Congratulations to Haight Attorneys Selected for the 2024 Edition of Best Lawyers and Best Lawyers: Ones to Watch
September 11, 2023 —
Haight Brown & Bonesteel LLPBest Lawyers and Best Lawyers: Ones to Watch – 2024 Edition
Best Lawyers 2024 Edition
- Bruce Cleeland
- Peter Dubrawski
- Denis Moriarty
- Theodore Penny
Best Lawyers: Ones to Watch 2024 Edition
- Frances Brower
- Kyle DiNicola
- Kristian Moriarty
- Arezoo Jamshidi
- Josh Maltzer
- Philip McDermott
- Patrick McIntyre
- Annette Mijanovic
- Kathleen Moriarty
- Bethsaida Obra-White
Read the court decisionRead the full story...Reprinted courtesy of
Haight Brown & Bonesteel LLP
Privacy In Pandemic: Senators Announce Covid-19 Data Privacy Bill
May 11, 2020 —
Kyle Janecek & Jeffrey Dennis – Newmeyer Dillion"Data! Data! Data!. . . I can't make bricks without clay." This classic statement from Sherlock Holmes in The Adventure of the Copper Beeches takes on a new meaning in the COVID-19 pandemic. With the plans to begin contact tracing the spread of the COVID-19 pandemic slowly moving towards the forefront, a valid and important issue presents itself: how do we treat and protect the data we so desperately need to trace, track, and address the pandemic? U.S. Senators Wicker, Thune, Moran, and Blackburn introduced a possible solution to this problem with the COVID-19 Consumer Data Protection Act, as announced on April 30, 2020. So what does the Act entail? What information is protected? What action would businesses need to take towards individuals, such as consumers or even employees, in order to comply with this new legislation?
WHAT IS THE COVID-19 CONSUMER DATA PROTECTION ACT?
The Act is meant to address the concern regarding data collection and privacy due to large companies, like Google and Apple, adjusting the software within their devices to facilitate digital contact tracing. The Act can be broken up into three parts - the treatment of information; the privacy notice requirements; and the transparency requirements.
First, the Act prohibits the collection, processing, or transfer of certain categories of data without notice and the affirmative express consent of the individual, in order to:
- Track the spread of COVID-19,
- Trace the spread of COVID-19 through contact tracing, or
- Determine compliance with social distancing guidelines without the requisite notice to individuals and their express consent.
To accomplish this, the Act also restricts entities in their ability to collect excessive information, stating that an entity cannot collect information beyond what is reasonably necessary to conduct any of the three COVID-19 related purposes listed in the statute. The entity must also provide reasonable administrative, technical, and physical data security policies and practices to protect the information collected. Furthermore, in the event that the entity stops using the information for any of the three COVID-19 purposes, it must delete or de-identify the information it has collected.
Next, the Act describes the requirements for notice to individuals. In order to legally collect, process or transfer the information, the entity needs to provide the consumer with prior notice of the purpose, processing, and transfer of the data through their privacy policy within 14 days of the enactment of the law. This policy would have to:
- Disclose the consumer's rights in a clear and conspicuous manner prior to or at the point of collection,
- Be available in a clear and conspicuous manner to the public,
- Include whether the entity will transfer any of the information it collects in order to track or trace COVID-19 or determine compliance with social distancing,
- Describe its data retention policy, and
- Generally describe its data security measures.
Notably, many of these are already requirements common to many privacy policies, including the disclosure regarding the transfer of an individual's information.
In addition, an individual must give their affirmative express consent to such collection, processing and transfer. In other words, an individual must "opt-in" to having their information collected. This would be done through a checked box or electronic signature, as the law prohibits entities from inferring consent through a failure by the individual to take an action stopping the collection. Furthermore, the individual would also need the ability to expressly withdraw their consent, with the entity then having to cease collection, processing, or transfer of the information within 14 days of the revocation. In essence, due to the restriction on transferal, this may result in businesses opting to delete or de-identify data upon a revocation.
Finally, the entity would have to abide by certain reporting and transparency requirements, namely a monthly public report stating how many individuals had information collected, processed or transferred, and describing the categories of the data collected, processed or transferred by the entity and why. This is akin to the California Consumer Privacy Act's treatment of categories of information, though it would require this information to be released on an ongoing, monthly basis.
WHAT DATA IS COVERED?
Notably, the Act only affects a very limited scope of data. The Act covers geolocation data (exact real-time locations), proximity data (approximated location data), and Personal Health Information (any genetic/diagnosis information that can identify someone). This could cover information like Bluetooth communication or real-time tracking based on a cell phone's geolocation features. Notably, Personal Health Information does not include any information that may be covered under HIPAA or the broader categorization of "Biometric" data (i.e. retinal scans, finger prints, etc). Furthermore, and more generally, "publicly available information" is excluded, which includes information from telephone books or online directories, the news media, "video, internet, or audio content" as well as "websites available to the general public on an unrestricted basis." The latter of which potentially would push any and all information made available through social media (i.e. Facebook or Twitter) into the definition of "publicly available information."
HOW IS IT ENFORCED?
Generally, the law would be enforced by the FTC, under the provisions regarding unfair or deceptive acts or practices, similar to other enforcement actions arising out of privacy policies. Notwithstanding, state attorney generals may also bring actions to enforce compliance and obtain damages, civil penalties, restitution, or other compensation on behalf of the residents of the state.
WHAT SHOULD MY COMPANY DO?
If your entity plans on collecting information for tracking COVID-19, measuring social distancing compliance, or contact tracing, it is advisable to include language in your privacy policy now. This could be as simple as adding an additional provision within your privacy policy stating that the entity will retain information to conduct one of the three COVID-19 purposes as laid out in the statute. In addition, this also means that should the entity collect and use employee information for contact tracing, tracking the spread of COVID-19 or ensuring compliance with social distancing measures, it will need to disclose some of the specifics of that process to the employees and have them opt-in for the process. Finally, for contact tracing purposes, any individual that shares their diagnosis will have to opt-in for the entity to legally collect, process, and transfer that information to others.
While the time to reach compliance is unknown, it is more important than ever to form a compliance plan for privacy legislation if you do not already have a plan in place. If you decide to prepare with us, our firm has created a 90 day California Consumer Privacy Act compliance program (which can be expedited) where our team will collaborate with you to determine a scalable, practical, and reasonable way for you to meet your needs, and we will provide a free initial consultation. For further inquiries or questions related to COVID-19, you can consult with a Task Force attorney by emailing NDCovid19Response@ndlf.com or contacting our office directly at 949-854-7000.
Kyle Janecek is an associate in the firm's Privacy & Data Security practice, and supports the team in advising clients on cyber related matters, including policies and procedures that can protect their day-to-day operations. For more information on how Kyle can help, contact him at kyle.janecek@ndlf.com.
Jeff Dennis (CIPP/US) is the Head of the firm's Privacy & Data Security practice. Jeff works with the firm's clients on cyber-related issues, including contractual and insurance opportunities to lessen their risk. For more information on how Jeff can help, contact him at jeff.dennis@ndlf.com.
Read the court decisionRead the full story...Reprinted courtesy of
More Money Down Adds to U.S. First-Time Buyer Blues: Economy
August 20, 2014 —
Michelle Jamrisko and Alexis Leondis – BloombergThe challenges facing prospective buyers of the least expensive homes in the U.S. are getting harder to overcome.
Already beset by stagnant wages, growing student debt and competition from investors who are snapping up listings, those looking to purchase moderately priced houses must also provide more cash up front. The median down payment for the cheapest 25 percent of properties sold in 2013 was $9,480 compared with $6,037 in 2007, the last year of the previous economic expansion, according to data from 25 of the largest metro areas compiled by brokerage firm Redfin Corp.
The higher bar is a symptom of still-tight credit that is crowding out first-time buyers even as interest rates remain near historical lows. Younger adults, who would normally be making initial forays into real estate, are among those most affected, weakening the foundations of the housing market and limiting its contribution to economic growth.
Ms. Jamrisko may be contacted at mjamrisko@bloomberg.net; Ms. Leondis may be contacted at aleondis@bloomberg.net
Read the court decisionRead the full story...Reprinted courtesy of
Michelle Jamrisko and Alexis Leondis, Bloomberg
Hawaii Federal District Court Grants Preliminary Approval of Settlement on Volcano Damage
September 13, 2021 —
Tred R. Eyerly - Insurance Law HawaiiThe federal district court granted preliminary approval of the class action settlement reached on behalf of insureds who suffered property damage due to the 2018 Kilauea eruption on the Big Island. Aquilina v. Certain Underwriters at Lloyd's London, 2021 U.S. Dist. LEXIS 152614 (D. Haw. Aug. 13, 2021).
After destruction of their homes due to lava flow, plaintiffs sued various insurers and agents as a putative class action. Plaintiffs claimed they purchased surplus lines policies brokered and underwritten by various defendants. The policies each contained an exclusion for the peril of lava flow, which plaintiffs claimed rendered them worthless or unsuitable given that their properties were located in a high-risk lava zone.
Plaintiffs alleged that defendants breached obligations under the Hawaii Surplus Lines Act, which required that surplus lines insurers conduct a diligent search for other available coverage before placing a homeowner with surplus lines coverage. Plaintiffs alleged defendants should have advised them of the availability of lava-damage coverage through the Hawaii Property Insurance Association (HPIA), a statutorily created association of admitted insurers established in part in response to Kilauea's eruption patterns, which made the private insurance market less likely to Insure certain high-risk areas.
Read the court decisionRead the full story...Reprinted courtesy of
Tred R. Eyerly, Damon Key Leong Kupchak HastertMr. Eyerly may be contacted at
te@hawaiilawyer.com
London Shard Developer Wins Approval for Tower Nearby
November 05, 2014 —
Neil Callanan - BloombergSellar Property Group, developer of the Shard in London, won local government approval to build a 26-story residential tower close to the skyscraper on the south bank of the River Thames.
The council for the Southwark borough voted in favor of the 148-apartment project, which also includes a 16-story tower, at a meeting yesterday, Sellar spokesman Baron Phillips said by e-mail. The project, like the Shard, will be developed in a partnership with the state of Qatar.
Developers plan to construct more than 25,000 luxury properties in London worth more than 60 billion pounds ($96 billion) over the next decade, EC Harris said in an Oct. 7 report. The homes approved yesterday at the Fielden House site are expected to sell for about 800,000 pounds each, according to a filing by the borough.
Read the court decisionRead the full story...Reprinted courtesy of
Neil Callanan, BloombergMr. Callanan may be contacted at
ncallanan@bloomberg.net
California Court Confirms Broad Coverage Under “Ongoing Operations” Endorsements
December 01, 2017 —
Kevin C. Brantley - Payne & FearsA California Court of Appeal has confirmed that additional insured endorsements (“AIE”) granting coverage for liability arising out of a named insured’s “ongoing operations,” and in effect during those “ongoing operations,” do not require that the liability arise while the named insured is performing work. McMillin Mgmt. Servs., L.P. v. Financial Pacific Ins. Co., Cal. Ct. App., November 14, 2017, Case No. D069814.
In McMillin, a construction defect insurance coverage action, Lexington Insurance Company argued that McMillin had no liability to homeowners until after their homes closed escrow; thus, McMillin did not face liability while the named insureds’ work was ongoing. The Court of Appeal rejected Lexington’s argument, finding that the “ongoing operations” AIEs provide only that McMillin’s liability “be ‘linked’ through a ‘minimal causal connection or incidental relationship’ with [the named insureds’] ongoing operations.” (internal citations omitted). The Court reasoned that Lexington had not established that all of the damage in the underlying action occurred after the named insureds completed their work, thus Lexington had not established as a matter of law that there was no potential for coverage for McMillin under the policies.
Read the court decisionRead the full story...Reprinted courtesy of
Kevin C. Brantley, Payne & FearsMr. Brantley may be contacted at
kcb@paynefears.com
No Occurrence Found for Damage to Home Caused by Settling
October 22, 2014 —
Tred R. Eyerly – Insurance Law HawaiiThe Nebraska Supreme Court found the insurer properly denied coverage to the general contractor for damage to a home caused by settlement. Cizek Homes, Inc. v. Columbia Nat. Ins. Co., 2014 Neb. LEXIS 152 (Neb. Sept. 9, 2014).
The general contractor built and then sold the residence. Subsequently, the homeowners complained that the soil beneath their residence was settling and causing damage to their home. The homeowners presented a draft complaint to the general contractor, alleging that negligence and faulty workmanship had caused damage to the home.
The general contractor notified its carrier, Columbia. Coverage was denied.
Read the court decisionRead the full story...Reprinted courtesy of
Tred R. Eyerly, Insurance Law HawaiiMr. Eyerly may be contacted at
te@hawaiilawyer.com
New Joint Venture to Develop a New Community in Orange County, California
April 08, 2014 —
Beverley BevenFlorez-CDJ STAFFTaylor Morrison Home Corporation and two of its largest shareholders have created a joint venture “to acquire and develop the 195.5 acres of San Clemente coast known as Marblehead,” according to GlobeSt.com. The Scottsdale, Arizona-based developer is expected to begin construction on the 300 luxury home site in 2015.
“Marblehead is a truly unique site and one of the last undeveloped tracts of coastal land in California,” said Sheryl Palmer, president and CEO of Taylor Morrison, as quoted by GlobeSt.com. “It presents a tremendous opportunity that will deepen our land inventory of exceptional sites and further our standard of building high-quality homes in premier locations across North America.”
Read the court decisionRead the full story...Reprinted courtesy of
