It might sound good, but it is not. There have been numerous data breaches over the last few years from Sony to Target to the Pentagon’s Joint Staff. It can be very costly too, both in terms of lost business and legal costs. Most policies do not explicitly cover cyber liability. Recent court cases show how aggressively insurance companies are looking at policies to find exclusions for coverage if one has a cyber event. General business policies cover the company if an employee steals the information and posts it, but don’t account for a third-party posting it.
There are also new recommended exclusions that have hit the insurance market, so you are likely to find new policies are affirmatively excluding cyber coverage. It’s still available, but as a separate policy! Make sure to read the fine print if you are up for a new or renewed policy, and talk to your agent and/or attorney if you have questions.
Not only can you get cyber insurance, but look at products to encrypt and protect your data. Persistent Systems and their Wave Relay technology was at AUVSI last year and they are a good example of high-level communications. This isn’t what you find on a DJI Phantom, though. There are downsides to this – the more heavily encrypted a communications system is, the more expensive it is. You also run a greater risk of it being ITAR or EAR controlled.
Some cases you can check out, if you’re interested in the nitty-gritty details:
Hartford Cas. Ins. Co. v. Corcino & Assocs., 2013 WL 5687527 (C.D. Cal. Oct. 7, 2013).
Nat’l Union Fire Ins. Co. of Pittsburgh, Pa. v. Coinstar, Inc., 2014 WL 3891275 (W.D. Wa. Aug. 7, 2014)
Recall Total Info. Mgmt., Inc., v. Fed. Ins. Co., 147 Conn. App. 450 (2014)
Zurich America Insurance v. Sony, 2014 N.Y. Misc. LEXIS 5141
– By, Kristen Lincoln