Presented at: Ctuit Software and Lathrop & Gage LLP Food & Hospitality Roundtable San Francisco, CA April 29, 2013 Presented by: Leib Dodell, Esq.

Slides:



Advertisements
Similar presentations
Basics of Insurance Law PLI: Bridge the Gap II Robert H. Friedman May 26, 2005 Robert H. Friedman May 26,
Advertisements

Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.
Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
©2008 Perkins Coie LLP Game Industry Roundtable Privacy Developments for the Game Industry Thomas C. Bell September 24, 2008.
Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.
IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.
Copyright 2004 ADVERTISING INJURY: A NEW FRONTIER IN PROFESSIONAL LIABILITY.
Cyber Insurance Today: Lots of Interest, Lots of Product Innovation, and Lots of Risk Richard S. Betterley, CMC Betterley Risk Consultants, Inc. Sterling,
Lockton Companies International Limited. Authorised and regulated by the Financial Services Authority. A Lloyd’s Broker. Protecting Your Business from.
Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL
Financial Institutions – Cyber Risk Managing Cyber Risks In An Interconnected World State Compensation Insurance Fund Audit Committee Meeting – February.
Presented by: Jamie Orye, JD, RPLU Beazley Group Pennsylvania Association of Mutual Insurance Companies Annual Spring Conference March 12, 2015.
Recent Trends and Insurance Considerations March 2015
Presented by: Paul J. Miola, CPCU, ARM Executive Director October, 2013.
BACKGROUND  Hawkes Bay Holdings/Aquila Underwriting LLP  Established 2009 utilising Lloyd’s capacity: Canopius % Hiscox 33 50% to May 2010, replaced.
Cyber Risk Enhancement Coverage. Cyber security breaches are now a painful reality for virtually every type of organization and at every level of those.
Copyright 2008 The Prinz Law Office. 1 Employee Blogs and Websites: How to Protect Your Company from the Legal Risk of Workers Going Online By Kristie.
Overview of Cybercrime
Insurance Coverage for IT Security Breaches International Technology Law Association San Francisco, CA – May 4, 2006 Steven Brower Stephan Oringher Richman.
Eric J. Pritchard One Liberty Place, 46 th Floor 1650 Market Street Philadelphia, Pennsylvania (215)
WHAT EVERY RISK MANAGER NEEDS TO KNOW ABOUT DATA SECURITY RIMS Rocky Mountain Chapter Meeting Thursday, July 25, :30 am – 12:30 pm.
Insurance for Friends Groups What you Need and Why the Groups needs Insurance PROPERTY Business Income Directors & Officers insurance Business Liability.
AUGUST 25, 2015 Cyber Insurance:
Presented by David P. Schack, Partner June 29, 2006 Insurance Coverage For Multi- State Investigations: Can You Get Your Insurer to Pay for.
Cyber Risk Insurance. Some Statistics Privacy Rights Clearinghouse o From 2005 – February 19, 2013 = 607,118,029 records reported breached. Ponemon Institute.
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
FIRMA April 2010 SOCIAL NETWORKING Christine M. Farquhar Managing Director, Compliance J.P. Morgan U.S. Private Banking.
Internet Risk Kevin Rooney General Reinsurance
What Keeps Your Board Up at Night? Sylvia Kerrigan, Exec. VP, General Counsel & Secretary – Marathon Oil Sean Gorman, Partner – Bracewell & Giuliani.
. E-Business Risk and Insurance.
Insurance of the risk Policy covers & underwriting issues Stephen Ridley, Senior Development Underwriter.
Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2013 CCH Incorporated. All Rights Reserved W. Peterson Ave. Chicago,
Cyber-insurance coverage: do you have it? Robert E. Sumner, IV, Esq. and Tosh Siao of Willis Group September 17, 2015.
Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.
Carlsmith Ball LLP Cyber Issues For Lawyers Deborah Bjes October 22 nd, 2015.
Managing Your Cyber/E&O Risk with Willis FINEX Robert Barberi, Vice President, Willis Cyber Practice.
Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.
Restaurant 1. 2 There are several different types of restaurant classifications, including: Family Style Fine Dining Fast Food Buffet.
Intellectual Property. Confidential Information Duty not to disclose confidential information about a business that would cause harm to the business or.
The Pitfalls of the Small Business Owner Protect Your Assets!
NCBFAA Annual Conference 2015 Orlando Converging Logistics: Realities vs. Possibilities Cyber Insurance Bernie Cissek, Chairman.
Law Firm LLP | Cyber Insurance | July 16th, 2014 Page 1 Cyber Exposure Landscape "The single biggest threat still is people inadvertently bringing down.
Prepared By: John Marshall, CRM, ERMCP, CIC, AAI Jenny Jacobsen, JD Cyber Liability Update April 21, 2016 Welcome.
Hot Topics in Technology Transactions Presented by: Robert J. Scott
The Privacy Symposium: Transferring Risk of a Privacy Event Paul Paray & Scott Ernst August 20, 2008.
Cyber Insurance Risk Transfer Alternatives Heather Soronen - Operations Director Rocky Mountain Insurance Information Association.
MEDICAL OFFICE COVERAGES. This is a short review over many insurance coverage parts necessary to a doctor’s practice. Not all apply, and there are other.
Retail & Service 1. 2 The Retail & Service industry encompasses a wide variety of businesses. This segment includes: Businesses engaged in selling goods.
Cyber Liability: New Exposures Presented by: Henriott Group © 2007, , Zywave Inc. All rights reserved.
Cyber Insurance Overview July 30, 2016 Wesley Griffiths, FCAS International Association of Black Actuaries.
Cyber Insurance - Risk Exposures and Strategic Solutions
Cyber Liability Insurance for an unsecure world
Cyber Insurance Risk Transfer Alternatives
Breaking Down Cyber Liability
New A.M. Best Cyber Questionnaire
Financial Institutions – Cyber Risk
Cyber Insurance presentation for: The 2nd Anti Cybercrime Forum Beirut, 29th November 2016 Alexander Blom, Head of Financial Lines, AIG MENA.
E&O Risk Management: Meeting the Challenge of Change
Managing a Cyber Event Steven P. Gibson President
Cyber Insurance – FFs & CHBs
Cyber Insurance Overview
Chapter 3: IRS and FTC Data Security Rules
Cyber Insurance: An Update on the Market’s Hottest Product
Society of Risk Management Consultants Annual Conference
Cyber Issues Facing Medical Practice Managers
Cyber Trends and Market Update
Cyber Exposures The Importance of Risk Identification and Transfer
Forensic and Investigative Accounting
Cyber Security: What the Head & Board Need to Know
SOCIAL NETWORKING Christine M. Farquhar Managing Director, Compliance J.P. Morgan U.S. Private Banking.
Presentation transcript:

Presented at: Ctuit Software and Lathrop & Gage LLP Food & Hospitality Roundtable San Francisco, CA April 29, 2013 Presented by: Leib Dodell, Esq.

Starting Point – Advances in Technology Have Fundamentally Changed Commercial Business Practices  Media and technology have become central to commercial life. Virtually all businesses – regardless of size or class of business – engage in many forms of “new media” communications.  All businesses collect and store vast mounts of data about employees, customers, vendors and others.  Standard commercial insurance packages were not designed to address these modern uses of technology and have not kept pace with these changes in business practices or exposures – indeed, have excluded many of them

“Traditional” Media/Tech Companies “Main Street” Commercial Marketplace Specialized “Media Liability” or “Tech E&O” Policies “Advertising Injury” Coverage in GL GL Policy ( exclusion for companies “in the business of” publishing, broadcasting, etc.) Old Paradigm – “Media/Technology Companies” and “Standard Commercial” Businesses Such As Restaurants Were Treated As Discrete Industry Segments 2

Social Media Viral Videos In-House Publishing Data Collection Behavioral Advertising Blogs Etc. What is the insurance solution? Media Companies Restaurants and other Commercial Enterprises New Paradigm – “Convergence” Due to Rapid Advances in Technology 3

The “Advertising Injury” Coverage Grant “Advertising Injury” was added to the GL policy in The standard ISO CGL policy now provides coverage for four distinct offenses: (a) Oral or written publication of material that slanders or libels a person or organization or disparages a person's or organization's goods, products, or services; (b) Oral or written publication of material that violates a person's right of privacy; (c) The use of another’s advertising idea in your advertising; or (d) Infringing upon another’s copyright, trade dress or slogan in your advertisement 8

Problems With This Language As Respects IP/Data Security Claims  First, understand that this is a “throw-in” coverage. Generally the GL carriers aren’t equipped to underwrite these new media exposures and they don’t fully understand them.  No mention of “trademark” in the coverage grant. But it is mentioned in a key exclusion: No coverage for claims “arising out of copyright, patent, trademark, trade secret or other intellectual property rights.”  But... This exclusion does not apply to “infringement, in your advertisement, of copyright, trade dress or slogan.”  What constitutes “advertising”? With respect to websites, only “that part” of site that is “about your goods, products or services.” 8

CGL Problems continued  Right of publicity claims are not addressed  Claims arising out of bulletin boards and chat rooms are expressly excluded  As to coverage for data security, many of the same issues:  Is a data breach “publication of material that violates a person's right of privacy”?  On the property side, Is a data breach the result of “physical loss or damage” to “tangible property”? 9

Potential Insurance Solutions  “Cyber” insurance – refers generally to insurance for the consequences of a breach of security leading to the release or compromise of data. Sometimes called “data security coverage” or “privacy” coverage.  Still a relatively new product, developed within the last 10 years. Very little standardization in wording, pricing, coverage, etc.  Highly competitive insurance marketplace, pricing has been steadily declining in recent years. 11

Two Components to Most “Cyber” Policies  “Third Party” Coverage (also referred to as “Liability” Coverage) for claims against an insured resulting from a breach of data security. Examples include: Class actions for damages by employees or consumers as a result of breach of Personally Identifiable Information (PII) Claims by banks or other impacted businesses to recover their losses resulting from a breach (for example, a bank might need to cancel and re-issue a large number of credit cards if there is a large security breach) Regulatory claims by government agencies (such as the FTC or a state Attorney General) charged with enforcing privacy laws  “First Party” Coverage for costs incurred by the insured organization itself as a result of a breach of data security. There are a number of different components of first party coverage, which are discussed on the following slides. 14

First Party Coverages  Notification costs. Coverage for the costs to notify customers that a breach has occurred, in compliance with state laws. This includes the costs of preparing, printing and mailing the letters, and setting up a call response center.  Credit Monitoring. Coverage for costs incurred by the insured to provide credit monitoring services to individuals impacted by the breach.  Crisis Management. Coverage for costs associated with retaining a public relations firm to manage the impact of the breach on the organization’s brand and reputation.  Cyber Investigation. Coverage for costs incurred by the Insured in determining the cause of the breach and taking corrective action.  Data Restoration. Coverage for costs incurred by the Insured to restore any data lost or destroyed in connection with the security breach.  Cyber Extortion. Coverage for costs incurred by the Insured in connection with responding to a threat of a security breach or cyber attack (including payment of ransom demands). 15

Important Cyber Coverage Considerations  Does the Policy cover all forms of data – i.e., not limited to electronic data and not limited to PII?  Will the Policy respond in the event of a voluntary notification – i.e., where notification is not strictly required by state law?  Does the Policy cover data maintained by the Insured as well as data maintained by third parties on the Insured’s behalf? This is critical given the prominence of cloud computing and other outsourcing of data management.  Does the Policy cover claims by employees in the event employee data is lost (and make appropriate modification of the Insured vs. Insured exclusion)?  Does the Policy cover regulatory claims as well as private actions, and does the definition of damages include civil fines and penalties (including PCI fines/penalties)?  Does the policy cover media/IP claims as well as data breaches? If not, consider Media Liability policy as well. 21

Reference Websites and Other Resources  – Research center dedicated to privacy, data protection and information security policy.  and – Contains detailed chronological listings of all data breaches. Excellent sources of Loss examples.  – Contains information on security training & offers several free resources that may benefit your clients.  FBI’s Cyber Crime Website. Keep up to date E-scams and warnings. Also, report Internet crimes on this site.  -- Tips for security, updates on latest security threats, summary of state notification laws, etc. 22

Q UESTIONS ?