Photo of Tyler Gerking

Tyler Gerking has a commercial litigation practice focused on recovering money for individual and corporate policyholders under all types of insurance policies, including commercial general liability, directors' and officers' liability, professional errors and omissions liability, employment practices liability and first-party property policies.

 

In November, Tyler wrote about insurance issues raised by both the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act, which goes into effect on January 1, 2020. California’s governor Jerry Brown signed two other cyber-related laws in September, which will also go into effect on January 1, 2020 – Assembly Bill 1906 and Senate Bill 327, which address security concerns relating to devices that are capable of connecting to the internet – the so-called Internet of Things or “IoT”. See California Civil Code 1798.91.04(a) et seq.

The bills largely mirror each other and, put very simply, require manufacturers of devices that are capable of being connected to the internet to equip them with “reasonable” security features that are both appropriate to the device and require a user to generate a new means of authentication before access is granted to the device for the first time. Technologists are debating whether the laws are good or bad, and if good, whether they go far enough. Regardless, the law will become effective and manufacturers of IoT devices will have to comply with them. The law does not provide for a private right of action; it permits the state’s Attorney General to enforce its provisions.

The new California law applies to all connected devices sold or offered for sale in California. Because California is such a large market, this likely means that all such devices sold in North America and Europe will comply with California’s regulations, and older, less secure devices will be diverted to countries with fewer regulations.

Continue Reading Are You Covered for California’s New IoT Laws?

An obscure niche product less than a decade ago, cyber insurance is now a staple of many companies’ risk transfer programs. Its rise in prominence is no wonder. High-profile data breaches have caused businesses millions of dollars in losses and untold reputational harm. Companies are right to shed some of their cyber risks through insurance, and the basic protections it offers are well known. It pays for the business’s investigation and notification to consumers of data breaches, and it defends against ensuing class action lawsuits and regulatory actions.

As valuable as these basic coverages are, companies should carefully consider and address their risks beyond them. Those that fail to do so may leave some of their biggest risks uncovered.

Cyber insurance is not an off-the-shelf product; there is no standard form. Dozens of insurers sell it, each using its own proprietary language. And the market is evolving rapidly to keep up with the risk environment’s shifting sands. Thus, simply renewing last year’s policy will not provide the cutting-edge protection available today. Like other contracts that a business signs, a proposed cyber insurance policy must be scrutinized and negotiated to meet the business’s unique needs.  And the challenges in this area require a group effort that pulls in personnel and resources not just from the finance or risk management departments, but also IT, Legal and others.

Two areas of cyber insurance are seeing particularly rapid change and uncertainty: coverage for exposures relating to the European Union’s General Data Protection Regulation (GDPR) and business interruption coverages. Broad coverage is ostensibly available for GDPR risks, but its enforceability under applicable law is in question. Business interruption coverages are increasingly addressing the interconnectedness and complexity of computer systems in the age of the cloud, where one system’s downtime can affect many other companies’ operations. Continue Reading Keeping Up With the Risks and Protections of Cyber Insurance

A federal district court in Florida has ruled that a claim against a policyholder arising out of a hacker’s theft of confidential credit card information was not covered under a commercial general liability (CGL) policy.  St. Paul Fire & Marine Ins. Co. v. Rosen Millennium, Inc., M.D. Fla. Case No. 17-cv-540 (Sept. 28, 2018).  This is not the first such decision.  Courts have held similarly in Innovak Int’l, Inc. v. Hanover Ins. Co., 280 F.Supp.3d 1340, 1347-1348 (M.D. Fla. 2017) and Zurich American Ins. Co. v. Sony Corp. of America,  2014 WL 3253541, 2014 N.Y. Misc. LEXIS 5141 at *71 (N.Y. Sup. Ct. Feb. 21, 2014).

While we disagree with these courts’ reasoning, policyholders concerned about data breach liability should take note of these decisions and consider buying more reliable insurance protection for this risk. Continue Reading Florida Court Finds No CGL Coverage for Data Breach Claim

While experts debate how quickly autonomous vehicles (AVs) will take over our roads, there is little doubt they will be a fixture in the next decade. Fully self-driving vehicles are predicted to substantially reduce the accident rate, given the dominant role of human error in most crashes today.

But there still will be accidents. And where there are accidents, there are plaintiffs’ lawyers. But who will these lawyers sue, and how will the defendants insure their liabilities?

We explore these questions in our article for WardsAuto. The full article is available, here.

Michael KornFarella’s Insurance Recovery Group lawyers regularly collaborate with and learn from different players and functions within the insurance industry. To provide more value to our readers, we have reached out to a series of insurance brokers to create the Insurance Broker Series Q&A.

Our latest installment is with Michael Korn, Managing Principal, Property Practice Leader with Integro Insurance Brokers. Continue Reading Insurance Broker Series: Michael Korn, Integro Insurance Brokers

Larry RebackFarella’s Insurance Recovery Group lawyers regularly collaborate with and learn from different players and functions within the insurance industry. To provide more value to our readers, we have reached out to a series of insurance brokers to create the Insurance Broker Series Q&A.

Our latest installment is with Larry Reback, Managing Principal, Leader of Policy Response Unit with Integro Insurance Brokers. Continue Reading Insurance Broker Series: Larry Reback, Integro Insurance Brokers

John OrrFarella’s Insurance Recovery Group lawyers regularly collaborate with and learn from different players and functions within the insurance industry. To provide more value to our readers, we have reached out to a series of insurance brokers to create the Insurance Broker Series Q&A.

Our latest installment is with John M. Orr, Managing Principal – West Region Financial Lines Practice Leader with Integro Insurance Brokers. Continue Reading Insurance Broker Series: John Orr, Integro Insurance Brokers

Farella’s Insurance Recovery Group lawyers regularly collaborate with and learn from different players and functions within the insurance industry. To provide more value to our readers, we have reached out to a series of insurance brokers to create the Insurance Broker Series Q&A.

Our latest installment is with Daniel Law, Office President with The Liberty Company Insurance Brokers, Inc.   Continue Reading Insurance Broker Series: Daniel Law, The Liberty Company Insurance Brokers, Inc.

An insurance carrier has declined to defend a claim asserted against its insured, arguably without meeting its obligation to investigate the claim. For whatever reason— a change in personnel, loss of a file, or some other motivation—the carrier has done little, if anything, to investigate the claim tendered to it: no Google search, no phone calls, and very little factual investigation other than the information tendered by the insured. The carrier has, however, relied on the plain language of the policy, and the few facts of which it was aware supported its denial.

But when a court later finds that the carrier’s coverage position was wrong— the facts in existence created a potential for coverage and hence triggered the carri­er’s duty to defend—the insured may argue that its carrier’s failure to investigate sup­ports a finding that it breached the implied warranty of good faith and fair dealing; that is, the insurer acted in bad faith. Continue Reading The Ramifications of a Less-Than-Thorough Investigation

We hope you, your families and friends are safe from the fires raging in various northern San Francisco Bay counties right now. The devastation can feel overwhelming to those who are personally affected by the fires. We want you to know that we’re thinking of you and our community during this difficult time. We’ll post again later in the week as the situation develops and when those affected are able to begin thinking about recovery.