Hunton Insurance Recovery Blog

This series addresses whether your company should consider protecting its products under the SAFETY Act, which serves as a governmental seal of quality and offers powerful litigation and liability benefits.  Part I of this series addressed the benefits of obtaining SAFETY Act coverage.  This post explains the levels of protection under the SAFETY Act and how your company should evaluate whether its products may be eligible.

The SAFETY Act is a highly effective risk management tool created to incentivize the development of anti-terrorism technologies—broadly defined—and to provide protections to providers of products and services meant to prevent or mitigate physical and cyber-attacks.  Among other benefits, companies receiving SAFETY Act coverage for their technologies have their potentially liability associated with an act of terrorism capped at the amount of insurance coverage required by the U.S. Department of Homeland Security (“DHS”).  Companies seeking to reduce their exposure to liability associated with cyber or physical attacks should consider applying for designation or certification under the SAFETY Act.  DHS has also approved a wide variety of other technologies and security programs for protection under the SAFETY Act. 

It is not just your imagination:  verdicts are getting bigger.  So-called “nuclear verdicts” have increased in size and frequency over the past decade, particularly after the COVID-19 pandemic.  Litigation risk insurance is a little known, but highly effective, option meant to compliment traditional insurance products and provide additional protection for policyholders nervous about litigation exposure.

Timely notice is an important first step in a successful insurance recovery.  But insurance policies are not always straightforward in identifying how, when, and to whom notice must be provided.  Some states may also impose additional procedural hurdles, including requiring policyholders to contact their insurers before filing suit (the idea behind this requirement is that it may avoid litigation).  Failing to comply with pre-suit requirements can hurt the policyholder’s recovery, as illustrated in a recent decision from the Northern District of Texas. 

On August 21, 2023, Southern California was hit by its first tropical storm since 1997.  The remnants of Hurricane Hilary brought record-breaking rainfall and knocked out power for thousands of Californians. This storm follows devastating wildfires in Maui, which killed over 110 people, and hot tub temperatures off the coast of Florida: the ocean reached 101 degrees (it should be just 74-88 degrees). The ocean’s record temperatures may strengthen the severity and prolong the season of this year’s hurricanes, which already plague Florida. According to an Accuweather meteorologist, the warm weathers are “just inviting a big system to hit the state again this year.” His prediction may prove true: Tropical Storm Idalia, expected to strengthen into a major hurricane, is scheduled to hit Tampa on Wednesday.

Last week, we published a client alert discussing the importance of cyber and directors and officers liability insurance for companies and their executives to guard against cyber-related exposures.  In today’s ever-changing threat landscape, all organizations are at risk of damaging cyber incidents, and resulting investigations and lawsuits, underscoring the importance of utilizing all tools in a company’s risk mitigation toolkit, including insurance, to address these exposures. 

Hardly a day passes without hearing about another major cyber incident. Recent studies show that cybersecurity incidents are becoming more common, but they are also costly, with some reports estimating an average cost of $9.44 million for breaches in the US. In recognition of this mounting problem, government agencies continue to ramp up enforcement and issue new rules, regulations and other guidance aimed at curbing cyber risks. Last week, the SEC adopted final rules requiring registered entities to periodically disclose material cybersecurity incidents and annually disclose their cybersecurity risk management, strategy and governance plans. In announcing the new rules, the SEC specifically noted that “an ever-increasing share of economic activity is dependent on electronic systems.” According to SEC Chair Gary Gensler, “Whether a company loses a factory in a fire—or millions of files in a cybersecurity incident—it may be material to investors.” 

While liability for PFAS—Per- and Polyfluoroalkyl Substances, also known as “forever chemicals”—may be an emerging issue, the availability of insurance coverage for these and similar liability claims is not. “Commercial general liability,” or CGL, insurance was specifically designed to cover claims made by a company’s customers or customers of customers for resulting bodily injury and property damage. PFAS claims fit this bill. 

Though insurance companies have attempted to deflect from this intentionally broad coverage, CGL exclusions traditionally have been narrow. Even “pollution exclusions,” which have been raised by insurers facing PFAS claims, have limited scope. PFAS are products; and, thus, when drafting pollution exclusions, the insurance industry represented to regulators that they should apply only when (1) insurers can prove the policyholder expected or intended the alleged injuries and (2) only to true “industrial” pollution.