RSS Feed LinkedIn Instagram Twitter Facebook
FMG Law Blog Line

Archive for May, 2017

A “Day of Rest” Clarified in California

Posted on: May 25th, 2017

By: Matthew Jones

Over the years there has been uncertainty regarding California Labor Code’s regulations regarding a day of rest. The applicable Labor Code sections are 552, which prohibits an employer from “caus[ing] [its] employees to work more than six days in seven”, and 556, which states that section 552 does not apply “when the total hours of employment do not exceed 30 hours in any week or six hours in any one day thereof.”

In the case of Mendoza v. Nordstrom, Inc., the Ninth Circuit asked the California Supreme Court to resolve three outstanding issues regarding the interpretation of those two Labor Code sections.  Mr. Mendoza sued Nordstrom, alleging it failed to provide him statutorily guaranteed days of rest.

The Supreme Court first addressed whether the day of rest protection applies on a rolling basis or a week-by-week basis. Under the weekly interpretation, the calendar is divided into seven-day blocks and there is guaranteed at least one day of rest in each block. Under the rolling interpretation, the day of rest is provided if the employee worked the preceding six days. During its analysis, the Court evaluated the text of the statutes and its history, as well as the Industrial Welfare Commission Wage Orders. Most importantly, the Court pointed out that the Legislature defined a “workweek” as any seven consecutive days, starting with the same calendar day each week. The workweek is determined by each individual employer.  Through its analysis, the Court ruled the day of rest provision should be interpreted on a weekly basis, thereby providing an employee at least one day of rest during each workweek.

The Court then addressed the exception to the day of rest issue regarding the instance an employee works six hours or less in any one day during the week. The Court analyzed the Legislature’s related provisions, as well as the applicability of the competing interpretations of Labor Code section 556. In response, the Court concluded this exception only applies if every daily shift that workweek involves six hours or less of work.

The final issue the Court evaluated is the meaning of “cause”. This term comes into effect as part of Labor Code section 552, which states an employer cannot “cause [its] employees to work more than six days in seven.” After evaluating the proposed definitions from both parties, the Court ruled that an employer has an obligation to apprise employees of their entitlement to a day of rest and must remain neutral regarding the employee’s exercise of that right. Simply put, the employer cannot encourage employees to forgo the day of rest or conceal the employee’s right to rest. However, the employer is not liable if the employee chooses to work a seventh day.

For any questions, please contact Matthew Jones at [email protected].

Georgia Modernizes Captive Insurer Law

Posted on: May 23rd, 2017

By: Allan J. Hayes

According to the National Association of Insurance Commissioners (NAIC) a Captive Insurer is an insurance company established by a parent firm for the purpose of insuring the parent’s exposures. Currently, 75 percent of the world’s Fortune 500 companies are parent owners of captive insurance companies and total captive premium income is exceeding $14 billion with more than 5,000 captives established worldwide. Twenty-four captives are domiciled in Georgia.

Benefits of a captive include greater business opportunities and more risk management options for the parent company which can result in lower premium payments and management costs. Also, a captive can be formed in a jurisdiction where taxes, solvency rules and reporting requirements are more advantageous.

The Georgia Department of Insurance and other state leaders are interested in attracting some of the growing captive insurance market. During the 2017 legislative session they supported passage of SB 173, a bill sponsored by Senate Insurance and Labor Committee Chairman Burt Jones and House Insurance Committee member Jason Shaw that extensively revises provisions relating to captive insurance companies and updates several definitions within the Insurance code. Governor Deal signed the bill on May 9, 2017 and the new provisions contained in it become effective July 1, 2017.

Briefly, the new law will:

  • Update definitions used throughout the captives chapter to make them more consistent with best practices in other states.
  • Update the rules for captive formation to make them more specific to the captive company. Currently captives are required to incorporate like any other general insurer.
  • Make captives subject to the provisions of the general corporations statute, while allowing the Commissioner rule-making authority where the provisions of the general corporations statute might not make sense for captives.
  • Allow captives to form as manager-managed LLCs rather than limiting formation to corporations.
  • Put an end to the differences in the code regarding taxation of risk retention group captives (RRG) and all other captives. RRG captives will only be subject to relevant taxes on direct premiums collected for coverage within the state of Georgia.

For any questions or for more information regarding forming a captive, please contact Allan Hayes at [email protected].

WannaCry Brings New Focus on Cyber Insurance and Privacy Impact Assessments

Posted on: May 18th, 2017

By: Jonathan M. Romvary

In the wake of last week’s WannaCry ransomware attack that crippled nearly 200,000 computers across 150 nations, businesses around the world must reassess how they can protect themselves from the seemingly inevitable cyber-attack. According to the 2017 Verizon Data Breach Investigations Report, ransomware continues to be one of the most popular attacks used by criminals due to its availability and ease of use.

It is reported that nearly nine out of ten cyber insurance policies are issued in the United States. The reason for the overwhelming adoption of policies within the United States market can be traced to adoption of federal statutes and regulations governing online privacy and well established state data breach statutes imposing regulatory penalties and private causes of action. The European Union, until the recent adoption of the General Data Protection Regulation (GDPR), simply did not provide its businesses with the same quantifiable incentive. Whether as a result of the WannaCry ransomware attack, or in anticipation of the implementation of the GDPR, you can expect to see a surge in demand from European companies

But insurance is only a part of the solution as there are many instances where the insurance coverage explicitly excludes certain situations. These can include where companies have failed to download a software patch to protect users from known vulnerabilities, where employees using pirated software are the entry point for the virus into the system, or even where there is a claim for business interruption. However, if data is truly lost because it has been destroyed or completely removed from the system, no amount of insurance will be able to recover it.

So how do businesses protect themselves from such a crippling attack? As they say in sports, the best defense is a good offense. The easiest way to protect yourself is by updating your computer to include the most recent security patches that are offered by the manufacturer or developers. But remember, staying secure against ransomware isn’t just about having the latest security solutions. Good IT security practices including regular training for employees and data and privacy policies drafted by your attorneys, are essential to reduce the risk of an attack. Businesses should also perform a privacy and privacy impact assessments of their computer systems to identify and address any potential weaknesses. Make sure that whoever is performing the assessment, whether your CIO, IT, or attorney, is utilizing privacy frameworks accepted by your industry’s ISO or other accepted framework. Some good examples include the APEC Privacy Framework, the OECD Privacy Framework, or the FTC’s report, Protecting Consumer Privacy in an Era of Rapid Change, A Proposed Framework for Businesses and Policy Makers.

Remember, the Cyber, Data Security, and Privacy practice group attorneys are here to assist you in any way. Please contact Jonathan Romvary at [email protected] if you have any questions regarding how your business can perform an assessment of its system to further protect against unwanted cyber attacks.


WannaCry Ransomware Cyberattack Brings Tears to the Eyes of Businesses in More than 150 Countries

Posted on: May 18th, 2017

By: Robyn Flegal

As of May 18, 2017, more than 200,000 computers in 150 countries have been hit by a large-scale ransomware attack. Victims of the attack include the British National Health Service, FedEx, and Renault. By exploiting a vulnerability in outdated versions of Microsoft Windows, including Windows XP, the “WannaCry” ransomware encrypts data on devices running unsupported Microsoft software. The data is held hostage until the victim pays a ransom of approximately $300 per device.

While it is not yet clear who is to blame or how this could have been prevented, the costs associated with this attack are much higher than the $300 ransom. Business was lost while devices were encrypted. Experts also believe that businesses running outdated versions of Windows could face liability as a result of this attack. This is because Microsoft offered a security patch for these vulnerabilities in March of 2017, but many users had not yet applied the patch or had not otherwise updated their software. Those affected in Asia and Europe face an increased risk of exposure, as almost 90% of cyber insurance policies are sold within the United States.

To avoid WannaCry and other future cyberattacks, be sure to upgrade your Microsoft systems and regularly install software updates when they become available. If you are running Windows XP or other older versions of Windows, please be aware that Microsoft is offering free security updates via its website.

The Cyber, Data Security, and Privacy practice group attorneys are here to assist you. Please contact Robyn Flegal at [email protected] for more information.



President Trump Nominates Kevin Newsom For Eleventh Circuit

Posted on: May 15th, 2017

By: William H. Buechner, Jr.

President Trump has nominated Birmingham attorney Kevin Newsom to fill a vacancy in the Eleventh Circuit. avantNewsom was among President Trump’s first 10 judicial nominees for vacancies in the circuit courts and district courts. He would succeed Joel Dubina, who took senior status in 2013.

Newsom currently is chairman of the appellate group at Bradley Arant Boult Cummings LLP in Birmingham. Newsom clerked for former U.S. Supreme Court Justice David Souter from 2000-2001. In 2003, Newsom was appointed Alabama Solicitor General by then Alabama Attorney General (and currently Eleventh Circuit Judge William Pryor) and served as Alabama Solicitor General until 2007, when he joined Bradley Arant.

Newsom has argued four cases in the U.S. Supreme Court and at least 35 cases in the U.S. Courts of Appeals. Perhaps the most notable of these cases is Riley v. Kennedy, 553 U.S. 406 (2008), where Newsom prevailed in a Voting Rights Act case holding that an election procedure invalidated by the Alabama Supreme Court was never in force or effect, and that reinstatement of the previous election procedure therefore did not require preclearance by the U.S. Department of Justice.

In confirmed, Newsom could have a substantial impact on employment law (as well as many other areas of law) in the Eleventh Circuit. For example, if confirmed relatively quickly (the confirmation process for circuit judges and district judges often is very slow and tedious), Newsom could have an opportunity to participate if the Eleventh Circuit grants the plaintiff’s petition for rehearing en banc in Evans v. Georgia Regional Hospital, 850 F.3d 1248 (11th Cir. 2017). In that case a panel (including Judge Pryor) held that Title VII does not address employment discrimination on the basis of sexual orientation.

For any questions, please contact  Bill Buechner at [email protected].