On August 29, 2017, my colleagues Lawrence J. Bracken, Michael Levine, and Geoffrey Fehling published an article in Law360 discussing the Ninth Circuit’s recent decision rejecting coverage for the Los Angeles Lakers’ director’s and officer’s (D&O) insurance claim arising from a fan’s class action lawsuit under the Telephone Consumer Protection Act (TCPA), based on a broadly-worded invasion of privacy exclusion in the Lakers’ D&O insurance policy. A split Ninth Circuit panel held that “[b]ecause a TCPA claim is inherently an invasion of privacy claim, [the insurer] correctly concluded that [the claimant]’s TCPA claims fell under the Policy’s broad exclusionary clause.” The full article is available here.
Hunton and Williams LLP has published its 2016 Retail Industry Year in Review. The Review discusses the key legal and regulatory developments that affected the retail industry last year. In the Review, Hunton insurance coverage attorneys Syed Ahmad, Mike Levine and Jenn White discuss the lessons learned from insurance coverage cases that promise to have a lasting impact on retail cyber security and product contamination insurance. As they explain, “Last year’s decisions are critical reminders that having the right insurance is key, and even unintentional missteps can jeopardize coverage.” Read their commentary here.
In a case filed in California last week, an insurer once again has taken the position that funds disbursed to computer hackers because of fraudulent commands received via e-mail from hackers are somehow distinguishable from the hacker misappropriating the funds directly. They are not. The typical scheme, via social engineering commonly known as “business e-mail compromise” or “CEO fraud,” involves an e-mail from a high-level executive’s e-mail account directing a subordinate employee to wire funds to a bank account actually owned by a third-party scammer, the true author of the email. Insurers have denied coverage for such liabilities, contending that their policies do not cover voluntary disbursements of company funds – as if the insureds intended to give their funds away to the bad guys!
A US District Court has ruled that a Professional Services Exclusion in a D&O policy does not bar coverage for suits alleging that a network of for-profit career colleges engaged in false marketing regarding the quality of education and job prospects that enrollees would receive. The decision in Education Affiliates Inc., et al. v. Federal Insurance Company, et al., stems from a series of lawsuits filed against the owner of the career colleges by former students and a subpoena and draft complaint served by the Florida Attorney General alleging that the colleges were deceptive in marketing their services to prospective students.
Hunton & Williams insurance lawyers, Mike Levine and Sergio Oehninger, were quoted today in a Law360 article analyzing the impact of the recent decision in P.F. Chang’s bid for coverage for certain losses stemming from a 2013 cyber breach. In a June 1, 2016 blog post, Levine and Oehninger criticized the court’s decision and forewarned policyholders that disputes of this sort are likely to be common, given the continually evolving nature of cyber coverages. According to Levine in a subsequent comment, “until insurance markets arrive at policy language that clearly sets forth the coverage being marketed and sold, policyholders will be left to question whether denials or limitations on claims are justified.” Levine and Oehninger remind policyholders, therefore, that they should consult with knowledgeable coverage lawyers both when procuring cyber coverage and when submitting cyber-related claims, so that the policyholder’s unique circumstances are adequately addressed under their insurance program and that any claims are properly considered and paid by their insurers.
In a May 31, 2016 decision, a federal court in Arizona rejected P.F. Chang’s attempt to recover an additional $2 million it paid following a 2013 breach in which hackers obtained and posted on the Internet approximately 60,000 credit card numbers belonging to P.F. Chang’s customers. P.F. Chang’s was insured under a “CyberSecurity by Chubb Policy,” which it had purchased from Federal Insurance Company for an annual premium of $134,000. On its website, Federal marketed the policy as “a flexible insurance solution designed by cyber risk experts to address the full breadth of risks associated with doing business in today’s technology-dependent world” including “consequential loss resulting from cyber security breaches.”