Cumis Ins. Society, Inc. v. Merrick Bank Corp.

680 F. Supp. 2d 1077, 2010 U.S. Dist. LEXIS 5453, 2010 WL 148207

• Court: District Court, D. Arizona
• Decided: January 11, 2010
• Docket: 4:06-cv-00515
• Status: Published

Opinion

ORDER

CINDY K. JORGENSON, District Judge.

Pending before the Court is Defendant Merrick Bank Corp.’s Motion for Partial Summary Judgment [Doc. # 137]. A response and a reply have been filed. The parties presented oral argument to the Court on November 2, 2009.

I. Factual and Procedural Background 1 The Second Amended Complaint (“SAC”), Doc. # 73, alleges that Cumis Insurance Society, Inc. (“Cumis”) is an insurer that provides coverage to credit unions. This dispute involves a data secu rity breach involving, among others, Merrick Bank Corporation (“Merrick”), Merrick’s agent CardSystems Solutions, Inc. (“CardSystems” or “CSSI”), Sawis, Inc., and Sawis Communications Corporation (Sawis Defendants will be collectively referred to as “Sawis”).

Merrick acted as an issuing bank, an acquiring bank, and a sponsoring bank in the Visa system. As an issuing bank, Merrick issued Visa credit and debit cards to customers. As an acquiring bank, Merrick contracted with merchants to make payments to merchants as part of the credit card transaction process. The hundreds of thousands of merchants that want to be able to accept Visa and/or MasterCard cards customarily do so through independent sales organizations (“ISOs”), which aggregate many merchants and which contract with acquirers such as Merrick and processors such as CardSystems. As a sponsoring bank, Merrick acted as a sponsor for third — party transaction processors such as CardSystems-which are not members of the Visa/MasterCard card associations (“Associations”) and need to be sponsored in order to have access to the Visa/MasterCard systems. Absent such sponsorship by an Association member, a processor cannot function as a processor, or in any other capacity, with respect to Association card transactions.

As a sponsoring bank, Merrick has stated that:

All aspects of the Visa and MasterCard card transaction processes are conducted according to rules and regulations imposed by the Associations. By contractual agreements, both Merrick and CSSI are subject to these rules.

Under each Association’s broad rules on indemnification, a member bank that sponsors a processor such as CSSI is responsible for the processor’s proper performance under the Association rules and undertakes full financial responsibility, irrespective of fault, for all losses or costs incurred by the Association or its members that are attributable to acts or omissions of the sponsored processor. The Association rules also provide for the imposition of penalties or fines on a member for violations of the Association rules by a sponsored third-party processor — whose acts and/or omissions are imputed to the sponsoring member. In addition, in the Visa system, to designate a processor such as CSSI as a sponsored entity, a member must file a signed registration document in which the member explicitly indemnifies Visa for all losses resulting by the sponsored entity’s acts or omissions.

PSOF, ¶ 5.

On or about August 2005, Visa announced that an Optional Alternative Compliance Process (“OACP”) to resolve claims by issuing banks for reimbursement of their counterfeit fraud losses resulting from the CardSystems security breach was available. Merrick asserts that participation in the Visa OACP was limited to account numbers identified in the specified Visa Compromised Account Management System (“CAMS”) alerts. 2 Merrick also asserts that smaller credit unions were not given the opportunity to participate in the OACP, except through a BIN sponsor. 3 Instead of issuing banks processing their claims through the standard compliance process, the issuing banks could select the alternative process in which reimbursement to issuing banks would be for a claim amount calculated by Visa. In calculating each issuing banks’ claim amount in the OACP, Visa only considered counterfeit fraud losses reported by issuing banks through August 31, 2005. In the OACP, Visa notified the issuing banks of the amount they were entitled to recover through the OACP — there were no negotiations between Visa and the issuing banks concerning that amount. Additionally, there were no negotiations between Visa and the issuing banks concerning the terms of the Issuer Certification and Release of Liability (“Issuer Certification”) an issuing bank was required to execute before receiving payment for its losses. Merrick asserts that the Issuer Certification includes the following:

By signing this form and receiving payment from the Acquirer in the amount determined by Visa to be compensable under this claim as specified on the Issuer Claim Statement, our center hereby releases Visa and the Acquirers who appoint CardSystems Solutions Incorporate as their processors from all magnetic-stripe counterfeit claims, losses, damages and liabilities attributable to this data compromise event.

DSOF, Ex. D. 4 Without waiving its objections to this assertion, Cumis asserts that the Issuer Certification also includes the following:

Our Center certifies that no chargeback rights exist or have been successfully exercised on any of the disputed transactions for which we are seeking reimbursement through this claim.

Our Center certifies that we have not sought and will not seek compensation for any transactions included in this claim through compliance rights in respect of this or any other magnetic stripe data compromise incident.

Id.

The claim amount Visa determined each issuing bank was entitled to receive in the OACP was based upon a calculation created by Visa. This claim amount was always less than the amount of the issuing bank’s actual counterfeit losses reported before the August 31, 2005 deadline. If an issuing bank agreed to accept the claim amount calculated by Visa and could support their claims, the issuing banks were required to execute an Issuer Certification. Merrick asserts that the recovery received by issuers participating in the Visa OACP was funded by acquiring banks that sponsored CardSystems; as the majority of the transactions processed by CardSystems were for Merrick, Merrick’s pro rata allocation of liability was 70.0706%. 5 Merrick also asserts that, with respect to the claims currently asserted by Cumis on behalf of its insureds for Visa related damages, at a minimum, 92 of these credit unions participated in the Visa OACP, and the claims asserted on their behalf by Cumis against Merrick, based on currently available information, totals approximately $3,229,852.12. 6

Shaughnessy states, inter alia, in his declaration:

... In the Issuer Certification, Visa only intended to prohibit issuing banks from attempting to recover counterfeit losses reported after August 31, 2005 deadline vis-á-vis other remedies within the Visa system (such as chargeback rights and/or appeal rights). Visa did not intend nor did it have any authority to prohibit issuing banks from pursuing recovery of their losses outside the Visa system in court against Merrick and/or CardSystems.

11. It is my understanding that in the OACP, Visa and the issuing banks did not release CardSystems from any liability within the Visa system.

12. In addition, the OACP was not intended to compensate issuing banks for all losses they might suffer as a result of the Security breach. Due to the nature of then emerging fraud patterns, some issuers might not become aware that a counterfeit loss was directly related to an account compromise until after the OACP deadline had passed.

13. Finally, it is my understanding that the amounts and calculations used in the OACP determination to assess payments to issuing banks and acquiring banks that elected to use this expedited VISA claim resolution were not intended to, and did not reflect a determination as to the true and complete amount of any Issuer’s actual counterfeit losses, or any acquirer’s actual total liability.

Shaughnessey Declaration, ¶¶ 10-13.

On August 24, 2009, Merrick filed a Motion for Partial Summary Judgment. A response and reply have been filed. Evidentiary objections have also been submitted.

On September 23, 2009, Cumis filed a declaration of Valerie D. Rojas (“Rojas”) in Support of Cumis’s Opposition to Merrick’s Motion for Summary Adjudication and Request for a Continuance Pursuant to F.R.C.P. 56(f). See Doc. #144. No response has been filed. During argument, Cumis indicated that it was no longer seeking such a continuance.

II. Request for Continuance

Cumis having indicated that a continuance is no longer being requested, the Court will not continue this matter pursuant to Fed.R.Civ.P. 56(f).

III. Summary Judgment Legal Standard

Summary judgment may be granted if the movant shows “there is no genuine issue as to any material fact and that the moving party is entitled to judgment as a matter of law.” Rule 56(c), Federal Rules of Civil Procedure. The moving party has the initial responsibility of informing the court of the basis for its motion, and identifying those portions of “the pleadings, depositions, answers to interrogatories, and admissions on file, together with the affidavits, if any,” which it believes demonstrate the absence of a genuine issue of material fact. Celotex Corp. v. Catrett, 477 U.S. 317, 323, 106 S.Ct. 2548, 91 L.Ed.2d 265 (1986).

Once the moving party has met the initial burden, the opposing party must “go beyond the pleadings” and “set forth specific facts showing that there is a genuine [material] issue for trial.” Id., 477 U.S. at 248, 106 S.Ct. at 2510, internal quotes omitted. The nonmoving party must demonstrate a dispute “over facts that might affect the outcome of the suit under the governing law” to preclude entry of summary judgment. Anderson v. Liberty Lobby Inc., 477 U.S. 242, 248, 106 S.Ct. 2505, 2510, 91 L.Ed.2d 202 (1986). Further, the disputed facts must be material. Celotex Corp., 477 U.S. at 322-23, 106 S.Ct. 2548. In opposing summary judgment, a party is not entitled to rely on the allegations of his pleadings, Fed.R.Civ.P. 56(e), or upon eonclusory allegations in affidavits. CussonCobb v. O’Lessker, 953 F.2d 1079, 1081 (7th Cir.1992). Further, “a party cannot manufacture a genuine issue of material fact merely by making assertions in its legal memoranda.” S.A. Empresa De Viacao Aerea Rio Grandense (Varig Airlines) v. Walter Kidde & Co., 690 F.2d 1235, 1238 (9th Cir.1982).

The dispute over material facts must be genuine. Anderson, 477 U.S. at 248, 106 S.Ct. at 2510. A dispute about a material fact is genuine if “the evidence is such that a reasonable jury could return a verdict for the nonmoving party.” Id. A party opposing a properly supported summary judgment motion must set forth specific facts demonstrating a genuine issue for trial. Id. Mere allegation and speculation are not sufficient to create a factual dispute for purposes of summary judgment. Witherow v. Faff, 52 F.3d 264, 266 (9th Cir.1995) (per curiam). “If the evidence is merely colorable or is not significantly probative, summary judgment may be granted.” Anderson, 477 U.S. at 249-50, 106 S.Ct. at 2511. However, the evidence of the nonmoving party is to be believed and all justifiable inferences are to be drawn in his favor. Id. at 255, 106 S.Ct. at 2513-14. Further, in seeking to establish the existence of a factual dispute, the non-moving party need not establish a material issue of fact conclusively in his favor; it is sufficient that “the claimed factual dispute be shown to require a jury or judge to resolve the parties’ differing versions of the truth at trial.” T.W. Elec. Serv., 809 F.2d 626, 631 (9th Cir.1987).

IV. Consideration of Admissible Evidence

Additionally, the Court is only to consider admissible evidence. Moran v. Selig, 447 F.3d 748, 759-60 (9th Cir.2006) (pleading and opposition must be verified to constitute opposing affidavits); FDIC v. New Hampshire Ins. Co., 953 F.2d 478, 484 (9th Cir.1991) (declarations and other evidence that would not be admissible may be stricken). Moreover, “at the summary judgment stage, courts do not focus on the admissibility of the evidence’s form. [Courts] instead focus on the admissibility of its contents.” Marcean v. International Broth, of Elec. Workers, 618 F.Supp.2d 1127, 1141-42 (D.Ariz.2009).

A “genuine” issue of “material” fact cannot be created by a party simply making assertions in its legal memoranda. Varig Airlines, 690 F.2d at 1238. Declarations and other evidence that would not be admissible may be stricken. FDIC v. New Hampshire Ins. Co., 953 F.2d 478, 484 (9th Cir.1991). Indeed, a “conclusory, self-serving affidavit, lacking detailed facts and any supporting evidence, is insufficient to create a genuine issue of material fact.” Nilsson v. City of Mesa, 503 F.3d 947, 952 n. 2 (9th Cir.2007), citation omitted. Moreover, statements must allege personal knowledge. See Skillsky v. Lucky Stores, Inc., 893 F.2d 1088, 1091 (9th Cir.1990) (“Like affidavits, deposition testimony that is not based on personal knowledge and is hearsay is inadmissible and cannot raise a genuine issue of material fact sufficient to withstand summary judgment.”); see also Block v. Los Angeles, 253 F.3d 410, 419 n. 2 (9th Cir.2001); Radobenko v. Automated Equip. Corp., 520 F.2d 540, 544 (9th Cir. 1975), quoting Perma Research & Development Co. v. Singer Co., 410 F.2d 572, 578 (2nd Cir.1969) (“[i]f a party who has been examined at length on deposition could raise an issue of fact simply by sub mitting an affidavit contradicting his own prior testimony, this would greatly diminish the utility of summary judgment as a procedure for screening out sham issues of fact”). Additionally, the court is to review the record as a whole, but must disregard evidence favorable to the moving party that the jury is not required to believe and must give credence to the uncontradicted and unimpeached evidence of the moving party, at least “ ‘to the extent that that evidence comes from disinterested witnesses.’ ” Reeves v. Sanderson Plumbing, 530 U.S. 133, 150-51, 120 S.Ct. 2097, 2110, 147 L.Ed.2d 105 (2000), citation omitted.

A. Request for Judicial Notice

Cumis has requested that the Court take judicial notice of pleadings filed by Merrick in other judicial proceedings pursuant to Fed.R.Evid. 201. Merrick has not objected to this request. The Court will grant the request.

B. Cumis’s Objections [Doc.#s 152, 153, and 155]

Merrick asserts:

In response to the CardSystems Solutions Inc. (“CardSystems”) security breach (the “Security Breach”), in August 2005 Visa announced that an “Optional Alternative Compliance Process” (“OACP”) was available for the Card-Systems Security Breach.

DSOF ¶ 1. Cumis asserts that the evidence relied upon in support of this purported fact has not been authenticated (Fed. R.Evid. 901(a)) and contains hearsay (Fed. R.Evid. 802).

This statement is based on an August 2005 Visa Business Review Issue No. 050816 article. DSOF, Ex. A. Merrick asserts that the Declaration of David Watson (“Watson”), who at all relevant times was Merrick’s Chairman of the Board, provides the authentication for this statement. Watson reviewed, used, and/or relied on the document in Ex. A. Therefore, Merrick asserts that Watson is a competent witness with personal knowledge. See Orr v. Bank of America, NT & SA, 285 F.3d 764, 774 n. 8 (9th Cir.2002) (a document can be authenticated by one who wrote it, signed it, used it, or saw others do so).

Additionally, Merrick asserts that the document is being offered for the non-hearsay purpose of demonstrating the impact it had on the listener — Ex. A was a standard Visa publication directed towards issuing bank and it is being offered to show that an offer was made. See e.g., United States v. Payne, 944 F.2d 1458, 1472 (9th Cir.1991).

The content of the exhibit is admissible and the objection is overruled.

Under the Visa OACP, as an alternative to the “Standard Compliance Process,” issuers could accept a “one-time” reimbursement which represented a “percentage of total magneticstripe counterfeit fraud losses attributed to the CSSI account compromise event and reported to Visa,” and thereby “avoid the burden, expense and risk associated with technical requirements of the standard compliance process.”

DSOF ¶ 2. Cumis asserts that the evidence relied upon in support of this purported fact has not been authenticated (Fed. R.Evid. 901(a)) and contains hearsay (Fed. R.Evid. 802).

This statement is based on the Instructions for Visa USA OACP for CardSystems Solutions, Inc. Account Compromise Event. DSOF, Ex. B. Merrick asserts that the Declaration of Watson provides the authentication for this statement. Watson reviewed, used, and/or relied on the document in Ex. B. Therefore, Merrick asserts that Watson is a competent witness with personal knowledge. See Orr, 285 F.3d at 774 n. 8.

Additionally, Merrick asserts that the document is being offered for the non-hearsay purpose of demonstrating the impact it had on the listener — Ex. B was a standard Visa publication directed towards issuing banks and it is being offered to show that an offer was made with relevant instructions. See e.g., Payne, 944 F.2d at 1472.

The content of the exhibit is admissible and the objection is overruled.

Participation in the Visa OACP was limited to account numbers identified in the specified Visa Compromised Account Management System (CAMS) alerts.

DSOF ¶ 3. Cumis asserts that the evidence relied upon in support of this purported fact has not been authenticated (Fed. R.Evid. 901(a)) and contains hearsay (Fed. R.Evid. 802).

This statement is based on an August 2005 Visa Business Review Issue No. 050816 article. DSOF, Ex. A. Merrick asserts that the Declaration of Watson provides the authentication for this statement. Watson reviewed, used, and/or relied on the document in Ex. A. Therefore, Merrick asserts that Watson is a competent witness with personal knowledge. See Orr, 285 F.3d at 774 n. 8.

Additionally, Merrick asserts that the document is being offered for the non-hearsay purpose of demonstrating the impact it had on the listener — Ex. A was a standard Visa publication directed towards issuing banks and it is being offered to show that an offer was made with relevant instructions. See e.g., Payne, 944 F.2d at 1472.

The content of the exhibit is admissible and the objection is overruled.

To be eligible, issuers had to submit a simple claim statement based on any cardholder fraud on a cardholder account number identified in the applicable CAMS alerts.

DSOF ¶ 4. Cumis asserts that the evidence relied upon in support of this purported fact has not been authenticated (Fed. R.Evid. 901(a)) and contains hearsay (Fed. R.Evid. 802). 7

This statement is based on an August 2005 Visa Business Review Issue No. 050816 article. DSOF, Ex. A. Merrick asserts that the Declaration of Watson provides the authentication for this statement. Watson reviewed, used, and/or relied on the document in Ex. A. Therefore, Merrick asserts that Watson is a competent witness with personal knowledge. See Orr, 285 F.3d at 774 n. 8.

Additionally, Merrick asserts that the document is being offered for the non-hearsay purpose of demonstrating the impact it had on the listener — Ex. A was a standard Visa publication directed towards issuing banks and it is being offered to show that an offer was made with relevant instructions. See e.g., Payne, 944 F.2d at 1472.

The content of the exhibit is admissible and the objection is overruled.

The recovery received by issuers participating in the Visa OACP was funded by the acquiring banks that sponsored CardSystems.

DSOF ¶ 5. Cumis asserts that the evidence relied upon in support of this purported fact has not been authenticated (Fed. R.Evid. 901(a)) and contains hearsay (Fed. R.Evid. 802). 8

This statement is based on an October 17, 2005 letter from Visa to Watson. DSOF, Ex. C. Merrick asserts that the Declaration of Watson provides the authentication for this statement. Watson reviewed, used, and/or relied on the document in Ex. C. Therefore, Merrick asserts that Watson is a competent witness with personal knowledge. See Orr, 285 F.3d at 774 n. 8.

Additionally, Merrick asserts that the document is being offered for the non-hearsay purpose of demonstrating the impact it had on the listener' — Ex. C is a letter from Visa to Merrick and it is being offered to show the impact it had on Merrick’s decision to enter into the agreements with the issuing banks. See e.g., Payne, 944 F.2d at 1472.

The parties are entitled to argue reasonable inferences from the evidence. See Blankenship v. Hearst Corp., 519 F.2d 418, 427 (9th Cir.1975); United States v. Landrau-Lopez, 444 F.3d 19 (1st Cir.2006) The content of the exhibit is admissible and the objection is overruled.

As the majority of transactions processed by CardSystems were for Merrick, Merrick’s pro rata allocation of liability was 70.0706%.

DSOF ¶ 6. Cumis asserts that the evidence relied upon in support of this purported fact has not been authenticated (Fed. R.Evid. 901(a)) and contains hearsay (Fed. R.Evid. 802). 9

This statement is based on an October 17, 2005 letter from Visa to Watson. DSOF, Ex. C. Merrick asserts that the Declaration of Watson provides the authentication for this statement. Watson reviewed, used, and/or relied on the document in Ex. C. Therefore, Merrick asserts that Watson is a competent witness with personal knowledge. See Orr, 285 F.3d at 774 n. 8.

Additionally, Merrick asserts that the document is being offered for the non-hearsay purpose of demonstrating the impact it had on the listener' — Ex. C is a letter from Visa to Merrick and it is being offered to show the impact it had on Merrick’s decision to enter into the agreements with the issuing banks. See e.g., Payne, 944 F.2d at 1472.

The parties are entitled to argue reasonable inferences from the evidence. See Blankenship, 519 F.2d at 427. The content of the exhibit is admissible and the objection is overruled.

In exchange for the recovery issuing banks received through the VISA OACP, each participating issuing bank was required to execute an “Issuer Certification and Release of Liability Statement,” which included an express release of CardSystems’ acquiring banks by participating issuers. The release states:

By signing this form and receiving payment from the Acquirer in the amount determined by Visa to be compensable under this claim as specified on the Issuer Claim Statement, our center hereby releases Visa and the Acquirers who appointed Card-Systems Solutions Incorporate as their processors from all magnetic-stripe counterfeit claims, losses, damages and liabilities attributable to this data compromise event. [Footnote omitted.]

DSOF ¶ 7. Cumis asserts that the evidence relied upon in support of this purported fact has not been authenticated (Fed. R.Evid. 901(a)) and contains hearsay (Fed. R.Evid. 802). 10

This statement is based on an October 17, 2005 letter from Visa to Watson and the Issuer Certifications. DSOF, Ex. D. Merrick asserts that the Declaration of Watson provides the authentication for this statement. Watson reviewed, used, and/or relied on the document in Ex. D. Therefore, Merrick asserts that Watson is a competent witness with personal knowledge. See Orr, 285 F.3d at 774 n. 8.

Additionally, Merrick asserts that Exhibit D, the Issuer Certifications, are the operational contractual documents and, therefore, the hearsay rule is not implicated. See e.g., Stuart v. UNUM Life Ins. Co. of America, 217 F.3d 1145, 1154 (9th Cir.2000) (the insurance policy was “excluded from the definition of hearsay and [was] admissible evidence because it [was] a legally operative document that define[d] the rights and liabilities of the parties” in the ease).

The content of the exhibit is admissible and the objection is overruled.

With respect to the claims currently asserted by Cumis on behalf of its insureds for Visa related damages, at a minimum, 92 of these credit unions participated in the Visa OACP, and the claims asserted on their behalf by Cumis against Merrick, based on currently available information, totals approximately $3,229,852.12. See Ex. D; Declaration of James Regan, dated August 24, 2009.

DSOF ¶ 8. 11 Cumis asserts that the evidence relied upon in support of this purported fact has not been authenticated (Fed.R.Evid. 901(a)) and contains hearsay (Fed.R.Evid. 802). 12

Cumis more specifically argues the inadmissibility of this evidence. Cumis points out that Fed.R.Civ.P. 56(e) requires that affidavits submitted in support of a summary judgment motion: (1) be made on the personal knowledge of an affiant who is competent to testify to the matters stated therein, (2) must state facts that would be admissible in evidence, and (3) if the affidavit refers to any document or item, a sworn or certified copy of that document or item must be attached to the affidavit. Cumis asserts that Merrick filed the Re gan Declaration to attest to Merrick’s purported analysis of Cumis’s damages. Cumis asserts the evidence should not be considered.

Cumis asserts that it is unclear what Regan based his analysis on because Regan failed to attach and properly authenticate the spreadsheets he relied upon and referred to in his declaration. Additionally, Regan failed to properly authenticate the spreadsheet attached to the declaration. Cumis also asserts that any spreadsheets created by Cumis which Regan based his declaration upon are hearsay evidence. Lastly, Regan does not base his testimony on personal knowledge. Fed.R.Civ.P. 56(e)(1)-(3).

Merrick has not responded to this objection. The spreadsheet attached as Ex. 1 to Regan’s declaration is a compilation of data by Cumis from other evidence. Regan has not provided the supporting documentation. The Court finds the statements are eonelusory or Regan has failed to show that he is competent to testify regarding the information. The Court finds it is not appropriate to consider this information in determining whether there is a genuine issue of material fact in dispute.

Smaller credit unions, however, were not given the opportunity to participate directly in the Visa OACP. Only credit unions with their own “BIN” directly received an offer to participate in the Visa OACP; credit unions that only have the use of a sponsored BIN, which is the case for the majority of smaller banks and credit unions, may have participated in the VISA OACP through its “BIN sponsor.”

DSOF ¶ 9. Cumis asserts that the evidence relied upon in support of this purported fact has not been authenticated (Fed. R.Evid. 901(a)) and contains hearsay (Fed. R.Evid. 802). 13

This statement is based on a letter sent to Cumis’s counsel by Visa’s counsel. DSOF, Ex. E. Merrick asserts that Cumis does not dispute that it received the document and that Cumis has seen the document. Merrick asserts, therefore, there is no basis to object to its authenticity.

Additionally, Merrick asserts that Exhibit E contains statements that have a circumstantial guarantee of trustworthiness, the statements are offered as evidence of a material fact, the statements are more probative on the issue than any other evidence which could be reasonably procured, and the admission will best serve justice. Merrick asserts, therefore, that the statements are admissible. Fed. R.Evid. 807.

The Court agrees with Merrick that the exhibit is admissible under Fed.R.Evid. 807 and the objection, therefore, is overruled.

Merrick has specifically requested through interrogatories served on Cumis information sufficient to identify each insured that “either recovered, or attempted to recover” any of its losses through the Visa OACP. Cumis’s response was that it would “produce for copying the Visa’s [sic] Alternative Compliance forms [sic] upon Visa’s production of same, Cumis’s claim files and spreadsheet of insured credit unions that suffered fraud losses as a result of the CardSystems security breach.” Ex. F (Cumis Responses to Merrick’s First Set of Interrogatories, pp. 4-5 (Interrogatory No. 3 and Response)).

DSOF ¶ 10. Cumis objects to this statement as the evidence relied upon in support of this purported fact contains hearsay (Fed.R.Evid. 802) and the releases referred to by Cumis and relied upon by Merrick in this motion have not been authenticated (Fed.R.Evid. 901(a)). 14

Although Merrick has not responded to this objection, the Court finds consideration of Cumis’ Responses to Merrick’s First Set of Interrogatories to be appropriate. The objection is overruled.

The information Cumis identified as sufficient to respond to Merrick’s Interrogatory No. 3 does not identify insureds that participated in the OACP through a BIN sponsor, and indeed Cumis’s 30(b)(6) witness has confirmed that it did not have “complete information” concerning its credit unions participation in the Visa OACP. Ex. G (30(b)(6) Deposition of Cumis Insurance Society, Inc. by Christa Loger, June 30, 2009, at 82:16-21).

DSOF ¶ 11. Cumis objects to this statement as the evidence relied upon in support of this purported fact contains hearsay (Fed.R.Evid. 802) and the releases referred to by Cumis and relied upon by Merrick in this motion have not been authenticated (Fed.R.Evid. 901(a)). 15

Although Merrick has not responded to this objection, the Court finds it is appropriate to consider the deposition testimony. Further, the Court also considers that Merrick is permitted to argue reasonable inferences from the evidence. The objection is overruled.

C. Merrick’s Objection to Shaughnessy’s Declaration [Doc. # 167]

Merrick asserts that the Declaration of Shaughnessy should be not be considered because Shaughnessy has not established that he is competent to testify as to the matters referred to in his affidavit. Merrick points out that the rule provides that a supporting or opposing affidavit must set out facts that “show that the affiant is competent to testify on the matters stated.” Fed.R.Civ.P. 56(e)(1).

Although Shaughnessy states that, while employed by Visa, he was responsible for “overseeing the investigation of security breaches” and to “manage and minimize fraud losses[,].” Merrick asserts that Shaughnessy has not set out any facts “suggesting that he participated in the drafting of the Release, that he negotiated with any Issuer or Acquirer regarding the scope of the release, that his responsibilities included any activity involving the “three distinct roles” he assigns to Merrick, that any Visa regulation or contract refers to those “three distinct roles,” or that anyone else at Visa or Merrick or any Issuer ever believed Merrick to have “three distinct roles” in the Visa association.” Merrick’s Evid. Obj., p. 9. Merrick asserts that, when the representative of a bank that was both an “Issuer and Acquirer” wrote to Shaughnessy in October 2005, immediately prior to Shaughnessy’s depar ture from Visa, saying she was “interested in understanding the implications of signing the Optional Alternative Compliance Claim Statement as it relates to any future breach that may be discovered,” Shaughnessy referred the inquiry about the scope of the Release to one of his colleagues with the explanation “I’m not exactly sure what it means.... ” See Regan Reply Declaration, Ex. A. Merrick asserts that there is no reason for this Court to conclude that Shaughnessy is any better able to testify about the scope of the Release now than he was four years ago.

Cumis objects to Regan’s declaration because it lacks foundation and is not based on personal experience. Cumis points out that there were a number of inquiries that Shaughnessy could have been referring to and Regan can provide no information as to which inquiry Shaughnessy was referring to someone else.

The items quoted above from Shaughnessy’s declaration (¶¶ 10-13), with the exception of the statement that, “[d]ue to the nature of then emerging fraud patterns, some issuers might not become aware that a counterfeit loss was directly related to an account compromise until after the OACP deadline had passed!,]” see infra at p. 1082, are either conclusory or Shaughnessy has failed to show that he is competent to testify regarding the information. The Court finds it is not appropriate to consider this information in determining whether there is a genuine issue of material fact in dispute.

D. Cumis’ Objections to Merrick’s New Evidence filed with Reply [Doc. #174]

Merrick has submitted the declax-ation of Dave A. Van Horn [Doc. # 165]. The Van Horn declaration refers to a VISA-prepared spreadsheet. Van Horn asserts that spreadsheet identifies the amounts received as payment for participating in the OACP.

Cumis asserts that the Van Horn Declaration should not be considered because it lacks foundation and is not based upon personal knowledge. Cumis assex-ts that, in his deposition, Van Horn testified that he did not prepare the spreadsheet, but that he had beliefs and assumptions regarding the spreadsheet. Moreover, Van Hoxm testified some claims in the OACP were rejected for various reasons and he did not know if those claims were corrected and/or resubmitted.

Merrick has not responded to Cumis’ objections. The Court notes that Van Horn’s declaration did not state that he had prepared the spreadsheet. However, the deposition testimony indicates that the claims rejected were clearly identified as such in the spreadsheet. Nonetheless, the spreadsheet attached to Van Horn’s declaration does not clearly designate which claims were rejected. In light of Van Horn’s deposition testimony, the Court cannot find that Van Horn’s declaration is made on personal knowledge of an affiant who is competent to testify to the matters stated therein. This objection is sustained.

Merrick has submitted a second declaration of Watson [Doc. # 166]. Cumis asserts that Watson’s statements lack foundation and that Watson has no personal knowledge concerning who signed each of the Issuer Certifications, whether the signatory was authorized to sign on behalf of the credit union, whether the credit union ultimately received payment after signing the Issuer Certification, or whether the credit union’s claim was later rejected.

Mex’rick has not responded to this objection. However, Watson’s declaration asserts that he reviewed, used, and relied on the Issuer Certification in his position. While Watson does not purport to provide the detail argued by Cumis, to the extent Watson used and relied on the Issuer Certifications in his positions, Watson has personal knowledge of and is competent to testify regarding the Issuer Certifications.

Merrick submitted an additional declaration of Regan. [Doc. # 168]. The Court has addressed Cumis’s objection to this declaration in the discussion regarding Shaughnessy’s declaration.

V. Contract Principles as They Apply to a Release

Merrick assert that where a release is unambiguous and there is no allegation that it was entered into by mistake or procured by fraud or other improper means, the release is to be interpreted like any other contract and the release is enforceable based on its plain language, without reference to extrinsic evidence. Parrish v. United Bank of Arizona, 164 Ariz. 18, 20, 790 P.2d 304, 306 (App.1990) (rules of interpretation that apply to contracts generally apply also to writings that purport to be releases and where there is no evidence of mutual mistake or misrepresentations and the language of the release is “plain, evident and unambiguous,” the release is enforceable), citing Restatement (Second) of Contracts § 284, Cmt. C; Amfac Distribution Corp. v. J.B. Contractors, Inc., 146 Ariz. 19, 24-25, 703 P.2d 566, 571-572 (App.1985) (“Like other contracts, the obvious meaning of the provisions of a release must be given effect”). 16

Cumis asserts, however, that “[t]he court may admit evidence for interpretation of the written agreement only if [the extrinsic] evidence does not contradict the written agreement.” Marvin Johnson, P.C. v. Shoen, 876 F.Supp. 1109, 1112 (D .Ariz.1995) “Where the extrinsic evidence is generally consistent with the terms of the contract, it may be admitted.” Id.; Pacific Gas & Elec. Co. v. G.W. Thomas Drayage & Rigging Co., 69 Cal.2d 33, 69 Cal.Rptr. 561, 442 P.2d 641 (1968) (“The fact that the terms of an instrument appear clear to a judge does not preclude the possibility that the parties chose the language of the instrument to express different terms.”). Therefore, “the test of admissibility of extrinsic evidence to explain the meaning of a written instrument is not whether it appears to the court to be plain and unambiguous on its face, but whether the offered evidence is relevant to prove a meaning to which the language of the instrument is reasonably susceptible.” Id. at 39, 69 Cal.Rptr. 561, 442 P.2d 641. “Accordingly, rational interpretation requires at least a preliminary consideration of all credible evidence offered to prove the intention of the parties.” Id. at 40, 69 Cal.Rptr. 561, 442 P.2d 641. Moreover, “[w]here the words and acts of the parties are somewhat ambiguous and indefinite, the surrounding circumstances may be considered in determining their exact meaning and the contractual obligation created. The exact meaning may be determined by reference to extrinsic facts relevant to the question.” Henderson v. Jacobs, 73 Ariz. 195, 200, 239 P.2d 1082 (Ariz.1952). In its Reply, Merrick agrees that the Court can look at extrinsic evidence in determining the intent of the parties without a preliminary finding of ambiguity.

VI. OACP Issuer Certification

Merrick asserts that the OACP participating credit unions agreed, by signing the OACP Issuer Certification and receiving payment from Visa (funded by Merrick and the other CardSystems acquiring banks), to release Merrick “from all magnetic-stripe counterfeit claims, losses, damages and liabilities attributable” to the CardSystems security breach. DSOF, Ex. D. Merrick asserts that the Release is clearly worded, that the Release has a clearly defined scope, there are no allegations that the OACP Issuer Certification was signed by mistake or procured by fraud, and that there is no material factual dispute regarding either the circumstances of the signing of the OACP Issuer Certification or receipt of payment by the OACP participating credit unions. Cumis asserts, however, that the OACP Issuer Certification is vague and ambiguous because Merrick is not identified by name in the OACP Issuer Certification, Merrick is not a party to the OACP Issuer Certification, the term “Acquirer” is undefined, and the OACP Issuer Certification does not address whether it applies to unknown losses. Furthermore, Cumis asserts that the OACP Issuer Certification does not refer to sponsoring banks. Cumis also asserts that the phrase “any and all” has been found to be ambiguous based upon the facts and circumstances surrounding the execution of a release. Butler v. The Vons Companies, Inc., 140 Cal.App.4th 943, 45 Cal.Rptr.3d 151 (Cal.App. 2 Dist.2006). Cumis asserts that triable issues of fact exist with respect to whether the Release was intended to release Merrick in all capacities.

A. Role of Merrick Bank and Intention of Signers to OACP Issuer Certifications

Cumis asserts that Merrick was not released as a sponsoring bank because Merrick, as an indemnitor, is liable for the acts of its agent, CardSystems. The OACP Issuer Certification stated that the issuing banks agreed to release Visa and the Acquirers who appointed CardSystems as their processors. However, Cumis asserts that Merrick, as a sponsoring bank allowed processors like CardSystems to participate in the Visa system and, as a sponsoring bank, agreed to indemnify Visa and its members from the failure of those processors to comply with Visa operating rules and regulations. Therefore, Cumis asserts that the release of an “acquirer” is not the same thing as a release of a “sponsor” because they perform different functions in the Visa system. Cumis asserts that a party can only be released if that was the intended result or the release expressly so provides. Spain v. General Motors Corp., Chevrolet Motor Div., 171 Ariz. 226, 227, 829 P.2d 1272 (App.1992). Cumis asserts that the only intent evident from the language of the OACP Issuer Certification is to release Merrick in its capacity as an acquiring bank and that, if Visa had intended to release Merrick in all of its capacities, it could have identified Merrick by name in the OACP Issuer Certification. Indeed, Cumis points out that the release does not expressly release Merrick from liability as a sponsoring bank. See Spain, 171 Ariz. at 227, 829 P.2d 1272 (“Other courts have reached this same conclusion by requiring that for a release to be “express” ... the entity released must be named or otherwise specifically identified.”).

Merrick asserts, however, that Cumis has acknowledged in its opposition that Merrick’s obligations as a sponsor/indemnitor stem from the agreement Merrick, as an Acquiror, assumed responsibility for CardSystems when it appointed CardSystems as its processor. Reply, pp. 1-2, citing Opposition, pp. 5-6. Furthermore, Merrick asserts that when the term “Acquirer” is read in context (i.e., “Acquirers who appointed CardSystems Solutions Incorporated as them processors”), there is no ambiguity that needs to be resolved and that the “entity released” is in fact “otherwise specifically identified.” Opposition, p. 10.

Further, Merrick asserts that, in its role as an acquiring bank, Merrick designates certain entities to assist with the actual processing of transactions — CardSystems was one such entity. Merrick asserts that its responsibility for CardSystems does not arise outside or independent from Merrick’s role as an acquiring bank, but as a function of its role as an acquiring bank. Merrick asserts this is clear from the Release, which clearly ties liability (and the release from such liability) to the appointment of CardSystems as a processor.

Merrick also points out that Cumis does not offer any evidence that any OACP participating credit union understood the Release to only partially apply to Merrick. Indeed, Merrick points out that the Shaughnessey Declaration does not endorse Cumis’ argument that Visa intended the Release to only apply to Merrick in one alleged role. Rather, Merrick asserts that the Release cannot be reasonably interpreted to limit Merrick’s liability for appointing CardSystems as its Processor in a manner that does not fully release Merrick. Central Arizona Water Conservation Dist. v. U.S., 32 F.Supp.2d 1117, 1128 (D.Ariz.1998) (“A court should construe a contract in a manner that gives full meaning and effect to all its provisions and avoid an interpretation which leaves part of the contract meaningless or unreasonable.”); Scribner v. WorldCom, Inc., 249 F.3d 902, 908 (9th Cir.2001) (“We cannot allow one party’s ‘double-secret’ interpretation of a word to undermine the other party’s justified expectations as to what that word means”).

Merrick asserts that the relevant evidence supports the intention of the parties to release Merrick from all liability resulting from its relationship with CardSystems. In the Visa Letter, Visa identified the Visa Net Processor Registration Form as the basis for Merrick’s liability for CardSystems’ actions and clearly stated that Merrick was liable as “one of the Acquiring members that utilized the services” of CardSystems. DSOF, Ex. C.

Merrick also asserts that Cumis has not presented any evidence of any intent by the parties to only release Merrick in its role as an acquirer. Rather, Merrick asserts that, as an acquirer, there was no need for a release and Merrick clearly and necessarily understood the Release to actually be a release — the OACP Participating credit unions understood or should have understood that Merrick intended the Release to bar the present claims. Invitrogen Corp. v. Employers Ins. Co. of Wausau, No. CV 06-232-PHX-MHM, 2007 WL 841413 at *7 (D.Ariz.2007) (a party cannot avoid a release “where one party to the contract understands the contract to mean one thing and the other party to the contract knows or has reason to know that that party understands the contract to mean that thing”) (internal citations omitted); see also In re Estate of Lamparella, 210 Ariz. 246, 250, 109 P.3d 959, 963 (Ariz.App.2005) (“A contract is not ambiguous just because the parties to it or, as here, a party to it and the other party’s successor, disagree about its meaning”) (internal citations omitted); Scribner, 249 F.3d at 908. Merrick asserts that the plain language of the release and the Visa Letter (“Issuers will be required to release the Acquirers involved from all other counterfeit losses associated with the compromise ....) We are seeking your concurrence to participate in the Alternative Compliance Process. Again, the major benefits to Merrick Bank are the limiting of your fraud liability and resolving the matter in a timely manner[,]” DSOF, Ex. C, support its assertion that Merrick understood the Release to fully release Merrick from all claims.

Cumis asserts that, because of the August 31, 2005, deadline, the credit unions involved in the OACP did not yet know about all of counterfeit claim losses that might be submitted by cardholders. Therefore, although losses from the security breach were likely suffered well beyond that deadline, Cumis points out that Merrick nevertheless contends that the credit unions must have intended to release future claims that they did not even know about. However, the parties must intend to release claims for unknown injuries. Dansby v. Buck, 92 Ariz. 1, 7, 373 P.2d 1 (Ariz.1962). If the parties did not intend to release claims for unknown injuries, a claim for unknown injuries will not be barred. Id. Cumis asserts that “it is a question of fact whether the parties assumed as a basis of the release the known injuries, or whether the intent was to make a compromise for whatever injuries from the accident might exist whether known or not.” Id. at 8, 373 P.2d 1. Cumis asserts that there is no evidence that Visa and the issuing banks intended to release unknown losses. Rather, Cumis asserts that the fact that future losses are not addressed in the OACP Issuer Certifications suggests that the parties did not intend to release claims for future unknown losses.

Merrick asserts, however, that Cumis has failed to distinguish between unknown consequences of known injuries and unknown injuries. Dansby v. Buck, 92 Ariz. 1, 7, 373 P.2d 1 (1962). 17 Merrick asserts that execution of the OACP Issuer Certification was the compromise — Merrick asserts that the declaration of Shaughnessy acknowledges that the Release “intended to prohibit issuing banks from attempting to recover counterfeit fraud losses reported after August 31, 2005.” Declaration, ¶ 10. Merrick asserts that it is because the releasing issuers signed the OACP Issuer Certification at a time when they were not likely to know the full extent of the fraud losses that additional losses suffered by OACP Participating credit unions after they signed the OACP Issuer Certifications cannot be characterized as “unknown claims.” The OACP Issuer Certification concerns the “CardSystems Solutions Incorporated CAMS Event.” The CAMS alerts, circulated to the credit unions long prior to the OACP Participating credit unions’ determination to participate in OACP, listed each credit card account number compromised by the Event. DSOF ¶¶ 2-3. Therefore, Merrick asserts that the OACP Participating credit unions knew at the time they executed the Release the specific nature of the claims they were giving up: claims for all fraud losses on the cards identified on the CAMS alerts relating to the CardSystems Security Breach; as Cumis admits in its opposition, at the time that they signed the OACP Issuer Certification those OACP Participating credit unions “clearly did not know about all of the counterfeit claim losses that might be submitted by cardholders.” Opposition, p. 10.

Merrick asserts that Cumis’s reliance on Dansby is misplaced. In Dansby the plaintiff sought to set aside a release relieving defendant from further liability resulting from an automobile accident. Plaintiff asserted that there had been a mutual mistake in that at the time the release was executed, the plaintiff was unaware that she had suffered a serious personal injury and was only aware of apparent injury to the automobile itself. Merrick asserts that Cumis does not even attempt to allege that anyone was mistak en as to the scope of the release. Shaughnessy acknowledges in his declaration that Visa “intended to prohibit issuing banks from attempting to recover counterfeit fraud losses reported after [the] August 31, 2005 deadline ...” Shaughnessy Declaration, ¶ 10. Further, the Dansby court stated that “[w]e believe the better rule to be that where the parties contract for a release of all claims for known injuries, the release is a bar to recovery for unknown consequences of known injuries, but is not a bar to recovery for unknown injuries not within the contemplation of the parties at the time of contracting for such release.” 92 Ariz. at 12, 373 P.2d 1; see also Hendricks v. Simper, 24 Ariz.App. 415, 419, 539 P.2d 529, 532-533 (Ariz.App.1975). Merrick asserts that the known injury was the compromise of cards on the CAMS alert and the unknown consequences were the volume of fraudulent transactions. Because the OACP Participating credit unions knew with certainty the specific cards compromised, further injury could have been prevented by blocking or reissuing the compromised cards.

Merrick also disputes Cumis’ reliance on the declaration of John Shaughnessy to argue that the parties’ intent was only to bar issuing banks from pursuing other remedies within the Visa system. Merrick asserts that the Release clearly bars “all magnetic-stripe counterfeit claims, losses, damages and liabilities.” Merrick asserts there is nothing ambiguous about this language and Cumis’s only evidence in support of its position is a declaration that contradicts the plain language of the Release, as well as the plain language of the VBR and Issuer Certification instructions.

Merrick asserts that Cumis’ argument is undermined by the other provisions of the OACP Issuer Certification. The OACP Participating credit unions, in addition to agreeing to the Release, had to certify that (a) “no chargeback rights exist or have been successfully exercised on any of the disputed transactions” and (b) “they have not sought and will not seek compensation for any transactions included in this claim through compliance rights.” Thus, if, as Cumis asserts, these are the only rights that were intended to be released, there would be no reason for the separate Release. Merrick asserts that, under Cumis’ requested interpretation, the Release would be meaningless. Merrick asserts the Release is simply not “reasonably susceptible” to Shaughnessy’s interpretation and his declaration is inadmissible to contradict the language of the Release. See Taylor v. State Farm Mut. Auto. Ins. Co., 175 Ariz. 148, 154, 854 P.2d 1134 (1993); Marvin Johnson, P.C. v. Shoen, 876 F.Supp. 1109, 1111 (D.Ariz.1995); Scribner, 249 F.3d at 908.

Cumis asserts that, although Merrick has failed to offer any evidence regarding the parties’ intent, the declaration of Shaughnessy, Visa’s former Senior Vice President, Risk Management and Fraud Control, who states that Visa only intended to bar issuing banks from pursuing other remedies within the Visa system, and did not intend to prevent issuing banks from pursuing their legal rights in court against Merrick or CardSystems, establishes the intent of Visa. 18 Further, Cumis asserts that Visa’s intent in this regard is supported by the language of the OACP Issuer Certification itself.

Cumis asserts that, at a minimum, triable issues of fact exist with respect to the scope of the release, i.e. whether it was intended to release Merrick in all capacities, and whether the parties intended to release unknown claims. Where contract language is ambiguous, a court cannot in terpret the contract without reference to extrinsic evidence of the parties’ intent. Marvin Johnson, P.C. v. Shoen, 876 F.Supp. 1109 (D.Ariz.1995). Indeed, the Supreme Court of Arizona has stated:

[W]here the parties contract for a release of all claims for known injuries, the release is a bar to recovery for unknown consequences of known injuries, but is not a bar to recovery for unknown injuries not within the contemplation of the parties at the time of contracting for such release; further, that even though a release expressly covers unknown injuries, it is not a bar to an action if it can be shown that such unknown injuries were in existence and were not within the contemplation of the parties when the settlement was agreed upon, but that, if the parties did in fact intentionally agree upon a settlement for unknown injuries, such release will be binding. Whether the parties intended the release to cover unknown injuries in usually a question of fact.

Dansby v. Buck, 92 Ariz. at 12, 373 P.2d 1.

B. Discussion Regarding Merrick’s Role and the Intent of the Signers

Although Cumis argues that the terms of the Release are ambiguous, “a contract is not ambiguous just because the parties to it or, as here, a party to it and the other party’s successor, disagree about its meaning[.]” Lamparella, 210 Ariz. at 250, 109 P.3d 959. In its role as an acquiring bank, Merrick designated CardSystems to assist with the actual processing of transactions. Merrick’s responsibility for CardSystems does not arise outside or independent from Merrick’s role as an acquiring bank, but as a function of its role as an acquiring bank. This is clear from the Release, which ties liability (and the release from such liability) to the appointment of CardSystems as a processor. The Release cannot be reasonably interpreted to limit Merrick’s liability. See e.g. Scribner v. Worldcom, Inc., 249 F.3d at 908 (“We cannot allow one party’s ‘double-secret’ interpretation of a word to undermine the other party’s justified expectations as to what that word means”).

Moreover, the evidence in this case includes the Visa letter which stated that Merrick was liable as “one of the Acquiring members that utilized the services” of CardSystems, informed Merrick that Visa was seeking Merrick’s participation, and advised Merrick that a “major benefit[ ] to Merrick Bank [was] the limiting of [Merrick’s] fraud liability and resolving the matter in a timely manner[.]” DSOF, Ex. C. Although Cumis asserts that the credit unions involved in the OACP did not yet know about all of counterfeit claim losses that might be submitted by cardholders, the Court agrees with Merrick that Cumis has failed to distinguish between unknown consequences of known injuries and unknown injuries. Dansby, 92 Ariz. at 7, 373 P.2d 1 (1962). The OACP Issuer Certification concerns the “CardSystems Solutions Incorporated CAMS Event.” The CAMS alerts listed each credit card account number compromised by the Event. At the time the Releases were executed, the OACP Participating credit unions knew the specific nature of the claims they were giving up: claims for all fraud losses on the cards identified on the CAMS alerts relating to the CardSystems Security Breach See Dansby, 92 Ariz. at 12, 373 P.2d 1 (“where the parties contract for a release of all claims for known injuries, the release is a bar to recovery for unknown consequences of known injuries ... ”).

Cumis’s argument that the Release was intended to only bar issuing banks from pursuing other remedies within the Visa system ignores that the Release clearly refers to all magnetic-stripe counterfeit claims, losses, damages and liabilities. This language is not ambiguous and the evidence submitted by Cumis directly contradicts the plain language of the Release, as well as the plain language of the VBR and Issuer Certification instructions. This unambiguous language is corroborated by the requirement that the OACP Participating credit unions had to certify that (a) “no chargeback rights exist or have been successfully exercised on any of the disputed transactions” and (b) “they have not sought and will not seek compensation for any transactions included in this claim through compliance rights.”

The Court finds there is no genuine issue of material fact in dispute as to whether the Release limits Merrick’s liability only as an acquiring bank. Merrick is entitled to summary judgment on this issue.

C. Applicability of California Law

Cumis asserts that the California Supreme Court has held that it “appears beyond reasonable doubt that [California] Civil Code, section 1542 was intended by its drafters to preclude the application of a release to unknown claims in the absence of a showing, apart from the words of the release of an intent to include such claims.” Casey v. Proctor, 59 Cal.2d 97, 109, 28 Cal.Rptr. 307, 378 P.2d 579 (1963). In Casey, the plaintiff had executed a release of “any and all known and unknown bodily injuries and property damage[.]” Id. at 110, 28 Cal.Rptr. 307, 378 P.2d 579. The Supreme Court reversed the trial court’s granting of summary judgment because “[t]he question remains as one of fact whether the releaser actually intended to discharge such claims. If the evidence, independent of the words of the release, indicates that the parties have consciously contracted in reference to unknown claims, the release is, of course, binding.” Id. at 110, 28 Cal.Rptr. 307, 378 P.2d 579. Cumis points out that the Release does not even mention “unknown injuries” and Merrick presents no evidence independent of the release concerning the parties’ intent. Cumis assert, therefore, that summary judgment is inappropriate because issues of fact exist.

Merrick asserts, however, because the Court has determined that Arizona law applies, Cumis’s reliance on cases that discuss § 1542 are misplaced. First, Merrick asserts that the present claims of the OACP Participating credit unions are not claims they did not “know or suspect to exist” at the time of execution of the Release. See Brae Transp., Inc. v. Coopers & Lybrand, 790 F.2d 1439, 1443-1445 (9th Cir.1986) (finding § 1542 inapplicable as the claims were “unknown” “only in that [plaintiff] was unaware of the precise facts and dollar amount arising from [defendant’s alleged conduct].”). Further, in Butler v. The Vons Companies, Inc., 140 Cal.App.4th 943, 45 Cal.Rptr.3d 151 (Cal.App.2006), plaintiff filed a grievance over his suspension for fighting, which resulted in a settlement that included a release of his employer (“Vons”). Separately, plaintiff brought a discrimination action, asserting allegations that were not at issue in his grievance, against Vons. Id. at 945, 45 Cal.Rptr.3d 151 (“the grievance had nothing to do with any harassment or discrimination allegations”). Unlike in Butler, where the court determined that there were issues of fact as to whether the scope of the release executed in the grievance applied to plaintiffs unrelated discrimination claims, id., at 948, 45 Cal.Rptr.3d 151, Merrick asserts that the claims currently at issue are not only related, but they are the same claims specifically identified in the Release (magnetic-stripe counterfeit fraud claims relating to the CardSystems security breach). Indeed, in Butler, the court noted a likely different result if the court were considering claims “arising from” the suspension grievance, specifically “a tort claim that could arise from But ler’s suspension.” Id. at 948, 45 Cal.Rptr.3d 151.

This Court has determined that Arizona law is applicable in this case. Moreover, under the facts of this case, § 1542 would be inapplicable because the claims at issue in this case are the same claims as those set forth in the Release.

D. Damages

Merrick asserts that the Release covers the losses Cumis seeks to recover on behalf of its insureds in this action, including those sought on behalf of the OACP participating credit unions. The SAC asserts Cumis’ claims are on behalf of its insured credit unions due to “the loss of magnetic-stripe credit and debit card data and account numbers, and the resulting fraud” attributable to the security breach. SAC, ¶ 4. Further, Merrick asserts that the spreadsheet provided by Cumis that lists its Visa-related losses by credit union identifies the specific losses, based on account numbers, that were allegedly incurred by OACP participating credit unions.

Cumis asserts that, even if this Court were to accept Merrick’s argument that it was released of all liability in any capacity by 92 of CUMIS’ insureds, there is still a triable issue of material fact with respect to the amount of CUMIS’ damages that are barred by the purported release. Cumis asserts that Merrick makes inconsistent allegations concerning the amount of Cumis’s damages such that a triable issue of fact with respect to damages. Cumis points out that Merrick claims in its motion that a certain number of Cumis’s insureds participated in Visa’s OACP in which they purportedly released Merrick of all liability in exchange for payments totaling approximately $3.2 million. However, Merrick also asserts the amount of Cumis’s damages are overstated and that Cumis’s damages are only approximately $180,000. Cumis asserts that “[t]he calculation of damages is not ordinarily amenable to resolution at the summary judgment stage.” U.S. v. Honeywell Intern., Inc., 542 F.Supp.2d 1188, 1201 (E.D.Cal.,2008); see also, Watson Const. Co. v. Reppel Steel & Supply Co., Inc., 123 Ariz. 138, 598 P.2d 116 (App.1979). In fact, “Rule 56 clearly contemplates a full hearing on the question of damages.” Woods v. Merles, 9 F.R.D. 318, 321 (D.Del.1949); see also, McRae v. Creedon, 162 F.2d 989, 992 (10th Cir.1947) (“damages is always an open factual question.”); Carson v. Nat’l Bank of Commerce Trust and Sav., 356 F.Supp. 811, 812 (D.C.Neb.1973) (“Summary judgment is a poor instrument for determining recoverable damages.”).

Additionally, Cumis asserts that it is the rare instance (1) where damages are resolved on summary judgment and where (2) “there was no dispute as to at least a portion of the damages amount or as to the manner in which the amount was calculated.” U.S. v. Honeywell Intern., Inc., 542 F.Supp.2d at 1201. Cumis asserts this case does not present one of those “rare instances” because there are clearly disputes concerning whether Cumis’s insureds received payment from Visa, whether Cumis’s insureds received payment from Visa in the amount Visa represented would be paid in the claim notification and the amount of Cumis’s damages that would be barred if the release were enforceable as Merrick argues.

Merrick points out that, to avoid summary judgment, Cumis “may not simply rest upon the mere allegations or denials of its own pleadings.” Fed.R.Civ.P. 56(e). Cumis does not affirmatively assert that any participating credit union — in whose shoes Cumis now stands as subrogee — in fact failed to receive payment. Further, Merrick has submitted a declaration from Visa confirming that payment was received by each OACP Participating credit union.

Additionally, Merrick asserts that Cumis’ assertion that Merrick has made “inconsistent allegations concerning the amount of Cumis’ damages” is simply nonsense. Although Merrick does challenge Cumis’s alleged damages, Merrick asserts that its motion seeks an order barring the claims of the OACP Participating credit unions in their entirety. Therefore, Merrick asserts that Cumis’s own proffered damage calculations totaling $3,229,852.12 is barred.

The Court has determined that the Regan and Van Horn declarations regarding the amount of damages are not admissible. There is a genuine issue of material fact in dispute as to the specific amount of payments made to the specific credit unions that participated in the OACP. However, the Court finds that there is no genuine issue of material fact in dispute that Merrick is not liable for claims for which a participating credit union signed a Release and received payment pursuant to that Release.

E. Satisfaction of Condition Precedent

Cumis also argues that the OACP Issuer Certification relied upon by Merrick lacks mutuality. While Merrick points to the fact that the credit unions allegedly released Merrick in the OACP Issuer Certification, Merrick fails to point out that Visa did not sign any of the OACP Issuer Certifications, and that Visa does not make a single express promise to perform (i.e. to pay) in the OACP Issuer Certifications (or in any other document submitted by Merrick in support of its motion). Cumis asserts that any promise by the credit unions to release Visa (or anyone else) is not enforceable until or if Merrick demonstrates that each of the 92 credit unions actually received the bargained for consideration. In conjunction with its Reply, Merrick has submitted a declaration from Visa confirming that payment was received by each OACP Participating credit union. See Van Horn Dec., ¶ 4. However, the Court has determined that the Van Horn declaration is not admissible. The Court finds, therefore, there is a genuine issue of material fact in dispute as to whether the credit unions received the bargained for consideration.

Accordingly, IT IS ORDERED:

1. Cumis’s request for a continuance pursuant to Fed.R.Civ.P. 56(f) is DENIED.

2. Cumis’s request that the Court take judicial notice of specified documents filed in other proceedings is GRANTED.

3. Merrick’s Motion for Partial Summary Judgment [Doc. # 137] is GRANTED IN PART AND DENIED IN PART.

1 . Unless otherwise stated, the facts are taken from Cumis' Response to Defendant's Statement of Facts and Plaintiff's Additional Material Facts ("PSOF”). See Doc. # 152. Many facts asserted by Cumis are stated by the declaration of John Shaughnessy, Doc. # 156, who, prior to his retirement in October 2005, was the Senior Vice President, Risk Management and Fraud Control, for Visa U.S.A., Inc.

2 . Cumis objects to this assertion on the basis that the evidence relied upon (Merrick's Ex. A) has not been authenticated pursuant to Fed.R.Evid. 901(a) and contains hearsay.

3 . Cumis objects to this assertion on the basis that the evidence relied upon (Merrick’s Ex. E) has not been authenticated pursuant to Fed.R.Evid. 901(a) and contains hearsay. Without waiving these objections, Cumis asserts that there is no evidence to support these facts and that counsel’s letter is not evidence of these facts.

4 . Cumis objects to this assertion on the basis that the evidence relied upon has not been authenticated pursuant to Fed.R.Evid. 901(a) and contains hearsay.

5 . Cumis objects to this assertion on the basis that the evidence relied upon (Merrick's Ex. C) has not been authenticated pursuant to Fed.R.Evid. 901(a) and contains hearsay.

6 .Cumis objects to this assertion on the basis that the evidence relied upon (Merrick’s Ex. D) has not been authenticated pursuant to Fed.R.Evid. 901(a) and contains hearsay. Without waiving these objections, Cumis asserts that there is no evidence to support this fact and the evidence relied upon by Merrick is not evidence of Visa's payment to Cumis’s insureds, which is a condition precedent to the purported release of liability. Cumis as serts that its total damages are approximately $12.4 million. Cumis asserts that, in reaching this total amount of damages, Cumis undertook efforts to exclude as part of its damages all amounts received by credit unions from Visa.

7 . Without waiving the objections, CUMIS responds that to be eligible, issuing banks had to submit a claim statement which included only losses suffered up to August 31, 2005, and an executed Issuer Certification and Release of Liability before receiving payment for their losses. Ex. A and Ex. D to Merrick’s motion.

8 . Without waiving the objections, CUMIS responds that the evidence relied upon by Merrick is not evidence that "the recovery received by issuers participating in the Visa OACP was funded by the acquiring banks that sponsored CardSystems.” Cumis's Response to DSOF, p. 3

9 . Without waiving the objections, Cumis responds that there is no evidence to support this fact and the evidence relied upon by Merrick does not evidence Merrick’s payment of 70.0706% of the amounts paid by Visa to issuing banks such as Cumis’s insureds.

10 .Without waiving the objections, Cumis responds the OACP Issuer Certification also states that, "Our Center certifies that no chargeback rights exist or have been successfully exercised on any of the disputed transactions for which we are seeking reimbursement through this claim. Our Center certifies that we have not sought and will not seek compensation for any transactions included in this claim through compliance rights in respect of this or any other magnetic stripe data compromise incident.” Ex. D to Merrick’s motion.

11 . The Court notes that the DSOF states that it relies on Ex. D., the "Declaration of James Regan, dated August 24, 2009” for this assertion. However, Regan's Declaration is filed under seal as Document #141.

12 . Without waiving the objections, Cumis responds that there is no evidence to support this fact and the evidence relied upon by Merrick is not evidence of Visa's payment to Cumis's insureds, which is a condition precedent to the purported release of liability. Ex. D to Merrick's motion.

13 . Without waiving the objections, Cumis responds that there is no evidence to support these facts and counsel's letter is not evidence of this fact. Ex. E to Merrick's motion.

14 . Without waiving the objections, Cumis responds that it responded to Merrick's interrogatory by identifying the credit unions who "attempted to recover” its losses through Visa’s OACP by identifying releases produced by Visa, but the releases referred to by Cumis are not evidence of actual payment to those credit unions for their losses, which is a condition precedent to the purported release of liability. Ex. D and F to Merrick's motion.

15 . Without waiving the objections, Cumis responds that there is no evidence to support the contention that "Interrogatory No. 3 does not identify insureds that participated in the OACP through a BIN sponsors,” and the witness’s testimony is not evidence of this fact. Ex. E to Merrick's motion.

16 . Merrick points out that this Court has previously determined that California's choice of law analysis governs. In doing so, the Court determined that Arizona law applies. Cumis asserts, however, because there is no conflict of law to the principle that an unambiguous contractual release is enforceable on its face, no choice of law determination is necessary regarding this motion.

17 . Merrick points out that, while the consequences were unknown, the credit unions had the ability to insure that no further fraud occurred by shutting down compromised cards and issuing replacement cards to the cardholders.

18 . The Court has found this portion of the Shaughnessy declaration to be inadmissible.