The Internet – that technological wonder of World Wide communication has spun a whole new “WEB” of liability exposures to individuals & businesses. It’s a fact that many retail furniture operations haven’t thought about, but should.
Prior to 1984, computers were BIG, costly central systems owned by large companies. Remember COBOL or Fortran?
Personal Computers (PCs) did not exist except as games. Remember playing Pong?
In 1982 the first PC was introduced by IBM. Macintosh Apple followed in 1984. Today 75.6% of US households own a PC. 30,000,000 pay their bills via the Internet and 50,000,000 bank online. Over 50 percent of the US population shops and buys online generating about $1 trillion in sales yearly.
Internet traffic in the US has increased 15 percent every year for the past 10 years generating 12 trillion emails. There are more than 150,000,000 websites internationally that sell a product, distribute information or provide a service to 1.6 billion people.
Today the news is full of stories about threats directed against countries and large business including media giants, financial institutions and technology companies. And although high level hackers may not be targeting your store specifically, you are still at risk of loss from a number of internal and external exposures including:
Direct Damage or Destruction of your systems software and electronic data by outside sources.
These include fire, wind, vandalism, flood etc., system malfunction, program errors, employee error, or others, or intentional acts of others such as Viruses, Worms, Trojan Horse.
- Virus – A small piece of software that piggybacks on real programs. Once it is running, it can spread to other programs and documents.
- Worm – A small piece of software that uses computer networks and security holes to replicate itself.
- Trojan Horse – a computer program that claims to do one thing, but actually does damage when it is run.
In 2000, the ILOVEYOU virus attacks hundreds of corporate computers in which the cost was billions of dollars in lost income and additional programming needs.
Loss of Income due to the suspension of your business.
Your liability would be the cost to reprogram and restore data because of the damage or destruction as described above. Also, your system may be shut down due to a Virus threat, Denial of Service Attacks (system saturated with outside requests causing it to be unresponsive), Mail Bombs (website receives emails from a bogus source which explode upon opening).
Recently a dealer’s website was vandalized by hackers who installed profane language. The site was shut down for many days. $1,800,000 was the cost to restore the site including loss of income.
Loss of Market Share.
This could certainly result from the suspension of your operations or bad publicity following a loss.
Remember Circuit City? In September 2008, 6,000,000 Circuit City credit card holders were notified that computer tapes containing their personal information was mistakenly thrown out.
Theft of a Customer's Personal Data. In 2006 laptops were stolen from three Sovereign Bank employees’ vehicles that contained customers’ personal data. The bank was forced to advise thousands of customers that the personal data was at risk.
Damage to Others Data or Software and Subsequent Loss of Income.
What if your company accidentally transmits a virus or faulty data to a customer or supplier?
- Perhaps a disgruntled employee intentionally acts maliciously by transmitting a virus to a customer via your email system.
- Or, your company's website that is considered secure has its email system infected by a virus. An employee transmits this via email to several customers. Those customers then file claims against you for the cost of cleansing their systems.
Theft of Money or Intellectual Property.
- One of your employees uses their personal computer to access the company's customer database which is then printed and sold to a competitor or a computer hacker that gains access to company files and steals your software development programs.
Extortion.
- A hacker might scramble codes, encrypt programs then hold your data for ransom.
- One of your employees or someone else could demand money under the threat of unleashing a virus that would delete information or release confidential information over the Internet.
- Or, you might receive an email claiming that the sender has penetrated your firewall and copied customer’s credit card information. The sender threatens to post the information on the Internet unless $1,000,000 is received within hours.
Defamation.
- Employee sends an email to company officers questioning a vendor’s professionalism. The officers distribute the email throughout the company. After learning of this email the vendor sues you alleging defamation.
- You launch your new website that includes unfavorable remarks about one of your competitors. The competitor then sues alleging defamation.
Infringement.
- Your company posts files that contain copyrighted clip art on its web page. The owner of the clip art sues for infringement.
- You attempt to increase the hit ratio on your website by listing several famous lines on the Meta tag even though you do not represent them. One of the lines sues for trademark infringement.
Invasion of Privacy. One of the nation's largest health insurers inadvertently sent emails to members containing confidential medical and personal information of other members. Lawsuit filed for millions of dollars alleging invasion of privacy.
Harassment.
- An employee posts a joke on your company's email that contains language that is offensive to female employees. One of the female employees then sues alleging workplace harassment.
- Employee sends an email describing a certain customer as a hot babe. In addition he expresses a desire for a sexual relationship. However, the fellow employee who receives the email is not his friend and he forwards the email to the customer who then sues the company and employee for sexual harassment.
Identity Theft. Certainly last but not least as this is the most common exposure we see. Criminals steal information about a person to impersonate them and acquire credit under their names. The victims are then left with bad credit ratings and the cost to repair the damage may be considerable.
According to 2008 estimates there were 8.1 million victims of Identity Theft in United States which had a $48 billion price tag. The average number of hours spent to recover from Identity Theft is 600.
How To Protect Your Business
Although the E Risk is still new to all of us including the insurance industry where coverage premiums currently trend high due to the “UNKNOWN” and lack of rate setting experience, the standard of the industry is being addressed by a few available endorsements:
- Identity Fraud Expense coverage for homeowners policies.
- Electronic Commerce for business policies.
- Electronic Data Liability for business policies.
Here is a list of specialty carriers providing E-Commerce policies.
Ace - SafeCommerce, SafeEnterprise
AIG - netAdvantage
Arch - WebNet Protection
Chubb - ForeFront, SafetyNet, Intellectual Property and Communications Liability
Gulf - Cyber Liability Plus
Hartford -FailSafe
Liberty Surplus - Internet Advantage
Lloyd’s - e-Comprehensive, Media Tech
Zurich - E-Risk Edge
Building a website can be simple but the onslaught of exposures is not. Be Prepared, as you venture on to the World Wide Web, realize that the liability exposures that you face are still emerging, evolving and complex.
I strongly suggest that you identify your particular exposures and to get a quote to determine the costs on this type of insurance to cover those exposures and your ASSets!