Quinn's Commentaries on Insurance Law: #CyberInsurance

Showing posts with label #CyberInsurance. Show all posts

Saturday, July 26, 2014

Insurance Policies: "Cyber Space" Insurance

Some Significant & Representative

Cyber Insurance Cases

First Period

Michael Sean Quinn, Ph.D, J.D., Etc.

1300 West Lynn #208

Austin, Texas 78703

(o) 512-296-2594

mquinn@msqlaw.com

There are not very many reported cyber insurance cases. There are plenty of civil (and criminal cases) about the so-called cyber-world), but direct, focused, coverage, or similar cases are very few in number—almost none in the Twentieth Century. There were more in the early Twentieth Century, but as they have evolved, the topics of those cases are probably passé. There are many more cases now; that arises from (1) the exponential growth of computer technology, following what is called “Moore’s Law”—something which is not a scientific law at all, (2) the increasing number of diverse insurance policies offered, sold and bought, and (3) the growth of the market’s need for cyber-lawyers. Category (3) to a degree of certainty vastly exceeding that of Moore’s Law, where the market wants transactional lawyers, it will need litigation lawyers.

I. Two Cases of the “Early Period”

Most cyber insurance judicial analyses of 10 or more years, 1994-2004 approximately, concerned two principal issues. They concerned insurability of interactions between the cyber-world and the real-world. There were a number of these cases, but most are not worthy of substantive, attention nowadays, at least for the purposes of this blog, given what the insurance issues turned on, to wit: what counted as a material object and how the various policies interacted with that conceptualization. (Don’t let me mislead you into the idea that they are unworthy of being cited in briefs, etc. Many of the subordinate citations in briefs, coverage opinion letters, law review articles, and so forth are designed to show that there is or has been wide agreement as to some proposition(s) of law under at least some circumstance. This is valuable in and of itself, though not always necessary, for example, in this essay.)

It seemed and seems obvious that cyber-world events can causally impact the real-world in a variety of insurable ways. Elements of the cyber-world can inflict damages on material object. They can cause physical injury to tangible property and/or the loss of the use of it whether physically damaged or not. They can also cause bodily injury. Here is an example, sort of. According to a recent article in the trade periodical Business Insurance, insurance companies are designing a new maritime policy designed to insure against bodily and property damages caused by cyber risks. AIG is apparently the leader of this fraction of the industry, it is reported. Judy Greenwald, Insurers Develop Cyber Cover for Maritime Industry (May 12, 2014).

The question asked in lawsuits and elsewhere is the reverse of this. Can events in the real world cause injuries to parts of the cyber world, e.g., data. The insurance questions asked are like this: Can negligent work in the real world cause covered injuries to inhabitants of the cyber world? And here’s another one: If there is negligent work repairing a computer that damages the computer, do consequences of the damage to a tangible physical object cause insurable injuries in the cyber world?

These are questions about interactions between the real world and the cyber world. Notice that the cyber insurance questions are to be answered differently, perhaps, than the non-insurance questions. This makes the meaning of the insurance policies crucial to these disputes. That should come as a surprise to no one.

Although the current near consensus on the insurance is “No,” at least for standard policies of the real world, e.g., the CGL policy, there are aggressive plaintiff’s lawyer who try to pursue the opposite conclusion, for example, in some class actions. The now established proposition regarding insurance questions was recognized as nonsense for bodily injury and property damage quickly because of the idea that tangibility was built into the idea of property in most first and many third party policies.

At the same time, it must be remembered that CGL policies also cover some physical non-injuries. An example of the opposite in the first party case is the insuring of money, stamps, bonds, ideas, and so forth. All of these ideas are built into some third party policies, CGL’s coverage B is like this. There are more. Legal malpractice is like that, as will be discussed briefly in §IV, as are copyrights on music. It has been mostly taken as true that a physical object could not cause physical injury to components of the cyber world, since they are usually understood not to be material objects, though it was conceded that such a thing could happen in a number of ways, (none of them leading to insurance under a CGL type policy). It doesn’t even work for legal malpractice, etc., because the immediate injury is what is inflicted on a person, whether a real person or an abstract entity, often also called a “person.” Nevertheless, a few—very few—“ancient” cases reached an opposite conclusion, saying that the destruction of data can, under some come circumstances, be property damage.

The second question is the reverse of the first question. How should damages inflicted on components of the cyber-world by the real-world be thought about? The received answer is that since the components of the cyber-world are not tangible, they cannot be property, and so there is no coverage under CGL-type policies. This observation is true even if what is called “the cyber-world” and the “real-world,” i.e. the material world, are really part of one world.

Here, are two examples of cases in those early days. In one case, the court found that the definition of “property damage” was ambiguous and therefore covered data. The opposite, however, was decided in the other case.

One case that is regarded as a leading case is Ward General Insurance Services v. Employers Fire Insurance Company, 114 Cal. App. 4^th 548 (2003). The facts are simply described, even if they were not simple in real life. The plaintiff was working on a computer; there was a human error; data was lost. It cost the plaintiff over $250,000 to restore the data and caused business interruption. The question was whether the loss of the data was a “direct physical loss.” Both the trial court and the court of appeals said “No”:

The word “physical” is defined, inter alia, as “having material existence” and “perceptible esp. through the senses and subject to the laws of nature.” (Merriam-Webster’s Collegiate Dict. (10^th ed. 1993) p. 875.) “MATERIAL implies formation out of tangible matter.” (Id. at p. 715.) “Tangible” means, inter alia, “capable of being perceived esp. by the sense of touch.” (Id. at p. 1200.) Thus, relying on the ordinary and popular sense of the words, we say with confidence that the loss of plaintiff’s database does not qualify as a “direct physical loss,” unless the database has a material existence, formed out of tangible matter, and is perceptible to the sense of touch.

A “database” is a “large collection of data organized esp. for rapid search and retrieved (as by a computer).” (Merriam-Webster’s Collegiate Dict. (10^th ed. 1993) p. 293.) “Data is defined, quite simply, as factual or numerical “information.” (Ibid.) Thus, the loss of a database is the loss of organized information, in this case, the loss of client names, addresses, policy renewal dates, etc.

We fail to see how information, qua information, can be said to have a material existence, be formed out of tangible matter, or be perceptible to the sense of touch. To be sure, information is stored in a physical medium, such as a magnetic disc or tape, or even as papers in three-ring binders or a file cabinet, but the information itself remains intangible. [Emphasis added.] Here, the loss suffered by plaintiff was a loss of information, i.e., the sequence of ones and zeroes stored by aligning small domains of magnetic material on the computer’s hard drive in a machine readable manner. Plaintiff did not lose the tangible material of the storage medium. Rather, plaintiff lost the stored information. The sequence of ones and zeroes can be altered, rearranged, or erased, without losing or damaging the tangible material of the storage medium.

A case cited for the proposition that data is a physical object and therefore sustains “property damage” when destroyed or made unusable, is a Texas case. (This does not say that “data damage” is “property damage,”). Lambrecht & Associates v. State Farm Lloyds, 119 S.W.3d ___(Tex. App.--Tyler, 2003 pet.). There were two separate arguments being used in this case, although they are not separated.

The court noted that, there are cases holding that data are physical objects and hence that they sustain “property damage” when injured. Those cases “focus on the physical nature of the data itself and debate whether or not it can be dissolved into a quantitative mass or is merely transcendental.” Instead, “the losses alleged by [the plaintiff] are covered by the policy as can be determined by analyzing the policy itself. We need not attempt to compose such an erudite thesis because” the issue can be resolved by analyzing the policy.

Here the policy contained provisions that explicitly determined coverage. First the policy indicated that it covered damages to personal property of a business of the policyholder at a covered location. What was damaged was the server; it is incontestable that servers are physical objects; and it was rendered useless. That’s obviously covered. In order to fix it, or restore it, there had to be the finding of, or otherwise dealing with, the server’s function, and the sort of substance upon which it did its work. (It seems to me that it would not matter whether that was physical or not. That, however, was not an explicit issue in this case.)

The court’s also considered that the policy explicitly said in its loss of income section that “electronic media and records” are covered. In turn, that phrase is defined in part as [a] “electronic data processing, recording or storage media such a films, tapes, discs, drums or cells; [b] data stored on such media; or [c] programming records used for electronic data processing. . . .” On the basis of this language, the court held “that the plain language of the policy dictates that the personal property losses alleged by [the plaintiff] were ‘physical’ as a matter of law.” Section [b] it seems to me, makes this conclusion obvious and iron clad. This conclusion, however, implies nothing about policies that do not have this or this kind of language in them.

The question asked in lawsuits and elsewhere is the reverse of this. Can events in the real world cause insured injuries to parts of the cyber world, e.g., data? The insurance questions asked are like this: Can negligent work in the real world cause covered injuries to inhabitants of the cyber world? And here’s another one: If there is negligent work repairing a computer that damages the computer, do consequences of the damage to a tangible physical object cause insurable injuries in the cyber world? Remember. Two of the main categories of covered injuries or damages in standard policies in the so-called real world are bodily injury and injury to tangible property.

At the same time, it must be remembered that CGL policies also cover some physical non-injuries. An example of the opposite in the first party case is the insuring of money, stamps, bonds, ideas, and so forth. All of these ideas are built into some third party policies, CGL’s coverage B is like this. There perils in that coverage—its “Coverage B”—that do not require tangibility as the human body and physical property do. There are more; copyright violations, e.g., on music and videos are a couple; sometimes patent torts are another; and most important some forms of privacy are yet another. (Various kinds of malpractice are covered in real-world policies, and some of them may cover conduct “in” the cyber world. Med mal cannot be like that, for obvious reasons.) It has been mostly taken as true that a physical object could not cause physical injury to components of the cyber world, since they are usually understood not to be material objects, though it was conceded that such a thing could happen in a number of ways, (none of them leading to insurance under a CGL type policy). It doesn’t even work for legal malpractice, etc., because the immediate injury is what is inflicted on a person, whether a real person or an abstract entity, often also called a “person.” Nevertheless, a few—very few—“ancient” cases reached an opposite conclusion, saying that the destruction of data can, under some come circumstances, be property damage. There will be further discussion of Coverage B a later blog.

The second question is the “reverse” of the first question. How should damages inflicted on components of the cyber-world by the real-world be thought about? The received answer is that since the components of the cyber-world are not tangible, they cannot be physical property, and so there is no coverage under CGL-type policies. This observation is true even if what is called “the cyber-world” and the “real-world,” i.e. the material world, are really part of one world.

Whether there is coverage for something, and this will be determined by analyzing the insurance policy itself. We need not attempt to compose such an systematic and erudite theory as to potential coverages, because the issues can be resolved by analyzing the relevant insurance policy, and—actually—not otherwise.

Alas, the issue regarding property damage in these kinds of cases has not completely croaked. It gets revived from time to time. However, it usually arises about cases in which huge amounts of information are released; the insured commercial entity, often a large retail entity, is subject to a class action, and it sues its insurer for coverage. Bodily injury and property damages claims in the underlying lawsuit usually were never serious, except to try to trigger a duty to defend, and they drop out of serious contention quickly. Nevertheless, a few—very few—“ancient” cases reached an opposite conclusion, saying that the destruction of data can, under some come circumstances, be “property damage.” This view can’t be right. Property in the cyber world is not tangible.

Just how dead the property damage issue is during the Second Period will be come clear at the end of the next section. Early in 2012 the Appellate Court of Connecticut decided a case styled Recall Total Information Management v. Federal Insurance Company, 147 Conn. App. 450 (Conn. App. January 14, 2014). Some have suggested that it may have been an attempt to resurrect the themes of the “First Period.” That’s the wrong answer, but this is not the place to prove it. It isn't just the wrong answer; rather it's like saying the Trojan House is an Andalusian given to the Greeks by the Trojans as a comforting gift for the Greeks once they had accepted their defeat and decided to go home across the blue Aegean and to leave Helen behind in Turkey to tend her 6 kids.

Friday, October 4, 2013

An Ironshore Cyber Policy--Part IX: I.H: Business Interruption Income Loss--Part IX

TechDefender

Tech E&O, Network Security, Internet Media and MPL Insurance Policy

Insuring Agreement I.H: Regulatory Proceeding Coverage

Remember: This Blog is organized around insuring agreements, definitions and exclusions. Conditions, etc., may be remarked upon briefly, but they often resemble not only each other but those found in currently existing policies. It also ignores policy limits, retention matters, notice requirements, time intervals for coverage, etc., important as these are. As usual, the discussion of everything in this blog is tentative, partial, and perhaps mistaken here and there. It is a new and relatively uncharted ocean.

__________________________________________________

BUSINESS INTERRUPTION INCOME LOSS AND DEPENDENT BUSINESS INTERURUPTION INCOME COVERAGE is the title of this insuring agreement, I.H.

A good part of this title is familiar from commercial first-party (often property) policies, where the idea of property damage begins with the idea of physical injury to tangible property. Obviously, that will not be the beginning of BI*or DBI coverage in cyber-policies. Still, in terms of purpose this insuring agreement corresponds to the similar insuring agreements found in so-called "real world" policies.

[*BI is a standard appreciation used to denote Business Income Losses in todays so-called "real world" policies. Previously, BI referred to Business Interpretation Losses. Many do not know why the terminology changed, and I am one of the many. Maybe it was to accentuate the fact that there had to be an income loss; I suspect that was always true.]

Here is the verbatim quotation of insuring agreement of I.H:

The Insurer will pay the Company any Business Interruption Income Loss [BI], Dependent Business Interruption Income Loss [DBI] and Extra Expense the Company sustains during the Period of Restoration as the direct result of an Interruption in Services, provided that such Interruption in Services first occurs during the Policy Period.

Before turning the central substantive definitions, several matters need to be discussed.

First, only the Company really covered; only its losses are to be paid.

Second, under this insuring agreement, the Insurer "will pay" is a key obligation of the Insurer. This is more flexible that "will reimburse. Interestingly, there is no restriction of when the Insurer is obligated to pay. Probably all cyber-insurer that use this language are governed by the law--a more or less general law across at least most states in the U.S.--that requires the insurer to pay promptly, once it has the information, etc., it reasonable needs to calculate what it owes.

Third, the Period of Restoration is defined (pretty much) as the reasonable length of time it takes the Company to get its cyber operation up and running again, measured starting with the time there was covered Interruption in Services, but lasting no more than 30 days.

Obviously, the Period of Recovery to reach out beyond the end date of coverage under the policy This topic is often a matter of dispute. One of the principal topics of dispute is whether the insured made is snappy to get the fix completed. An enormous number of facts and therefore components of an (or more than one) investigation are involved in any relevant adjustment and/or adjustment dispute. As a general rule, periods of restoration can be extended by endorsement, like lots of things in insurance policies.

Fourth, the term "direct result" again serves a crucial role. For more on this matter, see Part VIII: I.G, for example. The ideas of direct and indirect is illustrated nicely by the workings of "Silk Road." Some of it is direct, I think, in particular, the mailing of the "goods." Some of it indirect, I believe, namely, the modes of purchasing the "goods."

Fifth, the Company's Computer System is an obvious term the meaning of which is intuitively obvious at a surface level. Of course different companies what have different systems used for different purposes. In this definition, an insured system is one restricted to working solely for the Company's benefit

We now arrive at what might be called the crucial topical definitions.

The definition of Interruption in Services [IS], the covered train of events which do covered injury or damage to the Company. Which ISs are covered and which are not is to be found in this definition. IS "means the actual and measurable interruption, suspension, failure, degradation or delay in the performances of the Company's Computer System, if directly caused by a Network Security Incident. [Notice that the idea of being direct is a necessary condition of being an IS and therefor of coverage. Given the general terms--one is "measurable"--one can bet that there will be disputes grounded on this idea.]

BI and DBI are the crucial definitions for describing the types of injuries/damages for which the Insurer will pay.

BI means, roughly speaking,  the Company's loss of "net profits before income tax" that the Company is prevented from earning as the result of IS and its normal expenses, e.g., payroll, that "must continue" during the Period of Restoration had there been no IS.

[This is a relatively standard surface formulation of BI for a very long time. Extra-help that has to be brought in to straighten thing out is an Extra Expense, not a loss. Notice that the general BI can be brought about by an assortment of causes of the IS, and that the cause of the IS might actually involve more than one cause, so that the IS need not directly result from a single cause.]

DBI is one of those components of this insurance policy that contains of "direct;" once is "direct result of" and the other it is "caused directly by." It is even more complicated than passages where there is a double occurrence of the word; for this reason it is necessary to quote some of it. It is a BI loss "as the direct result of an IS[, and it] is caused directly by a Network Security Incident to the
Service Provider's Computer System but only if such Network Security Incident would have been covered under the Policy had the Service Provider been entitled to insurance in accordance with the terms, conditions and other provisions of the Policy."

This is a very complicated provision.
The place to begin is with the word "dependent. The point is that this form of BI must be triggered by an injury to something upon which the Company depends, and--if anything--will be the Service Provider. The surface idea of a Service Provider is easy enough to understand, though it must be understood that it is a separate company, a vendor, and there is a forma contract with the Company. It's computer system is simply a Computer System somehow and/or to some extent belongs to it, as the term is defined in the policy. It is the Service Provider's Computer System that must be subjected to a Network Security Incident.

That is a defined term in the policy. It, very roughly, means some sort affliction is directly imposed upon the Service Provider's Computer System, such improper use of it and/or the introduction of a Malicious Code, that directly results in specified injuries/damages to the Company's Computer System so that it is subject to IS or a "corruption or deletion" of Digital Assets."  However, under the definition of DBI there is a necessary condition: the Service Provider must be such the Network Incident "would have been covered under [this] Policy had the Service Provider been entitled to insurance in accordance with the terms, conditions and other provision of the Policy."

One thing this means is that the insurance of the Service Provider must been equivalent to the Company's policy in terms of strength and scope for the Company to have coverage. If the Service Provider has weaker or no coverage, the Company will have no coverage for DBI. Something it might mean is that the Company's Digital Asserts have been "corrupted." Unfortunately, that is not a defined term, although the term is commonly used in cyber-circles.

So far as exclusions are concerned, there do not appear to be any that apply uniquely to this insuring agreement, and if so there are none that are prepared for it. Plenty of exclusions that are to be found in so-called "real world" policies apply to it and to the rest of this policy, and lots of new fangled exclusions for the "virtual world" also apply to it. Still, there is nothing further that needs to be said about this exclusionary matter just now.

Wednesday, April 24, 2013

Cyber Insurance Policy--Sample #2: A Liability Policy--Chubb

Michael Sean Quinn, Ph.D., J.D., c.p.c.u. . . .

The Law Firm of Michael Sean Quinn et

Quinn and Quinn

1300 West Lynn Street, Suite 208

Austin, Texas 78703

(512) 296-2594

(512) 344-9466 - Fax

E-mail: mquinn@msquinnlaw.com

Preface

This blog discusses the insurance policy listed below. There are more than several cyber insurance policies available these days, but there is no real literature about them. There are one or two pieces in law reviews, but there is no real discussion of what the policies contain or how they work. This is an attempt to do just that. This policy is narrower than others and it is not a paradigm of cyber liability insurance policies.

There are not (or few and hard to find) judicial decisions on cyber insurance policies/contracts, e.g., treating coverage matters. There may be a few out there, but they are not reported, and I have found no real references. One of the propositions that the forgoing implies is that, I do not believe that I am giving a comprehensive account of this policy, or others I have discussed and will discuss. In addition, I do not so much as suggest that what I am saying can be taken as gospel. That sort of thing, if it comes at all, is far off in the future. If you are inclined to think I am a prophet, I am flattered, and while you may be right, do not bet large sums on it, although you have my permission to cite me in coverage opinions, law review or magazine articles, court briefs--or, for that matter, judicial opinions.

I will not be giving a full explication of the policy; much of it is left out. The main concentration is on the insuring agreement, the definitions, and the exclusions. Not even all of them are discussed. The main reason for this is that many of the components of not only of the exclusion section, but the conditions and the miscellaneous sections, are not really very interesting in studying and thinking about cyber policies. One reason for this is that they are quite similar to what has been characteristic of insurance policies for many years.

My comments on the policy, immediately below, will be enclosed in brackets, "[ ]."

This insurance policy--or a predecessor--was issued for the first time in 2000. The following comes from a 2006 version. It is a liability policy--a third party policy.

Chubb Group of Insurance Companies

SAFETY’NET INTERNET

LIABILITY POLICY

1. Insuring Clause [Insuring Agreement]

The Company shall pay on behalf of each Insured all Loss on account of any Claim first made during the Policy Period arising out of the Insured's Internet Activities which occurred on or after the Retroactive Date set forth in ITEM 7 of the Declarations.

[This insuring agreement cannot be understood without grasping the relevant definitions, at least to some extent. One important thing about it is characteristic of many policies that have been in use for many years, e.g., Directors and Officers Liability Policies. Policies like that have a certain period of coverage, and or more event must happen during that interval. These include (1) events giving rise to a claim against the insured, (2) the claim against the insured, (3) claims by the insured "against" the insurer seeking coverage, or (3) up to all of them. In this case, that which gives rise to the claim-again-the-insured must occur during the policy period, as must the claim against the insured itself, as well as the insured's claim against the insurer. Because of this ostensible fixed schedule, the insurer offers extension periods. They can be retroactive or for the future. Thus if a claim-against-the-insured is originally required to be submitted the policy period, that time interval can be increased by an interval of time back into the past, or it can be stretched out into the future. The insurer may or may not have a right to refuse these extensions. In any case, extensions demand payment of an additional premium.]

[On items on a Declarations Page/Sheet, see the discussion of definition (f) and (g).]

2. Definitions

(b) Defense Costs means that part of Loss consisting of reasonable costs, charges, fees (including but not limited to attorneys' fees and experts' fees) and expenses (other than regular or overtime wages, salaries or fees of the directors, officers or employees of the Named Insured) incurred in defending Claims, and the premium for appeal, attachment or similar bonds.

[The language of this definition entails that the insurer's costs of defense will diminish the amount available to compensate the complainant against the insured. This proposition is reinforced elsewhere in the policy.]

(f) Internet Activities means

(i) display or use of other Matter on an Internet Site;

(ii) transmission of Matter via an Internet Site; or

(iii) the disseminating of Matter by any other means of publication or communication shown

in Item 8 of the Declarations.

(g) Internet Site means an Internet site shown in Item 8 of the Declarations.

(h) Loss means any amount which an Insured becomes legally obligated to pay on account of any Claim, including but not limited to damages (including punitive and exemplary damages, where insurable by law), judgments, settlements, costs and Defense Costs. . . .

[Remember: Defense costs are part of the loss, so that the expenditure of defense costs reduces the amount that is available to pay the indemnity part of the claim.]

(i) Matter means printed, verbal, numerical, audio or visual expression, or an other expression, regardless of the medium upon which such expression is fixed.

3. Exclusions

The Company shall not be liable for Loss on account of any Claim made against any Insured:

Anti-Trust: (d) arising out of allegations of price fixing, restraint of trade, monopolization, unfair trade practices, or any actual or alleged violation. . . .

Patent Infringement (h) arising out of any actual or alleged infringement, contribution to infringement, or inducement of infringement of any patent[.]

Governmental Actions: (i) brought by any federal, state or local regulatory agency or other administrative body alleging the violation of any federal, state or local laws or regulations.

[So far as I can tell, the rest of the 14 or so exclusions, depending on how they are counted, are not very interesting either because they are part of common sense, because they are not uniquely related to cyber insurance situations, or because they or some close variation of them, are well known from other types of currently existing commercial liability policies.

Reporting and Notice 5. Insureds must give Chubb written notice of a claim against it "as soon as practicable" but within 60 days and no longer. This demand is described as a, "condition precedent to their exercising their rights hereunder. . . ." In addition, it is also a "condition precedent" of an insured exercising any of its rights that it provide the insurer (Chubb) with such information and cooperation as it may reasonably require.

[This clause is common all over the industry. The first part is commonly called the "Late Notice Requirement" or the "Late Notice Condition," while the second half is often called the "Duty to Cooperate Clause." Insurers usually describe these requirements as conditions, but a number of courses have ruled against this understanding of the clauses. The reason is that the clauses, as set forth in the policies, are held not actually to be conditions for various reasons; instead those courts treat them as covenants, meaning simple promises in the contract. This distinction can make a lot of difference in litigation, but it is easiest for the insured to act in accordance with the language of the insurance contract, and avoid that dispute even if the law is "on his side."]

Defense and Settlement 6. The Company shall have the right and duty to defend any Claim covered by this Policy...The Company may make any investigation it deems necessary and may, with the consent of the Named Insured, make any settlement of any Claim it deems expedient... Defense Costs are part of and not in addition to the Limits of Liability set forth in the Declarations, and the payment by the Company of Defense Costs reduces and may exhaust such Limits of Liability.

[The "duty to defend clause" is often among the most important clauses in the insurance policy. This matter is commonly known, so nothing more needs to be said about it here and now. It must be remembered that the amount that is paid for a defense, shrinks the amount of money available to pay the plaintiff, if that is necessary. This feature is not common in ordinary commercial or personal liability policies, but it is common in malpractice policies, aka "E & O Policies," aka "Errors and Omissions policies." Usually, these policies are for "professional" malpractice, e.g., doctors, lawyers, accountants, engineers, architects, and so on. Duty to defend clauses usually contain investigation clauses, cooperation clauses, and clauses regarding settlement. Settlement clauses can be particularly important. They usually authorize the insurer to settle a case with the consent of the insured. However, if the insured refuses to consent, the insurer's obligation to pay damages may be restricted to the amount for which the case could have been settled. (Sometimes, the insured also ends up being liable for attorney's fees accumulated after the case could have been settled. That is not the case in this policy.)]

There are a number of other clauses, most of them routine, so they will not need be discussed here. Here are their titles:

Allocation [as between covered and uncovered events]
Extended Reporting Periods
Spousal Liability Coverage
Other Insurance [sometimes other insurance policies pay first]
Representations and Severability [Assertions in the application must be true and are part of the policy.
Territory [where there is coverage]
Notice
Subrogation
Action Against the Company, i.e., the insure [Insured's full compliance with the terms of the contract is a condition precedent upon the insured suing the insurer. Seldom enforced these days.]
Bankruptcy
Authorization
Alteration and Assignment [The insured may not do either one. Strictly enforced.]
Cancellation and Non-renewal.

[Sometimes these "conditions" or "conditional clauses" or "alleged conditions," can contain what might be called "tricks." Consider the "Late Notice Clause," it requires that the insured give notice no later than the 60th day. Does this mean provide or receive? If request for coverage is sent my mail, several days may pass. So might a late night notice emailed to an insurer. This sort of thing does not come up often and generally the reasonable insurer doesn't seek to enforce this clause over these kinds of situations, except--maybe--where fraud is plausibly thought to exist.]

______________________________________________________________________________

Essay on Coverage

This discussion will concern one aspect of coverage: that which is obviously included in or involved with the Insuring Agreement, Definition (f), and the Definitions contained therein.

Definition (f) begins with the Definition of Matter. Generally speaking, the defined term "Matter" refers to a concatenation of instruments of communications, and the communication they can be used for can be of any sort. The human voice, however, is not mentioned though it seems to me that it is implied.

An Internet site is a "something" by means of which communication can occur over the Internet. (n: Internet Site is any Internet site listed on the declaration page of the policy. Notice that cyber communication systems are not within the definition and therefore not insured.

[1] (f)(i)So an Internet Activity is, among other things, the display of Matter on an Internet site listed in the policy--that is an Internet Site;
[2] (f)(i)An Internet Activity, is also, among other things, other use of Matter on an Internet site listed in the policy--that is Internet Site (I take the phrase "other use" to include a variety of other uses, and note that the term is not defined in the policy. I think it's reasonably clear that the word "use" really means other "uses.")
[3] (f)(ii) transmission of Matter via an Internet Site; (It is unclear whether "transmission" means out, in, or both. I see no difficulty in taking that word to mean both outgoing and incoming.

[4] (f)(iii) dissemination of Matter by any other means of publication or communication shown in the specified place in the policy. I find (f)(iii) puzzling:

First, the difference between transporting and disseminating is not obvious. Either of them could be be intentional or unintentional. One can transport one thing, but the idea of dissemination seems to imply "moving" more than one thing.

Second, (f)(iii) a dissemination pass through an Internet Site before can be something insured. Of course the communications device that falls within (f)(iii) has to be listed in the specified place in the policy. Does that makes it discretionary for the underwriter for the insurer to decide how to deal with a particular disseminatrion device, say, the Wall Street Journal. Or does is make it discretionary for the underwriter of the insurer to decide what categories of dissemination outside of Internet will trigger coverage through (f)(iii), say, newspapers, but not TV.

It would not surprise me for the insurer to opt for the former, say, there must be a particular magazine listed if it is to trigger insurance through (f)(iii), e.g., The New York Review of books
It would not surprise me for the insured to opt for the latter, e.g., magazines or magazines containing book reviews and so forth
I am inclined to think that the near sentence in (f)(iii) means extra-Internet category.
This reasoning does not need an argument from ambiguity. An ambiguity argument may be needed to distinguish general categories from categories that are not general and are nothing but semantic games designed to make the particular look general

Third, why might (f)(iii) be included in this kind of policy when (f)(iii) falls within CGL coverage, when liable, etc.from Coverage B is involved? Maybe its to deal with the insuring the insured's passing along incoming messages libelous information.

In any case, the fact that this is a liability policy is quite clear. We shall be examining some first party policies and other liability policies as blog-chapters go along