Does Your U.S. Company Pull Data From European Citizens? Fall In Line With GDPR by May 2018 or Suffer Substantial Fines
November 15, 2017 —
Jeff Dennis & Ivo Daniele – Newmeyer & Dillion, LLPThe European Union (“EU”) has enacted a strict, comprehensive framework of security regulations aimed to protect its citizens. These regulations, known as the General Data Protection Regulation (“GDPR”), provide a blueprint for a combination of required legal, technological and work habits within an organization. Although this is an EU regulation, the new laws will apply to any organization within or outside the EU that collects or processes data of EU citizens. Therefore, U.S. companies must analyze their data and processes to determine whether compliance with the GDPR is necessary. A quickly-approaching deadline of May 25, 2018 must be met to avoid massive fines.
What is the GDPR?
In order to address the creation of social networking sites, cloud computing, and location-based services, the EU set in motion a process to implement a vigorous set of rules to ensure the right to personal data protection for all European citizens. In April 2016 the European Parliament, the Council, and the Commission adopted a new GDPR, which will take affect on May 25, 2018.
This GDPR will streamline cooperation between the data protection authorities on personal data issues allowing companies to deal with one authority - not each of the 28 EU member states. This will allow for quicker decisions by the data protection authorities and greatly reduce the red tape in both compliance and enforcement under the GDPR. This will also create a level playing field by forcing non-EU companies to comply with the same strict regulations - regardless of whether or not the company is established in the EU.
Territorial scope of the GDPR
The GDPR applies directly to the processing of personal data in the context of the activities of an establishment of a controller or a processor in the EU - regardless of whether the processing takes place in the EU. Additionally, there are specific provisions under the GDPR that apply to non-EU companies if their processing activities relate to (a) the offering of goods or services (irrespective of whether a payment of the data subject is required) or (b) monitoring the behavior of individuals within the EU. Therefore, all companies must determine whether they process or monitor information of EU citizens. If a company falls within one of these categories, compliance with the GDPR is mandatory.
What happens if a company fails to comply with the GDPR?
Failure to comply with the GDPR could subject a company to crushing administrative fines.
The supervisory authority has the power to impose administrative fines under the GDPR. The following violations and breaches would subject a company to administrative fines:
- Not adhering to the core principles of processing personal data,
- Breach of notification to EU citizens by controllers and processors,
- Wrongful transfer of personal data to non-EU countries,
- Breach of obligations regarding certification,
- Ignoring the mandates asserted by the supervisory authority,
- Breach by those responsible for impact assessment, and
- Wrongful processing of employee data.
The extent of the violation and type of personal data involved will dictate the severity of the administrative fines imposed on a company. For example, under the GDPR, a company could be subject to administrative fines up to 20,000,000 EUR, or up to 4% of the total worldwide annual revenue of the preceding financial year. Obviously, these fines would be financially crippling to any company.
Preparing for May 25, 2018
The May 25, 2018 deadline is fast approaching and preparing for full compliance with the GDPR is paramount. Simple steps should be taken to ensure compliance including to:
(1) Review and analyze data repositories for sensitive data,
(2) Perform an analysis/accounting of procedure for data collection, and
(3) Create an oversite committee dedicated to data activities and compliance.
Most importantly, however, is to determine whether compliance with the GDPR is necessary, and strictly follow the requirements of the GDPR to protect from potentially massive fines.
Jeffrey M. Dennis currently serves as Newmeyer & Dillion’s Managing Partner and as a business leader, advises his clients on cybersecurity related issues, introducing contractual and insurance opportunities to lessen their risk. You can reach Jeff at jeff.dennis@ndlf.com.
Ivo Daniele is a seasoned associate in Newmeyer & Dillion’s Walnut Creek office. His practice includes representing private and public companies with both their transactional and litigation needs. You can reach Ivo at ivo.daniele@ndlf.com.
About Newmeyer & Dillion
For more than 30 years, Newmeyer & Dillion has delivered creative and outstanding legal solutions and trial results for a wide array of clients. With over 70 attorneys practicing in all aspects of business, employment, real estate, construction and insurance law, Newmeyer & Dillion delivers legal services tailored to meet each client’s needs. Headquartered in Newport Beach, California, with offices in Walnut Creek, California and Las Vegas, Nevada, Newmeyer & Dillion attorneys are recognized by The Best Lawyers in America©, and Super Lawyers as top tier and some of the best lawyers in California, and have been given Martindale-Hubbell Peer Review's AV Preeminent® highest rating. For additional information, call 949-854-7000 or visit www.ndlf.com.
Read the court decisionRead the full story...Reprinted courtesy of
Does Your U.S. Company Pull Data From European Citizens? Fall In Line With GDPR by May 2018 or Suffer Substantial Fines
Contractors Board May Discipline Over Workers’ Comp Reporting
November 06, 2013 —
CDJ STAFFCalifornia recently passed AB 1794, which authorized the Employment Development Department to share information it received on new hires with other agencies. The bill also allows the Contractors State License Board to audit members based on this information to determine if contractors are engaging in workers’ compensation fraud.
Writing on the Cumming & White construction litigation blog, Iman Reza notes that “the new law is intended to deter contractors from cutting corners in underreporting employees.” The CSLB will be able to discipline contractors who seek to gain an illegitimate competitive advantage by circumventing the law.
Read the court decisionRead the full story...Reprinted courtesy of
On Rehearing, Fifth Circuit Finds Contractual-Liability Exclusion Does Not Apply
November 26, 2014 —
Tred R. Eyerly – Insurance Law HawaiiOn rehearing, the Fifth Circuit determined that the contractual-liability exclusion did not apply to bar coverage for damage caused by the insured contractor to the home it constructed. Crownover v. Mid-Continent Cas. Co., 2014 U.S. App. LEXIS 20727 (5th Cir. Oct. 29, 2014).The court withdrew its prior opinion, summarized here.
Arrow Development, Inc. contracted with the Crownovers to construct a home. The contract had a warranty-to-repair clause, which, in paragraph 23.1, provided that Arrow would "promptly correct work . . . failing to confirm to the requirements of the Contract Documents." After the Crownovers moved in, cracks began to appear in the walls and foundation of the home. Additional problems with the heating, ventilation, and air conditioning ("HVAC") caused leaking in the exterior lines and air ducts inside the home. To compensate for defects in the HVAC system, the system's mechanical units ran almost continuously in order to heat or cool the home. Because they were overburdened, the mechanical units had to be replaced. The Crownovers paid several hundred thousand dollars to fix the problems with the foundation and HVAC system.
Read the court decisionRead the full story...Reprinted courtesy of
Tred R. Eyerly, Insurance Law HawaiiMr. Eyerly may be contacted at
te@hawaiilawyer.com
The Power of Planning: Four Key Themes for Mitigating Risk in Construction
November 09, 2020 —
Zac Hays - Construction ExecutiveConstruction is, and always has been, known as a relatively risky business. Whether it is dealing with factors that can be controlled or beyond control, proactively managing risk has proven to be of the most critical factors in delivering quality projects faster, more efficiently and with wider margins.
Many people assume on-site activities introduce the greatest amount of uncertainty and potential risk. But many mistakes in construction originate in the planning phase – meaning preconstruction is ripe with opportunity to be the most effective place for mitigating risk, saving money and ultimately broadening margins. There are many ways to mitigate risk before projects even start, but four key themes emerge to be clear, repeatable opportunities for success.
DIGITIZE THE PLANNING PHASE
Preconstruction is where ideas are brought to life by translating architectural designs into a real, constructible plan. Decisions made at this stage can determine the project’s success and profitability – but it’s far from straightforward. Estimating, scheduling and planning are highly complex activities that depend on constantly changing details and are all areas where missed information or miscommunication can lead to costly rework down the line.
Reprinted courtesy of
Zac Hays, Construction Executive, a publication of Associated Builders and Contractors. All rights reserved.
Read the court decisionRead the full story...Reprinted courtesy of
Arizona Court Cites California Courts to Determine Construction Defect Coverage is Time Barred
December 30, 2013 —
CDJ STAFFConstruction defect claims in an Arizona community are time barred and so the judge had determined that National Fire & Marine Insurance is not liable for coverage. National Fire claimed that while there was no Arizona case law concerning statutes of limitations for equitable contributions by insurance carriers, the court agreed that “its position is directly supported by cases from other jurisdictions.”
In the underlying construction defect case, Steadfast Insurance had settled with homeowners over allegations of construction defects. National Fire was a co-insurer and declined coverage. National Fire’s citing of two California cases was not unique for the Arizona courts. Other Arizona cases cited the same two California cases.
Read the court decisionRead the full story...Reprinted courtesy of
Nomos LLP Partner Garret Murai Recognized by Super Lawyers
July 08, 2024 —
Garret Murai - California Construction Law BlogNomos LLP Partner Garret Murai has been recognized as a 2024 Northern California Super Lawyers honoree in the area of Construction Litigation. This is the eleventh consecutive year that he has been recognized by Super Lawyers.
Super Lawyers, an annual listing of outstanding lawyers from more than 70 practice areas who have attained a high degree of peer recognition and personal achievement, is limited to no more than five percent (5%) of lawyers in a state who are selected through a multiphase process that includes a statewide survey of lawyers, independent research evaluation and peer reviews by practice area.
Read the court decisionRead the full story...Reprinted courtesy of
Garret Murai, Nomos LLPMr. Murai may be contacted at
gmurai@nomosllp.com
1st District Joins 2nd District Court of Appeals and Holds that One-Year SOL Applies to Disgorgement Claims
June 14, 2021 —
Garret Murai - California Construction Law BlogWe’re beginning to see a trend.
This past year, the 2nd District Court of Appeals, in Eisenberg Village of the Los Angeles Jewish Home for the Aging v. Suffolk Construction Company, 53 Cal.App.5th 1201 (2020), held for the first time that a one (1) year statute of limitations period beginning upon substantial completion of a project applies to disgorgement claims under Business and Professions Code section 7031. In San Francisco CDC LLC v. Webcor Construction L.P., the 1st District Court of Appeals became the second Court of Appeals in the state to hold that a one (1) year statute of limitations beginning upon completion or cessation of work on a project applies to disgorgement claims under Business and Professions Code section 7031.
The San Francisco CDC LLC Case
The Defect Action
In September 2005, San Francisco CDC LLC entered into a $144 million construction contract with Webcor Construction, Inc. doing business as Webcor Builders to build the InterContinental Hotel in San Francisco, California.
Read the court decisionRead the full story...Reprinted courtesy of
Garret Murai, Nomos LLPMr. Murai may be contacted at
gmurai@nomosllp.com
The Insurance Coverage Debate on Construction Defects Continues
February 05, 2015 —
Craig Martin – Construction Contractor AdvisorNew Hampshire is the first court of 2015 to weigh in on construction defect coverage issues. The case, Cogswell Farm Condominium Association v. Tower Group, involved a typical situation. Lemery Building Company was hired to build 24 residential condominium units. After construction, the condominium association sued the builder asserting that the weather barrier, including the water/ice shield, flashing, siding, and vapor barrier, was defectively constructed and resulted in damage to the units due to water leaks. The condominium association also sued Lemery’s insurer for a determination as to whether the builder’s Commercial General Liability (CGL) insurer had to provide coverage for the claim.
The trial court ruled against the condominium association, finding that the “your work” exclusion applied. The exclusion in the builder’s CGL policy provided that there was no coverage for property damage to “[t]hat particular part of any property that must be restored, repaired or replaced because ‘your work’ was incorrectly performed on it.”
Read the court decisionRead the full story...Reprinted courtesy of
Craig Martin, Lamson, Dugan and Murray, LLPMr. Martin may be contacted at
cmartin@ldmlaw.com
