As cybersecurity incidents continue to mount and as the issue of data security becomes increasingly important and a source of potential liability, companies should consider whether their standard commercial general liability (“CGL”) policies provide adequate coverage. The case law, although limited, suggests that policyholders might face an uphill battle in obtaining coverage.
In Innovak International, Inc. v. The Hanover Insurance Company, No. 8:16-cv-2453-MSS-JSS, — F. Supp. 3d —, 2017 WL 5632718 (M.D. Fla. Nov. 17, 2017), the Court found that the insurer was not required to provide a defense to the policyholder because the underlying complaint did not allege that the policyholder published the private data. Innovak develops and markets accounting and payroll software and maintains a database accessible via Internet portals. The complaint alleged that as a result of Innovak’s negligence, hackers were able to access class members’ personal information, including social security numbers, addresses, dates of birth, telephone numbers, employment information, and spousal information. The complaint included claims for negligence, breach of implied contract, gross negligence, unjust enrichment, and fraudulent suppression. The claimants alleged that they suffered psychic injuries including stress, nuisance, loss of sleep, worry, and the annoyance of dealing with the data breach. Continue reading “CGL Coverage for Cyber Data Breaches: Court Finds No Coverage unless the Policyholder Itself Publishes the Private Information”
John E. Heintz
In April 1977, a few weeks before I began practicing law, senior claims executives of eighteen liability insurance companies met to discuss the insurance implications of asbestos bodily injury claims. A majority of those at the meeting concluded:
“. . . that coverage existed for each carrier throughout the period of time the asbestosis condition developed, i.e. from the first exposure through the discovery and diagnosis. The majority also contended that each carrier on risk during any part of that period could be fully responsible for the cost of defense and loss.” Continue reading “Asbestos Coverage: A Never Ending Story”
Amy J. Spencer
With the “opioid epidemic” at an all-time high—and the resulting news coverage and public awareness also at an all-time high—now is the time for pharmaceutical companies, pharmacists, hospitals, doctors, first responders, and employers to review their professional liability and general liability insurance policies and any other potentially applicable policies such as products liability and directors and officers (“D&O”) insurance. Continue reading “Insurance Coverage for the Opioid Crisis”
Kevin R. Doherty, Kevin J. Bruno and James S. Carter
The rising Pokémon Go sensation has dramatically increased the popularity of augmented reality games, but it has also brought with it increased risks and liabilities for both game users and developers alike. For those who don’t know, Pokémon Go is a mobile app that, although released just last month, has already been downloaded over 75 million times, generated more than $75 million in revenue, and boasts daily usage statistics that have exceeded Snapchat, Twitter, Instagram, and Facebook. It’s a location-based augmented reality game that allows users to partake in virtual scavenger hunts. Using the user’s GPS and mobile camera, players are encouraged to explore their surroundings, seek out animated characters in real world places, and “catch ‘em all.” The characters are overlaid on the player’s screen and displayed as if they exist in reality. Unfortunately, distracted players on the hunt can end up wandering (or driving) into places they shouldn’t be, and becoming injured or injuring others as a result.
The number of Pokémon Go calamities increases daily, with incidents ranging from the mundane to the absurd and dangerous. In the few short weeks since its debut, users have experienced or caused numerous personal injuries, property damage, and car accidents. Some users have become stuck in trees and locked in cemeteries, while more serious incidents involve users straying onto train tracks, falling off cliffs, or entering restricted nuclear power facilities—all while on the hunt for Pokémon characters. Still others in pursuit of Pokémon have trespassed on private property, and some users have even been robbed after being targeted and led to specific locations using the app. Continue reading “Insurance Liability, Risks, and Options in Augmented Reality: Catch ‘Em All”
James S. Carter
Unmanned aerial vehicles, popularly known as drones, present enormous commercial potential for companies seeking to use this new technology to collect data. Drones are currently used for data collection in a number of fields. For example, farmers use drones to collect crop data, oil companies use drones to explore for oil and gas, surveyors use drones to create maps, and sports teams use drones to analyze practices. Numerous other industries will find uses for drones as regulatory barriers are relaxed.
Drones also present certain risks. Drones obviously pose the risk of colliding with objects and living things. Fortunately, the insurance industry has started to introduce specialized insurance coverage for these types of risks. And technological developments, such as sense-and-avoidance technology, promise to enhance drone safety. Continue reading “Do You Have Insurance for Drone Liabilities?”
James S. Carter
A recent article in the Wall Street Journal highlights a widespread cybersecurity threat that it reports has generally gone unrecognized: the vulnerability to cyberattacks of the underlying control systems that power and cool data-center networks. These same types of systems, which include generators, thermostats, and air conditioners, are also found in commercial buildings and factories.
The article reports that a cyberattack involving control systems has the potential to take down an entire operation. It could also endanger human life. While these risks are not new, the article notes that security personnel at many companies do not realize that such systems may be connected to the computer system or the internet, and thus exposed to a cyberattack. In fact, the article reports, such systems often lack basic security protocols, such as user names or passwords. Continue reading “Does Your Company’s Cyber Risk Insurance Cover Cyber-Related Bodily Injury and Property Damage?”