It’s a familiar pattern. First, new risks inspire legislation and regulations that impose new penalties. Next, insurers and policyholders fight over whether the new liabilities are covered under traditional liability policies. Finally, insurers craft new coverages to define their obligations in the changed environment. See, e.g., DeMeo, Eldred, Utiger & Scruggs, "Insuring Against Environmental Unknowns," 23 J. Land Use & Envtl. L. 61, 62-65 (2007). In this ... Keep Reading »
Cybersecurity
Telematics and Usage-Based Insurance: Benefits, Challenges, and the Future
The NAIC's Center for Insurance Policy and Research (CIPR) released a white paper in March 2015 providing an excellent overview of the brave new world of automobile "telematics" data and their use in premium rate-making by auto insurance. Telematics allow for the measurement of actual driving habits, through remote access to a vehicle's real-time driving data. Thus, a driver's actual experience can be studied in data transmitted from, for example, the vehicle's ... Keep Reading »
Cyber Risk as a Regulatory Issue: Tales of Encryption
Spurred by the prescient reporting found in this space (and, just maybe, by the Anthem data breach, which occurred a week later), insurance regulators have recently engaged in a flurry of regulatory activity relating to cyber security issues. Very shortly after the Anthem breach was announced, the newly-formed Cybersecurity (EX) Task Force of the National Association of Insurance Commissioners (NAIC) called for a multi-state examination of Anthem's cybersecurity ... Keep Reading »
Cyber Risk as a Regulatory Issue: A Connecticut Regulator Shares Her Insights
Even at Sony, cyber security was a hot topic before Kim Jong-un took an interest in Seth Rogen’s oeuvre. In 2011, hackers gained access to the personal and financial information Sony had collected on more than 100 million participants in its on-line gaming networks. The incident was the subject of more than 60 class actions, for which Sony announced a settlement last summer. Sony’s plight illustrates one facet of the interrelationship between cyber risk and ... Keep Reading »
If a Tree Falls on the Internet … An Insurer Has a Duty to Defend
Legal bloggers sometimes ask themselves: If my post appears on the Internet, but there’s no evidence anyone has read it, have I been published? The question has not yet been finally resolved among law firm compensation committees, but, in the data privacy context, a federal court in Virginia recently offered an emphatic "yes." In Travelers Indemnity Company of America v. Portal Healthcare Solutions, LLC, No. 1:13-cv-917(GBL) (E.D. Va. Aug. 7, 2014), the court found ... Keep Reading »