The California Legislature Return the Power Back to the People by Passing the California Consumer Privacy Act of 2018
January 02, 2019 —
Richard H. Glucksman, Esq., David A. Napper, Esq., & Lana Halavi – Chapman Glucksman Dean Roeb & BargerIntroduction
Data breaches and social media hacks are becoming increasingly common stories on the news cycle. Meanwhile, companies have made fortunes on unsuspecting individuals by selling information gathered on the user. Every internet user has wondered why a pop-up ad or banner on an unrelated website relates to something you purchased or searched for "that one time. The California legislature has decided to return some power back to the people with the California Consumer Privacy Act of 2018. California is the first state to introduce privacy protection for individuals personal data and could pave the way for other states to follow suit in the near future.
The California Consumer Privacy Act of 2018
On June 28, 2018, California Governor Jerry Brown signed into law the California Consumer Privacy Act of 2018 ("the Act"). The California Legislature eagerly passed the Act, which comes into effect on January 1, 2020, granting broad new privacy rights to "consumers" and enforcing requirements on the protection of their personal data allowing consumers the right to take back control of their personal information.
A "consumer" is defined as a "resident of California as defined by California's personal income tax regulations. "Personal information" pursuant to the Act is defined as "information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household." Personal information is generally recognized in California as information that can identify a specific individual. The Act also includes information that can be used to identify a household.
Provisions of the Act
Pursuant to the Act, consumers are given the right to know upon request if their personal information is disclosed, and to whom it is disclosed, the right to know what personal information has been collected about them by a business, the right to object to the sale of their personal information, the right to obtain data collected about them, the right to require businesses to obliterate their personal information, and the right to be given equal service and pricing from businesses, including equal prices and quality of goods or services. The Act forbids discrimination by businesses against consumers for exercising their privacy rights pursuant to the Act.
Businesses are, however, permitted to charge different prices or provide different quality of service to consumers if the difference is "reasonably related to the value provided to the consumer by the consumer’s data." Additionally, businesses must allow consumers to exercise their rights by providing to consumers toll-free telephone numbers and/or websites to request such information or privacy. If a consumer sends a verified request for information to a business, the business subsequently has 45 days to give the consumer the requested information from the preceding 12 months with no charge to the consumer.
Who Must Comply with the Act
The Act will apply to for-profit businesses that do business in the State of California, deal with personal information of California residents, and either·(1) have more than $25 million in annual gross revenues, or (2) receive or disclose more than 50,000 California residents' personal information, or(3) derive 50% or greater of California residents' annual revenues from selling their personal information.
Who is Exempted from Compliance with the Act
A for-profit company, a small company, and/or a company that does not derive large amounts of personal information and does not share a brand with an affiliate covered by the Act is exempted from complying with the Act. Additionally, a company is exempted from compliance with the Act "if every aspect of . . . commercial conduct takes place wholly outside of California," meaning: (1) the personal information was collected from the consumer while they were outside California, (2) no sale of their personal information took place in California, and (3) there was no sale of personal information that was collected while the consumer was in California.
Impact
According to 2017 estimates, California's population totaled approximately 39 million people. Clearly the Act will affect an incredibly large amount of people considering it concerns the most populous state in America. The California Consumer Privacy Act of 2018, which is being compared to the EU General Data Protection Regulation for its all-encompassing method and resilient privacy protections is also speculated to have an impact on businesses throughout the nation and around the world. While the costs will likely go up for companies to do business in California, the transparency and trust earned by business and gained by consumers in this new landscape could potential overcome the initial costs to provide these required services. Perhaps most importantly however, is if California consumers decide to take advantage of the new protections, they will no longer have to wonder what for-profit businesses are doing with their data.
Reprinted courtesy of Chapman Glucksman Dean Roeb & Barger attorneys
Richard H. Glucksman,
David A. Napper and
Lana Halavi
Mr. Glucksman may be contacted at rglucksman@cgdrblaw.com
Mr. Napper may be contacted at dnapper@cgdrblaw.com
Read the court decisionRead the full story...Reprinted courtesy of
Legal Risks of Green Building
March 22, 2021 —
Mark D. Shifton - Construction ExecutiveAll construction projects involve elements of legal risk. Insurance and indemnity claims, delay claims and professional negligence claims are simply accepted risks when involved in construction. Green building projects are no exception to this rule, and often involve unique issues that are not present in typical construction projects.
Green building projects commonly employ new or untested construction materials, require construction methods that lack significant track records, and ultimate building performance often fails to meet design expectations. As such, green building projects may give rise to entirely new types of legal risk that should be considered and allocated early in the process.
In the past 15 years, the number of buildings for which green certifications have been sought has grown exponentially, and the growth rate of green building and sustainable construction has far outpaced the growth rate of the construction industry as a whole. As green building projects become increasingly common (and often increasingly required by the federal, as well as state and local governments), the unique legal risks presented by green building projects take on an increase importance.
Reprinted courtesy of
Mark D. Shifton, Construction Executive, a publication of Associated Builders and Contractors. All rights reserved.
Read the court decisionRead the full story...Reprinted courtesy of
Mr. Shifton may be contacted at
mshifton@gllawgroup.com
Ten-Year Statute Of Repose To Sue For Latent Construction Defects
November 12, 2019 —
David Adelstein - Florida Construction Legal UpdatesIf you are dealing with latent construction defects, it is imperative that you consult with counsel to understand your rights. This not only includes claims for property damage stemming from latent construction defects, but also personal injury stemming from such defects. There is a ten-year statute of repose to sue for latent construction defects. See Fla.Stat. s. 95.11(3)(c). After the expiration of this statute of repose you are out of luck, meaning you can no longer sue.
Now, I probably will not be the first to tell you that the statute of repose is not written so clear that you know the precise date it ends (or the last date you can sue for a latent defect). For this reason, you really want to operate conservatively, meaning it is always better to sue early if you think you could be running on the end of the statute of repose period. It is always advisable to avoid any legitimate argument that you filed your construction defect lawsuit too late.
In Harrell v. The Ryland Group, 44 Fla. L. Weekly D2054b (Fla. 1st DCA 2019), a subsequent owner of a house sued the original homebuilder in negligence for a construction defect causing a personal injury. The subsequent owner claimed the homebuilder defectively installed an attic ladder (that provided access to the attic for the original construction) which collapsed as he was using it. The homebuilder filed a motion for summary judgment that the statute of repose expired so the owner’s claim was time-barred. The First District agreed.
Read the court decisionRead the full story...Reprinted courtesy of
David Adelstein, Kirwin Norris, P.A.Mr. Adelstein may be contacted at
dma@kirwinnorris.com
ASCE Statement on House Passage of Infrastructure Investment and Jobs Act
November 15, 2021 —
American Society of Civil EngineersThe following is a statement by Dennis D. Truax, P.E., President, American Society of Civil Engineers (ASCE):
WASHINGTON, DC. – It is a great day for the nation as the U.S. House of Representatives passed the Infrastructure Investment and Jobs Act (IIJA), fulfilling President Biden's vision with a historic piece of legislation that will have monumental impacts on the economy, public safety, global competitiveness, and each American's well-being. Passage of this five-year, $1.2 trillion bill proves once again that the country can lead with infrastructure.
With this legislation, the federal government will restore their critical partnership with cities and states to modernize our nation's roads, bridges, transit systems, drinking water pipes, school facilities, broadband, ports, airports and more. Without a strong federal partner, local projects that are community lifelines have hung in the balance, oftentimes being paused or outright cancelled due to funding uncertainties. When this happens, American households and businesses are the ones who pay the price.
The IIJA is the culmination of decades of advocacy by American Society of Civil Engineers (ASCE) members who worked tirelessly to educate Congress about the role infrastructure plays in supporting the economy and our quality of life. ASCE's Infrastructure Report Cards have sounded the alarm on our nation's infrastructure conditions since 1998, with new reports being released every four years. While all categories of infrastructure have been the cause of some concerns, the common denominator behind each category's struggles has been a backlog of projects, overdue maintenance, and a need for resilience. This bill includes investments to repair and modernize these critical assets for almost all of the 17 categories in the 2021 Report Card for America's Infrastructure, which assigned our nation's infrastructure a cumulative grade of 'C-'.
ABOUT THE AMERICAN SOCIETY OF CIVIL ENGINEERS
Founded in 1852, the American Society of Civil Engineers represents more than 150,000 civil engineers worldwide and is America's oldest national engineering society. ASCE works to raise awareness of the need to maintain and modernize the nation's infrastructure using sustainable and resilient practices, advocates for increasing and optimizing investment in infrastructure, and improve engineering knowledge and competency. For more information, visit www.asce.org or www.infrastructurereportcard.org and follow us on Twitter, @ASCETweets and @ASCEGovRel.
Read the court decisionRead the full story...Reprinted courtesy of
Real Estate & Construction News Roundup (3/6/24) – Steep Drop in Commercial Real Estate Investment, Autonomous Robots Being Developed for Construction Projects, and Treasury Department Proposes Regulation for Real Estate Professionals
April 08, 2024 —
Pillsbury's Construction & Real Estate Law Team - Gravel2Gavel Construction & Real Estate Law BlogIn our latest roundup, major league sports franchises turn to real estate to increase their value, the Associated Builders and Contractors releases a guide on artificial intelligence, New York City helps landlords convert empty office space into housing, and more!
- The Treasury Department proposed a regulation that would require real estate professionals to report information to the agency about all-cash sales of residential real estate to legal entities, trusts and shell companies. (Fatima Hussein, AP)
- For decades, major league teams depended on ticket sales, concessions and TV deals to generate revenue, but team owners in recent years have turned to real estate development to bring in extra cash and drive up the values of their franchises. (Nathaniel Meyersohn, CNN)
- The U.S. commercial real estate market saw a steep drop in investment last year, with the market plummeting by more than 50% to the lowest level since 2012 and CBRE noting a 91% year-over-year drop in direct real estate company investments. (Yuheng Zhan, Business Insider)
Read the court decisionRead the full story...Reprinted courtesy of
Pillsbury's Construction & Real Estate Law Team
Sureties and Bond Producers May Be Liable For a Contractor’s False Claims Action Violation
October 26, 2017 —
Michael C. Zisa & Susan Elliot – Peckar & Abramson, P.C.Two recent decisions from the United States District Court for the District of Columbia and the United States Court of Federal Claims highlight that sureties and bond producers are not immune to the potentially severe consequences of the False Claims Act (“FCA”) and related federal fraud statutes. In each case, the Court determined that sureties and bond producers can face potential liability under these fraud statutes for direct and indirect submission of false claims to the federal government
Reprinted courtesy of
Michael C. Zisa, Peckar & Abramson, P.C. and
Susan Elliott, Peckar & Abramson, P.C.
Mr. Zisa may be contacted at mzisa@pecklaw.com
Ms. Elliott may be contacted at selliott@pecklaw.com
Read the court decisionRead the full story...Reprinted courtesy of
What to do When the Worst Happens: Responding to a Cybersecurity Breach
November 21, 2018 —
Scott L. Satkin & J. Kyle Janecek – Newmeyer Dillion LLPCybersecurity is a growing concern for today's businesses. While it's always advisable to take whatever action possible to avoid a cybersecurity breach, no security measures can be one hundred percent perfect, and malicious actors are always innovating and trying to find new security flaws. The implementation of new technology brings with it new opportunities, but also potentially new vulnerabilities. And hackers have one major advantage – those working to defend against cyber-attacks have to try to find and fix every potential exploit, whereas those on the other side only need to find one. As demonstrated by recent high-profile breaches at Google and Facebook, even massive tech companies with access to vast financial resources and top engineering talent can still fall prey to cyber-attacks. Therefore, understanding how to respond to a breach is just as critical to a company's cybersecurity plan as attempting to prevent one. Below are a few solid tips on how to react when an organization's cybersecurity has been compromised.
Plan in Advance
The best response to a cybersecurity breach begins before the breach ever happens. A written incident response plan is of paramount importance. In the immediate aftermath of a cybersecurity breach, people will be scared and stressed. In those circumstances, they will be more likely to be able to respond effectively if there is a plan laid out for them and they have received training on how to follow that plan. Make sure that employees are trained on the parts of the plan that are relevant to them. Most may only need to know who to report to if they suspect a breach may have occurred, while those who will be involved in the breach response will need more in-depth training. The plan should also be updated regularly to account for staffing changes, new technology, and the evolving legal landscape. The law may also require a plan for responding to cybersecurity breaches, depending on the jurisdiction.
Call Your Lawyer- Early and Often
At the risk of sounding self-aggrandizing, attorneys are critical in responding to a cybersecurity breach. The most obvious reason is to advise clients on their legal obligations and potential liability – and this is indeed an important function. The patchwork of federal and state regulations governing cybersecurity is something laypeople – and even non-specialized attorneys – should navigate with caution. Of equal importance is the preservation of confidential communication under the attorney-client privilege. The presence of an attorney helps to improve the security of information surrounding the response to the breach because correspondence with that attorney is privileged, allowing candid evaluation of the breach. The ability to assert attorney-client privilege regarding an internal investigation and response can be quite useful in the event of a later external investigation or litigation.
To Disclose or Not to Disclose?
An important question that needs to be asked in the wake of a cybersecurity breach is whether the incident must be disclosed, and if so, when, how, and to whom should such disclosures be made? While many understandably wish that their mistakes and failures will never see the light of day, there are also many people who will want to know when a company's cybersecurity has been breached. Shareholders want to know – and may have a right to know – if such a breach has harmed the business. Consumers want to know if their personal information has been compromised so that they can protect against identity theft. Furthermore, state breach notification laws may mandate certain disclosures to consumers depending on facts surrounding the breach. Legal requirements from states, the federal government, and even foreign entities may also require companies to provide notices to one or more regulatory agencies.
An attorney can advise on whether a company is legally required to provide any notice in the aftermath of a data breach, but even though notice may not be a legal requirement in a particular set of circumstances, it may still be prudent to give it anyway. Google decided not to disclose the recent breach of data from its Google+ service to avoid a PR and regulatory backlash, but the fact that it had happened eventually leaked out anyway. Even though legal experts have opined in the aftermath that Google likely was not obligated to disclose the breach, the fact that it did not caused exactly what Google attempted to avoid, but with magnified effect. "Google Experiences Consumer Data Breach" may not have been a good headline, but "Google Hides Consumer Data Breach" was a worse one.
Remember: Protection Is Key
No company wants a cybersecurity breach, but past experience has increasingly demonstrated that this is not a question of "if" but rather one of "when" and "how bad." Planning ahead and knowing what to do when a data breach does happen can ensure that an organization bounces back from a breach as smoothly and painlessly as possible.
Scott Satkin and Kyle Janecek are associates in the Cybersecurity group of Newmeyer & Dillion. Focused on helping clients navigate the legal dispute implications of cybersecurity, they advise businesses on implementing and adopting proactive measures to prevent and neutralize cybersecurity threats. For questions on how they can help, contact Scott at scott.satkin@ndlf.com and Kyle at kyle.jancecek@ndlf.com.
About Newmeyer & Dillion
For more than 30 years, Newmeyer & Dillion has delivered creative and outstanding legal solutions and trial results for a wide array of clients. With over 70 attorneys practicing in all aspects of cybersecurity, business, employment, real estate, construction and insurance law, Newmeyer & Dillion delivers legal services tailored to meet each client's needs. Headquartered in Newport Beach, California, with offices in Walnut Creek, California and Las Vegas, Nevada, Newmeyer & Dillion attorneys are recognized by The Best Lawyers in America© and Super Lawyers as top tier and some of the best lawyers in California, and have been given Martindale-Hubbell Peer Review's AV Preeminent® highest rating. For additional information, call 949.854.7000 or visit www.ndlf.com.
Read the court decisionRead the full story...Reprinted courtesy of
A Subcontractor’s Perspective On California’s Recent Changes to Indemnity Provisions
September 10, 2014 —
William M. Kaufman – Construction Lawyers BlogGreat news for California subcontractors and suppliers! “Type I” Indemnity provisions in California construction contracts entered into on or after January 1, 2013 are not enforceable. This change in the law prevents owners and general contractors from shifting enormous exposure and costs of litigation downstream to the little guy, namely subcontractors and suppliers. In October 2011, Governor Brown signed Senate Bill 474 into law, which represented a major legislative victory for subcontractors and suppliers. The new law also imposed exacting limitations on contractors that attempt to require their subcontractors and suppliers to cover their defense fees and costs in litigation.
New Law Prevents Indemnity or Cost of Defense for Active Negligence
Under a "Type I" indemnity provision, the downstream subcontractor agrees to indemnify the owner or contractor, even against liability caused by the upstream owner/contractor's own "active negligence." A “Type I” indemnity provision in general contractors’ subcontracts often require their subcontractors to defend and indemnify them from liability regardless of whether the general contractor is partially at fault. Subcontractors and suppliers historically have complained that they have little bargaining power when entering into these contracts and these types of provisions can result in ruinous liability for those in the construction industry that are most vulnerable-subcontractors and suppliers. Before this change, the law allowed a general contractor who is 99 percent at fault for an injury or damage to shift the entire risk to a subcontractor who is only one percent at-fault or a subcontractor who is not at fault at all, but tangentially involved in the claim. Subcontractors and suppliers joined forces and lobbied the legislature. The legislature and Governor Brown agreed. Under the new law, such "Type I" indemnity provisions will no longer be enforceable. SB 474 adds Civil Code section 2782.05 that precludes indemnity where the party to be indemnified is "actively negligent" and makes void and unenforceable these types of clauses.
Reprinted courtesy of
William M. Kaufman, Lockhart Park LP
Mr. Kaufman may be contacted at wkaufman@lockhartpark.com, and you may visit the firm's website at www.lockhartpark.com
Read the court decisionRead the full story...Reprinted courtesy of
