Illinois Court: Insurer Must Defend IT Company in BIPA Suits

Illinois Court: Insurer Must Defend IT Company in BIPA Suits

  • Article

An insurer must defend an information technology company facing a pair of Biometric Information Privacy Act (BIPA) lawsuits, the U.S. District Court for the Northern District of Illinois said in a March 30 ruling.

In Citizens Insurance Company of America v. Wynndalco Enterprises, LLC et. al, the court disagreed with Citizens’ claim that a Statutory Violation exclusion within a business owners insurance policy precludes coverage against BIPA suits.

The underlying litigation in this case involves Wynndalco allegedly selling access to data obtained by Clearview AI, an artificial intelligence company accused of extracting photographs from social media platforms to create a database of facial scans. Melissa Thornley and Mario Calderon each filed class action lawsuits against Wynndalco, alleging that the Addison, Illinois-based company violated BIPA by selling Clearview’s database and app in Illinois.

Wynndalco purchased a policy from Citizens that provides coverage for personal and advertising injury arising out of “[o]ral or written publication, in any manner, of material that violates a person’s right of privacy.”

The policy contains an exclusion entitled “Distribution of Material in Violation of Statutes” that states insurance does not apply when personal and advertising injury arises out of any action or omission that violates The Telephone Consumer Protection Act (TCPA), The CAN-SPAM Act of 2003, The Fair Credit Reporting Act, or any other statutes that “address, prohibit, or limit the printing, dissemination, disposal, collecting, recording, sending, transmitting, communicating or distribution of material or information.”

Citizens argues that BIPA falls under the final subsection catchall, because it is unambiguously a statute engaging with matters of information and privacy.

In rejecting Citizens’ claim, Judge John Z. Lee asserts that Citizens gives an overly expansive reading to the exclusion.

“To interpret the exclusion to cover every statute that concerns a person or entity doing practically anything whatsoever with “information” would make certain coverage provisions illusory…” Lee writes.

Lee compares the exclusion to other provisions of the policy, such as coverage of slander and libel claims, false advertising claims, and claims for copyright infringement, all of which arise under state statutes. Lee contends that Citizens’ reading would bar coverage for violations of the very statues under which slander, libel, false advertising, and copyright claims arise. This reading would effectively “swallow the rule.”

“The Court refuses to adopt such a nonsensical reading of the Policy,” Lee writes.

Citizens’ second argument relies on the interpretive tool of ejusdem generis (of the same kind or class), which requires the general term to share a characteristic that is common to all the specific terms.

Ejusdem generis fails here, Lee states, because BIPA is not like the TCPA or CAN-SPAM Act, which do not regulate the collection or dissemination of personal information.

The court denied Citizens’ motion, ruling the insurer has a duty to defend Wynndalco with respect to BIPA claims and to the common law claims in the lawsuit brought by Thornley.


Was this article valuable?

Here are more articles you may enjoy.