RI Corporate Law May Not Govern Your Out-Of-State Company, But Your Employees Can Still Blow the Whistle on You

Data Privacy Law: Know Your Responsibilities with the New EU GDPR


Let’s say you’re a Rhode Island entrepreneur. You decide to start your own company. After careful thought, you decide to incorporate it in Delaware even though your company will do business in Rhode Island. Years pass. Your company is successful. Eventually, you sell some shares of your company to raise money, and even though you’re still the majority shareholder, now you have several minority shareholders as well. Then, like a bolt of lightning, you get hit with a lawsuit.

One of the minority shareholders claims you denied him access to corporate books and records, and that your company has been conducting shareholder meetings in violation of state law—that is, Rhode Island corporate law. But does Rhode Island law apply to the internal affairs of your Delaware company?

No! The Rhode Island Supreme Court recently answered that question in Rein v. ESS Group, Inc. (June 1, 2018), and for the first time formally recognized what’s known as the internal affairs doctrine.

In simple terms, the doctrine means that the inner workings of a company—the relationships among a company and its directors, officers, and shareholders—are governed by the law in the state where the company is incorporated. In our hypothetical, as well as the Rein case, that means a Rhode Island company incorporated in the State of Delaware will be governed by Delaware law when it comes to the company’s internal affairs.

The Rhode Island Supreme Court never previously defined the internal affairs doctrine, so the Rein decision offers a new level of predictability to business owners and entrepreneurs who operate in Rhode Island, or plan to in the near future, and who want certainty on which state laws will apply to their company.

There’s an important twist at the end of Rein. Like the hypothetical above, the case involved a disgruntled minority shareholder who brought a whistleblower claim based on what he believed were violations of Rhode Island corporate law. Under the internal affairs doctrine, the alleged violations themselves didn’t provide him a viable claim, since it was Delaware corporate law that applied.

But the shareholder reasonably believed that the company was violating the law, and when he reported those violations, he was fired from his job with the company. As a result, the Rhode Island Supreme Court concluded his whistleblower claim under Rhode Island law could not be dismissed at the outset of the case simply because he was wrong about the applicable law.

So Rein offers two key lessons: one, the internal affairs doctrine applies in Rhode Island. And two, even if the internal affairs of your company are not governed by Rhode Island law, be sure you (and your attorney) are familiar with any other state laws that may apply, because your employees can still blow the whistle on your business. For more information, please contact Attorney Samantha M. Vasques at 401-824-5100 or email

[back to top]


The European Union’s (EU) far-reaching new General Data Protection Regulation (GDPR) has significant impact on businesses across all industries, regardless of whether an organization is in the EU or the US. Violations may result in fines of Ř20 million or 4% of a company’s annual revenue, whichever is greater. To help companies reduce their risk of non-compliance, Pannone Lopes Devereaux & O’Gara and Compass IT Compliance have scheduled a free webinar, “GDPR – Know Your Responsibilities,” for Wednesday, June 27, 2018 at 2:00 p.m. (ET).

Register today if your company has an online presence, sells products or services through the Internet, or shares information via e-newsletters or other digital methods that requires the collection of personal data of any type about individuals who may be in the EU. There are steps you can take to protect your business against violating the GDPR and incurring hefty fines. Topics that will be covered are:

• GDPR Framework
• Data Collection and Customer Consent
• Consumer Rights and Compliance
• Data Assessment Mapping and Cybersecurity Planning

Attend this live broadcast to gain a clear understanding of your responsibilities and legal requirements, and to learn how to develop an IT and data security strategy for your organization. Instructors for “GDPR – Know Your Responsibilities” are Adam Cravedi, Compass IT Compliance Director of Business Operations, and Cyber Law Attorney Joel K. Goloskie of Pannone Lopes Devereaux & O’Gara, LLC. For more information, please contact Attorney Goloskie at 401-824-5100 or email

[back to top]

Corporate & Business Overview

Pannone Lopes Devereaux & O’Gara LLC
Northwoods Office Park
1301 Atwood Avenue, Suite 215 N Johnston, RI 02919

Please subscribe me to this Newsletter

Thank you for reading our newsletter. For further information about the firm and the Corporate & Business and Health Care Teams, please visit our website at or contact PLDO Managing Principal Gary R. Pannone at or 401-824-5100. We welcome your inquiry and appreciate your feedback. If you feel you have received this email in error, or would no longer like to receive this newsletter, please click here to unsubscribe. Thank you.

Attorney Advertising