Photo of Cristina Shea

In early February of this year, we wrote about a New Jersey court’s recent decision in Merck & Co., Inc. et al. v. Ace American Ins. Co. et al., Case No. UNN-L-2682-18 (N.J. Sup. Ct.) regarding the applicability of a “war exclusion” for acts of cyberwarfare.  Shortly thereafter, the Russian invasion of Ukraine once again brought to the forefront images of war—both in the traditional sense—as well as in the context of cyberwarfare.  While the war in Ukraine has thus far comprised of mainly mostly low-impact cyberattacks by Russian-linked hackers, the perceived increased risk of cyber-attacks in the Russia/Ukraine conflict certainly has the insurance market evaluating its appetite for coverage in this area and looking for ways to clarify coverage in the event of a cyber-attack. 

One way the market has sought to clarify coverage is through the use of the “war exclusion” that is typically found in property and casualty policies, cyberliability policies and other forms of coverage.  This exclusion was originally designed to exclude damage arising from these “traditional” warlike acts between sovereign and/or quasi-sovereign entities.  See Pan American World Airways, Inc. v. Aetna Casualty & Surety Company, 505 F.2d 989 (2nd Cir. 1974) (“[W]ar is waged by states or state-like entities and includes only hostilities carried on by entities that constitute governments, at least de facto in character”). 

But, traditional notions of warfare are evolving.  “Attacks” are now often committed behind the shield of computer screens and in a technological territory.  Unsurprisingly, this evolving landscape of war is translating to evolving views on insurance coverage and evolving arguments around the interpretation of the “war exclusion.”Continue Reading War exclusion: changing battlefields and coverage implications

U.S. and international businesses are accelerating their use of artificial intelligence (AI)[1] at an unprecedented rate. The second AI Index Report published in December 2018 by a Stanford University-led group concluded that “AI activity is increasing nearly everywhere and technological performance is improving across the board.” The AI Index Report further found that “the number of AI startups has seen exponential growth” and that “[f]rom 2013 to 2017, AI VC [venture capital] funding increased 350%.” Growth in this area will continue and will infiltrate every imaginable industry: from assisting doctors in detecting lung cancer to the use of self-driving trucks to deliver mail, AI is the New Frontier.

As businesses race to implement AI solutions and processes that may improve efficiency and lower costs, AI will also create new and ever-evolving risks. And when a company’s AI fails to perform as expected, or AI is breached or manipulated in a cyberattack, new and thorny questions about how to apportion liability for resulting losses emerge. The question only becomes thornier when it is a company’s supplier, contractor, or service provider that experiences a breach or failure.

It will be difficult to apply traditional tort liability schemes to AI-related loss scenarios, but there is no doubt that AI will change the way we look at the insurability of losses. Nonetheless, for businesses that use, or are considering using, AI, either directly or indirectly, there are concrete steps those companies can take to enhance their insurance and risk management programs to mitigate against the threat of AI-related loss. Although coverage needs vary from company to company and should be assessed on an individual basis, a non-exhaustive list of threshold issues to consider are as follows:Continue Reading Artificial Intelligence: The New Frontier for Assessing Insurance Coverage

In Deere & Co. v. Allstate Ins. Co., 2019 WL 912151 (Cal. Ct. App. Feb. 25, 2019), a California Court of Appeal recently held that an insured’s self-insured retention (SIR)[1] was considered part of the underlying limit of liability such that it need not be satisfied again and again just to access excess insurance policies. This case represents another example of the California appellate courts shooting down an insurance company’s attempt to overreach. Nonetheless, insurance companies will continue to look for ways to avoid providing the coverage they contracted to provide, and policyholders must always be vigilant.

This particular dispute arose over insurance coverage for several asbestos personal injury claims made against manufacturer Deere & Company arising from products it manufactured from 1958 to 1986. During that period, Deere had coverage in place via a series of first-layer umbrella policies[2] for personal injury claims; several layers of excess insurance provided additional coverage above the limits of the first-layer umbrella policies. In all, there were 49 policies at issue representing $200 million in policy limits. In all of its first-layer umbrella polices, Deere contracted to pay an SIR before the coverage limits would be reached. Deere’s excess policies “followed form” to the first-layer policies, except the excess policies had different limits of liability.
Continue Reading Self-insured retentions are not a windfall for excess insurers looking to avoid coverage

As reported extensively in the media over the past week, the cannabis industry has been hit hard by recent natural disasters. While companies doing business in this industry may face some unique challenges in purchasing insurance, and when attempting to obtain coverage for losses, insurance coverage – contrary to certain media reports – nevertheless may be available to them.  As such, cannabis-related companies should not just pass on submitting claims to their insurers when they experience losses.  Nor should they reflexively forego obtaining insurance in the first place.

Recent media reports

Both the Northern California wildfires and Hurricane Maria have caused extensive cannabis-related losses:

  • On October 13, 2017, The New York Times reported: “Fatal fires that have consumed nearly 200,000 acres in Northern California, devastating the region’s vineyards particularly in Napa and Sonoma Counties, are also taking a toll on a fledgling industry just months before its debut: recreational marijuana. Many of the region’s farms, including those that harvest cannabis, have been scorched, including those in Sonoma County and in Mendocino County, the center of California’s marijuana industry. Mendocino is one of three California counties that comprise [the] Emerald Triangle, where much of the United States’ marijuana is produced.”
  • On October 12, 2017, cnn.com reported: “Blazes have destroyed a number of farms in Mendocino County right before legal recreational sales begin in California.”
  • Also on October 12, 2017, the USA Today reported that “[m]arijuana farmers and dispensary owners across Northern California are nervously watching as wildfires burn through some of the state’s prime cannabis growing areas and destroy valuable crops ….”
  • On October 11, 2017, Marijuana Business Daily reported: “Hurricane Maria devastated Puerto Rico’s medical marijuana industry, setting back its development at least six months – if not much longer – and causing millions of dollars in damage to [medical marijuana] businesses. No outdoor marijuana cultivation facilities survived ….”

Often citing industry insiders, some of these publications have reported that insurance is not available to cover cannabis-related losses. The New York Times, for example, reported that “reliable insurance [is] difficult to acquire.”  Other publications went further, stating categorically that no insurance is available to the cannabis industry.  CNN reported:  “Cannabis cultivators cannot insure their businesses because federal law prohibits marijuana, which means that financial institutions can’t go near it.”  Likewise, the USA Today reported that “pot growers can’t get crop insurance like traditional farmers ….”
Continue Reading In Wake of Disasters, Do Not Just Assume No Coverage Available for Cannabis-Related Losses

The October 21, 2016 DDoS attack on the internet’s domain name system infrastructure underscores the need to consider cyberliability insurance coverage as a critical component of your company’s security and privacy breach response plan, and if your company carries cyberliability insurance, to ensure that your coverage will respond to a network business interruption, security breach

A California district court pushed back on the restrictive interpretation of a standard intellectual property exclusion and found coverage for a policyholder’s patent related lawsuit. The United States District Court (Northern District of California) recently ruled that claims asserting (1) the breach of a patent license agreement and (2) patent misuse were covered under a commercial insurance policy, and not subject to the policy’s intellectual property exclusion.  Moreover, the court found that the mere fact that claims are related to assertions of infringement does not preclude coverage unless the claims assert injuries as a result of that infringement.

The Underlying Action

Policyholder Tessera initiated an International Trade Commission (ITC) investigation, accusing several companies of infringing its patents by importing and selling semiconductor packages.  Several of these companies were customers of Powertech Technology Inc. (PTI), a company that had obtained a license agreement from Tessera.  In December 2011, PTI sued Tessera on several claims and defenses relating to Tessera’s ITC investigation, including breach of the licensing agreement, fraud and deceit, and patent misuse. In February 2012, Tessera tendered the defense and immunity of these claims under three commercial insurance policies issued by St. Paul Mercury Ins. Co. (St. Paul), which accepted the tender of defense under a full reservation of rights, but disputed coverage.  After initial motion practice, Tessera and PTI resolved the action by settlement.

The Coverage Action

In April 2012, St. Paul initiated an action for declaratory relief against Tessera, claiming that the standard intellectual property exclusion in its policy excluded from coverage the claims asserted against Tessera. The exclusion at issue bars coverage for: “injury or damage or medical expenses that result from any actual or alleged infringement or violation of any of the following rights or laws: […] Patent…Other intellectual property rights or laws….”  The exclusion also bars coverage for “any other injury or damage or medical expenses alleged in a claim or suit that also alleges any such infringement or violation.” 
Continue Reading A Recent California Federal Court Decision Restores Coverage For Some Patent-Related Lawsuits

The tables may be turning. Insurers often seek to avoid their coverage obligations by invoking time limitations in their policies for providing claim notifications. On the other hand, these same insurers routinely take their sweet time in responding to claims, contending that they need time to “investigate” even before making a decision whether or not to provide a defense to a lawsuit, which in most cases simply requires the insurer to review the allegations in the complaint to determine whether there is a potential for coverage under their policies. Once they decide to provide a defense (which in some cases can be weeks if not months after the insured has had to retain its own defense counsel to respond to a suit), insurers claim they have the right to control the insured’s defense, including the selection of defense counsel, and will force the insured to accept new defense counsel that are not up to speed on the case. Not so fast, according to a recent decision from the United States District Court for the Northern District of California.
Continue Reading Insurers Beware: Respond Promptly or Lose the Right to Control the Defense

Data breaches at colleges and universities are on the rise. These institutions are targets because their networks have access to a large amount of private information, including educational and medical records, as well as employees’ personal data. But in other instances, their systems are being attacked for malicious sport.

In a recent Client Alert members