Five years ago, data breaches were a blip on the risk-management radar screen. Now, they can send a cold shiver down the spine of any corporate board. If a company suffers a data breach, we are talking about significant exposure, including lawsuits, agency enforcement actions and damage to reputation and brand name. Cyberrisk insurance is available, yet relatively few companies seem to purchase it. Not surprisingly, as data breaches become more commonplace, companies have looked to traditional insurance as a source of coverage for first- and third-party liability.
General liability policies are the most popular candidate. The policies define “personal and advertising injury” in part as injury arising out of “oral or written publication, in any manner, of material that violates a person’s right of privacy,” as in ISO Form CG 00 01 12 07, Section V.17. Whether a data breach implicates personal and advertising injury coverage thus depends upon whether there has been a “publication” that violates the “right of privacy.” Easy? Well, no. These issues are not always straightforward.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.
For questions call 1-877-256-2472 or contact us at [email protected]
