Appellate Court Provides Some Clarity To Contractors On Home Improvement Act Exemption

Posted on July 30, 2009 by N. Kane Bennett

Connecticut's Home Improvement Act requires contractors performing home improvement services to register and to comply with it provisions concerning contracts with homeowners. The Act has a series of requirements for contracts as follows:

  • Contract must be in writing;
  • Contract must include the contractors registration number;
  • Contract must include four dates: date of signing, date work will begin, date of completion, and date by which the homeowner may cancel the contract; and
  • Contract must contain specific notice provision of the homeowner's right to cancel the contract within three business days after signing.

If a contractor fails to comply with these contractual requirements, the contractor risks non-payment by the homeowner.  If a homeowner refuses to pay, the contractor likely will not be able to recover payment with a lawsuit in court absent some showing that the homeowner acted in bad faith.  This can bring about a harsh and inequitable result in some cases.   

In Drain Doctor, Inc. v . Jason Lyman, the Appellate Court recently had to consider the potential harsh consequences of failing to comply with the Home Improvement Act.  The contractor at issue in the case had to perform plumbing work below the surface of the home and driveway in order to make the home habitable.  The contract was oral.

The contractor repaired a sewer a line under the home and a storm drain under the driveway.  The contractor finished the job and then restored the driveway and grass.  The homeowner refused to pay.  The contractor brought a lawsuit, but had it stricken by the trial court because the homeowner alleged that the oral contract did not comply with the Home Improvement Act.

The contractor was a licensed plumber and tried to rely on the exemption in the Home Improvement Act at Connecticut General Statutes 20-248.  The exemption provides that the Act does not apply to:

any person holding a current professional or occupational license issued pursuant to the general statutes, and any person registered pursuant to sections 25-126 to 25-137, inclusive, provided such person engages only in that work for which such person is licensed or registered.
 

The trial court found that the work on the driveway and lawn was outside the scope of the work for licensed plumbers and the exemption did not apply.  This ruling produced a potentially unfair result.  The contractor did the work requested.  The only apparent reason for non-payment was the homeowner's technical reliance on the Home Improvement Act requirements for contracts.  

The Appellate Court overruled the trial court and found that the driveway and grass work was "ancillary" to the work for licensed plumbers.  The Appellate Court looked at the licensing statute to determine the different types of work that plumbers engage in, and then determined that the driveway and lawn restoration was incidental to work directly listed for licensed plumbers.  Therefore, the licensed plumber did not have to comply with the Home Improvement Act.

Although the Drain Doctor decision provides some clarity for contractors on when they need to comply with the Home Improvement Act,  questions will continue as to the scope of the exemption and "ancillary" work.  What should contractors do when faced with a similar situation?  Here are a few tips:

1.  Determine the scope of each project you are estimating.

2.  Consult the licensing provisions for your trade, whether it be electrical, plumbing, heating and cooling, or other trade.  The licensing statute defines the scope of work for the particular trade.  For example, plumbing and piping work is listed and defined here.  If  the work is listed in the definition, and you hold that license, then you likely will not have to comply with the contractual provisions of the Home Improvement Act.

3.  If the scope of the project is outside of the definitions of work for the particular license, you must then consider whether the work is "ancillary" to work that is listed in the definition.  If it is clearly outside the scope of work defined for the license, a contractor should seek to comply with the Home Improvement Act. 

A good starting point for a "how to" on complying with the Home Improvement Act is the Department of Consumer Protection's handbook and guide for contractors. When in doubt, a contractor should consider complying with the Act.  If not, the contractor risks not getting paid even if the work was done properly.

Tags: , , , , , ,

Large Fines Serve As Reminder To Out-Of-State Companies: Register To Do Business In Connecticut

Posted on July 26, 2009 by N. Kane Bennett

Secretary of State, Susan Bysiewicz, has fined an affiliate of Deloitte Touche Tohmatsu approximately $22,000 in the past year for failing to register to do business in Connecticut.  The fines were reported on by Lynn Doan of The Hartford Courant and also picked up  by Alexander Soule in the Fairfield County Business Journal.  Deloitte's unit is one of the larger employers in Fairfield County, but as an out-of-state company it apparently failed to register to do business in Connecticut for more than 10 years.  The fine to Deloitte's unit was the biggest this year.

The State's authority to issue the fines arise from Connecticut General Statutes section 33-921concerning foreign corporations. Attorney General Blumenthal issued a press announcement that the State collected more than 1.2 million in fines during fiscal year 2009 pursuant to this statute.  The statute provides for penalties if a foreign corporation fails to register to do business in Connecticut.  The statute provides that the foreign corporation must pay:

(1) all fees and taxes which would have been imposed . . .had it . . . received such certificate of authority to transact business . . . and (2) all interest and penalties . . .. A foreign corporation is further liable to this state, for each month or part thereof during which it transacted business without a certificate of authority, in an amount equal to one hundred sixty-five dollars . . . Such fees and penalties may be levied by the Secretary of the State.

Although the fines might seem significant enough to act as a deterrent, and are set to increase this October, the statute also prohibits a foreign company from "maintain[ing] a proceeding in any court" in the state until it obtains a certificate of authority.  This means that a foreign company cannot successfully maintain a lawsuit if it fails to obtain a certificate of authority.  

The lack of a certificate will give a foreign corporation's opponent a special defense to a lawsuit.  However, there is some authority that suggests the company may cure the defect.  Additionally, the defense is waivable if not raised in a timely manner.   

As a practical matter, the requirement to register is helpful to business litigants.  When a foreign company registers, an agent in state is appointed to accept service of legal papers for a lawsuit.   The requirement to register also places the same burdens on out-of-state businesses as in-state businesses.

The fines further serves as a reminder to both plaintiffs and defendants in business litigation in Connecticut.  If you are a foreign corporation, you must register to do business in Connecticut before bringing a lawsuit.  If you are a defendant in business litigation, you must check to see if your opponent has obtained a certificate and raise it as a special defense or risk waiving it.

Tags: , , , , ,

Insurance Might Be An Option for Data Loss Lawsuits Alleging Negligence Against Businesses

Posted on July 21, 2009 by N. Kane Bennett

Every business in Connecticut, big or small, faces significant financial consequences for data loss or a breach of security.  As I noted in a business tips post on this blog, implementing a strong data loss and privacy policy is critical for preventing a loss or mitigating its effects and damages.  Of course, once you have a policy or procedure in place, your business could face a lawsuit for negligence for violation of these same policies and procedures.   To add extra protection against the devastating costs of data loss or a security breach, businesses should also consider insurance coverage.

Lawsuits over data loss and security breaches are becoming more common.  Obtaining insurance to cover losses from data loss can potentially save your business.  Business litigation attorneys bringing lawsuits over data losses often include negligence as one of the grounds or theories of recovery in these cases.  Take for example, the recent class action lawsuit for data loss filed against Aetna in Federal Court in Pennsylvania.  The lead theory of recovery in the complaint against Aetna is negligence.   

There may be many reasons why attorneys pursue negligence as a theory of recovery in these security and privacy cases.  However, pursuing a negligence theory increases the possibility of triggering the breaching company's insurance coverage for data loss, if the company has a policy.  If a business has insurance coverage that applies to the allegations in the complaint, the insurance company typically will also provide a legal defense to the claim.   Legal costs alone could be enough to sink a business, let alone the damages.   

When considering the cost of a data loss insurance policy, a business owner should likewise consider the cost to the business of a data breach.  How can you estimate the cost?  One way to estimate the cost is to use a data loss calculator.  You might also estimate your data loss costs by referencing this 2009 Ponemon Institute benchmark study estimating costs at $202 per page and rising. 

The price of an insurance policy may be cost effective when you consider the potential devastating financial impact of a major data loss or security breach.  In addition, if a business has a strong data loss policy and procedure in place, the cost of insurance should be lower.   Although cyber liability insurance has been available for over ten years, more of these insurance policies are being offered at better prices today.  Here are some links to major insurance companies offering insurance policies for data loss, cyber liability, and technology errors. 

Technology 404 by Darwin.

CyberChoice by The Hartford

 CyberSecurity by Chubb

ACE DigitTech

OneBeacon @vantage

 

Tags: , , , , , , , , , ,

Technology Tips For Connecticut Businesses To Avoid Litigation

Posted on July 9, 2009 by N. Kane Bennett

As part of this Blog, I am going to regularly post technology tips for any Connecticut business to manage risks and avoid lawsuits. These tips will be based on a presentation I did for the Hartford Business Journal's Etechnology Summit concerning technology bombs that can sink a business.

Here's todays tip for Connecticut businesses to avoid financial loss as a result of datal loss and security breaches.

Implement a Data Loss Policy and Solution

Any business that stores third party information or personal indentifiers (credit card information, social security numbers) on its computer systems faces potential exposure under a host of privacy laws.  For a good resource on privacy laws go to the Privacy Law Blog by Proskauer Rose LLP.  For an example of a new privacy law in Connecticut, consider the"Act Concerning the Confidentiality of Social Security Numbers."  Connecticut's Unfair Trade Practices Act could also be implicated in a data loss case.

Data loss or a security breach can cause a huge financial problem, bad public realtions, and signficant down time.  Consider the recent case of TJX reported on by Sheri Qaulters for the National Law Journal.  Discount retailer TJX had a data breach involving exposure of 45 million credit and debit cards.   TJX entered into various settlements including payment of $9.75 million to 41 states; $30 to every consumer who used a credit or debit card; and an undisclosed settlement with three banks. Ouch.

TJX is an extreme example, but data loss can sink a small to medium sized business.  How can a business mimize its exposure to lawsuits from data loss or security breach?

Implement a data loss policy and solution for your business.   There is no one size fits all policy and solution and every business will have different needs.  If you already have a policy, you should have it reviewed regularly for changes in the law.  If you do not have a policy in place, you need to start somewhere.  For "do it yourselfers" there is the Federal Trade Commision's Guide for Business and Protecting Personal Information.  The FTC's guide is a 5 step plan from identifying your risk exposure to implementing procedures. 

 In addition  to implementing policies, any business with a significant risk exposure for data loss (i.e. medical practice, retailers, e commerce) should consider purchasing a cyber liability insurance policy.  These policies are now more afforadable and many insurers such as The Hartford are now actively underwriting polices to cover first and third party data loss claims and providing ongoing resources and information.  

The bottom line is, a business cannot afford to take the risk of ignoring data loss and security breach exposure.  Do not wait for the first breach or lawsuit. 

Tags: , , , , , , , , , ,

Social Networking Lawsuits Are Big Risk to Business

Posted on July 6, 2009 by N. Kane Bennett

I just read an excellent article posted on Law.com from the New York Law Journal on social networking and challenges to business owners and their legal counsel.  The authors Christopher Boehning and Daniel Toal focus on a new emerging problems associated with electronic discovery of social networking data.  The authors also point out many of the potential problems for employers and businesses related to social networking sites.

When Facebook started exploding in popularity, you could see that the future in communication was social networking.  Boehning and Toal cite to a New York Times articles that indicates the future is now upon us as more people spend time on social networking sites than e-mailing.  The authors correctly point out something I emphasize to all my business clients:  businesses need to have a policy on how to handle social networking sites like Facebook, MySpace, LinkedIn and Twitter.  The policy should cover the business' use of such sites and use by employees.  Policies on preservation of the data should also be included as social networking data is akin to the new email.

Lawsuits involving some aspect of social networking sites are increasing in frequency from across the country. Take for example the recent jury verdict in New Jersey against Hillstone Restaurant for violation of the Federal Stored Communications Act. 

In that case, the employers accessed an employee MySpace group that was dedicated to criticizing the employer.  Although the verdict amount was relatively small, the implications are far reaching.  This case was reported on by Charles Toutant in the New Jersey Law Journal.  The employees' trial brief is a good read and spells out some of the arguments in favor of employees' rights to privacy with social networking sites. 

The outcome in the New Jersey case may have been different if the restaurant had a policy addressing use and access to social networking sites.  Businesses will have different concerns when it comes to adopting a policy, and no policy will cover every situation.  However, the lack of any policy at all is likely to lead to problems and potential litigation.  The best way to avoid litigation is to implement a written policy on use and access to social networking sites.  

Tags: , , , , , , ,