Gerber Argues FDA Preemption in Baby Food Lawsuit

  • In February 2021, the U.S. House of Representatives subcommittee on Economic and Consumer Policy released a report on the levels of heavy metals found in baby foods and the respective manufacturers. The report findings described “significant levels of toxic heavy metals” based on internal documents and test results submitted by baby food companies.  Lawsuits quickly followed, including many actions against Gerber Products Co., that allege Gerber falsely and deceptively failed to disclose the presence of unsafe levels of heavy metals in their baby foods.
  • Gerber argues in a recent motion to dismiss  that the primary jurisdiction doctrine should control. For background, the primary jurisdiction doctrine is a judicial doctrine used when courts and an agency have concurrent jurisdiction, but the court favors administrative discretion and expertise in deciding the issue.   In this case, Gerber argues that the Food and Drug Administration (FDA) is in a better position to decide “acceptable levels of heavy metals in baby foods” because of the need for expertise in issues of infant nutrition.
  • Gerber further alleges that Plaintiff’s claims are preempted by the Food, Drug, and Cosmetic Act (FDCA). Gerber argues that Plaintiff’s demand for mandatory disclosures on packaging is preempted by FDA because it is the Agency’s role to establish national policy on food safety and labeling.  Finally, Gerber says the Plaintiffs fail to plead deception, pointing to a lack of misleading statements on their packaging and no legal requirement to disclose heavy metals on a product label.
  • Keller and Heckman will continue to monitor and report on this litigation and any responsive regulatory actions or developments.

© 2022 Keller and Heckman LLP

Wegmans Settles With NYAG for $400,000 Over Data Incident

The New York Attorney General recently announced a data security-related settlement with Wegmans Food Markets. The issue arose in April 2021 regarding a cloud-based incident. At that time a security researcher notified Wegmans that the company had an Azure cloud storage container that was unsecured. Upon investigation, the company determined that the container had been misconfigured and that three million customer records had been publicly accessible since 2018. The records included email addresses and account passwords.

Of concern for the AG, among other things, were that the passwords were salted and hashed using SHA-1 hashing, rather than PBKDF2. Similarly, the AG found concerning the fact that the company did not have an asset inventory of what it maintained in the cloud. As a result, no security assessments were conducted of its cloud-based databases. The NYAG also took issue with the company’s lack of long-term logging: logs for its Azure assets were kept for only 30 days. Finally, the company kept checksums derived from customer driver’s license information, something for which the NYAG did not feel the company had a “reasonable business purpose” to collect or maintain.

The NYAG argued that these practices were both deceptive and unlawful in light of the promises Wegman’s made in its privacy policy. It also felt that the practices were a violation of the state’s data security law. As part of the settlement, Wegmans agreed to pay $400,000. It also agreed to implement a written information security program that addresses, among other things:

  1. asset management that covers cloud assets and identifies several items about the asset, including its owner, version, location, and criticality;
  1. access controls for all cloud assets;
  1. penetration testing that takes into account cloud assets, and includes at least one annual test of the cloud environment;
  1. central logging and monitoring for cloud assets, including keeping cloud logs readily accessible for 90 days (and further stored for a year from logged activity);
  1. customer password management that includes hashing algorithms and a salting policy that is at least commensurate with NIST standards and “reasonably anticipated security risks;” and
  1. policies and procedures around data collection and deletion.

Wegmans agreed to have the program assessed within a year of the settlement, with a written report by the third-party assessor provided to the NYAG. It will also conduct at-least-annual reviews of the program. As part of that review it will determine if any changes are needed to better protect and secure personal data.

Putting It Into Practice: This case is a reminder for companies to think not only about assets on its network, but its cloud assets, when designing a security program. Part of these efforts include clearly identifying locations that house personal information (as defined under security and breach laws) and evaluating the security practices and controls in place to protect that information. The security program elements the NYAG has asked for in this settlement signal its expectations of what constitutes a reasonable information security program.

Copyright © 2022, Sheppard Mullin Richter & Hampton LLP.

Minnesota Inadvertently Allows Unregulated Intoxicating Cannabis Edible Products

As of July 1, 2022, unregulated intoxicating THC products derived from hemp have been legalized in Minnesota, apparently as the result of confusion by state legislators about the new law’s actual effect. Although the express intent of the statute is to allow the sale of products that contain so-called “non-intoxicating cannabinoids” to consumers in Minnesota, the new law contains a massive loophole that effectively legalizes all forms of THC sold in edible products at levels that intoxicate with only a bare minimum of regulatory oversight.

This surely cannot have been the goal of many Minnesota legislators who voted for the bill. In fact, the Minneapolis Star Tribune has reported that at least one senator in the state’s Republican-controlled Senate confirmed that he did not realize that the new law would legalize edible products with all forms of THC. 

The Loophole

The new law changes section 151.72 of the Minnesota Statutes by defining “non-intoxicating cannabinoid” as “substances extracted from certified hemp plants that do not produce intoxicating effects when consumed by any route of administration.” The bill then incongruously allows for cannabinoid edible products to be sold to consumers in the state so long as the product contains no more than 0.3 percent of any THC and no more than 5 mg of any THC in a single serving, or more than a total of 50 mg of any THC per package.

Most states are now being forced to grapple with how to respond effectively to the problem of unregulated intoxicating hemp cannabinoids being sold openly and online. Edible products with intoxicating levels of hemp-derived delta-8 THC, delta-9 THC, delta-10 THC and THC-O Acetate are sold widely as legal and less-expensive alternatives to regulated marijuana products. States have employed various strategies to, by varying degrees, limit, regulate or prohibit intoxicating hemp cannabinoids, and lawsuits on the subject have been initiated in several states.

No state has created a loophole quite like what exists in Minnesota’s new law. Although Minnesota seeks, at least nominally, to only allow the sale of products that contain “non-intoxicating cannabinoids,” food and beverages that contain less than 0.3 percent THC concentration may nevertheless be intoxicating due to the large amounts that may be consumed easily.

To illustrate the problem of hemp products that contain less than 0.3 percent delta-9 THC concentration but are nevertheless intoxicating, consider this:

  • A typical energy bar of 60 grams would be allowed to have up to 180 mg THC if limited to 0.3 percent THC concentration by weight.
  • Regulated cannabis edible products, by comparison, typically may be sold only in a serving size of no more than 10 mg, with a limit of up to 100 mg per package.
  • A four-gram hemp gummy product, however, could have 10 mg of THC and still fall below the allowable concentration threshold.
  • Minnesota’s new law allows up to 5 mg THC per serving and 50 mg THC per package.

The intoxicating potential here is evident. One need only consume two servings to ingest the same amount of THC allowed in a standard regulated marijuana product serving. Ingesting 50 mg of THC will heavily intoxicate all but the most jaded stoner. Nowhere in the new law, however, is there any requirement to warn that the cannabis edible product may cause intoxication when consumed as suggested.

The Goal Informs the Solution

States should focus on the goal of prohibiting or properly regulating intoxicating hemp products that are currently sold as an unregulated and less-expensive alternative to regulated cannabis. We have previously warned that any state that decides to allow hemp-derived THC in edible products must necessarily grapple with tricky questions over how to regulate maximum serving size, active cannabinoid concentration per serving size, the number of servings per container, consumer warnings and similar questions to mitigate the risk to public health and safety. Cannabis and hemp industry leaders have likewise warned against “percentage” thresholds of cannabinoids as an appropriate measure for foods and beverages for the reasons described above.

In comparison to Minnesota, other states are proceeding in a more cautious manner. California’s recent Assembly Bill 45, for example, draws attention to the above-mentioned issues but acknowledges that more study is needed by the California Department of Public Health (CDPH) before implementing regulations are issued. The bill provides that CDPH “may regulate and restrict the cap on extract and may cap the amount of total THC concentration at the product level based on the product form, volume, number of servings, ratio of cannabinoids to THC in the product, or other factors, as needed.”

Analysis

Exacerbating the problem is the fact that product contamination, label inaccuracies and outright fraud are pervasive within the hemp cannabinoid market. Products often are marketed with misleading or false claims, and many fail to incorporate any explicit warning of intoxicating effects. Because the Minnesota statute incorrectly assumes that consumers will not become intoxicated from compliant cannabis edible products, no such warnings are mandated. This is a mistake.

It appears that better education around hemp-derived edible products could have led to more thoughtful legislation in Minnesota. This example may nevertheless provide a learning opportunity for other states that are studying how to regulate intoxicating hemp products.

© 2022 Wilson Elser

Beyond Meat Sued Over Protein Content Claims

  • A proposed consumer class action lawsuit was filed against Beyond Meat, Inc. on June 10, alleging that the plant-based meat manufacturer embellished the amount of protein contained in its line of plant-based sausages, breakfast patties, meatballs, ground beef, and chicken products.

  • In the complaint, plaintiff Mary Yoon alleges that Beyond Meat falsely labels and advertises its products as providing “equal or superior protein” to animal-derived meat. Her claim is based on the fact that “two different U.S. laboratories have independently and separately conducted testing on a wide range of Beyond Meat products. The test results were consistent with each other: the results of both tests show that Beyond Meat products contain significantly less protein than what is stated on the product packaging.”

  • Plaintiff Yoon alleges that Beyond Meat’s quantitative declaration of protein and percent Daily Value (%DV) are false and misleading because the quantitative amount was calculated using the nitrogen method. According to the complaint, “the nitrogen method is not the most accurate way to describe protein content” and that “[b]y law, Beyond Meat is required to use the PDCAAS calculation for the products rather than some other less-sophisticated method.”

  • In opposition to plaintiff Yoon’s claims, 21 CFR 101.9(c)(7) specifically provides for two different methods to determine protein values, including the nitrogen method. The FDA recently issued a clarifying Q&A supporting the use of either method to calculate protein content (i.e., nitrogen or PDCAAS), but noted that manufacturers are still obligated to include a %DV when protein claims are made and that %DV should be adjusted for protein quality.

© 2022 Keller and Heckman LLP

States Target Infant Formula Price Gouging

There has been a nationwide shortage of infant formula following a recall and temporary closure of a major infant formula manufacturing facility in February 2022. This facility supplied as much as 40% of the nation’s infant formula. In the wake of these events, state attorneys general are on the lookout for unlawful price gouging of infant formula. Sellers of infant formula should make sure that they do not inadvertently run afoul of state price gouging restrictions.

State price gouging laws prohibit price increases above certain thresholds during a period of emergency. Several state governments have recently issued declarations or proclamations that trigger price increase limitations for infant formula, including in California (CA Exec. Order N-10-22, 6/7/2022), Oregon (OR Exec. Procl., 5/13/2022), Colorado (CO Exec. Order D-2022-021, 5/25/2022), New Jersey (NJ Exec. Order No. 296, 5/17/2022), and Kentucky (KY Exec. Order 2022-321, 6/9/2022). Each of these states has a different price gouging restriction. For instance, infant formula sold in California cannot exceed the February 17, 2022 price by more than 10% except in certain limited circumstances. Other states may have a different price increase threshold or a different benchmark date. Multi-state sellers must take care to comply with the restrictions in each state.

Several states, such as Colorado and Nevada, enacted new price gouging laws in the wake of the COVID-19 pandemic. See Colo. Rev. Stat. § 6-1-730; NRS § 598.09235. Enforcers have not had much experience enforcing these statutes, which may mean greater uncertainty for sellers in those states.

Most, but not all states have a price gouging law. In states that do not have a price gouging law, attorneys general will often seek to enforce their state’s unfair or deceptive trade practices act against reports of price gouging. For example, the attorney general of New Mexico, a state without a price gouging law, issued a press release on May 31, 2022 announcing that he is investigating complaints regarding infant formula price gouging. Similar to the COVID-19 pandemic, the infant formula shortage is triggering a variety of different price gouging restrictions in different states at the same time. Navigating the differences from state-to-state can be challenging, particularly in light of the new laws and amended laws that have been recently enacted. Sellers should review their normal pricing practices and make necessary changes to avoid inadvertently running afoul of the restrictions in a particular state.

Copyright © 2022, Sheppard Mullin Richter & Hampton LLP.

Alcohol Suppliers Hit with ADA Website Accessibility Lawsuits

The increasing popularity of online shopping is placing e-commerce businesses—specifically those in the alcohol beverage industry—in legal crosshairs. In lockstep with a recent uptick in website accessibility cases, plaintiff firms are sending pre-suit demand letters to alcohol suppliers and, in some cases, even filing a state or federal court lawsuit. These lawsuits—which are typically filed in California or New York—involve claims that a supplier’s website is not accessible to individuals who are blind in violation of Title III of the Americans with Disabilities Act (ADA) and related state laws. In these cases, plaintiffs seek attorneys’ fees, damages (only under state law) and injunctive relief that would require the website to conform with the Web Content Accessibility Guidelines (WCAG) standards, which have been broadly adopted by courts and regulators.

To prevail on a website accessibility claim, plaintiffs must first show that a defendant is a private entity that owns, leases or operates a “place of public accommodation.” Courts, however, are split on what it means for a website to be considered a place of public accommodation under Title III of the ADA. While some jurisdictions require that there be a “physical nexus” between the website and a brick-and-mortar store, other jurisdictions have permitted these cases to go forward against a website-only company that does not own or operate any physical retail location.

In addition to establishing that the supplier’s website is a place of public accommodation, the plaintiff must satisfy certain jurisdictional requirements which will depend upon whether products can be purchased directly from the website as well as whether the supplier ships to the state in which the suit was filed. Leveraging these defenses (among others) will be critical when it comes to either convincing the plaintiff to withdraw the claim, filing a motion to dismiss or achieving an early resolution on favorable terms.

Due to the rise in these website accessibility lawsuits, we encourage industry members to take a proactive approach:

  1. Train personnel on accessibility requirements and WCAG standards.
  2. Test the website against WCAG standards (through independent consultants or user testing).
  3. Retain testing documentation to demonstrate that users with disabilities can fully use the website.
  4. Assess potential areas of non-conformance with WCAG standards.
  5. Work with internal/external technical teams to implement accessibility features into the website.
  6. Develop an accessibility policy that informs users about the company’s accessibility practices.
  7. Consider including a link to the website accessibility policy on every webpage, including a reporting option that is appropriately routed to address accessibility issues.
  8. Regularly audit the website to assess its level of accessibility (particularly after website updates).
  9. Engage legal counsel to minimize litigation risk associated with website accessibility issues, including whether the ADA is applicable to the company’s website in light of the current state of the law.
© 2022 McDermott Will & Emery

Senate Bill to Revise and Reassess GRAS Program

  • On May 27, Senator Edward J. Markey (D-Mass.), alongside Senators Richard Blumenthal (D-Conn.) and Elizabeth Warren (D-Mass)., introduced the Ensuring Safe and Toxic-Free Foods Act, which is described as “comprehensive legislation that ensures the Department of Health and Human Services (HHS) fulfills its responsibility to promote the health and well-being of American families by directing the Food and Drug Administration (FDA) to strengthen the Substances Generally Recognized as Safe (GRAS) Rule, which exempts companies from seeking pre-market approval for food chemicals.” A summary of the legislation is available here.
  • The legislation would prohibit manufacturers from independently designating substances as GRAS (or manufacturing or selling food containing those substances) without supplying notice and supporting information to the Secretary of HHS. Substances that are carcinogenic or that have evidence of reproductive or developmental toxicity would be prohibited from receiving a GRAS designation. Further, the legislation would require that a GRAS Notice and all supporting information be publicly available online and subject to a 90-day review period.
  • The legislation would also direct the Secretary to create an Office of Food Chemical Safety Reassessment within FDA’s CFSAN. The new office would be responsible for reassessing the safety of existing food additives, food contact substances, color additives, and substances that had already received GRAS status. The office would be required to reassess at least 10 substances (or class of substances) once every three years. As included in the bill, the first 10 substances to be reviewed would be:
    • Perfluoroalkyl substances and polyfluoroalkyl substances
    • Ortho-phthalates
    • The class of bisphenols
    • Titanium dioxide
    • Potassium bromate
    • Perchlorate
    • Butylated hydroxyanisole (BHA)
    • Butylated hydroxytoluene (BHT)
    • Brominated vegetable oil (BVO)
    • Propyl paraben
  • With regard to the legislation, Senator Markey has said “The FDA too often falls short on their responsibility to promote food safety, highlighted recently by the baby formula crisis where FDA’s deputy commissioner for food policy did not learn about the whistleblower complaint for four months. It is long past time we revise existing food safety measures and close the loophole allowing manufacturers to self-regulate what new substances can enter our food supply.”
© 2022 Keller and Heckman LLP

Implications of the Use of the Defense Production Act in the U.S. Supply Chain

What owners, operators and investors need to know before accepting funds under the DPA

There has been an expansion of regulations related to Foreign Direct Investment (FDI) in both the United States and abroad. Current economic and geopolitical tensions are driving further expansion of FDI in the U.S. and elsewhere.

Whether by intent or coincidence, the Foreign Investment Risk Review Modernization Act (FIRRMA) regulations that took effect February 13, 2020, included provisions that expanded the Committee on Foreign Investment in the U.S. (CFIUS) and FIRRMA based upon the invocation of the Defense Production Act (DPA) – such as with President Biden’s recent Executive Order evoking the DPA to help alleviate the U.S. shortage of baby formula.

As background, the U.S. regulation of foreign investment in the U.S. began in 1975 with the creation of CFIUS. The 2007 Foreign Investment and National Security Act refined CFIUS and broadened the definition of national security. Historically, CFIUS was limited to technology, industries and infrastructure directly involving national security. It was also a voluntary filing. Foreign investors began structuring investments to avoid national security reviews. As a result, FIRRMA, a CFIUS reform act, was signed into law in August 2018. FIRRMA’s regulations took effect in February 2020.

It is not surprising that there are national security implications to U.S. food production and supply, particularly based upon various shortages in the near past and projections of further shortages in the future. What is surprising is that the 2020 FIRRMA regulations provided for the application of CFIUS to food production (and medical supplies) based upon Executive Orders that bring such under the DPA.

The Impact of Presidential DPA Executive Orders

The 2020 FIRMMA regulations included an exhaustive list of “critical infrastructure” that fall within CFIUS’s jurisdiction. Appendix A to the regulations details “Covered Investment Critical Infrastructure and Functions Related to Covered Investment Critical Infrastructure” and includes the following language:

manufacture any industrial resource other than commercially available off-the-shelf items …. or operate any industrial resource that is a facility, in each case, that has been funded, in whole or in part, by […] (a) Defense Production Act of 1950 Title III program …..”

Title III of the DPA “allows the President to provide economic incentives to secure domestic industrial capabilities essential to meet national defense and homeland security requirements.” This was arguably invoked by President Trump’s COVID-19 related DPA Executive Orders regarding medical supplies (such as PPEs, tests and ventilators, etc.) and now President Biden’s Executive Order related to baby formula (and other food production).

Based on the intent of FIRRMA to close gaps in prior CFIUS coverage, the FIRRMA definition of “covered transactions” includes the following language:

“(d) Any other transaction, transfer, agreement, or arrangement, the structure of which is designed or intended to evade or circumvent the application of section 721.”

Taken together, the foregoing provision potentially gives CFIUS jurisdiction to review non-U.S. investments in U.S. companies covered by DPA Executive Orders that are outside of traditional M&A structures. This means that even non-controlling foreign investments in U.S. companies (such as food or medical producers) who receive DPA funding are subject to CFIUS review. More significantly, such U.S. companies can be subject to CFIUS review for a period of 60 months following the receipt of any DPA funding.

As a result of DPA-related FDI implications, owners, operators, and investors should carefully assess the implications of accepting funding under the DPA and the resulting restrictions on non-U.S. investors in businesses and industries not historically within the jurisdiction of CFIUS.

© 2022 Bradley Arant Boult Cummings LLP

The Metaverse: A Legal Primer for the Hospitality Industry

The metaverse, regarded by many as the next frontier in digital commerce, does not, on its surface, appear to offer many benefits to an industry with a core mission of providing a physical space for guests to use and occupy. However, there are many opportunities that the metaverse may offer to owners, operators, licensors, managers, and other participants in the hospitality industry that should not be ignored.

What is the Metaverse?

The metaverse is a term used to describe a digital space that allows social interactions, frequently through use of a digital avatar by the user. Built largely using decentralized, blockchain technology instead of centralized servers, the metaverse consists of immersive, three-dimensional experiences, persistent and traceable digital assets, and a strong social component. The metaverse is still in its infancy, so many of the uses for the metaverse remain aspirational; however, metaverse platforms have already seen a great deal of activity and commerce. Meanwhile, technology companies are working to produce the next-generation consumer electronics that they hope will make the metaverse a more common location for commerce.

The Business Case for the Hospitality Industry

The hospitality industry may find the metaverse useful in enhancing marketing and guest experiences.

Immersive virtual tours of hotel properties and the surrounding area may allow potential customers to explore all aspects of the property and its surroundings before booking. Operators may also add additional booking options or promotions within the virtual tour to increase exposure to customers.

Creating hybrid, in-person and remote events, such as conferences, weddings, or other celebrations, is also possible through the metaverse. This would allow guests on-site to interact with those who are not physically present at the property for an integrated experience and possible additional revenue streams.

Significantly, numerous outlets have identified the metaverse as one of the top emerging trends in technology. As its popularity grows, the metaverse will become an important location for the hospitality industry to interact with and market to its customer base.

Legal Issues to Consider

  1. Select the right platform for you. There are multiple metaverse platforms, and they all have tradeoffs. Some, including Roblox and Fortnite, offer access to more consumers but generally give businesses less control over content within the programs. Others, such as Decentraland and the Sandbox, provide businesses with greater control but smaller audiences and higher barriers to entry. Each business should consider who its target audience is, what platform will be best to reach that audience, and its long term metaverse strategy before committing to a particular platform.
  2. Register your IP. Businesses should consider filing trademark applications covering core metaverse goods or services and securing any available blockchain domains, which can be used to facilitate metaverse payments and to direct users to blockchain content, such as websites and decentralized applications. Given the accelerating adoption of blockchain domains along with limited dispute resolution recourse available, we strongly encourage businesses to consider securing intellectual property rights now.
  3. Establish a dedicated legal entity. Businesses may want to consider setting up a new subsidiary or affiliate to hold digital assets, shield other parts of their business from metaverse-related liability, and isolate the potential tax consequences.
  4. Take custody of digital assets. Because of their digital character, digital assets such as cryptocurrency, which may be the primary method of payment in the metaverse, are uniquely vulnerable to loss and theft. Before acquiring cryptocurrency, businesses will need to set up a secure blockchain wallet and adopt appropriate access and security controls.
  5. Protect and enforce your IP. The decentralized nature of the metaverse poses a significant challenge to businesses and intellectual property owners. Avenues for enforcing intellectual property rights in the metaverse are constantly evolving and may require multiple tools to stop third-party infringements.
  6. Reserve metaverse rights. Each Business that licenses its IP, particularly those that do so on a geographic or territorial basis, should review existing license agreements to determine what rights, if any, its licensees have for metaverse-related uses. Moving forward, each brand owner is encouraged to expressly reserve rights for metaverse-related uses and exercise caution before authorizing any third party to deploy IP to the metaverse on a business’ behalf.
  7. Tax matters. Attention needs to be paid to how the tax law applies to metaverse transactions, despite the current tax law not fully addressing the metaverse. This is particularly the case for state and local sales and use, communications, and hotel taxes.

Ready to Enter?

As we move into the future, the metaverse appears poised to provide a tremendous opportunity for the hospitality industry to connect directly with consumers in an interactive way that was until recently considered science fiction. But like every new frontier, technological or otherwise, there are legal and regulatory hurdles to consider and overcome.

© 2022 ArentFox Schiff LLP