2025 IL App (1st) 241480-U No. 1-24-1480 Order filed October 15, 2025
THIRD DIVISION
NOTICE: This order was filed under Supreme Court Rule 23 and is not precedent except in the limited circumstances allowed under Rule 23(e)(1).
IN THE APPELLATE COURT OF ILLINOIS FIRST JUDICIAL DISTRICT
MELISSA THORNLEY, DEBORAH ) Appeal from the BENJAMIN-KOLLER, and JOSUE HERRERA, ) Circuit Court of Individually and on Behalf of All Others Similarly ) Cook County Situated, ) ) Plaintiffs-Appellants, ) No. 21 CH 6168 ) (cons. w/ 22 CH 9508) v. ) ) AXIS INSURANCE COMPANY, ) Honorable ) Sophia H. Hall, Defendant-Appellee. ) Judge, Presiding.
PRESIDING JUSTICE MARTIN delivered the judgment of the court. Justices Lampkin and Rochford concurred in the judgment.
ORDER
¶1 Held: The trial court correctly determined that the insurer had no duty to defend or indemnify its insured where the transactions and conduct at issue, which purportedly met the policy’s definitions of “wrongful acts” and “enterprise security events,” did not fall within coverage, since they occurred prior to the policy’s retroactive date.
¶2 This appeal arises from the settlement of a putative class action lawsuit filed by plaintiffs-
appellants Melissa Thornley, Deborah Benjamin-Koller, and Josue Herrera (collectively, No. 1-24-1480
plaintiffs). Plaintiffs are suing in their capacity as assignees of indemnity rights held by Wynndalco
Enterprises, LLC (Wynndalco), an Illinois-based information technology services and consulting
firm, insured by defendant-appellee Axis Insurance Company (Axis).
¶3 The dispute centers on Wynndalco’s alleged improper sale of individuals’ biometric data,
which had been collected by Clearview AI, Inc. (Clearview AI). Plaintiffs, as assignees of
Wynndalco, sought a declaration that Axis had a duty to defend and indemnify Wynndalco in the
underlying putative class action brought against Wynndalco and others pursuant to the Illinois
Biometric Information Privacy Act (BIPA) (740 ILCS 14/1 et seq. (West 2020)). The case
proceeded on a motion for summary determination of a major issue, where the trial entered
judgment in favor of Axis. We affirm. 1
¶4 I. BACKGROUND
¶5 The following facts are taken from the pleadings, motions, exhibits, and other pertinent
documents. “The litigation that has given rise to this coverage dispute stems from a massive
database of facial-image scans assembled by Clearview AI, an artificial intelligence firm that
specializes in facial recognition software.” Citizens Insurance Company of America v. Wynndalco
Enterprises, LLC, 70 F. 4th 987, 990-91 (7th Cir. 2023); see also Thornley v. Clearview AI, Inc.,
984 F. 3d 1241, 1242-44 (7th Cir. 2021); Citizens Insurance Company of America v. Wynndalco
Enterprises, LLC, 595 F. Supp. 3d 668, 670-71 (N.D. Ill. 2022).
¶6 Clearview AI was founded in 2017 by Hoan Ton-That and Richard Schwartz. In re
Clearview AI, Inc., Consumer Priv. Litig., No. 21-CV-00135, 2025 WL 1371330, at *1 (N.D. Ill.
May 12, 2025).
In adherence with the requirements of Illinois Supreme Court Rule 352(a) (eff. July 1, 2018), this 1
appeal has been resolved without oral argument upon entry of a separate written order. 2 No. 1-24-1480
“[T]he start-up assembled a massive biometric database of individuals by
‘scraping’ their photos from publicly available websites and collecting their biometric
facial geometry. With this database, Clearview customers – primarily federal and state law
enforcement agencies and private retailers – seeking to identify an individual could upload
an image of the person in question to Clearview’s platform. Using its facial recognition
software, Clearview would then compare the uploaded image to those in its database to
locate other images of the individual in question, enabling the customer to identify the
individual.” Id.
¶7 In September 2019, Clearview AI submitted a proposal to the Chicago Police Department
(CPD), offering to sell the department access to its database (the Product). The CPD, however,
was not authorized to purchase the Product from Clearview AI because the artificial intelligence
firm was not an approved vendor. Wynndalco, 70 F. 4th at 991. Wynndalco, however, was an
approved vendor. Id.
¶8 CPD contacted its purchasing agent, CDW-Government, LLC (CDW-Government), to act
as an intermediary for the purchase of the Product. CDW-Government contacted Wynndalco and
allegedly—without disclosing that the Product consisted of biometric identifiers and
information—“entered into an arrangement pursuant to which Wynndalco would purchase the
[P]roduct from Clearview AI and then re-sell it to CDW-Government.” Id.
¶9 In December 2019, in accordance with their arrangement, Wynndalco purchased the
Product from Clearview AI, and immediately resold it to CDW-Government, who in turn, resold
the Product to the CPD. As a result, “[t]he Chicago Police Department, through its purchasing
agent CDW-Government, gained access to the Clearview AI database and its facial-identification
app by means of a two-year contract between CDW-Government and Wynndalco.” Id.
3 No. 1-24-1480
¶ 10 In May 2020, plaintiffs filed a class action complaint against CDW-Government and
Wynndalco in the circuit court of Cook County. The certified class was composed of Illinois
citizens whose facial scans were collected in the Clearview AI database from January 3, 2020
through April 30, 2020. The amended complaint asserted a claim against Wynndalco for violation
of section 15(c) of the BIPA, which prohibits private entities from selling, leasing, trading, or
profiting from an individual’s biometric identifiers or biometric information. 740 ILCS 14/15(c)
(West 2020). 2 The complaint also alleged claims against Wynndalco for unjust enrichment and
invasion of privacy.
¶ 11 Wynndalco was insured under a claims-made liability policy issued by Axis. Axis refused
to defend or indemnify Wynndalco in the underlying class action, citing two exclusions in the
policy: the exclusion for claims involving the “Unlawful Use of Information,” and the exclusion
for claims based on “Violation of Statute.”
¶ 12 Wynndalco subsequently undertook its own defense and ultimately entered into a
settlement agreement and release with plaintiffs, wherein it assigned its rights under the policy to
the plaintiffs and other class members.
¶ 13 In December 2021, plaintiffs, as assignees of Wynndalco, filed a class action complaint for
a declaratory judgment against Axis, alleging Axis breached its duty to defend and indemnify
Wynndalco in the underlying class action. Plaintiffs alleged the claims against Wynndalco fell, or
potentially fell, within the policy’s coverage for “wrongful acts” or “enterprise security events.”
2 “ ‘Biometric identifier’ means a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry.” 740 ILCS 14/10 (West 2020). “ ‘Biometric information’ means any information, regardless of how it is captured, converted, stored, or shared, based on an individual’s biometric identifier used to identify any individual.” Id. 4 No. 1-24-1480
¶ 14 Plaintiffs alleged that the following “wrongful acts,” identified in the definitions section of
the policy, triggered coverage: “(1) any act, error or omission giving rise to Personal Injury; [and]
Free access — add to your briefcase to read the full text and ask questions with AI
2025 IL App (1st) 241480-U No. 1-24-1480 Order filed October 15, 2025
THIRD DIVISION
NOTICE: This order was filed under Supreme Court Rule 23 and is not precedent except in the limited circumstances allowed under Rule 23(e)(1).
IN THE APPELLATE COURT OF ILLINOIS FIRST JUDICIAL DISTRICT
MELISSA THORNLEY, DEBORAH ) Appeal from the BENJAMIN-KOLLER, and JOSUE HERRERA, ) Circuit Court of Individually and on Behalf of All Others Similarly ) Cook County Situated, ) ) Plaintiffs-Appellants, ) No. 21 CH 6168 ) (cons. w/ 22 CH 9508) v. ) ) AXIS INSURANCE COMPANY, ) Honorable ) Sophia H. Hall, Defendant-Appellee. ) Judge, Presiding.
PRESIDING JUSTICE MARTIN delivered the judgment of the court. Justices Lampkin and Rochford concurred in the judgment.
ORDER
¶1 Held: The trial court correctly determined that the insurer had no duty to defend or indemnify its insured where the transactions and conduct at issue, which purportedly met the policy’s definitions of “wrongful acts” and “enterprise security events,” did not fall within coverage, since they occurred prior to the policy’s retroactive date.
¶2 This appeal arises from the settlement of a putative class action lawsuit filed by plaintiffs-
appellants Melissa Thornley, Deborah Benjamin-Koller, and Josue Herrera (collectively, No. 1-24-1480
plaintiffs). Plaintiffs are suing in their capacity as assignees of indemnity rights held by Wynndalco
Enterprises, LLC (Wynndalco), an Illinois-based information technology services and consulting
firm, insured by defendant-appellee Axis Insurance Company (Axis).
¶3 The dispute centers on Wynndalco’s alleged improper sale of individuals’ biometric data,
which had been collected by Clearview AI, Inc. (Clearview AI). Plaintiffs, as assignees of
Wynndalco, sought a declaration that Axis had a duty to defend and indemnify Wynndalco in the
underlying putative class action brought against Wynndalco and others pursuant to the Illinois
Biometric Information Privacy Act (BIPA) (740 ILCS 14/1 et seq. (West 2020)). The case
proceeded on a motion for summary determination of a major issue, where the trial entered
judgment in favor of Axis. We affirm. 1
¶4 I. BACKGROUND
¶5 The following facts are taken from the pleadings, motions, exhibits, and other pertinent
documents. “The litigation that has given rise to this coverage dispute stems from a massive
database of facial-image scans assembled by Clearview AI, an artificial intelligence firm that
specializes in facial recognition software.” Citizens Insurance Company of America v. Wynndalco
Enterprises, LLC, 70 F. 4th 987, 990-91 (7th Cir. 2023); see also Thornley v. Clearview AI, Inc.,
984 F. 3d 1241, 1242-44 (7th Cir. 2021); Citizens Insurance Company of America v. Wynndalco
Enterprises, LLC, 595 F. Supp. 3d 668, 670-71 (N.D. Ill. 2022).
¶6 Clearview AI was founded in 2017 by Hoan Ton-That and Richard Schwartz. In re
Clearview AI, Inc., Consumer Priv. Litig., No. 21-CV-00135, 2025 WL 1371330, at *1 (N.D. Ill.
May 12, 2025).
In adherence with the requirements of Illinois Supreme Court Rule 352(a) (eff. July 1, 2018), this 1
appeal has been resolved without oral argument upon entry of a separate written order. 2 No. 1-24-1480
“[T]he start-up assembled a massive biometric database of individuals by
‘scraping’ their photos from publicly available websites and collecting their biometric
facial geometry. With this database, Clearview customers – primarily federal and state law
enforcement agencies and private retailers – seeking to identify an individual could upload
an image of the person in question to Clearview’s platform. Using its facial recognition
software, Clearview would then compare the uploaded image to those in its database to
locate other images of the individual in question, enabling the customer to identify the
individual.” Id.
¶7 In September 2019, Clearview AI submitted a proposal to the Chicago Police Department
(CPD), offering to sell the department access to its database (the Product). The CPD, however,
was not authorized to purchase the Product from Clearview AI because the artificial intelligence
firm was not an approved vendor. Wynndalco, 70 F. 4th at 991. Wynndalco, however, was an
approved vendor. Id.
¶8 CPD contacted its purchasing agent, CDW-Government, LLC (CDW-Government), to act
as an intermediary for the purchase of the Product. CDW-Government contacted Wynndalco and
allegedly—without disclosing that the Product consisted of biometric identifiers and
information—“entered into an arrangement pursuant to which Wynndalco would purchase the
[P]roduct from Clearview AI and then re-sell it to CDW-Government.” Id.
¶9 In December 2019, in accordance with their arrangement, Wynndalco purchased the
Product from Clearview AI, and immediately resold it to CDW-Government, who in turn, resold
the Product to the CPD. As a result, “[t]he Chicago Police Department, through its purchasing
agent CDW-Government, gained access to the Clearview AI database and its facial-identification
app by means of a two-year contract between CDW-Government and Wynndalco.” Id.
3 No. 1-24-1480
¶ 10 In May 2020, plaintiffs filed a class action complaint against CDW-Government and
Wynndalco in the circuit court of Cook County. The certified class was composed of Illinois
citizens whose facial scans were collected in the Clearview AI database from January 3, 2020
through April 30, 2020. The amended complaint asserted a claim against Wynndalco for violation
of section 15(c) of the BIPA, which prohibits private entities from selling, leasing, trading, or
profiting from an individual’s biometric identifiers or biometric information. 740 ILCS 14/15(c)
(West 2020). 2 The complaint also alleged claims against Wynndalco for unjust enrichment and
invasion of privacy.
¶ 11 Wynndalco was insured under a claims-made liability policy issued by Axis. Axis refused
to defend or indemnify Wynndalco in the underlying class action, citing two exclusions in the
policy: the exclusion for claims involving the “Unlawful Use of Information,” and the exclusion
for claims based on “Violation of Statute.”
¶ 12 Wynndalco subsequently undertook its own defense and ultimately entered into a
settlement agreement and release with plaintiffs, wherein it assigned its rights under the policy to
the plaintiffs and other class members.
¶ 13 In December 2021, plaintiffs, as assignees of Wynndalco, filed a class action complaint for
a declaratory judgment against Axis, alleging Axis breached its duty to defend and indemnify
Wynndalco in the underlying class action. Plaintiffs alleged the claims against Wynndalco fell, or
potentially fell, within the policy’s coverage for “wrongful acts” or “enterprise security events.”
2 “ ‘Biometric identifier’ means a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry.” 740 ILCS 14/10 (West 2020). “ ‘Biometric information’ means any information, regardless of how it is captured, converted, stored, or shared, based on an individual’s biometric identifier used to identify any individual.” Id. 4 No. 1-24-1480
¶ 14 Plaintiffs alleged that the following “wrongful acts,” identified in the definitions section of
the policy, triggered coverage: “(1) any act, error or omission giving rise to Personal Injury; [and]
(2) invasion, infringement or interference with the rights of privacy or publicity, including false
light, public disclosure of private facts, intrusion, breach of confidence and commercial
appropriation of name or likeness.” According to plaintiffs, the following “enterprise security
events” described in the definitions section of the policy triggered coverage: “(1) accidental
release, unauthorized disclosure, loss, theft, or misappropriation of Protected Data in the care,
custody or control of an Insured Entity or Service Contractor.”
¶ 15 Plaintiffs added that Axis acted in bad faith by denying coverage and refusing to defend
Wynndalco, without first either seeking a declaratory judgment to determine its obligations under
the policy or defending Wynndalco under a reservation of rights.
¶ 16 Axis filed an answer and counterclaim, seeking a declaration that it had no duty to defend
or indemnify Wynndalco in the underlying class action.
¶ 17 The parties filed cross-motions for judgment on the pleadings. Axis argued that coverage
was precluded by the policy’s two aforementioned exclusions. Axis further contended that the
alleged “wrongful acts” or “enterprise security events,” which purportedly triggered coverage,
occurred prior to the retroactive date of the policy, and thus, were not covered. The policy
contained a retroactive provision which limited coverage to claims involving “wrongful acts” that
occurred on or after retroactive date, and prior to the end of the policy period. The retroactive date
was the same as the policy’s effective date of February 20, 2020. Axis argued that Wynndalco’s
purchase and subsequent resale of the Product occurred in December 2019, two months prior to
the February 2020 policy retroactive date.
¶ 18 Plaintiffs countered that the “wrongful acts” or “enterprise security events” were not
5 No. 1-24-1480
deemed to have occurred until May 2020, when Wynndalco was served with the underlying class
action complaint, and learned or had knowledge that it potentially violated the BIPA. In support
of this argument, plaintiffs relied on a provision in the policy’s claims-reporting section, which
provides that “[a] Wrongful Act will be deemed to occur when such Wrongful Act becomes known
to a Control Group Insured.”
¶ 19 Plaintiffs sought summary determination of this issue. The trial court found in favor of
Axis. The court determined that plaintiffs ignored “the rules of contract construction” by
attempting to import the “deem to occur” language in the policy’s claims-reporting section, into
the provision of the policy’s claims-coverage section, which provides that coverage exists only if
“such Wrongful Act first occurred on or after the Retroactive Date and prior to the end of the
Policy Period.” The court observed that the claims-reporting section did not include “deemed to
occur” language.
¶ 20 Similarly, the trial court determined that the policy’s claims-coverage section required that
the “enterprise security event” occur during the policy period. The claims-coverage section
provides coverage for an “enterprise security event” if the claim “first occurred on or after the
Retroactive Date and prior to the end of the Policy Period.”
¶ 21 The trial court found that “the Wrongful Act and Enterprise Security Event occurred at the
time Wynndalco purchased and sold the *** Product in December 2019, before the inception date
of the Policy, and thus, are not covered by the Policy.” The court concluded that “[b]ecause [it]
resolves this matter in finding that the Wrongful Act and Enterprise Security Event occurred before
the Policy Period, this Court does not reach the issues of whether the exclusions apply.” Finding
its decision on the summary determination dispositive, the court entered judgment in favor of Axis
on the complaint and counterclaim. This timely appeal by plaintiffs followed.
6 No. 1-24-1480
¶ 22 II. ANALYSIS
¶ 23 The primary issue on appeal is whether the trial court correctly found that Wynndalco’s
alleged “wrongful acts” and “enterprise security event,” which purportedly triggered coverage,
occurred prior to the retroactive date of the policy, and thus, were not covered.
¶ 24 This appeal is from a judgment of the trial court entered in favor of Axis, on a motion for
summary determination of a major issue and involves the construction of an insurance policy.
Summary judgment is proper if the pleadings, depositions, admissions on file, and affidavits, if
any, show there is no genuine issue of material fact and that the moving party is entitled to
judgment as a matter of law. 735 ILCS 5/2-1005(c) (West 2020); see Outboard Marine Corp. v.
Liberty Mutual Insurance Co., 154 Ill. 2d 90, 102 (1P992). In addition, section 2-1005(d) of the
Code of Civil Procedure (735 ILCS 5/2-1005(d) (West 2020)), “allows a party to seek a summary
determination of ‘one or more, but less than all, of the major issues in the case, [if] the court finds
that there is no genuine issue of material fact as to that issue or those issues.’ ” Fifth Third Bank,
N.A. v. Rosen, 2011 IL App (1st) 093533, ¶ 21 (quoting 735 ILCS 5/2-1005(d) (West 2008)). “The
construction of an insurance policy and the determination of contractual rights involve questions
of law that are properly addressed in a summary judgment procedure.” Founders Insurance Co. v.
Walker, 2015 IL App (1st) 141301, ¶ 22. A trial court’s grant of summary judgment and the
construction of an insurance policy are both reviewed de novo. Id.
¶ 25 “Contracts of insurance are subject to the same rules of construction applicable to other
types of contracts.” International Minerals & Chemical Corp. v. Liberty Mutual Insurance Co.,
168 Ill. App. 3d 361, 370 (1988). “In construing an insurance policy, the primary function of the
court is to ascertain and enforce the intentions of the parties as expressed in the agreement.” Bohner
v. Ace American Insurance Co., 359 Ill. App. 3d 621, 623 (2005). “In order to ascertain the
7 No. 1-24-1480
meaning of the policy’s language and the parties’ intent, the court must construe the policy as a
whole and ‘take into account the type of insurance purchased, the nature of the risks involved, and
the overall purpose of the contract.’ ” AMCO Insurance Co. v. Erie Insurance Exchange, 2016 IL
App (1st) 142660, ¶ 20 (quoting American States Insurance Co. v. Koloms, 177 Ill. 2d 473, 479
(1997)). “If the terms of the policy are clear and unambiguous, they must be given their plain and
ordinary meaning.” American States Insurance Co. v. Koloms, 177 Ill. 2d 473, 479 (1997).
¶ 26 In the instant case, the policy was a claims-made policy, as opposed to an occurrence
policy. The major difference between the two is the risk insured. General Insurance Co. of America
v. Robert B. McManus, Inc., 272 Ill. App. 3d 510, 514 (1995). “An occurrence-based policy insures
against an insurable act or omission that occurs during the policy period regardless of when a legal
claim arising out of the act or omission is made against the insured.” Illinois Insurance Guaranty
Fund v. Chicago Insurance Co., 2015 IL App (5th) 140033, ¶ 4. “A claims-made policy ***
insures against the risk of a claim being made against the insured during the policy period.” Id.
“The purpose of a claims-made policy is to allow the insurance company to easily identify risks,
allowing it to know in advance the extent of its claims exposure and compute its premiums with
greater certainty.” Uhlich Children’s Advantage Network v. National Union Fire Co. of Pittsburgh,
PA, 398 Ill. App. 3d 710, 715 (2010).
¶ 27 As is typical in claims-made policies, the Axis policy contained a retroactive provision,
which limited the insurer’s exposure for wrongful acts arising prior to the retroactive date. A
retroactive provision “eliminates the risk that an insurer, by issuing a claims-made policy, would
assume liability arising from incidents that occurred before the policy’s effective date, but
remained undiscovered or caused no immediate harm.” Hartford Fire Ins. Co. v. California, 509
U.S. 764, 771 (1993). “Insurers asked to issue claims-made policies protect themselves against
8 No. 1-24-1480
liability for old occurrences by including a ‘retroactive date’ specifying the earliest occurrence to
be covered, no matter when the claim is made.” National Cycle, Inc. v. Savoy Reinsurance
Company Limited, 938 F. 2d 61, 62 (7th Cir. 1991).
¶ 28 In this case, Axis denied coverage on the ground that the “wrongful acts” and “enterprise
security events” occurred prior to the policy’s retroactive date of February 20, 2020. In an effort
to avoid the bar of the retroactive date, plaintiffs argue that the “wrongful acts” and “enterprise
security events” did not occur until May 2020, when Wynndalco was served with the underlying
class action complaint, and learned that it had potentially violated the BIPA.
¶ 29 In support of this argument, plaintiffs take the “deem to occur” language found in the
policy’s claims-reporting section and apply that language to the policy’s claims-coverage section.
Plaintiffs are essentially asking this court to rewrite the policy. We refuse to do so. “In undertaking
the interpretation of an insurance contract, courts should be wary of rewriting provisions.” Cyprus
Amax Minerals Co. v. Lexington Insurance Co., 74 P. 3d 294, 299 (Colo. 2003). “Where the terms
of a contract are clear and unambiguous, they must be enforced as written, and courts cannot
rewrite a contract.” Zurich American Insurance Co. v. Infrastructure Engineering, Inc., 2023 IL
App (1st) 230147, ¶ 37. As a reviewing court, “[w]e will not ‘alter, change or modify existing
terms of a contract, or add new terms or conditions to which the parties do not appear to have
assented.’ ” St. Paul Mercury Insurance v. Aargus Security Systems, Inc., 2013 IL App (1st)
120784, ¶ 59 (quoting Thompson v. Gordon, 241 Ill. 2d 428, 449 (2011)).
¶ 30 In addition, for similar reasons, we reject plaintiffs’ alternative argument that the language
of the policy is ambiguous “as to whether or not coverage runs from the date the underling conduct
‘occurred’ or the date the actionable nature of the conduct ‘became known’ to the insured.”
Language in a contract is ambiguous if it is reasonably susceptible to more than one meaning.
9 No. 1-24-1480
Palos Community Hospital v. Humana Insurance Co., 2025 IL App (1st) 231917, ¶ 96.
¶ 31 Upon review, we find that the language in the Axis policy is not susceptible to more than
one reasonable interpretation. The plain language of the policy’s claims-coverage section provides
that coverage exists only if “such Wrongful Act first occurred on or after the Retroactive Date and
prior to the end of the Policy Period.” Further, this section provides coverage for an “enterprise
security event” claim if it “first occurred on or after the Retroactive Date and prior to the end of
the Policy Period.”
¶ 32 Adopting the construction suggested by plaintiffs would require this court to ignore the
long-standing rule against rewriting unambiguous contract language and would give the policy a
meaning opposed to the purpose of the retroactive provision. “A court will not interpret a contract
in a manner that would nullify or render provisions meaningless, or in a way that is contrary to the
plain and obvious meaning of the language used.” Thompson v. Gordon, 241 Ill. 2d 428, 442
(2011). Moreover, there is no language in the policy’s claims-coverage provision which requires
that the insured know its conduct might potentially give rise to an insurable claim.
¶ 33 III. CONCLUSION
¶ 34 For the foregoing reasons, we find the trial court did not err in holding that Axis did not
breach its duty to defend or indemnify Wynndalco in the underlying class action, where the alleged
“wrongful acts” and “enterprise security events,” which purportedly triggered coverage, did not
fall within or potentially within coverage, since they occurred prior to the retroactive date stated
in the policy.
¶ 35 Affirmed.