Cover Assets in Shark-Infested Cyberspace

Businesses are noticing their insurance costs. Two years ago, at the bottom of a 10-year soft market cycle, costs were virtually insignificant, representing only .0015 percent of gross revenues. Steeply rising costs now dictate very close attention to premiums and coverage.

This article will examine something that has been unnecessary for the last decade: hard choices in insurance coverage to keep premiums under control in a slow economy. Following are fundamental principles of insurance that help risk managers decide where premium dollars can best be placed.September 11 brought a $70 billion loss to a $300 billion industry. On top of that, a decade-long soft insurance market (typified by more than one dollar paid in claims for every dollar collected in premiums, while investment returns are expected to make up the difference as well as provide profit) has masked the inability of underwriting to quantify the risks associated with increasingly complex technology applications.The insurance market was already hardening in 2000. Then the stock market decline began. Prices are increasing; insurers are declining risks. Insurer capacity to absorb risk has also greatly diminished.So, in protecting business and technology exposures to loss when revenues are down and insurance costs are up, you need a new perspective. Coverage is purchased a peril at a time, so a sound sense of where loss potential lies is essential in determining what to self-insure [i.e., absorb the loss personally, similar to deleting collision from a 10-year-old car] and what risks to turn over to an insurer. Choose insurance as the last solution to protecting your risk.

These are the priorities of risk management.

• Transfer risk of loss to another party (under contract). Leases transfer risk; service contracts address risk assumption and transfer in very detailed ways. Risk transfer essentially shifts the cost of protection as well as specific conditions of protection to another party. For example, it is com-mon for your landlord to transfer to you in your lease the risks of injury to your employees and guests in the office building. You routinely provide a certificate of insurance to your landlord verifying liability coverage at agreed limits.
• Discard the highest risk activities of the business. If computer security is a piece of your business, the risks may outweigh the income (insurers specifically exclude security matters). If high-hazard operations are integral to your total product, physical segregation of the risk will help reduce costs.
• Assume as much risk as you can bear financially by choosing high deductibles, alarms and locks, redundant systems and other physical ways that can protect you before using insurance.
• Transfer to your insurer the catastrophic risk and everything you cannot handle by the above methods.

With respect to technology risks in particular, there is an additional layer of underwriting resistance in addition to the market circumstances noted. In the late 1990s, the occasional iconoclast went on record stating that corporate executives had suspended critical judgment to jump onto the Web. Old economy businesses gained the label of dinosaur as dot-coms burned hundreds of millions of dollars in venture funding. e-commerce, B2B and global economy became terms engendering both opportunity and challenge to the entrepreneur.Optimizing your market possibilities on the Web is yet another task on your desk. There is, however, no doubt about the added exposure. As a consequence of your Web site presence, you will need to address the additional risks assumed as the Internet instantaneously makes your business global. Remember that anyone with a Web presnce is a publisher by virtue of that text, its promises, security issues and consumer expectations. Web sites expose businesses to:

• legal jurisdictions on another continent;
• regulatory concerns: Professionals may well be in violation of narrow geographic license restrictions;
• privacy and security obligations for customers;
• product representations with buyer expectations far beyond that of brochures and traditional advertising material;
• additional exposures of infringement, defamation, invasion of privacy, obscenity, plagiarism and/or unfair competition.

Standard insurance products address and cover only a few of the above perils. You need to examine your promises, client expectations, license restrictions, links and those specific areas listed below to be sure you are not surprised by unnecessary exposures. Even technology insurance specialists are wary of Internet exposures. Technology insurers are considerably more comfortable with computer and component hardware manufacturing, extending to less complex software products. As court cases define responsibilities, insurers are currently excluding Internet perils, even while the need for coverage grows. Specific policy exclusions are being added. Policyholders are largely on their own with respect to defending claims from the Internet.Data security is also a great area of consumer concern. Credit card theft is increasing, especially via the Web. Transference of risk is complicated even when possible. Insurers are also excluding most, if not all, Internet security exposures. Only specialty products address these perils.Specialty insurance products are emerging to address many uninsured issues. New policies address the following.

• Invasion of privacy: Contact information and memberships lists are two examples of common exposed Web content. Be sure to get permission from everyone listed as well as check any statutory compliance regarding your lists. (New insurance policy wording defines “privacy” very narrowly to “rights of private occupancy” to exclude Internet related coverage.)
• Copyright infringement: a growing area of complaint as the world accesses the material you put up on your site.
• Defamation (via e-mail): You should strictly enforce your e-mail policies to minimize your exposure to litigation from offended parties.
• Defamation (via Web sites): often in comparative advertising remarks about competitors.
• Trademark infringement (domain name): Well-publicized cases of domain name disputes and cyber squatting problems are part of the new world of the Internet. No one ever before confused Delta Airlines with Delta faucets, until delta.com.
• Trademark infringement (metatags): Your webmaster should be in close contact with your legal counsel so that you do not find yourself defending against an infringement claim.

Be sure your attorney, compliance officer, risk manager and insurance professional are part of your Web-presence team. Indeed, the Internet may well be on the critical path to your survival. Make sure it’s because it is supporting your business - not exposing it to litigation and insolvency!