PlayStation hacking case draws fire from insurance industry backersReprints
The commercial general liability policy's advertising injury provision was never intended to cover cyber risks, say two insurance organizations in papers filed in connection with litigation in Sony's 2011 PlayStation Network hack.
“Finding coverage would flout decades of settled law in New York and elsewhere on the meaning and scope of widely used personal and advertising injury coverage provisions in CGL policies,” say the Washington-based American Insurance Association and the Complex Insurance Claims Litigation Association in a joint amicus brief submitted Wednesday to the New York Supreme Court's appellate division.
In February 2014, a New York judge held that Zurich America Insurance Co. was not obligated to cover Sony Corp. of America for litigation related to the 2011 hacking of its PlayStation Network under Sony's general liability policy.
The amicus brief submitted Wednesday in Zurich American Insurance Co. v. Sony Corp. of America et al. was filed in connection with that ruling's appeal.
The brief states that Coverage B, the personal and adverting injury coverage in the CGL policies, “encompasses only specific enumerated offenses, all of which require affirmative intentional conduct by the policyholder … Here, Sony in no way had any intentional or affirmative involvement with the alleged malicious theft of data by hackers.”
“It's not a general all-risk type coverage,” said Laura A. Foggan, a partner with law firm Wiley Rein L.L.P. in Washington, which was one of the law firms that submitted the brief.
The amicus brief also says there is no coverage because there was no publication of any material by Sony.
“There is no indication that Sony published any of the claimants' personal data, let alone that the information was published at all,” says the brief.