I'm no Java guru, but I'll contribute my opinion:
(1) Because entities are now POJOs, you can add business logic if you choose to. However, the recommendation is not to add business logic, stick to using just getter & setter methods.
(2) If you need to transport your entity across the network, I think you must implement Serializable. If you are just using your entity locally and passing it around within the same JVM, you don't need to implement Serializable. Unlike in earlier versions of
EJB, where your only choice of transporting entity beans was using RMI, even if it was just a local pass.
That's my theory anyway. Anyone, please feel free to correct.