Thank you for sharing!

Your article was successfully shared with the contacts you provided.
With the exponential growth of the Internet, concerns about privacy violations and related liability are becoming more than just a theory. As a consequence, a variety of federal and state laws have been enacted to protect privacy rights. In this climate, companies need to assess their exposures to privacy claims and ascertain whether they have or need to obtain insurance for these types of risks. PRIVACY LAWS Historically, state common law has created several torts that protect privacy rights. Liability has been found for unreasonable acts that publicize another person’s private life, intrude upon the seclusion of someone else, misappropriate the name or likeness of another person, or that depict someone else in a false light. With the explosion of the Internet, Congress has enacted legislation aimed at protecting online privacy rights. While Congress has not enacted a broad, over-arching federal law to address Internet privacy, it has enacted privacy laws to deal with certain issues or sectors. For example, Congress has enacted the Children’s Online Privacy Protection Act to regulate the retrieval of personally identifiable information from children under the age of 13 on the Internet. Congress has also enacted the Electronic Communications Privacy Act to regulate unauthorized access to certain computers under particular circumstances. Furthermore, Congress has enacted the Gramm-Leach-Blilely Act to regulate information collected online by a broad group of entities referred to as “financial institutions.” Meanwhile, some states have passed their own laws to grapple with online privacy issues. On top of all of this, the federal government, and notably the Federal Trade Commission, appears to be gearing up enforcement efforts. POTENTIAL INSURANCE COVERAGE Traditional comprehensive general liability (CGL) insurance policies respond to liabilities emanating from injury or damage caused by an insured to third-parties. These policies usually can cover property damage, bodily injury, personal injury or advertising injury. There have been some instances, usually in the employee versus employer context, in which the personal injury and advertising injury language has been construed to provide coverage for invasions of privacy. Even though CGL policies have been held, in narrow circumstances, to afford coverage for privacy invasions, the scope of coverage in the online realm can be even further limited. For example, CGL policies usually require a “publication” of material for there to be a covered privacy violation. The term “publication” is not defined in the policies. Thus, it could be argued that the online distribution of private information to a single business or entity, or an e-mail containing private information to a discreet number of people, does not constitute “publication” to give rise to coverage. Moreover, CGL policies generally exclude personal injury and advertising coverage (which can afford privacy-related coverage) for policyholders who are in the business of advertising, broadcasting, publishing or telecasting. Of course, the question arises as to whether a company that maintains a Web site should be considered an “advertiser” precluded from coverage. It should be noted that excluded companies can purchase separate media-related coverage. With so much uncertainty, a number of new insurance products designed to cover cyber-risks have come into the marketplace. The problem here is that while these policies are designed to cover risks not covered by traditional CGL policies, they vary widely one from the other, as they have not yet become standardized. Plus, their policy language has not yet been vetted much, if at all, in the courts. Furthermore, many of these new cyberpolicies have their own exclusions for various types of risks. As an example, exclusions for government regulatory enforcement actions are found in some of these policies. This is a big deal, as some of the greatest exposures can come from enforcement actions under the Gramm-Leach-Bliley Act, the Children’s Online Privacy Protection Act, and other privacy-related laws. END GAME Every company, whether large or small, should be focused on compliance with privacy laws when it comes to online communications and conduct. Furthermore, while doing their best to comply with the law, companies should also seek out appropriate insurance protection in the event of online privacy liability. Counsel skilled in privacy and insurance issues should be consulted in this complex area. Eric J. Sinrod is a partner in the San Francisco office of Duane Morris, where he focuses on technology and litigation matters. His Web site is sinrodlaw.com and his firm’s site is www.duanemorris.com. Mr. Sinrod may be reached by e-mail at [email protected]

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Advance® Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]

Reprints & Licensing
Mentioned in a Law.com story?

License our industry-leading legal content to extend your thought leadership and build your brand.


ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2021 ALM Media Properties, LLC. All Rights Reserved.