Terrorism (Protection of Premises) Bill or ‘Martyn’s Law’ is back on the legislative table: here’s what you should be doing to prepare

In 2022 the UK government announced details for the Protect Duty or Terrorism (Protection of Premises) Bill, also known as ‘Martyn’s Law’ in tribute to Martyn Hett who was killed alongside 21 others in the Manchester Arena terrorist attack in 2017. The law is meant to ensure stronger protections against terrorism in public places and thereby enhance the UK’s resilience to terrorism. 

Working closely with security partners, business and victims’ groups, including Figen Murray and the Martyn’s Law Campaign Team, and Survivors Against Terror, the new duty will require venues to take steps to improve public safety. Specific measures will depend on the size of the venue and the activity taking place.

The threat picture is complex and ever evolving. Recent attacks demonstrate that terrorists may choose to target a broad range of locations. Martyn’s Law is meant to ensure that security preparedness is delivered consistently across the UK, resulting in better protection of the public.

Although the law was introduced in 2022 it has not yet been implemented. Possible causes for the delay include recent frequent changes in government and two public consultations, the second of which was prompted by criticism of the proposed legislation from the Home Affairs Select Committee. The committee’s concerns were that the Law would place heavy financial burdens on smaller venues and that the aims of the bill were unclear.

But now, with a new government and the mention of the legislation in King’s Speech, there is renewed focus on the passage of the Law. 

The need is more pressing than ever with ever present terror threats to events both large and smaller in the UK and around Europe and the world including the recent high profile ISIS-connected terror plot that was discovered in time to prevent the attack, thankfully, but resulted in the cancellation of three Taylor Swift Eras Tour shows in Vienna, as well as threats of terror at the recent Paris Olympics which thanks to robust security did not come to be. 

Who will the law apply to?

When implemented, it is estimated that the legislation will apply to more than 275,000 “standard tier” premises (with capacity of 100-799 people and “enhanced tier” premises and public events (capacity of 800+ people) across the UK.


What are the penalties for non-compliance? 

The proposed penalties for non-compliance are substantial: up to £10,000 for standard tier premises and £18 million or more for enhanced tier premises and qualifying public events.

What should your organisation do to prepare for the Law?

The steps that venues and spaces will have to take will depend on the size and type of activities taking place.


Once the bill receives Royal Assent, duty holders are expected to have up to 18-24 months to prepare before the legislation comes into force. But, if you are responsible for qualifying premises and events, you should start considering the requirements that are likely to apply and how you will comply with them. 

How can VinciWorks help?

A big part of compliance will be knowing how to be as prepared as possible for and best navigate emergency situations. VinciWorks offers comprehensive safeguarding training to help organisations train on protecting the vulnerable in a wide variety of situations. The training in this collection includes several courses on radicalisation and extremism and emergency preparedness that can help staff know how to deal with these issues when they arise and comply with related legislation.

The relevant courses include: Preventing Extremism at Universities, Preventing Radicalisation and Extremism, and Preventing Radicalisation and Extremism on Campus. 

In addition, we offer Emergency Response at Work training which also includes a course on active shooter situations, bomb threats, and more.

To learn more about our training click on the buttons below.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.