Seminar Paper, 11 November 2003

The Unexpected Legal Implications of the ISPS Code

Overview
In this presentation the intention is to look at the background of the ISPS Code, its requirements, the practical considerations that apply and the expected legal implications. Largely it has been focussed on the ship side but is relevant to ship and shore operations.

Introduction
The events of September 11th 2001 (9/11) provoked a reaction without parallel in modern times for America and around the world. The tragic events brought into sharp focus the need to formalise within the shipping industry, a regime to prevent it from being a victim or a tool of terrorism.

The entire worldwide trade network is a possible terrorist target with ships representing themselves in a number of possible guises including; as a weapon, the mode of transport for terrorists or their weapons or with the ship itself being the target of a terrorist attack such as with the "LIMBURG" . Ports also provide significant targets with the huge potential to disrupt the economy. It has been estimated that a terrorist "dirty bomb" exploding in a port like Hamburg could cause more than US$3.5 billion of damage (Lloyds List - 19.9.03). By comparison the cost of a terrorist incident in a major US port is estimated to be approximately US$58 billion on the first day alone (Lloyds List-29.10.03). The human cost is of course impossible to quantify.

The situation before 9/11
Before 9/11 there were no less than 12 major multilateral conventions and protocols that had been adopted to combat terrorism. This included one major treaty aimed at shipping that came about after the "ACHILLE LAURO" atrocity.

Terrorist acts involving ships are not a new phenomenon. Past examples include the British flagged vessel "DARTMOUTH" and two other vessels attacked in the James River in December 1773 with their cargo of tea destroyed . In more recent years there have been some ships that have been the target of terrorism, notably the Portuguese "SANTA MARIA" hijacked in early 1961. There was also the bomb scare involving the "QE II" followed tragically by the "ACHILLE LAURO" in 1985. In 1988, eight people, the single largest number in such an incident were attacked and killed as a result of a grenade attack on the "CITY OF POROS" in Piraeus.

The situation post 9/11
The IMO responded to the attacks on 9/11 by developing new security requirements for ships and ports to counter the threat of acts of terrorism. These requirements took the form of amendments to the Convention on the Safety of Life at Sea 1974 (SOLAS) and an International Ship and Port Facility Security Code (ISPS code). The SOLAS amendments and ISPS Code were formally adopted in December 2002 and must be implemented by 1st July 2004 (232 days from 11/11/03). From the UK perspective the Prime Minister endorsed the IMO security regime at the G8 Summit in Canada in June 2002 and committed the UK to implementing the regime by the IMO deadline. At a European level, the European Commission has drafted a Maritime Security Regulation that is aimed to provide consistent implementation of the IMO requirements in all existing and candidate EU Member States.

In the US a pre-enforcement programme for the ISPS Code will come into force for foreign vessels on 1st January 2004. Those not in compliance will be issued with letters warning them of more severe action starting in the summer. In the meantime the enormity of the tasks involved was recently emphasised when the US news network, ABC managed to ship 15 pounds of depleted uranium on a Maersk ship from Jakarta to Los Angeles and to get it through US customs without difficulty. To add insult to injury this was the second time in two years that ABC had performed the same exercise (LL-15/19/3).

The ISPS Code
The aim of the SOLAS Regulations and ISPS Code is to establish an international framework to detect and assess security threats and take preventative measures against security incidents affecting ships or port facilities used in international trade. In the UK the Transport Security Directorate, (TRANSEC) part of the Department of Transport, has overall responsibility for implementing the IMO requirements and will deal primarily with port facility and passenger ship security. The Maritime and Coastguard Agency (MCA) is responsible for cargo and freight ship security. The Regulations and ISPS Code apply to the following types of ships engaged on international voyages :

  • Passenger ships, including high speed passenger craft
  • Cargo ships, including high speed craft of 500 gross tonnage and upwards
  • Mobile offshore units
  • Port facilities serving such ships engaged on international voyages.

The European Commission's draft Regulation proposes to extend the scope of the IMO requirements to Class A domestic passenger ships and the port facilities that serve them and to other domestic operations on the basis of risk assessment. The proposed implementation deadlines for domestic services are likely to be later than the IMO deadline.

The ISPS Code requirements are wide-ranging. The code itself is found contained in over 100 pages of print. In summary the requirements include:

  • security assessments
  • security officers
  • security plans
  • training for security personnel
  • security drills and exercises
  • security levels
  • security certificates
  • ship identification numbering
  • Automatic Identification Systems
  • ship security alert systems
  • sharing of information internationally
  • control and compliance measures.

The three Security Levels reflect the likelihood that a security incident will occur and will be set by TRANSEC based on threat information obtained from the Security Services. At security level 1, ships and ports will be required to have a baseline security system in place. Level 2 represents a heightened level of threat where ships and ports will be required to increase their levels of protective security. Level 3 represents an imminent and specific threat where ships and ports will be required to increase security and to respond to any instructions from relevant authorities.

Legal basis
The legal basis for implementation will most likely be the European Regulation on Maritime Security. However, the Aviation and Maritime Security Act 1990 (AMSA) could be used as a legal basis for implementation for the majority of the IMO requirements. AMSA allows Directions to be issued for the purposes of protecting ships, harbour areas, and persons and properties on board ships or in a harbour area against acts of violence.

In the UK implementation of the IMO requirements will form part of the National Maritime Security Programme (NMSP) that will bring together the IMO requirements and the UK's existing maritime security regime to provide a comprehensive protective security regime for UK ships and ports. The NMSP will also consider those ships and ports not covered by a mandatory security regime.

Practical considerations for port entry
When ships are intending to enter a foreign port they may be required to provide information to the port state including :

  • International Ship Security Certificate.
  • ship security level
  • security level at last ten ports
  • special or additional security measures at the last ten ports

In essence it is the responsibility of the ship to protect the perimeter of the ship from unauthorised access and the responsibility of the port facility to protect that area of the port which interfaces with the ship.

There are some anticipated problems with initiating the new procedures. For example, a VLCC trading between the Middle East and the Louisiana offshore oil platform has a 45 day turnaround. The rules require the ship to have proof of security status at her last ten ports. As enforcement commences in the US the Coastguard will have to be aware that this ship will take over a year to accumulate the ten security declarations. Another problem area at the outset will be the approved status of foreign ports. Assessments will have to be made concerning hundreds of ports worldwide. This cannot be done overnight and ships will be calling into US ports from these foreign ports. The Coastguard will therefore have to exercise some flexibility, at least initially.

Non-compliance
If there are clear grounds for believing that a ship is not in compliance with the ISPS Code, the Port State Control officers should attempt to establish communications with the ship and its administration in order to rectify the situation. Should this fail, they may take proportionate steps that include :

  • A requirement to rectify the non-compliance
  • A requirement that the ship proceed to a location specified in a country's territorial seas, or internal waters. For example on 10 September 2002, US coastguard personnel were conducting a routine examination of the container ship "PALERMO SENATOR" when their radiation detectors were activated. A security zone was immediately established around the vessel, which had recently arrived in Port Elizabeth, New Jersey from Valencia, Spain. The vessel was escorted to anchorage near the Ambrose light tower where it was fully examined by personnel from the coastguard, custom services, FBI, Department of Energy and US Navy seals. It was eventually determined that the radiation was being emitted by a container carrying clay tiles from Italy. Apparently, low level radiation is sometimes found in clay deposits. It was reported that the vessel operator incurred demurrage costs exceeding US$50,000 while the vessel was being examined.
    Inspection of the ship if it is within territorial waters.
  • Recent examples include Greek special forces detaining the cargo ship "BALTIC SKY" on 22nd January 2003 acting on a tip-off suggesting that it was carrying illegal explosives. Another example was the "NISHA" which was intercepted in the English channel and detained on 21st December 2001 as part of an operation by New Scotland Yard as a result of information obtained during an intelligence led anti-terrorist operation. More recently, on 30th October 2003, the "ATHENA" was boarded at Kunsan, South Korea due to the suspicion of Al Qaeda operatives being on board.
  • Denial of entry into port

From this it can be seen that the consequences of non-compliance can be very serious. Ships may be considered to constitute an immediate threat to security and denied entry to port or ports can be omitted from the "white list" of compliant ports and terminals.

Expected Legal Implications

OPA 1990
There is concern with the liability for oil spills resulting from a maritime security incident. The Oil Pollution Act of 1990 (OPA 90), stipulates that an Owner is liable for an oil spill regardless of cause. There are three defences stipulated in the Act that would change this strict liability regime:

Occurrences that can be described as

  • Acts of God
  • Acts of war
  • Acts of a third party which could not have been foreseen.

Owners/Operators must have Certificates of Financial Responsibility (COFR) to cover their exposure up to the limits of their liability. Even if caused by a terrorist act, an Owner is obliged to initiate an oil spill response plan which could entail a large expense. He can then subsequently bring a claim for the cost incurred from the National Pollution Fund Centre although he must prove that the terrorist act was the act of a third party that could not have been foreseen. The Chamber of Shipping in America believe that a terrorist act is not something envisaged by congress when OPA 1990 was written and the strict liability regime should not be used in such circumstances.

Another issue which arises is that in the US a foreign shipowner that fails to comply with their unique security plan requirements may be prevented from limiting liability in the event of a terrorist attack involving the vessel in US waters. This is because under US law, the owner must show compliance with applicable laws and regulations before limitation of liability will be allowed (Haight's memo 10/11/03).

Dangerous goods
Before looking at the expected implications of the ISPS Code, it is important to look at the position on liability generally for dangerous cargo. In the "KAPITAN SAKHAROV" [2000] 2 LLR 254, the Court of Appeal were asked to decide whether a carrier should be liable for loss arising from carriage of an undeclared IMDG Class 5.1 cargo. The cargo was stowed in a container on deck and exploded during a voyage causing a fire which spread below deck and resulted in the sinking of the vessel and loss of life.

The Court of Appeal decided that given the presentation of a shipper/packed and sealed container, the ship, exercising reasonable skill and care, could not have detected the presence of the dangerous cargo; and therefore held the ship was not liable to third parties for damage caused by the shipment of dangerous cargo in a sealed container of which it had no notice. Nor was the ship liable for any negligence of the shipper.

Due Diligence
Since the "KAPITAN SAKHAROV" increasingly, the English Courts look at industry codes of conduct, such as ISM, in order to assess whether a carrier has exercised due diligence. Recent examples of this can be seen from decisions of the English High Court in the "TOREPO" [2002] 2LLR 535 and "EURASIAN DREAM" [2002] 1LLR 719.

Therefore using ISM as an example since the events of 9/11 and following the implementation of the ISPS Code, there is a real possibility that the English Courts will now be more inclined to hold a carrier or port authority has a greater responsibility to detect the contents of containers carried in their ship or passing through their terminal. If they fail to establish a proper system for checking and there is an incident involving a terrorist packed cargo, the carrier and/or the terminal are more likely to be held liable.

Delay
The Code (Part A paragraph 14.1) envisages delay for ships calling at ports and provides that security measures and procedures at a port facility will be applied in such a manner as to cause a minimum of interference.

Compliance with the ISPS Code may well affect the time and cost of ships' calls at port. This is anticipated because of the extra security measures on board and ashore leading to an extension of the time taken to load and discharge. In addition, the extra security required for personnel moving through ports, will inevitably lead to delays in getting contractors, surveyors and super cargo on board. The extra checks to be carried out by port state control are also likely to take further time. Therefore, when fixing ships on time charter, the allocation of these costs should be considered. Otherwise delays caused by complying with the code, or not as the case may be, could give rise to questions about who should pay.

BIMCO's US security clause for time charters provides that all costs and expenses arising out of the US security regulations should be for Charterer's account as a consequence of their employment of the vessel unless such costs are incurred solely as a result of Owners' negligence. BIMCO, at their meeting on 30th October 2003, were expected to adopt a standard ISPS clause for use in time charterparties. The agreed version is awaited.

Corporate Veil
One of the requirements under the ISPS Code is that every ship must maintain a Continuous Synopsis Record ("CSR") of the vessel's ownership and employment. There is a real concern that this record is the first step to disclosure of the beneficial ownership of vessels. It is easy to see the attraction for cargo claimants to obtain information from the CSR.

The Code also requires the Master to have continuous access to information in relation to:

  • who appoints the crew
  • who decides the employment of the ship
  • parties to any charter.

With respect to the Code needing the identity of the person who decides the employment of the ship, in a voyage charter this would probably be the charterer. However, making such an identification for a ship under time charter or for a tramping ship, or for a ship whose cargo is traded during a voyage would be much more difficult. For example with an oil tanker fixed to carry one or more parcels which are traded during the voyage, this identification could change more than once. The charterparties will therefore need to be amended in order to provide this information to be available and updated throughout the fixture with an indemnity for non-compliance.

Arrived Ship
If a port closes its waiting anchorage, there are undoubtedly going to be arguments as to when a ship will have "arrived". Therefore, it would be wise to amend charterparty definitions to deal with this eventuality. The English High Court has held that where a vessel has been refused permission to enter a port and has been ordered to wait outside the port by the port authority, she is not an "arrived ship" - the "JOHANNA OLDENDORFF" [1973] 2LLR 285.

Unsafe Port
The threat of terrorism is quite capable of making a port prospectively, physically and politically, "unsafe". However, it is anticipated that the classic definition of "unsafe port" is likely to be wide enough to include the operation of the ISPS Code ("EASTERN CITY" [1958] 2LLR 127).

Problems are likely when ships and ports are not at the same security levels. Some ships may trade at a higher security level because of their flag or their trade. Equally, some ports may always operate at a high security level because of local politics. From a practical perspective it is believed that where levels are different a Declaration of Security, provided for under the Code, will be required. This is an agreement reached between a ship and port facility, or a ship and another ship. It details the respective security measures each will undertake. If one party fails to comply with their agreed obligations liability could follow.

A key question for an Owner will be whether or not they have the right to reject voyage instructions when the port nominated by Charterers is operating at a security level of two or three.

The test as to whether a shipowner is justified to reject voyage instructions on the basis that a port is "unsafe" is that of a "reasonable shipowner" - "SAGA COB" [1992] LLR 545. In that case the Court of Appeal did not find the port in question to be unsafe just because there was reported guerrilla activity ashore. The Court of Appeal concluded that the port "will not be regarded as unsafe unless the "political" risk is sufficient for a reasonable shipowner or Master to decline to send or sail his vessel there …".

Using the "SAGA COB" it is questionable as to whether just because a port is at security level two or three it will automatically be unsafe.

CONWARTIME 1993 or VOYWAR 1993 clauses provide that where Owners reasonably consider that the vessel is likely to be exposed to "War Risks", the definition of which includes "Acts of Terrorism", they are entitled to reject Charterers' voyage instructions and call for new ones, failing which Owners may be able to legitimately terminate the charterparty.

Under a time charter if Owners decide, having considered all circumstances, that a port is unsafe, time charterers will generally be obliged to nominate an alternative port. However, under a voyage charter if the voyage charterer has nominated a safe port in the charter and that port subsequently becomes unsafe, the voyage charterer is not obliged to make an alternative nomination. Unless there is express provision in the charterparty dealing with such a situation the vessel would either have to proceed to the nominated port in spite of it being "unsafe" or, wait until the port is considered to be safe once more. In such circumstances the delay could conceivably be excessive enough to frustrate the voyage charter. It would therefore be sensible to consider inserting clauses into the voyage charter dealing with what should happen in this type of situation, for example obliging Charterers to make an alternative nomination. In the absence of such an alternative nomination Owners could be permitted to sail to an alternative safe port of their choosing.

Force Majeure
In circumstances where there is a heightened security state, ports may close their waiting anchorages and order ships to wait offshore. This will undoubtedly impact on commercial operations, where there will be delay and expense which could reasonably be attributed to "force majeure".

Port Costs
Under a voyage charter port costs are usually for Owners' account. There may be additional costs relating to cargo security which Owners would wish to pass on to Charterers. For example the New Zealand Government announced on 6th November 2003 that shipping lines serving New Zealand ports will be charged a security fee from July 2004 for exports and transhipments. Owners therefore may wish to consider including a provision that any ISPS costs relating to cargo should be for Charterers' account.

Sale and Purchase
At the very least the ISPS Code will mean that there will be additional documentation to be provided by the sellers of a vessel such as the Vessel Security Plan and the International Ship Security Certificate. Practical difficulties may be encountered where a vessel is sold and flag changed whilst at sea. If the vessel was changing flag the Owners would have to notify the flag state in order for it to forward a copy of the Continuous Synopsis Record (CSR) to the new flag state. The CSR will also have to be updated. In addition a new flag may also mean a different level of security being imposed as it is anticipated that some ships may trade continuously at a higher security level because of their flag and/or their trade.

Ship Management
In the ship management context it would be wise to include in any agreement provision for who is to deal with the additional technical management to be provided in preparation for and in relation to the ISPS Code.

Liability of Port State Control
Naturally there is concern of loss caused by compliance checks. SOLAS does have provision for this in Chapter 1 Regulation 19F which provides:

"When exercising control under this regulation all possible efforts shall be made to avoid a ship being unduly detained or delayed. If a ship is thereby unduly detained or delayed it shall be entitled to compensation for any loss or damage suffered".

There are no English reported cases on how this has been interpreted by the Courts. However, in the "NISHA" incident, the British Authorities paid up fully and promptly for the enforced delay and damage done. (LL-10/11/03)

Summary

In summary the ISPS Code is designed to :

  • enable the detection and deterrence of security threats within an international framework
  • establish roles and responsibilities
  • enable collection and exchange of security information
  • provide a methodology for assessing security
  • ensure that adequate security measures are in place

It requires ship and port facility staff to:

  • gather and assess information
  • maintain communication protocols
  • restrict access
  • provide the means to raise alarms
  • put in place vessel and port security plans
  • ensure training and drills are conducted.

Conclusion
In conclusion, in the event of a terrorist incident occurring on board a vessel or at a terminal, the duties of care required by the English Courts are likely to be by reference to the ISPS Code. Therefore, failure by a vessel or a port to adopt these measures when required by law, could result in the port or vessel being blacked leading to financial loss and liability on the part of the vessel for breaching their contractual obligations to provide a seaworthy vessel. If a vessel or cargo is detained for SOLAS security breaches where the carrier or the port fails to provide a secure vessel or port, they may be liable for consequential damage.

It is inevitable that there will be a period of uncertainty and that there may be problems due to the lack of uniformity in the Code's implementation in different ports by different flag states. There may well be other issues which have not been highlighted but will become apparent after January next year when the United States pre-enforcement program comes into effect. In the meantime existing and future contractual relationships should be checked to ensure the expected implications of the code are analysed and dealt with as far as they can be.

Epilogue
Making this world totally secure for trade and business is chasing the impossible no matter how many measures are enacted to combat terrorism and crime. Eliza Manningham-Buller, Head of M15 announced in June 2003 that a terrorist attack on a major western city using a dirty bomb, chemical or biological weaponry was "only a matter of time".

The steps proposed are hoped to reduce the vulnerability of shipping to the effects of terrorism. In addition the extra security measures should reduce the cost of cargo theft which is estimated at nearly US$50 billion a year (LL-31/10/03). Benefits should also be achieved in preventing piracy .

Postscript
Since this presentation was given on 11th November 2003 unconfirmed advice has been received that the US Coastguard are going to extend the code to include all vessels of more than 100 tonnes.

Additional Material
Lloyd's List, 19 November 2003 "New duties of care for UK carriers and ports" by Sandra Speares - an overview of Paul's Presentation.

back to top

Paul Dean, Partner, Holman Fenwick & Willan, London.

Contact details:

Tel: 020 7488 2300
Dir: 020 7264 8363
 Fax: 020 7481 0316

E-mail: paul.dean@hfw.co.uk

back to top