Security Leadership and Management

When Is Your Enterprise Liable for Outsider Violence on Campus?

While the terminology varies somewhat, businesses may anticipate three categories of individuals entering their premises: guests, invitees, and trespassers. A "guest" is one having a specifically addressed personal invitation to enter the property, such as a mayor invited to a grand opening. An "invitee" is an individual reasonably expected to enter the property, such as a customer or an employee, but who has not been personally invited like the guest. A "trespasser" is an unlawful intruder. In the absence of specific legislation or regulation, the common law doctrine of negligence applies to virtually all injuries that guests, invitees, or trespassers might receive at the hands of an outsider who enters the business premises. Strict liability may apply to a business engaged in intentional wrongdoing or conducting ultra-hazardous activities. Negligence law imposes a high duty of care by the business toward guests, reasonable care toward invitees, and low or no care toward adult trespassers.

Two recent judicial decisions illustrate these rules in the context of violent actions perpetrated by the entrant. A federal Second Circuit Court of Appeals decision allowed a lawsuit to proceed against Denny's by a customer who was injured by other customers. (Gray v. Denny's Corporation). The injured customer asked the other customers to be quiet. They assaulted her. Denny's employees had not responded to her prior request that they act.

In support of her claim that Denny's should have foreseen her injuries, she produced police records of previous violent acts at the location. Denny's training materials addressed "disruptive" guests as the largest category of "workplace violence" incidents. Internal Denny's PowerPoint presentations compared late night revenue to the cost of lawsuits associated with violence and considered additional training and security guards.

The Court reviewed the elements of a negligence claim. It indicated that a restaurant owner must take appropriate measures to protect persons on the premises from foreseeable criminal acts of third parties. Denny's argued that the injured customer's actions in confronting the other customers provoked the assault. The Court stated that the customer's request to quiet down was a foreseeable consequence of Denny's failure to act and that Denny's itself recognized that loud and profane speech often occurred before violence.

The federal Third Circuit Court of Appeals recently upheld the trial court's dismissal of a negligence claim asserted against the employer of an employee killed at the facility by a former paramour (Sabric v. Lockheed Martin). The killer was a security guard assigned to the location by an independent contractor firm. The Court applied a negligence analysis, concluding that while both Lockheed and security firm supervisors knew that the guard sometimes became angry, had verbally lashed out, and harbored a vendetta toward his ex-fiancee, this was insufficient to put them on notice that physical violence would occur. Lockheed's Workplace Security Policies and additional procedures for contract guards did not mean that the employer undertook protective services for the deceased employee. In fact, the employee never reported threats or harassment to her employer and twice told another employee to "leave it alone" when he expressed his concerns to her on the day of the shooting. Consequently, the violence was not reasonably foreseeable to Lockheed or the security firm.

A common link between both decisions is an analysis of what outsider violence the premises owner could reasonably foresee. The prior police reports and internal analysis indicated that Denny's knew that events identical to the event in question could occur. This knowledge could be used to prove negligence. In contrast, the deceased Lockheed employee never reported any threats and there were insufficient indicators of the particular event occurring.

The legal result in outsider violence cases frequently revolves around direct knowledge of a specific threat. The business must undertake a reasonable response to this knowledge. Often a jury determines what is reasonable if there is a trial. For example, an employer reached an out-of-court settlement for an employee's death after undertaking to protect her, as described in the Spring, 1999 Review of Litigation published by the University of Texas Law School. The deceased employee reported a restraining order and threats to her employer. The employer assured her of heightened security and provided photographs to security guards to keep the boyfriend out of the building. However, he called the office to ascertain that she was there, walked past the guards, and killed her. The boyfriend had previously demanded that her employer fire her, something the employer refused to do. An unanswered question in this tragedy is if the employer could have lawfully fired the employee under the employment-at-will doctrine.

While a business has no general duty to control the conduct of outsiders, it cannot ignore danger. It must act appropriately based upon what it knows. If the premises cannot be made safer, will an "enter at your own risk" sign suffice to remove liability? Typically a sign will not alone remove liability for injuries unless a specific danger is indicated by the sign, such as a hazardous materials warning. Additionally all regulatory and statutory requirements associated with the activity in question must be met. It is unlikely that a sign indicating a risk of injury by other persons would remove negligence liability.

A jury may allocate percentages of negligence, if any, among the parties, consequently reducing the dollar damage amount that the business premises owner would be liable to pay. The more the business premises owner knows and fails to act upon, the more likely liability becomes. Nor may the business close its eyes to common knowledge. Like it or not, outsider violence on your premises becomes your problem.


This article was originally published on The Huffington Post, and is posted here with the author’s permission. 

Did you enjoy this article? Click here to subscribe to Security Magazine. 

You must login or register in order to post a comment.



Image Galleries

ASIS 2013 Product Preview

ASIS International 59th Annual Seminar and Exhibits, September 24-27 in Chicago, Illinois, will include an exhibit hall packed with innovative security solutions. Here are some of the products that will be shown at ASIS this year.


Virtualization and Data Center Security: What You Need to Know for 2014

Data centers are increasingly becoming the center of the enterprise, and data center and cyber security is following the same path for security departments. According to Justin Flynn, a consultant at the Burwood Group, the virtualization of data centers allows enterprises to scale more easily and faster, with a smaller footprint.

However, hosting enterprise data in the cloud can make intrusion detection more difficult – how can enterprise security leaders team up with other departments to keep aware of cyber risks and traffic, and physical and data compliance during the virtual transition? How can CISOs and CSOs discuss cyber threats with the C-Suite to get the resources they need? And how can the proper infrastructure test and verify possible malicious attacks? 

More Podcasts

Security Magazine

security 2015 january cover

2015 January

In the January 2015 issue of Security, learn how PTZ and fixed dome cameras do dual duty in video production and surveillance applications, improve security on college campuses, and how to better cope with harsh environments in surveillance. 

Table Of Contents Subscribe

Tougher Cybersecurity Legislation

On January 20, President Barack Obama called for tougher cybersecurity legislation in his 2015 State of the Union address. Which of the following points do you feel is most needed today?
View Results Poll Archive


CompTIA Security+ Certification Study Guide
CompTIA's Security+ certification is a globally-recognized, vendor neutral exam that has helped over 60,000 IT professionals reach further and higher in their careers. The current Security+ exam (SY0-201) focuses more on being able to deal with security issues rather than just identifying them.
More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.


Facebook 40px 2-12-13 Twitter logo 40px 2-12-13  YouTube  LinkedIn logo 40px 2-12-13Google+

Vertical Sector Focus: Critical Infrastructures

criticalhomepagethumbFrom terrorism to vandalism, it’s preparedness, response, training and partnerships. Learn about some of the critical security issues facing this sector.

Visit the Critical Infrastructure page to read more.