Thank you for sharing!

Your article was successfully shared with the contacts you provided.
Within the last few years, the Internet has become an integral part of most companies’ business models. Whether the company’s business is founded on clicks or bricks, the Internet is used to advertise products and services; communicate with customers, clients, fellow employees; convey data; provide a forum for the exchange of ideas and currency; and the list goes on. Of course, with all of the benefits that this new technology provides, liabilities inevitably follow in the form of malfunctions, defamation, viruses, etc. Many companies and their counsel may believe that these liabilities are adequately covered by traditional insurance policies, such as comprehensive general liability, errors and omissions, and first-party business interruption coverage. The reality is that most traditional policies provide limited coverage that is becoming increasingly more difficult to access. For example, battle lines are being drawn over whether computer data constitutes tangible property that can be damaged. To further limit coverage possibilities under traditional policies, the insurance industry has developed broadly worded exclusions that are designed to “absolutely” preclude coverage for many technology-based claims. The exclusion trend is also motivated by the industry’s desire to sell new insurance products that are being marketed as specialized policies covering Internet/technology risk exposures. This article provides a brief overview of commonly available coverages under the new policies and concludes with a discussion of the key coverage pitfalls that exist within those policies. MEDIA LIABILITY Media Liability Coverage (MLC) is designed to provide coverage primarily for brick and mortar companies that are involved with the Internet through the use of a Web site. For example, this type of coverage is ideal for a company that advertises its goods or services via the Internet but does not provide services directly related to the Internet. Thus, MLC provides coverage for advertising injuries that occur over the Internet such as libel, slander, invasion of privacy and trademark infringement. Of course, like all other insurance policies, the MLC has several exclusions that limit the scope of available coverage. For example, MLC does not cover damages caused by the commission of intentional acts. MLC also does not respond to claims for bodily injury or property damage that are covered under traditional policies. MLC also excludes coverage for false advertising, antitrust violations, unfair competition, securities violations, patent infringement and employment practices. Additionally, MLC policies generally exclude claims caused by mechanical breakdown or electrical, data transmission, telecommunications or satellite systems failure. INTERNET SERVICES Professional Services Liability (PSL) coverage is designed for consultants and/or companies that provide professional services such as software development, information management, and the like. For example, this coverage would be appropriate for a company that provides Internet access or maintains an Internet search engine. PSL policies provide coverage for breach of duty and/or any neglect, act, error, misstatement or omission in the rendering of, or failure to render, professional services for others for “Internet services,” “Internet technology services,” “Internet technology products” and “Internet media services.” “Internet services” include maintaining an Internet search engine, providing an Internet address, providing e-mail services, maintaining a chat room or bulletin board, and designing, constructing or maintaining an Internet site. “Internet technology services” include systems analysis, data processing, and repair or maintenance of computer products, networks or systems that occur in connection with “Internet services.” “Internet technology products” include the creation, development, manufacture, and distribution of hardware, software or other technology-based equipment that fails to function as intended. It also includes the training in the use of these products. “Internet media services” include advertising, Webcasting, electronic publishing, and distribution in connection with the insured’s Internet services. Exclusions again apply to limit the scope of available PSL coverage. As with all of the policies discussed in this article, the particular coverage grants and exclusions are likely to vary depending on the specific policy form under consideration. Nevertheless, the key exclusions applicable to PSL largely mirror those discussed for MLC. SECURITY COVERAGE Internet and Computer Network Security Coverage (Security Coverage) is designed to protect companies that facilitate access to the Internet or store data online. There are several different types of Security Coverage available. First, Liability Coverage insures against a breach, act, error or omission involving the insured’s computer system where an unauthorized use or unauthorized access to the computer system leads to the disclosure of confidential information, the transmission of a computer virus, or the inability to gain access to a computer system. Importantly, the breach, act, or omission must be caused by the failure of a security system for coverage to be triggered. Second, Media Liability is coverage for content-based liability arising from a third party acting upon your Internet media (advertising, Webcasting, electronic publishing, dissemination, etc. over the Internet). The coverage grant and exclusions are identical to the MLC discussed above. Third, Extortion Coverage provides reimbursement for money paid to avoid a threatened intentional computer attack, including the intentional introduction or spreading of a computer virus. Fourth, Asset and Income Protection coverage provides insurance for damage to information assets such as a computer system and includes electronic data, customer lists, financial and confidential information stored electronically, and the capacity of a computer system to be available to its users (e.g. bandwidth, processor time, memory). Coverage for the theft of trade secrets may be included by endorsement. Asset and Income Protection coverage also provides coverage for Internet business interruption and Internet extra expense. Business interruption provides coverage for losses incurred during the time period it takes for the company to restore its normal business operations following a suspension of operations. Internet extra expense is the amount of money incurred during the period of recovery that would not have been incurred but for the failure of the computer system. Security Coverage also is subject to several standard exclusions. With increased frequency, most insurance companies are excluding coverage for acts of war, including terrorism. Security Coverage also will not apply to losses caused by acts of God. Moreover, Security Coverage will not protect companies against electrical or mechanical failure. Indeed, the only type of “failure” covered is a lapse of the system’s security features. A failure to maintain “state of the art” security software will lead to a claim denial. Additionally, mistakes in project planning are not covered for the inability to use or lack of performance of software programs because, for instance, the security software: (1) has expired, has been cancelled or has been withdrawn, (2) has not been released from the development stage, (3) has not passed all test runs or proven successful, or (4) has configuration problems. KEY POLICY CONSIDERATIONS As demonstrated above, the new insurance products available to protect Internet/technology risk exposures vary significantly in form and substance. Indeed, the coverage forms discussed in this article are among the most basic available. Many companies will likely combine one or more of these coverages to fit their individual needs. Moreover, using a broker that specializes in placing Internet/technology-based insurance is crucial to determine whether a hybrid of the basic coverages will suffice or whether special endorsements are required to protect risks that are unique to the company buying the insurance. In finding the “right” policy, it is also important to know that policy forms providing Security Coverage, for example, vary substantially depending on the insurer writing the policy. The importance of understanding the nature of the risks insured and the method of accessing coverage once a claim arises cannot be overstated. In that regard, companies must make it their business to consider the following issues: 1. The New Internet Policies Are Written on a Claims Made Basis.This means that coverage is available only for “claims” that are made against the company during the period that the policy is in effect. “Claim” is often broadly defined to include any demand for legal relief. Thus, a cease-and-desist or an attorney demand letter may trigger a company’s obligation to contact the insurer regarding coverage. Failure to provide prompt notice of a claim may result in a total forfeiture of coverage, even if the claim is otherwise covered by the policy. Many policies offer an “extended reporting period” which relaxes the notice obligation somewhat by allowing additional time to give notice of claims even after the policy has expired. However, the availability, length and cost of that extended reporting period varies from policy to policy and insurer to insurer. Some insurers also offer the opportunity to give notice of a “circumstance” that may give rise to a claim, even if a formal demand has not been made. Thus, if a company has an inkling that it has an unhappy customer or competitor which has not taken any formal action and the policy period is drawing to a close on a MLC policy, the company may give notice of that circumstance, thereby preserving the right to seek coverage from the insurer at a later date if an actual claim develops. Again, however, the availability of this breathing room will depend on the policy form and the insurer. 2. The Retroactive Date May Further Limit Available Coverage.Many of the new Internet policies contain a “retroactive date” that establishes that the insurer will not cover any claims arising from conduct taking place before the retroactive date. A common problem that companies encounter is that the retroactive date on their policies does not coincide with the period of risk that they are trying to insure. For example, assume that Consultants-R-Us purchased a PSL policy in January 2002 that remained effective through January 2003. Assume further that the PSL policy had a retroactive date of Jan. 1, 2000, but Consultants-R-Us has been in business since Jan. 1, 1995. In June 2002, Consultants-R-Us gets sued by one of its oldest clients in connection with a software development project that began in April 1998. Consultants-R-Us would have no coverage under its current PSL policy because the conduct giving rise to the claim took place in April 1998. Companies must determine when their operations began to pose a significant liability risk and make sure that any Internet-based (or other claims made) policy purchased contains a retroactive date that coincides with this time period. 3. Payment of Defense Costs Erode the Policy Limits.One of the main reasons that many companies buy liability insurance is to lay off the risk of defending expensive litigations. Thus, a key component of most insurance policies is the insurer’s obligation to pay the defense costs associated with potentially covered claims. In a significant departure from traditional general liability insurance policies, the new Internet policies do not provide for payment of defense costs in addition to the limits of liability. Rather, the new policies make clear that any dollar paid by the insurance company, whether for defense, settlement or judgment, erodes the limits of the policy. For example, if a policy has a limit of $1 million and the company has incurred $500,000 to defend a litigation, only $500,000 is left for the payment of any judgments or settlements. 4. Control of the Defense Varies From Policy Form to Policy Form.New policies also differ from traditional policies in that the insurer’s duty to defend is not a foregone conclusion. Some policy forms allow the insured to retain control over handling the actual defense of a litigation and to seek reimbursement from the insurer for the expenses incurred. Under this scenario, however, the insurer also is likely to include a “panel counsel” provision in the policy that will require the company to select a defense counsel from an approved list of law firms. Many companies overlook the panel counsel provision when the policy is purchased and are unhappy to learn that their general counsel cannot be used on a matter. Those companies need to be aware that some insurers are willing to remove the panel counsel provision and/or specifically include the company’s general counsel on the approved list by endorsement. 5. Beware of Deceiving “Worldwide” Coverage.Perhaps the most important provisions in any new Internet insurance policy deals with the coverage territory. Most policies state that coverage is provided “worldwide” — a crucial feature since the Internet undeniably operates worldwide. However, a closer look at the scope of that “worldwide” coverage provision is necessary. Many new policy forms will insure “worldwide” conduct but will only cover claims that are brought in the United States, its territories or Canada. The problem, of course, is that the company will have no control over where a plaintiff will decide to bring its lawsuit. While jurisdictional issues are still being developed with respect to Internet/technology-based lawsuits, a company that has spent significant premium dollars on a specialized insurance policy surely does not want to provide the insurer with an easy way to avoid coverage by overlooking the coverage territory provision. Again, the gap in “worldwide” coverage can be closed by a negotiated endorsement. CONCLUSION The Internet and its associated liabilities are here to stay. Traditional insurance policies provide diminishing protection against those liabilities. Companies should consider their need for insurance protection under these new specialized policies developed by the insurance industry. A large part of that consideration must include an analysis of the risks that the company confronts and the establishment of reasonable coverage expectations. Once a company purchases a policy, it is crucially important for the company, its insurance broker and its attorneys to understand how to access that coverage. Lynda A. Bennett is counsel at Lowenstein Sandler, www.lowenstein.com, in Roseland, N.J., and is a member of the firm’s insurance practice group. Jennifer A. Lopez is an associate of the firm.

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Advance® Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]

Reprints & Licensing
Mentioned in a Law.com story?

License our industry-leading legal content to extend your thought leadership and build your brand.


ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2021 ALM Media Properties, LLC. All Rights Reserved.