The CSR Advisor (CSR 12/13)
Vol. 25, No. 6
In This Issue: Coverage notes: Insuring intellectual property risks; Industry insight: ERM frameworks; Professional growth: Social media and cyber security exposures; A look at the law: No reformation of policy after meaningful offer; Test your knowledge: Workers compensation and volunteers; Two-minute memo: Odd-lot doctrine and non-English-speaking workers; Monthly quiz: Homeowners insurance
Insuring intellectual property risks
It’s hard to imagine a company in any industry without some kind of intellectual property exposure. However, commercial general liability (CGL) policies exclude coverage for many intellectual property risks.
What are the risks?
A company’s intellectual property comprises both tangible and intangible assets. The property can be divided into four general categories: (1) patent: machinery, equipment, software, gadgets, processes, and drugs; (2) copyright: books, music, songs, poems, maps, software, and Web sites; (3) trademark: symbols, slogans, company names, expressions, and packaging; and (4) trade secret: formulas, processes, techniques, customer lists, and strategies.
From a first-party perspective, the ownership of intellectual property includes the following risks: the legal costs of protecting and enforcing intellectual property rights; the loss or diminished value of intellectual property as an asset; or diminished licensing or product revenues as a result of legal findings of invalidity, unenforceability or noninfringement, or challenges to title or ownership.
From a third-party perspective, the risks include the legal costs to defend against an intellectual property infringement or theft suit; any resulting settlement costs or damages; and design-around costs, harm to customer relationships, and negative impact on company share price.
CGL coverage limited
ISO exclusions added in recent years have substantially curtailed coverage for intellectual property under CGL policies. However, there are many variations of forms among insurers and some policies do not incorporate all of the ISO restrictions. What’s more, infringement might occur over a period of years, implicating prior policies, which may not have the latest exclusions.
It’s possible that an intellectual property claim (for example, a suit by a customer whose goods have been seized as counterfeit) might be covered under products-completed operations liability coverage in a CGL policy that defines “property damage” as including “loss of use of tangible property that has not been physically injured or destroyed.”
More commonly, CGL coverage for intellectual property infringement has been premised on the portion of the policy known as “personal and advertising injury” coverage. However, the current ISO personal and advertising injury coverage has a number of restrictions that would preclude coverage for most intellectual property infringement claims.
For example, the current CGL specifically excludes personal and advertising injury arising out of the infringement of copyright, patent, trademark, trade secret, or other intellectual property rights. This exclusion does not apply to infringement, in your insured’s advertisement, of copyright, trade dress, or slogan. Under this exclusion, “other intellectual property rights” do not include the use of another’s advertising idea in your insured’s advertisement.
Moreover, the definition of personal and advertising injury in the current ISO form makes it much more difficult for the insured to prevail on “misappropriation” claims. Personal and advertising injury covers injury arising out of one or more of several listed offenses, including the following:
- oral or written publication, in any manner, of material that slanders or libels a person or organization or disparages a person’s or organization’s goods, products, or services;
- oral or written publication, in any manner, of material that violates a person’s right of privacy;
- the use of another’s advertising idea in your insured’s advertisement; or
- infringing upon another’s copyright, trade dress, or slogan in your insured’s advertisement.
Not only does the definition not mention misappropriation, coverage in connection with advertising is limited by the term “advertisement.” Nevertheless, the coverage your insured has will depend on the circumstances of the claim, the allegations, and the specific language in your insured’s policy.
No standard intellectual property policy
Intellectual property lawsuits are becoming more frequent. They are also time consuming to litigate and can be incredibly expensive. Finding the right insurance protection is complicated, made more so by the fact that there is no standard intellectual property insurance policy.
Intellectual property liability coverage, also called infringement coverage, provides defense costs for infringement claims against the insured. The policy may be written to afford coverage only for defense costs, or it may also indemnify the insured against damages the insured is legally liable for as a result of a verdict or settlement. This is the most typical type of coverage purchased when customers think of or ask for intellectual property liability insurance.
Intellectual property enforcement insurance, also called abatement insurance, is a unique plaintiff’s policy that reimburses litigation expenses to enforce intellectual property rights.
It provides intellectual property owners with the financial resources to fund professional fees and expenses when pursuing infringers. This coverage does not insure against counterclaims (a retaliatory claim by a defendant against your insured) or against any damages. It can be expanded with optional extensions to include contractual disputes and action against a third party for nonpayment, enforcement of an agreement to indemnify the insured, and action against the insured for breach of a declared agreement. This extension can also include investigation costs to determine if there are grounds for pursuit of an infringement claim by the insured.
Private data protection, or unauthorized disclosure insurance, offers protection for trade secrets and the unintentional disclosure of personal identifier information. It also reimburses the litigation expenses to defend against charges of the unauthorized or unintentional disclosure of a third party’s entrusted confidential information.
Intellectual property representations and warranties infringement liability insurance is generally associated with mergers and acquisitions or a purchase agreement. It certifies that the intellectual property involved in the transaction is valid, similar to the function of title insurance in home purchases.
This type of coverage defends against infringement or misappropriation liability and provides reimbursement for defense expenses or loss (awards or settlements). It is designed specifically for the representations and warranties applying to intangible assets, whether the sale or purchase of a single asset, a portfolio of assets, or as part of a corporate sale or merger.
A multi-peril intellectual property (MPIP) insurance policy provides first-party coverage for loss of value resulting from an intellectual property lawsuit. It is available as a rider on the abatement and defense policies discussed above. The MPIP policy responds after the final adjudication of the civil proceeding that establishes the loss of value and covers (1) business interruption; (2) loss of commercial advantage; and (3) cost of redesign, remediation, and reparation.
It may also cover loss of ongoing royalties/license fees, and using pre-established
declared values, it may cover the loss of benefit of research and development, loss of portfolio value, loss of trade dress identity, and loss of trade-secret advantage. Further, loss of value coverage is available to the patent holder up to a declared amount (agreed value).
Finally, asset-backed intellectual property insurance reimburses the lender (not the intellectual property owner) for the outstanding loan balance where the lender has loaned against intellectual property as collateral and a foreclosure sale or bankruptcy ruling has resulted in a shortfall. The insurance also protects the lender if the intellectual property is invalidated through litigation or if it becomes valueless, for example, through obsolescence. This insurance allows companies to borrow money against their intellectual property.
Coverage under E&O and D&O insurance
Sometimes directors and officers (D&O) liability, professional liability, or errors and omissions (E&O) liability insurance policies can provide protection against intellectual property-related claims.
Coverage for copyright or trademark infringement is usually available under an E&O policy. Patent infringement coverage is not readily available except under an intellectual property liability insurance policy. For firms that buy technology E&O insurance, coverage for infringement of trade secrets involving source code is desirable but might be difficult to obtain. The release or compromise of a client’s confidential information represents a significant exposure for many firms.
As far as D&O coverage, the increasing awareness of the value of intellectual property may compel the courts to become more rigorous when it comes to an officer’s or director’s duty to the company and its shareholders. Part of the required due diligence is to consider transferring the company’s intellectual property risk to an insurer, since reallocation of risk to insurance is certainly not a new concept for companies.
Companies can, and should, negotiate the existence and extent of intellectual property exclusions.
Industry insight …
Some of your business insureds may have decided to implement some form of enterprise risk management (ERM) in their organization. More and more organizations are adopting ERM as the best way to manage risks throughout the organization. While you might not deal directly with ERM, it will undoubtedly be on the mind of some of the risk managers you deal with. So, you should know something about it.
Today, it is generally acknowledged that enterprise risk management consists of the combination of strategic, operational, financial, and insurable risk management disciplines. But beyond this, there is much room for debate.
For instance, some argue that corporate governance (the system by which business corporations are directed and controlled) and corporate compliance (the process of meeting the expectations of regulators) are fundamental components of the enterprise risk management process. Others argue that they are separate, although interrelated, processes. What is and is not included in ERM varies from organization to organization.
There are two well-known frameworks around which to organize ERM. These serve as broad models or high-level tools for risk managers. They are 1) the Committee of Sponsoring Organization’s (COSO) ERM framework and 2) the International Organization for Standardization’s (ISO) 31000.
COSO Integrated Framework
The goals of the COSO framework are to: create a common definition of internal control for organizations; produce a standard against which organizations could evaluate their control systems; and provide a path for corporations to decide how to improve their internal control mechanisms.
- COSO’s framework defines eight key elements necessary for internal control:
- internal environment (the organizational risk culture);
- objective setting (the organization’s objectives);
- event identification (the events that might affect objectives);
- risk assessment;
- risk response (how risks are managed);
- control activities (the policies and procedures ensuring that risk responses are carried out);
- information and communication; and
- monitoring (how ERM as a whole is performing and whether it needs improvement).
The eight components of ERM are then organized in terms of the company’s business elements (entity level, division, business unit, and subsidiary) as well as the company’s business objectives in several categories (strategic, operational, reporting, and compliance).
The goal of ISO 31000 is to provide a set of operating principles and generic implementation guidelines on risk management that can be used by any association, group, or individual, public, or private. Among other goals, the standard attempts to establish a common risk management vocabulary. The lack of one has been a fundamental issue in the risk management community for years.
ISO 31000 provides a flexible framework, giving organizations the information they need to create an ERM program based on their specific business or governmental context and the information needs of organizational decision makers. (In contrast, COSO takes a more detailed approach. Indeed, too much complexity is one of the impediments preventing many firms from adopting the COSO model.)
Firms implementing ISO 31000 must give attention to integrating existing compartmentalization of risk management processes. The focus may center on transferring accountability gaps in ERM; aligning objectives of the governance frameworks with ISO 31000; embedding management system reporting mechanisms; or creating uniform risk criteria and evaluation metrics.
Social media and cyber security exposures
Social media platforms, including LinkedIn, Twitter, bulletin boards, blogs and Facebook, provide an opportunity for agencies to communicate with the public instantaneously and interactively. These social media platforms, however, open your agency and your customers to new threats, such as privacy violations, defamation, employment practices liability, and intellectual property risks.
Intellectual property liability in social media arises most often out of sharing copyrighted video, audio, images, and other works created by a third party posted or reposted without permission. Companies may face infringement claims (direct or based on vicarious liability).
Businesses that store confidential customer and client information online are also exposed to increasing liabilities and costs as a result of cyber attacks and data breaches. A company may face liability if it posts competitors’ trade secrets and confidential information online. Businesses can also forfeit protection of their own confidential information, such as customer lists, if it leaks online.
The most recent State of Security Survey by Symantec found that 92 percent of companies surveyed saw losses from cyber attacks in 2011. The top three reported types of losses were downtime, theft of employee’s identity information, and theft of intellectual property.
Don’t expose your agency to risk
One way that fraudsters access sensitive information is through scams that convince employees to give up personal social media passwords. This is a risk for the business because many individuals use the same passwords for multiple logins, and disclosing a social media password may provide the password to a secured company network.
Additionally, there is increasing evidence that criminals are using social media to target key company personnel in order to gain access to company networks and steal trade secrets and other sensitive information. The amount of personal information users share on social media sites, such as employer, address, friends, and interests, provides rich targets for such attacks. Fraudsters can gather details about a user and then use the details to target the attack specifically at the individual (such as a phishing e-mail).
Even if confidential information is not directly put into a single status update or other post, the aggregated social media postings of multiple employees could yield valuable competitive information. Companies (on their own or through third-party service providers) are actively data mining social media sites with the hope of gathering enough bits and pieces of information to provide a competitive edge. Employees may be unknowingly posting what they think is a single piece of nonsensitive data. However, when combined with multiple data points from other employees and sources, those innocent disclosures could suddenly reveal company or client confidential information.
Make sure you follow your agency’s social media policy. Only authorized personnel should be permitted to use the agency name on social media platforms. Only authorized personnel speak for the company.
Additionally, employees should not access social media sites from company computers and networks that also store sensitive company data.
A look at the law ...
No reformation of policy after meaningful offer
A request to reform a motorcycle policy to add underinsured motorists (UIM) coverage was rightfully refused where insurer made a meaningful offer of UIM coverage — Cohen, et al v. Progressive Northern Insurance Company, et al, No. 5083 (S.C. Ct. App. February 13, 2013).
In 2005, Greg Cohen called Citizens Insurance Agency to purchase a policy for his motorcycle. He remembered speaking with a female employee about the policy but did not recall her name. Meredith Thomason, a Citizens Insurance agent, did not specifically recall speaking with Cohen but testified she wrote the quote sheet generated as a result of that call. She also signed the application form as the agency’s representative.
Thomason did not remember the transaction with Cohen. Therefore, her account of how Cohen applied for the policy was based on the procedure she typically follows for completing an application. She testified that a transaction begins with a phone call, and she fills out a quote sheet while talking with the client. She then creates an application form using input from the client. She prints it only after she and the client have discussed and agreed on what types and limits of coverage he wants. When the client comes to Citizens Insurance’s office to complete the application, Thomason gives him an opportunity to read it.
Going through each page of the application, she explains UIM coverage, tells the client he is not required by law to have it, and recommends the client buy UIM coverage with limits equal to the other types of coverage he is purchasing. She also reviews which coverage the client is selecting and which he is rejecting in the application form. The client signs the application in several places, including an acknowledgment stating he has read the information that Thomason presented to him regarding UIM coverage. Thomason then signs on a line indicating that the client has completed and signed the application. After that, she gives the client a copy. Thomason testified she never deviates from this procedure.
Cohen’s recollection of applying for his policy differed from Thomason’s procedure. He testified that when he called Citizens Insurance, he told the agent, “I want the same coverage that I have on my Expedition, my other vehicle.” He did not recall talking on the phone about UIM coverage. The next day, he went to Citizens Insurance’s office and spent less than five minutes signing paperwork. The employee with whom he met did not explain what was in the paperwork, and Cohen did not review the documents before signing them. They did not discuss what coverage limits he wanted or what would happen if he did not buy UIM coverage and was later injured. He testified he did not tell the employee that he did not want UIM coverage.
The application Cohen and Thomason signed includes an explanation of what UIM coverage is and how it works. Additionally, the application explains that UIM coverage is optional and that it can be purchased up to the limits of the liability coverage Cohen was purchasing. Another page, entitled “Offer of underinsured motorist coverage,” has a table listing four levels of UIM coverage limits and the increased premium Cohen would have to pay for each level. The highest of the four levels is equal to the limits of the liability and uninsured motorist coverage Cohen requested in the application form. Below that table, the application asks, “Do you wish to purchase underinsured motorist coverage?” and provides blanks next to the words “Yes” and “No.” A computer-generated “X” appears in the blank next to “No.” Thomason selected that “X” when she generated the form on her computer. The next line of the application states, “If your answer is ‘no’ then you must sign here,” and then provides a signature line. Cohen signed on that line. Below Cohen’s signature, the application states, “If your answer is ‘yes,’ then specify the limits which you desire. These limits cannot exceed your motor vehicle insurance liability limits.” The word “REJECTED” is typed below that instruction.
Based on this application form, Progressive issued Cohen a policy that did not provide UIM coverage.
In 2007, Cohen was injured while riding his motorcycle. He filed a declaratory judgment action asking that Progressive’s policy be reformed to provide UIM coverage.
Meaningful offer of UIM coverage
Automobile insurers are required to offer UIM coverage up to the limits of the insured’s liability coverage, according to the South Carolina statute. South Carolina courts have interpreted this to require that the insured be provided with adequate information to make an intelligent decision of whether to accept or reject the coverage.
In general, for an insurer to make a meaningful offer of UIM coverage, (1) the insurer’s notification process must be commercially reasonable, whether oral or in writing; (2) the insurer must specify the limits of optional coverage and not merely offer additional coverage in general terms; (3) the insurer must intelligibly advise the insured of the nature of the optional coverage; and (4) the insured must be told that optional coverages are available for an additional premium.
Here, the court found that Progressive made a meaningful offer based on (1) Thomason’s explanation of the coverage in her conversations with Cohen on the phone and in person, (2) the contents of the application form Progressive used to make the offer, and (3) the fact that Cohen signed the application’s acknowledgment stating he read the explanation of UIM coverage.
The insurance agent’s testimony as to her “general procedure” saved this case for the insurer. She was specific and credible. It is important to follow your agency’s standard procedures to the letter, including generating records with every customer phone call, working through checklists, and obtaining the customer’s signature.
If the customer turns down coverage, it is vitally important to document the discussion and the refusal.
Test your knowledge …
Workers compensation and volunteers
My customer runs a museum that relies on some volunteer workers. Some of the work they do involves physical labor. My customer would like to cover them on his workers compensation policy. Is this possible?
State laws are inconsistent on the matter of volunteers. Whether a volunteer is eligible for workers compensation benefits or not generally hinges on how the specific statute defines an employee.
For example, the Pennsylvania workers compensation act defines employee as “all natural persons who perform services for another for a valuable consideration. …” So a volunteer (unpaid) worker is not an employee under the act and its provisions don’t apply to the volunteer’s work. This is different from volunteer firefighters, emergency responders, etc., who are specifically mentioned in the statute as “employees” of their municipalities, and thus entitled to receive benefits.
Therefore, in Pennsylvania, volunteers are not entitled to workers compensation benefits under the law. The museum would not be able to find an insurer in the state that would cover its volunteers under a workers compensation policy.
Some states give employers a choice of whether or not to include volunteers. Some, like California, permit the extension of workers compensation to volunteers for public agencies and nonprofits. Because compensation premiums are based on payroll, and because a volunteer payroll by definition is zero, adding volunteers does not cost employers anything. In addition, it creates the same exclusive remedy for volunteers that exists for regular employees, so injured volunteers cannot bring suit against employers for work-related injuries.
If the risk of injury is low for the museum volunteers, accident medical insurance may be a better way to protect volunteers. Accident medical insurance is less expensive than workers compensation. However, it comes with maximum amounts of coverage, where workers compensation coverage is unlimited. This coverage obviously provides no liability protection for the museum for the actions of its volunteers.
Most people have health insurance, so it’s likely that the volunteers have their own coverage for any injuries that occur. Also, Obamacare (Affordable Care Act or ACA) requires everyone to have health insurance. So it would seem that the ACA will benefit organizations, like the museum your insured runs, that use volunteers. It would seem prudent for the museum to inquire about their health insurance when signing up volunteers.
Employee but acting as volunteer?
In a recent case out of Oklahoma, the claimant was a computer programmer and he suffered a heart attack while doing lawn work for his employer on the employer’s premises. He was not paid anything additional for the lawn work. He sought workers compensation benefits, which his employer denied. The employer denied that the claimant was working as an employee at the time of the injury and claimed that the injury was not incurred during the course and scope of his employment, because the claimant was acting as a volunteer when he was injured.
The Oklahoma Supreme Court awarded benefits. In Oklahoma, the statutory definition of employee provides that employee “shall not include any other person providing or performing voluntary service who receives no wages for the services other than meals, drug or alcohol rehabilitative therapy, transportation, lodging, or reimbursement for incidental expenses.” Here, the court found that the claimant was not “any other person” performing voluntary service without pay.
The claimant was a salaried employee at the time of his injury and was working at his employer’s behest, on the employer’s premises. The employer asked for help with the yard work at the office, and the employee volunteered to help. That the claimant “volunteered” to help his employer does not mean that he became a “volunteer” as defined in the workers compensation act. An employee does not cease to be in the course and scope of his employment merely because he is not actually engaged in doing some specifically prescribed task. If, in the course of his employment, he does some act which he deems necessary for the benefit or interest of his employer, he is still an employee.
Therefore, employers should be careful when they ask for employees to volunteer for extra work, especially physical labor work.
Two-minute memo …
Odd-lot doctrine and non-English-speaking workers
The inability to speak English may contribute to an injured worker receiving a workers compensation award under the “odd-lot doctrine.” A worker becomes an odd-lot employee when an injury makes the worker incapable of obtaining employment in any recognized branch of the labor market. An odd-lot worker is thus totally disabled if the only services the worker can perform are so limited in quality, dependability, or quantity that a reasonably stable market for them does not exist.
Under the odd-lot doctrine, the burden of persuasion on the issue of industrial disability always remains with the worker.
Nevertheless, when a worker makes a prima facie case of total disability by producing substantial evidence that he or she is not employable in the competitive labor market, the burden to produce evidence showing availability of suitable employment shifts to the employer. If the employer fails to produce such evidence and the trier of facts finds the worker does fall in the odd-lot category, the worker is entitled to a finding of total disability.
Factors to be considered in determining whether a worker is an odd-lot employee can include the worker’s reasonable but unsuccessful effort to find steady employment, vocational or other expert evidence demonstrating suitable work is not available for the worker, the extent of the worker’s physical impairment, intelligence, education, age, training, and potential for retraining.
In Merivic Inc., et al, v. Gutierrez, No. 2-722/12-0240 (Nov. 15, 2012), the Iowa appellate court found an employee permanently and totally disabled where the claimant, employed as a manual laborer, injured his wrist and shoulder. The court ruled that the claimant’s limited fluency in English reduced his earning capacity. The court dismissed the employer’s argument that the claimant lacked the motivation to learn English.
So what can your employer insured do to preclude paying total disability benefits to workers who face only a seemingly small impairment but possess no skills to find a new job? Employers should reasonably anticipate that an injury that limits the ability of a worker to return to manual labor work will have far more devastating consequences for non-English speakers than English speakers. This is especially important considering the propensity to hire non-English speakers because they are willing to work for lower wages.
To rebut a claimant’s evidence that he or she cannot find work as a non-English speaker, it is necessary to show the jobs that are available to the employee. Your insured will have to hire an expert to testify as to these potential jobs.
This month’s quiz tests your knowledge of homeowners insurance concepts.
1. For a partial property loss to be paid at replacement cost, what percentage of the market value of the home has to be insured?
a. 80 percent.
b. 100 percent.
c. 50 percent.
d. 75 percent.
2. In a homeowners policy, what is Coverage D?
a. Other structure.
b. Personal property.
d. Loss of use.
3. Falling object coverage is excluded from broad form homeowners policies. True or false?
Answers: 1a, 2d, 3b