Recently in Business Law Category

November 13, 2014

Pennsylvania's Breach of Personal Information Notification Act

Last month I had a business client come into my office concerned about a data breach. A disgruntled former employee hacked into the company server. While it appears this employee did not enter into any sensitive areas on the server, my client wanted to know what his responsibilities were with regarding to notifying customers of this unauthorized intrusion. After quickly moving for an injunction to prohibit further intrusions, we sat down with our client to review his data breach policy. Not surprisingly, he did not have one.

Every data breach policy has to be created with an eye towards the sector your business operates. For example, HIPPA notification requirements with regard to "protected health information" are different from the requirements for a web based business.

In Pennsylvania we have the Breach of Personal Information Notification Act. This law has been on the books since June 2006 and is currently in the process of being amended as it relates to municipalities and school districts. This applies to any business organization (for-profit or non-profit) that maintains or stores computerized data that includes personal information. The impact of this Act is far reaching because it applies to businesses of other states whose customers are Pennsylvania residents.

Notification requirements are triggered when there is a breach of a computer data system where any "resident of Pennsylvania's unencrypted and unredacted personal information was or is reasonably believed to have been accessed and acquired by an unauthorized person." I won't bore you with the details of the intricacies of how all these seemingly simple to understand words have definitions that go on for pages. Suffice to say even the definition "reasonably believed" is complicated. The key take away however is that the notification requirements are NOT triggered if the information is encrypted or redacted. Failure to comply will prove costly as the Act provides that a violation is deemed to be a violation of the Pennsylvania Unfair Trade Practices and Consumer Protection Law.

Circling back to my client who contacted me last month, his records were encrypted and thus Pennsylvania's Breach of Personal Information Notification Act did not apply. However, we reviewed and updated his data breach policy to bring it into compliance with the existing laws that affected his business. At Danziger Shapiro & Leavitt we understand the global environment that affects your business and are here to assist you navigate the complicated web of laws and regulations that need to be complied with in this new electronic world. Please feel free to contact any of our attorneys for a free consultation to discuss any concern that is affecting your business.

Continue reading "Pennsylvania's Breach of Personal Information Notification Act" »

October 9, 2014

NEW JERSEY SUPREME COURT TIGHTENS REQUIREMENTS FOR CONSUMER ARBITRATION AGREEMENTS

On September 23, 2014, the New Jersey Supreme Court in a unanimous decision held that an arbitration clause in a consumer contract was unenforceable because it did not clearly and unambiguously signal to the consumer that she was surrendering her right to pursue her claims in court. The Court was troubled that the arbitration clause did not clearly explain what arbitration is and how it is different from proceeding in a court of law.

The Court stated that no prescribed set of words is required. Notwithstanding the foregoing, the arbitration clause must contain a clear and unambiguous statement that explains that the consumer is giving up his or her right to bring their claims in court or have a jury resolve the dispute. This for obvious reasons will have dramatic impact upon consumer class actions and how they proceed.

Continue reading "NEW JERSEY SUPREME COURT TIGHTENS REQUIREMENTS FOR CONSUMER ARBITRATION AGREEMENTS" »

September 17, 2014

NEW JERSEY EMPLOYERS MAY NOT INQUIRE INTO CRIMINAL HISTORY OF JOB APPLICANTS UNDER NEW "BAN THE BOX" LAW

On August 11, 2014, New Jersey Governor Chris Christie signed the "Opportunity to Compete Act" (Bill 1999) into existence. The Act will become law in New Jersey on March 15, 2015. The Act limits the ability of "covered" New Jersey employers from looking into an applicant's criminal record at any time during the "initial application process". Employers will no longer be able to have on their written or online applications a box to mark or a question concerning whether the applicant has a criminal record. In addition, employers cannot ask (verbally) applicants if they have a criminal record. However if an applicant brings this up of their own accord, then the employer is free to explore the nature of the applicant's criminal history.

Obviously there are exceptions to the Act. For example, law enforcement, homeland security, corrections, judiciary and jobs of a similar nature allow employers to inquire if an applicant has a criminal background. Interestingly though, after the "initial application process" an employer may inquire into an applicant's background to see if they have a criminal record and then make a determination on whether to hire the employee. For purposes of the Act, a covered New Jersey employer is defined in the Act as an employer who employs 15 or more employees over 20 calendar weeks.

Continue reading "NEW JERSEY EMPLOYERS MAY NOT INQUIRE INTO CRIMINAL HISTORY OF JOB APPLICANTS UNDER NEW "BAN THE BOX" LAW" »

August 7, 2014

PENNSYLVANIA HAS NEW POWER OF ATTORNEY REQUIREMENTS

On July 15, 2014 House Law 1429 went into effect and drastically changed what is required under financial powers of attorney (POAs). The new law was in response to rising incidents of elder abuse where agents placed their own self-interests before the principal. As such, the new law, among many other changes, places limitations and requirements on an agents ability to make gifts, terminate trusts and change beneficiary designations. Seems simple, right?

The new law also places an affirmative duty on the agent to act in accordance with and preserve the principal's estate plan and when making decisions to account for the principal's foreseeable obligations for maintenance. Have you ever been involved in a situation where children don't like their dad's second wife? With this new law, seems like the agent has just taken on a lot of responsibility that is open to second guessing and attack.

Because this law was enacted in response to individuals taking advantage of the elderly or otherwise incapacitated individuals, this new does not apply in most commercial settings.

Continue reading "PENNSYLVANIA HAS NEW POWER OF ATTORNEY REQUIREMENTS" »

July 1, 2014

LAWYERS CAN DELETE CIRCULAR 230 WARNINGS ON EMAILS

For those of us that actually read the bottom of their lawyer's email you probably noticed the arcane "IRS Circular 230 Disclosure" that stated the advice contained in this email is not intended and cannot be used for tax avoidance purposes etc... You then probably thought to yourself, but I was just confirming lunch, what the heck does this have to do with tax advice anyway? Perhaps a little perspective is in order.

Circular 230 was the IRS's compilation of regulations regarding tax services provided by lawyers and other tax professionals with respect to the tax shelter abuses of the 1990s. Circular 230 set the minimum standard with respect to written tax advice and therefore wound up being placed on everything.

Thankfully the IRS issued new rules on June 12 (click here for PDF of rule) which included the following statement; "Treasury and the IRS expect these amendments will eliminate the use of a Circular 230 disclaimer in email and other writing." Good riddance and where are we meeting for lunch again?

Continue reading "LAWYERS CAN DELETE CIRCULAR 230 WARNINGS ON EMAILS" »

June 25, 2014

COURT CONTINUES TO MISUNDERSTAND HOW WE USE TECHNOLOGY

The Supreme Court continued its trend of significant decisions today, issuing rulings in favor of copyright holders over technological innovation (ABC v Aereo) and in favor of upholding privacy rights in the face of police searches (Riley v California). While the decisions were broad in scope, they also both created substantial unanswered questions that the Court is essentially pleading with Congress to resolve. From a political standpoint, that appears unlikely, and I predict both of these issues will be back before the Court in the not too distant future.

Looking first at the Riley case, the Court held cell phones contained private information which the police are not entitled to review merely incident to an arrest. Unlike the contents of your pockets or items in plain view, the government now cannot access your cell phone without a warrant during an arrest. This rule applies to both smartphones and so called dumb phones alike (the police viewed the incoming caller ID in one of the defendant's older style flip phones to determine where he lived), and actually signals real concern for future business cases.

While this may seem like a boon to privacy advocates, there are holes in this ban big enough to steer Google's self driving car through. First, there are exceptions for when the police believe they need to access your device in exigent circumstances. No warrant is required when the police are trying to prevent a disaster, or save someone else. Second, the Border Search exemption does not come up in this case. This exemption, still on the books but possibly overruled by today's decision, allows for a warrantless customs search anywhere within 100 miles of an international border. That includes our offices in Philadelphia, and most of the population of the US who live within 100 miles of an international coastline. Is every police search now going to have a customs element to get around the Riley decision?

The bigger concern with this decision, from a business perspective, is the growing use by the Roberts Court of anecdotal evidence not truly before the Court. The Riley decision in some ways is based upon a faulty understanding of technology and how we interact with it on a daily basis. Justice Roberts cites to the iPhone User Guide as definitive proof that "Law enforcement officers are very unlikely to come upon such a phone in an unlocked state because most phones lock at the touch of a button or, as a default, after some very short period of inactivity." While many phones have this feature, it's frequently not used. Various surveys have shown between 40% to 70% of cell phone users don't lock their phones. The Court similarly dismisses out of hand the potential for automatic wiping via geofencing as simply not a real concern. I'll grant Justice Roberts that most criminals are not IT specialists, but it's not difficult to set up a directive for your phone to be wiped if it enters the local police station. In fact, the controls to set that up are right in the apps at the heart of the Riley decision. Finally, the Court suggests merely turning the phone off or removing the battery as a way police can prevent a remote wiping signal, failing to understand that (i) many, if not most, new smartphone have integrated non-removable batteries; and (ii) a phone is not rendered completely inaccessible simply because it's turned off.

The problem here is not holding itself, which may actually be a bit of a pendulum swing against the destruction of privacy standards we've seen since 9/11. Rather, the issue I see is that the Court continues to decide cases based upon a misunderstanding of how people interact with technology. This has led to, and will continue to create, decisions which raise significant business issues. We'll have more in the next few days on the Aereo decision, which even the Court acknowledged will hang over SAS and cloud computing services for some time to come. But in the meantime, it's clear that if we are going to continue to see technological growth, Congress needs to get on the ball and deal with some of these issues before they're dumped at the courthouse steps.

Continue reading "COURT CONTINUES TO MISUNDERSTAND HOW WE USE TECHNOLOGY" »

June 24, 2014

INHERITED IRA IS NOT SAFE FROM CREDITORS IN BANKRUPTCY

In June the Supreme Court held that an inherited individual retirement account (IRA) was not protected by federal bankruptcy law. Specifically, the Court considered whether an inherited IRA is a "retirement fund" within the meaning of the bankruptcy code and thus entitled to federal bankruptcy protection. The Court surprised everyone by ruling inherited IRAs are available for distribution to creditors just like any other debtor account. Click here to view the opinion.

To understand the significance of this decision, first a bit of background is in order. The Bankruptcy Code generally protects a debtor's "retirement funds" from a debtor's bankruptcy estate thereby keeping it out of reach from creditors. However, trustees and creditors began to attack inherited IRAs (as opposed to an IRA that you actually contributed) and ask if an inherited IRA where you did not contribute any of your money was fundamentally different from an IRA that you personally funded.

The Court relied primarily on three points to reach the conclusion that inherited IRAs were not retirement funds and thus not entitled to protection under the bankruptcy code. First, you cannot contribute money to an inherited IRA. Second, there are withdrawal requirements separate and apart from your retirement age and third, you can withdraw the balance at any time and for any purpose without a withdrawal penalty.

This ruling affects more than just the bankruptcy arena. For example, non-spousal beneficiaries under an IRA are at risk at having their IRA inheritance attacked by existing or future creditors. Perhaps the better plan now in light of this recent decision is to designate a spendthrift trust for the benefit of the beneficiary? The corpus of the trust would be protected if drafted properly and distributions to the beneficiary could be made over the life of the trust. While there are other options available, the point is that there are new considerations that must be taken into account in light of this recent decision by our Supreme Court that impacts not only estate planning going forward but also past estate planning decisions.

Continue reading "INHERITED IRA IS NOT SAFE FROM CREDITORS IN BANKRUPTCY" »

May 29, 2014

"VALUABLE CONSIDERATION" REQUIRED TO ENFORCE NON-COMPETE AGREEMENT DESPITE COMPLIANCE WITH PENNSYLVANIA UNIFORM WRITTEN OBLIGATIONS ACT

The Pennsylvania Superior Court recently examined what impact, if any, the Pennsylvania Uniform Written Obligations ACT (PUWOA) has on an employment agreement that contained a covenant not to compete entered into after the employee started working with the employer. The short answer is - no effect at all.

First a little background is in order. In order for a covenant not to compete to be enforceable against an employee, the employee must receive something valuable (consideration) from his or her employer. If this covenant is bargained for by the employer prior to the employee starting work, then the prospect of future employment with the employer satisfies the "valuable right" or "valuable consideration" needed for a court to enforce a covenant not to compete. However, if the employee is already employed by the employer, continued employment is not sufficient additional consideration; something more must be given by the employer.

The case before the appellate court involved the situation where an employer wanted to enforce a covenant not to compete that was entered into after the employee was already employed by the employer. The employer tried to avoid the requirement of providing additional consideration by relying upon the PUWOA. This act states that an agreement will not be enforceable for lack of consideration if the words "intending to be legally bound" are in the agreement. Unfortunately for the employer, the appellate court held that the language "intending to be legally bound" did not constitute sufficient additional consideration in the context of a covenant not to compete.

So what is the important take away here? Review your employment agreements and if you have a restrictive covenant, revisit what consideration was given to your employee and when it was given. Ask yourself if the employee is mission critical and whether you really want to enforce the covenant? It does just have to be money that will support a court finding sufficient additional consideration.

Continue reading ""VALUABLE CONSIDERATION" REQUIRED TO ENFORCE NON-COMPETE AGREEMENT DESPITE COMPLIANCE WITH PENNSYLVANIA UNIFORM WRITTEN OBLIGATIONS ACT" »

May 15, 2014

NEW COBRA NOTICE REQUIREMENTS

The United States Department of Labor recently revised the notice and distribution requirement notices to take into account that employees now have the ability to choose health insurance through the newly created Health Insurance Marketplace. The Department of Labor's website contains both revised notices and can be found by clicking this Link. DOL is also in the process of issuing new regulations to assist employer COBRA compliance. The proposed regulation may also be found on the DOL website.

The DOL only changed the content of the notices and not the distribution requirements. For example, employers are still required to provide new employees with Cobra notices within 90 days of an employee's enrollment in a group health plan.

Continue reading "NEW COBRA NOTICE REQUIREMENTS" »

April 22, 2014

Top 3 Mistakes Companies Make with IT Security Programs

I came across an interesting blog that was posted by a professional hacker whose job is to find vulnerabilities in top corporations' IT security. His official title is "penetration tester". Rather than just summarize what is already a short blog, I decided to just let the hacker speak for himself and tell you directly what he believes are the top 3 mistakes corporations make with their IT security programs. I think the top 3 will surprise you. Click here for the security blog.

The attorneys at Danziger Shapiro & Leavitt, PC can help you with developing your security protocols and smart phone/tablet work policies customized to the unique needs of your business. Call us today to set up a free consultation to discuss this and any other issue affecting your business.

Continue reading "Top 3 Mistakes Companies Make with IT Security Programs" »

April 1, 2014

DO I NEED TO FILE AN S ELECTION IN PENNSYLVANIA - LEGAL RESEARCH ON YOUR OWN: A FOOL AND HIS MONEY ARE SOON PARTED

These are dangerous times to be starting your new business. The economy is tight, money is not readily available and your legal budget is next to nil. You've heard that you need to incorporate to protect your family assets and you keep hearing on the radio that you don't need a lawyer. In fact, you do some quick internet research and feel you can do it yourself. Having practiced for over 20 years now I am confident in stating that yes you can do this on your own but you might make a critical mistake. Doing legal research online without the appropriate background is dangerous. The first answer you get may not be the correct answer and you really are not in a position to recognize whether what you found on the web is just what you "wanted" to find or really the legally correct answer.

For example, after you incorporate you need to decide whether you want to be a C corporation or an S corporation. Usually the S election is preferable for smaller entities because it eliminates taxation at the shareholder level whereas a C corporation is taxed at both the corporate level and the shareholder level. Seems straightforward enough, right? You google S election and click on a link to the Department of Revenue website (click here) where it clearly states that any federal S election is automatically a S election unless you opt out. However, right under the Department of Revenue's link is Pennsylvania's Open for Business website link (click here) that clearly states you must file for S-corporation status within 75 days of incorporation. This is a website that was created for the purpose of assisting new business owners and has the Governor's name on the top yet its advice is 180⁰ opposite the Pennsylvania Department of Revenue.

Continue reading "DO I NEED TO FILE AN S ELECTION IN PENNSYLVANIA - LEGAL RESEARCH ON YOUR OWN: A FOOL AND HIS MONEY ARE SOON PARTED" »

March 4, 2014

WHISTLEBLOWER AWARDS IN EXCESS OF $14 MILLION IN 2013

The SEC's Office of the Whistleblower (OWB) awarded individuals over $14 million in 2013 for their "significant and original contributions" to successful enforcement of the securities laws. The OWB is now in its 3rd full year and the number of tips and complaints is trending upward. OWB reports that it received 3,001 tips and complaint in 2012 and 3,238 in 2013. These numbers are certain to increase as the OWB continually expands the whistleblower laws.

For example, in July 2013, a new pilot program was put into place that protected federal grant workers from whistleblower retaliation. In a nutshell, the new program is designed to protect an employee from employment retaliation for reporting mismanagement of a federal grant or contract funding. An employee who claims to have been retaliated against must file a claim with the Inspector General of the agency involved. If no retaliation is found, the employee can then file a complaint in federal court. If successful, in addition to reinstatement and back pay, attorneys' fees and costs will also be awarded

Last month I discussed the new path the Securities and Exchange Commission was embarking upon in its efforts to enforce the securities laws from the outside in with the use of deferred prosecution agreements. I noted this was a philosophical change made from the highest levels of the SEC to pursue companies that violate the securities law by targeting employees of suspected target companies. The questions you need to ask yourself as an employee of a company that is involved in fraud are; do I wait until the government agency contacts me as part of its investigation, or do I contact the government agency when I have knowledge of my employer's widespread fraud? By contacting the government first, you may be entitled to a piece of the substantial awards discussed above. In addition, by taking preemptive action you can protect yourself from being brought down by fellow employees who allege you were part of the fraud.

Continue reading "WHISTLEBLOWER AWARDS IN EXCESS OF $14 MILLION IN 2013 " »

February 11, 2014

Pennsylvania's New Tax Collection Power

Just last week a new law went into effect in Pennsylvania with very little fanfare but it's likely to have a major impact on anyone who buys, sells, or owns real estate in the Commonwealth.

Act 93 changed the tax lien law, making real estate tax judgments personal. What does this mean? Before this new law took effect, when a property owner failed to pay their tax bill the municipality would obtain a lien against the property. But because of the way liens worked, this was not a judgment against the owner, only against that one property. This procedure led to a situation in which many property owners simply did not pay their real estate taxes. In cities like Philadelphia, where a lot of rental properties are owned by small investors or passed down between family members, this has created tax collection issues. Since the municipal lien didn't affect the owner's personally, many owners found it advantageous to simply not pay. If a property owner owed more than the property was worth, they could just kept collecting rent until the Sheriff Sale, if it ever happened. The municipality never got paid what was owed, and personal liability never attached.

Under the new law, the idea is that the lien will also be against the owner, not just the property. This means you will not be able to finance or sell a different property until the lien on the tax delinquent property is paid. Additionally, your own home may be at risk, and you can no longer just walk away from a property without ever paying the tax due. This makes perfect sense; it's finally giving local municipalities the ability to collect outstanding taxes which is something cities like Philadelphia have spent years clamoring for.

Unfortunately, Act 93 creates as many issues as it solves, something frequently seen in real estate legislation coming from Harrisburg. This new law will clearly mean more work for title insurance companies and Realtors, many of whom didn't see this coming. There are also open questions with regard to how this will affect large entities and REO properties. Clearly, the banks have foreclosed on numerous properties with tax delinquencies. Having those taxes paid will be a boon to local government, but a nightmare for searchers. Additionally, it's easy to imagine the situation where a homeowner lacks the equity to both sell a property and clear the lien arising from another investment. I fear in many parts of the Commonwealth this could really hurt the ability of sellers to get out of low equity or distressed properties.

Finally, we are already seeing the impact of this legislation in lease-purchase and rent-to-own deals. The threat of personal judgments being transferred from out of the county to attach to the seller's property creates the need for a whole new level of due diligence.

Of course, we've always recommended to our clients that investment properties should rarely, if ever, be held in their personal name. Using LLC's, LP's or corporations as an entity to own your investment property can provide numerous benefits and protection from this new law is only one of them.

If you would like to discuss how this new law may affect you, or how to best structure your portfolio in light of these ongoing changes, please feel free to contact H. Adam Shapiro of Danziger Shapiro & Leavitt and we will be happy to review and discuss your situation with you.

January 21, 2014

SEC ENTERS INTO FIRST DEFERRED PROSECUTION AGREEMENT WITH INDIVIDUAL

Late last year the Securities and Exchange Commission announced that it had entered into its first deferred prosecution agreement (DPA) with an individual who worked in an administrative capacity at a large hedge fund. The DPA allowed the SEC to successfully go after hedge fund manager Berton Hochfield who reportedly stole more than 1.5 million from his hedge fund and overstated the fund's performance to investors.

A deferred prosecution agreement is a voluntary agreement between an individual and a government agency, in this case the SEC, where the agency will agree to lesser charge in exchange for the individual's cooperation in connection with the investigation. In the Hochfield case, Scott Herckis voluntarily came to the SEC with concerns over certain accounting irregularities involving Hochfield's hedge fund, Heppelwhite Fund, LP. Herckis produced a substantial number of documents and described in detail to the SEC how Hochfield perpetrated his fraud. Based upon the information Herckis provided, the SEC was able to take emergency action and freeze the fund's assets within weeks of Herckis reaching out to the SEC. While Herckis did not get off "scot free" for his participation in the fraud scheme, he did receive a substantially reduced penalty. For example, instead of being unable to be a hedge fund administer for the remainder of his life, Herckis was only prohibited from being a fund administrator for 5 years. Herckis also had to disgorge the fees (approximately $50,000) he received in connection with the fraud.

This DPA is significant because it seems to support new SEC Chair Mary Jo White's earlier statement that the SEC is going to strongly pursue individuals on the periphery to build its case against greedy insiders and their business entities. By adopting this outside in approach and offering DPAs to periphery individuals, the SEC is placing a significant carrot in front of those who were part of an overall fraud scheme but perhaps feel trapped and want out but do not know how to safely do so.

Continue reading "SEC ENTERS INTO FIRST DEFERRED PROSECUTION AGREEMENT WITH INDIVIDUAL" »

January 7, 2014

RECENT CHANGE TO STATE PRIVACY LAW WILL IMPACT COMMERCIAL WEBSITES NATIONWIDE

It seems we cannot go a day without big news regarding online security and privacy or the lack thereof. Most recently it was Target and tomorrow who knows. California has always been at the forefront when it comes to protecting consumers and internet privacy. Thus it comes as no surprise that, as of January 1, 2014, every business with an online presence will need to comply with California's amendment to its Online Privacy Protection Act. This recent amendment has teeth and you must comply if a California resident clicks on your commercial web site either through his computer or mobile phone.

In a nutshell, privacy policies will now be required to include how the website will respond to a web browser's "do not track" security option and if the web site allows third parties to collect personally identifiable information from users and across third party websites. Failure to comply will cost you $2,500 for each violation. However, before any fine is imposed, the noncomplying business will be given 30 days to correct its privacy disclosures.

What is interesting about this new law is that while it places the onus on businesses to state how their website responds to a customer's "do not track" option, it does not require the business to honor that request. We are truly operating in one unified economy and it is becoming increasingly important to be aware of the laws of other states as you do business on the global web.

Continue reading "RECENT CHANGE TO STATE PRIVACY LAW WILL IMPACT COMMERCIAL WEBSITES NATIONWIDE" »