On May 12, 2017, a massive ransomware cyber-attack infected over 100,000 computers in more than 150 countries. This malware, a Trojan virus known as “WannaCry,” encrypts files, and then threatens to destroy them, unless the victim pays a ransom. Colleagues Jamie Bobotek and Peri Mahaley opined about this recent attack and stress the necessity to take the time now to review and confirm your cyber-privacy insurance in a Pillsbury client alert.
Imagine you are a prime contractor to a Department of the United States of America supplying logistical support for the war on terrorism in Afghanistan. As the prime, you are kicking on all cylinders, including purchasing comprehensive Employer’s Liability, Workers’ Compensation and Defense Base Act (DBA) insurance to cover your own employees against a worker injury claim abroad.
Then the phone rings.
A 30-year-old American worker hired by your subcontractor working on base encountered a swarm of bees while painting; he fell and was crippled. The sub isn’t paying his medical expenses and is apparently nowhere to be found. The injured employee’s bulldog lawyer is on the line threatening to sue your company directly for his client’s devastating injuries.
How can this be?
DBA coverage is workers’ compensation insurance that employers may turn to in the event that an employee is injured while working on a contract financed by the U.S. Government and performed outside the United States. Section 5(a) of the Act provides that “a contractor shall be deemed the employer of a subcontractor’s employees if the subcontractor fails to secure the payment of compensation.”
In the world of Directors and Officers insurance, no coverage may be less understood than the Side A Difference in Conditions (DIC) policy. While this type of insurance is generally available in the market, the vast majority of corporate policyholders do not know what the policy covers or whether it’s worth purchasing in the first place. Even corporations that have Side A DIC coverage are often mystified by how the policy works in conjunction with their standard form D&O policies, and are unaware of how to trigger that coverage when a claim arises. This post seeks to bring Side A DIC coverage—which often sits shrouded in darkness at the top of a D&O tower—into the light, and provides a primer on the significant safety net the policy provides for officers and directors.
Last week, I had the great fortune of going to Cancun with my family. Sun, white sand beaches, amazing Mayan ruins (and traditions) intact. I’m sure you know what it’s like—kids buried in sand, beaming smiles, you relaxing in the sun (perhaps a touch of pink on the shoulders and nose), and an umbrella drink (or two).
And then, with little more than 30 minutes warning, came the rain. And I mean RAIN. Tons of it. Don’t believe me? See for yourself.
That is road, not a river. Those are cars, not boats.
Being in the insurance recovery business, after family concerns my mind immediately started accounting for the losses arising from the storm-related floods. Who was ready for this? Who thought they were ready for this? Who was totally unprepared? And did any of that matter?
In Verizon Communications v. Illinois National Insurance Company, a group of D&O insurers essentially asked, “When is a securities claim not a ‘Securities Claim’” (as defined in their policies)? And a Delaware Superior Court judge effectively answered, “Never.” Judge William Carpenter Jr. rejected the insurers’ crabbed reading of the term “securities claim” under their D&O policies, awarding Verizon some $48 million in defense costs the insurers had withheld.
The case arose from Verizon’s decision in 2006 to spin off its print directory subsidiary, Idearc. After Idearc filed for bankruptcy protection US Bank, as Idearc’s bankruptcy litigation trustee, sued Verizon and a Verizon executive who was Idearc’s sole director at the time of the spin-off, asserting claims of promoter liability and breach of fiduciary duty, payment of an unlawful dividend under Delaware corporation law, and fraudulent transfer under U.S. bankruptcy law and Texas statute.
A panda is sitting in a bar, polishing off his dinner. He pulls out a gun, fires a shot in the air, and heads toward the exit. A stunned waiter demands an explanation. The panda pauses at the door and tosses the waiter a badly punctuated wildlife manual. “I’m a panda—look it up.” The waiter turns to the appropriate entry: “Panda. Large black-and-white bear-like mammal, native to China. Eats, shoots and leaves.” 
Beware the missing Oxford comma!
That was the lesson of a recent decision by the First Circuit Court of Appeals, which held that the omission of an Oxford comma in a Maine employment statute created an ambiguity that must be resolved in favor of dairy delivery drivers. For want of a comma, the dairy is out $10 million.
Is damage resulting from faulty workmanship covered under your CGL policy? In the past, insurers have had success in certain jurisdictions arguing that construction defect cases did not constitute a covered “occurrence” because the damage was purportedly not unintended or unexpected. In recent years, however, courts have shifted course; the majority of courts have found that property damage arising out of faulty workmanship constitutes an “occurrence” under standard-form CGL policies. Additionally, some states enacted legislation requiring CGL policies to define occurrence to include property damage or bodily injury resulting from faulty workmanship, or have made it easier for insureds to obtain coverage for damages as a result of work the insureds performed.
Cyber sages tell us the question is not whether your business will suffer a data breach, but when. To prepare for the inevitable, businesses want to know what is the next threat on the horizon. In the past few months, experts have offered many views on the top cyber trends for 2017, and plenty of advice about security measures companies should take in light of these predictions. But if some loss is a given, businesses also want to know if there will be insurance to cover that loss. We look at some of the forecasts and try to answer that question.
In its Fourth Annual Data Breach Industry Forecast, Experian Data Breach Resolution, a vendor of data breach response and protection services with a track record of handling high-profile incidents, issued and identified five top data breach trends for 2017. We’ll address the first two of those trends in this post.
The vaults of the world’s financial capital are getting stronger locks. On March 1, 2017, new “first-in-the-nation” cybersecurity regulations of the New York Department of Financial Services (DFS) went into effect to protect consumers and the financial system from cyber attacks. While the regulations apply to covered finance and insurance companies, their influence is likely to be felt beyond the companies targeted initially. For this reason, it’s important that all companies with cybersecurity risks understand how the new DFS regulations work, and the insurance coverage issues they may raise.