A few years ago, as companies rushed to plug into the World Wide Web, some
business policyholders scrambled to find answers to two fundamental questions
relating to e-commerce and commercial insurance. The first question was
whether electronically recorded or stored information—for example, data,
programs, software and other media (hereinafter, "computer
data")—is "tangible property." A second but related question
was whether such computer data could be subject to "physical loss or
damage."
Some insurance buyers focused on these two questions because the insuring
agreements in standard-form commercial general liability and commercial
property insurance policies rest on the concepts of "tangible
property" and "physical loss or damage." The standard
commercial general liability (CGL) insurance policy protects against
liability for "property damage," defined as "physical injury
to tangible property . . . or loss of use of tangible property that is not
physically injured." The standard commercial property insurance form
insures against "all risks of physical loss or damage" to covered
property.
In the early 1990s, a handful of court decisions touched on these
questions but did not squarely answer them. Thus, with the approach of Y2K,
some commercial buyers of insurance were understandably confused as to the
application of the standard policies to e-commerce activities.
Now, in 2001, we report that case law relating to questions of coverage
for loss of computer data under standard commercial insurance policies
appears to remain unresolved. We find this development ironic, given the fact
that (a) several insurers, on both CGL and property policies, have paid
claims involving computer data during the last several years; (b) some
off-the-shelf insurance forms expressly recognize that computer data is
"tangible property" or subject to "physical loss or
damage"; and (c) several insurers, when structuring insurance programs
in today's market, take the position that computer data is "tangible
property" or subject to "physical loss or damage."
The problem is that there are still a few insurers that might challenge
this issue in court if presented with a claim where the policy does not
expressly address the issue. Thus, the lack of clear and unequivocal case law
on the subject can leave some commercial insurance buyers in the dark as to
the scope of coverage for computer data losses provided by their insurance
programs.
What does this mean for companies whose existing policies do not expressly
state that computer data is "tangible property" or subject to
"physical loss or damage"? Can they be confident of coverage? And
what of companies now looking ahead to renewal? In the still uncertain legal
climate, will companies face an unpleasant surprise if they do not act now to
put these questions on the table while negotiating their policies?
In this article, we will trace the evolution of court decisions dealing
with the questions of whether computer data is "tangible property"
or subject to "physical loss or damage" for purposes of insurance
coverage. In a subsequent article we will (a) explain the arguments that
policyholders should make when faced with claims involving computer data
under policies that do not expressly address these issues; and (b) suggest a
strategy for insurance buyers to consider to avoid the uncertainty that still
exists with respect to these issues.
Is Computer Data Subject to "Physical Loss or Damage"?
A federal court in Kansas appears to be the first court to have issued a
published decision addressing the question of whether a standard-form
first-party property policy would protect the insured against loss of
computer data. In Home Indemnity Co. v Hyplains Beef,
L.C., 893 F Supp 987 (D Kan 1995), aff'd without opinion, 89 F3d
859 (10th Cir 1996), a meat packing plant purchased a computer system to help
control cutting and track inventory. When placed online, the computer system
failed to retain the electronic data fed into it. Without the data, the
packing plant suffered a decrease in orders and lower than normal carcass
yields. The court observed that the claim raised:
several interesting questions. Among these are whether there could in
fact be a "direct physical loss" to the electronic data which was
allegedly collected but never existed in a tangible form. Also, because the
electronic data never existed in a usable form, was it in fact lost or
rather did it never come into existence?
However, the court did not answer this question, holding instead that
there was no coverage for the packing plant's business interruption claim
because the decrease in plant efficiency was not a complete
"suspension" of plant operations.
Is Computer Data "Tangible Property" for Insurance Coverage
Purposes?
A string of cases involving both standard-form CGL insurance policies and
a first-party employee theft policy next raised the question of whether
computer data was "tangible property" for purposes of applying the
policies' "property damage" definition. In Centennial Insurance Co. v Applied Health Care Systems,
Inc., 710 F2d 1288 (7th Cir 1983), the insured installed a faulty
controller in its customer's data processing system, causing random loss
of the customer's billing and patient care information. Taking the
position that the customer would not be able to prove any "physical
injury to tangible property," the insurer refused to defend. The court
held that the insurer was obligated to defend the claim because there was at
least a potential that the customer might prove there had been damage to
tangible property. But because only the duty to defend was at issue, the
court stopped short of deciding that the computer data was in fact tangible
property.
In Magnetic Data, Inc. v St. Paul Fire &
Marine Insurance Co., 442 NW2d 153 (Minn 1989), the policyholder had
erased data from its customer's disks while checking the disks for
defects. The Minnesota Supreme Court concluded that because the disks and
data had been in the insured's possession when the loss occurred,
coverage was barred under a "control of property" exclusion. But,
because the lower court had reasoned that an injury to tangible property was
not a requirement of coverage, the state supreme court dealt with the
"tangible property" question by stating that it would not extend
the policy to provide coverage for damage to intangible property. The
court's statement does not actually resolve the "tangible
property" question, but some courts and commentators have assumed that
it did so—in favor of insurers.
Soon after Magnetic Data, an intermediate
appellate court in Minnesota held that loss of computer data was covered
under a CGL insurance policy. In Retail Systems, Inc.
v CNA Insurance Cos., 469 NW2d 735 (Minn App 1991), a customer's
computer tape mysteriously disappeared while in the insured's custody.
After finding the phrase "tangible property" to be ambiguous in the
case of computer data, the court observed that the data recorded on the tape
was merged with the tape itself. Thus, when the entire tape was lost along
with its embedded data, there had been a loss of tangible property. However,
the Retail Systems case did not actually answer the question of whether data
itself, apart from the medium in which it is stored, is "tangible
property."
Another Minnesota court then added further confusion, attempting to apply
the reasoning of Magnetic Data and
Retail Systems in a case that did not even
involve electronic data, but rather information recorded on paper in
three-ring binders. In St. Paul Fire & Marine
Insurance Co. v National Computer Systems, Inc., 490 NW2d 626 (Minn
App 1992), the insured used photocopies of its competitor's confidential
pricing information that it had obtained when it hired its competitor's
former employee. The insured argued that under the Magnetic Data and Retail
Systems decisions, the loss of its data in the binders was a loss of
tangible property. The court disagreed, reasoning that the binders themselves
had not been lost or damaged, nor was the information in the binders rendered
unusable. The court viewed the claim as involving a loss of the exclusive use
of the information rather than a loss of the information itself. Viewed in
this way, there was no coverage because there was no damage or loss of use of
tangible property, but only an injury to the competitor's right to use
the property.
A federal court in Florida subsequently relied on National Computer Systems to hold that a first-party
employee theft policy did not provide coverage for losses sustained when the
employee of a cellular telephone service provider disclosed access codes that
enabled non-customers to use the telephone service. In Peoples Telephone Co. v Hartford Fire Insurance Co., 36 F
Supp 2d 1335 (SD Fla 1997), the court reasoned that the policy term
"tangible property" was unambiguous, and that the only real loss
suffered was the loss of the economic value of the access codes, an
intangible. As in National Computer Systems,
the loss arose not from the loss of data, but from an inability to restrict
its use by others.
As a careful reading of these cases reveals, there still is no clear
answer -- in the case law -- to the "tangible property" conundrum.
Maybe the "perfect" fact pattern has not yet occurred that would
place squarely before a court the question of whether computer data is
"tangible property" or subject to "physical loss or
damage." Maybe the courts are not publishing decisions on the issue, or
maybe insurers are settling out of court and thereby preventing the
development of a clearer body of law.
The Bellwether Ingram Micro Case
In 2000 a court was faced with the question originally posed in
Hyplains Beef—whether a loss of computer data
could be "physical loss or damage" to property. In American Guarantee & Liability Insurance Co. v Ingram Micro,
Inc., 200 U.S. Dist LEXIS 7299 (D Ariz Apr. 18, 2000), a federal court
in Arizona held that the loss of computer data was physical damage to the
insured's computer equipment under a business interruption policy. Ingram
Micro's loss was caused by a brief electrical power outage, during which
custom programming information stored in the computers' random access
memory was lost. Ingram Micro lost data processing capability at its data
center hub location for several days while the system's default
programming was replaced with its custom programming configurations.
The insurer argued that there had been no "physical damage" to
the computer system because the computers retained their default programming
and their inherent ability to accept and process data. The court disagreed,
finding that "physical damage" is not restricted to the physical
destruction or harm of computer circuitry but includes the "loss of
access, loss of use, and loss of functionality."
Ingram Micro does not precisely answer the
question whether damage to computer data is "physical loss or
damage." Instead, Ingram Micro appears to
stand for the proposition that when the computer data stored in a computer is
altered, the computer itself has suffered
"physical loss or damage."
Also, the federal district court's decision in Ingram Micro may not be the last word on this subject. The
case settled after the Ninth Circuit Court of Appeals refused to hear an
early appeal before trial. The federal district court's decision may be
highly persuasive, but it is not binding on other courts. So, at least
technically speaking, the matter is open to further debate if an insurer
wants to test the issue in a different court against a different
policyholder.
So Where Does This Leave Insurance Buyers?
Despite the fact that several courts have been faced, in the insurance
context, with the question of whether computer data is "tangible
property" or subject to "physical loss or damage," there
appears to be no definitive case law on the subject. Still, there are many
good arguments to explain why, for insurance coverage purposes, computer data
can be deemed "tangible property" and subject to "physical
loss or damage." Some lawyers are even looking at tax law as one source
of arguments in favor of coverage for computer data under traditional policy
language. We'll take a look at these and other pro-coverage arguments in
our next article.
Only time will tell if the courts will fully—and consistently—find that
computer data is "tangible property" and subject to "physical
loss or damage." As long as these questions remain unanswered in the
courts, insurance buyers should consider dealing with these issues during
renewals. Our next article will explain the arguments that policyholders can
make at claim time, and will also discuss several different ways to address
these issues with insurers during renewals.
Click on Part 2 to go to
the second part of this article.
This article was written by
Catherine Rivard and edited by Michael Rossi.
Catherine Rivard is Senior Risk
Management Counsel at Insurance Law Group, Inc., a law firm providing legal
services to middle-market and multinational corporate risk managers. She
advises on initial placements and renewals (including e-commerce issues),
manuscripts insurance policies, and handles disputed claims outside of
litigation. She previously was a partner of Troop Steuber Pasich Reddick
& Tobey, LLP. Ms. Rivard has represented policyholders in insurance
matters since the mid-1980s. She developed the first arguments for
"personal injury" coverage in asbestos-in-building and
environmental claims. More recently, she wrote briefs in Alpha Therapeutic Corp. v. Home Insurance Co.,
90 Cal. App. 4th 1330 (2001) (single-occurrence
multi-injury claim not limited to single policy year's
limits).
Ms. Rivard is a member of the State Bar of California and
the American and International Bar Associations. She earned her JD degree in
1986 from Northwestern University and her AB degree in political science, cum
laude, in 1982 from Occidental College. Ms. Rivard can be reached by
email.