قالب وردپرس درنا توس
Home / Insurance / Indiana Supreme Court Decrypts Computer Crime Coverage

Indiana Supreme Court Decrypts Computer Crime Coverage



The Supreme Court of Indiana recently overturned a trial court ruling and a confirmatory interlocutory opinion regarding the interpretation of a policy that provides coverage for cybercrime. I G&G Oil Co. in Indiana, Inc. v Continental Western Insurance Co. the Land Court rejected the lower courts' narrow interpretation of coverage and impractical view of causation. A copy of the decision can be found here.

More than three years ago, G&G Oil was locked out of its computer systems by a hacker after a fraud in social technology allegedly initiated by a targeted spearfish email. After consulting with the FBI and other technical services, G&G Oil paid a Bitcoin redemption to regain access to its computer systems and operations.

G&G Oil turned to its insurance company, Continental Western Insurance Company, and sought coverage under a policy that provided "Computer Crime Reporting." This provision agreed to cover "loss or damage … arising directly from the use of any computer to fraudulently cause a transfer of that property … ”Continental denied the claim that Bitcoin, according to Continental, was voluntarily transferred and did not depend directly on the use of a computer.

G&G Oil brought an action at the Indiana State Court.The trial court likened the attack on ransomware to a burglar climbing through a window rather than fraud, concluding that the hacker did not "fraudulently cause a transfer." the chain of events arising from the use of a computer. The Court of Justice granted a summary judgment to in favor of Continental and the Board of Appeal confirmed. In March, the Indiana Supreme Court weighed in and reversed both issues.

First, the Indiana Supreme Court considered the meaning of the phrase "fraudulently cause a transfer." The court considered the phrase to be unambiguous but was interpreted too narrowly by the lower courts. The Court reviewed the case ̵

1; law and dictionary definitions of the meaning of "fraud" and concluded that the phrase "can reasonably be understood as simple" to be heard. "where there are no security measures in place and a hacker can access the company's servers unhindered – in which case no 'trick' is involved. The court therefore concluded that neither party was entitled to a summary judgment as there were actual questions as to whether access to G&G Oil's servers was obtained by "trick."

Second, the Court analyzed the meaning of the phrase "derived directly from the use of any computer". In applying this standard, the Court did not agree with the Court's conclusion that "G & G Oil's voluntary transfer of Bitcoin was an intermediate cause interrupting the chain of causes." The court held that G & G Oil's transfer of Bitcoin met the standard because it "was almost the immediate result – without significant deviation – from the use of a computer."

Indiana Supreme Court decision is a refreshing reminder that royalties need to be interpreted for coverage and that context is crucial when assessing causation, which should be seen pragmatically. It is also a reminder that policyholders should carefully evaluate cyber policies, identify coverage gaps caused by inaccurate wording and strive to correct these provisions before starting coverage. In G&G Oil Justice David noted that "the interplay between computer fraud and computer hacking is an emerging area of ​​law." The uncertainty among the courts and the increase in ransomware attacks and other computer-related crimes emphasize the need for policyholders to be proactive in securing coverage for cyber incidents. G&G Oil provides courts with a good roadmap for evaluating coverage for properly covered policyholders.


Source link