Insights Archives — Page 38 of 51 — Lindabury, McCormick, Estabrook & Cooper, P.C. Firm News & Events

New Jersey Courts Are Limited Only By Imagination When Resolving Business Disputes Between Partners

Published on: April 13, 2017 | by David R. Pierce

When dealing with shareholder oppression claims the court has a broad arsenal of remedies at its disposal. In fact, the remedies available to the court are limited only by its own imagination and the court’s sense of fairness.

The statute applicable to oppressed minority shareholders does provide some remedies along with its rights. N.J.S.A. 14A:12-7 (1)(c)(8) states that “Upon the motion of the corporation or any shareholder who is a party to the proceeding, the court may order the sale of . . . the corporation’s stock held by any other shareholder who is a party to the proceeding to either the corporation or the moving shareholder . . . if the court determines in its discretion that such an order would be fair and equitable to all parties under all of the circumstances of the case.”

The statute also gives the court the power, under the appropriate circumstances, to order the dissolution of the company. Although this is a favored threat of a party claiming oppression, it is quite unlikely to be ordered by the court. The court is extremely reluctant to dissolve an operating business and will go the great lengths to preserve a business, including to the extent of ordering a sale of the business to a third party. At least one court has ruled that the statute contemplates the ongoing existence of the corporation or the existence of a successor operating the business as a requirement of any remedy that might be imposed. Thus, dissolution is likely to be the remedy only if the parties agree that it should be the ultimate remedy in the case.

Minority Shareholder Oppression: The Court’s View of “Unfair” Action

Published on: April 6, 2017 | by David R. Pierce

Statutory remedies are made available to shareholders in a small, closely held corporation should harmful actions be undertaken by other shareholder or directors of the corporation. Importantly, these statutory remedies are available only to owners of a corporation with 25 or fewer shareholders.

Pursuant to N.J.S.A. 14A:12-7(1)(c), a shareholder in a closely held corporation may seek judicial remedies if the directors or other persons in control of a corporation have:

Acted fraudulently;

Cybersecurity and the Importance of Attorney-Client Privilege

Published on: March 30, 2017 | by Robert W. Anderson

Businesses have a major need to assess their own cybersecurity risks, and to openly exchange internal information within the company to effectively address and mitigate an actual breach situation. Yet a company’s internal assessments of its own weaknesses and the holes in its cybersecurity protections can, ironically, actually expose the company to even greater danger in future security breach litigation. A company’s good faith internal report of its cybersecurity weaknesses can potentially serve as almost an admission that it has found its cybersecurity protections for personal and confidential data to be inadequate.

Similarly it is of extreme importance that in the midst of dealing with a cyber breach event, that the company’s personnel freely exchange information related to the breach crisis situation quickly and without undue worries about how the disclosure of that information might look in a future litigation discovery proceeding.

The involvement of the company’s legal counsel in all important aspects of a cybersecurity risk assessment and breach response is crucial because of the protections that involvement can potentially provide the company under the doctrines of (i) attorney-client privilege, and (ii) work product protection.

Regardless of Amount of Corporate Stock Owned, You May Still Be A “Minority Shareholder”

Published on: March 30, 2017 | by David R. Pierce

New Jersey statutes provide important rights and protections to “minority” shareholders of small, closely held companies. The applicable statute provides a right to file a lawsuit for relief under the following circumstances:

In the case of a corporation having 25 or less shareholders, the directors or those in control have acted fraudulently or illegally, mismanaged the corporation, or abused their authority as officers or directors or have acted oppressively or unfairly toward one or more minority shareholders in their capacities as shareholders, directors, officers, or employees. N.J.S.A. 14A:12-7(1)(c) (emphasis added).

This is not the only justification for filing a lawsuit against fellow shareholders, but it is one that the legislature has seen fit to create.

Federal Data Privacy and Cybersecurity Laws

Published on: March 29, 2017 | by Robert W. Anderson

The United States does not currently have a single comprehensive federal law regulating data privacy and cybersecurity matters. Instead, there is a patchwork of laws which at times overlap, and in other cases may even potentially contradict one another. This patchwork, together with the growth in interstate and international data flow, heightens the risk of privacy violations and can create significant compliance challenges. Failure to meet these challenges, however, can result in government imposed civil and criminal sanctions (including fines and penalties), private lawsuits and class actions, as well as damage to a company’s reputation and customer trust.

The following is a brief summary of some of the most significant Federal legislation impacting data privacy and cybersecurity matters.

Federal Trade Commission Act (the “FTC Act”)

Customer Data, FTC Red Flags Rules and Your Business

Published on: March 29, 2017 | by Robert W. Anderson

Identity theft is an area of major concern for consumers and businesses alike. Roughly nine million individuals in the U.S. can expect to have their identity stolen each year. With just a few items of personal information (such as the name, social security number, and the date of birth of an individual) a cyber-criminal can potentially drain existing accounts or open new credit card accounts with devastating consequences for the unwitting consumer’s credit ratings and future path in life. If your business has been lax in protecting the privacy of such personal information in its possession, you may be inviting your own devastating consequences: lawsuits by individuals experiencing identity theft as a result of your lax procedures, regulatory enforcement actions, and damage to your business reputation and loss of trust by your customers.

The Red Flags Rule, issued by the Federal Trade Commission (“FTC”), requires financial institutions and creditors with covered accounts (as defined in the Red Flag Rule) to develop a written program that identifies and detects the relevant warning signs, or red flags, of identity theft.

Red flags can include, for example:

Responding to a Cybersecurity Breach – Establish Your Response Team

Published on: March 24, 2017 | by Eric B. Levine

It is a day that virtually every business owner fears, when you receive word from your IT department that your company’s computer system has been hacked. A million thoughts rush through your head, but they all come back to one question: what do I do right now to protect my company, my employees and my customers? The answer may seem daunting, but an answer does exist. This article attempts to provide you with a few of the basics on how to respond to a cyber-attack, focusing on the first step: Establishing your cyber-response team.

The first step to be taken upon learning of a cyber-breach is to understand what happened and what type of breach occurred. For example, is your system being held hostage by Ransomware, or did an employee mistakenly release confidential information? There are a number of common circumstances for cyber-breaches, such as: employee negligence like losing a laptop or flash drive containing personally identifiable information (“PII”) or protected health information (“PHI”); malicious insider behavior, such as the disgruntled or dishonest employee who steals company information to use for some nefarious purpose against the company; and perhaps the most wildly publicized breach as of late, hacking and cybercriminal activity.

In order to understand what happened and how best to react, the initial step is to assemble a team of cybersecurity professionals who can assist with all facets of the cyber-breach. In a perfect world, your company has already established its own cyber-breach response team, but if you have not done so, you will need to hire professionals as soon as possible after learning of the cyber-attack. This means engaging individuals who possess expertise in Information Technology and are experienced in evaluating the severity and scope of a cyber-breach. The cyber-breach needs to be quickly identified, affected systems need to be isolated, defenses to future breaches need to be put in place and steps to retrieve data need to be taken.

Recognizing And Avoiding Social Engineering Attacks

Published on: March 24, 2017 | by Lindabury, McCormick, Estabrook & Cooper, P.C.

A successful New Jersey business recently retained a cyber expert to evaluate the effectiveness of its network’s cybersecurity. The expert upgraded the company’s systems and educated its employees on how to recognize, prevent and respond to a cyber-attack. The expert then tested the defenses and was unable, despite multiple attempts, to hack into the company’s network. Satisfied that the network was reasonably secure, he decided to try one last trick. Posing as a friendly client who had an upcoming meeting, he called a receptionist and was given a Wi-Fi password which gave him access to the company’s network and sensitive information.

The good news for the company is that the breach was not real. The bad news is that, despite spending thousands of dollars to bolster its network security, the company’s network was compromised with a simple phone call. This is social engineering at its best.

WHAT IS SOCIAL ENGINEERING?

Fiduciary Duties Between Business Partners

Published on: March 21, 2017 | by David R. Pierce

Does your business partner owe you anything? We’re not talking about money, although that may be an ultimate outcome, we’re talking about how they treat you. Do they owe you any duty to be fair or to bring business opportunities to your company? Whether you are a shareholder in a small, closely held corporation or a member in a limited liability company, the answer to this question is yes, with some exceptions.

Every small business owner, again, whether be it a corporation or limited liability company, has a fiduciary relationship with the other business owners. What is a fiduciary relationship? A person who is a fiduciary is someone charged with a legal and/or ethical relationship of trust with one or more other persons. A fiduciary duty, in turn, is the highest standard of care that can be imposed on someone. A fiduciary is required to be loyal to the beneficiaries of that duty and there must be no conflict of interest between the fiduciary and beneficiaries. The fiduciary cannot profit personally from his position as a fiduciary.

Since each shareholder or limited liability company member owes each other a fiduciary duty the responsibility is reciprocal. Therefore, as a small business owner, you owe a fiduciary duty to your other partners whether you own 60% of the company or 5% of the company and they also owe you a reciprocal fiduciary duty.

Proposed Wage Discrimination Legislation Could Alter New Jersey’s Employment Playing Field

Published on: March 16, 2017 | by John H. Schmidt, Jr.

Although it is presently illegal under the New Jersey Law Against Discrimination (the “LAD”) to pay people different wages for performing the same work under similar working conditions because of their gender, there is currently pending in both the State Senate and Assembly legislation “concerning equal pay for women and employment discrimination, requiring public contractors to report certain employment information.”

Implications for All Employers: As proposed, the new legislation will make it an illegal act of discrimination to pay any employee at a rate of pay, including benefits, which is less that the rate paid by the employer to employees of the other sex for substantially similar work, when viewed as a composite of skill, effort and responsibility. Unlike prior legislation in this area, the proposed legislation codifies five circumstances justifying a pay differential between the sexes, but the employer bears the burden to prove that any of those circumstances exist. In so doing, the bill materially changes the legal standard for establishing wage discrimination.

The proposed legislation also adopts recent New Jersey Supreme Court jurisprudence by specifying that an unlawful employment act occurs each time an individual is adversely affected by a discriminatory compensation practice and paid less because of their sex. Contrary to the federal Lilly Ledbetter Fair Pay Act and current New Jersey law, however, the new legislation does not limit the amount of back pay the aggrieved employee can receive for violations that occur within the applicable statute of limitations period. Rather, under the new bill there is no statute of limitation, and an aggrieved employee can collect back wages retroactive to the date that discriminatory compensation first occurred, so long as the violation continues into the applicable two year statute of limitation of the LAD. Moreover, the proposed legislation prohibits employers from requiring individuals to agree to a shortened statute of limitation as a condition of employment.