Mansour Gavin LPA | Labor and Employment, Real Estate and Land Use, Environment Health and Safety
 

Estate Planning 101: the first in a series

Make it a New Year’s Resolution to Refresh

(or Finally Address!) Your Will

By:  Dan McGuire

Everyone talks about the need to get a Will done (or updated), but many people never take that next step. Perhaps it is the unwillingness to face our own mortality. Perhaps it is just a general lack of knowledge as to what “getting a Will done” involves that makes the individual procrastinate further. If we break down the estate planning process into smaller bites, it may be easier to understand what is involved, and to take that first step, and get the process moving.

Helping clients establish their estate plans is a process that requires diving into a lot of detail: family dynamics, the financial situations of our clients, and the financial situations of their intended beneficiaries, to name a few. It is not a simple “off the rack” solution. You can’t put a suit on someone who is not looking for one. And you certainly should not put one on someone who does not need one.

The main question for a client to answer in getting started in the estate planning process is: “What do I want to accomplish?” Fact finding and organization of thought is imperative. We live in a world of blended families; fast pace; “no time” to sit back and plan years ahead, let alone tomorrow’s activities. Everyone has these issues to address, and delay does nothing to prevent the potential for confusion, disagreement and pain. We assist our clients in defining their situation and goals and designing a plan to accomplish those goals. But that is not where the process ends. We must then implement the plan to ensure those goals are actually met.

Our first goal, then, is to help our clients define what they want to accomplish with their estate plans. As the process continues, our client’s needs and concerns are revealed and developed, which serves to directing the attorney to consider the relative benefits of each sort of plan that might be employed. Ultimately, the client must weigh the cost and benefits of each part of the proposed plan.

So, how does a client actually develop an understanding of what a Will does?

Let’s start with what probate “is” and what it covers. Probate courts cover a lot of subject matters, from the guardianship of minors or incapacitated adults to the process of administering the estates of those who have died, and many other specialized areas. Let’s focus on the administration of a person’s assets after death.

When a person dies, the assets that the person owned individually are what pass through the probate process. So, a car or bank account or house that is in the client’s sole name are included.

OK, then, what does NOT pass through the probate process? Property that does not go through the probate process includes (for example) property owned by the client jointly with another person. So, a bank account or house owned jointly by spouses is not a probate asset.  Similarly, an asset for which there is a beneficiary designation (such as an insurance policy, or IRA, or payable on death bank account) are not probate assets, because that “contract” with the insurance company or investment company or bank defines who is to get the property when the client dies.

When you take OUT the non-probate property, what is left is what is covered by the probate process. And THAT is what is covered by the client’s Will.  If there is no Will, it is distributed according to the state’s law of descent and distribution.

If you want to control who gets how much of all of that property, whether it is probate property or non-probate property, you need to revisit WHAT each asset is, HOW each asset is titled, and IF there is a co-owner, or a beneficiary designation. When all of that is assembled, the client has to determine if that is the plan the client really wants in place. If the answer is anything other than an unqualified “Yes!” then it is time to take action.

Our attorneys are always ready, willing and able to meet and discuss all of those questions, help you articulate your plan and goals, determine the best plan to accomplish them, and then implement it. You will find that, by taking those small bites, the problem that used to lead to procrastination and uncertainty has been addressed and resolved.

By:  Jen Horn

When the European Union’s General Data Protection Regulation (GDPR) was introduced in May, one of the biggest questions was how the law was going to be enforced. The GDPR, which also applies to any U.S. company that handles the personal data of EU citizen, requires businesses to clearly state when they’re collecting personal data and ask for users’ consent in doing so. Many believe it will have implications for future data privacy rules in the United States as well. So far, it looks like the law is being taken seriously – regulators across the EU have already begun imposing fines.

Article 83 of the GDPR authorized data protection authorities (DPA) in EU member states to impose fines of up to approximately $22 million USD, or 2% of a company’s worldwide revenues, or, for serious violations, up to approximately $45 million USD, or 4% of a company’s worldwide revenues. However, Article 83 also required that fines had to be “effective, proportionate, and dissuasive.” The somewhat vague language left many companies wondering how large, exactly, the fines might be.

Their first example came in September, when the Austrian DPA fined the owner of a gambling shop because a camera at its front entrance also recorded footage of a public sidewalk. Interestingly, the Austrian DPA found this was a violation of the GDPR because it was considered a prohibited monitoring of public space. The fine, however, was approximately $5,000 USD plus legal costs, and the Austrian DPA acknowledged that the fine was meant to be “proportionate” to the violation.

A hospital in Portugal, however, was not quite as lucky. News was released in October that the unnamed hospital received a fine of approximately $455,000 USD for two separate violations. The first involved patient information that was found to be inappropriately available to non-medical staff; the second concerned the confidentiality and integrity of treatment systems. This is one of the highest fines imposed to date, and the hospital has stated it is appealing the penalty.

Most recently, a German chat platform was fined approximately $91,000 USD for a breach of user passwords that occurred in July. User information and passwords were stored in unencrypted plain text, and hackers managed to gain access to more than 800,000 email addresses and more than 1.5 million user names and passwords, some of which were later published on the Internet. Fortunately, the company’s handling of the event appears to have helped reduce the amount of its fine; the DPA report noted the company’s fast communication of the incident to its users, as well as its total cooperation with the DPA.

So what can this tell us about how the GDPR will be enforced? In sum, it appears that the law will be enforced fairly – but broadly. If a DPA is willing to impose a fine, however small, for a camera that captures too much of a public sidewalk, that’s a sign that the EU is serious about improving data privacy and security for consumers. Just as important, though, is that it also appears a company’s quick and comprehensive response to learning about an issue could lessen the amount of its fine.

By:  Jen Horn

Q:       I keep hearing about various data privacy regulations being passed, but my company does not do business overseas. Should I still be thinking about doing anything, and if so, why?

 A:      Yes, absolutely! The General Data Protection Regulation (GDPR) that took effect in May arguably has gotten the most press because of its global reach and implications. But just because your business doesn’t operate on a global scale doesn’t mean that you shouldn’t be proactive in addressing data privacy and/or cybersecurity issues.

First and foremost, as discussed in the article above, Ohio recently approved legislation that will provide a legal incentive for businesses with a cybersecurity program meeting certain criteria. Because data breaches and cybersecurity issues have unfortunately become a matter of when, rather than if, the smartest thing you can do is make sure your company has a plan in place. And if you already have a plan in place, make sure you set aside time annually, at a minimum, to review and update it in order to ensure compliance.

Ohio isn’t the only state taking measures to address data privacy and cybersecurity issues, however. California also passed legislation, the California Consumer Privacy Act of 2018 (CCPA), at the end of June. This new regulation, which is the first major data privacy law passed in the United States, will formally take effect on January 1, 2020. The CCPA gives “consumers” – defined as natural persons who are California residents for tax purposes – several key rights with respect to their personal information:

So why is the CCPA worth paying attention to? First, because it will affect an estimated 500,000 small to medium U.S. businesses – many of whom may not fall under the GDPR’s reach. But second, because California historically has been the first state to address privacy issues. In 2002, it became the first state to require notifications of data security breaches, and in 2004, it passed the first law requiring websites to have privacy policies. In other words, the CCPA could well be the first of many other state data privacy laws, or potentially even start the conversation on establishing national privacy legislation; it is a strong indicator of things to come.

Though the CCPA has been compared to the GDPR, don’t assume that being in compliance with GDPR means your company automatically complies with the CCPA – the two laws are not all that similar. For example, the CCPA defines “personal data” much more broadly, gives California consumers greater rights to access their personal data, and is stricter on data sharing for commercial purposes.

As things currently stand, the CCPA will apply to for-profit businesses that collect and control California residents’ personal information, do business in the State of California, and (1) earn $25 million or more in annual revenue; or (2) hold the personal data of 50,000 or more California residents, households or devices on an annual basis; or (3) obtain at least half its revenue selling personal data of California residents.

Penalties for noncompliance with the CCPA are divided into two categories: Intentional and unintentional. Intentional violations are $7,500 per violation; unintentional violations are subject to a $2,500 fine per violation. Additionally, companies could be ordered in civil lawsuits to pay statutory damages between $100 and $750 per California consumer and incident, or actual damages – whichever is greater – on top of any other court-ordered relief.

For now, it would be wise for any business to start paying attention to how Ohio’s law is implemented in November, and to watch for changes to the CCPA prior to its 2020 execution. Furthermore, if you haven’t already, start tracking all personal information you might collect, use, and store, and what your corporate privacy policy says about personal information. Being proactive and assuming that the CCPA could become law across the country could save you significant time in the long run

By:  Jen Horn

Companies that take reasonable cybersecurity precautions against data breaches will have a distinct advantage starting in November. That’s because Ohio’s Data Protection Act, which Governor John Kasich signed in August, formally takes effect November 2nd.

The Act, the first legislation of its kind in the country, creates a legal incentive for businesses that maintain a recognized cybersecurity program. (Other states, such as New York, require a certain level of compliance with cybersecurity standards, but don’t offer any incentive to do so). Provided that its cybersecurity plan conforms to a certain framework, a company may invoke a “safe harbor defense” in Ohio to a cause of action that alleges a failure to implement reasonable IT security controls that resulted in a data breach.

In order to qualify for this legal defense, the business must implement a written cybersecurity plan that clearly does the following:

This is not a one-size-fits-all type of plan. It may be based on a company’s size, the nature and scope of its activities, the sensitivity of any personal information protected under the cybersecurity program, and the cost and availability of tools to improve IS and reduce vulnerabilities.

The one thing that any cybersecurity program must do, however, is “substantially comply” with one of eight industry-recognized frameworks, which include:

The Act does not provide companies with blanket immunity to a data breach lawsuit, and businesses do still have the burden of proving that their cybersecurity program complies with the law’s requirements. But as long as a business can establish compliance, the Act gives it an affirmative defense to tort actions (including invasion of privacy and negligence) that it might be facing following a data breach that involves personal or restricted information.

As we advise clients time and again, no-one is immune from the threat of a data breach, and companies should approach data security as a question of when a breach will happen, not if. The new Act will give Ohio businesses an advantage if they take the time to evaluate things like what data they create, maintain, or share, and create a cybersecurity program that is appropriate for their company.

Ohio’s Data Protection Act is also one of the first laws in the country to recognize documents secured by blockchain technology as legal documents. An amendment to the Act updated Ohio’s existing Uniform Electronic Transactions Law to now state that “a record or contract secured through blockchain technology is considered to be in an electronic form and to be an electronic record.”

Generally speaking, “blockchain technology” is what underlies the rapidly growing cryptocurrency market. Cryptocurrencies – the most popular of which at the moment is bitcoin – are virtual currencies that exist peer-to-peer. They were initially developed as a means of fixing perceived flaws with the way money is transmitted from one party to another. Apparent flaws include the amount of time it can take a cross-border financial transaction to clear, as well as the costs of a financial transaction.

Blockchain technology, then, is the digital and decentralized public ledger that records all transactions. Any time someone does anything with cryptocurrency, this virtual ledger tracks the transaction and encrypts it, to protect it from cybercriminals. But because blockchain is “decentralized,” meaning it is controlled by users and computer algorithms rather than a centralized bank, there is not one specific hub that stores all transaction data. Rather, it is stored in bits and pieces across the world. The transactions are distributed and recorded across multiple computers, ensuring there are multiple copies to prevent altering a transaction record. This allows the ledger to be easily verifiable despite being decentralized.

Recognizing documents that are part of blockchain transactions as “legal documents” will likely help to legitimize the technology in Ohio. Though blockchain has most frequently been tied with cryptocurrencies, proponents of the technology have indicated that blockchain could be very useful in other industries, including finance, health care, real estate, and supply chain management.

By:  Ed Patton

With President Donald Trump’s additional $200 billion dollars in trade tariffs on China now in effect, the focus turns to their impact. The tariffs, which began on Monday, encompass a wide variety of goods, ranging from seafood and vegetables to auto parts and construction material. And while they began at 10 percent, tariffs will increase to 25 percent on January 1, 2019. Effects of the tariffs will vary depending on what is purchased, with consumers seeing greater price increases on more expensive items such as televisions, cars, or homes and home renovations, due to increased costs on construction materials.

And businesses, some of which have been dealing with increased taxes on imports like steel and aluminum for months, will see costs increase further. The intent of tariffs is to help domestic companies by making their domestic product more affordable than the foreign alternative, but they don’t always have the desired effect. Manufacturers can end up being forced to lay off workers or increase prices for customers to offset their own price increases.

Whether President Trump’s latest tariffs on China will do anything to address the trade imbalance between the two nations remains to be seen; China responded by imposing penalties on $60 billion of U.S. products.

Mansour Gavin President Tony Coyne accepted an award for Cleveland’s Public Square from the American Planning Association on September 25, 2018. The APA added Public Square to its flagship program, Great Places in America. Coyne serves as Chairman of The Group Plan Commission, the group responsible for Public Square’s revitalization.

For more information on the award click here.

To view Public Square selected as A Great Place in America news release click here.

Jim Budzik will be a Speaker at the NBI Seminar – Human Resource Law: What You Need to Know Now – on October 1, 2018 in Akron Ohio.  Jim will be speaking on workplace behavior and privacy issues.

SEMINAR DETAILS:

Date:         Monday, October 1, 2018

Time:         9:00 AM – 4:30 PM

Location:   Doubletree Hotel – Akron/Fairlawn

Jim is a member of Mansour Gavin’s Labor and Employment Practice Group where his practice is focused on public and private sector employment law representing management and employers.

For more information about the Seminar or to register click here.

Mansour Gavin Shareholder John Monroe was recently quoted in a front-page article that appeared in the Cleveland Plain Dealer on August 12, 2018 regarding membership interest sales used to transfer title to real estate. When asked about recent legislative efforts to “close” the alleged legal loophole, Monroe opined that such efforts were “wrongheaded.” Monroe stated, “I’m not sure I see the need to close a loophole versus valuing property correctly.” He observed what many Northeast Ohio property owners have seen in their recent property revaluations, that “some properties in Northeast Ohio are dramatically undervalued while others are sharply overvalued, with little apparent logic.” Monroe suggested that “public officials should turn their focus away from entity sales and onto two things: better appraisals and broader tax reform.”

By:  Ken Smith

The Supreme Court of the United States recently issued a major decision in the case Epic Systems Corp. v. Lewis that upholds the rights of employers to require its employees to pursue individual arbitration for resolving employment disputes.

In Epic Systems, a company employee sought to file a lawsuit against his employer in federal court for failure to pay overtime wages under the Fair Labor Standards Act. The employee tried to file the case as a class action – in other words, on behalf of himself and similar employees who also were allegedly not paid overtime.  Traditionally, because individual claims generally don’t have high value, employees and their lawyers have filed class actions on behalf of a much larger group of employees to leverage settlements and increase legal fees. However, in this case,  the employee had signed an arbitration agreement that explicitly stated any claims relating to his employment would be subject to individual arbitration, and that any claims pertaining to different employees would be heard in separate arbitration proceedings. In other words, the agreements specifically prohibited class actions.

The employee challenged the arbitration agreement, in part, by alleging that the agreement violated the Fair Labor Standards Act. Specifically, the employee pointed to a part of the FLSA that allows for class action lawsuits and claimed that this conflicted with law authorizing the arbitration of employment disputes. The employee also alleged that forcing him to go to individual arbitration violated the National Labor Relations Act, which provides employees the right to engage in “concerted activities” for collective bargaining or other mutual aid or protection.

But the Supreme Court held that when Congress passed the Federal Arbitration Act in 1925, it evidenced a liberal federal policy favoring arbitration. In light of this policy favoring arbitration, the Supreme Court found that there was no conflict between the FLSA and the arbitration agreement. In order to escape from individual arbitration, the employee would have had to demonstrate that the arbitration agreement was entered into fraudulently, or that he was placed under duress when he signed the agreement, or that the agreement was so unfair that it should not be enforced. The employee did not claim any of those defenses.

Moreover, the Supreme Court found that the National Labor Relations Act focuses on the rights of employees to organize unions and bargain collectively. It does not say anything about class action lawsuits or that it overrules the Federal Arbitration Act.

Bottom line, the Epic Systems case is a strong endorsement from the Supreme Court that arbitration agreements are lawful and can be used for a wide variety of employment disputes. Even where employees seek to band together to bring a class action lawsuit in the court system, each employee who signed an arbitration agreement can instead be compelled to litigate his or her  claims in a separate arbitration proceeding. Epic Systems is a big win for employers who prefer the generally quicker, less costly arbitration process over being tied up in court. Employers are encouraged to consider arbitration clauses as part of their employment agreements and policies.