A recent case in the Northern District of California offers two cautionary tales to policyholders. First, when buying insurance, companies should understand their risks and ensure that the policies they’re buying match those risks as closely as possible. Second, when a claim arises, policyholders must carefully consider all the allegations, not just the formal causes of action, in the complaint to determine whether they might trigger an insurer’s defense obligation. Continue Reading CGL Coverage for False Advertising and Intellectual Property Claims: Sometimes It’s There, but You Need to Know Where to Look for it
Attorney invoices may be protected in their entirety by the attorney-client privilege during ongoing litigation. After litigation has concluded, however, those same invoices may be discoverable. So concludes the California Supreme Court in a fascinating ending to a case we have been following since last June of last year, County of Los Angeles Board of Supervisors v. Superior Court (opinion). In a 4-3 decision that mirrored the split we observed in oral argument, the Court reversed the decision of the Court of Appeal. Continue Reading California Supreme Court Concludes Attorney Invoices Privileged During Ongoing Litigation
Don’t be too surprised if you see a “wage and hour” exclusion in your employment practices liability insurance policy, especially if you have employees in California. While these exclusions purport to bar coverage for claims brought under laws that govern “wage and hour” practices, lawsuits involving “wage and hour” violations often include alleged violations of other labor-related statutes. This was the scenario presented recently in Hanover Ins. Co. v. Poway Academy of Hair Design, Inc. in which a federal court was asked to decide whether a “wage and hour” exclusion applied to a claim that the insured had failed to reimburse reasonable business expenses in violation of California Labor Code section 2802. Continue Reading Claim for Failure to Reimburse Reasonable Business Expenses Not Barred by EPL Policy’s Wage and Hour Exclusion
The Internet of Things gives rise to many risks and exposures that companies and their insurers were not thinking about as recently as a couple years ago, and probably aren’t fully cognizant of today.
The DDoS attack late last week on internet infrastructure company Dyn should act as a wake-up call. It shows how large and disruptive a cyber attack can become because of all the seemingly benign “things” connected to the internet. And it should cause companies to think about what their risks really are and whether their current risk management approaches address them.
Just one example from this latest attack – I’m reading that one or more of the manufacturers of the devices that were used as bots in this attack must recall a very large number of products because the passwords (which were easily cracked) cannot be changed by the user. The software that runs those products came ready installed on components bought from China, and it is this software that contains the vulnerability. Now that the passwords are known, the devices can no longer be considered secure. Maybe the manufacturers have product recall insurance or maybe they don’t. But they likely never thought they would have to conduct a product recall under these circumstances and whether such a recall might be covered under their current insurance program.
Protect your company by:
- Understanding your company’s IoT exposures.
- Using your company’s broker and coverage counsel to review all insurance policies with IoT exposures in mind and negotiate favorable policy terms.
- Revisiting the policies annually at renewal time because of quickly changing risks and policy terms.
On October 6, the California Supreme Court heard oral argument in Los Angeles Board of Supervisors v. Superior Court, a case that we have blogged about twice in the past because of its possible impact on policyholders (see posts Submitting Your Defense Bills to Insurers Could Mean Waiving Privilege and California Supreme Court Will Review Appellate Decision Holding That Attorney Bills Are Privileged). On appeal, the Court will decide whether to affirm the California Court of Appeal’s decision that legal invoices sent to the County of Los Angeles by outside counsel are within the scope of attorney-client privilege and thus exempt from disclosure under the California Public Records Act. As this issue could have a major impact on policyholders’ ability to share defense bills with insurers, we attended the oral argument. Continue Reading California Supreme Court Leans in Favor of Treating Defense Bills as Privileged Communications
In two previous posts, on April 19, 2016 and June 21, 2016, we reported on the EquityComp workers’ compensation program offered by Berkshire Hathaway subsidiaries Applied Underwriters (Applied) and California Insurance Company (CIC). In the wake of the California Insurance Commissioner’s ruling in Shasta Linen that the EquityComp program is invalid and unenforceable, Applied Underwriters and the Commissioner on September 6, 2016 stipulated to a Cease and Desist Order. The Order can be found online here: Stipulated Consent Cease and Desist Order. Insureds under the program should read it carefully, as it presents them with a number of options. Continue Reading NEW UPDATE: Is Your Workers’ Compensation Program Unlawful?
Policyholders should always consider the potential for coverage under their CGL policies if they suffer a data security breach. However, as the cases described in my article for Corporate Counsel, coverage is highly fact-dependent and subject to interpretation by the courts even in the absence of a data-related exclusion. The addition of such an exclusion narrows the policyholder’s options.
As a result, policyholders should carefully consider their insurance programs and the unique risks that their businesses face in light of their own computer systems, third-party computer systems on which they rely and the data they collect and/or hold. They should consider whether technology errors and omissions liability or cyberinsurance would more effectively address their risks. With the help of their insurance brokers and counsel, companies can negotiate and tailor those policies to their risks and exposures relating to computer systems, personally identifiable information and confidential third-party business information. Some businesses may choose to rely exclusively on their CGL policies for protection against data breach lawsuits. But that decision should be made deliberately after understanding all the risks and options.
Read the full article: Data Security Breach Liability: Is Your Business Covered?
I wrote an article for Risk Management discussing the Federal Aviation Administration’s long-awaited regulations for commercial drones weighing 55 pounds or less and the insurance coverage available to address drone risks. Insurance is widely available, but careful attention should be paid to differences in policy language. Also, expect insurers to incorporate features of the new regulations in their underwriting approach.
You can read the full article on Risk Management‘s website: FAA Clears Drones for Takeoff
In what it described as a case of first impression, the Northern District of California ruled that a professional liability policy that excluded the insured’s “assumption of liability obligations in a contract or agreement” did not extend to breach of warranty or false advertising claims arising out of a genetic data testing company’s marketing and sale of a personal genome service. See Ironshore Specialty Ins. Co. v. 23andMe, Inc. (July 22, 2016) N.D. Cal. No. 14-cv-03286-BLF. What is noteworthy about this case is not so much the decision, but the fact that the insurer challenged coverage on this ground. While this issue apparently has never been decided in the context of a professional liability policy, both case law and custom and practice recognize that the same phrase used in a general liability policy applies only to liabilities “assumed,” i.e. created by, a contractual indemnity agreement. Continue Reading “Assuming” the Obvious: Exclusion for “Assumption of Liability in a Contract” Does Not Apply to Breach of Professional Services
Erica Villanueva and Tyler Gerking will be presenting to the Association of Corporate Counsel (ACC) on September 14 (in San Francisco) and 15 (in Palo Alto) about private company D&O liability insurance, also known as management liability insurance. Below is a description of the program, which will touch on hot issues that many companies are dealing with right now. Use the links to view the event details and register online.
Private D&O Insurance: Things You Should Know
Companies are staying private longer and purchasing private company directors’ and officers’ liability (D&O) insurance, sometimes known as “Management Liability” insurance. When it comes to D&O coverage, most private companies focus on two things: obtaining it, and keeping the premium low. When a company faces a claim, however, it discovers there is much more complexity to private D&O insurance, and often broader coverage than a public company D&O policy. Accessing and maximizing the available coverage may require a concerted, strategic effort on the part of the company, its insurance broker, and insurance coverage counsel. This program will cover:
- Key features of management liability policies
- Common exclusions and limitations
- The practical impact of certain clauses – and widely-available coverage enhancements that can mitigate these impacts
- Implications of common pitfalls and mistakes in reporting and managing claims’”