More than 15 years after the first terrorist attack on the World Trade Center, the resulting litigation continues to highlight the potential liability that building owners face when it comes to terrorist attacks. Fortunately, federal legislation offers new approaches to minimize these liabilities for building owners.
The World Trade Center I Bombing: What We Learned
On Feb. 26, 1993, two terrorists drove a rental van, loaded with homemade explosives, into the garage of the World Trade Center. The terrorists parked the van on a ramp near critical building infrastructure, lit a fuse, and exited the complex. At 12:18 p.m., the bomb exploded, killing six people, injuring hundreds, and causing massive damage to the building.
Victims of the attack sued the owner of the World Trade Center—the Port Authority of New York and New Jersey—for damages. The building owner asserted that the damages resulted from an elaborate terrorist plot, which could not have been reasonably thwarted. The plaintiffs contended that the incident resulted from a terrorism threat that the building owner should've anticipated and taken steps to prevent.
The jury sided with the plaintiffs and found that the building owner's failure to take reasonable security measures largely determined the fate of the victims. More specifically, the jury found the building owner negligent in "failing to maintain its parking garage in [a] reasonably safe condition," and named this negligence as a substantial cause of the bombing.
In what should be a stark and startling lesson for building owners, the jury assigned 68-percent fault to the owner of the World Trade Center; only 32-percent fault was assigned to the terrorists. Under New York law, this made the building owner responsible for 100 percent of the recoverable damages.
Importantly, there was no evidence of an inside job or any affirmative act by any building employee to facilitate the attack. Instead, the jury based its verdict on evidence of the building owner's inaction. The jury heard evidence regarding the owner's knowledge of heightened terrorism risks and security studies conducted by the owner prior to the attack. Each of the studies identified the World Trade Center as a building that faced risk of terrorist attack, including via its public garage. The studies also suggested that the building owner did not have adequate security to prevent such an attack. Despite these studies, the building owner didn't attempt to secure the garage.
The building owner appealed the jury's verdict. In a decision earlier this year, the appellate court affirmed the building owner's liability. The Court rejected the building owner's contention that it could not have responsibility for the damage caused by a terrorist group, stating: "The verdict we now uphold is neither properly nor intelligently understood as absolving the terrorists. The issue before the jury in this civil action was not whether the terrorists had committed the bombing—obviously, they had—or whether they should be severely penalized—most of them were—but whether their heinous conduct was foreseeable and avoidable by [the building owner] in discharge of its proprietary responsibilities."
The Court focused on the building owner's obligation to its tenants and guests to secure the building against reasonably foreseeable criminal acts. The Court used strict language—language with reach extending well beyond Lower Manhattan—to describe the duty of a building owner. The summary: No prudent landlord—especially when aware of the possibility of a terrorist attack, and knowing that certain characteristics of the building made it more vulnerable—would await an attack before taking steps to minimize risk.
Rescue workers stand together in front of the rubble of the Alfred P. Murrah Federal Building in Oklahoma City during a memorial service on May 5, 1995, to remember those killed in the April 19, 1995, car bombing attack. Crews searched for 16 days to find the victims killed in the bombing. AP Photo/David Longstreath
Best Practices for Building Owners
The prospect of a significant terrorist attack on U.S. soil was hard for many Americans to imagine back in early February 1993. Now, having experienced World Trade Center I, the Oklahoma City bombing, 9/11, and the 2001 anthrax attacks, the prospect of another significant terrorist attack in the United States seems all too real.
For building owners, the perception of a heightened risk of terrorist acts increases the likelihood that a future jury will seek to punish them for not taking reasonable measures to address this risk. When a building is a potential target (due to its geographic location, proximity to high-risk targets, iconic architecture, tenant make-up, etc.), the owner should consider not only what measures are appropriate to deter a terrorist act, but also the potential legal liabilities associated with inaction.
Measures available to a building owner to protect against terrorist acts are similar to those traditionally undertaken to secure a building, or limit liability, with respect to general criminal activity. These may include building security systems and protocols, as well as negotiated liability limitations in leases and other contracts. Under the Terrorism Risk Insurance Act of 2002 (TRIA) and the Terrorism Risk Insurance Program Reauthorization Act of 2007 (TRIPRA), the market for terrorism insurance has stabilized; insurance is also an important tool. For owners of buildings with significant terrorism risks, consideration of the Support Anti-Terrorism by Fostering Effective Technologies Act of 2002 (the SAFETY Act) is also a must.
An aerial view of Lower Manhattan, taken Sept. 23, 2001, shows the destruction of the 9/11 terrorist attacks on the World Trade Center. AP Photo/NOAA
The SAFETY Act
In November 2002, Congress passed the SAFETY Act as part of the Homeland Security Act of 2002 to encourage businesses to develop, commercialize, deploy, and use anti-terrorism technologies. The SAFETY Act provided a significant carrot: liability limitations for approved technologies. The SAFETY Act creates a liability safe harbor that directly addresses the lessons of World Trade Center I by limiting legal risk for vigilant anti-terrorism product and service sellers and users.
More specifically, providers of SAFETY Act-eligible anti-terrorism products and services (or, potentially, even a building owner who has a specific anti-terrorism system or protocol) may obtain designation from the Department of Homeland Security (DHS) as a "Qualified Anti-Terrorism Technology," or certification by DHS as an "Approved Product for Homeland Security." There is a significant liability risk-mitigation benefit for both sellers and users (i.e. a building owner) of DHS-designated or -certified anti-terrorism technologies; there are risk-mitigation benefits with few parallels in the U.S. tort reform landscape. The SAFETY Act and DHS' final SAFETY Act implementing rule (71 Fed. Reg. 110) provide two levels of protection for eligible sellers of anti-terrorism technology in the event of a DHS-declared "act of terrorism." For sellers of a DHS-designated technology, the SAFETY Act:
Creates a new federal cause of action related to the failures of such technology in response to an act of terrorism that can only be brought in federal court.
Bars punitive damages and pre-judgment interest against the seller as related to the act of terrorism and technology.
Limits liability for any non-economic damages to the seller's percentage of responsibility for harm to the plaintiff in relation to the act of terrorism.
Credits the seller with any collateral source compensation (e.g. government payments) received by the plaintiff as a result of the act of terrorism.
Caps the seller's overall liability at the amount of required insurance stated in the DHS designation.
A second, higher tier of protection is available if the designated technology also receives certification from DHS as an "Approved Product for Homeland Security." In such circumstances, the DHS certification may shield the seller almost completely from product-liability suits relating to an act of terrorism because it creates a rebuttable presumption that the government-contractor defense applies. (The government-contractor defense is a legal doctrine that allows certain government contractors to assert a government-immunity-type defense against tort actions involving products with designs approved by the government.)
The DHS regulations provide that "there shall exist only one cause of action for loss of property, personal injury, or death for performance or non-performance of the Seller's Qualified Anti-Terrorism Technology in relation to an Act of Terrorism. Such cause of action may be brought only against the seller of the Qualified Anti-Terrorism Technology and may not be brought against the buyers, the buyers' contractors, downstream users of the technology, the seller's suppliers or contractors, or any other person or entity. In addition, such cause of action must be brought in the appropriate district court of the United States."
For example, if a DHS-certified anti-terrorism security-services provider hired by a building owner should have detected a terrorist entering a building under the approved protocol, and the failure to do so results in a DHS-declared act of terrorism, the SAFETY Act (as interpreted by DHS) allows for a cause of action against the security company only—not against the building owner. Although the risk-mitigation protections potentially afforded the sellers and users of SAFETY Act-approved anti-terrorism technologies are untested in the courtroom, and complexities exist beyond those described in this article, the potential benefit for building owners is clear: near-complete protection from catastrophic legal liability in the event of a DHS-declared act of terrorism.
As more and more anti-terrorism-technology sellers apply for DHS approval, and the number of DHS-approved anti-terrorism technologies available to building owners increases (see www.safetyact.gov), the congressionally created carrot for deploying DHS-approved technologies is increasingly accessible for building owners who face potential terrorism risk. Already, the SAFETY Act-designated and -certified products include various companies' security services, risk-assessment services, chemical and radiological sensors, video-monitoring systems, blast-resistant products, evacuation systems, and more. And, if a preferred anti-terrorism product or services supplier isn't approved under the SAFETY Act, designation or certification (good for both the seller and buyer) is only an application away, provided that the product or service is eligible.
The first attack on the World Trade Center continues to serve as a grim reminder of the real-world risks of terrorism to commercial buildings and their tenants. Resulting litigation has established that terrorist attacks may also have dire legal consequences for building owners. Fortunately, building owners can take steps to reduce legal risk and make their properties less attractive targets for terrorism.
Craig Holman is a partner in the government contracts practice group at Arnold & Porter LLP, an international law firm based in Washington, D.C. Michael Goodwin is a partner in Arnold & Porter LLP's real estate practice group and represents building owners and developers. Jill Newell is an associate in the government contracts practice group at Arnold & Porter LLP.