Notepad: Risk in Review – September 2019

Adam Jacobson , Morgan O'Rourke


September 3, 2019

Tesla Spars with U.S. Regulators Over Safety

Notepad TeslaThe U.S. National Highway Traffic Safety Administration (NHTSA) reportedly sent car manufacturer Tesla a cease-and-desist letter last year disputing statements the company made about the safety of its Model 3 car. Tesla published a blog post in October 2018 claiming that the Model 3 had “the lowest probability of injury of any vehicle ever tested by the NHTSA.” The NHTSA challenged this, saying that Tesla was “making misleading statements” about its safety ratings and noting that the company had not included weight differences among vehicles, making the comparison inaccurate. The NHTSA has also sent Tesla at least five subpoenas request-ing more information about multiple crashes involving its cars, three of which were fatal. Consumer safety groups have called for federal and state investigations into the crashes, which they say are linked to the company’s semi-autonomous driving systems, known as Autopilot or Advanced Driver Assistance System (ADAS). Tesla has claimed that “drivers using Autopilot register fewer accidents per mile than those driving without it,” but this has not been verified by independent research.

Capital One Hack Affects 100 Million

Notepad Capital OneIn July, Capital One revealed that a hacker had gained access to the records of more than 100 million customers in the United States and another six million in Canada. The hacker entered the system through a misconfigured firewall and obtained customer information including names, addresses, phone numbers, email ad-dresses, dates of birth and self-reported income from credit card applications, as well as credit scores, credit limits, balances, payment history, transaction data and, in some cases, Social Security and linked bank account numbers. After she posted about the theft on a public message board, Paige Thompson, a software engineer formerly employed by Amazon Web Services, was arrested in connection with the breach. Capital One said it expects the incident to cost up to $150 million, mainly for customer notification, credit monitoring, technology costs and legal support, and that it has a cyber insurance policy with a total coverage limit of $400 million.

The High Cost of Health Care Breaches

According to a recent report by IBM Security and the Ponemon Institute, health care organizations suffered the costliest data breaches of any industry, averaging $6.5 million per incident. When factoring in post-event expenditures, the health care industry faces average costs more than 65% higher than those of the other industries examined. Health care analytics company Protenus reported that between January and June 2019, more than 280 health care breaches were disclosed to the U.S. Department of Health and Human Services or the media, affecting over 31 million patient records—more than double the number for all of 2018.

UN: Climate Change Threatens Food Supply

Notepad UN Food SupplyClimate change is affecting the earth’s land masses, possibly endangering the global food supply, according to a report by the United Nations’ Intergovernmental Panel on Climate Change (IPCC). Food sources are at risk of degradation from drought, fires, melting frozen ground, and soil erosion from flooding, all of which are exacerbated by climate change. Agricultural processes are also increasing greenhouse gas emissions, as degraded land has limited ability to absorb carbon dioxide. These issues are jeopardizing the “four pillars” of food security—availability, access, utilization and stability. This will cause yield declines, increased prices, reduced nutrient quality and supply chain disruptions. To counteract the effects of climate change on land and food supply, the IPCC urged countries to enact sustainable land management policies, and for people to reduce food waste, decrease consumption of red meat and increase consumption of plant-based foods.

EPA Rejects Weedkiller Warning Labels

The U.S. Environmental Protection Agency (EPA) said it will no longer approve product warning labels that state glyphosate is known to cause cancer, in opposition to a 2017 California regulation. The California law was put in place in response to a 2015 World Health Organization finding that glyphosate is “probably carcinogenic to humans,” but more recent EPA research concluded this was not the case. The ruling was good news for Bayer, which faces more than 18,000 lawsuits in the United States from defendants who claim to have gotten cancer as a result of exposure to the company’s glyphosate-containing Roundup weedkiller. Bayer has already lost three high-profile Roundup cases since last year, with initial damage awards exceeding $2.3 billion (later reduced to under $200 million). In August, Bloomberg reported that Bayer had offered $8 billion to settle all pending cancer lawsuits, but the claim was dismissed as “pure fiction” by mediator Ken Feinberg.

Ebola Epidemic Tears Through DRC

Notepad EbolaA wave of Ebola-related deaths has swept across the Democratic Republic of Congo since 2018, surging in late July and raising the possibility of the disease spreading into neighboring South Sudan. Ebola has infected almost 3,000 people and killed nearly 2,000 in DRC, according to the World Health Organization, which declared the outbreak a worldwide health emergency after cases were diagnosed in the border city of Goma. The WHO and the Congolese government have instituted a vaccination campaign using an experimental vaccine, but many people in the country do not trust public health officials and have resisted getting vaccinated, Voice of America reported. In addition to the horrible human cost, epidemics have serious economic consequences. The World Bank estimated that the 2014-2015 Ebola epidemic cost the first three countries affected—Guinea, Liberia and Sierra Leone—around $2.8 billion in GDP. This reflects the high mortality rate and resulting lost productivity, as well as decreased employment and consumption.

Adam Jacobson is associate editor of Risk Management.

Morgan O’Rourke is editor in chief of Risk Management and director of publications for the Risk & Insurance Management Society, Inc. (RIMS)