Tag: Delaware

…But Wait, There’s More!

In 2025, eight additional U.S. state privacy laws will go into effect, joining California, Colorado, Connecticut, Montana, Oregon, Texas, Utah, and Virginia:

  1. Delaware Personal Data Privacy Act (effective Jan. 1, 2025)
  2. Iowa Consumer Data Protection Act (effective Jan. 1, 2025)
  3. Nebraska Data Privacy Act (effective Jan. 1, 2025)
  4. New Hampshire Privacy Act (effective Jan. 1, 2025)
  5. New Jersey Data Privacy Act (effective Jan. 15, 2025)
  6. Tennessee Information Protection Act (effective July 1, 2025)
  7. Minnesota Consumer Data Privacy Act (effective July 31, 2025)
  8. Maryland Online Data Privacy Act (effective Oct. 1, 2025)

While many of these eight state privacy laws are similar to current privacy laws in effect, there are some noteworthy differences that you will need to be mindful of heading into the New Year. Additionally, if you did not take Texas, Oregon and Montana into consideration in 2024, now is the time to do so!

Here is a roadmap of key considerations as you address these additional state privacy laws.

1. Understand What Laws Apply to Your Organization

To help determine what laws apply to your organization, you need to know the type and quantity of personal data you collect and how it is used. Each of the eight new state laws differ with their scope of application, as their thresholds vary based on the 1) number of state residents whose personal data controlled or processed and 2) the percentage of revenue a controller derives from the sale of personal data.

Delaware, New Hampshire, and Maryland have the lowest processing threshold – 35,000 consumers.

Nebraska’s threshold requirements are similar to Texas’ threshold requirements: the law applies to any organization that operates in the state, processes or sells personal data, and is not classified as a small business as defined by the U.S. Small Business Administration.

Notably, Maryland and Minnesota will apply to non-profits, except for those that fall into a narrow exception.

See our chart at the end of this article for ease of reference.

2. Identify Nuances

Organizations will need to pay particular attention to Maryland’s data minimization requirements as it is the strictest of the eight. Under Maryland, controllers will have unique obligations to meet, including the following:

  • Limit the collection or processing of sensitive data to what is “reasonably necessary and proportionate to provide or maintain a specific product or service requested by the consumer to whom the data pertains.”
  • Cannot process minors’ (under 18 years old) personal data for targeted advertising.
  • A broad prohibition on the sale of sensitive data.

If a controller engages in the sale of sensitive data, under Texas’ privacy law, which went into effect in July 2024, requires controllers to include the following notice in the same place your privacy policy is linked: “NOTICE: We may sell your sensitive personal data.” Similarly, if a controller engages in the sale of biometric personal data, the following notice must be included in the privacy policy: “NOTICE: We may sell your biometric personal data.” Nebraska requires companies to obtain opt-in consent before selling sensitive data. Maryland prohibits the sale of sensitive data altogether.

Minnesota takes data inventory a step further, requiring companies to maintain an inventory of personal data processed and document and maintain a description of the policies and procedures that they adopt to comply with the act.

3. Refine Privacy Rights Management

All states provide consumers with the right to access, delete, correct (except Iowa), and obtain a copy of their personal data.

Minnesota’s law provides consumers with two additional rights:

  1. The right to request the specific third parties to whom a business has disclosed personal data. Controllers may choose to respond to such a request either by providing the names of the specific third parties to which it has disclosed the consumer’s personal data or the name of third parties to which it has disclosed any personal data.
  2. The right to question the results of a controller’s profiling, to the extent it produced legal effects. Consumers will have the right to be informed of the reason that the profiling resulted in a specific decision and be informed of the actions the consumers may take to secure a different decision in the future.

Aligning with California and Utah, Iowa requires controllers to provide notice and an opportunity to opt out of the processing of sensitive data.

Interestingly, Iowa does not affirmatively establish a right to opt-out of online targeted advertising.

4. Conduct Data Privacy Impact Assessments

Most state privacy laws require controllers to conduct data privacy impact assessments for high-risk processing activities such as the sale of personal data, targeted advertising, profiling, and sensitive data processing. Nebraska, Tennessee, Minnesota, and Maryland follow Oregon by including any processing activities that present a heightened risk of harm to a consumer. Maryland takes this a step further in requiring the assessment include an assessment of each algorithm that is used.

5. Update Privacy Notices

All state privacy laws require privacy notices at the time of collecting personal data. It is essential you keep your privacy notice up-to-date and ensure (at a bare minimum) it covers data categories, third-party sharing, consumer privacy rights options, and opt-out procedures. Minnesota also requires controllers to provide a “reasonably accessible, clear, and meaningful” online privacy notice, posted on its homepage using a hyperlink that contains the word “privacy.”

As state privacy laws stack up, having a structured, adaptable, and principles-based approach paves the path to sustainable compliance.

Make 2025 the year your privacy program doesn’t just meet the minimum—it excels.

Click here to view the 2025 US State Privacy Laws Applicability Chart

Copyright © 2024 Womble Bond Dickinson (US) LLP All Rights Reserved.
For more on Privacy Laws, visit the NLR Communications Media Internet section

Consumer Privacy Update: What Organizations Need to Know About Impending State Privacy Laws Going into Effect in 2024 and 2025

Over the past several years, the number of states with comprehensive consumer data privacy laws has increased exponentially from just a handful—California, Colorado, Virginia, Connecticut, and Utah—to up to twenty by some counts.

Many of these state laws will go into effect starting Q4 of 2024 through 2025. We have previously written in more detail on New Jersey’s comprehensive data privacy law, which goes into effect January 15, 2025, and Tennessee’s comprehensive data privacy law, which goes into effect July 1, 2025. Some laws have already gone into effect, like Texas’s Data Privacy and Security Act, and Oregon’s Consumer Privacy Act, both of which became effective July of 2024. Now is a good time to take stock of the current landscape as the next batch of state privacy laws go into effect.

Over the next year, the following laws will become effective:

  1. Montana Consumer Data Privacy Act (effective Oct. 1, 2024)
  2. Delaware Personal Data Privacy Act (effective Jan. 1, 2025)
  3. Iowa Consumer Data Protection Act (effective Jan. 1, 2025)
  4. Nebraska Data Privacy Act (effective Jan. 1, 2025)
  5. New Hampshire Privacy Act (effective Jan. 1, 2025)
  6. New Jersey Data Privacy Act (effective Jan. 15, 2025)
  7. Tennessee Information Protection Act (effective July 1, 2025)
  8. Minnesota Consumer Data Privacy Act (effective July 31, 2025)
  9. Maryland Online Data Privacy Act (effective Oct. 1, 2025)

These nine state privacy laws contain many similarities, broadly conforming to the Virginia Consumer Data Protection Act we discussed here.  All nine laws listed above contain the following familiar requirements:

(1) disclosing data handling practices to consumers,

(2) including certain contractual terms in data processing agreements,

(3) performing risk assessments (with the exception of Iowa); and

(4) affording resident consumers with certain rights, such as the right to access or know the personal data processed by a business, the right to correct any inaccurate personal data, the right to request deletion of personal data, the right to opt out of targeted advertising or the sale of personal data, and the right to opt out of the processing sensitive information.

The laws contain more than a few noteworthy differences. Each of the laws differs in terms of the scope of their application. The applicability thresholds vary based on: (1) the number of state residents whose personal data the company (or “controller”) controls or processes, or (2) the proportion of revenue a controller derives from the sale of personal data. Maryland, Delaware, and New Hampshire each have a 35,000 consumer processing threshold. Nebraska, similar to the recently passed data privacy law in Texas, applies to controllers that that do not qualify as small business and process personal data or engage in personal data sales. It is also important to note that Iowa adopted a comparatively narrower definition of what constitutes as sale of personal data to only transactions involving monetary consideration. All states require that the company conduct business in the state.

With respect to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), Iowa’s, Montana’s, Nebraska’s, New Hampshire’s, and Tennessee’s laws exempt HIPAA-regulated entities altogether; while Delaware’s, Maryland’s, Minnesota’s, and New Jersey’s laws exempt only protected health information (“PHI”) under HIPAA. As a result, HIPAA-regulated entities will have the added burden of assessing whether data is covered by HIPAA or an applicable state privacy law.

With respect to the Gramm-Leach-Bliley Act (“GLBA”), eight of these nine comprehensive privacy laws contain an entity-level exemption for GBLA-covered financial institutions. By contrast, Minnesota’s law exempts only data regulated by GLBA. Minnesota joins California and Oregon as the three state consumer privacy laws with information-level GLBA exemptions.

Not least of all, Maryland’s law stands apart from the other data privacy laws due to a number of unique obligations, including:

  • A prohibition on the collection, processing, and sharing of a consumer’s sensitive data except when doing so is “strictly necessary to provide or maintain a specific product or service requested by the consumer.”
  • A broad prohibition on the sale of sensitive data for monetary or other valuable consideration unless such sale is necessary to provide or maintain a specific product or service requested by a consumer.
  • Special provisions applicable to “Consumer Health Data” processed by entities not regulated by HIPAA. Note that “Consumer Health Data” laws also exist in Nevada, Washington, and Connecticut as we previously discussed here.
  • A prohibition on selling or processing minors’ data for targeted advertising if the controller knows or should have known that the consumer is under 18 years of age.

While states continue to enact comprehensive data privacy laws, there remains the possibility of a federal privacy law to bring in a national standard. The American Privacy Rights Act (“APRA”) recently went through several iterations in the House Committee on Energy and Commerce this year, and it reflects many of the elements of these state laws, including transparency requirements and consumer rights. A key sticking point, however, continues to be the broad private right of action included in the proposed APRA but absent from all state privacy laws. Only California’s law, which we discussed here, has a private right of action, although it is narrowly circumscribed to data breaches.  Considering the November 2024 election cycle, it is likely that federal efforts to create a comprehensive privacy law will stall until the election cycle is over and the composition of the White House and Congress is known.

©2024 Epstein Becker & Green, P.C. All rights reserved.
For more on Data Privacy, visit the NLR Communications Media Internet section.

Supreme Court Decision Overturns Chevron: Impact on Cannabis Industry

Last month, the United States Supreme Court issued its decision and opinion in Loper Bright Enterprises v. Raimondo, significantly overruling the nearly 40-year-old precedent set by Chevron. The Chevron decision required federal courts to defer to a government agency’s interpretation of an ambiguous statute unless that interpretation was “arbitrary, capricious, or manifestly contrary” to the statute. This meant that if an agency such as the DEA published a bulletin or letter interpreting an ambiguous law, courts were generally bound to follow this interpretation due to the agency’s presumed expertise.

The Shift in Legal Interpretation

Loper Bright Enterprises has fundamentally changed this legal landscape. Now courts, rather than government agencies, are considered the best equipped to interpret ambiguous statutes. This shift means that a government agency’s interpretation of an ambiguous statute is now merely persuasive and not binding on the courts. This can be likened to a Pennsylvania court interpreting a Pennsylvania law and considering, but not being bound by, a Delaware state court’s interpretation of a similar corporate law. Just as Pennsylvania courts can choose to defer to, distinguish from, or disregard Delaware court decisions, federal courts now have the same discretion regarding agency interpretations of ambiguous statutes.

Impact on the Cannabis Industry

This change has significant implications for the cannabis industry. The Drug Enforcement Administration (DEA) enforces federal drug laws and has issued numerous letters and bulletins determining the legality of various cannabis substances. For example, the DEA issued opinions that seemingly argued that Delta-8 THC products and THCA products were not allowed under the 2018 Farm Bill. I have generally disagreed with these interpretations, believing that the DEA incorrectly cited statutes related to hemp at harvest rather than downstream products.

With Loper Bright Enterprises, these DEA letters will lose their authoritative value. Courts are no longer bound to follow DEA interpretations and can more readily consider arguments opposing the DEA’s stance. This development is critical for the cannabis industry, as it opens the door for courts to reinterpret federal drug laws and potentially challenge the DEA’s restrictive interpretations of the 2018 Farm Bill.

The Importance of This Shift

The overruling of Chevron by Loper Bright Enterprises marks a pivotal change in administrative law, particularly impacting the cannabis industry. This shift of interpretive authority from government agencies to the courts means there is now greater potential for legal challenges to restrictive interpretations of cannabis laws. This change enhances the ability of cannabis businesses and advocates to contest adverse decisions and interpretations by the DEA and other agencies, potentially leading to more favorable outcomes for the industry.

©2024 Norris McLaughlin P.A., All Rights Reserved
For more on Cannabis, visit the NLR Biotech Food Drug section

Whistleblower Tax Fraud Lawsuit Against Bitcoin Billionaire Settles for $40 Million

MicroStrategy’s founder is alleged to have falsified tax documents for ten years. The settlement resolves the first whistleblower lawsuit filed under 2021 amendments to the DC False Claims Act.

Key Takeaways
On June 3, the District of Columbia Office of the Attorney General announced the $40 million settlement with Michael Saylor
It is the largest income tax recovery in D.C. history
The settlement, which resolves a qui tam lawsuit filed under the DC False Claims Act, underscores the power of whistleblowers in combatting tax fraud
On June 3, the District of Columbia Office of the Attorney General (OAG) made a landmark announcement. The billionaire founder of MicroStrategy Incorporated, Michael Saylor, settled a tax fraud lawsuit for a staggering $40 million. This case, stemming from a qui tam whistleblower suit filed under the District’s False Claims Act, marks a significant milestone in the fight against tax fraud. The OAG declared this as the largest income tax recovery in D.C. history, underscoring the importance of this case.

The DC False Claims Act
This settlement is not just a victory for the District but also a testament to the power of whistleblowers. Under the 2021 extension of the D.C. False Claims Act, individuals have the power to file qui tam suits against large companies and suspected tax evaders. The 2021 amendments even offer monetary awards to those who report tax cheats. This settlement, the first settlement under these amendments, serves to put would-be tax cheats on notice.

As the District of Columbia expands its arsenal against tax fraud, other states should take note. The DC False Claims Act, now covering tax fraud, has become a powerful tool in the fight against financial misconduct. With the District joining the ranks of Delaware, Florida, Illinois, Indiana, Nevada, New York, and Rhode Island as states where false claims suits may be brought based on tax fraud claims, the fight against tax cheats looks promising.

The Case Against Saylor
In 2021, unnamed whistleblowers filed a lawsuit against Saylor, alleging that he had defrauded the District and failed to pay income taxes from 2014 to 2020. The OAG independently investigated these claims and filed a separate complaint against Saylor. The District’s lawsuit alleged that Saylor claimed to be a resident of Florida and Virginia to avoid paying over $25 million in income taxes. Another suit was filed against MicroStrategy, claiming it falsified records and statements that facilitated Saylor’s tax avoidance scheme.

The District’s allegations against Saylor paint a picture of a lavish lifestyle. Saylor is accused of unlawfully withholding tens of millions in tax revenue by claiming to live in a lower tax jurisdiction to avoid paying D.C. income taxes. The OAG’s investigation revealed that Saylor owned a 7,000-square-foot luxury penthouse overlooking the Potomac Waterfront and docked multiple yachts in the Washington Harbor. He purchased three luxury condominium units at 3030 K Street NW to combine into his current residence and a penthouse unit at the Eden Condominiums, 2360 Champlain St. NW. The Attorney General compiled several posts from Saylor’s Facebook, in which he boasted about the view from his D.C. residence.

Whistleblower Tax Fraud Lawsuit Against Bitcoin Billionaire Settles For $40 Million

Furthermore, the OAG found evidence that Saylor purchased a house in Miami Beach, obtained a Florida driver’s license, registered to vote in Florida, and falsely listed his residence on MicroStrategy W-2 forms. Attorney General Brian L. Schwalb stated, “Saylor openly bragged about his tax-evasion scheme, encouraging his friends to follow his example and contending that anyone who paid taxes to the District was stupid.”

The lawsuits allege that records from Saylor’s security detail provide Saylor’s physical location and travel from 2015 to 2020 and show that across six years, Saylor spent 449 days in Florida and 1,397 days in the District. Saylor allegedly directed MicroStrategy employees to aid his scheme to avoid paying District income taxes. The District claims that for the last ten years, MicroStrategy has falsely reported its income tax exemption on Saylor’s wages, claiming he was tax-exempt due to his residential status.

Saylor agreed to pay the District $40 million to resolve the allegations against him and MicroStrategy.

A copy of the settlement can be found here.

Copyright Kohn, Kohn & Colapinto, LLP 2024. All Rights Reserved.

by: Whistleblower Law at Kohn Kohn Colapinto of Kohn, Kohn & Colapinto

For more on Whistleblowers, visit the NLR Criminal Law / Business Crimes section.

740,000 Reasons to Think Twice Before Putting a Company in Bankruptcy

A recent decision from a bankruptcy court in Delaware provides a cautionary tale about the risks of involuntary bankruptcy.

In the Delaware case, the debtor managed a group of investment funds. The business was all but defunct when several investors, dissatisfied with the debtor’s management, filed an involuntary Chapter 7 petition.  They obtained an order for relief from the bankruptcy court, then removed the debtor as manager of the funds and inserted their hand-picked manager.  So far, so good.

The debtor, who was not properly served with the involuntary petition and did not give the petition the attention it required, struck back and convinced the bankruptcy court to set aside the order for relief. The debtor then went after the involuntary petitioners for damages.  After 8 years of litigation, the Delaware court awarded the debtor $740,000 in damages – all of it attributable to attorneys’ fees and costs.

If you file an involuntary petition and the bankruptcy court dismisses it, then a debtor can recover costs and reasonable attorneys’ fees.  The legal fees include the amount necessary to defeat the involuntary filing.  In addition, if the court finds that the petition was filed in bad faith, then the court also can enter judgment for all damages proximately caused by the filing and punitive damages.  The Delaware court awarded the debtor $75,000 for defeating the involuntary petition.

The debtor also sought a judgment for attorneys’ fees in pursuit of damages for violating the automatic stay.  The involuntary petitioners had replaced the debtor as manager without first obtaining leave from the court to do so.  The investment fund was barely operating and had little income to support a claim for actual damages.  Nevertheless, the Delaware court awarded $665,000 in attorneys’ fees related to litigating the automatic stay violation.

Because the debtor had no “actual” damages from the stay violation, the involuntary petitioners contended that the debtor was not entitled to recovery of attorneys’ fees.  The Delaware court pointed out that “actual” damages (e.g., loss of business income) are not a prerequisite to the recovery of attorneys’ fees, much to the chagrin of the defendants.  The court held that attorneys’ fees and costs are always “actual damages” in the context of a willful violation of the automatic stay.

The Delaware court also rejected defendants’ argument that the fee amount was “unreasonable” since there was no monetary injury to the business.  In other words, the debtor should not have spent so much money on legal fees because it lost on its claim.  The court held that defendants’ argument was made “with the benefit of hindsight” – at the end of litigation when the court had ruled, after an evidentiary trial, that debtor suffered no actual injury.  The court pointed out that the debtor sought millions in damages for the loss of management’s fees, and even though the court rejected the claim after trial, it was not an unreasonable argument for the debtor to make.  The court concluded that “the reasonableness of one’s conduct must be assessed at the time of the conduct and based on the information that was known or knowable at the time.”

The involuntary petitioners likely had sound reasons to want the debtor removed as fund manager.  But by pursuing involuntary bankruptcy and losing, they ended up having to stroke a check to the debtor for over $700,000.  Talk about adding insult to injury.  The upshot is that involuntary bankruptcy is an extreme and risky action that should be a last-resort option undertaken with extreme caution.

© 2024 Ward and Smith, P.A.. All Rights Reserved.

by: Lance P. Martin of Ward and Smith, P.A.

For more news on Bankruptcy Litigation, visit the National Law Review’s Bankruptcy & Restructuring section.

Delaware Legalizes Recreational Marijuana

Delaware became the latest state to legalize recreational marijuana on April 23, 2023 when the state’s Governor failed to veto two bills that allow for the legalization of marijuana, effective immediately.  Individuals who are 21 years of age and older may possess and use up to one ounce of marijuana.  It will be taxed in a manner similar to alcohol.

The law provides that nothing in the law is “intended to impact or impose any requirement or restriction on employers with respect to terms and conditions of employment including but not limited to accommodation, policies or discipline.”  This means that employers in Delaware do not have to permit marijuana use at work or during work time and still may drug test for marijuana and take disciplinary action for positive test results.

Employers should bear in mind, however, that the use of medical marijuana still is protected under Delaware law, as it has been since 2011. The new recreational marijuana law does not change the rights of users of medical marijuana.  Specifically, the Delaware Medical Marijuana Act provides, in pertinent part, that “an employer may not discriminate against a person in hiring, termination, or any term or condition of employment . . . if the discrimination is based upon either of the following: a. [t]he person’s status as a cardholder; or b. [a] registered qualifying patient’s positive drug test for marijuana . . . unless the patient used, possessed or was impaired by marijuana on the premises of the place of employment or during his hours of employment.”

Delaware joins a growing list of states that have adult-use recreational marijuana laws.  Employers should review their drug and alcohol policies frequently to ensure that they are complying with all applicable state and local marijuana laws.

Jackson Lewis P.C. © 2023
For more Cannabis legal news, click here to visit the National Law Review

Is The End Of FINRA Drawing Nigh?

The Financial Industry Regulatory Authority, aka FINRA, is a non-profit Delaware corporation.  It was formed in 2007 by the combination of the National Association of Securities Dealers, Inc. and the regulatory arm of the New York Stock Exchange, Inc.  FINRA is a self-regulatory organization that primarily regulates securities broker-dealers.

Professor Benjamin P. Edwards recently reported that a complaint has been filed in Florida challenging the constitutionality of FINRA.  The lawsuit filed by two broker-dealers alleges:

However, FINRA’s current structure and operations, particularly in light of the transformation of the organization over the course of the last two decades, contravene the separation of powers, violate the Appointments Clause of the United States Constitution (the “Constitution”) and constitute an impermissible delegation of powers. Because it purports to be a private entity, FINRA is unaccountable to the President of the United States (the “President,” or “POTUS”), lacks transparency, and operates in contravention of the authority under which it was formed.  It utilizes its  own in-house tribunals in a manner contrary to Article III and the Seventh Amendment of the Constitution and deprives entities and individuals of property
without due process of law.

The plaintiffs are seeking, among other things, declaratory and injunctive relief.

For more Finance Legal News, click here to visit the National Law Review

© 2010-2022 Allen Matkins Leck Gamble Mallory & Natsis LLP

Delaware Franchise Taxes Are Around the Corner

If you are a Delaware corporation, you likely received a notice from the Secretary of State of Delaware informing you that your company’s Annual Report and franchise tax payment are due by March 1, 2020. These notices are sent to the corporation’s registered agent. You are still required to file an Annual Report and pay the franchise tax even if your corporation never engaged in business or generated revenue. Delaware requires these to be submitted online.

There are two ways to calculate your Delaware franchise taxes (the Authorized Shares Method and the Assumed Par Value Capital Method). Delaware defaults to calculating its franchise taxes owed by using the Authorized Shares Method, which almost always results in a higher tax liability for startups with limited assets. However, by using the Assumed Par Capital Value Method, startups are often able to significantly lower their franchise tax burden.

For example, a typical early-stage startup corporation with: (i) 10 million authorized shares of stock; (ii) 9 million issued shares of stock; (iii) a par value of $0.0001; and (iv) gross assets of $100,000, would result in the following franchise tax obligations under the different methods:

  • $85,165 under the Authorized Shares Method

  • $400 under the Assumed Par Value Capital Method

    If you are incorporated in Delaware, but conducting business in another state, you must be qualified to do business in that state – meaning, you might be subject to that state’s franchise tax (if any) as well. For example, a Delaware corporation doing business in Texas must still register for a foreign qualification to conduct business in Texas ($750 filing fee), submit a Texas annual Franchise Tax Report (due by May 15 of each year), and pay the associated tax.

Texas franchise taxes are based on an entity’s margin (unless filing under an EZ computation),

and are calculated based on one of the following ways:

  • total revenue times 70 percent;

  • total revenue minus cost of goods sold (COGS);

  • total revenue minus compensation; or

  • total revenue minus $1 million (effective Jan. 1, 2014).

© 2020 Winstead PC.

For more on franchise taxation, see the National Law Review Tax Law section.

Delaware, Consent, And The Adequacy Of Email Notice

Since the turn of this century, Delaware has allowed corporations to give notices to stockholders by electronic transmission.  8 Del. Code § 232(a).  However, the statute is conditioned upon the stockholder’s consent.  California has a similar consent requirement in Corporations Code § 20.  Delaware is now proposing to amend Section 232 to permit a corporation to give notice by electronic mail unless the stockholder has objected.  See Senate Bill No. 88.  The bill would also define “electronic mail” for the first time.

As I was pondering these changes, I came across the following observations about the adequacy of email notifications penned by the estimable and eminently quotable Justice William W. Bedsworth of the California Court of Appeal:

“Email has many things to recommend it; reliability is not one of them. Between the ease of mistaken address on the sender’s end and the arcane vagaries of spam filters on the recipient’s end, email is ill-suited for a communication on which a million dollar lawsuit may hinge.  A busy calendar, an overfull in-box, a careless autocorrect, even a clumsy keystroke resulting in a ‘delete’ command can result in a speedy communication being merely a failed one.”

Lasalle v. Vogel, 2019 Cal. App. LEXIS 533 (footnote omitted).  Justice Bedsworth’s comments were directed to the adequacy of email notice before taking a default judgment and not the Delaware bill.  Nonetheless, his concerns about the adequacy of email are entirely opposite to stockholder notice.

 

© 2010-2019 Allen Matkins Leck Gamble Mallory & Natsis LLP
Read more about Corporate Law on the National Law Review Corporate & Business Law page.

Private Email Woes Infect The Private Sector in Delaware

emailVice Chancellor J. Travis Laster’s ruling in Amalgamated Bank v. Yahoo!, Inc., C.A. No. 10774-VCL (Del. Ch. Feb. 2, 2016) should sound a tocsin to directors that their “private” emails may not be so private.  The ruling addressed Amalgamated Bank’s demand to inspect the books and records of Yahoo! pursuant to Section 220 of the Delaware General Corporation Law.  The bank sought to inspect, among other things, documents that reflect discussions or decisions of Yahoo’s full Board or Committee.  Documents covered by the demand included emails to and from the directors, from management or the compensation consultant, emails among the directors themselves, and documents and communications prepared by Yahoo officers and employees about the Board‘s deliberations.

Vice Chancellor Laster found that emails were records subject to inspection under Section 220 and that through Delaware’s jurisdiction over a corporation, a court can compel production of documents in the possession of officers, directors, and managing agents of the firm.  According to the Vice Chancellor, the court can impose sanctions or other consequences on the firm if the officer, director, or managing agent fails to comply. He further noted that if a personal email account was used to conduct corporate business, the email is subject to production under Section 220. Directors and corporate officers should therefore take heed that emails concerning corporate business may be subject to disclosure even if conducted using a private email address.

Article By Keith Paul Bishop of Allen Matkins Leck Gamble Mallory & Natsis LLP

© 2010-2016 Allen Matkins Leck Gamble Mallory & Natsis LLP