IL App. 1st / BIPA
Violation-of-Law Exclusion Bars Coverage for BIPA Claim; Estoppel Does Not Apply
The Illinois Appellate Court for the First District, in an opinion written by Judge Ellis, applying Illinois law, declined to follow a recent decision from the Seventh Circuit and determined that there were no coverage obligations for an underlying claim asserting violations of the Biometric Information Privacy Act (BIPA) due to the catch-all provision of the violation-of-law exclusion. The Appellate Court also held that doctrine of estoppel did not apply to bar policy exclusions where there was no duty to defend.
National Fire Insurance Company of Hartford (“National Fire”) filed suit seeking a declaration it had no duty to defend or indemnify its insured, Visual Pak Co. (“Visual Pak”), in an underlying class action lawsuit in which it was alleged that it violated BIPA. Visual Pak tendered the suit to National Fire under a CGL policy. National Fire denied coverage based on a violation-of-law exclusion in the policy and refused to defend. The trial court determined that National Fire had no duty to defend given the violation-of-law exclusion. However, despite finding that National Fire had no duty to defend, it found that National Fire had breached its duty to defend and was estopped from asserting any policy defenses because the exclusion was not free from doubt.
Both parties appealed. The Appellate Court affirmed the trial court’s finding that the violation-of-law exclusion applied to bar coverage. The exclusion at issue barred coverage for personal and advertising injury arising out of an act or omission that violates or is alleged to violate: (1) the Telephone Consumer Protection Act (TCPA); (2) the CAN-SPAM Act of 2003; (3) the Fair Credit Reporting Act (FCRA); or (4) “[a]ny other laws, statutes, ordinances, or regulations, that address, prohibit, or limit the printing, dissemination, disposal, collecting, recording, sending, transmitting, communicating or distribution of material or information.”
Visual Pak argued that the catch-all language of subpart (4) should be read in light of the first three subparts under the ejusdem generis canon, and thus limited to statutes like the TCPA, CAN-SPAM Act, and FCRA, which govern methods of communication (like faxes, emails, and phone calls) rather than the protection of personal privacy (like BIPA).
The Seventh Circuit in Citizens Insurance Co. of America v. Wynndalco Enterprises, LLC, 70 F.4th 987 (7th Cir. 2023), had recently examined an identical exclusion and found it ambiguous, ultimately ruling in favor of the insured. The Appellate Court, however, respectfully disagreed with the Seventh Circuit’s reasoning. The Appellate Court determined the catch-all exclusion at issue before it is broader than the provision examined in West Bend. The Appellate Court also concluded that if it were merely to isolate the catch-all language, “it is simply impossible to deny that it describes BIPA. BIPA regulates the collection, dissemination, and disposal of one’s biometric identifiers and information.”