Florida Insurance Network

Image via Wikipedia

I’m actually pleased when I see mainstream media reports about privacy breaches, not because I’m a sadist but because it raises awareness like nothing else can.

In this case, the data breach came from BP, the mega-corporate oil-spiller that now ranks second only to the atomic power industry in earth-killing cred. Turns out BP has diversified. They don’t just leak oil anymore. And this latest mess provides a good object lesson in data-security and privacy-breach mitigation.

We all recall how BP and its partner, Transocean, turned the Gulf of Mexico into a giant gravy boat full of industrial oil and vinegar. Seems so quaint, doesn’t it, as we watch Japan and parts of the Pacific Ocean rendered utterly uninhabitable?

These days, though, it’s all about brand awareness and BP is back in the game, baby. Just this week the cyclopean oil producer revealed that it had lost a laptop containing the personal information of 13,000 individuals who filed claims for losses related to the Deepwater Horizon disaster.

We’re talking about phone numbers, Social Security numbers, addresses and such. The kind of stuff identity thieves truly covet. Just when these folks thought BP had made life about as bad as it gets,  BP made it worse!

Not to worry, though. A BP spokesman said he expects the damage to be quite modest indeed. Let’s hope he’s right. In case he’s not, BP is paying to help those folks monitor their credit, which is real generous considering the law entitles everyone to a free credit report.

Maybe BP will deign to pay for identity-theft recovery services, if and when some of these folks discover strange, new credit-card bills they didn’t know they had.

“Honey, did you spend $10,000 in Las Vegas last weekend?

“No, dear. Why do you ask?”

There is a lesson to be learned here. BP really does suck. Ok, wait, no, there is more than one lesson to be learned here.

BP tattled on itself largely because it had no choice.  State laws require businesses to fess up when they lose other people’s personal info. For example, Florida and most other states require so-called breach notices to mail to each and every person involved.

In this case, 13,000 is but a barrel in the ocean to BP but not to human-sized businesses like yours and mine. Do the math. Multiply 13,000 breach notices times the cost of a postage stamp. What is that now, 41, 42 or 43 cents? Let’s say 42 times 13,000. That equals $5,460 before you even count the cost of paper and printing. No biggie to BP but to you and me it is.

And that’s just the beginning. Since most of us don’t work for companies that are already universally reviled, we have good reputations to protect. How much is your business reputation worth? How much less would it be worth when customers get that breach notice telling them you lost their personal data?

Do they make insurance to help with that? Yes, they do.

Like a noxious neighbor, State Farm is expected to dump hundreds of thousands of Florida homeowners on the state’s bedeviled property-insurance market during the next two years.

State Farm insures a huge percentage of Florida homes. State of Florida worries that other companies won’t pick up enough slack, forcing state-run Citizens Property Insurance (the so-called insurer of last resort) to accept too much risk exposure.

The roof caves in, of course, if a major hurricane hits us. That’s when Florida might have to levy billions of dollars from millions of Floridians to cover claims that no one else can pay, including Citizens Insurance. Expert bean counters fear a bad hurricane season might even produce a fiscal disaster of historic magnitude.

Naturally, Florida wants to avoid this nightmare by spreading as much risk as possible to other insurers. That’s why state law requires insurance agents to write homeowners policies for at least one property insurance company before it permits them to write homeowners policies for Citizens.

The logic behind this is sound. We don’t want agents taking homeowners business straight to Citizens and loading it up with risk exposure. We want to help other insurers get a crack at the business in order to spread as much risk as possible.

The rule makes sense and it applies to all agents, except State Farm agents.

What?

Right. It’s a good rule but it doesn’t apply to agents who represent by far the single largest property insurance company in the state, which happens to be dropping all of its property insurance in Florida. Does that sound a little strange? Wildly contrary to good public policy? Bat-shit crazy? Wait … it gets even battier.

State Farm agents are so-called captive agents. State Farm won’t allow them to write homeowners insurance policies for other companies and, of course, it’s won’t provide any new property insurance of its own. That’s a bum deal for everyone.

So what does the sovereign State of Florida do in response? It not only made an exception to allow State Farm agents to take their clients property insurance directly to Citizens, it let them offer discounts on State Farm auto insurance as a reward for doing exactly what the law is intended to prevent.

We’ve heard of bending to the winds of adversity but do we have to bend all the way over?

Ask yourself this: Why would anyone shop for property insurance from other companies, using an agent they don’t know, when their friendly, familiar State Farm agent can obtain cheap insurance through Citizens and cut their car insurance as a reward?

Answer: they wouldn’t.

Maybe this works well for someone other than State Farm and its agents but we don’t know who.