The Importance of SAFETY Act Protections for the Electric Power Industry

Sponsored by

by Brian Finch and Larry Eisenstat, Dickstein Shapiro

Recent press reports have significantly raised public awareness of the vulnerability to cyberattacks of our nation's energy infrastructure. These reports quickly captured the attention of legislators and regulators in Washington, D.C., and throughout the nation. Many have since proposed through draft legislation increased security requirements for numerous energy companies, particularly those that own or operate electric transmission lines.

If a cyberattack on the nation's energy infrastructure were to occur, its owners and operators could face staggering losses and possibly even greater liability now that the potentially catastrophic consequences of such an attack are better understood. The liability threat arising from a terrorist attack is too real: airplane manufacturers, security companies and even companies whose own buildings were destroyed already have had to pay millions of dollars in damages.

Companies in the electric power sector, in particular, must understand that although the North American Energy Reliability Corp. (NERC) has established new cybersecurity reliability standards, compliance with those standards will not automatically immunize them from liability were a cyberattack to occur. By applying for certain protections available under a little-known federal law—the Support Anti-terrorism by Fostering Effective Technologies Act of 2002, or SAFETY Act—their exposure could be significantly reduced if not completely eliminated.

The SAFETY Act was enacted after the Sept. 11, 2001, terrorist attacks to assure eligible companies that, should another terrorist attack occur, they would not be exposed to uncapped legal liability. The SAFETY Act provides companies with an opportunity to apply to the Department of Homeland Security (DHS) for certain tort liability protections in connection with the manufacture or furnishing of products or services that can be used to detect, defend against or respond to acts of terrorism.

Two tiers of protection are available under the act. If a product or service receives SAFETY Act certification, then the owner, seller and/or provider of such product or service presumptively would be entitled to immunity from all tort claims for damages arising out of an act of terrorism and associated with such product or service. If, however, the product or service only were to receive SAFETY Act designation, the applicant's potential tort liability would be limited to the amount of insurance that DHS determines the applicant should maintain in connection with such losses. In either case, tort claims cases may be brought only in federal court.

Companies also can take advantage of the SAFETY Act by purchasing SAFETY Act-approved products and services. Under the act, only sellers of SAFETY Act-approved products or services potentially could be liable for damages in connection with such products or services. By contrast, mere purchasers of SAFETY Act-approved products or services face no liability. A range of products and services have received SAFETY Act protections, and DHS is actively encouraging the submission of cybersecurity-related applications.

SAFETY Act protection should be sought, or at least evaluated on its costs and benefits, for any measure undertaken by a company to detect, defend against or respond to cyberattacks and other terrorist acts resulting in damage to the electrical system that would occur, for example, if multiple plants were to trip off line as a result of a terrorist-planted computer bug and the lights were to go off for many hours. Because certain terrorist attacks were determined to have been reasonably foreseeable, it is more critical that those energy companies at greatest risk of terrorist attacks implement appropriate measures to prevent such attacks and apply to have such measures certified or designated under by the SAFETY Act to limit their potential liability as best they can.

Finally, imagine that a company with a reasonable exposure to a terrorist act fails to consider whether it should spend whatever money is necessary for it to receive SAFETY Act protections; and then a terrorist act occurs. This would lead to a bad outcome. Why subject one's management to a hefty derivative action for breach of fiduciary duty as well?

Author

Brian Finch is head of Dickstein Shapiro LLP's Homeland Security Practice. For more information on how to take advantage of the SAFETY Act, e-mail him at finchb@dicksteinshapiro.com or call 202-420-4823.

Larry Eisenstat is head of Dickstein Shapiro's Energy Practice. E-mail him at eisenstatl@dicksteinshapiro.com or call 202-420-2224 to learn more about the SAFETY Act.

Sponsored by

CURRENT ARTICLES

Xcel Energy announces executive changes

11/25/2014

Xcel Energy announced the retirement of long-time executive, David M. Sparby

EPA: Coal plants should spend $2 billion to cut emissions

11/25/2014 Under the EPA's 260-page plan, 15 boilers at eight coal-fired plants would be retrofitted with high-tech filtering machine...

Bonneville Power Administration says power line will ease burdens on hydro

11/25/2014 This proposed transmission line would extend from Douglas County Public Utility District No. 1’s Rapids Switchyard, locate...

SunEdison wins deal to develop 1 GW of solar power in Brazil

11/25/2014

The venture aims to build and operate four utility-scale power plants in the northeastern state of Bahia 

Michigan PSC to hold hearing on request to reclassify transmission assets

11/25/2014 Any person wishing to intervene and become a party to the case is to file a petition to intervene with the MPSC by Dec. 11

NSA: China can hurt U.S. power grid

11/25/2014 The possibility of such cyberattacks by U.S. adversaries has been widely known, but never confirmed publicly by the nation...

Nepal signs Indian hydropower deal during prime minster’s visit

11/25/2014 The move comes as regional leaders, including Indian Prime Minister Narendra Modi, arrived in Nepal for a meeting of the S...

INDUSTRY STOCKS

ON DEMAND WEBCASTS

Benefits of a Managed Service System

Attend this webinar, sponsored by Itron, to understand how utilizing managed services can optimiz...

Architecting Communication Networks for Smart Grids

This webinar will provide the essentials of communication networking to meet the challenges of th...

The Power of Behavioral Design: Lessons for Energy Efficiency Providers

Behavioral design principles are key differentiators when it comes to influencing consumer behavi...

3D BIM for Substations—Driving Efficiency from Design Through Operation and Maintenance

In this webinar, PESTECH will describe their transition to intelligent substation design and its ...

High Availability Networks. Application of IEC6439-3 Protocols for IEC61850 Process Bus implementation

Networks can now be built for the first time with genuinely uninterrupted data communication betw...

EL&P BUYER'S GUIDE PRODUCTS

MITEM Corp

Provides CRM solutions for regulated U.S. public utilities. The product, MitemView integrates differently designed systems to share critical data a...

Resources on Demand

Manages resource requests, tracks personnel movements, and supports lodging/logistics during a power restoration event.

Smart Grids

Quanta is contributing to its customers' smart grid initiatives by installing technology on power networks to provide energy management solutions f...

Horizontal Directional Drilling

With 28 small, mid-sized and large drilling rigs, Quanta Pipeline Services is one of the largest horizontal directional contractors in the world fo...

POWERGRID PRODUCT LISTINGS

EtherMate® Industrial Ethernet - IO Modules

LioN-M ProfiNet device with 16 digital I/O channels, channels can be used universally as inputs or outputs, M12 socket, ro...

Low-Smoke Zero Halogen Premise Distribution Cable

AFL’s Low-Smoke Zero Halogen (LSZH) distribution cable offers all of the benefits of a traditional 900 µm based optical ca...

OFL280 FlexTester - Handheld OTDR

AFL's OFL280 FlexTester offers an unmatched combination of fiber test functions, ease-of-use, portability, and value.

TRM® 2.0 - Test Results Manager PC Analysis and Reporting

Test Results Manager 2.0 (TRM® 2.0) is an all-in-one analysis, viewer and reporting tool designed for use with NOYES fiber...

FEATURED ENERGY JOBS

View more Job Listings >>

POWERGRID International

October 2014
Volume 19, Issue 10
1410pg_C1digital

ELECTRIC LIGHT & POWER

October 2014
Volume 92, Issue 5
1409ELP-cover_digital