What happens when an auto insurer sends a policy termination notice to the named insured, but the named insured does not own the vehicle insured under the policy?
In Ontario (Minister of Finance) v. Traders General Insurance Co. (c.o.b. Aviva Traders) an individual was seriously injured as a passenger in a Hyundai motor vehicle owed by Peter Leonard. Peter Leonard’s spouse, Anne Leonard, had a policy with Traders that was terminated for non-payment of premiums prior to the accident. The Hyundai had been added to the policy a couple of years prior to the accident.
To cancel Anne Leonard’s policy, Traders had sent a termination notice by registered mail. It did not send a termination notice to Peter Leonard, and appeared to have no knowledge at the time of cancellation that he owned the Hyundai insured under the policy.
The injured party made a claim to the Fund for accident benefits and the Fund subsequently commenced a priority dispute with Traders, arguing – for a number of reasons – that the policy had been improperly cancelled and remained in force at the time of the accident.
The Superior Court sided with the Fund and held that Traders did not terminate the policy properly because it had failed to send the owner of the vehicle (Peter) a termination notice. The court stressed that owners must be properly identified at policy inception and thereafter, strict compliance with the statutory cancellation requirements is necessary, and insurers must notify named insureds of attempts to cancel a policy. The court held that under statutory condition 11, Traders could not validly cancel the policy unless it gave Peter Leonard fifteen days’ notice of the cancellation. Thus, the policy was not cancelled properly and the court ordered Traders to pay the Fund the amount of its accident benefits settlement with the injured person.
The Court of Appeal agreed with the Superior Court and dismissed the appeal. Among other things, the Court of Appeal held that Traders failed to comply with Statutory Condition 11 (1), which requires the notice to be given to “the insured”. In this case, Peter was an “insured” because he was the owner of the vehicle:
The policy that the appellant purported to terminate is an owner’s policy, which is defined in s. 1 of the Insurance Act as:
A motor vehicle liability policy insuring a person in respect of the ownership, use or occupation of an automobile owned by that person and within the description or definition thereof in the policy. [Emphasis added.]
It was never an issue in this case that before the purported termination, the policy was valid insurance that insured Peter Leonard as the owner of the insured vehicle.
Therefore, because the policy at issue was valid, and because it was an owner’s policy, the “insured” under that policy was Peter Leonard, the owner of the vehicles insured by the policy.
To summarize, the only issue was whether the notice of termination had the effect of terminating that policy. The notice was only sent to Anne Leonard, who was not the insured for the 1991 Hyundai vehicle because she did not own it. Because the notice of termination was not sent to the insured, as required by statutory condition 11(1), it was not effective to terminate the policy, and the trial judge made no error in so holding.
Traders should raise alarms for insurers who might not have done their due diligence when writing owners policies for people who might not have owned the vehicle being insured. This casereinforces the principle that auto insurers are held to extremely strict compliance standards when it comes to terminating an auto policy. The courts will not endorse a purported policy termination if the insurer failed to dot its I’s and cross it’s T’s.
Readers might recall the troubling decision in Echelon General Insurance Company v. Her Majesty the Queen, wherein the Superior Court held that an improperly terminated policy remains in full force and effect (in perpetuity) until the policy is terminated properly. Of course insurers rarely, if ever, revisit policies that have they have purported to terminate until a loss occurs, meaning that these improperly terminated policies can expose insurers to paying claims on policies that have not been generating any premiums for possibly many years.
To every insurer who writes auto policies, I ask: Do you know who owns the vehicles insured under your policies?
It takes little effort to identify the international behemoth that was recently scrutinized for disclosing its users’ personal data (*cough* Facebook *cough*). As of today, many business, big and small, have the potential to be vilified and fined for the same type of inadvertent disclosures. The key distinction between Facebook and other companies are their resources to deal with the fall out such a disclosure.
What does it do?
The GDPR was developed in 2016 and intended to take effect this year. The Regulation aims to protect people’s information when it is shared with businesses. It also allows people to permit or deny the distribution of personal data with third parties. The Regulation places certain disclosure requirements on entities to inform their users of a potential breach.
Although this is a European regulation, it affects businesses that operate out of a European signatory state marketing to a foreign country (i.e. Canada), or a foreign business marketing to and operating within a European signatory state. In essence, any company that seeks to advertise to an international population, which by using the Internet most companies do, they must comply with the requirements set out in the GDPR.
Failure to comply
The failure to comply with the GDPR can lead to severe consequences. One of them is a fine of up to €20 million. The GDPR also allows signatory states to implement their own regulations to ensure compliance. Another significant repercussion is the potential of lawsuits stemming from a data breach. The GDPR establishes a standard of care that business must meet. Failure to satisfy this standard, will expose business to not only fines but financially devastating legal actions.
The “big” insurance companies like Chubb, Lloyds, and Northbridge are beginning to offer comprehensive cyber insurance policies to businesses. Other new companies such as Boxx Insurance have started to exclusively offer cyber insurance policies to small and medium sized businesses.
Cyber insurance policies are designed to protect businesses when a data breach occurs, and may include coverage for fines, legal services, and PR services.
Insurance adjusters’ will soon be confronted with a significant number of claims originating from cyber policies. Adjusters must be ready to not only ensure that their clients are protected but that the insurer is not being defrauded.
Adjusters will have to undergo technical training to verify that their clients are compliant with not only the GDPR but also with the requirements of their insurance policy. It will also be imperative that adjusters identify technical “red flags” that may signal a fraudulent claim.
Striking this balance will be difficult but necessary.
Companies like Facebook can rebound from a data breach given their vast pool of resources, however, small business can go bankrupt from a single cyber-attack. As a result of this dichotomy, cyber insurance policies will continue to develop and may soon be as common as an auto insurance policy. Insurance companies and their adjusters must be prepared to understand and “speak the language” of their consumers to meet their needs and expectations.
Stas practices in insurance-related litigation. He has a broad range of experience including tort claims, accident benefits, subrogation, priority and loss transfer disputes, WSIB matters, and fraudulent claims. Read more...