Facebook Settlements – Cyber and D&O Liability Implications

Facebook Settlements – Cyber and D&O Liability Implications

July 31, 2019 Business Insurance and Risk Management, The Beacon Blog 0 Comments

On July 24 the Federal Trade Commission fined Facebook $5 billion for violating consumers’ privacy. (Although this was the largest penalty of its kind ever imposed, two Democrats on the FTC said it didn’t go far enough.) At the same time the Securities and Exchange Commission announced a $100 million settlement with Facebook of allegations of misleading investors about misuse of their user data. Facebook is still facing European investigations of possible GDPR violations, and a class action lawsuit arising from Cambridge Analytica’s misuse of their data.

While Facebook may consider these settlements as part of their cost of doing business, smaller companies are also at risk for privacy breaches and violations. The FTC, SEC and other regulators will not limit their actions to large corporations. Private companies may not have to contend with shareholder suits, but consumers will hold them accountable for data breaches and privacy violations.

In addition to ensuring that officers and directors properly manage their data, any company of any size needs insurance to cover actual or alleged privacy violations. This includes Cyber insurance to cover security and privacy liability, breach notification costs and regulatory fines and penalties. Private as well as public companies need protection from suits by consumers and regulators. Because Cyber and Directors and Officers Liability policies can be complicated and may include significant restrictions of coverage, before buying insurance have a Beacon adviser review your policies.

About the Author

Harry Cylinder

Harry Cylinder, CPCU, ARM has spent nearly fifty years in the insurance industry, the majority of the time as a consultant. He has been employed by The Beacon Group of Companies since 2008, specializing in the review and analysis of property and casualty coverage forms. Mr. Cylinder has been reviewing policy forms as they have evolved over the past decades. In 2008 he published an article in the CPCU Journal which was the first description of cyber insurance coverage for a general insurance audience. Since that time he has regularly written on cyber and other topics for The Beacon Companies’ blog.