Social engineering and electronic impersonation scams have increased in recent years, as have cases involving resulting claims for insurance coverage. Claims typically involve the impersonation of a company executive, employee, or client and a fraudulent electronic communication directing an employee of the policyholder to transfer funds to another account. As outlined in our update of November 8, 2017, courts differ significantly as to whether or not this situation triggers coverage under a standard crime policy or fidelity bond. For example, some courts have held that the scheme does not produce a loss “resulting directly” from the “use of a computer” as required for certain “computer fraud” coverage. E.g., Apache Corp. v. Great Am. Ins. Co., 662 Fed. Appx. 252, 258 (5th Cir. 2016); Incomm Holdings, Inc. v. Great Am. Ins. Co., No. 1:15-cv-2671-WSD, 2017 WL 1021749, at *8-*10 (N.D. Ga. Mar. 16, 2017). Other courts have reached the opposite conclusion and found coverage. E.g., Medidata Solutions, Inc. v. Fed. Ins. Co., 268 F. Supp. 3d 471, 477-78 (S.D.N.Y. 2017), aff’d 729 Fed. Appx. 117 (2d Cir. 2018); Principle Solutions Grp., LLC v. Ironshore Indem., Inc., No. 1:15-CV-4130-RWS, 2016 WL 4618761, at *2, *5 (N.D. Ga. Aug. 30, 2016).
The recent series of significant hacks to Marriott, Target, Anthem, Home Depot, and other businesses make it clear that there is now another inevitable event to add to death and taxes, namely intrusions to businesses’ on-line databases of their customers’ personal information. These intrusions include outside vigilante hackers who are simply trying to sell their services and then try to incite the government or private plaintiffs to assert damage claims against the targeted businesses from the exploited vulnerabilities. To counteract the inevitability of such intrusions, cyber-security providers and insurance companies are now considering offering a new product that would combine guarding against unwanted intrusions with guaranteed coverage for the cost of the inevitable hack. The product would basically warrant that there will be no damaging access or release of on-line data, and would provide a specified but limited payment to compensate for any damages should an intrusion and/or release of data nonetheless occur. Continue Reading Developments in Cyber-Coverage Options
The European Union’s Global Data Protection Regulation (GDPR) took effect on May 25, 2018, and drastically expanded the compliance obligations of companies involved in the collection, use, and management of any European Union citizens’ data. The GDPR imposes a strict regulatory scheme with steep penalties for non-compliance, with maximum fines set at the greater of 20 million Euros or 4% of a company’s annual worldwide revenue. GDPR Art. 83, § 5. Please refer to Perkins Coie’s GDPR Resources for a more comprehensive overview. Continue Reading Will your cyber policy provide coverage for GDPR violations?
Welcome to The Perkins Coie Tech Risk Report, a source for updates on, and analysis and interpretation of, insurance issues relevant to emerging technologies. We will address coverage issues related to cyber coverage, privacy, digital assets like cryptocurrency, Blockchain and other emerging technologies. The blog is written for start-ups and other companies dealing with emerging issues in the technology industry.
Attorneys from Perkins Coie’s Insurance Recovery Group will be the primary content authors. They will be joined from time to time by attorneys from other practice groups, such as the firm’s Blockchain and Virtual Currency, Emerging Companies, Technology Transactions and Privacy and Data Security practice groups.
Please sign up to receive our postings. We welcome your feedback, comments, and questions, and we look forward to our conversations. Thank you for visiting!
Consumer privacy actions continue to be a huge, costly risk for any business handling customer data over the internet. Lawsuits alleging improper collection of consumer data, such as zip codes or contacts, have become commonplace. Is your company at risk? We share several recent settlements and lawsuits highlighting the risks of privacy claims.
Neiman Marcus. In March 2017, retailer Neiman Marcus agreed to a proposed settlement to pay $1.6 million in a consumer class action filed in response to a 2013 data breach that allegedly compromised the credit card data of approximately 350,000 consumers. The class alleged that Neiman Marcus failed to protect consumers’ privacy and further harmed consumers by waiting 28 days to inform them of the breach. Continue Reading Are You Protected Against Privacy Claims?
In a world where brick-and-mortar businesses are traded in for an online presence, the realm of accessibility challenges is continually evolving. Your company needs to change the way they think about accessibility, including whether your current insurance covers ADA claims. It’s time to start considering questions like: Are your websites and applications compatible with screen readers and other assistive technologies? Are your videos captioned?
Making websites and applications more accessible will be a benefit not only to those with disabilities, but also to other users. For example, cleaning up crowded pages with too much content makes it easier for screen-reading technology to adequately convey information and also generally improves readability for everyone. Continue Reading Websites and Applications: A New Platform for ADA Claims