Could AI herald a “new silent cyber” crisis? The boom of AI has impacted the daily operations of almost every industry and role. But most carriers will not have accounted for the new, highly unfamiliar risks that this technology brings to the table in their pricing and underwriting of policies. This article will explore the policies that are most likely to be affected by the boom of AI tools including patent infringement and intellectual property rights, errors and omissions coverage, professional liability policies, and directors and officers liability coverage.
Introduction: New Silent Cyber Risk & AI
Seasoned insurance professionals will remember all too well that, not too long ago, underwriters were blindsided by a similar phenomenon. As cyberattacks increased in severity and frequency and the issue of cyber risk became a key concern, carriers faced growing numbers of claims made on non-cyber insurance policies that had not explicitly excluded or included coverage of cyber-related incidents. This lack of clarity came to be known as ‘silent cyber’ or non-affirmative coverage. Similarly, because generative AI is so new, a discrepancy between what is happening and what underwriters are including in insurance policies has arisen. This could lead to, not only a new “silent” risk, but increased chances of coverage overlap too.
CGL and IP
Growing deployment of AI across product development, coding, service delivery, and customer interactions has amplified the risk of unintended exposure in intellectual property (IP) rights and patent infringement coverage, typically found in commercial general liability (CGL) insurance policies. Coverages addressing IP and patents, which vary widely, present ample opportunities for loopholes to be leveraged in AI-related IP claims. When AI is instructed by a user to produce images, texts, or other products these prompts could contain copyrighted material that was used to train the AI output. Have a look at this case that hit the news concerning Game of Thrones. Additionally, when AI is being used to develop a pre-existing product, these tools could inadvertently infringe on third-party intellectual property rights.
Key areas for underwriters to consider include:
- The level of compliance of the AI deployed with the relevant compliance with copyright laws.
- In CGL policies, language around “advertising injury” claims should be narrow in scope, as these clauses will cover policyholders in cases of inadvertent copyright infringement.
- Specialist, standalone IP insurance policies are concerned will often cover both defense against IP (copyright and trademark) violation claims. Policyholders may also leverage this policy to assist with enforcing intellectual property rights, such as a challenge to rights for AI-generated content.
Cyber
These policies may also cover problems resulting from use of generative AI due to its extensive use of data.
Key underwriting considerations include:
- Data manipulation risk: cyber policies may extend coverage to address issues arising from the utilization of generative AI, given its heavy reliance on data. When AI manipulates data, and if that data includes protected information, it could potentially lead to liability risks.
- Exclusions: if they do not affirmatively address AI, then any liability arising from data handling involving AI may result in a successful claim.
- Protected Information: the policy may define and cover situations where generative AI interacts with sensitive or protected information.
- Data Privacy Regulations: the policy should be aligned with any compliance requirements in cases where generative AI interacts with data that falls under legal protection.
E&O and Professional Liability
Errors and Omissions (E&O) coverage protects against liability that occurs from mistakes made when providing professional services. Although uptake on new technologies in this sector is typically slow, as professional services continue to rely on AI tools, new problems arise. There can be an information gap in the data used to train AI which could lead to faulty results, databases become filled with inaccurate data sets, and work can become riddled with mistakes. We have already seen some of these risks materializing: a lawyer was recently caught out for citing bogus cases in court that were fictionalized by ChatGPT. This real-world scenario underscores the pressing need for professional liability policies among service providers, spanning various sectors such as legal, engineering, accounting, medicine, and beyond.
Considerations when considering this new silent cyber risk in this line of insurance include whether the insured has a comprehensive understanding of their professional obligations when incorporating AI tools into their practices. This should be combined with an unwavering commitment to maintaining the highest standards of professional conduct and service quality. In addition, insureds should have protocols in place that foster a culture of proactive due diligence and audits documents generated by AI to ensure accuracy and compliance with professional standards. The integration of AI tools should align seamlessly with an unwavering commitment to maintaining the highest standards of professional conduct and service quality.
D&O
Directors and Officers (D&O) liability coverage protects a company’s board and management from liability. If AI tools are being used by directors and officers, and a mistake is made or the content is biased this could cause damage to the company and its shareholders. AI-related D&O risks can include security claims, breach of fiduciary duty claims, misrepresentation claims, lawsuits, and more. Additionally, a potential liability can arise from the use of AI tools to create financial reports that offer recommendations on hiring decisions or corporate actions.
Managing the rise of AI and new silent cyber risks going forward
In conclusion, while a definitive solution to a new silent cyber era remains uncertain, insurers and underwriters must engage clients in AI-related discussions. Staying informed about evolving risks and legal changes is crucial, especially across diverse jurisdictions. As corporate giants dominate major insurance markets, smaller companies face heightened infringement risks due to increased AI use. Thus, underwriters must remain vigilant in this evolving landscape.