The Terrorism (Protection of Premises) Act 2025 is the formal title of what is better known as Martyn’s law. It was passed by the UK Parliament in April 2025 and will come into force in spring 2027.

The first page of the Act has a very clear statement of what it is intended to do, which is: “to require persons with control of certain premises or events to take steps to reduce the vulnerability of the premises or event to, and the risk of physical harm to individuals arising from, acts of terrorism.”

To paraphrase that, Martyn’s law introduces a positive legal duty to assess risk and, in light of that, to put in place measures and procedures to prevent harm to people and damage to premises. The standard tier duty under the Act applies to premises in which at least 200 people are reasonably expected to be present at the same time, and the enhanced tier duty applies to premises and events at which 800 or more are expected. The approaches and solutions adopted should be proportionate to the assessment of risk - the legal duty is based on doing what is “reasonably practicable” to the specific circumstances.

Shortly after the Act was passed, the Home Office - which sponsored the legislation - published an accessible and very helpful “Mythbuster” document emphasising the proportionate approach and addressing ten common misconceptions surrounding the Act.

With around a year or so before Martyn’s law takes effect, we’ve set out below five key messages for organisations that are likely to come within its scope. These aren’t legal advice, they’re simply pointers to assist in understanding how to approach Martyn’s law. For a more detailed conversation about the legislation please don’t hesitate to approach either of us using the contact details below. 

Martyn’s law: key messages

1. Recognise what you are already doing when considering Martyn’s law: well-run organisations within the scope of Martyn’s law will already be protecting the public and their staff (through, for example: building & fire safety arrangements, health & safety policies, business continuity plans, event planning and licensing etc). However, you are likely to need to do a little more, and to document the specific steps – and a director or similar senior person needs to ‘own’ this – and will need to make the appropriate notification to the new regulator, the Security Industry Authority.
2. Take reasonable steps: the duty in Martyn’s law is based on reasonable practicability - i.e. proportionality - so you should carefully examine vulnerabilities, develop and implement reasonable mitigation measures, including considering practicality and cost/benefit analysis, and don’t panic.
3. Consult published resources when making your plans: you do not necessarily need the help of specialist consultants, and there is already very useful free guidance on websites such as the Home Office, ProtectUK, National Protective Security Authority (NPSA) and you should expect further material and resources in due course, including from the Security Industry Authority.
4. Look to ‘umbrella’ organisations as well: it’s likely that leading trade associations, business groups and similar organisations such as sport governing bodies, educational authorities etc will arrange sector-specific briefings and/or publish materials tailored to their members’ needs.
5. Prepare now for implementation in spring 2027: Martyn’s law is expected to take effect in April/May 2027, so there is still time to understand it more fully, although your plans for complying should be being developed already.