The SAFET Y Act

Following the events of 9/11, commercial and governmental interest in anti-terror technologies (“ATT”) skyrocketed. Demand jumped for all types of goods and services that could help to protect valuable assets against terrorist attacks. However, the designers, producers, and users of such technology quickly recognized the potentially devastating liability they might face in the event that such technology failed.

A legislative solution to this problem followed ' the SAFETY Act (the “Act”). The fundamental intent of the Act is to encourage companies to design, develop, and deploy ATT to protect high-value terrorist targets owned by government or commercial entities, here in the U.S. and abroad. The Act achieves this by providing to the Department of Homeland Security (“DHS”) the authority to evaluate a technology's efficacy and utility, as well as the power to eliminate or reduce the threat of catastrophic liability should such companies be sued in tort in the United States following an act of terrorism involving their ATT. Providers and users of ATT run significant risks if they fail to understand and utilize this important risk mitigation tool.

The 'Perfect Storm' Leading to the Act

Following the events of 9/11, one of the biggest concerns of companies selling anti-terror technology was the potential for them, literally, to be sued out of existence, for instance, by selling a $1,000 handheld chemical-biological sensor that allegedly failed to identify a subsequent terrorist attack. Such companies now faced “enterprise-threatening” unquantifiable liability. Although the demand for anti-terror technologies was extremely high at that time, companies were justifiably concerned about entering the homeland security marketplace, even refusing to bid on important federal and state government homeland security procurements.

It soon became apparent that a legislative remedy was necessary. In the summer of 2002, the “perfect storm” existed for the enactment of a legislative solution, including the following key “atmospheric conditions”:

• The free world's threat analysis now had shifted from post-Cold War scenarios to “low intensity warfare,” i.e., guarding daily against chemical, biological, radiation attacks by terrorists;
• The sheer enormity of potential damages from terrorist attacks, exemplified by the fact that NYC had suffered $20 billion in losses even after receiving insurance and federal emergency monies. Insurers' losses exceeded $36 billion. Families who lost loved ones or were injured in 9/11 received over $5.4 billion in compensation;
• Lawsuits were filed against airports, port securities and security providers for business interruption and economic loss as result of 9/11;
• A federal court in New York permitted family members to bring wrongful death suits on behalf of decedents from 9/11 attacks against airports, security companies and the Port Authority of NY/NJ, holding that the 9/11 attacks might have been foreseeable by such entities;
• Terror insurance coverage and federal indemnity, traditional tort mitigation tools for providers of ATT, became unavailable or too expensive; and
• Numerous members of Congress and the White House were concerned that the American court system was not equipped to address or manage terrorism-related litigation.

As a result of this confluence of events and realities, Congress incorporated the “Support Anti-Terrorism by Fostering Effective Technologies Act” ' the “SAFETY Act” ' into the Homeland Security Act of 2002, the same bill that created the DHS. This Act was signed into law on Nov. 26, 2002.

The Basic Precepts of the Act

The definition of “anti-terror technologies” is broadly applied by DHS and includes both products and services, including services such as training, vulnerability assessments, systems integration, etc. Such products or services must have a material anti-terror purpose in order to qualify for SAFETY Act coverage.

Two levels of tort protection exist under the Act. The highest form of tort protection that can be obtained from the DHS comes through “Certification” of the ATT. Certification provides:

• A requirement that third-party suits arising out of an act of terrorism involving SAFETY Act-approved ATT be filed only in federal court, not in U.S. state courts;
• A presumption that the seller/provider of the ATT is entitled to immediate dismissal under the “government contractor defense” from any lawsuit arising out of an act of terrorism involving SAFETY Act-approved ATT;
• If a prospective plaintiff overcomes this presumption of dismissal, protection from any award of punitive damages; and
• A cap on compensatory damages against the seller/provider/user of the ATT at an amount set forth by the DHS in its coverage award decision. This amount is required to be maintained in the form of available terrorism insurance coverage.

The Act and its implementing regulations provide that Certification protection can only be overcome if the claimants prove, through clear and convincing evidence, that the Act-approved company acted fraudulently or with willful misconduct in the submission of data to DHS during the Act application process.

DHS can also award a lesser form of protection under the Act known as “Designation.” It includes all of the protections under Certification described above, except for the presumption of dismissal under the government contractor defense.

Importantly, Certification and Designation protections apply not only to the seller/provider of the SAFETY Act-approved ATT, but also to the seller/provider's subcontractors, vendors, distributors and, significantly, customers, including the U.S. and foreign customers, commercial or governmental, deploying SAFETY Act-approved technologies.

Moreover, in DHS' view, these protections will apply even if the act of terror occurs outside the United States so long as the “harm,” including financial harm, is to persons, property or entities in the United States. Entities do not have to be incorporated or have their primary place of business in the U.S. to receive Act coverage; foreign companies can and have received coverage.

The Act Application Process

Sellers or providers of ATTs must submit the required DHS application to obtain Act coverage. Typically, for a complete application, the DHS review and approval process takes 120 days. Among other criteria that must be satisfied, an applicant for Act coverage must demonstrate the proven effectiveness of its ATT to obtain the higher forms of Act coverage. DHS has over 200 experts from academia, the federal government, national labs and federally funded research and development centers who review Act applications.

All applications are held confidential within DHS and will not be disclosed, without the applicant's permission, outside of DHS, including to other federal agencies. DHS reviewers are screened for conflicts of interest and sign non-disclosure agreements before commencing their review. The IT system used to accept and process applications has been certified and accredited by the DHS Chief Information Officer.

When DHS awards Act coverage, it typically grants such coverage for five to eight years. The seller/provider can seek to renew its coverage two years before the term expires. DHS has also applied Act coverage retroactively to past deployments of substantially equivalent ATTs.

Key Statutory Interpretations and Regulatory Amendments Leading to Broadened Implementation

Through its October 2003 interim regulations at 6 C.F.R. Part 25, Fed. Reg. Vol. 68, No. 200, 69688 (Oct. 16, 2003) and its Final Rule issued in June 2006 at 6 C.F.R. Part 25, Fed. Reg. Vol. 71, No. 110, 33, 54 (June 2006), the DHS has issued numerous crucial interpretations of the SAFETY Act, which have led to a robust implementation. These key interpretations include the following:

• The Act applies to products (e.g., hardware, software) as well as services, as long as they have a material anti-terror purpose.
• The Act provides tort protection for customers who buy and deploy SAFETY Act-approved ATTs as well as the seller's subcontractors, vendors, suppliers, etc. who contribute to the ATT. DHS has concluded that in a suit arising out of a terrorist attack involving Act ATTs, the only appropriate defendant is the company who was awarded Act coverage.
• Act coverage can be applied retroactively to cover substantially equivalent ATTs deployed by the company awarded Act coverage.
• The Act protects companies from tort suits filed in U.S. courts arising from foreign acts of terrorism involving SAFETY Act-approved ATT as long as the harm, including financial harm, occurs to persons, property or entities in the United States.
• If a user of SAFETY Act-approved ATT modifies such technology unbeknownst to the company awarded Act coverage for the ATT, such modification does not vitiate the latter company's Act coverage.

Companies that have a promising but not yet deployed ATT can obtain a “Developmental Testing and Evaluation Designation.” This type of Designation is a limited (in duration and geographical applicability) form of SAFETY Act coverage for deployments that will help prove the efficacy of the technology, thereby encouraging research and investment in such technology.

Through a “Pre-Qualification Designation Notice” process, federal, state and local governments can request in advance from DHS a determination that their anti-terror procurement affirmatively or presumptively satisfies the technical criteria of the Act, thereby encouraging companies to bid on high-risk homeland security procurements.

Expanding Use of SAFETY Act Certification

These numerous statutory and regulatory pronouncements have cultivated a mutually beneficial environment, encouraging: 1) homeland security contractors to invest in cutting edge design, development and deployment activities; and 2) customers to seek such anti-terror technologies to protect their high-value and high-risk terror targets. This “symbiotic mindset” has fostered a growing deployment of key ATT in numerous marketplaces.

In the years since the passage of the Act, its use has grown exponentially at all levels of government and in the private sector. At the federal level, entities that have purchased and deployed SAFETY Act-approved ATTs include such entities as the Transportation Security Agency; Customs and Border Protection; the Department of Defense; the Department of Homeland Security; and the FBI and DOJ.

Further, in conjunction with DHS, the Federal Acquisition Regulation (FAR) Council has integrated the benefits of the Act into the federal acquisition process to ensure greater and more predictable synchronization between the award of federal homeland security contracts and the issuance of Act coverage. In particular, federal agencies are now required to determine whether the technology they are procuring may be appropriate for Act coverage. This may involve a consultation with DHS, and if the technology is appropriate for Act coverage, the procuring agency must request that DHS “pre-qualify” the successful offeror for coverage for that specific technology. Once pre-qualified, the issuance of Act coverage to the company that is awarded the contract can be expedited through a truncated application process, thereby helping to ensure that company is awarded Act coverage before they begin to deploy their ATT under the contract.

State and local government purchasers of SAFETY Act-approved ATTs include such “first responders” as the Port Authority of New York/New Jersey; the Port Authority of Los Angeles/Long Beach; the New York Metropolitan Transit Authority; the New Jersey Office of Homeland Security; the Orlando Airport Authority; and the Metropolitan Washington Airports Authority for Dulles and Washington Reagan National Airports; and the Midland, Texas Education Services Center. Regarding foreign governments, the United Kingdom also has purchased SAFETY Act approved products and services to implement its crucial homeland security program known as “E-Borders”; other foreign governments are considering such coverage for similar projects.

SAFETY Act coverage also has been granted to companies that deploy ATTs internally to protect their own critical infrastructure and facilities. For example, both the Dow Chemical Company and the National Football League have Act coverage for ATTs they deploy and use.

Under the Act, DHS has approved a wide range of ATTs deployed to a diverse customer base. These include such products as crane-mounted radiation scanning devices; aircraft jamming systems that defeat shoulder-fired missiles aimed at private and commercial aircraft; wireless audio-visual emergency systems deployed at schools and commercial facilities; in-line baggage and cargo screening devices deployed at airports and borders; and explosive trace detection systems deployed at U.S. and foreign transit systems and ports. These SAFETY Act-approved ATTs also include such services as systems engineering and integration activities providing border, critical infrastructure and site security solutions; vulnerability assessments, cyber security and emergency preparedness and response services for chemical plant facilities; physical security and force protection guard services deployed at military, judicial and commercial facilities such as courts and stadiums; and critical information sharing services and software creating a secure network enabling the U.S. Department of Justice, FBI and local law enforcement to share cross-jurisdictional information to prevent terrorist attacks.

These are just a few examples of the more than 300 ATTs for which DHS has awarded SAFETY Act coverage. This spectrum of awards reflects the breath and depth of the use of the SAFETY Act as an instrument to encourage buyers and sellers to embark on the design, development and deployment of cutting-edge homeland security technologies.

Future Use of the SAFETY Act

Increasingly, the Act has become the essential risk mitigation tool for both buyers and sellers of homeland security ATTs. Its benefits extend not only to providers of ATTs but also for those purchasing and deploying such technology. However, the availability and effectiveness of other stand-alone tort-reducing methods, i.e., terror insurance, indemnification, remains uncertain.

Further, despite the increased use of Act coverage, critical homeland security sectors with high-value terrorist targets in the U.S. and abroad remain “under-represented” by the Act. Key segments of the U.S. and global homeland security marketplace, e.g., railway, trucking, chemical, gas, etc., remain largely unrepresented in the Act marketplace, even though they represent high-value terrorist targets. These entities must step up their efforts to understand and pursue Act coverage as a critical tool in their “risk mitigation toolbox.”

It further is incumbent upon lawmakers, policy advisers, and the full user and provider communities fully to support and actively pursue the continued vigorous implementation of the Act. Anything less will dangerously undermine the favorable environment cultivated over the past several years and erode the confidence of businesses to invest further in the development and deployment of homeland anti-terror technologies. Most importantly, a less than vigorous application of the SAFETY Act will undermine the collective efforts of the United States and its global allies to thwart terrorism and adapt to the ever-evolving threat environment wherever it may arise.

Ray Biagini and Kurt Hamrock, members of this newsletter's Board of Editors, are litigation partners in the Washington, DC, office of McKenna Long & Aldridge LLP. In addition to the SAFETY Act, their practice focuses on product liability litigation and counseling of government contractors and other federally regulated industries. They can be contacted at [email protected] and [email protected].

Following the events of 9/11, commercial and governmental interest in anti-terror technologies (“ATT”) skyrocketed. Demand jumped for all types of goods and services that could help to protect valuable assets against terrorist attacks. However, the designers, producers, and users of such technology quickly recognized the potentially devastating liability they might face in the event that such technology failed.

A legislative solution to this problem followed ' the SAFETY Act (the “Act”). The fundamental intent of the Act is to encourage companies to design, develop, and deploy ATT to protect high-value terrorist targets owned by government or commercial entities, here in the U.S. and abroad. The Act achieves this by providing to the Department of Homeland Security (“DHS”) the authority to evaluate a technology's efficacy and utility, as well as the power to eliminate or reduce the threat of catastrophic liability should such companies be sued in tort in the United States following an act of terrorism involving their ATT. Providers and users of ATT run significant risks if they fail to understand and utilize this important risk mitigation tool.

The 'Perfect Storm' Leading to the Act

Following the events of 9/11, one of the biggest concerns of companies selling anti-terror technology was the potential for them, literally, to be sued out of existence, for instance, by selling a $1,000 handheld chemical-biological sensor that allegedly failed to identify a subsequent terrorist attack. Such companies now faced “enterprise-threatening” unquantifiable liability. Although the demand for anti-terror technologies was extremely high at that time, companies were justifiably concerned about entering the homeland security marketplace, even refusing to bid on important federal and state government homeland security procurements.

It soon became apparent that a legislative remedy was necessary. In the summer of 2002, the “perfect storm” existed for the enactment of a legislative solution, including the following key “atmospheric conditions”:

• The free world's threat analysis now had shifted from post-Cold War scenarios to “low intensity warfare,” i.e., guarding daily against chemical, biological, radiation attacks by terrorists;
• The sheer enormity of potential damages from terrorist attacks, exemplified by the fact that NYC had suffered $20 billion in losses even after receiving insurance and federal emergency monies. Insurers' losses exceeded $36 billion. Families who lost loved ones or were injured in 9/11 received over $5.4 billion in compensation;
• Lawsuits were filed against airports, port securities and security providers for business interruption and economic loss as result of 9/11;
• A federal court in New York permitted family members to bring wrongful death suits on behalf of decedents from 9/11 attacks against airports, security companies and the Port Authority of NY/NJ, holding that the 9/11 attacks might have been foreseeable by such entities;
• Terror insurance coverage and federal indemnity, traditional tort mitigation tools for providers of ATT, became unavailable or too expensive; and
• Numerous members of Congress and the White House were concerned that the American court system was not equipped to address or manage terrorism-related litigation.

As a result of this confluence of events and realities, Congress incorporated the “Support Anti-Terrorism by Fostering Effective Technologies Act” ' the “SAFETY Act” ' into the Homeland Security Act of 2002, the same bill that created the DHS. This Act was signed into law on Nov. 26, 2002.

The Basic Precepts of the Act

The definition of “anti-terror technologies” is broadly applied by DHS and includes both products and services, including services such as training, vulnerability assessments, systems integration, etc. Such products or services must have a material anti-terror purpose in order to qualify for SAFETY Act coverage.

Two levels of tort protection exist under the Act. The highest form of tort protection that can be obtained from the DHS comes through “Certification” of the ATT. Certification provides:

• A requirement that third-party suits arising out of an act of terrorism involving SAFETY Act-approved ATT be filed only in federal court, not in U.S. state courts;
• A presumption that the seller/provider of the ATT is entitled to immediate dismissal under the “government contractor defense” from any lawsuit arising out of an act of terrorism involving SAFETY Act-approved ATT;
• If a prospective plaintiff overcomes this presumption of dismissal, protection from any award of punitive damages; and
• A cap on compensatory damages against the seller/provider/user of the ATT at an amount set forth by the DHS in its coverage award decision. This amount is required to be maintained in the form of available terrorism insurance coverage.

The Act and its implementing regulations provide that Certification protection can only be overcome if the claimants prove, through clear and convincing evidence, that the Act-approved company acted fraudulently or with willful misconduct in the submission of data to DHS during the Act application process.

DHS can also award a lesser form of protection under the Act known as “Designation.” It includes all of the protections under Certification described above, except for the presumption of dismissal under the government contractor defense.

Importantly, Certification and Designation protections apply not only to the seller/provider of the SAFETY Act-approved ATT, but also to the seller/provider's subcontractors, vendors, distributors and, significantly, customers, including the U.S. and foreign customers, commercial or governmental, deploying SAFETY Act-approved technologies.

Moreover, in DHS' view, these protections will apply even if the act of terror occurs outside the United States so long as the “harm,” including financial harm, is to persons, property or entities in the United States. Entities do not have to be incorporated or have their primary place of business in the U.S. to receive Act coverage; foreign companies can and have received coverage.

The Act Application Process

Sellers or providers of ATTs must submit the required DHS application to obtain Act coverage. Typically, for a complete application, the DHS review and approval process takes 120 days. Among other criteria that must be satisfied, an applicant for Act coverage must demonstrate the proven effectiveness of its ATT to obtain the higher forms of Act coverage. DHS has over 200 experts from academia, the federal government, national labs and federally funded research and development centers who review Act applications.

All applications are held confidential within DHS and will not be disclosed, without the applicant's permission, outside of DHS, including to other federal agencies. DHS reviewers are screened for conflicts of interest and sign non-disclosure agreements before commencing their review. The IT system used to accept and process applications has been certified and accredited by the DHS Chief Information Officer.

When DHS awards Act coverage, it typically grants such coverage for five to eight years. The seller/provider can seek to renew its coverage two years before the term expires. DHS has also applied Act coverage retroactively to past deployments of substantially equivalent ATTs.

Key Statutory Interpretations and Regulatory Amendments Leading to Broadened Implementation

Through its October 2003 interim regulations at 6 C.F.R. Part 25, Fed. Reg. Vol. 68, No. 200, 69688 (Oct. 16, 2003) and its Final Rule issued in June 2006 at 6 C.F.R. Part 25, Fed. Reg. Vol. 71, No. 110, 33, 54 (June 2006), the DHS has issued numerous crucial interpretations of the SAFETY Act, which have led to a robust implementation. These key interpretations include the following:

• The Act applies to products (e.g., hardware, software) as well as services, as long as they have a material anti-terror purpose.
• The Act provides tort protection for customers who buy and deploy SAFETY Act-approved ATTs as well as the seller's subcontractors, vendors, suppliers, etc. who contribute to the ATT. DHS has concluded that in a suit arising out of a terrorist attack involving Act ATTs, the only appropriate defendant is the company who was awarded Act coverage.
• Act coverage can be applied retroactively to cover substantially equivalent ATTs deployed by the company awarded Act coverage.
• The Act protects companies from tort suits filed in U.S. courts arising from foreign acts of terrorism involving SAFETY Act-approved ATT as long as the harm, including financial harm, occurs to persons, property or entities in the United States.
• If a user of SAFETY Act-approved ATT modifies such technology unbeknownst to the company awarded Act coverage for the ATT, such modification does not vitiate the latter company's Act coverage.

Companies that have a promising but not yet deployed ATT can obtain a “Developmental Testing and Evaluation Designation.” This type of Designation is a limited (in duration and geographical applicability) form of SAFETY Act coverage for deployments that will help prove the efficacy of the technology, thereby encouraging research and investment in such technology.

Through a “Pre-Qualification Designation Notice” process, federal, state and local governments can request in advance from DHS a determination that their anti-terror procurement affirmatively or presumptively satisfies the technical criteria of the Act, thereby encouraging companies to bid on high-risk homeland security procurements.

Expanding Use of SAFETY Act Certification

These numerous statutory and regulatory pronouncements have cultivated a mutually beneficial environment, encouraging: 1) homeland security contractors to invest in cutting edge design, development and deployment activities; and 2) customers to seek such anti-terror technologies to protect their high-value and high-risk terror targets. This “symbiotic mindset” has fostered a growing deployment of key ATT in numerous marketplaces.

In the years since the passage of the Act, its use has grown exponentially at all levels of government and in the private sector. At the federal level, entities that have purchased and deployed SAFETY Act-approved ATTs include such entities as the Transportation Security Agency; Customs and Border Protection; the Department of Defense; the Department of Homeland Security; and the FBI and DOJ.

Further, in conjunction with DHS, the Federal Acquisition Regulation (FAR) Council has integrated the benefits of the Act into the federal acquisition process to ensure greater and more predictable synchronization between the award of federal homeland security contracts and the issuance of Act coverage. In particular, federal agencies are now required to determine whether the technology they are procuring may be appropriate for Act coverage. This may involve a consultation with DHS, and if the technology is appropriate for Act coverage, the procuring agency must request that DHS “pre-qualify” the successful offeror for coverage for that specific technology. Once pre-qualified, the issuance of Act coverage to the company that is awarded the contract can be expedited through a truncated application process, thereby helping to ensure that company is awarded Act coverage before they begin to deploy their ATT under the contract.

State and local government purchasers of SAFETY Act-approved ATTs include such “first responders” as the Port Authority of New York/New Jersey; the Port Authority of Los Angeles/Long Beach; the New York Metropolitan Transit Authority; the New Jersey Office of Homeland Security; the Orlando Airport Authority; and the Metropolitan Washington Airports Authority for Dulles and Washington Reagan National Airports; and the Midland, Texas Education Services Center. Regarding foreign governments, the United Kingdom also has purchased SAFETY Act approved products and services to implement its crucial homeland security program known as “E-Borders”; other foreign governments are considering such coverage for similar projects.

SAFETY Act coverage also has been granted to companies that deploy ATTs internally to protect their own critical infrastructure and facilities. For example, both the Dow Chemical Company and the National Football League have Act coverage for ATTs they deploy and use.

Under the Act, DHS has approved a wide range of ATTs deployed to a diverse customer base. These include such products as crane-mounted radiation scanning devices; aircraft jamming systems that defeat shoulder-fired missiles aimed at private and commercial aircraft; wireless audio-visual emergency systems deployed at schools and commercial facilities; in-line baggage and cargo screening devices deployed at airports and borders; and explosive trace detection systems deployed at U.S. and foreign transit systems and ports. These SAFETY Act-approved ATTs also include such services as systems engineering and integration activities providing border, critical infrastructure and site security solutions; vulnerability assessments, cyber security and emergency preparedness and response services for chemical plant facilities; physical security and force protection guard services deployed at military, judicial and commercial facilities such as courts and stadiums; and critical information sharing services and software creating a secure network enabling the U.S. Department of Justice, FBI and local law enforcement to share cross-jurisdictional information to prevent terrorist attacks.

These are just a few examples of the more than 300 ATTs for which DHS has awarded SAFETY Act coverage. This spectrum of awards reflects the breath and depth of the use of the SAFETY Act as an instrument to encourage buyers and sellers to embark on the design, development and deployment of cutting-edge homeland security technologies.

Future Use of the SAFETY Act

Increasingly, the Act has become the essential risk mitigation tool for both buyers and sellers of homeland security ATTs. Its benefits extend not only to providers of ATTs but also for those purchasing and deploying such technology. However, the availability and effectiveness of other stand-alone tort-reducing methods, i.e., terror insurance, indemnification, remains uncertain.

Further, despite the increased use of Act coverage, critical homeland security sectors with high-value terrorist targets in the U.S. and abroad remain “under-represented” by the Act. Key segments of the U.S. and global homeland security marketplace, e.g., railway, trucking, chemical, gas, etc., remain largely unrepresented in the Act marketplace, even though they represent high-value terrorist targets. These entities must step up their efforts to understand and pursue Act coverage as a critical tool in their “risk mitigation toolbox.”

It further is incumbent upon lawmakers, policy advisers, and the full user and provider communities fully to support and actively pursue the continued vigorous implementation of the Act. Anything less will dangerously undermine the favorable environment cultivated over the past several years and erode the confidence of businesses to invest further in the development and deployment of homeland anti-terror technologies. Most importantly, a less than vigorous application of the SAFETY Act will undermine the collective efforts of the United States and its global allies to thwart terrorism and adapt to the ever-evolving threat environment wherever it may arise.

Ray Biagini and Kurt Hamrock, members of this newsletter's Board of Editors, are litigation partners in the Washington, DC, office of McKenna Long & Aldridge LLP. In addition to the SAFETY Act, their practice focuses on product liability litigation and counseling of government contractors and other federally regulated industries. They can be contacted at [email protected] and [email protected].