Déjà Vu All Over Again: Hurricanes Katrina and Ida and the Long and Winding Road to Insurance Recovery

By: Lee Epstein, Chair, Flaster Greenberg’s Insurance Counseling and Recovery Department

Hurricane Ida made landfall yesterday, exactly sixteen years to the day that Hurricane Katrina landed. Back then, I had just completed a trial in a small Parish next door to New Orleans. Fortunately, my flight home took off safely on Friday afternoon before Katrina hit the following Monday, August 29, 2005. I was spared the devastation suffered by so many along the Gulf Coast. But so many that I befriended lost so much.

Over the succeeding years, I’ve had many opportunities to revisit New Orleans and the surrounding area. I witnessed the recovery, reclamation and rebuilding of that vital community. It was slow and it was hard but it happened.

Beyond the personal toll exacted by Hurricane Ida, the property and business losses are projected to be among the greatest caused by a natural disaster. As the recovery efforts begin in earnest, this checklist is offered to assist those who are planning to submit an insurance claim for the property or business interruption loss suffered.

As Ida continues to ruble northward, the heartache is real and will continue. We’ve been down this road. It’s long, winding and exhausting. But we’ve made it through before and we will do so again.

For more information, please contact Lee Epstein, Chair of the Insurance Counseling and Recovery Department at Flaster Greenberg PC.

The Uniform Personal Data Protection Act Is Here

In July 2021, the Uniform Law Commission (“ULC”) voted to approve the Uniform Personal Data Protection Act (“UPDPA”). The UPDPA is a model data privacy bill designed to provide a template for states to introduce to their own legislatures, and ultimately, adopt as binding law. 


The UPDPA would govern how business entities collect, control, and process the personal and sensitive personal data of individuals. This model bill has been in the works since 2019 and includes the input of advisors, observers, the Future of Privacy Forum, and other stakeholders. This is significant because the ULC has set forth other model laws, such as the Uniform Commercial Code, which have largely been adopted across the states. 

Interestingly, the model bill is much narrower than some of the recent state privacy laws that have been passed, such as the California Privacy Rights Act and Virginia’s Consumer Data Protection Act. Namely, the model bill would provide individuals with fewer, and more limited, rights including the right to copy and correct personal data. The bill does not include the right of individuals to delete their data or the right to request the transmission of their personal data to another entity.  The bill also does not provide for a private cause of action under the UPDPA itself, but would not affect a given state’s preexisting consumer protection law if that law authorizes a private right of action. If passed, the law would, consequently, be enforced by a state’s Attorney General. 


The UPDPA would apply to the activities of a controller or processor that conducts business in the state or produces products or provides services purposefully directed to residents of this state and: 

(1) during a calendar year maintains personal data about more than [50,000] data subjects who are residents of this state, excluding data subjects whose data is collected or maintained solely to complete a payment transaction; 

(2) earns more than [50] percent of its gross annual revenue during a calendar year from maintaining personal data from data subjects as a controller or processor; 

(3) is a processor acting on behalf of a controller the processor knows or has reason to know satisfies paragraph (1) or (2); or 

(4) maintains personal data, unless it processes the personal data solely using compatible data practices. 

The UPDPA defines “personal data” as a record that identifies or describes a data subject by a direct identifier or is pseudonymized data. The term does not include deidentified data. The bill also defines “sensitive data” as a category of data separate and apart from mere “personal data.” “Sensitive data” includes such information as geolocation in real time, diagnosis or treatment for a disease or health condition, and genetic sequencing information, among other categories of data. 

The law would not apply to state agencies or political subdivisions of the state, or to publicly available information. There are other carve-outs, as well. 

Notably, the model bill also contains several different levels of “data practices,” broken down into three subcategories: (1) a compatible data practice; (2) an incompatible data practice; and (3) a prohibited data practice. Each subcategory of data practice comes with a specific mandate about the level of consent required—or not required—to process certain data. For example, a controller or processor may engage in a compatible data practice without the data subject’s consent with the expectation that a compatible data practice is consistent with the “ordinary expectations of data subjects or is likely to benefit data subjects substantially.” Section 7 of the model bill goes on to list a series of factors that apply to determine whether processing is a compatible data practice, and consists of such considerations as the data subject’s relationship to the controller and the extent to which the practice advances the economic, health, or other interests of the data subject. An incompatible data practice, by contrast, allows data subjects to withhold consent to the practice (an “opt-out” right) for personal data and cannot be used to process sensitive data without affirmative express consent in a signed record for each practice (an “opt-in” right). Lastly, a prohibited data practice is one in which a controller may not engage. Data practices that are likely to subject the data subject to specific and significant financial, physical, or reputational harm, for instance, are considered “prohibited data practices.” 

The model bill has built in a balancing test meant to gauge the amount of benefit or harm conferred upon a data subject by a controller’s given data practice, and then limits that practice accordingly. 

What’s Next

After final amendments, the UPDPA will be ready to be introduced to state legislatures by January 2022. This means that versions of this bill can, and likely will be, adopted by several states over the next couple of years—and perhaps, eventually, lead to some degree of uniformity among the states’ privacy laws. 

Krishna A. Jani, CIPP/US, is a member of Flaster Greenberg’s Litigation Department focusing her practice on complex commercial litigation. She is also a member of the firm’s cybersecurity and data privacy law practice groups. She can be reached at 215.279.9907 or krishna.jani@flastergreenberg.com.

COVID Insurance Rulings Are Misinterpreting ‘Physical Loss’

A version of this article originally ran on Law360 on July 23, 2021. All rights reserved.

All-risks property insurance policies typically insure against direct physical loss of or damage to covered property.

If asked, pre-pandemic, whether a policyholder’s loss of use of property — in the absence of any structural alteration or destruction — constitutes insured direct physical loss of or damage to property, the answer would have been a qualified yes. Such an understanding was supported by the historical purpose of all-risks insurance, the ordinary meaning of the operative policy language and pre-pandemic case law.

Yet, in a spate of cases, decided in response to claims of business interruption insurance for COVID-19 losses, courts have held that the loss of use of property, standing alone, does not constitute insured physical loss of or damage to property. Those courts reason that the alteration or destruction of covered property is a necessary predicate to satisfying the physical loss of or damage to property requirement.

On July 2, the U.S. Court of Appeals for the Eighth Circuit in Oral Surgeons PC v. The Cincinnati Insurance Co. continued that trend in the first federal court appellate decision on this emerging issue:

The policy here clearly requires direct “physical loss” or “physical damage” to trigger business interruption and extra expense coverage. Accordingly, there must be some physicality to the loss or damage of property—e.g., a physical alteration, physical contamination, or physical destruction.

As posited in this article, the holdings in Oral Surgeons and the other recent COVID-19 insurance cases trending in favor of insurers fail to comport with the historical purpose of all-risks property insurance, the ordinary meaning of the salient policy language, and the majority of court holdings pre-pandemic.

Indeed, shortly after the Oral Surgeons opinion, on July 13, a Pennsylvania Common Pleas court embraced those very same precepts in Brown’s Gym Inc. v. Cincinnati Insurance Co., while ruling in favor of a policyholder:

Prior to the onset of the COVID-19 pandemic, courts throughout the country adopted the contamination theory in recognizing that the existence of odors, bacteria, and other imperceptible agents such as ammonia, salmonella, lead, e-coli bacteria, and carbon-monoxide, may constitute physical damage or loss to a property if its presence renders the structure uninhabitable or unusable, or essentially destroys its functionality.

Under the contamination theory adopted in Brown’s Gym and scores of other cases, the physical loss or damage requirement for recovering all-risks insurance is satisfied when a foreign agent, including a coronavirus, renders property uninhabitable or unusable, or destroys its functionality.

The Historical Purpose and Function Of All-Risks Property Insurance

The modern-day all-risks property insurance policy evolved out of the standard fire insurance policy developed initially in New York in 1866.The standard fire policy insured “against all direct loss or damage by fire.”The operative phrase made no reference to the term “physical”; property exposed to fire would always undergo a tangible, concrete and observable alteration.

The requirement that loss or damage be physical first appeared in marine cargo and inland marine policies in the 1930s and 1940s. Some have speculated that this requirement was added to clarify the underwriters’ intent that there was no coverage for intangible losses.

Whatever the reason, the “physical loss or damage” language was later incorporated into the all-risks property insurance policy when it was introduced in the 1950s.

As summarized by the New Jersey Superior Court in its 1986 opinion in Ariston Airline & Catering Supply Co. v. Forbes, all-risks insurance is special and designed to provide exceptionally broad coverage:

[A] policy of insurance insuring against “all risks” is to be considered as creating a special type of insurance extending to risks not usually contemplated, and recovery will usually be allowed, at least for all losses of a fortuitous nature, in the absence of fraud or other intentional misconduct of the insured, unless the policy contains a specific provision expressly excluding loss from coverage.

Thus, a policyholder is entitled to recover on a policy of all-risks insurance upon establishing a fortuitous loss, unless a specific exclusion applies. As the Seventh Series of the American Law Reports explained: “Under an all-risks policy, while the insured bears the burden of showing that it suffered a loss and that the loss is fortuitous, the insured need not demonstrate the precise cause of damage for the purpose of proving fortuity.”

Conditioning coverage under an all-risks policy on the policyholder also establishing that covered property was altered or destroyed, as some courts have held in response to COVID-19 claims, is contrary to the purpose of all-risks insurance — to provide coverage for fortuitous losses unless a specific exclusion applies — and to the ordinary meaning of the operative policy language.

The Ordinary Meaning of the Operative Policy Language

Interpreting the phrase “direct physical loss of or damage to” in a manner that requires policyholders to plead and prove the actual structural alteration of property is not supported by the ordinary meaning of the operative policy language.

The term “physical” is defined by the Oxford English Dictionary as “[r]elating to things perceived through the senses as opposed to the mind; tangible or concrete.”

Thus, as stated by the Superior Court of New Jersey, Appellate Division in its 2004 decision, Customized Distribution Services v. Zurich Insurance Co., the term “‘physical’ can mean more than material alteration or damage.”

Indeed, according to the Tort, Trial and Insurance Practice Law Journal, “an insured can suffer a physical loss of property through theft, without any actual physical damage to the property.”

“Loss,” in turn, is defined as “[t]he fact or process of losing something or someone” or “[t]he state or feeling of grief when deprived of someone or something of value.”And, “damage” is defined as “[p]hysical harm caused to something in such a way as to impair its value, usefulness, or normal function.”

When its constituent terms are so defined, the phrase “physical loss of or damage to” means the tangible or concrete deprivation of something of value or when the value, usefulness or normal function of something is impaired. The value, usefulness and normal function of property is tangibly impaired whenever an insured is deprived of its use, irrespective of whether the property has been structurally altered or destroyed.

The Pre-Pandemic Case Law

Courts throughout the country have long held that the alteration or destruction of property is not a prerequisite to finding direct physical loss or damage. As succinctly stated by the Minnesota Court of Appeals in its 2001 opinion in General Mills Inc. v. Gold Medal Insurance Co.:

We have previously held that direct physical loss can exist without actual destruction of property or structural damage to property; it is sufficient to show that insured property is injured in some way. In Sentinel, we noted that the function of a residential apartment building, to provide safe housing, was seriously impaired or destroyed by the presence of asbestos fibers, although the building itself did not suffer a “tangible injury.”

Shortly thereafter, in 2002, the U.S. Court of Appeals for the Third Circuit in Port Authority of New York and New Jersey v. Affiliated FM Insurance Co. also addressed this issue in the context of a loss caused by asbestos.

The Port Authority court held under New York and New Jersey law that “[w]hen the presence of large quantities of asbestos in the air of a building is such as to make the structure uninhabitable and unusable, then there has been a distinct loss to its owner.” Three years later, the Third Circuit followed the Port Authority holding in Motorists Mutual Insurance Co. v. Hardinger, a case governed by Pennsylvania law:

We predict that the Pennsylvania Supreme Court would adopt a similar principle as we did in Port Authority. Applying Port Authority’s standard here, we believe there is a genuine issue of fact whether the functionality of the Hardinger’s property was nearly eliminated or destroyed, or whether their property was made useless or uninhabitable.

Most recently, the Brown’s Gym court followed Port Authority, Hardinger and other pre-pandemic holdings in a case involving insurance for COVID-19 business interruption losses:

Under the “reasonable and realistic standard for identifying physical loss or damage” established in Port Authority and Hardinger for cases “where sources unnoticeable to the naked eye” substantially reduce the use of property, an insured may satisfy the “direct physical loss or damage” prerequisite for coverage if the invisible agent renders the property “useless or uninhabitable,” or the property’s functionality is “nearly eliminated or destroyed” by that source. In pre-COVID-19 case law, including the Western Fire Insurance decision cited by Port Authority and Hardinger, the requisite “physical loss or damage” was established when vapors, odors, fumes, and other contaminants from ammonia, carbon-monoxide, arsenic, salmonella, lead, and other nonvisual sources made property uninhabitable or unusable, or nearly destroyed or eliminated its functionality.

Under the contamination theory adopted in Brown’s Gym and other cases, both pre- and post-pandemic, the physical loss or damage requirement for recovering all-risks insurance is satisfied when a foreign agent, such as coronavirus, renders covered property uninhabitable or unusable, or destroys its functionality.

To be sure, there is case law going the other way.

For example, the U.S. Court of Appeals for the Eighth Circuit in the recently decided Oral Surgeons case, relied on two of its pre-pandemic decisions interpreting Minnesota law: Source Food Technology Inc. v. U.S. Fidelity and Guaranty Co. decided in 2006 and Pentair Inc.v. American Guarantee and Liability Insurance Co. in 2005.

Neither the Source Food nor Pentair decisions, however, may be as supportive of the insurers’ current position on insurance for COVID-19 claims as they might appear to be on the surface. Specifically, the courts in both Source Food and Pentair cited the contamination theory with approval.

In distinguishing the prior Minnesota state court holdings in General Mills and Sentinel — where physical contamination, but no structural alteration, of property was alleged and the court found that there was coverage — the Eighth Circuit reasoned that no physical contamination was alleged in either Source Food or Pentair and, for that reason the denials of coverage were upheld in those cases.

As reflected in Source Food and Pentair, and the cases employing the contamination theory such as Brown’s Gym, the physical loss or damage requirement may be satisfied when physical contamination causes the loss of use of property that is not otherwise altered or destroyed.

In all, the conclusion that a policyholder cannot recover business interruption insurance for COVID-19 losses unless it first satisfies the burden of establishing that covered property has been structurally altered, contradicts the purpose of all-risks insurance, the ordinary meaning of the operative policy language and pre-pandemic case law.

Lee Epstein is a shareholder and chair of the insurance counseling and recovery practice group at Flaster Greenberg PC.

The opinions expressed are those of the author(s) and do not necessarily reflect the views of the firm, its clients, or Portfolio Media Inc., or any of its or their respective affiliates. This article is for general information purposes and is not intended to be and should not be taken as legal advice.

New York Asbestos Ruling Could Change Insurers’ Approach

A version of this article originally ran on Law360 on July 2, 2021. All rights reserved.

Although many companies that historically used asbestos in their products have gone bankrupt, there are still many that have managed to survive. How? In some — perhaps many — cases, the answer may be due in no small part to insurance.

But insurers looking to reduce their asbestos coverage obligations by demanding that policyholders contribute to defense and settlement costs may be shooting themselves in the foot if their policyholders can’t handle the financial burden.

In Liberty Mutual Insurance Co. v. Jenkins Bros., the New York Supreme Court recently held that Liberty Mutual had to pay 100% of all settlements against its bankrupt and dissolved insured, Jenkins Bros., even though its policies were in force for only part of the asbestos exposure alleged in the relevant underlying asbestos lawsuits.

The court held that Liberty was a real party-in-interest in the asbestos lawsuits because it agreed to defend and indemnify Jenkins Bros. when it issued the relevant liability insurance policies, and it was Liberty that appeared and negotiated asbestos settlements on behalf of its bankrupt and dissolved insured in those lawsuits.

As the real party-in-interest, the court reasoned Liberty could not pay only a pro rata portion of settlements based on the time Liberty’s policies were on the risk, leaving the plaintiffs to swallow the orphan share. And, in any event it, it was estopped from doing so because it was the one that actually negotiated the settlements.

The court, however, did not stop there. Perhaps more importantly and of broader application, the court stated that regardless of whether Liberty was a real party-in-interest in the underlying asbestos lawsuits, the pro rata allocation methodology would never be appropriate when the allocation would result in an orphan share being allocated to a tort victim due to gaps in coverage and a bankrupt defendant.

In such instances the all-sums, or joint and several allocation, methodology would apply, which would also result in Liberty paying 100% of settlements for Jenkins Bros.’ asbestos liability.

Finally, and also noteworthy, the court adopted the 2000 ruling of the New York Appellate Division, First Department in In re: Liquidation of Midland Insurance Co., which held that the trigger of coverage in a long-tail asbestos claim is the inhalation of asbestos fibers, or exposure — not manifestation of the disease or exposure in-residence, e.g., the period between last exposure and manifestation of the disease.

Not all asbestos defendants are global corporations that can be viably reorganized in bankruptcy. The Jenkins Bros. decision sheds light on what might ultimately happen when an asbestos, or other long-tail tort, defendant goes out of business and is eventually dissolved and wound up, or becomes completely defunct.

Consider the situation where a manufacturer is sued hundreds of times per year for injuries allegedly caused by exposure to asbestos in products it made decades ago. The cost to defend these lawsuits is substantial, as is the cost to pay settlements or, in some cases, judgments.

But this manufacturer has insurance coverage under its old occurrence-based general liability policies and the issuing insurers have stepped up — as they should — to provide the manufacturer a full defense and indemnity. In turn, the manufacturer is able to stay in business.

What happens if the insurers grow weary of their coverage obligations and seek to shift a portion of the cost to defend and settle cases to the manufacturer?

For example, assume one of the participating insurers is ordered into liquidation or the insurers wish to capitalize on a perceived advantageous development in the applicable law addressing how to allocate defense and settlement costs when the alleged asbestos exposure occurs partly outside the insurers’ policy periods.

Now our manufacturer must either sue to maintain a full defense and indemnity or negotiate a cost sharing arrangement where it must contribute to some degree. Either scenario will be a material drain on its financial resources.

Focusing on New York law for the moment, insurers and policyholders tend to take a very different view of how to allocate legacy asbestos liabilities when the alleged exposure occurred partly within viable policy periods and partly without.

Insurers typically argue the pro rata allocation method applies to both the duties to defend and indemnify except in a relatively narrow set of circumstances, such as when a policy contains a noncumulation or prior insurance clause. That means the insurers would only have to pay their fractional share of a loss that occurs during their policy periods compared to the entire period of loss, which can be lengthy, and the policyholder must pay for the remainder.

On the other hand, policyholders typically argue the all-sums allocation method applies, which means if an insurer’s policy is triggered, it must fully defend and indemnify the insured for the entire loss until its policy is exhausted, with no contribution from the insured — though contribution may be available from other insurers.

At minimum, an insurer must fully defend asbestos lawsuits even if settlements or judgments can be allocated pro rata among insurers and the policyholder.

Given these differing viewpoints, one can easily see that in practice businesses with legacy asbestos liabilities are put in a tough financial position when their insurers don’t agree to provide full coverage.

The court dockets in New York are replete with expensive, drawn-out fights between insurers and policyholders on these issues. On the other hand, if insurers contribute only a fraction to pay for asbestos liabilities, the business may not be able to afford the remainder.

The court’s ruling in Jenkins Bros. should make insurers think twice before looking to shed some of their asbestos coverage obligations.

If their policyholders go out of business, declare, or are forced into, bankruptcy, or eventually dissolve and wind up, the insurers may be left holding the bag — either as a real party-in-interest because orphan shares can’t be allocated to tort victims, or because the plaintiffs obtain an unsatisfied judgment against the defunct policyholder and sue directly under New York Insurance Law Section 3420.

Even worse, insurers could find themselves defending cases without the benefit and buffer of a viable business as the direct defendant — yikes.

The point is, even if there is a real dispute over how to allocate long-tail losses — and I favor the policyholder position — the Jenkins Bros. ruling should encourage insurers to meaningfully protect their policyholders and find a sustainable path forward — the way insurance is supposed to work.

As a corollary, the Jenkins Bros. decision may impact the mergers and acquisitions space for entities shouldered with legacy asbestos liabilities. Acquiring companies often see asbestos liability as anathema and may steer away from an otherwise strategic acquisition.

In short, they don’t want to be left answering the phone if the target goes belly up due to its asbestos liability — setting aside the actual likelihood and validity of this fear coming true. This sometimes knee-jerk reaction may be ameliorated if the entity that would ultimately be left answering the phone is the target’s old insurance company pursuant to Jenkins Bros.

However one chooses to view Jenkins Bros., it’s an interesting decision that could have far-reaching effects.

John G. Koch is a member of Flaster Greenberg’s Insurance Counseling and Recovery, Litigation and Environmental Practice Groups, focusing his practice on policyholder-side commercial insurance recovery and environmental law. His practice also includes commercial litigation, alternative dispute resolution, transactions counseling, contract indemnity disputes, supply chain disputes, and product recalls. He can be reached by emailing john.koch@flastergreenberg.com or calling 215.279.9916.

The opinions expressed are those of the author(s) and do not necessarily reflect the views of the firm, its clients, or Portfolio Media Inc., or any of its or their respective affiliates. This article is for general information purposes and is not intended to be and should not be taken as legal advice.

Trademark Board Blocks 76ers Joel Embiid’s Attempt to Register “Trust the Process” Trademark for Shoes 

The Trademark Trial and Appeal Board (“TTAB”) affirmed the refusal to register Philadelphia 76ers star Joel Embiid’s trademark application for “Trust the Process” in connection with shoes in a precedential decision on May 26, 2021.  In the decision, the TTAB found that the mark is likely to cause confusion with Marcus Lemonis’ “Trust the Process” registered trademark for clothing.  Lemonis is the host of the CNBC show “The Profit,” and his trademark registration dates back to April 19, 2016. 

Section 2(d) of the Lanham Act prohibits registration of a trademark that is likely to cause confusion with a registered mark when used in connection with the goods or services of the applicant.  In determining whether there is a likelihood of confusion, the TTAB analyzes the thirteen DuPont factors – which assess things such as the similarity of the marks, goods, trade channels, and average purchaser, among other factors.  Here, the TTAB held that since the “Trust the Process” marks are identical in appearance in sound, it outweighs any difference the marks may have in commercial impression with respect to the meaning of the mark in the world of basketball versus the CNBC show “The Profit.”  

Embiid also tried to rely on his existing trademark registration for “The Process” in connection with apparel and clothing, which has existed alongside Lemonis’ mark for two years without instances of confusion, to show that the “Trust the Process” mark was also unlikely to create confusion.  The TTAB rejected this argument since the “The Process” mark has only been registered since 2019, is still susceptible to a cancellation proceeding, and there are meaningful differences between “The Process” and “Trust the Process.” 

Does this mean that Joel Embiid can no longer shout “trust the process” in news conferences and in his social media posts?  Not at all.  A trademark only protects the right to use a word or phrase in commerce in connection with specific goods or services.  Here, the issue was whether Joel Embiid could obtain a trademark registration for “Trust the Process” in connection with shoes.  Embiid already has a trademark registration for “The Process” in connection with apparel, and he has numerous pending trademark applications for “The Process” and “Trust the Process” in connection with a variety of goods and services, including phone cases, books, and basketball camps, to name a few. 

The major takeaway here is that no matter how famous or ubiquitous a phrase like “Trust the Process” may become, if you were not the first to use it in commerce for a specific set of goods and services, or if you did not file an intent-to-use trademark application before someone else began using the mark, you will most likely be denied a trademark registration for the mark. 

Questions? Let Eric know.

Eric Clendening

Eric Clendening is a member of Flaster Greenberg’s Intellectual Property and Litigation Departments. He focuses his practice on intellectual property litigation and commercial litigation, including contract disputes, employment litigation, and other commercial disputes. He also advises clients on protecting and enforcing intellectual property rights online, including the resolution of domain name disputes and matters concerning e-commerce, online speech and conduct, and related intellectual property issues involving trademarks and copyrights.Cherry Hill, NJ, USA

Remote Online Notarization: One Year Later

The introduction of virtual notarization (aka remote online notarization, or “RON”) has recently been a hot topic thanks to the barriers created by the COVID-19 pandemic.  Now that it’s been over since the pandemic began, where does virtual notary law stand?  Some states have embraced RON, whereas others are more hesitant to codify RON into law. Set forth below is a quick summary of the respective New Jersey, New York, Pennsylvania and Florida laws surrounding remote online notarization, an essential tool during the pandemic.

New Jersey

New Jersey had entertained permitting RON access in 2019, before the pandemic struck, but has declined to impose permanent virtual notarization laws since then.  As a result of the pandemic, the New Jersey legislature enacted a temporary RON statute on April 14, 2020.  Under New Jersey’s temporary law, a notary public or notarial officer must authenticate the identity of the remotely located individual, which can be established (i) if the remotely located individual is personally known to the notary official, (ii) if a credible witness known to the notary official swears to the identity of the remotely located individual, or (iii) if the remotely located individual provides at least 2 forms of identification.  Additionally, the notary official must be reasonably able to confirm the document before the notary official is the same document that the remotely located individual signed and the notary official must create an audiovisual recording of the notarization, which recording must be retained for a period of at least 10 years.

New York

New York Governor Andrew Cuomo issued an executive order temporarily permitting notarization of documents via “audio-video technology”, provided that:

  • The person seeking the notary official’s services, if not personally known to the notary official, must present valid photo ID to the official during the video conference;
  • The video conference must allow for direct interaction between the person and the notary official (e.g., no pre-recorded videos of the person signing.);
  • The person must affirmatively represent that he or she is physically located in the State of New York;
  • The person must send by fax or electronic transmission a legible copy of the signed document directly to the notary official on the same date it was signed;
  • The notary official may notarize the transmitted copy of the document and transmit the same back to the person; and
  • The notary official may repeat notarization of the original signed document as of the date of execution, provided the notary official receives such original signed document together with the electronically notarized copy within 30 days after the date of execution.

Executive Order No. 202.7.  Originally, this Order lasted only through April 18, 2020, but has been continuously extended as the pandemic has worn on, most recently through April 25, 2021, and will likely continue to be extended.


Beginning on March 25, 2020, RON is permitted temporarily in the Commonwealth, but with the passage of Act 97 in October 2020, it is now permanently codified in Pennsylvania law in 57 Pa.C.S. Section 306.1. Virtual notarization is permissible in Pennsylvania if the electronic signature of the notary official, together with all other information required to be included by other applicable law, is attached to or otherwise associated with the signature or record. Notary officials are required to notify the Pennsylvania Department of State that they will virtually notarize certain documents.  Once the notification is approved by the Pennsylvania Department of State, the notary official must disclose the specific tamper-resistant technology he or she intends to use.


Florida’s RON statute permits a notary official physically located in the state to perform an online notarization regardless of whether the person or witnesses are physically inside the state.  The notary official must record the online notarization session and confirm the identity of the person and any witnesses.  If the person is not located in the state at the time of the online notarization, the notary official must confirm (verbally or in writing), that the person desires the notarial act be performed by a Florida notary public.  Florida’s RON statute has specific safeguards for more vulnerable people, such as the elderly residing in nursing homes, to help ensure the competence of the person executing the document.  An example of such safeguards is the requirement for the notary official to have the person answer at least five questions relating to the person’s identity and historical events records within a limited time frame and with high degree of accuracy. Fl. Stat. 117.295.

Before you virtually notarize any document, make sure you are in compliance with your state’s virtual notary rules.  If you or your business need legal advice, please consider contacting corporate attorney Kelly Barry, or any member of Flaster Greenberg’s Business & Corporate Department.

Cybersecurity & Data Privacy Legislative Updates

Since the passage of the CCPA in 2018, there has been a flurry of proposed state laws aimed at regulating the areas of cybersecurity and data privacy in the absence of federal comprehensive legislation. Additionally, there has been a renewed focus on legislation at the federal level. Here’s an overview of some recently proposed pieces of federal legislation, and recently proposed and passed state laws that may actually have a shot at success.

Federal Privacy Legislation

Information Transparency and Personal Data Control Act (2021)

This Act is the first of its kind to be introduced in 2021. The Act would create protections for the processing of personal information. Under the Act, businesses would be required to utilize an opt-out consent mechanism for consumers for the collection, processing, and sharing of non-sensitive information. For the collection, sale, sharing, or other disclosure of sensitive personal information, however, companies would be required to obtain an “affirmative, express, and opt-in consent” from consumers. 

The proposed law defines “sensitive personal information” as financial account numbers and authentication credentials, such as usernames and passwords; health information; genetic data; any information pertaining to children under the age of 13; Social Security numbers and any “unique government-issued identifiers;” precise geolocation information; the content of oral or electronic communications, such as email or direct messaging; personal call detail records; biometric data; sexual orientation, gender identity or intersex status; citizenship or immigration status; mental or physical health diagnoses, religious beliefs; and web browsing history and application usage history.

Notably, information that is classified as deidentified, public information, and employee data would not fall under the definition of “sensitive personal information.” Written or verbal communication between a controller and a user for a transaction concerning the provision or receipt of a product or service would also not be considered sensitive data.

Additionally, data controllers would be responsible for informing processors or third parties about the purposes and limits to the specific consent granted but would not be liable for processors’ failure to adhere to those limits.

Moreover, the law would provide additional rulemaking authority to the Federal Trade Commission to devise requirements for entities that collect, transmit, store, process, sell, share, or otherwise use the sensitive personal information of members of the public.

This Act would not provide consumers with a private right of action. Instead, it directs the Attorney General to notify controllers of alleged violations and provide them with 30 days to cure non-willful violations of this Act before commencing an enforcement action.

For more information on recently-proposed federal legislation, including those crafted to address the COVID-19 pandemic, see my pieces on the Exposure Notification Privacy Act, The Public Health Emergency Act, and the COVID-19 Consumer Data Protection Act.

State Privacy Legislation

Unlike comprehensive national laws like the GDPR, which generally applies to all data in all settings, state laws in the U.S. typically carve out exceptions for certain types of data, such as health information already subject to HIPAA, for example. The laws outlined below largely follow this pattern.

The following states have recently passed, or proposed, cybersecurity and data privacy laws.

StateLegislationStatusPrivate Right of Action
CaliforniaCalifornia Privacy Rights ActPassed by ballot initiative in November 2020Limited
VirginiaConsumer Data Protection ActSigned into on March 2, 2021No
WashingtonWashington Privacy ActPendingNo; Not in 2021 version
FloridaFlorida Privacy Protection ActPendingYes
New YorkNew York Privacy Act; Biometric Privacy ActPendingYes; Yes
OklahomaComputer Data Privacy ActPassed by HouseNo

The CPRA is a ballot initiative that amends the CCPA and includes additional privacy protections for consumers. It was passed in November 2020 and the majority of the provisions therein will enter into force on January 1, 2023 with a look-back to January 2022.

Virginia’s law is similar to the still-pending Washington Privacy Act and includes provisions that are akin to the CCPA.

Other states like Oregon and Minnesota have also proposed privacy and security legislation in recent months.

Don’t forget to catch Krishna Jani’s presentation at PBI’s upcoming Cyberlaw Update on Thursday, April 29, 2021!

Krishna A. Jani, CIPP/US, is a member of Flaster Greenberg’s Litigation Department focusing her practice on complex commercial litigation. She is also a member of the firm’s cybersecurity and data privacy law practice groups. She can be reached at 215.279.9907 or krishna.jani@flastergreenberg.com.

Pennsylvania Decennial Reports

Pennsylvania requires certain business entities file a Decennial Report every 10 years to confirm their continued existence or the continued used of their marks in the Commonwealth. If a company fails to file a required Decennial Report, it will no longer have exclusive use of its name or registered mark, as the Bureau will be able to reissue the name or mark to another entity.

The Decennial Report is required if a company has not made a new or amended filing with the Bureau of Corporations and Charitable Organizations (the “Bureau”) from January 1, 2012 through December 31, 2021. The Report is required to be filed by December 31, 2021 with a $70 filing fee.  New and amended filings do not include decennial filings, name reservations, name searches, consents to appropriate name or fictitious name registrations. 

If a company is required to file a Decennial Report, its registered office should have received a post card from the Pennsylvania Department of State.  If there is any question as to whether a filing is required, please reach out to us or check the Bureau’s website: Decennial Filing (pa.gov)

If your business needs assistance with this or any other matter, please consider contacting corporate attorney Kelly Barry, or any member of Flaster Greenberg’s Business & Corporate Department.

Electronic Signatures in NJ, NY, PA & FL: What You Need To Know

The COVID-19 pandemic rocked businesses with its required social distancing protocols and work from home mandates.  However, one silver lining to the unforeseen chaos generated by the pandemic is the benefit of being able to execute most documents from the safety of home.  Laws and guidance have been in place for years addressing electronic signatures, but the prevalence of their usage during the pandemic have led many states to enact their own laws.  The Uniform Electronics Transaction Act (UETA) provides guidelines that most states have adopted to determine the legality of electronic signatures in certain commercial and government transactions, and the Electronic Signatures in Global and National Commerce Act (ESIGN Act) established the legality of certain electronic contracts in interstate and global commerce.  Below is a quick primer on the respective New Jersey, New York, Pennsylvania and Florida statutes surrounding electronic signatures, a tool that has become increasingly important over the past year.

New Jersey

New Jersey enacted an electronic signature statute largely mirroring the UETA.  N.J.S.A. § 12A:12-1 et seq.  New Jersey transactions are not subject to this law to the extent they are governed by laws concerning: (i) the creation and execution of wills, codicils or testamentary trusts; (ii) the UCC, with exceptions; (ii) adoption, divorce or other matters of family law; (iv) court orders or official court documents; (v) notices of the cancellation of termination of utility services; (vi) the default, acceleration, repossession, foreclosure or eviction, or (vii) the right to cure an individual’s primary residence. 

New York

In stark contrast with the overwhelming majority of other states, New York has not adopted its own version of UETA.  Rather, New York’s statute addressing the validity of electronic signatures is called the Electronic Signatures and Records Act (ERSA).  N.Y. State Tech L § 301 (2014).  ERSA does not apply to documents providing for the disposition of an individual’s person or property upon death (such as wills, trusts, orders not to resuscitate) with exceptions, negotiable instruments and other instruments wherein possession of the instrument is deemed to confer title, or any other document that the electronic facilitator has specifically excepted from ERSA’s regulations.


Pennsylvania was one of the first states in the country to adopt a modified version of the UETA in 1999, permitting electronic signatures in most circumstances.  Under Pennsylvania’s law, electronic signatures are permissible except for transactions invoking laws governing wills, codicils or testamentary trusts or the Pennsylvania Commercial Code, with exceptions.


Florida’s electronic signature statute was adopted in 2000.  Florida’s iteration of the law states that, unless otherwise provided by law, an electronic signature may be used to sign a writing and shall have the same force and effect as a written signature.  This statute prohibited virtual signatures for documents governed by laws concerning the execution of wills, codicils or testamentary trusts, the UCC (with exceptions), contracts governed by the Uniform Computer Information Transactions Act, and the rules of judicial procedure.  Interestingly, as of January 1, 2020, Florida’s Electronic Wills Act went into effect, which permits, as the name indicates, wills to be signed and notarized virtually.  By enacting this law, Florida is on the cutting edge of this area of law, being only one of a few states to loosen the traditional requirement that wills be signed in person.

Before you virtually sign any document, make sure you are in compliance with your state’s electronic signature rules.  If you or your business need legal advice, please consider contacting corporate attorney Kelly Barry, or any member of Flaster Greenberg’s Business & Corporate Department.

Senate Passes $1.9 Trillion COVID-19 Relief Bill: What You Need To Know

The Senate passed President Biden’s $1.9 trillion COVID-19 relief package late Friday night.  While the bill must go back to the House of Representatives for reconciliation with the bill they passed in late February, it is a major step forward in getting financial relief to those in need.

Here’s what you need to know about the COVID-19 Relief Bill:

  • It extended the $300 weekly unemployment benefit through September 6th, thereby avoiding the deadline of mid-March for that benefit established by the December 2020 stimulus bill.
  • It promises $1,400 in stimulus money to a narrower selection of individuals than had been eligible for prior stimulus checks.  Individuals who earn more than $80,000 and married couples earning more than $160,000 combined are excluded. 
  • The $15 minimum wage provision that was a highlight of the House bill did not make it into the Senate’s version.
  • It allows an individual’s first $10,200 earned through unemployment to avoid taxation.  This applies to those who made less than $150,000 in adjusted gross income in 2020.  If you earned more than $10,200 and have already filed your 2020 tax returns you may consider amending your return to reflect that information.  Talk to a tax professional to see if such an amendment would change your tax liability.

The Senate bill included many other provisions, including a change to the child tax credit, providing further relief to state and local governments, and funding for COVID-19 testing, vaccinations, and contact tracing.  We will have to wait for the reconciled bill to see if any of these provisions change, but it is notable that the bill was passed and is heading towards reconciliation. Stay tuned.

Questions? Let Kelly know.

Kelly Barry is a member of the firm’s Business and Corporate Department and Taxation Practice Group assisting clients in a wide range of corporate matters, including those involving transactional law, tax, and trusts and estates.  She can be reached at kelly.barry@flastergreenberg.com or 856.382.3305.

%d bloggers like this: