Opinion
ASE 2:22-CV-06024
10-02-2023
KAY MAGISTRATE JUDGE
MEMORANDUM RULING
JAMES D. CAIN, JR. UNITED STATES DISTRICT JUDGE
Before the Court is a Rule 12(b)(6) Motion to Dismiss (Doc. 32) filed by Defendant insurance carriers North American Capacity Insurance Company and Peleus Insurance Company (“Carriers”), wherein they seek dismissal of the claims asserted by Plaintiffs Benoit Ford, LLC and Benoit Nissan, LLC (“Benoit”) because Plaintiffs' Cyber Policy does not cover losses sustained from vehicle thefts. Benoit opposes the motion. Defendants have replied. While this motion was pending, Benoit filed a Motion for Leave to File First Amended and Supplemental Complaint,” which has now been granted. As such, the Court will address the instant Motion as it pertains to Benoit's First Amended and Supplemental Complaint (“First Amended Complaint”).
Doc. 42.
Doc. 55.
INTRODUCTION
In the First Amended Complaint, Benoit seeks coverage damages and attorney fees, statutory penalties, costs, and interest for losses associated with the theft of vehicles from Benoit under an insurance policy issued by the Defendant carriers (Lexington Insurance Company, North American Capacity Insurance Company, Peleus Insurance Company, and Allied World Specialty Insurance Company) for losses associated with the theft of vehicles from Benoit. Allied World Specialty Insurance Company was dismissed with prejudice pursuant to the Court's September 22, 2023 Judgment.
Benoit owns and operates two car dealerships in DeRidder, Louisiana. In 2020, Benoit developed a touchless purchasing procedure to adapt to the COVID-19 pandemic. Under that process, a prospective buyer could purchase a vehicle online by submitting a credit application to the respective lender. Once the applications were approved, the buyer and Benoit would complete the registration, title, and other paperwork electronically or by overnight mail. When these tasks were completed, the lender would tender the purchase price to Benoit, who would assign the credit agreement to the lender; the buyer would then unilaterally contract with a third-party to arrange transport from the respective dealerships to the buyer. Benoit alleges that this scheme, that misappropriated or stole the Vehicles, was part of an organized outfit.
Between August and October of 2021, Plaintiffs sold the following vehicles through the touchless delivery system:
a. 2021 Nissan Armada Utility 4D Platinum 5.6L V8 - (8/13/21)
VIN#: JN8AY2DAXM9374617
Purchaser: Christine M Babineau
7 Sequoia Drive
Lunenburg, MA 01482
b. 2018 Land Rover Range Rover Velar Dynamic SE - (9/8/21)
VIN: SALGS2RE1KA535427
Purchaser: Jason James Rippon
140 Peregrine Lane
Hummelstown, PA 17036
c. 2021 Nissan Armada Utility 4D Platinum 5.6L V8 - (9/20/21)
VIN#: JN8AY2DAXM9374777
Purchaser: Richard James Peterson
565 Worth Street
Corry, PA 16407
d. 2021 Ford F150 Crew Cab Raptor 4WD 3.5L V6 Turbo - (9/20/21)
VIN#: 1FTFW1RG5MFC19358
Purchaser: Richard Robert Rieman
2585 Echo Farms Drive
Port Orange, FL 32128
e. 2021 Ford F150 Crew Cab Lariat EcoBoost 4WD - (10/5/21)
VIN#: 1FTFW1E83MKE21699
Purchaser: Robert James Craiglow
8626 SE 137th Loop
Summerfield, FL 34491.
(Collectively, the “Vehicles”).
In due course the lenders discovered that the purchase was made through the buyer's use of either a fake or stolen identity, and no payments on the credit agreement were forthcoming from the “purchasers.” Based on the contractual relationship between Benoit and the various third-party lenders (i.e. - Ford Motor Credit, U.S. Bank N.A., Nissan Motor Acceptance Company, and PNC Bank), the lenders required Benoit to reimburse the purchase price for the Vehicles.
At all relevant times, Benoit alleges that they maintained a Cyber Policy that covers insurance claims for the stolen Vehicles. Benoit complains that Allied World denied coverage. As a result of the Carriers denial of coverage and refusal to pay, Benoit alleges that the Carriers breached the Cyber Policy and caused them damages.
RULE 12(b)(6) STANDARD
Rule 12(b)(6) allows for dismissal when a plaintiff “fail[s] to state a claim upon which relief can be granted.” When reviewing such a motion, the court should focus on the complaint and its attachments. Wilson v. Birnberg, 667 F.3d 591, 595 (5th Cir. 2012). The Court can also consider documents attached to a motion to dismiss that are “referred to in the plaintiff's complaint and are central to the plaintiff's claim” only if “the plaintiff[] d[oes] not object to . . . consideration of those documents.” Scanlan v. Texas A&M Univ., 343 F.3d 533, 536 (5th Cir. 2003). Courts “may also consider matters of which [it] may take judicial notice.” Hall v. Hodgkins, 305 Fed. App'x 224, 227 (5th Cir. 2008) (internal citation omitted) (quoting Lovelace v. Software Spectrum Inc., 78 F.3d 1015, 1017-18 (5th Cir.1996) (unpublished opinion)).
Such motions are reviewed with the court “accepting all well-pleaded facts as true and viewing those facts in the light most favorable to the plaintiff.” Bustos v. Martini Club, Inc., 599 F.3d 458, 461 (5th Cir. 2010). However, “the plaintiff must plead enough facts ‘to state a claim to relief that is plausible on its face.'” In re Katrina Canal Breaches Litig., 495 F.3d 191, 205 (5th Cir. 2007) (quoting Bell Atl. Corp. v. Twombly, 550 U.S. 544, 570 (2007)). Accordingly, the court's task is not to evaluate the plaintiff's likelihood of success but instead to determine whether the claim is both legally cognizable and plausible. Lone Star Fund V (U.S.), L.P. v. Barclays Bank PLC, 594 F.3d 383, 387 (5th Cir. 2010).
LAW AND ANALYSIS
The Carriers argue that the claims against them must be dismissed because there is no coverage under the Cyber Policy for losses suffered by Benoit resulting from the theft of the Vehicles. Benoit argues that the Cyber Policy covers losses resulting from the theft of the Vehicles.
As stated by the Louisiana Supreme Court, the essential purpose of insurance “is to afford the insured protection from damage,” and “[i]nsurance contracts therefore, should be interpreted to effect, not deny, coverage.” Peterson v. Schimek, 729 So.2d 1024, 1028 (La. 1999). “An insurance policy is a contract between the parties and should be construed by using the general rules of interpretation of contracts set forth in the Civil Code.” Louisiana Ins. Guar. Ass'n v. Interstate Fire & Cas. Co., 630 So.2d 759, 763 (La. 1994) (citing Smith v. Matthews, 611 So.2d 1377, 1379 (La. 1993)). “The parties' intent as reflected by the words in the policy determine the extent of coverage.” Louisiana Ins., 620 So.2d at 763 (citing Trinity Industries, Inc. v. Ins. Co. of North America, 916 F.2d 267, 269 (5th Cir. 1990)). Such intent should be determined in accordance with the general, ordinary, plain and popular meaning of the words used in the policy. Id. (citing La. C.C. art. 2047).
If after applying the general rules of construction any ambiguity remains, the ambiguous provision is to be construed against the drafter, or in the context of an insurance contract, in favor of the insured. Id. at 764. “This rule of strict construction requires that ambiguous policy provisions be construed against the insurer who issued the policy and in favor of coverage to the insured.” Id. (citing Smith, 611 So.2d at 1379); see also La. C.C. art. 2056 (providing for adverse construction against the author of the text and the party presenting a standard form contract).
“When determining whether or not a policy affords coverage for an incident, it is the burden of the insured to prove the incident falls within the policy's terms.” Doerr v. Mobil Oil Corp., 774 So.2d 119, 125, p. 5 (La. 2000), modified on other grounds, 782 So.2d 573 (La. 2001), (citations omitted). But “[t]he insurer has the burden to prove policy exclusions.” Mistich v. Weeks, 107 So.3d 1, 5, p. 5 (La. Ct. App. 3d Cir. 2012); see also United Specialty Ins. Co. v. Sandhill Prod. Inc., 2021 WL 1082224, at *5 (W.D. La. Mar. 17, 2021).
A. The Cyber Policy
The Cyber Policy states that it “is a contract of insurance between the named insured and us.” The only named insured is “Benoit Ford, LLC.” Section II of the Cyber Policy sets out the coverages for both third party and first party claims and provides:
Doc. 32-2, p. 11.
Id. at 5.
THIRD PARTY COVERAGES
A. NETWORK AND INFORMATION SECURITY LIABILITY
We will pay on your behalf claim expenses and damages that you become legally obligated to pay resulting from a claim against you for a security failure, data breach, or privacy liability.
B. REGULATORY DEFENSE AND PENALTIES
We will pay on your behalf claim expenses and regulatory penalties that you become legally obligated to pay resulting from a claim against you in the form of a regulatory proceeding.
C. MULTIMEDIA CONTENT LIABILITY
We will pay on your behalf claim expenses and damages that you become legally obligated to pay resulting from a claim against you for a multimedia wrongful act.
D. PCI FINES AND ASSESSMENTS
We will pay on your behalf PCI fines and assessments that you become legally obligated to pay resulting from a claim against you for a security failure or data breach compromising payment card data.
FIRST PARTY COVERAGES
E. BREACH RESPONSE
We will pay on your behalf breach response costs resulting from an actual or suspected security failure or data breach first discovered by you during the policy period.
F. CRISIS MANAGEMENT AND PUBLIC RELATIONS
We will pay on your behalf crisis management costs resulting from a public relations event first discovered by you during the policy period.
G. CYBER EXTORTION
We will pay on your behalf cyber extortion expenses resulting from cyber extortion first discovered by you during the policy period.
H. BUSINESS INTERRUPTION AND EXTRA EXPENSES
We will pay business interruption loss and extra expenses that you incur during the indemnity period directly resulting from the partial or complete interruption of computer systems for a period longer than the waiting period caused by a security failure or systems failure first discovered by you during the policy period.
The waiting period for any failure of computer systems caused by a denial of service attack and where you are utilizing a DDoS mitigation provider from our list of Panel Providers at the time of such denial of service attack, will be the period of time set forth in Item 5.H.ii. of the Declarations. The waiting period for all other causes of failure of computer systems or where the failure of computer systems is caused by a denial of service attack and you are not utilizing a DDoS mitigation provider from our list of Panel providers at the time of such denial of service attack, will be the period of time set forth in Item 5.H.i. of the Declarations.
I. DIGITAL ASSET RESTORATION
We will pay on your behalf restoration costs that you incur because of the alteration, destruction, damage, theft, loss, or inability to access digital assets directly resulting from a security failure first discovered by you during the policy period.
J. FUNDS TRANFER FRAUD
We will pay on your behalf direct funds transfer loss that you incur resulting from a funds transfer fraud first discovered by you during the policy period.
CR. COMPUTER REPLACEMENT
We will pay on your behalf computer replacement costs that you incur as a result of the loss of integrity in the firmware of any computer systems you own or lease due to a security failure first discovered by you during the policy period.
CR. CRIMINAL REWARD COVERAGE
We will indemnify the named insured, in our discretion, criminal reward costs. No Retention will apply to this insuring agreement.
IM. INVOICE MANIPULATION
We will pay you invoice manipulation loss that you incur directly resulting from any invoice manipulation first discovered by you during the policy period.
RHL. REPUTATIONAL HARM LOSS
We will pay reputational harm loss that you incur during the indemnity period solely and directly resulting from an adverse publication first published during the policy period specifically concerning a security failure, data breach, or cyber extortion first discovered by you and reported to us during the policy period.
The waiting period for any reputational harm loss will be the period of time set forth in Item 5. above.
SF. SERVICE FRAUD
We will reimburse you for direct financial loss that you incur as the result of you being charged for the fraudulent use of business services resulting from
a security failure, provided that such direct financial loss is first discovered by you and incurred by you during the policy period.
Doc. 32-2, pp. 11-13, 44, 46, 58, 61, 63, 65, 66.
B. Benoit's Complaint does not allege facts that trigger Third-Party Coverage under the Cyber Policy.
The Carriers argue that Benoit does not allege that a claim exists against the insured, Benoit Ford, LLC, therefore, no coverage is available under the “Third Party Coverage” portion of the Cyber Policy. Benoit counters arguing that they have stated a plausible claim for third-party liability coverage because they received the purchase price for the Vehicles from the respective lenders and were later required to pay that amount back to the lenders, which results in a “pre-suit demand for money.”
Doc. 47, p. 6.
The First Amended Complaint states: “Plaintiffs submitted an insurance claim(s) for the stolen Vehicles pursuant to the Cyber Policy.” The First Amended Complaint states that the “Theft” occurred through the following process: “the prospective buyer purchases the vehicle online with a credit application submitted to the respective lender. Once the credit and vehicle applications are approved, the registration, title, and other miscellaneous paperwork is completed and signed electronically or overnighted between the buyer and the Dealerships.” Then, “[t]he various lenders would then issue payment to Plaintiffs and the fraudulent purchasers would take possession of the Vehicles through the agent arranged by the purchaser for transport.” And once “[t]he respective lenders later determined that the Vehicles were stolen and that no payments would be made on the financing agreements. Accordingly, the lenders required Plaintiffs to reimburse the purchase price for the Vehicles based on the contractual relationship between those parties.”
Doc. 56, p. 5, ¶22.
Id. at 3, ¶7.
Id. at ¶9.
Id. at ¶10.
The First Amended Complaint alleges that Benoit was contractually obligated to remit the purchase price after the lender discovered that the buyers would not be paying per the financing agreements. For third-party coverage to apply under the Cyber Policy, it unambiguously states: “We will pay on your behalf claim expenses and damages that you become legally obligated to pay resulting from a claim against you ....” The Cyber Policy further explains that “[t]he insurance provided under this Policy for claims made against you is on a claims made and reported basis, and applies to claims only if they are first made against you during the policy period ....” Considering the First Amended Complaint and the Cyber Policy, Benoit has failed to state a valid third-party claim; they plead no facts that can be construed as indicating there is a claim against it causing it to be legally obligated to pay.
Doc. 32-2, p. 12, ¶¶A-D.
Id. at 11.
C. Benoit's Complaint does not allege facts that trigger First-Party Coverage under the Cyber Policy.
The Carriers argue that the Complaint fails to allege facts that trigger the Cyber Policy's “First Party Coverage” for a Vehicle Theft under Section II's Breach Response, Business Interruption, Cyber Extortion, Digital Asset Restoration, Service Fraud, Computer Replacement, Invoice Manipulation, Reputational Harm Loss, Criminal Reward Costs, and Crisis Management and Public Relations Coverages. Benoit does not dispute that the Cyber Policy does not provide coverage for Vehicle Theft under the foregoing coverage provisions to Section II. Thus, the Court finds that he First Amended Complaint fails to plead claims that are within Section II's provisions for Breach Response, Business Interruption, Cyber Extortion, Digital Asset Restoration, Service Fraud, Computer Replacement, Invoice Manipulation, Reputational Harm Loss, Criminal Reward Costs, and
Crisis Management and Public Relations Coverages.
Benoit, however, does argue that the Funds Transfer Fraud provision supports coverage for the Vehicle Thefts. The Funds Transfer Fraud provision states: “We will pay on your behalf direct funds transfer loss that you incur resulting from a funds transfer fraud first discovered by you during the policy period.” The Cyber Policy further deconstructs this provision in Section IX with definitions for “Funds transfer fraud” and “Funds transfer loss.” There, the Cyber Policy provides:
Id. at 13.
Funds transfer fraud means a fraudulent instruction transmitted by electronic means, including through social engineering, to you or your financial institution directing you, or the financial institution, to debit an account of the named insured or subsidiary and to transfer, pay, or deliver money or securities from such account, which instruction purports to have been transmitted by an insured and impersonates you or your vendors, business partners, or clients, but was transmitted by someone other than you, and without your knowledge or consent. The financial institution does not include any such entity, institution, or organization that is an insured.
Funds transfer loss means:
1. loss of money or securities directly resulting from funds transfer fraud; and
2. reasonable and necessary costs, fees, and expenses to respond to funds transfer fraud.
Funds transfer loss does not mean and will not include the loss of personal money or securities of your employees.
Id. at 29.
The Carriers argue that the Vehicle Thefts fall under neither the definition of “Funds transfer fraud” nor “Funds transfer loss.” First, they argue that the Complaint alleges the loss suffered by Benoit was neither money nor securities; it was the theft of physical property. Second, they contend that the Complaint fails to plead a fraudulent instruction was submitted to Benoit Ford or its financial institution directing it to debit its own account. To the contrary, Benoit maintains that their loss can be characterized as a “Funds transfer loss” because it was the repayment of the purchase price to the lenders, which was a loss of money to Benoit. Additionally, Benoit argues that the open-ended terms “social engineering” and “your financial institution” require interpretation in their favor and thus support coverage.
With regard to “Funds transfer fraud,” the Court finds the following language in the definition of same incompatible with the facts plead in Benoit's First Amended Complaint: “a fraudulent instruction transmitted by electronic means, including through social engineering, to you or your financial institution directing you, or the financial institution, to debit an account of the named insured.” Benoit has no facts that even intimate it was directed to debit an account of Benoit Ford, LLC. Consequently, because there are no facts that allege a “Funds transfer fraud,” the Court need not consider “Funds transfer loss” as the former is necessary for the latter.
CONCLUSION
For the reasons explained herein, the Rule 12(b)(6) Motion to Dismiss (Doc. 32) filed by Defendant insurance carriers North American Capacity Insurance Company and Peleus Insurance Company will be granted and all claims against those two Defendants will be dismissed with prejudice.
THUS DONE AND SIGNED