Invasion of Privacy Exclusion Holds Firm
In November 2012, David Emanuel brought a class action lawsuit against the Los Angeles Lakers basketball team.
Emanuel, who had attended a Lakers game the month before, felt duped after responding to an overhead message displayed on the scoreboard. The message invited game attendees to send a text to a specific phone number with the hopes of seeing their message on the screen.
Emanuel sent a text and received an automated message in return. In the subsequent lawsuit, he alleged that the Lakers sent the response message using an automatic dialing system, which, he said, violated the Telephone Consumer Protection Act and cost him and others in text and data charge fees. They sued for $1,500 and damages.
In 2013, a California district judge dismissed the case, stating that by sending the initial text, Emanuel implicitly consented to receiving a confirmation message. The team settled with Emanuel in 2014 during his appeal.
The Lakers were insured under a ForFront Portfolio insurance policy held by Federal Insurance Co. Federal denied coverage of the suit, because the insurer claimed the TCPA fell under a policy exclusion for invasion of privacy.
The Lakers sued Federal for bad faith refusal to defend or indemnify them. A district judge ruled to dismiss the allegation, agreeing with the insurer that the policy’s invasion of privacy exclusion included the TCPA. The Lakers appealed. A divided panel affirmed the judge’s ruling.
“The panel held that because a Telephone Consumer Protection Act claim is inherently an invasion of privacy claim, Federal Insurance Company correctly concluded that the underlying Telephone Consumer Protection Act claims fell under the Policy’s broad exclusionary clause,” read the court’s decision.
Scorecard: The Los Angeles Lakers are not entitled to coverage for class allegations that the team sent unwanted text messages to fans.
Takeaway: Insurance policies that exclude privacy-related claims should clarify whether TCPA claims fall within the exclusion.
Cyberattack Costs Insurer Millions
Nationwide Mutual Insurance Co. and its unit Allied Property & Casualty suffered a massive data breach on Oct. 3, 2012. Sensitive information of more than 1 million people was stolen from its databases.
The breach affected both existing and potential customers in 32 states and the District of Columbia. Social Security numbers, driver’s license numbers and Nationwide-assigned creditworthiness scores were made available by the hackers.
Shortly after the breach, the insurer notified the customers that their information was compromised. Nationwide offered free credit monitoring and a $1 million identity theft insurance coverage with no deductible to those affected.
In the August 2017 hearing, state attorneys general from each state alleged that the breach stemmed from a security lapse. Nationwide conceded that there was a “criminal data breach,” yet denied any liability for the exposed information. The company said it took the proper and immediate steps to contain the attack.
The two parties reached a settlement of $5.5 million, to be divided amongst the states and the District of Columbia. The settlement relieves Nationwide from most legal and civil liabilities but not from criminal, antitrust, securities or tax liabilities. A spokesperson for Nationwide said that the company’s security remains compliant with data security laws.
In the end, the settlement did not include allegations of data security law violations. “Protecting consumer data is something that we take seriously,” Nationwide said. The company said it will continue to strengthen cyber-security.
Scorecard: The data breach cost Nationwide $5.5 million, which will be given to those whose information was exposed.
Takeaway: Cybersecurity programs should regularly be updated and reviewed for any potential security risks, even when a program follows security laws.
WC Death Benefits Granted to Widower
A grocery store worker was in her office when she suffered cardiac arrest. A store manager heard her fall and rushed to her aid, but it was too late. Her husband filed for workers’ compensation death benefits, claiming his wife’s death was due in part to the stress of her job.
The emergency responders’ report stated that coworkers heard the deceased saying “her job was stressing her out,” and that she complained of chest pain shortly before collapsing.
The Workers’ Compensation Board granted the husband workers’ comp death benefits on Oct. 15, 2015. The employer and its carrier appealed.
In the 2017 court hearing, the employer alleged that the cardiac event was due to underlying heart disease. There was no way to prove that job stress caused her heart to stop.
New York workers’ comp law states that barring substantial evidence to the contrary, “an unwitnessed or unexplained death [that] occurs during the course of a decedent’s employment, Workers’ Compensation Law provides a presumption … that the death arose out of the decedent’s employment.”
Because there was no formal autopsy performed on the deceased, the husband used the medical report as proof his wife’s cardiac arrest was related to the stress of her job. The court ruled the deceased’s work-related stress was a “significant contributing factor,” and her husband should receive death benefits.
Scorecard: The workers’ compensation carrier will pay death benefits to the deceased employee’s husband.
Takeaway: When injury or illness occurs on the job, employers must be diligent in reporting the incident and recording each step taken.