Statutory violation exclusions in two insurers’ policies precluded coverage for lawsuits alleging claims for violation of the Song-Beverly Act arising from collection of customer zip codes during credit card transactions. ( Big 5 Sporting Goods Corp. v. Zurich American Ins. Co. (2013) WL 3526039)
Facts
In 2011, the California Supreme Court held that requesting and recording a cardholder’s zip code during a credit card transaction violates the Song-Beverly Act of 1991 (Cal. Civ. Code § 1747, et seq.). (See Pineda v. Williams-Sonoma Stores, Inc. (2011) 51 Cal.4th 524.) The Song-Beverly Act provides that violators will be subject to a civil penalty of $1,000 for each violation. However, a civil penalty will only be assessed if the violation was intentional.
Here, various plaintiffs filed eleven class action lawsuits against Big 5 Sporting Goods Corporation (Big 5), alleging that Big 5 had infringed the plaintiffs’ privacy rights by requesting, recording, and publishing customer zip codes during credit card transactions in violation of the Song-Beverly Act. Some of the class action lawsuits also included causes of action labeled “negligence” and “invasion of privacy.”
Big 5 was the named insured on three general liability policies issued by Zurich American Insurance Company (Zurich) and one general liability policy issued by Hartford Fire Insurance Company (Hartford). Big 5 thus tendered defense of the class action lawsuits to Zurich and Hartford.
The Zurich policies provided coverage for specified “personal and advertising injury” offenses, including “oral or written publication, in any manner, of material that violates a person’s right of privacy.” However, the first two Zurich policies included a statutory violation exclusion which precluded coverage for “personal and advertising injury” arising out of a violation of “[a]ny statute, ordinance or regulation, other than the TCPA or CAN-SPAM Act of 2003, that prohibits or limits the sending, transmitting, communicating or distribution of material or information.” The third Zurich policy contained a similar exclusion which precluded coverage for “personal and advertising injury” arising out of a violation of “[a]ny federal, state or local statute, ordinance or regulation, other than the TCPA, CAN-SPAM Act of 2003 or FCRA, that relates to, prohibits or limits the accessing, collection, recording, printing, dissemination, disposal, sending, transmitting, communicating or distribution of material or information.”
The Hartford policy also provided coverage for various “personal and advertising injury” offenses, including “oral, written or electronic publication of material that violates a person’s right of privacy.” The Hartford policy contained a statutory violation exclusion which mirrored the exclusion in the first two Zurich policies. In addition, the Hartford policy contained a statutory violation exclusion for personal and advertising injury “arising out of the violation of a person’s right of privacy created by any state or federal act.”
Big 5 contended that, under the terms of the Zurich and Hartford policies, both Zurich and Hartford were obligated to defend Big 5 in the class action lawsuits. Zurich and Hartford argued that they did not have a duty to defend Big 5 against class action lawsuits because, among other things, the Zurich and Hartford policies contained statutory violation exclusions that eliminated any potential for coverage.
In order to resolve the coverage dispute, Big 5 filed a declaratory judgment action against Zurich and Hartford in the United States District Court for the Central District of California.
Holding
The federal district court, applying California law, held that Zurich and Hartford had no duty to defend Big 5 in the underlying class action lawsuits. According to the district court, the plaintiffs’ claims against Big 5 in the underlying class action lawsuits fell within the statutory violation exclusions contained in the Zurich and Hartford policies, thus eliminating any potential for coverage. The district court concluded that, based on the legislative history of the Song-Beverly Act, it was clear that the Song-Beverly Act created a statutory right of privacy that did not previously exist at common law.
Further, the district court held that was irrelevant that some of the underlying class action lawsuits included causes of action labeled “negligence” and “invasion of privacy.” The court reasoned that in determining whether an insurer has a duty to defend an insured, the proper focus is on the facts alleged, not on the formal legal theory which is pled. Here, even though some of the underlying class action complaints included causes of action labeled “negligence” and “invasion of privacy,” those causes of action were actually based on a right of privacy created by statute . Thus, Zurich’s and Hartford’s statutory violation exclusions precluded coverage for all causes of action asserted in the class action lawsuits, including the causes of action labeled “negligence” and “invasion of privacy.”
Comment
The federal district court also noted that the Song-Beverly Act only allows for the recovery of civil penalties, and then only if there was an intentional violation of the statute. Because civil penalties are not “damages” within the meaning of the policies, and because the policies themselves and Insurance Code section 533 bar coverage for intentional conduct, the Zurich and Hartford policies did not potentially apply.
It should be noted that insured, Big 5, has recently filed a notice of appeal to the Ninth Circuit Court of Appeals. That of course means that the litigation is not over yet. Also, keep in mind that this litigation is pending in the federal court system. Thus, no matter what the ultimate outcome of the case is, the decision will not necessarily be binding on California state courts.