By Daphne Zhang
Law360 (June 25, 2021, 9:40 AM EDT) — A slew of pandemic business interruption rulings have highlighted insurance litigation so far in 2021, while Illinois’ highest court issued a first-of-its-kind decision in a biometric privacy suit, Indiana’s justices weighed in on whether crime insurance covers ransomware attacks and Verizon was awarded a large settlement in Delaware.
Here, Law360 breaks down 2021’s biggest insurance decisions thus far.
COVID-19 Business Interruption Wars Continue
Insurers and policyholders have been sharpening their arguments through the first half of 2021 as COVID-19 coverage cases proceed through federal and state courts. While insurers have prevailed in the majority of decisions, policyholders have also seen favorable outcomes in states like Pennsylvania, New Hampshire, Illinois, California, Alabama and Rhode Island.
In the first half of the year, more federal courts began to declare that earlier policyholder-friendly rulings are unique exceptions. In May, a Vermont federal court threw out a dental clinic’s proposed class action against Cincinnati Insurance Co., saying the “minority” rulings in policyholders’ favor, such as in Studio 417 v. Cincinnati and Blue Springs Dental Care LLC v. Owners Insurance Co., were “outliers.”
A week later, a judge in the Western District of Missouri ruled that a group of restaurant owners can’t tap into coverage with Cincinnati, also labeling as an “outlier” the Studio 417 ruling, issued in the neighboring Eastern District of Missouri, which found the presence of the virus potentially caused a covered “direct physical loss.”
Most federal courts have ruled that a virus exclusion commonly found in commercial property policies unambiguously bars coverage for all losses related to the COVID-19 pandemic. However, policyholders have found some wiggle room by arguing government closure orders, instead of the virus, caused their losses.
On June 2, a Minnesota federal judge ruled an insurer must face a hair salon’s suit, saying stretching the policy’s virus exclusion to include government closure orders would go “too far” and “transform a virus exclusion into a government-order or pandemic exclusion.” The judge said the salon has shown its direct physical loss was solely caused by the closure orders, so the virus exclusion was not triggered.
Two days later, a Rhode Island state judge said a Providence strip club is entitled to civil authority coverage despite its policy’s virus exclusion. Although the club offered food takeout during the lockdown, it was insured as a nightclub, and the club has sufficiently shown that it lost function as an adult entertainment business after government orders forbade its customers to go in and watch stripping last year, the judge said.
“It looks like the federal courts and state courts in a lot of jurisdictions are going in different directions, but it’s really coming down to how well-pled the complaint is,” said Robin Cohen, founding partner of Cohen Ziffer Frenchman & McKenna.
The more specifically a policyholder can allege that the coronavirus was on the covered property, such as by showing people infected with the virus were on or near the property, the more likely they can defeat a motion to dismiss, she said.
Cohen said that based on her analysis, more than 175 out of the over 190 dismissed COVID-19 business interruption cases “are situations where the policyholder did not allege that COVID was specifically on their property.”
Cohen also observed that “policyholders are doing better on the scope of the exclusions than they were on the physical losses issue.” She said she expects to see policyholders achieving more success by arguing the less limited exclusions, including contamination, pollution and microorganism exclusions, do not bar losses related to COVID-19.
On March 31, Cohen’s team convinced a New York federal judge that a contamination exclusion under a $750 million Factory Mutual policy is ambiguous and does not necessarily bar Thor Equities’ COVID-19-related losses. The judge said Thor’s argument, that the exclusion only applies to decontamination costs instead of contamination-induced losses, is reasonable.
And last week, a New Hampshire state judge ruled that insurers couldn’t avoid coverage for 23 hotels’ pandemic losses under a microorganism exclusion. The ruling granted partial summary judgment to a hotel company looking to tap into part of a $600 million tower of policies, saying COVID-19’s presence on the hotels’ properties caused a “direct physical loss or damage.”
However, “the courts aren’t always reaching the issue of whether an exclusion applies,” said Michael S. Savett, a partner at Clark & Fox who represents carriers.
Savett said although there have been some questions on the ambiguity of the exclusions, insurers do not always have to face the issue if they do a good job focusing on the policy’s prerequisite of “a direct physical loss or damage” and point out to the court that COVID-19 is intangible and does not cause property damage.
Del., NY Courts Reshape D&O Coverage
Insurance attorneys are increasingly viewing Delaware as a policyholder-friendly venue after the state found coverage for Dole Food Corp. and Verizon Communications Inc. in separate cases under the companies’ D&O policies this year. But neither attorneys for insurers nor those for policyholders expect the insurance industry to add a choice-of-law clause to the policies to avoid Delaware, as there are so many public companies incorporated in the state and carriers do not want to lose their clients.
In February, the Delaware Superior Court said Verizon is entitled to recover its $95 million 2014 settlement of a bankruptcy trustee suit that aimed to claw back $2.3 billion of indirect payments from then-insolvent FairPoint Communications. The appellate court found fraudulent transfer claims can be covered as securities claims under Verizon’s D&O insurance program. The lead insurer National Union Fire Insurance Co. and five excess carriers failed to show that debts pursued by FairPoint’s trustee were not derivative, the court said.
The following month, the Delaware Supreme Court ruled that Delaware law, rather than California law, applied to Dole’s D&O coverage dispute with RSUI Indemnity Co., as part of its holding that RSUI had to pay out the full $10 million limit of an excess policy. While Dole is based in California, it is incorporated in Delaware. The ruling mattered because California bans insurance for fraudulent conduct, which, according to RSUI, would have barred coverage for Dole and its CEO David Murdock’s settlements. Delaware, though, has no such coverage prohibition.
The Delaware courts “sent a powerful message that those corporate policyholders and their officers and directors deserve the benefits of Delaware law, which is policyholder-friendly on many important coverage issues,” said Geoffrey Fehling, a counsel at Hunton Andrews Kurth LLP.
“Given Delaware’s leading role in corporate law and governance, the choice-of-law decision [in Dole] also may influence courts in other states grappling with similar issues under D&O insurance policies,” he added.
Emily Garrison, a partner at Honigman LLP, said that although some policyholders may be wondering whether carriers may begin to add a choice-of-law provision in their D&O policies to avoid litigation in Delaware, she doesn’t think it will happen.
“Insurers may not necessarily want to commit themselves to the laws of another state, which may be favorable to policyholders or insurers on other issues,” she said.
Mike Manire, a partner at Manire Galla Curley LLP who represents insurers, said carriers do not add choice-of-law clauses because of the enormous number of public companies incorporated in Delaware and an unwillingness to lose out on business.
Manire said the Delaware Superior Court’s Verizon decision is particularly troubling for insurers in the bankruptcy context, because the court believed a bankruptcy trustee was deemed as a security holder. The ruling’s “practical impact could conceivably be enormous,” he said, as it raises the question, “does every fraudulent transfer claim or trustee claim become a securities claim now?”
Accordingly, Manire added, insurers underwriting for Delaware corporations should at least start thinking about factoring the risk of ligating in a pro-policyholder state into their policy pricing. He pointed to a D&O ruling in New York that involved the same insurer as the Verizon case, National Union, but went in a different direction.
In March, a federal judge in the Empire State freed National Union and U.S. Specialty Insurance Co. from having to pay for Hertz’s $23 million legal bill relating to a U.S. Securities and Exchange Commission probe, finding the investigation is not a “securities claim” covered under the policy.
Manire called the decision “refreshingly straightforward,” as the New York court strictly applied the policy language by finding that an SEC investigation is not an administrative proceeding covered under a D&O policy because the investigation doesn’t identify specific targets or individuals.
Courts Grapple With ‘Silent Cyber’ Coverage
Thus far, 2021 is shaping up to be another important year for insurance coverage rulings related to cyber threats, particularly so-called silent cyber risks that may trigger coverage under more traditional liability and crime policies.
On May 20, the Illinois Supreme Court ruled that West Bend Mutual Insurance Co. must defend tanning salon owner Krishna Schaumburg Tan Inc. against a customer’s Biometric Information Privacy Act lawsuit. The state high court construed “publication” broadly in the salon’s favor under its general liability policy, finding the term encompasses a situation where information was given to just one party instead of to the public at large.
Attorneys who represent policyholders told Law360 the decision provides a good roadmap for securing coverage for BIPA claims, and could start a trend in other jurisdictions. Attorneys representing carriers, on the other hand, said the ruling is an “alarm bell” signaling that noncyber insurers should be careful about general liability policies and finally craft stricter data privacy exclusions.
A few months prior, in February, the Fifth Circuit affirmed that Mississippi Silicon Holdings Inc. cannot tap into the $1 million computer transfer fraud provision in its crime policy with Axis Insurance Co. to defray its losses in a cyber fraud scheme, which totaled $1.025 million. A three-judge panel sided with a lower court that the company’s coverage is capped at a $100,000 limit for deceptive “social engineering” scams.
The $1 million computer fraud provision provided coverage only when a fraudulent event took place without the company’s “knowledge or consent,” but the case involved MSH employees sending the transfers, rather than the fraudsters, the Fifth Circuit said. Therefore, MSH cannot say the company did not know about the event, and the computer fraud provision was not triggered, the appellate court said.
Judith Selby, a partner at Hinshaw & Culbertson LLP, said the MSH decision shows that courts honor the plain meaning of insurance policy language. It’s also incumbent on companies to examine their cyber and privacy exposure and get the right coverage for it, she added.
However, Garrison of Honigman said policyholders should not lose hope in computer fraud coverage disputes under traditional policies. She pointed out the Indiana Supreme Court’s March revival of G&G Oil Co.’s suit seeking to force its insurer to cover bitcoin ransom payments it made to a hacker.
In that decision, the Indiana Supreme Court became the first state high court to weigh in on whether crime insurance covers ransomware attacks when it reversed a lower court’s ruling in favor of Continental Western Insurance Co.
The trial court held that while the ransomware attack was undeniably a crime, it didn’t fulfill the requirements for computer fraud coverage in the policy. But the state high court said G&G’s loss clearly involved the use of a computer, and the trial court’s interpretation of the policy term “fraudulently cause a transfer” was overly narrow. The justices remanded the case to the lower court, holding that further fact-finding is necessary on how the hacking scheme was carried out.
“The MSH case and the G&G cases reached different results under similar facts,” Garrison said. The two different rulings show “there’s still uncertainty in outcomes for policyholders and insurers in the ‘silent cyber’ cases,” and also highlight “the importance of choice of law and jurisdictional questions” such as where the case is litigated, she added.
Fla. Justices OK Insurer’s Suit Against Policyholder’s Counsel
In early June, the Florida Supreme Court ruled that insurers can directly bring malpractice suits against law firms they paid to defend their policyholders. The court overturned two lower courts’ decisions finding that Arch Insurance Co. lacked standing to sue Kubicki Draper LLP — which represented Arch’s policyholder in an underlying action — for malpractice because the insurer and law firm were not “in privity,” meaning they were not directly obligated to each other under a contract.
However, the Florida high court said Arch has standing based on the policy’s subrogation provision. The provision allows the carrier to step into the shoes of the policyholder, including bringing legal malpractice claims against the defense counsel, the justices said.
“The Florida Supreme Court thoughtfully evaluated this case in the context of the insurer’s contractual subrogation rights and declined to recognize an attorney-client relationship between an insurer and defense counsel,” said Meghan C. Moore, a member of Flaster Greenberg’s insurance recovery practice. Moore said the case is also “an important reminder that the defense counsel owes his or her allegiance to the insured client, who counsel has been appointed to represent.”
“In the ‘duty to defend’ world, a question about who the law firm has duties to is so complex,” said Manire of Manire Galla Curley, who represents insurers. Manire said the notion that an insurer can bring a malpractice claim against its defense counsel is not unusual, as most states allow for such a claim but for different reasons.
Some states reject the subrogation argument as a violation of public policy against assignment of legal malpractice claims, while other states strictly reject the notion of privity but recognize claims based on other causes of action, such as negligent misrepresentation, he explained.
The Arch holding is interesting because it is “based on, and limited to, the insurer’s contractual right to subrogate to the insured’s negligence claim against the defense attorney,” Manire said.
William Um, a partner at Jassy Vick Carolan LLP, said as a policyholder attorney, he welcomes the ruling because he loves “seeing insurance companies fight their own people.” Um said, “It’s a trend that’s happened over the years that carriers are not afraid to air their dirty laundry.”
He reflected that when he first practiced law in the early 2000s, insurers were avoiding suing each other and tried to solve issues outside the courthouse. But it is common now to see carriers suing each other for contribution and subrogation rights, so insurers suing their defense counsel may become a trend too, he said.
–Additional reporting by Shawn Rice, Jeff Sistrunk, Jeff Montgomery, and Nathan Hale. Editing by Marygrace Murphy.