Artificial intelligence (AI) has permeated various sectors, including legal research tools and advanced “smart” assistants capable of drafting contracts. It is increasingly evident that the legal profession cannot avoid its influence, and the same goes for the insurance industry. Interestingly, while cyber insurers seem to be maintaining their stance regarding AI risks, other crucial coverage areas are subtly shifting in ways that may not favor policyholders.
Understanding Cyber Insurers’ Steadfast Approach to AI Risks
In a surprising turn of events, cyber insurers are not exhibiting panic in response to the rise of AI. Rather, many are proactively incorporating affirmative endorsements that confirm coverage for incidents related to AI. From their viewpoint, AI represents a highly accelerated version of known risks rather than an uncharted territory. Challenges like deepfakes, social engineering, and AI-driven phishing attacks are not entirely new; they are simply becoming more sophisticated and difficult to detect.
However, this does not diminish the seriousness of the potential consequences. Picture a scenario where a deepfake video circulates, depicting your Chief Financial Officer authorizing a fraudulent monetary transfer. The implications could include severe financial repercussions and significant reputational damage. For the moment, though, cyber insurers indicate that they had anticipated these developments, and coverage remains intact.
Identifying the Growing AI Exclusions in Insurance Policies
The real challenges arise beyond the realm of cyber policies. Coverage lines such as management liability, directors and officers (D&O), errors and omissions (E&O), and others are beginning to incorporate sweeping exclusions related to AI.
Alarmingly, some policy language has become excessively broad. Certain insurers have implemented “absolute” exclusions, effectively negating coverage for “any actual or alleged use, deployment, or development of Artificial Intelligence.” This approach is not precise; it resembles using a sledgehammer instead of a scalpel.
Think about the implications:
– If your firm faces a discrimination lawsuit tied to an AI résumé screening tool, coverage may be denied.
– Negligence claims associated with an AI-driven contract review platform could also be excluded.
– Allegations of fiduciary duty breaches related to inadequate oversight of AI risks might not be covered.
Even routine disputes can escalate into debates regarding the role AI played. Consequently, the burden of risk is shifted back onto firms and their clients, often without their prior knowledge.
Why Legal Professionals Must Stay Informed About AI Risks
It is crucial for lawyers to approach this issue from two distinct perspectives. Firstly, as business leaders, it is imperative to scrutinize your firm’s policies for unnoticed AI exclusions. Secondly, as legal advisors, your clients will expect you to identify these risks within their insurance coverage. Overlooking these matters can severely damage both your trustworthiness and reputation.
This scenario is reminiscent of past events. The emergence of “silent cyber” risks infiltrated property and liability policies, leading to disputes over the coverage of various losses. Insurers gradually responded with exclusions and clarifications. AI seems to be on a similar trajectory, with exclusions appearing more rapidly and with less clarity.
What Steps Should Be Taken to Mitigate AI Exclusions?
Firms and their clients can adopt several strategies to stay ahead of these challenges:
– Conduct thorough reviews of insurance policies. Do not assume that existing D&O or E&O coverage comprehensively includes AI-related events. Search for exclusionary language, particularly for ambiguous or undefined terms.
– Advocate for clarity in policy language. If exclusions exist, negotiate precise definitions. What constitutes AI? Is it a predictive text feature or a chatbot? The vaguer the terminology, the more potential there is for denial.
– Investigate affirmative coverage options. Some insurers are beginning to introduce endorsements or new products specifically designed to address AI-related risks. If your firm or clients heavily rely on AI tools, these offerings should be thoroughly explored.
– Collaborate with brokers and risk managers. These professionals are often the first to detect emerging exclusions and can help secure coverage that aligns with your firm’s operations.
Stay Proactive and Aware of Insurance Policy Changes
On a positive note, cyber insurance continues to be a reliable option for businesses. However, the downside is that exclusions are infiltrating other policy types, and they are often crafted broadly enough to create significant challenges in the future.
Therefore, there is no need for panic, but vigilance is essential. These exclusions are more than hypothetical; they are already surfacing in policies. If you do not take proactive measures, you may find that the very AI tools enhancing your firm’s efficiency could also be the reason behind a denied insurance claim.
In summary, make it a priority to review your coverage this quarter to ensure your firm is protected before AI exclusions spread further.
Michael C. Maschke is the President and Chief Executive Officer of Sensei Enterprises, Inc. Mr. Maschke is an EnCase Certified Examiner (EnCE), a Certified Computer Examiner (CCE #744), an AccessData Certified Examiner (ACE), a Certified Ethical Hacker (CEH), and a Certified Information Systems Security Professional (CISSP). He is a frequent speaker on IT, cybersecurity, and digital forensics, and he has co-authored 14 books published by the American Bar Association. He can be reached at mmaschke@senseient.com.
Sharon D. Nelson is the co-founder of and consultant to Sensei Enterprises, Inc. She is a past president of the Virginia State Bar, the Fairfax Bar Association, and the Fairfax Law Foundation. She is a co-author of 18 books published by the ABA. She can be reached at snelson@senseient.com.
John W. Simek is the co-founder of and consultant to Sensei Enterprises, Inc. He holds multiple technical certifications and is a nationally known digital forensics expert. He is a co-author of 18 books published by the American Bar Association. He can be reached at jsimek@senseient.com.
For more of the latest in litigation, regulation, deals and financial services trends, sign up for Finance Docket, a partnership between Breaking Media publications Above the Law and Dealbreaker.
