Private liability can potentially play a crucial role in protecting critical infrastructure. Traditional liability rules will especially play their deterrent and therefore preventive effect in the case of so-called man-made "technological" disasters. By using a strict liability role and by providing solvency guarantees potential tort-feasors can be provided with incentives to take optimal preventive measures. However, the case of nuclear accidents, addressed in more detail, makes clear that in practice those efficient liability rules that would be needed to generate this preventive effect are often not implemented at the legislative level. The legislator rather imposes financial limits on liability and provides for public funding, thus effectively granting a subsidy to operators. Those type of inefficient rules laid down in international conventions are obviously often the result of interest group politics.
As far as natural disasters are concerned liability rules can play less of a role given the fact that those are considered an "act of God': One could then only consider public authority liability. However, this is not often accepted in practice and there may also be theoretical reasons to be careful with the imposition of public authority liability. Public authorities are multitask agents which need a substantial amount of discretion. That explains that many legal systems award (partial) immunity from liability to public authorities. This leads generally to the conclusion that although liability rules can play a role in the protection of critical infrastructure those rules may have important limits as well. As a result the primary instrument to protect critical infrastructure will in practice often be safety regulation rather than liability rules.