Electronic Data Liability Coverage Form
ISO Claims-Made Form
September 28, 2015
Summary: The standard CGL form specifically notes that electronic data is not tangible property, and specifically excludes coverage for damages arising out of the loss of, loss of use of, damage to, corruption of, inability to access, or inability to manipulate electronic data. Therefore, in order to provide some coverage for this type of exposure, a separate coverage form has been developed by the Insurance Services Office (ISO). The coverage form is CG 00 65 04 13; this is a claims-made policy. The policy was updated in 2013. Those revisions are highlighted in this article.
Insuring Agreement
1.We will pay those sums that the insured becomes legally obligated to pay as damages because of “loss of electronic data” to which this insurance applies. We will have the right and duty to defend the insured against any “suit” seeking those damages. However, we will have no duty to defend the insured against any “suit” seeking damages to which this insurance does not apply. We may, at our discretion, investigate any “electronic data incident” and settle any claim or “suit” that may result. But:
a.The amount we will pay for damages is limited as described in Section III—Limit of Insurance; and
b.Our right and duty to defend ends when we have used up the applicable limit of insurance in the payment of judgments or settlements.
No other obligation or liability to pay sums or perform acts or services is covered unless explicitly provided for under Supplementary Payments.
2.This insurance applies to “loss of electronic data” only if:
a.The “loss of electronic data”:
(1)Is caused by an “electronic data incident”;
(2)Takes place in the “coverage territory”; and
(3)Did not occur before the Retroactive Date, if any, shown in the Declarations or after the end of the policy period; and
b.A claim for damages because of the “loss of electronic data” is first made against any insured, in accordance with Paragraph c. below, during the policy period or any Extended Reporting Period we provide under Section V—Extended Reporting Period.
Analysis
This insuring agreement binds the insurer to pay the sums that the insured becomes legally obligated to pay as damages because of loss of electronic data. Loss of electronic data is a phrase that is defined in the definitions section of the policy and will be discussed later in this article; but suffice it to say that the insuring agreement applies to damages the insured causes to electronic data such as information or programs stored in computers, tapes, CD-ROMS, and other media used with electronically controlled equipment. With more and more cyber breaches occurring on an almost daily basis, this coverage is particularly important. The cause of loss must be due to an electronic data incident. An electronic data incident is an accident or negligent act, error or omission, or series of causally related accidents, negligent acts, errors or omissions that result is a “loss of electronic data” (defined term). For example; an employee is working remotely from a coffee shop, and leaves his laptop signed on and unattended while using the restroom. Another patron mistakes the laptop for his own and proceeds to delete data and inadvertently corrupt the laptop before realizing he is not on his own machine. The loss of and corruption of data would be covered.
The insurer also agrees to defend the insured against any lawsuit seeking damages because of that loss of electronic data. This is important due to all the instances of hacked customer information and medical information from various stores and medical providers. The insurer reserves to itself the right to settle any claim or lawsuit and the insured has no say in this matter. This happens frequently, as it may be less expensive to settle a suit than to defend the insured. The amount the insurer will pay on behalf of the insured is limited, based on the limitations as set forth in the limits of insurance section of the policy. And, the insurer points out that the duty to defend ends when the applicable limit of insurance is used up only in the payment of judgments or settlements; that is, the duty to defend cannot be ended simply by the insurer tendering the policy limits and then trying to abandon the defense of the insured, and it cannot be ended by the insurer paying defense costs that may equal or surpass the declared limits of insurance.
This insuring agreement does have its limitations. The insurance applies only if the loss of electronic data is caused by an electronic data incident (a defined term) that takes place in the coverage territory (a defined term). The loss has to occur during the policy period and, in keeping with the claims-made nature of the policy, the claim for damages has to be first made against any insured during the policy period, or any extended reporting period that is provided to the insured (extended reporting periods are discussed later in this article).
This premium content is locked for FC&S Coverage Interpretation Subscribers
Enjoy unlimited access to the trusted solution for successful interpretation and analyses of complex insurance policies.
- Quality content from industry experts with over 60 years insurance experience, combined
- Customizable alerts of changes in relevant policies and trends
- Search and navigate Q&As to find answers to your specific questions
- Filter by article, discussion, analysis and more to find the exact information you’re looking for
- Continually updated to bring you the latest reports, trending topics, and coverage analysis
Already have an account? Sign In Now
For enterprise-wide or corporate access, please contact our Sales Department at 1-800-543-0874 or email [email protected]