X

Thank you for sharing!

Your article was successfully shared with the contacts you provided.
Doing business over the Internet or even maintaining a company Intranet can expose a company to “cyber risks.” Although many of these risks appear similar to the traditional business risks routinely covered by insurance, cyber risks are increasingly viewed by insurers as a distinct category of risks — risks not covered by traditional commercial insurance policies. Cyber risks currently fall into the following broad categories: data security and privacy risks, risks related to disruptions to e-commerce services; intellectual property infringement risks; and risks for harm caused to e-commerce customers. SECURITY AND PRIVACY The security of proprietary information in electronic form is a major risk area because of the potential for loss, theft or other unauthorized use of electronic data. Lost or stolen data can lead to customer claims that their privacy right has been violated. Legitimate (and legal) management monitoring of employee e-mail and Internet use can also become a liability if the employees authorized to perform such monitoring conduct electronic “snooping” simply to obtain juicy gossip about fellow employees. E-BUSINESS INTERRUPTIONS Online businesses face significant liability when customers are unable to communicate with the business whether because the Internet service provider is “down,” systems have crashed, key software has failed to perform up to its specifications, or because of a “denial of service (DOS)” attack. Unlike business disruptions to brick and mortar operations, which may affect only a small portion of a company’s business operations, an Internet outage can bring the company’s entire e-commerce presence to a stand-still. In addition to lost revenues, negative press resulting from the inability of customers to access the Web site can spread quickly. Although business interruption policies generally will provide for lost profits until business operations are capable of resuming, it is important for a business to verify that lost profits will be covered if access to its Web site is interrupted. IP INFRINGEMENT Because the Internet has made it so easy to access and copy diverse information, intellectual property (IP) infringement has become another material risk area for e-commerce companies. Intellectual property includes copyrighted material, trademarks and service marks and logos, proprietary information (customer files, sales records, marketing plans), trade secrets, and patented inventions. Incorporating a competitor’s trademarks in the company Web site’s metatags (so that its site will be returned for searches incorporating the competitor’s name) is one example of trademark infringement. Another example is unauthorized use of another party’s domain name for commercial purposes. Further risks occur when a business views its Web site simply as an electronic version of its brick and mortar operations. For example, the right to use freelance photographs and text in print ads does not automatically include the right to reproduce the same photos and text on a Web site. Beyond fines and criminal liabilities, an intellectual property claim can devastate a company. As Julie Davis, an executive vice president with Aon Technology Risk Consultants recently noted in E-Commerce Times, “An intellectual property lawsuit can lead to many obstacles for a company, such as shortening a product’s life cycle, decreased earnings per share, loss of equity and a compromised cash position. Many an initial public offering has been postponed due to an IP dispute and an uninsured IP claim.” Because intellectual property is considered an intangible asset, typical business property insurance policies do not cover intellectual property infringement, either for the infringing party or the rightful owner of the IP. Specialized insurance coverage has become available in recent years, however, that provides coverage if a business is accused of infringing another party’s IP. LIABILITY Just as a customer can be physically injured by falling in a brick and mortar business, e-commerce customers can be injured by the misuse of their customer data, by having to shut down their own operations to avoid infections by viruses from an e-commerce Web site, and by the cost of restoring data lost or compromised by attacks by viruses or by human error at the vendor’s e-commerce site. EXCLUSIONS Surprisingly, very few of the liabilities posed by cyber risks are covered by traditional business insurance policies. Therefore, it is vitally important for a business to review insurance policies to be certain that e-commerce coverage is adequate. The insurance trade press reports that insurers are rewriting Commercial General Liability (CGL) policies to specifically exclude Internet and e-commerce related risks, and are obtaining court rulings that electronic data records and other categorize critical elements of e-commerce, as intangible property whose loss is not covered without specific policy endorsements. Moreover, the extremely flexible nature of Internet technology can induce businesses to build cyberspace presences that insurers view as separate and distinct from a company’s brick and mortar operations. CGL policies covering personal injury claims often cover advertising injury claims resulting from a company’s advertising. But many Web sites defray Web costs by including ads for third parties. Newer CGL policies specifically exclude coverage for claims resulting from such ads on the basis that including third party ads makes the Web site an advertising business, for which other insurance coverage is required. Another critical insurance coverage exposure results from the fact that many CGL policies written in the U.S. are territorially limited to North America, the United States and Canada, or simply the United States. Without proper filtering and access restrictions, a company’s Web site, can automatically make the company both a 50-state and international vendor. CGL policies do not cover professional liabilities, such as programming errors, accidental destruction of client data, or disputes concerning the promised performance of software. Such coverage is provided under errors and omissions (E&O) insurance, but recently, some insurers have created special technology E&O policies that specifically address technology-related risks. Traditional E&O policies may no longer provide all necessary coverage for companies providing technical services. REVIEW REQUIRED The good news is that more and more insurers are developing cyber risk insurance policies. To be sure, such policies will remain relatively pricey until they are more widely adopted. As insurers gather more data concerning cyber risks and reach greater confidence in underwriting such policies, companies can expect to see premiums moderate, even as insurers add new coverages for new and emerging cyber threats. Norman H. Roos is managing partner of the Hartford, Conn., office of Brown Raysman Millstein Felder & Steiner, www.brownraysman.com. Donald R. Ballman is an associate with the firm.

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Advance® Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]

 
 

ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2021 ALM Media Properties, LLC. All Rights Reserved.