West Bend Mutual Insurance Co. v. Krishna Schaumburg Tan, Inc.
2021 IL 125978
Ill.2021Background
- Plaintiff Sekura (representing a class) sued Krishna Schaumburg Tan under Illinois’ Biometric Information Privacy Act (BIPA), alleging Krishna collected fingerprints and disclosed biometric identifiers/biometric information to an out-of-state vendor, SunLync, without required consent and sought statutory damages.
- Krishna tendered defense to its insurer West Bend, which filed a declaratory-judgment action denying any duty to defend under businessowners liability policies.
- West Bend’s policies cover "personal injury"/"advertising injury" defined to include an "oral or written publication of material that violates a person’s right of privacy," but contain an exclusion for violations of certain statutes (naming the TCPA and CAN-SPAM and "other than" statutes regulating sending/distribution of material).
- The trial court and the appellate court held West Bend had a duty to defend, concluding that (1) “publication” can include disclosure to a single third party and (2) the statutes-exclusion is limited to statutes regulating methods of communication.
- The Illinois Supreme Court affirmed: it construed “publication” as ambiguous (including single-party disclosure), found Sekura’s allegations potentially alleged a non‑bodily personal/advertising injury and a statutory privacy violation under BIPA, and held the statutes-exclusion did not bar coverage because BIPA is not a statute regulating communication methods.
Issues
| Issue | Plaintiff's Argument | Defendant's Argument | Held |
|---|---|---|---|
| Does disclosure to a single third party qualify as a "publication" under the policy? | "Publication" includes disclosure to a single party (SunLync). | "Publication" requires communication to the public at large. | Term is ambiguous; construed against insurer — includes single-party disclosure. |
| Did the complaint allege a violation of a "right of privacy" within the policy? | BIPA codifies a privacy (secrecy) interest in biometric identifiers; disclosure to SunLync alleged violation. | Insurer implicitly argued coverage not triggered because no actionable privacy "publication" as defined. | BIPA protects secrecy interest; allegations of disclosure to SunLync potentially violated insured’s privacy right. |
| Do Sekura's allegations state a covered "personal/advertising injury" (non‑bodily injury arising from publication violating privacy)? | Alleged mental anguish/emotional injury from unlawful disclosure → nonbodily injury arising from a publication that violated privacy. | No covered injury because no publication/privac y violation as policy defines. | Allegations potentially fall within personal/advertising injury coverage; duty to defend exists. |
| Does the policy’s "Violation of Statutes" exclusion bar coverage for BIPA claims? | Exclusion should be read ejusdem generis with named statutes (TCPA, CAN‑SPAM) and thus limited to statutes regulating methods of communication. | Exclusion covers statutes that "prohibit or limit the sending, transmitting, communicating or distribution of material or information," so it covers BIPA. | Ejusdem generis applies; exclusion limited to statutes regulating communication methods (TCPA, CAN‑SPAM); BIPA does not fall within exclusion. |
Key Cases Cited
- Valley Forge Ins. Co. v. Swiderski Elecs., Inc., 223 Ill. 2d 352 (2006) (discussed meaning of "publication" in advertising‑injury context)
- Rosenbach v. Six Flags Ent. Corp., 2019 IL 123186 (2019) (recognition that BIPA codifies a right to privacy in biometric identifiers)
- Maryland Cas. Co. v. Peppers, 64 Ill. 2d 187 (1976) (duty to defend arises when underlying complaint alleges facts within or potentially within policy coverage)
- State Farm Mut. Auto. Ins. Co. v. Elmore, 2020 IL 125441 (2020) (rules on de novo review and construing insurance policy language; ambiguous terms construed against insurer)
- Gillen v. State Farm Mut. Auto. Ins. Co., 215 Ill. 2d 381 (2005) (ambiguous policy terms are construed in favor of the insured)