Insurance Law Blog
October 7, 2021

North Carolina Federal Court Applies Statutory Violation Exclusion to Illinois BIPA Claim

BY: Jeremy S. Macklin

Massachusetts Bay Insurance Company, et al. v. Impact Fulfillment Services, LLC, et al., Case No. 1:20-cv-926 (M.D.N.C.), is a coverage dispute over insurers’ duty to defend an underlying BIPA lawsuit pending in Illinois. The underlying lawsuit alleges that an employer violated BIPA by collecting fingerprint data as part of its payroll time-keeping procedures without providing the requisite notices to employees under BIPA.

On September 24, 2021, the U.S. District Court for the Middle District of North Carolina issued a ruling in connection with the coverage dispute. The court, presented with several different exclusions, focused on the following exclusion for “personal and advertising injury” arising directly or indirectly out of any action or omission that violates or is alleged to violate:

  1. The Telephone Consumer Protection Act (TCPA), including any amendment of or addition to such law;
  2. The CAN-SPAM Act of 2003, including any amendment of or addition to such law;
  3. The Fair Credit Reporting Act (FCRA), and any amendment of or addition to such law, including the Fair and Accurate Credit Transactions Act (FACTA); or
  4. Any federal, state or local statute, ordinance or regulation, other than the TCPA, CAN-SPAM Act of 2003 or FCRA and their amendments and additions, that addresses, prohibits, or limits the printing, dissemination, disposal, collecting, recording, sending, transmitting, communicating or distribution of material or information.

The court held that violations of BIPA come directly within the scope of this exclusion, as BIPA regulates the retention, collection, disclosure, and destruction of biometric identifiers or biometric information. Put differently, BIPA is of the same kind, character, and nature of the statutes listed in the exclusion. 

This ruling is at odds with the Illinois Supreme Court’s holding in West Bend Mut. Ins. Co. v. Krishna Schaumburg Tan, Inc.. The Mass. Bay court distinguished Krishna on the basis that the exclusion in Krishna only listed the TCPA and CAN-SPAM Act. In other words, the addition of paragraph (3) to the exclusion at issue in Mass. Bay referencing an additional statute was enough to reach a different holding. The court also reasoned that, to the extent a precedential North Carolina decision analyzing a similar exclusion as applied to the Driver’s Privacy Protection Act (Hartford Cas. Ins. Co. v. Greve, No. 3:17CV183-GCM, 2017 WL 5557669, at *4 (W.D.N.C. Nov. 17, 2017)) conflicts with Krishna, the court is bound to follow North Carolina law over Illinois law.