Category Archives: Uncategorized

Cybersecurity & Data Privacy Updates, Part II

From California to New York, data privacy laws and enforcement actions are ramping up. Check out some highlights below.

1. New York State Department of Financial Services launched its first enforcement action in July 2020.

As U.S. companies focus on CCPA enforcement, they should not ignore other state laws and accompanying regulations. The New York Department of Financial Services’ Cybersecurity Requirements for Financial Services Companies (“DFS’s Cybersecurity Regulation”) first took effect on March 1, 2017.

Recently, cybercriminals have sought to exploit technological vulnerabilities to gain access to sensitive electronic data.  In an effort to combat such exploitation, this regulation requires each company to assess its specific risk profile and design a program that addresses its risks in a vigorous way. Senior management are encouraged to take this issue seriously. They must ensure that someone is responsible for the organization’s cybersecurity program and file an annual certification confirming compliance with these regulations. A regulated entity’s cybersecurity program must ensure the safety and soundness of the institution and protect its customers.

On July 22, 2020, the New York Department of Financial Services announced cybersecurity charges against First American Title Insurance Company for exposing millions of documents with consumers’ nonpublic personal information over the course of several years, including bank account numbers, mortgage and tax records, Social Security Numbers, wire transaction receipts, and drivers’ license images.

This marks the first cybersecurity enforcement action filed by the Department. The hearing will take place at the office of the New York State Department of Financial Services beginning on October 26, 2020.

2. What is The California Privacy Rights Act of 2020—“CCPA 2.0?”

If you’re thinking, “Wait! Didn’t the California Consumer Privacy Act (“CCPA”) just go into effect?” You’re right. The CCPA took effect on January 1 of this year, and enforcement actions began on July 1. Already, a privacy advocacy group, California for Consumer Privacy, collected 900,000 signatures to place the California Privacy Rights Act (“CPRA”) on the November 2020 ballot. According to several news sources, current polling suggests that the bill will pass.

The CPRA seeks to, among other things, establish the California Privacy Protection Agency (“CPPA”), a new privacy enforcement authority, similar to the Data Protection Authority put in place in the European Union by the General Data Protection Regulation (“GDPR”). This Agency will be empowered to fine transgressors, hold hearings about privacy violations, and clarify privacy guidelines.

In addition, the law would establish a new category of sensitive personal information, including Social Security numbers, precise geolocation data, biometric or health information, and more. It would also give consumers greater power to restrict the use of such data. The law would also add email addresses and passwords to the list of items covered by the “negligent data breach” section to help curb identity theft.

3. The Connecticut Insurance Data Security Law goes into effect on October 1, 2020.

The Act establishes standards applicable to licensees of the Connecticut Insurance Department for data security, the investigation of a cybersecurity event, and notification to the Department of such event. In preparation for this law to take effect, Connecticut’s Insurance Department issued a Bulletin on July 20, 2020 to all licensees of the Department.

Licensed insurance companies, and any other companies otherwise authorized to operate pursuant to the insurance laws of Connecticut, should be aware of and follow the guidelines laid out in the Bulletin.

The attorneys at Flaster Greenberg are following developments related to the COVID-19 Pandemic and formed a response team and to work with businesses to keep them up-to-date on developments that impact their business. If you have any questions on the information contained in this blog post, please feel free to reach out to Donna UrbanKrishna Jani, or any member of Flaster Greenberg’s Telecommunications or Privacy & Data Security Groups. 

COVID-19 RESOURCE PAGE

To serve as a central repository of information and contributions from Flaster Greenberg attorneys on legal developments during the COVID-19 crisis, we have launched a COVID-19 Resource page on our website. Feel free to check back frequently for Flaster Greenberg’s ongoing analyses of important legal updates that may affect you or your business.

More Tips On Protecting Your Virtual Meetings to Avoid a Cybersecurity Breach: An Update

top view photo of girl watching through imac

Photo by Julia M Cameron on Pexels.com

At this point, many of us are well into our fourth or fifth week of quarantine due to the outbreak of COVID-19. Even for those of us who are fortunate enough to be able to work remotely from our homes, this comes with certain challenges, including potential security issues with virtual conferencing. In our first installment about virtual meetings, and their unintended vulnerabilities, we provided some guidance on how you and your staff might implement certain strategies to keep your virtual conferences as safe as possible from hackers and trolls. In this new installment, we will provide further guidance on staying safe amidst emerging privacy and security concerns associated with virtual meeting platforms.

Zoom Announces Updates to its Data Privacy and Security Measures

On April 1, 2020, the Chief Operating Officer of Zoom, Eric Yuan, announced certain changes that Zoom is making to enhance its virtual meeting spaces. On April 14th, the Chief Product Officer of Zoom, Oded Gal, provided clarification on those enhancements to those of us who are using Zoom during quarantine.

  • Have a plan and be prepared for interference in your virtual meetings. Zoom has encouraged its users to have a plan in place for their virtual meetings and to be prepared should any unwanted interference arise. This includes ensuring that the application has been updated to include the latest security features, co-hosting meetings whenever possible, and utilizing preexisting and new security tools built into the application. To check for updates to the app, click on the main menu, then click on “Check for Updates,” and then “Begin Upgrade” if any new updates are available. We recommend doing this every week or so to ensure that you and your staff are up to speed on all available cybersecurity protections.
  • Co-host and record your virtual meetings whenever possible. A meeting creator can choose to co-host a meeting while creating the meeting invitation or in the actual Zoom meeting itself. A co-host can monitor the virtual waiting room or assist with any disruptions. Furthermore, record your Zoom meetings whenever possible because recording meetings creates a forensic trail of the meetings, as well as any bad actors that interfere with them, as soon as the meetings begin. The more data that virtual meeting platforms are able to collect about bad actors, the better able they are to stop the threat of further disruption.
  • Zoom has increased access to its security features. Zoom has made its pre-existing security features easier to find. A “Security” button has been added to the bottom banner of virtual meetings and is now easily accessible to meeting hosts. By clicking on this new security feature, meeting hosts are able to enable a waiting room or lock the meeting. Moreover, a meeting host can also remove a participant from a virtual meeting. Once that participant has been removed, he or she cannot reenter the meeting, even if using a different username. This is because as a part of Zoom’s new security rollouts, Zoom has started to collect IP addresses, among other data, to be able to better respond to security threats. While removing a participant from a meeting will only remove the participant from that particular meeting, you have other tools available to permanently block that user.

For example, right now Zoom recommends recording your meetings whenever practicable to ensure a forensic trail is created, as stated above. In addition, Zoom recommends taking a screenshot whenever a bad actor enters your virtual meeting. Then, you can report this intruder on Zoom’s website. And starting this coming weekend, Zoom will be releasing a new security feature built into the app, which will allow users to send a report to Zoom right from the security button should any unwanted interference arise.

Other Noteworthy Developments

Zoom announced that as of April 1, 2020, it would freeze all future product development except for data privacy and security updates for the following 90 days. Moreover, beginning April 18, 2020, every paid Zoom customer will be able to customize which data center regions their account can use for its real-time meeting traffic. By default, however, there will be no connection to any data centers in China beginning April 18, 2020 for all users. Additionally, users with an “.edu” registered email address are automatically given the highest level of security in their meetings, and this will continue. Zoom has begun to address user demands for a “kid-friendly” interface, but it has not yet launched any such interface.

Other virtual meeting platforms, such as GoToMeeting, have also enacted enhanced security protections in their respective applications. For example, GoToMeeting gathers cyber threat intel through partnerships including external intelligence communities, personal and professional sharing groups, and its own internal research to collect Indicators of Compromise or IoC data. IoC can include forensic data such as IP addresses, domains, hashes, and pulls them into its threat intelligence platform to reduce the risk of cyber threats.

Still though, platforms like Zoom and GoToMeeting urge users to utilize additional security measures as outlined in our previous blog post, and above, to provide the greatest level of privacy and data security for your virtual meetings.

Updates on Regulatory Guidance

On April 8th, Senator Edward Markey, whose priorities include telecommunications, technology, and privacy policy, urged the Federal Trade Commission (FTC) to publish industry cybersecurity guidelines “for companies that provide online conferencing services, as well as best practices for users that will help protect online safety and privacy during this pandemic and beyond.”

In Senator Markey’s letter, he urges that the guidance cover, at a minimum, the following topics:

  • Implementing secure authentication and other safeguards against unauthorized access;
  • Enacting limits on data collection and recording;
  • Employing encryption and other security protocols for securing data; and
  • Providing clear and conspicuous privacy policies for users.

Senator Markey also requests that the FTC develop best practices for online conferencing users, so that they can make informed, safe decisions when choosing and using these platforms. He requests that these best practices cover at least the following topics:

  • Identifying and preventing cyber threats such as phishing and malware;
  • Sharing links to online meetings without compromising security;
  • Restricting access to meetings via software settings; and
  • Recognizing that different versions of a company’s service may provide varying levels of privacy protection.

To date, the FTC has not published new guidelines.

Remember to have a plan and be prepared. Stay safe, everyone!

If you have any questions, please feel free to reach out to Donna UrbanKrishna Jani, or any member of Flaster Greenberg’s Telecommunications or Privacy & Data Security Groups.  

Donna T. Urban is a member of Flaster Greenberg’s Commercial Litigation and Environmental Law Departments concentrating her practice in telecommunications law, environmental regulation and litigation, and privacy and data security. She is a seasoned litigator, and for more than 20 years has successfully represented business clients in contract disputes, regulatory matters, and complex negotiations. She can be reached at donna.urban@flastergreenberg.com or 856.661.2285.

Krishna A. Jani is a member of Flaster Greenberg’s Litigation Department focusing her practice on complex commercial litigation. She is also a member of the firm’s cybersecurity and data privacy law practice groups. She can be reached at 215.279.9907 or krishna.jani@flastergreenberg.com.

To serve as a central repository of information and contributions from Flaster Greenberg attorneys on legal developments during the COVID-19 crisis, we have launched a COVID-19 Resource Page on our website.  Feel free to check back frequently for Flaster Greenberg’s ongoing analyses of important legal updates that may affect you or your business. 

  

Ten Tips for Avoiding Litigation: Tip #5 – Treat Your Employees Fairly and Consistently

Business teamwork and global finance blue background

The lifeblood of every business – big, small or in-between – is its employees, aptly called its human resources or human capital. A company can have the most innovative product or service idea in the world, along with a recognized market and an excellent strategy for capitalizing on it, but, without the right people to implement the idea and the right managers to train, supervise, and motivate that staff, the idea is likely to fail. That is why your employees are your most valuable resource. At the same time, however, employees are also frequent sources of litigation for businesses, including claims for wrongful discharge, discrimination, harassment, hostile work environment, failure to accommodate a disability, wage and hour violations, failure to properly pay overtime, breach of non-compete agreements, and theft of company trade secrets, to name just a few.

Employees are much more challenging to manage than any other resource your company uses to conduct its business. Your inventory, for example, is, for the most part, fungible. If one source dries up or becomes prohibitively expensive, chances are you will be able to find a replacement source. Similarly, your equipment is generally easily repairable or replaceable if something breaks. Not so with your employees. They require training, motivation, and incentives. They take sick days, personal days, and holidays. They go on vacation, care for sick or disabled family members, and sometimes they do not get along or work well with each other. And they sue their employers with increasing frequency.

In addition, studies show that the replacement of just one key employee can cost your business hundreds of thousands of dollars. Think about the down time and lost productivity associated with the departure of the former employee, internal and external recruitment costs to find a replacement, costs of training and orienting the new employee, and the down time and lost productivity involved in getting the new employee up to speed. These are just a few of the costs associated with losing an employee.

In short, you have invested a huge amount of your company’s resources in your employees. Doesn’t it make sense that you should protect that investment by implementing policies to keep your employees productive, motivated, safe, healthy a relatively happy? Here are some things you can try to help accomplish that goal.

First, always treat your employees respectfully, honestly, and fairly. This suggestion might sound obvious, and it is, but it is also frequently forgotten or ignored in the normal stress of the business world. It might also sound inconsequential, but it might just be the key to reducing claims against the company by its employees. Every employee wants to feel like his or her work is valued and essential for the success of the business. Finding ways to recognize and honor all your employees’ contributions will pay significant dividends. Even simple gestures will reap rewards in areas like better employee morale and increased productivity among your staff.

Second, don’t BS your employees. They know what is going on in the world and how outside events affect the company. They also know far more than you think about changes the company is considering, especially changes that could affect them negatively. Silence and secrecy may be necessary, but outright lying to employees is never a good idea. It is guaranteed to produce a cynical, untrusting, and equally secretive staff.

Third, have clear, well-defined company policies to let employees know what behavior you expect from them, what behavior you will not be tolerate, and the consequences of engaging in that behavior. These policies should be memorialized in a written employee manual or, even better, easily accessible to employees on the company website. You should hire an experienced employment lawyer, who is knowledgeable about the current state of constantly changing employment laws in your jurisdiction, to draft your employee manual. The manual should also contain procedures for addressing problems when they arise, and for reporting violations. Whom do you call when X happens? To whom do you report violations of Y policy?

Fourth and finally, once you have those company policies in place, enforce them as consistently as possible. One of the most difficult management tasks is balancing the goal of fairness and consistency versus the desire to be flexible and treat people as individuals rather than as interchangeable parts. Rigid, unthinking, and blind adherence to rules can not only damage employee morale by stifling creativity and employee innovation, but also lead to unsatisfactory and inappropriate results. On the other hand, any perception by your employees that you are showing inconsistency or, even worse, favoritism in your enforcement of certain policies can lead to divisiveness and be equally damaging to employee morale. Inconsistently enforced rules are, in some ways, worse than no rules at all.

The safest, but perhaps most difficult path to follow, is to treat rules as sacrosanct except in unusual and rare cases that require special empathy and flexibility. If you conclude that a large number of your employee could qualify for the same exception if they were to ask for it, then you should either deny the request for an exception or consider scrapping the rule. Before making any exception to a policy or rule, consider the potential consequences down the road. What will you do the next time someone else asks for the same exception, particularly if that person is someone you do not particularly like? Reward your best employees with raises, promotions, stock options, and the like, not with exceptions to company policies. The former will motivate your good employees to try to be better; the latter will make them cynical about following company rules.

There are other ways to enhance and retain your human resources, such as training your managers to know and follow the applicable federal, state, and local employment laws,  and minimizing the use and severity of non-competition agreements. I will cover these topics in future installments of this blog, so stay tuned!

Click here for Tip #1: Always Have a Strong Written Agreement to Govern Your Business
Click here for Tip #2: Avoid Doing Business with Members of your Family
Click here for Tip #3: Check Your Insurance Coverage Frequently to be Sure it Protects Your Business from Exposure and Risk
Click here for Tip #4: Every Significant Business Transaction Should Be Documented

Phil Kirchner of Flaster Greenberg
Philip Kirchner is a member of Flaster Greenberg’s Litigation Department headquartered in Cherry Hill, NJ. He concentrates his practice on resolving business disputes, including complex litigation of all types of business issues in both the federal and state courts of New Jersey and Pennsylvania. He can be reached at 856.661.2268 or phil.kirchner@flastergreenberg.com.

 

 

Tips On Protecting Your Virtual Meetings To Avoid A Cyber Security Breach

Computer Hacker

Virtual Meetings, and their Unintended Vulnerabilities

Advanced technology and the availability of online video and teleconferencing software has certainly helped ease the transition to working remotely for many businesses, schools, health care providers, and even the Courts. However, these virtual meeting platforms, while increasingly popular and essential especially during the COVID-19 pandemic, are not always completely secure.

Over the past few days, you may have seen the term “Zoom-Bombing” circulating around the news. This term refers to nefarious actors, or trolls, on the web hijacking Zoom and other virtual meetings to display a variety of disruptive, and often disturbing, behavior. This computer hacking creates serious privacy concerns as it exposes confidential and sensitive material, such as medical information, financial data, trade secrets, and other proprietary information, to these intruders and other third parties.

Protect Your Meetings from Uninvited Guests

We suggest taking the following steps to help keep your virtual meetings closed to intruders:

  • Create a random or randomly-generated meeting number for each meeting. Zoom, and other virtual meeting platforms such as GoToMeeting or Skype for Business, allow for a standing meeting number but reports have indicated that such standing meeting numbers are being sold on the dark web. In at least one instance, stolen account information such as email addresses, passwords, meeting identifications, type of account, host keys, and names were actively being sold or posted to the dark web. In other instances, sensitive information from virtual meetings was discoverable through a search engine on the open web. Even a United States healthcare provider, seven educational institutions, and one small business were targeted in such virtual meeting cyberattacks.
  • Ensure that each meeting is password-protected. For example, Zoom can automatically create a password and does with each new meeting. In the alternative, when creating the invitation, the meeting creator can assign a password in the invitation. The password will then be included in the meeting invitation that is sent out to the attendees.
  • Lock virtual meetings once they’re in session. Some virtual platforms allow for meeting creators to lock their meetings once they’re in session. To prevent unexpected attendees from joining a current session, lock your meeting or enable a virtual waiting room. You’ll be notified when an attendee attempts to join and can easily connect all waiting attendees to the meeting by unlocking.

These precautions should help keep your virtual meetings free from any unwanted “Zoom-Bombers.”

Further Guidance

To further address these emerging privacy concerns, on April 8th, Senator Edward Markey, whose priorities include telecommunications, technology, and privacy policy, urged the Federal Trade Commission to publish industry cybersecurity guidelines for online conference providers for protecting consumers’ privacy.

If you have any questions, please feel free to reach out to Donna Urban, Krishna Jani, or any member of Flaster Greenberg’s Telecommunications or Privacy & Data Security Groups.  

Donna T. Urban is a member of Flaster Greenberg’s Commercial Litigation and Environmental Law Departments concentrating her practice in telecommunications law, environmental regulation and litigation, and privacy and data security. She is a seasoned litigator, and for more than 20 years has successfully represented business clients in contract disputes, regulatory matters, and complex negotiations. She can be reached at donna.urban@flastergreenberg.com or 856.661.2285.

Krishna A. Jani is a member of Flaster Greenberg’s Litigation Department focusing her practice on complex commercial litigation. She is also a member of the firm’s cybersecurity and data privacy law practice groups. She can be reached at 215.279.9907 or krishna.jani@flastergreenberg.com.

To serve as a central repository of information and contributions from Flaster Greenberg attorneys on legal developments during the COVID-19 crisis, we have launched a COVID-19 Resource Page on our website.  Feel free to check back frequently for Flaster Greenberg’s ongoing analyses of important legal updates that may affect you or your business. 

 

 

Lana Del Rey May Have Creeped too Close to Radiohead’s Melody, Copyright Infringement Suit Nears

A tweet sent by Lana Del Rey earlier this week (likely to the chagrin of her attorneys) informed her 8.3 million followers that Radiohead is claiming that the song ‘Get Free’, off her recent album ‘Lust for Life’, infringed on Radiohead’s 1993 hit song ‘Creep.’ The 90’s band is seeking 100% of the profits related to the publishing of the song, which Del Rey is credited with co-writing along with songwriters and record producers, Kieran Menzies and Rick Nowels.

Fast forward to a few hours after the tweet was sent when Del Rey then repeated this sentiment at a subsequent concert in Denver, CO, where she referred to the song as her “personal manifesto.”  As an aside, it was a questionable move for Del Rey to go so public with this dispute, let alone state terms of settlement offers, as settlement negotiations are often confidential…unless where published in the manners Del Rey has done, and could taint the available jury pool. Check out a clip of Del Rey addressing the crowd here.

Does Radiohead have a case?

I’ve never been much of a gambler, but after listening to both songs I would say that Radiohead has a strong case in this copyright dispute. For those of you unfamiliar, a copyright arises from the creation of an original work that is fixed in a tangible medium of expression, described as “when its embodiment in a copy or phonorecord, by or under the authority of the author, is sufficiently permanent or stable to permit it to be perceived, reproduced, or otherwise communicated for a period of more than transitory duration.”  While the mere creation of the composition is enough to establish a copyright, registration affords the author/publisher additional protections. The courts often look to whether the composition contains a minimal spark of creativity. The spark can be in the chord progression, rhythm, melody or lyrics. In order to establish the infringement, a comparison of the songs must be done, often by an expert, and a judge or jury must then determine if such an infringement, or unauthorized borrowing or use of the same chord progression, rhythm, melody or lyrics, has occurred. Since such proof is often subjective to the fact finder, most cases are resolved prior to a final determination in Court.

In fact, the very song Radiohead is now claiming Del Rey has infringed upon, was itself the subject of a claim of infringement by Albert Hammond and Mike Hazlewood, regarding the 1972 song ‘The Air That I Breathe,’ sung by The Hollies. As a result of that claim, Hammond and Hazlewood received co-writing credits and a percentage of the royalties of Radiohead’s ‘Creep.’ While one might ask whether Hammond and Hazlewood should really be making the claim against Del Rey, it is too soon to tell whether it is the very same chord progression, rhythm, melody or lyrics involved in the Del Rey-Radiohead dispute as the Radiohead-Hollies dispute, as every song is made up of many different such elements. Time will tell whether Radiohead’s lawsuit will go anywhere, although my money would be on Radiohead winning, if it went to trial. However, odds are that there will be a similar result to the Radiohead-Hollies out of court settlement, with Radiohead sharing writing credits and royalties.

You Be The Judge: Take a listen to both songs here:

Prior Precedent 

Copyright disputes between musicians, writers and publishers have been part of the music landscape for decades. In 1971, former Beatle George Harrison had a number 1 single on his hands with ‘My Sweet Lord.’ Yet, while that single was still in heavy rotation, Harrison was hit with a lawsuit by publisher Bright Tunes Music, which held the rights to the Chiffons’ 1963 hit ‘He’s So Fine,’ written by Ronnie Mack. Harrison tried unsuccessfully to settle the matter and, ultimately, lost at trial, having to pay Bright Tunes damages in the amount of $1,599,987! As only a former Beatle could, Harrison did, however, turn the experience of tortuous litigation into another hit called ‘This Song.’

More recently, Robin Thicke, Pharrell Williams and Clifford Harris, Jr. were found to have infringed on the work of Marvin Gaye, in particular the song ‘Got To Give It Up.’ Interestingly, it was Thicke, Williams and Harris who pre-emptively filed suit against the Gaye family and Bridgeport Music, in an attempt to have the court determine Thicke and company had not infringed on Gaye’s work. The suit backfired, with a finding that Thicke and company had infringed on Gaye’s work and awarded $5.3 million in damages.  Thicke and company have appealed to the United States Court of Appeals for the 9th Circuit.  At oral argument, Thicke and company argued that there can be no infringement for a “groove,” which it sought to differentiate from a lyric, rhythm, etc.  No decision has been reached by the 9th Circuit as of yet, but Thicke, Williams and Harris have a tough road ahead to overturn the lower court’s verdict.

Questions? Let Jeff know.

 

Jeff Cohen is a member of Flaster Greenberg’s Litigation, Intellectual Property, Corporate and Real Estate Practice Groups. He has been a trial attorney for more than 23 years, counseling and representing a diverse range of clients in matters related to commercial contracts, shareholder and partnership agreements, trademarks, copyrights, patents, including Hatch-Waxman, insurance coverage, franchise disputes and commercial construction.

 

Hot Topics in Bankruptcy Law: Alter Ego Claims

Most of us believe that when we set up a corporation to conduct business, we’ve accomplished many positive things. One of these, in particular, is that we’ve shielded ourselves from personal liability for any of the company’s business obligations. Unfortunately, that may not always be the case.

Usually a corporation is treated as a separate legal entity, and the corporation is solely responsible for the debts that it incurs. However, whether your business is financially sound, or is having cash flow issues, individual owners are not immune from suit by an aggressive creditor, or some other party seeking to recover a claim for a variety of other reasons.

In such cases, a plaintiff may file suit against not only the corporation, but its owners, officers or directors. How and under what circumstances can this type of action be successful? When can you be personally responsible for the debts of your corporation?

Courts have developed a concept known as “piercing the corporate veil.”  Essentially, it is a legal concept in which courts cast aside limited liability and hold a corporation’s shareholders or directors personally liable for the corporation’s actions or debts under a theory that the corporation is their “alter ego.” Veil piercing is most common in small, closely held companies.

In determining whether a corporate veil may be pierced, which can result in personal liability, courts will look to a number of key factors.

Undercapitalization.  Was the corporation undercapitalized from the outset?  Failing to sufficiently capitalize a newly formed company can not only lead to financial distress, but also leaves its shareholders susceptible to suit.

Failure to adhere to corporate formalities.   Does the corporation have an operating agreement and/or corporate by-laws?  Does it conduct regular board meetings and keep minutes?  If it fails to do follow these and other simple rules, the risk of personal exposure is higher.

Substantial intermingling of corporate and personal affairs.  Are there significant intercompany transfers, or are funds being paid out of the corporation that are clearly not business related?  When business owners use their various corporations to shuttle funds back and forth between them, or they utilize their corporation as a personal piggy bank from which they can withdraw money at will, the corporate form will be disregarded.

Use of the corporate form to perpetuate a fraud.   Does someone with whom you do business routinely appear to be starting up, then shutting down, his corporations?  Clearly, where individuals set up companies solely and knowingly to shield themselves from liability, they will be found to take on the liabilities of the company.

Recently, veil piercing through an alter-ego theory was tested by two courts in Pennsylvania, with opposite results.

In Liberman v. Corporacion Experianca Unica, S.A., — F. Supp. 3d —-, 2016 WL 7450464 (E.D. Pa. Dec. 27, 2016), the U.S. District Court decided in favor of business owners where the plaintiff sought to pierce the corporate veil.  There, the plaintiffs were not paid rental profits from their investment in a time share in Costa Rica.   In their subsequent suit, the plaintiffs attempted to pierce the corporate veil in order to hold the defendants and defendants’ principal liable for all resulting damages.

The court rejected the plaintiffs’ arguments outright.  First, the court drew a distinction between undercapitalization and underperformance, the latter of which does not lend to a successful veil piercing claim.  Also, the court found that the need to borrow money at the beginning of a project was not evidence of undercapitalization and noted the absurd result that could stem from such a ruling.

The plaintiffs’ argument that the defendants failed to observe corporate formalities was also rejected.  The court noted that each defendant maintained separate board meetings, shareholder meetings, insurance, tax returns, officers, title to assets, books and records and financial statements as evidence that the defendant corporations were all maintained as separate entities.  Finally, in rejecting the plaintiffs’ contention that intermingling occurred, the court found that the fact that funds were being transferred and booked, between different companies actually supported the defendants case, because it was evidence of the maintenance of separate books and records.  Importantly, the court stated that common ownership was not evidence of intermingling and did not support an alter ego theory of liability.

In stark contrast to the District Court’s decision in Liberman, the Superior Court of Pennsylvania upheld a verdict by the Court of Common Pleas to pierce the corporate veil in Power Line Packaging, Inc. v. Hermes Calgon/THG Acquisition LLC, 2017 WL 90617 (Pa. Super. Jan. 10, 2017).  In Power Line, the plaintiff supplied a line of mists, lotions and shaving gels to the corporate defendants.  When the corporate defendants failed to pay, the plaintiff sued them, as well as the defendants’ principals.  After a non-jury trial, the Court of Common Pleas issued comprehensive findings, holding the defendants’ principals personally liable.

First, the Court found that the defendant corporations were undercapitalized in that they were never solvent and never had any substantial assets at any time.

In addition, unlike the defendants in Liberman, the Power Line corporate defendants held no board meetings, kept no minutes and had board members that never participated in the companies’ business affairs.  Moreover, the corporate defendants distributed dividends to shareholders with absolute disregard of their investment in that corporation, or the corporation’s financial ability to pay a dividend.  Thus, the court held, corporate formalities were not observed.

The Court also found that the defendants and their principals frequently comingled their assets, stating, in fact, that one principal operated under the assumption that all of the money in all of the companies belonged to him and could be used at his leisure.

Finally, the Court held that the principals of the defendants used the defendant corporations to perpetrate a fraud and render the defendant companies insolvent.  The court highlighted multiple misrepresentations from the defendants to the plaintiff that caused the plaintiff to continue to do business with the defendants, at a substantial loss. 

When conducting business, it is important to be mindful of the red flags that can result in personal liability for corporate debt. In order to minimize these risks, it’s helpful to have a sound business model at the outset, maintain accurate business and financial records and comply with the standards of conducting a business that have been discussed above. Flaster Greenberg’s attorneys provide advice and counseling on business formation and risk management, and when litigation is unavoidable, we represent our clients tenaciously to resolve the dispute as quickly and efficiently as possible. If you have questions about managing risk or ways to avoid personal liability for your business obligations, please contact Harry Giacometti or Damien Tancredi.

 

 

 

Governor Chris Christie Vows To Limit Initial Prescriptions For Pain Medications – Medical Community Reacts

At Governor Christie’s State of the State address last week he emphasized again that fighting drug abuse and addiction is a top priority.  One of his proposals has already drawn a strong reaction from the medical community.  Governor Christie proposed that physicians should be limited to prescribing a five-day supply of pain medications for acute conditions. Under the current law a physician may write a prescription for up to a 30-day supply of pain relief medication.  Last year Connecticut, Massachusetts, Maine, New York and Rhode Island restricted initial prescriptions for acute pain medications to a seven-day supply. New Jersey’s proposed five-day prescription limitation could be the strictest in the country.

In his address, Governor Christie said that a 30-day supply “is dangerous, ill-advised and absolutely unnecessary.” His goal is to limit prescriptions to five days so that patients in acute pain must consult with their physicians before they can receive another prescription.  Governor Christie’s assertion that a 30-day supply is “excessive” is unfounded and it may result in more harm to patients in pain than good, according to physicians.

Nonetheless, on January 17, 2017 Governor Christie signed an Executive Order directing the State’s Attorney General, Christopher Porrino, “to take all necessary steps to limit the initial prescription of opioids for acute pain.”   Last week Attorney General Porrino sent the Board of Medical Examiners (BME) a letter stating that he will seek to implement the five-day prescription limitation as an emergency adoption which would become effective upon its filing with the Office of Administrative Law.  He asked the BME to “support and assent” to the initiative no later than February 16, 2017.

The BME is charged with regulating physicians and other providers – the BME also adopts regulations on standards of practice including the requirements for prescribing pain medications to patients.  The BME’s recognizes the prescribing concerns raised by Governor Christie, such as the risk of a patient becoming addicted. Therefore, it recently voted in favor of a recommendation that all physicians must “familiarize” themselves with the Centers for Disease Control and Prevention guidelines for prescribing pain medications. The BME also continues to make disciplinary actions against physicians who engage in indiscriminate prescribing its highest priority.

Pursuant to the BME’s regulation on limitations for prescribing controlled substances, physicians must assess patients and develop treatment plans before prescribing for pain. The BME’s regulation limits the quantity of Schedule II pain medication (drugs most likely to be addictive) to a 30-day supply or 120 dosage units, whichever is less based upon its findings that this standard meets current medical evidence.  The federal Drug Enforcement Agency (DEA) does not limit Schedule II drugs to a 30-day supply.  The DEA merely provides that the amount prescribed must be for a “legitimate medical purpose.”

Limiting a physician’s ability to determine what is best (and legitimate) for patients has the medical community up in arms.  The State Medical Society’s opposition to this proposal is not surprising as the proposal is widely viewed as an intrusion into the physician-patient relationship.  New Jersey’s 30-day supply regulation is currently stricter than many states requirements, although certainly not as stringent as the five states mentioned above which have seven-day pain medication limitations.  Imposing even narrower limitations on physicians who treat pain “is not the way to go” according to the Chair of the American Medical Association’s Opioid Use Committee.  However, New Jersey may soon see changes in the amount that may be prescribed for acute conditions regardless of whether or not the BME decides to “stand” with the Attorney General emergency regulatory amendment.

Physicians will continue to be concerned about the impact on patients from the five-day proposal and the increasing efforts to discipline physicians who allegedly have engaged in indiscriminate prescribing.  Our experienced healthcare attorneys regularly represent physicians in disciplinary actions before the BME and we handle cases where physicians’ licenses may be suspended or revoked due to allegations of over-prescribing without medical justification.  Our role as counsel in these cases is to ensure that physicians are afforded due process and the opportunity to present evidence supporting the medical care they rendered.  During these challenging times for physicians, knowledgeable counsel is vital.

 

Alma L. Saravia is a shareholder of Flaster Greenberg PC in Cherry Hill. She practices in the area of health-care law and was a member of the N.J. State Board of Medical Examiners. She can be reached at 856.661.2290 or alma.saravia@flastergreenberg.com.

Solar Energy Marketplace: Strike Now While the Sun is Hot

solar panel

Attention solar energy developers and EPCs: get to work now and do not stop until the industry “goes dark” or you will miss your chance to capitalize on the recent extension granted by the federal government….the extension of the investment tax credit (“ITC”) (at 30% and then phasing down over time).

Developers and EPCs now have the guaranty that the 30% ITC will be available to them for qualified investment credit facilities until December 31, 2019 (at which time projects commencing construction after that date receive a lesser ITC rate). The relevant statue provides for a phase-out schedule that reduces the ITC to 26%, then 22% and then 10%, which means that for every solar energy project that complies with the federal regulations and is placed in service in accordance with the published schedule, they (or the investment tax credit investor that they secure) will receive an actual tax credit (not tax deduction) in the amount of the specified percentage of qualified costs. The extension of the ITC will provide the economic security that developers and EPCs need to get projects funded and financed.  In addition, the extension enables investors and lenders to feel secure in their equity investment and construction financing because the ITC is a virtually essential element of the deal funding “capital stack”.

With the solar energy marketplace in a virtually exponential growth phase, it is essential that developers and EPCs charge forward to secure as many readily available (willing offtaker or purchaser, economically viable, cooperative utility, etc.) projects as possible within their financial and operational capacity. Once these easy to secure and complete projects have been accounted for, then sales, development and construction efforts will all be more difficult and possibly more expensive.

What can you do to take advantage of the ITC extension (and state solar renewable energy credit (SREC)) programs? Consult with your renewable energy counsel to learn what states should be receiving your most focused project location/sales efforts and how to secure, develop, fund and finance your projects,

Questions? Let Mitch know.

Mitch Cohen is a co-founder and member of Flaster Greenberg’s Alternative and Renewable Energy Practice, representing clients engaged in or considering business ventures in emerging green energy fields such as solar, wind, geothermal, cogeneration, biofuels and biomass. His clients include solar and other alternative energy developers, EPC contractors, energy consultants and alternative energy funding sources. He can be reached at mitch.cohen@flastergreenberg.com or 856.382.2222.

%d bloggers like this: