Martyn’s Law: Implications and Responses

On the evening of 22nd May 2017, during an Ariana Grande concert at the Manchester Arena, Salman Abedi, a 22-year-old British Islamist extremist of Libyan origin, detonated a suicide Improvised Explosive Device (IED). He waited in a crowded exit foyer as the concertgoers, including many children and young people, left the event, thus avoiding having his rucksack contained device, being screened. Motivated by Islamic State (Da’esh), Abedi’s large device, weighing over 30 kilos, was packed with shrapnel, and resulted in the killing of 22 victims and injuring of hundreds. It was the first successful suicide bomb attack in the UK since the 7/7 attacks of 2005 on the London transport network and the largest attack since that time. Amongst the many victims was Martyn Hett, aged 29 from Stockport, Greater Manchester.

In the aftermath of the attack, many questions were raised concerning both the failure to challenge or question Abedi in the extended period he was in the Arena complex before the attack, and in the coordination and responses of the emergency services in the aftermath of the attack. These were initially highlighted in the Kerslake Report, an independent review of Greater Manchester’s preparedness for and response to the Manchester Arena terrorist attack.[1] Further details of these concerns were later raised in the Manchester Arena Inquiry, chaired by Sir John Saunders from 2019 and the resultant three Enquiry Volumes, which examined: Security for the Arena; Emergency Response, and Radicalisation and Preventability.[2]

In the meantime, Figen Murray, the mother of victim Martyn Hett, was surprised to find no security checks when she attended a Manchester Theatre, only a year after the attack. She stated that she felt as if what had happened at the Manchester Arena had been forgotten. As a result, she began to campaign for the introduction of improved security at public venues in order to better protect the public from terrorist attacks that ‘get through’, “as well as trying to track down terrorists before they commit atrocities, we also need to get better at protecting the public from the attacks we cannot foil.”[3]

Figen Murray argued this required the introduction of basic security procedures to ensure that every venue and public space had a risk assessment and relevant security plan, dependent on the type of venue, number of attendees and circumstances of the event. Her campaigning led the Government to introduce the Terrorism (Protection of Premises) Bill, widely referred to as ‘Martyn’s Law’ in memory of her son Martyn. The Bill distinguishes between two types of Venues, based on capacity numbers, and outlines various requirements dependent on that capacity:

Standard Tier – Venue events of between 100 to 799 persons, “will be required to take steps to ensure preparedness for, and protection from, terrorist attacks”[4] by:

o?? Notifying the Regulator that they are, or have become, responsible for premises within scope of the Bill (and so subject to the relevant requirement).

o?? Having in place procedural measures that could be expected to reduce, so far as reasonably practicable, the risk of physical harm to individuals at the premises in the event of an attack.

o?? As part of putting in place the procedural measures, workers will need to be sufficiently instructed or trained to carry them out effectively.

Enhanced Tier – Venue events of over 800 persons. “Those responsible for an enhanced duty premises or qualifying public event must”[5]:

o?? Notify the Regulator of their premise or event.

o?? Take ‘reasonably practicable’ measures that will reduce the risk of a terrorist attack occurring or physical harm being caused.[6]

o?? Keep and maintain a security document aided by an assessment of the terrorism risk, which must also be provided to the Regulator.

o?? If the responsible person is a body corporate, they must appoint an individual as the Designated Senior Individual for the premise or event.

The passing of the Bill into Law as an Act, likely to be in 2025, will make it a legal and regulatory obligation for businesses that run public venues which fall within these categories, to implement the security measures previously detailed. Vedette Consulting Limited (VCL) have been carefully monitoring these developments and requirements and are coordinating an offering that can be provided to companies and businesses facing these requirements. This will include expert advice from former security professionals, Threat and Vulnerability Assessments (TVA) of venues, ‘hostile’ testing of operational and physical security measures (Red Cell), constructive challenge of security plans (Red Teaming) and assistance in improving and augmenting security plans (Blue Team), ensuring businesses are fully prepared.

[1]The Kerslake Report: An Independent Review into the preparedness for, and emergency response to, the Manchester Arena attack on 22nd May 2017. Available at: https://www.jesip.org.uk/uploads/media/Documents%20Products/Kerslake_Report_Manchester_Are.pdf

[2] UK Government (2023) Manchester Arena Inquiry Reports. Available at: https://www.gov.uk/government/collections/manchester-arena-inquiry-reports

[3] Comments by Figen Murray in interview with ‘Survivors Against Terror’ NGO.

[4] Protect UK, Standard Tier, 08/11/2023. Home Office. Available at: https://www.protectuk.police.uk/martyns-law/standard-tier

[5] Protect UK, Enhanced Tier, 08/11/2023. Home Office. Available at: https://www.protectuk.police.uk/martyns-law/enhanced-tier

[6] ‘The Reasonably Practical test is utilised in other regulatory regimes eg. Health and Safety and will enable organisations to tailor their approach to the nature of the premises, and their activities and resources’. Protect UK, Enhanced Tier (2023) Op. Cit.