An earlier version of this article originally appeared as Chapter 15 of the "Vendor's Guide To Computer Contracting," an excellent book which is not currently in publication. The article is intended to cover some of the basic concepts in insurance coverage for technology companies. It is a summary of generic law, not limited to the specific law of California. This article was republished in 2003, with minor revisions, in the Cyberspace Lawyer.  


INSURANCE FOR COMPUTER HARDWARE
AND SOFTWARE VENDORS:
CONTRACTUAL ALLOCATION OF
SOME OF THE LESS CONTROLLABLE
RISKS OF DOING BUSINESS

 

By Steven Brower

Buchalter Nemer

714-549-5150

sbrower@buchalter.com

I. INTRODUCTION

II. INSURANCE AND INSURANCE COMPANIES

III. SOME BASIC TERMS AND CONCEPTS

A. Terms Used In This Article
B. "Duty to Defend" As Contrasted With The "Duty to Reimburse" For Defense
C. Defense "Within The Limits" Of The Policy
D. Claims-Made Coverage

 

IV. PURCHASING INSURANCE

V. SPECIFIC TYPES OF COVERAGE

A. Commercial General Liability

1. Bodily Injury
2. Property Damage - Must Be Tangible Property, Not Economic Damages Or Intellectual Property

a. Can Computerized Data Be Considered Tangible Property?
b. The Exclusion For Impaired Property

3. Personal Injury - Defamation and Trade Libel
4. Advertising Injury - The Offense Must Be Related To Advertising

a. Potential Coverage For Copyright Infringement
b. Not Much Potential Coverage For Patent Infringement

B. Computer Hardware and Software Errors And Omissions Coverage - Something Special For Technology Companies
C. Director's and Officer's Liability
D. Kidnap & Ransom - High-tech Product Extortion Coverage?
E. Intellectual Property Infringement Coverage

 

VI. DEALING WITH A CLAIM OR SUIT - THE IMPORTANCE OF PROMPT TENDER TO THE INSURER

I. INTRODUCTION(1)

Readers of this article should understand that one of the primary goals of most contracts is to allocate the risk (costs) of certain reasonably foreseeable outcomes in such a manner that a party which has honestly and competently performed its obligations, including taking steps to control the risks, has a fair probability of making a profit on the contract.

The goals of the parties to insurance policies should be similar to other contracts. However, they are generally intended to spread the risk of less frequent outcomes, which are, in many cases, less subject to the control of the parties, and which occur with a lower frequency.

In other words, the insured may pay premiums for many years, have no covered problems, and therefore get no direct economic benefit. While the insurer will have made a large profit from that insured, and from many other insureds which have incurred no significant losses, presumably losses will occur with other insureds, some of which losses will be in amounts which are disproportionate to the premium paid by those insureds who actually suffered a loss. The result is that the "risk of loss" is spread among many insureds, with the insurer making a profit or loss depending on how well it prices the policies, how well it invests the premium money until losses occur, and how well it controls the loss payments, in addition to all the other factors affecting the profitability of a business.

Because of the "peace of mind" aspect of insurance contracts, there are some special rules which the legal system applies to insurance policies. For example, cases involving interpretation of insurance contracts are more frequently decided using the rule that "ambiguity is construed against the drafter of the contract." Also, unlike most other contracts, an egregious breach of an insurance policy can, under some circumstances, result in a tort cause of action being brought against one of the contracting parties (the insurer).

Those who are responsible for analyzing the business benefits of an insurance policy must understand the special considerations applicable to these risk allocation agreements.

II. INSURANCE AND INSURANCE COMPANIES

There are numerous types of insurance coverage, and most technology companies will purchase several of them. This chapter will attempt to address only a few specific types of coverage which are likely to have unique applicability to technology companies.

The various meanings of the term "insurance company" is also a subject for discussion far beyond the scope of this volume. For example, the financing, organization, scope of coverages and claims handling of insurance policies purchased through one of the U.S. stock companies, versus Lloyd's at London, versus a risk-retention group, can be significant. There are even significant differences between the major U.S. stock companies. The insurance industry is hardly a monolith in its approach to coverages and claims handling.

All references to insurers, and to coverages, must be understood as generalizations. Although any specific reference may not apply to a particular insurer, the statements here will be based, at least in part, on the activities of insurers which have sold policies specifically intended for vendors of computer technology.

Insurance is a particularly complicated area of the law to explain, for several reasons. These would include, but certainly not be limited to, the following:

- There are many "terms of art," which terms cannot be intuitively understood, but must be explained to someone who has not encountered them previously. And even after long-term use and general understanding, there are occasions when an authoritative source will use a term in a manner which is totally inconsistent with the general understanding.

- It would appear that many courts of appeal (since state trial court decisions are generally not published they don't matter here) elect not to venture into this particular area of the law, and when they do, the decisions sometimes don't reflect a complete understanding and/or consideration of the implications. Even in states which are known for having a developed body of judicial decisions on contract law, it can be difficult to find a clearly written judicial opinion on certain aspects of insurance coverage. As such, it becomes necessary to "predict" the direction of the law by analogy, or by looking at a decision from another state. Because insurance coverage is generally a matter of state law, a court in one state can disagree with a decision from another state, making such a "prediction" even more uncertain.

- Many business people, and their legal counsel, view insurance as something similar to building maintenance. They want someone else to deal with it, they want it performed in a manner that is invisible to them, and they certainly don't want to hear the details (but if it isn't done just right, they will complain to those in charge).

- Insurance is a highly-regulated business, and the regulations can vary substantially from state to state. Thus, it is more difficult to know the answer "intuitively" than in some other areas of the law.

III. SOME BASIC TERMS AND CONCEPTS

A. Terms Used In This Article

This article will use certain terms. Although they are broadly consistent with general use, the descriptions below are for use as illustrations here, and should not be relied upon as "definitions."

"Claim" refers to circumstances, which have been brought to the attention of the insurer, for possible payment by the insurer. It encompasses the entire scope of the investigation, consideration, and disposition by the insurer, whether favorable or unfavorable to the position of the insured and/or claimant.

"Claimant" is the entity which is making a claim, which might be covered by a policy. Sometimes it is the insured which is making such a claim, for example, where an earthquake has damaged your building. But sometimes it is a third-party who will get the money, for example, where a vehicle operated by one of your employees strikes a pedestrian.

"Coverage" is used in two different ways, depending on the context. A reference to whether or not a claim is covered, means a determination of whether or not the insurer, subject to the terms of the policy, is required to make any payment. A reference to the insured obtaining certain coverage, or an insurer offering to sell certain coverage, refers to a contract covering a certain class of risks (for example, automobile), which would then become part of the policy.

"Insured" is the entity which owns the policy, presumably the vendor. Just because you own the policy doesn't mean that you are the one who gets paid, if there is a loss. See "claimant".

"Insurer" is the entity which is responsible to make payments under the policy.

"Liability coverage" refers to a coverage which protects the insured from liability to a third-party.

"Policy" is the short way of saying "Policy of Insurance." A policy is a contract, between the insurer and the insured, specifying the terms and conditions under which payment will be made to a claimant. For clarity of discussion, we distinguish between the policy itself, and a specific coverage under that policy. See the next section on "Purchasing Insurance."

B. "Duty to Defend" As Contrasted With The "Duty to Reimburse" For Defense

One of the principal benefits of a liability coverage, where applicable, is the "duty to defend." That is, if someone sues you, making allegations which are potentially within the scope of coverage, the insurer is responsible for the costs(2) of defending that suit. This includes a suit in which the allegations are false, but where the damages would be covered if the allegations were true. It is generally stated that "the duty to defend is broader than the duty to indemnify [pay a settlement or judgment]."

This benefit is particularly valuable because, with the exception of a few coverages (see next section), the costs of defense are in addition to the limits of coverage. So, it is possible for the insured to receive a defense which costs more than the entire potential limit of coverage.

This duty to defend also applies to a suit in which only some of the allegations would be covered, and some would not. Generally, unless the insurer is able to clearly establish which costs of defense are related solely to the uncovered portion of the suit, the insurer must pay for the entire defense.

There are still some states in which the potential for coverage is determined under the "four corners of the pleading" doctrine, which means that you read the complaint (the legal document initiating the suit), and compare the factual allegations to the insurance coverage. However, the more modern approach is to allow/require the insurer to consider extrinsic facts which it learns through its investigation, and specifically those which are provided by the insured.

Certain liability coverages (for example, most Directors and Officers coverage) do not purport to include a duty to defend. Instead, the insurer only agrees to reimburse the insured for the cost of defense. While this may sound like a minor modification, it actually represents a substantial variation in the insurer's obligations. In addition, such coverages generally specify the right of the insurer to "allocation" of defense costs, that is, the right to determine which portion of the defense is related to potentially covered claims, and to pay for only that portion of the costs of defense.

C. Defense "Within The Limits" Of The Policy

A relatively small number of coverages, otherwise including a duty to defend, are subject to "defense within the limits." That is, under those coverages, even though there is a duty to defend, each dollar spent in defending the suit leaves one dollar less for the payment of any settlement or judgment. Indeed, it is possible for the insured to exhaust the entire benefit, under the policy, before the case even gets to trial!

Significant to our discussion is the fact that among those few coverages including "defense within the limits" are most of the Computer Errors and Omissions policies.(3)

This concept was introduced by the insurers so that, at the time they sell the coverage, they know the maximum amount of their potential exposure, unlike a standard duty to defend policy, where the defense could cost more than the entire policy limit.

A vendor with this type of coverage has several strategic questions to consider when faced with a claim.

Assume, for purposes of discussion, that the vendor is sued by a customer, claiming $2 million in lost profits due to a defect in the design of vendors product. And assume the claim is covered under a Computer Errors & Omissions coverage, with a $1 million limit of coverage, with defense within the limits. Just after the lawsuit is filed, the customer says it is willing to settle the matter for $1 million. The parties talk (or they don't talk), but they don't settle the matter. A year later, after consideration of what has been learned in litigation, the vendor decides that settlement might be a good idea. The customer claims that they now want $1.25 million to settle, because they have spent $250,000 in legal fees. Vendor's attorney believes that the case can really be settled, right now, for $1 million. However, vendor's insurer has also spent $250,000 in the defense of vendor. So there is only $750,000 available from the insurance company, and vendor will need to add $250,000, of its own funds, to settle the case.

The strategic choices here should be clear, and probably apply to any litigation, but are especially relevant where defense is within the limits. First, before spending a substantial amount on defense, the vendor should fully analyze the claim, and decide whether settlement, in any amount, is advisable. Second, if settlement is a goal, all defense expenditures should be directed toward persuading the other side to agree to a settlement, at the proper amount. Third, if settlement is not acceptable, and especially if that is a "political" decision, senior management should be made aware, at an early stage, that if there is a surprise result (a delayed decision to settle or a judgment) that there may not be any/enough insurance to cover the result.

D. Claims-Made Coverage

Another feature which is common in the Computer Errors and Omissions coverage (and others, including D&O, for example), is coverage on a "claims-made" basis. That is, subject to the terms of the particular coverage, it applies not to events or damages that happen during the policy year (generally referred to as occurrence based coverage), but to claims which are first made against the vendor, and first reported to the insurer, during the policy year.

There are a number of reasons why this provision makes sense in certain types of coverages, not only for the insurer, but also for the insured. For example, it might be very difficult to determine, in a major software package, which has been continually modified over a multi-year period, to determine the date on which a particular line of code, which contained the "error," was introduced.

However, claims-made coverage requires vigilance, and an understanding of the requirements of your insurer as to when they want notice. The sophisticated insurer's, for example, understand that the "bug report" of a major vendor includes thousands of entries, and will not claim that the vendor "knew" about a potential claim based on a single entry in that report. On the other hand, when the CEO of a customer has sent a fax to the CEO of the vendor, asking for millions of dollars in damages, and the vendor doesn't notify the insurer until the following policy year, having made a substantial increase in the limits of coverage, trouble may lie ahead.

IV. PURCHASING INSURANCE

The insurance market is competitive, both as to price, and as to the scope of coverage. Insurers regularly issue new versions of old coverages, both to meet the existing competition, and to give themselves a competitive edge, in addition to the occasional introduction of a totally new coverage. Certain insurers will, from time to time, decide that they want to enter or leave a particular business segment (for example, some D&O carriers will not issue policies for "high-tech companies in California"). Also, for several reasons, including competition, it is common for a business to have policies of insurance (for different specific coverages) with several different insurers, simultaneously.

For a larger company, the acquisition and maintenance of insurance, along with claims reporting and other risk-management duties, can be more than a full-time job for one person.

Many businesses (of all sizes) therefore rely, for some portion of these responsibilities, on an insurance broker. The scope of services provided by the broker, and the compensation, are subject to some negotiation. However, in many instances, the broker's compensation will be paid by the selected insurer(s), based on a percentage of the insurance premium. In each geographic area, there are generally one or more brokers who have specific expertise related to the needs of, and the offerings in the insurance market for, companies involved in computer technology.

There are a limited number of insurance companies which currently offer a full line(4) of coverages for technology companies. The author is aware of St. Paul Fire & Marine Insurance Company, Chubb Group of Insurance Companies, USF&G and [maybe] Reliance National Insurance Company.

V. SPECIFIC TYPES OF COVERAGE

The full list of coverages which might be purchased by a technology company is too extensive to discuss here. Instead, this chapter will address a few of those which have special applicability to such businesses.

A. Commercial General Liability

The basic liability coverage, for most business, is the Commercial General Liability coverage, often referred to as the CGL. The CGL historically encompasses at least four specific types of damages, each of which can, for conceptual purposes, be thought of as a separate coverage.

It is important to remember that the CGL is designed to cover certain risks of all insureds, and is normally not specific to the high-tech industry. In fact, many insurers will attach, to the coverage, a "Professional Services Exclusion," which specifically states that coverage will not be extended to risks which arise out of the insured's business as a software or hardware provider.

1. Bodily Injury

This is the coverage for physical (and, sometimes, emotional) injury to persons. It will not be mentioned further here because, absent certain exceptions, it does not apply to the special risks faced by technology companies.

2. Property Damage - Must Be Tangible Property, Not Economic Damages Or Intellectual Property

Another coverage within the CGL is for property damage. Most policies now require either physical injury to tangible property, or loss of use of tangible property.

Among the normal exclusions to this coverage are coverage for your own product(5), the replacement of which is thought of as a risk of doing business, and coverage for property within your care, custody or control. Of course, there are many other exclusions (see, for example, subsection [b] below) which vary between coverages.

Courts have generally recognized that the reference to tangible property means that many items of "property" are not covered. For example, a leading case from California(6) stated:

"Understood in its plain and ordinary sense, 'tangible property' means 'property (as real estate) having physical substance apparent to the senses.' (Webster's Third New Internat. Dict. 1968). To construe the explicit words 'tangible property' to include intangible economic interests and property rights requires a strained and farfetched interpretation, doing violence to the plain language of the policies. . .strictly economic losses like lost profits, loss of goodwill, loss of the anticipated benefit of a bargain, and loss of an investment, do not constitute damage or injury to tangible property covered by a comprehensive general liability policy."

Further, it has been generally held that intellectual property rights, such as copyright, patent and trademark, are intangible property, and therefore do not come within the definition of property damage.

a. Can Computerized Data Be Considered Tangible Property?

Some technology companies may face a claim in which they have reason to consider whether computerized data, possibly including computer programs, can be considered tangible property. For example, if a customer suffers the loss of computerized data, or is otherwise unable to access data, due to the fault of the vendor, might this be considered property damage?

There are relatively few published court decisions addressing this issue, other than those construing tax statutes.

One such decision was Retail Systems v. CNA Ins. Co. (Minn.App. 1991) 469 N.W.2d 735. Retail Systems had a tape containing the only computerized copy of certain survey research data from one of its customers. The tape was lost during remodeling of the computer room. Retail Systems sought coverage for defense of the suit, under the Property Damage portion of its CGL, which coverage was denied by CNA. The court decided that CNA was obligated to pay, finding that the data on the tape was tangible property.

However, there are several reasons to disagree with conclusion reached here. For example, most tangible property has an inherent value. In Retail Systems, the only reason the data had value was because it was the last copy. If there had been two tapes of the same data, and only one had been lost, there would have been no loss (other than the value of the actual tape itself, which is clearly tangible property).

Indeed, one of the cases cited by the Minnesota court, supposedly in support of a finding that data is tangible property, stands for the contrary position. In Commerce Union Bank v. Tidwell (Tenn 1976) 538 S.W.2d 405, the court stated:

What is created and sold here is information, and the magnetic tapes which contain this information are only a method of transmitting these intellectual creations from the originator to the user. It is merely incidental that these intangibles are transmitted by way of a tangible reel of tape that is not retained by the user. In Crescent the tax was levied on the rental of a motion picture film. The film is inherently related to the movie; without the film there could be no movie. Therein lies the crucial difference. Magnetic tapes and cards are not a crucial element of software. The whole of computer software could be transmitted orally or electronically without any tangible manifestation of transmission.

It has also been argued, in other cases, that data, stored on magnetic media (disk and tape) is tangible property because it can be photographed by special methods. But human emotions, manifested by electrical changes in the brain, can also be photographed by special methods. That doesn't convert human emotions to tangible property.

Finally, does "data," such as a person's oral answer to a survey question, which is not "tangible property" in that form, become tangible property when it is written down by a survey taker? Does changing the form of the data, by entering it into a computer, move the tangible property from the survey sheet to the computer? Are both tangible property? Does the computerized data become tangible property at the moment that the survey taker's notes are destroyed?

b. The Exclusion For Impaired Property

There are many exclusions which must be considered in analyzing coverage. However, one of those with particular potential significance to technology companies, is related to "impaired property." This exclusion generally provides that the Property Damage coverage will not apply where there is a loss of use of tangible property, which hasn't been physically injured, as the result of your product failing to perform as expected.

For example, if you market a defective circuit board, which causes an entire computer to malfunction, this exclusion would be intended to bar coverage for the loss of use of the computer, because the computer wasn't physically injured.

Of course, there are exceptions.

First, the exclusion itself normally includes an exception for instances in which the loss of use to the other property results from sudden and accidental physical injury to your product. That is, taking the example above, if the loss of the use of the computer resulted from your circuit board suffering a fire, this exclusion would not bar coverage.

Second, some courts have held that where the insured's product is so inextricably attached to other property that removal and repair would damage the other property, the exclusion doesn't bar coverage.

3. Personal Injury - Defamation and Trade Libel

The third coverage, included within the CGL, is for Personal Injury. Within the CGL context, this coverage is distinct from Bodily Injury (subsection [1] above). Personal Injury covers specified torts (sometimes referred to as "enumerated offenses"), often including defamation (slander and libel), trade libel, false arrest, and sometimes malicious prosecution.

Trade libel, although it is covered in some policies, is not the same as defamation. One Federal Court of Appeals,(7) applying California law, has explained:

Trade libel is defined as "an intentional disparagement of the quality of property which results in pecuniary damage. . . ." [citation] The cause of action for trade libel thus requires: (1) a publication, (2) which induces others not to deal with plaintiff, and (3) special damages. Trade libel is not, however, a true libel and is not actionable as defamation. [citation] Trade libel and product disparagement are injurious falsehoods that interfere with business. Unlike classic defamation, they are not directed at the plaintiff's personal reputation but rather at the goods a plaintiff sells or the character of his other business.

This type of coverage is potentially applicable to disputes between technology companies, in which the subject of the dispute are statements about the products of the competitor or about the competitor itself.

4. Advertising Injury - The Offense Must Be Related To Advertising

The fourth coverage under CGL is for Advertising Injury. Like Personal Injury, this coverage applies to a list of "enumerated offenses." The enumerated offenses generally include defamation, infringement of copyright, title or slogan, and some coverage, depending whether it is a "new" policy or an "old" policy (the dividing line is about 1987) for piracy and unfair competition (old) or misappropriation of advertising ideas or style of doing business (new).

Major battles continue to be waged over the meaning which the courts will ascribe to these terms, and some of the most significant outcomes involve a matter of particular interest to technology companies, intellectual property claims. Some of these are discussed in the subsections below.

In addition, and particularly relevant to technology companies, the courts have generally confirmed a requirement that there be a causative relationship between the commission of the enumerated offense, and advertising. Again, this will be discussed below.

Finally, some insurers have decided that they want to avoid any liability for intellectual property claims, and have begun the use of an endorsement, which they include with the policy, stating that there will be no coverage for intellectual property claims. Of course, those endorsements only apply to the policies to which they are attached, so that claims based on damages which occurred prior to such policies, may not be excluded from coverage.

a. Potential Coverage For Copyright Infringement

Most definitions of Advertising Injury include, among the enumerated offenses, "infringement of copyright," or some variation on those words. However, just because a vendor is sued for copyright infringement doesn't mean there is a potential for coverage, even where the vendor's advertising is in dispute.

For example, assume someone stole money from a bank, then ran an ad in the paper saying "I got away with it, I dare you to catch me." At the trial, the ad might be used as evidence of an admission of guilt, but no one could really argue that the bank robbery occurred "in the course of advertising."

The lines in copyright infringement, involving computer technology, are often more difficult to draw. In many cases, the allegations are tied to circumstances in which one vendor is alleged to have infringed the copyright of another vendor in certain software. That alone would not involve advertising. However, the infringer has also offered to sell the infringing product, in advertising.

Whether or not the relationship between copyright infringement and advertising is sufficient to obtain coverage depends on the facts of the case. One federal court, considering a matter in which the underlying case involved the "look and feel" of software, held that there were just enough facts to find a duty to defend.(8) At the same time, the court noted that even if liability were found, in the underlying action, it was unlikely that there would be a significant duty to indemnify (pay a settlement or judgment).

The recent case of Lotus Development adv. Borland International, which went to the U.S. Supreme Court, represents an extreme example of the potential cost of such litigation. It has been disclosed, in pleadings filed with the Court, that Borland expended over $20 million defending that suit. There is also information in the pleadings that a substantial portion of that money was obtained from Borland's insurer, although the exact amount is not disclosed.

b. Not Much Potential Coverage For Patent Infringement

Some courts have found a duty to defend patent infringement where the definition of Advertising Injury includes "piracy." However, a number of recent court decisions have found no potential for coverage. Unfortunately, although they come to the same conclusion (no coverage), the rationale has not been consistent.

Nonetheless, there are some common principles. For example, the courts almost generally agree that the term "piracy" can refer to patent infringement. The more common matter of discussion is whether patent infringement can occur in the course of advertising.

The recent decisions generally agree that direct infringement (which requires making, using or selling) does not occur in the course of advertising. An ad, without a sale, is not direct patent infringement. This has been summarized by a California appellate court(9) and adopted by the Ninth Circuit Court of Appeals(10) as follows:

. . .the patentee is not injured because a product incorporating its invention is advertised, but because the infringer, without consent, used or sold a product utilizing a patented invention.

Courts have also addressed the potential for coverage of "inducing infringement," which has different elements than direct infringement. One such decision, which has already been cited in other jurisdictions, is Aetna Cas. & Sur. Co. v. Superior Court (1993) 19 Cal.App.4th 442. That decision acknowledges, sub-silentio, that inducing infringement might happen in the course of advertising. Indeed, the federal courts, which are the exclusive arbiter of patent law, have made such a finding. However, Aetna goes on to hold that inducing infringement requires a degree of intent which make insurance coverage contrary to a California statute(11) barring coverage for ". . . a loss caused by the willful act of the insured . . ."

There are aspects of the Watercloud decision which appear to be contrary to other legal precedents. For example, while examining the duty to defend, the court looked to facts (the proof in the underlying matter) which were not available at the time the claim was tendered. Nonetheless, the California Supreme Court declined to review the Watercloud decision, and a number of courts have followed with decisions also holding that there is no coverage for patent infringement.

B. Computer Hardware and Software Errors And Omissions Coverage - Something Special For Technology Companies

HYPOTHETICAL 1 - A bank contracts with a software vendor to provide software for calculating and tracking interest due on loans. After many years, it is discovered that the calculation is wrong under some circumstances, and the bank has suffered a loss of $250,000, because it has not been receiving the correct amount of interest.

HYPOTHETICAL 2 - A disc drive manufacturer sells disc drives to an OEM customer, who integrates those drives into the OEM's product, for resale to others. Due to a defect in design, the disk drives suffer an excessive failure rate, and the reputation of the OEM's product suffers. The OEM makes a claim against the disc drive manufacturer for loss of profits.

These losses wouldn't be covered under most CGL policies, or any other policy generally sold. But they probably would be covered under the most unique coverage, as it relates to vendors of computer hardware and software, which is the Computer Errors and Omissions ("E&O") coverage. Conceptually, this coverage can be understood as "malpractice" insurance for technology companies.

Indeed, these E&O policies are intended, subject to their limitations, to cover claims for what have been referred to as "economic damages." (See subsection A.2. above.)

The terms of these coverages, as between the various insurers offering this coverage, are not standard. Each of the insurers offering this coverage have their own form, and there are, from time to time, substantial revisions.

While this coverage provides broad protection, it is considered relatively expensive. Further, because of the time and effort required for the insurers to underwrite these policies, they are generally have a minimum premium, which makes it difficult for smaller technology companies to acquire this coverage.

But, even for small technology companies, this coverage can be very important in the course of contracting with customers. Every vendor, and their legal counsel, has been involved in negotiations over the limitation and/or exclusion of consequential damages. In some circumstances, the vendor and its customer have agreed that: 1) the vendor will purchase E&O coverage; 2) the vendor will accept responsibility for some consequential damages (perhaps in an amount equal to the limits of the E&O coverage); and 3) that the customer will pay an additional amount, under the product contract, to offset the cost of the E&O coverage. Caution: This arrangement should be confirmed, in writing, with the insurer on the E&O coverage. While it is conceptually acceptable, it is important that the insurer understand the arrangement, and have an opportunity to investigate, so that there isn't later an assertion that the vendor misrepresented its request for coverage, entered into a collusive deal with the customer, or otherwise violated a provision of the coverage.

The scope of E&O coverage is limited in various respects, many of which are intended to avoid providing coverage for risks which are best avoided by the insured. For example, these policies generally exclude coverage for claims based on the vendor having exceeded cost estimates or cost guarantees, for recall of products, and for claims based on infringement of intellectual property.

One industry specific coverage limitation, incorporated into some of the E&O coverages, attempts to deal with "developmental risk."

"Developmental risk" arises from a situation in which a vendor says "we will deliver this software product to you in XXX months." In reliance on that representation, the customer buys a bigger computer, hires a management consultant, and begins training the staff to use the new system. Then, just about the time delivery is scheduled, the vendor says "we discovered some problems in beta testing, and there will be a two year delay in delivery." The customer then makes a claim against the vendor for damages.

Although this situation can arise from a good faith error or omission, it was the cause of some early losses and concern in the industry. The response, in the coverages which address this concern, has been to limit coverage only to damages which occur after installation, testing, and acceptance by the customer.

The insurer's are also considering the potential impact of the Year 2000 problem on E&O coverage. I would expect to see substantial restrictions placed on these policies in an effort to avoid uncertainty. There have been press accounts regarding some new insurance offerings specifically directed to the Year 2000. However, it would appear that those policies require a substantial payment ($50 million if you want $100 million of insurance), although 90% would be refunded if there are no claims.

C. Director's and Officer's Liability

Director's and Officer's coverage ("D&O") generally protects the individual directors and officers from claims of misconduct, especially where the misconduct isn't shown to have been undertaken for personal gain.

The special concern for technology companies, in regard to this coverage, is the concern that high-tech companies, especially in California, are subject to a higher incidence of "class action shareholder" suits, alleging misrepresentations of fact by the directors and officers, which misrepresentation lead the members of the class (certain shareholders) to have lost money trading in the stock of the company.

One common allegation is that management misrepresented the dates on which certain products, often software, would be available for sale. Members of the industry point to the inherent uncertainties involved in the development of software, which uncertainties are normally disclosed in the public filings of the companies. Nonetheless. these cases regularly result in multi-million dollar settlements.

From time to time, one or more of the major insurers for D&O insurance has indicated an intent to limit the availability of D&O coverage for high-tech companies. Some have even elected to withdraw from certain markets (for example, "high-tech in California"), including a decision not to renew the D&O coverage of existing insureds.

D. Kidnap & Ransom - High-tech Product Extortion Coverage?

A coverage which is rarely discussed is Kidnap & Ransom ("K&R"). Even when a company has this type of coverage, most employees don't know about it. For reasons which should be obvious, it is generally a policy condition that the insured only disclose the ownership of this type of coverage on a "need to know" basis.

But, there is an aspect of this coverage which could be highly relevant to the business of a vendor, because many of these coverages apply to an "extortion" demand as to the business of a company, or its products, and not just to the kidnap of a person.

For example, a vendor might receive a communication claiming that a malicious computer virus has been developed which will cause all customers of the vendor, upon using the technology companies product, to lose all data. The virus will be released unless the vendor pays a ransom. (The vendor might not be legally liable to the customers, but the loss of sales and goodwill could be substantial.)

At least some K&R coverages would respond to this situation. (12) One of the obvious benefits of K&R is that, under specified circumstances, it would reimburse the insured for the extortion payment.

But another particularly valuable feature of the coverage is around-the-clock access, paid by the insurer, to experts in the field of hostage negotiation and rescue. There are a limited number of these companies, normally headed and staffed by former law enforcement personnel. Their fees, if they are retained without a prior arrangement (such as a K&R coverage), can be substantial. This benefit is so important that some insureds decide which K&R coverage to purchase based on which of the experts services will be included.

E. Intellectual Property Infringement Coverage

Historically, there has been very little coverage offered which was specifically targeted to the issue of intellectual property infringement.

One of the only coverages was for the costs of enforcing (not defending) patents. It involved very detailed underwriting, including warranties regarding the lack of knowledge of infringement, and provided relatively low limits ($1 million). Obtaining permission to sue a competitor, paid for by the coverage, involved submission of an opinion of counsel as to the merits of your claim.

Recently, several insurers have shown interest in providing a defensive intellectual property coverage. One of the largest has introduced a product, but has stated that it will not, at this time, be available to high-tech companies, preferring to limit itself to manufacturing, and other less volatile environments. One of the specialty insurers has offered to provide coverage for copyright infringement for software vendors.

The problem for insurers looking to enter this market is finding a method of underwriting and pricing the policies. The costs of defense alone, in intellectual property matters, is regularly in the millions of dollars. Further, the insurer wants to avoid issuing the coverage to an insured who has reason to believe that they are about to be sued. What questions will the insurer need to ask to get this information? Various options are being tried, including requiring the prospective insured to provide an opinion of legal counsel as to specified facts.

Within the next year there will either be significant developments in this area, or there will be a consensus, in the market, that this class of risks cannot be effectively addressed through insurance.

VI. DEALING WITH A CLAIM OR SUIT - THE IMPORTANCE OF PROMPT TENDER TO THE INSURER

Whenever a vendor receives a claim or suit, the potential for insurance coverage should be considered. If there is any possibility that the claim or suit is covered, it should be submitted to the insurer for consideration. Such submission is generally referred to as a "tender" of the claim.

The tender should be in writing, and should state nothing more than the relevant facts: the basic nature of the claim; the date on which the insured received the claim or suit; the amount of the demand for damages, if known; the name of the person to be contacted for further information; identifying information regarding the potentially applicable insurance coverage. In addition, a copy of any written demand, or lawsuit, should be enclosed. Some policies state a specific address to which the tender should be submitted.

Although the burden is generally on the insured to provide sufficient information to show that the claim is potentially covered, that does not mean that the tender letter needs to be an exhaustive recitation of the facts. Nor does it mean that the insured must argue the legal points in the tender letter. Rather, the insured should provide adequate information to give the insurer timely notice of the claim, and then respond, fully and promptly, to any reasonable requests from the insurer for further information.

There are several reasons why the insured should give prompt notice of any claim or suit to the insurer, rather than waiting to investigate and/or settle the matter. These would include the following:

- The duty to defend, and therefore the duty to pay for defense, might not apply until the date of tender. In other words, legal fees, which might otherwise be covered, might not be covered prior to the date of tender.

- Some policies (especially D&O) require that you obtain the insurers approval of your choice of defense counsel.

- A settlement, entered into without first giving the insurer a chance to approve the settlement, can allow the insurer to deny payment of the settlement, even where it might otherwise be covered.

- A delay in providing notice of claim to the insurer, even where the insurer is not prejudiced by the delay, can be a ground for the insurer to deny the claim in some states.

- The insurer might decide that there is coverage, even on a claim where you are not sure coverage applies.

Finally, if the insurer denies the claim, don't delay in considering your options. Under some policies there is a requirement that you demand arbitration within 60 days of claim denial, with a detailed procedure specified for that arbitration.



1. The author of this chapter has represented certain insurance companies, and insureds of certain other insurance companies. As such, I feel constrained to remind the reader that the statements contained herein are generalizations and do not necessarily represent the viewpoints of any particular clients, past, present or future.

2. California is unique in this regard. Pursuant to Civil Code 2860, where the insured has selected independent counsel, due to a potential conflict of interest with the carrier, the carrier is required to pay only that portion of fees which are equal to the highest hourly rate which the carrier pays to "panel counsel".

3. As noted previously, almost every statement here is subject to qualification. As a specific example, even many of the large "commercial" states disagree on this issue. Coverages including defense within the limits may be sold in California, but the regulations in New York (and many other states) don't allow this variation.

4. A "full line," as used here, in addition to Commercial General Liability, Automobile, Property and Umbrella, would require the availability of Errors and Omissions coverage, for economic damage losses related to computer software and hardware claims.

5. There is a coverage, referred to as "Product Damage," which covers damage to your own products, under specified circumstances.

6. Giddings v. Industrial Indemnity (1980) 112 Cal.App.3d 213.

7. Aetna Casualty and Surety v. Centennial Ins. Co. (9th Cir. 1988) 838 F.2d 346

8. Federal Ins. Co. v. Microsoft Corp. (W.D. Wash. 1993) 1992 U.S. Dist. LEXIS 5467.

9. Aetna Cas. & Sur. Co. v. Superior Court (1993) 19 Cal.App.4th 320, rev den (Jan. 13, 1994).

10. Iolab Corp. v. Seaboard Sur. Co. (9th Cir. 1994) 15 F.3d 1500.

11. California Insurance Code 533.

12. If the virus was actually released, and the problem became one of compensating customers for loss, the damages and defense of suits might be paid by an E&O coverage. On the other hand, if the vendor felt a need to recall the existing product held by customers, and to replace it with a version which wasn't susceptible to the virus, that might be handled by a coverage we haven't otherwise discussed here, Product Tampering and Recall.