As the number of Telephone Consumer Protection Act (TCPA) class actions has risen in recent years, one recurring question has been whether or not there is coverage under the defendant companies’ D&O insurance policies for these claims. The specific issue is whether or not D&O policy’s “invasion of privacy” exclusion precludes coverage for TCPA claims. In the latest ruling to address these issues, Southern District of Florida Judge Robin L. Rosenberg, applying Florida law, held that, in light of the specific allegations in the underlying TCPA action, coverage for the claim was precluded by the exclusion. Judge Rosenberg’s ruling is consistent with other rulings, but does also raise some interesting issues. Judge Rosenberg’s May 30, 2019 order can be found here. A June 7, 2019 post on the Wiley Rein law firm’s Executive Summary Blog can be found here.
Background
This insurance dispute arises out of a class action filed against iCan Benefit Group LLC alleging TCPA violations. iCan submitted the claim to its D&O insurer, which denied coverage for the claim in reliance on the invasion of privacy exclusion. After the insurer’s coverage denial, the parties to the TCPA action reached an agreement under which a $60 million consent judgment was entered against iCan, with the understanding that the TCPA claimants would collect this judgment from iCan’s insurer. iCan assigned all of its rights under the D&O policy to the claimants. The claimants then filed a declaratory and breach of judgment action against the insurer. The parties filed cross motions for summary judgment.
The policy’s “invasion of privacy” exclusion provides that: “The Insurer shall not be liable under Insuring Clause C for Loss on account of any Claim made against the Company … based upon, arising out of, attributable to and actual or alleged … invasion of privacy.”
The May 30, 2019 Order
In a 15-page May 30, 2019 order, Judge Rosenberg denied the claimant/assignees’ summary judgment motion and granted the insurer’s motion.
The plaintiffs had opposed the insurer’s motion on a number of grounds, including their argument that they did not have to prove invasion of privacy in order to prevail, since invasion of privacy is not an element of the TCPA cause of action. The plaintiffs also argued that allegations of invasion of privacy were just one component of their lawsuit against iCan.
Based on her review of Florida case law and relevant federal case law addressing the question of coverage for TCPA actions (including the Ninth Circuit’s 2017 decision involving the Los Angeles Lakers), Judge Rosenberg concluded that though invasion of privacy is not an element of a TCPA action, “a violation of the TCPA may in some circumstances be considered an invasion of privacy for purposes of analyzing coverage in an insurance policy.”
In reaching that conclusion, Judge Rosenberg put particular emphasis on the policy’s exclusion of coverage for claims that “arise out of” an invasion of privacy. Given this wording, Judge Rosenberg said, the exclusion would preclude coverage for the underlying TCPA claim if the claim “originated from, grew out of, flowed from, or merely had a connection with any actual or alleged invasion of privacy.” Based on the allegations in the underlying complaint, Judge Rosenberg concluded that “such a nexus does exist” in this case.
Judge Rosenberg specifically cited and relied upon the underlying complaint’s explicit and frequent reference to the invasion of the class members’ privacy. Judge Rosenberg emphasized that she reached her conclusion regarding the applicability of the exclusion based on the specific allegations in the complaint, and therefore did not reach the issue of whether or not TCPA violations are per se invasions of privacy. Moreover, because she found that all of the allegations in the underlying complaint arise out of allegations of invasion of privacy, she concluded that the policy exclusion precluded coverage for the underlying claim entirely.
Discussion
Other courts have held that the invasion of privacy exclusion in a D&O insurance policy precludes coverage for TCPA claims. One very high profile case in which the court reached this conclusion was the Ninth Circuit’s decision in the Los Angeles Lakers case, which I mentioned above. However, the value of this Lakers ruling is somewhat diminished by the fact that in issuing its decision, each of the three judges on the three-judge Ninth Circuit panel issued a separate opinion. The majority opinion concluded that a TCPA action “inherently” is an invasion of privacy claim. A second judge issued a concurring opinion saying that the case could have been decided on narrower grounds; he said he thought the allegations in the underlying claim were sufficient to establish that the claims at issue arose out of an invasion of privacy, without the need for the court to reach the issue of whether a TCPA claim is inherently an invasion of privacy claim. (A third judge dissented from the ruling, arguing that the underlying claim did not seek recovery based on an invasion of privacy).
I thought at the time that the Ninth Circuit’s split on this issue would limit the value of the appellate ruling for subsequent courts. However, Judge Rosenberg specifically said that she considered the opinion to be “persuasive authority.” She did not say specifically what she found to be “persuasive” about it, but given the outcome of her analysis, it seems that she found the opinion of the concurring judge in the Lakers case to be most instructive, as she concluded that she did not need to reach the issue whether a TCPA action represents a per se invasion of privacy allegation, given her conclusion that the specific claims in dispute here arose out of an alleged invasion of privacy.
Judge Rosenberg’s decision, based on the specific allegations in the underlying complaint, at least leaves open the possibility that in another TCPA case, another party might be able to argue based on the specific underlying allegations that the claim does not involve an alleged invasion of privacy. While this might give heart to policyholder side advocates, it is cold comfort for the insurers. Given the proliferation in the number of TCPA class action in recent years, it is hardly surprising that the insurers might seek to avoid coverage for these types of claims. My view is that if insurers mean to exclude coverage for certain specific kinds of claims, they should do so explicitly – here by means of an exclusion expressly precluding coverage for TCPA actions. That kind of express specificity would allow insurance buyers to comparison shop based on available terms and conditions.
It is worth noting here that these issues only arise under a private company D&O insurance policy. These issues would not arise under a public company D&O insurance policy, because the entity coverage in public company D&O insurance policies is limited to securities claims. Because a TCPA action is not a securities claim, it would not come within the entity coverage insuring clause.
But the invasion of privacy exclusion is a standard part of the private company D&O insurance policy. The various court decisions addressing the question of whether the invasion of privacy exclusion precludes coverage for TCPA actions do highlight the exclusion and raise the question of what the exclusion is doing in the D&O policy in the first place.
This question about the purpose of the invasion of privacy exclusion in the D&O policy is particularly noteworthy in the current circumstances where issues involving privacy invasions are a front-page story on a daily basis. I worry about the invasion of privacy exclusion sitting there in the private company D&O policy, silently creating a host of potentially worrisome issues that could arise in the event of, for example, claims arising out of GDPR or the California Consumer Privacy Law, or, more generally, claims arising out of data breaches or privacy violations.
In other words, for me, the issues about the invasion of privacy clause go much further than just the relatively narrow question of coverage for TCPA actions. The issues about the clause extend to a whole host of other kinds of claims that could become increasingly important in the future.
Which in turn begs the question of what the exclusion is doing in the policy in the first place.
The problem with the exclusionary reference to an “invasion of privacy” is that the phrase is too elastic, it potentially could be stretched to extend to a whole host of kinds of claims. All of which for me is another reason why I think it would be far better if, for example, the insurers don’t want to insurer TCPA actions, then they should say that, and not rely on a potentially over-broad exclusion.
So, consider this a modest plea for the insurers to consider removing the invasion of privacy provision, and substituting in the specific claims that the insurer intends to exclude.