act is an Act of Terrorism for purposes of section 865(2) of the SAFETY Act, may be exercised by the Under Secretary for Science and Technology of the Department of Homeland Security or the Under Secretary's designees.”

The key to any successful SAFETY Act application is how well the proposed anti-terrorism technology satisfies the evaluation criteria described in the Act and its regulation. The way in which DHS evaluates those criteria is reflected in the questions in the application forms.  If the differences between the various products or models that use or incorporate the same technology cause each to differ in how they satisfy the criteria (i.e., significant differences in the answers to criteria related questions) then separate applications for each of those products or models should be submitted. If the products satisfy the criteria to basically the same extent, regardless of make or model, then one application is sufficient