The Best Defense is a Good Offense

The risk of a lawsuit isn’t the primary reason organizations worry about security, but it is a sensible secondary concern. When a crime occurs—and it can, regardless of what protective measures are in place—it is common for a business to find itself defending its security posture. And if a company can’t demonstrate the reasonableness of its protective efforts, the financial hit from a lawsuit can be catastrophic.

According to a review by Jury Verdict Research in 2020 of premises lawsuits around the country, the average premises liability verdict is $643,099. While that is the norm, jury verdicts that climb into the millions are not uncommon.

“Preventing the possibility of a lawsuit is one reason that Nationwide Insurance leans heavily on the data in CAP Index CRIMECAST reports.”Preventing the possibility of a lawsuit is one reason that Nationwide Insurance leans heavily on the data in CAP Index CRIMECAST reports, according to Jay C. Beighley, CPP, Associate Vice President for Corporate Security. He said the reports allow his team to quickly develop an accurate understanding of security risks around any company facility and to appropriately align protection with it. Because the tool is both validated and respected, he says that CRIMECAST Reports are a critical part of his ready-made defense against any claim that they had not done enough to address security risk.

“It’s defensible. If you get into trouble at a facility and get sued, you’re going to be asked, ‘what did you base your security judgment on?’” Beighley said. “It’s important in our industry to have a systematic, proven-reliable method for assessing risk – CRIMECAST Reports help fill that need.”

Risk and Reasonableness

Business owners have a duty to implement reasonable measures to protect visitors and employees from reasonably foreseeable criminal acts. This fact suggests just how critical risk assessments are in legal judgments—as they provide the foundation for understanding both the potential likelihood of an event and for assessing the appropriateness of security measures. If you can show your security is based on risk, then you can show it’s reasonable and that you’ve been proactive, say legal experts.

A recent case from Texas is instructive, as it shows that preventing a lawsuit is not about having perfect security—there is no such thing—it’s about implementing the amount of security that available evidence suggests is warranted. In the case, the Texas Supreme Court reversed a $5 million judgment against the property manager of a San Antonio shopping mall parking lot because previous incidents did not suggest that the shooting death of an individual exiting the mall’s movie theater was foreseeable. There was nothing in the data to put the company “on notice that a patron would be murdered as part of a robbery on its premises,” the court said, adding that “life in a free society carries a degree of risk.” (Trammel Crow v. Gutierrez, Texas Supreme Court, No. 07-0091).

Dan Yaross, Director of Security for Nationwide Children’s Hospital, relies on CAP Index to obtain an accurate picture of an area’s risk to inform the security measures they put in place. “We do our own internal data review, but CAP Index gives us the true neighborhood picture—and it gives us objective support for our opinion,” he said. “The data is very credible and speaks volumes in comparing crimes data for that specific location against the county, state, and national averages.”

To shield itself from a successful negligent-security lawsuit, a company needs to have an accurate idea of how the issue of crime and foreseeability will be perceived in the wake of an incident. For that, it needs to obtain as much risk data before an incident as a plaintiff’s attorney will collect in the wake of one.

Documentation is a Good Defense

Successfully avoiding a claim of inadequate security doesn’t necessarily hinge on having the right amount of security fencing, officers, or technology—it just as often comes down to paper issues. Companies that beat back lawsuits don’t necessarily possess more security than those that fail, but they are often better at documenting and detailing the protection activities they have taken.

Companies need to have a paper trail of their security activities to demonstrate a reasonable and prudent approach to security and safety. Otherwise, all a company has is the word of witnesses, which doesn’t go far in the courtroom, experts warn.

Documentation is a critical piece of the puzzle. Companies need to have records to show staff received legally required training and will be expected to show evidence that they follow their stated policies and procedures. But at the core of a company’s legal defense is the ability to demonstrate a good-faith effort to understand the security risks it faces, as it is a necessary precursor to deploying reasonable protection.

Without explicit rules to follow, and because courts are very discretionary, the best a company can do is to undertake and document a wide breadth of security risk assessment activities to demonstrate its due diligence should a case get to a jury. Clients noted that CAP Index provides a core piece of the puzzle by examining the probability of crime based on more than 90 different demographic variables, like population, economic, and housing data (rental vs. home ownership, for example). This provides the necessary foundation, and periodically touching base with local law enforcement is another effective way to prove your due diligence, said CAP clients.

The Flawed ‘Ostrich Defense’

There is a stubborn myth that if a company can avoid learning about security problems, that ignorance will somehow lessen its liability. However, plaintiff’s attorneys who make a living suing companies for negligent security insist that those are the easiest cases to win.

It is a far better legal strategy to take proactive steps to prevent incidents, a fact identified by the National Institute of Justice (NIJ). “Experience has shown that documentation that shows a thoughtful, rational approach to security planning is of substantial benefit in court, and reduces overall liability,” according to an NIJ research brief.

To attain “reasonable” security, security leaders need to have evidence to support their view of risk and then close any gaps between the level of risk and security measures in place—something that is easier to bridge with valid tools that can communicate the difference to senior management, according to David Lafontaine, Director of Global Physical Security at Acuity Brands. “CAP Index reports are an effective way to explain things to management,” he said. “I can show them a report and explain, ‘this is what a plaintiff’s attorney will pull if we get sued.’ It’s something that gets their immediate attention.”