What Is Martyn’s Law Trying to Achieve?

The Act is intended to improve preparedness for terrorist incidents across publicly accessible premises and events. For larger venues and qualifying events, it also requires consideration of how to reduce vulnerability to attack in the first place. It forms part of the UK’s wider counter-terrorism strategy (CONTEST), and is designed to establish a consistent baseline of protective security and preparedness across a broad range of sectors.

Importantly, the Act is not based on assessing the likelihood of an attack at a specific venue or event. Instead, it assumes that incidents can occur anywhere and focuses on ensuring that proportionate and practical measures are in place to reduce harm if they do.

A central concept throughout the legislation is what is ‘reasonably practicable‘. In simple terms, this means balancing risk reduction against the cost, time, and difficulty of implementing measures – avoiding both overreaction and inaction.

When Will It Start to Apply?

Although the Act is already law, there is currently an implementation period before the main legal duties come into force. This period is expected to last at least 24 months from Royal Assent. During this time, organisations are not yet legally required to comply with the operational requirements of the Act.

However, the statutory framework is now established, and the government has made clear that this period is intended for preparation. In practical terms, that means organisations should now be:

• Assessing whether their premises or events are likely to fall within scope
• Identifying who the responsible person will be
• Reviewing existing emergency, security, and communication procedures
• Beginning to align their approach with the concepts set out in the Act

Waiting until formal commencement is likely to leave organisations underprepared.

Enforcement

The Security Industry Authority (SIA) will act as the regulator for Martyn’s Law. Once the regime is in force, it will have powers to:

• Inspect premises and events
• Issue compliance and restriction notices
• Impose significant financial penalties for serious or persistent breaches

The enforcement approach is expected to be proportionate, but the legal duties will be enforceable.

Does It Apply to My Event?

Before we get into a deeper dive, you can answer a few quick questions below to see whether Martyn’s Law will likely apply to your venue or event. If you’re outside the UK, the tool can still provide protective security guidance based on the same principles. Hover over the tooltips  for more information.

The checker above only provides a quick indication of whether Martyn’s Law may apply to your venue or event.

The sections below explain the legislation in more detail, including how the scope works, what organisers may need to do in practice and some ‘edge cases’ that cause confusion.

Does It Apply to All Events?

No – and this is where many summaries go wrong. The Act covers both premises and events, but the tests are different.

• A premises may fall within scope if 200 or more people (including staff) are reasonably expected to be present at the same time.
• A qualifying event, by contrast, is only in scope where 800 or more people (including staff) are reasonably expected to be present at the same time and additional criteria are met.

To qualify as an in-scope event, it must:

• Have specific entry conditions (such as ticketing, paid entry, passes, or guest lists), and
• Be accessible to members of the public (even if access is controlled)

Events that do not meet these conditions – for example, smaller gatherings, private functions, or large open-access events without controlled entry – may fall outside the scope of the Act. However, many organisers will still choose to adopt similar protective security practices as a matter of good event management.

Importantly, there is no ‘standard tier event’ category. The standard duty applies only to premises. All qualifying events fall within the enhanced tier.

We’ll explain this part in more detail below – and it can be complicated – but the checker tool above is intended to make getting a sense of this far easier for you.

When Are Premises In Scope?

A premises falls within scope only if all of the key conditions are met. There must be:

1. A building on the premises (either alone or with surrounding land)
2. A use that falls within one or more Schedule 1 categories
3. A reasonable expectation that 200 or more people (including staff) may be present at the same time, from time to time
4. No applicable exclusion under the Act

Schedule 1 includes categories highly relevant to events and productions, such as entertainment and leisure venues, sports grounds, halls, visitor attractions, hotels, food and drink venues, and retail.

For premises, the attendance threshold is based on the greatest number reasonably expected to be present at the same time, including staff.

• 200–799 people: standard tier
• 800 or more: enhanced tier

This assessment can be based on a reasonable method, such as historical attendance, fire safety capacity, or seating figures. Occasional or one-off anomalies do not automatically bring a premises into scope if they are not expected to recur.

When Are Events In Scope?

A qualifying event must meet all of the following conditions:

1. It takes place at a location consisting of land, a building, or both
2. 800 or more people (including staff) are reasonably expected to be present at the same time at some point during the event
3. There are specific entry conditions, such as ticketing, paid entry, passes, or guest checks
4. The event is accessible to members of the public

Private events such as weddings, corporate functions, or closed sets without public access will generally fall outside this definition. This distinction is particularly important in practice.

A venue that is normally below the enhanced threshold – and therefore standard tier – can still host a qualifying event that triggers enhanced-tier requirements for the duration of that event. In other words, event classification depends on the event itself, not the venue’s usual capacity or tier.

Who Is Legally Responsible?

Responsibility under the Act is based on control, not job title.

• For premises, the responsible person is generally the individual or organisation with control of the premises in connection with its relevant use
• For qualifying events, it is the person with control of the premises for the purposes of the event

This is a critical practical issue. In many real-world scenarios – particularly in events and production – control may sit with the venue, the organiser, or be shared between multiple parties. Where multiple parties are involved, there are explicit duties to co-operate and co-ordinate (so far as is reasonably practicable) to ensure the requirements of the Act are met. Responsibility can be delegated operationally, but not legally.

For enhanced-tier premises and qualifying events, organisations must also designate a senior individual with responsibility for ensuring compliance.

This is a key practical question you need to establish early on: who actually ‘controls’ the site for the relevant activity or event?

What Standard Duty Requires

For standard-tier premises, the focus is on preparedness procedures, not complex security systems. The core requirement is to ensure that, so far as is reasonably practicable, appropriate public protection procedures are in place. These relate to:

• Evacuation
• Invacuation
• Lockdown
• Communication

Staff must be aware of these procedures and capable of carrying them out. A written plan alone is not sufficient. The intention is not to impose unnecessary cost, but to ensure a basic, functional level of preparedness.

What Enhanced Duty Requires

Enhanced-tier premises and qualifying events must meet all standard-duty requirements, but also go further. In addition to procedures, they must implement appropriate public protection measures across areas such as:

• Monitoring (e.g. awareness, surveillance)
• Movement (e.g. access control, flow management)
• Physical safety and security (e.g. barriers, screening)
• Information security (e.g. protecting sensitive plans or vulnerabilities)

These measures are intended not only to respond to incidents, but to reduce vulnerability in advance. There is also a requirement to maintain a documented record of:

• The procedures and measures in place
• The reasoning behind them
• How they reduce risk and vulnerability

This document must be kept up to date and provided to the SIA when required.

First Aid / Medical Provision

This is changing too. See our separate article for details.

A Sensible Approach Now

The most useful things an organiser can do are to determine whether they are assessing a premises or a specific event; estimate the greatest number reasonably expected at the same time (including staff); identify whether entry is controlled; decide who the responsible person is; and map existing emergency, security and communications procedures against the public protection concepts in the Act.

Official guidance will develop further, but those steps are already grounded in the published framework.

Situations That Often Cause Confusion

Many articles imply that the venue tier determines the event tier. This is incorrect. A venue that normally falls within Standard Duty (200–799 people) can still host a Qualifying Event if the event meets the qualifying event test. What matters for an event is the event conditions, not the venue’s normal capacity classification.

A smaller venue hosting a large event

A premises that normally falls within the standard duty category may host a one-off event that meets the qualifying event test. In that situation, the event itself may fall within the enhanced tier requirements, even though the venue’s normal capacity is lower.

Large open events without controlled entry

Large public gatherings do not automatically meet the qualifying event test. If there are no specific entry conditions, such as ticket checks or access control, the event may fall outside the qualifying event definition – even if the crowd is very large.

Outdoor Events and Temporary Sites

A common misconception is that any large outdoor event automatically falls within the scope of Martyn’s Law. In reality, the legislation distinguishes between qualifying premises and qualifying events. Premises must include at least one building, whereas events can take place on land, buildings, or a combination of both.

This means that some outdoor locations may not meet the definition of qualifying premises, but an event held there may still fall within scope if it:

• Expects 800 or more people at the same time
• Has specific entry conditions (such as ticket checks)
• Is accessible to members of the public.

Where an outdoor gathering has no controlled entry (such as a free public festival in a park) it may fall outside the qualifying event definition. Organisers should therefore consider how the event is structured, not just how many people are expected to attend.

What This Means for Film and TV Productions

For productions, Martyn’s Law is most likely to matter where the production is operating in a way that looks more like a public event or a qualifying venue use than a closed set. Examples include a ticketed premiere, a live audience recording, a fan event, a promotional activation with controlled public entry, or filming activities taking place within a venue that’s already in scope.

The key test is whether the activity involves a qualifying premises or a qualifying event. Productions are assessed in exactly the same way as any other activity. There is no separate “production” category in the legislation.

When Productions Are Unlikely to Be Within Scope

Most filming activity is unlikely to fall within scope, including:

• Closed sets with no public access
• Studio filming with controlled cast and crew only
• Location filming on private land without public access
• General filming activity that does not involve large public attendance

In these situations the event test is not met, and the site is often not qualifying premises either.

When Productions May Be Within Scope

Productions are more likely to be relevant where they take on characteristics of a public venue or event. For example:

• Live audience recordings (e.g. TV shows with ticketed audiences)
• Premieres or screenings with public attendance
• Fan events or promotional activations
• Public-facing filming that includes controlled access or attracts large managed crowds
• Filming taking place within a venue that is already in scope

In these cases, the activity may fall within the premises regime or meet the definition of a qualifying event (800+ people, public access, controlled entry).

Outdoor Filming and Non-Traditional Locations

A common misconception is that outdoor or temporary filming locations are automatically out of scope. In reality, a location without a building will not qualify as premises, but an event at that location may still be a qualifying event.

A production stages a ticketed fan event in a field or park, 1,000 attendees are expected at the same time and entry is controlled via tickets.

This is likely to be a qualifying event, even though the site itself is not qualifying premises.

Control: The Key Legal Question

Responsibility under Martyn’s Law depends on who has control of the premises for the relevant activity. For productions, this can vary:

• If a venue retains control, the venue may remain the responsible person
• If the production takes control of a defined space for an event, the production may be the responsible person
• Where multiple parties are involved, there may be duties to co-operate and co-ordinate

This should be clearly established during planning.

Production Scenarios That Can Cause Confusion

1. “It’s just filming so it doesn’t apply”

Not always. If the production involves a public-facing event (e.g. ticketed audience or fan activation), it may fall within scope even if the underlying activity is filming.

2. “It’s outdoors so it’s out of scope”

Not necessarily. Outdoor locations may not qualify as premises, but events held there can still meet the qualifying event test.

3. “It’s under 800 people so nothing applies”

This is only true for the event test. The venue itself may still fall within the premises regime if 200+ people are present and the other conditions are met.

4. “The venue is responsible, not us”

Not always. Responsibility depends on control, not ownership. If the production controls the site for the purposes of an event, it may be the responsible person.

A Practical Approach for Productions

For productions, the most useful steps are:

• Decide whether you are assessing a premises or a specific event
• Estimate the maximum number of people present at the same time (including staff)
• Identify whether there is public access and controlled entry
• Confirm who has control of the site or event
• Align your existing safety planning with the public protection concepts in the Act: in most cases, this will involve adapting existing production safety processes rather than creating entirely new systems.

Key Takeaway

Martyn’s Law is unlikely to affect most day-to-day filming activity. However, where productions become public-facing, high-attendance, or event-like, the legislation may apply, and should be considered as part of planning.