Legal Spotlight: March 2014
Insurer Need Not Pay Settlement
An Indiana appeals court ruled that ACE American Insurance Inc. was not required to contribute $3 million to the settlement of an emissions lawsuit filed against Pernod Ricard USA, d/b/a Seagram Lawrenceburg Distillery.
However, the court left open whether ACE acted in bad faith in the case.
Pernod, which operated a distillery in Lawrenceburg, Ind., from January 2002 until June 2007, was sued by a neighbor, William Klepper, in a class-action lawsuit that claimed mold from the distillation process damaged nearby properties.
Pernod was insured under a commercial general liability policy by XL Insurance America from Jan. 1, 2001-2003, and by ACE from Jan. 1, 2003-2004. The ACE policy included a provision that “legally obligated” ACE to pay damages for bodily injury or property damage, as defined in the policy. It also included a “voluntary payment provision” that stated the insured should not “voluntarily make a payment, assume any obligation, or incur any expense, other than for first aid, without our consent.”
ACE agreed to contribute 49 percent of the defense costs to Pernod “under a full reservation of rights,” according to the ruling. XL paid the remainder, and in total, ACE contributed $167,965 to the costs of legal defense.
During settlement discussions, XL and Pernod asked ACE to contribute $1 million toward an agreement, but ACE set its contribution at no more than $250,000. Nonetheless, in April 2009, a settlement agreement was reached, without ACE’s involvement, that required Pernod to pay $1.2 million, XL to pay $1 million and ACE to pay $3 million.
A special master determined that ACE had honored its obligations, and that Pernod had breached its contract by entering an agreement without ACE’s consent.
A trial court agreed, but declined to enter a final judgment on all of the issues. An appeals court also agreed that ACE was not required to contribute to the settlement. However, it ruled that a final judgment on claims that ACE acted in bad faith “would be premature” at this time,” and that such a determination could be based on civil law liability, in addition to the insurance contract.
Scorecard: ACE did not have to contribute $3 million to settle allegations against a distiller accused of damaging nearby property due to mold from ethanol emissions.
Takeaway: The court expanded the ability of insureds to pursue bad-faith claims handling against carriers, by not restricting such claims to breach of the insurance contract.
Insurer Must Defend Church in Trademark Case
A church schism in South Carolina has led to a trademark infringement lawsuit filed by a breakaway diocese against the Episcopal Church in the United States — and has ensnarled an insurer that issued a commercial liability policy.
The Episcopal Church in South Carolina (TEC-SC), which broke away from the national church (TEC) in 2012 over issues including authorization of same-sex marriage, and gay bishops, filed suit to seek court authorization of its use of intellectual property, such as trade names and services.
TEC-SC then filed suit in the U.S. District Court for the District of South Carolina against Church Insurance Co. of Vermont and the Church Insurance Co., seeking indemnification and defense under its CL policy, and alleging breach of contract and bad faith.
On Jan. 6, the court dismissed Church Insurance Co. from the case, ruling there was no evidence it had issued a policy to TEC-SC.
The court also ruled the Church Insurance Co. of Vermont had a duty to indemnify and defend TEC-SC because the IP property claims created an advertising injury and potential damages, as defined in the policy.
It rejected an argument that the insurer breached its contract, but ruled there was insufficient evidence that the insurer acted in bad faith.
Scorecard: The insurance policy provides a coverage limit of $1 million for defense, and payment of claims for trademark infringement.
Takeaway: The potential awarding of attorneys’ fees are sufficient to trigger coverage for potential damages.
Oil Terminal Wins Flood Deductible Argument
A Supreme Court of New York judge agreed with Castle Oil Corp., that the company’s insurer had miscalculated the amount of a deductible following nearly $2.3 million in damages caused by Superstorm Sandy.
Castle Oil, which owns and operates a fuel oil terminal in the Bronx, had a commercial property policy with ACE American Insurance Co. in 2012.
The policy contained a $2.5 million sublimit for “flood including storm surge located in special flood hazard areas,” as defined by FEMA. The policy endorsement provided that the deductible applicable to flood loss in such areas was equal to 2 percent of the total insurable values at risk per location, subject to a minimum of $250,000.
At issue in the lawsuit filed was the phrase “insurable values at risk.”
The insurer contended that the deductible should be based on the total insurable value of the property, which was $124.7 million. That would result in a deductible of nearly $2.5 million, which is above the oil terminal’s damage amount, according to the opinion. Castle argued successfully that the 2 percent deductible applied to the $2.5 million insurable values “at risk” of flood damage — resulting in a deductible of $250,000. If that was not the case, the court ruled, the flood insurance coverage would be “illusory.”
During the litigation, ACE noted that policyholders might be able to submit a claim for more than the coverage limit and have the deductible subtracted from that amount, said Finley Harckham, an attorney and partner at Anderson Kill, who represented Castle Oil. Thus, policyholders could end up recovering the full limit of coverage without it being reduced by a deductible.
Scorecard: ACE was required to pay $2 million in damages to Castle Oil minus the deductible.
Takeaway: The value of a property for premium purposes does not necessarily equate to the value of the property’s insurable risk.
Insurer Avoids Data Breach Costs
The Connecticut Appellate Court ruled that “mere negotiations” did not fit the definition of “a suit” in a CGL policy that required an insurer to defend the insureds. The case involved the 2007 loss of computer tapes containing personal information of about 500,000 past and present IBM employees. The tapes were lost in transit.
Recall Total Information Management, which had a records storage agreement with IBM, had subcontracted with Executive Logistics to transport the data. Executive Logistics had a $2 million commercial general liability policy and a $5 million umbrella liability policy, both naming Recall as an additional insured.
Federal Insurance Co. denied coverage, and the court ruled it did not have to reimburse Recall for the $6.2 million it paid to IBM for the costs of notifying affected employees and offering credit monitoring. The insurer also said there was no “personal injury” coverage, as the policy required “publication” of the data to a third party. IBM’s lost data was never used.
Scorecard: Federal Insurance Co. did not have to pay $6.2 million following a data loss.
Takeaway: The court left open the possibility that costs to make injured parties whole by offering credit monitoring, etc., could be covered, if there is “publication” of the data to a third party.
Risks and Rewards of the Cloud
The cloud — a technology that allows users to access and use files and applications over the Internet, rather than having them stored on a local drive — is a concept that has been debated in insurance IT circles for some time now.
Cloud computing offers a number of advantages, not the least of which is that data and applications stored elsewhere don’t take up valuable storage space on hard drives or other media. In larger enterprises, this may mean a significant reduction in technology infrastructure and its attendant costs.
Cloud storage agreements also remove the sometimes onerous task of updating software applications, as well as making administrative changes over the life of the application. Some would argue that these and other benefits give cloud users a great deal of flexibility in their IT operations.
This technology also comes with some drawbacks, however, and the biggest challenge may be in the area of data security. Insurers are in the business of selling — among other things — peace of mind to their insureds. Insurer A can’t afford to be in the same position as, say, Target, when it comes to keeping its customers’ data safe from unauthorized access and use.
Cloud computing is more risky because data — and applications that may provide a path to that data — reside on the Internet and, as most teenagers know, virtually nothing that resides on the Internet is 100 percent secure.
Cloud providers, on the other hand, correctly point out that it is in their best interests to provide top-flight security to their customers, and many do so. A skeptic might add, however, that no enterprise is completely invulnerable to attack.
And when we consider the huge amount of confidential and identifying data that is housed in insurance systems, it seems much wiser to at least keep all mission-critical applications in-house, where data are better protected.
As noted, however, cloud computing offers a number of key advantages to its users, so it should come as no surprise that even security applications are now available as cloud offerings.
One company, for example, publicizes that it is “the only cloud-based mobile security solution built for enterprises to secure sensitive company data, evaluate mobile applications and block advanced threats.” The company claims to provide users with “unrivaled insight into … malicious threats in order to keep sensitive data safe, control costs and comply with regulations.”
The company adds that its solutions are completely hosted in the cloud, requiring no on-premise software, thus making deployment easy and affordable. In short, offerings such as this bring the advantages of cloud computing to the very systems that are designed to protect our enterprises.
So, is it a wise idea to put our key security applications in the cloud? Consider for a moment the idea — endorsed by many experts — that truly sensitive applications and data are probably not best placed on the Internet. What application, then, would be more critical, and sensitive, than an insurer’s security systems?
In the end, this decision comes down to an interesting risk-reward scenario.
It is probably true that cloud-based security will offer a number of advantages, including speed, lower cost of operation and maintenance, and storage device savings. It is equally true, however, that the insurer is taking a gamble on the strength and effectiveness of the cloud provider’s security systems.