A trial court in New York has granted summary judgment for a group of D&O insurers seeking a declaration that policies issued to AR Capital, LLC (“AR Capital”) do not provide coverage for settlements and consent judgments in actions alleging false and misleading SEC filings by VEREIT, Inc. (“VEREIT”), which is a real estate investment trust sponsored and managed by AR Capital. See XL Specialty Ins. Co. v. AR Capital, LLC, Case No. 650018/2019, 2021 N.Y. Misc. LEXIS 444 (N.Y. Supr. Ct., Feb. 2, 2021). The court’s ruling enforces the insured capacity limitation within the D&O policies’ definition of Wrongful Act, the exception of SEC disgorgement amounts from covered Loss, and an insured capacity exclusion.
After the Fourth Circuit held that a commercial general liability (“CGL”) policy could cover a data incident in 2016, confusion arose as to whether CGL policies would continue to cover data breaches. A recent California lawsuit by the smart-TV maker Vizio against two of its insurance companies shows that this confusion also arises when an insured invokes CGL policies to cover litigation arising from alleged data misuse.
A split appellate court in Pennsylvania has held that an insurer is estopped from asserting a policy exclusion that it failed to expressly raise in its reservation of rights letter. See Selective Way Ins. Co. v. MAK Servs., No. 1289 EDA 2019, 2020 Pa. Super. LEXIS 342 (Pa. Super. Ct. April 24, 2020). The court’s ruling is an important reminder that failure to properly reserve the insurer’s right to deny coverage can sometimes have significant consequences.
Coverage litigation relating to liability claims arising out of the Illinois Biometric Information Privacy Act (“BIPA”) has been relatively non-existent. One reason for this may be insurers’ reasonable conclusion that an exclusion introduced in 2006 in response to litigation arising under the Telephone Consumer Protection Act (“TCPA”) applies to this new genre of privacy litigation. That exclusion, generically referred as the Violation of Statutes Exclusion, was the insurance industry response to decisions from around the country finding that TCPA violations qualified as “personal injury” under liability policies. The exclusion evolved over time and now includes a catch-all provision that applies to violations of federal or state statutes or ordinances or regulations other than the enumerated statutes referenced in the exclusion—the TCPA, the CAN-SPAM Act of 2003 and the Fair Credit Reporting Act (“FCRA”). The Illinois court’s opinion in Westbend Mutual Insurance Ins. Co. v. Krishna Schaumburg Tan, Inc., 2020 Ill.App.(1st) 191384, is an example of how important the wording of that catch-all provision is for insurers seeking to rely on it to exclude coverage for BIPA violations.
In November, the Texas Supreme Court accepted a certified question from the Fifth Circuit directly calling into question the continued vitality of the well-known “eight corners rule,” under which a liability insurer can only consider the four corners of the live pleading and the four corners of its policy in deciding whether to defend its insured. As we noted in this blog when the Texas Supreme Court accepted the certified question, the case involved an ATV accident in which Jayden Mills, the young driver, was killed. His mother sued the Richardses, alleging they were negligent in failing to supervise and instruct Jayden.
That headline appeared Saturday in Music Business Worldwide, a trade paper, as well as in numerous other journals ranging from Variety to the Austin Chronicle. If you dug a little deeper, you would see that there was cancellation insurance for the ten-day event. But that coverage was excluded for bacterial infections, communicable diseases, viruses and pandemics.
The United States District Court for the District of Maryland recently held that an insurer must cover an insured’s costs to replace its computer systems following a ransomware attack. The case, National Ink and Stitch, LLC v. State Auto Property and Casualty Insurance Company, Civ. No. SAG-18-2138 (D. Md. January 23, 2020), contains lessons for business and insurance companies going forward.
Sophisticated cyber crimes have been of great interest in the insurance world for the past decade, but relatively low-tech schemes are also a risk to policyholders and to insurers. Tricking an employee to transfer funds to an unauthorized account is a scam that existed prior to wide-spread use of email and the Internet. For example, the fraudster calls the bank employee, pretending to be his supervisor, authorizing a payment to be made ASAP, or a seller provides “updated” information for a wire transfer at a real estate closing, and the title company sends the funds to the wrong account. More recently, perpetrators of these types of social engineering tricks have made use of email to deliver fake payment instructions, and have infiltrated company or employee accounts to obtain necessary credentials or to create the impression of authority. Depending on the facts of a claim and the terms of specific insurance contracts, policyholders who are the victims of such scams may seek coverage under cyber liability policies or under traditional lines such as crime / fidelity and general liability.
Insurance practitioners in Texas are familiar with the so-called “eight corners rule” applied by Texas Courts to determine whether an insurer has a duty to defend a suit against its insured. The “eight corners rule” is simply summarized:
Under the eight-corners rule, the duty to defend is determined by the claims alleged in the petition and the coverage provided in the policy. The rule takes its name from the fact that only two documents are ordinarily relevant to the determination of the duty to defend: the policy and the pleadings of the third-party claimant. Facts outside the pleadings, even those easily ascertained, are ordinarily not material to the determination and allegations against the insured are liberally construed in favor of coverage.
Many insurance policies contain a “war exclusion,” which states that there is no coverage for loss resulting from “war,” “warlike action by a military force,” or “insurrection, rebellion, [or] revolution.” Does the exclusion apply when a militant faction—specifically Hamas—shoots rockets into an area where the insured is conducting activities?