Numerous businesses facing class action lawsuits brought under the Illinois Biometric Information Privacy Act (BIPA), 740 ILCS 14 et seq., have sought insurance coverage under general liability policies only to receive blanket denials. It appears some relief may be on the way as the first Illinois Appellate Court to consider the issue affirmed the decision of the trial court and found in favor of coverage. West Bend Mut. Ins. Co. v. Krishna Schaumburg Tan, Inc., 2020 IL App (1st) 191834 (March 20, 2020). Continue Reading First Illinois Appellate Decision Finds Coverage for BIPA Class Action Under General Liability Policy

The cannabis industry has many component parts, from growers to retailers (dispensaries), and everything in between. And each component part of this burgeoning industry has its own set of risks and exposures, for which it will need insurance protection. Continue Reading Fast Times at Ridgemont…Oh Forget It. The Cannabis Industry Is New; and So Are the Insurance Issues, Sort of.

Most customers of companies using the internet to reach their suppliers of goods and services agree that digital access provides enormous convenience and often reduced cost. But along with that, it also seems to provide an unending stream of lawsuits and regulations over storage and use of data and hacking into data bases. The latest addition to this stream of lawsuits is SS&C Tech. Holdings v. AIG Specialty Insurance Co., 2019 U.S. Dist. Lexis 194196 (S.D.N.Y. Nov. 5, 2019). Continue Reading Update On Coverage For Privacy Lawsuits—Although Traditional Policies May Provide Some Coverage, Comprehensive Coverage Requires Cyber Insurance

As the coronavirus (COVID-19) outbreak continues to evolve, more businesses are feeling the impact.  Earlier this week, Apple announced that it does not expect to meet its quarterly revenue forecast due to interruption of its Chinese manufacturing operations and decreased demand from Chinese consumers.  In a previous post, we outlined how business interruption insurance coverage may help offset financial losses in a health emergency like the coronavirus outbreak.

Business interruption coverage is usually purchased as part of a commercial property policy.  As we explained, business interruption coverage typically applies when a policyholder suffers “direct physical loss of or damage to” covered property, and insurers may dispute whether a disease outbreak like coronavirus constitutes “physical loss” or “damage.”  Likewise, contingent business interruption coverage, which insures losses due to suspension of operations by a supplier, typically applies if the supplier suffers “physical loss” or “damage” that would be covered if sustained at the policyholder’s property.  And civil or military authority coverage, which insures losses when a government order restricts access to insured property, usually applies if that order is the “direct result” of physical loss or damage of the same type insured by the policy. Continue Reading Coronavirus Coverage: Policy Language that May Cover (or Exclude) Your Business Interruption Losses Caused by the Outbreak

The start of 2020 has brought uncertainty for tech businesses as individuals in the global health and business communities grapple with trying to understand and contain the deadly new coronavirus. Originating in Wuhan City, Hubei Province, China, the coronavirus has infected more than 28,000 people, killing at least 560. On January 31, 2020, the World Health Organization declared the 2019-nCoV virus (the formal medical designation of this new strand of coronavirus) a public health emergency. The Centers for Disease Control and Prevention, which is also closely monitoring the outbreak, reports that “[t]he potential public health threat posed by 2019-nCoV virus is high, both globally and to the United States.” Continue Reading Coronavirus Coverage: How to Offset Your Business Losses in a Global Health Emergency

Companies that wish to have higher limits of insurance than their primary (or umbrella) insurance companies are willing to provide usually can purchase excess insurance policies. Excess policies respond to losses above the limits of the primary layer of coverage. A company may purchase multiple layers of excess coverage from different insurance companies, creating a tower of coverage, with the primary layer at the bottom, and one or more excess layers at the top.
Many excess insurance policies are written as “follow-form” coverage. That is, rather than containing a full set of terms and conditions themselves, the excess policies “follow form” to, or incorporate by reference, the terms and conditions of a policy in a lower layer. Follow-form excess policies therefore tend to be shorter than policies that need to set out all of their own terms. The general idea behind follow-form excess coverage is to provide a seamless tower of coverage to the policyholder to respond to large losses.Despite their brevity, the mechanics of follow-form excess policies do not always work as smoothly as intended. This post sets out a number of traps for the unwary that sometimes are hidden within excess insurance policies. As described below, most of these can be avoided if policyholders and their advisors are vigilant when purchasing excess policies, and stay away from those with language that could lead to unintended results.  Continue Reading Avoiding Traps for the Unwary in Excess Insurance Policies

Insurance coverage lawyers and commentators have drawn considerable attention to state and federal data protection statutes in recent years. E.g., Freya K. Bowen, “Beyond GDPR: Insurance Coverage for Emerging Cybersecurity and Privacy Regulatory Exposure,” Perkins Coie Tech Risk Report (April 10, 2019), available here. Statutes governing the collection and use of biometric data have received much less attention, even though several states have passed such statutes and other states presently have some version under consideration. As previously noted in this blog, Jim Davis, “Biometrics Liability on the Rise: Are you Covered?” Perkins Coie Tech Risk Report (May 8, 2019), available here, these statutes apply to data as diverse as fingerscans DNA swabs, and even, potentially, facial recognition scans. Companies may be subject to regulatory actions or private litigation for violations, and, naturally, may seek insurance coverage for the resulting exposure. Some of these insurance claims will be subject to the same issues arising with claims relating to other data protection or privacy statutes, while other claims will raise specific insurance concerns unique to biometric data. Although these statutes are quite new, several recent cases help give policyholders a good indication of where the key risks may lie. Policyholders with exposure to these statutes should ensure that the appropriate insurance coverage is in place.  Continue Reading Employee Biometric Data: Are You Covered for Collecting or Using It?

If your business gets hit with a demand letter or lawsuit, your first inclination might be to get rid of the problem as soon as possible. In the tech world, particularly for companies that are just getting off the ground, the last thing you need is expensive litigation to burden your bottom line, or adverse publicity that could give an edge to your competitors.

Most business owners procure basic insurance protection as part of their standard business operations. As the business grows, insurance coverage and limits are broadened. But the pressure to get rid of claims fast can make even the most prudent business executive take a “settle now, check other boxes later” approach. This might be a big mistake—and one that could be easily remedied by taking some simple early steps.

Most insurance policies contain “no action” and/or what is known as “no voluntary payment” or “no voluntary settlement” clauses. These clauses typically look like this:

No insured will, except at that insured’s own cost, voluntarily make a payment, assume any obligation or incur any expense other than for first aid, without our [that is, the insurer’s] consent.

Continue Reading The Risk of Settling Claims Too Quickly

One of the best features of the digital age is the improved utility of access to data, allowing customers, employees, vendors, and business partners to synthesize large amounts of information and remain connected in real time. This previously-unimaginable level of access has been augmented by the invention of easy-to-use security features that enable businesses to simultaneously protect their data and maximize the utility of that data by making it widely available. But with this improved utility also comes a risk of being hacked, even if protections are in place, and of resulting liability for unauthorized access to data.

A promising technology for improving security and mitigating the substantial risks associated with password-based data security are biometric-enabled access controls. This technology limits access to data by verifying authorized users’ biometric identifiers, such as by recognizing users’ faces, fingerprints, voices, and/or irises. Biometric access control technology can also provide easy-to-use access to secure physical facilities. In today’s physical security environment, which has been informed by the rise in terror attacks and mass shooting events, the demand for secure facilities has increased dramatically. Use of complex numeric passwords provides too many barriers to entry and opportunities for compromise as individuals tend to select easy-to-remember, and hence easy-to-crack, passwords. And where physical access cards are required, those are equally easy to compromise as cards are frequently lost or even loaned. Biometric access control systems, therefore, appear to provide a simpler and more effective method of securing both data and physical premises without the same level of risk.  Continue Reading Biometric Access Control Systems Offer Great Utility but Create Associated Risks Requiring the Right Insurance Coverage

The ability to build and maintain strong relationships with business partners and vendors is an essential requirement for any business seeking long-term success. This is especially true in the fast-paced technology sector, where a company’s ability to put its innovative ideas to work often depends on its access to outside capital and its skill in turning connections into contractually-bound partners, vendors, clients, and customers. The unfortunate corollary to the need for technology firms to build and maintain relationships with outside partners is, of course, that no relationship is perfect. Not all partnerships are built to last. That reality raises an all-important question: how do you prepare your firm for the inevitable day when one of its business relationships sours?

As my colleague Linda Powell discussed recently, firms that provide technology services and products can manage their relationship-based risk by purchasing Technology Errors and Omissions (Tech E&O) insurance. Alternately known as Technology Professional Liability Insurance, Tech E&O insurance is likely to respond to demand letters, claims, or lawsuits brought against your firm by dissatisfied business partners, vendors, or customers who believe that your firm has committed an error or made an omission that caused financial harm. Continue Reading When Business Relationships Go Bad: Maximizing Your Technology Professional Liability Coverage for Breach of Contract Claims