Document Type


Publication Date


Publication Citation

28 Connecticut Insurance Law Journal 130 (2021)


The study of the interaction between law and technology is more critical today than ever before. Advancements in artificial intelligence, information communications, biological and chemical engineering, and space-faring technologies, to name but a few examples, are forcing us to reexamine our traditional understanding of basic concepts in torts and insurance law.

Yet, few insurance professionals and scholars will identify themselves as working in the field of “law-and-technology.” For many of them, technology is “just a fact about the world like any other,” as Ryan Calo once put it, not one that always merits “special care.”

This short paper is an attempt to build a first-of-its-kind bridge between these two scholarly silos. Directed at an insurance audience, the paper attempts to draw attention to a body of law-and-technology scholarship that has so far gone mostly unnoticed by insurance professionals.

The paper is built on the premise that insurance lawyers, whose business model depends on the mitigation of losses from technological harm, are not dramatically dissimilar from their law-and-technology counterparts. Both are fascinated by the same set of questions: if, when, and how, might private and public regulation mitigate losses resulting from technological risk. The paper draws key concepts from the law-and-technology literature to explore the effectiveness and utility of regulation in mitigating risks from emerging, evolving, and disruptive technologies. The paper further identifies the different phases in technology’s life cycle and discusses the challenges that each of these phases introduces on the insurance market.

Relying on cyber insurance as its primary case study, the paper concludes by applying these insights to an assessment of a recent state-wide regulation, the New York Cyber Insurance Risk Framework, the first of its kind in the country. The paper demonstrates the promise and pitfalls of this type of regulation, taking into account broader trends in the cyber insurance market.