The “Time Of Application” Rule Will Not Protect Developers Who Submit Incomplete Applications.

Carl A. Rizzo | Cole Schotz | August 28, 2018

Developers often employ the “time of application” rule (“TOA Rule”) to avoid having to comply with certain legal requirements enacted after an application has been submitted to a local planning or zoning board.  More specifically, the TOA Rule provides that “notwithstanding any provision of law to the contrary, those development regulations which are in effect on the date of submission of an application for development shall govern the review of that application….”  SeeN.J.S.A. 40:55D-10.5 (emphasis added).  Notwithstanding this statutory provision, developers must still comply with any new laws that specifically relate to health and public safety.

The TOA Rule replaced the “time of decision” rule, which allowed municipalities to apply new or amended ordinances to pending development applications.  As a result, applicants were often compelled to incur significant costs and delays associated with altering their applications in an effort to meet the new legal requirements.  The TOA Rule only applies, however, once a development application has been “submitted” to a municipality.  Until that time, a developer remains responsible for complying with all legal requirements regardless of when they took effect.

While the term “submission” is not expressly defined under the statute, the New Jersey Supreme Court squarely addressed the issue in Dunbar Homes, Inc. v. Zoning Board of Adjustment of Franklin Township, 233 N.J. 546 (2018).  In Dunbar Homes, the developer filed an application to construct 55 garden apartments on a site where garden apartments were considered a permitted conditional use.  The next day, the Township enacted an ordinance that prohibited garden apartments in the zone where the site was located. The zoning official subsequently determined that the developer had not submitted all documents required by the zoning board’s development application checklist.  The developer was then notified that the TOA Rule was inapplicable and that it would need to file a new application with the zoning board seeking a “use” variance pursuant to the more stringent standards implicated by N.J.S.A. 40:55D-70(d)(1).

The zoning board sided with the zoning official and the developer appealed to the Law Division.  The Law Division judge disagreed and concluded that the application was deemed “submitted” because it provided the board with “sufficient information to begin its review” and, therefore, the TOA Rule applied.  The Township appealed and the Appellate Division reversed that decision after finding that the relevant statute defining the term “application for development” included all documents prescribed by the board’s checklist for development.  Applying this bright-line rule, the Appellate Division concluded that the failure to submit even one of the items on the board’s checklist precluded application of the TOA rule.  The Supreme Court ultimately agreed with the Appellate Division, noting that N.J.S.A. 40:55D-3 expressly defined an “application for development” to include:  “the application form and all accompanying documents required by ordinance.”  Because it was undisputed that the developer failed to submit all required documentation and neither sought nor obtained a waiver regarding any requirements, the Court found that the application was never submitted and the TOA Rule did not apply.

Accordingly, developers must be certain to submit all documents identified in the municipal development application checklist or seek and obtain a waiver.  Only by vigorously complying with the requirements of the municipal checklist can a developer expect to avail itself of the protections afforded by the TOA Rule.

Ten Things Attorneys and Insurance Professionals Should Know About Using Drones in Insurance Claims

Justin Fine, Esq. | Pessin Katz Law | August 29, 2018

The commercial application of drones is increasing. Drones are being used to fight forest fires, for commercial agriculture, and to deliver medical supplies to remote areas.

Insurance companies are also increasingly using drones, which can be useful for capturing evidence during the claims process. However, there are plenty of pitfalls in using drones, including the admissibility of evidence during litigation. Further, the legal landscape for drones is changing all the time. The States and the Federal Aviation Administration (“FAA”) are rapidly issuing new laws and regulations.

In the likely event that you come across the use of a drone in an insurance claim, here are ten things to consider in order to anticipate and respond to potential issues.

  1. Drones are helpful for investigating accidents, mapping debris fields, and preserving evidence at the scene of a loss because of their ability to capture images from a birds-eye-view that are not readily visible from the ground.
  2. Drones can carry more than just cameras. They also carry sensors to measure distance, heat, radiation, sound, and light.
  3. Drones can be easily deployed in the field. Modern drones are compact enough that they can fit into a camera bag.
  4. Both personal and commercial drone use are regulated by the FAA.
  5. Evidence obtained from drones used in violation of FAA rules and regulations may not be admissible in court.
  6. Several states, including Maryland, Texas, Delaware, California, and Florida, have specific laws about the use and admissibility of evidence obtained by drones.
  7. When evaluating the admissibility of evidence, consider that there are greater restrictions on the commercial use of drones, including the regulations set out in 14 C.F.R. § 107 et seq.
  8. Even the incidental use of a drone for a commercial purpose, such as inspecting the roof of a business, can be subject to the commercial drone-use regulations.
  9. Some restrictions to keep in mind when considering the admissibility of evidence obtained from a drone is that drones cannot fly over people (including sporting events), must fly below 400 feet, cannot fly in restricted airspace, and must remain within the sight of the pilot.
  10. Additionally, commercial drone pilots must be licensed, although personal drone pilots generally do not have to be.

Oregon Anti-Indemnity Statute Voids Sub-sub’s Duty to Indemnify Sub for the Sub’s Own Negligence

Amandeep S. Kahlon | Buildsmart | August 7, 2018

The Ninth Circuit Court of Appeals recently upheld the application of Oregon’s anti-indemnity statute to a contractual indemnity provision requiring a sub-subcontractor’s insurer to indemnify the subcontractor for the subcontractor’s own negligence. In First Mercury Insurance Company v. Westchester Surplus Lines Insurance Company, Multnomah County contracted with a general contractor for the renovation of a bridge. The general contractor hired a subcontractor to furnish materials including reinforced decking. The subcontractor, in turn, contracted with a sub-subcontractor to manufacture the decking material. The sub-subcontract required the sub-subcontractor to indemnify the subcontractor for the subcontractor’s own negligence in causing damage to a third party—in this instance, the County.

After the project was completed, several defects in the bridge were discovered, including cracks in the decking. When the County sued, the subcontractor was found to have been negligent and partially liable for the defects and resulting damage to the County. The subcontractor claimed indemnity from the sub-subcontractor per the terms of the sub-subcontract, but the trial court refused to enforce the indemnity provision because it was void under Or. Rev. Stat. § 30.140(1). The relevant portion of the statute provides that any provision in a construction agreement that requires a company or its insurer/surety to indemnify another against liability for damage to property caused in whole or in part by the negligence of the indemnitee is void. Citing the plain language of the statute, the Ninth Circuit affirmed the trial court’s judgment denying indemnity.

The Ninth Circuit opinion serves as an important reminder of the variety of anti-indemnity provisions across the nation. Many states take Oregon’s approach and restrict the scope of indemnity provisions to cover only the negligence of the indemnitor and not the negligence of the indemnitee. Other states have more lenient anti-indemnity statutes or no anti-indemnity provision at all. Still others take a harsher approach than Oregon and impose stricter limitations in their anti-indemnity laws and may even have different laws for different industries.

When negotiating agreements for work outside your company’s traditional footprint, consider whether the state where the project is located has an anti-indemnity statute and how it is applied. Indemnity provisions in construction contracts can be exceptionally consequential in terms of allocating risk between parties, so it is essential to understand how such provisions will be applied and enforced in any particular state before executing an agreement and moving forward with a project in that state.

The Internet of Things: Are Government Regulation Efforts Too Little, Too Late?

Gwenn B. Barney | The Legal Intelligencer | July 20, 2018

Almost 20 years have passed since technology pioneer Kevin Ashton first coined the phrase Internet of Things (IoT) in a 1999 presentation for Procter & Gamble (Kevin Ashton, “Beginning the Internet of Things,” Medium (March 18, 2016). The Internet of Things consists of physical items that collect information through sensors or chips and then share that information with other devices through the Internet or other networks. Since the introduction of the term, the growing network of these connected devices (expected to reach 30 billion devices by 2020) has created tremendous possibilities. Today, we have phones that provide limitless information at our fingertips, health care devices that can instantly share a patient’s vital statistics to save precious response time, and we are on the cusp of self-driving cars that promise mitigation, if not elimination, of human driving error. Yet, each device added to the internet creates opportunity for a malicious attack or hacking.

The state of IoT regulation is patchwork at best. Although most applicable federal regulations are enforced by the Federal Trade Commission (FTC), there are no comprehensive regulations or laws for IoT devices. The lack of clear and unambiguous standards to govern IoT security leaves IoT innovators wrestling to identify what standards should be achieved. This, in turn, can lead to security shortfalls. Congress is considering three pieces of legislation to help solve this dilemma. However, as discussed below, while each bill addresses some problems, none resolves all of the issues.

The Pending Legislation

Two of the three pending bills propose voluntary regulatory programs. The Cyber Shield Act of 2017 (S. 2020, 115 Cong. (2017)) proposes a voluntary program where manufacturers of IoT devices adhere to certain IoT security protocols and in return are given government certification that their devices are secure. This bill would task the secretary of commerce to create an advisory committee to administer the program composed of covered products industry representatives, cybersecurity experts, public interest advocates, and federal employees with expertise in certification, covered devices or cybersecurity. The certification is expected to manifest as a sticker that manufacturers can place on their device.

Another bill, the Internet of Medical Things Resilience Partnership Act of 2017 (the Medical Things Act) (H.R. 3985, 115 Cong. (2017)), would establish “a working group of public and private entities led by the Food and Drug Administration to recommend voluntary frameworks and guidelines to increase the security and resilience of Internet of Medical Things devices.”

The voluntary nature of the Cyber Shield Act and the Medical Things Act helps assuage concerns held by opponents of government IoT regulation that Congress intends to over-regulate the IoT and consequently stunt its development. The idea is that companies will participate in a voluntary program because of the consumer goodwill generated by the Cyber Shield certification or compliance with the Internet of Medical Things Act. Still, some may question the influence of a voluntary regulatory regime, putting its effectiveness in limbo. However, voluntary consensus standards are used to fill the gap of government regulation in other areas.

Both the Cyber Shield Act and Medical Things Act would bring together government agencies for the purpose of creating a comprehensive and cohesive regulatory plan for IoT device oversight. The Cyber Shield Act requires the Secretary of Commerce to consult with the Secretary of Health and Human Services, the Commissioner of Food and Drugs, the Secretary of Homeland Security and other federal agencies to carry out the program. Similarly, the Medical Things Act calls for collaboration among the Food and Drug Administration, Department of Health and Human Services, the Federal Trade Commission, the Federal Communications Commission, and the Department of Commerce. Personnel from each would serve on the committee that will create medical device standards. This multi-agency involvement would help to create uniformity and consistency in expectations for IoT cybersecurity.

Where the Cyber Shield Act and Medical Things Act fall short is in their failure to offer concrete and well thought out suggestions of specific cybersecurity mechanisms which manufacturers ought to apply. While it is necessary to bring agencies together to collaborate and agree on which standards will apply to devices across industries, experts in the field have a basic understanding of the mechanisms that will be necessary to ensure security. The third bill, the Cybersecurity Improvement Act of 2017 (S.1691, 115 Cong. (2017)), would be extremely helpful in moving the ball forward in this regulatory area, as it is the only one of the three proposed laws that presents actual solutions in the body of the law.

The Cybersecurity Improvement Act would require a vendor of IoT devices meet certain criteria before a U.S. government agency can purchase the device. The legislation requires that the IoT devices are patchable, do not contain known vulnerabilities (if the vendor does identify vulnerability, the government can issue a waiver and purchase the device if the vendor sufficiently explains why the device is secure and presents any controls that can limit the exploitation or impact of the vulnerability), rely on standard protocols, and do not contain hard-coded passwords. Agencies may ask the Office of Management and Budget (OMB), which will monitor the program, for permission to purchase devices that do not meet these standards if they can demonstrate that certain compensating controls have been employed. Agencies can employ their own equivalent, or more rigorous, device security requirements or industry can develop third-party device certification standards that provide equivalent, or more rigorous, device security requirements (as determined by NIST).

The Cybersecurity Improvement Act, though, is limited to only those companies which contract with the government. This is a narrowly cast net and still would leave most of the IoT devices distributed in the United States on a path of insufficient security and excessive vulnerability to hacking.

Another potential pitfall for the regulation of IoT is that mandatory requirements for devices will lead to the forced exodus of small manufacturers from the market as they will not have the resources to meet the required standards. All three acts introduced provide a level of flexibility to protect the interests of businesses with fewer resources than larger manufacturers. The Cyber Shield Act and Medical Things Act provide this flexibility through their voluntary nature. The Cybersecurity Improvement Act works around this dilemma by allowing the OMB to make exceptions for products that may not meet the set standards, if the agency purchasing the device can demonstrate that certain compensating controls have been employed. If the OMB creates a sufficient review process to determine what qualifies as a compensating control, this flexibility will allow for smaller manufacturers to remain suppliers to government, while also encouraging them to strive for a higher standard of cybersecurity. However, if the OMB’s review process is too lax, it could be a gaping hole preventing the law from achieving its stated purpose.

The Cyber Shield Act and Cybersecurity Improvement Act prevent against obsolescence of their standards by providing for ongoing review and adjustment of any adopted standards or regulations as the IoT evolves. Under the Cybersecurity Improvement Act, OMB will submit a report to Congress within five years on the effectiveness of guidelines and any recommendations for updates. Meanwhile, under the Cyber Shield Act, every two years the Secretary of Commerce, in consultation with the Cyber Shield advisory committee, will review the cybersecurity and data security benchmarks produced under the proposed Act, and make adjustments as necessary. The proposed laws could improve if they provided an opportunity for review every year as the IoT technological landscape shifts at light speed. While two years seems a reasonable amount of time for review, five years may be too long a wait for this fast-paced arena. Additionally, the Medical Things Act, which does not include a similar review mechanism, would benefit from adding one.

Currently, all three proposed laws are tied up in committee review and show no signs of progressing forward. However, some believe that time is of the essence to ensure that security measures are put in place for the IoT. In a 2014 draft report, the National Security Telecommunications Advisory Committee wrote that the world had “only three years—and certainly no more than five—to influence how IoT is adopted … in a way that maximizes security and minimizes risk. If the country fails to do so, it will be coping with the consequences for generations,” see The President’s National Security Telecommunications Advisory Committee, NSTAC Report to the President on the Internet of Things 2, (2014).

Examinations Under Oath: Be Careful What You Ask For

Edward Eshoo | Property Insurance Coverage Law Blog | August 4, 2018

My article published in Adjusting Today,1 Property Insurance 101: Everything You Always Wanted to Know About Examinations Under Oath – But Were Afraid to Ask!, was the subject of my blog post last month. As discussed in the article, an examination under oath (“EUO”) is not just another deposition. An insured’s counsel must be well-versed on the nature and the extent of the contractual duty to submit to an EUO and the consequence of non-compliance.

The Eleventh Circuit Court of Appeal’s recent decision in Hutchinson v. Allstate Insurance Company,2 demonstrates the harsh consequence of an insured’s refusal to answer material questions during an EUO. There, a fire destroyed the insured’s dwelling. Allstate requested the insured to submit to an EUO because it had doubts he resided at the dwelling at the time of the fire. The insured appeared for the EUO without counsel. But, before answering questions, he expressed concern about a letter he had received from Allstate in which Allstate indicated that he had not responded to communications from its attorney regarding scheduling the EUO. The insured told Allstate’s attorney that the statements in the letter were not true and asked Allstate to recant the statements. Allstate’s attorney refused to recant the statements, to which the insured responded, “We can’t move forward until this letter is corrected. I don’t have a problem answering any questions you ask.”

Allstate’s attorney warned the insured that Allstate would treat his failure to respond to his questions as a material breach of the contract that probably would result in the denial of his claim. The insured again stated that he would answer Allstate’s questions, but insisted that Allstate recant the disputed statements in the letter first. Allstate’s attorney asked the insured questions regarding his residence; the insured sat in silence, giving no responses. Allstate subsequently denied the claim.

Over a year after his claim was denied, the insured retained counsel who sent a demand letter to Allstate threatening to sue unless the claim was paid within 60 days. The letter also indicated the insured was willing to sit for a second EUO. Allstate agreed to a second EUO expressly subject to a full and complete reservation of all rights and defenses. That EUO never occurred, and the insured sued Allstate when it did not comply with his demand.

Allstate moved for summary judgment based on the insured’s failure to answer Allstate’s questions at his EUO. The district court granted the motion and dismissed the suit. In affirming the lower court’s decision, the Eleventh Circuit rejected the insured’s argument that his offer to submit to an EUO over a year after Allstate denied his claim created a genuine issue of material fact regarding his compliance with the insurance contract. The Eleventh Circuit reasoned that the insured’s belated offer did not cure his prior breach or reinstate Allstate’s obligation to pay his claim.

Hutchinson follows other court decisions applying a “strict compliance” standard in determining whether a breach of the EUO requirement is material. Under that standard, an insured’s reliance on the advice of counsel in refusing to answer questions at an EUO is not a reasonable excuse for failing to comply with the EUO requirement.3 Likewise, a refusal to submit to an EUO unless it is a stenographic recording, as opposed to an audio recording, is not a reasonable excuse.4Similarly, the insurer’s failure to provide information concerning its investigation, including copies of previous statements, is not a reasonable excuse.5 Nor is the insurer’s refusal to execute a confidentiality agreement that imposes limitations on the insurer’s use of the insured’s personal information a reasonable excuse for the insured’s non-compliance with the EUO requirement.6

The result in Hutchinson may have been different if the insured had initially retained counsel to represent him at the EUO. Unfortunately, I receive many calls from policyholders whose claims were denied after they submitted to an EUO without legal representation. In many cases, the dye has been cast, and there is little I can do to help them. So, to all insureds out there, make sure you have experienced counsel who understand the EUO requirement attend any EUO.
1 Adjusting Today is published as a public service by Adjusters International, Inc.
2 Hutchinson v. Allstate Ins. Co., 2018 WL 3359549 (11th Cir. July 10, 2018).
3 See Abdelhamid v. Fire Ins. Exch., 106 Cal. Rptr.3d 26 (Cal. Ct. App. 2010).
4 See N.C. Farm Bur. Mut. Ins. Co. v. Lilley, 2018 WL 414135 (N.C. App January 16, 2018).
5 See Lester v. Allstate Ins. Co., 743 F.3d 469 (6th Cir. 2014); Morris v. Econ. Fire & Cas. Co., 848 N.E.2d 663 (Ind. 2006).
6 See Safeco Ins. Co. of Oregon v. Masood, 330 P.3d 61 (Or. Ct. App. 2014).