A California trial court has held that penalties recoverable under the state’s Song-Beverly Act, which prohibits retailers from requiring certain information as a condition of a credit card transaction, were not “damages” within the meaning of a commercial general liability policy, because the purpose of the penalties was to deter misconduct and not to compensate for injury. Arch Insurance Company vs. Michaels, 37-2011-00097053-CU-IC-CTL (Cal. Super. Ct., San Diego County, Dec. 20, 2013). The court also held that the policy’s definition of “personal and advertising injury,” which provided coverage in relevant part for “publication . . . of material that violates a person’s right of privacy,” was limited only to common law invasion of privacy claims and not to claims under the Song-Beverly Act. This is one of the first court decisions addressing the scope of liability insurance coverage for ZIP code claims.
The policyholder, a retailer, allegedly required customers to provide their ZIP code and other personal identification information when making a credit card transaction in violation of California’s Song-Beverly Act. Various claimants filed six putative class actions against the retailer. After several counts were dismissed in some of the actions, each suit contained only a single cause of action, for violations of the Song-Beverly Act. The retailer tendered the suits to its CGL carrier, which eventually denied coverage.
In this ensuing coverage litigation, the parties each submitted cross-motions for summary judgment regarding the insurer’s duty to defend and indemnify the retailer in the underlying lawsuits. In relevant part, the court granted summary judgment to the insurer, holding that the suit did not seek “damages” within the meaning of this CGL policy and that the suit did not fall into the policy’s definition of “personal or advertising injury.”
Summary Judgment Analysis
The court first analyzed whether the policies covered damages recoverable in the underlying lawsuits. The Song-Beverly Act “unambiguously authorizes only statutory penalties” of up to $250 for the first violation and $1,000 for all subsequent violations. The policy provided that the insurer would “pay those sums that the insured becomes legally obligated to pay as damages . . .,” but did not define “damages.” Because the term “damages” was undefined, the court applied the “common” definition, which was “compensation recovered by a party for a loss or detriment it has suffered through the acts of another.” The retailer argued that the penalties available under the Act were compensatory in nature, because the trial court in the underlying litigation suggested that a factor that could be considered in determining the amount of the penalty was the extent to which the affected consumer had suffered a monetary loss. The court disagreed and held that the Song-Beverly Act did not provide for damages that were compensatory in nature, because the penalties under the act are designed to “deter misconduct and harm,” not to compensate the plaintiff for actual damages suffered.
The court next looked to whether coverage was available under the relevant prong of “personal and advertising injury,” which provided coverage for “[o]ral or written publication, in any manner, of material that violates a person’s right of privacy.” A common law invasion of privacy claim had been dismissed from two of the underlying actions, because the complaints did not allege facts sufficient to support a common law invasion of privacy claim. Because “no common law invasion of privacy claims [were] presently being asserted,” the court held that no coverage was available for the underlying complaints. The court did not consider the possibility that the phrase “a person’s right of privacy” might implicate something other than common law invasion of privacy claims.
In that context, the court held that the insurer had not breached any duty to defend the retailer.