“A-Eye” on Coverage: Maximizing Insurance for AI Risks Amid Emerging Exclusions

As businesses across nearly every industry continue to consider and adopt AI solutions for their operations, policyholders and insurers are evaluating the risks involved with pursuing those solutions. Under many existing insurance programs, AI-related losses continue to fall within the scope of traditional coverage. However, much like what the insurance industry has attempted to do with pollution and cyber risks, insurers are increasingly countering emerging AI risks by introducing AI-specific exclusions into their insurance policies and furthermore are attempting to market AI-specific policies as a separate insurance product.

For commercial policyholders, this means that what is covered today may not be covered at the next policy renewal and that proactive engagement with your insurance program is essential to addressing potential future losses.

Traditional Lines of Coverage Should Respond to AI Risks

Although the increased commercial use of AI will not alter existing exposures, it may create new exposures beyond those traditional risks. Fortunately, many traditional existing forms of insurance may respond to new AI risks.

For example, product liability exposures, such as autonomous vehicle accidents, often fit naturally within commercial general liability ("CGL") and/or product liability insurance programs. Discrimination by an AI hiring tool may fall under employment practices liability insurance or directors and officers ("D&O") coverage. Regulatory investigations or securities claims arising from a company overstating its AI capabilities may be covered under D&O and cyber policies. Privacy and data risks involved with biometric technology may trigger coverage under cyber, technology errors-and-omissions ("E&O"), or CGL policies. Even business interruption losses involving AI, such as a logistics platform failure causing supply-chain disruption, may be covered by cyber or property coverage.

These considerations are more fully detailed in our prior Commentary "Anticipating Artificial Insurer Defenses: Maximizing Insurance Coverage for AI Exposures."

Insurers Are Nevertheless Beginning to Add AI-Related Exclusions

For the first time this year, Verisk's Insurance Services Office ("ISO") introduced an optional form exclusion to CGL policies for loss "arising out of generative artificial intelligence." Given the insurance industry's heavy reliance on ISO forms, policyholders should expect potentially widespread adoption of this new form exclusion. Similarly, Berkley Insurance Company introduced its own so-called "Artificial Intelligence Exclusion (Absolute)" for use in D&O and E&O policies for loss "based on, arising out of, or attributable to" the use of AI, which the exclusion defines as:

any machine-based system that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments, including, without limitation, any system that can emulate the structure and characteristics of input data in order to generate derived synthetic content, including images, videos, audio, text, and other digital content.

If past is prologue, insurers may try to introduce similarly broad and vague exclusionary language at the time of renewal and use overly broad interpretations of such language to deny coverage for traditional claims, including those involving only incidental AI use. However, policyholders facing such tactics are not defenseless and can rely on well-established legal principles. These include traditional canons for interpreting insurance policies, such as requiring that exclusions be drafted in clear language, and that exclusions be interpreted narrowly in favor of coverage, with words interpreted according to their plain meaning as understood by an ordinary person.

What Policyholders Can Do Now to Maximize Coverage for AI Risks

Policyholders can take a number of practical steps. Risk managers and in-house counsel should develop a thorough understanding of how AI is being used across their businesses, including whether AI use is incidental or a core function.

When it is time for policy renewals, policyholders armed with this knowledge should scrutinize renewal proposals for new or expanded AI exclusions. If AI exclusions are included, policyholders should consider negotiating to eliminate them entirely or narrow their scope. For example, policyholders can attempt to narrow exclusionary language by eliminating vague phrases like "arising out of" or "in any way involving" AI. Consistent with the intent and scope of traditional insurance coverage, policyholders can seek to add carve-outs to the exclusions for incidental use and for other traditional risks such as negligence, vicarious liability, bodily injury, property damage, and security failures. Policyholders can also consider negotiating clear definitions of key terms such as "AI," "generative AI," and "use." Finally, policyholders may consider adding affirmative AI-coverage products that are beginning to appear in the market, including technology E&O, cyber, and some standalone AI policies.

And, when insurance claims do inevitably arise, policyholders should anticipate and vigorously resist insurance industry efforts to give overly broad and strained interpretations to any AI-related exclusions.