Author: N.P. James Insurance Agency

Technology Risk – What You Can Transfer, What You Cannot!

In economically troubled times business risks take on increased weight. You need to understand clearly what risk you can transfer – and what risk you cannot.

Client expectations of their insurers have recently led to huge claims in areas never contemplated by insurers. Contract disputes, once strictly in the realm of business risk, have been transported to insurance claims unintended by the carrier. 2003 has seen considerable constriction in coverage terms and language, even while costs are continuing to increase.

Solvency issues raise questions when partnering, when licensing, and when depending on sole sources for parts or services. Capital funding resources scrutinize such issues much more carefully, being sure that business continuity is as secure as possible. Software code escrow, licensing contracts, and similar arcane matters have grown in complexity as national and international commerce raises new levels of concern.

Write your customer contracts in a way that limits your liability for consequential damages and economic loss. Then, your insurer should be by your side to defend in the event of a claim for damage caused by your hardware, software, service, or people.

This is how you should expect to be covered by your E&O insurer:

Types of Problems Yes No
Contract disputes
errors in code x
consequential (financial) damages x
impaired processing x
destroyed files x
delivery delays x
contract performance quality x
problems prior to client sign-off x
Buggy hardware/software
economic loss to client’s relying on your work x
damage to client’s system you cause x
shut-down economic loss x

Remote car door locks – code can be intercepted

Making the web rounds is notice that there is an intercepting device thieves are using to clone car security codes when car doors are locked using the key-chain locking device.  Thieves sit a distance away (such as in a shopping mall complex) waiting for the victim to remotely lock their car and walk away.  The interceptor can then unlock the car with the stolen code.

Advice is to use the lock button on your car upon exiting, which does not send a security code through the airwaves.

Contracts and Your Insurance

Your attorney reviews all of your contracts, customarily asking you to send the insurance portions to us for review. Our habit is to comment on each clause and section, advising our clients what is covered and what is not covered under their current policy. After 20 years of business we also have a good sense of what is reasonably asked of you under any contract and what conditions you may be able to negotiate away.
Your commercial insurance program probably does cover:

  • Waiver of subrogation against your landlord (Your lease is usually covered under “Limited contractual” coverage)
  • General Liability obligations under most contracts requiring standard limits (including Bodily Injury and Property Damage)
  • Workers Compensation coverage for most contractual obligation language
  • Most “Hold Harmless” clauses found in contracts

Your commercial insurance program probably does not cover:

  • Intellectual property infringement indemnification
  • Pollution
  • Employee non-disclosure agreements
  • Indemnification for your landlord’s contractors
  • Most “any and all causes” clauses
  • “Your insurer will honor all the terms of this contract” provisions

Always let your insurer know about those insurance related sections of contracts you sign.

Insuring Intellectual Property – How to Protect Yourself

Only specialty markets and programs offer coverage for many intellectual property perils.

  • copyright infringement
  • defamation
  • disparagement of an individual’s reputation infliction of emotional distress
  • infringement of title, name, or mark
  • invasion or infringement of the right of privacy
  • patent infringement
  • piracy
  • plagiarism
  • product disparagement
  • unfair competition

Even while cyberspace offers us global markets, we are assuming so many more complex international business issues. Tripping up on an infringement problem could bring you two continents away from home to defend yourself.

Many of the perils above, as well as global defense can be secured from your insurer.

Intellectual property, hard copy and in cyberspace, should be carefully examined to determine what insurance can best protect you.

Intellectual Property Matters: Patent Infringement

As a technology based company, knowing you have developed state of the art products, you aggressively pursue selling a service contract to that large corporation you know badly needs your services.

Negotiations begin, hurdles are passed, and the relationship looks good. Then, corporate sends their contract: YourCo hereby indemnifies and holds harmless and agrees to defend BigUsCo for all claims, demands, charges, suits, proceedings, damages, direct or consequential…, for any and all injury or damage,… intellectual property infringement, including but not limited to trade mark, copyright, patents, invasion of privacy, plagiarism, unfair competition,…” Required limits of liability usually follow, with specifics of coverage and “Additional Insured” status requirements.

What do you do?

Indemnification is a term associated with a financial guarantee to provide legal defense for a claim. Indemnification should not be undertaken casually, or without attempts to transfer the risk to your insurer. Some interesting statistics are provided by one of the world’s leading patent infringement insurers.

Litigation Costs

  • $500,000 pre-trial, $500,000 during trial
  • Damages to $1 billion, often $20-$30 million

Limits

  • up to $15,000,000 coverage per patent
  • minimum retention (deductible) = $50,000

Defense Expenses are covered by policies

  • legal fees
  • declaratory actions
  • injunctions
  • appeals

Insurance Coverage Costs

  • premiums start at $25,000 per patent for $1,000,000 coverage
  • an infringement search and opinion letter is required

A technology insurance risk specialist should be contacted to approach insurers willing to look at your contract obligations. Don’t forget that every web site carries a number of intellectual property exposures which many businesses have not encountered. Web sites are publications by any definition, and, as a publisher, you are exposed to claims of infringement.

Intellectual Property in Contracts — and Your Insurance

Most software licensing agreements contain clauses regarding intellectual property infringement, usually indemnifying the client for any IP infringement complaints. Rarely are these clauses supported by insurance, which is important to understand should problems occur. Remember, your contracted indemnification agreements do not obligate your insurer beyond their existing policy terms! Indemnification is a term associated with a financial promise to provide legal defense and damage awards for claims.

What may be covered to some extent on your General Liability / Property policy:

  • Trademarked or Service Marked titles or slogans
  • Copyrighted advertising materials

IP exposures usually covered by an Internet Liability policy:

  • Copyright Infringement
  • Infringement of Title
  • Infringement of Trade Name
  • Infringement of Trademark
  • Infringement of Slogan

IP exposures not covered:

  • Patent Infringement (You may secure patent infringement offense and/or defense coverage through specialty markets). Applications require an opinion letter, which can also be secured specifically for insurance purposes.
  • Trade Secret Infringement

This outline serves primarily as a benchmark warning to recognize areas, that should be reviewed by professionals who can alert you to risks and exposures. Always let your agent and insurer know about those insurance related sections of the contracts you sign.

Securing the Weak Link in Cyberspace

Bentley College recently hosted a half-day forum on Internet security issues. Officials from the FTC and the Massachusetts Attorney General’s Office joined industry experts to address both problems and solutions to Internet breaches.

Excerpts from “The FTC’s Internet Security Initiative” fact sheet include:

  • Since 2001, the number of reported Internet security breaches has increased over 30 percent.
  • Email volume has increased over 25 percent since 2001
  • 53 percent of computer users apply the same username and password for all sites accessed
  • 25 percent of users write their password down and keep it near their computer
  • 50 percent of computer users fail to update virus protection software

It is realistic to assume that we all are a part of an Internet security statistic. Moreover, many of us fall under some regulatory privacy statutes. Remember, insurers do not defend you for violations of the law!

We need to decide how close our sensitive corporate documents should be to open lines. We need to do that today!

*We thank Bentley College for providing this valuable forum to the Boston business community. Materials provided by the FTC were especially valuable for web sites devoted to Internet security. Many private security consultants generously offered their expertise to the forum. This column has excerpted information provided at the forum.

Keeping the Cat in the Bag: Internet Privacy

Dot-com companies engaged in e-commerce have an unparalleled opportuinty to obtain personal information from their website users — a marketer’s dream. However, the use of this information is not limitless. The law of privacy applies to all transactions in information, including those on the Internet. If you have Internet access and are involved in e-commerce, you should be aware of the privacy implications each time you collect, use or provide user information.

The Federal Trade Commission recommends that websites display clear privacy policies covering:

  • manner of collection
  • use and disclosure of user information
  • permitted third party use
  • user information change
  • user password control
  • security measures against unauthorized access

As for safeguards against unauthorized interceptions, none of the technological solutions are fail-safe. Under The Electronic Communications Privacy Act, the intentional interception of any electronic communication is illegal and a successful plaintiff can obtain equitable relief, compensatory and punitive damages and attorney’s fees. The Computer Fraud and Abuse Act prohibits unauthorized actions taken against computer systems that constitute privacy invasions and outlaws attempts to obtain prohibited information.

Susan Rayne, Esq. is a technology and intellectual property law specialist and frequent speaker on technology issues, practicing with Bowditch & Dewey, LLP, Worcester, MA. Attorney Rayne can be reached at 508-926-3428.

Corporate Protection in Cyberspace by Michelle Drolet

Given the high investment in information technology infrastructure, corporate management needs to establish policies and procedures to protect computers, e-mail, and Internet communications in the same manner other business assets are protected. Legal e-mail policy expert, Mike Overly, states, “Many of the problems, and most of the lawsuits, that result from employee use of computers in the workplace revolve around electronic mail (e-mail). Approximately 40% of large organizations still don’t have a written policy in place or one that is adequate… Companies are doing a disservice when they rush out with a two- or three-page policy and forget it. They need a well-written policy, followed up with adoption and training for employees.”

Why set employee policies in the first place? In most ways the legal liability incurred from employee e-mail or Internet usage varies little from the liability borne from any document produced in the course of doing business. Rules of ethical conduct and privacy should apply to all communications resources. Since e-mail and the Internet are here to stay, management must have a way to both track and to enforce corporate policy. Those failing to implement, educate, or enforce usage policies will find themselves exposed to potential legal, privacy and productivity issues.

A well thought-out and strongly communicated e-mail, Internet, and computer use policy is the centerpiece to any company’s legal defense.

Michelle Drolet is the CEO and President of CONQWEST, Inc. of Holliston MA. CONQWEST offers technology solutions for corporate protection: Policy Planner (written policies), e-Minder (educating policies), Websense and Mailsweeper (enforcing policies). Ms. Drolet can be reached at 888-234-7404.

Computer Crime

Computer theft is currently a $10 billion industry. Insurance claims on stolen computers have increased 600% with average theft claims in 1992 of $5,000 growing to $500,000 in 1998. Crimes where computers are the target are currently being replaced by computers being used as the instrument of crime

  • Fraud
  • Theft
  • Embezzlement
  • Extortion
  • Stock manipulation
  • Hacking type crimes including Virus transmission and unauthorized intrusion into files

Are you safe?

Greater and greater protections are needed to assure your business record protection from intrusion. According to the U.S.Attorney’s office, disgruntled employees lead the list of computer crime perpetrators, followed by hackers, copyright and intellectual property thefts, and economic espionage, with Internet auction fraud growing quickly.

What can you do?

In 1996 Congress updated 18USC §1030, which gives broadened scope to computer crime. Vigilant corporate management should remember that even nuisance acts like password tampering could lead to criminal prosecution. Employers and employees alike should become aware of the federal statute’s protections and penalties.

Some information and statistics in this article are from material presented at “Cybercrime and Computer Forensics Executive Symposium” held in Cambridge January 20, 2000. Deloitte & Touche should be acknowledged and thanked for sponsoring the symposium and opening it to the Boston business community.

Cover Assets in Shark-Infested Cyberspace

Businesses are noticing their insurance costs. Two years ago, at the bottom of a 10-year soft market cycle, costs were virtually insignificant, representing only .0015 percent of gross revenues. Steeply rising costs now dictate very close attention to premiums and coverage.

This article will examine something that has been unnecessary for the last decade: hard choices in insurance coverage to keep premiums under control in a slow economy. Following are fundamental principles of insurance that help risk managers decide where premium dollars can best be placed.

September 11 brought a $70 billion loss to a $300 billion industry. On top of that, a decade-long soft insurance market (typified by more than one dollar paid in claims for every dollar collected in premiums, while investment returns are expected to make up the difference as well as provide profit) has masked the inability of underwriting to quantify the risks associated with increasingly complex technology applications.

The insurance market was already hardening in 2000. Then the stock market decline began. Prices are increasing; insurers are declining risks. Insurer capacity to absorb risk has also greatly diminished.

So, in protecting business and technology exposures to loss when revenues are down and insurance costs are up, you need a new perspective. Coverage is purchased a peril at a time, so a sound sense of where loss potential lies is essential in determining what to self-insure [i.e., absorb the loss personally, similar to deleting collision from a 10-year-old car] and what risks to turn over to an insurer. Choose insurance as the last solution to protecting your risk.

These are the priorities of risk management.

  • Transfer risk of loss to another party (under contract). Leases transfer risk; service contracts address risk assumption and transfer in very detailed ways. Risk transfer essentially shifts the cost of protection as well as specific conditions of protection to another party. For example, it is com-mon for your landlord to transfer to you in your lease the risks of injury to your employees and guests in the office building. You routinely provide a certificate of insurance to your landlord verifying liability coverage at agreed limits.
  • Discard the highest risk activities of the business. If computer security is a piece of your business, the risks may outweigh the income (insurers specifically exclude security matters). If high-hazard operations are integral to your total product, physical segregation of the risk will help reduce costs.
  • Assume as much risk as you can bear financially by choosing high deductibles, alarms and locks, redundant systems and other physical ways that can protect you before using insurance.
  • Transfer to your insurer the catastrophic risk and everything you cannot handle by the above methods.

With respect to technology risks in particular, there is an additional layer of underwriting resistance in addition to the market circumstances noted. In the late 1990s, the occasional iconoclast went on record stating that corporate executives had suspended critical judgment to jump onto the Web. Old economy businesses gained the label of dinosaur as dot-coms burned hundreds of millions of dollars in venture funding. e-commerce, B2B and global economy became terms engendering both opportunity and challenge to the entrepreneur.

Optimizing your market possibilities on the Web is yet another task on your desk. There is, however, no doubt about the added exposure. As a consequence of your Web site presence, you will need to address the additional risks assumed as the Internet instantaneously makes your business global. Remember that anyone with a Web presnce is a publisher by virtue of that text, its promises, security issues and consumer expectations. Web sites expose businesses to:

  • legal jurisdictions on another continent;
  • regulatory concerns: Professionals may well be in violation of narrow geographic license restrictions;
  • privacy and security obligations for customers;
  • product representations with buyer expectations far beyond that of brochures and traditional advertising material;
  • additional exposures of infringement, defamation, invasion of privacy, obscenity, plagiarism and/or unfair competition.

Standard insurance products address and cover only a few of the above perils. You need to examine your promises, client expectations, license restrictions, links and those specific areas listed below to be sure you are not surprised by unnecessary exposures. Even technology insurance specialists are wary of Internet exposures. Technology insurers are considerably more comfortable with computer and component hardware manufacturing, extending to less complex software products. As court cases define responsibilities, insurers are currently excluding Internet perils, even while the need for coverage grows. Specific policy exclusions are being added. Policyholders are largely on their own with respect to defending claims from the Internet.

Data security is also a great area of consumer concern. Credit card theft is increasing, especially via the Web. Transference of risk is complicated even when possible. Insurers are also excluding most, if not all, Internet security exposures. Only specialty products address these perils.

Specialty insurance products are emerging to address many uninsured issues. New policies address the following.

  • Invasion of privacy: Contact information and memberships lists are two examples of common exposed Web content. Be sure to get permission from everyone listed as well as check any statutory compliance regarding your lists. (New insurance policy wording defines “privacy” very narrowly to “rights of private occupancy” to exclude Internet related coverage.)
  • Copyright infringement: a growing area of complaint as the world accesses the material you put up on your site.
  • Defamation (via e-mail): You should strictly enforce your e-mail policies to minimize your exposure to litigation from offended parties.
  • Defamation (via Web sites): often in comparative advertising remarks about competitors.
  • Trademark infringement (domain name): Well-publicized cases of domain name disputes and cyber squatting problems are part of the new world of the Internet. No one ever before confused Delta Airlines with Delta faucets, until delta.com.
  • Trademark infringement (metatags): Your webmaster should be in close contact with your legal counsel so that you do not find yourself defending against an infringement claim.

Be sure your attorney, compliance officer, risk manager and insurance professional are part of your Web-presence team. Indeed, the Internet may well be on the critical path to your survival. Make sure it’s because it is supporting your business – not exposing it to litigation and insolvency!

LLCs versus Personal Trusts for Seasonal Homes

We have been seeing a lot of “personal” LLCs in Maine lately for vacation homes.  Some attorneys are recommending LLCs instead of Personal Trusts to clients for their seasonal, family-owned properties.

An LLC is a “commercial” (business) entity so you cannot place personal home insurance thus the way you can on a Trust entity.  Personal Liability Umbrellas do not respond to LLCs either – you need separate, commercial umbrellas for the LLC.  By choosing to place a seasonal home in an LLC, you will waste money and lose very broad coverage that comes with “personal” insurance (liability is worldwide on a basic homeowners policy – never on commercial forms [coverage needs to be specifically extended]).

LLCs are a very bad idea for seasonal homes

November 2013 Newsletter

Contracts: Be Careful What You Wish For

Wonderful to be able to brag about landing a contract with a mega multi-national.  But don’t forget to look at the cost of complying with your insurance provisions.

In this newsletter I am going to outline a few of the recent provisions we have recently seen.

Some of the more common areas to consider:

  • $5,000,000 limits for both General Liability and Professional Liability
  • $5,000,000 limits for Crime coverage, including 3rd party crime (for your employees working on client premises).
  • Additional Insured status for your client, which adds exposure to your program and could ultimately affect your insurability.

Now – some of the more difficult and costly areas in contract language:

  • Waiver of subrogation is commonly requested for all of your insurance policies.  Insurers can balk at some of these, most particularly Automobile and Errors & Omissions Professional Liability.
  • Primary and Non-Contributory – insurers will generally accept this condition on a General Liability policy if you have agreed to it in a contract. Many insurers will not agree to this provision on your E&O and auto policies.
  • Severability of Insureds – this is a particularly onerous contract term which basically requires you to carry double your existing limits ($10,000,000 if your basic is $5,000,000.  One $5MM limit for you and another $5MM limit for your client.)  Few insurers have the capacity or the interest to offer coverage.  Those willing will have very high costs.
  • Another broad and difficult term is the condition for “broad contractual” coverage including “all terms of this contract and work order.”  Many excluded areas of coverage in your insurance policy are included in your contract, such as patent infringement indemnification, which runs into serious money.  Pollution terms may be in your services contract, even though you have no exposure to such operations of your services.  Pollution coverage and IP insurance are expensive!

November 2013 Newsletter

The First Internet Liability Insurance Policy

The First Internet Liability Insurance Policy

(designed and placed by Nancy P. James)

In 1997 there was no insurance to protect against internet related business errors. All kinds of new legal issues were arising as people hopped on the web to promote business and products. Name confusion (whoever confused Delta Airlines with Delta Faucets until “delta.com?”) and rights to URL identity became the first cases to be brought to court. Attorneys at TestaHurwitz asked me to craft an internet liability policy for a client providing broad internet content as well as commentary.

When technology insurers turned me down, I looked to media insurers, crafting a peril by peril policy. A “war game” was played to try to break the site, identified perils rated, and the first internet liability policy in the country (likely the world) was placed.

Newsletter March 2011