Whether you’re a small or large firm, if you’re in the market for a stand-alone
e-commerce liability policy, this article explains the issues to consider.
Learn tips on how to negotiate coverage and compare various insurers’
off-the-shelf forms. Published in conjunction with a policy comparison chart,
this article examines the state of the market and identifies various insurers,
their respective forms, and capacity.
This is the fourth installment in a series of articles for this column which
discusses insurance issues for e-commerce risks. The first three installments,
listed below with appropriate links, provided a broad, general overview of
e-commerce insurance issues.
This installment focuses on stand-alone e-commerce liability insurance
policies. More specifically, if you're thinking of buying one of the new
stand-alone e-commerce policies, what issues should be considered when
negotiating coverage, or even just comparing one off-the-shelf form to
another?
As noted in the previous articles, different sectors of the policyholder
community appear to respond to e-commerce insurance issues in different ways.
Most large companies are not buying any of the new stand-alone e-commerce
policies. This is because their current insurance programs contain most, if not
all, of the different types of policies needed to cover much of the risks posed
by e-commerce activities. They need only "tweak" such policies here
and there to more fully respond to the panoply of e-commerce risks.
In contrast, most small companies involved in e-commerce are buying the new
stand-alone e-commerce policies, at least with respect to the liability
coverages provided by such policies. This phenomenon is occurring for a number
of reasons. First, by and large, such companies are just now building their
insurance programs and deem it viable to include such a policy in their program
on a primary basis and build around it. This is opposed to buying such a policy
on a difference-in-conditions/difference-in-limits (DIC/DIL) basis, which is
what is being offered, for the most part, to large companies with sophisticated
insurance programs that already respond to a lot of e-commerce risks.
Second, many smaller companies do not have the size, premium volume, or risk
management expertise necessary to make "tweaking" traditional
policies viable. Insurers just are not willing to make any changes to
off-the-shelf policies in regard to e-commerce risks for such companies-a
concession often rendered to large customers.
Accordingly, this installment is really for those companies (large and
small) that are buying one of these new stand-alone e-commerce policies. The
article does not list all of the issues that should be considered, but does
highlight some very important considerations.
Stand Alone E-Commerce Market Survey
This chart lists examples of stand-alone e-commerce insurance policies. Some
of the listed forms cover both first-party losses and third-party liability
claims. Some of the forms cover only one or the other of these two types of
risks. And with regard to first-party risks, some of the forms cover only the
insured's direct loss, while some also cover the insured's liability to
others for loss (e.g., employee theft, third-party theft). Accordingly, the
description of coverages is for general information only, and the actual
coverage provided by each listed policy is subject to the terms and conditions
of that policy.
With respect to the contact information provided, in most cases it directs
you to a general home page of a website. Since it can be frustrating to try to
obtain information about products from websites, often the quickest way to get
information and/or policy wording is by contacting an insurance broker (who
works in this area) and/or the insurer itself to ask for a copy of the policy
(preferably an electronic copy).
Any insurer listed below that believes that its product has been
characterized incorrectly, please direct comments to Michael Rossi. Any such
incorrect characterization is not intentional and will be corrected if we are
advised of the error. Any insurer who is not listed below that sells
stand-alone e-commerce insurance and who wants to be listed in the chart,
please send contact information and a copy of your policy form to Michael
Rossi, whose address and other biographical information can be accessed by
clicking on his name above. Also see the Insurance Law Group website at
www.inslawgroup.com.
STAND-ALONE E-COMMERCE
INSURANCE POLICIES |
Insurer, Managing General Agent, or
Insurance Broker |
Policy Name |
3rd Pty. Crime |
Employee Dishonesty |
BI and EE |
Extortion |
Prof. Svcs. Liab. |
Media E&O Liab. |
Policies Sold in the
U.S. |
AIG
|
NetAdvantage Pro + Internet Professional Liability Policy |
No |
No |
No |
No |
Yes |
Yes |
AIG
|
NetAdvantage Security + Internet and Computer Network Security
Policy |
Yes |
Yes |
Yes |
Yes |
No |
Yes |
AIG
|
Net Advantage Liability Internet and Professional Security
Liability Insurance |
Partial: for liability arising therefrom |
Partial: for liability arising therefrom |
No |
Yes |
Yes |
Yes |
AIG
|
ProTech Technology Liability Insurance Policy |
No |
No |
No |
No |
Yes |
Yes |
Chubb
|
Cyber Security |
Yes |
Yes |
Yes |
Yes |
No |
No |
Chubb Executive
Risk
|
Safety'Net Internet Liability Insurance |
No |
No |
No |
No |
No |
Yes |
Hiscox
|
Hacker Insurance |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Legion
Indemnity Company
|
INSUREtrust Electronic Information E&O (EIE&O) Liability
Policy |
Partial: for liability arising therefrom |
Partial: for liability arising therefrom |
No |
No |
Yes |
Yes |
Lloyd's
|
Computer Information and Data Security Insurance |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Lloyd's (WISP) |
Website Crime & Intranet Insurance |
Yes |
Yes |
Yes |
Yes |
No |
No |
Lloyd's (Besso) |
Technology, Media and Professional Liability Insurance |
No |
No |
No |
No |
Yes |
Yes |
Lloyd's
(JLT Risk
Solutions)
|
E-Comprehensive |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Marsh
|
NetSecure |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Media/Professional Liability (Gulf)
|
CyberLiability Plus Insurance Policy |
No |
No |
No |
No |
Yes |
Yes |
Royal Surplus Lines |
Computer, Telecommunications and Internet Services Liability
Coverage |
No |
No |
No |
No |
Yes |
Yes |
St.
Paul
|
Technology Premier Computer Network Security Protection
(Networker) |
Yes |
Yes |
Yes |
Yes |
No |
No |
St.
Paul
|
Cybertech+ Liability |
No |
No |
No |
No |
Yes |
Yes |
Tamarack (Great American) |
Dot.Com Errors and Omissions Liability Insurance Policy |
No |
No |
No |
No |
Yes |
Yes |
Zurich North American Financial Enterprises
|
E-Risk Protection Policy |
Yes |
Yes |
Yes |
Yes |
No |
Yes |
Policies Sold in
Europe |
ACE
Europe
|
DataGuard |
Yes |
Yes |
Can be added |
Yes |
No |
No |
Hiscox
|
Hacker Insurance |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Lloyd's
(JLT Risk
Solutions)
|
E-Comprehensive |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Marsh
|
NetSecure |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Park Insurance
Services
|
Internet Insurance |
No |
No |
No |
No |
Yes |
Yes |
Zurich North American Financial Enterprises
|
E-Risk Protection Policy |
Yes |
Yes |
Yes |
Yes |
No |
Yes |
Policies Sold in
Australia |
Marsh
|
NetSecure |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
St.
Paul
|
Technology Premier Computer Network Security Protection
(Networker) |
Yes |
Yes |
Yes |
Yes |
No |
No |
St.
Paul
|
Cybertech+ Liability |
No |
No |
No |
No |
Yes |
Yes |
Below are the policies that the author has seen being quoted with the
greatest frequency when it comes to insuring e-commerce liability risks. The
list set forth is not intended to be exhaustive, but rather illustrative.
When buying a stand-alone e-commerce liability policy, it is important to
understand the state of the market. What different policy forms are available?
What do they do? What capacity (i.e., limits of liability available) does the
insurer selling the cover have? These are important issues to consider when
reviewing quotes that the broker brings back from the market.
Insurers, Forms, and Capacity
There are at least two different ways to buy stand-alone e-commerce
insurance for liability risks. You can purchase one of the new combined forms
that provide both first-party coverage (commercial property, crime, employee
dishonesty, kidnap and ransom, business interruption, extra expense, etc.) and
third-party liability coverage. However, buy only the third-party liability
coverages of that combined form. The other way is to buy one of the policies
that provides only third-party liability coverage.
AIG is selling stand-alone e-commerce liability insurance
at least a couple of different ways. For example, AIG offers several different
versions of a policy called the "netAdvantage Internet Professional
Liability Policy," providing different levels of coverage. Insureds should
consider asking for the policy that contains the greatest levels of coverage
(most likely the "pro +" form), and start working from there (i.e.,
asking for coverage enhancements to that form).
Interestingly, AIG can also offer e-commerce coverage another way, by using
its Pro Tech form. The Pro Tech form insurance program uses
"modules." You buy the basic "platform" policy (a lot of
terms and conditions, but no insuring agreements), and then attach different
modules as endorsements (each module is a different insuring agreement, with
any additional definitions, terms, conditions, and exclusions needed to address
a particular activity). The modules include, but are not limited to, the
following:
- Technology Professional Liability
- Media Errors and Omissions
- Telecommunications Professional Liability
- netAdvantage
- Miscellaneous Professional Liability
It is AIG's intention that the netAdvantage module provide the insured
using the Pro Tech form the same liability coverage afforded by the
netAdvantage Professional Liability Policy (beware, though, because wordings do
indeed differ between the two programs).
It appears that the way AIG intends these different offerings to work is as
follows. If the insured just wants e-commerce activities covered, it should buy
the netAdvantage policy. If the insured wants to insure e-commerce activities
and other activities, it should by the Pro Tech policy and add all of the
modules it wants to add. The netAdvantage module is a two-page endorsement to
the Pro Tech form, and addresses e-commerce activities. The other modules pick
up non-e-commerce related activities. The Miscellaneous Professional Liability
module can be used to address any professional services that the insured is
doing that are not otherwise addressed by the other modules—the insured just
lists the different services in the endorsement module.
AIG's capacity on these different forms appears to be substantial, and
AIG stands out in the market regarding capacity when compared to the other
insurers' offering of stand-alone e-commerce liability insurance. (The
other insurers referenced above that sell combined first-party and third-party
forms also offer substantial capacity.) AIG has the ability to offer up to at
least $25 million in limits on these lines of coverage. The capacity on the
other forms seen quoted is much more limited, ranging anywhere from $2 million
to $5 million, depending on the prospective insurer at issue.
Chubb also offers different products. For small companies,
it sells the "Safety'Net Internet Liability Policy." This policy
addresses only media errors and omissions risks related to e-commerce
activities. It does not address professional services liability. Chubb has a
variety of other policies for professional services liability and appears to be
telling the small-company market to buy two different policies from Chubb,
rather than a combined form from Chubb.
Royal (through one of its surplus lines subsidiaries) is
one of the insurers that apparently is offering only one form to the market,
but the form provides several coverages. The "Computer, Telecommunications
and Internet Services Liability Coverage" policy, as its name suggests,
includes, but is not limited to, liability insurance coverage for e-commerce
activities.
Gulf (through Media/Professional Liability) is another
insurer apparently selling only one form to the market, using a form that
provides several coverages. Like the Royal offering, Gulf's
"CyberLiability Plus Insurance Policy" includes, but is not limited
to, liability insurance coverage for e-commerce activities.
Great American (through Tamarack) is yet another insurer
apparently with a single policy form offering. Its "Dot.Com Errors and
Omissions Liability Insurance Policy," like the Royal and Media/Pro
offerings, includes, but is not limited to, insurance coverage for e-commerce
activities.
Several different Lloyd's facilities are also selling
stand-alone e-commerce insurance. One facility seen with substantial frequency
offers what it is calling the "Computer Information and Data Security
Insurance (CIDS)" policy. It provides coverage for professional services
liability and media errors and omissions liability for all services provided by
the insured, whether e-commerce related or not.
The policies offered by Royal, Media/Pro, Tamarack, and Lloyd's all look
much more like what AIG offers with its Pro Tech program. That is, the policy
forms provide several different coverages which, depending on the form at
issue, includes professional liability, media errors and omissions,
telecommunications liability, and miscellaneous professional liability for both
e-commerce and non-e-commerce activities. As noted, however, the capacity these
insurers are able to offer appears to be much lower than what AIG can and is
offering on its netAdvantage and Pro Tech programs (from $2 million to $5
million depending on a number of variables).
It may be that these insurers can offer higher limits on these forms, but
they have yet to be seen by the author. And perhaps these insurers can issue a
"primary" policy, and the insured can build capacity by buying excess
"follow form" coverage from other insurers. The insured should
consult its insurance broker for more information in this regard.
Read more in
Part 2 of this article.