As Internet use increases, both individuals and businesses face a growing number of legal dilemmas. Is lost electronic data “property damage” within the meaning of a standard insurance policy? What’s the extent of protection for copyrighted material when it’s disseminated through a website? Can one user sue another for passing along a computer virus? Does an E&O policy cover Internet-related defense costs?
The questions keep coming, and the answers are far from clear, as the field of “cyberlaw” develops.
Attorney Adam H. Fleischer, an insurance coverage litigator with the Chicago firm of Bates & Carey, recently told a meeting of the National Association of Independent Insurers (NAII) that “cyberliabilities are the slip-and-fall exposures of the next millennium.” His meaning was clear. Risk and losses from the use of the Internet, e-commerce and related activities offer almost unlimited opportunities, but with this comes the concomitant burden of almost unlimited risks. “E-commerce makes up about one-third of all business on the World Wide Web. In 1999, more than $20 billion was lost to power outages and hackers, and these numbers don’t even include the impact of the devastating ‘I LOVE YOU’ virus that hit in May 2000.”
Swiss Re’s Sigma May 2000 study, “The Impact of E-Business on the Insurance Industry: Pressure to Adapt-Chance to Reinvent,” divides the risks into two main areas: Technical and Liability. The computer is the heart of the technological revolution and it is vulnerable; therefore, if anything adversely affects it, loss may occur.
On the liability side, every tort that an inventive lawyer can imagine is multiplied by the use of the Internet, every contractual relationship takes on additional aspects, and the opportunity for criminal activity is greatly increased.
Fleischer discusses some of the main areas affected in “Internet Torts and Cyberspace Insurance: New Issues for the E-conomy.” He notes that many are already established areas of law, but explains that, “There are three main ways in which cyberspace torts differ from their ‘offline’ predecessors: 1) The number of suits involving these intellectual property claims can be expected to be exponentially greater than in pre-Internet days. 2) Complex issues of international law, multi-jurisdictional disputes, and technical computer expertise will drive up the costs of defending and indemnifying these losses. 3) The Internet activities giving rise to these ‘cybertorts’ will present valid arguments for both insureds and insurers about whether they constitute ‘advertising’ under the policy’s ‘advertising injury’ provision.”
“The NAII has been working with emerging cyberliability issues throughout this year,” said Dave Golden, NAII director of commercial lines. “Many exposures have cropped up, and continue to crop up, that never existed before. Many times they are similar to those exposures traditionally covered by liability policies, but the unique characteristics of the Internet put them into a gray area. Some might be covered, but the vastly increased exposure to liabilities from the international nature of the Internet was never contemplated when the current rates were established. Others fall outside of traditional insurance coverage entirely.”
In a companion report to its Sigma study, Swiss Re issued “Law, Insurance and the Internet: Click Here for New Risks,” which examines in detail the various pitfalls encountered by a theoretical company dubbed ECOM. It considers the same types of legal issues as Fleischer does, and also addresses some uniquely Internet-related problems such as legal jurisdiction over an essentially global system and the difficulty of assessing damages.
The report concludes that “insurers currently have virtually no concepts suited to covering risks associated with the Internet; to be able to offer adequate risk management and risk transfer; however, they must make a special effort to come to terms with the problems presented by the Internet.”
However, as the study itself points out, the insurance industry is beginning to meet the need. “The first batch of insurance products is already on the market. These policies include the following types of cover: destruction or manipulation of home pages; network and server failure; unauthorized tapping of confidential customer data; restoration costs; bogus orders; virus infection; industrial espionage.”
A good example of these “cyberpolicies” is AIG’s netAdvantage/ProTech series of “comprehensive liability coverages for companies conducting business on the Internet as well as companies providing Internet-related products and services,” introduced last January.
netAdvantage is offered in five versions, tailored to the type of business. It covers Internet advertisers against claims for defamation, infringement and privacy invasion; e-commerce companies get the same protection as well as E&O coverage. Internet service providers (ISPs) can cover claims of computer virus transmission, unauthorized access or use and loss of service.
ProTech covers the same areas on the technology side, mainly liabilities for errors and omissions in telecommunications and media. As part of its crisis management unit, AIG also offers coverage aimed at “Cyber Extortion”-the threat to damage or misuse an insured’s computer system, electronic data or website.
Fleischer pointed to more than 40 new insurance products that “attempt to address the needs of Internet and technology companies, either by packaging various types of coverage or including a broad range of coverage in one policy.” Two Lloyd’s Syndicates offer similar coverage with “Internet Insure” and cyber. li@bility.
There’s also a growing realization on the part of insurance companies, agents, brokers and risk managers that coverage alone isn’t enough. NAII’s Golden sees increasing use of Internet risk management. “These specialists look at a company’s operations from an Internet perspective and recommend risk management tools appropriate to the cyber world, just as traditional risk managers have worked to prevent losses in the brick-and-mortar world. As these techniques become more universally applied, they will add to the value of cyberinsurance, and help to make it more affordable by reducing exposures to loss from the Internet.”
To comment on this article, please send e-mail to ijwest@insurancejournal.com.
Topics Cyber Risk Management
Was this article valuable?
Here are more articles you may enjoy.
Vintage Ferrari Owners’ Favorite Mechanic Charged With Theft, Fraud 
Wildfires Are Upending Some of the Safest Bets on Wall Street 
Why New York’s Attorney General Objects to Trump’s Bond Insurer 
Marsh McLennan Agency to Buy Fisher Brown Bottrell for About $316M From This Issue
