Publications — Page 34 of 50 — Lindabury, McCormick, Estabrook & Cooper, P.C. Firm News & Events

Home » Publications

An Uber Nightmare: Lessons from Another Botched Response to a Cyber Attack

Published on: November 27, 2017 | by Eric B. Levine

Over the past several months, our firm’s Cybersecurity and Data Privacy Practice team has had ample opportunity to report on a number of high profile security and data breaches. It appears that trend is going to continue as another massive cyber-breach was just reported. This time, it was Uber that had its network breached, and that breach impacted 57 million users of the ride sharing service, as well as 600,000 Uber drivers. Although paling in comparison to other recent breaches like that of Equifax and Yahoo in terms of the quantity of individuals whose data was stolen, the Uber breach is equally important in developing your own awareness of how to respond to data breaches, Uber provides another example of what not to do when a data breach occurs. Uber’s mistakes are numerous and could have long-lasting consequences. Here are a few of those mistakes, followed with some advice on how to avoid them.

Mistake #1: Uber fails to notify victims of the breach: Uber reported that its network was compromised in late 2016, yet Uber did not alert victims of the breach until November 21, 2017. The scope of the breach is apparently international, with data protection agencies in the United Kingdom, Australia and the Philippines looking into possible violations of their respective countries’ privacy laws. In the United States alone, there are forty-eight different state laws governing security breach notifications, many of which require notice to be provided as soon as possible. Waiting almost a year before providing notice to individuals whose information is unlawfully accessed likely exposes Uber to liability in a multitude of states and countries in which Uber can expect to be, and has already been sued. As of November 23, 2017, at least two class action lawsuits have been filed in California claiming that Uber “failed to implement and maintain a responsible security procedures and practices appropriate to the nature and scope of the information compromised in its data breach”. Attorneys General from Illinois, New York, Connecticut and Massachusetts have been reported as opening investigations and it is a practical certainty that dozens of their colleagues will soon follow their lead.

Mistake #2: Uber fails to notify governmental authorities of the breach: To make matters worse, in addition to not notifying individual victims of the data breach, Uber did not provide timely notice to governmental agencies until recently. In doing, Uber has potentially exposed itself to regulatory penalties, including fines and potential lawsuits, as well as likely having to appear at state and federal level inquiries, either voluntarily or through the use of subpoenas. Unfortunately for Uber, its explanation as to why it failed to notify the proper authorities is going to be aired to the public, likely in real time.

The Important Role Life Insurance Plays In Divorce Settlement Negotiations

Published on: November 22, 2017 | by Nicole A. Kobis

When couples are ending their marriage or relationship there are many financial issues that need to be resolved including the division of property and respective ongoing support obligations. Two different categories of ongoing support one spouse may be responsible for are child support and spousal support, sometimes referred to as alimony. Child support is paid by one spouse to the other for the benefit of the children that they have in common. Alimony is paid for the benefit of the other spouse to account for a disparity of income that may exist between the couple upon their divorce.

Once the amount of each obligation is either agreed upon or ordered, the former spouses can then move forward and create their new personal budgets knowing the amount of support that they will have to pay or the amount of support that they will receive. But, what happens if one of the spouses dies after a divorce? This is where the existence of life insurance policies to secure these obligations becomes particularly important.

Unless agreed upon otherwise, the obligation to pay alimony terminates upon the death of either spouse. However, if a payee spouse has relied upon a certain amount of spousal support being paid to them, the sudden termination of alimony could be a life altering event. If a life insurance policy was in existence for the benefit of the payee spouse, the payout of the policy can help to mitigate the negative financial impact that sudden death can cause.

Homeowners Association Not Bound by Arbitration Provision Contained in Contract Between Buyer and Developer

Published on: November 21, 2017 | by Blake C. Width

The New Jersey Appellate Division’s decision in Greenbriar Oceanaire Community Association, Inc. v. U.S. Home Corporation, issued on November 16, 2017, determined that a Homeowners Association was not required to arbitrate any disputes with a developer, and, when faced with a motion to compel arbitration, was permitted to file an amended complaint separating out those claims that are not subject to the arbitration agreement.

The association involved in the dispute is responsible for the common areas, administration, and management of a 1425-unit residential community in Waretown, New Jersey. The defendant, U.S. Home Corporation d/b/a Lennar Corporation, was the sponsor and developer of the project, who ultimately transferred management to the association. In its June 2015 complaint, which was twice amended, the association, on behalf of itself and its members, being the homeowners bound to arbitration clauses, asserted numerous causes of action, including: design and manufacturing defects that the association claims constituted violations of applicable building codes and warranties, as well as various violations of the Planned Real Estate Development Full Disclosure Act (PREDFDA), and the developer’s breach of its fiduciary duties.

In light of the arbitration agreement contained in the developer’s contracts with the association’s homeowners, the developer moved to compel arbitration. By the time the motion was considered, the parties settled the design and construction claims. As a result, the question for the motion judge was whether the remaining claims, including those arising under the PREDFDA, and the fiduciary duty claims, were asserted on behalf of the homeowners and therefore subject to the homeowners’ promise to arbitrate with the developer, or whether the claims should be viewed as belonging only to the association, which never agreed to arbitrate any disputes with the developer. By way of his oral decision, the motion judge agreed with the developer’s view and entered an order compelling arbitration, and later denied a motion to vacate the order compelling arbitration.

Celebrating the Holidays After a Divorce – How Separated Couples Choose to Share Time With Their Children Can Make a Big Difference

Published on: November 9, 2017 | by Nicole A. Kobis

With the holidays approaching, people are busy making travel arrangements and shopping lists, digging out old recipes and getting their homes ready for what is arguably one of the most family oriented times of the year. However for couples with children who are ending their marriage or relationship these times come with an added layer of concern as to how they will share time with their children during these special events. When a couple decides to divorce or end their relationship and they have a child or children in common, there are many issues that need to be resolved relative to their children. Many questions arise regarding how the children will react to their parent’s split and the many changes that will inevitably take place. Regardless of the parent’s marital status (married, co-habitating, dating or separated) these issues are present and will need to be addressed proactively so as to minimize any negative impact on the children

There is no “one size fits all” formula used to determine how to handle parenting time during the holidays. Many choose to alternate years in which they have parenting time with the children for a specific holiday. Other people find it difficult to not see their children on a holiday and if distance and plans permit, opt to share the day every year with an exchange of the children taking place during midday so that the children can participate in activities with both sides of the family.

Couples may recognize that a certain holiday has traditionally been spent with one side of the family during their relationship and therefore decide that the children should continue to spend that holiday with that spouse and continue the traditions to which they have already become accustomed.

Disposition of Estate Assets – Real Estate

Published on: November 7, 2017 | by Lindabury, McCormick, Estabrook & Cooper, P.C.

Real estate is oftentimes one of the more valuable assets an individual may own, and thus can comprise a substantial asset in the estate following an individual’s death. Typically, it is the personal representative of the estate who has responsibility to dispose of a decedent’s real estate.¹ Real estate can either be conveyed directly to one or more of the estate beneficiaries or it can be sold. The disposition of real estate in an estate can be one of the more significant responsibilities for the personal representative. This article will address a number of issues facing a personal representative involved in the disposition of real estate through sale of the property following an owner’s death.²

The first issue generally faced by a personal representative is determining the fair market value of the property. For purposes of the federal estate tax law, fair market value is defined as “the price at which the property would change hands between a willing buyer and willing seller, neither being under any compulsion to buy or to sell and both having reasonable knowledge of relevant facts.” Treas. Reg. §2031-1(b). For New Jersey estate and inheritance tax purposes, tax is “computed upon the clear market value of the property transferred.” N.J.S. 54:34–5. See also N.J.A.C. 18:26–8.10. In general, an appraisal of real estate prepared by a member of the Appraisal Institute will be recognized as an acceptable appraisal by taxing authorities.³ An arms-length purchase by an unrelated third party, if completed within a reasonable time period after death, is generally accepted by the taxing authorities as an alternative to an appraisal.

The actual process of selling real property owned by an estate can also present challenges to a personal representative. Oftentimes a personal representative will wish to minimize the expenditure of funds to “update” an estate property, preferring instead to enter into a contract selling the property in “as is” condition without addressing any repair issues. While this is often an attractive approach, particularly when a personal representative has never resided in the property or has limited or no knowledge concerning its condition, there are limitations to this approach in New Jersey, which a recent case points out.

It’s Never Too Early to Plan for Management Transition

Published on: October 16, 2017 | by David R. Pierce

Lindabury Partner and President, David Pierce, shares his insight on developing, adopting and implementing strategic management transition plans in the Leadership Issue of Law Practice Today by the American Bar Association (ABA) Law Practice Division.

“Navigating a transition in the management of a law firm can be daunting and troublesome, but it is an absolutely necessary endeavor for the long-term survival of the firm. While many firms have been in operation for 50-plus years, it is easy to rattle off a list of firms that have imploded or disintegrated after experiencing decades of success. Nothing lasts forever. As the Second Law of Thermodynamics says, entropy (disorder) is always increasing in an isolated system. That does not mean that one shouldn’t try to preserve a law firm that has strong name recognition and a good internal culture. It does mean, however, that doing so requires an investment of considerable effort and energy to keep it from following the natural tendency to splinter and dissolve.”

To read the full text of the article click here.

Establishing, Revising And Enforcing Time-Sharing With Children

Published on: October 12, 2017 | by James McGlew, II

In all cases of divorce or separation where children are involved, the issue of time-sharing (previously referred to as “visitation”) is a significant issue to be addressed. Unless the parents have agreed to an equal shared custodial arrangement, an appropriate schedule of time-sharing is particularly important for all those involved: the custodial parent, the non-custodial parent, and the children.

Determining a schedule of time-sharing with the children is sometimes resolved between the parties. However, in those cases where the parties are unable to do so, the Court will order mediation in an attempt to resolve the issue. If the mediation is unsuccessful, the Court will (and has the authority to) determine the time-sharing schedule which will be binding on all involved.

Traditionally, time-sharing consisted of alternate weekend overnights for the non-custodial parent, a division of legal and religious holidays, extended time during the summer, and perhaps one evening per week for dinner. Recently, time-sharing schedules have become more flexible with non-custodial parents demanding (and receiving) more time with their children. Busy work schedules for the parents and academic and activity schedules for the children demand a more fine-tuned approach to time-sharing.

Check the Details of M&A Before Putting up a “For Sale” Sign

Published on: October 2, 2017 | by Robert W. Anderson

Lindabury partner, Robert Anderson, shares his insight in NJBIZ’s recent article: “The inside scoop on M&As: Plenty of big companies have learned the hard way how difficult mergers can be”

Sometimes, a planned M&A can get torpedoed because of decisions that were made long ago, notes Robert W. Anderson. So a potential seller may wish to review its books and records long before putting up a “For Sale” sign.

One suggestion: do some housecleaning, and scour around for any loose ends. That’s because for a buyer, a “big part of an M&A involves due diligence; understanding what they’re buying and how the target company fits in with the acquirer’s business operations and goals,” says Anderson. “If they see a lot of issues, like unsigned contracts, or potential tax and other liabilities, they may back away from the deal.”

Post-Equifax: What Do We Do Now?

Published on: September 22, 2017 | by Eric B. Levine

By now, everyone has likely been inundated with information about the Equifax data breach. If you are one of the few who has not heard about what happened, here’s the short version: Equifax suffered an enormous security breach as a result of its poor data privacy hygiene resulting in over 143 million people having their credit information, including their social security numbers, names and addresses, potentially exposed. The impact will be felt for a long time and the consequences if you are affected could be significant.

So what exactly did Equifax do wrong? To be blunt, EVERTYTHING. First, according to industry experts, Equifax failed to install a readily available security update that left it vulnerable to hackers. Second, the lack of security updating was compounded by the fact that Equifax’s administrative passwords were simplistic, certainly for a company that’s primary purpose is to store sensitive information, and was easily decipherable by the cyber-intruder. Third and what makes matters worse is that the security update was available to Equifax two months before the breach. Fourth, in addition to the lax cyber-hygiene of Equifax was the fact that Equifax waited for months after it knew of the breach before reporting it to the public. Fifth, when Equifax finally reported the breach, the message it sent was a weak one that left the public feeling exposed and betrayed, especially when it turned out the certain Equifax executives sold large quantities of company stock after the breach was discovered but before it was reported. It is hard to envision any worse corporate conduct both leading up to the breach and continuing until today.

In the aftermath of such an historic cyber-breach, what lessons can companies and individuals learn and what steps are to be taken to mitigate the damage? On the corporate level, companies need to take cybersecurity and data privacy seriously, invest adequate resources to addressing the issue and partner with professionals versed in all aspects of today’s cybersecurity environment, including legal counsel, technical/forensics experts and insurance professionals. Develop and implement prudent Information Technology practices that include continuous system maintenance, updating/patching of software, mapping, segregating and encrypting data as well as actively being vigilant for intrusions or data loss. Prepare a plan for how to respond to breaches or data losses. Perform vulnerability assessments under the guidance of counsel, to determine where you need to shore up your defenses while maintaining the confidentiality of the assessment results through attorney-client privilege. Obtain insurance policies to blunt the impact of data breaches and to obtain resources to assist with specific breaches like ransomware/malware.

EEOC’S Pay Reporting Requirements Suspended

Published on: September 21, 2017 | by Lindabury, McCormick, Estabrook & Cooper, P.C.

On August 29, 2017, the Office of Management and Budget (“OMB”) announced that it was immediately suspending the revised Equal Employer Information Report (“EEO-1 Report”), which included burdensome pay reporting obligations for employers. Previously, the EEO-1 Report directed federal contractors and employers with 100 or more employees to report annually the number of individuals that they employ by job category, race, ethnicity and gender. The proposed EEO-1 revisions, however, expanded the information collected to include pay ranges and hours worked. This expansion was aimed at identifying pay gaps and focusing employers on the issue of equal pay between male and female employees.

In response to the proposed reporting requirements, employers expressed concern over privacy and confidentiality issues surrounding the disclosure of pay data and also questioned the overall utility in collecting such data. In suspending the revised EEO-1 Report, the OMB recognized similar concerns, stating that some aspects of the proposed collection of information “lack practical utility, are unnecessarily burdensome, and do not adequately address privacy and confidentiality issues.” Accordingly, the OMB directed the EEOC to publish a notice advising that the proposed wage and hour reporting requirements were immediately suspended and further directed the EEOC to provide additional information for its future consideration.

As a result of this directive, employers can put aside plans to collect data reflecting pay ranges and hours worked for the time being. However, in doing so, employers should be mindful to stay abreast of any updates in reporting requirements following any further review by the OMB. In addition, employers are still required to submit EEO-1 Reports using the previously approved form, which requires employers to disclose their employees’ race, ethnicity, and gender by job category. The deadline for submission of this report remains March 21, 2018.