(Article from Insurance Law Alert, October 2021)
For more information, please visit the Insurance Law Alert Resource Center.
A North Carolina district court ruled that an insurer had no duty to defend claims alleging violations of the Biometric Information Privacy Act (“BIPA”), finding that a policy exclusion relating to the collection and distribution of information precluded coverage. Mass. Bay Ins. Co. v. Impact Fulfillment Servs., LLC, 2021 WL 4392061 (M.D.N.C. Sept. 24, 2021).
The underlying suit alleged that the policyholder’s practice of keeping employee fingerprints on file as part of payroll procedures violated the BIPA. The company’s insurers refused to defend the suit, arguing that several policy exclusions, including a “Recording and Distribution of Material or Information Exclusion” barred coverage. The court agreed and granted the insurers’ motion to dismiss.
The exclusion provided that the policy did not cover “personal and advertising injury” that arose directly or indirectly out of any violation or alleged violation of
(1) The Telephone Consumer Protection Act . . . ; (2) The CAN-SPAM Act of 2003 . . . ; (3) the Fair Credit Reporting Act . . . ; or (4) Any federal, state, or local statute, ordinance or regulation, other than the TCPA, CAN-SPAM Act of 2003 or FCRA . . . that addresses, prohibits, or limits the printing, dissemination, disposal, collecting, recording, sending, transmitting, communicating or distribution of material or information.
Applying the principle of ejusdem generis (a legal principle of interpretation under which general, catch-all language that directly follows a list of specific items is considered to include “only things of the same kind, character and nature as those specifically listed”), the court concluded that the BIPA, which prohibits the collection and disclosure of biometric identifiers, is of the “same kind, character and nature” as the statutes specified in the exclusion and thus falls within the “catch-all” language of subsection (4). As the court noted, this conclusion comports with Hartford Cas. Ins. Co. v. Greve, 2017 WL 5557669 (W.D.N.C. Nov. 17, 2017), aff’d, 2018 WL 3752235 (4th Cir. Aug. 7, 2018) (see Sept. 2018 Alert), which held that a similar exclusion barred coverage for alleged violations of the Driver’s Privacy Protection Act.
The court expressly distinguished West Bend Mutual Ins. Co. v. Krishna Schaumburgh Tan, Inc., No. 125978 (Ill. May 20, 2021) (discussed in our May 2021 Alert), in which the Illinois Supreme Court ruled that a violation of statutes exclusion did not negate an insurer’s duty to defend a suit alleging BIPA violations. The exclusion in West Bend only referenced the TCPA and the CAN-SPAM Act of 2003, and contained less expansive language in the catch-all provision.