The attack in Boston will no doubt be examined for a long time to come. Sponsors and organizers of large public events will obviously have to take notice of the results of that analysis and adjust security procedures accordingly. But as a general proposition, a mere "hardening of the targets" will not be enough to secure events and places that involve large public gatherings. Instead, the approach to security will have to be taken to an even higher level, where on-site physical protection measures are complemented by even more sophisticated approaches to providing patrons, customers and invited guests a suitably secure environment. Doing so is not just a necessity to meet what will likely be an increased standard of care, but it is also both the right thing to do, as well as potentially good business practice. In light of the tragic Boston events, it is worthwhile to consider each of these imperatives for addressing the business security environment going forward.
It is well established that businesses owe their customers and patrons a level of security that meets a standard of care necessary to protect against reasonably foreseeable criminal conduct. See, e.g., Chapman v. E.S.J. Towers Inc., 803 F. Supp. 571 (D.P.R. 1992) (the issue underscoring the imposition of liability is whether the criminal conduct of third parties was foreseeable and preventable); Nieswand v. Cornell University, 692 F. Supp. 1464 (N.D.N.Y. 1988) (duty of care arises if harm is foreseeable or if past criminal activity indicates that criminal incident is a significant, foreseeable possibility). Factors relevant to support a finding that criminal conduct is reasonably foreseeable include presence of suspicious individuals, compliance or noncompliance with security measures, likelihood of criminal activity and whether security measures would have deterred criminal conduct. See, e.g., Meyers v. Ramada Hotel Operating Co. Inc., 833 F.2d 1521, 1523-24 (11th Cir. 1987) (listing factors relevant to a foreseeability determination). Whether a criminal act is foreseeable may evolve proportional to both relevant risks and to available measures to mitigate the risks.
