Photo of Ben Duke

Ben Duke

Ben Duke represents insurance policyholders in a broad range of complex litigation, arbitration, and advisory matters involving all types of insurance, from general liability to D&O, professional liability, fidelity bond, rep-and-warranty and other specialized coverages. Ben has helped clients in the financial services, technology, pharmaceutical and other industries recover hundreds of millions of dollars in insurance for a wide range of third-party liabilities and first-party losses.  

Ben is a versatile trial advocate with extensive experience in federal and state courts and arbitration forums. In addition to insurance coverage matters, he has served as lead trial counsel on behalf of financial institutions defending major securities-related claims and other claims involving complex financial instruments and transactions. 

In recent years, Ben has devoted thousands of pro bono hours to major voting rights and redistricting litigation and other advocacy in support of voting rights, election integrity, and the rule of law. He has filed numerous pro bono amicus briefs in cases before the United States Supreme Court and the highest state courts, including Trump v. United States, 603 U.S. -- (2024), and Hoffman v. Independent Redistricting Comm’n, 41 N.Y.3d 341 (2023). In 2021-22, Ben led a pro bono trial team challenging Florida voter-suppression legislation enacted in the wake of the 2020 election. In 2018-19, Ben co-led a trial team in Kravitz v. US Dept. of Commerce, 382 F.Supp.3d 545 (2019), winning a permanent injunction prohibiting the inclusion of a citizenship question on the 2020 US Census questionnaire.

Cyber insurers commonly require insureds to complete detailed applications, often including extensive technical disclosure and risk self-assessments. The complaint recently filed by the insurer in Columbia Casualty Co. v. Cottage Health System illustrates the pitfalls in these requirements.

Cottage Health, an operator of a hospital network, suffered a data breach in 2013 resulting in thousands of its patients’ private medical information being publicly disclosed. In addition to other losses, Cottage Health paid $4.125 million to settle a putative class action in 2014 and faces additional proceedings arising from the breach. Columbia’s lawsuit denies all coverage for the breach and seeks to rescind its policy due to the insured’s alleged failure to comply with the cybersecurity practices described in its application.
Continue Reading Cyber Insurer Seeks to Void Data Breach Coverage Because of Purported Misstatements in Policy Application

Data breaches suffered by retailers and other businesses that handle payment cards can result in substantial assessments by card brands such as MasterCard and Visa. Retailers typically do not process payment card transactions directly with the banks that issue their customers’ cards. Instead, they contract with an intermediary—called an acquiring or servicing bank—to process their customers’ card transactions with the card-issuing banks. In the event of a payment card data breach, the card brands typically impose assessments on the retailer’s acquiring bank, which in turn pursues indemnification under its service contract with the retailer.

That was the situation in P.F. Chang’s v. Federal Insurance Co., in which a federal district court in Arizona recently held that Chang’s had no cyber coverage for over $1.9 million in credit card assessments that it had to pay as a result of a data breach. The Chang’s court found that the Federal cyber policy’s “Privacy Injury” coverage did not respond to an acquiring bank’s claim against Chang’s for reimbursement of card brand assessments, because the Federal policy’s definition of “Privacy Injury” required that the compromised confidential records at issue be the claimant’s. As is typical, the payment card information stolen by the hackers belonged to Chang’s customers and the card-issuing banks, not the acquiring bank that made the actual claim for reimbursement by Chang’s.
Continue Reading P.F. Chang’s Ruling Highlights Potential Pitfalls of Cyber Insurance