Transcript click here for slideshow presentation

Insurance Coverage for IP and
Technology Claims: Data Privacy,
Infringement and Errors & Omissions
Coverage
Colorado State Bar
IP Section
October 10, 2008
Dennis M. Cusack
Mary E. McCutcheon
James W. Morando
1
Coverage for IP Risks
•
•
•
•
•
Copyright, Trademark, Trade Secret
Patent Infringement
Competitive Business Torts
Network Security/Data Privacy
Technology Products Liability
2
Accessing (or Eliminating) Other
Parties’ Coverages
• As plaintiff
• As co-defendant
• As additional insured
3
Sources of Coverage
•
•
•
•
•
•
•
General Liability
Patent Infringement and Abatement
Media Liability
Network Security
Data Privacy
Technology Errors & Omissions
Directors & Officers Liability
4
Copyright Infringement
• Remains explicitly covered in CGL policies
– Part of “advertising injury” coverage
– “infringement of copyright, title or slogan”
• If in “advertising”
– “Widespread promotional activities usually directed at the public at large”
– One on one solicitations
– Market segments
• Media liability policy may provide broader coverage
5
General Liability Exclusions
• Broad intellectual property exclusion
• But Copyright, slogan, title
• Internet-based or publishing companies
6
Trademark Infringement
• May be covered in some CGL policies (rare)
– “Misappropriation of advertising idea or style of doing business”
– Lebas Fashion Imports
– Including trade dress, service mark infringement
• Media liability policy is typically needed for coverage
7
Media Liability Coverage
•
Coverage for intellectual property and unfair
competition risks excluded by CGL
–
–
•
Advertising and selling over the Internet
Providing services for Internet businesses (e.g., website
hosting, application service provider)
Infringement of copyright, trademark, unfair
competition, defamation, invasion of privacy
Claims-made or occurrence
Exclusions
•
•
–
–
–
–
Trade secret misappropriation
Antitrust
Patent infringement
Professional services, including Internet services
8
Trade Secret Liability
• No Coverage under most policies
• Possible coverage under Directors & Officers
policy
– For individuals
– Not company
9
Directors & Officers Liability
• Typically limited to claims against individual Ds &
Os, or securities claims against the company
• Private company policy may provide broader
coverage
– IP exclusion for entity, not individuals
– Possible entity coverage for ancillary claims
10
Patent Infringement
• Courts generally denied coverage under
standard CGL
• Related tort claims may trigger coverage
• Patent infringement liability and “abatement”
policies
11
Hidden Business Tort Coverages
• Malicious Prosecution/Abuse of Process
• Defamation/Disparagement
• Antitrust, Lanham Act counterclaims
• Value of the Defense Obligation
12
Network Security Liability
•
Claims arising from lost or stolen data; for example,
computer hacking, missing laptops
Claims may be brought by –
•
–
–
–
•
•
Consumers alleging actual or potential identity theft
Banks who incurred costs, for example, to reissue credit cards
Vendors and other business partners, alleging damages from
disruption in operations, or disclosure of trade secrets
E.g., lawsuits against TJ Maxx arising out of hacker
theft of credit card data
E.g., Monster.com theft of personal background info,
used to mount targeted “phishing”
13
Data Privacy Liability
•
Misuse or improper disclosure of personal data (SS#,
credit card numbers, etc.)
–
–
•
FTC enforcement of privacy agreements and security
safeguards, e.g., against Choicepoint
–
–
•
E.g., transfer of data to marketers, data brokers in breach of
privacy policies
E.g., failure to control how data is used by those authorized to
receive it
Failure to ensure recipients were legitimate
Substantial fines and injunctive relief
Requirements for disposal of data
14
Network Security/Data Privacy—
General Liability Coverage?
• Is there “property damage”?
– Physical injury to tangible property
• Computer data held not tangible property, or defined to exclude
data
• Faulty hardware or software causing physical damage
– Loss of use of tangible property which is not physically injured
• Computer fails because of hardware, software failure
• Generally no coverage if from mere product defect
• Is there “personal injury”?
• Violation of right of privacy is covered
• But is data theft the “oral or written publication of material”?
15
Network Security Liability Insurance
•
Kinds of claims that are covered
–
–
–
–
–
Unauthorized access to database
Identity theft
Inability to gain authorized access
Denial, disruption of service
Inadvertent transmission of malicious code
•
Defense costs may reduce limits of liability
•
What event triggers coverage?
–
–
“Claims-made”: When a claim for liability is asserted
“Occurrence”: When the event took place
16
Network Security Liability Insurance
• Notable exclusions include:
– Federal or state agency claims
– Misappropriation of trade secrets
– “Contractual liability”
• Obligation to indemnify another for their liability
• Unless you would be liable anyway
– Emotional distress (e.g., fear of identity theft) may or may not be
covered
• READ THESE NEW FORMS CAREFULLY
17
Data Privacy Liability Insurance
•
Offered in package, or as a “module”, with network
security liability and other coverages
•
Kinds of claims that are covered
–
–
–
–
Invasion of privacy
Trespass and eavesdropping
Breach of your company’s privacy policy
Breach of laws regarding use of personally identifiable
information
•
Defense costs covered, but may reduce limits
•
Claims-made or Occurrence
18
Data Privacy Liability Insurance
• Notable exclusions include
– Federal or state agency claims (e.g., FTC)
– “Contractual liability”
• Obligation to indemnify another for their liability
• Unless you would be liable anyway
– Collection of private information (e.g., cookies, adequacy of the
company’s notice regarding how information will be used)
– Integrity of private information
– Emotional distress (e.g., fear of identity theft) may or may not be
covered
19
Coverage for Technology Product
Defect Claims
•
General Liability Policies
–
–
Property Damage – Physical injury
Property Damage – Loss of use
20
Coverage for Technology Product
Defect Claims
• Technology Errors and Omissions Liability Policies
– Often in a package policy with general liability coverage
– Covered damages include consequential damages
• Software or Hardware
• Notable exclusions are for
– Costs to recall a product from market
– Costs to repair or replace the bad product itself
– Cost overruns on, e.g., software development contracts
• Policies provide liability coverage for professional service
claims (consultants, service providers)
21
Traps for the Unwary
• “Claims-made” coverage requires special attention to
timely notice to insurer of
– Actual claims, in a notice of loss
– Potential claims, in the policy application
• The business environment of technology companies
increases the possibility that notice will be overlooked
• Business pressures may also require settlement of
disputes before insurers are ready to participate
• Privilege issues
22
Checklist for Counsel
 Measure complaint against potentially available
coverages
 Consider the defense obligation, in addition to indemnity
 Seek advice of policyholder coverage lawyer, if in doubt
 Notify carriers of claims as soon as possible
 Review contractual indemnity provisions
 Consider requiring vendors and partners to obtain
specialty insurance (not just general liability insurance)
 GC should participate in insurance application process
23
Checklist to Avoid Triggering Coverage
(what NOT to Plead)
 Avoid negligence in favor of fraud
 Avoid damages as opposed to restitution/injunctive relief
 Do not allege defamation, libel, slander, invasion of
privacy, malicious prosecution or abuse of process
 Do not include claims against individual directors and
officers
24
Contacts
Dennis M. Cusack
[email protected]
415-954-4475
Mary E. McCutcheon
[email protected]
415-954-4404
James W. Morando
[email protected]
415-954-4457
25