(Cyber Insurance PolicyPolicy) Part I,A
The Ironshore under discussion here, and some other cyber insurance policies providing liability coverage will contain coverage for at least some breaches of contract. This is a rarity in most run of the mill insurance policies for the real world.
Here are some ways to look for covered breach of contract obligations on the part of the insurer.
Check the various insuring agreements. So more than the narrowly relevant one.
Look at the general definition of “wrongful act.”
If the phrase “wrongful act” is set forth in term of being an “X activity [[or] service] wrongful act” look for it there. Be sue to check the ones you care about, e.g., because you want to determine which coverage to purchase, because you might try and negotiation and appropriate endorsement, because there might be a price differential.
Get a letter from whomever you use, whether a broker, a risk consultant, or a lawyer. The letter should be general and particular, where the particular question(s) pertain to coverage for breaches of contract.
This potentially a subtle, hidden matter. You may wish to use cyber-sophisticated coverage counsel. You may not want to restrict you inquiries and analyses to a broker or to an external risk manager/consultant. You need to be careful regarding the selection of counsel. Experience with e-discovery is insufficient to make sure adequate knowledge is there, nor is the use of a BigFirm that promotes or advertises itself as “the go-to” group for cyber policy analysis. Private, firm-sponsored “newsletters” don’t do the job either. Of course, none of the activities and/or presentations imply that the lawyers in that firm (and, maybe, in are relative specialty group) are unacceptable.