Department of Insurance files data security bill in SC legislature

Standard

Bill is similar to model data security law adopted by NAIC

If you are a SC title agent, this bill will likely affect you if it passes!

The National Association of Insurance Commissioners (NAIC) adopted the Insurance Data Security Model Law, intending to promote rigorous cyber risk management practices, in October. And the South Carolina Department of Insurance (SCDOI) has introduced a similar bill in the South Carolina legislature. The South Carolina version, the South Carolina Insurance Data Security Act, is now in committee, and can be read here.

The model law creates data security standards for insurers and agents. The rules would apply to the real estate lawyers in South Carolina who are also title insurance agents. The rules require overseeing third-party providers, investigating data breaches and notifying consumers and regulators of data breaches.

security unlocked data breach

Insurers and agents will be required to have a written information security program for protecting sensitive date. Incident response plans and data recovery plans will also be required. Compliance certifications to the DOI will be required annually.

One important exemption applies to licensees with ten or fewer employees. This exemption will benefit small South Carolina law firms. Cyber security insurance may become a hotter commodity in South Carolina if this law passes, but the law is not intended to create a private cause of action.

We will watch this legislation and keep everyone posted on how it proceeds through the legislative process in South Carolina.

Advertisements

Did you hear the one about Katy Perry and the convent?

Standard

It’s not a joke! It’s a true, real estate story!

Dirt lawyers, you know how your friendly title insurance underwriters are always harping about authority issues?  You have to carefully determine that the individuals with authority to sell or mortgage real estate are the individuals who actually sign the deeds and mortgages involved in your transactions.

katy perry nun

How do you solve a problem like Katy Perry?  (image from dailystar.co.uk)

And you know how the same friendly title insurance lawyers really harp about authority issues involving churches? Hardly a seminar goes by without the mention of a problematic closing or claim involving church property. I always say you should be particularly suspect if anyone, like a preacher, says he or she can act alone to sell or mortgage church property. Church transactions almost always involve multiple signatories.

Lawyers involved in transactions concerning church properties must ascertain whether the church is congregational, meaning it can act alone, or hierarchical, meaning a larger body at a conference, state or even national level must be involved in real estate transactions. In South Carolina, we have seen recent protracted litigation involving the Episcopal Church, making real estate transactions involving some of the loveliest and oldest church properties in our state problematic at best.

Lawyers must also determine, typically by reviewing church formation and authority documents, which individuals have authority to actually sign in behalf of the church. It is not at all unusual to find a church property titles in the names of long-deceased trustees.  It is always advisable to work with local underwriting counsel to resolve these thorny issues.

With that background, let’s dive into this Katy Perry story. The superstar decided to purchase an abandoned convent sitting on 8.5 acres in the beautiful Los Feliz neighborhood of Los Angeles for $14.5 million in 2015. Only five nuns were left in the order, The Sisters of the Most Holy and Immaculate Heart of the Blessed Virgin Mary. This order had previously occupied the convent for around forty years. Two of the nuns searched the web to find Katy Perry’s provocative videos and music and became uncomfortable with the sale. Instead, those two nuns, without proper authority, sold the property to a local businesswoman, Dana Hollister, for only $44,000 plus the promise to pay an additional $9.9 million in three years.

Proper authority for the sale should have involved Archdiocese Jose Gomez and the Vatican. Both were required to approve any sale of property valued at over $7.5 million. The Archdiocese believed Ms. Hollister took advantage of the nuns and brought suit. After a jury trial that lasted almost a month, the church and Ms. Perry were awarded $10 million on December 4. The jury found that that Ms. Hollister acted with malice to interfere with Perry’s purchase. Two thirds of the verdict are designated for the church and one third for Ms. Perry’s entity.

Assuming lawyers were involved in the Hollister closing, you would not want to be in their shoes! Always pay careful attention to authority issues in your real estate transactions. In South Carolina, real estate lawyers are in the best position to avoid problems like the ones in this story.

SC dirt lawyers sued for email funds diversion by a third-party criminal

Standard

This is the first suit of this type I’ve seen. I’m confident it won’t be the last!

A dirt lawyer friend sent a copy to me of a hot-off-presses lawsuit filed in a circuit court in South Carolina against a closing law firm because the purchaser’s $50,000 in closing funds were diverted by a third-party criminal posing in an email exchange as the transaction’s real estate agent. My friend said he sent the case for my information. I think he sent it so I wouldn’t sleep!

Here are the facts as recited in the complaint. The names are being changed to protect all parties.

Paul and Penny Purchaser signed an Attorney Preference Form on March 28, 2017, selecting Ready and Able, LLC as their legal counsel for the purchase of a residential home and the closing of a purchase money mortgage with Remedy Mortgage, LLC.

On April 10, Paul and Penny Purchaser received Ready and Able, LLC’s “Purchaser’s Information Sheet” which required Paul and Penny to pay all closing funds over $500 to Ready and Able, LLC by wire transfer. The complaint states that these were silent as to the security of wire transfers, the security of private information to be conveyed between the purchasers and the law firm, and the security or lack of security of the use of email for closing information.

Also on April 10, Penny Purchaser telephoned the law firm and spoke with paralegal, Candy Competent, providing her with the purchasers’ Social Security numbers. The complaint states that Ms. Competent accepted the information and provided no wiring information or warnings.

hacker

The complaint states that on April 14, Paul Purchaser received what purported and reasonably appeared to be an email from Regina Realtor, their real estate agent for the transaction, asking Mr. and Mrs. Purchaser to wire closing funds in the amount of $48,490.31 that day so that the closing scheduled for April 21 would not be delayed. Penny Purchaser replied to the email requesting wiring instructions. An attachment purporting to be wiring instructions for Ready and Able, LLC. was sent via reply email.  The complaint states that the wiring instructions reasonably appeared to be the correct wiring instructions for the law firm and appeared to be printed on law firm letterhead. This email exchange was actually with a third-party criminal.

Later on April 14, Penny Purchaser telephoned Candy Competent and requested the amount needed to close. Ms. Competent discussed the amount needed to close despite the fact, according to the complaint, that she knew or should have known that the law firm had not sent wiring instructions to the purchasers or the real estate agent.

On April 17, Ms. Competent sent an email to Mrs. Purchaser advising her to add $550 to the funds due to close to cover a survey bill that came in on April 14. No mention was made of wiring instructions in that email. The email also did not discuss the fact that the law firm had not yet provided an amount to close to the purchasers or to the real estate agent. Mrs. Purchaser wired $49,015.31 using the wiring instructions provided by the third-party criminal.

On April 21, Paul and Penny Purchaser learned for the first time that the wiring instructions were the work of a criminal third party, who received the funds and has failed to return the funds.

The complaint states two causes of action, negligence and legal malpractice, and lists the following breaches of duty committed by the law firm:

  • Requiring the plaintiffs to use wire closing funds to defendant, without counseling the plaintiffs about the methods by which the secure delivery of such funds could be compromised;
  • Failing to counsel the plaintiffs about the risks and insecurity of email communications, particularly of private, sensitive, or financial closing information; and
  • Failing to be alerted by the circumstances of Mrs. Purchaser’s telephone call on April 14, and therefore to warn her that no communication had been sent by the law firm.

Is this, in fact, negligence or legal malpractice?  We will have to wait to see.  Would the processes established by your law firm for the protection of your clients’ funds prevent this type of crime? That is the question of the day. Please discuss among yourselves!