Bringing Order to Chaos: Insurance Issues for E-Commerce Activities
May 2000
The insurance industry has developed insurance
products expressly designed to insure third-party liability and first-party
risks related to e-commerce activities. Other insurers counter that new policies
are not needed or that it is impossible to underwrite the risks being underwritten
by these new policies. Some brokers are responding by selling the new insurance
products to startups and the middle market, and creating alternative solutions
for the Fortune 1000 by focusing on balance sheet protection with alternative
risk transfer mechanisms. The future of such policies is uncertain.
by Michael
A. Rossi
Insurance Law
Group, Inc.
More and more insurance brokers, lawyers, and commentators are writing about
insurance issues for e-commerce activities. This article, the first in a series,
attempts to address the issues in a way that such other articles perhaps do
not---by trying to bring order to the chaos surrounding these issues. Why say
chaos? Because there is absolutely no consensus among the insurance industry,
brokerage industry, or policyholder community with respect to how best to address
these issues. Everything is in a state of flux.
The last year has seen a growing awareness of the risks inherent in the use
of the Internet to conduct business and the continued reliance on internal computer
systems, networks, etc., to keep operations running. Responses to this increased
awareness include the following.
First, the insurance industry has responded with the development of insurance
products expressly designed to insure third-party liability and first-party
risks related to e-commerce activities. A handful of insurers have developed
these liability policies, which cover, among other things, claims for injury
or damage because of a wrongful act, error, or omission in regard to professional
services, the spread of a computer virus, the infringement of some form of intellectual
property right, the invasion or infringement of right of privacy or publicity,
and defamatory conduct.
The first-party policies cover, among other things, lost income and extra
expenses because of the "crash" of the insured's computer system or web site(s),
the denial of access to the insured's web site(s) or computer system, or other
type of loss of computer data, software, and programs (whether caused by an
employee or third person). Such policies also cover extortion risks relating
to the insured's computer system and web site(s).
Some insurers only sell third-party liability policies. Others sell only
policies that insure such first-party risks. Still others sell policies that
insure both the third-party liability and first-party risks. But other insurers
are responding in a different way---by saying either that the new policies are
not needed or that it is impossible to underwrite the risks being underwritten
by these new policies (especially in the first-party context).
Second, the policyholder community has responded to the insurance industry
response to these issues in different ways. For the most part, Fortune 1000
companies are taking the position that they do not want more stand-alone policies
which they have to negotiate, buy, and administer and for which they have to
maintain a separate tower of insurance.
In contrast, smaller companies, especially dot com startup companies, are
buying these policies (at least the ones for third-party liability risks). They
lack the risk manager experience, premium size, and other clout that a Fortune
1000 company can bring to bear when dealing with these issues. Thus, although
there may not be a market for much of these new insurance products for the Fortune
1000 companies, there is a growing market for these products among smaller companies.
Third, insurance brokers are also responding in different ways. One broker
has taken a lead in developing an insurance product designed to insure third-party
liability and first-party risks for e-commerce activities. That broker is Marsh,
with its Net Secure product. Other brokers, however, agree with Fortune 1000
companies that e-commerce risks can be addressed by amending traditional policies.
Some brokers perceive the policyholder market differentiation described above,
and are responding by selling the new insurance products to startups and the
middle market, and creating alternative solutions for the Fortune 1000 by focusing
on balance sheet protection with alternative risk transfer mechanisms.
Accordingly, any discussion of e-commerce insurance issues, to be comprehensive,
must address each of these variant viewpoints and developments. It cannot simply
describe the deficiencies in traditional policies with respect to e-commerce
risks and list and summarize the new insurance products for these risks (the
basic theme of most of the articles that have been written on this subject).
This series of articles will attempt to do just that, and future editions will
address, among others, the following issues.
- What are the e-commerce risks, both from a liability perspective and
first-party perspective (the latter including property, crime, extortion,
and business interruption/extra expense risk)?
- What potential gaps exist in traditional insurance policies with respect
to e-commerce risks?
- How can traditional insurance policies be amended to better respond
to e-commerce risks?
- What alternative risk transfer mechanisms are available to finance e-commerce
risks?
- What are the new stand-alone insurance products for e-commerce risks?
Who is selling the insurance? What do the policies cover?
- What issues should be considered/provisions negotiated in stand-alone
e-commerce insurance policies?
By addressing e-commerce insurance issues in this manner, it is hoped that
all readers will benefit, regardless of whether the reader works directly for
or provides insurance, consulting, brokering, legal, or other services to a
Fortune 1000 company or startup or middle market company.
Opinions expressed in Expert Commentary articles are those of the author and are
not necessarily held by the author’s employer or IRMI. This article does not purport
to provide legal, accounting, or other professional advice or opinion. If such advice
is needed, consult with your attorney, accountant, or other qualified adviser.