Your Federal Quarterly Tax Payments are due April 15th Get Help Now >>



									    Insurance Coverage for IP and
  Technology Claims: Data Privacy,
Infringement and Errors & Omissions
            Colorado State Bar
                IP Section
             October 10, 2008

              Dennis M. Cusack
             Mary E. McCutcheon
             James W. Morando
Coverage for IP Risks

•   Copyright, Trademark, Trade Secret
•   Patent Infringement
•   Competitive Business Torts
•   Network Security/Data Privacy
•   Technology Products Liability

Accessing (or Eliminating) Other
Parties’ Coverages

• As plaintiff

• As co-defendant

• As additional insured

Sources of Coverage

•   General Liability
•   Patent Infringement and Abatement
•   Media Liability
•   Network Security
•   Data Privacy
•   Technology Errors & Omissions
•   Directors & Officers Liability

Copyright Infringement

• Remains explicitly covered in CGL policies
   – Part of ―advertising injury‖ coverage

   – ―infringement of copyright, title or slogan‖

• If in ―advertising‖
   – ―Widespread promotional activities usually directed at the public at large‖

   – One on one solicitations

   – Market segments

• Media liability policy may provide broader coverage

General Liability Exclusions

• Broad intellectual property exclusion

• But Copyright, slogan, title

• Internet-based or publishing companies

Trademark Infringement

• May be covered in some CGL policies (rare)
   – ―Misappropriation of advertising idea or style of doing business‖
   – Lebas Fashion Imports

   – Including trade dress, service mark infringement

• Media liability policy is typically needed for coverage

Media Liability Coverage
•       Coverage for intellectual property and unfair
        competition risks excluded by CGL
    –     Advertising and selling over the Internet
    –     Providing services for Internet businesses (e.g., website
          hosting, application service provider)
•       Infringement of copyright, trademark, unfair
        competition, defamation, invasion of privacy
•       Claims-made or occurrence
•       Exclusions
    –     Trade secret misappropriation
    –     Antitrust
    –     Patent infringement
    –     Professional services, including Internet services

Trade Secret Liability

• No Coverage under most policies

• Possible coverage under Directors & Officers
  – For individuals
  – Not company

Directors & Officers Liability

• Typically limited to claims against individual Ds
  & Os, or securities claims against the company

• Private company policy may provide broader
   – IP exclusion for entity, not individuals
   – Possible entity coverage for ancillary claims

Patent Infringement

• Courts generally denied coverage under
  standard CGL

• Related tort claims may trigger coverage

• Patent infringement liability and ―abatement‖

Hidden Business Tort Coverages

• Malicious Prosecution/Abuse of Process

• Defamation/Disparagement

• Antitrust, Lanham Act counterclaims

• Value of the Defense Obligation

Network Security Liability

•       Claims arising from lost or stolen data; for example,
        computer hacking, missing laptops
•       Claims may be brought by –
    –     Consumers alleging actual or potential identity theft
    –     Banks who incurred costs, for example, to reissue credit cards
    –     Vendors and other business partners, alleging damages from
          disruption in operations, or disclosure of trade secrets

•       E.g., lawsuits against TJ Maxx arising out of hacker
        theft of credit card data
•       E.g., theft of personal background info,
        used to mount targeted ―phishing‖

Data Privacy Liability

•       Misuse or improper disclosure of personal data (SS#,
        credit card numbers, etc.)
    –     E.g., transfer of data to marketers, data brokers in breach of
          privacy policies
    –     E.g., failure to control how data is used by those authorized to
          receive it

•       FTC enforcement of privacy agreements and security
        safeguards, e.g., against Choicepoint
    –     Failure to ensure recipients were legitimate
    –     Substantial fines and injunctive relief

•       Requirements for disposal of data

Network Security/Data Privacy—
General Liability Coverage?

• Is there ―property damage‖?
   – Physical injury to tangible property
       • Computer data held not tangible property, or defined to exclude
       • Faulty hardware or software causing physical damage
   – Loss of use of tangible property which is not physically injured
       • Computer fails because of hardware, software failure
       • Generally no coverage if from mere product defect

• Is there ―personal injury‖?
       • Violation of right of privacy is covered
       • But is data theft the ―oral or written publication of material‖?

Network Security Liability Insurance

•       Kinds of claims that are covered
    –     Unauthorized access to database
    –     Identity theft
    –     Inability to gain authorized access
    –     Denial, disruption of service
    –     Inadvertent transmission of malicious code

•       Defense costs may reduce limits of liability

•       What event triggers coverage?
    –     ―Claims-made‖: When a claim for liability is asserted
    –     ―Occurrence‖: When the event took place

Network Security Liability Insurance

• Notable exclusions include:
   – Federal or state agency claims
   – Misappropriation of trade secrets
   – ―Contractual liability‖
       • Obligation to indemnify another for their liability
       • Unless you would be liable anyway
   – Emotional distress (e.g., fear of identity theft) may or may not be


Data Privacy Liability Insurance

•       Offered in package, or as a ―module‖, with network
        security liability and other coverages

•       Kinds of claims that are covered
    –     Invasion of privacy
    –     Trespass and eavesdropping
    –     Breach of your company’s privacy policy
    –     Breach of laws regarding use of personally identifiable

•       Defense costs covered, but may reduce limits

•       Claims-made or Occurrence

Data Privacy Liability Insurance

• Notable exclusions include
   – Federal or state agency claims (e.g., FTC)
   – ―Contractual liability‖
       • Obligation to indemnify another for their liability
       • Unless you would be liable anyway
   – Collection of private information (e.g., cookies, adequacy of the
     company’s notice regarding how information will be used)
   – Integrity of private information
   – Emotional distress (e.g., fear of identity theft) may or may not be

Coverage for Technology Product
Defect Claims

•   General Liability Policies

    –   Property Damage – Physical injury
    –   Property Damage – Loss of use

Coverage for Technology Product
Defect Claims
• Technology Errors and Omissions Liability Policies
   – Often in a package policy with general liability coverage
   – Covered damages include consequential damages

• Software or Hardware

• Notable exclusions are for
   – Costs to recall a product from market
   – Costs to repair or replace the bad product itself
   – Cost overruns on, e.g., software development contracts

• Policies provide liability coverage for professional service
  claims (consultants, service providers)

Traps for the Unwary
• ―Claims-made‖ coverage requires special attention to
  timely notice to insurer of
   – Actual claims, in a notice of loss
   – Potential claims, in the policy application

• The business environment of technology companies
  increases the possibility that notice will be overlooked

• Business pressures may also require settlement of
  disputes before insurers are ready to participate

• Privilege issues

Checklist for Counsel

 Measure complaint against potentially available

 Consider the defense obligation, in addition to indemnity

 Seek advice of policyholder coverage lawyer, if in doubt

 Notify carriers of claims as soon as possible
 Review contractual indemnity provisions
 Consider requiring vendors and partners to obtain
  specialty insurance (not just general liability insurance)
 GC should participate in insurance application process
Checklist to Avoid Triggering Coverage
(what NOT to Plead)
 Avoid negligence in favor of fraud

 Avoid damages as opposed to restitution/injunctive relief

 Do not allege defamation, libel, slander, invasion of
  privacy, malicious prosecution or abuse of process

 Do not include claims against individual directors and


Dennis M. Cusack

Mary E. McCutcheon

James W. Morando


To top