The General Data Protection Regulation (“GDPR”) goes effective tomorrow. Companies are considering the consequences and attempting to determine whether they are compliant or how to get there, whatever “compliant” ultimately will be determined to mean as time progresses under GDPR. In considering the consequences of failure to comply, companies are, or should, also be thinking about whether they can transfer risk, including to insurance, and whether their current insurance policies will do the trick. Many companies now have cyber insurance, but cannot presume that their current cyber policy will protect against GDPR exposures. So, as we welcome in GDPR, the internal corporate conversation should include discussion of whether existing cyber policies are enough, or what needs to be done to fortify insurance protection against unknown future GDPR financial exposures.
Things to consider now: Continue reading “GDPR Is Finally Here: It’s Time to Make Sure Your Current Cyber Policy Will Protect against New Financial Exposures”
James S. Carter and Justin A. Chiarodo
Representations and Warranties (“R&W”) insurance has burst into the market in the last five years and now plays a key role in mergers and acquisitions (“M&A”) involving government contractors. Both private equity and strategic buyers use R&W insurance to improve their competitive position, and sellers benefit by avoiding escrows and holdbacks. In short, it can help get deals done. R&W insurance continues to evolve, and government contracts deals present unique challenges.
Below we discuss the basic aspects of this important insurance product and provide 10 tips for potential R&W policyholders to consider when evaluating policies. Continue reading “Helping Get Deals Done: 10 Tips to Assess Rep and Warranty Insurance Language in Government Services M&A Transactions”
Frank M. Kaplan
There are certain immutable truths. For example, we know that the sun will rise in the east tomorrow, that the earth is not flat, that coverage grants in an insurance policy are to be interpreted broadly consistent with the insured’s reasonable expectations, and that policy exclusions are to be interpreted narrowly. The latter two, which together with others, are long-held canons of insurance policy interpretation protecting insureds that appear in thousands of court decisions and are not subject to reasonable dispute by lawyers on either side of the insurance coverage bar.
So what happens when an insurer attempts to alter these and other fundamental, bedrock principles of policy interpretation by unilaterally altering them in a form, non-manuscript insurance policy? Must a court abandon decades of settled jurisprudence in favor of policy language that seeks just that result? The answer should be “no.” Continue reading “Unenforceable “Policy Interpretation” Provision”
Kevin R. Doherty
Earlier this month, the New Jersey Appellate Division upheld a decision allowing Cooper Industries LLC (“Cooper”) access to insurance policies received through a series of mergers and acquisitions (“M&As”), even though the transfer of assets language in the relevant bill of sale did not specifically reference the transfer of insurance rights. Cooper was thus afforded liability coverage for a U.S. Environmental Protection Agency (“EPA”) action seeking substantial cleanup costs.
Cooper’s predecessor, McGraw-Edison Co. (“McGraw”), previously obtained a variety of liability insurance policies from various insurers throughout the 1970s and ‘80s. At issue in the case was whether McGraw’s right to these policies was properly transferred, through a series of corporate transactions, such that Cooper could now access them for the EPA claim. The lower court found the relevant bill of sale language to be ambiguous and relied on deposition testimony from employees to find, among other things, that all assets and liabilities were meant to be transferred, including insurance rights. Insurers appealed. Continue reading “Appellate Division Finds Coverage for EPA Claim through Company’s Historic Mergers and Acquisitions, Even Though the Bill of Sale Did Not Specifically Reference the Transfer of Insurance Rights”
Julia K. Holt
Under California law, the insurer has the heavy burden of establishing there is no potential for coverage of an underlying claim. With respect to the duty to defend, “[t]o prevail, the insured must prove the existence of a potential for coverage, while the insurer must establish the absence of any such potential. In other words, the insured need only show that the underlying claim may fall within policy coverage; the insurer must prove it cannot.” Montrose Chem. Corp. v. Superior Court, 6 Cal. 4th 287, 300 (1993). The Ninth Circuit reconfirmed this fundamental principle earlier this year in Hanover Insurance Co. v. Paul M. Zagaris, Inc., No. 17-15477, 2018 U.S. App. LEXIS 5429 (9th Cir. March 2, 2018), when it upheld the district court’s decision that the insurer failed to establish that an exclusion for deceptive business practices applied to the entire proposed class action for an alleged kickback scheme. Continue reading “The Ninth Circuit Reconfirms that under California Law an Insurer Bears a Heavy Burden to Demonstrate an Exclusion Eviscerates Its Defense Duty”
As cybersecurity incidents continue to mount and as the issue of data security becomes increasingly important and a source of potential liability, companies should consider whether their standard commercial general liability (“CGL”) policies provide adequate coverage. The case law, although limited, suggests that policyholders might face an uphill battle in obtaining coverage.
In Innovak International, Inc. v. The Hanover Insurance Company, No. 8:16-cv-2453-MSS-JSS, — F. Supp. 3d —, 2017 WL 5632718 (M.D. Fla. Nov. 17, 2017), the Court found that the insurer was not required to provide a defense to the policyholder because the underlying complaint did not allege that the policyholder published the private data. Innovak develops and markets accounting and payroll software and maintains a database accessible via Internet portals. The complaint alleged that as a result of Innovak’s negligence, hackers were able to access class members’ personal information, including social security numbers, addresses, dates of birth, telephone numbers, employment information, and spousal information. The complaint included claims for negligence, breach of implied contract, gross negligence, unjust enrichment, and fraudulent suppression. The claimants alleged that they suffered psychic injuries including stress, nuisance, loss of sleep, worry, and the annoyance of dealing with the data breach. Continue reading “CGL Coverage for Cyber Data Breaches: Court Finds No Coverage unless the Policyholder Itself Publishes the Private Information”
John E. Heintz
In April 1977, a few weeks before I began practicing law, senior claims executives of eighteen liability insurance companies met to discuss the insurance implications of asbestos bodily injury claims. A majority of those at the meeting concluded:
“. . . that coverage existed for each carrier throughout the period of time the asbestosis condition developed, i.e. from the first exposure through the discovery and diagnosis. The majority also contended that each carrier on risk during any part of that period could be fully responsible for the cost of defense and loss.” Continue reading “Asbestos Coverage: A Never Ending Story”