Risk Management--Electronic data and the CGL 05/05

Risk Management

Electronic data and the CGL

Explosion of the use of electronic data triggers coverage gaps

By Donald S. Malecki, CPCU

Two very experienced movers of property were carrying a heavy object down some stairs in a commercial building. Neither noticed that a sprinkler head was protruding from the ceiling above them. The object struck the sprinkler head breaking it off causing extensive water damage to the building before the water main could be shut off. As a consequence, the entity whose property was being moved also sustained a disruption of its computer facility and the loss of data.

The movers’ employer breathed a sigh of relief upon learning that it had a commercial general liability in place—and for higher limits than would be necessary to make good the damages that would likely be sought because of its employees’ negligence.

Unfortunately, what the moving company did not know at the time was that, while a commercial liability policy at one time would have paid all of the damages, the latest policy would not. Unlike earlier policies, what this liability policy contained was a definition of “property damage” that included an “oh-by-the-way” provision. “For purposes of this insurance,” it stated, “electronic data is not tangible property.” To make sure this was understood, the term “electronic data” was defined to include precisely what the employer thought would be covered.

Although it is difficult to identify the different types of scenarios that could possibly trigger a liability coverage gap involving loss to electronic data, some are obvious. One example is landscapers and other contractors who perform underground work where there may be wires, fiber optic cables or kindred property that could adversely affect a business’s electronic data if damaged or severed.

Property damage coverage for the explosion, underground or collapse hazards has been automatically included in CGL policies since 1986; however, that coverage is not good enough today, if there is any chance of electronic data damage. Coverage for these three hazards was the answer until the latest CGL provisions were amended in 2001. Since then, extra coverage has been required.

Common questions from businesses are why they were not informed about this coverage gap, and what would have been necessary to have avoided such as predicament. The answer is not easy.

Good and bad news

With the introduction of this new definition of property damage precluding electronic data as property damage, ISO introduced an Electronic Data Liability endorsement. When attached to a CGL policy, this endorsement modifies the definition of property damage so as to include loss or damage having to do with electronic data, so long as this loss or damage follows physical injury to or damage to tangible property.

Most cases involving loss of electronic data do occur following physical injury to tangible property, but there are cases where electronic data is lost even when tangible property does not suffer any physical injury. Therefore, the fact that this endorsement does not apply when there is an absence of physical injury or damage to property can be worrisome.

Fortunately, with its 2004 CGL changes, ISO introduced Electronic Data Coverage Form CG 00 65 that applies to loss of electronic data, whether there is damage to tangible property or not. For purposes of this form, “loss of electronic data” is defined to mean “damage to, loss of, loss of use of, corruption of, inability to access, or inability to properly manipulate, ‘electronic data.’”

Note, however, that this coverage form should not be viewed as a panacea for all possible loss exposures confronting all businesses. It is not. In fact, this coverage form is not intended for any business providing computer product services. Briefly, the form does not cover firms involved in manufacturing, developing, designing, creating, selling, etc., of computer or electronic goods. This includes computer software, programming, equipment, peripherals, communica-tion or broadcasting equipment, and industrial or robotic equipment.

The coverage form definitely is better than the endorsement, but it is still necessary to tread carefully with it. Of course, it is on a claims-made basis. The insuring agreement also looks like the insuring agreements of ISO’s standard CGL policy, but the coverage form is significantly different.

Reference in the insuring agreement to “sums the insured becomes legally obligated to pay” might lead agents and brokers to think that coverage applies for liability arising out of any acts or omissions. Not until one reviews the entire form will he or she discover coverage falling short of that mark.

It takes a while to figure this out. The insuring agreement states that this insurance applies to loss to electronic data only if such loss is caused by an “electronic data incident, which is defined in part to mean ‘an accident or a negligent act, error or omission’.” It is important to note that a negligent act cannot be intentional. This may never become an issue, but if it does, rest assured the insured will have a fight on its hands, because there is case law with which to contend.

It also needs to be pointed out that this electronic data liability coverage form is meant to cover only the loss of electronic data stemming from an insured’s negligent acts, errors or omissions. The property damage, whether it is physical injury to tangible property, or loss of use of tangible property not physically injured, should be covered by the CGL policy and therefore is excluded under this form. Also excluded is bodily injury, personal and advertising injury, damage to data that is owned by the named insured, developed by or for the named insured, or is the named insured’s work or product.

Who is selling them?

The fact that one standard endorsement and form of ISO are available to cover an insured’s liability for loss of electronic data sustained by third parties probably is nice to know. (There also may be a number of independently filed endorsements or forms available.) The question is: What insurers are willing to issue one of these coverage documents and for what limits?

A random check among some insurers reveals that underwriters are somewhat reluctant to issue either one of these ISO documents. To the extent they do, the limits vary. Some underwriters have been known to virtually give the coverage away—and for high limits. Others provide coverage sparingly and for limits considerably less than the policy’s limits for property damage.

Underwriters understandably are treading carefully here. No one knows for sure in how many different ways loss to electronic data can come about or, when it does, what the severity will be. Agents and brokers need to inquire more about the coverage, since virtually every business entity may face the possibility of a claim alleging liability for loss of another’s electronic data.

Once a market has been found, it would be in the best interests of agents and brokers to offer it to insureds, even if the limits are low. At this point, this is a very serious exposure and beggars cannot be choosey. Offering a sub-limit is better than nothing. In fact, many insurers include certain coverages on a sub-limit basis because doing so often prevents arguments over coverage provisions.

Nothing will be more detrimental to agents and brokers, however, than to ignore this exposure. The very fact that insurers have sought to exclude liability coverage for loss of electronic data should be a sufficient warning that claims could be severe.

If push comes to shove

One of the changes introduced with the 2004 CGL policy provisions is new exclusion p, which is titled Electronic Data. (For those counting exclusions applicable to the CGL policy, this is number 16.) This exclusion is being inserted to clarify that liability coverage for electronic data is not provided by the CGL policy.

Prior to this change, the only basis of an insurer’s denial of coverage for liability because of loss of electronic data is the definition of property damage and its reference to precluding electronic data coverage. As agents, brokers, attorneys and insurers have come to learn, courts do not particularly like to deny coverage based on a term’s definition. To their way of thinking, if it is the insurer’s intent to exclude coverage, an exclusion should be inserted in the provisions to make that clear. Otherwise, the insurer is going to have a fight on its hands—with the probability of losing the issue.

This is the reason for exclusion p; that is, to make clear that electronic data, which is not considered to be property damage, is specifically intended to be outside the realm of a CGL policy’s coverage.

It is important to note that a number of CGL policies issued prior to the 2004 changes do not include exclusion p. Those insureds who may encounter an argument over whether or not liability coverage applies for loss of electronic data may have an edge over the insurers by pointing to the absence of any exclusion.

Apart from that tactic, a more positive approach is to seek out insurers willing to provide liability coverage for loss of electronic data and to sell whatever limits are available to insureds, even if what is available are sub-limits considerably less than policy limits. Let’s face it—something often is better than nothing. *

The author
Donald S. Malecki, CPCU, has 45 years in the insurance and risk management consulting business. He currently is a principal of Malecki Deimling Nielander & Associates L.L.C., an insurance, risk, and management consulting business headquartered in Erlanger, Kentucky.