Robotics in the Workplace

Helping Hands?

Robotics will forever change the landscape of the U.S. workplace. That may create new liability concerns and eliminate others.
By: | October 15, 2014 • 10 min read

It’s probably way too soon to start dreaming up insurance products that will respond to the risk that robots are going to rise up and annihilate humankind. And good luck finding the market capacity for it anyway.

However, robots and robotics are fast becoming a fixture of our reality, and the industry is poised for rapid expansion.

Advertisement




Robots, in some form or another, have been present in the manufacturing sector since 1962, when a New Jersey General Motors factory began using a robot to do spot welding and extract die castings. By the ’70s, increasingly sophisticated machines, operated by minicomputers, were being widely used for small parts assembly.

Robotics have long since moved away from the assembly line. Robots are present everywhere from warehouses to hospitals, from farms to laboratories, and from the military to mines and more.

One of the latest robotic forays into the workplace is at the Aloft hotel in Cupertino, Calif., where “The Botlr” — a service robot that looks like a distant cousin of R2-D2 — is being used to make small deliveries to guests’ rooms. Robots may soon be flipping your burgers or picking the grapes that make your favorite wine.

Video: The Botlr, a robotic bellhop built for Aloft Hotels, delivers an item to a guest in his room.

But the application of robotics is going ever deeper.

The development of robots connected to the Internet, big data, the cloud and advanced computing technology such as artificial intelligence (AI) algorithms are bringing a new class of robots into the workplace — those that can sense, think and act based on specific data and sensory input, and make routine decisions.

In June, the Associated Press began experimenting with having machines write short business stories. The news organization said that eventually, the majority of its U.S. corporate earnings stories would be produced using automation. (As of press time, Risk & Insurance® is not yet employing robotic journalists.)

There are obvious positives to the growth of robotics in the workplace. It makes sense to give robots the high-turnover jobs that are mind-numbingly rote, as well as those jobs and tasks considered extremely dangerous.

But the change that is coming may be far more profound. Garry Mathiason, co-chair of the Robotics, Artificial Intelligence and Automation practice group at Littler Mendelson in San Francisco, cited a 2013 study published by the Oxford Martin School, examining automation potential across the U.S. labor market.

According to the study, said Mathiason, “47 percent of jobs currently done by people in the United States will be done by machines and software within one to two decades. That doesn’t mean there’s going to be 50 percent unemployment; it does mean there’s going to be that much change taking place.”

(For the record, the Oxford Martin study said that insurance underwriters are in the highest risk category for being taken over by automation, just ahead of claims and policy processing personnel, claims adjusters, examiners and investigators.)

“2010 was a turning point in terms of the acceleration of the technology and its implications,” said Mathiason. “There is a change taking place that will be the equivalent of the Internet in terms of what it will do to the workplace.”

Video: At the fulfillment center of North Reading, Mass.-based Kiva Systems, 100 robots work alongside 300 fulfillment associates.

Pointing Fingers

So far though, companies that employ robots see the importance of having human checks and balances on the robots’ work. Many companies are actually increasing staffing levels to support their robotic equipment.

That raises concerns about whether employees are at increased risk of harm by robotic equipment, or may inadvertently interfere with safe robotic operations. A fair number of workplace fatalities related to robotics have occurred in the last decade or two.

As it stands, employers are covered by existing workers’ comp statutes if a robot were to cause a workplace injury or fatality, the same as they would be in the event of an injury or death caused by any other piece of equipment.

Advertisement




The same would not be true, however, if a robot were to injure a customer, a vendor or any other visitor to a facility. In those cases, who can expect to face a lawsuit? The answer, for now, is: It depends.

Liability issues get sketchy when you factor in the element of closed versus open robotics.

In a closed robotics system, a robot is designed and manufactured for one specific purpose. (iRobot’s Roomba, for instance, is a vacuum — period — no matter how many YouTubers use it as an amusement park ride for their cats.)

But with an open robotic system, independent developers would be able to create programs, or apps, to allow the system to accomplish different user-defined tasks, adding more potential culprits in the event of a claim.

“This is going to be a big issue,” said Stephen Wu, an attorney who is of counsel to Silicon Valley Law Group based in San Jose, Calif.

“[In the event of a robot-related accident], I’m going to be doing an investigation and using experts to determine the root cause. Was it my own environment? Was it the hardware manufacturer? Was it the firmware manufacturer? Was it the application software? Was it the operating system manufacturer? Or was it some subcomponents thereof? Or else … was it a data service provider [such as one providing mapping data]?”

These questions will grow still more complicated with the growth of adaptive technology — meaning when robots make decisions on their own based on the data and sensory input they receive.

“Increasingly, adaptive intelligence is being built in where the robot is going to be changing what it does based on external stimuli,” said Drew Haaser, U.S. technology practice leader for Marsh.

“Let’s say it’s putting welds on an auto and it’s been programmed to sense the properties of the materials it’s welding and adapt … . If it makes the wrong decision — what are going to be the legal implications to that?”

That question reaches a whole other level when the consequence is a loss of life.

“What if you have a robot that is … facing the decision to either run over your daughter or hit a school bus full of kids, what is the right thing to do in that situation?” asked David Beyer, managing member of Digital Risk Resources.

“I think that it’s a very complex issue. … They try to think through a lot of these situational risks but you can’t predict all the risks all the time.”

“I think what we’re going to see is that all parties are going to be drawn into these lawsuits. They’re all going to have their feet put to the fire and they’re all going to point at each other. Unfortunately, a jury is going to have to decide these things.” — David Beyer, managing member, Digital Risk Resources

It’s crucial, said Guy Fraker, that we remember robotics is not synonymous with infallible.

“You can say, ‘We can fix that with an algorithm.’ But can you program for that kind of variability in advance? No,” said Fraker, former director of business trends and foresight for State Farm and co-founder and CEO of consultancy Autonomous Stuff.

Advertisement




“We’re learning new things about the technology every day.”

“These are not dumb devices anymore,” said Haaser, “and when they make mistakes in how they interpret stimuli, is it a professional liability error in the design of the product or in the software as opposed to a straightforward bodily injury/property damage claim?”

As more businesses incorporate adaptive technology into the workplace and robotics follow cues based on what they’re learning in their environments, the more that risk management will be expected to have thought through all of the implications of how the robot or robotic systems might respond.

Eventually, there will be cases where robots make “correct” decisions that result in tragic outcomes.

Several experts cited the example of a driverless car faced with a choice of hitting a tractor trailer or hitting an occupied baby stroller. Most assume that the car would attempt to minimize damage by hitting the stroller.

In a case like that, “Was it a mistake? Well, no,” said Haaser.

“Was it what a human with a duty to care would have done? No! And how will the courts treat that? Unfortunately, there are a whole lot of questions and not a whole lot of answers yet as to how the courts will treat that.”

“I think what we’re going to see,” said Beyer, “is that all parties are going to be drawn into these lawsuits.

“They’re all going to have their feet put to the fire and they’re all going to point at each other. Unfortunately, a jury is going to have to decide these things.”

Human Augmentation

The extremely good robotics news is that a great many of the developments coming out of the industry have the potential to decrease employer exposure rather than increase it.

In particular, advances in exoskeleton technology are moving to the forefront, even gaining a global stage during the 2014 World Cup, when a young paraplegic man made the first official kick of the event, wearing a mind-controlled robotic exoskeleton.

Video: Juliano Pinto, 29-year-old paraplegic man, successfully made the first kick of the 2014 World Cup in Sao Paulo, wearing a full body robotic suit.

In South Korea last year, employees of Daewoo Shipbuilding and Marine Engineering helped test a prototype of a full-body exoskeleton that will enable them to lift large hunks of metal, pipes and other objects without excess exertion or risk of strain or injury.

“In basic safety and loss control, the first line of defense is to engineer the risk out; robotics is one of the purest forms of ‘engineering out’ a risk,” said Bill Spiers, vice president and risk consulting manager, Lockton Cos.

Bill Spiers, vice president and risk consulting manager, Lockton Cos.

Bill Spiers, vice president and risk consulting manager, Lockton Cos.

“You have eliminated the human interaction around a task that’s going to create soft tissue strains that are very costly.”

Industry leaders such as Ekso Bionics and Cyberdyne are actively producing exoskeletons that have a broad range of applications. Robotic suits could dramatically reduce injury risk for workers with physically intensive jobs, potentially enhancing productivity at the same time.

“Wearable technology has the potential for ameliorating some [health and safety] concerns,” said Littler Mendelson’s Mathiason. “You can see it someday becoming as common as safety shoes.”

Mathiason said this may eventually be of equal importance as applied to Americans with Disabilities Act accommodation issues.

“You have people who couldn’t perform the essential functions of the job. Then seven million paraplegics can suddenly walk and do things nobody thought they would ever do again,” he said.

For workers who’ve already suffered temporary or permanent disabling injuries, exoskeletons could eventually open the doors for new means to keep injured workers on the job. Even severely disabled employees could potentially be returned to productive and essential work, increasing quality of life for injured workers while saving employers millions in partial and total disability payments.

“You have people who couldn’t perform the essential functions of the job. Then seven million paraplegics can suddenly walk and do things nobody thought they would ever do again.” — Garry Mathiason, co-chair of the Robotics, Artificial Intelligence and Automation practice group, Littler Mendelson

Currently, 330 of Cyberdyne’s HAL-5 full-body exoskeletons have been leased to hospitals across Japan, where they assist patients with muscle weakness or disabilities due to stroke and spinal cord injuries. In some industries, this area of robotics could virtually eliminate obstacles to accommodating injured or disabled workers.

Due Diligence

As companies make critical decisions about incorporating robotics into their operations, it’s important to bring risk management into the loop early on.

While companies increasingly transition processes to robotics for the sake of cost savings, said Haaser, “the challenge for the risk manager will be to see that some of those savings are being reinvested back into risk management.”

Advertisement




But the most urgent piece is getting risk management involved in decisions about capital expenditures like robotics from the get-go.

John Abbott, an account executive at Arthur J. Gallagher & Co., said there are a host of questions that risk managers need to think through in advance.

“Are you going to be using it to do something that’s never been done before? Do you want to go into an area where there’s a potential environmental issue that may impair the robot’s performance? Robots are mechanical and electrical systems — any robotic system is prone to wear and tear and failure to some degree.”

Wu of the Silicon Valley Law Group added that due diligence is of utmost importance when selecting vendors for robotic system components, including whether there are any kinds of certifications that apply to the machines.

“Is there a UL-type seal of approval that we could look for that can be had?” Wu asked. “And what kind of testing went into the robots in the first place?”

Issues such as hackers and the potential for fraud must also be given consideration, said Fraker. “For every great capability that’s ever been developed … there’s an opposing potential dark side,” he cautioned.

10152014_01_cover_story_sidebar

Michelle Kerr is associate editor of Risk & Insurance. She can be reached at [email protected]

More from Risk & Insurance

More from Risk & Insurance

Black Swan: Cloud Attack

Breaking Clouds

A combination of physical and cyber attacks on multiple data centers for cloud service providers causes economic havoc. Even the most well-prepared companies are thrown into paralyzing coverage confusion.
By: | July 27, 2017 • 10 min read

Scenario

By month 16 of the new presidential administration, the Sunshine Brigade is more than ready to act.

Stoked by their anger over rampant economic inequality, the mostly college-educated group of what might best be called upper-middle-class anarchists — many of them from California, Oregon and Washington State — put in motion the gears of a plan more than two years in the making.

Their logic, to them at least, is unimpeachable. Continued consolidation of economic power into the hands of fewer and fewer corporations is creating a world where the rich increasingly exploit and shut out the poor.

Advertisement




The rise of the techno giants is accelerating this trend, according to the Sunshine Brigade’s de facto leader Emily Brookes, an All-American rugby player and a graduate of Reed College in Oregon.

With a new presidential administration seemingly bent on increasing the economic advantages of the rich with no end in sight, nothing to do then but break things up; and in so doing break the hold of this technology oligarchy.

As Emily Brookes so forcefully put in her instant messages to the other members of the brigade: Break the Cloud.

With more than 500 members, many of them with ample financial and technical resources, the Sunshine Brigade is very capable of delivering on its plan for a two-pronged attack.

It is also radicalized enough to justify the loss of some human life, even its own countrymen, to “save” — in its collective logic — the tens of millions of global citizens that are living as virtual slaves in this callous, exploitative global economy.

With websites and digitally connected services large and small down for days, irritation turns to fear.

The first wave in the attack is an attempt to infect and shut down the data centers for the top three cloud service providers. It takes months to set up this offensive.

Rather than rely on a phishing scam from outside the firewalls of the service providers, The Sunshine Brigade uses its social and business connections to place three members on each of the cloud provider’s payrolls. An infected link from someone you know, someone in the cubicle right next to you, seems like an unstoppable play.

It only partially works. Only one of the cloud service providers is harmed when an unsuspecting employee clicks on a link from their traitorous co-worker. The released malware manages to cripple a major cloud service provider for 12 hours.

With millions of users affected, the act creates substantial disruption and garners global headlines. Insured losses are around $1.5 billion. But this is just the beginning.

The morning after, the Sunshine Brigade unleashes a far more devastating and far more ruthless Round Two.

Using self-driving trucks, the Sunshine Brigade smashes into five data centers; three on the West Coast, and two in the Midwest. Fourteen employees of those cloud servers are killed and another 23 injured; some of them critically.

This time the Brigade gets what it wanted. The physical damage to the data centers is substantial enough that it significantly affects three of the top four cloud service providers for five days.

With websites and digitally connected services large and small down for days, irritation turns to fear.

Small and mid-sized banks, which host their applications on clouds, are shut down. Small business owners and consumer banking customers immediately feel the brunt. Retailers that depend on clouds to host their inventory and transaction information are also hit hard.

But really, the blow falls everywhere.

In the U.S., transportation, financial, health, government and other crucial services grind to a halt in many cases.

Not everyone is disrupted. Some of the larger corporations are sophisticated enough in their risk management, those that used back-up clouds and had steadfast business resiliency plans suffer minimal disruption.

Many small to mid-size companies, though, cannot operate. Their employees can’t get to work and when they can, they sit idly in front of blank computer screens connected to useless servers.

For the man on the street, this is hell.

Advertisement




Long lines blossom at the likes of gas stations, banks and grocery stores. A population already on edge from a steady diet of social media provocation becomes even more inflamed.

By nightfall of Day Five, the three major cloud service providers are recovered, and digital “normalcy” begins to creep back. But for many small and medium-sized businesses, the recovery comes way too late.

Economic losses promise to register in the tens of billions. It’s not being too imaginative to think that losses could hit the $100 billion mark.

Two multinational insurers based in the U.S., three Lloyd’s syndicates and a Bermuda insurer signal to regulators that their aggregate cyber-related losses are so great that they will most likely become insolvent.

Emily Brookes and her cohorts were willing to kill more than a dozen people to promote their worldview. In their youthful naiveté, they could not know just how much suffering they would cause.

Observations

For some commercial insurance carriers, the aggregated losses from a prolonged disruption of cloud computing services could be catastrophic, or close to it.

“It’s on a par with any earthquake or hurricane or tornado,” said Scott Stransky, an associate vice president and principal scientist with the modeling firm AIR Worldwide.

AIR modeled the insured losses for the Fortune 1,000 were Amazon’s cloud service to go down for one day. They came up with a figure of $3 billion.

Now consider that most businesses in this country are small businesses, with not nearly the risk management sophistication of the Fortune 1000. Then consider a cloud interruption of five days or more.

Mark Greisiger, president, NetDiligence

“Almost any company you talk about today would rely to some extent on the cloud, either to host their website, to do invoicing, inventory, you name it — the cloud is being used across the board,” Stransky said.

“It’s a significant issue for insurers and one we think about a lot,” said Nick Economidis, an underwriter with specialty carrier Beazley.

“Should a cloud service provider go down, everybody who is working with that cloud service provider is impacted by that,” he said.

“Now, pretty much every software maker is on the cloud,” said Mark Greisiger, president of NetDiligence.

“In the old days, someone would come in and install software on your servers and come in annually for maintenance. That’s all gone bye-bye. Everybody who makes software is forcing you onto their private cloud,” Greisiger said.

The aggregation risk for carriers is complicated by the degree of transparency they have into which insured’s applications are hosted on which cloud provider.

Now here’s the even trickier part. Clouds outsource to other clouds.

“It’s almost becoming a spider’s web of interdependencies on who has access to what in terms of upstream and downstream providers,” Greisiger said.

Determining which of their insureds is hosted on which cloud, and in turn, where that cloud is outsourcing to other clouds can be very difficult for carriers to determine.

Even if a company is careful to diversify the risks they’re taking, they might not realize that a high percentage of insureds are even with the same cloud provider. They could be hit with devastating losses across their entire portfolio of business, said an executive with BDO consulting.

AIR’s Stransky said his company launched a product in April, ARC, which stands for Analytics of Risk from Cyber, which is designed to help carriers gain that much needed transparency.

Among insureds, surviving an event of this magnitude will depend not only on the sophistication of their risk management department, but on the company’s overall ability to negotiate contracts with vendors and suppliers that will indemnify the company in the case of a cloud outage of this duration.

It will also depend on organization’s understanding that there is no off-the-shelf solution that will prevent an event like this or make a company whole after it.

Shiraz Saeed, national practice leader, cyber, Starr Companies

Experts say contracts with cloud service providers, customers and suppliers must be structured so that a company is defended should it lose cloud access for as much as five days or more.

Best practices also include modeling just what your losses would look like in this area, and vetting your full portfolio of insurance policies to understand how each would respond.

One broker said buyers can’t be blamed if the complexities of the coverage issues at stake here are initially hard to grasp.

“It’s becoming a spider’s web of interdependencies on who has access to what.” —Mark Greisiger, president, NetDiligence

“I think it’s the broker’s job to inform the client of this exposure,” said Doug Friel, a vice president with JKJ Commercial Insurance, based in Newtown, Pa.

“You may have business interruption coverage for direct physical damage to your building. But have you ever thought about your business income if your IT structure goes down?” Friel said.

He said many buyers might not realize there is a difference.

Advertisement




Large businesses should have the resources to demand from their cloud service providers that they be indemnified for the entirety of a cloud failure event. There will be a fee for that, but it will be well worth paying, Friel said.

“You have to push,” Friel said. “They are going to say, ‘Here is our standard contract, sign it.’ ”

Don’t settle for that, he said, although many do in ignorance, he added.

“Where possible, we would look for clients to negotiate their contracts. These business relationships should be mutually beneficial, even if one of these events occur,” said Shiraz Saeed, national practice leader, cyber, for the Starr Companies.

It’s a partnership, he said.

“It shouldn’t be a zero sum game on either side. I think there should be an understanding of what the potential loss might be and then designing a contract around that,” he said.

While cloud service providers are known for having high grade security systems, most average organizations don’t have the means for that. But no matter what a company’s resources, the first step is modeling where your digital assets are, and what you and your customers stand to lose if you lose access to them.

“Most insureds don’t seem to understand the amount of individual loss that you could be subject to,” said Jim Evans, leader of insurance advisory services at BDO Consulting. “Usually this stuff is measured in hours,” he said. “But what if a cloud provider is out for three or four days?” he said.

“Trying to quantify what you did lose in an event is hard enough. Trying to do a modeling exercise about what you could lose? It’s something that just doesn’t get done enough,” he said.

Once you have an understanding of what you own and what you stand to lose, the next step is prioritizing the protection of the assets you have. That means drilling into your contract with your cloud service providers to get the maximum indemnification.

It also means spreading your risk so that if at all possible, not all of your assets or your customers’ assets are housed by one cloud service provider. Cloud platforms can be public, private, or a hybrid of the two.

Understanding where your assets are in that architecture is crucial. Spending the money to insure that they are protected behind a diverse menu of firewalls is highly advisable.

Navigating the different iterations of business interruption coverage in property, cyber and kidnap and ransom policies is also important.

Make sure your broker can provide clarity on the different types of coverages and tailor them to your needs, experts said.

The concept of design thinking is really what’s in play here. Organizations have to work with vendors in every aspect of their operations to design a risk management system that can sustain this kind of hit.

“Build a better mousetrap to protect yourself,” said JKJ’s Friel.

“Depending on your service, you need to have the best and the brightest designing this stuff. Spread the risk.”

“Don’t be afraid to ask for more,” he said.

Postscript

In engineering an attack on the cloud, Emily Brookes and her cohorts accomplished the opposite of what they set out to do.

Advertisement




Only the largest corporations with the most sophisticated risk management programs were able to survive the attempt to break the cloud with manageable losses.

Small businesses, the true backbone of the U.S. economy, suffered terribly. Entrepreneurs who put their life’s work into their business lost it in many cases.

Those on the lowest part of the economic scale, the working poor, lost their jobs and their ability to cover their rent and grocery bills. They joined the ranks of those subsidized by the government by the millions.  The attempt to break the cloud resulted in an even more polarized society. &

Dan Reynolds is editor-in-chief of Risk & Insurance. He can be reached at [email protected]