Cybersecurity & Data Privacy Legislative Updates

Since the passage of the CCPA in 2018, there has been a flurry of proposed state laws aimed at regulating the areas of cybersecurity and data privacy in the absence of federal comprehensive legislation. Additionally, there has been a renewed focus on legislation at the federal level. Here’s an overview of some recently proposed pieces of federal legislation, and recently proposed and passed state laws that may actually have a shot at success.

Federal Privacy Legislation

Information Transparency and Personal Data Control Act (2021)

This Act is the first of its kind to be introduced in 2021. The Act would create protections for the processing of personal information. Under the Act, businesses would be required to utilize an opt-out consent mechanism for consumers for the collection, processing, and sharing of non-sensitive information. For the collection, sale, sharing, or other disclosure of sensitive personal information, however, companies would be required to obtain an “affirmative, express, and opt-in consent” from consumers. 

The proposed law defines “sensitive personal information” as financial account numbers and authentication credentials, such as usernames and passwords; health information; genetic data; any information pertaining to children under the age of 13; Social Security numbers and any “unique government-issued identifiers;” precise geolocation information; the content of oral or electronic communications, such as email or direct messaging; personal call detail records; biometric data; sexual orientation, gender identity or intersex status; citizenship or immigration status; mental or physical health diagnoses, religious beliefs; and web browsing history and application usage history.

Notably, information that is classified as deidentified, public information, and employee data would not fall under the definition of “sensitive personal information.” Written or verbal communication between a controller and a user for a transaction concerning the provision or receipt of a product or service would also not be considered sensitive data.

Additionally, data controllers would be responsible for informing processors or third parties about the purposes and limits to the specific consent granted but would not be liable for processors’ failure to adhere to those limits.

Moreover, the law would provide additional rulemaking authority to the Federal Trade Commission to devise requirements for entities that collect, transmit, store, process, sell, share, or otherwise use the sensitive personal information of members of the public.

This Act would not provide consumers with a private right of action. Instead, it directs the Attorney General to notify controllers of alleged violations and provide them with 30 days to cure non-willful violations of this Act before commencing an enforcement action.

For more information on recently-proposed federal legislation, including those crafted to address the COVID-19 pandemic, see my pieces on the Exposure Notification Privacy Act, The Public Health Emergency Act, and the COVID-19 Consumer Data Protection Act.

State Privacy Legislation

Unlike comprehensive national laws like the GDPR, which generally applies to all data in all settings, state laws in the U.S. typically carve out exceptions for certain types of data, such as health information already subject to HIPAA, for example. The laws outlined below largely follow this pattern.

The following states have recently passed, or proposed, cybersecurity and data privacy laws.

StateLegislationStatusPrivate Right of Action
CaliforniaCalifornia Privacy Rights ActPassed by ballot initiative in November 2020Limited
VirginiaConsumer Data Protection ActSigned into on March 2, 2021No
WashingtonWashington Privacy ActPendingNo; Not in 2021 version
FloridaFlorida Privacy Protection ActPendingYes
New YorkNew York Privacy Act; Biometric Privacy ActPendingYes; Yes
OklahomaComputer Data Privacy ActPassed by HouseNo

The CPRA is a ballot initiative that amends the CCPA and includes additional privacy protections for consumers. It was passed in November 2020 and the majority of the provisions therein will enter into force on January 1, 2023 with a look-back to January 2022.

Virginia’s law is similar to the still-pending Washington Privacy Act and includes provisions that are akin to the CCPA.

Other states like Oregon and Minnesota have also proposed privacy and security legislation in recent months.

Don’t forget to catch Krishna Jani’s presentation at PBI’s upcoming Cyberlaw Update on Thursday, April 29, 2021!

Krishna A. Jani, CIPP/US, is a member of Flaster Greenberg’s Litigation Department focusing her practice on complex commercial litigation. She is also a member of the firm’s cybersecurity and data privacy law practice groups. She can be reached at 215.279.9907 or

Pennsylvania Decennial Reports

Pennsylvania requires certain business entities file a Decennial Report every 10 years to confirm their continued existence or the continued used of their marks in the Commonwealth. If a company fails to file a required Decennial Report, it will no longer have exclusive use of its name or registered mark, as the Bureau will be able to reissue the name or mark to another entity.

The Decennial Report is required if a company has not made a new or amended filing with the Bureau of Corporations and Charitable Organizations (the “Bureau”) from January 1, 2012 through December 31, 2021. The Report is required to be filed by December 31, 2021 with a $70 filing fee.  New and amended filings do not include decennial filings, name reservations, name searches, consents to appropriate name or fictitious name registrations. 

If a company is required to file a Decennial Report, its registered office should have received a post card from the Pennsylvania Department of State.  If there is any question as to whether a filing is required, please reach out to us or check the Bureau’s website: Decennial Filing (

If your business needs assistance with this or any other matter, please consider contacting any member of Flaster Greenberg’s Business & Corporate Department.

Electronic Signatures in NJ, NY, PA & FL: What You Need To Know

The COVID-19 pandemic rocked businesses with its required social distancing protocols and work from home mandates.  However, one silver lining to the unforeseen chaos generated by the pandemic is the benefit of being able to execute most documents from the safety of home.  Laws and guidance have been in place for years addressing electronic signatures, but the prevalence of their usage during the pandemic have led many states to enact their own laws.  The Uniform Electronics Transaction Act (UETA) provides guidelines that most states have adopted to determine the legality of electronic signatures in certain commercial and government transactions, and the Electronic Signatures in Global and National Commerce Act (ESIGN Act) established the legality of certain electronic contracts in interstate and global commerce.  Below is a quick primer on the respective New Jersey, New York, Pennsylvania and Florida statutes surrounding electronic signatures, a tool that has become increasingly important over the past year.

New Jersey

New Jersey enacted an electronic signature statute largely mirroring the UETA.  N.J.S.A. § 12A:12-1 et seq.  New Jersey transactions are not subject to this law to the extent they are governed by laws concerning: (i) the creation and execution of wills, codicils or testamentary trusts; (ii) the UCC, with exceptions; (ii) adoption, divorce or other matters of family law; (iv) court orders or official court documents; (v) notices of the cancellation of termination of utility services; (vi) the default, acceleration, repossession, foreclosure or eviction, or (vii) the right to cure an individual’s primary residence. 

New York

In stark contrast with the overwhelming majority of other states, New York has not adopted its own version of UETA.  Rather, New York’s statute addressing the validity of electronic signatures is called the Electronic Signatures and Records Act (ESRA).  N.Y. State Tech L § 301 (2014).  ESRA does not apply to documents providing for the disposition of an individual’s person or property upon death (such as wills, trusts, orders not to resuscitate) with exceptions, negotiable instruments and other instruments wherein possession of the instrument is deemed to confer title, or any other document that the electronic facilitator has specifically excepted from ESRA’s regulations.


Pennsylvania was one of the first states in the country to adopt a modified version of the UETA in 1999, permitting electronic signatures in most circumstances.  Under Pennsylvania’s law, electronic signatures are permissible except for transactions invoking laws governing wills, codicils or testamentary trusts or the Pennsylvania Commercial Code, with exceptions.


Florida’s electronic signature statute was adopted in 2000.  Florida’s iteration of the law states that, unless otherwise provided by law, an electronic signature may be used to sign a writing and shall have the same force and effect as a written signature.  This statute prohibited virtual signatures for documents governed by laws concerning the execution of wills, codicils or testamentary trusts, the UCC (with exceptions), contracts governed by the Uniform Computer Information Transactions Act, and the rules of judicial procedure.  Interestingly, as of January 1, 2020, Florida’s Electronic Wills Act went into effect, which permits, as the name indicates, wills to be signed and notarized virtually.  By enacting this law, Florida is on the cutting edge of this area of law, being only one of a few states to loosen the traditional requirement that wills be signed in person.

Before you virtually sign any document, make sure you are in compliance with your state’s electronic signature rules.  If you or your business need legal advice, please consider contacting any member of Flaster Greenberg’s Business & Corporate Department.

Senate Passes $1.9 Trillion COVID-19 Relief Bill: What You Need To Know

The Senate passed President Biden’s $1.9 trillion COVID-19 relief package late Friday night.  While the bill must go back to the House of Representatives for reconciliation with the bill they passed in late February, it is a major step forward in getting financial relief to those in need.

Here’s what you need to know about the COVID-19 Relief Bill:

  • It extended the $300 weekly unemployment benefit through September 6th, thereby avoiding the deadline of mid-March for that benefit established by the December 2020 stimulus bill.
  • It promises $1,400 in stimulus money to a narrower selection of individuals than had been eligible for prior stimulus checks.  Individuals who earn more than $80,000 and married couples earning more than $160,000 combined are excluded. 
  • The $15 minimum wage provision that was a highlight of the House bill did not make it into the Senate’s version.
  • It allows an individual’s first $10,200 earned through unemployment to avoid taxation.  This applies to those who made less than $150,000 in adjusted gross income in 2020.  If you earned more than $10,200 and have already filed your 2020 tax returns you may consider amending your return to reflect that information.  Talk to a tax professional to see if such an amendment would change your tax liability.

The Senate bill included many other provisions, including a change to the child tax credit, providing further relief to state and local governments, and funding for COVID-19 testing, vaccinations, and contact tracing.  We will have to wait for the reconciled bill to see if any of these provisions change, but it is notable that the bill was passed and is heading towards reconciliation. Stay tuned.

Questions? Let us know.

Cybersecurity & Data Privacy Litigation Trends – February 2021

Spotlight on Recent Decisions 2021

The Delaware Superior Court recently dismissed a healthcare data breach lawsuit against Brandywine Urology Consultants (“Brandywine”) because it ruled that the victims of the breach failed to provide evidence of injuries or losses caused by a 2020 security incident and, therefore, lacked standing to sue. The suit, Abernathy, et al. v. Brandywine Urology Consultants, P.A., C.A. No. N20C-05-057 MMJ CCLD, resulted from a ransomware attack that was discovered by Brandywine in January 2020, and which was reportedly live on the network for two days before it was detected and isolated by the IT team. Interestingly, during the attack, cyberthieves accessed and encrypted records that included patient names, addresses, Social Security numbers, medical file numbers, claim data, and other financial and personal data but at no time did the cyberthieves attempt to extract a ransom. According to the Delaware Superior Court’s January 21, 2021 Opinion, Brandywine notified all of its patients of the attack via breach notification letters. 

In May 2020, the breach victims filed suit against Brandywine, alleging negligence, invasion of privacy, breach of express contract, breach of implied contract, negligence per se, breach of fiduciary duty, noncompliance with the Delaware Computer Security Breach Act, and violation of the Delaware Consumer Fraud Act. In July 2020, Brandywine filed a motion to dismiss arguing that the plaintiffs lacked standing to sue—essentially that victims suffered no concrete, particularized, and actual or imminent injury-in-fact. In order to demonstrate “injury-in-fact” the victims alleged imminent risk of future harm, a loss of privacy, anxiety, failure to receive the benefit of the bargain, a loss of value to the property in personally identifying information, and disruption in medical care. The lawsuit sought mitigation expenses caused by the breach. In July 2020, Brandywine filed a motion to dismiss arguing that the plaintiffs lacked standing to bring the case to federal court—essentially that plaintiffs suffered no concrete, particularized, and actual or imminent injury-in-fact. 

In its January 21, 2021 Opinion, the Delaware Superior Court stated that in “data breach cases [in Delaware], [p]laintiffs must provide at least some plausible specific allegations of actual or likely misuse of data to satisfy the standing requirement and avoid dismissal under [Superior Court Civil] rule 12(b)(1).” The court also noted that Delaware courts have not yet addressed the question of whether the imminent risk of future harm from a data breach constitutes an injury-in-fact sufficient to confer standing. Brandywine argued that it did not. 

The court found that Brandywine’s breach notification specified that the breach was only a possible compromise of personal and financial information during the ransomware attack. It did not concede that it was a concrete and imminent threat. The court also determined that Brandywine appeared to act quickly in response to the breach and took the appropriate steps to investigate what had transpired. Ultimately, the court decided that Brandywine should not be punished for having notified individuals about a possible compromise of their data. In fact, the court expressed hesitancy about making any ruling that would chill efforts to notify patients or clients of security breaches out of an abundance of caution. The court stated that the mere fact that the attack occurred, without more, is insufficient to confer standing on plaintiffs. The court also found that mitigation costs, including credit monitoring and placing freezes and alerts with credit reporting agencies, do not create an injury sufficient to confer standing on plaintiffs who allege speculative harms resulting from a data breach. 

In a similar case in the Middle District of Pennsylvania, cited in the Delaware Superior Court’s  Opinion, the court also found that “[p]laintiffs’ alleged harm—that they are now at an increased risk of identity theft—does not suffice to allege an imminent injury.” 

Though the courts remain fragmented on the issue of standing in data breach cases, the Delaware Superior Court’s opinion lays the groundwork for what may become the norm: a heightened pleading requirement for Article III standing in such cases.  

Krishna A. Jani is a member of Flaster Greenberg’s Litigation Department focusing her practice on complex commercial litigation. She is also a member of the firm’s cybersecurity and data privacy law practice groups. She can be reached at 215.279.9907 or

The Pandemic’s Impact on South Jersey’s Economy: An Insider’s View​

Pandemic……and record DECLINE IN BANKRUPTCY filings.  Yes, as the title of an article in the Wall Street Journal in January read about 2020 “Commercial Chapter 11 Filings Rose 29%, While Personal Bankruptcies Dived.”  We debt relief/restructure practitioners have been following these numbers since the beginning of the Pandemic. 

From the end of March 2020 on, many were expecting a flood, better-yet a monsoon of bankruptcy filings, but the flood never came. Instead, we have seen the lowest number of filings in 35 years! What is going on?  Well, the short answer is that the stimulus packages worked at some level in keeping people employed and many business muddling along! Also, the closing of the courts, delays in foreclosures, almost automatic moratoria for mortgagors, abatements of rent and hold on evictions many posit have slowed the process. So, what is in store for 2021? I tend to lean, with hope, that with the funds coming into the economy through additional PPP funds, extensions of unemployment, extra dollars for individuals and business, perhaps business will reopen, begin getting all those on unemployment back to work and truly bring everyone into the economy without businesses and individuals being compelled by their circumstances to file bankruptcy.  Additionally, the federal government will need to do everything right to ensure that inflation does not “kick in.”  However, I fear that we may now be seeing the beginning of what will eventually be a wave of bankruptcy filings, not necessarily a title wave, but a wave nonetheless. I can just tell you this anecdotally.  As a bankruptcy trustee, I am assigned 45-50 cases approximately once a month to handle. Those numbers went way down during the last eight months.  My January hearings were again up to those numbers with many articulating the COVID-19 pandemic as the cause.  Earlier this month, the Atlantic City Press reported “the Atlantic City-Hammonton metro area, which basically encompasses all of Atlantic County, has been in the top three metro areas in the nation for unemployment rates and increases in unemployment during the pandemic. The other two topping that list were other big tourism and/or gaming sites: The greater Las Vegas area and Kahului-Wiluku-Lahaina in Hawaii.”​ From a business perspective, we have been working very hard to make deals with landlords or for landlords and many other creditors that are either in trouble or causing trouble. However, some of those attempts are blowing up as certain industries are not even able to pay their bills at reduced amounts and creditors are unwilling to take further cuts as their obligations to their own creditors are just too great. 

Stay tuned. I will be putting out a post once a month or perhaps more often, to keep you informed on current filings and the beginning of a uptick that we most certainly think will occur.

Questions? Let Doug know.

Douglas S. Stanger is a shareholder at Flaster Greenberg PC concentrating his practice in bankruptcy, corporate and real estate law. He has served on the United States Department of Justice Panel of Bankruptcy Trustees for 25 years and is an approved mediator for the Bankruptcy Court in the states of New Jersey, Pennsylvania and Delaware. Most recently, Doug was appointed by the U.S. Department of Justice as one of only ten subchapter V trustees in the State of New Jersey.

COVID-19’s Impact On Child Support & Alimony Obligations – What We’ve Learned in 2020

We are coming up on the one-year anniversary of when COVID-19 first began causing significant disruption to families, including families with separated or divorced parents. Many people suffered job losses and income reductions, while small business owners, independent contractors, and sole proprietors struggled to keep their companies afloat in the midst of a widespread financial crisis. For those individuals with alimony or child support obligations, this caused confusion and uncertainty with respect to how the courts would treat these unprecedented situations. 

Since last year, the family courts have seen an uncharacteristic rise in the number of litigants seeking relief from their various financial obligations to their children or ex-spouses. Before the pandemic, during “normal” pre-COVID scenarios, someone wanting to lower their alimony or child support had to demonstrate a significant change to their financial circumstances. This subjective legal standard was already confusing for most litigants, since what felt “significant” to one person might seem trivial or minor to another. Thankfully, over the years the courts have addressed enough of these cases that more reliable criteria have emerged to help guide litigants who desire to lower their obligations. For example, courts routinely deny relief to litigants whose changed financial circumstances are temporary in nature. This is why it is inadvisable to rush to court in an attempt to lower your child support the day after you lose your job, unless you can verify that you will not be reemployed in the near future. Generally, judges want to see that litigants who lose their jobs have made ongoing, meaningful attempts to find replacement employment before the court will consider granting relief. Similarly, for individuals in fields where periodic bouts of unemployment are common, such as union employees, contract workers, or seasonal industries, the expectation is that the litigant will budget their paychecks on an annualized basis so there is enough money to pay support even in months when the worker is unemployed. 

Courts also strictly scrutinize the cause of diminished income in litigants seeking to lower their support obligations. Someone who lost their job because their position was terminated or their employer downsized is going to face less scrutiny than someone who lost their job for cause, such as being fired for excessive absences or poor performance. In the latter situation, many judges will deny relief and will hold that party to the same income standard they had at their old job even if they are unemployed or earning less money now. This is referred to as “imputation” of income. Courts will also impute income to individuals who voluntarily elect to change jobs for personal reasons such as desiring a shorter commute or a better work-life balance.

It is under this complex and unpredictable legal rubric that folks have been rushing to court during the COVID-19 pandemic. While early on in the pandemic the courts were hesitant to grant lasting relief to litigants who suffered reduced incomes due to COVID, judges are now showing more leniency and accommodation in this regard. For example, whereas under pre-COVID standards a litigant would have to demonstrate several months’ worth of effort at securing new employment before a judge would consider lowering a support obligation, judges are more likely to grant immediate relief for a litigant who lost their job due to COVID. However, this does not mean that a litigant can simply expect their obligation to remain low indefinitely. Instead, some judges are granting interim relief—such as temporary support reductions—for one or two months and then requiring the parties to reconvene for a status update. During the status update, the courts will explore the litigant’s efforts at reemployment in light of the COVID-19 landscape. If a litigant can demonstrate that they have made good-faith efforts at finding new employment and have been unsuccessful, courts will oftentimes extend the reduced support for longer periods of time. Notwithstanding any short-term support reductions granted by the court, in both New Jersey and Pennsylvania alimony and child support are always subject to review based upon either the recipient or the obligor’s changed financial circumstances. This means that if a litigant was granted a support reduction but then obtains new employment at any time in the future, the recipient of support would be entitled to petition for an immediate recalculation of their alimony or child support and would not have to wait for the court to schedule a status proceeding. In addition, if a recipient of support believes that an obligor is not making legitimate attempts to find new employment, the support recipient can file an application to have the court analyze the obligor’s efforts more carefully. 

The above might make it appear that if you lose your job due to COVID-19, you can relax and collect unemployment indefinitely while also enjoying the benefit of reduced support obligations. This is not necessarily the case. In addition to routinely reassessing the situation and critiquing a litigant’s reemployment efforts, some courts are only suspending enforcement of the original support obligation but allowing any deficits to accrue. For example, if a litigant owes $1,000 per month in child support and loses their job as a result of the pandemic, a judge could keep the obligation at $1,000 per month but allow the litigant to pay only $600 per month for a period of time. The unpaid $400 per month would accrue as what is called “arrears” and would eventually be paid to the recipient in the future. In addition, for temporary situations, judges can also review the assets of the obligor, such as savings and retirement accounts, and direct that support is paid from those assets as opposed to paying support from income. These types of arrangements allow the court to balance the equities between the recipient of support and the obligor, ensuring that at some point the recipient would be made whole for the losses. After all, in most situations, if an obligor pays less support than what is owed to the recipient, the recipient and any children suffer as well. Courts frequently try to create dynamic solutions that foster symmetry between two parties. 

Another situation that has inundated the courts recently involves parents who have suffered changes to their income or employment due to increased childcare obligations. The majority of children are now participating in 100% virtual or hybrid school models. Especially for families with younger children, this has caused folks to make swift and sweeping adjustments to their schedules to ensure a parent is home to oversee a child’s “online” education. Even parents whose employers permit them to work from home have seen reductions in their income because it is not always possible to juggle full-time homeschooling responsibilities and full-time remote work. When a support recipient petitions the court for an increase in support from the obligor due to their reduced income in this situation, courts tend to be more hospitable, even though the decision to stop working is technically voluntary. In a pre-COVID environment, a litigant who stopped working unexpectedly because they suddenly decided that they wanted to be a stay-at-home caretaker would face suspicion from the court and would not be very successful. Now, courts are recognizing that having children home full-time when they would otherwise be in school 6-10 hours per day is the new normal, and adjustments have to be made in the spirit of fairness to the parent who takes on these new daytime educational responsibilities. 

COVID-19 has brought on a slew of new challenges for the courts when it comes to issues involving alimony and child support. The old prevailing legal standards do not always yield just and equitable results in a COVID-19 environment. While there are no ideal solutions that would please everyone in these situations, the courts are doing as best as they can in the worst of times. If you are experiencing changes to your financial circumstances stemming from the COVID-19 pandemic, it is best to seek out a knowledgeable and reputable family law attorney to assess your unique situation and determine the best remedy for you. Although the path to relief might not always be simple and straightforward, relief can be possible. 


As a shareholder and member of the firm’s Family Law Department, Angie Gambone concentrates her practice in the areas of complex family law, divorce and custody matters. She also focuses her practice on adoption, family formation and the family law needs of nontraditional and LGBT families. Angie can be reached at or 856.382.2217.

To serve as a central repository of information and contributions from Flaster Greenberg attorneys on legal developments during the COVID-19 crisis, we have launched a COVID-19 Resource Page on our website.  Feel free to check back frequently for Flaster Greenberg’s ongoing analyses of important legal updates that may affect you or your business. 

Potential Taxation Without Representation: The Implications of State Taxation on Teleworking

Beginning in March 2020, millions of Americans were forced to work from home as a result of the COVID-19 pandemic.  While the absence of a commute and the option of wearing sweatpants rather than slacks during meetings were initially welcome changes to the workday, it did not seem likely that we would still be “Zooming” to work from our kitchen tables in 2021. With the pandemic still surging, many Americans have not returned to the office and will have to reckon with possible tax implications stemming from their forced exile.  

Physically commuting from home in one state to work in another, such as from New Jersey to Philadelphia or New York City, is not new. Likewise, the tax implications for employees who commute are not surprising. Generally, the employee is taxed in both her home state (residence-based tax) and the state where she works through what is often referred to as a commuter tax (source-based tax), with the home state giving a credit or other accommodation to mitigate the duplicate tax cost.

Telecommuting, however, is not commuting. Employees who telecommute work from their home states.  Thus, it would be reasonable for those employees to expect to only be taxed in their home state because they’re not physically crossing state lines, right? Not so fast! If Pennsylvania, New York or Delaware are involved, both employees and employers might find surprising tax results from telecommuting, even when they are simply complying with mandatory work–from-home orders.  For employees of employers in these states this means that  dutifully working from home across state lines in accordance with the law, they may still be subject to tax in a state they have not set foot in for nearly a year as if they were physically commuting. In turn, this may create an unintended connection between the employer and the state where the employee lives, thereby subjecting the employer to taxation there. This conundrum also underscores the internecine struggle between the states over tax dollars derived from wages earned while telecommuting.

Employees: While most employees in the country are not currently impacted by this kind of law, a problem arises for employees of employers located in Pennsylvania, Delaware and New York because they have enacted the “convenience of the employer” rules. If an employee works remotely because her employer requires it, perhaps because that is where a customer is located, the employer’s state would not tax the employee on the income earned from that work. However, if the employee works outside of the employer’s state for any other reason, the employer’s state can tax that employee’s income regardless of where it was actually earned. The convenience of the employer rule in the current environment begs this question: is a mandatory work-from-home order a requirement or a convenience?  This is a question that has yet to be answered. Some states, such as New Jersey, have offered credits for its residents who are adversely impacted by this rule for the length of the pandemic.  

Employers: It is uncontested that states and municipalities can impose income taxes on businesses that have a physical location in the state or have employees who work in the state. These connections create tax nexus. The question that comes up when an employer has employees working from home in another state is whether telecommuting across state borders alone creates tax nexus to a state to which they were not otherwise connected. If nexus is created for the employer with the employee’s home state, the employer is subject to that state’s taxes. However, the universal nature of the COVID-19 pandemic has motivated some states to address this issue, at least in the short-term. New Jersey’s Division of Taxation has stated that nexus for corporate tax and sales and use tax purposes will not be imposed on out-of-state employers during the pandemic through telecommuting employees. Likewise, Pennsylvania’s Department of Revenue indicated it will not impose Corporate Net Income Tax nexus or Sales and Use Tax nexus on non-Pennsylvania businesses based solely on employees working from home in the state. The state of New York, on the other hand, has declined to issue guidance on this topic, meaning that non-New York employers of New York residents may find themselves unexpectedly exposed to New York State (and potentially City) tax.


States without the convenience of the employer rule might become envious as out-of-state employees continue working from home even after the conclusion of the pandemic and the tax dollars associated with their wages remain home with them. Perhaps a harbinger of things to come, one state, Massachusetts, reacted to this tax conundrum created by the pandemic by enacting a temporary “convenience of the employer” policy. This new rule states that employees who work for Massachusetts-based employers and are working remotely outside the state because of a work-from-home order in a neighboring state are still required to pay income tax in Massachusetts. This arrangement is slated to remain in place until ninety days after the governor of Massachusetts ends the state of the emergency created by the pandemic.

Although this measure is temporary, Massachusetts has experienced backlash from other states and numerous tax organizations. In October 2020, New Hampshire petitioned the United States Supreme Court for relief, requesting that it strike down this law as an unconstitutional tax on its citizens who telecommute.  The lawsuit also raises questions as to whether such convenience of the employer rules violate the Dormant Commerce Clause, which bars states from unduly burdening interstate commerce, even in the absence of federal legislation regulating the activity.  This lawsuit has attracted a lot of attention in the tax community, with over a dozen amicus briefs filed in the matter, including those from Connecticut, Hawaii, Iowa, and New Jersey, as well as public policy groups such as the National Taxpayer Union, the Tax Foundation, the Cato Institute, and Americans for Tax Reform. The states joining New Hampshire did so because many of their citizens are directly impacted by “convenience of the employer” rules subjecting them to taxation in a state to which they have no physical connection and thereby draining tax revenue from the residence state.  The Court has not determined whether it will hear the case, but the controversy is generating interest as other states might follow suit.

With many employees likely to continue teleworking even after COVID-19 vaccinations permit safe return to the office, it is critical to fully appreciate the impact these decisions may have on where tax is owed by telecommuters and their employers.  

David S. Neufeld has practiced law for more than 35 years, advising individuals and businesses around the globe on sophisticated federal income and estate tax planning, state tax residency planning and audits, asset protection, and insurance and investment planning. In addition, he helps business clients engaged in both inbound and outbound transactions (most notably involving China and India) as well as the individual tax issues that arise from cross-border business transactions. He can be reached at or 856.382.2257.

What Does My Company Need To Know Before Acquiring Another Company In Financial Distress?

We have been asked many times to assist a client in the purchase of another business that has been experiencing financial difficulties. While the purchase can be a significant advantage to your company, there are several items to keep in mind before contemplating such a transaction.

  • Due Diligence—Spend the time, effort, and money to thoroughly review financial information, employment contracts, leases, the work in progress of the company, etc. to obtain as full a picture of the financial position of the company before you complete the transaction.
  • Transaction Team—Enlist key employees and outside professionals to assist in the analysis and interpretation of all information gathered.  Use in-house staff, when possible, as well as engaging outside entities with certain levels of needed expertise (i.e.: forensic accountants, real property and business appraisers, environmental analysts, etc.).
  • Assets free and clear of liens—Often, the target company had loans with a financial institution that has liens on some or all of the assets of the company, and/or personal guarantees of insiders.  Review whether the personal guarantee stays with them or has to be transferred to the purchaser.  Be sure to perform UCC searches to examine any judicial liens, judgments, or any type of tax  liens, that may be in place.  You must obtain releases from all secured parties before completing the transaction.

Our firm has extensive experience in these types of business transactions and is available to assist you in the process. For more on any of the information contained in this post, contact Steven D. Usdin, or any member of Flaster Greenberg’s Bankruptcy, Financial Restructuring and Risk Management Department. Steve can be reached at 215.279.9903 or

Disinformation, Mob Mentality, And Federal Privacy Legislation

Will the disinformation that led to a mob surrounding the Capitol Building help drive federal privacy legislation?

Here’s why I think it will.


It is no secret that the internet is rife with information—some legitimate, and, inevitably, some not. In many ways, social media and the rise of new and emerging platforms on which to share information, contribute to the spread of disinformation. Disinformation is false information that is intended to mislead, unlike misinformation, which is false information that is spread, regardless of intent to mislead.

Disinformation can be damaging to both individuals and businesses because it can be difficult to discern the difference between evidence-backed information and disinformation. This very issue arguably resulted in thousands of people surrounding the Capitol Building on January 6, 2021 in Washington, D.C.

The Role of the Internet and Social Media

Though many platforms likely contributed to the widespread disinformation that led to a mob storming the Capitol Building, certain platforms have a significantly greater impact. For example, with more than two billion users worldwide, Facebook has unprecedented reach, and that reach has created a near-monopoly on certain types of information and the sharing of that information. For instance, small businesses often rely on Facebook to find customers. Content creators use Facebook to create visibility for their work. Software developers seek to attract customers on the platform. Media outlets use the platform to share news articles. The list goes on.  

Platforms like Facebook employ the details of personal profiles to gauge which content it believes a particular user will find enticing. Then, the platform will calibrate the user’s feed according to this process in an effort to maximize the amount of time that the user stays online. The result is that the information that appears in our feeds is informed, to at least some degree, by what our friends and network contacts post and consume. It is shaped, by a much larger degree, by the platforms’ algorithm.

This is precisely the point at which data privacy, personal autonomy, and democracy intersect.

The Problem and Ways to Avoid the Spread of Disinformation

Disinformation can harm businesses in a myriad of ways. Incorrect news, negative social media posts, and even overtly false consumer reviews can adversely impact a company’s bottom line.

Successful companies understand their markets, their customers, and their partners. They also need to understand how their brand is perceived by users of social media. This can be achieved by using in-house technology or hiring an outside firm. By doing so, companies can get advance warning of an individual’s or group’s efforts to spread disinformation about a given brand. To the extent a business participates in e-commerce and has a social media presence, the business should aim to establish verified accounts on major platforms and use them regularly to establish their markets.

Other tools businesses can use to avoid the spread of disinformation are: self-assessing, preparing for incident response, and communicating directly with their customers. In addition, data ethics should be incorporated into decision-making along with business motivation, technological practicality, and legal compliance.

How Federal Privacy Legislation Could Help

The federal government has no organization to regulate or help quell the spread of disinformation, and there is no one particular person within the government in charge of an overall disinformation policy. The United States needs a comprehensive approach to risk generated by data. Accordingly, any effective federal privacy regime must take into account the process of data throughout the whole lifecycle of data governance.

The business industry has plenty of reasons to support federal privacy legislation. For one, a single piece of comprehensive legislation reduces confusion surrounding compliance. Second, one law to rule them all would likely preempt many of the piecemeal legislative efforts of various states. Lastly, in the wake of the Schrems II decision, passing a commercial privacy law would help the atmosphere considerably as negotiations go forward with the European Union with regard to transborder data flows.

It is also worth noting that some of the largest markets in the world are moving toward comprehensive data protection laws, such as China, India, Brazil, and Canada. The adoption of a similar comprehensive law in the United States would solidify the United States’ position as a world leader in data privacy.

The goal of any federal privacy legislation should be to preserve the most beneficial aspects of social media platforms while simultaneously protecting individuals and businesses from the platforms’ more harmful impacts. Most pending federal legislation include the basics: data access, deletion rights, and portability. The next steps will be to incorporate protections against disinformation.

Krishna A. Jani is a member of Flaster Greenberg’s Litigation Department focusing her practice on complex commercial litigation. She is also a member of the firm’s cybersecurity and data privacy law practice groups. She can be reached at 215.279.9907 or

%d bloggers like this: