“Insurtech” is a buzzword that’s currently written about frequently but seldom truly understood. This article discusses some of the legal issues of which insurance coverage practitioners representing policyholders, insurers, and other parties should be aware. First, it discusses what insurtech is and the kinds of uses to which it is applied. Then it discusses five topics involving insurtech: blockchain, artificial intelligence (AI), security, the Internet of Things (IoT), and quantum computing. The acronym for these five areas—BASIQ—provides a useful shorthand for an introductory exploration of the rapidly evolving insurtech phenomenon and a foundation for practitioners to augment their expertise to better represent and counsel clients. Within each topic, this article discusses some of the associated legal and ethical issues.
This article is not intended as an authoritative resource for insurance coverage practitioners or other readers. Rather, it is intended to educate practitioners by identifying, and providing some high-level discussion of, some of the relevant legal and ethical issues arising out of the emerging insurtech environment so that practitioners can issue spot for the benefit of their clients.
What Is Insurtech?
Many definitions of insurtech are circulating, making this a confusing and therefore all too commonly dismissed topic. For many uninitiated into the insurtech environment, the word is synonymous with any technology used in insurance. For purposes of this article, a working definition of insurtech is the employment of technology designed to squeeze out savings and efficiencies from an existing insurance model.
The discussion and related hand-wringing about the application of new technology is a recurring theme in the insurance world. One thing that’s different about the insurtech development is that it’s heavily driven by players outside the insurance industry. Specifically, tech entrepreneurs with access to new technologies are looking for applications and have seized upon the technologically challenged, notoriously slow-to-adapt insurance industry.
For example, Untangler is an insurtech that uses AI to recognize inbound customer or employee data in any format and transform it into readable data in seconds, which enables insurers to create quotes without having to convert the data. Untangler is headed by, and uses technology developed by, entrepreneurs Richard Stewart and Steve Carter.
In some instances, the tech entrepreneurs have started their own insurance companies. An example is Covered, an insurance company started by brothers Ross and Chris Diedrich, one of whom is a tech professional, which uses “intuitive technology” to better offer insurance policies to homeowners.
“Insurtech” isn’t just some new buzzword; it’s commanding a substantial flow of monetary and other resources in the insurance industry, despite the coronavirus pandemic. Specifically, in Q2 2020, global insurtech funding increased 71 percent quarter-on-quarter to $1.56 billion following a cautious Q1 2020.1 Total cumulative insurtech investment worldwide reached $2.725 billion since 2012.2 However, the overarching question seems to be whether, notwithstanding the formidable resources being devoted to it, insurtech will actually deliver a disruptive, beneficial shift in how insurance products and services are delivered to consumers or measurable benefits to insurers.
“B” Is for Blockchain
In the author’s experience, many insurance coverage practitioners either don’t know what blockchain is or have only a fuzzy idea of what it is. A blockchain is a digital ledger duplicated thousands of times across a network of computers designed to regularly update this spreadsheet.3 Blocks in the blockchain are comprised of digital pieces of information that exist in three parts: (1) stored information about transactions like date, time, and dollar amount of a purchase; (2) the identity of participants in those transactions; and (3) stored information that distinguishes one block from all other blocks.4
The information stored in a blockchain can come from anyplace, including social media and other “public” sources. For a block to be added to the blockchain, four things must happen: (1) a transaction must occur; (2) the transaction must be verified; (3) the transaction must be stored in a block; and (4) that block must be given a hash, or a unique code.5
Benefits for insurers. Blockchain offers various advantages for insurers over current data storage and access methods, such as (1) improved accuracy by removing human involvement, (2) greater privacy and security, (3) lower processing costs, and (4) decentralization.
Underwriting applications. Insurers can use blockchain to develop more accurate and individualized underwriting and pricing. For example, insurers can more efficiently identify a correlation between life insurance buyers and safe driving. Another example would be using a combination of policyholder-provided and third-party data to rate property risks.
Claims applications. Blockchain has its uses in handling claims as well. For example, carriers could cryptographically secure and share medical records between health providers to eliminate duplication and inefficiency. Insurers also could use blockchain to reduce fraud through inter-insurer sharing of “live” claims info on ledgers, more accurately than current Comprehensive Loss Underwriting Exchange (CLUE) or Insurance Services Office (ISO) processes. Claims-related applications could potentially benefit policyholders, too, because real-time data collection and analysis using blockchain conceivably could significantly speed up claims processing and payouts.
Other applications. In April 2019, Marsh announced it would roll out its “Proof of Insurance” blockchain platform to U.S. commercial clients. The platform will allow commercial policyholders to use a self-service digital app to “search, view, issue, and reissue their certificates of insurance on-demand 24 hours a day,” with additional capabilities to follow.6
Problems for consumers. The advent of insurtech raises various legal and related issues that impact insurance consumers and regulators. For example, what about transparency? Traditionally, insurers have gathered underwriting information from insurance consumers using policy application forms, credit checks/Dun & Bradstreet reports, and publicly available information from government or industry sources. Blockchain enables insurers to potentially gather and utilize a much broader array of information from sources of which consumers are unaware or that they would not necessarily anticipate as being a resource for underwriters.
Thus, blockchain potentially violates consumers’ right to “informational self-determination.” In this regard, Facebook blocked a U.K. insurer’s attempt to use language in posts to indicate driving quality.7 Similarly, the New York Department of Financial Services (NYFS) released new guidelines in 2019 that allow life insurers to use data from customers’ social media posts to determine premiums.8 However, the NYFS cautioned that insurers should not use an external data source, algorithm, or predictive model “unless the insurer can establish that the data source does not use and is not based in any way on race, color, creed, national origin, status as a victim of domestic violence, past lawful travel, or sexual orientation in any manner, or any other protected class.”9 Thus, “redlining” is clearly a danger about which insurance regulators should be concerned.
Given that insurers have argued and could again argue that the way in which they collect this data constitutes a trade secret, it could be difficult for insurance consumers to force insurers to disclose exactly how they’re getting underwriting and rating information.10 It’s possible that the Fair Credit Reporting Act might enable consumers denied insurance some right to know the basis for the denial and possibly a litigation recourse.
Other issues of concern to consumers include the accuracy of data and data security (discussed below). Questions will continue to arise concerning the accuracy of blockchain data; and, as coverage is declined either in the underwriting/procurement stage or the claims stage, or ratings and pricing issues arise, it’s unclear how exactly insurance consumers will be able to challenge blockchain-based decisions resting on inaccurate data.
“A” Is for Artificial Intelligence
Most of us have heard of AI and have a general sense of what it is. Nevertheless, a working definition for this discussion is that AI is the creation of intelligent machines that use algorithms to work and react like humans. Examples of AI include speech recognition, chatbots, and predictive analytics. The AI field is moving toward machine learning, where a computer uses data it collects in performing current AI applications to learn without human intervention.
Underwriting applications. A few examples of AI applications are helpful to provide context for its capabilities. Concirrus offers a platform that can determine if a vessel enters a war zone or ice zone. If so, the platform triggers the appropriate policies reflecting the time spent in the zone, with premiums that reflect the actual exposure, rather than assuming the vessel will spend some arbitrary amount of time in the zone based on statistics and applying that rate across the entire policy year. Concirrus analyzes static demographic vessel statistics and combines them with historic, real-time, and predictive behavioral data to determine correlations and risk indicators associated with a fleet. Using AI and machine learning algorithms, Concirrus can analyze insurers’ existing portfolios to better understand their projected loss ratio and how to construct their portfolio in the future. Thus, insurers can pool risks more precisely.
Another example is Root Insurance Company, an app-based insurance company. Root uses a customer’s smartphone’s GPS, accelerometer, gyroscope, and magnetometer. First, the customer does a three-week test drive to set a baseline for the customer’s driving habits and initial premium. Thereafter, Root monitors the customer’s driving and adjusts the premiums accordingly. Root claims its app can tell if a customer is in a plane, train, bus, or auto, and whether the customer is the passenger or driver.11
Root lists 10 ways that AI will improve car insurance:
- AI can detect fraud.
- AI can detect crashes and alert emergency personnel within seconds (and maybe report the claim, too).
- AI can price out bad drivers by detecting their habits and raising their premiums to the point they’re canceled or even become uninsurable (see the blockchain discussion).
- AI can improve driving skills by using telematics to analyze customer driving weaknesses—and tell customers how they can fix them.
- AI can warn drivers about dangerous situations before they appear, such as knowing a concert is occurring and that concertgoers will hit the road at a certain time and warning the customer to avoid that route.
- AI can help drivers avoid dicey routes, such as notoriously dangerous intersections.
- AI can scare away car thieves, using automatic GPS tracking and embedded sensors to report a car’s location.
- AI can provide fairer rates and avoid discrimination by basing rates on actual driving habits rather than “broad, clumsy categories like credit rating, location, gender, and marital status.”
- AI can detect impaired driving in real time.
- AI can make price-by-route possible.12
Benefits to insurers. Some of the advantages for insurers, apparent from the above list, include reducing labor costs, more efficient processing, and increased pricing accuracy. The attractiveness of AI for insurers is clear, as it takes much of the guesswork—and indeed risk—out of the insurance process, combined with blockchain (above) and the IoT (below) capabilities.
Issues for insurance consumers. While AI has the obvious ability to improve the insurance experience and value in many ways, consumers should have some concerns as well. For example, data inaccuracy might make the AI less accurate, too. If AI prompts an insurer to increase pricing for a route at a given time because possibly drunk concertgoers are hitting the road, and the concert is canceled at the last minute, the driver might be overcharged.
Another issue is the lack of human involvement in interactions. Beyond the frustration that many consumers report in using automated call answering systems and chatbots, many automated systems currently have trouble handling “exceptions.” Machine learning may overcome this obstacle, but, in the short run, AI is only as good as the inputs it uses; and if reality veers from the prediction, will consumers be able to challenge AI-driven decisions?
Finally, questions arise about the accuracy of AI-based pricing. Anecdotally, the author has spoken with one customer who signed up for Root, only to cancel after a few months when it seemed to her that the Root application was not pricing her coverage based on her conservative driving habits but rather her significant other’s more aggressive habits. Thus, it seemed that the Root app wasn’t distinguishing between the insured’s role as a driver and role as a passenger.
“S” Is for Security
Because insurtech is data-driven, the integrity of that data is paramount. Thus, data security issues naturally arise in any insurtech discussion. Using blockchain and new sources of data requires insurers to sharpen their focus on securing the data because the increased exposure for insurers and policyholders to cybersecurity threats is significant.
Another issue is who owns the data. Standard agreements in application forms and websites likely make it the insurers’ data. Consumers are less likely to read these forms than they are to read policy forms. This reality is only exacerbated when consumers obtain insurance through smartphone apps, where the text of standard disclosures and consent forms is smaller and spatially compressed.
If the insurers own the data, they may have a legal duty to keep it secure under laws such as the European Union’s General Data Protection Regulation (GDPR) and domestic analogs. The GDPR makes the data controller accountable for complying with the principles of lawfulness, correctness, and transparency in data processing; the limitation on the purposes of processing; the minimization and accuracy of the data processed; and the integrity and confidentiality of as well as limitation on data retention.
Among the concerns consumers may have is how personally identifiable the insurers’ data will be. Insurers will need to take care to employ techniques to achieve pseudonymization (the process of retaining information in a form that prevents user identification), and questions will arise as to whether that anonymization can be unwound, thereby exposing consumers not only to the negative consequences of data breach but also, perhaps, to discrimination or other prohibited practices. Similarly, insurers must give thought to where the data will be kept, e.g., on internal servers or in cloud storage. The latter raises clear privacy concerns.
Another issue will be the security of telematics devices. Much of the anticipated insurtech will come from existing telematics, such as vehicle “black box” devices, smartphones, and smart appliances. It’s conceivable that these devices can be hacked or otherwise compromised, leading to premium inaccuracies or worse.
“I” Is for Internet of Things
In the author’s experience, many insurance coverage practitioners aren’t familiar with the term “Internet of Things” or “IoT.” The IoT is a network of internet-connected objects able to collect and exchange data. Examples include smart home devices, telematics in vehicles, autonomous equipment, wearable health monitors (including smart watches), shipping container tracking devices, etc.
The IoT plays a key role in the future of insurtech, as these devices enable insurers to gather and react to real-time, real-world data rather than relying on relatively outdated statistics. Data from the IoT will not only feed blockchains but also drive AI applications.
In particular, the list of AI applications to improve auto insurance summarized above relies heavily on IoT-derived data to reach full potential. But some other examples include underwriting applications that allow insureds to “pay what they risk.” For example, telematic and wearable sensor data enables consumers to pay lower premiums for less risky behavior, including driving less and exercising more. Similarly, insurers might team up with smart home companies to offer policy discounts to users of automated loss prevention technology (such as plumbing devices that detect leaks and automatically shut off water flow and even report losses), enabling the cross-selling of devices and insurance.
On the clams side, IoT applications could enable insurers to more efficiently verify and settle claims by using IoT data to verify claims information rather than relying on more costly assessments and audits by adjusters and consultants.
Problems for consumers include privacy considerations. For example, IoT devices could report consumers’ whereabouts without their knowledge. Another concern is data inaccuracies driven by technological limitations. For example, many of us have experienced the limitations of smartphone GPS applications. If insurability and pricing decisions are directly affected by inaccurate IoT data, how will consumers be able to challenge them?
For insurers and consumers alike, IoT capabilities potentially increase claim severity. For example, the array of automotive sensors and related technology likely make vehicle repairs more expensive and, in turn, potentially increase premiums.
“Q” Is for Quantum Computing
The final topic is quantum computing and how it impacts insurtech. Quantum computing applies quantum theory and quantum mechanics to create next-generation computers hundreds of millions of times more powerful than today’s computers. For a non-techie, understanding the difference between quantum computing and classical computing is difficult, but the following simplified discussion gets the point across.
Classical computers use digital logic and bits.13 A bit is an idea, or an object, which is reflected by one of two distinct values (i.e., binary), typically labeled 0 or 1. In classical computers, bits are found on transistors within microchips. The transistors can be charged (1) or uncharged (0). Each transistor can only be in one state (charged or uncharged) at any given time, and therefore reflect only one value (1 or 0) at any given time—thus, the term “binary computing.” Even numerous transistors working simultaneously within a microchip can only process sequentially. Because of this limitation, processing speed is crucial to enable the conversion of sequential, binary processes into something relatively complex, like creating a Word document.
Quantum computers use qubits instead of bits. Qubits are not binary but instead can have multiple values simultaneously. Consequently, rather than processing sequentially, quantum computers can process multiple scenarios simultaneously, enabling vastly more complex and speedy processing. Some say that a 100-qubit quantum computer “would, theoretically, be more powerful than all the supercomputers on the planet combined.”14
Thus, the issues that arise with quantum computing in the insurtech context are not unique but merely amplifications of existing issues. For example, data security issues are already key in insurtech applications. With the coming advent of quantum computing, existing encryption technology designed to resist decryption based on sequential processing computers will be obsolete. Quantum computers are predicted to break through such encryption relatively easily. Similarly, the benefits of blockchain will be enhanced as quantum computers store and access such information at vastly faster speeds.
For insurers, this means quantum computers can, for example, model approaching hurricane impacts virtually instantaneously. They can detect and counter cyber threats in real time for insureds. They can detect and mitigate claim fraud more effectively.
For consumers, quantum computing could mean cyberattacks of unprecedented depth and frequency. It also means that there is virtually no privacy or security when combined with other technologies, such as the IoT.
The benefits and challenges associated with quantum computing are still the subject of research and discussion, but quantum computing is certainly going to transform the insurance landscape when combined with other forms of insurtech.
Insurtech is far more than the usual process of utilizing new technologies in the insurance world. Because of the rapidly increasing capabilities of technology itself—and innovative and impatient entrepreneurs driving insurtech and the insurance industry—insurtech is expected to quickly and dramatically disrupt the insurance world, creating new, and amplifying existing, legal and practical issues that will affect insurance coverage practitioners.
1. Quarterly InsurTech Briefing Q2 2020, Willis Towers Watson (July 28, 2020), https://www.willistowerswatson.com/en-US/Insights/2020/07/quarterly-insurtech-briefing-q2-2020.
3. Jenna Tropea, Insurance Disruption: How Blockchain Is Transforming the Industry, Starbridge Partners (Nov. 2019), http://starbridgepartners.com/2020/01/insurance-disruption-how-blockchain-is-transforming-the-industry.
6. Sally Roberts, Marsh to Begin Rollout of Proof of Insurance Blockchain Platform, Marsh (Apr. 25, 2019), https://www.marsh.com/us/media/proof-of-insurance-blockchain-platform.html.
8. Jessica Baron, Life Insurers Can Use Social Media Posts to Determine Premiums, As Long As They Don’t Discriminate, Forbes (Feb. 4, 2019), https://www.forbes.com/sites/jessicabaron/2019/02/04/life-insurers-can-use-social-media-posts-to-determine-premiums.
11. Driver or Passenger? It’s All in Your Test Drive Data, Root Blog (Jan. 29, 2018), https://www.joinroot.com/blog/how-root-knows-driver-or-passenger.
12. 10 Ways Artificial Intelligence Is Revolutionizing Car Insurance, Root Blog (Mar. 24, 2017), https://medium.com/@joinroot/10-ways-artificial-intelligence-will-make-car-insurance-awesome-a385492b30b3.
13. The discussion of classical and quantum computing is derived from Joseph Fernandez, Classical Computing vs Quantum Computing, Quantum1Net (July 19, 2018), https://quantum1net.com/classical-computing-vs-quantum-computing.
14. Tristan Greene, Here’s Why 100 Qubit Quantum Computers Could Change Everything, Next Web (Feb. 6, 2018), https://thenextweb.com/artificial-intelligence/2018/02/06/heres-why-100-qubit-quantum-computers-could-change-everything.