Authored by: Joshua D. Brittingham 
March 2023

Severance agreements have traditionally included confidentiality clauses that allow employers to keep the terms of the agreement, including the amount paid, confidential. This is particularly true when an employee has asserted claims that are waived as part of the severance agreement. However, recent legislation in Washington, known as the Silenced No More Act (RCW 49.44.211), and a National Labor Relations Board (NLRB) decision in McLaren Macomb, 372 NLRB No. 58 (2023), place new restrictions on such confidentiality clauses, requiring changes to many employers’ current severance practices.

Washington State Silenced No More Act

The Silenced No More Act, effective June 9, 2022, was passed in response to the #MeToo movement and seeks to prevent nondisclosure or non-disparagement clauses in any agreement between an employer and employee that would prevent an employee from disclosing conduct they reasonably believe to be illegal. This includes illegal discrimination, harassment, retaliation, wage and hour violations, sexual assault, and violating a clear public policy mandate. Under the new law, employers cannot prevent employees from disclosing the existence of a settlement agreement related to such conduct, but they can still prevent disclosure of the settlement amount.

National Labor Relations Board Decision

On February 21, 2023, the NLRB went further, holding that severance agreements containing broad confidentiality and non-disparagement clauses violate Section 7 of the National Labor Relations Act. The NLRB held that even offering an employee a severance agreement containing an overly broad non-disparagement and confidentiality clause could violate the NLRA. Section 7 of the NLRA allows employees to collectively work together to improve working conditions, freely discuss the terms of their employment with current and former employees, file NLRB claims, and assist and cooperate with NLRB investigations. Under the decision, a non-disparagement clause may still prohibit statements that are “disloyal, reckless, or maliciously untrue.”

Potential Penalties

Employers in violation may be subject to severe penalties. Employers that violate the Silenced No More nondisclosure rules may be liable for a minimum of $10,000 in statutory damages, plus the employee’s reasonable attorneys’ fees and costs. Employers who violate Section 7 of the NLRA may be liable for up to $50,000 in civil penalties.

Compliance

Employers can comply with both the Silenced No More Act and NLRB decision by including specific language that carves out any non-disclosure or non-disparagement obligations. We recommend that employers review their form severance agreements and any other employment-related agreements to ensure compliance with the new requirements and are happy to answer any questions.

Resources:

RCW 49.44.211 

https://www.nlrb.gov/case/07-CA-254640

https://www.nlrb.gov/news-outreach/news-story/board-rules-that-employers-may-not-offer-severance-agreements-requiring

Authored by: Lauren Fricke

In 2021, the Washington State legislature enacted a new tax on the sale of long-term capital assets. In March 2022, the Douglas County Superior Court ruled the new tax is invalid because it violates the state constitution. That decision has been appealed to the Washington State Supreme Court, but while we await its decision, taxpayers have been uncertain about whether and when they may need to file and pay the tax. However, on November 30, 2022, the Washington State Supreme Court granted a stay on the lower court’s ruling. The effect of this stay is that the Department of Revenue can begin collecting the capital gains tax for capital gains generated since January 1, 2022.

The question is, what does this mean for you? Here are five things you should know.

1. How much is the tax?
   • 7% on the sale and exchange of all assets occurring on or after January 1, 2022, with gains exceeding a standard deduction of $250,000 in 2022. 
2. When do I need to file and pay the tax?
   • Filings and payment to the Department of Revenue are due April 18, 2023.
3. Are there any exclusions or deductions?
   • Yes. There are several important exclusions and deductions such as the sale or exchange of real estate, assets held in retirement accounts, timber and timberland, certain agricultural products, and qualified family-owned small businesses. In order to qualify as a family-owned business, the business must be one in which the taxpayer held a qualifying interest for at least five years immediately preceding the sale; the taxpayer and/or members of the taxpayer’s family materially participated in operating the business for at least five of the ten years immediately preceding the sale or transfer; and the worldwide gross revenue is less than or equal to $10,000,000.
4. Will the tax remain in effect?
   • We do not know yet. While the stay on the lower court’s opinion allows the Department of Revenue to begin collecting the new tax, the case itself has not been decided. The Washington State Supreme Court heard oral argument on the issue on January 26, 2023. However, we may not get a final decision until after the filing deadline in April.
5. What should I be doing now?
   • Be proactive and do not wait for the decision. Consult a tax professional in order to begin preparing your filing for the April deadline. With the tax reinstated pending the decision, the Department of Revenue can collect the tax starting in April without waiting for a decision to be issued.

Resources:

Washington Supreme Court Order: https://www.courts.wa.gov/content/publicUpload/Supreme%20Court%20Orders/1007698%20Public%20Order%20Motion%20113022.pdf

Link to the Washington State Statute: https://app.leg.wa.gov/RCW/default.aspx?cite=82.87

Department of Revenue Information page: https://dor.wa.gov/taxes-rates/other-taxes/capital-gains-tax

Welcome back to the Carney Law Privacy team’s blog on all things privacy-related.  This post follows up on the steps needed to update Standard Contractual Clauses.  As you have likely heard, in response to the Schrems II decision invalidating the Privacy Shield and to reflect Europe’s General Data Protection Regulation (GDPR), on June 4, 2021, the European Commission released the updated Standard Contractual Clauses (SCCs).   As a reminder, the SCCs (old and new) are the mechanism permitting the transfer of personal data about data subjects located in the EU to entities located in most countries outside the EU. 

How are the new SCCs different from the old ones? 

The new SCCs are more flexible than the old versions, better reflecting the realities of how companies process data in today’s world.  For one, they come in four modular versions: 

• Controller-to-controller 
• Controller-to-processor 

• Processor-to-controller  
• Processor-to-processor 

The idea is that companies assess which of the four scenarios above applies to their transaction and implement the appropriate module into their definitive agreement or addendum, as needed.   

Second, the new SCCs are not as rigid as the last versions, which companies were not permitted to adjust in any other ways to reflect the unique arrangement.  For example, companies can now include the relevant clauses of the SCCs directly into a definitive agreement, rather than execute them separately, and supplement them with additional terms that do not contradict the requisite clauses or infringe upon data subjects’ rights.  They are also deemed to meet the requirements of GDPR so that there is no need for a separate DPA with additional or supplementary terms.

How and when should you update your SCCs? 

If you currently have your SCCs cross-referenced in a Data Processing Agreement (DPA), consider updating the reference in the DPA to reflect the new SCCs.  This will include specifying who the data exporter and data importer are, and which of the above-referenced modules will apply.  You may also choose to specify whether some of the optional clauses in the new SCCs should apply.  These include specifying whether third parties can “join” the SCCs via a new docking clause, whether certain types of “onward transfers” are permitted (including to subcontractors), and whether the parties choose to use an independent dispute resolution body, among other things.  You will also need to specify what law applies and in what jurisdiction disputes will be resolved.  Finally, as was the case with the old SCCs, you are required to include details about the importer and exporter and must describe the processing activity taking place.  Unlike the old SCCs, the new versions require the data importer (i.e., the entity in the US) to include in as much detail as possible a description of the technical and organizational measures implemented to ensure an appropriate level of security.   

If you do not have a form DPA or are relying on a form of DPA that is now outdated, consider swapping out the DPA in its entirety with the new standard contractual clauses, or, for certain types of transactions, consider folding the SCCs directly into your definitive transaction agreement.   

If you are entering into a new contract that involves the type of transfer discussed in this blog, you should be using the new SCCs as of September 27, 2021.  If your contract is already in place and relies upon the old SCCs, then you have until December 27, 2022, to replace those with the new SCCs.  This leaves you plenty of time to create a plan, review existing contracts and determine what needs to be updated between now then. 

Which module should you pick?   

Which of the four above modules you pick will depend upon whether you are the exporter (the entity sending data outside the EU) or the importer (the entity receiving the data from the EU).  Most importantly, do you control the nature and means of the processing of information?  Meaning, do you decide what to do with it, how to access and store it, with whom to share it, and how long you hold on to it?  If so, you are likely the controller of the information.   

Alternatively, are you acting upon the directions of your contractual partner and only using the information as needed to perform your commitments under the contract?  If so, you are likely the processor.  This can be a complicated exercise and can also depend heavily on the context of the processing, meaning that your entity might be a controller for certain purposes and a processor for others.  It is never a bad idea to consult with legal counsel if you are not sure. 

What else should you be thinking about? 

Don’t forget the impact the updated SCCs may have on your internal infrastructure.  For example, if you currently use subcontractors or other service providers to process personal data, then you will also need to update your agreements with them to ensure you are adequately meeting your obligations in the new SCCs.  You may also be required to disclose their names in the new SCCs. 

In some cases, the new SCCs may not be the most appropriate or best approach to the transfer at hand.  In these cases, an alternative transfer mechanism might be preferable, such as binding corporate rules or reliance on one of the derogations available under article 49 of the GDPR (i.e., explicit consent).

A final word on data transfer impact assessments  

One of the issues in the Schrems II case was the conflict between individual privacy and a foreign government’s ability to step in and access the personal data being transferred. The new standard contractual clauses include a risk-based method for assessing the likelihood of a government requesting or demanding access to this kind of data, with the idea being that if the risk of foreign government access is too great, the transfer may not occur.  As part of this exercise, companies are documenting their risk analysis in Transfer Impact Assessments (TIAs).  In our next post, we will take a closer look at these TIAs and provide you with some key takeaways, including whether you need one and what it should include. 

As always, if you have any questions about the new SCCs, how to update your DPA or other agreements, or other privacy-related questions, please reach out to our privacy team!  We routinely help clients make sense of these challenges and are happy to help you strategize best practices for your business model.   

About Carney Badley Spellman, P.S.

Carney Badley Spellman is about Advocacy, Strategy, Results. Located in Seattle, we are a full-service law firm committed to exceptional client service and professional excellence. Our firm serves individuals and businesses of all types and sizes. Also, our attorneys work with closely-held companies to Fortune 500 corporations in the Pacific Northwest and across the United States. Although Carney Badley Spellman‘s location is in Seattle, Washington, we are proud to be a part of the Washington state community and communities across the nation.

For more articles like this please visit our websites: Privacy Blog, The Startup Law Blog, and Carney Law.

Welcome back to Shhhh…(a Privacy Blog).   Lots have happened in the privacy world in the past few months, and we thought we’d catch our readers up on the biggest headlines. 

Updated Standard Contractual Clauses

The first part of Step 2 involves taking the country list from Step 1 and determining whether the European Commission has found the privacy protections of those countries adequate under GDPR.  Remember: this is for data exports outside of the European Economic Area versions.  As a quick reminder, the SCCs continue to be the most common and, for many US-based companies, the most feasible transfer mechanism for transfers of personal data from Europe to the United States and to any other country without an adequacy decision from the European Commission.  The updated SCCs are designed to reflect a broader range of data transfer scenarios, including processor-to-subprocessor and processor-to-controller transfers, and scenarios where the data exporter (the entity transferring data outside of the EU) is itself established outside of the EU.  However, there is a lot to unpack about how to implement the new SCCs.  For example, according to the European Data Protection Board’s recommendations addressing cross-border data transfers, a company seeking to transfer data outside the EU must verify on a case-by-case basis whether the law or practice of the third-country importer might compromise the effectiveness of the SCCs.  This verification process is lengthy and will be particularly impactful on smaller companies with limited resources to carry out the risk analysis, documentation, and monitoring it requires.  Still, the additional guidance is a step forward.  Could it eventually propel the US and Europe to reach a political solution?  We will follow up on this topic with a separate post, in which we take a closer look at the transfer tools available for transferring data outside the EU and into the US, in particular the updated SCCs and the supplementary measures that must accompany them.

California Introduces New Privacy Tools

State-side, the California Attorney General’s office recently announced two newsworthy tools that may impact readers.  The first is the Global Privacy Control (“GPC”), a universal widget that companies subject to the “Do Not Track” requirements can incorporate on their website to automate the process.  This opt-out tool, developed by an independent group of stakeholders, allows users to automatically signal their privacy preferences to participating websites.  Companies and businesses that have implemented a California Consumer Privacy Act (“CCPA”) “Do Not Sell My Personal Information” opt-out mechanism may want to consider taking advantage of the GPC.  Will big tech companies lead the charge in adopting this tool?  We shall see.

           

California also introduced the Consumer Privacy Tool, an interactive Q&A form on the Attorney General’s (“AG’s”) website designed to help consumers draft notices of non-compliance and send them to businesses directly, rather than relying on the AG’s office to do it.  This notice, if properly sent, could in theory start the CCPA’s 30-day cure period during which a business must bring itself into compliance with the CCPA or face fines from the AG’s office.  The tool is currently limited to failures to post “Do Not Sell” links on a business website, but could eventually be used to track other types of CCPA violations.

Colorado Joins the Privacy Pack

As you have probably heard by now, Colorado became the third state to pass a comprehensive data privacy law with the Colorado Privacy Act, scheduled to take effect on July 1, 2023.  Colorado joins Virginia, where the Virginia Consumer Data Protection Act takes effect on January 1, 2023, and California, where the CCPA became operative on July 1, 2020, and where most provisions of the California Privacy Rights Act will take effect on July 1, 2023.  Stay tuned as we unpack the main similarities and differences between each state’s approach to privacy and track movements in other states.

Pressure Mounts for a Uniform Federal Approach to Data Privacy

            Finally, we want to share two pieces of news on the push for a uniform federal approach to data privacy.  The Uniform Law Commission (the agency responsible for drafting laws that many states implement in all subject areas) has drafted and released an initial draft Uniform Personal Data Protection Act (“UPDPA”).  The stated goal of the UPDPA is to provide a reasonable level of consumer protection without incurring the compliance and regulatory costs associated with regimes like California, Virginia and now Colorado.   Designed for states to adopt as written or use as a model in creating their own legislation, the law would apply to controllers and processors conducting business in a state and maintaining personal data of more than 50,000 residents during a calendar year or earning more than 50% if gross annual revenue from maintaining personal data.  Importantly, while the law would provide individuals with limited rights to access and correct personal data, it would not include a private right of action.  We will be watching closely to see what happens next with the UPDPA. 

Lastly, just last week U.S. lawmakers introduced a draft federal privacy bill, entitled “Setting an American Framework to Ensure Data Access, Transparency, and Accountability (SAFE DATA) Act.”  If approved, the bill would require companies to post privacy notices and appoint a designated privacy officer, would give consumers subject access rights similar to those currently found in California, Virginia, and Colorado, and would require businesses to conduct a privacy impact assessment for risk data processing activities.  The bill would also give enhanced powers to the Federal Trade Commission. 

Stay tuned for more privacy news from the Carney Badley Spellman team of privacy attorneys.

Have questions? Please contact us at privacygroup@carneylaw.com for more assistance! Or visit us at Carneylaw.com

Disclaimer: this post is for informational/educational purposes only. It is not intended to provide any legal advice. 

Copyright © 2021 Carney Badley Spellman, P.S.

Readers of our first post, GDPR update in this series, have already worked through Step 1: Transfer Mapping.  Part of that step was determining what countries you’re exporting data to.  Now, we move onto step 2: Transfer Tools.  Truth be told, Step 2 is really two parts.  So, go grab your country list from your transfer mapping project and get ready to review!

Step 2.a – Determining Whether the Countries You Export Data to Have Adequate Protections in Place

The first part of Step 2 involves taking the country list from Step 1 and determining whether the European Commission has found the privacy protections of those countries adequate under GDPR.  Remember: this is for data exports outside of the European Economic Area (the EU plus Iceland, Liechtenstein, and Norway).  If all of the countries on your list are in the EEA, your work here is done.  (In other words, if you were compliant before the SCC changes, you’re still in the clear.)

What if I transfer data to countries outside the EEA? 

If you transfer data outside the EEA, you’re in good standing if the European Commission has issued an adequacy decision in favor of that country.  Careful though, as sometimes the adequacy decisions pertain to only part of a country. 

The European Commission maintains its list of adequacy decisions here.  As of the writing of this post, the European Commission has stated the following countries have adequate protection: Andorra, Argentina, Canada (commercial organizations), Faroe Islands, Guernsey, Israel, Isle of Man, Japan, Jersey, New Zealand, Switzerland, and Uruguay. 

If you’ve reviewed your list and have found that all of your countries are either EEA countries or have adequacy decisions in their favor, you’re done!  But what about all the other countries?  Like (gulp) in the US?  If you’ve got one or more of them on the list, keep reading.

Step 2.b – Do Your Transfer Tools Provide Appropriate Safeguards?

Let’s start by answering the obvious question: what is a transfer tool?  A transfer tool is a written safeguard (e.g., a contract) that governs how the data is moved from country to country. 

If you’re exporting data to a country that’s not in the EEA or hasn’t received a positive adequacy decision, you’ll need to make sure you’ve got these safeguards in place.  Per Article 46 of the GDPR, these safeguards include: 

• A legally binding and enforceable instrument between public authorities or bodies; 
• Binding corporate rules; 
• The standard data protection clauses; 
• An approved code of conduct; or 
• An approved certification mechanism. 

The idea is that these transfer tools will help level the data protection playing field.  The data subjects will essentially get the same protection outside the EEA as they will inside the EEA. 

Ready to find out if your transfer tools are adequate?  Check back in soon for our post on Step 3: Transfer Tool Assessment, and feel free to contact me with any questions.

By: Ashley Long

Last week the European Commission announced that the Standard Contractual Clauses (the “SCCs”) are being updated.  These changes primarily apply to entities exporting data out of the European Economic Area.  Starting in 2021, whether you’re a controller or a processor (or both!), you’ll need to make certain your SCCs and your data export policies are compliant with the new laws. 

The good news is that data exporters will have all of 2021 to align with these new obligations.  To ensure data exporters don’t have to start from scratch, the European Commission has provided recommendations to ensure compliance.  

Step 1 – Transfer Mapping

Curious about where to start?  Step 1 is to create a road map of where the personal data exported by your company goes.  Data exporters should review their existing data relationships.  Whose data are you exporting?  What personal data does that export include?  Which countries are receiving the exported data?  What are your reasons for exporting that data? 

You also need to think about the downstream data use.  For example, if you’re a processor, are you transferring personal data to a sub-processor who’s located in a third country?  Are THEY transferring that data to another party in a different country?  Remember that a “transfer” can be something as routing as cloud storage or support services outside the EEA.   

This can be a strenuous task for companies that export a lot of personal data out of the EEA.  However, the transfer mapping is an absolutely essential first step in knowing what actions – if any – you’ll need to take with your existing data agreements and internal practices. 

Next Steps – Transfer Tools and Assessments 

There’s more to do after you’ve completed your transfer mapping project.  If you’ve mapped any personal data being exported out of the EEA, you’ll need to move on to steps 2 and 3: verifying your transfer tools and assessing third-country laws.  Make sure to check back in for our next posts on these steps, and contact me if you have any questions, especially ones about standard contractual clauses!

By: Ashley Long

For more articles like this, please visit, here.

You have an idea for a new startup. One of your first google searches will probably be about how/where to incorporate your business. There’s some good advice out there and some bad advice out there. In the interest of cutting through the noise, here’s the advice we typically give our clients.

Welcome to Delaware

If you’re a high growth startup and plan on taking investment from angel investors and VCs, Delaware is the safe choice.

Here’s why Delaware is great:

• No one will ever ask, and you will not have to begrudgingly answer, “Why didn’t you incorporate in Delaware?”
• A lot of the standard form documents that are available on the web and are widely accepted in startup circles (see, e.g., the Series Seed documents and the NVCA document suite), are prepared for Delaware corporations.
• If you’re already in Delaware, you can’t be forced to reincorporate in Delaware by some pushy investor. This is what we in the biz call a 4-dimensional chess move.
• If you move your company, Delaware is pretty portable. Every state’s major commerce center has lawyers who know and can work with Delaware corporate law, so you’ll never have to worry about finding a new lawyer.
• There are certain provisions of Delaware law that are more favorable to company management than many other state laws.
• Delaware has a separate court system dedicated to corporate disputes, and Delaware corporate law is updated more often than the corporate laws of other states.

Here’s the short list of cons for Delaware:

• It’s generally more expensive in terms of fees and taxes.
• You’ll invariably get a franchise tax bill for some absurd amount of money payable to Delaware in your first year. While heart attack inducing, this usually isn’t a big deal, and there’s an alternate calculation method (on the back of the notice that you just threw across the room) that you can use to get the tax way down to a couple hundred/thousand bucks.

Visit Washington

While we work with and form a ton of Delaware companies, we are located in Seattle, Washington. Washington is actually a pretty solid place to form a company. Here’s why:

• It is less expensive to form and maintain a Washington corporation (the annual fee to keep your corporation alive in Washington is just a little over $100 a year; Delaware starts higher, and the costs of Delaware go up over time relative to the costs of being incorporated in Washington. It costs less in third party fees to dissolve a Washington corporation.
• Washington corporate law is substantially similar to Delaware law, and in the event of any litigation, Washington courts would likely look to Delaware court opinions as persuasive authority.
• If you run into a complex question of corporate law and you are incorporated in Delaware, you may have to retain a law firm in Delaware to assist you. This will probably wind up being more expensive than continuing to work with a Washington corporate lawyer.
• Investors are generally pretty okay with Washington – we haven’t had much issue with investors insisting a Washington company converts to Delaware (though with one exception being accelerators like Techstars and Y Combinator). Microsoft is a Washington corporation, and it never held it back.

Other States

Here’s where some of the bad online advice comes in. A number of people will float states like Montana, Nevada, or Wyoming. There are some benefits to incorporating in states like this depending on where you ultimately go, like not seeing who the owners of a corporation are, lower taxes, wide-open spaces, etc. That said, there’s a litany of issues with these states (see “why not Delaware” and “what do you mean there’s no attorneys that know how to interface with Wyoming corporations in San Francisco?”). Incorporating in states like these should only be done if you have some sort of special requirement, and after talking with a lawyer and an accountant that agree that there’s some benefit with going to a more “exotic” state.

There are other states out there, like New York, that are “review states.” This means that every time you need to do a charter filing or other state filing, you have to barter with some attorney on staff at the state (whereas in Washington and Delaware, there is no process like this – you file, and your filing is accepted immediately). Because of this, incorporating in review states typically results in hair loss and melancholy, especially if you’re trying to close a transaction or financing which requires a charter amendment.

Conclusion

I just want to say that I’m not trying to bag on the corporate jurisprudence of other states. If you’re planning on creating a bootstrapped company that’s going to throw off cash on day one and will never leave your state of incorporation, you can probably do whatever you want. If for whatever reason, you grow out of a state, most of the time, it’s not too painful to convert elsewhere (unless you incorporate in a review state… ick, or someplace without a conversion statute).

In any event, I hope this was helpful. If you’re looking to set up your startup in Delaware, or if you want to walk on the wild side and give the beautiful state of Washington a try, we’re happy to help, and always feel free to contact me.

By: Bryant Smick

For more articles like this, please visit, here.

Carney Badley Spellman is about Advocacy, Strategy, Results. Located in Seattle, we are a full-service law firm committed to exceptional client service and professional excellence. Our firm serves individuals and businesses of all types and sizes. Also, our attorneys work with closely-held companies to Fortune 500 corporations in the Pacific Northwest and across the United States. Although Carney Badley Spellman‘s location is in Seattle, Washington, we are proud to be a part of the Washington state community and communities across the nation.

Most entrepreneurs don’t know of a simple way to avoid millions of dollars in capital gains tax. Section 1202 of the Internal Revenue Code grants non-corporate taxpayers a tax break of up to $10,000,000 in capital gains on “qualified small business stock” that the taxpayer holds for more than five years. This is a huge exclusion.  I believe all entrepreneurs should have a basic grasp of Section 1202’s high-level requirements so that they can take full advantage of its tax breaks. So, here they are. 

What Are The Requirements? 

C-Corporation

To qualify, the issuer of the stock must be a C-corporation. S-Corporations or LLCs taxed as partnerships do not qualify. Founders should consider this in particular when choosing an entity. 

Less Than $50,000,000 in assets 

The issuer must have less than $50,000,000 in aggregate gross assets before and immediately after you receive your shares. 

80% of Assets Used

The issuer must use at least 80% of its assets in the active conduct of its Qualified Trade or Business (more on that below).

Issued After August 10, 1993

The company must have issued the stock after August 10, 1993. 

Original Issuance

Generally, you must acquire the stock directly from the company.  This becomes more complicated if you receive equity compensation, like options or restricted stock, or if you hold convertible debt or a warrant. 

Domestic Corporation

The company must be organized in the United States. 

Qualified Trade or Business 

The issuer’s business must not be any of the following.  I generalized the descriptions below for simplicity’s sake.  For details, see the statute. 

• Professional services 
• Financial services
• Farming
• Mining
• Hospitality

Five Year Holding Period

You must hold the stock for more than five years before you sell it.  This also becomes more complicated if you receive equity compensation, like options or restricted stock, or hold convertible debt or a warrant. This will also become more complicated if a company began as an LLC and is converted into a C-corporation.

In Exchange for Money or Other Services

The company must issue the stock in exchange for money or other services.  If the company issues the stock in exchange for other stock, it won’t count. 

Conclusion

We have written about Section 1202 before here, here, and here. This post is just a summary, and Section 1202 can get complex quickly depending on the situation.  If you have any questions about 1202 or any of its complexities, feel free to contact me. 

By: James Graves 

Carney Badley Spellman is about Advocacy, Strategy, Results. Located in Seattle, we are a full-service law firm committed to exceptional client service and professional excellence. Our firm serves individuals and businesses of all types and sizes. Also, our attorneys work with closely-held companies to Fortune 500 corporations in the Pacific Northwest and across the United States. Although Carney Badley Spellman‘s location is in Seattle, Washington, we are proud to be a part of the Washington state community and communities across the nation.

This blog does not constitute legal or tax advice. In all instances you should visit your legal or tax advisor with regards to your personal tax situation.

Starting your company is an exciting time.  The temptation will be to sign all your legal documents as fast as possible so that you can get up and running.  We highly suggest you avoid that temptation and take the time to thoroughly review and, if appropriate, negotiate your documents.  With that in mind, in this post, we will cover how to read your founder documents and what to look for. 

The Document Set 

The documents you will likely be asked to sign are (1) a Proprietary Information and Invention Assignment Agreement (“PIIAA”) and (2) a Stock Purchase Agreement (“SPA”).  Don’t be afraid of these documents.  They are standard, and the company attorneys aren’t trying to pull anything on you.  That being said, there are parts to be aware of and negotiate. 

Proprietary Information and Invention Assignment Agreement

Why It’s Important

The PIIAA is the document in which you assign all intellectual property to the company you will develop or have developed relating to the company’s business.  99.9% of the time, this is non-negotiable.  Intellectual property is uniformly the most valuable asset of an early startup.  Investors abhor–and will frequently refuse to invest in–companies with muddled intellectual property ownership.  An intellectual property lawsuit is a nightmare for everyone involved, and most startups simply don’t have the funds to finance one through trial.

What’s more, there’s usually no early resolution (settlement) of an IP lawsuit since the startup will need a judgment stating that it actually owns the IP.  This means the startup will have to finance the lawsuit through trial, which is really expensive.  The negative repercussions of this range from being unfundable (because you have to disclose to potential investors that you are in court over your most valuable asset) to expending all your bootstrapped capital on attorneys’ fees (because you can’t secure funding), with the net effect of not having any capital leftover to actually advance your company.  

This is all a long way of saying that the PIIAA is very important, so expect to sign one. 

What to Look Out for in a PIIAA

Now that you know why you have to sign it, here are a few things to note or look out for: 

• You will have the opportunity to disclose and carve out any preexisting intellectual property that should not be assigned to the company.  If that exists, be sure to fill out the form correctly.  
• Are there negative covenants, e.g., a Non-Competition or Non-Solicitation clause? If so, were those part of the deal?
• Sometimes, Non-Competition clauses are unenforceable under state law.  For example, Washington state has a law making Non-Competition clauses for employees unenforceable unless the employee makes $100,000 or more in annual cash compensation or the employee receives equity in the company connected with entering into the non-compete. 
• If you are forced to accept a Non-Competition provision, make sure that it terminates if you are terminated without “Cause” or you leave with “Good Reason,” or if the company is sold (more on “Cause” and “Good Reason” below).  You could also shorten the time period and narrowly define the “industry” you are prohibited from working in. 

Stock Purchase Agreement 

A stock purchase agreement typically lays out the following terms and conditions: (a) the price per share of the common stock that you will pay; (b) whether the shares are subject to vesting and the company’s rights to repurchase unvested shares; (c) restrictions on transfer, representations, and warranties, and market standoff provision; (d) whether the company can repurchase vested shares at fair market value, and (e) other possible provisions, such as as a non-competition and non-solicitation (if they aren’t contained in the PIIAA). Your agreement may be called a Restricted Stock Purchase Agreement or a Stock Purchase Agreement. “Restricted stock” refers to shares subject to vesting and the company’s right to repurchase unvested shares. Still, the title of the agreement is immaterial–, and companies (and law firms, for that matter) frequently mislabel them–so make sure you carefully read it to see if your shares are subject to vesting. 

What To Look Out For In Your SPA

Here are a few things to note or look out for in your SPA.

Price Per Share

The first issue is the price per share.  A company must issue its shares for no less than fair market value under Internal Revenue Service rules. If your founder shares are issued at the time of incorporation, they will likely be issued for a nominal price per share.  This is typically the par value of $0.0001 per share, which you will need to pay to the company. This makes sense because the company’s valuation is justifiably close to zero when it is created. But if you are a co-founder that joins after the company has raised outside investment or created any significant value, then the company likely would not be justified in issuing your shares for only a nominal price per share. Be careful if you are faced with this situation because you may have a significant tax bill unless you pay cash for the shares upfront.

Vesting and Repurchase Rights

The second issue we will cover is vesting and repurchase rights. 

The shares of common stock issued to founders are typically subject to vesting and the company’s right to repurchase unvested shares. A typical vesting schedule is 4 years with a 1-year cliff.  This means  25% of the shares vest on the 1st anniversary of the founder’s service start date, and the remaining shares vest in smaller monthly installments over the next 3 years. 

If the founder stops working for the company, then the company may repurchase the unvested shares for, typically, the lower of (i) the price per share paid by the founder or (ii) the fair market value on the date of repurchase. This is a strong incentive mechanism for a co-founder to continue pulling his or her weight to grow the company. A co-founder should not view vesting negatively, though, because he or she will want other co-founders to be bound by the same terms. This way, all founders are bound together to grow the company. 

Generally, this right to repurchase is deemed automatically exercised by the company within a certain time period after you leave.  If you would like, you can try to negotiate to reverse this presumption and/or shorten the time period. 

The alternative is the company granting all co-founders’ shares upfront and not subject to any vesting.  In this case, anyone co-founder could leave and keep all of his or her shares, which is very unfair for the remaining co-founders who will be working hard to grow the company.  This also gives the remaining co-founders no mechanism to recapture the departing co-founder’s shares.  This is informally known as “walking off the job” and leaves the company with what is known as “dead equity.”  If there is a significant chunk of this dead equity, the company could become unfundable.  Investors will pay close attention to this. 

Vested Share Repurchase Right

Additionally, some stock purchase agreements contain a “vested share repurchase right.”  A vested share repurchase right gives the company the right to repurchase not only unvested but also vested shares, too, in certain circumstances.  These circumstances include a founder leaving the company or materially breaching an agreement with the company.  In this case, the shares must be purchased for fair market value when the company repurchases them–not the low initial purchase price.

This provision should also not be looked at negatively.  It is a way for the company to avoid the “dead equity” mentioned above.  You should be aware of it and prepared for the company to exercise it in the event you leave the company, even if all your shares have vested.

Non-Competition and Non-Solicitation Provisions

Next, be sure to review your SPA, whether it be a restricted SPA or just a SPA, for Non-Solicitation and Non-Competition clauses like in the PIIAA, using the same analysis as above.

Single and Double Trigger Acceleration, “Cause”, and “Good Reason”

Double and Single Trigger Acceleration

Next, be sure to review the document to see if there is a “Single Trigger” or “Double Trigger” acceleration.  Most documents nowadays come standard with double trigger acceleration.  What this means is your shares will immediately vest in full if the company is acquired AND you are terminated without “Cause,” or you leave for “Good Reason” within twelve months of the acquisition.

Instead, you could negotiate a “single trigger” acceleration.  This could mean your shares will vest in full if the company is acquired OR you are terminated without “Cause,” or you leave for “Good Reason.”

“Cause” and “Good Reason”

In any event, either of these accelerations is critical to your compensation and will ensure you are properly compensated in the event of acquisition and/or there is a dispute with the company over your departure

The definitions of “Cause” and “Good Reason” are critical to whether your single or double trigger acceleration benefits will trigger. In your review and negotiations, try to negotiate a narrow definition of “Cause.”  You don’t want the company to terminate for some vague, unsubstantiated reason and have your shares not vest in full.  

On the other hand, try to negotiate a broad definition of “Good Reason,” so you have more latitude to leave and still have your shares vest in full. 

File Your 83(b) Election with the IRS

Section 83(b) of The Internal Revenue Code gives taxpayers receiving equity compensation the option to pay taxes before they vest. If your shares are subject to vesting, this is your most important deadline, and you only have 30 days to file this election from the date you execute your SPA. It should be attached to the back of your SPA.

If you miss the 83(b) election filing deadline, you will have put yourself in a grave tax situation. Not making the election timely results in the following:

1) When your shares vest, you will owe taxes on the difference between the value of the shares at the time of vesting and what you paid for them.

2) This is a disaster because you probably paid virtually nothing for your shares, and they will go up in value. Plus, this tax hit occurs every vesting period. So as your shares go up in value, you will owe more and more taxes as the shares vest.

For this reason, you have to own your 83(b) filing. File it yourself. Do not expect the company or company counsel to do it for you. Neither generally will for liability reasons.

Conclusion 

Don’t be afraid to negotiate these documents.  They’re going to live on forever, and a little upfront effort and negotiation have the potential to spare you a lot of headaches and make you a lot of money in the future.  Always consult with an attorney, and if you have any questions, please contact James Graves or Danny Neuman.  

By: James Graves and Danny Neuman

Disclaimer: this post is for informational and educational purposes only.  It is not intended to provide any legal advice.

This post will cover the best way for your company to obtain a 409a valuation, the reason why, and when your company needs to obtain one. 

If you’ve ever started a company, you know and are probably sick of dealing with the terms “fair market value” (FMV) and “409a”.  There is already tons of educational content from the legal community on what Section 409a is, why it is important, and its minutiae.  I am sure you are sick of reading about the rules by now.  Rather than conceptually rehash Section 409a, what I will try to do in this post specifically is set forth the best way to obtain a 409a valuation, why, and when your company needs to obtain one. 

The Best Way to Undergo a 409a Valuation

The Independent Appraisal Method

The best way to undergo a 409a valuation is via an independent, professional appraisal of the company’s FMV done by companies like Carta or Scalar, called the “Independent Appraisal” method.*  Why? Because the law gives the professional appraisal of the FMV of a company’s stock a rebuttable presumption of reasonableness.  This means that if the IRS ever audited the company, the burden of proof would be on the IRS, not the company, to show that the methodology used was not a  “reasonable valuation methodology.”  This dramatically reduces the likelihood of a successful IRS challenge of FMV.  

Be Careful Doing It By Yourself

Compare this to if the company used a different method of appraisal, such as doing it by itself.  In this case, the burden of proof would be on the company to demonstrate it used a reasonable valuation methodology.  This is expensive, time-consuming, and highly burdensome to prove.  Even if the company was 100% correct, it would take time and money the company could otherwise invest elsewhere to meet its burden of proof.

Further, the company runs the steep risk that it simply did not use a reasonable valuation methodology.  You are in the business of running your company, not valuing shares of stock.  You are therefore by definition probably not qualified to do so.  Why run the risk, when the adverse consequences are so dire? 

My one caveat here is this.  If you are a brand new company, say, less than a year old, you probably can rely on a good-faith valuation of your shares that you do yourself since the shares’ value would be so nominal.  However, as you grow, start considering an Independent Appraisal sooner rather than later. 

Your Employees May Be Penalized By The IRS The Most For Your Non-Compliance

What’s more, the tax penalties for violating Section 409a are not imposed on the company.  They are imposed on the company’s service providers (e.g., employees or independent contractors) unless the company fails to report or withhold any amount that becomes taxable because of a failure to comply with Section 409a.  These penalties include: 

• All vested deferred compensation (e.g., options or restricted stock) becomes taxable immediately.
• An additional 20% penalty tax levied on the service provider on top of regular income tax.
• Possible imposition of interest on previous years’ vested equity compensation. 

When Your Company Needs to Obtain a 409a Valuation

First, an Independent Appraisal valuation only lasts twelve months. So, your company should plan on obtaining one at least annually if it wants to have the ability to consistently issue deferred equity compensation in compliance with Section 409a. 

Second, the valuation via Independent Appraisal only lasts twelve months if an event that “materially affects the value of the corporation” has not occurred in the interim.  Here are some examples of material events that could re-trigger the company’s obligation to undergo another 409a valuation: 

• The resolution of material litigation (explicitly mentioned in the regulations)
• The issuance of a patent (explicitly mentioned in the regulations)
• A debt or equity financing
• Undergoing any sort of merger or acquisition 
• Launching a central product or service of the company.  

Note that this is a non-exhaustive list, but should give you a good idea of what would be considered a material event. 

Finally, the entire 409a valuation process typically takes around two weeks to complete if you are organized and have all your documents ready to go.  However, most startups aren’t, which can extend the process to a month, or even longer.  Waiting for a 409a can hold up equity grants, which can have a negative ripple effect on your organization.  So, be sure you are organized and current and ready for the valuation process.  

Conclusion

In sum, Section 409a is a very complex statute and this post is just the tip of the iceberg. Always consult with an attorney if you have any questions and always feel free to contact me. 

By: James Graves

Disclaimer: this post is for informational and educational purposes only.  It is not intended to provide any legal advice.

* Note that there are two more “safe harbor” methods set forth in Section 409a called the “Formula Valuation” and “Start-up Company Valuation” methods.  While valid, these are more difficult to comply with and I do not praise them as highly as the Independent Appraisal method.