Georgia retailers owe invitees a duty to take reasonable precautions against foreseeable third-party criminal acts. Senate Bill 68 (signed April 21, 2025) substantially changed this area of law by enacting a statutory negligent security framework under O.C.G.A. sections 51-3-50 through 51-3-57. For claims arising after April 21, 2025, the foreseeability standard is now defined by statute with specific requirements: the plaintiff must show that the retailer had a particularized warning of imminent wrongful conduct, or prove by clear and convincing evidence that the retailer should have known a crime was likely based on prior substantially similar crimes on the premises or within 500 yards. The new law also requires mandatory fault apportionment to the criminal perpetrator and establishes multiple exemptions from liability. For claims arising before April 21, 2025, the prior common law framework applies, under which foreseeability was established primarily through evidence of prior criminal incidents at the same location or in the immediate vicinity. Under both frameworks, the retailer’s knowledge of prior incidents is critical evidence in the analysis. Common security measures evaluated in retail negligent security cases include: exterior and interior lighting levels, security camera coverage and monitoring, security guard presence and training, access control and entry point management, emergency call systems, and compliance with any applicable security standards or guidelines issued by industry associations. The absence of measures that similarly situated retailers in the area have adopted can support the foreseeability and breach elements of the claim. For the complete statutory framework governing negligent security claims under SB 68, including all exemptions, the particularized warning standard, and mandatory criminal perpetrator fault apportionment, see this series’ coverage of the new negligent security statutory scheme.
49.1. What is the minimum number or type of prior incidents needed to establish foreseeability for a retailer in a Georgia negligent security case?
Under the prior common law framework (applicable to claims arising before April 21, 2025), Georgia did not impose a specific numerical threshold for prior incidents. The sufficiency depended on the nature, frequency, and similarity of the incidents relative to the criminal act at issue. Under SB 68 (applicable to claims arising on or after April 21, 2025), the analysis is now governed by statute. The plaintiff must establish foreseeability through either a particularized warning of imminent wrongful conduct or clear and convincing evidence of prior substantially similar crimes on the premises or within 500 yards that the owner knew about. The statutory framework replaces the prior totality-of-the-circumstances test with a more structured and demanding set of requirements. A single prior violent assault at the same location may still be relevant, but the plaintiff must also show the owner had actual knowledge of it and that the crime resulted from a specific known physical condition of the property.
49.2. How does Georgia treat a retailer’s actual knowledge of a specific threat versus general knowledge of area crime?
Actual knowledge of a specific threat creates a stronger duty than general awareness of area crime. If the retailer received a specific warning about a particular individual or a planned criminal act, the failure to take precautions is more directly linked to the resulting harm. General knowledge of area crime supports foreseeability but may not be sufficient alone to establish the duty to provide enhanced security. The more specific the retailer’s knowledge of the threat, the more demanding the duty to act becomes.
49.3. What security measures are considered reasonable for a high-crime retail location in Georgia?
Reasonable measures for a high-crime location include adequate exterior and interior lighting, security cameras with monitoring capability, trained security personnel during operating hours, controlled access points, alarm systems, employee training on handling criminal situations, and coordination with local law enforcement. The specific measures required depend on the severity and frequency of prior incidents. A retailer with a history of armed robberies faces higher security expectations than one with only minor shoplifting incidents.
49.4. How does Georgia handle claims where the criminal act occurred in the retailer’s parking lot rather than inside the store?
Retailers owe the same duty of care in their parking lots as inside their stores because parking lots are extensions of the business premises where customers are invited. The analysis is the same: foreseeability based on prior incidents, adequacy of security measures, and proximate causation. Parking lot security issues frequently involve lighting, camera coverage, security patrols, and the design of the parking area. The retailer’s duty extends to the parking facilities it owns or controls as part of its business operations.
49.5. What discovery is sought from Georgia retailers to establish knowledge of prior criminal activity on or near the premises?
Discovery requests target incident reports maintained by the retailer, security logs, police reports for calls to the location, employee witness statements, loss prevention records, correspondence with law enforcement, internal memoranda discussing security concerns, insurance claims related to criminal activity, and corporate communications about security standards. The scope of discovery extends to incidents at other locations operated by the same retailer if those incidents informed corporate security policies applicable to the subject location.
49.6. How does Georgia treat the retailer’s duty when the criminal act was committed by one customer against another?
The retailer’s duty extends to protecting customers from foreseeable criminal acts by other customers. If the retailer knew or should have known that a particular customer posed a threat based on prior behavior, reports from other customers, or observable conduct, the failure to intervene or remove the threatening individual can support liability. The foreseeability analysis is the same: was the type of criminal act foreseeable based on prior incidents or the specific circumstances observed by the retailer’s employees.
49.7. Can a Georgia retailer avoid liability by contracting with a third-party security company?
Contracting with a third-party security company does not automatically insulate the retailer from liability. The retailer retains the duty to ensure that adequate security is provided. If the third-party security company fails to perform adequately, the retailer may be liable for negligent selection or supervision of the security provider. The retailer may also have contractual indemnification rights against the security company, but those rights are separate from the retailer’s direct liability to the injured customer.
49.8. How does Georgia apportion fault between the retailer and the criminal perpetrator when the retailer is found liable?
The jury allocates fault between the retailer and the criminal perpetrator based on their respective contributions to the plaintiff’s injury. The criminal perpetrator bears fault for the intentional criminal act, and the retailer bears fault for the negligent security failure. The allocation varies widely based on the facts: the more egregious the security failure and the more foreseeable the crime, the higher the retailer’s share. In many cases the criminal perpetrator is judgment-proof, making the retailer’s insurance the practical source of recovery.
Disclaimer: This content is provided for informational and educational purposes only and does not constitute legal advice. No attorney-client relationship is formed by reading this material. Georgia law is subject to change through new legislation and court decisions. Always consult a qualified Georgia attorney for advice specific to your situation.