What Is Martyn’s Law Trying to Achieve?

The Act is intended to make certain public premises and events better prepared for terrorist attacks and – for larger venues and qualifying events – less vulnerable to them in the first place. The Act sits within the UK’s counter-terrorism strategy, CONTEST.

The materials published so far make it clear the regime is based on proportionate and reasonably practicable procedures and measures, and not imposing a one-size-fits-all security model.

When Will It Start to Apply?

Although the Act is technically already law, there is currently a preparation period before the legal duties it imposes go live. The SIA has confirmed that commencement is likely to happen in Spring 2027, but that formal Home Office guidance is still to come. That means organisations should use this period to assess scope, allocate responsibility, and improve plans. Don’t assume every requirement is already enforceable today – that’s not the case.

Enforcement

The SIA will regulate the regime and will have powers to inspect premises, issue compliance notices, and impose significant financial penalties for serious breaches.

Does It Apply to My Event?

Before we get into a deeper dive, you can answer a few quick questions below to see whether Martyn’s Law will likely apply to your venue or event. If you’re outside the UK, the tool can still provide protective security guidance based on the same principles. Hover over the tooltips  for more information.

The checker above only provides a quick indication of whether Martyn’s Law may apply to your venue or event.

The sections below explain the legislation in more detail, including how the scope works, what organisers may need to do in practice and some ‘edge cases’ that cause confusion.

Does It Apply to All Events?

No. This is where many summaries go wrong. The Act covers both premises and events, but the tests are different.

• A premises can fall into scope if 200+ people are present at the same time, including staff.
• A qualifying event, by contrast, is only in scope where 800 or more people (including staff) are reasonably expected to be present at the same time, but must also meet two additional criteria: that the event has specific entry conditions (such as ticket or pass checks), and that the event is accessible to members of the public.

Events that do not meet these conditions (for example smaller gatherings, private functions, or large open-access events without entry control) may fall outside the scope of the Act, although organisers may still wish to follow similar protective security practices as good event management.

This also means there is no separate ‘standard tier event’ category. The ‘standard duty’ category only applies to qualifying premises. Qualifying events are enhanced-tier only.

We’ll explain this part in more detail below – and it can be complicated – but the checker tool above is intended to make getting a sense of this far easier for you.

When Are Premises In Scope?

A premises falls within scope only if all the main conditions are met. There must be at least one building on the premises; the premises must be wholly or mainly used for one or more ‘Schedule 1’ uses; the threshold numbers must be met; and the premises must not be excluded.

Schedule 1 includes many categories highly relevant to event organisers and productions, such as entertainment and leisure activities, sports grounds, halls, visitor attractions, hotels, food and drink venues, and shops. Temporary structures can be relevant, but there must be some form of building on the premises for it to qualify as ‘premises’ under the Act.

For premises, the attendance test is based on the greatest number reasonably expected to be present at the same time, including staff. If that figure is 200 to 799, the premises is generally ‘standard duty’. If it is 800 or more, it is generally in the ‘enhanced’ category.

The assessment can use historic attendance data, fire-safety occupancy figures, seating numbers, or another ‘reasonable method’. One-off anomalies do not automatically bring a premises into scope if they are not expected to recur.

When Are Events In Scope?

A qualifying event must satisfy four conditions. It must take place at premises consisting of a building, land, or both; 800 or more people including staff must be reasonably expected to be present at the same time at some point during the event; there must be specific entry conditions such as ticketing, paid entry, pass checks, or members / guests checks; and the event must be accessible to members of the public. Private weddings, office parties and similar private gatherings fall outside that scope.

This is especially important for organisers using otherwise lower-risk sites. A venue that is not itself enhanced duty all year round can still host a qualifying event that triggers enhanced-tier obligations for the event duration. The Home Office gives the example of standard-tier premises hosting a one-off ticketed event for over 800 attendees – see below about edge cases and anomalies.

Who Is Legally Responsible?

• For premises, the responsible person is generally the person or organisation with control of the premises in connection with the relevant Schedule 1 use.
• For qualifying events, it is the person with control of the premises for the purposes of the event.

The responsible person can delegate tasks, but not the underlying legal responsibility. So if a venue retains control, the venue may remain responsible even where outside suppliers are engaged. If an organiser takes control of a defined event space for the event, the organiser may be the responsible person for that event.

This is a key practical question you need to establish early on: who actually ‘controls’ the site for the relevant activity or event?

What Standard Duty Requires

For standard duty premises, the published requirement is not a full security dossier. The core duties are to notify the SIA and to ensure that so far as is reasonably practicable, appropriate public protection procedures are in place. Those procedures relate to evacuation, invacuation, lockdown, and communication. Staff need to know what those procedures are, because a written procedure that nobody understands will not be enough.

So for smaller organisers and operators, standard duty is not meant to force every venue to buy expensive equipment. The examples in the official material are deliberately practical and proportionate, such as identified escape routes, nominated staff actions, simple lockdown arrangements, and one-page procedure summaries.

What Enhanced Duty Requires

Enhanced duty premises and qualifying events must also have the standard-style public protection procedures, but they must go further.

The enhanced requirements include notification to the SIA and, so far as reasonably practicable, appropriate public protection measures across four areas: monitoring, movement, physical safety / security, and information security. Examples given by government include suspicious-behaviour awareness, CCTV, search or screening processes, barriers, hostile vehicle mitigation, safety glass, and tighter control over sensitive plans and information.

Enhanced-tier duty holders must also keep a tailored document recording the procedures and measures in place, or to be put in place, together with the reasoning for how they reduce vulnerability and risk of harm. Measures may also include protecting information that could reveal security vulnerabilities.

That document must be kept up to date and provided to the SIA as soon as reasonably practicable after first preparation and within 30 days of revision.

First Aid / Medical Provision

This is changing too. See our separate article for details.

What This Means for Productions

For productions, Martyn’s Law is most likely to matter where the production is operating in a way that looks more like a public event or a qualifying venue use than a closed set. Examples include a ticketed premiere, a live audience recording, a fan event, a promotional activation with controlled public entry, or filming activity taking place within a venue already in scope.

Where filming is closed, private and not publicly accessible, the event test is less likely to be met. But where there is public access and event-style control of the site, the qualifying event analysis becomes relevant. The key legal question is still control: who has control of the premises for the purposes of the event?

A Sensible Approach Now

The most useful things an organiser can do are to determine whether they are assessing a premises or a specific event; estimate the greatest number reasonably expected at the same time (including staff); identify whether entry is controlled; decide who the responsible person is; and map existing emergency, security and communications procedures against the public protection concepts in the Act.

Official guidance will develop further, but those steps are already grounded in the published framework.

Situations That Often Cause Confusion

Many articles imply that the venue tier determines the event tier. This is incorrect. A venue that normally falls within Standard Duty (200–799 people) can still host a Qualifying Event if the event meets the qualifying event test. What matters for an event is the event conditions, not the venue’s normal capacity classification.

A smaller venue hosting a large event

A premises that normally falls within the standard duty category may host a one-off event that meets the qualifying event test. In that situation, the event itself may fall within the enhanced tier requirements, even though the venue’s normal capacity is lower.

Large open events without controlled entry

Large public gatherings do not automatically meet the qualifying event test. If there are no specific entry conditions, such as ticket checks or access control, the event may fall outside the qualifying event definition – even if the crowd is very large.

Outdoor Events and Temporary Sites

A common misconception is that any large outdoor event automatically falls within the scope of Martyn’s Law. In reality, the legislation distinguishes between qualifying premises and qualifying events. Premises must include at least one building, whereas events can take place on land, buildings, or a combination of both.

This means that some outdoor locations may not meet the definition of qualifying premises, but an event held there may still fall within scope if it:

• Expects 800 or more people at the same time
• Has specific entry conditions (such as ticket checks)
• Is accessible to members of the public.

Where an outdoor gathering has no controlled entry (such as a free public festival in a park) it may fall outside the qualifying event definition. Organisers should therefore consider how the event is structured, not just how many people are expected to attend.