Welcome to The Perkins Coie Tech Risk Report, a source for updates on, and analysis and interpretation of, insurance issues relevant to emerging technologies. We will address coverage issues related to cyber coverage, privacy, digital assets like cryptocurrency, Blockchain and other emerging technologies. The blog is written for start-ups and other companies dealing with emerging issues in the technology industry.

Attorneys from Perkins Coie’s Insurance Recovery Group will be the primary content authors. They will be joined from time to time by attorneys from other practice groups, such as the firm’s Blockchain and Virtual Currency, Emerging Companies, Technology Transactions and Privacy and Data Security practice groups.

Please sign up to receive our postings. We welcome your feedback, comments, and questions, and we look forward to our conversations. Thank you for visiting!

For approximately the past decade, cryptocurrencies were used by those who wanted to transact business anonymously and without oversight or restrictions imposed by any governmental authority.  More recently, the concept of cryptocurrencies has been used to raise capital outside of traditional financial structures.  Indeed, the rise of raising money through the issuance of “virtual tokens” using “Initial Coin Offerings” (“ICOs”) has caused a sharp rise in the prevalence and market value of cryptocurrencies.

Those involved with cryptocurrencies believe that their virtues include stronger security against theft, easier transactions, and insulation from government-induced currency fluctuations, among other things.  But the inescapable reality is that hackers, technical errors, and fraud happen.  In addition, regulators have been taking notice and have been attempting to flex their authority, although the manner in which any given regulation applies to cryptocurrencies is far from certain.  One thing that is certain, is that the cryptocurrency “industry” poses unique and evolving risk.  Given this, the insurance industry is also engaged in attempting address the needs of this emerging market, although underwriters can be expected to rigorously assess the risks posed, and insurance procurement can be a challenge for some. Continue Reading The New Money: Cryptocurrencies and the Role of Insurance

Social engineering and electronic impersonation scams have increased in recent years, as have cases involving resulting claims for insurance coverage. Claims typically involve the impersonation of a company executive, employee, or client and a fraudulent electronic communication directing an employee of the policyholder to transfer funds to another account. As outlined in our update of November 8, 2017, courts differ significantly as to whether or not this situation triggers coverage under a standard crime policy or fidelity bond. For example, some courts have held that the scheme does not produce a loss “resulting directly” from the “use of a computer” as required for certain “computer fraud” coverage. E.g., Apache Corp. v. Great Am. Ins. Co., 662 Fed. Appx. 252, 258 (5th Cir. 2016); Incomm Holdings, Inc. v. Great Am. Ins. Co., No. 1:15-cv-2671-WSD, 2017 WL 1021749, at *8-*10 (N.D. Ga. Mar. 16, 2017). Other courts have reached the opposite conclusion and found coverage. E.g., Medidata Solutions, Inc. v. Fed. Ins. Co., 268 F. Supp. 3d 471, 477-78 (S.D.N.Y. 2017), aff’d 729 Fed. Appx. 117 (2d Cir. 2018); Principle Solutions Grp., LLC v. Ironshore Indem., Inc., No. 1:15-CV-4130-RWS, 2016 WL 4618761, at *2, *5 (N.D. Ga. Aug. 30, 2016).

Continue Reading False Pretense Exclusion No Bar to Coverage of Fraudulent Impersonation Scams

The recent series of significant hacks to Marriott, Target, Anthem, Home Depot, and other businesses make it clear that there is now another inevitable event to add to death and taxes, namely intrusions to businesses’ on-line databases of their customers’ personal information. These intrusions include outside vigilante hackers who are simply trying to sell their services and then try to incite the government or private plaintiffs to assert damage claims against the targeted businesses from the exploited vulnerabilities. To counteract the inevitability of such intrusions, cyber-security providers and insurance companies are now considering offering a new product that would combine guarding against unwanted intrusions with guaranteed coverage for the cost of the inevitable hack. The product would basically warrant that there will be no damaging access or release of on-line data, and would provide a specified but limited payment to compensate for any damages should an intrusion and/or release of data nonetheless occur. Continue Reading Developments in Cyber-Coverage Options

The European Union’s Global Data Protection Regulation (GDPR) took effect on May 25, 2018, and drastically expanded the compliance obligations of companies involved in the collection, use, and management of any European Union citizens’ data. The GDPR imposes a strict regulatory scheme with steep penalties for non-compliance, with maximum fines set at the greater of 20 million Euros or 4% of a company’s annual worldwide revenue. GDPR Art. 83, § 5. Please refer to Perkins Coie’s GDPR Resources for a more comprehensive overview. Continue Reading Will your cyber policy provide coverage for GDPR violations?

On November 9, 2018, the Ninth Circuit certified an important coverage question to the Washington Supreme Court about whether a certificate of insurance (COI) purporting to add T-Mobile as an additional insured on another company’s insurance policy binds the insurance company listed on the certificate. T-Mobile USA Inc. v. Selective Insurance Company of America, 908 F.3d 581 (9th Cir. 2018).

The case should serve as a reminder that businesses may not be able to rely on, and should not rely on, a certificate of insurance alone when they sign agreements with third parties who are supposed to add them as additional insureds. Continue Reading How Valuable is that Certificate of Insurance?

Emerging tech companies face many uncertainties. On the one hand, it’s an exciting environment with eager investors and an expanding market receptive to new high-tech solutions. But there are also risks from cyber disruption, potential product liability claims, and less than trustworthy vendors. Don’t get caught without adequate protections.

Indemnification agreements. Carefully drafted indemnity provisions in your contracts with vendors and other third parties, including suppliers and large customers, can go a long way to protecting your business against various risks that are out of your control. When a claim arises, you will want the indemnitor to step in to address issues as seamlessly as possible. Close attention to the details of your agreements is critical. Don’t rely on standard form provisions that are not tailored to your business. If a dispute arises, you will want to make sure, for example, that you are not bogged down by unfavorable choice-of-law or dispute-resolution provisions. These should be addressed in advance. Keep in mind that an indemnity agreement is only as good as the indemnitor who signs it. If the indemnitor is insolvent or unwilling to step up, then your business is on its own. Insurance is the only way to provide that additional security. Continue Reading Protecting Your Emerging Business

The Los Angeles Lakers are still dealing with the fallout from having sent confirmatory text messages to spectators in 2013, after having invited text messages from those spectators for potential display on the scoreboard. The ensuing Telephone Consumer Protection Act (TCPA) class action settled, but the Lakers’ suit against its insurer seeking coverage for defense costs and indemnification remains pending. The outcome of this dispute could have deep implications for any business using text messaging as part of its platform.

Oral argument in the Lakers’ appeal from the district court’s judgment of no coverage was held on February 15, 2017, with the opinion pending. See Recording of oral argument in LA Lakers v. Fed. Ins. Co., No. 15-55777 (9th Cir.).At issue in the case is whether Federal Insurance Company (Federal) had to defend and indemnify the Lakers with respect to the underlying class action (the Class Action) under the Lakers’ Directors and Officers policy (the Policy). The district court ruled that there was no coverage because TCPA claims are by definition claims for invasion of privacy, and such claims fall under the Policy’s exclusion for claims against the Lakers “based on, arising from, or in consequence of . . . invasion of privacy.” Los Angeles Lakers, Inc. v. Fed. Ins. Co., No. CV 15-7743 DMG (SHx), 2015 WL 2088865 (C.D. Cal. Apr. 17, 2015). On appeal, the parties’ central positions are laid out below.  Continue Reading Coverage for Third-Party Claims Alleging Non-Fax-Related TCPA Violations

The potential for cyberattacks and data breaches continues to loom large in any company’s calculus of risk, with events like the recent WannaCry attack only highlighting the threat. For years, the insurance industry has responded in kind by offering variations on forms of cyber risk insurance. However, not all policies are created equal. It is important for the insured to be aware of what is covered—and what is not.

At its most basic level, cyber risk insurance can be divided into first-party and third-party coverages. Most policies will contain some combination of these coverage types. Both of these coverages potentially contain pitfalls for the unwary.  Continue Reading How to Protect Against Cyber Liability Threats

Smart contracts are changing the way businesses conduct routine transactions to make them more efficient and, in many ways, less prone to human error. But this new technology has associated risks. Is your company adequately prepared?

Basics of Smart Contracts

Smart contracts, sometimes known as self-executing contracts, are contracts that are written in computer code and connected to a blockchain so that an individual or entity can instantly be bound to the terms of the contract. Computing devices may also be bound via a smart contract, which has led to the Internet of Things.  Continue Reading What’s the Insurance Coverage for Smart Contracts?