The long-running federal court litigation between Washington company Coinstar/Redbox and its insurer, AIG, took a turn last week, with good news and bad for the policyholder.  The backstory: Redbox has been sued in several different jurisdictions for collecting information about its customers that it was not permitted to collect; the allegations are, generally, that Redbox used the information for its own marketing purposes or sold it to others.  AIG agreed to defend Redbox under a reservation of rights in all of the actions, but brought this action seeking to be excused from further defending.  Redbox counterclaimed, alleging that AIG had taken too long to reimburse it for defense costs and was trying to impose unreasonable caps on the attorney rates it would pay.  (A few weeks ago we reported on a discovery ruling, allowing discovery of what rates AIG pays defense counsel in other cases, and in coverage cases).

Several months ago the court granted AIG summary judgment on defense of one of those lawsuits; last week, the trial court granted AIG summary judgment on whether AIG had to defend the two other pending lawsuits.  That’s the bad news, but somewhat unsurprising given the court’s prior ruling and the breadth of the statutory-violation exclusion at issue.  That said, there is some puzzling language in the order about how AIG didn’t benefit from delaying payment of defense fees – a strange statement in light of the publicity recently about insurance companies profiting from “the spread.”

The good news concerns the rate dispute.  AIG had contended that its insurance policies, which contain standard duty/right to defend language, gave it the absolute right to control the defense and, along with that, set whatever rates it chose.  The problem for AIG is that it had allowed its insured to choose defense counsel, and had not attempted to control the choice of defense counsel.  So the court held that AIG had effectively given up the right to control the defense.  Moreover, the court observed that the insurance contract said nothing about controlling the rates, or what rates it would pay.  The court held, however, that AIG only had to pay “reasonable” rates, and that there was a question of fact about whether the rates that Coinstar had paid its lawyers was reasonable.  So that dispute will remain for trial.  It would not be surprising for this case to settle before that happens, however, as AIG may seek to avoid having any of the information about what it pays defense counsel in other cases from becoming public.

(The exclusion that operated here is typical of the broader trend toward excluding privacy-related risks, including data breach and other “cyber” risks – and is one of the reasons that many companies are looking to add specialized “cyber insurance” to their risk-management programs.  More to come on that point in this blog.)