Nick BuzzyYou trusted your insurance agent with your company’s insurance coverage. What could go wrong? The Ohio Supreme Court recently made it clear that upon receiving that new policy or renewal you must, as President Ronald Reagan used to say, “trust, but verify.”

The Ohio Supreme Court puts the onus on the policyholder to educate himself/herself of policy exclusions before an insurance company denies coverage or other problems arise. The ruling starts the clock on the time period of when one may sue for any agency errors, omissions, or professional malpractice claims once an insurance company issues the written policy of insurance.

The time in which a plaintiff can file a lawsuit is the statute of limitations. This varies depending on the type of case, i.e. personal injury, contract dispute, etc. After the statute of limitations expires, a plaintiff cannot bring suit to recover damages. In Ohio, the statute of limitations normally begins when an injury or damage occurs. One exception to this general principle is the “delayed-damage rule.” Under this rule, the statute of limitations period does not begin until the wrongful conduct causes actual damage.

In LGR Realty, Inc. v. Frank and London Insurance Agency, the Supreme Court put the “delayed-damage rule” in the spotlight. A business made a claim under its insurance policy to defend a significant lawsuit involving one of its properties. The insurance company denied coverage on the basis of an exclusion provision for that property in the policy. As a result, the business paid over $420,000 in attorney fees and expenses over the next few years to defend the lawsuit. These were the “delayed damages.”

The business then filed a professional malpractice lawsuit against its insurance agent for these fees and expenses. It claimed that the agent neglected to make sure the particular property was insured. The trial court dismissed the lawsuit because it was filed more than four years after the policy took effect. This exceeded the statute of limitations. The Ohio Court of Appeals reversed the trial court and instead followed the delayed-damage rule. The appeals court reasoned that the business was not actually harmed until the insurance carrier denied the claim thereby leading the business to pay significant attorney fees in defending the lawsuit.

The Ohio Supreme Court reversed the appeals court, ruling that the delayed-damage rule does not apply in professional malpractice claims. The court held that the statute of limitations period begins when an individual or business is issued an insurance policy. The court stressed that it was the policyholder’s duty to determine whether there were any policy exclusion errors.

The LGR decision means that individuals and businesses should check the new or renewed policy with their agent to ensure all the coverages intended actually exist in the new policy at or near the time the policy is received. The decision tightens the timeframe for an individual or business to seek recourse against an insurance agency if the agent fails to disclose all the coverages are what were intended.

Individuals and businesses should consult with counsel to make sure there are no uncertain areas of coverage or exclusions in their policies. Otherwise, if a claim arises it may be too late to seek coverage or file a lawsuit if an insurance company denies coverage for the claim.

Nick Buzzy is an attorney at Walter | Haverfield who also focuses his practice on litigation. He can be reached at nbuzzy@walterhav.com or at 216-928-2912.

Craig Marvinney is a partner at Walter | Haverfield who focuses his practice on business, commercial, insurance and complex litigation. He can be reached at cmarvinney@walterhav.com or at 216-928-2889.

 

 

Committed to its mission of offering personalized service to our growing number of clients, Walter | Haverfield has hired Nicholas Buzzy to its Litigation team and Gail Bisesi to its Real Estate team.

Buzzy is a dedicated, dynamic attorney with experience in wide-ranging complex litigation. The Northeast Ohio native has successfully defended multiple cases at trial, valued at more than six figures. That includes personal injury as well as business interruption cases.

“I’m passionate about my work as a litigator and proud of the success I’ve had thus far in defending big cases,” said Buzzy. “I now have the opportunity to continue to do what I love on an even bigger scale with a strong, hard-working team, and I’m very thankful for that.”

Buzzy has also defended a variety of corporations in products liability cases as well as individuals on a variety of disputes. Buzzy most recently worked at the Cleveland-based law firm of Gallagher Sharp as a litigation attorney. Prior to that, he served as an assistant prosecuting attorney for Summit County, Ohio.

Bisesi brings more than two decades of real estate experience to Walter | Haverfield. She joins the firm as a paralegal and previously worked at law firms, in banks and with developers in the Northeast Ohio region.

“I was looking for a firm that has a strong real estate practice group, and that’s why I sought out Walter | Haverfield,” said Bisesi, who is also a Northeast Ohio native and enjoys working at the Cleveland Film Festival each year.

“Our goal is to find highly skilled and qualified individuals to serve our clients in ways that align with our strong values and high standards,” said Ralph Cascarilla, managing partner of Walter | Haverfield. “Nick and Gail will be able to deliver that superior service, and I’m happy to have them on board.”

Since 1932, Walter | Haverfield attorneys have served as strategic counselors to private businesses, public entities and high net-worth individuals, providing creative and customized solutions that deliver outstanding results at an exceptional value. Our track record has allowed us to sustain year-after-year growth. Walter | Haverfield has more than doubled in the past decade to become one of Cleveland’s top ten law firms. Today, our team of nearly 80 attorneys is focused primarily in the areas of corporate transactions, real estate, intellectual property, labor and employment, tax and wealth management, liquor control law, litigation, public law and education.

 

In an article written by Timothy Magaw and published on July 29, 2017 by Crain’s Cleveland Business, Craig A. Marvinney advised companies to employ top-down programs in order to prevent cyber attacks.

“Small Claims Recovery Increased to $6000 – Should Your Business Be Thinking Small?,” also appeared online in Crain’s Cleveland Business on April 3, 2017.

Late last year, Governor Kasich signed a law that doubled the maximum amount of money recoverable in small claims court, from $3,000 to $6,000. As with any new law, the increase in maximum recovery in small claims court has both positive and negative consequences on Ohio businesses.

On the plus side, one of the main purposes of this change was to permit businesses to recover debts, while avoiding the high cost and length of litigation often found in other courts. For example, in Cleveland Municipal Court, the filing fee for a complaint is $122, but a small claims complaint only costs $37 to file. Because there is typically no discovery, small claims cases tend to be resolved much more quickly. And, under Ohio law, a company can – subject to strict limits – be represented in small claims court by a non-lawyer. (Importantly, although a company may file and present its claim or defense, it cannot engage in cross-examination, argument, or other acts of advocacy without representation by an attorney. Think carefully before selecting this route.)

On the other hand, the new law also has the potential for negative effects. For example, businesses may see an uptick in cases being filed against them in small claims court. As there are no subject matter limitations in small claims court, these filings could include breach of contract and other business disputes, routine slip and falls, and others. Additionally, the monetary increase has the potential for an increase in meritless and frivolous filings. This is because potential plaintiffs now stand to recover twice as much as they could have previously.

Procedurally, the small claims process is fairly straightforward. First, a claim is filed. Typically, this is a single page form identifying the parties, stating the basis for the claim, and including the amount of money the plaintiff seeks to recover from the defendant. After the complaint is filed, the court will set the trial date, usually around 30 to 60 days after the complaint is filed. A party who is sued can counter-sue by filing a counterclaim at least seven days before the trial. Typically, there is no discovery. Witnesses can be compelled to appear by serving them with a subpoena.

On the date of the small claims trial, the parties appear, exchange any documents they want to present to the judge, and possibly discuss settlement. Absent a settlement, the presiding judge begins the trial and it is concluded in approximately 15 to 20 minutes.

In contrast, civil litigation in municipal or common pleas court is not as quick or simple. First, the complaint requires a written response from the defendant. Then, the court sets a status conference for the parties to meet, discuss the case, and set a trial date – which could be a year or more away. Next, written discovery is exchanged and depositions are taken. The legal fees and expenses resulting from this process can amount to an expenditure of time and money that is disproportionate to the value of the claim itself.

For example, before the law was changed, a business seeking to recover on an unpaid debt for $4,000 had to file in municipal court. Because a business cannot pursue a claim without legal representation, it had to make a decision whether it wanted to pursue the claim and pay an attorney or simply let it go. No longer does that business have to make such a determination due to the changes made by this law.

With the increase in the amount of recovery, now is a good opportunity for businesses to review their policies and procedures with respect to documenting losses. If an accident occurs, it is important to document what occurred, who are the witnesses, and take written statements and photographs. As time passes, employees come and go, memories fade and it becomes increasingly difficult to prosecute or mount a defense to a claim. For example, the time period to file a slip and fall case is two years and a breach of written contract is eight years. To that end, it is important to ensure that when the time does come to either present or defend a small claims lawsuit, that your business is in the best position to do so. In order to accomplish that, immediately contact your attorney and provide him/her with your claim or the small claims complaint and any supporting documents that you may have in your possession regarding the incident or business dispute.

Companies big and small can be dragged into small claims court, so do not believe that your company is immune from litigation. Many plaintiffs may consider small businesses as easy targets and try to focus their claims on those businesses. On the other hand, plaintiffs will just as likely target large businesses due to their erroneous belief that a small claims complaint will get lost in the day-to-day operations, no one will appear to defend the claim and an easy award of $6,000 can be obtained. Therefore, it is recommended that if a company is sued or wishes to pursue a small claims action, that it retains an attorney. Without an attorney and in the likely event that the opposing party appears, the company’s representative cannot question their claims or defenses. That will significantly hamper the company’s ability to prevail on its claim or defense.

With the increase in the amount of recovery to $6,000, the prospect of lengthy and expensive litigation becomes minimized. As such, companies should begin to consider and incorporate the strategies discussed into their business plans and start thinking small . . . small claims that is.

For additional information or legal guidance, contact David M. Kroh at (216) 619-7838 or dkroh@walterhav.com.

On March 27, 2017, Craig A. Marvinney, along with Supreme Court of Ohio Justice Sharon L. Kennedy, jointly taught a class on Oral Advocacy at Case Western Reserve University School of Law. This class, which was presented to the entire First Year Class and upper class Moot Court Co-Curricular students of CWRU, took place at the university’s Tinkham Veale Student Center. Justice Kennedy spoke with a “View from the Bench,” using excerpts from video footage of actual oral arguments to the Ohio Supreme Court.

From left to right: Craig A. Marvinney (Adjunct Professor of Law at CWRU Law School),
Ohio Supreme Court Justice Sharon Kennedy, CWRU Law School Dean Michael Scharf,
and CWRU Law Professor Dan Jaffe

It’s early in the year. Famco’s employees are looking to get their taxes done. Anticipated refunds will ease the pain from holiday excess. The small manufacturer’s CFO sighs in relief that the rush to complete the corporate W-2s is done. Down the hall, Famco’s controller opens an email from his CEO. Nothing out of the ordinary in how it looks, but its message is a bit odd. The CEO says she’s working on a significant project for tax purposes and needs all employee 2016 W-2s pronto in .pdf form. She’s a hard driver. The controller fears wasting her time if he raises questions, so he dutifully rolls all the W-2’s into one attachment and responds.

No questions asked–just obedience–even though he knows the CEO never works hands-on at this level. But, if that’s what she wants…

The next week, one of Famco’s sales managers stops by the CFO’s door complaining that he couldn’t file his taxes electronically. The IRS claimed to already have his return on file. He expects a substantial refund and is frustrated. The next day, Famco’s logistics coordinator emails the CFO asking about problems with the IRS refusing to accept tax returns.

Curious now, the CFO visits the IRS website. He sees an IRS Notice about false tax returns being filed by criminal elements claiming taxpayer refunds. The ruse is discovered when the taxpayer’s efforts to file electronically are rejected. The Notice warns this is now a common internet scam, “phishing”, where the scammer duplicates a corporate email style and uses what looks like a CEO’s email address as the originating email to a CFO or controller seeking employee W-2s. But the key to the scam is that the email’s return domain is almost imperceptibly varied. Instead of “CEO@famcorp.com”, it might be CEO@famcoorp.com, “CEO@famcorp.rus” or some other slight, but significant, shift.

Famco’s CFO immediately calls his staff together. The controller mentions the CEO’s email and how he timely and duly responded, no questions asked. Copies of the relevant emails are produced. Indeed, the controller’s response with the W-2s was routed not to the CEO, but rather to the internet’s dark underbelly, putting all employee personal identifying information, “PII” (e.g., here: names, addresses, social security numbers and earnings), instantly in scammers’ hands. Sickened, the CFO takes this information to the CEO.

Famco has a serious, immediate problem, and the CEO is very concerned. Suddenly the entire cybersecurity of the company is in doubt. The company’s counsel must be involved. The Tech Support team verifies there was no breach of their firewalls or security in software or hardware. Costly and embarrassing employee notifications must be issued. But how? When?
Federal or state mandated public notification may be necessary. Risk scenarios have to be determined. Do law enforcement authorities need notification? Is that confidential? Board or even shareholder notification requirements may apply. Identity protection needs to be purchased for impacted people at the company’s expense. What about cyber-risk insurance coverage? Intercepted Famco employee refunds need recompense.

The list goes on. Even for a small company such an event can crush profits or worse, with remediation costs running deep into the thousands, tens of thousands of dollars or even more. Larger companies can expect remediation costs running into the millions of dollars as the number of those impacted skyrockets. Bad publicity, loss of goodwill and reputational damage just pile it on.

Some corporate leaders may scoff, “that will never happen to us!” In reality, the question is not “if”, but “when”. Thousands of upstanding companies, large and small, around the country were scammed like this in the past two years alone. Walter | Haverfield’s Cybersecurity Team received a number of client calls here as tax season unfolded last year. No doubt new scams are developing for 2017.

But this sort of phishing scam is avoidable if the company creates an atmosphere of 360-degree verification on trade secret, intellectual property, PII, and other confidential information. Had the controller simply verified the email request with the CFO or even the CEO, the entire disaster would have been avoided. A priority must be stressed within the company of verifying questionable or even routine-looking requests for such information up the chain of responsibility. Company policies need to be in place – with employees trained — requiring verification either in person, by phone, or by separate (not “reply”) email before response to such emails, regardless of the person purportedly seeking the information.

Although Famco is a fictitious name here, these incidents are as real as real can be. The time to “respond” to an incident is before the incident by putting the company’s response outline in place in advance of a breach. Only the scammer knows when that will happen. Experienced cybersecurity attorneys can assist in developing such policies and even more importantly can help create an Incident Response Plan or Cyber Incident Management Plan. If disaster strikes your company—whether or not you had adequate plans in place–make sure you have the right legal resources to help assist in getting through these problems efficiently, effectively and economically.

Craig Marvinney can be reached at 216-928-2889 or cmarvinney@walterhav.com.

In the “Law You Can Use” consumer legal information column provided by the Ohio State Bar Association (OSBA), published on December 22, 2016 and titled “Disposing of Household Waste: What Does the Law Require?,” Leslie G. Wolfe answered questions about the proper disposal of unwanted items.

On November 29, 2016, the United States Environmental Protection Agency (EPA) announced the first ten chemicals it will prioritize for risk evaluation under the recent legislative amendments to the federal Toxic Substances Control Act of 1976 (TSCA). Asbestos has been included in EPA’s priority list. This portends that EPA may attempt to restrict or ban asbestos-containing products and/or their manufacture, importation, processing, or distribution in commerce through its authority under TSCA. Previous attempts by the agency to restrict or ban asbestos through rulemaking have been unsuccessful.

The issuance of the priority list was required by the Frank R. Lautenberg Chemical Safety for the 21st Century Act, which was signed into law by President Obama on June 22, 2016. The Act made significant changes to TSCA and required EPA to publish a list of 10 priority chemicals by December 19, 2016. According to EPA, these ten chemicals were selected based on multiple factors, including their prevalence as environmental contaminants, their widespread use, especially in consumer products, and their perceived or known hazards.

The issuance of EPA’s priority list triggers the requirement that the agency complete a risk evaluation for each of the ten chemicals within three years. These evaluations will determine whether the chemicals present an unreasonable risk to humans and the environment. If an unreasonable risk is found, EPA must take action to mitigate that risk within two years.

In general, TSCA authorizes EPA to require reporting, record-keeping and testing requirements, and restrictions relating to chemical substances and/or mixtures. It does not apply to certain substances, such as food, drugs, cosmetics and pesticides, which are separately regulated. With the Lautenberg Act, EPA now has the power to require safety reviews of all chemicals in the marketplace. This is a fundamental shift in the requirements and approach for addressing chemical safety under TSCA. EPA has stated that the amendments to TSCA will allow the government to better protect public health and the environment.

The TSCA amendments focus on risks to human health and the environment. A new health-based safety standard of review has replaced the former cost-benefit standard. If EPA determines that a chemical such as asbestos poses an unreasonable risk, it must promulgate use standards, and could further impose additional restrictions or even a ban on the entry of the chemical into U.S. commerce. In 1989, EPA banned asbestos and attempted to phase out its use by rule, but the rule was overturned on the grounds that EPA failed to provide an adequate justification for the complete ban. Corrosion Proof Fittings v. EPA, 947 F.2d 1201 (5th Cir. 1991).

The other nine chemicals on EPA’s priority list are subject to the same process and potential restrictions or ban as asbestos. They are: 1,4-Dioxane, 1-Bromopropane, Carbon Tetrachloride, Cyclic Aliphatic Bromide Cluster, Methylene Chloride, N-methylpyrrolidone, Pigment Violet 29, Tetrachloroethylene, also known as perchloroethylene, and Trichloroethylene. Notably, bisphenal A (BPA), the ingredient in plastic bottles that many companies have ceased using due to public concerns, was not included on EPA’s list, suggesting that the agency does not consider BPA a significant threat to the public.

Additional chemicals will be designated later for evaluation, including a group of 90 chemicals identified by EPA under the TSCA amendments. For each risk evaluation that EPA completes, TSCA requires that EPA begin another. By the end of 2019, EPA must be performing 20 chemical risk evaluations at any given time.

Additional information on the priority chemicals can be found on EPA’s website here. For additional information or legal guidance, contact Leslie G. Wolfe at (216) 928-2927 or lwolfe@walterhav.com. Leslie is an associate in Walter | Haverfield LLP’s Litigation Services Group.

In an article
published in the November 2016 issue of the Journal of Financial Service
Professionals
, John Schiller
discussed the two principal ways that a testamentary transfer of property can be
challenged.andnbsp; In this piece, written with the assistance of Jamie Price, John also emphasized that one
should have an understanding of the applicable state laws and case law which
govern wills, trusts, or inter vivos transfers of property when he or she becomes
involved in a dispute over the legitimacy of such documents.

This “Law You Can Use” consumer legal information column was provided by the Ohio State Bar Association (OSBA). It was prepared by attorney Leslie G. Wolfe, a senior associate in the Cleveland office of Walter | Haverfield LLP and a member of the firm’s environmental law group.andnbsp;

In an article published in the September 2016 issue of the Cleveland Metropolitan Bar Journal and titled, “Criminal Liability arising from Drone Operations,” Darrell A. Clay and Jessica Trivisonno asserted that drone users must operate their vehicles in a safe and lawful manner at all times, or else they may incur criminal liability for their actions.

In an article published in the April 2016 issue of the Cleveland Metropolitan Bar Journal and titled, “Board of Professional Conduct Issues New Guidance on Flat Fee Agreements,” Jamie A. Price discussed a recent advisory opinion addressing flat fee agreements, which was issued by the Board of Professional Conduct for the Ohio Supreme Court.

In a Crain’s “Legal Guest Blog,” published on December 8, 2015 and titled, “Preparing for the next big cybersecurity challenge: What we’ve learned from the Sony hack of 2014,” Craig A. Marvinney asserted that any organization with an IT system must be aware of the potential of being hacked, and should proactively act to protect itself.

What we’ve learned from the Sony Hack of 2014

November 24, 2014 marked one of the most devastating cyberattacks on a private corporation to date. The attack, which infiltrated the highest levels of Sony Pictures Entertainment (SPE), illustrates not only how vulnerable most companies are to hacking, but provides a strong case for why companies need to invest more robustly in IT security.

It was a Monday morning. As SPE employees turned on their computers, the horror began. Monitors displayed the frightful image of a skeleton bathed in red light over decayed faces of SPE executives, accompanied by sounds of gunfire. The message was that the Guardians of Peace had hacked SPE’s computers and would release sensitive information if its orders were not obeyed.

SPE management was blindsided. More than half of SPE’s 1,555 servers and 3,262 of SPE’s personal computers were wiped of all stored data and operational capability. Within an hour, most of the destruction was done. Only then did SPE’s IT personnel learn that the attack had been ongoing for months before showing itself, stealing the data it then destroyed that fateful morning. They learned the hackers accessed a “confidential” current audit of SPE’s entire computer network that they used as a roadmap to destruction against SPE. More than 47,000 social security numbers, medical records, salary lists and documents detailing intra-office affairs and unreleased movie scripts were leaked to public file sharing or piracy websites for free viewing and downloading.

Less than a month later, the FBI announced that North Korea was behind the hack. Investigations revealed that the government had issued threats against SPE because of the film “The Interview,” which focused on a plot to kill the North Korean leader. Since then, SPE has completely re-engineered its cybersecurity system, including updated protocols, equipment, employee training and firewalls. SPE’s damage and losses, much of which are uninsured, may well exceed $80 million. Contrast this with the casual remark of SPE’s lead IT officer made prior to the hack: “I will not invest $10 million to avoid a possible $1 million loss.”

Reports of other severe hacks dominate news headlines. From April to September 2014, Home Depot suffered a cyberattack that compromised 56 million credit and debit card numbers and some 53 million customer email addresses. Two months later, Partners Healthcare fell victim to a phishing expedition that stole 3,300 patient personal files (Phishing is a method of obtaining sensitive information by email impersonation). In January 2015, Anthem Blue Cross-Blue Shield lost personal information for more than 80 million consumers.

Even the Federal government is not immune. In June of this year the U.S. Office of Personnel Management revealed that personal data had been stolen for more than four million federal current and former employees. In August, the Internal Revenue Service admitted that a February 2015 hack, which mined data until it was discovered in May, stole data on almost three times the number of taxpayers than originally disclosed.

And it’s not just the U.S. government and large corporations that are targeted. It has been estimated that 71% of cyberattacks occur at businesses with fewer than 100 employees. The cost of such attacks can be extreme. The 2015 average cost of a data breach in the U.S. is approximately $217 per compromised record–up nearly 6% from 2014.

In this day of the Internet of Things, product developers are of concern as in January 2015, the Federal Trade Commission weighed in on data security for new products. The automotive industry offers a prime example of this need to consider cybersecurity in product development. Fiat Chrysler Automobiles NV recently recalled 1.4 million vehicles after researchers in product hacking showed an ability to a control a Jeep’s transmission (cutting engine power to wheels), stereo volume, windshield washers and wipers, air-conditioning and GPS, as well as disabling brakes, from a basement laptop 10 miles away. A 2015 U.S. Senate Report details vulnerability through some 50 separate electronic control units in internal vehicle computer systems. Even the cutting-edge Tesla Model S proved vulnerable to cyberattack at the August 2015 DEF CON hacker conference.

The devastating impact of these actual hacks, the potential damages from known hacking experiments and the lessons learned are a warning bell for executives. Those who believe data breaches are rare, or will not happen to them, are fooling themselves. With hacks now as common as a winter cold, the question is no longer “if,” but “when.” Any organization with an IT system needs to be sensitive to the potential of being hacked, and proactively act to protect itself. Indeed, it is predicted that increased cybersecurity project spending will exceed all other IT projects in 2015.

Of course, no protection plan is foolproof and no cybersecurity system is failsafe. Simple anti-virus personal security programs no longer effectively prevent any virus or worm infiltration but do act to decrease vulnerability and increase damage control. However, likelihood of a breach and the resulting damages can be diminished by taking responsible steps to secure one’s IT system.

What can be done? Consider the old axiom that “The surest defense is offense.” Applied to cybersecurity, it means management adopting a proactive position throughout the company, including a vigorous protection and response program incorporating active employee training and careful password protection, including multi-factor system access identifiers.

Management should also develop an Incident Response Plan (IRP) before a breach occurs. While no IRP will perfectly anticipate all issues stemming from a particular breach, it provides management a prospective look at IT vulnerability and the steps necessary to respond when the breach occurs. The IRP should also address notifications to send to third parties and government entities and, likely, the public. There currently is no national standard in the U.S., although legislation is proposed before the 114th Congress (2015-16).

Finally, the IRP must contemplate how to assess damage from the hack–from productivity to reputation loss, as well as direct costs incurred as the result of the breach. Preservation of data, chains of custody and documentation must be preserved, tracked and stored in a secure base.

This is no minor task. Rather, a comprehensive IT and data audit must be undertaken as the organization develops its IRP. Due to the comprehensive nature of this effort, it is critical that key leaders of the entity be involved in the decision making process. General counsel, as well as outside counsel familiar with cybersecurity issues, should be involved in development of the cybersecurity planning at the outset and particularly in the IRP process. For publicly held companies, this also means assuring board involvement.

Cybersecurity’s intellectual property focus is on the protection of trade secrets–customer/patient databases; personal information of customers, employees and vendors; product or service research and development; competitive product formulas, recipes and designs, computer algorithms, computer codes and any other of the vast array of valuable corporate treasure on hand. Much of this is “Bet the Company” types of information if breached.

Business owners–small and large–need to think like the bad guys and determine what attackers might want most. It could be intellectual property, trade secrets, customer lists, customer credit card information or perhaps a means to gain entrance into a larger client or customer. Assuming security codes are clean, it might make sense to outsource security operations to further protect small businesses.

Most important in minimizing the impact of a breach is the purchase of cyber-risk insurance for after-the-fact protection. Such insurance covers liability for exposing confidential information, payments for notifying customers of the breach, and providing customers with appropriate credit monitoring services. Policyholders cannot simply think the purchase of such insurance without more will protect them. For instance, IT service provider vendors must be evaluated to assure they meet appropriate cybersecurity practice standards required by insurers.

The lessons of the North Korean hack on SPE and the other examples mentioned above should stand for a long time. Unfortunately, too many companies share the same vulnerabilities as SPE, including lax and shoddy cybersecurity procedures, as well as a lackadaisical approach to employee training in cybersecurity issues. Hopefully, though, this high-profile hack job serves to open the eyes of business owners and motivates them to take preventative action.

Contact: Craig A. Marvinney

On July 30, 2015,andnbsp;Craig A. Marvinneyandnbsp;spoke on the topic, “The Anatomy of The Hack Job: Sony, North Korea and International Trade Secretology,” at the Federation of Defense and Corporate Counsel 2015 Annual Meeting, Intellectual Property Section Program, in Banff, Alberta, Canada.

On June 9, 2015,andnbsp;Craig A. Marvinneyandnbsp;spoke at The 2015 Litigation Management College Graduate Program, per the Federation of Defense and Corporate Counsel, at Emory University in Atlanta, Georgia. The topic of Craig’s presentation was, “Mediation of the Complex Case: Perspectives and Techniques to Achieve Excellent Results.”

In a Crain’s “Legal Guest Blog,” published on January 14, 2015 and titled, “Got a drone over the holidays? Be careful before flying it for a business purpose,” Darrell A. Clay noted that people piloting drones for commercial purposes must comply with FAA policy or risk possible sanctions for their activities.

In an article published in the Winter 2014-15 issue of theandnbsp;Law-Pilots Bar Association Journalandnbsp;and titled, “Aircraft Lien Rights: One Typical State Law Scheme,”andnbsp;Darrell A. Clayandnbsp;provided advice to individuals or businesses seeking to collect on unpaid debts for services or material supplied to aircraft. In this piece, Darrell indicated that potential lienholders must closely adhere to state, federal and international laws in order to protect their interests.

In an article published in the September 2014 issue of the Cleveland Metropolitan Bar Journal and titled, “Unique Sentencing Departures: Are You Being Creative?,” Darrell A. Clay indicated that creative arguments at sentencing can sometimes result in a reduction in jail time for defendants convicted in criminal matters.

The Journal of Financial Services Professionals, through its Kenneth Black, Jr. Journal Author Award Program, has recognized John E. Schiller for his 2008 article, “Trustee Liability: A Litigator’s Perspective.” John’s article placed second among the top three pieces published in the Journal, as determined by an independent panel of judges. Named in honor of Kenneth Black, Jr., PhD, CLU, editor of the Journal for forty-one years, these awards were issued on the basis of the originality of the authors’ research and on the articles’ clarity, timeliness and appropriateness for the Journal’s readership.

In the article, “A Physician’s Last Chance,” published by the Federal Litigation Section of the Federal Bar Association, Michael J. Jordan andandnbsp;John E. Schillerandnbsp;discussed the challenges facing attorneys when contesting, through the state or federal court system, a physician’s loss of hospital privileges.

In an article published in the Fall 2014 issue of The Federation of Defense and Corporate Counsel Quarterly and titled, “Mediation in the United States Circuit Courts of Appeals: A Survey,” Craig A. Marvinney asserted that mandatory mediation programs appear to be here to stay in most circuit courts of appeals. Consequently, Counsel must be familiar with the rules governing mediation practice, as well as the rules governing appellate procedure, in order to best represent their clients’ interests.

In a blog posted on the website of the Federation of Defense and Corporate Counsel (FDCC) and titled, “U.S. Supreme Court Upholds Michigan Constitutional Ban on Affirmative Action,” Craig A. Marvinney reviewed the Court’s decision in the case of Schuette v. BAMN, etc. In this decision, the Court upheld the Michigan electorate’s approval of “Proposal 2,” which addressed the statewide debate on the issue of racial preferences in the context of governmental decision-making.

In a Crain’s “Legal Guest Blog,” titled “Businesses increasingly find mediation a valuable tool for navigating the e-discovery process,” Sara Ravas Cooper explained how parties in a litigation matter can benefit from the use of a mediator to address e-discovery issues.

In a “Law You Can Use” article, titled “Served via social media – the new ‘face’ of litigation” and published by the Ohio State Bar Association and Akron.com, Sara Ravas Cooper addressed the concept of “service of process” by social media in litigation matters.

In an article published in theandnbsp;Cleveland Metropolitan Bar Journal, titled “A New Approach to Managing E-Discovery,”andnbsp;Sara Ravas Cooperandnbsp;recommended that parties to a lawsuit consider the use of a mediator to handle potential disputes which may arise over ESI or e-discovery issues.

Byandnbsp;Mark S. Fuscoandnbsp;andandnbsp;Sara Ravas Cooper

Effective October 16, 2013, two key provisions of the Federal Communications Commission’s (“FCC”) Telephone Consumer Protection Act (“TCPA”) are set to take effect.

First, one prior exception from liability under the TCPA for phone calls or text messages using an automatic telephone dialing system (“robocalls”) or a prerecorded message was for those calls or messages that were made with the recipient’s “prior express consent.” Under the new interpretation from the FCC of the prior consent exception, with limited exceptions, a business can invoke the prior express consent exception for autodialed or prerecorded calls to a cell phone or for prerecorded telemarketing calls to a residential line only if the called party has physically or electronically signed an agreement that clearly authorizes calls or texts to be made to their phone number by that particular sender. The burden is placed on the business to retain these consent records for at least four years.

Second, the other significant change to the TCPA rules is the elimination of the “established business relationship” (“EBR”) exception for prerecorded telemarketing calls to residences. Previously, businesses may have been able to avoid TCPA liability for prerecorded telemarketing calls that otherwise were prohibited by claiming that they had an EBR with the consumer by virtue of a previous purchase or other business interactions. The new regulations eliminate the EBR exception. Consequently, businesses are now required to obtain prior written consent for all prerecorded telemarketing to residential phone numbers – even those that are for previous customers. These consent records must also be kept for at least four years.

Notably, these changes areandnbsp;in addition toandnbsp;the modifications to the rule that went into effect on January 14, 2013. Since that time the rule has required that prerecorded telemarketing messages that could be answered by a live person must include an automated opt-out mechanism. This opt-out option must be announced at the outset of the call, made available throughout the duration of the call, automatically add the called party’s number to the caller’s do-not-call list and must immediately disconnect the call. For prerecorded telemarketing calls that are answered by an answering machine or voicemail, businesses must now ensure that the message contains a toll-free number that the consumer can call to be connected to an automated opt-out system.

In sum, the new changes in effect on October 16, 2013, will:

  • Require prior express written consentandnbsp;for telemarketing calls made to cell phones using an automatic telephone dialing system or a prerecorded message, but maintain the prior express consent requirement for non-telemarketing calls to cell phones;
  • Require prior express written consentandnbsp;for telemarketing calls made to residential landlines using a prerecorded message; and
  • Eliminate the EBR exception to the obligation to obtain consent for telemarketing calls made to residential landlines using a prerecorded message.

What Constitutes “Express Consent”?

The TCPA defines “prior express written consent” as a signed written agreement that contains a “clear and conspicuous” disclosure to the consumer that by signing the agreement, he or she authorizes the seller to call or text a designated phone number for telemarking purposes using an automatic telephone dialing system or an artificial or prerecorded voice. The agreement must also include a notice that the person signing is not required to sign the agreement “as a condition of purchasing any property, goods, or services.”

The required signature from a consumer may be obtained electronically by email, website form, text message, telephone keypress, or voice recording.

What Should Your Business Do?

The FCC, state Attorneys General, and private plaintiffs have the right to enforce consent requirements. Thus, compliance with these rules is very important. Prior to October 16, 2013, businesses should assess their calling and text messaging practices to first determine if they engage in telemarketing calls. The term “telemarketing” is defined as “the initiation of a telephone call or message for the purpose of encouraging the purchase or rental of, or investment in, property, goods, or services, which is transmitted to any person.” Then, the business should determine the source of the numbers it calls and whether prior written consent exists for each number. Based on this assessment, businesses should adjust accordingly in order to comply with the impending change to the FCC’s rules as well as in an attempt to avoid potential liability to the extent possible.

In a Crain’s “Legal Guest Blog,” published on April 18, 2013 and titled, “If arbitration is the answer, you may have asked the wrong question“, Mark Fuscoandnbsp;provides business owners and corporate decision makers items to be aware of when considering arbitration.

In a Crain’s “Legal Guest Blog,” published on February 28, 2013 and titled,andnbsp;Help avoid a lawsuit with a pre-emptive strike“andnbsp;Mark Fuscoandnbsp;comments on how to gain the upper hand when confronting a lawsuit from out of state.

Physician Apologies and General Admissions of Fault: Amending the Federal Rules of Evidence, 72 Ohio St. L.J. 687 (2011)

Byandnbsp;Mark S. Fuscoandnbsp;andandnbsp;Sara R. Cooper

Unfortunately, all other options have failed and your company is forced to file suit against an out-of-state vendor or customer. For a variety of reasons – not the least of which is cost – you would like to keep this lawsuit in state court rather than federal court. In fact, you have added a ‘forum selection clause’ to all of your contracts with vendors and customers requiring all disputes to be resolved in the county where your company is located, in accordance with Ohio law. Unfortunately, despite this seemingly clear provision, your lawsuit has been removed to federal court anyway and your ‘home team’ advantage wiped away.Why?

While Ohio law permits your company to specify where you want disputes to be heard, Federal law allows defendants to remove a lawsuit to federal court if the case was filed in a state court other than their home state and the amount at issue is more than $75,000. Defendants may waive their right to remove a case to federal court, but the waiver must be ‘clear and unequivocal.’ Unfortunately, this means that the forum selection clause you drafted may not be enough to keep your case from being removed to federal court.andnbsp;How clear does my company have to be?

The Sixth Circuit Court of Appeals has determined that a defendant has not ‘clearly and unequivocally’ waived the right to remove the case to a federal court if the language in a forum selection clause such as that noted above does not (a) mention the possibility of the case being removed to federal court or (b) specifically say that the defendant can remove the case to federal court in certain situations unless this right is waived, and require a waiver of this right. Ohio businesses relying on forum selection clauses that do not expressly mention this right and require a waiver may find themselves in federal court even though their contracts specify that disputes must be settled in state courts.andnbsp;So, what can my company do?

Review your contacts and agreements with out-of-state vendors or customers if you would like to keep your ‘home field’ advantage and make sure you are not subjecting your business to litigation in federal court.

Walter | Haverfield attorneys regularly assist businesses in reviewing their day-to-day corporate documents to make sure these documents are meeting the needs and expectations of the business. For more information on this or other business litigation issues, please contact the Walter | Haverfield attorney with whom you regularly work, or any of the attorneys in theandnbsp;Business Litigation Groupandnbsp;in our office.

John E. Schiller‘s experience as a juror reinforces his faith in the jury system in this articleandnbsp;entitled,andnbsp;”Observations from the Box,” Inside Business

Walter | Haverfield’s Darrell Clay described how Ohio municipalities have constitutional home rule authority to levy taxes, in an article published in The Hannah Report.

In an article in the Cleveland Metropolitan Bar Journal, Walter | Haverfield attorney Doug Eppler explains defamation claims arising from Form U-5s and the issue of “privilege” defense under Ohio Law for former employers.

Darrell ClayWalter | Haverfield partner Darrell Clay speaks to Cleveland’s Fox 8 News about first amendment rights after an Akron resident sues his councilman for a move he made on Facebook. Watch the story here.

John SchillerJamie Price

Two members of the Walter | Haverfield Litigation group are earning widespread recognition for their hard work and legal talents after back-to-back victories across state lines. The trial team, led by attorneys John Schiller and Jamie Price, worked tirelessly to restore clients’ reputations and preserve their financial well-being and future in three separate cases.

At a bench trial in Des Moines, Iowa, an Iowa shareholder, who owned 50% of a company, sued two Ohio shareholders who owned the other half of the company. The case involved the defense of an alleged breach of fiduciary duty by the Ohio shareholders, Schiller and Price’s clients. However, as the facts bore out, the plaintiff had hijacked the company from their clients in an attempt to extort $1 million from them. Not only did the judge rule in their clients’ favor, he also awarded them equitable relief on their counterclaims, attorney fees, sanctions and punitive damages.

In a jury trial in Cleveland, Schiller and Price successfully defended a trustee of an ultra-high-net-worth family trust against claims that their client breached certain fiduciary duties by failing to properly oversee the management of trust assets. The plaintiffs’ claimed that Schiller and Price’s client allowed the investment manager, charged with overseeing the trust, to invest too heavily in precious metals and in particular, gold. The plaintiffs also sued the investment manager who successfully argued that a short statute of limitations applied, leaving their client as the principal target. Rather than succumb to demands for millions of dollars in alleged “damages,” their client chose to proceed to trial. During the first five days of trial before the jury, Schiller and Price demonstrated that the claims against their client were absolutely without merit. As a result of the vigorous cross examination of the primary plaintiff, plaintiffs’ counsel dismissed all claims against their client before they rested their case. This outcome completely vindicated the client.

Also in Cleveland, Schiller and Price defended the estate of a matriarch of a high-net-worth family against a claim of undue influence by two of her adult children. The plaintiffs claimed that their mother’s will and trust were the product of undue influence exerted by the youngest of her five children. Schiller and Price represented the estate of the matriarch, as well as the accused child and the two other adult siblings in their capacities as executors and trustees. With the help of other skilled lawyers hired by the individual defendants, Schiller and Price coordinated a strategic defense of the case based on the firm belief that the plaintiffs would not prevail at trial because no undue influence ever occurred. In an example of less is more, Schiller and Price allowed the witnesses for the plaintiffs to demonstrate that no undue influence had taken place. At the close of the plaintiffs’ case, Schiller moved the court for a directed verdict. Though rarely granted in a jury trial, the judge in this case agreed that the plaintiffs had not presented sufficient evidence on the substantial elements of their case for it to proceed further with the jury. Schiller’s Motion for a Directed Verdict was granted. This result, as well as the others, demonstrates the value of thorough preparation and effective lawyering.

John Schiller and Jamie Price are attorneys at Walter | Haverfield who represent clients in complex business, shareholder, partnership, fiduciary, trust and estate, and contract disputes. Furthermore, Schiller is a member of the Million Dollar Advocates Forum, which only includes attorneys who have obtained a jury verdict in excess of $1 million. Schiller can be reached at jschiller@walterhav.com or at 216-928-2941. Price can be reached at jprice@walterhav.com or at 216-928-2931.