Named insured and additional insured: Same policy, different coverage

In the recent decision, Sky Solar (Canada) Ltd. v. Economical Mutual Insurance Company, 2019 ONSC 4165, the Ontario Superior Court of Justice undertook a comprehensive overview of three fundamental concepts of insurance law, namely, the scope of coverage, forfeiture and the duty of good faith.

This decision is of interest to insurers, as it clarifies the coverage language contained in Additional Insured Endorsements in the context of commercial general liability insurance. Furthermore, it provides clear demarcation between reasonable and improper conduct by insurers when assessing coverage.

Facts

Sky Solar (Canada) Ltd. (Sky Solar) is a developer of solar energy projects.

Read more

Case Comment: Condo. Corp No. 0427067 v. Aviva Canada Inc., 2019 ABQB 678

Introduction

A new decision from the Alberta Court of Queen’s Bench provides a caution to insureds to double check the accuracy of a denial of coverage. Failure to investigate a denial made in error may mean a plaintiff is out of luck if it tries to bring a claim after the expiry of two years from the date of denial.

The Plaintiff Condominium Corporation (Condo Corp) brought a claim arising from the denial of a claim for water damage to a condominium known as the Palisades Park Villas in Edmonton (Property). In this case, the various insurers, who were subscribers to the Condo Corp’s policy of insurance, applied for summary dismissal of the claim on the basis that it was brought after the limitation period expired.

Read more

Penny wise, pound foolish: Necessity of getting cyber insurance

Introduction

As cybersecurity attacks and data breaches have become increasingly prominent and costly, it is essential that organizations have the proper policies and procedures to protect themselves against significant financial and reputational harm. However, these attacks and breaches cannot be eliminated entirely, even with the most robust security safeguards. Therefore, cybersecurity insurance can act as a last line of defense by protecting an organization from significant financial harm when a breach ultimately occurs. Effectively, businesses can use cybersecurity insurance as part of a holistic approach to managing cybersecurity attacks and data breaches. This article will discuss the importance of cyber insurance policies by providing an overview of the serious threats organizations commonly face today, what cybersecurity insurance is and what it offers, and the limitations of cybersecurity insurance policies.

Read more

Cyber Insurance and D&O Liability

Introduction

In the past decade, there have been several reports of cybersecurity attacks and data breaches to large corporations.1 In many cases, those affected by the breach want to hold the directors and officers accountable, as they feel the corporation failed to implement the proper security measures to prevent a breach from happening or did not effectively handle the aftermath of the breach. However, directors and officers generally enjoy limited personal liability subject to a few exceptions.2 Nevertheless, as more specific guidance emerges for directors and officers handling cybersecurity issues, the scope of this liability may widen.3 Thus, directors and officers should not take comfort in the substantial barriers that prevent them from being held liable for issues relating to the organization.

Read more

Practical Primer for Insureds and Insurers on Cyber Law

Key takeaways for the insured

Consider industry standards and best practices

  • Identify company’s legal obligations under federal and provincial privacy laws, securities laws, and policies and guidelines set out by industry regulators;
  • Develop and test an incident response plan;
  • Involve senior management, directors and officers, and legal counsel in creating the effective response plan for cybersecurity-related risks;
  • Train employees and educate staff so they are aware of their legal obligations;
  • Develop and enforce an information security policy; and
  • Participate in cybersecurity information sharing programs.

Determine your exposure

  • The most common attacks are social attacks (e.g., whaling), hacking and networking intrusions, and malware and end user attacks;
    • Social attacks are among the most common for senior business executives who have access to the company’s funds; and
    • Directors and officers may be held liable in the event of a cybersecurity attack or data breach if they failed to oversee and implement reasonable cybersecurity measures for the company, or failed to comply with any disclosure requirements after a breach occurred. 
Read more

Cyber law and insurance: Four part series providing an overview of the legal and risk landscape

Four corners of the Cyber legal regime

In Canada, several federal and provincial laws and regulations govern cybersecurity and data protection, each addressing a particular issue. Due to its complex nature, businesses should ensure they understand what legislation applies to them and identify what their obligations are under the applicable legislation, as failure to comply can result in significant financial and reputational harm. By understanding this governing framework, organizations can be proactive and implement the necessary procedures to ensure they properly protect their business and clients. This article will provide a brief overview of the relevant statutes, regulations and case law relating to data protection and cybersecurity.

Read more

Calculating Damages in Representations and Warranties Cases

This article is authored by Ephraim Stulberg for MDD Forensic Accountants.

Introduction

Mergers and acquisitions (“M&A”) can be a double-edged sword. When done right, M&A can allow acquirers to scale their businesses and create value through synergies. When done poorly, M&A can result in drastic overpayments for assets that are not nearly as valuable as believed and for economies of scale that are very difficult to achieve.

One of the main risks in M&A is information asymmetry: simply put, the vendor knows much more about its business than the acquirer. While the acquirer is able to perform due diligence, time pressures to close the deal mean that this process can sometimes be imperfect; issues are sometimes missed. 

Read more