Articles Posted in Business Litigation

Every business owner, large or small, should take time to read the Department of Justice’s Best Practices for Victim Response and Reporting of Cyber Incidents. In today’s cyber world, it seems we cannot go a day without reading about another cyber security incident and its ramifications. For example, the Seventh Circuit Court of Appeals just last week certified a class action based upon mere allegations of future harm as a result from the Neiman Marcus data breach. In addition, the DOJ recently disclosed its successful involvement in the largest coordinated enforcement of on line organized cyber crime. This international investigation targeted a group known as Darkode where online cyber hackers shared and sold secrets to hack into other organizations’ computers. Against this backdrop, reviewing the DOJ’s suggestions regarding preventing cyber intrusion would be well worth your time as would be a quick review of my earlier blog post on an employer’s responsibility if you are hacked under the Pennsylvania Breach of Personal Information Act.

Key elements of the DOJ’s suggested response plan prior to intrusion include:

  • Having a well-established actionable plan;
  • Identify your company’s most valuable information; and
  • Have appropriate technology in place to shut down intrusion.

Key elements of the DOJ’s suggested response plan immediately after intrusion include:

  • Make initial assessment;
  • Take steps to minimize continuing damage;
  • Record all information;
  • Notify people within Organization, law enforcement and other victims; and
  • DO NOT use the compromised system to communicate.

At Danziger Shapiro & Leavitt, P.C. we urge our clients to meet with their technology professionals and develop a plan that deals with both keeping cyber criminals at bay and what to do in the unfortunate event you are hacked. We then work with our clients to make sure that their cyber defense plans are properly worked into employee handbooks and other materials as appropriate. Remember, you do not want to disclose all of your cyber security efforts to your employees and inadvertently provide a roadmap to defeat the measures you have taken. On the other hand, proper training will go a long way in effectively protecting your company’s’ assets. Feel free to contact Doug Leavitt at Danziger Shapiro and Leavitt to discuss this or any other aspect of your business organization.

This entry is presented for informational purposes only and does not constitute legal advice.

It is not uncommon for a company to have a board meeting and have its attorney present to render legal advice. What happens though when in litigation the other side requests production of the minutes for this meeting? Can you successfully claim the attorney client privilege? What if an attorney was present but only in his capacity as a board member? These issues were raised again in a recent opinion authored by our appellate court.

The Pennsylvania Superior Court was faced with a hospital appealing the order of the trial court to produce minutes of a board meeting where there was a discussion of the malpractice claim that was the subject of the lawsuit. The hospital claimed that its lawyer was present to render legal advice. However, in its response to the production requests, the hospital failed to provide information sufficient to establish if the attorneys were there merely as board members or as legal advisors. Based on this, the trial court ordered production of the minutes. The appellate court reversed the trial court’s decision and gave the hospital another chance to properly invoke privilege for each document it claimed was privileged. The Court specifically stated that it was necessary to identify the attorney by name so that a determination could be made relative to whether the attorney was there as a board member or attorney. If an attorney is there only in the capacity as a board member then the privilege does not apply.

The take away from this case is that when attorneys are present at board meetings it is critical that the minutes document the capacity in which the lawyers are present. Minutes should specifically identify attorneys who are present for the purpose of rendering legal advice. The minutes should also identify when information is being conveyed to obtain legal advice. In this way, even if the entirety of the minutes cannot be claimed as privileged, then a portion of the minutes can still be redacted.

The attorneys at Danziger Shapiro & Leavitt are well versed with how to properly document board meetings and understand that minutes drafted today might be the subject of discovery in tomorrow’s litigation. Please feel free to contact Doug Leavitt to discuss this or any other issue concerning corporate governance or pending litigation that might be troubling you.

 

This entry is presented for informational purposes only and does not constitute legal advice.

The Securities and Exchange Commission reported its first enforcement action earlier this month against a company that inserted restrictive language in an employee confidentiality agreement to impede the whistleblower reporting process. In this action, the SEC charged that engineering firm KBR, Inc. violated whistleblower protection rule 21F-17 under the Dodd-Frank Act. (Click here for Order).

The SEC uncovered certain employees who were subject to the internal investigation process were required to sign confidentiality agreements. Among other things, the agreements included language that required the employee to first discuss what they were going to say to the SEC with in-house counsel and that violation of the confidentiality agreement could result in termination of employment.

As a result of this agreement, the SEC imposed a relatively modest fine of only $130,000. The Director of Enforcement for the SEC stated that, “By requiring its employees and former employees to sign confidentiality agreements imposing pre-notification requirements before contacting the SEC, KBR potentially discouraged employees from reporting securities violations to us. SEC rules prohibit employers from taking measures through confidentiality, employment, severance, or other type of agreements that may silence potential whistleblowers before they can reach out to the SEC. We will vigorously enforce this provision.”
Continue reading

Foreign corporations may not transact business in Pennsylvania without first obtaining a Certificate of Authority from the Secretary of the Commonwealth. All that is required is a simple application, docketing statement and a small fee. The specific requirements are clearly set forth on the Pennsylvania Department of State’s website. What happens if you decide to ignore this requirement and are “not authorized” to transact business in Pennsylvania?

Aside from fines and penalties that can be assessed by the Commonwealth, you would not have the capacity to bring a lawsuit if the need were to arise. This means that even if you are owed a substantial sum of money for equipment that you delivered and the defendant is using without any complaints; you would not be able to collect. If your business is not authorized to do business within the Commonwealth of Pennsylvania you simply do not have the capacity to bring your lawsuit. Think of this as a foreign corporation’s ticket to gain entrance to the Pennsylvania Court System.

All is not lost however if you find yourself in litigation and you do not have a Certificate of Authority. In fact, the Pennsylvania Appellate Court just this past January spoke on this issue. All that is required is that the Certificate of Authority be entered into evidence prior to a court entering its verdict. If this is accomplished, the lawsuit will be valid and the judgment entered will be enforceable. If however this is not accomplished prior to verdict, the lawsuit will be dismissed, you’ve potentially lost money regarding the subject of the suit, and left your company vulnerable to fines and penalties from the Commonwealth.
Continue reading

On January 14, 2015, in a unanimous decision, the New Jersey Supreme determined that the ABC test is the proper test an employer must use to determine if its workers are independent contractors or employees. Of all the various tests used by New Jersey and other states, the ABC test sets the bar the highest for an employer to successfully uphold it independent contractor status designation for its employees.

The New Jersey Supreme Court began its analysis by recognizing that the New Jersey wage and hour laws are remedial statutes and are meant to be interpreted broadly to benefit workers. Thus, the Court held that the ABC test presumes that an individual is an employee unless the company can show that the individual meets the following three elements:

(A) such individual has been and will continue to be free from control or direction over the performance of such service, both under his contract of service and in fact; and
(B) such service is either outside the usual course of the business for which such service is performed, or that such service is performed outside of all the places of business of the enterprise for which such service is performed; and

(C) such individual is customarily engaged in an independently established trade, occupation, profession or business.

If the company does not meet one element of the three part test, the individual will be deemed to be an employee and therefore entitled to all of the rights and benefits afforded to employees. It is important to recognize that this is not a new test but rather the same test that New Jersey already uses in connection with its unemployment compensation cases. In addition, the ABC test is the controlling test used by many other states in connection with their independent contractor/employee analyses in the wage and hour context.
Continue reading

On November 13, 2014 the New Jersey Supreme Court added New Jersey to the growing number of states that have established complex business litigation programs. Effective January 1, 2015, designated judges in each county will provide individualized case management to complex commercial and construction cases that meet the required criteria. The Supreme Court of New Jersey will designate the specific judge who will participate in the program and these judges will receive extensive specialized training in areas that are specific to business litigation.

Attorneys will self-designate their case for this program on the civil case information statement or they may move for inclusion or removal from this program depending on what opposing counsel may or may have not selected. Case will have a minimum $200,000 threshold but in certain circumstances a case may be included in the program due to the complex nature of issues even if the amount in controversy is less than $200,000.

The result of the program will be a win for all parties involved. Consistency will be developed as fewer judges will be ruling on complex commercial disputes. This will help the attorneys provide better cost benefit advice to their client based upon what they can expect at trial.

Judges will benefit as well as they will gain more experience in handling complex business disputes and gain experience and insight into what works and does not work from the point of view from the bench. For example, the judges will see what impact their discovery ruling has at the trial stage and whether they would have liked more information on a particular topic. Now the judges will see what impact their discovery ruling has at trial. In the past, a discovery judge might limit an area of inquiry, but at trial you are faced with a different judge looking down at you with a perplexed look wondering why you did not develop this through further discovery.
Continue reading

Last month I had a business client come into my office concerned about a data breach. A disgruntled former employee hacked into the company server. While it appears this employee did not enter into any sensitive areas on the server, my client wanted to know what his responsibilities were with regarding to notifying customers of this unauthorized intrusion. After quickly moving for an injunction to prohibit further intrusions, we sat down with our client to review his data breach policy. Not surprisingly, he did not have one.

Every data breach policy has to be created with an eye towards the sector your business operates. For example, HIPPA notification requirements with regard to “protected health information” are different from the requirements for a web based business.

In Pennsylvania we have the Breach of Personal Information Notification Act. This law has been on the books since June 2006 and is currently in the process of being amended as it relates to municipalities and school districts. This applies to any business organization (for-profit or non-profit) that maintains or stores computerized data that includes personal information. The impact of this Act is far reaching because it applies to businesses of other states whose customers are Pennsylvania residents.

Notification requirements are triggered when there is a breach of a computer data system where any “resident of Pennsylvania’s unencrypted and unredacted personal information was or is reasonably believed to have been accessed and acquired by an unauthorized person.” I won’t bore you with the details of the intricacies of how all these seemingly simple to understand words have definitions that go on for pages. Suffice to say even the definition “reasonably believed” is complicated. The key take away however is that the notification requirements are NOT triggered if the information is encrypted or redacted. Failure to comply will prove costly as the Act provides that a violation is deemed to be a violation of the Pennsylvania Unfair Trade Practices and Consumer Protection Law.

Circling back to my client who contacted me last month, his records were encrypted and thus Pennsylvania’s Breach of Personal Information Notification Act did not apply. However, we reviewed and updated his data breach policy to bring it into compliance with the existing laws that affected his business. At Danziger Shapiro & Leavitt we understand the global environment that affects your business and are here to assist you navigate the complicated web of laws and regulations that need to be complied with in this new electronic world. Please feel free to contact any of our attorneys for a free consultation to discuss any concern that is affecting your business.
Continue reading

On September 23, 2014, the New Jersey Supreme Court in a unanimous decision held that an arbitration clause in a consumer contract was unenforceable because it did not clearly and unambiguously signal to the consumer that she was surrendering her right to pursue her claims in court. The Court was troubled that the arbitration clause did not clearly explain what arbitration is and how it is different from proceeding in a court of law.

The Court stated that no prescribed set of words is required. Notwithstanding the foregoing, the arbitration clause must contain a clear and unambiguous statement that explains that the consumer is giving up his or her right to bring their claims in court or have a jury resolve the dispute. This for obvious reasons will have dramatic impact upon consumer class actions and how they proceed.
Continue reading

On August 11, 2014, New Jersey Governor Chris Christie signed the “Opportunity to Compete Act” (Bill 1999) into existence. The Act will become law in New Jersey on March 15, 2015. The Act limits the ability of “covered” New Jersey employers from looking into an applicant’s criminal record at any time during the “initial application process”. Employers will no longer be able to have on their written or online applications a box to mark or a question concerning whether the applicant has a criminal record. In addition, employers cannot ask (verbally) applicants if they have a criminal record. However if an applicant brings this up of their own accord, then the employer is free to explore the nature of the applicant’s criminal history.

Obviously there are exceptions to the Act. For example, law enforcement, homeland security, corrections, judiciary and jobs of a similar nature allow employers to inquire if an applicant has a criminal background. Interestingly though, after the “initial application process” an employer may inquire into an applicant’s background to see if they have a criminal record and then make a determination on whether to hire the employee. For purposes of the Act, a covered New Jersey employer is defined in the Act as an employer who employs 15 or more employees over 20 calendar weeks.
Continue reading

For those of us that actually read the bottom of their lawyer‘s email you probably noticed the arcane “IRS Circular 230 Disclosure” that stated the advice contained in this email is not intended and cannot be used for tax avoidance purposes etc… You then probably thought to yourself, but I was just confirming lunch, what the heck does this have to do with tax advice anyway? Perhaps a little perspective is in order.

Circular 230 was the IRS’s compilation of regulations regarding tax services provided by lawyers and other tax professionals with respect to the tax shelter abuses of the 1990s. Circular 230 set the minimum standard with respect to written tax advice and therefore wound up being placed on everything.

Thankfully the IRS issued new rules on June 12 (click here for PDF of rule) which included the following statement; “Treasury and the IRS expect these amendments will eliminate the use of a Circular 230 disclaimer in email and other writing.” Good riddance and where are we meeting for lunch again?
Continue reading