“Big data” in the consumer insurance context refers to the enormous data sets at the disposal of insurance providers which enable them to engage in cost effective, innovative forms of information processing for enhanced insight and decision-making.Footnote 1 This is normally made possible by algorithms capable of identifying patterns in the vast amount of data sets available. Once a pattern reliably emerges from the examination of data sets, it can be used as the basis for the operation of predictive analytics.Footnote 2 Machine learning plays a vital role in predictive analytics. It is one of the main ways in which artificial intelligence is being applied, with algorithms that can learn from examples and can improve their performance with more data over time.Footnote 3 Out of several machine learning models that exist, neural networksFootnote 4 and Bayesian networks,Footnote 5 are the ones often employed by insurers as part of risk assessment process.Footnote 6 Having learned from the new data and refined correlations, the algorithms are then able to fine tune their predictive power as well as making automated decisions. This is known as “deep machine learning”, which is a branch of machine learning relying on complex statistical models and algorithms with multiple layers of parallel processing that loosely model the way the biological brain works and is used by insurers when analysing vast amount of data they gather on potential cover holders.
In addition to big data analytics, insurers today use various sensor technologies to obtain regular and real-time data from insurance subjects, which is often used not only as part of risk assessment exercise but also as the basis of offering individualised insurance products for their customers. For example, a telematics device, which is often plugged into the on-board diagnostic port of a vehicle,Footnote 7 collects information on driving behaviour, including geographical position, speed, acceleration and braking severity, vibration and impact events, and forwards it to motor insurers. Some home and contents insurers provide their customers the opportunity (and often incentives in the shape of discounts) to use home telematics devices, which are often connected to smoke alarms, carbon monoxide detectors, smart locks and doors and windows, and transmitted to inform insurers or customers instantly in case of an irregularity. Similarly, some life and health insurers provide wearables to their customers that gather and transmit real-time data about blood pressure, blood sugar and heart rate to insurers.Footnote 8 Such wearables can also be used to monitor various aspects of an individual's well-being, including diet, weight, sleep and exercise.
It is envisaged that these new technologies have the potential to transform the insurance industry and customer experience particularly in two ways:
(1) The growing amount of data, increasing computing power and big data analytics allow insurance companies to identify risks in a much more granular and sophisticated manner (also known as “risk individualisation”); and
(2) The use of sensor technology enable the gathering of real-time and personalised data, allowing insurance companies to customise insurance products (also known as “risk customisation”).Footnote 9
It is anticipated that application of these new technologies could pose significant practical and legal hazards for consumers.Footnote 10 Broadly speaking, the primary objective of this article is to evaluate whether the current regulatory environment is fit to provide the desired protection for consumers.
There is no doubt that regulating artificial intelligence has been on the agenda of regulators for the last decade. Recently, for example, the European Commission has published a formal proposal for an EU Regulation to establish a uniform regulatory framework to deal with artificial intelligence systems.Footnote 11 Under these proposals, certain artificial intelligence practices (such as systems that have a significant potential to manipulate persons through subliminal techniques beyond their consciousness) are prohibitedFootnote 12 and artificial intelligence systems that are deemed to be high-risk are only permitted subject to compliance with certain mandatory requirements and an ex-ante conformity assessment.Footnote 13 Obviously, the proposed regulatory framework will not apply in the UKFootnote 14 and currently the UK does not have a specific regulatory approach to artificial intelligence. However, the author is firmly of the view that developing an overarching regulatory regime could be rather problematic given that artificial intelligence systems are often employed for various purposes and normative values that need to be protected might differ significantly from one application to another. For example, using big data and algorithms might potentially have significant adverse impact on privacy of individuals and could have discriminatory consequences. On the other hand, using artificial intelligence in law enforcement might infringe on human dignity and impose significant restrictions on liberty. Hence, an overarching regime might fail to achieve the desired result.Footnote 15 One should also not lose sight of the fact that even if a framework akin to the proposed EU Regulation were to be put in place, it is highly unlikely that the use of big data and machine learning in risk rating process for underwriting purposes will be treated as a high-risk artificial intelligence system, and so it will be subject to less onerous regulatory requirements.
The thrust of this article is, therefore, to deliberate which fundamental values of consumers are at risk as a result of using big data and machine learning in risk individualisation and customising process. The author advocates that this area needs to be prioritised by regulators given the fact that using such systems on risk individualisation process could have adverse consequences on several fundamental rights of consumers and the fact that the current data protection and consumer laws fail to provide adequate degree of protection. To this end, the article sets out the scope and nature of such regulatory interference required specifically for the insurance sector to protect consumers from the unregulated and unlimited use of big data analytics by insurers.Footnote 16 On the issue of risk customisation (e.g. use of telematics), it is concluded that the current legal rules provide an adequate degree of protection for consumers unless, of course, sensor data is used by insurers as part of risk assessment process.Footnote 17
II. Risk Individualisation
Algorithms and machine learning could enable insurance providers to profile each individual and the risk they pose to a much more granular degree. As a result of more precise risk profiling, as opposed to reliance on traditional generalised linear models to assess and price risk,Footnote 18 greater segmentation of risk pools defined by various factors (such as age, gender, health, work and social activity, shopping preferences and even social media activity) becomes possible. As the theory goes, this gives insurance providers an opportunity to assign each individual to a risk pool that better matches his/her attributes. As a result of such focused risk individualisation, individuals will no longer pay the average premium payable by those with whom they share a few actuarially relevant characteristics. At least, this is the message that insurers are pleased to promote as one of the breakthroughs facilitated by big data;Footnote 19 and there is evidence that some insurance providers have started using computer algorithms to this effect, especially in consumer insurance.Footnote 20 Naturally, insurers see this development as mutually beneficial, given that traditionally a considerable amount of employee time is spent on data processing.Footnote 21
On the face of it, limiting situations in which individuals are expected to pay for the risk created and damage caused by others is a very attractive proposition. However, the devil is in the detail. It is submitted that “risk individualisation” facilitated by big data analytics could create numerous difficulties that require further examination. In particular, unlimited and unregulated use of such analytics could infringe privacy of consumers as well as potentially having discriminatory consequences for those seeking insurance cover. Furthermore, as a result of a granular and more sophisticated risk assessment process some individuals might end up not being able to obtain insurance at all or can have access to insurance at a very high rate due to factors beyond their control, such as genetic predispositions. It is also possible that errors in the design of algorithms might create unintended consequences for consumers. The rest of this part will engage in a legal, technical and economic exercise with the objective of suggesting solutions to the problems emerging.
A. Privacy Issues
Given the enormous capability of software platforms, which apply risk prediction models based on algorithms, to derive and analyse data from various sources including internet searches, social media accounts, shopping and purchasing information obtained from credit card companies, it will not be an exaggeration to suggest that privacy of customers is in peril. It is very likely that consumers applying for motor insurance would not know what information is held about them and how that information is sought to be relied upon in assessing the risk. This information might potentially be harvested without informed consent and often without knowledge of the content generators.Footnote 22 There is also the risk that the information relied on for risk assessment may be inaccurate, though no opportunity is offered to the proposer to correct it. Such an intrusion of privacy could have adverse consequences for the consumer; and concerned about the consequences of their social network activities on their insurance premiums, some consumers might remove their social media accounts altogether.
However, perhaps the most alarming issue is the lack of any time restriction on the use of data obtained from a social media account or another source about an individual in terms of risk assessment. Against the legal background that a caution or even a conviction becomes spent after a certain period of time and does not need to be declared for most purposes,Footnote 23 it might come as a surprise to most that in the new brave world of insurance algorithms, a moment of idiocy captured on a smartphone or posted on a social media platform creates a digital record and in principle remains accessible by insurers and others forever. Such data could be used by insurers to draw conclusions as to the lifestyle or personality of an assured applying for insurance.
1. Deploying the doctrine of good faith to ease privacy concerns
Privacy concerns in this context have led some commentators to seek refuge in a cornerstone doctrine of insurance law – utmost good faith – in order to provide a protection to consumers. It has been argued that the duty of good faith disclosure should be expanded to require insurers relying on big data to explain all risk-related information, to have an actuarial basis for the use of that information and to identify which risk factors have a particular bearing on the price of a particular risk.Footnote 24 Of course, this potentially gives the assured the opportunity to correct inaccurate data. The judicial justification given for this stance is section 17 of the Marine Insurance Act (MIA) 1906, which now simply stipulates that a contract of insurance “is a contract based upon the utmost good faith” without specifying any remedy.Footnote 25 It has been argued that this section by analogy could be used as the basis of implying a duty of disclosure to insurers to inform assureds of what information they hold following a risk assessment carried out by processing big data.Footnote 26
Conceptually at least, such an expansion of the duty of good faith is plausible. The Consumer Insurance Disclosure and Representations Act (CIDRA) 2012, which applies to any individual “who enters into contract wholly or mainly for purposes unrelated to the individual's trade, business or profession”,Footnote 27 does away with the insured's duty of disclosure.Footnote 28 However, the legislation is silent with regard to the pre-contractual position of the insurers. This presumably means that the general doctrine of good faith that applies to insurance contracts, as encapsulated in section 17 of the MIA 1906, in appropriate circumstances might enable courts to expand the application of good faith duty to require insurers to share the details of data they have acquired about the assured by using the power of big data. At this juncture, it should be mentioned that the Law Commissions did not envisage that the good faith doctrine would have such a role. In their view, the doctrine should continue as an interpretative principle but should not in itself give either party a cause of action.Footnote 29 However, as highlighted by several commentators already, this takes a rather narrow view of the doctrineFootnote 30 and is certainly out of line with the manner in which the good faith doctrine is developing in other jurisdictions.Footnote 31 Given that in the context of insurance contracts the parties are expected by virtue of the good faith doctrine to cooperate, it can hardly be suggested that it is unreasonable to expect an insurer at the pre-contractual stage to disclose data obtained from various sources about aspects of the risk or attributes of the assured.
Be that as it may, modelling the insurer's duty of disclosure in the context of consumer insurance contracts on the duty that exists in the context of business insurance contracts might not deliver the desired outcome. This is due to the nature of the materiality test that is relevant here. In a complex case concerning the extent of the insurer's duty of disclosure at the pre-contractual stage, the Court of Appeal in Banque Financière de la Cité v Western Insurance Co Ltd. Footnote 32 indicated that the insurer is expected to disclose all facts known to the insurer as long as such facts relate to “the nature of the risk sought to be covered or the recoverability of a claim under the policy which a prudent insured would take into account in deciding whether or not to place the risk for which he seeks cover with that insurer”.Footnote 33 Adopting this test of materiality in the context of big data would mean that insurers are expected to disclose those facts which have been actuarially shown to be objectively relevant to the level of the risk. Accordingly, insurers who profile risks by reference to non-causal risk proxies (such as social media posts or shopping habits) will not necessarily be required to disclose them even if it is assumed that they need to operate under the umbrella of pre-contractual duty of good faith.
Therefore, the nature of the “materiality” test in this context imposes a significant limitation on the prospect of the good faith doctrine providing protection for consumers. The author also has significant doubts whether the good faith doctrine is the appropriate way forward in this debate, and these concerns will be elaborated further next.
First, these algorithms are by nature very complex, making it difficult even for programmers to unravel and explain how they have reached a particular underwriting decision. In fact, computer scientists warn that in most systems it is not usually possible to interpret and explain the role of the different variables.Footnote 34 That being the case, one might forcefully query how realistic it is to expect insurers to be able to explain to every assured the weight of the personal data used in the decision-making process.
Second, it should be noted that such an expansion of the good faith doctrine might be at odds with its raison d’être. Traditionally, one of the main justifications for the good faith doctrine is to deal with information asymmetry.Footnote 35 Accordingly, the primary function of the good faith doctrine is to ensure that the party to a contract who has the command of information about the risk does not abuse the other party who has no information about various risk factors. Given that it is the consumer who is the generator of the personal data in question, it is difficult to see how an insurer who attempts to make sense of such unstructured data with the purpose of being able to make an underwriting decision is in a better position (knowledge-wise) than the assured so that it needs to disclose to the assured details of the risk assessment process assisted by big data analytics to achieve information equilibrium.
Third, before advocating an expansion of the insurer's duty of good faith at the pre-contractual stage, it is worth bearing in mind the evaluation of the doctrine of good faith in consumer insurance, and other developments. Less than a decade ago, it was deemed appropriate to remove the duty of disclosure at the pre-contractual stage for consumers with the introduction of CIDRA 2012. The justification given for this was that insurers now have at their disposal various advanced data collection tools so that they can obtain the data that they need to be able to engage in a rational risk assessment exercise. So, in fact it was the policy-makers who instructed insurers to use big data and other tools (i.e. machine learning, algorithms) and not expect any disclosure about the risk from consumers, as the latter might not appreciate what they need to disclose. Since then, a new data protection legislation has been put in place to ensure that data processors, including insurers, act in a reasonable fashion when dealing with personal data.Footnote 36 So, does it make sense to expect the insurers to disclose to consumers the fine details of the process of risk rating their algorithms undertake, especially given that in most cases it will not be possible to explain this? If we do expect such disclosure, there is a serious risk that this might result in a waste of effort and money in placing insurance that might push the cost of insurance up, potentially wiping out the benefits of having a more granular risk assessment for individuals.
2. Protecting privacy with the aid of data protection legislation?
On the premise that the long-established insurance law principle of good faith would not be an appropriate tool to ease the privacy concerns of consumers, the next logical step is to consider whether data protection legislation could provide the appropriate level of protection for consumers whose personal data has been harvested and used by insurers for risk assessment purposes. The relevant legal framework in this context can be found in UK General Data Protection Regulation (UK GDPR), which is based on EU General Data Protection Regulation,Footnote 37 and the Data Protection Act 2018, designed to supplement UK GDPR. There is no doubt that these legislative measures impose several limitations on the manner in which insurers could use big data analytics and other forms of artificial intelligence for risk assessment purposes.
As a starting point, we should emphasise that these pieces of legislation do not prohibit insurers from obtaining personal dataFootnote 38 relating to consumers seeking insurance cover directly or from third parties for the purpose of processing (for risk assessment purposes) as long as various safeguards are observed.Footnote 39 In particular, under this legislation insurers, as data controllers, engaged in processing special categories of dataFootnote 40 would require explicit consent from their customers.Footnote 41 This would naturally require a high degree of precision and definiteness in the declaration of consent, as well as a precise description of the purposes of processing. Of course, this is a significant safeguard but in practice insurers, with the assistance of their lawyers, employ a clear wording in their privacy notices to achieve this consent from those seeking insurance cover and it is always a debatable point whether consumers giving consent really appreciate to what they are consenting.Footnote 42
Another safeguard that can, potentially, provide a degree of protection for consumers is the provision of UK GDPR that gives data subjects a right not to be subjected to a decision based solely on automated processing (in this context “profiling”) of personal data.Footnote 43 Again, the protection that this can provide to consumers should not be overstated. The insurers will, in all probability, obtain consent to carry out automated decision-making,Footnote 44 and in that case the only right of the consumer will be to seek ex post an explanation of automated decisions affecting them.Footnote 45 In the unlikely event that such content is not expressly obtained, it is also possible for insurers to argue successfully that profiling activities for underwriting purposes should be permissible as they are necessary for entering into, or performance of, a contract between themselves and the data subject.Footnote 46 However, this clearly does not require insurers to disclose the “full algorithm” and they can easily standardise the information provided with the aid of their lawyers to satisfy this requirement.
3. Suggested solution for privacy concerns
As discussed above, the data protection legislation provide certain safeguards, which can ease some of the privacy concerns of consumers, but it is submitted that there are still gaps left by the regulatory law that can compromise the privacy of individuals:
(1) A time limit should be imposed as to how far back insurers can go in gathering and using personal information concerning individuals. To give an extreme example, it will not be appropriate to allow algorithms to use, as part of the risk assessment exercise, comments placed on social media years ago by an individual. The data controller is expected to review the need for the continued storage of personal dataFootnote 47 but no restriction is imposed on how far the data controller can go back in terms of collecting personal data.Footnote 48 This is an area that requires a careful re-evaluation.
(2) The principles of transparency and purpose limitation that underpin the UK GDPR require insurers to inform data subjects if the data originally collected for a different purpose (i.e. data obtained from credit card companies concerning shopping habits of individuals) is used for a different purpose (i.e. running big data analytics to calculate individual premiums for health insurance; this is known as data repurposing).Footnote 49 While privacy notices could be used to inform customers about such repurposing, it might be difficult, if not impossible, for insurance companies to comply with this requirement if their analysis includes data about individuals who are not their customers. As put by one commentator: “Insurance companies using data mining techniques do not usually know what they will find until it is too late.”Footnote 50 Therefore, it certainly makes sense to consider imposing some specific restrictions on insurance companies’ capacity to repurpose data.
(3) The increase in the volume and variety of data flows renders the data more susceptible to unwitting manipulation, use or disclosure; and of course there is an increased risk of the data being stolen or compromised as a result of a cyber-attack. The risk could be even higher if insurance companies delegate the task of running analytics to smaller “insurtech” providers, given that security systems of such companies might be easier to penetrate by external forces. It is, therefore, necessary to consider putting in place specific requirements as to how personal data should be protected by insurance companies; and no doubt procedures must be put in place with core security standards, prompt notification and remediation of breaches. The data protection legislation require data controllers to put in place technical and organisational measures to ensure no accidental loss of personal data occursFootnote 51 but there is a case to consider standardising such procedures for insurance providers engaged in big data analytics due to the sheer and varied amount of information their algorithms use for risk assessment purposes and the significance of ensuring the integrity of such data from the perspective of consumers.
In essence, there is no doubt that relevant data protection legislation affords a degree of control to individuals over their personal data, and requires insurers to ensure certain safeguards are in place to be able to process such data with the aid of artificially intelligence enabled processes. However, two preliminary observations are in order. First, it is not clear that individuals consenting to such data processing are fully aware of how much personal data concerning themselves can be obtained by insurers and how that data can be used as part of processing. In that sense, it is debatable whether their consent is actually an informed one. More fundamentally, given the significant consequences such risk assessment might have on the legal position of an individual, it can plausibly be argued that those who are left in the mercy of algorithms deserve more protection than that provided to them by the data protection legislation.
So, what is the way forward to protect the privacy of consumers in the big data era? It is proposed that guidelines should be developed and imposed by regulators, possibly by the Financial Conduct Authority (FCA),Footnote 52 as to the ethical use of big data for risk assessment purposes. Such regulations could restrict the use of data along the lines discussed above: namely, imposing limitations with regard to how far back in time personal data could be searched; restricting repurposing of personal data for insurance purposes, and stating the nature of specific safeguards that must be put in place by insurers engaged in big data analytics. These considerations should also comprise the steps that need to be taken to protect such data against cyber risks. Such regulations could be included in the FCA Handbook, in the sourcebooks of particular relevance to the conduct of insurance business.Footnote 53 The collaboration of the insurance sector, and organisations such as Association of British Insurers (ABI), at early stages of the development of such guidelines would be beneficial, especially given that this is an emerging area where expertise and previous experience are limited. In order to encourage insurers to remove any barrier to accountability, it is also recommended that a new agency, that will undertake random auditing of the algorithms used by insurers to ensure that various algorithms in use function within the approved bounds, is established by regulation. This new agency should have expertise to deal with technical issues relating to algorithms, but it is also essential that those serving in that unit have a good understanding of insurance law and regulatory guidelines developed by the FCA. It is submitted that an agency of this nature would serve the function of policing the use and development of algorithms to ensure that they comply with the standards on human rights. No doubt, further deliberation is necessary as to the precise powers of this agency, its relationship with other regulatory bodies and how it will be funded. These are significant matters that need to be considered with the involvement of insurance and consumer representatives and regulators.
Obviously anti-discrimination legislation would not allow the use of data that have a high risk of discrimination through having a considerable disparate impact on protected characteristics. In the UK, the Equality Act 2010 is the basis for this kind of legal protection; it prevents insurers from using algorithms that would seek information that might lead to a discrimination based on protected characteristics (i.e. age, disability, gender assignment, marriage or civil partnership, race, religion or belief, sex and sexual orientation).Footnote 54
This much is clear and uncontentious. It is possible that indirect discrimination could still take place even though the algorithms used are not programmed to take into account a protected characteristic in risk individualisation process but the actual effects of individualisation carried out by the algorithms would be particularly disadvantageous for people possessing a protected characteristic.Footnote 55 Several commentators share the view that this kind of discrimination (also known as “unintentional proxy discrimination”) is the inevitable consequence of algorithms which are designed to find linkages between input data and target invariables, irrespective of the nature of these linkages.Footnote 56 For example, a programme would obviously not be designed to discriminate against women, but certain proxies, such as the colour or model of the car, might accidentally recreate side effects or bias that a human would not have voluntarily incorporated into the system. It is also possible that unintended discrimination could creep in as a result of the data used to train algorithms not being sufficiently representative. Put differently, biased training data may lead to discriminatory models either because the training data may view historical data influenced by prejudice as valid examples or it may draw inferences based on a limited or biased sample of the population.Footnote 57 One should also not dismiss the possibility that algorithmic learning can go awry resulting in unintended discrimination. Computer scientists have discovered that a neural network called CycleGAN, used in image to image translation, learned to hide information concerning the original image inside the generated one in the form of a low-amplitude high-frequency signal.Footnote 58 This was not an isolated case and it is obvious that a similar mishap could arise in the operation of algorithms used by insurers for risk assessment purposes potentially leading to unintentional proxy discrimination.
What options are open to regulators to eliminate unintended discrimination that can arise as a result of a high volume of data that can be obtained and analysed by algorithms? Regulators can employ various techniques to prevent this kind of discrimination happening. Perhaps the most straightforward solution to the problem of discrimination fuelled by big data is to allow only certain pre-approved variables, determined by regulators, to be used by algorithms in the risk assessment process. This might be easy to implement, but it will also remove most of the benefits that granular risk classification brings. Put differently, this kind of solution is counter-productive, as it will take away the innovative edge that big data analytics brings to insurance practice. Also, this solution does not tackle the problem of algorithms or data collection systems being adversely affected by human prejudice.
Another potential solution is to allow insurers to use any data legally available but require them to explain to regulators the impact of their algorithms on members of protected groups.Footnote 59 This might work if insurers are able to explain that a variable used in risk assessment and causally linked to the desired outcome (risk individualisation) is not acting as a proxy for a protected characteristic. Of course, showing a causal link in this context is not an easy task, but regulators could set the standard of proof low and expect a plausible causal link to be shown rather than requiring a definitive proof of causality.Footnote 60 The task is by no means a simple one, but it will certainly mean less interference from the regulators. The regulatorsFootnote 61 will have to audit insurers' classification systems randomly looking at the “data sets mined” by algorithms as well as the “source codes and programmers” notes’ describing the variables, correlations and inferences embedded in the algorithm.Footnote 62 These audits should focus on whether personal data is appropriately scrubbed from the data used to create predictions, whether insurers are gathering inappropriate individual data (these dealing with privacy issues discussed in earlier part) and whether the data are suggesting inappropriate correlative predictions. As indicated earlier, it is vital that the personnel carrying out such audits have sufficient technical and legal knowledge to be able to assess the appropriateness of the algorithms used for risk individualisation.
C. Errors and System Vulnerability
As has already become clear from the discussion, algorithms used for data profiling operate on the basis of correlation, not causation. This creates a risk that the algorithms might at times find correlation in the data analysed with statistical significance even though there is no meaningful correlation between the variables.Footnote 63 An example suffices to illustrate the issue. A big data analysis might reveal that from 2006 to 2011, the US murder rate correlated well with the market share of Internet Explorer, as both went down sharply, but it is hard to imagine that there is any meaningful causal relationship between the two.Footnote 64 Also, it should be borne in mind that due to the large scale of data processed by such algorithms, a small systematic error might have far-reaching consequences in terms of risk assessment.
Whilst this is not something attributable to the way algorithms operate, it should also be kept in mind that input errors or missing data on the documents or data that have been analysed could also contribute to inaccurate risk profiling by algorithms. The health sector, in particular, is susceptible to such errors. For example, it has been observed in the US that clinicians entering data into electronic health records may choose erroneous diagnosis codes, check boxes incorrectly or uncheck boxes inappropriately if the default setting has all boxes checked.Footnote 65 Similarly, data about treatment outcomes is often missing from electronic health records. Patients who are given medications, such as antibiotics, are not often asked to return to the doctor and report on their progress. This might lead to a situation where the patient's health record will detail the diagnosis and prescription but will not indicate whether the patient has recovered or failed to improve and sought treatment from a different specialist.Footnote 66
Last but not least, it is hardly an overstatement to suggest that cyber risks, whether unintentional (e.g. program bugs) or intentional (e.g. malicious cyber attacks), will become increasingly more significant as more insurers begin to employ artificial intelligence and rely on big data analytics for risk assessment. Any bug or infiltration of the programmes used for data analysis could lead to the system making extremely suboptimal decisions.
The author's intention by highlighting these difficulties is to stress the point that to use the potential of big data analytics in insurance law, there is a need to consider putting in place a regulatory framework requiring how such algorithms should operate, and to introduce an audit requirement carried out by regulators (or the new agency set up for this purpose) on the systems that will be employed by insurers.Footnote 67 That way any potential vulnerabilities and errors in the system or in the manner data is collected could be identified and eliminated.
D. Insurability Problem
One potential problem associated with an increased level of risk individualisation as a result of big data analytics is that insurance might become unaffordable or unavailable for certain groups of people. Imagine a consumer who has a genetic predisposition that raises the risk of a certain illness. This is clearly a factor beyond that individual's control; but big data analytics, armed with additional data such as medicines ordered by that individual from the internet, or searches undertaken by that individual with regard to certain medical conditions, might enable insurers to place that individual into a high-risk category, making life insurance or critical illness insurance cover unaffordable. This may raise social concerns, in particular if the risk is correlated with low income and low wealth. It is a relief that in the UK the potential destructive impact of indiscriminate use of genetic data on certain individuals has attracted attention. The ABI entered into a voluntary moratorium with the Government in 2011,Footnote 68 which commits insurers offering life, critical illness and income protection insurance not to ask their customers about predictive genetic test results when applying for insurance.Footnote 69
This is a positive development,Footnote 70 but, given the immense potential big data analytics presents to individualise risks, it is necessary to give some thought as to whether there are other sectors in which risk individualisation should not be allowed. One example is risks created as a result of climate change. If big data analytics have the capability of identifying certain correlations making it difficult for consumers who live in a particular location to obtain insurance cover for their homes, policy-makers should consider whether the solidarity principle should prevail to prevent such data from being available for risk assessment purposes.Footnote 71
Another area that requires attention is the position of those who will not be able to purchase insurance at an affordable rate as a result of granular risk profiling provided by algorithms. Assume the position of an individual who does not suffer from any genetic disorder but is not leading a healthy lifestyle and as a result of big data analytics (e.g. information obtained from his/her medical records, internet searches, shopping and eating habits), s/he is identified as a bad risk. Naturally, most insurance providers will refrain from offering him/her life or critical illness insurance at an affordable rate or at all. This might pose a problem for the government. On one hand, given that this individual's predicament is the result of his/her choices, one can plausibly argue that there is no need for government or industry interference. Equally, it can be argued that in the absence of such granular risk assessment this individual would have been offered insurance at a reasonable rate so s/he should not be penalised due to the fact that technology allows us to better profile risks. The author has less sympathy for the latter argument; however, if the government decides to intervene in this instance, the next issue is going to be deciding the nature of such intervention. One possibility is to provide premium subsidies to those who are in that category. Some commentators believe that providing premium subsidies is the best form of intervention to an insurance market, as this does not distort the price mechanism, leading to inefficiencies, and allows positive effects of premium differentiation to be maintained.Footnote 72 An alternative could be to establish a scheme of insurance of last resort for such individuals similar to Flood Re. However, it should be noted that the position of those who price themselves out of the insurance market due to their personal choices is not similar to those who happen to own a house exposed to natural disasters created by external factors. It is therefore unlikely that government would be willing to invest into an insurance scheme to protect them. Still, as the use of data analytics becomes more common, this would bring these issues to the fore, and there is a need for them to be more thoroughly debated.
E. Price Discrimination
A controversial aspect of big data analytics is that it might potentially enable insurers to determine which of their customers are sensitive to prices so that they can charge higher prices to those willing to pay more. Essentially, this means that insurers could use non-causal risk proxies (e.g. shopping habits or internet searches) to determine whether a potential customer is willing to pay more for the same product as opposed to others who are in the same risk category. Put differently, the big data analytics might provide insurers with a very powerful weapon so that they quantify the premium the customer will be asked to pay based on their willingness to pay rather than their riskiness. Most insurers will view this as part of their price optimisation strategy, although this might not be a view widely shared by most consumers.Footnote 73 It is also worth noting that such practices are banned in some jurisdictions.Footnote 74
The arguments on this matter are finely balanced but it is submitted that no interference from regulators is necessary for the following reasons:
(1) Judged purely from an economic perspective, it is possible that price discrimination might have a positive effect on society. Assuming that additional profits generated from those who are willing to pay more for their insurance cover are used by insurers to offer insurance to those who would normally not be willing to purchase insurance at the going rate, this will contribute to an expansion of insurance in the population. Insurers might see a benefit in engaging in this kind of exercise to maximise their profit margins by attracting new business, and they could use the additional funds generated from price discrimination as an incentive to this end.
(2) Approaching the issue from a behavioural economics perspective, it is possible that some consumers might benefit further from price discrimination. Imagine that a consumer is quoted a premium by an insurer slightly lower than other offers. To an insightful consumer this is a signal that s/he is regarded by that insurer, following an assessment by data analytics, as a low-risk customer, enabling such customer to use this information against the insurer by insisting on an even lower premium. Taking this theory to its natural conclusion, one might suggest that in a world in which insurers know more about policyholders than the latter know about themselves, pooling and attendant risk-spreading will actually increase, and to be able to stick to the pool rate will be the best the insurers can hope to do.Footnote 75
(3) In a market which functions in an efficient manner, there is every reason to believe that competition between insurers will restrict their ability to exert aggressive price discrimination.
(4) Last but not least, from a regulatory perspective it remains a possibility that a consumer could claim that an extreme degree of price discrimination based on non-causal risk proxies is a violation of the FCA Principles for Business (PRIN) HandbookFootnote 76 or the rules in ICOBS,Footnote 77 enabling him/her to make a complaint to Financial Ombudsman ServiceFootnote 78 or bring a claim for damages against a regulated insurance provider under s. 138D of the FSMA 2000.Footnote 79 Put differently, there are legal mechanisms open to any individual who can show that s/he has suffered from the effects of price discrimination.
III. Risk Customisation
Sensor technology, by increasing connectivity and enabling continuous monitoring through the mobile network, provides opportunities for insurers to use various technological devices to obtain real-time data on the subject matter of insurance. There is no denying that the use of such devices could yield several benefits for the assured. It is possible, for example, that such digital monitoring could provide real-time insights to policyholders on their risk behaviour and incentivise them to reduce their risk. Also, continuous collection and analysis of behavioural data enables dynamic risk assessment, providing an opportunity for consumers to obtain personalised insurance cover. This would potentially mean a reduction in motor insurance premiums for better drivers and cheaper life/critical illness cover to those who eat healthy diets and exercise a lot. Consumers could also benefit from the additional variety of products that insurers can offer as a result of the use of such devices. In motor insurance, for example, several insurers offer use-based insurance by using telematics devices to help them to determine with precision how much the insured vehicle is used and in what geographical limits.
Approaching the matter from the perspective of insurance law, one can envisage such devices having a particular impact on two aspects of the insurance relationship:
(1) Insurers could use the additional real-time data obtained as part of the risk assessment process to determine the premium for renewals or extensions; and
(2) Insurers could add new clauses into the contract designed to limit and/or control the alteration of risk detected using the additional data.
There can be no doubt that using the real-time data obtained by sensor technology in risk assessment process could raise issues, such as privacy and discrimination, as discussed in the earlier part, as well as some other legal issues.Footnote 80 On the other hand, as will be deliberated further in this part using such real-time data as a means of limiting the scope of cover do not create similar problems for consumers.Footnote 81
A. Impact of Sensor Data on Risk Assessment
The fact that such devices will provide insurers with real-time data on key matters concerning the risk (e.g. driving habits or lifestyle of the assured) means that insurers will have at their disposal significant amount of additional data for risk assessment purposes. In recent years we have witnessed insurers using this additional data creatively. Some insurers, for example, offer the assured the prospect of reducing the insurance premium if it is established with the aid of this additional data that the risk score of the assured is better than the score calculated at the outset. However, it is certain that the additional real-time data will be of great assistance to insurers when they consider offering renewals or extensions to the cover. At this juncture, a difficulty highlighted earlier might reoccur. It is a serious possibility that a consumer might find it difficult to obtain insurance cover at an affordable premium if the data transmitted through such devices contribute to him/her being classified as a bad risk. If this is the consequence of an individual's behaviour, the author has less sympathy. However, the matter is slightly different when it comes to health or life insurance. The real-time data obtained from individuals with high health-related risks (not induced by their own lifestyle choices) would mean that they will face high and potentially unaffordable premiums which would no doubt limit their access to basic medical service provision, leading to a further deterioration of their condition. As discussed above, this is an area that requires further discussion, especially as to whether a regulatory interference to the market conditions would be required.Footnote 82 By the same token, using real-time data obtained through sensor technology in a risk assessment process (e.g. for the purposes of renewals or extensions to cover) could potentially raise privacy and discrimination issues discussed above under the heading of “risk individualisation”. The author is of the firm view that use of such data should be restricted and algorithms that use such data in risk assessment should be subject to audit along the lines discussed earlier.Footnote 83
Furthermore, issues concerning the potential use of the data obtained from these devices could arise. UK GDPR gives the data subject a right to request the data controller to provide him/her with a copy of his/her personal data in a structured, commonly used and machine readable format and also request the data controller to transfer this data to another controller.Footnote 84 Therefore, insurers are under an obligation to provide data obtained from telematics devices or wearables with regard to the consumer in question to him/her or other insurance companies if requested by the consumer. That much is clear. A more difficult legal question will emerge if insurers attempt to claim ownership of such data with a view to exploiting it commercially by dictating in the insurance contract that the data obtained though such devices become their property. It is a debatable point whether ownership claims made in contract terms will be effective.Footnote 85 However, perhaps this is not a practical problem at this stage as we have not come across any standard insurance contract where insurers claiming ownership of such data.
It is also important to bear in mind that under the current data protection legislation there is no restriction on the ability of an insurer to use the real-time sensor data obtained from telematics devices or wearables for another purpose, eg in assessing risk for another product, as long as the individual is given notice that such data will be used as part of risk assessment. It is, therefore, essential to devise guidance on the ethical use of sensor data by insurers along the lines discussed above.Footnote 86
Last but not least, sensor data might introduce some novel vulnerabilities for the insured property. Imagine a situation where hackers use the network system that operates a home telematic device to gain access to a property in order to burgle it. It is possible that this might trigger penalties for the insurer under the data protection legislation.Footnote 87 But more significantly, if the resulting loss is not covered under the policy, the assured would be able to make a claim (for breach of contract and/or in tort) from the insurer who owns such a sensor device for failing to exercise due diligence to prevent such cyber attacksFootnote 88 leading to the loss not covered by the policy.Footnote 89 At first sight, these eventualities might seem far-fetched, but every disruptive new technology is capable of creating such novel problems and it is likely that such issues might be faced by insurers when the use of such technology becomes common in the market.
B. Creating Tailor-made Clauses to Deal with Risk Alteration by Utilising Sensor Data
In insurance law, it is open to a policyholder after attachment of the risk to alter the nature of the risk without the consent of the insurer.Footnote 90 In practice, however, risk control clauses are often employed by insurers to restrict this freedom. The main objective of a clause of this nature is to ensure that the risk is maintained by the assured at the same level agreed at the inception. Traditionally, warrantiesFootnote 91 are the most common risk control clauseFootnote 92 used in insurance law.Footnote 93
Telematics devices, which enable insurers to track the activities of the assured during the currency of the policy, could play a vital role in the quest of insurers to prevent risk alteration and determine the scope of the cover available. In contemporary policies, we are witnessing an increased use of such clauses especially in instances where the use of telematics is common. For example, in motor insurance policies, clauses are incorporated into the contracts, putting restrictions on the use of the insured car. In some policies it is stated that the insured car will not be driven more than X miles from the assured's home. Similarly, there might be a term stating that the insured car will not be driven at certain times of the day, eg between 8 a.m. and 10 a.m. or when it is in an unroadworthy condition. In some policies, there are terms where the assured warrants that the insured car will not be driven above the legal speed limits or when under the influence of alcohol or drugs. Some of the clauses are more draconian, allowing insurers to cancel the policy if the assured displays some kind of unacceptable driving behaviour.Footnote 94 Again, in instances where the insurers make use of home telematics, we often see warranties requiring the assured to keep various loss preventive devices (e.g. fire and burglar alarms) operative during the policy period. Needless to say, telematics devices make it possible to monitor compliance with this kind of term.
As long as such terms are written in plain language and transparent, it is difficult to see any reason as to why any restriction on their use should be imposed. Terms designed to prevent the assured from altering the risk have traditionally been incorporated into insurance contracts. For example, most assureds who took motor insurance policies in the 1920s would warrant that they would maintain the insured vehicle in an “efficient” or “roadworthy” condition, and an insurer who could prove that the vehicle was not in such a state would have had a defence to any claim arising out of an accident involving the insured vehicle.Footnote 95 So why should things be different if an assured today warrants that the insured vehicle would not be used at certain times of the day but an incident occurs and the telematics device confirms that the vehicle was in use during those times? Likewise, if a home insurance policy requires a fire alarm to be kept operative during the policy, and home telematics device informs the assured of a malfunction in his/her fire alarm system but s/he fails to take any action (i.e. fails to prevent a risk alteration), could any objection be raised for that particular assured not being able to recover for a loss caused by a fire?
Of course, this is not to say that validity of such terms could not be challenged under consumer protection legislation or regulations put in place to regulate the conduct of business of insurers. However, it is highly unlikely that terms used in the market concerning telematics devices or wearables will fall foul of such statutory provisions. For example, a warranty in a telematics motor policy that requires the assured not to drive the insured vehicle when under the influence of alcohol or drugs is unlikely to be viewed as unreasonable under Rule 2.5.1 of ICOBS,Footnote 96 affording a consumer assured a right of action for damages for breach of statutory duty under Section 138D of the FSMA 2000. In Parker v National Union Mutual Insurance Society,Footnote 97 a term that required the assured to provide all written details and documents requested by the insurer was not deemed to be contrary to the rules stated in ICOBS, as it could not be said that such term could give rise to a significant imbalance in the rights of parties, given that the assured alone possessed the information which might be required by the insurer. By analogy, it can be said that a term that puts restriction on the actions of the assured that are in his/her control is unlikely to give rise to a significant imbalance in the rights of parties. Even a term affording the right of the insurer to cancel the contract if the assured displays unacceptable driving behaviour as captured by a telematics device is unlikely to be viewed as “unreasonable” given that such a right usually crystallises only after the assured engages in a very unacceptable form of driving, and under such terms it is common to give a notice of cancellation to the assured and some time before cancellation becomes effective so that s/he can make alternative insurance arrangements.Footnote 98 For the sake of completeness, it should also be stressed that the author does not believe that the Consumer Rights Act (CRA) 2015 alters the position in favour of the assured, either. Even though section 62(1) of the 2015 Act provides that a term that is judged to be unfair will not be binding on consumers, section 64(1) clearly states that a term of a consumer contract may not be assessed for fairness “if it specifies the main subject matter of the contract, or if the assessment concerns the appropriateness of the price payable under the contract by comparison with the goods, digital content or services supplied under it” as long as this term is “transparent and prominent to an average consumer”.Footnote 99 When this section is read in conjunction with the explanatory notes that accompanied the EU legislation forming its originsFootnote 100 and the reasoning of English courts on the matter,Footnote 101 it is strongly arguable that any term in an insurance contract excluding or restricting the scope of the cover will not be subject to the fairness test referred to in section 62(1) of the CRA 2015 as long as it is transparent and brought to the attention of an average consumer. This will certainly be true for a term in a consumer insurance motor policy that affords a remedy for the insurer in a case where telematics devices confirm unacceptable (dangerous) driving practice demonstrated by the consumer for a sustained period of time. Ultimately, insurance cover here is offered on the basis that the risk will be retained at a particular level (i.e. the assured will not alter the risk by engaging in unacceptable and/or dangerous driving behaviour during the currency of the policy).Footnote 102 If the assured acts contrary to this term, by virtue of the relevant term the process of cancellation commences. This is a very clear indication that the relevant clause is one that defines or circumcises the insured risk and ultimately the liability of the insurer so it is highly unlikely that it needs to be subjected to the “fairness” test stipulated in section 62.Footnote 103
Leaving consumer protection legislation aside, it should be noted that general insurance rules might provide some degree of protection to assureds who might face restrictions imposed by telematics insurance policies. Imagine for example, a telematics home insurance policy which requires the assured with a warranty to keep the burglar alarm in an operative condition during the policy period. A defect in the burglar alarm is identified by telematics and although the assured is informed no corrective action is taken. A few days later, the insured property is damaged as a result of a storm affecting the region. Normally, in case of breach of an insurance warranty, the cover is suspended until the breach is remedied,Footnote 104 but section 11 of the IA 2015 stipulates that the assured will be indemnified for a loss occurring at a time when a warranty (or term) is not complied with if (1) compliance with the warranty (or term) in question would tend to reduce the risk of loss of a particular kind, loss at a particular location or loss at a particular time; and (2) the assured demonstrates that non-compliance with the warranty (or term) could not have increased the risk of the loss which actually occurred in the circumstances in which it occurred.Footnote 105 To seek refuge in this section, the assured in the light of the loss arising must first establish that the warranty (or term) that is breached is intended to reduce the risk of loss of a particular type or at a particular location or at a particular time. The test that is introduced here is an objective one and it essentially attempts to identify whether compliance with the warranty (or term) is thought to reduce the chances of the particular type of loss being suffered. Turning to the example above, the assured would possibly be able to establish that the relevant warranty would objectively tend to reduce the risk of break-in (and related events such as arson and vandalism). This will mean that the insurer's liability in respect of break-in would be suspended during the period of breach. If, however, a loss arises as a result of another peril, such as a storm, that is not connected to unauthorised entry into the premises, that loss will be covered as the assured in all probability will be able to demonstrate that non-compliance with the warranty (i.e. burglar alarm not being in operation) could not have increased the risk of loss caused by storm.Footnote 106
However, one should not lose sight of the fact that section 11 of the IA 2015 does not apply to a warranty (or term) that is designed to describe the limits of the cover as a whole. Put differently, if a warranty (or term) has the effect of limiting the scope of cover generally as opposed to limiting the effect of a breach in relation to a specific risk, the assured will not be able to rely on section 11 if a loss occurs during the period of breach. This would mean that if a telematics motor policy imposes a warranty to the effect that the insured car should not be driven X miles from the assured's home, the assured will not be able to recover for a loss that arises beyond those limits.Footnote 107 By a similar token, a telematics motor policy that stipulates that the insured car would not be used at certain times of the day will not respond to a claim that arises from a loss occurring during those hours. Of course, it is inevitable that boundary disputes will arise. Imagine that in a telematics motor insurance policy there is a warranty or condition precedent requiring the insured vehicle to be kept “in a roadworthy condition at all times”. Also imagine that the assured drives the car when headlights are not working during the daytime and a collision occurs as a result of another driver hitting the insured car from behind. The assured could plausibly argue that the term was designed to reduce the risk of loss when the car is driven at night with no functioning headlights so the breach here (driving when headlights not fully functioning during daytime) could not have increased the risk of loss in the circumstances in which it occurred. Equally, it is plausible for the insurer to argue that this is a risk-defining clause and it imposes a restriction (driving only when roadworthy) that relates to the risk as a whole, so section 11 is not relevant here. It is the author's opinion that the latter argument is more palatable given that the condition that the insured vehicle should be kept at during the currency of the policy is a matter which goes to the heart of risk definition. Accordingly, it is very likely that the assured's cover will remain suspended during the period when the insured vehicle was used when headlights were not functioning.
It needs to be emphasised that cancellation clauses do not come under the scope of section 11. Hence, it is no surprise to see most telematics motor insurance providers opting to employ cancellation clauses that allow them to cancel the policy if it is recorded that the insured driver has engaged in dangerous driving patterns (e.g. repeatedly driving over speed limits). However, there is convincing judicial authority to the effect that in cases where the insurer is entitled to exercise discretion under the policy on the basis of information obtained (e.g. when exercising a right of cancellation), the insurer is expected to exercise this discretion in a reasonable fashion, without arbitrariness, capriciousness or perversity.Footnote 108 The legal basis of this qualification remains uncertain. Some commentators associate it with the duty of good faith,Footnote 109 although the precise ambit of the application of good faith principle in this connection is far from being clear.Footnote 110 Assuming that the continuing duty of good faith has a role to play here, it is likely that it will require the insurer that obtains information from a telematics device about the driving behaviour of the assured not to act dishonestly, improperly, capriciously or arbitrarily.Footnote 111 However, it should be borne in mind that most cancellation clauses used in telematics motor insurance policies stipulate that, when exercising the right of cancellation, the insurance company must notify the assured of the reasons for cancelling and also explain those reasons. This is a clear sign that insurers are well aware of the fact that their cancellation right is subject to various limitations imposed by law, and it is therefore unlikely that they would act in an arbitrary fashion when exercising a right of cancellation after having obtained data from telematics indicating unreasonable driving behaviour of the assured.
It should, finally, be noted that under the Road Traffic Act 1988, the insurer could be prevented from relying on some of the risk control clauses that might appear in a telematics motor insurance policy to deny cover against third parties. Section 148(2) of the Road Traffic Act 1988, inter alia, stipulates that a third-party liability insurer cannot rely on matters such as the age, physical condition, or mental condition of persons driving the vehicle, the condition of the car, or the time at which or the areas within which the vehicle is used. That means that a warranty that requires the insured car not to be driven at certain times or outside a geographical limit cannot be used to deny liability to third parties if the insured vehicle is involved in an accident during those times or outside those geographical limits. The same is true in relation to a term that requires the car to be driven in a “roadworthy” condition or a term preventing the insured to drive the insured car when under the influence of drugs or alcohol. In those circumstances, an insurer who pays out a third-party claim could seek to recover this sum from the assured under section 148(4) of the Road Traffic Act 1988.
IV. Concluding Remarks
Big data analytics and artificial intelligence are rapidly changing the way insurers run their businesses. They particularly assist insurers (1) to individualise the risk assessment process at a granular level; and (2) to customise insurance products they offer to the public. It is argued in this article that consumers are not necessarily in a worse position in terms of (2), as consumer legislation and general principles of insurance law could ensure that the use of algorithms and artificial intelligence do not provide any unfair advantage to insurers.Footnote 112 However, it has been also asserted that uncontrolled use of data analytics and algorithms in the process of risk assessment could create various difficulties for consumers since the existing legislation, in particular data protection legislation, could not provide the required degree of protection for consumers. It has been illustrated that there are legitimate concerns as to whether the privacy of consumers can be adequately protected. It is also possible that the use of algorithms might lead to indirect discrimination in some cases against some consumers, as such programmes are designed to find linkages between input data and target invariables irrespective of the nature of these linkages. There is also the potential of errors in the data collection or data analysis that could create unforeseen consequences for some assureds. Finally, it has been illustrated that a granular risk assessment might create insurability problems for some group of people (especially those who have genetic or chronic health problems). This is an issue that policy-makers need to consider seriously, as it might be necessary to show solidarity and preclude the use of certain types of data from the risk assessment process.
The main conclusion emerging from the article is that it is essential to consider regulating further the use of algorithms and big data analytics especially in the process of risk assessment. The issues that need to be considered carefully by policy-makers have been highlighted in this article. Also, it has been suggested that there is a need to establish a new agency that can undertake the task of running random audits to ensure that the algorithms used are within the parameters set.
This technology presents great opportunities for insurers. And, it is certainly vital that the right balance is struck in regulating a new area of development, since over- regulation could prevent this technology from achieving its full potential. It is evident that some degree of regulation beyond the current legislation of data protection is required so that this technology is used in a fair and transparent fashion in the risk assessment process. It is hoped that the insurance sector recognises this, and even perhaps plays an active role in shaping the regulatory framework in this area.