We use cookies to collect and analyse information on site performance and usage to improve and customise your experience, where applicable. View our Cookies Policy. Click Accept and continue to use our website or Manage to review and update your preferences.

Strictly necessary cookies

Cookie name Duration Cookie purpose
ASP.NET_SessionId Session This cookie holds the current session id (OPPassessment only)
.ASPXANONYMOUS 2 Months Authentication to the site
LSI 1 Year To remember cookie preference for Law Society websites (www.lawsociety.ie, www.legalvacancies.ie, www.gazette.ie)
FTGServer 1 Hour Website content ( /CSS , /JS, /img )
_ga 2 Years Google Analytics
_gat Session Google Analytics
_git 1 Day Google Analytics
AptifyCSRFCookie Session Aptify CSRF Cookie
CSRFDefenseInDepthToken Session Aptify defence cookie
EB5Cookie Session Aptify eb5 login cookie

Functional cookies

Cookie name Duration Cookie purpose
Zendesk Local Storage Online Support
platform.twitter.com Local Storage Integrated Twitter feed

Marketing cookies

Cookie name Duration Cookie purpose
fr 3 Months Facebook Advertising - Used for Facebook Marketing
_fbp 3 months Used for facebook Marketing
SRA agrees on PII cyber-crime clause

25 Oct 2021 / technology Print

SRA agrees on PII cyber-crime clause

Insurance policies will have to make clear whether cover is provided for cyber-losses, under new rules agreed by the body that regulates solicitors in England and Wales.

According to the Law Society Gazette of England and Wales, the new clause outlining the extent of cover will be added to the minimum terms and conditions of law firms’ professional indemnity insurance (PII) policies.

Policies will explicitly mention cover for cyber-crime, and specify what losses fall within scope for a potential claim.

The minimum cover is for client and third-party protection: losses to the law firm (first-party losses), except for certain costs of investigating and defending a claim, are not covered, and firms can choose to purchase a separate cyber-policy for other risks.

The Solicitors Regulation Authority (SRA) proposed the additional clause after the Prudential Regulation Authority and Lloyd’s of London asked insurers across Britain to make sure they focused on losses arising from cyber-crime in all policies.


A consultation followed over the summer, in which the SRA worked with the Law Society of England and Wales, and insurer representatives, to create the new clause. Depending on approval from the Legal Services Board, the clause should be in place for renewals from early next year, the Gazette says.

Paul Philip, SRA chief executive, said that law firms were attractive targets for criminals.

“The clause on cyber-losses provides real clarity for consumers, law firms and insurers about client and third-party protection in the event of cyber-attack, without changing the amount of cover specified by the minimum terms and conditions,” he said.

The SRA says that the proposed change should not directly alter premiums paid by law firms, as claims for civil liability caused by a cyber-attack have always been considered to be in scope of a compliant PII policy.

Insurers can continue to offer stand-alone policies to law firms, but the regulator is not mandating that law firms buy separate cyber-insurance policies.

Gazette Desk
Gazette.ie is the daily legal news site of the Law Society of Ireland