SLO: (805) 546-8785 | Paso Robles: (805) 226-4148

Posts by Emilie Elliott

man-791049_640
To Offer Sabbaticals or Not to Offer Sabbaticals… And if I Do, Should I Pay?

A Tale of Two Tricky (and Sometimes Dangerous) Dilemmas

Recently, I gave a webinar on establishing eligibility and procedures for taking sabbaticals and unpaid leaves of absence through Lorman Education Services. I thought some of the information I discussed might be of interest to our clients in the San Luis Obispo area, many of whom are cutting edge technology companies. This blog post will focus on sabbaticals, which are gaining popularity as companies struggle to recruit and retain talented, top-notch employees.

Read More
locks-332093_640
Privacy Policies: Are You in Compliance?

My previous post was regarding cybersecurity and some of the dangers lurking behind our widely-used “secure” technologies and authentication systems. A related issue is what you, as a business owner, chief technology officer or other data collector, must do to advise customers and other users of your website of your privacy policies and procedures – in short, how are you going to protect their identities, credit card information and other personal data you collect? This post will address what is legally required of you if you collect any sort of data, as well as the question of whether you need to implement Terms and Conditions. Hint: the answer is yes!

Many businesses are required by law to have a Privacy Policy posted conspicuously on their website. In California, the law requires “any commercial web sites or online services that collect personal information on California residents through a web site to conspicuously post a privacy policy on the site.” California Online Privacy Prevention Act of 2003, Business & Professions Code §§ 22575-22579. In other words, if you are gathering the personal data of your website users, you must have a formal Privacy Policy.

The primary federal agency that regulates and implements rules and regulations related to data privacy is the Federal Trade Commission, but other federal and state laws and acts have provisions that impose requirements on certain persons and businesses. For example, the Americans With Disabilities Act, the Children’s Internet Protection Act of 2001, the Computer Fraud and Abuse Act of 1986, the Computer Security Act of 1997 and the Consumer Credit Reporting Control Act all have laws relating to data privacy. The bottom line is that you must know and comply with federal laws as well as the laws of your state.

Another thing you should strongly consider – implementing and posting Terms and Conditions, which may also be called Terms of Use. While not required by law (and undeniably the dullest page on your website), Terms and Conditions can limit your liability, set forth your security features, link to your Privacy Policy and define acceptable use of your site (for example, you can specifically prohibit certain “hacking” activities). Here is some sample language from a Terms of Use policy related to cybersecurity:

You agree not to misuse Acme Company’s services (“Services”) or help anyone else to do so. For example, you must not even try to do any of the following in connection with the Services:

breach or otherwise circumvent any security or authentication measures; or

violate the privacy or infringe the rights of others.

Terms and Conditions can and should be specialized to your unique business activities. In other words, copying one from another website, changing a few words and posting it is not the best means of implementing your Terms and Conditions.
In sum, cybersecurity and privacy are hot issues these days, and whether you are a business owner, chief technology officer or someone else in a position that requires you to deal with stored customer information, you have many duties in connection with protecting your customers’ information. If you have questions about cybersecurity or your compliance with privacy laws, or if you would like assistance drafting and implementing your Privacy Policy and/or Terms and Conditions, please contact me or one of our other attorneys at (805) 546-8785. The attorneys at Carmel & Naccasha have extensive experience in handling such matters and are happy to answer your questions and assist you.

The information contained in this article does not constitute legal advice and neither the author nor Carmel & Naccasha make any representations or warranties as to the accuracy of the information contained herein. Your access or reading of the article and/or your following of any of the suggestions contained herein do not create an attorney-client relationship between you and the author or you and Carmel & Naccasha LLP.

Read More
Cybersecurity: Are You Protected?
Cybersecurity: Are You Protected?

I recently had the privilege of attending a TED talk-style seminar on cybersecurity at my alma mater, UCLA. The information I learned at this session certainly gave me pause, and I was anxious to share the information I learned with our clients and other readers of our blog. Perhaps the most interesting aspect of the lively discussion was the panelists – one, the former general counsel of the National Security Agency (“NSA”) and the other, a benevolent hacker.

Read More
Emilie K Elliott square2
The Dangers of Misclassifying Your Workers

Employers are often confused about what makes a worker an employee rather than an independent contractor. The distinction is of great importance, as misclassification can lead to litigation by, and damages owed to, a number of different players, including the employee, the IRS, the FTB and the Division of Workers Compensation.

What makes a worker an employee? It really comes down to the degree of control exerted by the employer over the employee in terms of the manner and means of accomplishing the work. The more control exerted by the employer, the more likely the worker, regardless of how he or she is classified, is actually an employee. This is a fact-intensive inquiry, and there are very few “bright line” rules – which is part of the reason the correct characterization is so important and lends itself to litigation.

Other important and relevant factors are the degree of integration of the worker into the employer’s business, whether the worker uses his or her own tools (computer, desk, telephone, etc.) or whether such tools are supplied by the employer, whether the work performed is part of the regular business of the employer, where the individual performs the work, whether the services he or she provides require a special skill, the worker’s opportunity to profit or lose depending on his or her managerial skills, the length of time and degree of permanence of the working relationship and whether payment is by the amount of time spent or by the job. All of these factors bear on whether a worker appears to be running his or her own business (i.e., like an independent contractor) or, alternatively, whether the worker is actually a part of the employer’s business (i.e., like an employee).

Often, employers and workers think that, because they memorialize in an agreement that they are in a certain kind of relationship (independent contractor or employee), they are “in the clear,” but this not necessarily true. Although the parties’ intention (and their relative negotiating power) has some bearing, the relationship still has to be bona fide, and the actual effect of the agreement must look and act in accordance with what the parties say it is. Otherwise, a court or other interested entity may seek to void your stated characterization, and a number of consequences could flow from this.

Speaking of interested entities, a number of government agencies are interested in whether a worker is misclassified. These entities include, but may not be limited to, the IRS, the Division of Labor Standards Enforcement (DLSE), the Employment Development Division (EDD), the Division of Workers’ Compensation (DWC) and the Franchise Tax Board (FTB). Adding to the confusion and uncertainty, one entity’s determination that a worker is not misclassified is not binding on the other entities. Thus, although an employer may escape penalties with the DLSE, the same employer may be required to back pay payroll taxes with the FTB or IRS if a worker is later determined (by those agencies) to be an employee rather than an independent contractor.

Other consequences of misclassification by an employer include, but are not limited to, having to pay the worker for unpaid and unknown overtime and the associated penalties plus interest, meal and rest break penalties, waiting time penalties (for not paying all amounts due within 72 hours of termination, even though, at the time, the employer did not know the employee was misclassified), wage statement penalties, workers’ compensation fines, IRS and FTB fines and penalties, and, potentially, class action exposure.

Employers can’t afford to get this wrong! Misclassification can lead to severe consequences for an employer. If you have questions about the proper classification of your employees, or any other labor and employment law questions, please contact Emilie Elliott at eelliott@carnaclaw.com, or at 805-546-8785. The attorneys at Carmel & Naccasha have extensive experience in handling matters related to labor and employment law on behalf of employers and public agencies and are happy to assist you.

Read More
Emilie speaking on the Fair Pay Act.
New California Fair Pay Act Adds Confusion and Incites Litigation

The Fair Pay Act (“FPA”), which goes into effect on January 1, 2016, requires employers to pay male and female employees the same for “substantially similar work” under “similar working conditions,” even if those employees work in different establishments.  The FPA also prohibits employer retaliation against employees for disclosing their wages, discussing the wages of others, inquiring about another employee’s wages, or aiding or encouraging any other employee to exercise his or her rights under the law.

Read More