NYS Power of Attorney Legislation

Governor Andrew M. Cuomo has signed legislation amending New York State’s law relating to power of attorney forms.  The legislation makes granting, using and understanding a power of attorney simpler and removes much of the complexity traditionally associated with individual powers of attorney in New York.  Under the previous statute, these forms could be invalidated on technicalities if the exact wording of the statute wasn’t followed. Furthermore, often the form was not easy to put into effect – especially if you didn’t have a lawyer there to help the grantor understand what they were signing and the powers they were agreeing to grant. A hardship to many vulnerable nursing home and assisted living residents – especially during this pandemic.

While understanding the implications and legal effect of granting a power of attorney is still an essential ingredient to effectiveness and enforcement, the new law, Chapter 323 of the 2020 Session Laws, becomes effective 180 days from December 15, 2020.  What’s changed?

  • The new law modifies the prior requirement of “exact wording” in the “Caution to the Principal” and “Important Information for the Agent” sections of a power of attorney. Although those sections are still required, the ‘exact language’ requirement has been replaced with a “substantially conforms” standard – making it less likely that innocuous and immaterial technical differences will invalidate the power;
  • The new legislation creates a presumption in favor of the validity of the power of attorney form and expressly provides that anyone accepting an acknowledged power of attorney with no actual knowledge the signature isn’t genuine, may rely on the presumption the signature is, in fact, genuine;
  • Although the unwillingness or inability of an agent to provide an opinion of counsel or certification is grounds to refuse to honor a power of attorney, if a third party has a good faith belief the power is valid and has no knowledge that it isn’t valid or the agent doesn’t have the authority for a particular act, they can now feel comfortable honoring the power of attorney in reliance on the agent’s authority. In fact, the new law allows a judge to impose penalties (including attorneys’ fees) if an institution unreasonably refuses to accept a presumptively valid power of attorney form;
  • One other welcome benefit of the new law. The statutory gifts rider has been eliminated and the authority to make gifts above “standard amount” is to be included in a modifications section in the power of attorney itself. If there is no gifting language in the modification, the authority to make gifts is now $5,000 in any calendar year (up from the previous $500).

To many, welcome and long overdue changes to the power of attorney law in New York State. You can read the amended version of the legislation that was signed by the Governor of New York State here:  NYS Power of Attorney Legislation.

As always, if you have questions about anything in this post, feel free to contact me, Joe Rosenbaum, or any of the Rimon lawyers with whom you regularly work.

 

California CPRA – CCPA 2.0

On Election Day in California, voters will not only be determining choices among candidates standing for election, but they will also be deciding the fate of Proposition 24, referred to as the California Privacy Rights Act (CPRA).  Proposition 24 is intended to build upon the California Consumer Privacy Act (CCPA) that came into force at the beginning of 2020. Among other things, the CPRA would create a California Privacy Protection Agency, a new regulatory agency that would ultimately take over privacy enforcement responsibility from the Office of the California Attorney General.

Among the areas that would be affected by the CPRA would be a clear ban on discrimination against anyone choosing to ask a company to delete their information and opt-out of marketing communications, stronger rights to prevent data sharing by companies (e.g., cross-context behavioral advertising), clearer mechanisms to enable consumers to correct information that is not accurate and a requirement that companies tell consumers how long they plan to retain the information.

Proposition 24 would also legitimize marketing and promotional schemes that offer consumers a discount or access to benefits in exchange for voluntarily disclosing personally identifiable information (e.g., in the context of rewards or loyalty programs).  Privacy and data protection proponents and opponents have long debated whether consumers should have an option to pay for privacy – viewed as a logical consequence of offering benefits in exchange for information that can be used for marketing and promotional purposes.

Since the CCPA came into force, companies have already been scrambling to comply.  If Proposition 24 passes and CCPA 2.0 comes into force, companies will again have to review and likely revamp their policies and practices to deal with the added new compliance obligations. Just as significantly, a separate California Consumer Privacy Agency would likely end up brining many more enforcement actions since protecting the privacy rights of California consumers will be its only mission.  Proponents of Proposition 24 say that may well be a good thing for California consumers, but they also argue that an agency solely focused on data protection will also mean more clarity, consistency and guidance surrounding some of the nuances of the California requirements.

Stay tuned. Election day is only a week away.

New York Moves To Expand the Right of Publicity

As New York law currently stands basically the only right of publicity that is recognized in New York is the right to prevent appropriation of a living person’s name or likeness (e.g., portrait, picture, image) for commercial purposes.  A violation of the law can have both criminal and civil consequences, although only civil actions currently include the misappropriation of ones’ “voice,” in addition to names and photographs. New York courts have also allowed claims based on the use of look-alike models (Onassis v. Christian Dior-New York, Inc., 472 N.Y.S2d 254 (N.Y. Sup. Ct. 1984)).

New York does not recognize any common law right of publicity (Stephano v. News Group Publications, 474 N.E.2d 580 (N.Y. 1984)). Consequently all New York rights of publicity are purely creatures of statutory law.  Of interest in recent years is the fact that unlike over 20 other States in the United States and many jurisdictions internationally,* New York has never recognized any post-mortem rights of publicity. In other words, only living New York persons have any right of publicity and those are governed exclusively by statute!

Well that may change if and when New York State Governor Andrew Cuomo signs a bill recently passed by both houses of the the NYS legislature and although the bill differentiates between “deceased personalities” and “deceased performers,” if signed into law it would broaden the current law and create a new transferable (and inheritable) right that would protect those rights of publicity after death – rights that would last for 40 years after the death of the individual.

This new legislation is likely to have implications to performers, celebrities and others who are domiciled in New York, as well as to advertisers, advertising agencies and sponsors, among others.  Once the bill is signed into law, watch for updates on Legal Bytes for more detail. In the meantime, if you have questions or want more information, feel free to contact me, Joe Rosenbaum or any of the Rimon lawyers with whom you regularly work.

* Note: In some jurisdictions, rights of publicity are referred to as “personality rights” and one should never assume these rights are identical in scope or effect.

 

Brazil Adopts Comprehensive Data Protection Law

Katie Hyman, Partner

Brazil’s Lei General de Proteção de Dados (“LGPD”) officially came into effect on Friday, September 18 2020. This Brazilian General Data Protection Law (LGPD), Federal Law no. 13,709/2018, was published on August 15, 2018, is heavily influenced by the EU GDPR and is Brazil’s first comprehensive framework regulating the use and processing of personal data. Prior to the LGPD, data privacy regulations in Brazil consisted of various provisions spread across Brazilian legislation.

The LGPD applies to businesses of all sizes, with only a few listed exceptions, such as where data are collected for artistic or academic purposes, or for national security and public safety. It will apply when data is collected or stored in Brazil or where data is processed for the purposes of offering goods or services to individuals in Brazil.

The LGPD defines “personal data” broadly: it means any information regarding any identified or identifiable natural person, including data that could be aggregated to identify a person. The general principles underlying the LGPD are set out in Article 6, and these will be used by the Brazilian data protection authority to determine a company’s compliance with the law. The principles are purpose, suitability, necessity, free access, quality of the data, transparency, security, prevention, non-discrimination and accountability.

In line with these principles, the rights of the data subject are set out in Article 18, and these are very similar to those in the GDPR, including access to data, correction of inaccurate data, portability, deletion of data processed with consent, information about entities with which the controller has shared data, information about the possibility of denying consent and revocation of consent.

Companies are required to report data protection breaches to the local data protection authority, but no deadline for reporting is included in the LGPD. Guidance on this is to come from the data protection agency, which is yet to be established. Companies that violate the LGPD can be fined up to 2% of the revenue of their organization, up to a total of R$50 million (approximately US$9 million) per violation. However, penalties for infractions will only start to be applied from August 1, 2021.

An official English translation is not yet available, but the IAPP has provided a translation and you can read it here: Brazilian General Data Protection Law.

If you want more information about this article feel free to contact Katie Hyman or me, Joe Rosenbaum or any of the Rimon lawyers with whom you regularly work.

Swiss-US Privacy Shield

In July, we reported that the EU Court had invalidated the viability of the US-EU Privacy Shield (EU Invalidates the Privacy Shield . . BUT Says Contracts May Save the Day!).  A few weeks ago (September 8, 2020), the Swiss Federal Data Protection and Information Commissioner (FDPIC) also decided to remove the United States from a list of nations that are considered to be providing “adequate level of data protection.”

Unlike the EU Court’s decision, decision by the Swiss FDPIC does not automatically invalidate the applicability of the Privacy Shield, because the list of countries on or off the list is technically not legally binding. That said, if your company is relying on the Swiss-US Privacy Shield to continue to transfer data from Switzerland to the United States, it would not be prudent to assume these transfers will continue to be viewed as complying with the adequate protection standards under Swiss law.  It seems to make sense to re-assess the risks and start relying on corporate policies and regulations, as well as legally binding contract clauses to ensure they are consistent with Swiss data protection law.

Even when the company policies and contract provisions are properly constructed, there still remains the risk that even these protections may be considered inadequate.  For example, if local authorities have the right to obtain the data without safeguards and legal protections consistent with those required under Swiss regulation, the transfer may be considered in contravention of Swiss law.  Similarly, if the entity to which the data is being transferred is not legally obligated, for any reason, to cooperate with the enforcement requirements that may apply under Swiss law this too creates a problem.  While encryption technology exists that can ensure no personal data can become available in another country, that approach only makes sense for pure storage capability (e.g., cloud based storage) but NOT if the data is intended to be used, displayed or otherwise handled in another nation.

While further guidance and information may ultimately be promulgated by the FDPIC, at present, a review of current procedures and data transfers, the exercise of caution and consideration of implementing additional steps to deal with this development in Switzerland, as with the EU Court decision, seems to be a prudent course of action.

At Rimon Law, our professionals are available to answer question about these developments, so feel free to contact me, Joe Rosenbaum, or any of the Rimon lawyers with whom you regularly work for information about this or any other matters.

EU Invalidates the Privacy Shield . . BUT Says Contracts May Save the Day!

Today (July 16, 2020), the EU Court of Justice, (the EU’s highest court) struck down the validity of the Privacy Shield – a mechanism that well over 5,000 U.S. companies have been using and relying upon in order to legally justify the transfer of personal data across the Atlantic into the US.  This same court had previously invalidated the “Safe Harbor” protocol, concluding the Safe Harbor failed to adequately protect privacy rights of EU citizens, since it accorded law enforcement in the United States priority over the rights of EU citizens – permitting law enforcement virtually unrestricted access to the data.

This new case began when Max Schrems, an Austrian privacy advocate, complained to Irish data protection regulators that Facebook’s reliance on standard contract clauses to permit data being transferred from the European Union to the United States did not provide adequate protection. Schrems argued that it didn’t prevent intelligence officials and other third parties in the United States from getting at the information. The Commissioner at the Irish Data Protection Authority took the complaint to Ireland’s high court and they referred certain questions regarding the validity of standard contractual clauses to the EU Court of Justice. Although Schrems’ complaint never raised the Privacy Shield issue, it was raised in oral argument before the court, opening the door for the court to include it in their opinion and decision.

While the European Court invalidated the Privacy Shield, it didn’t buy Schrems’ argument that standard contractual clauses should be deemed invalid as a matter of EU law or regulation. They basically said that standard contract clauses could be among the “effective mechanisms” if they required both sides involved in the transfer to ensure information is accorded the equivalent level of protection as required under EU law. They went on to note that the parties should not use those clauses if they can’t comply with that requirement.

As a result, while neutering the Privacy Shield, they did uphold the validity of the use of standard contractual clauses to legally move personal information outside the European Union, if these clauses were effective in providing the same level of privacy protection as the EU requires.

The case is Between the Data Protection Commissioner and Facebook Ireland Ltd. and Maximillian Schrems (Case Number C-311/18) and as always, if you have any questions or need more information about this posting, feel free to contact me, Joe Rosenbaum, or any of the lawyers at Rimon with whom you regularly work.

Cyberspace Lawyer: The Force (Majeure) is Strong

Honored to have an article I (Joe Rosenbaum) wrote: “Managing Contract Risks & Remedies in a Time of Coronavirus”, published by Thomson Reuters in the June 2020 issue of Cyberspace Lawyer!  Many thanks to the Editor-in-Chief, Michael D. Scott, a long-time professional colleague and good friend!

Since that article was submitted for publication, an interesting new development arose at the end of June which was also posted here on Legal Bytes. A bankruptcy judge in Illinois has opined on at least one instance where a party to a real estate lease agreement can take advantage of such a clause. You can also read that update right here: COVID-19 and Force Majeure: What’s In Your Contract?

 

US Paycheck Protection Program (PPP) Extended

If you have been following Legal Bytes, then you know we have been following developments related to the various relief, incentive and stimulus programs being enacted and signed into law in the US (See Congress Provides Additional PPP Flexibility which includes links to many of the prior postings).

After Congressional passage of the legislation earlier last week, over this past July 4th weekend, President Donald Trump signed into law an extension of the application period for the Paycheck Protection Program (PPP) until August 8, 2020 and this morning applications were once again being accepted for the loans.  According to the SBA, there is still over $130 billion available in the fund.

We will continue to provide updates as they become available and as always, if you need more information or assistance you can always contact me, Joe Rosenbaum, or the Rimon Law lawyer with whom you regularly work. Stay safe, stay well!

Unsung Cyber Hero Adventures

On June 4, 2020, Steven Teppler and I (Joe Rosenbaum) were guests of Gary Berman, host of “Unsung Cyber Hero Adventures”.  You can watch the entire interview “The Judicial System & Cybersecurity” and many more on his “Unsung Cyber Hero Adventures” TV Network!

There is also a comic series and you can find out more by looking at  The CyberHero Adventures: Defenders of the Digital Universe.  The comic series, the streaming interview series and much more are all the brainchild of Gary L. Berman, a career marketing consultant and entrepreneur whose company – and the families it supported – fell victim to a prolonged series of insider cyber attacks.  Feeling powerless, Gary decided to educate himself about cybersecurity, attending conferences, listening to podcasts and learning from the real heroes, the cybersecurity experts in law enforcement, government, education, and business.

COVID-19 and Force Majeure: What’s In Your Contract?

At the beginning of April, Legal Bytes highlighted some of the pros and cons of attempting to use a Force Majeure (Excusable Delay) clause in contracts as the basis for delaying or even failing to perform under a contract. See COVID-19: May the Force (Majeure) Be With You.   Now in early June, a bankruptcy judge in Illinois has opined on at least one instance where a party to a real estate lease agreement can take advantage of such a clause. For those of you inclined to read the entire decision you can check out In re Hitz Restaurant Group, No. 20-B-05012, 2020 WL 2924523 (Bankr. N.D. Ill., Eastern Division, June 3, 2020).

The specific language in the lease agreement is critical to this analysis, so this is the relevant language in the contract the court cites in the opinion:  “Landlord and Tenant shall each be excused from performing its obligations or undertakings provided in this Lease, in the event, but only so long as the performance of any of its obligations are prevented or delayed, retarded or hindered by … laws, governmental action or inaction, orders of government…. Lack of money shall not be grounds for Force Majeure.” (emphasis is mine).  The Bankruptcy Court held Executive Order 2020-7, the Stay-at-Home Order, issued by Illinois Governor Pritzker on March 16, 2020, “unambiguously” triggered the force majeure clause, holding the order constituted both “governmental action” and an “order of government.”

In its motion, the landlord claimed banks were still open, the tenant was still able to write checks and mail them to the landlord, that the tenant could still operate it’s take out and delivery service, that in order to obtain funds the tenant could have applied for and received an SBA loan, but more importantly that lack of money was specifically and explicitly stated in the clause as “not grounds for Force Majeure. ”  In dealing with the landlord’s motion, the Bankruptcy Court first noted neither the bank’s being open or closed or the tenant’s ability to write checks and mail them were relevant or responsive to the tenant’s arguments or for that matter the specific language of the force majeure clause.  More significantly, the Court rejected the landlord’s argument that the failure to perform was due to a lack of money – something specifically noted in the clause. To this the Court stated that not only was the tenant under no legal obligation (either in the lease or at law) to apply for an SBA loan to pay the rent, but the Illinois Governor’s Executive Order was the proximate cause of the tenant’s inability to pay rent and that the Executive Order clearly impaired the tenant’s ability to operate fully and generate the same amount of revenue as it might under normal circumstances.

That said, the Bankruptcy Court did take into account the fact that the restaurant (tenant) was not completely shut down and could still provide take-out and delivery services and decided that the tenant should still pay some rent, but in an amount “in proportion to its reduced ability to generate revenue due” as a result of the imposition of the Executive Order.  Neither landlord or tenant had suggested a way to determine a reasonable proportion so the Court essentially decided that since the tenant estimated the kitchen (the facilities within the premises still available for use in fulfilling a take-out and delivery service) represented about 25% of the total square footage, the Court partially excused the tenant from paying the full rent while the Executive Order remained in effect.

It is important to note this is a proceeding in bankruptcy court and even in that context is technically not binding on other jurisdictions.  It is also important to note that even though the contract clause carved out “lack of money” as a basis for invoking the clause, the specific reference to “governmental action” and “orders of government” gave the court a foothold to decide that these facts, although perhaps causing a lack of revenue, where the basis for invoking the clause and awarding the tenant partial relief from it’s full payment obligation.  As with all decisions of the courts, they are very fact-specific, although it may be interesting to see if other courts begin to use the reasoning as having some precedent value in these unprecedented times.

If you need more information or have any questions, don’t hesitate to contact Angela Gonzalez or me, Joe Rosenbaum, or the Rimon Law lawyer with whom you regularly work.