March 2022 Screening Compliance Update

MARCH 2022 SCREENING COMPLIANCE UPDATE

FEDERAL DEVELOPMENTS

EEOC (Again) Updates Religious Accommodation and Vaccine Mandate Guidance

The EEOC has once again updated its guidance and answers regarding the ongoing COVID-19 pandemic’s interaction with anti-discrimination laws. We previously discussed this guidance here. This guidance, updated on March 1, 2022, provides additional detail to Section L (Vaccinations – Title VII and Religious Objections to COVID-19 Vaccine Mandates). We discuss the key details below.

Employers May Ask Employees to Explain How Their Religious Beliefs Conflict With COVID-19 Vaccination Requirements.

The guidance discusses the non-exhaustive factors to be considered when evaluating the sincerity or religious nature of a belief. Expanding on its previous guidance, the EEOC makes clear that employers “may ask for an explanation of how the employee’s religious beliefs, practices, or observances conflict with the employer’s COVID-19 vaccination requirement,” and refers readers back to its Section 12 of its Compliance Manual on Religious Discrimination.

Many employers have had to grapple with whether an employee’s belief is indeed “religious” (and thus protected) or merely “political” (and thus unprotected). Importantly, the updated guidance states that there may be some overlap between the two: “overlap between a religious and political view does not place it outside the scope of Title VII’s religious protections, as long as the view is part of a comprehensive religious belief system and is not simply an isolated teaching.”

Employers must continue to make these determinations on a case-by-case basis and assess individual credibility when deciding whether to grant a reasonable accommodation.

Undue Hardship May Not Be Speculative or Hypothetical.

The updated guidance also speaks to how employers should assess “undue hardship” on the business, adding in an important detail: in addition to warning against relying on “speculative” hardship, employers also cannot rely on “hypothetical” hardship when faced with an employee’s religious objection but, rather, should rely on objective information.” Accordingly, employers should carefully analyze the undue hardship on the business using objective, factually-specific factors, and should not rely upon remote, speculative or hypothetical possibilities to satisfy the “undue hardship” standard.

A Reduction in Pay or Loss of Benefits is Not a Reasonable Accommodation if There Are Alternative Accommodations.

While employers are not required to provide the employee’s preferred accommodation, the guidance notes that an employer’s accommodation will not be “reasonable” if it requires that the employee “accept a reduction in pay or some loss of a benefit or privilege of employment (for example if unpaid leave is the employer’s proposed accommodation) and there is a reasonable alternative accommodation that does not require and would not impose undue hardship on the employer’s business.” This is a key clarification from the previous guidance, and employers proposing unpaid leave as an accommodation should first consider alternative accommodations.

As a Best Practice, Employers Should Discuss Revocation of a Religious Accommodation with the Employee before Taking Action.

The guidance notes that the obligation to provide religious accommodations is a continuing obligation, but also one that allows for change depending on evolving circumstances. The employee’s sincerely held beliefs may change, and the employer has the right to discontinue a previously granted accommodation if it is no longer for a religious purpose or it subsequently imposes an undue hardship on the employer. The guidance further clarifies that, “as a best practice, employers should discuss with the employee any concerns it has about continuing a religious accommodation before revoking it.” Thus, employers should consider engaging in a dialogue with employees prior to revoking any reasonable accommodations. Such conversations may provide an opportunity to discuss alternative accommodations or how to account for changes in circumstance.

Parting Thoughts

Even with COVID-19 cases waning, and the national conversation around vaccine mandates moving (for now) to the background, the EEOC continues to update its guidance related to religious accommodations. Employers should continue to monitor these updates and assess how they might change company policy or practice. Mintz stands ready to assist businesses in preparing and updating their vaccination-related policies and to ensure federal, state, and local compliance.

Click Here for Original Article

President Biden Signs Executive Order Promoting Pay Equity and Transparency

In addition to digesting OFCCP’s release of a new directive on compensation, government contractors may soon see new regulations around inquiries into and the use of prior salary information. In conjunction with Equal Pay Day, President Biden signed a new Executive Order on Advancing Economy, Efficiency, and Effectiveness in Federal Contracting by Promoting Pay Equity and Transparency.

In the Order, President Biden directs the Federal Acquisition Regulatory Council, in consultation with the Secretary of Labor to “consider issuing proposed rules to promote economy, efficiency, and effectiveness in Federal procurement by enhancing pay equity and transparency for job candidates and employees of Federal contractors and subcontractors.” Specifically, the President instructs the FAR Council to consider whether any such rules should limit or prohibit Federal contractors and subcontractors from seeking and considering information about job candidates’ and employees’ existing or past compensation when making employment decisions.

Prohibitions on the reliance on prior salary history are not new, but up to this point have not been legislated at the federal level, and have come through state and municipal action.

Click Here for Original Article

STATE DEVELOPMENTS

New York City Commission on Human Rights Issues Guidance on New Salary Transparency Law

The New York City Commission on Human Rights recently issued guidance on the recent amendments to the New York City Human Rights Law mandating salary disclosures for job opportunities. The amendments, which we reported on here, go into effect on May 15, 2022. The guidance clarifies the scope of the amendment and what employers will be required to disclose.
Most employers with at least one employee in New York City are required to comply.

All employers, except temporary help firms, with four or more employees (including those working outside New York City), or one or more domestic worker, are covered. So long as a single employee works in New York City, the employer must comply with the new disclosure requirements.

Positions that can or will be performed in New York City are covered.

Any advertisement for a job, promotion, or transfer opportunity that can or will be performed, in whole or in part, in New York City (including jobs performed remotely from the employee’s home) must comply with the law. The guidance defines an “advertisement” broadly, as “a written description of an available job, promotion, or transfer opportunity that is publicized to a pool of potential candidates,” regardless of the medium in which it is disseminated. Notably, employers who would otherwise hire for a position without using an advertisement are not required to create one for purposes of complying with the new salary range disclosure obligation.

Salary includes base wage or rate of pay, regardless of frequency of payment, and open-ended ranges are not acceptable.

The disclosure requirement is not limited to exempt employees earning a salary. An employer must disclose the base wage or rate of pay if in good faith believes, at the time of the posting, it is willing to pay the successful candidate(s) for the advertised position. It can be expressed as an hourly rate ($15 per hour) or a base salary ($50,000 per year). The range disclosed must be specific and may not be open ended; advertisements that disclose a range “up to” or “a maximum of” a specified amount are not compliant.

Employers need not disclose, but are not prohibited from advertising, other forms of compensation or benefits such as the following:

• Employer-provided insurance benefits
• Paid or unpaid time off (e.g., paid sick or vacation days)
• Availability of contributions towards retirement or savings plans
• Severance pay
• Overtime pay
• Commissions
• Tips
• Bonuses
• Equity
• Value of employer-provided perks like meals or lodging

The New York City Commission on Human Rights will enforce the new law with fines and other remedies.

Employees and candidates can file a complaint with the New York City Commission on Human Rights. The Commission’s enforcement branch, the Law Enforcement Bureau, may initiate its own investigations based on testing, tips, or information from other sources. Penalties for violation can include civil penalties up to $250,000, and other remedial steps such as amending advertisements, policy changes, trainings, providing notices of rights to employees or candidates, and potentially other forms of affirmative relief. The Commission can also order “monetary damages to affected employees,” but the guidance does not identify how such monetary damages will be calculated or what harm those damages are meant to address.

Click Here for Original Article

D.C. Bans Evictions Over Unpaid Rent of Less than $600

In a unanimous vote on Tuesday, the D.C. Council permanently barred landlords from filing evictions against tenants who owe less than $600, sealed some eviction records, and further protected voucher holders during the rental screening process in an omnibus tenant protection bill. At least two councilmembers noted that the bill is one of the strongest and most comprehensive bills in the country related to tenant protections in some time.

Many of the provisions in the bill were already in place, but limited to the public health emergency. For example, D.C. Superior Court already sealed the eviction records of several hundred thousand people due to emergency legislation passed during the pandemic, according to Legal Aid DC. “We know that when folks have records of eviction cases, even if they didn’t end in evictions, that can prevent those people from finding new housing in the future,” says Mel Zahnd, a senior staff attorney in the Housing Law Unit.

Tenant advocates have been calling for some of these changes to the housing law for years. Advocates say the pandemic motivated lawmakers to do what was once considered impossible or impractical. “We know what the outcomes are — the housing market in D.C. has not collapsed,” says Beth Mellen, a supervising attorney in Legal Aid’s Housing Law Unit and the Director of the Eviction Defense Project.

Councilmembers became emboldened to shore up tenant protections after a 2020 report from Georgetown University reported what tenant and landlord advocates long knew: Few cases end in executed evictions because landlords often file just to pressure tenants into paying rent. “That eviction filing goes onto the [public] record,” co-author Eva Rosen told DCist/WAMU at the time. “When future landlords look at tenants’ residential histories, they often don’t care whether it’s a filing or an executed eviction. They just see that there’s some eviction process that was initiated, and that’s the number one red flag for a landlord.”

The bill, titled the Eviction Record Sealing Authority and Fairness in Renting Amendment Act, was first introduced in March 2021. Once the bill is signed into law by Mayor Muriel Bowser, D.C. could see a significant reduction in the number of eviction filings. In 2018, 12% of households summoned to D.C. Superior Court owed less than $600, according to the Georgetown report. Tenant advocates say the bill will improve outcomes for residents, particularly those of color who are disproportionately impacted by evictions and housing instability.

“This really is helping D.C. catch up with all the best practices that are out there to the extent we were missing some of them,” says Mellen. “D.C. already had a lot of other [strong] provisions in the law, like you have to have just cause to evict.”

The bill does a lot more than just ban evictions over modest sums of unpaid rent. Here’s more of what it does:

• Requires landlords to have valid rental registration and licensing to file evictions.
• Requires landlords to notify a tenant in writing of their plans to file evictions over nonpayment at least 30 days before, and then provide the court proof of notice via a photograph. (Lawmakers became aware of the issue following a DCist/WAMU investigation that found hundreds of instances where landlords failed to notify tenants of eviction proceedings.)
• Requires landlords to provide eviction notices in tenants’ native language if they do not speak English or Spanish.
• Instructs D.C. Superior Court to dismiss eviction filings if landlords do not follow necessary steps.
• Instructs the court to seal eviction records 30 days after a case ends if the landlord loses, or three years if the landlord wins.
• Permits people to bring civil cases to court if landlords discriminate against a potential tenant over a sealed eviction filing.
• Requires landlords to tell prospective tenants about their screening process before asking for fees or information.
• Caps application fees at $50. If a screening is not conducted, landlords must refund.

Provisions related to housing vouchers almost did not make it to the final bill. According to tenant advocates, At-Large Councilmember Anita Bonds, who chairs the housing committee, withdrew the bill during last month’s legislative meeting because she said wanted to hear more from housing providers. The provision in question had to do with the screening process for prospective tenants, and was supported by the Council’s Office of Racial Equity. After pushback from advocates, Ward 6 Councilmember Charles Allen introduced an amendment that would, among other things, bar a landlord from considering a prospective tenant’s rental history (including nonpayment of rent) or credit issues if they occurred before the tenant received a housing subsidy.

(The D.C. Human Rights Act already outlaws discrimination based on income, which has failed to deter landlords from refusing to accept housing vouchers and prompted many lawsuits.)

The bill requires help from government agencies. The Office of Human Rights is tasked with ensuring that landlords do not discriminate against voucher holders. “OHR funding has to happen in order for enforcement to be there,” says Brittany Ruffin, senior counsel at the Washington Legal Clinic for the Homeless — she estimates it would take roughly $500,000 for the department to enforce the bill. Meanwhile, one provision in the bill depends on the Department of Consumer and Regulatory Affairs to step up enforcement, which it’s historically had problems with. Should the agency (soon to be the Department of Buildings) revoke business licenses from landlords that are repeat offenders, Mellen says then questionable landlords or slumlords won’t be able to file evictions against tenants.

Click Here for Original Article

California Loosens Indoor Masking Requirements for the Unvaccinated

On February 28, 2022, California’s Governor Newsom issued a press release lifting California’s mask requirements for unvaccinated individuals in indoor settings, downgrading the former requirement to a strong recommendation, effective March 1, 2022. The same day, the California Department of Public Health (“CDPH”) published updated guidance, tracking Governor Newsom’s announcement. Later on February 28, Governor Newsom issued a press release and Executive Order overriding Cal/OSHA’s COVID-19 Emergency Temporary Standards, suspending the agency’s workplace requirement that unvaccinated workers wear masks in most indoor settings. Several localities have followed suit.

Until Now, California Has Consistently Mandated Masks for the Unvaccinated Indoors Throughout the Pandemic.

California’s mask-related reactions to the ever-changing COVID-19 landscape over the last two years have been well-documented here, here, here, and here. Most recently, on December 16, 2021, Cal/OSHA readopted its COVID-19 Emergency Temporary Standards (“ETS”), effective January 14, 2022, which required unvaccinated employees to wear a well-fitted mask and also required that any additional masking required by the CDPH be enforced in the workplace. However, in response to the holiday Omicron variant surge, the CDPH required that all individuals mask up, regardless of vaccination status, from December 15, 2021, until February 15, 2022.

Mask Requirement Eased for General Public in Indoor Settings.

On February 7, 2022, the CDPH updated its masking guidelines, effective February 16, 2022, allowing vaccinated individuals to shed masks but requiring unvaccinated individuals to wear masks in indoor public settings, including offices and other workplaces. This again aligned the CDPH with Cal/OSHA.

Shortly thereafter, on February 28, 2022, Governor Newsom announced California was transitioning from its longstanding practice of requiring unvaccinated individuals to mask up indoors in nearly all circumstances to a strong recommendation that they do so in most settings, effective March 1, 2022, essentially allowing all individuals to remove masks indoors, except in the workplace under the Cal/OSHA ETS. This brought California in line with other West Coast states. Coordinating with California, the governors of Oregon and Washington simultaneously announced that masking for the unvaccinated would no longer be required as of 11:59 pm on March 11, 2022, in the Northwest.

Following Governor Newsom’s announcement, the CDPH issued updated masking guidance. The CDPH called attention to three main updates:

1. Effective March 1, 2022, the requirement that unvaccinated individuals mask in indoor public settings became a strong recommendation that all persons, regardless of vaccine status, continue indoor masking;
2. Universal masking will remain required in specified high-risk settings; and
3. After March 11, 2022, the universal masking requirement for K-12 schools and childcare settings will end. The CDPH, however, continues to strongly recommend that individuals in these settings continue to mask in indoor settings when the universal masking requirement lifts.

Masking Still Required in High-Risk Settings.

Subject to certain exemptions, the CDPH’s masking requirement for all, regardless of vaccination status, continues in the following settings:

•  Indoors in K-12 schools (through March 11, 2022)
• On public transit (examples: airplanes, ships, ferries, trains, subways, buses, taxis, and ride-shares) and in transportation hubs (examples: airport, bus terminal, marina, train station, seaport or other port, subway station, or any other area that provides transportation)
• Emergency shelters and cooling and heating centers
• Healthcare settings (applies to all healthcare settings, including those that are not covered by the State Health Officer Order issued on July 26, 2021)
• State and local correctional facilities and detention centers
• Homeless shelters
• Long Term Care Settings & Adult and Senior Care Facilities

Guidance for Guest and Customer Masking.

The CDPH guidance also includes suggestions for businesses, venue operators, and event hosts to assist them in navigating this new recommendation standard. The CDPH recommends, but does not require, businesses to:

• Provide information to all patrons, guests, and attendees regarding masking recommendations for all persons, regardless of vaccine status.
• Provide information to all patrons, guests, and attendees to consider better fit and filtration for masks, such as using surgical masks or higher-level respirators (e.g., N95s, KN95s, KF94s) over cloth masks.
• Require all patrons to wear masks, especially when risk in the community may be high, or if those being served are at high risk for severe disease or illness.
• Require attendees who do not provide proof of vaccination to enter indoor Mega Events to continue masking during the event, especially when not actively eating or drinking.

Now, except in specified high-risk settings, California only strongly recommends indoor mask-wearing for all Californians, regardless of vaccination status.

Indoor Mask Requirement Eased for Employees.

With the issuance of the February 28, 2022, CDPH guidance, it was unclear whether or how the new masking recommendations applied to employees because the Cal/OSHA ETS continued to require masking for unvaccinated employees in the workplace, but also required compliance with any masking order from the CDPH.

Late in the evening of February 28, 2022, Governor Newsom resolved the paradox by issuing a short Executive Order that suspended the Cal/OSHA ETS requirement that unvaccinated employees wear masks while indoors or in vehicles (i.e., Section 3205(c)(6)(A)) of the ETS), effective immediately. As a result, when the CDPH order went into effect on March 1, it lifted not only the indoor masking requirement for the unvaccinated general public, but also employees.

Importantly, other sections of the Cal/OSHA ETS that require face coverings in certain scenarios have not been suspended. Which means that for the time being, face coverings are still required in the workplace as follows:

• If the employer has onsite indoor health screening (something that most employers have moved away from by now), the employees being screened and the screeners need to wear face coverings, regardless of vaccination status.
• In the event of an “outbreak” or a “major outbreak,” employees in the exposed group must wear face coverings when indoors, regardless of vaccination status.
• For employees who have had a COVID-19 exposure and are either exempt from quarantine or ending their quarantine after Day 5, and for employees who have tested positive for COVID-19 and are returning to work after Day 5. Details are available here.

ETS Re-Adoption Period Extended by 21 Days to May 6, 2022.

In addition, the Governor’s February 28 Executive Order extended the 90-day effective period of the operative ETS by 21 days to May 6, 2022. Employers should be on the lookout for new changes to the ETS at that time.

California Localities Follow the State.

As of the time of publication, several major California cities and counties that previously had different masking requirements indicated their plans to come into line with California’s new masking recommendation: Los Angeles County (announced a tentative plan to roll back indoor mask mandate on March 4, 2022, following the CDC’s COVID designation); Los Angeles (City) (on February 25, 2022, Mayor Garcetti tweeted that the City would align with the County’s guidance on masking); Santa Clara County (announced a plan to lift indoor mask mandate as of March 2, 2022), and San Francisco (announced alignment with State to “recommend, but not require” masks in schools and child care settings after March 11).

Click Here for Original Article

California Legislature Introduces Bills to Extend Employment and Business-To-Business Data Exemptions

As companies begin to prepare their CPRA compliance strategies, they are grappling with whether to include personal information processed in employment and business-to-business contexts. Currently, the CPRA’s partial exemptions for both of those types of data sunset on December 31, 2022. However, last week, the CA legislature introduced AB 2871 and AB 2891. AB 2871 would extend the employment and business to-business exemptions in the CPRA indefinitely, and AB 2891 would extend them until 2026.

Click Here for Original Article

California Fair Employment & Housing Council Proposes Sweeping Regulation of Automated Decision-making and Artificial Intelligence in Employment

On March 15, 2022, the California Fair Employment & Housing Council released draft revisions to the state’s employment non-discrimination laws that would dramatically expand the liability exposure and obligations of employers and third-party vendors that use, sell, or administer employment-screening tools or services that embody artificial intelligence, machine learning, or other data-driven statistical processes to automate decision-making.

As proposed, the regulations would define an “automated-decision system,” or ADS, in extremely broad terms: any “computational process, including one derived from machine learning, statistics, or other data processing or artificial intelligence techniques, that screens, evaluates, categorizes, recommends, or otherwise makes a decision or facilitates human decision making that impacts employees or candidates.” This includes, without limitation:

• algorithms that screen resumes for particular terms or patterns;
• algorithms that employ face and/or voice recognition to analyze facial expressions, word choices, and voices;
• algorithms that employ gamified testing that include questions, puzzles, or other challenges used to make predictive assessments about an employee or candidate, or to measure characteristics including but not limited to dexterity, reaction time, or other physical or mental abilities or characteristics; and
• algorithms that employ online tests meant to measure personality traits, aptitudes, cognitive abilities, and/or cultural fit.

The proposal goes on to specify that the use of ADS in a manner that is intentionally discriminatory, or that is facially neutral but nonetheless results in discriminatory impact, is unlawful under state law.

The draft regulations provide that liability extends to third parties that act on behalf of an employer by providing services relating to various facets of employment, including recruiting, candidate screening, hiring, payroll, benefit administration, etc., if they adversely affect the terms or conditions of employment. These third parties would be considered “agents” of the employer (and thereby, “also an employer” of the aggrieved party) and would thus be directly liable for claims of discrimination. The regulations likewise expand the definition of “employment agency” to include any person who provides ADS or ADS-related services—essentially making the vendors and administrators of employment-screening tools subject to the non-discrimination law. The proposed regulation would also create “aiding and abetting” liability for anyone engaged in “the advertisement, sale, provision, or use” of an ADS if the end use of that ADS results in unlawful discrimination.

Finally, the regulations would expand recordkeeping requirements under current law from two years to four years, and would require the retention, by the employer and all other covered third-party entities, of all data used in the process of developing or applying machine-learning algorithms that are utilized as part of an ADS. This would include datasets used to train the algorithm; data provided by individual candidates or employees; data about individual candidates and employees that have been analyzed by the algorithm; and data produced from the application of an ADS operation. The revisions would also require all third parties engaged in “the advertisement, sale, provision, or use” of ADS tools to preserve “the assessment criteria used by the [ADS] for each such employer or covered entity to whom the [ADS] is provided.”

The Council is slated to discuss these proposed regulations in a public (virtual) meeting scheduled for 3:00 p.m. (PDT) on Friday, March 25, 2022. If approved, they will be open for public comment. Ultimately, the Council may approve the draft as proposed, or presumably make modifications to the proposal based on comments received. What is clear, however, is that the Golden State is poised to regulate the use of artificial intelligence and machine learning in employment decision-making aggressively, and to extend liability to vendors and those who provide products or services to assist employers in doing so.

Click Here for Original Article

Utah Poised to Enact Consumer Privacy Law

On March 3, 2022, the Utah House of Representatives unanimously passed a consumer privacy bill which the Utah Senate passed earlier this year. The bill, entitled the Utah Consumer Privacy Act, still has several hurdles to jump through before becoming law. Leaders from both legislative chambers will need to provide their signatures before the 2022 session adjournment on March 4, 2022; following those signatures, Utah Governor Spencer J. Cox has 20 days to sign or veto the bill before it becomes law. Despite these remaining hurdles, the bill is widely expected to become the fourth comprehensive state consumer privacy law in the United States and the first such bill to become law in 2022.

The Utah Consumer Privacy Act would apply to businesses who:

1. Conduct business in Utah or produce a product or service targeted to Utah residents;
2. Have an annual gross revenue of over $25 million; and
3. Either (i) control or process the personal data of at least 100,000 residents or (ii) derive over 50% of its gross revenue from the “sale” of personal data and controls or processes personal data of at least 25,000 residents.

The Act’s applicability would make it narrower than any currently enacted state privacy law to date. And as with other state laws, the Act contains broad exceptions for certain entities and data categories, including higher education institutions, nonprofits, and information and entities regulated by both the Health Insurance Portability and Accountability Act (HIPAA) and the Gramm-Leach-Bliley Act (GLBA).

The Act, which is scheduled to take effect on December 31, 2023, includes many of the same rights, obligations and exceptions that have become common in other consumer privacy laws and proposals:

• The Act provides consumers with the now well-known rights of notice, access, portability, and deletion. These rights, however, are limited by reasonable business-use exemptions, such as detecting fraud and complying with a company’s legal obligations. Notably, the Act does not provide consumers with the right to correction.
• Like other laws, the Utah Consumer Privacy Act allows consumers to opt-out of the use of their information for certain purposes, including targeted advertising and the sale of personal information. Unlike other state laws, the Utah Consumer Privacy Act does not allow consumers to opt-out of automated “profiling.”
• The “personal information” protected by the bill includes information that is linked or reasonably linkable to an identified or identifiable individual. “Personal information” does not include deidentified, aggregated or publicly available information.
• The Act would exclude employee data and business-to-business contact information from its scope, following similar exclusions in other states.
• The Act creates a category of “sensitive” information, which includes information about racial or ethnic origin, religious beliefs, sexual orientation, citizenship or immigration status, health, biometric or genetic data, and geolocation data. However, instead of following the Virginia/Colorado model and requiring opt-in consent for the collection and processing of sensitive information, the Act would require businesses to provide notice and an opportunity to opt out of the use of “sensitive” data.
• The Utah Consumer Privacy Act is exclusively enforced through actions by the Utah Attorney General. The law does not provide for a private right of action.
• The Act grants the Utah Department of Commerce Division of Consumer Protection the power to investigate consumer complaints regarding the processing of their personal information by a business. If the director of the Division of Consumer Protection has reasonable cause to believe that substantial evidence exists that the business is in violation of the law, the director will then refer the matter to the Attorney General.

Click Here for Original Article

Utah Consumer Privacy Act Signed into Law

On March 24, 2022, Utah Governor Spencer Cox signed the Utah Consumer Privacy Act (“UCPA”) into law, making it the fourth state to pass a comprehensive data privacy law – joining California, Virginia, and Colorado. The UCPA becomes effective on December 31, 2023. Here are the high-level takeaways to know:

Who does the UCPA protect?

The UCPA protects the personal data of “consumers,” which is defined as a Utah resident acting in an individual or household context and does not include a person acting in an employment or commercial context. “Personal data” is defined as information linked or reasonably linkable to an identified individual or an identifiable individual; however, personal information does not include de-identified data, aggregated data, or publicly available information.

UCPA separately defines “sensitive information” and provides consumers the right to opt-out of the processing of their sensitive data, which differs from the other state privacy laws that require consumers to opt-in to such processing.

Are there entity or data level exemptions?

The UCPA provides full exemptions for certain types of entities, such as non-profits, covered entities and air carriers, and certain data types, such as data regulated by GLBA, HIPAA, and FERPA.

What is a sale?

A “sale” is defined as the transfer of data for monetary consideration, differing from other privacy laws which include “other valuable consideration.”

What rights are provided to consumers?

The UCPA provides consumers six rights: (i) confirmation an entity processing their personal data, (ii) access to their personal data, (iii) deletion of their personal data, (iv) portability of their personal data, (v) opt-out of targeted advertising and sale of their personal data, and (vi) the not to be discriminated against for exercising their rights. These rights are not as robust as other state privacy laws; given the right to data portability, deletion, and not to be discriminated have certain limitations in comparison.

Enforcement and Cure.

The UCPA does not provide a private right of action. The Attorney General is responsible for enforcing the UCPA, and before bringing an action, the Attorney General must provide a covered business with 30 days to cure any alleged or ongoing violation. Damages for any action brought by an Attorney General are limited to actual harm to consumers and a maximum penalty of $7,500 per violation.

Click Here for Original Article

Washington State to Join the Growing List of States with Expanding Pay Disclosure Requirements

The rise of state pay transparency laws continues, this time with Washington doubling down on its most recent round of pay equity legislation. If new legislation currently on the desk of Governor Inslee becomes law, Washington employers will soon be required to make affirmative compensation-based disclosures to both candidates and employees.

To date, Washington has implemented one of the more moderate approaches to pay transparency. Under the current law, employers with 15 or more employees are required to provide candidates the “minimum wage or salary” for a position, but only after an offer has been made and upon candidate request. Similarly, employers must also provide the “wage scale or salary range” for internal transfers, but only after an internal transfer or promotion has been offered and upon employee request.

Washington is now poised to align itself with the more aggressive pay transparency regimes implemented in places like Colorado and New York City. Under the proposed legislation, Washington employers with 15 or more employees would be required to affirmatively disclose in all job postings a “wage scale or salary range” and a description of “benefits and all other compensation,” regardless of offer status or candidate request. Similarly, employers would also be required to disclose the “wage scale or salary range” for internal transfers.

Similar to many of its counterparts nationwide, the Washington legislation presents a certain level of uncertainty for employers.

The legislation first fails to define the terms “wage scale or salary range” and “benefits and all other compensation,” further compounding the ambiguity by striking a portion of the current law that allows for the provision of a “minimum wage or salary” if no “wage scale or salary range” exists.

It is likely that subsequent guidance will be needed to provide employers with direction on implementation and compliance, much like what we have seen in states like Colorado that have sought to clarify similar ambiguity.

If signed into law, these requirements will go into effect January 1, 2023.

Click Here for Original Article

Considering Tracking Employees in Vehicles? New Jersey Now Requires Employers to Provide Notice

Next month, New Jersey private employers will need to start informing drivers before using GPS tracking devices in the vehicles they operate. A new state law that becomes effective April 18, 2022, requires employers to provide written notice to employees before using “electronic communications devices” or “electronic or mechanical devices” that are used for the purpose of tracking the movement of a vehicle, person, or device. As defined in the law, “electronic communications devices” are those that use electronic signals to create, transmit, and receive information, such as computers, telephones, personal digital assistants, and similar devices. The notification requirement applies to both employer-owned and personal vehicles.

“Tracking” covered under the law would include, for example, cellphone apps with geolocation technology for salespeople, devices issued by insurance carriers to monitor safe driving, and GPS locators that track delivery drivers on their routes. The law excludes “devices used for the purpose of documenting employee expense reimbursement” from the notice requirement. In addition, nothing in the law supersedes regulations governing interstate commerce, including as to the use of electronic communications devices mandated by the Federal Motor Carrier Safety Administration.

Employers that violate the law could face a fine of $1,000 for the first violation and up to $2,500 for each subsequent violation.

With the enactment of the law, New Jersey joins New York, California, Delaware, and Illinois in placing restrictions on employee monitoring outside of the workplace. Given this trend, employers that use (or wish to use) tracking devices—not just those in New Jersey and other locales with such laws on the books—should consider reviewing their policies with respect to GPS and other employee tracking outside the workplace.

What New Jersey Employers Should Do Now

• Audit the tracking devices that you currently are using in vehicles employees use, to ensure you have a comprehensive understanding of all the ways the tracking devices monitor the vehicles, which may include passive tracking from third parties, such as insurance companies or fleet management companies, or on devices such as laptops, cellphones, and tablets.
• Consider updating handbook(s) and other relevant policies to provide employees clear guidance regarding the types of tracking occurring in vehicles, and confirm there is an acknowledgment section for the handbook or policy.
• Draft a notice that accurately describes the tracking practices for vehicles that employees use, with an acknowledgment section for such employees.

Click Here for Original Article

Wyoming Enacts Genetic Data Privacy Act

Governor Mark Gordon signed the Wyoming Genetic Data Privacy Act into law on March 8, 2022. The law goes into effect on July 1, 2022.

The Genetic Data Privacy Act requires any business that collects genetic data from individuals to: (1) provide transparent information to consumers about the collection, use, and disclosure of genetic data before collecting it and (2) obtain express consent from an individual before collecting the genetic data. The Act also includes strict prohibitions on how the genetic data can be disclosed and retained. The law does not apply to covered entities or business associates collecting protected health information under HIPAA.

The law provides consumers with the statutory right to request deletion of the data when they are no longer being used or needed for the purpose for which they were collected. It also provides consumers with a private right of action to seek damages from anyone who violates the Act.

The Attorney General of Wyoming has jurisdiction to enforce the law, which carries penalties of up to $2,500 for each violation, actual damages for consumers who have been harmed, and attorneys’ fees and costs.

Click Here for Original Article

Florida Senate Adjourns, Data Privacy Bill Yet Again Fails to Pass

Moments ago, the Florida Senate adjourned for the day. Although they will return on Monday for certain budget-related items, this development means another session has passed in which a comprehensive data privacy law was considered and yet failed to make it through the Florida legislature.

As CPW previously covered, Florida HB 9 had some important differences as compared to Florida HB 969, the bill considered last year (which was also introduced by Representative McFarland) that failed over a disagreement on inclusion of a broad private right of action. These differences included that Florida HB 9 had a more limited private right of action, applicable only to companies meeting certain revenue thresholds that have committed specifically enumerated violations. Additionally, among other things, HB 9 required annual reports from the Attorney General to the Legislature and provides changes to data retention rules. Many in the business community are no doubt feeling a sense of relief as if HB 9 had passed, it would have become effective on January 1, 2023, providing companies a short runway for coming into compliance.

Click Here for Original Article

Amendments to the Virginia Consumer Data Privacy Act Pass Legislature

The Virginia Consumer Data Privacy Act (CDPA)—which is set to go into effect on January 1, 2023—will likely be amended in the coming days. The Virginia House and Senate have passed four amendments which, most notably, address how businesses can process deletion requests, and reshape the scope of the law’s non-profit exemption. These bills will now be sent to Virginia’s Governor, and he will have until April 11 to review them and potentially sign them into law.

As we had previously noted, these amendments were inspired by a November 2021 report by the working group that was established under the law to suggest improvements. Because the Virginia CDPA does not provide the state Attorney General with rulemaking authority, any changes to the law must come from state legislature. If you would like to learn more about the Virginia CDPA, visit our past post here.

Amendments to Virginia’s CDPA

Expand Non-Profits Exemption. The Virginia CDPA already exempts “nonprofit organizations,” but two potential amendments expand the nonprofits exempted from the CDPA. SB 534 and HB 714 both revise the definition to include “any political organization” which they define as a “party, committee, association, fund, or other organization, whether or not incorporated, organized and operated primarily for the purpose of influencing or attempting to influence the selection, nomination, election, or appointment of any individual to any federal, state, or local public office or office in a political organization or the election of a presidential/vice-presidential elector, whether or not such individual or elector is selected, nominated, elected, or appointed.”

Both bills also define a nonprofit organization to include “any organization exempt from taxation under § 501(c)(4) of the Internal Revenue Code that is identified in § 52-41.” § 52-41 of the Virginia Code applies to certain insurance fraud organizations that operate in the context of the state police. Lastly, the bills define a nonprofit to include “any subsidiary or affiliate of entities organized pursuant to Chapter 9.1 (§ 56-231.15 et seq.) of Title 56.” Chapter 9.1 refers to utility consumer services cooperatives and utility aggregation cooperatives.

Deletion Requests. HB 381 and SB 393 make it easier for controllers that obtain consumer personal data from other sources (other than the consumer) to comply with the consumer’s right to delete. The amendments note that if controllers obtain consumer personal data from a source other than the consumer, a controller is in compliance with a request from the consumer to delete, if they either: (a) “retain[] a record of the deletion request and the minimum data necessary for the purpose of ensuring the consumer’s personal data remains deleted from the business’s records and not us[e] such retained data for any other purpose” pursuant to the CDPA; or (b) “opt[] the consumer out of the processing of such personal data for any purpose except for those exempted” pursuant to the CDPA. These amendments will assist data brokers and other companies that do not directly process consumer data to comply with requests to delete.

Deletion of Consumer Privacy Fund: SB 534 and HB 714 both eliminate the Consumer Privacy Fund. The bills note that civil penalties, expenses, and fees will instead be paid to the Regulatory, Consumer Advocacy, Litigation, and Enforcement Revolving Trust Fund.

Click Here for Original Article

Illinois employers face new Equal Pay Act reporting requirements beginning March 24, 2022

In recent years, Illinois has enacted a number of laws intended to address historical pay inequities among genders, races and other protected categories. Among these laws, is the Illinois Equal Pay Act (the “IEPA”), which provides that employees of a different sex or race who perform substantially similar work on jobs that require substantially similar skill, effort, and responsibility (and which are performed under similar working conditions) may not receive a lower wage rate.

In 2021, Illinois updated the IEPA by enhancing reporting and compliance requirements for private businesses that have at least 100 employees in Illinois (including employees who work remotely in states outside of Illinois, but who report directly to an employer’s facility in Illinois) and are required to file an Annual Employer Information Report EEO-1 (“EEO-1”) with the Equal Employment Opportunity Commission. For many employers, these enhanced reporting requirements may be effective as early as March 24, 2022.

Employers Must Apply for Equal Pay Registration Certificates

The most significant changes to the IEPA pertain to a covered employer’s duty to obtain an Equal Pay Registration Certificate (“EPR Certificate”) from the Illinois Department of Labor (“IDOL”).

Covered employers approved to do business in Illinois on or before March 23, 2021, must apply for a EPR Certificate from the IDOL between March 24, 2022 and March 23, 2024, and must recertify every two years thereafter. Covered employers that became authorized to do business in Illinois after March 23, 2021 must apply for an EPR Certificate within three years of beginning business operations, but not before January 1, 2024, and must recertify every two years thereafter.

On January 25, 2022, the IDOL announced it would communicate directly with covered businesses when it is time for them to apply for their EPR Certificates. Businesses shall receive no less than 120 days advance notice of their registration deadlines. That being said, the IEPA requires covered employers comply with the Equal Pay Registration requirements as a matter of law— in other words, even if the IDOL fails to notify an employer of a registration date or of a recertification deadline, the employer is still required to fulfill their obligations under the IEPA. As such, employers should be proactive in obtaining a deadline from the IDOL if they do not receive one.

To apply for an EPR Certificate, employers must pay a $150 filing fee and submit wage records and an equal pay compliance statement to the IDOL.

The required wage records must include the employer’s most recent EEO-1 Report and a list of all of its employees during the past calendar year. The employee list must be separated by gender, race, and ethnicity (as reported in the EEO-1 Report) and include the county in which each employee works, total wages paid in the past year and “any other information the [IDOL] deems necessary to determine if pay equity exists among employees.” A template of an employee list containing what the IDOL considers “necessary information” can be found on the IDOL website.

It is currently unclear whether the requested EEO-1 report is limited to an employer’s Illinois locations or if a company-wide report is required.

Employers will also need to submit an equal pay compliance statement signed by a corporate officer, legal counsel, or authorized agent of the business certifying:

•  The employer is in compliance with the IEPA, Title VII of the Civil Rights Act of 1964, the Equal Pay Act of 1963, the Illinois Human Rights Act, the Equal Wage Act, and other applicable antidiscrimination laws;
• The average compensation for the employer’s female and minority workers is not consistently below the average compensation for male and non-minority workers within each job category in the EEO-1 Report, considering factors such as length of service, requirements of specific jobs, experience, skill, responsibility, education or training, job location, or other mitigating factors;
• The employer does not restrict employees of one sex to certain job classifications, and makes retention and promotion decisions without regard to sex;
• The employer corrects wage and benefit disparities when identified to ensure statutory compliance;
  o How often the employer evaluates its employees’ compensation and benefits; and
  o The approach the employer takes in determining what level of compensation and benefits to pay its employees.

Within 45 days of receiving an employer’s equal pay registration application, the IDOL will issue an EPR Certificate or a statement as to why an application was rejected. In the event an employer’s application is rejected, the employer will have 30 days to cure any deficiencies in the application. A covered business that fails to make a good-faith effort to comply or otherwise violates the IEPA’s reporting and certification requirements may face suspension or revocation of their certification, as well civil penalties of up to $10,000.

Employers should also note, the IDOL’s receipt of an application or issuance of an EPR Certificate does not establish a covered business is in full compliance with the IEPA. Nor is the IDOL’s issuance of an EPR Certificate a defense against an IEPA violation found by the IDOL or a basis for mitigation of damages.

Information Disclosure

Per the amended IEPA, any individually identifiable information submitted to the IDOL through an equal pay registration application, will be considered confidential information and exempt from disclosure under the Illinois Freedom of Information Act (“FOIA”). However, individually identifiable information may still be shared between state agencies — including the Department of Human Rights and the Office of the Attorney General — for enforcement purposes.

Aggregate information, information that would not reasonably identify an individual employee, submitted to the IDOL through an equal pay registration application, such as the job category and the average hourly wage by county for each covered business’s Illinois-based employees’ gender, race and ethnicity category on the registration certificate, is not confidential and is therefore subject to disclosure under FOIA. Additionally, the IDOL’s decision to issue, deny, revoke, or suspend an EPR Certificate is also considered public information.

As the amended IEPA opens an avenue for potential collective or class actions brought by employees for systemic pay disparities, Employers should seriously consider the practical consequences of having their EEO-1 employee aggregate data being publicly available and take necessary steps to address compensation inequity among employees prior to submitting their applications to the IDOL.

Employer Takeaways

Unless they have already done so, employers should provide contact information to the IDOL via the following link: https://forms.office.com/g/VQweNsryxx. Once an employer provides their contact information to the IDOL, employers should monitor their email for their assigned application due date and begin developing a process to comply with the reporting requirements highlighted above.

Because certification will require a large compilation of data, it is strongly recommended that prior to receiving a deadline from the IDOL, covered employers should begin reviewing and gathering the relevant data and documents to fulfill their IEPA obligations. Employers should also consider proactively conducting a pay equity audit to identify any pay equity concerns and gather relevant information to devise strategies for making any necessary changes.

While the IEPA contains very strict terms and specific obligations, it also contains a great deal of ambiguity. As such, it is likely the IDOL will provide additional guidance or FAQs in the coming weeks regarding the many open questions that remain. Employers should keep an eye out for developments surrounding the IEPA and additional guidance to inform the best approach for compliance with the law.

Click Here for Original Article

New York Ends Designation of Covid-19 Under the HERO Act

Effective March 17, 2022, the New York State Commissioner of Health has ended the designation of COVID-19 as an airborne infectious disease under the New York HERO Act. As a result, employers are no longer required to enforce their workforce safety plans related to COVID-19.

With the expiration of the designation of COVID-19 under the HERO Act, most private employers in New York (excepting some employers in healthcare and congregate care settings or other high-risk sectors) are now no longer mandated to implement COVID-related safety protocols, such as daily health screenings. However, New York City private employers are still required to implement mandatory COVID-19 vaccine requirements for their employees.

Even when a designation of an airborne infectious disease is not in effect, the HERO Act requires New York employers to:

• create an airborne infectious disease exposure prevention plan (if they have not already);
• provide a copy of the plan to employees within 30 days after creating one;
• provide a copy to any new employees upon hire;
• post the plan in each work site so employees can view it; and
• update the plan as needed.

Further, as we have previously reported, the HERO Act also requires employers with 10 or more employees to allow employees to “establish and administer a join labor-management workplace safety committee.” While there is no affirmative obligation for employers to create a workplace safety committee under the Act, covered employers must allow employees to create a committee upon request. The New York Department of Labor is currently in the process of reviewing public comments to a proposed rule it issued in December 2021 regarding the workplace safety committee requirement, and a final rule is expected sometime in the future.

Click Here for Original Article

Virginia Repeals Workplace COVID-19 Standard, Replaces it with Guidance

On July 15, 2020, the Virginia Safety and Health Codes Board (which included author Courtney Malveaux) made Virginia the first state in the nation to promulgate an Emergency Temporary Standard to address COVID-19 in workplaces, and it made the standard permanent on January 27, 2021. The Board voted to repeal that standard, effective March 23, 2022.

Virginia will replace the standard with guidance that makes clear the agency’s and the Commonwealth’s policy to “support and respect the rights of individuals to choose whether to wear masks or to not wear masks in non-federally mandated environments, unless required by law or as medically appropriate in cases of acute illness or in certain healthcare environments.”

The guidance also makes clear that Virginia Occupational Safety and Health (VOSH) and the Commonwealth “will not allow or condone illegal discrimination based on wearing or not wearing masks, and people should not be fired or terminated for not wearing a mask” in most circumstances.

Further, the guidance indicates that employers should engage workers to mitigate COVID-19 transmission by:

• Facilitating employee vaccinations;
• Encouraging workers with COVID-19 symptoms to stay home from work and seek a physician’s advice on testing and treatment;
• Requiring workers infected with COVID-19 to stay home;
• Providing workers with face coverings or surgical masks;
• Encouraging personal hygiene, including frequent handwashing;
• Educating workers on employers’ COVID-19 policies in languages employees understand;
• Operating and maintaining ventilation systems in accordance with manufacturers’ specifications;
• Recording and reporting work-related COVID-19 infections when required under long-standing OSHA recordkeeping standards; and
• Following other applicable VOSH standards, including those governing respiratory protection, personal protective equipment, sanitation, bloodborne pathogens, and Virginia’s General Duty Clause, which requires employers to provide employment and a place of employment that is free of recognized hazards.

The guidance does not clarify whether VOSH will enforce Virginia’s General Duty Clause if employers fail to follow generally recognized hazards related to COVID-19, including failure to follow guidance provided by the U.S. Centers for Disease Control and Prevention. It also does not clarify whether VOSH will continue its two-year-long practice of initiating Rapid Response Inquiries in which the agency asks employers to answer complaints by employees or others of COVID-19 hazards in workplaces.

Click Here for Original Article

COURT CASES

Wisconsin Supreme Court Eases the Burden for Employers Defending Arrest and Conviction Record Discrimination Claims Under State Law

The Wisconsin Fair Employment Act (WFEA) prohibits employers from discriminating against candidates and employees on the basis of their arrest and conviction records. Generally, an employer cannot make decisions on the basis of an arrest or conviction record unless the crimes “substantially relate” to the circumstances of the job at issue. For many years, the state agencies responsible for enforcing this law—the Wisconsin Department of Workforce Development (DWD) and the Labor and Industry Review Commission (LIRC)—have taken the view that crimes of domestic violence do not substantially relate to any type of job. Their reasoning was that crimes committed in a so-called “domestic setting” or that involve a victim with whom the criminal had a personal relationship do not suggest that the criminal would engage in violence in the workplace. In the recent case Cree, Inc. v. Palmer, the Wisconsin Supreme Court provided much-needed relief to Wisconsin employers by clarifying the law, easing employers’ burden for proving a substantial relationship, and rejecting LIRC’s view that domestic violence crimes cannot be substantially related to employment.

Background

In 2013, a job candidate was convicted of committing eight crimes of domestic violence against his girlfriend. He pled no contest to two counts of felony strangulation and suffocation, four counts of misdemeanor battery, one count of fourth degree sexual assault, and one count of criminal damage to property. Two years later, after serving out his prison sentence, the candidate applied to Cree for a lighting applications specialist position. In that role, the candidate would have worked at Cree’s sprawling 600,000 square foot facility along with approximately 1,100 other employees. The candidate would have needed to work with Cree’s customers, sometimes on location at customers’ facilities. He also would have occasionally traveled for tradeshows, potentially overnight. During these customer visits and tradeshows, the candidate would have worked independently without much supervision. Cree made the candidate a conditional offer of employment, but after obtaining a background check and learning of his extensive criminal record, Cree withdrew the offer. The candidate then filed a complaint with the DWD alleging conviction record discrimination. Years of litigation and appeals ensued, with both parties prevailing at different points along the way.

LIRC, following its pattern in prior domestic violence cases, classified the candidate’s crimes as having occurred in a “domestic setting” and determined they were not substantially related to the position at Cree. Cree petitioned the Wisconsin Supreme Court for review. The court had not reviewed a case involving the substantial relationship test since 1987, and so was primed to correct LIRC’s interpretations of law that had developed in the interim, particularly those related to domestic violence.

Wisconsin Supreme Court Weighs In

In a notable decision, the Wisconsin Supreme Court reversed LIRC and held that Cree sufficiently established that the circumstances of the candidate’s convictions were substantially related to the circumstances of the job at Cree. The court began its analysis by providing a simplified reformatting of the substantial relationship test: the test requires an employer show that the facts, events, and conditions surrounding the crime materially relate to the facts, events, and conditions surrounding the job. Turning to LIRC’s “domestic setting” analysis, the court commented that LIRC had essentially created an exception to the substantial relationship test for all domestic violence crimes based on the common, but unsupported, assumption that domestic batterers have a tendency to be violent only towards intimate partners. The court reinforced that these details of the crime—such as the domestic context of the offense or an intimate relationship with the victim—are immaterial to the test. Instead, the relevant inquiry is into the circumstances material to fostering criminal activity. As the court explained, the material circumstances are those that exist in the workplace that present opportunities for recidivism given the character traits revealed by the circumstances of a domestic violence conviction case.

Examining the traits exhibited by domestic violence perpetrators like the candidate, the court found that they engage in violence under circumstances where their victims are isolated away from those who might intervene. They are also willing to use violence to exert power and control over others. Specific to the candidate, the court considered the serious nature of his crimes, the fact that he was convicted only two years prior to his application for employment, and his pattern of criminal behavior pre-dating his 2013 convictions. The court considered the seriousness of the convicted offense because “the more serious the offense, the less we can expect an employer to carry the risk of recidivism.” The court also specifically recognized an employer’s legal obligations to protect customers and other employees. As to the recency of the candidate’s convictions, the court noted: “If significant time has passed since a potential employee’s last conviction, then that tends to indicate rehabilitation and reduces the likelihood of recidivism. But the existence of convictions with similar elements that predate the most recent conviction undermine an inference of rehabilitation, increasing the recidivism risk.”

In the job at Cree, the candidate would have been challenged by supervisors, coworkers, and customers, and these interactions could lead the candidate to react, consistent with his past behavior, in a violent manner in order to exert his own power or control. The absence of regular supervision would have created further opportunities for the candidate to engage in violence. With these considerations in mind, the court held that the candidate’s conviction record was substantially related to the job at Cree.

What this Means for Employers

With the Cree decision, Wisconsin employers will be able to make more confident decisions when assessing whether an employee’s or candidate’s crimes are substantially related to a job. Employers will also be able to base employment decisions on domestic violence crimes, which before Cree, would have entailed significant risk. While the enforcement agencies could still decide that domestic violence crimes do not substantially relate to other types of jobs, the agencies’ determinations can no longer be based on LIRC’s past unsupported “domestic setting” assumptions, but instead must be based on the Wisconsin Supreme Court’s reformatted, common sense approach to the test. While Wisconsin employers must still engage in an individualized assessment of an candidate’s or employee’s pending charges or convictions, they no longer need to consider treating those from a domestic setting any differently than other types of charges or convictions.

Click Here for Original Article

INTERNATIONAL DEVELOPMENTS

Switzerland: Updated Swiss position on the Swiss-USA Privacy Shield

The Swiss-US Privacy Shield is a transatlantic agreement between Switzerland and the US dating back to 2017. The purpose was to guarantee a system in which US-based companies could become certified that they comply with data protection requirements when transferring personal data from Switzerland to such US based company, based on article 6 of the Federal Act on Data Protection (“FADP”).

In July 2020, the European Court of Justice (“ECJ”) invalidated the European Union-US Privacy Shield in the case between Data Protection Commission v. Facebook Ireland Limited and Maximillian Schrems. Only two months later, in September 2020 during its annual review, the Swiss Federal Data Protection and Information Commissioner (“FDPIC”) in its position paper declared that the Swiss-US Privacy Shield does not provide a sufficient level of protection. The FDPIC mainly emphasised the lack of enforceable rights of the data subjects in Switzerland regarding the US authorities and the absence of transparency to prove the ombudsman’s independence vis-à-vis US authorities, such as United States intelligence services.

Since the US is now listed on the FDPIC’s list as a country not providing a sufficient level of protection (article 6 of FADP), FDPIC warns Swiss entities to weigh up the risks involved in transferring personal data to entities based in the US before effecting such transfers.

Click Here for Original Article

UK: IDTA, Addendum, and Transitional Provisions Enter into Force

The Information Commissioner’s Office (‘ICO’) announced, on 2 February 2022, its introduction of three documents laid before Parliament, which have entered into force on 21 March 2022. In particular, the documents include the international data transfer agreement (‘IDTA’), the international data transfer addendum to the European Commission’s Standard Contractual Clauses (‘SCCs’) for international data transfers (‘the Addendum’), and a document setting out transitional provisions to align data transfers with the EU SCCs, following Brexit and the Court of Justice of the European Union (‘CJEU’) judgment in Data Protection Commissioner v. Facebook Ireland Limited, Maximillian Schrems (C-311/18) (‘the Schrems II Case’).

Furthermore, the ICO outlined that organisations can now choose to either use the IDTA or the Addendum when making restricted transfers under the UK General Data Protection Regulation (Regulation (EU) 2016/679) (‘UK GDPR’). Specifically, the ICO highlighted that the IDTA incorporates and amends the new EU SCCs, providing an appropriate safeguard under the UK GDPR for personal data sent or made accessible to a recipient in a third country that does not have an adequate decision. On the other hand, the ICO indicated that the Addendum allows organisations to use the EU SCCs themselves to cover both transfers, avoiding the need to use both the EU SCCs and the IDTA.

Moreover, the ICO clarified that it will publish tools to provide support and guidance for organisations, including:

• clause by clause guidance to the IDTA and the Addendum;
• guidance on how to use the IDTA;
• guidance on transfer risk assessments; and
• further clarifications on our international transfers guidance.

You can read the ICO guide here, the IDTA here, the Addendum here, and the transitional provisions here.

Click Here for Original Article

MISCELLANEOUS

United States and EU Announce Trans-Atlantic Data Privacy Framework

The United States and the European Commission have committed to a new Trans-Atlantic Data Privacy Framework, which will foster trans-Atlantic data flows and address the concerns raised by the Court of Justice of the European Union when it struck down in 2020 the Commission’s adequacy decision underlying the EU-U.S. Privacy Shield framework.

This Framework will reestablish an important legal mechanism for transfers of EU personal data to the United States. The United States has committed to implement new safeguards to ensure that signals intelligence activities are necessary and proportionate in the pursuit of defined national security objectives, which will ensure the privacy of EU personal data and to create a new mechanism for EU individuals to seek redress if they believe they are unlawfully targeted by signals intelligence activities. This deal in principle reflects the strength of the enduring U.S.-EU relationship, as we continue to deepen our partnership based on our shared democratic values.

This Framework will provide vital benefits to citizens on both sides of the Atlantic. For EU individuals, the deal includes new, high-standard commitments regarding the protection of personal data. For citizens and companies on both sides of the Atlantic, the deal will enable the continued flow of data that underpins more than $1 trillion in cross-border commerce every year, and will enable businesses of all sizes to compete in each other’s markets. It is the culmination of more than a year of detailed negotiations between the EU and the U.S. following the 2020 decision by the Court of Justice of the European Union ruling that the prior EU-U.S. framework, known as Privacy Shield, did not satisfy EU legal requirements.

The new Trans-Atlantic Data Privacy Framework underscores our shared commitment to privacy, data protection, the rule of law, and our collective security as well as our mutual recognition of the importance of trans-Atlantic data flows to our respective citizens, economies, and societies. Data flows are critical to the trans-Atlantic economic relationship and for all companies large and small across all sectors of the economy. In fact, more data flows between the United States and Europe than anywhere else in the world, enabling the $7.1 trillion U.S.-EU economic relationship.

By ensuring a durable and reliable legal basis for data flows, the new Trans-Atlantic Data Privacy Framework will underpin an inclusive and competitive digital economy and lay the foundation for further economic cooperation. It addresses the Court of Justice of the European Union’s Schrems II decision concerning U.S, law governing signals intelligence activities. Under the Trans-Atlantic Data Privacy Framework, the United States has made unprecedented commitments to:

• Strengthen the privacy and civil liberties safeguards governing U.S. signals intelligence activities;
• Establish a new redress mechanism with independent and binding authority; and
• Enhance its existing rigorous and layered oversight of signals intelligence activity

For example, the new Framework ensures that:

• Signals intelligence collection may be undertaken only where necessary to advance legitimate national security objectives, and must not disproportionately impact the protection of individual privacy and civil liberties;
• EU individuals may seek redress from a new multi-layer redress mechanism that includes an independent Data Protection Review Court that would consist of individuals chosen from outside the U.S. Government who would have full authority to adjudicate claims and direct remedial measures as needed; and
• U.S. intelligence agencies will adopt procedures to ensure effective oversight of new privacy and civil liberties standards.

Participating companies and organizations that take advantage of the Framework to legally protect data flows will continue to be required to adhere to the Privacy Shield Principles, including the requirement to self-certify their adherence to the Principles through the U.S. Department of Commerce. EU individuals will continue to have access to multiple avenues of recourse to resolve complaints about participating organizations, including through alternative dispute resolution and binding arbitration.

These new policies will be implemented by the U.S. intelligence community in a way to effectively protect its citizens, and those of its allies and partners, consistent with the high-standard protections offered under this Framework.

The teams of the U.S. government and the European Commission will now continue their cooperation with a view to translate this arrangement into legal documents that will need to be adopted on both sides to put in place this new Trans-Atlantic Data Privacy Framework. For that purpose, these U.S. commitments will be included in an Executive Order that will form the basis of the Commission’s assessment in its future adequacy decision.

Click Here for original Article

On the Same Topic

• The European Commissioner for Justice Didier Reynders and U.S. Secretary of Commerce Gina Raimondo issued a joint statement announcing that the negotiations on an enhanced EU-U.S. Privacy Shield framework will intensify.
• In a joint speech given in Brussels, the President of the European Commission, Ursula von der Leyden, and U.S. President Joe Biden indicated that the EU and the U.S. have found “an agreement in principle on a new framework for transatlantic data flows” that will “enable predictable and trustworthy data flows between the EU and the U.S., safeguarding privacy and civil liberties.” You can read remarks from President Joe Biden and European Commission President Ursula von der Leyen in their joint statement released by the White House here, and the European Commission here.
• The White House also issued a fact sheet on this announced Trans-Atlantic Privacy Framework.

What does this mean for your business?

A new framework for transfers of personal data between the EU and the U.S. has been needed since the previous EU-U.S. Privacy Shield framework was annulled by the Court of Justice of the European Union in the Schrems II judgment in July 2020. It is a positive step in the right direction after months of uncertainty for thousands of companies that regularly exchange data across the Atlantic. It’s worth noting that this news also comes on the heels of a recent Federal Trade Commission (FTC) consent order, in a data breach matter in which the FTC enforced its jurisdiction over a business’s misrepresentations of its compliance with data protection practices pursuant to Privacy Shield principles.

Annual H-1B Visa Lottery Opened on March 1, 2022

For employers who need to hire foreign national talent for STEM or other hard-to-fill positions, an important immigration deadline is around the corner.

The electronic H-1B lottery application window started on March 1 and ends on March 18 at 12 noon EST / 9 am PST. If you desire to have one or more candidates entered into the H-1B lottery, please let immigration counsel know by March 10.

If the case is selected, then immigration counsel would file a full H-1B petition with USCIS with an employment start date of October 1. This electronic lottery process allows immigration counsel to do a preliminary streamlined filing on your behalf. Employers no longer have to go “all-in” with a full petition filing up-front without knowing whether the petition has been accepted into the cap. This should result in substantial cost savings for employers.

H-1Bs are for college degreed professionals, such as software developers, engineers, scientists and financial analysts. The annual quota is 85,000 visas and demand is expected to be twice or three times that number.

Employers should check to see if they have a need for such a visa for either a possible new hire, or to keep a current foreign national employee work authorized who is on Optional Practical Training (OPT) or STEM OPT.

H-1Bs are good for three years and can be extended for an additional three years. They can be extended beyond year 6 as well if the company has sponsored the individual for permanent residency.

General H-1B Requirements

• Must have a college degree in a field related to the job offer.
• The position must be a specialty occupation. This is defined as an occupation that requires the theoretical and practical application of a body of highly specialized knowledge and the attainment of a bachelor’s degree or higher in the specific specialty (or equivalent) as the minimum for entry into the occupation in the United States.
• The employer must comply with the U.S. Department of Labor (DOL) prevailing wage requirements and pay the same wages as U.S. workers receive doing the same job or the prevailing wage, whichever is higher.
• The foreign national can only work for the sponsoring employer, but can transfer employment with a new H-1B visa petition filed by a subsequent employer.
• The initial H-1B petition filed for the first time for an individual is subject to an annual quota of 85,000 visas, and the quota is quickly used up each year. Of the 85,000 visas, there are 20,000 visas set aside for those who have graduated with a U.S. master’s or higher.
• For an initial H-1B petition (where the foreign national has never been in H-1B status before), the employer must file via the H-1B electronic lottery in March and indicate a start date of October 1. The quota is quite small compared to demand. Perhaps less than 50% of U.S. Masters get into the quota and 30% of bachelor degreed candidates.
• A first time H-1B is subject to strict quotas. H-1B transfers are exempt. Certain non-profit and university employers are exempt from the H-1B quota.

Prevailing Wage Requirements

The employer must pay the higher of the prevailing wage or what other U.S. workers at the company doing the same job are being paid. The U.S. Department of Labor publishes their wage survey, known as the Office of Foreign Labor Certification (OFLC) online data center wage survey at: http://flcdatacenter.com/.

Other Non-Immigrant Visa Options

Besides the H-1B visa, immigration counsel can review your company and talent needs and explore other possible non-immigrant visas as well including:

• E-1/E-2 investor/manager/essential employee
• E-3 specialty occupation for Australians
• F-1 student, OPT, and STEM OPT
• H-1B1 specialty occupation for Chileans and Singaporeans
• J-1 interns, trainees, and scholars
• L-1A executives and managers
• L-1B specialized knowledge workers
• Blanket L option for large companies
• O-1 extraordinary ability
• P-1A extraordinary athletes and teams
• P-1B extraordinary entertainment groups
• R religious workers
• TN: Trade NAFTA workers—Canada
• TN: Trade NAFTA workers—Mexico

Employment-Based Immigrant Visa Options (Permanent Residency)

• Employment-based first preference.
  • EB-1(A) extraordinary ability.
  • EB-1(B) outstanding researcher.
  • EB-1(C) multinational manager.
• Employment-based second preference (EB-2) exceptional ability with national interest waiver.
• EB-2 advanced degree with national interest waiver.
• EB-2 advanced degree with certified PERM application from DOL.
• Employment-based third preference (EB-3) with certified PERM (college degree required).
• EB-3 skilled with certified PERM (at least two years of experience required).
• EB-3 other (unskilled)—less than two years of experience—same priority date as EB-3.
• Schedule A for nurses and physical therapists.
• EB-4 (miscellaneous categories, including former U.S. Embassy and government employees abroad, Amerasians, religious workers, special immigrant juveniles, Panama Canal employees, employees of international organizations such as the United Nations, members of the armed forces, self-petitioning spouse or child of an abusive USC/LPR spouse).
• EB-5 investor—direct job creation in own business.

Click Here for Original Article

Building a Manufacturing Workforce: Using the H-1B Visa Program to Fill Specialized Positions

In recent years, the demand by U.S. employers for H-1B visas has outstripped the supply.

This is particularly evident in the manufacturing industry, where there is an immediate need for skilled workers in certain specialty occupations.

U.S. employers must pay H-1B workers the prevailing wage for their occupations in their geographical area.
Generally, a foreign worker may be admitted in the H-1B classification for a maximum of six years, with the U.S. employer initially petitioning for a validity period of up to three years. There is an annual limit of 65,000 available H-1B visas.

The H-1B visa category is for temporary (“non-immigrant”) employment for foreign professionals in “specialty occupations” that require at least a job-related bachelor’s degree or the equivalent.
Qualifying professional occupations typically include engineers, chemists, computer systems analysts, computer software developers, researchers, and budget and data analysts.

During each fiscal year of the U.S. Government, which starts Oct. 1, there is an annual statutory limit of 65,000 available H-1B visas, and 20,000 additional visas for foreign professionals who graduate with a master’s or doctorate degree from a U.S. educational institution.

Accordingly, the U.S. Citizenship and Immigration Services (“USCIS”) has implemented a lottery process, known as the cap lottery, for awarding the limited number of H-1B visas available.

The H-1B Cap Lottery

The cap lottery is a two-step process with the USCIS lottery registration and selection of foreign workers comprising the first step, and the preparation and filing with USCIS of an H-1B petition on behalf of the foreign professionals whose registrations are selected in the lottery comprising the second.

As no information regarding the position offered to the foreign national is provided to USCIS as part of the lottery registration process, it is inexpensive, and sponsoring U.S. manufacturers need only incur the effort and additional expense of preparing and filing an H-1B petition for those foreign workers who are lottery winners. The visa lottery registration period for fiscal 2023 begins Mar. 1, 2022.

USCIS announced on January 28, 2022, that the registration period for the fiscal 2023 lottery begins at noon, March 1, 2022, and runs through noon March 18, 2022. USCIS will select the 85,000 lottery winners at the end of March.

Manufacturers will then have a 90-day window to prepare and file H-1B petitions for the foreign workers whose registrations were selected in the lottery.
Foreign national professionals whose registrations are selected in this years’ cap lottery and whose H-1B petitions are ultimately approved by USCIS will have a start date of no earlier than Oct. 1, 2022.

Preparing for the Lottery

Manufacturers who wish to enter foreign workers in the upcoming H-1B cap lottery should begin the process as soon as possible.

While the lottery registration period begins in March, now is the time to prepare.

First, manufacturers should work with their hiring managers and experienced immigration counsel to determine whether the offered positions qualify as a “specialty occupation,” to determine the minimum or “prevailing wage” that must be paid to H-1B workers in those identified positions, and to select the foreign worker candidates they wish to sponsor for the fiscal 2023 lottery registration.

Manufacturers should also work with legal counsel to assess the sponsored foreign national’s current immigration status to ensure their eligibility for an H-1B visa and to collect their personal biographical information for the lottery registration.

Finally, manufacturers who are new to the H-1B cap lottery will need to create an online account on the USCIS lottery registration website and provide legal counsel with basic information about the sponsoring organization, including its legal name and Employer Identification Number.

Additional Labor Resources

During this significant U.S. labor shortage, as an additional resource for employing qualified professional, skilled and non-skilled workers, manufacturers should also consider other options for hiring foreign nationals, such as:

• Sponsoring foreign nationals who are already working for them abroad, either for a parent/affiliate company or a foreign subsidiary in an executive, managerial or specialized knowledge position, for the L-1A or L-1B intracompany transferee visa;
• Sponsoring Canadian and Mexican professionals who qualify for a TN visa;
• Employing foreign students who have recently completed or who will soon complete courses of study on an F-1 visa at a U.S. college or university and have an ensuing one- or three-year period of optional practical training in the U.S. available to them;
• Hiring foreign workers with a valid Employment Authorization Document available to them as accompanying dependents of a principal visa holder (ex. employees in H-4, L-2, or E-3D visa status) or as refugees or asylum seekers.

Next Steps for Manufacturers

Given the relative ease and low cost of sponsoring a foreign national for the H-1B cap lottery, and coupled with the ongoing shortage of available and qualified U.S. workers, manufacturers should consider using the H-1B visa as a tool for recruiting highly skilled professional workers who bring innovative ideas and in-demand knowledge of the latest manufacturing trends and processes to the job.

As the March registration period for the FY 2023 cap lottery is quickly approaching, manufacturers who are interested in learning more about the H-1B cap lottery and visa process should contact experienced immigration counsel immediately.

Click Here for Original Article