Coverage that excludes electronic data serves very little purpose in today’s business world. Many businesses have abandoned physical storefronts and the familiarity of face-to-face transactions and operate exclusively in the cyber world. Even businesses that operate out of physical buildings or structures no longer store information in filing cabinets, but in servers and electronic files that contain crucial and often irreplaceable information. I can’t imagine anything more frustrating than having to tell an impatient customer that you cannot fulfill their needs because your computers are down. With respect to the products offered, the insurance industry has done little to keep with the times. Smaller businesses are often forced to choose generic first-party ISO forms that exclude coverage for damage to electronic data (caused by e-perils) because such coverage is simply unaffordable.
In times where “LOL” is almost the universal language for friendship, it is hard to imagine that coverage does not exist for business income losses if the property did not sustain “physical damage” as a result of a covered peril. I certainly envision the future of business interruption litigation to revolve around the definition of the terms “property” and “physical damage” as the world continues to turn paperless and e-commerce related losses become more frequent than fires and hurricanes.
An example of a real life “e-dispute” is found in American Guarantee & Liability Insurance Co. v. Ingram Micro, Inc., No. 99-185, 2000 WL 726789 (D. Ariz. April 18, 2000). Ingram, “a wholesale distributer of microcomputer products,” purchased an all-risk property policy from American to insure against business interruption losses. The policy insured against “[a]ll [r]isks of direct physical loss or damage from any cause.” Ingram’s business operations depended solely on the functioning of a computer network used to conduct daily business. A power outage caused Ingram’s computer to lose all programming information from the random access memory, and it took almost eight hours for Ingram to return to full operation due to a malfunctioning matrix switch. American argued that there was no physical damage because the matrix switch and the computer had not lost the ability to accept data. Ingram argued that the term “physical damage” includes loss of use and functionality.
The trial court ruled in favor of Ingram holding as follows:
At a time when computer technology dominates our professional as well as personal lives, the Court must side with Ingram’s broader definition of “physical damage.” The Court finds that “physical damage” is not restricted to the physical destruction or harm of computer circuitry but includes loss of access, loss of use, and loss of functionality.
The court found support in the Federal Computer Fraud Statute, 18 U.S.C. 1033 where lawmakers around the country had determined that when a computer’s data is unavailable, there is damage; when a computer’s services are interrupted, there is damage; and when a computer’s software or network is altered, there is damage.
Although Ingram has not been widely followed, at least one court has found support for recovery under standard “all risk” policies for business interruption claims that result from corruption or loss of electronic data. In Southeast Mental Health Center, Inc., v. Pacific Insurance Co., Ltd., 439 F.Supp.2d 831 (W.D. Tenn. 2006) the plaintiff’s operations were interrupted after a storm and a power outage caused data loss to the pharmacy computer. Although the storm did not physically damage plaintiff’s real property, plaintiff sought recovery for business income losses that resulted from its inability to fill customer prescriptions on the pharmacy computer. The court, noting that the Ingram court’s reasoning was persuasive, held that “the corruption of the pharmacy computer constitutes ‘direct physical loss of or damage to property’ under the business interruption policy.”
Notably, Ingram and Southeast Mental were both broad forms with ambiguous electronic data exclusions. The insurance industry has since amended or endorsed these loopholes. Business owners and risk managers should therefore check their policies and consult their agents or attorneys to determine if their valuable data is covered.