What Should a D&O Policy Cover?

Grey Swan,

A 2012 PriceWaterhouseCoopers whitepaper on risk practices talks about the increasing frequency of black swan events, those catastrophic events that catch us by surprise. “By their nature, black swan events should only occur at unprecedented intervals. Yet recent experiences suggest that events that fit the definition of black swans are happening more and more frequently. So, are black swans actually turning grey?” Is the unthinkable now not only thinkable, but part of the landscape? It is these types of events for which Directors and Officers (D&O) insurance is designed. Will they happen? Hopefully not. But luckily, D&O insurance covers more than hope does.

What You May Not Be Getting with Your Current Policy

For the past five or six years, we’ve been in a soft market. Usually, these ebb and flow, but we’re still in the thick of it. What this means for policy purchasers, though, is that prices are very low. How could this be anything but good? The issue is that the policies tend to be very broad. Coverage has expanded so much that you cover a number of interests under one policy. For instance, you’ll have directors, officers, independent directors, internal management, and the company at-large all sharing one limit.

5 Things Every Insurance Company Needs to Know About Privacy Insurance

Grey Swan,

The first auto insurance policy was issued in the U.S. in 1898 and offered US$5,000 of liability coverage to Dr. Truman Martin of Buffalo, New York. As the Insurance Journal remarks, “Martin would likely have been more concerned with crashing into one of the country’s 18 million horses, rather than another of the 4,000 cars in the U.S.” Traveler’s Insurance took a bit of a risk, banking on auto technology making the horse obsolete. Today, insurance companies again find themselves entering a new era. Privacy concerns, like cars, are quickly becoming more numerous and are jamming our information highways. The threat of adverse events increases proportionately as well. Privacy insurance is, in many ways, in its infancy in Canada, but privacy is an issue that is only going to grow in importance.

Litigation and Losses mount over Canadian Privacy Breaches

Grey Swan,

Canada is no longer a safe haven when it comes to avoiding damages arising out of privacy breaches. Class actions are here. Regulatory and criminal investigations are here and so too are individual actions resulting in damage awards. The losses are mounting and regulators are crying for legislation to impose substantial fines. The times, they are a changing. If you are interested in examples of Canadian breaches where losses have occurred, read on.

It is no secret that there is a startling rise in privacy breaches in Canada these days, with a resulting increase in regulatory investigations and legal actions arising out of those breaches. Where a few years ago it was easy to find examples of breaches but difficult to find examples of losses arising from them, the environment in the US, and increasingly in Canada, has changed. Class action litigation and individual actions relating to privacy breaches in Canada are no longer just hypothetical, they are a new reality. The actions tend to involve disclosure of personal information through insecure disposal of records, theft and loss of unencrypted data on mobile devices, and unauthorized access to records. Set out below is a discussion of some of the recent cases resulting in actual losses.

A Closer Look: Data and Privacy Breaches

Grey Swan,

Alex Halderman, a University of Michigan assistant professor who specializes in data privacy, says, “Almost anything you sign up for online these days requires you to hand over your personal information to use it. Then, every action you take online is logged by these companies — it’s that information that really needs to be safeguarded.” Too often, though, the safety walls that are supposed to keep this information private are breached. What can happen to the data that companies and governments are charged with protecting?

Privacy: US vs. Canada

Grey Swan,

In 2011, Sony’s online PlayStation network users found themselves shut out from the fun. After a hiccup with the servers, engineers discovered that there had been a serious data breach. Usernames, addresses, email addresses, birth dates, passwords, and credit card numbers were stolen. Cynthia Larose, an attorney specializing in privacy matters, said, “Taken as a whole, the number of customers affected, the PR impact, and now the legislative inquiries,” this incident ranks “at the top” of data breaches to date. The breach affected 100 million users and cost Sony an estimated $1 billion. Such breaches are an ongoing and serious concern for businesses all over the world, and the need for privacy insurance is only growing more pressing.

We are only now at the very early stages in seeing how Canada is going to deal with new privacy laws, such as PIPEDA. This applies to provincially-regulated companies and their collection, use, and disclosure of personal information, as well as the safeguarding of that information. While there have been actions regarding privacy breaches in Canada, we haven’t seen the likes of Sony yet.

Most Popular Articles

Privacy Liability And Insurance

It has become common place to see news headlines stocked with shocking revelations of cyber hacking and privacy breaches, often pertaining to hundreds of thousands of records. This article...

Fiduciary Liability Insurance

Fiduciary liability insurance is often thought of as the ugly cousin of directors and officers liability insurance. Often misunderstood and ignored, Fiduciary Liability insurance is...

5 Things Every Insurance Company Needs to Know About Privacy Insurance

The first auto insurance policy was issued in the U.S. in 1898 and offered US$5,000 of liability coverage to Dr. Truman Martin of Buffalo, New York. As the Insurance Journal remarks, “Martin would likely have...