Internal Revenue Code (IRC) Section 1031 allows nonrecognition of gain or loss where property held for investment or for productive use in a trade or business is exchanged for like-kind property held for the same purpose.  An issue arising under Section 1031 involves multiple owners of a real estate business entity holding one or more investment properties, where some owners want to maintain their investment while others want to cash out their investment.  One common technique when the owners want to go their separate ways with investments is for the entity to redeem the interest of the member in exchange for an undivided interest in the property (a so-called "drop-and-swap").  Thereafter, the entity and the former owner join in the sale of the property to a buyer.  Following the sale, the former owner can direct its share of the sale proceeds to a qualified intermediary to be reinvested in like-kind property without recognizing gain. 

While California law conforms to Section 1031, the California Franchise Tax Board (FTB) has historically taken a much more restrictive approach than the IRS.  Particularly in the area of drop-and-swaps, the FTB has disqualified attempted 1031 exchanges by asserting the step transaction doctrine and examining a series of integrated transactions as a whole.  But in 2015, the California State Board of Equalization (BOE) departed from the FTB's narrow interpretation of the rules, unanimously overruling the FTB's disallowance of like-kind exchange treatment under Section 1031.   The BOE does not often issue formal guidance that may be cited as precedent.  However, the 2015 decision—In re Rago Development Corp., 2015-DBR-001— was issued as a formal opinion. The decision involved a "swap-and-drop," which is an exchange followed by a capital contribution of the replacement property to an entity in return for an ownership interest in the entity.  In that opinion, the BOE rejected the FTB's assertion that the step transaction doctrine should treat it as though the taxpayer had exchanged real property interests for interests in an LLC.

More recently, in August 2018, the new California Office of Tax Appeals (OTA) (which replaced the BOE as an administrative board) issued an opinion rejecting the FTB's disqualification of Section 1031 like-kind treatment based on the step transaction doctrine.  In Appeal of Mitchell, the taxpayer held an interest in a general partnership owning a single property as its sole asset.  The majority of the other partners sought to cash out their interest, but the taxpayer wanted to maintain her investment in real estate through a 1031 exchange.  A sale of the property was arranged and the partnership redeemed the taxpayer's partnership interest for a TIC interest in the property.  Thereafter, through a qualified intermediary, the taxpayer's proceeds from the sale were reinvested in qualified property outside of California.

The FTB issued a Notice of Proposed Assessment to the taxpayer in Mitchell, asserting that the transaction did not qualify as a 1031 exchange and that she must recognize gain from the sale of the property.  Asserting the step transaction doctrine, the FTB argued that the taxpayer failed to meet the "exchange" requirement of Section 1031 because the partnership, rather than the taxpayer, made the sale of the property and the taxpayer was only a conduit for the sale..  On this point, the FTB stressed the fact that the partnership, and not the taxpayer,  negotiated the sale of the property with the buyer.  Additionally, the FTB asserted that the taxpayer did not satisfy the holding requirement for a Section 1031 property because she only held her TIC interest in the property for two days—the days between the redemption of her partnership interest and the sale of her TIC interest in the property to the buyer. The OTA disagreed.

As to FTB's argument that the step transaction doctrine applied, the OTA referred to the Tax Court and Ninth Circuit decisions in Magneson v. Commissioner, 753 F.2d 1490 (9th Cir. 1985) and Bolker v. Commissioner, 760 F.2d 1039 (9th Cir. 1985) to ignore the series of integrated transactions accomplishing the exchange.  In Magneson, the court acknowledged that combining the steps of a transaction may not be appropriate if the transaction could not have been achieved directly.  In Mitchell, the fact that some of the partners sought to cash out their investment while others sought to continue their investment presented such a situation.  The OTA also rejected the FTB's support for the argument that the transaction failed because the taxpayer did not negotiate directly for the sale, since the taxpayer worked directly with the managing partner and the partnership's attorney in structuring the multiple steps leading up to the sale.  Further, in response to the FTB's argument that the taxpayer did not "hold" the property for investment, the OTA explained that Section 1031 does not require ownership of the relinquished property for any period of time.  Moreover, citing Bolker, the OTA noted that courts have allowed simultaneous or immediate transfers of replacement property following an exchange.

A potential distinction between the facts of Mitchell and Magneson is the nature of the interests held by the taxpayers.  While both cases involved general partnership interests, Magneson involved a limited partnership and Mitchell involved a general partnership.  While the court in Magneson did focus a significant portion of its opinion on the nature of a general partnership interest, it did not make any distinction based on which type of partnership the general partner held its interest in.  Rather, the opinion explained the similarities between holding property via a general partnership interest and through a TIC interest.  This portion of the decision, however, was mostly aimed at distinguishing partnership interests from corporate shares.  Ultimately, the court in Magneson focused much more on the underlying property, providing that the "critical basis for [the] decision is that the partnership, in this case, had as its underlying assets property of like kind to the Magnesons' original property, and its purpose was to hold that property for investment."

In both Magneson and Bolker, the court reasoned that the individual transactions in either series would not have triggered a tax, and therefore the combination of transactions should not have triggered a tax.  Following this reasoning, the OTA found that the transaction involved "the use of a series of reasonable, necessary, and integrated transactions to delay, not avoid, the recognition of gain, which section 1031 allows."  These decisions by the BOE and the OTA are an indication that California may be finally aligning itself with the federal standards for qualifying 1031 exchanges (although the FTB has not yet decided whether it will request a rehearing).

For more information, contact Tax Partner Jeffry Bernstein at Research analysis provided by Jessica N. Wilson. 

+ More

The California Supreme Court recently issued its long-awaited opinion in Dynamex Operations West v. Superior Court, clarifying the standard for determining whether workers in California should be classified as employees or independent contractors. To ensure conformity with the Court’s ruling we recommend a review of your independent contractor relationships. Given the potentially very high costs of misclassification – multiple violations of California and Federal wage and hour laws with attendant back pay, overtime, penalties, interest and attorney fees - it is prudent to confirm that your agreements are fully compliant.

The Dynamex Court held that individuals are employees unless the entity classifying the individuals can shoulder the burden of establishing that they should, in fact, be independent contractors under the ABC test. To meet the ABC test, each of the following three factors must be established:

A. That the worker is free from the control and direction of the hiring entity in connection with the performance of the work, both under the contract for the performance of the work and in fact;

B. That the worker performs work that is outside the usual course of the hiring entity’s business; and

C. That the worker is customarily engaged in an independently established trade, occupation, or business of the same nature as the work performed.

Factor A which requires that the worker must be free of the control of the hiring entity in the performance of the work can be based on a myriad of related factors evidencing control of the employer over the worker’s performance of work, including whether the worker supplies his own tools or controls the specific details of his work, without interference by the hiring entity.

Factor B mandates that to be considered an independent contractor, a worker must perform work that is outside the usual course of the hiring entity’s business. To illustrate the meaning of the “usual course of business,” the Supreme Court gave the example that “when a retail store hires an outside plumber to repair a leak in a bathroom on its premises or hires an outside electrician to install a new electrical line, the services of the plumber or electrician are not part of the store’s usual course of business and the store would not reasonably be seen as having “suffered or permitted” the plumber or electrician to be working as its employee. On the other hand, “when a clothing manufacturing company hires work-at-home seamstresses to make dresses form cloth and patterns supplied by the company that will thereafter be sold by the company,” or “when a bakery hires cake decorators to work on a regular basis on its custom-designed cakes,” the works are part of the hiring entity’s usual business operation and the hiring business can reasonably be viewed as having suffered or permitted the workers to provide services as employees” and not as independent contractors.

Factor C which requires that workers must be customarily engaged in an independently established trade, occupation or business of the same nature as the work performed, requires a showing that the worker has “independently made the decision to go into business for himself or herself.” Such workers would be expected to have taken “the usual steps to establish and promote his or her independent business,” for example through “incorporation, licensure, advertisements, routine offerings to provide the services of the independent business to the public or to a number of potential customers, and the like.”

One final note, the Dynamex ruling only applies to wage orders, which set rules on minimum pay and basic working conditions such as meal and rest breaks. While the decision does not directly apply to other employment claims, such as workers’ compensation claims or tax claims, it seems probable that trial courts and courts, in general, will apply the Dynamex case to other California labor code claims that protect workers’ rights.  Indeed, the case will likely trigger more litigation over each of the three factors and what they really mean, as applied to various types of workplaces.

For further information on determining whether workers in California should be classified as employees or independent contractors, or assistance in reviewing your employee agreements for compliance, contact Coblentz Business and Employment partner Steve Lanctot at

+ More

Authored by Lindsay Gehman; Originally published in The Daily Journal, May 24, 2018. 

Advertisers continue to utilize influencer marketing as an effective means of connecting with their target consumers and achieving a high ROI.  As such, it is imperative that advertisers and influencers enter into written agreements at the outset in order to ensure an effective campaign and a mutually beneficial relationship between the parties. Written influencer agreements allow the advertiser and influencer to get on the same page about expectations and risk allocation in order to help prevent future disputes.

Here are five essential provisions of every influencer agreement, which are drafted from the perspective of the advertiser/agency. Another key consideration when drafting influencer agreements from the agency's perspective is to ensure that the influencer agreement (just like any other vendor agreement) ladders up to the agreement between the agency and its client, the advertiser, as tightly as possible.

Content Ownership and Rights

It is imperative to specify who owns the content created by the influencer. If the influencer retains ownership and the advertiser only receives a license to use such content, the scope of such license should be drafted as broadly as possible, both in terms of what the advertiser may do with the content (i.e., repost, create derivative works, etc.) and the type of media it covers (i.e., the advertiser's website and social channels, broadcasts, publications, etc.). In connection with these rights, the influencer should also provide a license to use his or her name, blog name or social media handle, likeness, voice, image and testimonials to the advertiser in connection with the use of the content.


In some cases, advertisers expect that they will be the only brand featured in the content they are asking the influencer to create. Accordingly, the influencer agreement should include a clause that prohibits the influencer from monetizing the content in any way without the advertiser's consent. In addition, advertisers oftentimes expect that the influencer will not work with a competitor of the advertiser during the campaign and sometimes for some period thereafter. In such cases, the influencer agreement should include an exclusivity provision that lists the competitors that are off limits as well as the term of the restriction.


Because digital campaigns are fluid and can change on a dime, advertisers typically require broad termination rights that allow them to terminate the influencer agreement without cause on little to no advance notice. On the flip side, since influencers are typically selected for their unique expertise or influence (and are therefore difficult to replace), advertisers seek to limit the influencer's ability to terminate without cause. In terms of what the influencer must be paid in the event of early termination, advertisers typically push for paying only for deliverables that have been accepted prior to the termination date.

Regardless of where the termination notice period nets out, advertisers should include a morals clause that allows them to terminate the influencer agreement immediately in the event the influencer violates any law or if the influencer's conduct violates generally acceptable standards of behavior such that the advertiser's association with the influencer could damage the advertiser's reputation. Related to this, a clause that requires the influencer to take down any content featuring the advertiser from the influencer's website or social channels upon the advertiser's request should be included.

Representations, Warranties, Covenantsand Indemnification

In addition to standard representations, warranties and covenants like authority and no conflict, advertisers will also want influencers to represent, warrant and covenant that the influencer has obtained all rights and licenses necessary for the advertiser to use the content, that the content will not infringe or violate any intellectual property rights and that the content will comply with all applicable laws, rules and regulations, including the Federal Trade Commission's then current Guides Concerning the Use of Endorsements and Testimonials in Advertising and the applicable social media platform's terms of service.

Advertisers will also expect the influencer to indemnify the advertiser in certain instances, including if the influencer breaches the agreement or if the influencer acts in a negligent or willful fashion.

Social Media Policy

To the extent the advertiser has its own Social Media Policy – which every advertiser should – that Social Media Policy should be attached to the influencer agreement as an exhibit, and the influencer should be required to comply with the policy. Social media policies typically include practical guidance around disclosures, the editorial process and other "best practices" that the influencer should follow.

Click here to view a PDF of the article.

+ More

Parties that operate websites may enjoy immunity from copyright liability for the infringing posts of their users under the terms of the Digital Millennium Copyright Act (“DMCA”). The DMCA offers a “safe harbor” from copyright infringement liability for Internet service providers where the provider establishes and publicizes in its website Terms of Use, a process for responding to claims of copyright infringement.

As part of the DMCA immunity process, service providers must designate and register with the U.S. Copyright Office, an agent to receive notifications of claimed copyright infringement. The U.S. Copyright Office has implemented a new online agent designation system, and all previously paper-filed agent designations will expire on December 31, 2017. Companies that wish to continue to enjoy DMCA safe harbor protections must re-register by filing a new agent designation electronically via the Copyright Office’s new DMCA web portal.

You can register (or re-register) your Agent to Receive Notice of claimed copyright infringements on the U.S. Copyright Office website, at the following link: You will first need to create a DMCA Designated Agent Registration Account that will be used to log into the system, and then follow the prompts to register your agent information. There is a government fee of $6.00 for up to 10 domains. Registration is good for 3 years, from the date an agent designation is first made, or when it is amended or updated.

Please note also that accurate contact information for your designated DMCA agent must be available on your website, and is often included as part of a Terms of Service disclosure.

For further information on DMCA guidance, assistance in registering or re-registering your DMCA agent designation, or to review your website's current legal disclosures contact Karen Frank at

+ More

By Scott C. Hall.

The Federal Aviation Administration's ("FAA's") Part 107 rule for small commercial drone operation, effective as of August 2016, has now been up and running for over a year. In light of this milestone, the FAA recently took the opportunity to highlight various successes resulting from the rule and to promote continuing drone innovation and operations. Yet, while much progress has been made in commercial drone use over the past year, an honest assessment also requires acknowledging that there are still many obstacles to overcome, and much work to do, to fully realize the benefits of commercial drone operation in the U.S.

One particularly notable success for the drone industry has been the important role played by drones in supporting emergency response and rescue efforts in connection with recent natural disasters, including Hurricane Harvey and Hurricane Irma. In addition to the use of drones by media outlets to provide news coverage of otherwise inaccessible areas affected by the hurricanes, the FAA issued well over 100 specific authorizations – sometimes within hours of a request – to drone operators performing time-sensitive search and rescue missions or assessing damage to roads, bridges and other critical infrastructure in disaster areas. FAA Administrator Michael Huerta commented on the role of drones in the wake of recent hurricanes as a "landmark in the evolution of drone usage in the country."

However, despite these beneficial uses of drones in emergency response situations, not all drone news in connection with recent hurricanes and other natural disasters has been positive. As in years past, drones made news this year for interfering with emergency responders fighting wildfires in California. Because helicopters and other aircraft supporting critical emergency response efforts can easily collide with drones – causing potentially significant damage, injury, and even death – emergency response aircraft must often remain grounded if unauthorized drones are spotted in the area. This significantly impairs the ability of emergency responders to do their jobs. Unauthorized drone use also threatened to impede efforts of the U.S. National Guard, Marines and Coast Guard to rescue and recover individuals in hurricane disaster zones. In fact, these incidents caused the FAA to officially warn on its website that flying a drone in or near a disaster area may violate federal, state, or local laws and ordinances, and that unauthorized drone operators may be subject to significant fines if they interfere with emergency response operations. Thus, while drones are playing an increasingly important role in disaster response, continued misuse of drones has also complicated rescue and response efforts in various respects.

The FAA also touted the continued expansion of commercial drone use across a variety of industries, including insurance, news and media, construction, mapping and surveying, and infrastructure inspection, among others. According to the FAA, uses of drones for scientific research, emergency response, and government infrastructure improvements are also rapidly expanding. Additionally, several companies, including Amazon, Domino's Pizza, 7-Eleven and Flirtey, have attempted to spark consumer excitement for drones in recent months by demonstrating the potential for drone delivery of food and other consumer products.  

At the same time, however, many in the industry lament the fact that the U.S. still seems to be years away from integrating commercial drone deliveries and other innovative drone uses into the regulatory regime, even while such uses are moving forward in other countries.  Indeed, the FAA has stated that – putting aside isolated publicity stunts – it does not believe that regulations for delivery drones will be ready until at least 2020, even while countries in Africa are currently benefitting from drone delivery systems transporting items such as blood and life-saving emergency supplies on a daily basis.

In addition to regulatory hurdles, part of the delay in drone innovation in the U.S. may be attributable to ongoing public skepticism regarding drones due to reported misuse of drones and their perceived potentially harmful impacts on safety and privacy.  For example, according to some reports, while 75% of consumers expect drone deliveries by 2021, only 44% said they liked the idea of drone delivery. Thus, despite the undeniable increase in commercial drone use over the past year under Part 107 – and the inevitable continued expansion over the next few years – fully realizing the many potential benefits and services drones can provide must still await slow regulatory and lawmaking processes and gain greater public acceptance of anticipated uses. 

Ultimately, the FAA acknowledges that Part 107, as it exists currently, isn't the end of the story – it's the starting point. By 2021, the FAA estimates there could be as many as 1.6 million small drones in commercial operation throughout the country. There is still a lot to be done to realize the full commercial potential of drones, much of which will require increasingly complex drone operations (and correspondingly sophisticated laws and regulations), including for flights over people, operations beyond line-of-sight, delivery of goods, and even transportation of people. But, if commercial drone operations are to successfully accommodate the predicted increase in the number of commercial drones and expand on pace with expected innovations in the technology, it will require the coordination of many actors, including lawmakers at federal, state and local levels, drone manufacturers and operators, and greater acceptance by the public at large, to achieve.

+ More

Authored by Scott C. Hall and David (Duff) Beach.

The Equifax data breach has dominated news headlines for weeks, and Equifax will be dealing with the legal and financial fallout from the breach for many years.  While many companies may be relieved not to be in Equifax's position right now, no company is immune to data breaches.  Those who fail to learn key lessons from Equifax's mistakes may find themselves in the next headline.  Accordingly, companies in every industry, and of every size, that maintain any type of sensitive personal data—whether it be of customers, employees, or data maintained on behalf of others—should study the Equifax situation and ensure that they are better prepared for a data breach incident.

1.  Everyone (yes, everyone) will experience a data breach. 

When it comes to data breaches, the question is not if, but when.  This makes the more important question how will you respond?  Data breaches do not only result from malicious hackers or phishing scams.  They can occur when employees inadvertently access and/or mistakenly share personal data.  They can occur when company laptops, flash drives, or even personal phones or tablets that contain company data, are lost or stolen.  These kind of events occur in every company in every industry.  As a result, everyone needs to prepare to respond.  Indeed, the manner in which Equifax handled this most recent data breach—including: (1) the several weeks that elapsed before notifying affected individuals,(2) the executives who sold stock during the period between discovery of the breach and notifying the public, and (3) the company's offer to provide credit monitoring services to affected individuals, but only in exchange for a waiver of certain legal rights against the company—indicates that Equifax was not sufficiently prepared to deal with this kind of a data breach.

Every company should have a basic data breach response plan in place that at a minimum  identifies who (among IT, HR, business operations, public relations, and other personnel) will respond to the breach, what their respective roles will be, and who will be the ultimate contact point and decision-makers with respect to the response.  The plan should also include a timeline and enumerated steps to follow regarding discovering the scope of the breach, investigating the cause, remedying or mitigating the breach, notifying affected individuals, and contacting law enforcement as necessary.  

Because of the widely publicized nature of Equifax's data breach, as well as other recent high-profile data breaches, no company will get a "free pass" or be able to argue that they had no idea a data breach could happen to them.  In effect, these high-profile breaches put everyone on notice that data security must be a priority for all.  Any company that chooses to put its head in the sand, does so at its own (certain) risk.

2.  Act quickly to show affected individuals that you are trying to protect them.

In responding to data breaches, time is of the essence.  Many have criticized Equifax for waiting until early September to notify affected individuals of a data breach it discovered in July.  Most state data breach notification statutes require that a company disclose a data breach "in the most expedient" time possible, without further clarification about what that means.  The minimum amount of time specified under state laws that contain specific time periods for notification is generally either 30 or 45 days from discovery of the breach.

In light of these general standards, Equifax's timing for notification to individuals may not have constituted an improper or unlawful delay as a matter of law.  After all, it takes some time to investigate what happened, confirm what data was breached, and implement remedial measures. And, as a company responding to a data breach, you do not want to rush to publicize inaccurate facts that you later have to correct.  However, as a practical matter, 6 weeks is a lengthy period of time for sensitive personal information to be exposed without notifying affected individuals—and as the response to Equifax shows, many people believe this kind of delay is unreasonable, regardless of the legal standards.  Thus, while a company needs time to investigate the incident and communicate accurate facts to those affected, all companies should seek to notify those whose information has been compromised sooner rather than later.

3.  Take actions that demonstrate that you are genuinely attempting to remedy the problem.

Data breaches happen.  They will continue to happen.  And the public generally understands that not every data breach, especially a hacking attack, can be prevented.  However, when a data breach occurs, affected individuals want to know that the company is doing everything in its power to protect them, not itself.  Equifax added insult to injury when it offered to enroll affected consumers in free credit monitoring services—something required under at least some state data breach laws—only if consumers agreed to waive certain legal rights against the company.  Unsurprisingly, this did not go over well in the court of public opinion.  And, while Equifax has since agreed to provide credit monitoring without these legal restrictions, the reputational damage has already been done.

Ultimately, the legal fallout from any data breach will be what it will be based on the circumstances and whether the company had reasonable protections in place.  But reputational harm may damage the company as much or more than the legal process.  The best thing a company can do in the wake of a breach is to diligently correct its data security weaknesses and work with affected individuals to minimize the scope and harm caused by the breach.

4.  Consider what sensitive personal data you maintain or need to maintain and how to safeguard it.

It is a rare company that holds no sensitive personal data.  While credit reporting companies like Equifax have more sensitive information than most, all companies have some kind of personal data—in the form of customer or employee social security numbers, financial account numbers, or other information—that triggers data breach notification requirements.  All companies should, at a minimum, know the types of personal information they maintain, how and where is it stored, who has access, and whether it is sufficiently secured.  Companies then need to consider: (1) whether they truly need all the personal information they have and (2) whether such personal information can be separated, encrypted, or otherwise safeguarded to minimize the accessibility of such information or its usefulness if improperly accessed or exposed.

5.  Consider cybersecurity insurance and other professional services.

While every company will at some point experience a data breach incident, the potential risk largely depends on the type and volume of sensitive personal data a company maintains.  For those companies where there is a real possibility of significant financial injury if a data breach were to occur, cybersecurity insurance is something to consider.  Many companies elect not to carry cybersecurity insurance because they do not want to pay expensive premiums, they are unsure exactly what the policies will cover, or they are skeptical that they will suffer a significant cybersecurity incident sufficient to justify the cost of insurance.  But the Equifax breach reminds us that data breaches will occur—and likely with increasing frequency in coming years.  Companies with significant risk should analyze whether cybersecurity insurance makes sense for them.

As the Equifax breach shows, especially in the area of cybersecurity, an ounce of prevention is worth a pound of cure.  Companies should work with cybersecurity consultants, attorneys, or other professionals prior to a data breach both to protect against breaches, and to prepare to respond to a breach. Preventative cybersecurity training for employees is key, as human error is responsible for many data breaches.  Companies should ensure that their IT systems are reasonably secured, their personnel are reasonably trained, and their data breach response plan is ready to go for when a data breach occurs.  And it will.

Click here to download a printable PDF of this article

+ More

Authored by Timothy Crudo, Rees Morgan, Skye Langs, and Mark Hejinian.

On August 17, 2017, the United States Second Circuit Court of Appeals issued a landmark ruling in Meyer v. Kalanick1 that clarifies the standards for contract formation in the age of smartphones and mobile contracting, providing important guidance to companies about how to design enforceable mobile contracts. The Second Circuit, applying California law to determine the enforceability of the arbitration clause in Uber’s Terms of Service (“Terms”), held that a “reasonably prudent smartphone user” unambiguously assents to a conspicuously hyperlinked contract when he downloads a smartphone application (“app”) to his mobile phone and signs up for an account. Coblentz, led by Timothy Crudo, Rees Morgan, Mark Hejinian, and Skye Langs, had filed an amicus brief in the case on behalf of the Internet Association and the Consumer Technology Association urging the Court to adopt the “reasonably prudent smartphone user” standard.

The case arose after Plaintiff Spencer Meyer used his mobile phone to download Uber’s smartphone app and register for an account. During the registration process, Meyer entered his credit card information and, on the same screen, clicked a button marked “Register.” The “Register” button was located just above a notice, hyperlinked to Uber’s Terms, that “(b)y creating an Uber account, you agree to the TERMS OF SERVICE & PRIVACY POLICY.”

After using Uber’s app to hail several rides, Meyer filed a class action lawsuit alleging that the app facilitates price fixing. Uber moved to compel arbitration under its Terms, but Judge Jed Rakoff of the United States District Court for the Southern District of New York held that the contract was not binding because the registration page did not provide reasonably conspicuous notice of the Terms, nor did Meyer unambiguously manifest assent to them.2

The Second Circuit reversed, cutting through the weeds of numerous decisions governing contract formation in the modern landscape of “clickwrap,” “browsewrap,” and “sign-in-wrap” agreements. While the question of whether a consumer has assented to terms of an online agreement turns on the design of the user interface – such as the proximity between the link to the contract terms and the manifestation of assent, as well as the amount of visual clutter on the page – the Court viewed the precedent of online contracting through the lens of what a “reasonably prudent smartphone user” would expect when downloading and using a mobile app.

The Court recognized that smartphones are increasingly ubiquitous, with modern consumers conducting significant business through mobile apps, including shopping, online banking, and health management. A reasonable smartphone user engaged in such e-commerce understands that by downloading apps and creating accounts, they are entering into contracts. Explicitly applying, for the first time, the standard of a “reasonably prudent smartphone user,” the Court held that, as a matter of California law, the design of the registration page on Uber’s mobile app provided “reasonable notice” to a smartphone user that he or she was entering into a contract, and that by clicking the “Register” button, Meyer unambiguously assented to Uber’s Terms.

The Second Circuit’s ruling clarifies the standards for mobile contract formation and provides companies with important guidance for designing user interfaces that will support the enforceability of internet or app-based consumer contracts. The ruling does not, however, mean that businesses no longer have to worry about the validity of the contracts their customers execute through online or mobile applications. Consumers are not automatically on notice that they are entering into a contract merely because they have downloaded and used a smartphone application or completed an online transaction. The terms and conditions still must be conspicuous, and it must be clear when and how consumers assent to them.  But the Second Circuit's opinion recognized that the conspicuousness of the terms and the sufficiency of assent should be analyzed from the perspective of a reasonable person who engages in mobile contracting – someone, in other words, who would understand the import of hyperlinks and other common indicia of contract formation in the e-commerce era.

Now is a good time for businesses to review their online and mobile contracting practices. Make sure that your terms and conditions are highly visible on an uncluttered page or screen. Also make sure that users are required to affirmatively indicate their assent to the terms, either by clicking a button or checking a box, before engaging in any of the activities you intend to have governed by the contract. For mobile phone applications, the terms (or a link to them), along with a way to indicate assent, should be the only things displayed on the screen at the time of contract formation. Finally, while not necessarily required, requiring users to actually scroll through all the terms, and affirmatively indicate that they have read them and agree to them, goes a long way towards ensuring that users are on clear notice of the terms and have objectively assented to them.

For further information or guidance regarding the validity and enforceability of your mobile contracts, contact Timothy Crudo at or Rees Morgan at

1 Meyer v. Kalanick, Nos. 16-2750-cv, 16-2752-cv (2nd Cir. Aug. 17, 2017).

2 Meyer v. Kalanick, 200 F. Supp. 3d 408 (S.D.N.Y. 2016).

+ More

Authored by Seth Pardee

The California Supreme Court has just granted broad authority to counties and cities to impose documentary transfer tax (“DTT”) on certain transfers of interests in legal entities. Before June 29, 2017, tax practitioners’ prevailing view was that documentary transfer tax generally could not be imposed on transfers of interests in legal entities. There were two exceptions. First, for transfers of partnership interests that caused a partnership to terminate for tax purposes. Second, for charter cities that were permitted to enact their own DTT ordinances and had, in fact, enacted broader DTT rules. No more. On June 29, the California Supreme Court decided in 926 North Ardmore Avenue, LLC v. County of Los Angeles1 that all California counties and cities may impose DTT on certain transfers of interests in legal entities.

California Revenue and Taxation Code Section 11911 allows a county or city to impose DTT on “each deed, instrument, or writing” by which real property “shall be granted assigned, transferred, or otherwise conveyed.” The statute’s language does not appear to permit DTT to be imposed on transfers of legal entity interests, such as stock, partnership interests, or LLC membership interests. Charter cities, however, are permitted to enact their own DTT ordinances, some of which have imposed DTT more broadly. For example, a San Francisco ordinance permits DTT to be imposed any time that a transfer of ownership interests in a real property owning legal entity would be treated as a change in ownership of real property under California Revenue and Taxation Code Section 64.

926 North Ardmore involved an attempt by the Los Angeles County Recorder to impose DTT on a transfer of partnership interests that gave rise to a change in ownership of the real property that the partnership owned indirectly through a lower-tier entity. Los Angeles County had not enacted an ordinance specifically imposing DTT on such transfers. The taxpayer, 926 North Ardmore Avenue, LLC, challenged this attempt. The California Supreme Court found for Los Angeles County. It ruled that despite the lack of any specific statutory authorization, California counties and cities can impose DTT on transfers of legal entity interests that give rise to a “change in ownership” of real property held by such legal entities under California Revenue and Tax Code Section 64(c) or (d). That is, DTT can be imposed even if the government entity imposing DTT is not a charter city that has enacted an ordinance allowing for DTT imposition in that situation. This is a sea change in the DTT world and contrary to what practitioners had widely believed was the state of the law.

California Revenue and Taxation Code Subsections 64(c) and 64(d) provide that real property held by a legal entity undergoes a change in ownership in two distinct situations. Under Subsection (c) and related property tax rules, a change in ownership occurs when any person or entity acquires control of a legal entity. Specifically, this occurs when a person or entity comes to own more than 50 percent of the voting stock of a corporation or more than 50 percent of both the capital and profits interests of a partnership or LLC. This ownership threshold can be met through direct ownership of the interests or indirect ownership through upper-tier entities. Under Subsection (d), a change in ownership of real property held by a legal entity occurs when: (1) persons or entities have contributed real property to a legal entity, (2) the transfer was exempt from reassessment under the so-called proportional ownership exception, and (3) the original contributors then, collectively, cumulatively transfer more than 50 percent of the total interests in the legal entity. In the case of a corporation, the 50 percent threshold is met when more than 50 percent of the corporation’s voting stock is transferred. In the case of a partnership or LLC, the 50 percent threshold is met when more than 50 percent of the profits interests and capital interests in the partnership or LLC are transferred.

Consequently, taxpayers must now carefully consider with their tax advisers whether any transfers of legal entity interests could cause a change of control of a legal entity that holds real property or a could cause them to exceed the 50 percent thresholds described in Subsection 64(d). Before 926 North Ardmore, the prevailing view was that these concerns only needed to be addressed in charter cities with ordinances specifically allowing DTT to be imposed in these situations. After 926 North Ardmore, these are statewide concerns. Given that DTT rates of tax can be substantial in some jurisdictions, for example up to 3 percent in San Francisco, we encourage tax payers to seek the advice of counsel when transferring interests in any legal entity that owns real property, whether directly or indirectly through a lower-tier entity.

For additional information, contact Jeffry Bernstein at or Seth Pardee at

1. Cal. S. Ct. No. S222329.

+ More

Authored by Scott Hall

Pursuant to a settlement agreement with the Attorneys General of nearly all 50 states1, Target Corporation will pay $18.5 million to settle claims brought by the state Attorneys General arising from the November 2013 data breach – involving the credit or debit card information of approximately 40 million Target customers – caused by cyberattacks on Target's network.

The settlement is the latest in a string of settlement payments made by Target as a result of the breach, which includes payments of over $100 million to banks and credit/debit card companies for fraudulent charges and other damages, as well as a $10 million payment to settle a civil class action brought by affected customers.  In total, Target reports that, to date, the cost of the data breach has exceeded $200 million.2   

Notably, the settlement agreement with the Attorneys General goes beyond mere payment of monetary penalties.  It requires Target to take specific steps to ensure implementation of a comprehensive information security program aimed at avoiding future breaches.  The settlement agreement requires Target to implement this new security program within 180 days of the effective date of the agreement, and mandates that Target, among other things: (1) maintain a written policy that adequately addresses the administrative, technical and physical safeguards for personal information maintained by Target, taking into account Target's size, the nature of its operations, and the sensitivity of personal information maintained by it; (2) employ an executive or officer with an appropriate background or experience to implement and maintain the program; and (3) maintain encryption protocols and related policies reasonably designed to protect personal information.  Target is also required to separate its customer credit and debit card data from the rest of its computer network and to test for, and correct, vulnerabilities in its computer network.3   

Within one year of the settlement, Target must obtain a third-party "information security assessment" to review and report on the implementation of the new information security program.  The Attorneys General have the right to initiate a proceeding for any failure to comply with the provisions of the settlement agreement, as well as for any other failure to comply with applicable data security laws.  In other words, Target's implementation of these data security policies and procedures will be under a regulatory microscope for the near future.

The moral of the story for other companies, as made clear in a statement by Connecticut Attorney General George Jepsen, is that "Companies across sectors should be taking their data security policies and procedures seriously.  Not doing so potentially exposes sensitive client and consumer information to hackers."4  This is true even for companies that do not face the significant exposure of a large retailer like Target.  Regardless of company size or industry, the settlement sends a message that companies must either implement reasonable and adequate data security safeguards, or risk a breach that could result in government implementation and oversight of a much more rigorous and burdensome program.

In sum, this is reminder that now is a good time for all companies to review their data security policies and programs, data breach response protocols, and compliance with applicable consumer protection and data security laws, to ensure that they do not become the next example of what not to do.

1.Alabama, Wyoming and Wisconsin are not parties to the settlement.  A copy of the settlement agreement is available at:

2.See "Target in $18.5 million multi-state settlement over data breach" (Reuters May 24, 2017), available at:

3.Certain of the specific data security requirements expire after five years (Settlement Agreement ¶ 32.)


+ More

Authored by Timothy Crudo and Andrew Schalkwyk

Originally published in ABTL Northern California Report, Volume 25, No. 2, Spring 2017. Republished with permission. 

It is an age-old principle of corporate law: corporations can act only through their agents. Ensley v. City of Nashville, 61 Tenn. 144, 146 (1872) (“Corporations can only act through their agents, and must be held accountable for their acts, otherwise citizens may be ruined through irresponsible citizens.”)  Companies therefore are generally liable, both civilly and criminally, for the conduct of agents acting on their behalf.  But what about their thoughts?  Do corporations think only through their agents, or do they have a mind of their own?  The answer is more than a philosophical one, and it can have real consequences, as shown by two recent federal criminal trials in the Northern District of California.

In the olden days, it was accepted under the common law that “a corporation cannot commit treason, or felony, or other crime, in its corporate capacity: though its members may, in their distinct individual capacities.” 1 BLACKSTONE, COMMENTARIES ON THE LAWS OF ENGLAND 464 (1765).  The modern view is quite different, and criminal prosecutions of corporations have been widely accepted for more than a century.  In the seminal case, N.Y. Central & H.R.R. Co. v. United States, 212 U.S. 481, 492–93 (1909), the railroad argued that as a corporation it could not be held liable for payments of illegal rebates.  The Supreme Court rejected the argument, quoting a contemporary treatise: “[s]ince a corporation acts by its officers and agents, their purposes, motives, and intent are just as much those of the corporation as are the things done. If, for example, the invisible, intangible essence or air which we term a corporation can level mountains, fill up valleys, lay down iron tracks, and run railroad cars on them, it can intend to do it, and can act therein as well viciously as virtuously.”  At least for offenses where the crime consisted in purposely doing the thing prohibited (in N.Y. Central it was paying a rebate), the Supreme Court saw “no good reason why corporations may not be held responsible for and charged with the knowledge and purposes of their agents.” 

But corporations often act through the acts of a combination of employees.  What  happens where no individual agent has the knowledge or intent necessary to be held criminally responsible for the corporation’s act – can the corporation still be legally culpable?  More recently, courts have considered the aggregation of individual employees’ knowledge in evaluating corporate knowledge.  This doctrine of “corporate collective knowledge” traces back primarily to the First Circuit’s decision in United States v. Bank of New England, 821 F.2d 844 (1st Cir. 1987).  In that criminal case, which involved alleged violations of the Currency Transaction Reporting Act by the Bank of New England, the government had to prove that the bank had acted “willfully.”  Proof of willfulness required evidence that the bank had “knowledge” of the reporting requirement and, separately, the “specific intent” to commit the crime.  On the issue of knowledge, the court applied the “collective knowledge” doctrine and determined that the bank knew everything that all of its employees knew, even if no single agent had sufficient knowledge to meet the elements of the offense: “So, if Employee A knows one facet of the currency reporting requirement, B knows another facet of it, and C a third facet of it, the bank knows them all.”  Id. at 855.  The court determined that the specific intent element could be satisfied either through the willful failure of a bank employee to file the necessary reports or through the bank’s own “flagrant indifference” to its reporting obligations.  Id. at 857.

Since Bank of New England, courts have applied the collective knowledge doctrine to determine what a corporation knew.  But few have applied that doctrine to determine what a corporation intended, and there has been little discussion of whether specific wrongful intent of a corporation can be found without the prosecution identifying a particular individual who had such intent.  The idea raises some profound philosophical problems.  If, as N.Y. Central and many later cases have held, the actions, motives, and intent of an individual can be attributed to a corporation for purposes of criminal culpability, what evidence is needed to prove that the corporation itself had such intent even if no individual employee did? 

As the First Circuit observed in the language above taken from Bank of New England, knowledge can exist in discrete portions.  It can be measured, combined, and added to.  Although the corporate collective knowledge doctrine has been criticized (See e.g. Thomas A. Hagemann & Joseph Grinstein, The Mythology of Aggregate Corporate Knowledge: a Deconstruction, 65 GEO.WASH L. REV. 210, 226-36 (1997)), there is some logic to the idea that employees’ knowledge can be “collected” and attributed as a whole to the corporation.

But can intent be similarly combined and accumulated?  Whereas sufficient knowledge is primarily a question of quantity, sufficient intent is a question of quality. If a specific intent is required for finding culpability of a specific intent crime, can the otherwise innocent intent of individuals be combined to create a collective intent that is of a distinctly different – i.e., guilty -- character?  In other words, can the corporation be deemed to have the necessary criminal intent if none of its agents does? 

There is scant law on the question, itself perhaps a clue to the answer.  One case that did address the question of corporate willfulness is United States v. T.I.M.E.- D.C., Inc., 381 F. Supp. 730 (W.D. Va. 1974), which upheld a criminal conviction that a trucking company knowingly and willfully violated federal regulations concerning driver safety.  The court held that because the corporation knew, under the collective knowledge doctrine, that it was not complying with its duties under the regulations and declined to act on that knowledge, there was sufficient evidence to find that it had thereby acted willfully, a holding consistent with the later result in Bank of New England.

But other cases have noted the problem with attributing intent to a corporation absent an individual wrongdoer who harbors the required state of mind. In Saba v. Compagnie National Air Fr., 78 F. 3d 664, 670 n. 6 (D.C. Cir. 1996), the court cited Bank of New England for the proposition that while knowledge of facts by employees could be attributed to the corporation, “the proscribed intent (willfulness) depended on the wrongful intent of specific employees.”  See also, e.g., First Equity Corp. v. Standard & Poor’s Corp., 690 F. Supp. 256, 260 (S.D.N.Y. 1988) (“A corporation can be held to have a particular state of mind only when that state of mind is possessed by a single individual.”); Gutter v. E.I. Dupont De Nemours, 124 F. Supp. 2d 1291, 1311 (S.D. Fla. 2000) (“The knowledge necessary to form the requisite fraudulent intent must be possessed by at least one agent and cannot be inferred and imputed to a corporation based on disconnected facts known by different agents.”) 

Even T.I.M.E. itself has been cited for the idea that, unlike knowledge, “specific intent cannot be similarly aggregated [and therefore] there must be evidence from which a jury could reasonably determine that at least one agent of LBS had the specific intent to join the conspiracy to defraud the government.”  United States v. LBS Bank-New York, Inc., 757 F. Supp. 496, 501 n. 7 (E.D. Pa. 1990).  In one case decided shortly before Bank of New England the court, in a bench trial, was required to determine whether the defendant corporation intended to commit mail fraud.  Citing T.I.M.E., the court determined that to find the defendant liable “for fraud, I must find that a[n] employee had the specific intent required” by the statute.” Louisiana Power and Light Co. v. United Gas Pipe Line Co., 642 F. Supp. 781 (E.D. La. 1986).  (That said, the court found the company had committed fraud based on the fact that the corporation was “blind[] to obvious truths” and so violated the mail fraud statute, without identifying, or even discussing, an individual employee’s specific intent.)  Similarly, in State v. Zeta Chi Fraternity, 696 A.2d 530 (N.H. 1997), the New Hampshire Supreme Court cited to T.I.M.E. in upholding the conviction of a college fraternity, finding that there was sufficient evidence that fraternity members were aware of the facts surrounding underage drinking.  Because the fraternity’s “mental state depend[ed] on the knowledge of its agents,” the fraternity could be said to have acted recklessly in conscious disregarded of the risks involved.  Id., at 535.

Fast forward to 2016, when simultaneous corporate criminal trials were unfolding in the Northern District of California against PG&E (Case No. 3:14-cr-00175) and FedEx (Case No. 14-cr-00380).  PG&E was accused primarily of violating the Pipeline Safety Act.  FedEx was accused of conspiring with online pharmacies to deliver illegal prescriptions.  No individuals were prosecuted in either case.  The corporations alone stood trial. 

Both corporate defendants argued that when prosecuting a corporation for a specific intent crime the government must prove that at least one individual acting on behalf of the corporation had the sufficient intent necessary for conviction.  Both lost on the issue.  In PG&E, the court brushed aside concerns raised with the collective knowledge doctrine, focusing instead on collective intent.  The court ultimately followed T.I.M.E., noting the similarity in the regulatory violations at issue in both cases.  The Court held that because PG&E had an affirmative legal duty to follow safety regulations (such as the Pipeline Safety Act) and “where the knowledge of the corporation’s employees demonstrates a failure to discharge that duty, the corporation can be said to have ‘willfully’ disregarded that duty.”  PG&E, 2015 WL 9460313 at *5.  In FedEx, the court cited to the PG&E order and, without further discussion, held that FedEx had “failed to identify controlling authority that calls into doubt any instructions on ‘collective knowledge’ or ‘collective intent.’”  United States v. FedEx, No. C14-00380 CRB, slip op. at 2 (N.D. Cal. Apr. 18, 2016). 

The result in FedEx was perhaps more surprising, given that the charges there involved a conspiracy to distribute illicit drugs rather than the type of regulatory and/or reporting violation at issue in PG&E, T.I.M.E., and Bank of New England.  PG&E was accused of not fulfilling affirmative regulatory obligations imposed by law, and distilling corporate intent from collective knowledge in such cases is perhaps not that big a jump from already accepted concepts of “reckless disregard” or willful blindness.  (The nature of the charged crimes in PG&E was crucial in the court’s decision on the collective intent instruction.)  FedEx, on the other hand, was accused of agreeing to commit affirmative acts with the knowledge and intent to achieve an unlawful result, the first time that the collective intent doctrine had ever been applied in a criminal prosecution to a non-regulatory offense.

To be fair to the FedEx trial court, the case resolved before it was required to rule on the final instruction for corporate intent, and perhaps it would have ruled differently.  (Its prior ruling on collective intent occurred during pretrial skirmishing.)  We will see whether the rulings in PG&E and FedEx embolden prosecutors to pursue criminal charges against corporate defendants in the absence of at least one culpable individual.  Criminal prosecutions against corporations are rare enough, especially when no individual is prosecuted as well, and even with the favorable rulings on collective intent the ultimate result in PG&E and FedEx may cause prosecutors to think twice before prosecuting a corporation standing alone.

+ More