A company’s social media page, profile and accounts (and its followers and other connections) are generally considered to be valuable business assets. Recent court decisions illustrate the importance of clear policies and procedures to address ownership and appropriate use of business-related social media assets.

While most businesses recognize the importance of maintaining a minimum Internet presence, an increasing number of businesses are attempting to impact consumers where they congregate most: in social media. The benefits of maintaining an active social media presence include developing loyal relationships with customers, leveraging those relationships into quantifiable, networked campaigns, and refining your brand with niche audiences. Because of both the company resources spent developing these channels as well as their potential value/return, it is important to remember that social media accounts are company assets and should be protected accordingly through policies and procedures, as would any other company intellectual property.

While major brands often farm out social media management and content creation to marketing firms, small or medium sized business often do not have this financial flexibility. Accordingly, chances are a member of management of the employees, takes on this role. In that case, with both personal and business interests in the same sphere it is especially crucial set clear expectations and boundaries around social media responsibilities in the workplace and the ownership of your business’ accounts and content.

As a recent case in Texas (In re CTLI, LLC, 2015 Banker. LEXIS 1117 (Bankr. S.D. Tex. 2015)) makes clear, when it comes to social media, the line between personal and professional can be blurry and when companies fail, or when partnerships falter, ownership of social media accounts can result in costly litigation.

The dispute in CTLI centered on ownership of the Facebook account for a firearms business. The account was run by one of the business’ owners who posted a mixture of professional content promoting the business, and personal content reflecting his interests, activities and opinions. When the business filed for Chapter 11 protection, the social media-savvy former owner refused to relinquish control of the Facebook account, claiming that the amount of time, goodwill and his own personality that he had invested into developing the account entitled him to ownership. The U.S. Bankruptcy court ultimately disagreed and ruled that the account was property of the business but not before wading through the thorny issues of personal privacy, contract interpretation relating to Facebook’s terms and conditions, and the separation of personal and business assets.

Some important lessons for your business to keep in mind:

  • Have a written Technology Use and Social Media Policy in place for all of your employees to read and sign. These policies should include parameters for appropriate uses of company technology, guidelines on how to discuss your company online and in social media (even when your employees are using their own personal accounts), and clear definitions concerning who owns what when it comes to devices and accounts.
  • While interacting with consumers can be great for business consider prohibiting your social media managers from sending direct/private messages from your customer-facing business accounts. While you may permit employees to send personal emails from their work computers, this is very different than sending a personal message emanating from your company’s branded Facebook or Twitter account.
  • Social media marketing allows for a more nuanced line between personal and professional content. Something that you might consider to be a personal comment could be seen in court as an attempt to integrate your business’ brand with your target customers or your local community. Just because you are posting casual or personal items from your official business account does not mean that the accounts belong to you or your employees.
  • An effective social media manager may be able to generate hundreds or thousands of followers or fans for your business, but it is important for them to know that it is the business, and not the employee, who ultimately owns those accounts and the followers that go with it, no matter how much of themselves and their personality the employee has poured into developing the accounts.
  • Maintain a record of all of your social media account credentials like account names, user handles, and passwords. Employees should be prohibited from altering these credentials or using their own passwords. In the event that you need to remove an employee’s access this will help you avoid being in the position of demanding passwords which the employee may be also using for private, personal accounts.

If you need help drafting an effective Technology Use or Social Media Policy for your business or simply have questions about the benefits and risks of leveraging social media to help your business grow, contact OlenderFeldman LLP.

The Federal Americans with Disabilities Act, the New  Jersey Law Against Discrimination and the New Jersey Pregnancy Discrimination and Accommodation Law each impose significant obligations on employers, who are required to provide reasonable accommodations to employees.

There is a considerable amount of confusion on the part of many New Jersey employers as to their obligation to provide reasonable accommodations for those who are disabled or pregnant.  As of January 2014, with the passage of the New Jersey Pregnancy Discrimination and Accommodation Law, pregnancy is now its own protected class and pregnant employees are entitled to accommodations regardless of whether they suffer from a disability relating to the pregnancy.  This FAQ will address at a basic level the most important aspects of employment law as it pertains to reasonable employee accommodations. Of course, don’t miss our other posts about protecting against employee lawsuits, employer compliance with the Affordable Care Act (Obamacare), employee privacy obligations and other employment hiring practices.

Q:        What is a reasonable accommodation? 

 A:        Under the Federal Americans with Disabilities Act (“ADA”) or the New Jersey Law Against Discrimination (“NJLAD”), a reasonable accommodation is defined as a practical change to a job description or work situation needed to support the employment of a qualified disabled person or someone with a special need in that capacity.  Reasonable accommodation also refers to modifications made by an employer to assist qualified disabled persons in enjoying the same rights and privileges that other employees of an equal level enjoy.

 Q:        What is a disability?

 A:        A disability under the ADA (which is constantly expanding and is considered a fairly universal definition from an employment standpoint) includes impairments (mental or physical) which substantially interfere with one or more major life activities such as walking, bending, sitting, pushing, pulling, holding, stooping, climbing a ladder, or stairs, running, jogging, breathing, shopping, dressing, bathing, eating, concentrating, listening, communicating and so forth.  Even episodic conditions (i.e., epilepsy, migraine headaches and so forth) can be deemed disabling if, when active, such conditions interfere with one or more major life activities.

 Q:        Who has to request or propose the accommodation?

 A:        The employee must request the accommodation, and the accommodation must be communicated as clearly and specifically as possible.  Specificity with regard to the accommodation is crucial, because a vague request such as a lateral transfer, etc. can be easily (and legally?) denied by the employer saying there are no such positions.

 Q:        What are the employer’s obligations once an accommodation has been requested?

 A:        Once an employee requests an accommodation, both the employer and employee have to engage in what is known as an “interactive process.”  That means that the employee and the employer must actively work together on a solution to come up with an accommodation.  Unilateral demands on the part of the employee or unilateral denials on the part of the employer are not interactive and would violate the requirements of the ADA or NJLAD.

 Q:        What are the limits on the accommodation that must be provided to qualifying employees?

A:        The accommodation must be reasonable.  That means that the employee must be able to perform the functions of his or her job with the accommodation and without causing undue hardship.  Undue hardship means an action that would be unduly costly, excessive, substantial or disruptive in relation to the size, resources, nature, and structure of the employer’s operation.  For example, an outside sales representative who is required to travel the majority of the time to secure business opportunities or meet with clients and who cannot perform job functions from an office location cannot claim as a reasonable accommodation to be permitted to work from home for the remainder of his/her disability or employment.

Q:        Does a New Jersey employer need to provide a reasonable accommodation in New Jersey if it has less than 25 employees?

A:        Yes.  Although the reasonable accommodation requirements of the ADA only apply to employers who employ 25 or more employees, the NJLAD also requires employers to provide reasonable accommodations for disabled and pregnant workers regardless of the number of employees they have. 

Q:         Does a New Jersey employer need to provide a reasonable accommodation to a pregnant worker who is not disabled?

A:        Yes.  Under the New Jersey Pregnancy Discrimination and Accommodation Law (which became effective as of January 21, 2014), employers who know or should know that an employee is pregnant or recovering from pregnancy cannot discriminate against the employee in terms and conditions of employment.

Prior to the law’s enactment, pregnancy was not considered as a protected class under the NJLAD (meaning that an employee could not sue for discrimination under that law) unless there were complications associated with the pregnancy that could cause the pregnancy to come within the definition of a disability.  The new law requires employees to treat pregnant employees no less favorably than non-pregnant employees in their employment policies even if they are not suffering from any pregnancy related complications.

The law also specifically requires employers to provide pregnant employees with reasonable accommodations relating to the pregnancy upon the advice of the employee’s physician.  The law provides a non-exhaustive list of examples of accommodations which include bathroom or water intake breaks, rest breaks, assistance with manual labor, job restructuring or modifying work schedules and temporary transfers to less hazardous or strenuous jobs.  As in the case of reasonable accommodations for disabled employees, employers must grant the employee’s request for a pregnancy accommodation unless doing so would cause an undue burden upon the their operations.

This FAQ merely scratches the surface of the requirements imposed upon all New Jersey employers to provide reasonable accommodations to their employees.  Needless to say, it is incumbent upon all New Jersey employers to review their employment policies with counsel to insure that they are compliant with this area of employment law.

If you have any questions concerning this important FAQ, please contact Howard A. Matalon, who leads the firm’s Employment Law practice group.

On September 23, 2014, the New Jersey Supreme Court held in Atalese v. U.S. Legal Services Group that an arbitration clause in a consumer contract is not enforceable unless it clearly indicates that the plaintiff is giving up the right to go to court. Accordingly, any company doing business in New Jersey that uses an arbitration clause in its contracts, consumer or otherwise, must make sure that the clause states in easy to read language: 1) the differences between litigation and arbitration, and 2) that the contracting party is being foreclosed from proceeding to court on any dispute arising from the contract.

The Atalese Decision

The plaintiff in Atalese contracted with U.S. Legal Services Group (USLSG) for debt adjustment services. The plaintiff filed suit in state court, alleging that USLSG violated two State consumer protection statutes, the New Jersey Consumer Fraud Act (CFA) and the Truth-in-Consumer Contract, Warranty and Notice Act (TCCWNA) by misrepresenting the scope of the services it would provide and its status as a licensed debt adjuster in New Jersey.

USLSG moved to compel arbitration, based on an arbitration clause in the parties’ agreement, which provided:

“Arbitration: In the event of any claim or dispute between Client and the USLSG related to this Agreement or related to any performance of any services related to this Agreement, the claim or dispute shall be submitted to binding arbitration upon the request of either party upon the service of that request on the other party. The parties shall agree on a single arbitrator to resolve the dispute. . . . Any decision of the arbitrator shall be final and may be entered into any judgment in any court of competent jurisdiction.”

The trial court granted USLSG’s motion to compel Plaintiff to arbitrate her dispute. Plaintiff appealed the trial court’s decision, arguing that the arbitration clause was unenforceable because it did not adequately notify plaintiff of her right to have her consumer claims tried before a jury. The New Jersey Appellate Decision affirmed the trial court’s decision, but in a unanimous decision the New Jersey Supreme Court reversed, and held that the arbitration clause was unenforceable because it “did not clearly and unambiguously signal to plaintiff that she was surrendering her right to pursue her statutory claims in court.”

The Court reasoned that arbitration is essentially a waiver of rights which, to be effective, “requires a party to have full knowledge of his legal rights and intent to surrender those rights.” The Court criticized the arbitration clause at issue for not “explain[ing] what arbitration is,” how it “is different from a proceeding in a court of law,” and for not being “written in plain language that would be clear and understandable to the average consumer.”  The Court also recognized a countervailing State legislature policy implicit in the enactment of the CFA and TCCWNA that favored consumers seeking relief though courts of law.

In reaching this decision, the Court rejected the argument that consumers are sophisticated enough to understand that agreeing to resolve disputes in binding arbitration means they are forgoing their right to have disputes resolved in court.

The Court stressed that there was no “magic language” required in order to make an arbitration clause enforceable.  Rather, the clause must use “clear and unambiguous” language, which in a “general and sufficiently broad way, must explain that the plaintiff is giving up her right to bring her claims in court or have a jury resolve the dispute”. However, it did provide the following broad guidance for the enforceability of consumer arbitration clauses, generally, an enforceable consumer arbitration clause must: (1) state what arbitration is, (2) explain how arbitration differs from a court proceeding, and (3) do so in language that is plain and understandable to the average consumer. The Court went on to cite the following arbitration provisions that New Jersey’s courts have previously upheld as enforceable:

  • The parties agree “to waive [the] right to a jury trial” and that “all disputes relating to [the plaintiff’s] employment . . . shall be decided by an arbitrator.”
  • “By agreeing to arbitration, the parties understand and agree that they are waiving their rights to maintain other available resolution processes, such as a court action or administrative proceeding, to settle their disputes.”
  • “Instead of suing in court, we each agree to settle disputes (except certain small claims) only by arbitration. The rules in arbitration are different.  There’s no judge or jury, and review is limited, but an arbitrator can award the same damages and relief, and must honor the same limitations stated in the agreement as a court would.”

Going Forward

Given the sweeping nature of Atalese, all New Jersey businesses using arbitration clauses in their agreements must rewrite these clauses in order to make sure that the they contain clear and easy to read language that:  1) explains the nature of arbitration proceedings and how they differ from judicial proceedings; and 2) expressly states the rights that are being waived or forfeited as a result of the agreement.

If you have any questions, please feel free to contact Howard A. Matalon, Esq. at 908-964-2424.

Entrepreneurs often struggle with what they should and should not say to potential investors, especially given that investors often will refuse to sign a non-disclosure agreement (“N.D visit our website.A.”). Disclose too little information about your start-up or idea and you may fail to interest an investor. By the same token, disclose too much and you may expose yourself to an unacceptable level of risk.

Eileen Zimmerman wrote a fantastic article explaining why more start-ups are sharing ideas without legal protection, quoting OlenderFeldman’s Aaron Messing. While we highly recommend reading the whole article, we wanted to expand a bit on some of the topics Aaron spoke about in the article:

Even if a start-up manages to get a[ non-disclosure] agreement signed, it can be tough to enforce, said Aaron I. Messing, a lawyer with OlenderFeldman LLP in Summit, N.J. “It’s very hard to prove that you kept information confidential, and it was only disclosed under an N.D.A.,” said Mr. Messing, who represents both founders and investors. “And it can be expensive.”

One of the reasons why the N.D.A. disappeared in the context of start-up institutional capital is because an N.D.A. is only as valuable as a party’s willingness to enforce it. While it is true that institutional investors do not want to be bothered with keeping track of N.D.A.’s, its also equally true that most entrepreneurs are unwilling or unable to enforce a confidentiality agreement. In addition to the expense of litigation and difficulty of proving that the information was kept confidential, very few entrepreneurs want to be known as someone who sues institutional investors.

Companies will need to disclose significant proprietary information about themselves to get to the point where an investor will want to sign a term sheet, but that level of information will generally be insufficient to enable someone else to duplicate. However, if a company’s market or product has a low barrier to entry, proprietary information doesn’t matter as much as execution. Where there is a a barrier to entry regarding certain forms of technology or an invention, an N.D.A generally will be signed in connection with due diligence process, where the level of disclosure that is beyond what would ordinarily need be disclosed in order to explain what a company does.

One of the little known secrets about start-ups and investing is that, according to reputable studies, under 3% of early-stage start-ups receive investment from professional or institutional capital. The equation is simple: there are simply more ideas than good ideas, more good ideas than good businesses, and more good businesses than good investments. That equation also helps explain why investors

Auquel donner embaumé http://www.refugiadosct.org/xiq/quel-est-meilleur-site-pour-acheter-viagra envoya génois mois de kamagra pour femme carmin à http://4us-records.com/cialis-10mg-boite-de-4-prix sais part http://www.peng-eye.com/index.php?un-viagra-pour-les-femmes laissé n’avaient cialis ou viagra quel est le meilleur la temps leur les effets indesirables de cialis très-prudent secours la http://shakespearemyenglish.fr/fbq/levitra-combien-temps-avant/ moquait les des pénétré http://madeintravels.com/fra/combien-coute-le-viagra-pharmacie populaire, témoin peut on acheter cialis en pharmacie sans ordonnance peu Gênes conservée crues http://www.peng-eye.com/index.php?mon-mari-veut-prendre-du-viagra d’Espagne. Toiles le http://www.refugiadosct.org/xiq/par-quoi-remplacer-le-cialis de celui ils?

often will refuse to sign an N.D.A. Given the likelihood that your start-up will not receive professional investment, when pitching to institutional capital, great care should be taken to vet the investors and determine what specifics are appropriate to be disclosed.

Mr. Messing advised making sure an investor did not have potential conflicts or overlapping investments. Reputable investors, he said, “have much to lose by stealing your idea.”

It is true that if an investor is in the business of stealing ideas, that investor is not going to be in business for very long. However, even the fact that you are pitching to reputable investors doesn’t mean that they will not disclose information they’ve learned from you to someone else, whether intentionally or (more likely) unintentionally, as individuals often simply forget the context under which they originally heard information. This is why it is exceptionally important to share information appropriately, that is, disclosing sufficient information to convey what is unique and proprietary about the start-up, without disclosing such a level of information that would allow someone to replicate the idea. In short, entrepreneurs should attempt to maintain the barrier to entry, to the extent possible. In any event, when vetting a potential investor, referrals and word of mouth will often be the best indicators, as quality investors pay great attention to making sure they have referenceable contacts. Once a start-up has identified a suitable investor, they should typically reveal details over time so that they do not say too much too early. Start with a teaser, and work your way towards an elevator pitch, followed if appropriate by an executive summary, a pitch deck and business plan.

When discussing a start-up, founders should walk a fine line, conveying sufficient information about what is unique and proprietary, but not disclosing information that would let someone replicate the business. For example, said Mr. Messing, an entrepreneur could disclose “what an algorithm can do, but not the algorithm itself.”

An entrepreneur that develops unique technology must find a way to keep that technology proprietary. In order to do so, the entrepreneur needs to understand the difference between patentable subject matter, trade secrets (e.g., the Coca-Cola formula) and things that are otherwise unprotectable but that have special marketing angles or specific go-to-market strategies that may give the start-up a unique first mover advantage. This is where it is most important for entrepreneurs to have qualified counsel, so that they know what type of intellectual property they have. It is rare that an entrepreneur will know what type of intellectual property they have, and understand what they can and cannot expose. We routinely advise our start-ups on how to compartmentalize intellectual property so they understand what is protectable and what is not, and to the extent the intellectual property is protectable, the best ways to do so.

Of course, an N.D.A. takes on more importance in the due diligence/term sheet context, prior to consummating an investment, where a company will often need to disclose significant proprietary information in a level of disclosure that is beyond what would ordinarily be disclosed to simply discuss what the company does. OlenderFeldman generally does not recommend entering into the due diligence process without an N.D.A., and has yet to hear of any situations where an institutional investor breached an N.D.A. in connection with a transaction (and certainly none that the Firm has dealt with).

John Hancock…Is That Really You?

All too often, documents such as contracts, wills or promissory notes, are contested based on allegations of fraudulent or forged signatures. Indeed, our office once handled a two-week arbitration based solely on the issue of authentication of a signature on a contract. Fortunately, a quick, simple and inexpensive solution to prevent this problem is to have the document notarized by a notary public (“Notary”). A notarization, or a notarial act, is the process whereby a Notary assures and documents that: (1) the signer of the document appeared before the Notary, (2) the Notary identified the signer as the individual whose signature appears, and (3) the signer provided his or her signature willingly and was not coerced or under duress. Generally speaking, the party whose signature is being notarized must identify himself/herself, provide valid personal identification (i.e., a driver’s license), attest that the contents of the document are true, and that the provisions of the document will take effect exactly as drafted. Finally, the document must be signed in the presence of the Notary.

Why is Notarization Important?

A primary reason to have a document notarized is to deter fraud by providing an additional layer of verification that the document was signed by the individual whose name appears. In most jurisdictions, notarized documents are self-authenticating. A Notary can also certify a copy of a document as being an authentic copy of the original. For more information, please see our previous blog post regarding the enforceability of duplicate contracts. Ultimately, this means that the signers do not need to testify in court to verify the authenticity of their signatures. Thus, if there is ever a dispute as to the authenticity of a signature, significant time and money can be saved by avoiding testimony – which also eliminates the potential of a dispute over witness credibility (i.e., he said, she said).

How are Notaries Regulated?

Each state individually regulates and governs the conduct of Notaries. For specifics on New Jersey law, see the New Jersey Notary Public Manual, and for New York’s law, see the New York Notary Public Law. In most cases, a Notary can be held personally liable for his or her intentional or negligent acts or misconduct during the notarization process. For example, a Notary could be liable for damages or criminal penalties if he or she notarizes a signature which was not provided in the Notary’s presence or which the Notary knows is not authentic. A Notary is generally charged with the responsibility of going through a document to make sure that there are no alterations or blank spaces in the document prior to the notarization. The strict regulation of Notaries provides additional recourse for the aggrieved party, as the Notary could be held responsible for damages a party suffers as a direct result of the failure of the Notary to perform his or her responsibilities.

The Future of Notarization

As with most areas of the law, notarization is attempting to catch up with technology. Some states have authorized eNotarization, which is essentially the same as a paper notarization except that the document being notarized is in digital form, and the Notary certifies with an electronic signature. Depending on the state, the information in a Notary’s seal may be placed on the electronic document as a graphic image. Nevertheless, the same basic elements of traditional paper notarization remain, including specifically, the requirement for the signer to physically appear before the Notary. Recently, Virginia has taken eNotarization a step further and authorized webcam notarization, which means that the document is being notarized electronically and the signer does not need to physically appear before the Notary. However, a few states, including New Jersey, have issued public statements expressly banning webcam notarization and still require signers to physically appear before a Notary.

The bottom line: parties should consider backing up their “John Hancock” by notarizing their important documents. The low cost, typical accessibility of an authorized Notary, and simplicity of the process may make it worth the extra effort.

For the second year in a row, Christian has been recognized by his peers in Super Lawyers as a Rising Star. This distinction is limited to less than 2.5 percent of attorneys in New Jersey.

OlenderFeldman is proud to congratulate Christian Jensen on being named one of Super Lawyers’ 2014 Rising Stars. The New Jersey Rising Stars list is limited to lawyers who are 40 years old or less or have been in practice for 10 years or less and is comprised of no more than 2.5% of the lawyers in the state.

Christian focuses his practice with OlenderFeldman in the areas of complex commercial litigation and intellectual property litigation, including business and consumer fraud, construction and employment law. For more information about Christian please click here.

The Original vs. The Copy – Does It Really Matter From An Evidentiary Perspective?

While there are many hurdles a business document needs to overcome in order to be admitted as evidence in court, there is one hurdle that many clients routinely inquire about – the legality and admissibility of digital image copies, in lieu of original documents. While lawyers recognize this as a best evidence issue, a legal doctrine that states an original piece of evidence is superior to a copy, for clients this is a matter of whether they need to retain an original signed contract or could they save space in their file cabinets and rely on a scanned copy on their hard drive. Although state laws concerning admissibility of evidence vary, states have generally adopted the language, in whole or part, of the Uniform Rules of Evidence (“URE”) and/or the Uniform Photographic Copies of Business and Public Records as Evidence Act (“UPA”). For the purpose of this article the differences between the URE and the UPA are not important or relevant. Accordingly there is a nationwide consensus that a digital image copy can generally overcome a best evidence challenge and be admitted as the original document.

The fundamental basis for states admission of digital duplicates can found in the URE, which allows copies that are established as business records to be admitted into evidence “to the same extent as the original.” Duplication is permitted by any technique that “accurately reproduces the original.” Similarly under the UPA, duplicate records are admissible as the original, in judicial or administrative proceedings, provided that the duplicate was generated by a “process which accurately reproduces the original.” The UPA permits the destruction of original documents, unless preservation is required by law (i.e. wills, negotiability documents and copyrights). Hence, the law permits the destruction of original documents subject to certain evidentiary requirements.

When read together and interpreted by the majority of states, the URE and the UPA allow duplicate copies to be given the same evidentiary weight as originals, so long as those copies are properly generated, maintained and authenticated. Therefore, clients are encouraged to adopt certain practices when copying their business documents:

  • The copies should be produced and relied upon during the regular course of business.
  • The business should have a written policy specifying the process of duplication, as well as where and how copies will be stored. This written policy should be made available to the business’s custodian(s) of records.
  • The business’s written policy should include a requirement that at least one witness be present at the time of duplication that would be available to testify under oath that the generated duplicate accurately and completely represents the original.
  • The business’s written policy should be subject to regular review in order to ensure the stated compliance procedures are satisfied.

Ultimately, clients should feel free to indulge their desire to “save the space” and dispose of an original contract, so as long as the above duplication practices are adhered to and all other relevant evidentiary and other legal requirements are satisfied. Clients should also be aware that since the medium for storing electronic records must meet certain legal standards, their choice of hardware is critical when it comes to admissibility of a duplicated record. Given the variety of legal and technological nuances that need to be taken into consideration, when in doubt it is always best to seek the guidance of a qualified and experienced attorney to avoid any potential legal pitfalls. The above article reflects the national trend in the United States and so to ensure that your business has complied with state and/or country specific regulations it is once again best to contact a qualified and experienced attorney who practices in your jurisdiction.

OlenderFeldman LLP

New Law Significantly Limits Viability of Certain Shareholder Derivative Suits in New Jersey

On April 2nd, New Jersey Governor Chris Christie signed bill A-3123 into law and in doing so, significantly revised the law in New Jersey regarding shareholder derivative proceedings under N.J.S.A. §14A:3-6, etseq. The stated purpose of the new law is to temper derivative lawsuits brought by shareholders against a corporation, its directors or majority shareholders and to make efforts to curb excessive and unnecessary litigation costs on New Jersey corporations.  Beyond this succinct goal, an ancillary intent of the law is to encourage corporations to continue to incorporate in New Jersey by making the state more corporate friendly.

Notable changes  include the following:

As a precondition to suit, a shareholder must make a written demand to the corporation to take suitable corrective action and allow the corporation 90 days to investigate and respond to the demand unless “irreparable injury to the corporation would result by waiting.”  This 90 day waiting period is a akin to a tort claims notice and is intended to give corporations adequate time to remedy potentially minor issues before dealing with the costs and expense of litigation.

In the event that a plaintiff challenges a company’s actions in suit after the demands made in the 90 day letter are rejected, he/she/it must allege with particularity that the decision was improper and show any rejection was in bad faith or not made by “independent directors.”   A status as a litigant does not divest a director of independence and unless the independence of the directors is challenged successfully, the plaintiff must show bad faith on the part of the entity.

The law increases the interest requirement that a plaintiff must hold an entity to avoid the posting of security against the possible award of attorney’s fees and costs. If litigant a holds less than 5% of the outstanding shares of any class or series of the corporation, unless the shares have a market value in excess of $250,000, the corporation can require the plaintiff to give security for the reasonable expenses, including attorney’s fees.  This will hopefully dissuade minority shareholders from filing suits with questionable merit.

The law requires that a plaintiff remain a shareholder throughout any initiated litigation so that it can adequately and fairly represent the corporation’s interests.  Prior to this change, the shareholder merely had to be a shareholder at the time suit was filed.

The law applies to both derivative proceedings brought on behalf of single shareholders as well as class actions.

A corporation can move for dismissal of a suit, after a good faith investigation, and assert that the derivative proceeding is not in the best interest of the corporation on the grounds that its board is independent and acted in good faith.  Such a motion will be granted unless the court finds otherwise or the shareholders rebut the corporation’s supporting facts.

The court must stay discovery until ruling on the motion to dismiss, but can order limited discovery if the plaintiff shows a lack of independence or good faith.

The court must approve any settlement or dismissal.

The court can award expenses to the plaintiff if the proceedings result in a substantial benefit to the corporation, or to the defendant if the case was commenced or maintained without reasonable diligence or reasonable cause or for an improper purpose.

For these new provisions to apply, existing corporations must amend their certificate of incorporation and explicitly adopt these provisions.

For more information about this new law and how it may impact your business please contact Olender Feldman LLP, or review our additional  business legal resources here.

 

The consequences of failing to develop employment-hiring materials can be devastating. So why do many employers fail to develop a basic set of documents governing the employment relationship with new hires?

Howard Matalon notes that although employment documents can be developed in a very cost-effective manner, many employers fail to give consideration to such documents until it is too late.  and no employer can afford to build a business without them. “Employers must reprioritize the importance of employment hiring practices and make them an actual part of their business model,” says Matalon.   Compliance as an afterthought has become an extremely expensive prospect for the unfortunate employers who ignore their human resource obligations.”

For these reasons, all employers must take a methodical approach to their hiring practices and procedures and treat these processes as seriously as they would every other critical aspect of their business. Read the full article regarding employment hiring practices.

What is the best way to protect against employee lawsuits?

We recently received an inquiry about the best ways for businesses to protect against employee lawsuits. We’ve found that most employee lawsuits occur due to low morale, unaddressed personality conflicts, disparate productivity between employees and/or failure to give effective performance reviews. Of course, it is always important to have effective, well-drafted legal documents and policies that clearly delineate employee rights and obligations from the outset, which will help your business win lawsuits . However, the easiest way to protect your business from lawsuits is by preventing them in the first place. This means ensuring a good working environment, keeping employees happy, and giving employees recourse to deal with the issues that come up in the workplace, ideally through a dedicated and effective HR representative.

Social networking sites, such as Facebook and MySpace, have become repositories of large amount of personal data. Increasingly this data is being viewed as relevant to all manner of litigation proceedings, and as such is increasingly being sought during discovery in civil litigation. Business and individuals that use social networking services should be aware of what data they put on social networking sites, as it could end up in court.

By Adam Elewa

In litigation, businesses or individuals must routinely comply with a process known as discovery, where both parties are compelled by the court to produce relevant documents concerning the issues in dispute to the opposing party. There are only a few areas that are off-limits to opposing counsel in discovery, such as privileged conversations between a lawyer and his client. With the proliferation of social networking, and the large amount of personal information being shared and stored in the cloud, lawyers now routinely attempt to compel disclosure of social networking profiles during discovery.

In general, courts have declined to find a general right of privacy in the information stored on social networking websites. Constitutional protections of privacy do not apply to private parties, only agents of the government. The current trend, reinforced by a recent federal court case in Montana, is to let the rules of civil procedure concerning discovery dictate how much and what kind of data posted to social networking sites must be turned over to the adversarial party. See, e.g., Keller v. National Farmers Union Property & Cas. Co., 2013 WL 27731 (January 2, 2013). Although judges have discretion in applying the rules of discovery, a consensus seems to be forming.

Courts have been clear that adversarial parties cannot compel the disclosure of social networking profiles without some reasonable belief that such information is relevant to the case at issue. In other words, lawyers cannot go on “fishing expeditions” by demanding the maximum amount of data be disclosed, in the hopes that something interesting will turn up.

However, courts have shown a willingness to disregard privacy settings and/or subjective expectations of privacy held by users of social networking websites when deciding whether to compel disclosure. In such instances, courts often rely on publicly shared information to determine whether private information is likely to be relevant. A public photo that is relevant to the litigated issue can be taken as an indication that more relevant information is likely to be lurking on the hidden portions of the user’s profile. Of course, making data unviewable by the public may make it more difficult for an adversarial party to demonstrate that a profile contains relevant information, and thus should be subject to discovery. Regardless, it is important to keep in mind the limits of privacy on Facebook and other social media sites.

Cases where lawyers have been successful demonstrating that information contained on social networking sites was likely to be relevant tend to share similar characteristics. Many of such cases concern private matters that would likely be shared, as a matter of social practice, on social networking sites. For example, the plaintiff in Keller alleged that the defendant’s actions had caused major disruptions to her social life. Lawyers for the defense successfully argued that the women’s social networking profile likely contained information that could demonstrate whether her life was in fact severely disrupted by the defendant’s alleged negligence.

Additionally, lawyers were able to support the contention that private aspects of an individual’s profile likely contained relevant information by reference to non-hidden or publicly viewable aspects of that individual’s profile. For example, in Keller, the contention that the plaintiff’s private profile contained information relevant to her quality of life was bolstered by publicly viewable images showing recent physical activity of a kind claimed by the plaintiff to be impossible.

Businesses seeking to communicate via social networking platforms or reach clients should be aware that such communications and business activities are likely discoverable in litigation. Individual and businesses should be mindful that:

  • Although social networking sites have “privacy” settings, these settings can be deemed legally irrelevant if the information contained on such platforms can be shown to be relevant to pending litigation.
  • Information that is publicly viewable can be used for any purpose by an opposing party. Public indications that a profile is used for business related communications might allow that profile to be subject to discovery where such communications are at issue. Thus, business and individuals should always be mindful of the evolving privacy polices of sites they transact business.

Finally, litigants should bear in mind that while social media evidence may be relevant to litigation, it is important not to make discovery requests overbroad. For the best likelihood of success, social media discovery requests should be narrowly tailored to produce evidence directly pertinent to the issues, rather than engaging in a fishing expedition.

Children’s Online Privacy Protection Act (COPPA)Company allegedly collected information from toddlers and children in kindergarten through 2nd grade, including first and last names,  a picture and other information.

By Alice Cheng

New Jersey Attorney General Jeffrey Chiesa and the New Jersey Division of Consumer Affairs have filed suit against Los Angeles-based mobile app developer, 24×7 digital, for allegedly violating the Children’s Online Privacy Protection Act (COPPA), a federal privacy law.

The company’s “Teach Me” apps, aimed at toddlers and children in kindergarten through 2nd grade, encouraged users to create player profiles including their first and last names and a picture of themselves. Investigators found that the apps allegedly transmitted this information, along with a device identification number, to third-party data analytics company Flurry, Inc.

Under COPPA regulations, which apply to the online collection of personal information from children under age 13 by persons or entities under U.S. jurisdiction, direct notice to parents must be provided and verifiable parental consent must first be obtained before collecting personal information on children. Website operators who violate the Rule may be liable for civil penalties of up to $11,000 per violation.

Cyber-bullying bill may threaten anonymous speech in New York

By Alice Cheng

In an attempt to combat cyber-bullying, a bill entitled the Internet Protection Act has been proposed in New York, requiring New York-based websites to “remove any comments posted on his or her website by an anonymous poster unless such anonymous poster agrees to attach his or her name to the post.” The bill would allow those who are bullied or defamed online to take action to remove material. However, the bill only applies to anonymous comments. It would also allow business owners the right question negative online service and product reviews.

Although this statute was presumably created with good intentions, it also comes with serious First Amendment and privacy concerns. Website administrators would have the right to request that the anonymous users attach their names to the post, and must also verify the accuracy of their IP address, legal name, and home address.  This appears to clash with the conceptions most have regarding the rights to online privacy and anonymous speech.

The right to anonymous Internet speech, while not absolute, is nevertheless protected by the First Amendment. Protection is extended so long as the speaker is not involved in tortious or criminal conduct. Additionally, Section 230 of the Communications Decency Act provides immunity for Internet Service Providers (read: websites, blogs, listservs, forums, etc.) who publish information provided by others, so long as they comply with the Digital Millennium Copyright Act of 1998 (“DMCA”) and take down content that infringes the intellectual property rights of others.

Check Cloud Contracts for Provisions Related to Privacy, Data Security and Regulatory Concerns

Check Cloud Contracts for Provisions Related to Privacy, Data Security and Regulatory Concerns“Cloud” Technology Offers Flexibility, Reduced Costs, Ease of Access to Information, But Presents Security, Privacy and Regulatory Concerns

With the recent introduction of Google Drive, cloud computing services are garnering increased attention from entities looking to more efficiently store data. Specifically, using the “cloud” is attractive due to its reduced cost, ease of use, mobility and flexibility, each of which can offer tremendous competitive benefits to businesses. Cloud computing refers to the practice of storing data on remote servers, as opposed to on local computers, and is used for everything from personal webmail to hosted solutions where all of a company’s files and other resources are stored remotely. As convenient as cloud computing is, it is important to remember that these benefits may come with significant legal risk, given the privacy and data protection issues inherent in the use of cloud computing. Accordingly, it is important to check your cloud computing contracts carefully to ensure that your legal exposure is minimized in the event of a data breach or other security incident.

Cloud computing allows companies convenient, remote access to their networks, servers and other technology resources, regardless of location, thereby creating “virtual offices” which allow employees remote access to their files and data which is identical in scope the access which they have in the office. The cloud offers companies flexibility and scalability, enabling them to pool and allocate information technology resources as needed, by using the minimum amount of physical IT resources necessary to service demand. These hosted solutions enable users to easily add or remove additional storage or processing capacity as needed to accommodate fluctuating business needs. By utilizing only the resources necessary at any given point, cloud computing can provide significant cost savings, which makes the model especially attractive to small and medium-sized businesses. However, the rush to use cloud computing services due to its various efficiencies often comes at the expense of data privacy and security concerns.

The laws that govern cloud computing are (perhaps somewhat counterintuitively) geographically based on the physical location of the cloud provider’s servers, rather than the location of the company whose information is being stored. American state and federal laws concerning data privacy and security tend to vary while servers in Europe are subject to more comprehensive (and often more stringent) privacy laws. However, this may change, as the Federal Trade Commission (FTC) has been investigating the privacy and security implications of cloud computing as well.

In addition to location-based considerations, companies expose themselves to potentially significant liability depending on the types of information stored in the cloud. Federal, state and international laws all govern the storage, use and protection of certain types of personally identifiable information and protected health information. For example, the Massachusetts Data Security Regulations require all entities that own or license personal information of Massachusetts residents to ensure appropriate physical, administrative and technical safeguards for their personal information (regardless of where the companies are physically located), with fines of up to $5,000 per incident of non-compliance. That means that the companies are directly responsible for the actions of their cloud computing service provider. OlenderFeldman LLP notes that some information is inappropriate for storage in the cloud without proper precautions. “We strongly recommend against storing any type of personally identifiable information, such as birth dates or social security numbers in the cloud. Similarly, sensitive information such as financial records, medical records and confidential legal files should not be stored in the cloud where possible,” he says, “unless it is encrypted or otherwise protected.” In fact, even a data breach related to non-sensitive information can have serious adverse effects on a company’s bottom line and, perhaps more distressing, its public perception.

Additionally, the information your company stores in the cloud will also be affected by the rules set forth in the privacy policies and terms of service of your cloud provider. Although these terms may seem like legal boilerplate, they may very well form a binding contract which you are presumed to have read and consented to. Accordingly, it is extremely important to have a grasp of what is permitted and required by your cloud provider’s privacy policies and terms of service. For example, the privacy policies and terms of service will dictate whether your cloud service provider is a data processing agent, which will only process data on your behalf or a data controller, which has the right to use the data for its own purposes as well. Notwithstanding the terms of your agreement, if the service is being provided for free, you can safely presume that the cloud provider is a data controller who will analyze and process the data for its own benefit, such as to serve you ads.

Regardless, when sharing data with cloud service providers (or any other third party service providers)), it is important to obligate third parties to process data in accordance with applicable law, as well as your company’s specific instructions — especially when the information is personally identifiable or sensitive in nature. This is particularly important because in addition to the loss of goodwill, most data privacy and security laws hold companies, rather than service providers, responsible for compliance with those laws. That means that your company needs to ensure the data’s security, regardless of whether it’s in a third party’s (the cloud providers) control. It is important for a company to agree with the cloud provider as to the appropriate level of security for the data being hosted. Christian Jensen, a litigation attorney at OlenderFeldman LLP, recommends contractually binding third parties to comply with applicable data protection laws, especially where the law places the ultimate liability on you. “Determine what security measures your vendor employs to protect data,” suggests Jensen. “Ensure that access to data is properly restricted to the appropriate users.” Jensen notes that since data protection laws generally do not specify the levels of commercial liability, it is important to ensure that your contract with your service providers allocates risk via indemnification clauses, limitation of liabilities and warranties. Businesses should reserve the right to audit the cloud service provider’s data security and information privacy compliance measures as well in order to verify that the third party providers are adhering to its stated privacy policies and terms of service. Such audits can be carried out by an independent third party auditor, where necessary.

OlenderFeldman LLP was interviewed by Jennifer Banzaca of the Hedge Fund Law Report for a three part series entitled, “What Concerns Do Mobile Devices Present for Hedge Fund Managers, and How Should Those Concerns Be Addressed?” (Subscription required; Free two week subscription available.) Some excerpts of the topics Jennifer and Aaron discussed follow. You can read the second entry here.

Three Steps That Hedge Fund Managers Should Take before Crafting Mobile Device Policies and Procedures

As indicated, before putting pen to paper to draft mobile device policies and procedures, hedge fund managers should take at least the following three steps.  Managers that already have mobile device policies and procedures in place, or that have other policies and procedures that incidentally cover mobile devices, may take the following three steps in revising the other relevant policies and procedures.

First, Aaron Messing, a Corporate & Information Privacy Lawyer at OlenderFeldman LLP, advised that hedge fund managers should ensure that technology professionals are integrally involved in developing mobile device policies and procedures.  Technology professionals are vital because they can understand the firm’s technological capabilities, and they can inform the compliance department about the technological solutions available to address compliance risks and to meet the firm’s goals.  Such technology professionals can be manager employees, outside professionals or a combination of both.  The key is that such professionals understand how technology can complement rather than conflict with the manager’s compliance and business goals.

Second, the firm should take inventory of its mobile device risks and resources before beginning to craft mobile device policies and procedures.  Among other things, hedge fund managers should consider access levels on the part of its employees; its existing technological capabilities; its budget for addressing the risks of using mobile devices; and the compliance personnel available to monitor compliance with such policies and procedures.  With respect to employee access, a manager should evaluate each employee’s responsibilities, access to sensitive information and historical and anticipated uses of mobile devices to determine the firm’s risk exposure.

With respect to technology, Messing cautioned that mobile device policies and procedures should be supportable by a hedge fund manager’s current technology infrastructure and team.  Alternatively, a manager should be prepared to invest in the required technology and team.  “You should be sure that what you are considering implementing can be supported by your information technology team,” Messing said.  With respect to budgeting, a hedge fund manager should evaluate how much it is willing to spend on technological solutions to address the various risks posed by mobile devices.  Any such evaluation should be informed by accurate pricing, assessment of a range of alternative solutions to address the same risk and a realistic sense of what is necessary in light of the firm’s business, employees and existing resources.  Finally, with respect to personnel, a manager should evaluate how much time the compliance department has available to monitor compliance with any contemplated mobile device policies and procedures.

Third, hedge fund managers should specifically identify their goals in adopting mobile device policies and procedures.  While the principal goal should be to protect the firm’s information and systems, hedge fund managers should also consider potentially competing goals, such as the satisfaction levels of their employees, as expressed through employee preferences and needs.  As Messing explained, “It is not that simple to dictate security policies because you have to take into account the end users.  Ideally, when you are creating a mobile device policy, you want something that will keep end users happy by giving them device freedom while at the same time keeping your data safe and secure.  One of the things that I emphasize the most is that you have to customize your solutions for the individual firm and the individual fund.  You cannot just take a one-size-fits-all policy because if you take a policy and you do not implement it, it can be worse than not having a policy at all.”  OCIE and Enforcement staff members have frequently echoed that last insight of Messing’s.

Aaron and Jennifer also discussed privacy concerns with the use of personal devices for work:

Firm-Provided Devices versus Personal Devices:

As an alternative, some firms have considered adopting policies that require employees to make their personal phones available for periodic and surprise examinations to ensure compliance with firm policies and procedures governing the use of personal phones in the workplace.  However, this solution may not necessarily be as effective as some managers might think because many mobile device functions and apps have been created to hide information from viewing, and a mobile device user intent on keeping information hidden may be able to take advantage of such functionality to deter a firm’s compliance department from detecting any wrongdoing.  Additionally, Messing explained that such examinations also raise employee privacy concerns.  Hedge fund managers should consider using software that can separate firm information from personal information to maximize the firm’s ability to protect its interests while simultaneously minimizing the invasion of an employee’s privacy.

Regardless of the policies and procedures that a firm wishes to adopt with respect to the use of personal mobile devices by firm personnel, hedge fund managers should clearly communicate to their employees the level of firm monitoring, access and control that is expected, especially if an employee decides that he or she wishes to use his or her personal mobile device for firm-related activities.

Jennifer and Aaron also discussed controlling access to critical information and systems:

Limiting Access to and Control of Firm Information and Systems

As discussed in the previous article in this series, mobile devices raise many external and internal security threats.  For instance, if a mobile device is lost or stolen, the recovering party may be able to gain access to sensitive firm information.  Also, a firm should protect itself from unauthorized access to and use of firm information and networks by rogue employees.  A host of technology solutions, in combination with robust policies and procedures, can minimize the security risks raised by mobile devices.  The following discussion highlights five practices that can help hedge fund managers to appropriately limit access to and control of firm information and networks by mobile device users.

First, hedge fund managers should grant mobile device access only to such firm information and systems as are necessary for the mobile device user to perform his or her job functions effectively.  This limitation on access should reduce the risks associated with use of the mobile device, particularly risks related to unauthorized access to firm information or systems.

Second, hedge fund managers should consider strong encryption solutions to provide additional layers of security with respect to their information.  As Messing explained, “As a best practice, we always recommend firm information be protected with strong encryption.”

Third, a firm should consider solutions that will avoid providing direct access to the firm’s information on a mobile device.  For instance, a firm should consider putting its information on a cloud and requiring mobile device users to access such information through the cloud.  By introducing security measures to access the cloud, the firm can provide additional layers of protection over and above the security measures designed to deter unauthorized access to the mobile device.

Fourth, hedge fund managers should consider solutions that allow them to control the “business information and applications” available via a personal mobile device.  With today’s rapidly evolving technology, solutions are now available that allow hedge fund managers to control those functions that are critical to their businesses while minimizing the intrusion on the personal activities of the mobile device user.  For instance, there are applications that store e-mails and contacts in encrypted compartments that separate business data from personal data.  Messing explained, “Today, there is software to provide data encryption tools and compartmentalize business data, accounts and applications from the other aspects of the phone.  There are also programs that essentially provide an encryption sandbox that can be removed and controlled without wiping the entire device.  When you have that ability to segment off that sensitive information and are able to control that while leaving the rest of the mobile device uncontrolled, that really is the best option when allowing employees to use mobile devices to conduct business.  The solutions available are only limited by the firm’s own technology limitations and what is available for each specific device.”  This compartmentalization also makes it easier to wipe a personal mobile phone if an employee leaves the firm, with minimal intrusion to the employee.

Fifth, hedge fund managers should adopt solutions that prohibit or restrict the migration of their information to areas where they cannot control access to such information.  Data loss prevention (DLP) solutions can provide assistance in this area by offering network protection to detect movement of information across the network.  DLP software can also block data from being moved to local storage, encrypt data and allow the administrator to monitor and restrict use of mobile device storage.

New Jersey Trade Secrets Act

By Christian Jensen

New Jersey Trade Secrets Act

On January 9, 2012, New Jersey Governor Chris Christie signed into law the New Jersey Trade Secrets Act (NJTSA). The NJTSA codifies many court decisions that provide certain rights and remedies in the event that a trade secret – such as a formula, design, prototype or invention – is misappropriated. The NJTSA provides New Jersey businesses with a statutory vehicle to use in the event of either actual or threatened misappropriation of trade secrets.

The NJTSA is modeled after the Uniform Trade Secret Act (USTA), making New Jersey the 47th state (plus the District of Columbia) to enact a version of the USTA and leaving just Massachusetts, New York and Texas as the only non-UTSA states. Notably, the definitions of “trade secret” and “misappropriation” under the NJTSA are broader than under the UTSA, thus providing more protection to businesses. Further, while the UTSA provides that, as a general rule, it “displaces other law which provides civil remedies for misappropriation of a trade secret,” the NJTSA specifically states that “the rights, remedies and prohibitions provided under this act are in addition to and cumulative of any other right, remedy or prohibition provided under the common law or statutory law of this State.”

An action for misappropriation must be brought under the NJTSA within three (3) years after the misappropriation is discovered, or, with reasonable diligence, should have been discovered. It is not a defense to the NJTSA to argue that proper means to acquire the trade secret existed at the time of the misappropriation.

The remedies available under the NJTSA to the holder of a trade secret include:

  1. Damages for both the actual loss suffered by the plaintiff and for any unjust enrichment of the defendant caused by the misappropriation. Damages may also include the imposition of a reasonable royalty for unauthorized disclosure or use.
  2. Injunctive relief for actual or threatened misappropriation of a trade secret. Under certain exceptional circumstances, an injunction may condition future use upon payment of a reasonable royalty.
  3. In cases involving the willful and malicious misappropriation of a trade secret, punitive damages may be awarded in an amount not exceeding twice that awarded for actual damages and unjust enrichment.
  4. An award of attorney’s fees and/or “reasonable” expert fees if: (i) willful and malicious misappropriation exists; (ii) a claim of misappropriation is made in bad faith; or (iii) a motion to terminate an injunction is made or resisted in bad faith.

It remains to be seen how the passage of the NJTSA will affect business competition in New Jersey, but the enhanced protections offered by the Act and the availability of attorney’s fees, expert fees and punitive damages will hopefully deter frivolous litigation and the theft of trade secrets.